--------------- QuickDiag | g3n-h@ckm@n | V3_28.04.17.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 29/04/2017 10:07:10 Updated 28/04/2017 | 08.50 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Odilia (Administrator)] - [ETAGE] (S-1-5-21-2928477998-3593914962-1294348929-1001) System: Microsoft Windows 8.1 - - (6.3.9600) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 8.1|C:\WINDOWS|\Device\Harddisk0\Partition4 Boot : Normal boot PC: Aspire TC-603 - Acer - IdNumber: DTSQXEF005344016531800 - UUID: D97E3DD4-1A34-1320-1106-161603000000 Processor : X64 - 3392 Mhz - Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz P11-A1 - en|US|iso8859-1 - American Megatrends Inc. - S/N: DTSQXEF005344016531800 - P11-A1 - ACRSYS - 1072009 CoreTemp : 29.8 Celsius ----------| Quick ---------- | SoundDevice Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0662&SUBSYS_10258100&REV_1003\4&30370D9B&0&0001 NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_001C&SUBSYS_174B0620&REV_1001\5&22339A07&0&0001 ---------- | Video NVIDIA GeForce GT 620 - Resolution: 1600x900 - Colors: 4294967296 - RefreshRate: 59 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: nvd3dumx.dll,nvwgf2umx.dll,nvwgf2umx.dll,nvd3dum,nvwgf2um,nvwgf2um - PNPDeviceID: PCI\VEN_10DE&DEV_1049&SUBSYS_0620174B&REV_A1\4&1AA3122A&0&0008 - AdapterCompatibility: NVIDIA - RAM: 1073741824 Inegrated Video Chipset DeviceName: NVIDIA GeForce GT 620 - DriverVersion: 9.18.13.2702 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 41880 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25312 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 35664 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 82432 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 26624 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 15872 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 52736 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34088 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 37888 - Manufacturer: Microsoft Corporation - Status: OK ---------- | CPU CPU #1 value:12 % CPU #2 value:0 % CPU #3 value:0 % CPU #4 value:0 % Total Overall CPU Usage value:3 % ---------- | Network Intel(R) Ethernet Connection I217-V - Ethernet 802.3 - Intel - Status: - PnPID : PCI\VEN_8086&DEV_153B&SUBSYS_07931025&REV_04\3&11583659&0&C8 Carte réseau de débogage du noyau Microsoft - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 ---------- | Memory RAM = Total (MB) : 4102 | Free (MB) : 2189 Pagefile = Total (MB) : 4823 | Free (MB) : 2823 Virtual = Total (MB) : 4194 | Free (MB) : 3950 Physical Memory 0 : Capacity: 4294967296 - DIMM1 - Posit.: - Manufacturer: Kingston - PartNumber: ACR16D3LU1KFG/4G - S/N: 66301875 ---------- | SID Users Administrateur : [S-1-5-21-2928477998-3593914962-1294348929-500] HomeGroupUser$ : [S-1-5-21-2928477998-3593914962-1294348929-1003] Invité : [S-1-5-21-2928477998-3593914962-1294348929-501] Odilia : [S-1-5-21-2928477998-3593914962-1294348929-1001] UpdatusUser : [S-1-5-21-2928477998-3593914962-1294348929-1004] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] HomeUsers : [S-1-5-21-2928477998-3593914962-1294348929-1002] WinRMRemoteWMIUsers__ : [S-1-5-21-2928477998-3593914962-1294348929-1000] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [Acer] | Total : 455.16 Go | Free : 381.64 Go -> NTFS [SATA] D:\ -> [Fixed] | [DATA] | Total : 456.11 Go | Free : 455.39 Go -> NTFS [SATA] Disk Usage Information [1 total Physical Disks] Physical Drive #0 [C:, D:] : Read:1,568,847 bytes/sec, Written:329,849 bytes/sec Max Read:1,568,847 bytes/sec, Max Write:329,849 bytes/sec Overall - Read Maximum:1,568,847 bytes/sec, Write Maximum:329,849 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 6 Part. - PnPID : SCSI\DISK&VEN_WDC&PROD_WD10EZEX-22RKKA0\4&EF3E764&0&010000 ---------- | Windows updates Last detection : 2017-04-29 07:55:25 Downloaded last ones : 2017-04-20 16:21:23 Installed last ones : 2017-04-20 16:38:31 Next search : 2017-04-30 04:24:21 Test 1 : Windows Is Activated Test 2 : Windows Is Activated ---------- | Browsers IE : 11.0.9600.18124 (© Microsoft Corporation. Tous droits réservés.) GC : 58.0.3029.81 (Copyright 2016 Google Inc.) Default : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" ---------- | FlashPlayer FlashPlayer ActiveX : 25.0.0.148 ---------- | Security AV : Windows Defender Disabled AM : Malwarebytes' Anti-Malware ( 2.3.125.0) [Update : 22/11/2015 17:16:02] FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Manual(3)] = Running AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 432 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.3.9600.17031) = C:\Windows\System32\smss.exe [18/03/2014 12:09:38] CPU Usage:0 % 612 | [Owner : Système | Parent : 600() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.3.9600.16384) = C:\Windows\System32\csrss.exe [22/08/2013 15:25:40] CPU Usage:0 % 684 | [Owner : Système | Parent : 600() | 4.51 Mo] - (.Microsoft Corporation - Application de démarrage de Windows.) - (6.3.9600.18577) = C:\Windows\System32\wininit.exe [16/03/2017 20:10:48] CPU Usage:0 % 744 | [Owner : Système | Parent : 684(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.3.9600.17793) = C:\Windows\System32\services.exe [14/05/2015 12:24:57] CPU Usage:0 % 752 | [Owner : Système | Parent : 684(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (6.3.9600.17415) = C:\Windows\System32\lsass.exe [11/03/2015 21:36:04] CPU Usage:0 % 868 | [Owner : Système | Parent : 744(services.exe) | 12.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [11/03/2015 21:36:20] CPU Usage:0 % 908 | [Owner : SERVICE RÉSEAU | Parent : 744(services.exe) | 8.18 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [11/03/2015 21:36:20] CPU Usage:0 % 360 | [Owner : Système | Parent : 744(services.exe) | 7.43 Mo] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 327.02.) - (8.17.13.2702) = C:\Windows\System32\nvvsvc.exe [16/09/2014 20:16:11] CPU Usage:0 % 480 | [Owner : Système | Parent : 744(services.exe) | 6.01 Mo] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - (7.17.13.2702) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [29/08/2013 18:27:28] CPU Usage:0 % 696 | [Owner : SERVICE LOCAL | Parent : 744(services.exe) | 29.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [11/03/2015 21:36:20] CPU Usage:0 % 756 | [Owner : Système | Parent : 744(services.exe) | 55.92 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [11/03/2015 21:36:20] CPU Usage:0 % 944 | [Owner : SERVICE LOCAL | Parent : 744(services.exe) | 19.39 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [11/03/2015 21:36:20] CPU Usage:0 % 1076 | [Owner : Système | Parent : 744(services.exe) | 88.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [11/03/2015 21:36:20] CPU Usage:0 % 1196 | [Owner : SERVICE RÉSEAU | Parent : 744(services.exe) | 16.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [11/03/2015 21:36:20] CPU Usage:0 % 1792 | [Owner : Système | Parent : 744(services.exe) | 11.14 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.3.9600.17415) = C:\Windows\System32\spoolsv.exe [11/03/2015 21:42:59] CPU Usage:0 % 1816 | [Owner : SERVICE LOCAL | Parent : 744(services.exe) | 23.55 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [11/03/2015 21:36:20] CPU Usage:0 % 1208 | [Owner : Système | Parent : 744(services.exe) | 1.56 Mo] - (.Acer Incorporated - CCD Monitor Service.) - (2.1.3007.0) = C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [26/06/2014 21:48:30] CPU Usage:0 % 1480 | [Owner : Système | Parent : 744(services.exe) | 14.09 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [11/03/2015 21:36:20] CPU Usage:0 % 1528 | [Owner : SERVICE LOCAL | Parent : 1076(svchost.exe) | 14.34 Mo] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (6.3.9600.17415) = C:\Windows\System32\dasHost.exe [11/03/2015 21:36:33] CPU Usage:0 % 1580 | [Owner : Système | Parent : 744(services.exe) | 5.25 Mo] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.27.798.1) = C:\Program Files\Intel\iCLS Client\HeciServer.exe [13/02/2013 13:46:48] CPU Usage:0 % 1376 | [Owner : Système | Parent : 744(services.exe) | 3.94 Mo] - (.Intel Corporation - Intel® PROSet Monitoring Service.) - (18.1.13.0) = C:\Windows\System32\IPROSetMonitor.exe [03/01/2013 15:38:52] CPU Usage:0 % 2904 | [Owner : SERVICE LOCAL | Parent : 744(services.exe) | 6.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [11/03/2015 21:36:20] CPU Usage:0 % 2288 | [Owner : SERVICE LOCAL | Parent : 744(services.exe) | 14.84 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [11/03/2015 21:36:20] CPU Usage:0 % 3252 | [Owner : SERVICE LOCAL | Parent : 744(services.exe) | 12.29 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [11/03/2015 21:36:20] CPU Usage:0 % 3868 | [Owner : Système | Parent : 868(svchost.exe) | 7.04 Mo] - (.Microsoft Corporation - COM Surrogate.) - (6.3.9600.17415) = C:\Windows\System32\dllhost.exe [11/03/2015 21:39:07] CPU Usage:0 % 3700 | [Owner : Système | Parent : 744(services.exe) | 26.85 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.9600.17787) = C:\Windows\System32\SearchIndexer.exe [10/06/2015 21:17:22] CPU Usage:0 % 3876 | [Owner : Système | Parent : 744(services.exe) | 3.76 Mo] - (.Intel Corporation - Intel(R) ME Service.) - (9.0.1.1338) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [06/11/2013 18:39:54] CPU Usage:0 % 5840 | [Owner : Système | Parent : 744(services.exe) | 4.39 Mo] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (9.0.0.1323) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [06/11/2013 18:39:53] CPU Usage:0 % 5952 | [Owner : Système | Parent : 744(services.exe) | 6.63 Mo] - (.Nero AG - NeroUpdate.) - (11.0.31.0) = C:\Program Files (x86)\Nero\Update\NASvc.exe [14/07/2012 01:27:00] CPU Usage:0 % 2576 | [Owner : SERVICE RÉSEAU | Parent : 744(services.exe) | 8.68 Mo] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.9600.17415) = C:\Program Files\Windows Media Player\wmpnetwk.exe [11/03/2015 21:44:04] CPU Usage:0 % 3356 | [Owner : Système | Parent : 5668() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.3.9600.16384) = C:\Windows\System32\csrss.exe [22/08/2013 15:25:40] CPU Usage:0 % 5192 | [Owner : Système | Parent : 5668() | 5.44 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.3.9600.18188) = C:\Windows\System32\winlogon.exe [08/03/2016 22:31:48] CPU Usage:0 % 5832 | [Owner : DWM-2 | Parent : 5192(winlogon.exe) | 36.41 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.3.9600.17415) = C:\Windows\System32\dwm.exe [11/03/2015 21:38:58] CPU Usage:0 % 3568 | [Owner : Système | Parent : 360(nvvsvc.exe) | 16.84 Mo] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.2702) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [16/09/2014 20:16:11] CPU Usage:0 % 3920 | [Owner : Système | Parent : 360(nvvsvc.exe) | 11.51 Mo] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 327.02.) - (8.17.13.2702) = C:\Windows\System32\nvvsvc.exe [16/09/2014 20:16:11] CPU Usage:0 % 5508 | [Owner : Système | Parent : 868(svchost.exe) | 6.47 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.3.9600.18264) = C:\Windows\System32\wbem\WmiPrvSE.exe [10/05/2016 19:45:21] CPU Usage:0 % 2672 | [Owner : Odilia | Parent : 756(svchost.exe) | 12.69 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.3.9600.17415) = C:\Windows\System32\taskhostex.exe [11/03/2015 21:38:09] CPU Usage:0 % 5912 | [Owner : Odilia | Parent : 776() | 113.38 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.3.9600.18460) = C:\Windows\explorer.exe [12/10/2016 09:59:55] CPU Usage:0 % 780 | [Owner : Odilia | Parent : 868(svchost.exe) | 15.27 Mo] - (.Microsoft Corporation - OneDrive Sync Engine.) - (6.3.9600.17416) = C:\Windows\System32\SkyDrive.exe [09/03/2015 23:17:02] CPU Usage:0 % 1948 | [Owner : Odilia | Parent : 3568(nvxdsync.exe) | 7.23 Mo] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.2702) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [16/09/2014 20:16:11] CPU Usage:0 % 188 | [Owner : Odilia | Parent : 756(svchost.exe) | 0.39 Mo] - (.Acer Incorporated - Hotkey Utility.) - (3.0.3007.0) = C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [02/04/2013 21:10:38] CPU Usage:0 % 3704 | [Owner : Odilia | Parent : 5912(explorer.exe) | 9.8 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.804) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [06/11/2013 18:41:14] CPU Usage:0 % 3136 | [Owner : Odilia | Parent : 3312() | 31.92 Mo] - (.AVAST Software - Avast Antivirus.) - (17.3.3443.0) = C:\Program Files\AVAST Software\Avast\AvastUI.exe [20/04/2017 17:57:34] CPU Usage:0 % 4108 | [Owner : Odilia | Parent : 5912(explorer.exe) | 21 Mo] - (.Acer - ArcServer.) - (1.0.0.1) = C:\Program Files (x86)\Acer Remote\ArcServer.exe [15/07/2013 12:09:30] CPU Usage:0 % 2760 | [Owner : Odilia | Parent : 5016() | 8.62 Mo] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.121.13) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [12/12/2016 19:21:48] CPU Usage:0 % 2176 | [Owner : Odilia | Parent : 4108(ArcServer.exe) | 38.62 Mo] - (.Microsoft Corporation - Lecteur Windows Media.) - (12.0.9600.17415) = C:\Program Files (x86)\Windows Media Player\wmplayer.exe [11/03/2015 21:35:04] CPU Usage:0 % 4504 | [Owner : Odilia | Parent : 756(svchost.exe) | 0.57 Mo] - (.CyberLink - MediaEspresso DeviceDetector.) - (6.5.3313.45320) = C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [20/09/2012 01:07:44] CPU Usage:0 % 4704 | [Owner : Odilia | Parent : 5912(explorer.exe) | 152.94 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.81) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [14/02/2014 21:10:28] CPU Usage:0 % 4228 | [Owner : Odilia | Parent : 4704(chrome.exe) | 5.75 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.81) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [14/02/2014 21:10:28] CPU Usage:0 % 6136 | [Owner : Odilia | Parent : 4704(chrome.exe) | 6.32 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.81) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [14/02/2014 21:10:28] CPU Usage:0 % 5096 | [Owner : Odilia | Parent : 4704(chrome.exe) | 49.75 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.81) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [14/02/2014 21:10:28] CPU Usage:0 % 2612 | [Owner : SERVICE LOCAL | Parent : 696(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (6.3.9600.17415) = C:\Windows\System32\audiodg.exe [13/01/2015 23:49:29] CPU Usage:0 % 5392 | [Owner : Odilia | Parent : 868(svchost.exe) | 3.1 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (6.3.9600.18231) = C:\Windows\System32\SettingSyncHost.exe [13/04/2016 21:53:44] CPU Usage:0 % 3168 | [Owner : Odilia | Parent : 4704(chrome.exe) | 122.81 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.81) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [14/02/2014 21:10:28] CPU Usage:0 % 392 | [Owner : Système | Parent : 756(svchost.exe) | 4.71 Mo] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.3.9600.18001) = C:\Windows\System32\taskeng.exe [09/09/2015 21:01:04] CPU Usage:0 % 3744 | [Owner : Odilia | Parent : 2760(jusched.exe) | 10.97 Mo] - (.Oracle Corporation - Java Update Checker.) - (2.8.121.13) = C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [12/12/2016 19:21:34] CPU Usage:0 % 5940 | [Owner : Odilia | Parent : 4704(chrome.exe) | 274.09 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.81) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [14/02/2014 21:10:28] CPU Usage:0 % 4408 | [Owner : Odilia | Parent : 3136(AvastUI.exe) | 4.66 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (6.3.9600.17415) = C:\Windows\SysWOW64\ctfmon.exe [11/03/2015 21:32:47] CPU Usage:0 % 1496 | [Owner : Système | Parent : 3700(SearchIndexer.exe) | 7.79 Mo] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.9600.17787) = C:\Windows\System32\SearchProtocolHost.exe [10/06/2015 21:17:21] CPU Usage:0 % 5612 | [Owner : Système | Parent : 3700(SearchIndexer.exe) | 4.41 Mo] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.9600.17415) = C:\Windows\System32\SearchFilterHost.exe [11/03/2015 21:38:24] CPU Usage:0 % 4576 | [Owner : Système | Parent : 744(services.exe) | 2.81 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [11/03/2015 21:36:20] CPU Usage:0 % 5032 | [Owner : Odilia | Parent : 5044() | 7.24 Mo] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (6.3.9600.17415) = C:\Windows\System32\rundll32.exe [11/03/2015 21:35:25] CPU Usage:0 % 6124 | [Owner : Odilia | Parent : 5912(explorer.exe) | 30.93 Mo] - (.SosVirus - QuickDiag.) - (28.4.17.1) = C:\Users\Odilia\Downloads\QuickDiag.exe [29/04/2017 10:06:04] CPU Usage:0 % 2092 | [Owner : SERVICE RÉSEAU | Parent : 868(svchost.exe) | 9.14 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.3.9600.18264) = C:\Windows\System32\wbem\WmiPrvSE.exe [10/05/2016 19:45:21] CPU Usage:0 % 1112 | [Owner : SERVICE RÉSEAU | Parent : 868(svchost.exe) | 7.35 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.3.9600.18264) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [10/05/2016 19:45:21] CPU Usage:0 % ---------- | MD5 [MD5.ED6B4C95E2A6D67480B9DBB8A8E7D9B4] - [12/10/2016 09:59:55] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [2690.92 Ko] - (6.3.9600.18460) : C:\WINDOWS\Explorer.exe [MD5.F5AE03DE0AD60F5B17B82F2CD68402FE] - [11/03/2015 21:41:07] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [349 Ko] - (6.3.9600.17415) : C:\WINDOWS\System32\cmd.exe [MD5.B2D3F07F5E8A13AF988A8B3C0A800880] - [22/08/2013 15:25:40] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [16.72 Ko] - (6.3.9600.16384) : C:\WINDOWS\System32\csrss.exe [MD5.9361355721F51E3A25DF53702D10E9DE] - [11/03/2015 21:39:07] - (.© Microsoft Corporation. - COM Surrogate.) - [18.81 Ko] - (6.3.9600.17415) : C:\WINDOWS\System32\dllhost.exe [MD5.4F455778B6CDA2FD61D4F8B0A3E0543C] - [11/03/2015 21:42:44] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [1279.05 Ko] - (6.3.9600.17415) : C:\WINDOWS\System32\Kernel32.dll [MD5.382100E75B6F4668AEAEF228C6CEFFAD] - [11/03/2015 21:36:04] - (.© Microsoft Corporation. - Local Security Authority Process.) - [45.92 Ko] - (6.3.9600.17415) : C:\WINDOWS\System32\lsass.exe [MD5.7830CEA509693DE0817DF2F3F2D80E89] - [29/08/2016 20:00:58] - (.© Microsoft Corporation. - Distributed COM Services.) - [797 Ko] - (6.3.9600.18302) : C:\WINDOWS\System32\rpcss.dll [MD5.6C308D32AFA41D26CE2A0EA8F7B79565] - [11/03/2015 21:35:25] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [53.5 Ko] - (6.3.9600.17415) : C:\WINDOWS\System32\rundll32.exe [MD5.E0C7813A97CA7947FF5C18A8F3B61A45] - [14/05/2015 12:24:57] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [400.52 Ko] - (6.3.9600.17793) : C:\WINDOWS\System32\services.exe [MD5.E3A2AD05E24105B35E986CF9CB38EC47] - [11/03/2015 21:36:20] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [37.88 Ko] - (6.3.9600.17415) : C:\WINDOWS\System32\svchost.exe [MD5.421B695412FE0D5B0C0DB00C51EABA1B] - [13/12/2016 23:18:27] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [1505.12 Ko] - (6.3.9600.18535) : C:\WINDOWS\System32\user32.dll [MD5.5C131534A3EA4A461A793FB507A8004F] - [11/03/2015 21:33:50] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [25.5 Ko] - (6.3.9600.17415) : C:\WINDOWS\System32\userinit.exe [MD5.D9516405E05F24EDCD90B1988FAF3948] - [16/03/2017 20:10:48] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [143.5 Ko] - (6.3.9600.18577) : C:\WINDOWS\System32\Wininit.exe [MD5.B1102BBDDD9C87B3D609D6C08F7A3DBD] - [08/03/2016 22:31:48] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [557.5 Ko] - (6.3.9600.18188) : C:\WINDOWS\System32\Winlogon.exe [MD5.A460C3AF3755A2A79A3C8EFE72E147B5] - [10/11/2015 22:01:27] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de fonction connexe pour WinSock.) - [546.5 Ko] - (6.3.9600.18089) : C:\WINDOWS\System32\Drivers\afd.sys [MD5.74B14192CF79A72F7536B27CB8814FBD] - [22/08/2013 14:22:57] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [25.84 Ko] - (6.3.9600.16384) : C:\WINDOWS\System32\Drivers\atapi.sys [MD5.38E1F4E0148A24C65D215F14D57B0711] - [22/08/2013 14:22:57] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [194.84 Ko] - (6.3.9600.16384) : C:\WINDOWS\System32\Drivers\ataport.sys [MD5.2FA6510E33F7DEFEC03658B74101A9B9] - [22/08/2013 13:40:20] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [86.5 Ko] - (6.3.9600.16384) : C:\WINDOWS\System32\Drivers\cdfs.sys [MD5.C6796EA22B513E3457514D92DCDB1A3D] - [22/08/2013 10:46:35] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [160.5 Ko] - (6.3.9600.16384) : C:\WINDOWS\System32\Drivers\cdrom.sys [MD5.4FED6AD69C9EE1EE7FD3C88437138855] - [18/04/2017 21:04:15] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [135.5 Ko] - (6.3.9600.18573) : C:\WINDOWS\System32\Drivers\dfsc.sys [MD5.D4B7ED39C7900384D9E5C1283F1E7926] - [18/09/2014 20:11:03] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [75 Ko] - (6.3.9600.17238) : C:\WINDOWS\System32\Drivers\hdaudbus.sys [MD5.49EE0AE9E5B64FFBBD06D55C4984B598] - [14/07/2015 22:45:28] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [106 Ko] - (6.3.9600.17480) : C:\WINDOWS\System32\Drivers\i8042prt.sys [MD5.B7342B3C58E91107F6E946A93D9D4EFD] - [18/03/2014 12:09:57] - (.© Microsoft Corporation. - IP Network Address Translator.) - [139.5 Ko] - (6.3.9600.16477) : C:\WINDOWS\System32\Drivers\ipnat.sys [MD5.E2FC654EC895E92A022794329BFC53EC] - [18/04/2017 21:04:17] - (.© Microsoft Corporation. Tous droits réservés. - Minirdr SMB Windows NT.) - [392 Ko] - (6.3.9600.18586) : C:\WINDOWS\System32\Drivers\mrxsmb.sys [MD5.FFAA6C6E798FBA448FA7628A1B277F5C] - [18/04/2017 21:04:17] - (.© Microsoft Corporation. Tous droits réservés. - NDIS (Network Driver Interface Specification).) - [1087.84 Ko] - (6.3.9600.18577) : C:\WINDOWS\System32\Drivers\ndis.sys [MD5.9DC17B7D9D84C37C102D379FCC7D4942] - [15/06/2016 20:53:42] - (.© Microsoft Corporation. - MBT Transport driver.) - [274.5 Ko] - (6.3.9600.18340) : C:\WINDOWS\System32\Drivers\netbt.sys [MD5.9980B262DBE439AE6BDC91AA985F19EE] - [08/03/2016 22:33:37] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [1970.34 Ko] - (6.3.9600.18183) : C:\WINDOWS\System32\Drivers\ntfs.sys [MD5.57DCE4FB0467986AE78E1C6FC5240D32] - [12/10/2016 10:03:53] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [94 Ko] - (6.3.9600.18437) : C:\WINDOWS\System32\Drivers\parport.sys [MD5.235624C147E3CB4C288D5D3D8E8D64A2] - [13/04/2016 21:54:35] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [110 Ko] - (6.3.9600.18226) : C:\WINDOWS\System32\Drivers\rasl2tp.sys [MD5.680C1DAE268B6FB67FA21B389A8B79EF] - [18/03/2014 11:41:24] - (.© Microsoft Corporation. Tous droits réservés. - Redirecteur de périphérique de Microsoft RDP.) - [191 Ko] - (6.3.9600.16384) : C:\WINDOWS\System32\Drivers\rdpdr.sys [MD5.2F10C145F517419E17203632FCDA0A13] - [13/12/2016 23:18:31] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [2404.34 Ko] - (6.3.9600.18478) : C:\WINDOWS\System32\Drivers\tcpip.sys [MD5.E0BD2D83875464FEEEB242CBA8B7E073] - [10/11/2015 22:01:27] - (.© Microsoft Corporation. - TDI Translation Driver.) - [105.5 Ko] - (6.3.9600.18089) : C:\WINDOWS\System32\Drivers\tdx.sys [MD5.17F7B0F2298D97F4B6C7A69511033D3D] - [10/05/2016 19:44:46] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [309.34 Ko] - (6.3.9600.18265) : C:\WINDOWS\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) (.NVIDIA Corporation.-.NVIDIA D3D10 Driver, Version 327.02.) - (9.18.13.2702) -- C:\WINDOWS\SYSTEM32\nvwgf2umx.dll (.AVAST Software.-.Avast Shell Extension.) - (17.3.3443.0) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll (.NVIDIA Corporation.-.NVIDIA Display Shell Extension.) - (1.2.0.1) -- C:\WINDOWS\system32\nvshext.dll ---------- | Svchost.exe component call (Microsoft Files Whitelisted) (.Realtek Semiconductor Corp..-.Realtek(r) LFX/GFX DSP component.) - (11.0.6000.288) -- C:\WINDOWS\system32\RtkAPO64.dll (.Seiko Epson Corporation.-.Epson WIA Module.) - (1.0.2.1) -- C:\WINDOWS\system32\esxw2ud.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up EPLTarget\P0000000000000000 - (C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX235" [HKU\S-1-5-18\SOFTWARE\...\Run]) - User: AUTORITE NT\Système EPLTarget\P0000000000000000 - (C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX235" [HKU\.DEFAULT\SOFTWARE\...\Run]) - User: .DEFAULT Acer Remote - (C:\PROGRA~2\ACERRE~1\ARCSER~1.EXE [Common Startup]) - User: Public RTHDVCPL - (C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [HKLM\SOFTWARE\...\Run]) - User: Public AvastUI.exe - ("C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Microsoft\Command Processor] "PathCompletionChar"=9 "EnableExtensions"=1 "CompletionChar"=9 "DefaultColor"=0 [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU] "MRUList"=a [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "UserSelectedDefault"=1 "Device"=EPSON SX235 Series,winspool,Ne03: [HKLM\Software\Microsoft\Command Processor] "PathCompletionChar"=64 "EnableExtensions"=1 "CompletionChar"=64 "DefaultColor"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "RTHDVCPL"=0x060000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "StereoLinksInstall"=0x040000000000000000000000 "mcui_exe"=0x060000000000000000000000 "AvastUI.exe"=0x020000000000000000000000 "Norton Online Backup"=0x020000000000000000000000 "IMSS"=0x020000000000000000000000 "SunJavaUpdateSched"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "Spooler"=yes "DeviceNotSelectedTimeout"=15 "TransmissionRetryTimeout"=90 "EnableDwmInputProcessing"=7 "ShutdownWarningDialogTimeout"=4294967295 "USERProcessHandleQuota"=10000 "LoadAppInit_DLLs"=0 "IconServiceLib"=IconCodecService.dll "DesktopHeapLogging"=1 "DdeSendTimeout"=0 "DwmInputUsesIoCompletionPort"=1 "USERPostMessageLimit"=10000 "USERNestedWindowLimit"=50 "AppInit_DLLs"= "NaturalInputHandler"=Ninput.dll "ThreadUnresponsiveLogTimeout"=500 "GDIProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D29919F8A2189A [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "PathCompletionChar"=64 "EnableExtensions"=1 "CompletionChar"=64 "DefaultColor"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey "IMSS"="C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "Spooler"=yes "DeviceNotSelectedTimeout"=15 "TransmissionRetryTimeout"=90 "EnableDwmInputProcessing"=7 "ShutdownWarningDialogTimeout"=4294967295 "USERProcessHandleQuota"=10000 "LoadAppInit_DLLs"=1 "IconServiceLib"=IconCodecService.dll "DesktopHeapLogging"=1 "DdeSendTimeout"=0 "DwmInputUsesIoCompletionPort"=1 "USERPostMessageLimit"=10000 "USERNestedWindowLimit"=50 "AppInit_DLLs"= "NaturalInputHandler"=Ninput.dll "ThreadUnresponsiveLogTimeout"=500 "GDIProcessHandleQuota"=10000 "RequireSignedAppInit_DLLs"=0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List ALU ALUAgent Avast Emergency Update DeviceDetector GoogleUpdateTaskMachineCore GoogleUpdateTaskMachineUA Hotkey Utility IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon Optimize Start Menu Cache Files-S-1-5-21-2928477998-3593914962-1294348929-1001 Optimize Start Menu Cache Files-S-1-5-21-2928477998-3593914962-1294348929-500 SafeZone scheduled Autoupdate 1476298573 User_Feed_Synchronization-{0892310C-790C-4383-96E7-C0A4D4E41AEE} ---------- | Startings up registry ¦ Folder ---------- | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "StartRCM"=0 "DeleteTempDirsOnExit"=1 "fSingleSessionPerUser"=1 "TSUserEnabled"=0 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "DelayConMgrTimeout"=0 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "AllowRemoteRPC"=0 "ProductVersion"=5.1 "fDenyTSConnections"=1 "InstanceID"=b2e76f66-7271-4e13-83c3-53f6e3e "GlassSessionId"=2 [HKLM\System\CurrentControlSet\Control\Session Manager] "GlobalFlag"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapDeCommitFreeBlockThreshold"=0 "ResourceTimeoutCount"=648000 "ObjectDirectories"=\Windows \RPC Control "ProtectionMode"=1 "CriticalSectionTimeout"=2592000 "ProcessorControl"=2 "HeapSegmentReserve"=0 "ExcludeFromKnownDlls"= "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "NumberOfInitialSessions"=2 "RunLevelExecute"=WinInit ServiceControlManager "AutoChkTimeout"=1 "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "PendingFileRenameOperations"=\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\cleanup.old \??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware \??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.old \??\C:\Program Files (x86)\Google\Chrome\Temp\scoped_dir_3168_31135\old_chrome.exe \??\C:\Program Files (x86)\Google\Chrome\Temp\scoped_dir_3168_31135 \??\C:\Program Files (x86)\Google\Chrome\Temp [HKLM\System\CurrentControlSet\Control] "PreshutdownOrder"=wuauserv gpsvc trustedinstaller "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM "BootDriverFlags"=28 "CurrentUser"=USERNAME "WaitToKillServiceTimeout"=200 "ServiceControlManagerExtension"=%systemroot%\system32\scext.dll "SystemStartOptions"= NOEXECUTE=OPTIN NOVGA "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(4) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=19 [HKLM\System\CurrentControlSet\Control\lsa] "Bounds"=0x0030000000200000 "auditbasedirectories"=0 "fullprivilegeauditing"=0x00 "crashonauditfail"=0 "auditbaseobjects"=0 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=scecli "Authentication Packages"=msv1_0 "SecureBoot"=1 "ProductType"=3 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 "LsaPid"=752 "SamConnectedAccountsExist"=1 "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u livessp ---------- | .LNK with Arguments c:\$recycle.bin\s-1-5-21-2928477998-3593914962-1294348929-1001\$r3buq2s.lnk - Encrypted: False - Target: C:\Program Files (x86)\Internet Explorer\iexplore.exe - Args: (hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN) - Hidden: False - Status: OK c:\program files\accessory store\accessory store.lnk - Encrypted: False - Target: C:\Program Files\Accessory Store\StartUrl.exe - Args: (hxxp://go.acer.com/?id=13469&model=Aspire TC-603) - Hidden: False - Status: OK c:\program files\accessory store\boutique accessoires acer.lnk - Encrypted: False - Target: C:\Program Files\Accessory Store\StartUrl.exe - Args: (hxxp://go.acer.com/?id=13469&model=Aspire TC-603) - Hidden: False - Status: OK c:\users\odilia\desktop\icone non utilise\acheter en ligne.lnk - Encrypted: False - Target: C:\Program Files\Accessory Store\StartUrl.exe - Args: (hxxp://go.acer.com/?id=13415&model=Aspire TC-603) - Hidden: False - Status: OK c:\users\odilia\desktop\icone non utilise\google.lnk - Encrypted: False - Target: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - Args: ( --app=hxxps://www.google.fr/) - Hidden: False - Status: OK ---------- | AppCertDlls ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Control Panel\Desktop] "DragHeight"=4 "CoolSwitchColumns"=7 "ActiveWndTrackTimeout"=0 "MouseCornerClipLength"=6 "MouseMonitorEscapeSpeed"=0 "DragWidth"=4 "WallpaperStyle"=0 "ScreenSaveActive"=1 "TileWallpaper"=0 "WheelScrollLines"=3 "Pattern"=0 "FontSmoothingType"=2 "WindowArrangementActive"=1 "BlockSendInputResets"=0 "MenuShowDelay"=400 "ClickLockTime"=1200 "CaretWidth"=1 "FocusBorderWidth"=1 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "DragFullWindows"=1 "CoolSwitchRows"=3 "ForegroundFlashCount"=7 "LeftOverlapChars"=3 "ForegroundLockTimeout"=200000 "FontSmoothingGamma"=0 "DragFromMaximize"=1 "FontSmoothing"=2 "FocusBorderHeight"=1 "WheelScrollChars"=3 "DockMoving"=1 "SnapSizing"=1 "CursorBlinkRate"=530 "MouseWheelRouting"=1 "RightOverlapChars"=3 "FontSmoothingOrientation"=1 "PaintDesktopVersion"=0 "UserPreferencesMask"=0x9E1E078012000000 "AutoColorization"=1 "MaxVirtualDesktopDimension"=1600 "MaxMonitorDimension"=1600 "TranscodedImageCount"=1 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC30100A9150300B0040000840300008F792124302DD20143003A005C00550073006500720073005C004F00640069006C00690061005C0041007000700044006100740061005C0052006F0061006D0069006E0067005C004D006900630072006F0073006F00660074005C00570069006E0064006F00770073002000500068006F0074006F0020005600690065007700650072005C0050006100700069006500720020007000650069006E00740020006400650020006C006100200056006900730069006F006E006E0065007500730065002000640065002000700068006F0074006F0073002000570069006E0064006F00770073002E006A0070006700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ImageColor"=2444441910 "Pattern Upgrade"=TRUE "Wallpaper"=C:\Users\Odilia\AppData\Roaming\Microsoft\Windows Photo Viewer\Papier peint de la Visionneuse de photos Windows.jpg [23/10/2016 15:19:53] "Win8DpiScaling"=0 "ActiveWndTrkTimeout"=0 "PreferredUILanguages"=fr-FR "WaitToKillAppTimeout"=200 [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ShellState"=0x2400000033A8000000000000000000000000000001000000130000000000000062000000 "ExplorerStartupTraceRecorded"=1 "UserSignedIn"=1 "SIDUpdatedOnLibraries"=1 "LastClockSize"=0x270000000F000000460000000F000000410000000F000000 "GlobalAssocChangedCounter"=406 "AppReadinessLogonComplete"=1 "Browse For Folder Width"=347 "Browse For Folder Height"=288 "link"=0x1E000000 [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "ShowCompColor"=1 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=6 "ReindexedProfile"=1 "StartMenuAdminTools"=1 "StoreAppsOnTaskbar"=1 "HideFileExt"=0 "SuperHidden"=1 "ShowSuperHidden"=1 "Hidden"=1 "RTStartMenuNotificationDisplayCount"=0 [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery] "MRUListEx"=0x12000000110000000E000000100000000B000000060000000D0000000C00000008000000090000000700000005000000040000004F000000020000000300000000000000630000006200000061000000600000005F0000005E0000005D0000005C0000005B0000005A00000059000000580000005700000056000000550000003A0000001F00000054000000530000005200000051000000500000004E0000004D0000004C0000004B0000004A000000490000000F00000022000000210000004800000047000000460000004500000044000000430000004200000041000000400000003F0000003E0000003C0000003D0000003B00000039000000380000003700000036000000350000000100000034000000330000000A0000003200000031000000300000002F0000001B0000002E0000002D0000002C0000002B0000002A0000002900000028000000270000002500000026000000240000002300000016000000200000001E0000001D0000001C0000001A000000190000001800000017000000150000001400000013000000FFFFFFFF "4"=0x370037003100380033000000 "12"=0x700075006900730061006500720064000000 "19"=0x6D006100690073006F006E007300200061006C0066006F00720074000000 "20"=0x610072006900730074006900640065000000 "21"=0x62007200690065000000 "23"=0x73006F006C0065000000 "24"=0x6D00610078000000 "25"=0x390035000000 "26"=0x640065006D0069007300730069006F006E000000 "28"=0x490053000000 "29"=0x67006F000000 "30"=0x62006F00750072006800690073000000 "32"=0x330039003500300030000000 "22"=0x6400750061007200740065000000 "35"=0x390020007200750065002000640065007300200062006C00650075006500740073000000 "36"=0x7200750065002000640065007300200062006C00650075006500740073000000 "38"=0x6C0069006F006E0065006C000000 "37"=0x7400610071007500650074000000 "39"=0x640075006E0061006E000000 "40"=0x630065006D0061000000 "41"=0x310032002E003000340031000000 "42"=0x6E006F00670065006E0074000000 "43"=0x74006100670065006E000000 "44"=0x74006100670061006E000000 "45"=0x74000000 "46"=0x6D006F006E0074000000 "27"=0x73006C00630072000000 "47"=0x730069006D006F00650073000000 "48"=0x66006F006E00740061000000 "49"=0x66006F006E007400610069006E0065000000 "50"=0x7000720073000000 "10"=0x6E006F006900730079000000 "51"=0x70006F0069006E0074000000 "52"=0x61006E0064007200650065007400740069000000 "1"=0x61006E006400720065007400740069000000 "53"=0x6C006F000000 "54"=0x740061007200690066000000 "55"=0x670072000000 "56"=0x7200650067006C0065006D0065006E0074000000 "57"=0x63006F006E0064006900740069006F006E0073000000 "59"=0x630065007300610072000000 "61"=0x61006E0074006F006E0079000000 "60"=0x6C0061000000 "62"=0x68006F0074000000 "63"=0x7200610070000000 "64"=0x3700200062006C00650075006500740073000000 "65"=0x730063006F0074000000 "66"=0x7300630068006F0074000000 "67"=0x73006F006C000000 "68"=0x62007200650074000000 "69"=0x72006F006400720069006700750065000000 "70"=0x6C006F00670065000000 "71"=0x6C00750064006F007600690063000000 "72"=0x6700750065000000 "33"=0x670075006500720072006900650072000000 "34"=0x670065006E0064007200650079000000 "15"=0x72006F0064007200690067007500650073000000 "73"=0x6300610072007400650073000000 "74"=0x63006100720074006500730020007600690073006900740065000000 "75"=0x690073006F006C0070006F0072000000 "76"=0x700065006C006C0065000000 "77"=0x74006F007200630079000000 "78"=0x6300680061006D00700073000000 "80"=0x7300740020006D006100750072000000 "81"=0x6E006500750069000000 "82"=0x630061006300680061006E000000 "83"=0x68006F00750065000000 "84"=0x640075006E0061006E0064000000 "31"=0x760069007200670069006E00690065000000 "58"=0x67006F00720072006900610073000000 "85"=0x73006100620062006100640069006E000000 "86"=0x4500410055000000 "87"=0x62006F0075006C000000 "88"=0x670072006F00750070000000 "89"=0x6D0061006C000000 "90"=0x6E006F00690073000000 "91"=0x6A007500730074006900630065000000 "92"=0x760069006C006C0065006A00750069000000 "93"=0x64006F000000 "94"=0x6C0077006F006F0064000000 "95"=0x6500740061006E00630068000000 "96"=0x65006C006500630074007200690063006900740065000000 "97"=0x70006C006F006D00620065007200690065000000 "98"=0x63006C0061006D006100720074000000 "99"=0x630061007200720065006C006100670065000000 "0"=0x660065007200740065000000 "3"=0x7200750065002000640065002000700061007200690073000000 "2"=0x630072006F0069007300730079000000 "79"=0x700061007200690073000000 "5"=0x620065006100750062006F007500720067000000 "7"=0x6200720065006D006F006E000000 "9"=0x70006100720069000000 "8"=0x6200720065000000 "13"=0x70007500690073006100720064000000 "6"=0x370037000000 "11"=0x630072006F0069000000 "16"=0x7000690065007200720065000000 "14"=0x630061006E00690076006500610075000000 "17"=0x70006C0075007600690061006C00650073000000 "18"=0x660069007200650066006F0078000000 [HKLM\Software\Policies\Microsoft\Windows\System] "DisableCMD"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableVirtualization"=1 "EnableInstallerDetection"=1 "PromptOnSecureDesktop"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "ConsentPromptBehaviorAdmin"=0 "ValidateAdminCodeSignatures"=0 "EnableUIADesktopToggle"=0 "EnableCursorSuppression"=1 "ConsentPromptBehaviorUser"=3 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "EnableLinkedConnections"=1 "DisableTaskMgr"=0 "DisableRegistryTools"=0 "SoftwareSASGeneration"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktopChanges"=1 "NoActiveDesktop"=1 "NoRun"=0 "NoControlPanel"=0 "NoFolderOptions"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoComponents"=1 "NoAddingComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{8E74D236-7F35-4720-B138-1FED0B85EA75}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "HKeyRoot"=2147483649 "DefaultValue"=2 "ValueName"=Hidden "Text"=@shell32.dll,-30500 "Type"=radio [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=4 "SmartScreenEnabled"=RequireAdmin [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\System] "DisableCMD"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "EnableVirtualization"=1 "EnableInstallerDetection"=1 "PromptOnSecureDesktop"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "ConsentPromptBehaviorAdmin"=0 "ValidateAdminCodeSignatures"=0 "EnableUIADesktopToggle"=0 "EnableCursorSuppression"=1 "ConsentPromptBehaviorUser"=3 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "EnableLinkedConnections"=1 "DisableTaskMgr"=0 "DisableRegistryTools"=0 "SoftwareSASGeneration"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktopChanges"=1 "NoActiveDesktop"=1 "NoRun"=0 "NoControlPanel"=0 "NoFolderOptions"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoComponents"=1 "NoAddingComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{8E74D236-7F35-4720-B138-1FED0B85EA75}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "HKeyRoot"=2147483649 "DefaultValue"=2 "ValueName"=Hidden "Text"=@shell32.dll,-30500 "Type"=radio [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=102 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;SkyDrive;Work Folders "BuildNumber"=9600 "FirstLogon"=0 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"=C:\Windows\system32\userinit.exe, "LegalNoticeText"= "Shell"=explorer.exe "LegalNoticeCaption"= "DebugServerCommand"=no "ForceUnlockLogon"=0 "ReportBootOk"=1 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 "PowerdownAfterShutdown"=0 "ShutdownWithoutLogon"=0 "Background"=0 0 0 "PasswordExpiryWarning"=5 "CachedLogonsCount"=10 "WinStationsDisabled"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "scremoveoption"=0 "ShutdownFlags"=7 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-11-96-3623454863-58364-18864-2661722203-1597581903-2672106495-1636455634-4016899483-1176572911-203272867 "LastUsedUsername"=MicrosoftAccount\odilia.coimbra@outlook.fr "AutoAdminLogon"=0 "DefaultUserName"=MicrosoftAccount\odilia.coimbra@outlook.fr "DisableCad"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"=userinit.exe, "Shell"=explorer.exe "VMApplet"=SystemPropertiesPerformance.exe /pagefile "DefaultDomainName"= "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "DefaultUserName"= ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "PerceivedType"=text "Content Type"=application/hta [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=4259840 "BrowserFlags"=4096 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "NeverShowExt"= "EditFlags"=131072 "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 [HKLM\Software\Classes\Folder] "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForBrowse"=delta ""=Folder "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "ThumbnailCutoff"=0 "NoRecentDocs"= "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "PerceivedType"=text "Content Type"=application/hta [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=4259840 "BrowserFlags"=4096 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "NeverShowExt"= "EditFlags"=131072 "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 [HKLM\Software\WOW6432Node\Classes\Folder] "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForBrowse"=delta ""=Folder "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "ThumbnailCutoff"=0 "NoRecentDocs"= "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Clients\StartMenuInternet\ChromeHTML\Shell\open\Command] ""=C:\Program Files (x86)\Everness\Application\chrome.exe [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Clients\StartMenuInternet\ChromeHTML\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Everness\Application\chrome.exe" "-ReinstallCommand" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command] ""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" [HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\InstallInfo] "ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command] ""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\InstallInfo] "ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser ---------- | AppcompatFlags [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Windows\System32\OEM\FirstBoot.cmd"=0x5341435001000000000000000700000028000000002E0600CD8C060001000000000000000000010500100000647CA60EA56ACD010000000000000000 "C:\OEM\Preload\Command\AlaunchX\ALaunchX.exe"=0x534143500100000000000000070000002800000090921C00A4951C0001000000000000000000010673220000647CA60EA56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000009DBE0000000000000100000001000000 "C:\Program Files\Acer\Acer Power Management\ePowerButton.exe"=0x534143500100000000000000070000002800000048F81C0035751D00010000000000000000000206F5220000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000FD89840500000000FD030000FD030000 "C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.EXE"=0x5341435001000000000000000700000028000000503C0E0082290F0001000000000000000000010671000000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000AB4A0C00000000000A0000000A000000 "SIGN.IE=010E500 Open OfficeSetup.exe"=0x534143500100000000000000070000002800000000E51000613F1100010000000000000000000106000100002EF6C8A3A56ACD010000000000000000 "C:\Program Files (x86)\OpenOffice 4\program\soffice.exe"=0x5341435001000000000000000700000028000000001A9600F5C0960001000000000000000000020671220000975FD891C99ECE010000000000000000020000002800000000000000000000100000000000000000000000000000000098A9BD0600000000AB010000AB010000 "C:\Program Files (x86)\Acer\clear.fi Photo\ClearfiPhoto.exe"=0x534143500100000000000000070000002800000048F25100549A5200010000000000000000000206712200002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000100000000000000000000000000000B29C6506000000000500000005000000 "C:\Windows\System32\spool\drivers\x64\3\E_FUAHLE.EXE"=0x53414350010000000000000007000000280000008075060052F90600010000000000000000000106712200002EF6C8A3A56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000004EFA0000000000000100000001000000 "SIGN.MEDIA=7FDEEE06 menu.exe"=0x534143500100000000000000070000002800000000920B0000000000010000000000000000000105412000002EF6C8A3A56ACD0100000000000000000200000028000000000000008000000000000000000000000000000000000000D3330300000000000100000001000000 "C:\Program Files (x86)\Anuman Interactive\Faire-part et remerciements\SoftPrint.exe"=0x5341435001000000000000000700000028000000009A1D000000000001000000000000000000010561200000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000006DED1005000000002200000022000000 "C:\Users\Odilia\AppData\Local\Apps\2.0\4C3HGM5B.8Q4\5JZYWW21.VLY\prog...app_4fe91ede9f9bdca3_0001.0003_4cdfd90a477ef7a9\clickonce_bootstrap.exe"=0x534143500100000000000000070000002800000088270000B9330000010000000000000000000106800100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000E7200300000000000100000001000000 "C:\Program Files (x86)\OpenOffice 4\program\scalc.exe"=0x534143500100000000000000070000002800000000960100588F020001000000000000000000020671220000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000003671E904000000004708000047080000 "C:\Users\Odilia\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_fr.exe"=0x5341435001000000000000000700000028000000F72D060800000000010000000000000000000106710000002EF6C8A3A56ACD0100000000000000000200000028000000000000000008004000000000000000000000000000000000590D0100000000000100000001000000 "C:\Windows\System32\spool\drivers\x64\3\E_GATO46.EXE"=0x534143500100000000000000070000002800000080D50400A217050001000000000000000000010673020000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000010350200000000000200000002000000 "C:\Windows\twain_32\escndv\escndv.exe"=0x5341435001000000000000000700000028000000004002000000000001000000000000000000000671200000975FD891C99ECE01000000000000000002000000280000000000000000000000000202000000000000000000000000003029B90000000000E6010000E6010000 "C:\Windows\twain_32\escndv\escfg.exe"=0x534143500100000000000000070000002800000000C0020000000000010000000000000000000006712200002EF6C8A3A56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000006AA20000000000000100000001000000 "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\setup.exe"=0x5341435001000000000000000700000028000000487D1200A02F1300030000000000000000000206002100002EF6C8A3A56ACD0100000080000000000200000028000000000000000000000000000000000000000000000000000000484A0000000000000100000001000000 "C:\Program Files (x86)\OpenOffice 4\program\swriter.exe"=0x534143500100000000000000070000002800000000960100BAE0010001000000000000000000020671220000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000058EE280100000000E4020000E4020000 "C:\Users\Odilia\AppData\Local\Apps\2.0\4C3HGM5B.8Q4\5JZYWW21.VLY\prog...app_4fe91ede9f9bdca3_0001.0003_f1b619d881640307\clickonce_bootstrap.exe"=0x534143500100000000000000070000002800000088270000E3BC0000010000000000000000000106800100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000090E90100000000000100000001000000 "C:\Users\Odilia\Downloads\ChromeSetup.exe"=0x5341435001000000000000000700000028000000E8EF0C00B63D0D00010000000000000000000106000100002EF6C8A3A56ACD010000000100000000 "C:\Users\Odilia\AppData\Local\Temp\GUMAEBC.tmp\GoogleUpdateSetup.exe"=0x5341435001000000000000000700000028000000E8EF0C00B63D0D00010000000000000000000106000100002EF6C8A3A56ACD0100000080000000000200000028000000000000000000004000000000000000000000000000000000152E0000000000000100000001000000 "C:\Program Files (x86)\Acer\clear.fi Media\ClearfiMedia.exe"=0x53414350010000000000000007000000280000004802500077045000010000000000000000000206712200002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000001000000000000000000000000000002AED0100000000000100000001000000 "C:\Program Files (x86)\Acer\Acer Photo\AcerPhoto.exe"=0x534143500100000000000000070000002800000000856100F5176200010000000000000000000206712200002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000010000000000000000000000000000019580200000000000300000003000000 "C:\Users\Odilia\Downloads\badaboom.exe"=0x534143500100000000000000070000002800000031CF3B0000000000010000000000000000000105710000002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000004000000000000000000000000000078200000000000000100000001000000 "C:\Users\Odilia\Desktop\badaboom.exe"=0x534143500100000000000000070000002800000031CF3B000000000001000000000000000000010571000000975FD891C99ECE01000000000000000002000000280000000000000000000000000400000000000000000000000000004319C900000000000C0000000C000000 "C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe"=0x5341435001000000000000000700000028000000006F1601CAA61601010000000000000000000206802100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000223E0000000000000300000003000000 "C:\Users\Odilia\AppData\Roaming\1H1Q\Aff Packages\uninstaller.exe"=0x53414350010000000000000007000000280000000002110000000000030000000000000000000106000100002EF6C8A3A56ACD0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000008000000000000000800000000000FC1F0000000000000100000001000000010000000400000001000000 "C:\Users\Odilia\Downloads\adwcleaner.exe"=0x534143500100000000000000070000002800000002C3150000000000010000000000000000000106710200002EF6C8A3A56ACD0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000A2490200000000000500000005000000 "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe"=0x5341435001000000000000000700000028000000C0B22D00FD172E0001000000000000000000010673220000B395E7CF049FCE01000000000000000002000000280000000000000000000000000000000000000000000000000000009D000000000000000700000007000000 "C:\Program Files (x86)\Acer\Acer Media\AcerMedia.exe"=0x534143500100000000000000070000002800000000215B00ABFF5B00010000000000000000000206712200002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000010000000000000000000000000000006400000000000000100000001000000 "C:\Users\Odilia\Downloads\FlashPlayersetup__5221_i429207939_il6.exe"=0x5341435001000000000000000700000028000000301E0500D3710500010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000F41B0000000000000100000001000000 "C:\Program Files (x86)\Acer\AcerCloud Docs\AcerCloud Docs.exe"=0x5341435001000000000000000700000028000000005962009310630001000000000000000000020671220000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000B2521E00000000001100000011000000 "C:\Program Files\mcafee.com\agent\mcagent.exe"=0x5341435001000000000000000700000028000000883508003746080001000000000000000000020600210000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000A9030000000000000700000007000000 "C:\Program Files (x86)\Acer\abPhoto\abPhoto.exe"=0x534143500100000000000000070000002800000000756A001DA96A00010000000000000000000206712200002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000100000000000000000000000000000922E0000000000000100000001000000 "C:\Program Files (x86)\Acer\abMedia\abMedia.exe"=0x534143500100000000000000070000002800000000BB6300A2776400010000000000000000000206712200002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000010000000000000000000000000000095160000000000000100000001000000 "C:\Program Files (x86)\Acer\abMedia\abMediaSetup.exe"=0x5341435001000000000000000700000028000000001D27006BFC2700030000000000000000000206F12200002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000ADF20000000000000100000001000000 "C:\Program Files (x86)\Acer\abPhoto\abPhotoSetup.exe"=0x534143500100000000000000070000002800000000BF26009D762700030000000000000000000206F12200002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000C9780000000000000100000001000000 "C:\Program Files (x86)\Acer\Acer Portal\AcerPortalSetup.exe"=0x534143500100000000000000070000002800000000711900898D1900030000000000000000000206F12000002EF6C8A3A56ACD0100000000000000000200000028000000000000000008000000000000000000000000000000000000E8440000000000000100000001000000 "C:\Users\Odilia\Downloads\PdfCreatorSetup.exe"=0x5341435001000000000000000700000028000000C8E10A009736A3A701000000000000000000020600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000ADFF0000000000000200000002000000 "C:\Program Files\mcafee.com\agent\mcupdate.exe"=0x5341435001000000000000000700000028000000507E1700EAF9170001000000000000000000030600210000B395E7CF049FCE01000000000000000002000000280000000000000000000040000000000000000000000000000000004B030000000000000400000004000000 "C:\Users\Odilia\Downloads\GameoSetup.exe"=0x534143500100000000000000070000002800000010B30D0066A10D0001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000D8250000000000000100000001000000 "C:\Users\Odilia\AppData\Local\Temp\ICReinstall_GameoSetup.exe"=0x534143500100000000000000070000002800000010B30D0066A10D0001000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000001771D300000000000100000001000000 "C:\Users\Odilia\AppData\Local\Vosteran\Application\31.0.1650.23\Installer\uninstall.exe"=0x5341435001000000000000000700000028000000001002000000000003000000000000000000030600210000975FD891C99ECE010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000040120000000000000100000001000000 "C:\Program Files (x86)\PhraseFinder_1.10.0.8\Uninstall.exe"=0x534143500100000000000000070000002800000040C90400E2E9040003000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000000F2F0000000000000300000003000000 "C:\Users\Odilia\AppData\Roaming\Gameo\uninstall.exe"=0x53414350010000000000000007000000280000002D5E03000000000003000000000000000000010600010000975FD891C99ECE01000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000080000000000000008000000000006EFF0000000000000100000001000000010000000400000001000000 "C:\Users\Odilia\Downloads\ChromeSetup (1).exe"=0x5341435001000000000000000700000028000000507B0C0029DAE8C601000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000007E290400000000000100000001000000 "C:\Program Files (x86)\CyberLink\MediaEspresso\subsys\BigBang\Runtime\CLUpdater.exe"=0x53414350010000000000000007000000280000001000060002CD060001000000000000000000010671220000975FD891C99ECE010000008000000000020000002800000000000000000000000000000000000000000000000000000045400000000000000300000003000000 "C:\Users\Odilia\AppData\Local\Temp\Temp2_La.Petite.Sir%E9ne.1.Walt.Disney.French.Dvdrip.mpg.zip\La.Petite.Sir%E9ne.1.Walt.Disney.French.Dvdrip.mpg.exe"=0x534143500100000000000000070000002800000000E404001CE5040001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000017110000000000000100000001000000 "C:\Users\Odilia\AppData\Local\Temp\ICReinstall_PdfCreatorSetup.exe"=0x5341435001000000000000000700000028000000C8E10A009736A3A701000000000000000000020600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000D0910000000000000100000001000000 "C:\Program Files (x86)\Acer Remote\WinShow.exe"=0x534143500100000000000000070000002800000098170300DF0B040001000000000000000000020671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000C61B0000000000000100000001000000 "C:\Windows\System32\MRT.exe"=0x534143500100000000000000070000002800000078598D08665A8D0801000000000000000000030600210000B395E7CF049FCE010000000000000000020000002800000000000000000000400000000000000000000000000000000020FF0000000000000100000001000000 "C:\Program Files\mcafee\msc\mcuihost.exe"=0x5341435001000000000000000700000028000000D85A0E00B7200F0003000000000000000000030600210000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000054770300000000000100000001000000 "C:\Users\Odilia\Downloads\avast_free_antivirus_setup_online_01net.exe"=0x534143500100000000000000070000002800000078A353000000000001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000084E77600000000000300000003000000 "SIGN.IE=015D8FD8 mbam-setup-org-2.2.0.1024.exe"=0x5341435001000000000000000700000028000000D88F5D01B6275E0101000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000A9C83600000000000100000001000000 "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"=0x534143500100000000000000070000002800000038099600CD0E960001000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000B6CB1F00000000000F0000000F000000 "C:\Users\Odilia\Downloads\Installateur_antivirus (1).exe"=0x5341435001000000000000000700000028000000F0DD05008399060001000000000000000000010600010000975FD891C99ECE010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000090720000000000000100000001000000 "C:\Users\Odilia\AppData\Local\Temp\7zS4C97.tmp\setup.exe"=0x5341435001000000000000000700000028000000080F0B005C1B0B0001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000099320000000000000100000001000000 "C:\Users\Odilia\Downloads\rcsetup152.exe"=0x534143500100000000000000070000002800000088894300F21A440001000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000000E0B0300000000000100000001000000 "C:\Program Files\Recuva\recuva64.exe"=0x5341435001000000000000000700000028000000185B4B0084C34B0001000000000000000000030673220000B395E7CF049FCE0100000000000000000200000028000000000000000000004000000000000000000000000000000000EA7A0400000000000300000003000000 "C:\Users\Odilia\Downloads\bsplayer270.setup.exe"=0x534143500100000000000000070000002800000020FBA0008C9AA10001000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000096841600000000000100000001000000 "C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe"=0x5341435001000000000000000700000028000000001C1F000000000001000000000000000000030661220000975FD891C99ECE01000000000000000002000000280000000000000000000010000000000000000000000000000000001FED1700000000003A0000003A000000 "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"=0x5341435001000000000000000700000028000000C8FB0500B80C060001000000000000000000030600210000975FD891C99ECE010000000100000000 "C:\Program Files (x86)\Acer Remote\ArcServer.exe"=0x534143500100000000000000070000002800000098FF07005669080001000000000000000000020671220000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000005E000000000000000500000005000000 "C:\Users\Odilia\Downloads\chromeinstall-8u101.exe"=0x5341435001000000000000000700000028000000404A0B0016460C0001000000000000000000030671220000975FD891C99ECE010000000000000000 "C:\Program Files\AVAST Software\SZBrowser\launcher.exe"=0x5341435001000000000000000700000028000000D8F30B003EE90C0001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000800000000000000000000000000000000000000099880000000000000200000002000000 "SIGN.MEDIA=5A4B13E Autorun.exe"=0x534143500100000000000000070000002800000000580600EBAE060001000000000000000000010671020000975FD891C99ECE0100000000000000000200000028000000000000008000000000000000000000000000000000000000B5860D00000000000100000001000000 "C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe"=0x534143500100000000000000070000002800000000D40E000000000001000000000000000000010600010000975FD891C99ECE010000008000000000020000002800000000000000000000000000000000000000000000000000000016D70000000000000200000002000000 "SIGN.MEDIA=10ED24 setup.exe"=0x5341435001000000000000000700000028000000882A03007DE0030001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000004004000000000000000000000000000000D3100501000000000F0000000F000000 "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"=0x534143500100000000000000070000002800000030910D0023760E0003000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000C1210000000000000100000001000000 "C:\Program Files\Recuva\uninst.exe"=0x5341435001000000000000000700000028000000F03102008287020003000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000F82A0000000000000100000001000000 "SIGN.MEDIA=1C2F9E EBP_CD.exe"=0x534143500100000000000000070000002800000000160E000000000001000000000000000000010541200000975FD891C99ECE0100000000000000000200000050000000000000008000000000000000000000000000000000000000FC972B0100000000050000000200000000000000000000000000000000000000000000000000000035D60800000000000400000000000000 "C:\Users\Odilia\Downloads\EBP_2017_Association_21_0_1_756 (1).exe"=0x5341435001000000000000000700000028000000987138015F5A390101000000000000000000010600010000975FD891C99ECE01000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000006D630000000000000200000002000000 "C:\Users\Odilia\Downloads\EBP_2017_Association_21_0_1_756 (2).exe"=0x5341435001000000000000000700000028000000987138015F5A390101000000000000000000010600010000975FD891C99ECE010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000080870000000000000200000002000000 "C:\Users\Odilia\Downloads\EBP_2017_Association_21_0_1_756 (3).exe"=0x5341435001000000000000000700000028000000987138015F5A390101000000000000000000010600010000975FD891C99ECE01000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000004E8A0000000000000100000001000000 "C:\Users\Odilia\Downloads\EBP_2017_Association_21_0_1_756 (4).exe"=0x5341435001000000000000000700000028000000987138015F5A390101000000000000000000010600010000975FD891C99ECE010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000012110100000000000100000001000000 "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe"=0x5341435001000000000000000700000028000000C0B40C0012D00C0003000000000000000000010600010000975FD891C99ECE0100000000000000000100000004000000010000000500000010000000000000000000000000000000000000000200000028000000000000000000000004028000000000000000800000000000F2DE0100000000000400000004000000 "C:\Users\Odilia\Downloads\EBP_Installations\EBP_2016_Association_20_0_0_751.exe"=0x5341435001000000000000000700000028000000C01E3C01D0A33C0101000000000000000000010600010000975FD891C99ECE01000000000000000005000000100000000000000000000000000001060000000002000000A0000000000001060000006000000000000000000000000000000000B3C2000000000000040000000100000000030105300000600000000000000000000000000000000036C60500000000000100000000000000000000002000006000000000000000000000000000000000A1430000000000000100000000000000000000000000004000000200000000000000000000000000145D0000000000000200000000000000 "C:\Users\Odilia\Downloads\EBP_Installations\Ebp.DownloadManager.exe"=0x5341435001000000000000000700000028000000686625002B6A2500010000000000000000000306F5220000B395E7CF049FCE01000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000001F000000000000000100000001000000 "SIGN.MEDIA=6C617B Lariviere.exe"=0x5341435001000000000000000700000028000000828437000000000001000000000000000000000671020000975FD891C99ECE010000000000000000020000002800000000000000800000000000000000000000000000000000000055A80000000000000100000001000000 "C:\Users\Odilia\Downloads\install_ccleaner.exe"=0x534143500100000000000000070000002800000058991200B436A5DE01000000000000000000030600210000975FD891C99ECE010000000000000000 "C:\Users\Odilia\AppData\Local\chromium\Application\chrome.exe"=0x5341435001000000000000000700000028000000004E1000CA8A100001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000F1032900000000000100000001000000 "C:\Users\Odilia\Logiciel.exe"=0x5341435001000000000000000700000028000000E81C0500DBBD050001000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000CA2A0000000000000100000001000000 "C:\Users\Odilia\Downloads\ccsetup527.exe"=0x534143500100000000000000070000002800000030528D00A9B48D0001000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000006F542300000000000100000001000000 "C:\Program Files\CCleaner\CCleaner64.exe"=0x5341435001000000000000000700000028000000D8E08E00B3CD8F0001000000000000000000030600210000B395E7CF049FCE010000000000000000020000002800000000000000000000400000000000000000000000000000000043906E00000000000300000003000000 "C:\Users\Odilia\AppData\Local\{22CD1491-0665-7829-6BFD-5DC14F95A159}\uninst.exe"=0x53414350010000000000000007000000280000009E9100000000000003000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000004C100000000000000100000001000000 "C:\Program Files\CCleaner\uninst.exe"=0x53414350010000000000000007000000280000001074020089F3020003000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000006B2A0000000000000100000001000000 "C:\Program Files (x86)\McAfee\SiteAdvisor\uninstall.exe"=0x534143500100000000000000070000002800000088040F00932B0F0003000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000002D730000000000000100000001000000 "C:\Program Files (x86)\Microsoft Office\Office15\WINWORD.EXE"=0x5341435001000000000000000700000028000000C07A1D0081031E0001000000000000000000010600010000975FD891C99ECE0100000090000000000200000028000000000000000000001000000000000000000000000000000000F43C2200000000004700000047000000 "C:\Program Files (x86)\Dohat\Application\chrome.exe"=0x5341435001000000000000000700000028000000585F0E0077AC0E0001000000000000000000030600210000975FD891C99ECE010000000100000000 "C:\Program Files (x86)\Firefox\uninstall\helper.exe"=0x5341435001000000000000000700000028000000884A0D00733A0E0001000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000004E000000000000000200000002000000 "C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE"=0x5341435001000000000000000700000028000000C0CA8801B546890101000000000000000000010600010000975FD891C99ECE0100000090000000000200000028000000000000000000001000000000000000000000000000000000906C0100000000000400000004000000 "C:\Program Files (x86)\ScreenShot\SSInst.exe"=0x5341435001000000000000000700000028000000E0AD04001B1F050003000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000CC1A0000000000000100000001000000 "C:\Program Files\AVAST Software\Avast\AvastUI.exe"=0x5341435001000000000000000700000028000000A8D08B0011B48C0001000000000000000000030600210000975FD891C99ECE0100000000000000000200000050000000000000000000000000000000000000000000000000000000360400000000000005000000020000000000000000000040000000000000000000000000000000003E000000000000000100000000000000 "SIGN.MEDIA=1522A00 houseparty.0.4.2.1.x64.1103\HouseParty.exe"=0x5341435001000000000000000700000028000000002A52010000000001000000000000000000030600210000B395E7CF049FCE01000000000000000002000000280000000000000000000000000000000000000000000000000000008FFF3B00000000000100000001000000 "C:\Program Files (x86)\Everness\Application\chrome.exe"=0x5341435001000000000000000700000028000000585F0E0077AC0E0001000000000000000000030600210000975FD891C99ECE010000000100000000 "C:\Program Files\AVAST Software\Avast\setup\instup.exe"=0x5341435001000000000000000700000028000000500B14000000000003000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000C1280100000000000100000001000000 "C:\Users\Odilia\Downloads\AdsFix.exe"=0x5341435001000000000000000700000028000000A87B6300D13C640001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000043F39200000000000300000003000000 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"=0x534143500100000000000000070000002800000058E90E0000E00F0001000000000000000000030600210000975FD891C99ECE010000000100000000 "C:\Users\Odilia\Desktop\AdsFix.exe"=0x5341435001000000000000000700000028000000A87B6300D13C640001000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000000B410100000000000100000001000000 "C:\Users\Odilia\Downloads\QuickDiag.exe"=0x5341435001000000000000000700000028000000A8692A0000932A0001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000B80B0000000000000100000001000000 [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe"=32 ---------- | IFEO [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\taskmgr.exe] : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Image File execution Options\taskmgr.exe] : ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "DoubleClickSpeed"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "DragFullWindows"=USR:Control Panel\Desktop ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "MouseSpeed"=#USR:Control Panel\Mouse "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "CoolSwitch"=USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DoubleClickWidth"=#USR:Control Panel\Mouse "SnapToDefaultButton"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "ScreenSaveActive"=#USR:Control Panel\Desktop "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "PowerOffTimeOut"=#USR:Control Panel\Desktop "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon "SCRNSAVE.EXE"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "ScreenSaverActive"=USR:Control Panel\Desktop [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "DoubleClickSpeed"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "MouseSpeed"=#USR:Control Panel\Mouse "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "CoolSwitch"=USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DoubleClickWidth"=#USR:Control Panel\Mouse "SnapToDefaultButton"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "ScreenSaveActive"=#USR:Control Panel\Desktop "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "PowerOffTimeOut"=#USR:Control Panel\Desktop "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon "SCRNSAVE.EXE"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "ScreenSaverActive"=USR:Control Panel\Desktop [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=130216565553372332 "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "DisableAntiSpyware"=1 "ProductType"=2 "ProductStatus"=0 "DisableAntiVirus"=1 "InstallTime"=0xAB4C69179225CF01 "OneTimeSqmDataSent"=1 "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] ---------- | Winsock (Whitelist) ---------- | Hosts ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [216.58.198.206] avec 32 octets de donn?es?: R?ponse de 216.58.198.206?: octets=32 temps=17 ms TTL=52 R?ponse de 216.58.198.206?: octets=32 temps=18 ms TTL=52 R?ponse de 216.58.198.206?: octets=32 temps=18 ms TTL=52 R?ponse de 216.58.198.206?: octets=32 temps=17 ms TTL=52 Statistiques Ping pour 216.58.198.206: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 17ms, Maximum = 18ms, Moyenne = 17ms ---------- | @ [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Microsoft\Internet Explorer\Main] "OperationalData"=13 "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\WINDOWS\system32\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "XMLHTTP"=1 "NoUpdateCheck"=1 "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "UseClearType"=no "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=https://www.google.com/ "Default_Page_URL"=http://acer13.msn.com "DisableFirstRunCustomize"=1 "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0000000000000000E803000058020000 "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0x54BB4D4A07BED201 "IconCache"=x18hsq3 "ApplicationTileImmersiveActivation"=0 "AssociationActivationMode"=2 "DownloadWindowPlacement"=0x2C0000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFB0010000960000003004000076020000 "IE10TourShown"=1 "IE10TourShownTime"=0x2D371E3A15BFCF01 "PrivacyPolicyShown"=1 "ImageStoreRandomFolder"=tcd32ku "Check_Associations"=no "Start Page_TIMESTAMP"=0xAC7D6E2802B3D201 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"= "SearchAssistant"=http://fr-recherche.com/?q= "Use Search Asst"=yes "Use FormSuggest"=yes [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Microsoft\Internet Explorer\SearchURL] ""=http://fr-recherche.com/?q=%s [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "EnableNegotiate"=1 "MigrateProxy"=1 "PrivacyAdvanced"=0 "ProxyEnable"=0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "ZonesSecurityUpgrade"=0x9C02CD77E1D1CF01 "EmailName"=User@ "AutoConfigProxy"=wininet.dll "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "WarnOnPost"=0x01000000 "UseSchannelDirectly"=0x01000000 "EnableHttp1_1"=1 "UrlEncoding"=0 "SecureProtocols"=2720 "DisableCachingOfSSLPages"=0 "WarnonZoneCrossing"=0 "CertificateRevocation"=1 "GlobalUserOffline"=0 "ReceiveTimeout"=10000 "ProxyHttp1.1"=1 "ProxyOverride"=*.local "WarNonBadCertReceving"=1 "WarNonHTTPSToHTTPRedirect"=1 [HKLM\Software\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=https://www.google.com/ie "Default_Page_URL"=http://search.rechercherweb.com/ "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Start Page"=https://www.google.com/ "TabProcGrowth"=Medium "Print_Background"=0 "AlwaysShowMenus"=0 "StatusBarWeb"=1 "DoNotTrack"=1 [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=https://www.google.com/ie "Default_Page_URL"=http://search.rechercherweb.com/ "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=https://www.google.com/ "Local Page"=C:\WINDOWS\System32\blank.htm "Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "DoNotTrack"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "EnablePunycode"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7} -- C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [23/02/2017 09:34:04] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE} -- C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [23/02/2017 09:34:04] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} -- C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [23/02/2017 09:34:04] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw] - {472083B0-C522-11CF-8763-00608CC02F24} -- C:\Program Files\AVAST Software\Avast\ashShA64.dll [20/04/2017 17:57:38] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast] - {472083B0-C522-11CF-8763-00608CC02F24} -- C:\Program Files\AVAST Software\Avast\ashShA64.dll [20/04/2017 17:57:38] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [11/03/2015 21:38:10] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7} -- C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [23/02/2017 09:29:34] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE} -- C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [23/02/2017 09:29:34] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} -- C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [23/02/2017 09:29:34] ---------- | Toolbar [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 "ShowDiscussionButton"=Yes [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "ITBar7Layout"=0x13000000000000000000000020000000100001001600000001000000800600005E01000006000000810200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000048BEBB0ED4BA4C4B8E5A516ABECAE0640000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "KnownProvidersUpgradeTime"=0x42E0764C07BED201 "Version"=4 "UpgradeTime"=0x9300194D07BED201 "DefaultPackCorrection"=1 "DefaultPackNTCorrection"=1 "DownloadRetries"=2 "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (&Envoyer à OneNote) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] : (Cliquer pour appeler Lync) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (Notes &liées OneNote) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (&Envoyer à OneNote) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] : (Cliquer pour appeler Lync) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (Notes &liées OneNote) - [] ---------- | SearchScopes [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE10 : [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{43CDBFD1-600F-40FC-9E41-EA6039CD3204}] - () - : [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{43CDBFD1-600F-40FC-9E41-EA6039CD3204}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1 : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{43CDBFD1-600F-40FC-9E41-EA6039CD3204}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] -> (Skype for Business Browser Helper) : C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [14/03/2017 12:43:12] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> (avast! Online Security) : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [20/04/2017 17:57:13] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] -> (Microsoft SkyDrive Pro Browser Helper) : C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [23/02/2017 09:29:34] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] -> (Skype for Business Browser Helper) : C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [14/03/2017 12:43:12] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [20/04/2017 18:15:06] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> (avast! Online Security) : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [20/04/2017 17:57:13] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] -> (Microsoft SkyDrive Pro Browser Helper) : C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [23/02/2017 09:29:34] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [20/04/2017 18:15:06] ---------- | Chrome C:\Users\Odilia\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Odilia\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\Odilia\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\Odilia\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Odilia\AppData\Local\Google\Chrome\User Data\Default\extensions\gomekmidlodglbbmalcneegieacbdmki = : Avast Browser Security and Web Reputation Plugin. - Avast Online Security - matches:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\Odilia\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Odilia\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx C:\Users\Odilia\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki] ---------- | Opera ---------- | Firefox [HKLM\Software\mozilla\Firefox\Extensions] "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF "sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF "sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72] - (Intel IPT WebApi plugin) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] - (This plugin updates Intel WebAPI component) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.121.2] - (Java™ Deployment Toolkit) : C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.121.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0] - (Microsoft Lync Plug-in for Firefox) : C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVision] - (NVIDIA stereo images plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] - (NVIDIA 3D Vision Streaming plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0] - (WildTangent Games App V2 Presence Detector Plugin) : C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll C:\Users\Odilia\AppData\Roaming\Mozilla\Firefox\Profiles\5gnx6bi6.default\Prefs.js user_pref("browser.startup.homepage_override.buildID", "20160210153822"); user_pref("browser.startup.homepage_override.mstone", "44.0.2"); user_pref("extensions.blocklist.pingCountVersion", -1); user_pref("extensions.bootstrappedAddons", "{}"); user_pref("extensions.databaseSchema", 17); user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:44.0.2"); user_pref("extensions.getAddons.cache.lastUpdate", 1461790086); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.lastAppVersion", "44.0.2"); user_pref("extensions.lastPlatformVersion", "44.0.2"); user_pref("extensions.pendingOperations", false); user_pref("extensions.shownSelectionUI", true); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}"); user_pref("extensions.xpiState", "{\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"e\":true,\"v\":\"44.0.2\",\"st\":1457288106777,\"mt\":1457288106698}},\"winreg-app-global\":{\"wrc@avast.com\":{\"d\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"e\":false,\"v\":\"10.3.3.39\",\"st\":1449862405991,\"mt\":1456151168195},\"sp@avast.com\":{\"d\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\SafePrice\\\\FF\",\"e\":false,\"v\":\"10.3.5.39\",\"st\":1456151277144,\"mt\":1456151166805}}}"); [Profile0] - Name=default -> Profiles/5gnx6bi6.default ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{D3C8D190-9150-44A9-9346-E0C743ADE0D2}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{D3C8D190-9150-44A9-9346-E0C743ADE0D2}] "DhcpNameServer"=192.168.1.1 ---------- | Applications [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\SOFTWARE\Classes\Applications\bsplayer.exe] : C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe "%L" [HKLM\SOFTWARE\Classes\Applications\chrome.exe] : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\chrome.exe] : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DcomLaunch DeviceInstall SystemEventsBroker "regsvc"=RemoteRegistry [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=PlugPlay DcomLaunch DeviceInstall "3DM"=3DM "WindowsAppKitServices"=GameExplorerUpdate "WerrSvcGroup"=AppleCloudSvc ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Acer] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\AppDataLow] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\AVAST Software] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\BST] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Chromium] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\CleanerProConfig] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Clients] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Conduit] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\CTPW Data] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Cyberlink] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Dohat] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Eek! Games] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\EPSON] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\eSupport.com] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Everness] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Google] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\IM Providers] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Intel] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\JavaSoft] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\LAV] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Licenses] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Local AppWizard-Generated Applications] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Macromedia] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Microsoft] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Mine] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Mozilla] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\MozillaPlugins] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Netscape] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\NVIDIA Corporation] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\ODBC] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\OEM] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\OpenOffice] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Policies] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\QtProject] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Realtek] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\RegisteredApplications] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\sysinternals] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Trolltech] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Unity] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Wow6432Node] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Microsoft\Windows\Roaming] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\AdsFix] [HKLM\Software\AGEIA Technologies] [HKLM\Software\ATI Technologies] [HKLM\Software\Clearfi] [HKLM\Software\Clients] [HKLM\Software\CUSTPDF Writer] [HKLM\Software\CyberLink] [HKLM\Software\Dolby] [HKLM\Software\DTS] [HKLM\Software\EPSON] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Knowles] [HKLM\Software\Macromedia] [HKLM\Software\McAfee] [HKLM\Software\McAfee.com] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\MozillaPlugins] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SonicFocus] [HKLM\Software\SRS Labs] [HKLM\Software\Sysinternals] [HKLM\Software\Waves Audio] [HKLM\Software\Wow6432Node] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\Software\WOW6432Node\AdwCleaner] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\AVAST Software] [HKLM\Software\WOW6432Node\Chromium] [HKLM\Software\WOW6432Node\Clearfi] [HKLM\Software\WOW6432Node\Conduit] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\Dohat] [HKLM\Software\WOW6432Node\EPSON] [HKLM\Software\WOW6432Node\Everness] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\GPL Ghostscript] [HKLM\Software\WOW6432Node\IM Providers] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\WOW6432Node\McAfee] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Nero] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OEM] [HKLM\Software\WOW6432Node\OpenOffice] [HKLM\Software\WOW6432Node\Piriform] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\ScreenShot] [HKLM\Software\WOW6432Node\TP-LINK] [HKLM\Software\WOW6432Node\Webteh] [HKLM\Software\WOW6432Node\WildTangent] [HKLM\Software\WOW6432Node\Wow6432Node] [HKLM\Software\WOW6432Node\Yahoo] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ---------- | Drives D: ---------- | C: [28/04/2017 17:45:49] - |SHD| - [7337771] - C:\$RECYCLE.BIN [28/04/2017 15:02:42] - |D| - [388033553] - C:\AdsFix [MD5.B5D0C273957B5C93A4B47AC8713DF3B7] - [28/04/2017 15:04:26] - |A| - (.-.) - [33710] - (0.0.0.0) - C:\AdsFix_28_04_2017_17_43_18.txt [13/04/2014 19:31:16] - |D| - [29111834] - C:\AdwCleaner [MD5.93B885ADFE0DA089CDF634904FD59F71] - [26/07/2012 10:18:43] - |ASH| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT [22/08/2013 16:45:52] - |SHD| - [0] - C:\Documents and Settings [06/11/2013 18:31:38] - |HD| - [1176904] - C:\Intel [12/01/2017 18:28:53] - |RHD| - [737278584] - C:\MSOCache [15/05/2013 12:13:09] - |HD| - [2629823500] - C:\OEM [MD5.D41D8CD98F00B204E9800998ECF8427E] - [06/11/2013 18:24:43] - |ASH| - (.-.) - [738197504] - (0.0.0.0) - C:\pagefile.sys [22/08/2013 17:36:30] - |D| - [0] - C:\PerfLogs [22/08/2013 15:36:15] - |RD| - [5069578539] - C:\Program Files [22/08/2013 15:36:15] - |RD| - [4529697928] - C:\Program Files (x86) [22/08/2013 15:36:15] - |HD| - [38310409993] - C:\ProgramData [29/04/2017 10:06:30] - |D| - [262049] - C:\QuickDiag [MD5.1D50E34292EC8944E28486F5254C1A15] - [29/04/2017 10:07:10] - |A| - (.-.) - [150583] - (0.0.0.0) - C:\QuickDiag.txt [16/09/2014 21:13:33] - |SHD| - [971] - C:\Recovery [01/11/2013 15:44:34] - |HD| - [0] - C:\sources [MD5.D41D8CD98F00B204E9800998ECF8427E] - [06/11/2013 18:24:43] - |ASH| - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys [01/11/2013 15:57:17] - |SHD| - [7127307588] - C:\System Volume Information [22/08/2013 15:36:15] - |RD| - [150734500308] - C:\Users [22/08/2013 15:36:15] - |D| - [27931447599] - C:\Windows ---------- | C:\WINDOWS [MD5.D41D8CD98F00B204E9800998ECF8427E] - [15/05/2013 11:38:27] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\Acer.tag [22/08/2013 17:36:30] - |D| - [802] - C:\WINDOWS\addins [22/08/2013 17:36:31] - |D| - [1175552] - C:\WINDOWS\ADFS [MD5.50D5FA7F5C7F8A409B0BCFD8D0FC79FC] - [06/11/2013 18:32:54] - |A| - (.-.) - [21542] - (0.0.0.0) - C:\WINDOWS\Alcor.txt [MD5.B0E733B0AF6173915E35E820B4FFD7A1] - [06/11/2013 18:35:50] - |A| - (.-.) - [124] - (0.0.0.0) - C:\WINDOWS\AMD_VGA.txt [22/08/2013 17:36:30] - |D| - [22817186] - C:\WINDOWS\AppCompat [22/08/2013 17:36:31] - |D| - [11918624] - C:\WINDOWS\apppatch [22/08/2013 17:36:30] - |D| - [0] - C:\WINDOWS\AppReadiness [22/08/2013 17:36:30] - |RSD| - [960109563] - C:\WINDOWS\assembly [26/07/2012 10:12:59] - |D| - [0] - C:\WINDOWS\AUInstallAgent [MD5.12EBDA58437CD1EA7066FCB6455241D2] - [27/09/2016 21:07:21] - |A| - (.Copyright (c) 2014 AVAST Software - avast! Screen Saver stub.) - [53208] - (12.3.3154.0) - C:\WINDOWS\avastSS.scr [MD5.FA78F9739F8F0239A539A06B10D354C7] - [22/08/2013 13:21:53] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [56832] - (6.3.9600.16384) - C:\WINDOWS\bfsvc.exe [22/08/2013 17:36:31] - |D| - [36950530] - C:\WINDOWS\Boot [MD5.8238A4236C2087C785E90E29376411FB] - [22/08/2013 16:46:23] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [22/08/2013 17:36:31] - |D| - [2296376] - C:\WINDOWS\Branding [18/09/2014 20:24:58] - |RD| - [1213938] - C:\WINDOWS\BrowserChoice [22/08/2013 17:36:30] - |D| - [7211564] - C:\WINDOWS\Camera [26/07/2012 09:59:48] - |D| - [0] - C:\WINDOWS\CbsTemp [MD5.A259390DDF970472FC9966FF2FC7BAD0] - [01/11/2013 15:48:52] - |A| - (.-.) - [29] - (0.0.0.0) - C:\WINDOWS\ChangeLang_Done.tag [MD5.5E76737F206FD364C2AAD79E59C29CA2] - [15/09/2014 21:44:30] - |A| - (.-.) - [6599] - (0.0.0.0) - C:\WINDOWS\comsetup.log [MD5.0505315076F50DE128B8256927B94722] - [18/03/2014 11:41:50] - |A| - (.-.) - [35851] - (0.0.0.0) - C:\WINDOWS\Core.xml [MD5.58A675B6B5CFD8495928716CC209296C] - [15/05/2013 02:37:23] - |A| - (.-.) - [10] - (0.0.0.0) - C:\WINDOWS\CSUP.TXT [22/08/2013 17:36:30] - |D| - [4503720] - C:\WINDOWS\Cursors [22/08/2013 17:36:31] - |D| - [27397492] - C:\WINDOWS\debug [22/08/2013 17:36:30] - |RD| - [22590] - C:\WINDOWS\DesktopTileResources [MD5.050C668A459D689E7C033DBCA4417642] - [16/09/2014 20:21:30] - |A| - (.-.) - [22863] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [22/08/2013 17:36:30] - |D| - [3539068] - C:\WINDOWS\diagnostics [MD5.050C668A459D689E7C033DBCA4417642] - [16/09/2014 20:21:30] - |A| - (.-.) - [22863] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [22/08/2013 17:43:29] - |D| - [0] - C:\WINDOWS\DigitalLocker [22/08/2013 17:36:31] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files [MD5.3993815A84E5469BB66E3A92F9E8F9A8] - [22/08/2013 17:37:25] - |A| - (.-.) - [5217] - (0.0.0.0) - C:\WINDOWS\DtcInstall.log [26/07/2012 10:12:59] - |HD| - [0] - C:\WINDOWS\ELAMBKUP [22/08/2013 17:43:29] - |D| - [0] - C:\WINDOWS\en-US [MD5.ED6B4C95E2A6D67480B9DBB8A8E7D9B4] - [12/10/2016 09:59:55] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [2755504] - (6.3.9600.18460) - C:\WINDOWS\explorer.exe [22/08/2013 17:36:30] - |D| - [14519113] - C:\WINDOWS\FileManager [22/08/2013 15:36:15] - |RSD| - [541959779] - C:\WINDOWS\Fonts [18/03/2014 11:26:19] - |D| - [111616] - C:\WINDOWS\fr-FR [22/08/2013 17:36:30] - |D| - [93328103] - C:\WINDOWS\Globalization [22/08/2013 17:36:31] - |D| - [46872133] - C:\WINDOWS\Help [MD5.7C549E06CA1F45806B940641991EE8DE] - [16/03/2017 20:10:48] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1001472] - (6.3.9600.18589) - C:\WINDOWS\HelpPane.exe [MD5.B934411DFE7DEACFA95A1255A48133C9] - [11/03/2015 21:32:45] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [17408] - (6.3.9600.17415) - C:\WINDOWS\hh.exe [22/08/2013 17:36:30] - |D| - [152844180] - C:\WINDOWS\IME [22/08/2013 17:36:31] - |RD| - [7288116] - C:\WINDOWS\ImmersiveControlPanel [22/08/2013 15:36:15] - |D| - [72058386] - C:\WINDOWS\Inf [22/08/2013 17:36:31] - |D| - [119175822] - C:\WINDOWS\InputMethod [22/08/2013 17:36:31] - |SHD| - [8421867643] - C:\WINDOWS\Installer [22/08/2013 17:36:31] - |D| - [61417] - C:\WINDOWS\L2Schemas [MD5.50D5FA7F5C7F8A409B0BCFD8D0FC79FC] - [06/11/2013 18:32:20] - |A| - (.-.) - [21542] - (0.0.0.0) - C:\WINDOWS\LiteOne_AddOn_Card.txt [26/07/2012 10:12:59] - |D| - [0] - C:\WINDOWS\LiveKernelReports [22/08/2013 15:36:15] - |D| - [63582573] - C:\WINDOWS\Logs [22/08/2013 17:36:30] - |RSD| - [19944453] - C:\WINDOWS\Media [22/08/2013 17:36:31] - |D| - [18917376] - C:\WINDOWS\MediaViewer [MD5.23AF90D2355D8C83AA4567EF1763B467] - [22/08/2013 09:01:23] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [22/08/2013 17:36:30] - |D| - [777697573] - C:\WINDOWS\Microsoft.NET [20/05/2015 19:43:24] - |D| - [1263] - C:\WINDOWS\Migration [MD5.AD5E35589C218BFB54CA3671E33C79B3] - [08/02/2013 07:43:59] - |A| - (.-.) - [2784] - (0.0.0.0) - C:\WINDOWS\MOD01OPK0400210001.enc [MD5.7F4879AB6B9CB70AED61FADD373FCAB1] - [05/01/2012 10:05:59] - |A| - (.-.) - [3544] - (0.0.0.0) - C:\WINDOWS\MOD01OPK0A00210001.enc [MD5.C18F3046AAF942B7BF2E93CEA22D367C] - [15/05/2013 12:18:35] - |A| - (.-.) - [2208] - (0.0.0.0) - C:\WINDOWS\MOD01SET000000019E.enc [MD5.33472374FF9E3D9EE637D0271E307D95] - [15/05/2013 12:18:35] - |A| - (.-.) - [2232] - (0.0.0.0) - C:\WINDOWS\MOD01SET780020000H.enc [26/07/2012 10:12:59] - |D| - [0] - C:\WINDOWS\ModemLogs [01/11/2013 15:40:29] - |D| - [276314727] - C:\WINDOWS\NAPP_Dism_Log [MD5.FC2EA5BD5307D2CFA5AAA38E0C0DDCE9] - [11/08/2015 22:50:19] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [221184] - (6.3.9600.17930) - C:\WINDOWS\notepad.exe [15/05/2013 11:41:18] - |D| - [2092] - C:\WINDOWS\oem [22/08/2013 17:36:30] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [16/09/2014 21:13:28] - |DC| - [112543300] - C:\WINDOWS\Panther [17/01/2017 18:01:10] - |D| - [0] - C:\WINDOWS\PCHEALTH [22/08/2013 17:36:30] - |D| - [45341927] - C:\WINDOWS\Performance [MD5.699AEDAA0FC9A55E462974E0DB61EC24] - [18/03/2014 03:51:22] - |A| - (.-.) - [5579964] - (0.0.0.0) - C:\WINDOWS\PFRO.log [22/08/2013 17:36:30] - |D| - [1136441] - C:\WINDOWS\PLA [22/08/2013 17:36:30] - |D| - [2477297] - C:\WINDOWS\PolicyDefinitions [16/09/2014 20:14:20] - |D| - [70312401] - C:\WINDOWS\Prefetch [MD5.50D5FA7F5C7F8A409B0BCFD8D0FC79FC] - [06/11/2013 18:33:27] - |A| - (.-.) - [21542] - (0.0.0.0) - C:\WINDOWS\Realtek.txt [MD5.B67DB709F5FDAA89CA6C2CB6C1E39B3B] - [11/03/2015 21:37:08] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [154624] - (6.3.9600.17415) - C:\WINDOWS\regedit.exe [22/08/2013 17:36:30] - |D| - [1095144] - C:\WINDOWS\Registration [22/08/2013 17:36:30] - |D| - [8441389] - C:\WINDOWS\rescache [22/08/2013 17:36:31] - |D| - [2581056] - C:\WINDOWS\Resources [MD5.326A3081242E095A200210D9E3532130] - [06/11/2013 18:41:12] - |A| - (.Copyright (C) 2012 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [1706640] - (1.0.4.0) - C:\WINDOWS\RtlExUpd.dll [26/07/2012 10:12:59] - |D| - [0] - C:\WINDOWS\SchCache [22/08/2013 17:36:30] - |D| - [118561] - C:\WINDOWS\schemas [22/08/2013 17:36:31] - |D| - [3122122] - C:\WINDOWS\security [22/08/2013 16:45:15] - |D| - [73914781] - C:\WINDOWS\ServiceProfiles [22/08/2013 15:36:15] - |D| - [195350191] - C:\WINDOWS\servicing [22/08/2013 16:45:23] - |D| - [42] - C:\WINDOWS\Setup [MD5.0B3C2ACED743CAC447BE956C99606857] - [22/08/2013 16:46:17] - |A| - (.-.) - [325472] - (0.0.0.0) - C:\WINDOWS\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [22/08/2013 16:46:17] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\setuperr.log [17/01/2017 18:00:20] - |D| - [66140] - C:\WINDOWS\SHELLNEW [18/03/2014 11:41:34] - |D| - [31373168] - C:\WINDOWS\SKB [06/11/2013 18:30:05] - |D| - [207752759] - C:\WINDOWS\SoftwareDistribution [22/08/2013 17:36:30] - |D| - [103543351] - C:\WINDOWS\Speech [MD5.4D9DA155B7B449964E14FC32124CC601] - [11/03/2015 21:36:50] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [128512] - (6.3.9600.17415) - C:\WINDOWS\splwow64.exe [MD5.C27F1EAE27B704D86873ADF7E944616D] - [06/11/2013 18:43:35] - |A| - (.-.) - [40] - (0.0.0.0) - C:\WINDOWS\spotify.preload [MD5.A77E65831A152C8FCA5B822749E2624D] - [22/08/2013 17:19:59] - |A| - (.-.) - [35891] - (0.0.0.0) - C:\WINDOWS\Starter.xml [22/08/2013 17:36:30] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [22/08/2013 15:25:43] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [22/08/2013 15:36:16] - |RD| - [4552200288] - C:\WINDOWS\System32 [22/08/2013 17:36:30] - |D| - [8530608] - C:\WINDOWS\SystemResources [22/08/2013 15:36:16] - |D| - [1329178380] - C:\WINDOWS\SysWOW64 [26/07/2012 10:12:59] - |D| - [0] - C:\WINDOWS\TAPI [22/08/2013 17:36:30] - |D| - [6] - C:\WINDOWS\Tasks [22/08/2013 15:36:16] - |D| - [14967207] - C:\WINDOWS\Temp [22/08/2013 17:36:30] - |RD| - [22151] - C:\WINDOWS\ToastData [22/08/2013 17:36:31] - |D| - [0] - C:\WINDOWS\tracing [22/08/2013 17:36:31] - |D| - [34368551] - C:\WINDOWS\twain_32 [MD5.727B4519FE9919447108CBEC4768F34A] - [11/03/2015 21:36:40] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [54272] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [MD5.79CC68F66021DD5878F56FFE57508F63] - [22/08/2013 16:46:17] - |A| - (.-.) - [5446] - (0.0.0.0) - C:\WINDOWS\vmgcoinstall.log [22/08/2013 17:36:30] - |D| - [15612486] - C:\WINDOWS\vpnplugins [22/08/2013 17:36:30] - |D| - [12420] - C:\WINDOWS\Vss [22/08/2013 17:36:31] - |D| - [12452982] - C:\WINDOWS\Web [MD5.43540FF54D5AC2DBE00FE6D8377BCD71] - [26/07/2012 07:26:52] - |A| - (.-.) - [399] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [22/08/2013 08:53:50] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.C8FB59E54751C18CC04FDF3C56BCF71A] - [25/05/2014 07:54:54] - |A| - (.-.) - [1924495] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate (1).log [MD5.B24888D993D174361F234A1112A3FF5D] - [16/09/2014 20:15:37] - |A| - (.-.) - [1986822] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.335C38783B3F1B383ECAC17DB3705895] - [11/03/2015 21:32:42] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [9728] - (6.3.9600.17415) - C:\WINDOWS\winhlp32.exe [22/08/2013 17:36:31] - |D| - [1793538] - C:\WINDOWS\WinStore [22/08/2013 15:36:16] - |D| - [9380827154] - C:\WINDOWS\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [22/08/2013 08:52:18] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.73E19BE0E0ECD88616B5762F621B0226] - [11/03/2015 21:32:36] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (6.3.9600.17415) - C:\WINDOWS\write.exe ---------- | C:\WINDOWS\System32\GroupPolicy ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [05/01/2013 06:32:24] - C:\WINDOWS\Installer\12b189.msi : ( -) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/04/2017 18:14:52] - C:\WINDOWS\Installer\131852.msi : (Java SE Runtime Environment 8 Update 121 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/04/2017 18:15:17] - C:\WINDOWS\Installer\13185d.msi : (Java Auto Updater - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/04/2017 23:53:10] - C:\WINDOWS\Installer\156119a.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/09/2016 22:20:06] - C:\WINDOWS\Installer\1f0afff5.msi : (Intel(R) Update Manager - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [31/08/2011 21:54:52] - C:\WINDOWS\Installer\252dc.msi : ( - McAfee) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/03/2013 07:57:11] - C:\WINDOWS\Installer\252e0.msi : (Identity Card - Acer Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/03/2013 12:38:56] - C:\WINDOWS\Installer\252e4.msi : (Live Updater - Acer Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/08/2012 11:52:38] - C:\WINDOWS\Installer\33d7b.msi : ( - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/02/2013 10:46:26] - C:\WINDOWS\Installer\33d81.msi : (Intel(R) Network Connections - Intel) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [31/10/2012 01:10:08] - C:\WINDOWS\Installer\33d87.msi : (Install/UnInstall PhysX Driver + Engines: 2.7.1/3/4/5/6; 2.8.0/1/3 - NVIDIA Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/11/2014 10:33:28] - C:\WINDOWS\Installer\34b99b1.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/01/2013 08:42:46] - C:\WINDOWS\Installer\3d982.msi : (Nero Update - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [31/01/2013 08:43:30] - C:\WINDOWS\Installer\3d987.msi : (Nero BackItUp 12 Essentials OEM.a01 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/01/2013 08:42:50] - C:\WINDOWS\Installer\3d98c.msi : (NeroControlCenter - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/01/2013 08:42:48] - C:\WINDOWS\Installer\3d992.msi : (Nero Core Components - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/01/2013 08:42:48] - C:\WINDOWS\Installer\3d998.msi : (Nero Prerequisites 1 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/01/2013 08:42:52] - C:\WINDOWS\Installer\3d99e.msi : (Nero BackItUp 12 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/01/2013 08:42:46] - C:\WINDOWS\Installer\3d9a4.msi : (Nero RescueAgent 12 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/01/2013 08:42:50] - C:\WINDOWS\Installer\3d9aa.msi : (Nero BackItUp Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/01/2013 08:42:48] - C:\WINDOWS\Installer\3d9b0.msi : (Nero ControlCenter Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/01/2013 08:42:46] - C:\WINDOWS\Installer\3d9b6.msi : (Nero RescueAgent Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/01/2013 08:42:48] - C:\WINDOWS\Installer\3d9bc.msi : (Nero Launcher - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/10/2016 23:42:05] - C:\WINDOWS\Installer\4db56a4f.msi : (Java SE Runtime Environment 8 Update 101 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/06/2014 20:00:11] - C:\WINDOWS\Installer\4fffd.msi : (abDocs - Acer Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/06/2014 15:49:35] - C:\WINDOWS\Installer\50004.msi : (AOP Framework - Acer Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/07/2014 01:51:48] - C:\WINDOWS\Installer\50015.msi : ( - Acer) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/01/2013 07:49:28] - C:\WINDOWS\Installer\55c44.msi : (Power Management - Acer Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/03/2013 05:37:14] - C:\WINDOWS\Installer\55c53.msi : (Recovery Management - Acer Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [02/04/2013 14:21:42] - C:\WINDOWS\Installer\55cbb.msi : (Hotkey Utility - Acer Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/03/2013 07:20:52] - C:\WINDOWS\Installer\74db4.msi : (Intel(R) Trusted Connect Service Client - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/09/2013 14:26:42] - C:\WINDOWS\Installer\bb7db.msi : (OpenOffice 4.0.1 - OpenOffice) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [22/08/2013 17:36:48] - [75] - C:\WINDOWS\System32\desktop.ini [15/04/2015 18:52:29] - [16303] - C:\WINDOWS\System32\ieuinit.inf [22/10/2016 13:11:13] - [118512] - C:\WINDOWS\System32\netrtwlanu.inf [18/03/2014 12:02:01] - [1824010] - C:\WINDOWS\System32\PerfStringBackup.INI [22/08/2013 08:56:03] - [60124] - C:\WINDOWS\System32\tcpmon.ini [18/03/2014 12:09:50] - [2255] - C:\WINDOWS\System32\WimBootCompress.ini [15/04/2015 18:52:29] - [16303] - C:\WINDOWS\Syswow64\ieuinit.inf [18/03/2014 12:10:09] - [2255] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.BE452D7BF880125D2832F99BFDBFD1AE] - |A| - [22/08/2013 08:57:05] - (.-.) - [6.83 Ko] - (0.0.0.0) - C:\WINDOWS\AppPatch\AppPatch64\pcamain.sdb [MD5.3F668EB300F67E3BFA6ED02B0E04C720] - |A| - [13/04/2016 21:54:34] - (.-.) - [423.33 Ko] - (0.0.0.0) - C:\WINDOWS\AppPatch\AppPatch64\sysmain.sdb [MD5.00000000000000000000000000000000] - |D| - [28/04/2017 18:13:47] - [13144.12 Ko] - C:\WINDOWS\Temp\87798DEA-00CD-268B-E7F6-E6B90E26D0E9 [MD5.00000000000000000000000000000000] - |D| - [28/04/2017 15:08:07] - [0 Ko] - C:\WINDOWS\Temp\avast_ash2 [MD5.7546D2A59835D54C7DCE7FB5796F890E] - |A| - [29/04/2017 00:43:01] - (.-.) - [14.37 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\chrome_installer.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [28/04/2017 18:00:27] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CProgram FilesAVAST SoftwareSZBrowser3.55.2393.596_0SZBrowser_autoupdate.download.lock [MD5.00000000000000000000000000000000] - |D| - [29/04/2017 00:43:01] - [0.04 Ko] - C:\WINDOWS\Temp\Crashpad [MD5.00000000000000000000000000000000] - |D| - [29/04/2017 00:43:00] - [1419.83 Ko] - C:\WINDOWS\Temp\CR_43D88.tmp [MD5.00000000000000000000000000000000] - |D| - [28/04/2017 15:58:10] - [0 Ko] - C:\WINDOWS\Temp\frozen-genpy-27 [MD5.00000000000000000000000000000000] - |D| - [12/10/2016 20:56:08] - [38.06 Ko] - C:\WINDOWS\Temp\SafeZone Installer [MD5.00000000000000000000000000000000] - |D| - [25/10/2015 18:08:57] - [0 Ko] - C:\WINDOWS\Temp\_avast_ [MD5.D085DDC21B91242AFFB616A827AC6560] - |A| - [15/05/2013 12:18:34] - (.-.) - [0.02 Ko] - (0.0.0.0) - C:\WINDOWS\System32\$Acer$.cmd [MD5.00000000000000000000000000000000] - |D| - [18/03/2014 11:26:16] - [0 Ko] - C:\WINDOWS\System32\0409 [MD5.00000000000000000000000000000000] - |D| - [01/11/2013 15:44:35] - [0 Ko] - C:\WINDOWS\System32\040C [MD5.7F07E6A8B3F58D38AF38DADE0C99BE6D] - |A| - [18/04/2017 21:04:11] - (.-.) - [436.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ApnDatabase.xml [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\WINDOWS\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [11/12/2014 11:16:13] - [2463.71 Ko] - C:\WINDOWS\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [529.69 Ko] - C:\WINDOWS\System32\ar-SA [MD5.D170249F0FFD538BC587BC1A75EA4FFA] - |A| - [28/04/2017 14:58:58] - (.Copyright (c) 2014 AVAST Software - Avast start-up scanner.) - [390.57 Ko] - (17.3.3443.0) - C:\WINDOWS\System32\aswBoot.exe [MD5.E57B613A7BBAC557B7F0E5B302C69A2D] - |N| - [08/09/2014 20:35:21] - (.-.) - [10.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\autoconfig.cab [MD5.D638E3AD81E149A75EEF59E9C743E27C] - |A| - [22/08/2013 17:36:38] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AutoWorkplace.exe.config [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [530.09 Ko] - C:\WINDOWS\System32\bg-BG [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [5993.31 Ko] - C:\WINDOWS\System32\Boot [MD5.A5F320FFE96F6939D2FF39360ADA9B5A] - |A| - [11/03/2015 21:38:01] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [94 Ko] - (1.0.0.1) - C:\WINDOWS\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [0.93 Ko] - C:\WINDOWS\System32\Bthprops [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [130483.79 Ko] - C:\WINDOWS\System32\catroot [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [58794.41 Ko] - C:\WINDOWS\System32\catroot2 [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [1614.34 Ko] - C:\WINDOWS\System32\CodeIntegrity [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [362.5 Ko] - C:\WINDOWS\System32\Com [MD5.00000000000000000000000000000000] - |SD| - [13/07/2014 22:22:53] - [1440.19 Ko] - C:\WINDOWS\System32\CompatTel [MD5.A797EED94B22B29D3974CB20B66BE6C6] - |A| - [06/11/2013 18:41:13] - (.2012 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [108 Ko] - (1.0.0.2) - C:\WINDOWS\System32\CONEQMSAPOGUILibrary.dll [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [330121.41 Ko] - C:\WINDOWS\System32\config [MD5.00000000000000000000000000000000] - |SD| - [22/08/2013 17:36:31] - [20.49 Ko] - C:\WINDOWS\System32\Configuration [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [403.51 Ko] - C:\WINDOWS\System32\cs-CZ [MD5.6B527A4E50A48B3F592B63D7A9519919] - |A| - [10/09/2014 07:14:48] - (.-.) - [85.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\custmon64i.dll [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [365.41 Ko] - C:\WINDOWS\System32\da-DK [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [416.73 Ko] - C:\WINDOWS\System32\de-DE [MD5.08750A50CF027F93070C8BB78E27C3B7] - |SH| - [22/08/2013 17:36:48] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\WINDOWS\System32\desktop.ini [MD5.DCF2510E0745720E543E84F5E921FCC0] - |A| - [18/03/2014 12:10:42] - (.-.) - [256.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\dfpinc.dat [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [6173.17 Ko] - C:\WINDOWS\System32\Dism [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [328 Ko] - C:\WINDOWS\System32\downlevel [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [78845.33 Ko] - C:\WINDOWS\System32\drivers [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:31:28] - [1122558.15 Ko] - C:\WINDOWS\System32\DriverStore [MD5.00000000000000000000000000000000] - |SD| - [22/08/2013 17:36:30] - [88.5 Ko] - C:\WINDOWS\System32\dsc [MD5.8B5A737AD11EF45D9B1AEB4ED6884968] - |A| - [06/11/2013 18:41:13] - (.(c) DTS. - DTS Bass Enhancement COM DLL.) - [711.6 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSBassEnhancementDLL64.dll [MD5.21B38D4D86A87909491F690883AE6D1E] - |A| - [06/11/2013 18:41:13] - (.(c) DTS. - DTS Boost COM DLL.) - [1452.1 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSBoostDLL64.dll [MD5.FF31A2F57AAAB58DB78FCC961A58B206] - |A| - [06/11/2013 18:41:13] - (.(c) DTS. - DTS Gain Compensator COM DLL.) - [418.6 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSGainCompensatorDLL64.dll [MD5.BC0474E5476E5EA0D0E1AA5AC41E2061] - |A| - [06/11/2013 18:41:13] - (.(c) DTS. - DTS GFX APO.) - [237.1 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSGFXAPO64.dll [MD5.3B8FB5376F5431C0101747D5138BCB9B] - |A| - [06/11/2013 18:41:13] - (.(c) DTS. - DTS GFX APO.) - [236.1 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSGFXAPONS64.dll [MD5.B3977C8BA77559F4F8752AE8EB724C87] - |A| - [06/11/2013 18:41:13] - (.(c) DTS. - DTS LFX APO.) - [237.1 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSLFXAPO64.dll [MD5.192A03A21636D3775CEE4C049C3BEB2A] - |A| - [06/11/2013 18:41:13] - (.(c) DTS. - DTS Limiter COM DLL.) - [422.6 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSLimiterDLL64.dll [MD5.2EF5442E8E7ED20F7634EEFB09640C8F] - |A| - [06/11/2013 18:41:13] - (.(c) DTS. - DTS NEO:PC COM DLL.) - [479.6 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSNeoPCDLL64.dll [MD5.F7C357462077156DC211AC2112FC8C53] - |A| - [06/11/2013 18:41:13] - (.(c) DTS. - DTS Surround Sensation Headphone COM DLL.) - [1531.6 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSS2HeadphoneDLL64.dll [MD5.F132C08BD8C58579B400DFAA71F34CFB] - |A| - [06/11/2013 18:41:13] - (.(c) DTS. - DTS Surround Sensation Speaker COM DLL.) - [1715.1 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSS2SpeakerDLL64.dll [MD5.9948969B2C1987B1D64789EFEB284A84] - |A| - [06/11/2013 18:41:13] - (.(c) DTS. - DTS Symmetry COM DLL.) - [695.6 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSSymmetryDLL64.dll [MD5.424411366097BB2FCC794584CEF7B431] - |A| - [06/11/2013 18:41:13] - (.(c) DTS. - DTS GFX APO.) - [512.36 Ko] - (2.0.20.0) - C:\WINDOWS\System32\DTSU2PGFX64.dll [MD5.A05662BE44A1506F7D095D9881B1AF28] - |A| - [06/11/2013 18:41:13] - (.(c) DTS. - DTS LFX APO.) - [524.86 Ko] - (2.0.20.0) - C:\WINDOWS\System32\DTSU2PLFX64.dll [MD5.C135973204D45335C61DB4722FFAA5C4] - |A| - [06/11/2013 18:41:13] - (.(c) DTS. - DTS LFX APO.) - [438.86 Ko] - (2.0.20.0) - C:\WINDOWS\System32\DTSU2PREC64.dll [MD5.DE32448E6B40141C80DAABFF6FBE1744] - |A| - [06/11/2013 18:41:13] - (.(c) DTS. - DTS Voice Clarity COM DLL.) - [677.1 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSVoiceClarityDLL64.dll [MD5.EB077D025F89CCAE0A2A2C01E0C18CD6] - |A| - [15/05/2013 12:16:06] - (.-.) - [3.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\e1d63x64.din [MD5.680F04BF80B8E7457F0B17301CB74899] - |A| - [16/09/2014 20:31:58] - (.-.) - [22.57 Ko] - (0.0.0.0) - C:\WINDOWS\System32\emptyregdb.dat [MD5.00000000000000000000000000000000] - |D| - [18/03/2014 11:26:16] - [3 Ko] - C:\WINDOWS\System32\en [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [300.48 Ko] - C:\WINDOWS\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [1255.93 Ko] - C:\WINDOWS\System32\en-US [MD5.BAC5074667751F72A9CE48CDC31BAC48] - |A| - [09/02/2014 19:41:24] - (.Copyright (C) 2007 SEIKO EPSON CORP. - E_GCINST.) - [10.5 Ko] - (1.0.0.6) - C:\WINDOWS\System32\E_GCINST.DLL [MD5.225B67EE62F582B3BEFC5DAF72E8FAA2] - |A| - [09/02/2014 19:32:53] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2009. - ECBTEGB AMD64.) - [86 Ko] - (3.1.0.0) - C:\WINDOWS\System32\E_IBCBHLE.DLL [MD5.8159960E8BA20F1C4A4EBCF0DAEC60E5] - |A| - [09/02/2014 19:41:24] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2010. - ECBTEGB AMD64.) - [82 Ko] - (3.3.0.0) - C:\WINDOWS\System32\E_ID4BHLE.DLL [MD5.9459134133FB09BA956A28AAFAE78186] - |A| - [09/02/2014 19:41:24] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2011. - EPSON Bi-directional Monitor AMD64.) - [117.5 Ko] - (3.3.0.0) - C:\WINDOWS\System32\E_ILMHLE.DLL [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [386.12 Ko] - C:\WINDOWS\System32\fi-FI [MD5.96CBE419F3EA390556D10112A97A1DAF] - |A| - [22/08/2013 16:44:50] - (.-.) - [489.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [18/03/2014 11:26:16] - [1711 Ko] - C:\WINDOWS\System32\fr [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [40346.32 Ko] - C:\WINDOWS\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\WINDOWS\System32\FxsTmp [MD5.55158C8F4CFAB021134137B68BBFD01F] - |A| - [22/08/2013 08:58:31] - (.-.) - [72.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\gatherNetworkInfo.vbs [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\WINDOWS\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\WINDOWS\System32\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [491.52 Ko] - C:\WINDOWS\System32\he-IL [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [335.47 Ko] - C:\WINDOWS\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [412.53 Ko] - C:\WINDOWS\System32\hu-HU [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [5.36 Ko] - C:\WINDOWS\System32\ias [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [36.27 Ko] - C:\WINDOWS\System32\icsxml [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [23310.67 Ko] - C:\WINDOWS\System32\IME [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\WINDOWS\System32\inetsrv [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [4637.5 Ko] - C:\WINDOWS\System32\InputMethod [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\WINDOWS\System32\Ipmi [MD5.6F7D1601DA55BBE5C7A79E01E236D7B9] - |A| - [06/11/2013 18:41:13] - (.© Knowles Electronics. - Knowles HD Audio APO.) - [589.83 Ko] - (4.1105.6000.53) - C:\WINDOWS\System32\KAAPORT64.dll [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [664.2 Ko] - C:\WINDOWS\System32\ko-KR [MD5.FAFA8B2317AABF4EBDC94D74CDB73394] - |A| - [22/08/2013 08:59:51] - (.-.) - [11741.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\korwbrkr.lex [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [86.43 Ko] - C:\WINDOWS\System32\Licenses [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [16069.48 Ko] - C:\WINDOWS\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [346.75 Ko] - C:\WINDOWS\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [349.78 Ko] - C:\WINDOWS\System32\lv-LV [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [29385.97 Ko] - C:\WINDOWS\System32\Macromed [MD5.75616F8DB5C092A8A50AFEC273859DD7] - |A| - [06/11/2013 18:41:13] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [311.34 Ko] - (2.2.9.0) - C:\WINDOWS\System32\MaxxAudioAPO20.dll [MD5.A0EB7F22BAF4332CFB955B3E09A9F033] - |A| - [06/11/2013 18:41:13] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [385.37 Ko] - (3.4.0.0) - C:\WINDOWS\System32\MaxxAudioAPO30.dll [MD5.55F6FB0356C7633C3B06F8FCB3106F3A] - |A| - [06/11/2013 18:41:13] - (.Copyright (C) 2010-2012 - MaxxAudio APO Shell.) - [815.37 Ko] - (4.4.3.0) - C:\WINDOWS\System32\MaxxAudioAPOShell64.dll [MD5.343FF0AC3B26D18E33A9C538A88AEC23] - |A| - [06/11/2013 18:41:13] - (.Copyright © 1996-2012 -.) - [1981.37 Ko] - (4.1.0.0) - C:\WINDOWS\System32\MaxxAudioEQ64.dll [MD5.6381DDC42C0B49EED8B9375FE6224EEF] - |A| - [06/11/2013 18:41:13] - (.- Waves Realtek App.) - [1400.37 Ko] - (4.2.4.0) - C:\WINDOWS\System32\MaxxAudioRealtek264.dll [MD5.9CE3953998D0F0659F1CE9B4AA824AEF] - |A| - [06/11/2013 18:41:13] - (.Copyright © 1996-2012 -.) - [7420.37 Ko] - (4.1.7.0) - C:\WINDOWS\System32\MaxxAudioRealtek64.dll [MD5.8B5090790A44C446EEC4D8313C916562] - |A| - [06/11/2013 18:41:13] - (.© Waves Audio Ltd. - MaxxVolumeSD APO.) - [385.37 Ko] - (3.4.0.0) - C:\WINDOWS\System32\MaxxVolumeSDAPO.dll [MD5.00000000000000000000000000000000] - |SD| - [22/08/2013 16:45:10] - [1127.4 Ko] - C:\WINDOWS\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [4611 Ko] - C:\WINDOWS\System32\migration [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [44102.56 Ko] - C:\WINDOWS\System32\migwiz [MD5.3774B5C0E0BBA8C8EE54DF3606AB815C] - |A| - [22/08/2013 08:53:23] - (.-.) - [1.14 Ko] - (0.0.0.0) - C:\WINDOWS\System32\migwiz.lnk [MD5.00000000000000000000000000000000] - |D| - [11/02/2014 20:20:54] - [4916.51 Ko] - C:\WINDOWS\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [45.5 Ko] - C:\WINDOWS\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [4180.28 Ko] - C:\WINDOWS\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [18.65 Ko] - C:\WINDOWS\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [367.66 Ko] - C:\WINDOWS\System32\nb-NO [MD5.646DF6B69503E76923485ABC9CF2F1C1] - |A| - [22/10/2016 13:11:13] - (.-.) - [9.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\netrtwlanu.cat [MD5.764A1820EC6873AA4E4CC7FD90E0DAA5] - |A| - [22/10/2016 13:11:13] - (.-.) - [115.73 Ko] - (0.0.0.0) - C:\WINDOWS\System32\netrtwlanu.inf [MD5.CD48AD912839B9FB6CCA5D4AA9B37500] - |A| - [22/08/2013 08:58:31] - (.-.) - [21.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [51 Ko] - C:\WINDOWS\System32\networklist [MD5.881F781761F5EBE289E3D221A842DF3F] - |A| - [16/09/2014 20:16:11] - (.-.) - [3270.96 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvcoproc.bin [MD5.8812132F364C4BCE49D54F97AC8D16C3] - |A| - [05/09/2013 02:46:50] - (.-.) - [22.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvinfo.pb [MD5.F746E5DDC489931AD269ECFFA4A39815] - |A| - [22/08/2013 17:36:38] - (.-.) - [8.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OEMDefaultAssociations.xml [MD5.2901049544FDF863362FABA2363EB647] - |A| - [22/08/2013 08:52:33] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\onlinesetup.cmd [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [54066.92 Ko] - C:\WINDOWS\System32\oobe [MD5.EC5B5731C795F2564AB24E63C44E8A5B] - |A| - [22/08/2013 17:39:08] - (.-.) - [132.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc009.dat [MD5.71DB194B3A8756A4D7AA3AD8C3269BA5] - |A| - [18/03/2014 11:26:28] - (.-.) - [155.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc00C.dat [MD5.32BC2E0CC95E2DCEE25B15BFB82D07B8] - |A| - [22/08/2013 17:39:08] - (.-.) - [32.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd009.dat [MD5.AA180E09E4990FF71FBEAC8C4455CF47] - |A| - [18/03/2014 11:26:28] - (.-.) - [39.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd00C.dat [MD5.087C423CB2D753129DDD52F9C3A4D2A6] - |A| - [22/08/2013 17:39:08] - (.-.) - [705.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh009.dat [MD5.CF0D6B79FF46898F61E49FC9580B1B62] - |A| - [18/03/2014 11:26:28] - (.-.) - [792.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh00C.dat [MD5.96B9DF355DD0F2EA5E3EE4897FCDA2E0] - |A| - [18/03/2014 12:02:01] - (.-.) - [1781.26 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [414.94 Ko] - C:\WINDOWS\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [18/03/2014 11:26:16] - [420.42 Ko] - C:\WINDOWS\System32\Printing_Admin_Scripts [MD5.007893E8374C766471239EB291BA8C17] - |A| - [22/08/2013 11:17:09] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [396.25 Ko] - C:\WINDOWS\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [394.39 Ko] - C:\WINDOWS\System32\pt-PT [MD5.11113FA625233DF821518B616C812B7D] - |A| - [06/11/2013 18:41:13] - (.©2012 Dolby Laboratories. - Dolby PCEE4 ASL Analog x64.) - [120.88 Ko] - (7.2.8000.14) - C:\WINDOWS\System32\R4EEA64A.dll [MD5.771C0DF44C272E40372E2A768741A52A] - |A| - [06/11/2013 18:41:13] - (.©2012 Dolby Laboratories. - Dolby PCEE4 COM DLL x64.) - [423.38 Ko] - (7.2.8000.14) - C:\WINDOWS\System32\R4EED64A.dll [MD5.FC6A1827D21BE5EBB92E5EBC2ED78B0A] - |A| - [06/11/2013 18:41:13] - (.©2012 Dolby Laboratories. - Dolby PCEE4 GFX APO x64.) - [72.88 Ko] - (7.2.8000.14) - C:\WINDOWS\System32\R4EEG64A.dll [MD5.1FCB96AA8D6CEB99DE6D36D3965ADFD9] - |A| - [06/11/2013 18:41:13] - (.©2012 Dolby Laboratories. - Dolby PCEE4 LFX APO x64.) - [137.88 Ko] - (7.2.8000.14) - C:\WINDOWS\System32\R4EEL64A.dll [MD5.585DD76786DC05A26BCD2A749E403946] - |A| - [06/11/2013 18:41:13] - (.©2012 Dolby Laboratories. - Dolby PCEE4 Control Panel x64.) - [6995.88 Ko] - (7.2.8000.14) - C:\WINDOWS\System32\R4EEP64A.dll [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [23.75 Ko] - C:\WINDOWS\System32\ras [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\WINDOWS\System32\RasToast [MD5.E9D4A333DF15D06C68AC4BFB9B6581CB] - |A| - [06/11/2013 18:41:14] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DAA64.dll [MD5.B6FE01558CC03F3866C9AD0ED19261D8] - |A| - [06/11/2013 18:41:14] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DHT64.dll [MD5.A6286A6C7A1BBFCBA17AA54384A21D1C] - |A| - [06/11/2013 18:41:14] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [199.34 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEED64A.dll [MD5.6F4CD493196100EEF349D7132CECAFD9] - |A| - [06/11/2013 18:41:14] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [76.84 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEG64A.dll [MD5.ECAEC5FBBBEF8612AF0A866AFA5F7EF2] - |A| - [06/11/2013 18:41:14] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [98.84 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEL64A.dll [MD5.D0D0D82B7366E691275E433CD34F89B2] - |A| - [06/11/2013 18:41:14] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [366.34 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEP64A.dll [MD5.CBEBDDB8BB67DA3AD8C4100B16FAF571] - |A| - [22/10/2016 13:11:13] - (.-.) - [8.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rtlCoInst.dat [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [22/08/2013 12:54:19] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScavengeSpace.xml [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [6.92 Ko] - C:\WINDOWS\System32\SecureBootUpdates [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [22/08/2013 08:55:37] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\settings.dat [MD5.8C3D0C73A0850A0EE62DF9EC36DBDE80] - |A| - [06/11/2013 18:35:05] - (.-.) - [1.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SetupBD.din [MD5.17ABCAD44A75C635583A238ED6333357] - |A| - [06/11/2013 18:41:14] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFAPO.DLL.) - [76.84 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFAPO64.dll [MD5.2C25AF115BDDC05D9A84D26227A08E63] - |A| - [06/11/2013 18:41:14] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFCOM.DLL.) - [79.34 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFCOM64.dll [MD5.7B3E9344FB43D799C6462227A0E65877] - |A| - [06/11/2013 18:41:14] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFNHK.DLL.) - [215.84 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFNHK64.dll [MD5.B7CC32E00C5C5152D221DF182827F58E] - |A| - [18/09/2014 03:31:05] - (.-.) - [49.56 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms.dat [MD5.A88BE9A6C4E646A2B2A1BD3A7F4B58E7] - |A| - [06/11/2013 18:41:14] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [194.23 Ko] - (1.1.0.0) - C:\WINDOWS\System32\SRSHP64.dll [MD5.A028717B791416182959B325D5B40679] - |A| - [06/11/2013 18:41:14] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [206.23 Ko] - (1.1.4.0) - C:\WINDOWS\System32\SRSTSH64.dll [MD5.018D3D2478754AA411DE6DA6DE5F8F21] - |A| - [06/11/2013 18:41:14] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [506.73 Ko] - (3.2.0.0) - C:\WINDOWS\System32\SRSTSX64.dll [MD5.2FCADCC14F8E540F6ADE4BF92BD8AEDD] - |A| - [06/11/2013 18:41:14] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [152.23 Ko] - (1.1.3.0) - C:\WINDOWS\System32\SRSWOW64.dll [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [10064 Ko] - C:\WINDOWS\System32\sru [MD5.B59958CD06C9F89C39281FB12F1BB233] - |A| - [22/08/2013 08:57:09] - (.-.) - [513.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\staticurllist.bin [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [373.81 Ko] - C:\WINDOWS\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [2599.3 Ko] - C:\WINDOWS\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [1074.99 Ko] - C:\WINDOWS\System32\SystemResetPlatform [MD5.FFFCC3C3ED6886A95D3C0E1B49C652BA] - |A| - [18/03/2014 12:09:47] - (.-.) - [136.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\systemsf.ebd [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [22/08/2013 08:56:03] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcpmon.ini [MD5.60CE51972E0A06217C52202F7208EB9A] - |A| - [22/08/2013 12:18:00] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TelemetrySampleManifest.xml [MD5.82A5E8D1778F456C60B111936310583F] - |A| - [06/11/2013 18:41:14] - (.Copyright © 1996-2012 - General Library for Plug-Ins.) - [2031.37 Ko] - (4.1.1.0) - C:\WINDOWS\System32\WavesGUILib64.dll [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [78980.88 Ko] - C:\WINDOWS\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [18/03/2014 11:26:16] - [0 Ko] - C:\WINDOWS\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [128903.88 Ko] - C:\WINDOWS\System32\wdi [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [22/08/2013 10:29:44] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [128 Ko] - C:\WINDOWS\System32\wfp [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [0 Ko] - C:\WINDOWS\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [46 Ko] - C:\WINDOWS\System32\WinBioPlugIns [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [14.53 Ko] - C:\WINDOWS\System32\WindowsInternal.Inbox.Media.Shared [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [27.59 Ko] - C:\WINDOWS\System32\WindowsInternal.Inbox.Shared [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [7359.34 Ko] - C:\WINDOWS\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [179764 Ko] - C:\WINDOWS\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [1928.5 Ko] - C:\WINDOWS\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [18/03/2014 11:26:17] - [107.53 Ko] - C:\WINDOWS\System32\winrm [MD5.F1DF7849450DBC5D5C3A464E8A791C8C] - |A| - [22/08/2013 08:57:09] - (.-.) - [1485.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WpcNBModel.bin [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [390.47 Ko] - C:\WINDOWS\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [407.15 Ko] - C:\WINDOWS\System32\zh-HK [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [406.5 Ko] - C:\WINDOWS\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [18/03/2014 11:26:18] - [0 Ko] - C:\WINDOWS\SysWOW64\0409 [MD5.00000000000000000000000000000000] - |D| - [01/11/2013 15:44:36] - [0 Ko] - C:\WINDOWS\SysWOW64\040C [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [25/04/2017 22:10:12] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\11 [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [25/04/2017 22:10:35] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\33 [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [2228.5 Ko] - C:\WINDOWS\SysWOW64\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\WINDOWS\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [513.69 Ko] - C:\WINDOWS\SysWOW64\ar-SA [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [511.09 Ko] - C:\WINDOWS\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0.93 Ko] - C:\WINDOWS\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [316 Ko] - C:\WINDOWS\SysWOW64\Com [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [18186.79 Ko] - C:\WINDOWS\SysWOW64\config [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [385.01 Ko] - C:\WINDOWS\SysWOW64\cs-CZ [MD5.9A4FA0EDEF2BF5743EE4EE78883BD1D0] - |A| - [06/11/2013 18:31:41] - (.Copyright 2011 - CSVer.) - [52 Ko] - (9.4.0.1017) - C:\WINDOWS\SysWOW64\CSVer.dll [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [347.91 Ko] - C:\WINDOWS\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [396.73 Ko] - C:\WINDOWS\SysWOW64\de-DE [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [4739.17 Ko] - C:\WINDOWS\SysWOW64\Dism [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [327.5 Ko] - C:\WINDOWS\SysWOW64\downlevel [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [3415.28 Ko] - C:\WINDOWS\SysWOW64\drivers [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\WINDOWS\SysWOW64\DriverStore [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [614.08 Ko] - C:\WINDOWS\SysWOW64\el-GR [MD5.00000000000000000000000000000000] - |D| - [18/03/2014 11:26:18] - [0 Ko] - C:\WINDOWS\SysWOW64\en [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [282.98 Ko] - C:\WINDOWS\SysWOW64\en-GB [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [1016.43 Ko] - C:\WINDOWS\SysWOW64\en-US [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [376.81 Ko] - C:\WINDOWS\SysWOW64\es-ES [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [288.41 Ko] - C:\WINDOWS\SysWOW64\et-EE [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [367.62 Ko] - C:\WINDOWS\SysWOW64\fi-FI [MD5.00B63254CADD65A267437C699A1FBA95] - |A| - [16/06/2015 17:31:08] - (.- Microsoft® Forms DLL.) - [1218.66 Ko] - (15.0.4737.1000) - C:\WINDOWS\SysWOW64\FM20.DLL [MD5.2E3D0E3185C825AFE912F19FFE5B1CDD] - |A| - [01/10/2012 21:34:38] - (.- Microsoft® Forms International DLL.) - [31.14 Ko] - (15.0.4420.1017) - C:\WINDOWS\SysWOW64\FM20ENU.DLL [MD5.E842C2B72160676402D6672603A65ED1] - |A| - [17/06/2015 07:32:42] - (.- Microsoft® Forms International DLL.) - [35.14 Ko] - (15.0.4442.1000) - C:\WINDOWS\SysWOW64\FM20FRA.DLL [MD5.00000000000000000000000000000000] - |D| - [18/03/2014 11:26:18] - [1686 Ko] - C:\WINDOWS\SysWOW64\fr [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [35172.13 Ko] - C:\WINDOWS\SysWOW64\fr-FR [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\WINDOWS\SysWOW64\FxsTmp [MD5.DE75FDCFD8E9752DA96CC652D2B4F97F] - |A| - [21/02/2016 00:40:20] - (.-.) - [31.52 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\generic_uninstaller.log [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [476.02 Ko] - C:\WINDOWS\SysWOW64\he-IL [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [317.47 Ko] - C:\WINDOWS\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [393.03 Ko] - C:\WINDOWS\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [36.27 Ko] - C:\WINDOWS\SysWOW64\icsxml [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [18874.17 Ko] - C:\WINDOWS\SysWOW64\IME [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\WINDOWS\SysWOW64\inetsrv [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [184 Ko] - C:\WINDOWS\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [1160 Ko] - C:\WINDOWS\SysWOW64\InstallShield [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\WINDOWS\SysWOW64\Ipmi [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [391.7 Ko] - C:\WINDOWS\SysWOW64\it-IT [MD5.89D5D4D2D2D44D0244571F9050CDC813] - |A| - [13/02/2013 13:27:54] - (.-.) - [1.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\IusEventLog.dll [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [547.29 Ko] - C:\WINDOWS\SysWOW64\ja-JP [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [652.7 Ko] - C:\WINDOWS\SysWOW64\ko-KR [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [29/04/2017 10:07:17] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\last.dump [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [86.43 Ko] - C:\WINDOWS\SysWOW64\Licenses [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\WINDOWS\SysWOW64\LogFiles [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [328.75 Ko] - C:\WINDOWS\SysWOW64\lt-LT [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [331.78 Ko] - C:\WINDOWS\SysWOW64\lv-LV [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [23948.4 Ko] - C:\WINDOWS\SysWOW64\Macromed [MD5.00000000000000000000000000000000] - |SD| - [05/05/2016 20:39:16] - [0 Ko] - C:\WINDOWS\SysWOW64\Microsoft [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [3031 Ko] - C:\WINDOWS\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [789 Ko] - C:\WINDOWS\SysWOW64\migwiz [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [45.5 Ko] - C:\WINDOWS\SysWOW64\MSDRM [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [52.28 Ko] - C:\WINDOWS\SysWOW64\MsDtc [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [18.65 Ko] - C:\WINDOWS\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [350.66 Ko] - C:\WINDOWS\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\WINDOWS\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [51 Ko] - C:\WINDOWS\SysWOW64\networklist [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [374.83 Ko] - C:\WINDOWS\SysWOW64\nl-NL ---------- | Shell Folders [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "!Do not use this registry key"=Use the SHGetFolderPath or SHGetKnownFolderPath function instead "AppData"=C:\Users\Odilia\AppData\Roaming [16/09/2014 20:21:17] "Local AppData"=C:\Users\Odilia\AppData\Local [16/09/2014 20:21:17] "My Video"=C:\Users\Odilia\Videos [09/02/2014 13:48:57] "{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"=C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Libraries [09/02/2014 13:49:49] "My Pictures"=C:\Users\Odilia\Pictures [09/02/2014 13:48:57] "Desktop"=C:\Users\Odilia\Desktop [16/09/2014 20:21:17] "History"=C:\Users\Odilia\AppData\Local\Microsoft\Windows\History [09/02/2014 13:48:57] "NetHood"=C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Network Shortcuts "{56784854-C6CB-462B-8169-88E350ACB882}"=C:\Users\Odilia\Contacts [09/02/2014 13:49:49] "{00BCFC5A-ED94-4E48-96A1-3F6217F21990}"=C:\Users\Odilia\AppData\Local\Microsoft\Windows\RoamingTiles [09/02/2014 13:49:49] "Cookies"=C:\Users\Odilia\AppData\Local\Microsoft\Windows\INetCookies [09/02/2014 13:48:57] "Favorites"=C:\Users\Odilia\Favorites [16/09/2014 20:21:17] "SendTo"=C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\SendTo [16/09/2014 20:21:17] "Start Menu"=C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Start Menu [16/09/2014 20:21:17] "My Music"=C:\Users\Odilia\Music [09/02/2014 13:48:57] "Programs"=C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [16/09/2014 20:21:17] "Recent"=C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Recent [09/02/2014 13:48:57] "CD Burning"=C:\Users\Odilia\AppData\Local\Microsoft\Windows\Burn\Burn [16/09/2014 21:08:30] "PrintHood"=C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Printer Shortcuts "{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"=C:\Users\Odilia\Searches [09/02/2014 13:49:50] "{374DE290-123F-4565-9164-39C4925E467B}"=C:\Users\Odilia\Downloads [09/02/2014 13:48:57] "{A520A1A4-1780-4FF6-BD18-167343C5AF16}"=C:\Users\Odilia\AppData\LocalLow [09/02/2014 13:48:57] "Startup"=C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [09/02/2014 13:49:50] "Administrative Tools"=C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [09/02/2014 13:49:50] "Personal"=C:\Users\Odilia\Documents [16/09/2014 20:21:17] "{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"=C:\Users\Odilia\Links [09/02/2014 13:48:57] "Cache"=C:\Users\Odilia\AppData\Local\Microsoft\Windows\INetCache [16/09/2014 20:21:17] "Templates"=C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Templates "{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"=C:\Users\Odilia\Saved Games [09/02/2014 13:48:57] "Fonts"=C:\WINDOWS\Fonts [22/08/2013 15:36:15] [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Desktop"=%USERPROFILE%\Desktop "Local AppData"=%USERPROFILE%\AppData\Local "Startup"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup "Cookies"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCookies "SendTo"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo "Personal"=%USERPROFILE%\Documents "Recent"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent "Favorites"=%USERPROFILE%\Favorites "My Pictures"=%USERPROFILE%\Pictures "Start Menu"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu "NetHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts "My Music"=%USERPROFILE%\Music "My Video"=%USERPROFILE%\Videos "Cache"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCache "Programs"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs "History"=%USERPROFILE%\AppData\Local\Microsoft\Windows\History "{374DE290-123F-4565-9164-39C4925E467B}"=%USERPROFILE%\Downloads "Templates"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates "AppData"=%USERPROFILE%\AppData\Roaming "PrintHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts "{339719B5-8C47-4894-94C2-D8F77ADD44A6}"=%USERPROFILE%\OneDrive\Images "{767E6811-49CB-4273-87C2-20F355E1085B}"=%USERPROFILE%\OneDrive\Images\Pellicule [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "OEM Links"=C:\ProgramData\OEM\Links "CommonVideo"=C:\Users\Public\Videos [22/08/2013 17:36:30] "Common Documents"=C:\Users\Public\Documents [22/08/2013 17:36:30] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [22/08/2013 17:36:30] "Common AppData"=C:\ProgramData [22/08/2013 15:36:15] "CommonPictures"=C:\Users\Public\Pictures [22/08/2013 17:36:30] "Common Desktop"=C:\Users\Public\Desktop [22/08/2013 17:36:30] "CommonMusic"=C:\Users\Public\Music [22/08/2013 17:36:30] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [22/08/2013 17:36:30] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [22/08/2013 17:36:30] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [26/07/2012 10:12:59] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [22/08/2013 17:36:30] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads "Common Documents"=%PUBLIC%\Documents "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common AppData"=%ProgramData% "CommonPictures"=%PUBLIC%\Pictures "Common Desktop"=%PUBLIC%\Desktop "CommonMusic"=%PUBLIC%\Music "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Templates"=%ProgramData%\Microsoft\Windows\Templates [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "OEM Links"=C:\ProgramData\OEM\Links "CommonVideo"=C:\Users\Public\Videos [22/08/2013 17:36:30] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [22/08/2013 17:36:30] "Common Documents"=C:\Users\Public\Documents [22/08/2013 17:36:30] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [22/08/2013 17:36:30] "Common AppData"=C:\ProgramData [22/08/2013 15:36:15] "CommonPictures"=C:\Users\Public\Pictures [22/08/2013 17:36:30] "Common Desktop"=C:\Users\Public\Desktop [22/08/2013 17:36:30] "CommonMusic"=C:\Users\Public\Music [22/08/2013 17:36:30] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [22/08/2013 17:36:30] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [22/08/2013 17:36:30] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [26/07/2012 10:12:59] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads "Common Documents"=%PUBLIC%\Documents "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common AppData"=%ProgramData% "CommonPictures"=%PUBLIC%\Pictures "Common Desktop"=%PUBLIC%\Desktop "CommonMusic"=%PUBLIC%\Music "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Templates"=%ProgramData%\Microsoft\Windows\Templates ---------- | [Odilia] [16/09/2014 20:21:17] - |D| - [40176090233] - C:\Users\Odilia\AppData\Local [09/02/2014 13:48:57] - |D| - [14959620] - C:\Users\Odilia\AppData\LocalLow [16/09/2014 20:21:17] - |D| - [167648519] - C:\Users\Odilia\AppData\Roaming [19/04/2017 22:35:41] - |D| - [0] - C:\Users\Odilia\AppData\Local\3DM [09/03/2014 17:58:48] - |D| - [12227] - C:\Users\Odilia\AppData\Local\Acer [09/03/2014 18:03:44] - |D| - [73386568] - C:\Users\Odilia\AppData\Local\AcerCloud [13/07/2014 22:29:35] - |D| - [1579882] - C:\Users\Odilia\AppData\Local\AOP SDK [16/09/2014 20:21:18] - |SHD| - [36681119305] - C:\Users\Odilia\AppData\Local\Application Data [09/02/2014 20:08:19] - |D| - [3583590] - C:\Users\Odilia\AppData\Local\Apps [12/10/2016 20:58:40] - |D| - [0] - C:\Users\Odilia\AppData\Local\CEF [09/02/2014 19:35:35] - |D| - [303944152] - C:\Users\Odilia\AppData\Local\clear.fi [09/03/2014 18:00:48] - |D| - [74853483] - C:\Users\Odilia\AppData\Local\ClearfiMedia [09/03/2014 17:58:21] - |D| - [77324117] - C:\Users\Odilia\AppData\Local\ClearfiPhoto [12/02/2014 20:57:05] - |D| - [7208108] - C:\Users\Odilia\AppData\Local\CrashDumps [10/02/2015 23:02:23] - |D| - [102400] - C:\Users\Odilia\AppData\Local\Cyberlink [08/10/2016 15:28:07] - |A| - [3584] - C:\Users\Odilia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [25/10/2015 17:48:21] - |D| - [1586230] - C:\Users\Odilia\AppData\Local\Diagnostics [09/03/2014 18:01:54] - |D| - [28389156] - C:\Users\Odilia\AppData\Local\Doc [25/10/2015 17:58:17] - |D| - [0] - C:\Users\Odilia\AppData\Local\ElevatedDiagnostics [08/01/2015 23:11:34] - |SHD| - [0] - C:\Users\Odilia\AppData\Local\EmieBrowserModeList [16/10/2014 20:48:05] - |SHD| - [0] - C:\Users\Odilia\AppData\Local\EmieSiteList [16/10/2014 20:48:05] - |SHD| - [0] - C:\Users\Odilia\AppData\Local\EmieUserList [19/04/2017 22:41:07] - |D| - [20438945] - C:\Users\Odilia\AppData\Local\Firefox [09/02/2014 20:08:33] - |D| - [1077841592] - C:\Users\Odilia\AppData\Local\Google [05/06/2015 17:43:22] - |D| - [2863] - C:\Users\Odilia\AppData\Local\GWX [16/09/2014 20:21:18] - |SHD| - [130] - C:\Users\Odilia\AppData\Local\Historique [16/09/2014 21:58:49] - |AH| - [135639] - C:\Users\Odilia\AppData\Local\IconCache.db [17/07/2014 06:51:50] - |D| - [109923] - C:\Users\Odilia\AppData\Local\iGware [16/09/2014 20:21:17] - |D| - [927183510] - C:\Users\Odilia\AppData\Local\Microsoft [12/01/2017 18:22:53] - |D| - [153204] - C:\Users\Odilia\AppData\Local\Microsoft Help [13/04/2017 21:44:23] - |D| - [9228] - C:\Users\Odilia\AppData\Local\Microsoft_Corporation [02/01/2016 01:29:28] - |D| - [2665] - C:\Users\Odilia\AppData\Local\Mozilla [09/02/2014 13:49:06] - |D| - [229866564] - C:\Users\Odilia\AppData\Local\Packages [09/02/2014 14:20:43] - |D| - [0] - C:\Users\Odilia\AppData\Local\Programs [16/09/2014 20:21:17] - |D| - [1181249] - C:\Users\Odilia\AppData\Local\Temp [16/09/2014 20:21:18] - |SHD| - [666087205] - C:\Users\Odilia\AppData\Local\Temporary Internet Files [09/02/2014 13:49:11] - |D| - [1610] - C:\Users\Odilia\AppData\Local\VirtualStore [28/04/2017 12:41:22] - |D| - [556558] - C:\Users\Odilia\AppData\LocalLow\Eek! Games [08/01/2015 23:11:33] - |SHD| - [0] - C:\Users\Odilia\AppData\LocalLow\EmieBrowserModeList [24/09/2014 21:10:02] - |SHD| - [0] - C:\Users\Odilia\AppData\LocalLow\EmieSiteList [16/10/2014 20:48:15] - |SHD| - [0] - C:\Users\Odilia\AppData\LocalLow\EmieUserList [09/02/2014 13:49:09] - |SD| - [14387432] - C:\Users\Odilia\AppData\LocalLow\Microsoft [19/04/2017 22:41:31] - |D| - [0] - C:\Users\Odilia\AppData\LocalLow\Mozilla [07/10/2016 23:49:25] - |D| - [15630] - C:\Users\Odilia\AppData\LocalLow\Sun [22/05/2014 19:44:26] - |D| - [0] - C:\Users\Odilia\AppData\LocalLow\Temp [09/02/2014 13:50:14] - |D| - [0] - C:\Users\Odilia\AppData\Roaming\AcerRemote [09/02/2014 13:49:45] - |D| - [0] - C:\Users\Odilia\AppData\Roaming\Adobe [11/02/2014 21:12:00] - |D| - [106264] - C:\Users\Odilia\AppData\Roaming\amazon [09/02/2014 19:47:49] - |D| - [17654977] - C:\Users\Odilia\AppData\Roaming\Anuman Interactive [25/10/2015 18:19:33] - |D| - [36519637] - C:\Users\Odilia\AppData\Roaming\AVAST Software [14/03/2016 22:28:56] - |D| - [17592179] - C:\Users\Odilia\AppData\Roaming\BSplayer [14/03/2016 22:28:56] - |D| - [6292] - C:\Users\Odilia\AppData\Roaming\BSplayer Pro [09/03/2014 17:50:23] - |D| - [0] - C:\Users\Odilia\AppData\Roaming\EPSON [19/04/2017 22:41:05] - |D| - [12829340] - C:\Users\Odilia\AppData\Roaming\Firefox [16/09/2014 21:07:28] - |D| - [0] - C:\Users\Odilia\AppData\Roaming\Identities [09/02/2014 13:49:46] - |D| - [2831] - C:\Users\Odilia\AppData\Roaming\Macromedia [16/09/2014 20:21:17] - |SD| - [48170098] - C:\Users\Odilia\AppData\Roaming\Microsoft [02/01/2016 01:29:28] - |D| - [13409628] - C:\Users\Odilia\AppData\Roaming\Mozilla [11/03/2017 12:29:39] - |D| - [0] - C:\Users\Odilia\AppData\Roaming\Nico Mak Computing [17/02/2014 21:17:14] - |D| - [1028] - C:\Users\Odilia\AppData\Roaming\NVIDIA [09/02/2014 14:34:24] - |D| - [13161910] - C:\Users\Odilia\AppData\Roaming\OpenOffice [07/10/2016 23:49:25] - |D| - [0] - C:\Users\Odilia\AppData\Roaming\Sun [09/02/2014 14:21:20] - |A| - [169] - C:\Users\Odilia\AppData\Roaming\WB.CFG [17/02/2014 21:16:17] - |D| - [8194166] - C:\Users\Odilia\AppData\Roaming\WildTangent [09/02/2014 13:49:49] - |ASH| - [174] - C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [16/09/2014 20:21:18] - |SHD| - [15730] - C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [16/09/2014 20:21:17] - |RD| - [15730] - C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [16/09/2014 20:21:17] - |RD| - [4456] - C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [16/09/2014 20:21:17] - |RD| - [1486] - C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [09/02/2014 13:49:50] - |RD| - [174] - C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [09/02/2014 13:50:24] - |A| - [0] - C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [16/09/2014 20:21:18] - |ASH| - [564] - C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [16/09/2014 20:21:18] - |A| - [369] - C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk [29/03/2014 20:49:21] - |D| - [0] - C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [16/09/2014 21:07:31] - |A| - [1466] - C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [16/09/2014 20:21:17] - |D| - [170] - C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [16/09/2014 20:21:18] - |A| - [369] - C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk [31/01/2015 20:53:48] - |A| - [170] - C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url [09/02/2014 13:49:50] - |RD| - [174] - C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [16/09/2014 20:21:17] - |RD| - [6332] - C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [09/02/2014 13:49:50] - |ASH| - [174] - C:\Users\Odilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] ---------- | C:\ProgramData [15/05/2013 11:41:22] - |D| - [165103] - C:\ProgramData\Acer [28/04/2017 12:48:47] - |D| - [144923] - C:\ProgramData\Apple [22/08/2013 16:45:52] - |SHD| - [35210125317] - C:\ProgramData\Application Data [25/10/2015 17:56:16] - |D| - [174268281] - C:\ProgramData\AVAST Software [17/02/2014 21:17:16] - |D| - [757] - C:\ProgramData\BlueStacks [13/04/2014 19:34:30] - |D| - [42064] - C:\ProgramData\boost_interprocess [09/02/2014 13:30:28] - |SHD| - [8429] - C:\ProgramData\Bureau [09/03/2014 17:58:51] - |D| - [125993] - C:\ProgramData\clear.fi [06/11/2013 18:55:31] - |D| - [258] - C:\ProgramData\CLSK [06/11/2013 18:57:37] - |D| - [25964] - C:\ProgramData\CyberLink [22/08/2013 16:45:52] - |SHD| - [8429] - C:\ProgramData\Desktop [22/08/2013 16:45:52] - |SHD| - [5239472] - C:\ProgramData\Documents [16/09/2014 20:15:09] - |D| - [9277548] - C:\ProgramData\EPSON [06/11/2013 18:54:31] - |D| - [158155] - C:\ProgramData\install_clap [06/11/2013 18:39:51] - |D| - [146850] - C:\ProgramData\Intel [17/05/2014 15:15:42] - |D| - [18366379] - C:\ProgramData\Intel(R) Update Manager [22/11/2015 17:16:01] - |D| - [712813064] - C:\ProgramData\Malwarebytes [15/05/2013 11:39:55] - |D| - [120239] - C:\ProgramData\McAfee [09/02/2014 13:30:28] - |SHD| - [407510] - C:\ProgramData\Menu Démarrer [22/08/2013 15:36:15] - |SD| - [946603876] - C:\ProgramData\Microsoft [12/01/2017 18:22:53] - |D| - [15740] - C:\ProgramData\Microsoft Help [09/02/2014 13:30:28] - |SHD| - [31386] - C:\ProgramData\Modèles [15/05/2013 11:41:42] - |D| - [785459] - C:\ProgramData\Nero [11/03/2017 12:29:33] - |D| - [0] - C:\ProgramData\Nico Mak Computing [06/11/2013 18:51:15] - |D| - [157] - C:\ProgramData\Norton [06/11/2013 18:51:14] - |D| - [1899015] - C:\ProgramData\NortonInstaller [16/09/2014 20:16:25] - |D| - [2383889] - C:\ProgramData\NVIDIA [16/09/2014 20:15:45] - |D| - [2292803] - C:\ProgramData\NVIDIA Corporation [06/11/2013 18:49:02] - |D| - [5452776] - C:\ProgramData\OEM [09/02/2014 13:50:06] - |D| - [28] - C:\ProgramData\OEM_YAHOO [07/10/2016 23:48:53] - |D| - [72300631] - C:\ProgramData\Oracle [15/05/2013 11:27:13] - |D| - [40160] - C:\ProgramData\PRICache [22/08/2013 17:36:30] - |D| - [2053] - C:\ProgramData\regid.1991-06.com.microsoft [22/08/2013 16:45:52] - |SHD| - [407510] - C:\ProgramData\Start Menu [29/04/2017 00:41:32] - |D| - [0] - C:\ProgramData\SWCUTemp [15/05/2013 11:42:33] - |D| - [0] - C:\ProgramData\Temp [22/08/2013 16:45:52] - |SHD| - [31386] - C:\ProgramData\Templates [22/10/2016 13:10:14] - |D| - [2751] - C:\ProgramData\TP-LINK [15/05/2013 11:38:44] - |D| - [1134151507] - C:\ProgramData\WildTangent [19/01/2017 01:33:55] - |HDC| - [2100] - C:\ProgramData\{561E632C-2E90-49A7-9BB4-C60CD9A1296D} [19/01/2017 18:48:25] - |HDC| - [2168] - C:\ProgramData\{6AF02328-8852-49AE-B336-4F3E8FA6AD2B} ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [14/03/2016 22:29:54] - |A| - [1152] - C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk [22/08/2013 17:36:33] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [09/02/2014 13:30:28] - |SHD| - [203092] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [22/08/2013 17:36:30] - |RD| - [203092] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [22/08/2013 17:36:30] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [22/08/2013 17:36:30] - |RD| - [16870] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [15/05/2013 11:41:17] - |D| - [7630] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer [22/08/2013 17:36:30] - |RD| - [25660] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [09/02/2014 19:46:49] - |D| - [4730] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anuman Interactive [12/10/2016 20:56:16] - |A| - [1063] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk [27/09/2016 21:09:24] - |D| - [1960] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software [14/03/2016 22:29:54] - |D| - [3272] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player [22/08/2013 08:57:22] - |RAS| - [2131] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk [15/05/2013 11:43:47] - |RD| - [4438] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5 [22/08/2013 17:36:33] - |ASH| - [1390] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [22/08/2013 08:57:05] - |RAS| - [853] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk [16/09/2014 20:15:09] - |D| - [5430] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [18/03/2014 12:10:18] - |RAS| - [2440] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk [15/05/2013 11:38:47] - |RD| - [2720] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [14/02/2014 21:10:28] - |A| - [2217] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [22/08/2013 08:54:10] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [06/11/2013 18:38:28] - |RD| - [4719] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [07/10/2016 23:49:13] - |D| - [6727] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [22/08/2013 17:36:30] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [22/11/2015 17:16:03] - |D| - [5075] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [17/01/2017 18:02:13] - |RD| - [56290] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 [28/04/2017 12:49:34] - |A| - [2020] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [15/05/2013 11:41:48] - |D| - [9443] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [11/02/2014 21:32:44] - |SD| - [7280] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 [10/09/2014 07:14:49] - |D| - [1526] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Creator [22/08/2013 08:57:08] - |RAS| - [2365] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk [22/08/2013 08:45:50] - |RAS| - [1588] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk [06/11/2013 18:43:35] - |A| - [1939] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk [22/08/2013 17:36:30] - |RD| - [2115] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [22/08/2013 17:36:30] - |RD| - [6359] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [22/10/2016 13:11:17] - |D| - [2461] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK [15/05/2013 11:38:47] - |A| - [2510] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk [16/09/2014 20:23:50] - |A| - [1547] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [22/08/2013 08:48:43] - |RAS| - [2191] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [06/11/2013 18:50:18] - |A| - [1941] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Remote.lnk [22/08/2013 17:36:33] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [15/05/2013 11:41:17] - |D| - [150612312] - C:\Program Files (x86)\Acer [06/11/2013 18:50:18] - |D| - [10369336] - C:\Program Files (x86)\Acer Remote [06/11/2013 18:37:28] - |D| - [0] - C:\Program Files (x86)\AGEIA Technologies [09/02/2014 19:46:02] - |D| - [145378676] - C:\Program Files (x86)\Anuman Interactive [22/08/2013 15:36:15] - |D| - [484059013] - C:\Program Files (x86)\Common Files [15/05/2013 11:43:13] - |D| - [167214407] - C:\Program Files (x86)\CyberLink [22/08/2013 17:36:33] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [09/02/2014 19:41:01] - |D| - [8266659] - C:\Program Files (x86)\epson [09/02/2014 20:08:35] - |D| - [409981322] - C:\Program Files (x86)\Google [10/09/2014 07:14:49] - |D| - [8075602] - C:\Program Files (x86)\GPLGS [15/05/2013 11:43:46] - |HD| - [32898900] - C:\Program Files (x86)\InstallShield Installation Information [06/11/2013 18:31:41] - |D| - [84407335] - C:\Program Files (x86)\Intel [22/08/2013 17:36:30] - |D| - [6876879] - C:\Program Files (x86)\Internet Explorer [07/10/2016 23:48:48] - |D| - [330248505] - C:\Program Files (x86)\Java [22/11/2015 17:16:01] - |D| - [58591182] - C:\Program Files (x86)\Malwarebytes Anti-Malware [17/01/2017 18:00:20] - |D| - [103148255] - C:\Program Files (x86)\Microsoft Analysis Services [17/01/2017 17:59:47] - |D| - [1324327269] - C:\Program Files (x86)\Microsoft Office [17/01/2017 18:01:10] - |D| - [30160] - C:\Program Files (x86)\Microsoft SQL Server [22/08/2013 17:36:30] - |D| - [8855615] - C:\Program Files (x86)\Microsoft.NET [23/01/2017 21:52:44] - |D| - [43424] - C:\Program Files (x86)\Mozilla Firefox [16/09/2014 20:57:21] - |D| - [25757] - C:\Program Files (x86)\MSBuild [15/05/2013 11:41:41] - |D| - [158188250] - C:\Program Files (x86)\Nero [16/09/2014 20:15:39] - |D| - [106049855] - C:\Program Files (x86)\NVIDIA Corporation [09/02/2014 13:50:21] - |D| - [367637] - C:\Program Files (x86)\OEM [11/02/2014 21:32:15] - |D| - [332334809] - C:\Program Files (x86)\OpenOffice 4 [10/09/2014 07:14:46] - |D| - [12378426] - C:\Program Files (x86)\PDF Creator [06/11/2013 18:33:28] - |D| - [18277916] - C:\Program Files (x86)\Realtek [16/09/2014 20:57:21] - |D| - [38446337] - C:\Program Files (x86)\Reference Assemblies [06/11/2013 18:43:35] - |D| - [44670383] - C:\Program Files (x86)\Spotify [06/11/2013 18:41:12] - |HD| - [0] - C:\Program Files (x86)\Temp [14/03/2016 22:28:56] - |D| - [16372966] - C:\Program Files (x86)\Webteh [15/05/2013 11:38:50] - |D| - [406014909] - C:\Program Files (x86)\WildGames [15/05/2013 11:38:45] - |D| - [38574334] - C:\Program Files (x86)\WildTangent Games [22/08/2013 17:36:30] - |D| - [1712408] - C:\Program Files (x86)\Windows Defender [22/08/2013 17:36:30] - |D| - [6017536] - C:\Program Files (x86)\Windows Mail [22/08/2013 17:36:30] - |D| - [3326490] - C:\Program Files (x86)\Windows Media Player [22/08/2013 17:36:30] - |D| - [230912] - C:\Program Files (x86)\Windows Multimedia Platform [22/08/2013 17:36:30] - |D| - [7590970] - C:\Program Files (x86)\Windows NT [22/08/2013 17:36:30] - |D| - [5502096] - C:\Program Files (x86)\Windows Photo Viewer [22/08/2013 17:36:30] - |D| - [230912] - C:\Program Files (x86)\Windows Portable Devices [22/08/2013 17:36:30] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [22/08/2013 17:36:30] - |D| - [0] - C:\Program Files (x86)\WindowsPowerShell ---------- | C:\Program Files [09/02/2014 13:50:09] - |D| - [151978] - C:\Program Files\Accessory Store [06/11/2013 18:49:02] - |D| - [23306919] - C:\Program Files\Acer [25/10/2015 17:59:22] - |D| - [1565316581] - C:\Program Files\AVAST Software [22/08/2013 15:36:15] - |D| - [133230237] - C:\Program Files\Common Files [22/08/2013 17:36:45] - |ASH| - [174] - C:\Program Files\desktop.ini [09/02/2014 13:30:28] - |SHD| - [133230237] - C:\Program Files\Fichiers communs [06/11/2013 18:35:06] - |D| - [30639682] - C:\Program Files\Intel [22/08/2013 17:36:31] - |D| - [26336936] - C:\Program Files\Internet Explorer [15/05/2013 11:39:57] - |D| - [798553] - C:\Program Files\mcafee [17/01/2017 17:59:10] - |D| - [21733131] - C:\Program Files\Microsoft Office [16/09/2014 20:57:19] - |D| - [25757] - C:\Program Files\MSBuild [16/09/2014 20:15:39] - |D| - [874497867] - C:\Program Files\NVIDIA Corporation [10/09/2014 07:14:46] - |D| - [235228] - C:\Program Files\PDFCreator [16/09/2014 20:15:21] - |D| - [34790873] - C:\Program Files\Realtek [16/09/2014 20:57:19] - |D| - [36846761] - C:\Program Files\Reference Assemblies [26/07/2012 09:22:18] - |HD| - [0] - C:\Program Files\Uninstall Information [22/08/2013 17:36:31] - |D| - [14361858] - C:\Program Files\Windows Defender [22/08/2013 17:36:31] - |D| - [6376448] - C:\Program Files\Windows Mail [22/08/2013 17:36:31] - |D| - [5386302] - C:\Program Files\Windows Media Player [22/08/2013 17:36:31] - |D| - [286208] - C:\Program Files\Windows Multimedia Platform [22/08/2013 17:36:31] - |D| - [7943226] - C:\Program Files\Windows NT [22/08/2013 17:36:31] - |D| - [6433424] - C:\Program Files\Windows Photo Viewer [22/08/2013 17:36:31] - |D| - [286208] - C:\Program Files\Windows Portable Devices [22/08/2013 17:36:31] - |SHD| - [0] - C:\Program Files\Windows Sidebar [22/08/2013 17:36:31] - |HD| - [2147363951] - C:\Program Files\WindowsApps [22/08/2013 17:36:31] - |D| - [0] - C:\Program Files\WindowsPowerShell ---------- | C:\Program Files (x86)\Common Files [03/12/2015 21:18:45] - |D| - [960151] - C:\Program Files (x86)\Common Files\AV [23/01/2017 21:52:36] - |D| - [13976] - C:\Program Files (x86)\Common Files\DESIGNER [06/11/2013 18:41:11] - |D| - [2106564] - C:\Program Files (x86)\Common Files\InstallShield [20/04/2017 18:15:19] - |D| - [1941064] - C:\Program Files (x86)\Common Files\Java [15/05/2013 11:39:57] - |D| - [1031464] - C:\Program Files (x86)\Common Files\mcafee [22/08/2013 17:36:30] - |D| - [448814593] - C:\Program Files (x86)\Common Files\Microsoft Shared [15/05/2013 11:41:52] - |D| - [18563532] - C:\Program Files (x86)\Common Files\Nero [06/11/2013 18:38:28] - |D| - [195948] - C:\Program Files (x86)\Common Files\postureAgent [22/08/2013 17:36:30] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [22/08/2013 17:36:30] - |D| - [10429019] - C:\Program Files (x86)\Common Files\System ---------- | C:\Program Files\Common files [03/12/2015 21:18:45] - |D| - [960151] - C:\Program Files\Common files\AV [16/09/2014 20:15:10] - |D| - [151648] - C:\Program Files\Common files\EPSON [15/05/2013 11:39:57] - |D| - [4950512] - C:\Program Files\Common files\mcafee [22/08/2013 17:36:31] - |D| - [116433821] - C:\Program Files\Common files\microsoft shared [22/08/2013 17:36:31] - |D| - [2702] - C:\Program Files\Common files\Services [22/08/2013 17:36:31] - |D| - [10731403] - C:\Program Files\Common files\System ---------- | Tasks [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [22/08/2013 16:45:54] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.1CD220F467F677D609957F1192CC3D0D] - [15/05/2013 11:41:22] - |A| - [3626] - C:\WINDOWS\System32\Tasks\ALU : C:\Program Files (x86)\Acer\Live Updater\updater.exe [MD5.D55FAD980D6604DA4DB1031B495879EC] - [15/05/2013 11:41:22] - |A| - [4402] - C:\WINDOWS\System32\Tasks\ALUAgent : C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [MD5.916EF28CE7A1A6BFCF630FFE9CF40BD9] - [20/04/2017 17:58:18] - |A| - [3914] - C:\WINDOWS\System32\Tasks\Avast Emergency Update : C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [MD5.00000000000000000000000000000000] - [03/12/2015 21:18:46] - |D| - [3860] - C:\WINDOWS\System32\Tasks\AVAST Software [MD5.B930F5DC22A39D341751B14D675F101B] - [15/05/2013 11:43:46] - |A| - [3200] - C:\WINDOWS\System32\Tasks\DeviceDetector : C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [MD5.70BA09687F23AFDADD5879BF661D1821] - [14/02/2014 21:08:27] - |A| - [3372] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.C13B870DE911256BD0FF6F5FA3B93143] - [14/02/2014 21:08:29] - |A| - [3500] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.4DDE3D23A80E4B0A12BE1DE8E35A885B] - [06/11/2013 19:03:27] - |A| - [2912] - C:\WINDOWS\System32\Tasks\Hotkey Utility : "C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [MD5.E3B5A47779FB855586258B7AA6875F78] - [17/05/2014 15:15:45] - |A| - [3718] - C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 : C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [MD5.43060D88FC6326F9A12DDF57C7D0D31B] - [17/05/2014 15:15:46] - |A| - [3476] - C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon : "C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe" [MD5.00000000000000000000000000000000] - [22/08/2013 17:36:30] - |D| - [420204] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.BA5E993B4F3226FBBC3CE47708D4FCFB] - [09/02/2014 14:04:44] - |A| - [3600] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2928477998-3593914962-1294348929-1001 : "C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe" [MD5.5CC7C3B245355421D3E7B8BA8809683D] - [06/11/2013 19:13:19] - |A| - [3596] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2928477998-3593914962-1294348929-500 : "C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe" [MD5.74A62E0F8FCFC5F5AD00E58FA20B89EA] - [12/10/2016 20:56:17] - |A| - [3904] - C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1476298573 : C:\Program Files\AVAST Software\SZBrowser\launcher.exe [MD5.98ECEDE944F1F3A614F4BC34BA5AC61F] - [16/10/2014 20:48:05] - |A| - [3928] - C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0892310C-790C-4383-96E7-C0A4D4E41AEE} : C:\WINDOWS\system32\msfeedssync.exe [MD5.00000000000000000000000000000000] - [09/02/2014 13:50:00] - |D| - [4474] - C:\WINDOWS\System32\Tasks\WPD [MD5.00000000000000000000000000000000] - [22/08/2013 17:36:31] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "Wininit-Shutdown-In-Rule-TCP-RPC"=v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36753|Desc=@firewallapi.dll,-36754|EmbedCtxt=@firewallapi.dll,-36751| "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper"=v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC-EPMap|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36755|Desc=@firewallapi.dll,-36756|EmbedCtxt=@firewallapi.dll,-36751| "Netlogon-NamedPipe-In"=v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=SonicWALL.MobileConnect|Desc=SonicWALL.MobileConnect|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL.MobileConnect|Platform=2:6:2|Platform2=GTEQ| "{560448D6-095C-4907-B046-AC7F710701A7}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=SonicWALL.MobileConnect|Desc=SonicWALL.MobileConnect|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL.MobileConnect|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{D6980480-941A-4DF6-AB81-3734ECD3D779}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=JuniperNetworks.JunosPulseVpn|Desc=JuniperNetworks.JunosPulseVpn|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=JuniperNetworks.JunosPulseVpn|Platform=2:6:2|Platform2=GTEQ| "{EC799E33-72BA-42D7-9127-DEFE68F9799D}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=JuniperNetworks.JunosPulseVpn|Desc=JuniperNetworks.JunosPulseVpn|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=JuniperNetworks.JunosPulseVpn|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{F64300AD-D559-4000-BD45-0997BCC8E70A}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=f5.vpn.client|Desc=f5.vpn.client|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=f5.vpn.client|Platform=2:6:2|Platform2=GTEQ| "{F77E5446-4378-4E99-8B7A-7061AAAEA193}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=f5.vpn.client|Desc=f5.vpn.client|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=f5.vpn.client|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{9E3D57FC-7C37-4424-9352-4831E97D029D}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=CheckPoint.VPN|Desc=CheckPoint.VPN|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=CheckPoint.VPN|Platform=2:6:2|Platform2=GTEQ| "{4282FE99-8560-4BC7-9576-5F3ED84E263F}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=CheckPoint.VPN|Desc=CheckPoint.VPN|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=CheckPoint.VPN|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{22B35585-0679-460A-81B3-6AD4EAB2DD2C}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{1E46A379-1362-4724-8336-077A9AD45B09}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe|Name=abMediaWindowsUpnp| "{79F600D9-B1EF-4560-86A3-B902F39DAB3D}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe|Name=abMediaWindowsUpnp| "{9262158D-6FCC-4D58-972C-0FE1799EA430}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe|Name=abMediaDMCDaemon| "{53A310FB-9D76-4AE2-AB13-BF5A4251333C}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe|Name=abMediaDMCDaemon| "{780AF550-5794-44D5-BEC3-047775C460B7}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe|Name=abMediaWindowsUpnp2| "{1D652B6E-48FC-4612-970C-3152AE513BF9}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe|Name=abMediaWindowsUpnp2| "{8BEAE614-A83F-41A3-BDDD-B2AA6BBA11A1}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe|Name=abMediaDMCDaemon2| "{F8639E09-CE1D-427A-9E45-E2AF305B6DC1}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe|Name=abMediaDMCDaemon2| "{50E74D19-778D-49CE-BA1F-4FB79796C7A9}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe|Name=abPhotoWindowsUpnp| "{72167B51-DECA-41A7-B4E2-3BFF5D455B53}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe|Name=abPhotoWindowsUpnp| "{16CF1E7B-F7F6-4CBA-89CF-435A7A4DBEE6}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe|Name=abPhotoDMCDaemon| "{0A1270F6-6163-4B2F-8330-5DD221374BDC}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe|Name=abPhotoDMCDaemon| "{8201BBC5-FEB0-4A01-A728-07BE7872F1AB}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe|Name=abPhotoWindowsUpnp2| "{028CE79F-304B-4595-BF09-A9D9152A8D2B}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe|Name=abPhotoWindowsUpnp2| "{CF1110F1-E58C-4A83-9240-788FC394BFF0}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe|Name=abPhotoDMCDaemon2| "{9E6F6365-3E71-40D0-ACF2-E7E09F2E2F63}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe|Name=abPhotoDMCDaemon2| "{DA3EE3D2-4005-42D2-BDCF-81EC250A4904}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\Acer Portal\ccd.exe|Name=AcerPortalccd| "{678177F3-6DC5-45C1-80DB-6E8006290106}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\Acer Portal\ccd.exe|Name=AcerPortalccd| "{F4725181-B185-43BB-A61F-88673DD12363}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe|Name=AcerPortalvirtualdrive| "{2EB9A784-B156-41F6-81A7-8968F5124147}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe|Name=AcerPortalvirtualdrive| "{40FCA480-C73A-48F8-B816-F8637A82E873}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe|Name=AcerPortalsdd| "{FAEC23BF-A50A-4F81-92FF-3AF73A949903}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe|Name=AcerPortalsdd| "{99907822-0F20-40EA-B9B6-EC3886592A16}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\Acer Portal\ccd.exe|Name=AcerPortalccd2.1.3101.2185| "{CA18FBCC-B595-4E3B-A766-D27951F5BF69}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\Acer Portal\ccd.exe|Name=AcerPortalccd2.1.3101.2185| "{AD54321B-6054-4C81-B74B-3DACC73A6D3A}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\Acer Media_\WindowsUpnpMV.exe|Name=AcerMediaWindowsUpnp2| "{78B6C7A6-47FA-4C8E-80AB-2134761BAF60}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\Acer Media_\WindowsUpnpMV.exe|Name=AcerMediaWindowsUpnp2| "{D2EC7963-74C8-4AC1-A99E-540F2370E454}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\Acer Media_\DMCDaemon.exe|Name=AcerMediaDMCDaemon2| "{AA78CED0-638A-4337-B707-C799DDB44604}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\Acer Media_\DMCDaemon.exe|Name=AcerMediaDMCDaemon2| "{F6FB60E5-DBFE-41F8-ABD8-D6C69583C7CD}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\Acer Photo_\WindowsUpnp.exe|Name=AcerPhotoWindowsUpnp2| "{D205AEDC-227B-496E-ADC9-FF46F652E9B7}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\Acer Photo_\WindowsUpnp.exe|Name=AcerPhotoWindowsUpnp2| "{A9031570-81E3-49DB-961F-8CA1ABAD7D88}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\Acer Photo_\DMCDaemon.exe|Name=AcerPhotoDMCDaemon2| "{1877D266-A718-41A2-AD59-47E72B50EA9C}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\Acer Photo_\DMCDaemon.exe|Name=AcerPhotoDMCDaemon2| "{72E20274-AD7F-4865-A9CF-D9B4AAD889CC}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe|Name=McAfee Shared Service Host| "{A6239E89-36CB-4BD3-9EA2-8071CF5063D7}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe|Name=McAfee Shared Service Host| "UDP Query User{7358BCD8-0649-4548-8827-36B5D6851AA5}C:\program files (x86)\acer remote\arcserver.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\acer remote\arcserver.exe|Name=ArcServer|Desc=ArcServer| "TCP Query User{ED12F5B6-98BF-4FD9-A27F-9B419C5E20DE}C:\program files (x86)\acer remote\arcserver.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\acer remote\arcserver.exe|Name=ArcServer|Desc=ArcServer| "{CB08A632-4CC2-47DE-B907-92CCFF96AE7F}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe|Name=AcerCloudvirtualdrive| "{6F1B8896-97DB-41FD-86E1-DFC4735AC4D2}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe|Name=AcerCloudvirtualdrive| "{24A8757F-FA6E-4DF2-82C4-1A65F9BD8B9C}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe|Name=AcerCloudsdd| "{47577BA8-F573-4ADB-B217-23080CA4D9C6}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe|Name=AcerCloudsdd| "{D47A7280-20BF-4ECA-A954-F9E0DCD6EF87}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe|Name=AcerCloudccd2.1.3101.2185| "{8E51EE98-D239-46AC-9B7C-8C4950A2EEFC}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe|Name=AcerCloudccd2.1.3101.2185| "{9D2CFA18-EEB2-46E2-9992-336BD7795BB0}"=v2.20|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe|Name=clear.fi Movie|Desc=clear.fi Movie| "{FAB8D89D-2BF8-4C3D-959A-D2EF456A5C89}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe|Name=MediaWindowsUpnpMV| "{F7B5EEE6-3D2F-46C4-A444-D7D197021D2F}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe|Name=MediaWindowsUpnpMV| "{C6B627F0-0B23-4E30-9047-88840FE240C3}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe|Name=MediaDMCDaemon| "{DF0669CF-6B80-4FCB-A948-8A0E249EAF51}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe|Name=MediaDMCDaemon| "{CB1D1619-26BB-4155-8147-C53ED4DE2CC6}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe|Name=PhotoWindowsUpnp| "{A1763A6F-CCB5-47D2-A104-3464D481F8D0}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe|Name=PhotoWindowsUpnp| "{B00CBC7A-1333-4C9C-A1E7-09D9E64AD401}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe|Name=PhotoDMCDaemon| "{9CC8A3AB-8AA2-4170-A49C-80F8A72DFC62}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe|Name=PhotoDMCDaemon| "{46B36D8A-5D07-43C1-89E3-426C58F95FDF}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe|Name=Spotify| "{C68A82B8-3C8F-4295-897F-E98926679A6F}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe|Name=Spotify| "{C06E949C-823F-43C2-B203-C25F57D80559}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Spotify\spotify.exe|Name=Spotify| "{3231A060-86E2-457F-A204-2F11921C21F8}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Spotify\spotify.exe|Name=Spotify| "{5E1AA71B-5ECF-47FE-95A2-71CCB0B387C8}"=v2.20|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{EE63EB9B-82CF-4F67-A075-9939C9926C8B}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe|Name=Nero BackItUp| "{5FBEB632-2344-48B5-B2BD-6468C721B491}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe|Name=Nero BackItUp| "{E4AFBA43-A863-43B8-9BFC-45429AB313EB}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe|Name=McAfee Shared Service Host| "{31ECDA71-B201-4E65-9FA3-60C62A9BAE1E}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe|Name=McAfee Shared Service Host| "{E7985E1D-C36F-4787-80A8-6350D07E9266}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{808F1451-4108-46FD-ADBB-F17324B5F0BD}"=v2.20|Action=Allow|Active=TRUE|Dir=Out|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{F1D760C3-F229-4B7A-B03A-FAA52E1735B6}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{E13AD144-BA19-4A7D-AEC3-03B2F560614F}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Check Point VPN|Desc=Check Point VPN|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=Check Point VPN|Platform=2:6:2|Platform2=GTEQ| "{16513075-CE95-4EA7-BD7C-AF47D074CE27}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Check Point VPN|Desc=Check Point VPN|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=Check Point VPN|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{A219AE2E-3D88-44A3-A47E-51DF8EA3EB7F}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=F5 VPN|Desc=F5 VPN|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=F5 VPN|Platform=2:6:2|Platform2=GTEQ| "{2294737A-AA96-449B-945E-4401B5A85A2E}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=F5 VPN|Desc=F5 VPN|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=F5 VPN|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{DCAA951F-E01E-4FA7-8C37-0CFF69419211}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Juniper Networks Junos Pulse|Desc=Juniper Networks Junos Pulse|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=Juniper Networks Junos Pulse|Platform=2:6:2|Platform2=GTEQ| "{5C510550-CAB0-4E48-9DA3-7067B16C43DF}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Juniper Networks Junos Pulse|Desc=Juniper Networks Junos Pulse|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=Juniper Networks Junos Pulse|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{579C1D33-497A-4F0D-B1A3-9CB79D42E218}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=SonicWALL Mobile Connect|Desc=SonicWALL Mobile Connect|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL Mobile Connect|Platform=2:6:2|Platform2=GTEQ| "{BFBC21CB-E467-4B56-B39E-CFC2A332FC81}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=SonicWALL Mobile Connect|Desc=SonicWALL Mobile Connect|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL Mobile Connect|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{1EF757AF-F0E3-4443-BD5C-F384485995FE}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=TuneIn Radio|Desc=TuneIn|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-3448222774-1362972896-3828232384-2484587679-1204535923-2579446900-1598161228|EmbedCtxt=TuneIn Radio|Platform=2:6:2|Platform2=GTEQ| "{367CD0D7-7815-4F2F-BC71-64080A424759}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=WeatherBug.a|Desc=WeatherBug.a|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-1142540520-166487024-2358622087-3443772217-897120595-2762082190-588810651|EmbedCtxt=WeatherBug.a|Platform=2:6:2|Platform2=GTEQ| "{772A7DE4-9817-4894-B8AC-750F5B6932E3}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=The Treasures of Montezuma 3|Desc=The Treasures of Montezuma 3|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-1711103438-1489171187-2530467359-2653311790-1858590917-2438859187-3834935727|EmbedCtxt=The Treasures of Montezuma 3|Platform=2:6:2|Platform2=GTEQ| "{8328FABD-CCD6-4B10-8839-A2E146EDE4C0}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Shark Dash|Desc=SharkDash|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-398143955-1333910318-2282503698-919574505-2969256114-3312519697-4167950525|EmbedCtxt=Shark Dash|Platform=2:6:2|Platform2=GTEQ| "{8D8CCB0F-469E-41AE-B22E-C89289424F40}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|Desc=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-2540836248-1980176511-1686232796-3610252712-3450814159-2925262043-1011558333|EmbedCtxt=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{CB5E0363-A6A2-4DC6-922B-45042D2AE011}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|Desc=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-2540836248-1980176511-1686232796-3610252712-3450814159-2925262043-1011558333|EmbedCtxt=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{AB8D5EEE-20BA-410B-8EBC-BE5358CFA3AE}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Acer Explorer|Desc=AcerExplorer|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-4064078117-538652333-2642387017-2477701237-3887694816-3370591880-4054822867|EmbedCtxt=Acer Explorer|Platform=2:6:2|Platform2=GTEQ| "{9109D5D0-972B-46CA-9AEB-5D5B95EC144E}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Acer Explorer|Desc=AcerExplorer|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-4064078117-538652333-2642387017-2477701237-3887694816-3370591880-4054822867|EmbedCtxt=Acer Explorer|Platform=2:6:2|Platform2=GTEQ| "{88A47B74-C165-4C5E-B42A-595750146F95}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Cut The Rope|Desc=Cut The Rope|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-1950744294-43203519-1746609925-4128979040-3964411274-3030117283-691129561|EmbedCtxt=Cut The Rope|Platform=2:6:2|Platform2=GTEQ| "{FD8F1DDC-A594-4FE5-A9B0-C438DEC21551}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=eBay|Desc=eBay|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-3057257296-3828382797-3810074314-1216619655-2489216617-4232069503-3218356943|EmbedCtxt=eBay|Platform=2:6:2|Platform2=GTEQ| "{ED613555-A291-40D9-BE0F-6C2194549760}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Taptiles|Desc=Dimensions|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-2231911430-2130388165-2516466230-706407494-3611915613-465405449-2907053216|EmbedCtxt=Taptiles|Platform=2:6:2|Platform2=GTEQ| "{7CABE67B-2CEA-4300-876C-F223AF81A47C}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Taptiles|Desc=Dimensions|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-2231911430-2130388165-2516466230-706407494-3611915613-465405449-2907053216|EmbedCtxt=Taptiles|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{639C767C-5674-45DE-97D5-13E49E020913}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=txtr ebooks|Desc=Txtr.Reader|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-836427117-3007360002-2498555335-1291817199-1279425671-3764903221-446891518|EmbedCtxt=txtr ebooks|Platform=2:6:2|Platform2=GTEQ| "{38E4A8D6-D7E6-489E-A704-BE1A2A11FA59}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=newsXpresso|Desc=SubwayTrainUI|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-4129196067-2307974979-1438538125-2818419501-323155690-2512545147-960559922|EmbedCtxt=newsXpresso|Platform=2:6:2|Platform2=GTEQ| "{358EFE0C-CF76-4ED9-803E-B3125631261B}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Pinball FX2|Desc=Pinball FX2|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-1875388339-2819852710-2401140565-4069547036-3357315346-1774868913-4226240588|EmbedCtxt=Pinball FX2|Platform=2:6:2|Platform2=GTEQ| "{3317A745-C614-4FF6-8A7E-FC82D903D7C8}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Pinball FX2|Desc=Pinball FX2|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-1875388339-2819852710-2401140565-4069547036-3357315346-1774868913-4226240588|EmbedCtxt=Pinball FX2|Platform=2:6:2|Platform2=GTEQ| "{6BC37579-C22B-456B-9ABC-3921D3769AE4}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=7digital Music Store|Desc=7digital Music Store|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-552990416-663849661-321874519-4075099277-3565282982-3724552128-1192020837|EmbedCtxt=7digital Music Store|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{D87A7CBD-A870-4C8A-B372-E55A7BADA001}C:\program files (x86)\acer remote\arcserver.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\acer remote\arcserver.exe|Name=ArcServer|Desc=ArcServer| "UDP Query User{8213AA27-B28F-4D23-BFB3-8521F523019D}C:\program files (x86)\acer remote\arcserver.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\acer remote\arcserver.exe|Name=ArcServer|Desc=ArcServer| "{6F53E0A4-20E6-416D-A359-1A794E784A04}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Wordament|Desc=Wordament|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-3246329098-3230233011-588582504-443901317-3747836941-355108722-2585344712|EmbedCtxt=Wordament|Platform=2:6:2|Platform2=GTEQ| "{B9B205D7-06E0-451F-AF47-54BC5F556C42}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Skype|Desc=Skype|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-2246530975-808720366-1776470054-230329187-4153223113-3550430174-4193313734|EmbedCtxt=Skype|Platform=2:6:2|Platform2=GTEQ| "{9B84A123-462D-4999-9721-707EA2CAC106}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Skype|Desc=Skype|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-2246530975-808720366-1776470054-230329187-4153223113-3550430174-4193313734|EmbedCtxt=Skype|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{4C9F92DD-465C-4F13-AF0A-E685D2996556}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=- Games App -|Desc=- Games App -|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-54699281-1271618622-4162202136-1802718980-1937042405-523788449-2466384431|EmbedCtxt=- Games App -|Platform=2:6:2|Platform2=GTEQ| "{DD6937C6-4713-4B43-AE6A-FA1905A74F81}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{75FF5F9D-0859-427A-9A0C-080CB14CED35}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "TCP Query User{25C64CF4-E5E0-4CE9-90E5-7B1B68A976D2}C:\program files (x86)\symantec\norton online backup\nobuclient.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\symantec\norton online backup\nobuclient.exe|Name=Norton Online Backup Service|Desc=Norton Online Backup Service| "UDP Query User{B182BC62-3ADF-4E17-AE5C-AA9EB08F8E32}C:\program files (x86)\symantec\norton online backup\nobuclient.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\symantec\norton online backup\nobuclient.exe|Name=Norton Online Backup Service|Desc=Norton Online Backup Service| "TCP Query User{874493AE-98F4-469D-9071-F81D5C82D6B6}C:\program files (x86)\symantec\norton online backup\nobuclient.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\symantec\norton online backup\nobuclient.exe|Name=Norton Online Backup Service|Desc=Norton Online Backup Service| "UDP Query User{EE136E75-1E8A-4607-8DAE-5C56E0E0154A}C:\program files (x86)\symantec\norton online backup\nobuclient.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\symantec\norton online backup\nobuclient.exe|Name=Norton Online Backup Service|Desc=Norton Online Backup Service| "{7B4BC8C2-8394-40D8-92F8-019EB1C02C0A}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Minesweeper|Desc=Minesweeper|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-1668282548-2189046812-16249793-2161376599-666748042-152509211-3149268411|EmbedCtxt=Microsoft Minesweeper|Platform=2:6:2|Platform2=GTEQ| "{AA48F68D-6F5C-49E2-9F3E-4EBDA67F8A04}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Minesweeper|Desc=Minesweeper|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-1668282548-2189046812-16249793-2161376599-666748042-152509211-3149268411|EmbedCtxt=Microsoft Minesweeper|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{056D3A57-2A7E-4B5D-99C3-D3AD65123315}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Solitaire|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{3B3B2D81-5292-4A07-ADD8-90870441C023}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Solitaire|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{CEFEF327-B8D5-43F6-A6A8-6EE9293EF18A}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Mahjong|Desc=Microsoft Mahjong|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-2481395877-3904904754-2872837976-1880937080-3242436791-3293372984-3327460953|EmbedCtxt=Microsoft Mahjong|Platform=2:6:2|Platform2=GTEQ| "{DF98E0D0-C414-4104-A942-10F2C6C8E892}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Mahjong|Desc=Microsoft Mahjong|LUOwn=S-1-5-21-2928477998-3593914962-1294348929-1001|AppPkgId=S-1-15-2-2481395877-3904904754-2872837976-1880937080-3242436791-3293372984-3327460953|EmbedCtxt=Microsoft Mahjong|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{2CC5806F-CDA3-4E92-8764-5C959F20CCA6}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Everness\Application\chrome.exe|Name=Chrome browser| "{D351DBF8-FC24-44D2-ADE3-9C49A9D58CEA}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Firefox\Firefox.exe|Name=Firefox browser| "{A1F43563-2457-46AC-B2AD-803890D0E1DB}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_0\SZBrowser.exe|Name=Opera Internet Browser (mDNS-In)|Desc=Inbound rule to allow mDNS traffic.|EmbedCtxt=Opera Internet Browser| "{700C6C7D-41F5-4BC2-936D-757B833A8801}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\standardprofile\authorizedapplications\list] "C:\Users\Odilia\Downloads\AdsFix.exe"=C:\Users\Odilia\Downloads\AdsFix.exe:*:Enabled:AdsFix "C:\Users\Odilia\Desktop\AdsFix.exe"=C:\Users\Odilia\Desktop\AdsFix.exe:*:Enabled:AdsFix [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\domainprofile\authorizedapplications\list] "C:\Users\Odilia\Downloads\AdsFix.exe"=C:\Users\Odilia\Downloads\AdsFix.exe:*:Enabled:AdsFix "C:\Users\Odilia\Desktop\AdsFix.exe"=C:\Users\Odilia\Desktop\AdsFix.exe:*:Enabled:AdsFix ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{03F52937-1FD6-44FB-82C6-FE988F1B1D61}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{04A83FC2-2AE2-4C88-B45F-E9707B377636}] : (aswHwid) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @PrintQueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{24A0C840-2C3D-4410-8236-8B40816C7B90}] : (aswVmm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (Security Accelerator) [] -> @c_sslaccel.inf,%SECURITYACCELERATORCLASSNAME%;Security Accelerator [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @idtsec.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{39EB4865-658B-4410-AFA3-378D8517461C}] : (ngvss) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @%SystemRoot%\System32\DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @%SystemRoot%\System32\Montr_CI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{502EB68B-57B4-4FEE-9890-18F2D8AD1E3E}] : (mfencbdc) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{522119B9-1B9A-498A-AC52-148B533EFD50}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6880337A-1EB4-4EF2-9659-0FD2EC60CB1B}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{78A1C341-4539-11D3-B88D-00C04FAD5171}] : (mfesapsn) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87C077B2-3D3B-4156-938A-EA51B451D6C6}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8AE85550-832C-4A9B-81BB-2A49DBEE72B4}] : (aswRvrt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8c78b96c-9120-4da4-a144-ff427f2cf132}] : (BarcodeScanner) [] -> @hidscanner.inf,%ClassName%;POS HID Barcode scanners [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\sccls.dll,-300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9d6d66a6-0b0c-4563-9077-a0e9a7955ae4}] : (Ramdisk) [] -> @ramdisk.inf,%ClassName%;RAM Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{B95B836B-234E-4857-A1F8-D0D9A9BEC1C5}] : (vmbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @AudioEndpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @WSDPrint.Inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C4A06E97-ED42-47B9-83E1-F12299B286A5}] : (aswRdr) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\sccls.dll,-301 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{FB58BE68-EA9E-4803-847F-2CE814E7B159}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [// ::] - (0.0.0.0) - ( -) - C:\WINDOWS\System32\drivers\frbljka.sys [05/09/2013 02:46:52] - (9.18.13.2702) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 327.02) - C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [05/09/2013 02:46:46] - (1.3.26.4) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\WINDOWS\system32\drivers\nvhda64v.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - agp440 (@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter) -> System32\drivers\agp440.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - gagp30kx (@machine.inf,%gagp30kx_svcdesc%;Filtre AGP version 3.0 générique Microsoft pour plates-formes à base de processeur K8) -> System32\drivers\gagp30kx.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorAV (@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows) -> System32\drivers\iaStorAV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS2 () -> System32\drivers\lsi_sas2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS3 () -> System32\drivers\lsi_sas3.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nv_agp (@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter) -> System32\drivers\nv_agp.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (@machine.inf,%pci_svcdesc%;Pilote de bus PCI) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Lecteur AHCI SATA Microsoft standard) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - storflt (@%SystemRoot%\system32\vmstorfltres.dll,-1000) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - uagp35 (@machine.inf,%uagp35_svcdesc%;Filtre AGP version 3.5 Microsoft) -> System32\drivers\uagp35.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - uliagpkx (@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter) -> System32\drivers\uliagpkx.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - viaide () -> System32\drivers\viaide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - vmbus (@%SystemRoot%\system32\vmbusres.dll,-1000) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (@volume.inf,%VolumeClassName%;Storage volumes) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> system32\drivers\WdFilter.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> system32\DRIVERS\wfplwfs.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswbidsdriver (aswbidsdriver) -> \SystemRoot\system32\drivers\aswbidsdrivera.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswKbd (aswKbd) -> \SystemRoot\system32\drivers\aswKbd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswRdr (aswRdr) -> \SystemRoot\system32\drivers\aswRdr2.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswSnx (aswSnx) -> \SystemRoot\system32\drivers\aswSnx.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswSP (aswSP) -> \SystemRoot\system32\drivers\aswSP.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (@netnb.inf,%NetBIOS_Desc%;NetBIOS Interface) -> system32\DRIVERS\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> \SystemRoot\system32\DRIVERS\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> \SystemRoot\system32\DRIVERS\vwififlt.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - aswMonFlt (aswMonFlt) -> \SystemRoot\system32\drivers\aswMonFlt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - aswStm (aswStm) -> \SystemRoot\system32\drivers\aswStm.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> \SystemRoot\system32\DRIVERS\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> \SystemRoot\system32\DRIVERS\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True ---------- | System files (Microsoft|Avast|Atheros Files whitelisted) [MD5.AD508A1A46EC21B740AB31C28EFDFDB1] - [22/08/2013 08:57:45] - (.Copyright (c) 2011 LSI - LSI 3ware SCSI Storport Driver.) - [106.34 Ko] - (5.1.0.51) - C:\WINDOWS\System32\Drivers\3ware.sys [MD5.7C1FDF1B48298CBA7CE4BDD4978951AD] - [22/08/2013 09:01:07] - (.Copyright (C) PMC-Sierra 2001-2013 - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) - [763.84 Ko] - (1.0.0.254) - C:\WINDOWS\System32\Drivers\adp80xx.sys [MD5.D2BF2F94A47D332814910FD47C6BBCD2] - [22/08/2013 09:01:07] - (.Copyright © 2008-2013 AMD, Inc. - AHCI 1.3 Device Driver.) - [77.34 Ko] - (1.1.4.14) - C:\WINDOWS\System32\Drivers\amdsata.sys [MD5.A8E04943C7BBA7219AA50400272C3C6E] - [22/08/2013 08:57:45] - (.2012 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [253.34 Ko] - (3.7.1540.43) - C:\WINDOWS\System32\Drivers\amdsbs.sys [MD5.CEA5F4F27CFC08E3A44D576811B35F50] - [22/08/2013 09:01:07] - (.Copyright © 2008-2013 AMD, Inc. - Storage Filter Driver.) - [25.34 Ko] - (1.1.4.14) - C:\WINDOWS\System32\Drivers\amdxata.sys [MD5.65045784366F7EC5FB4E71BCF923187B] - [22/08/2013 09:01:07] - (.Copyright 2013 PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) - [111.34 Ko] - (7.2.0.30261) - C:\WINDOWS\System32\Drivers\arcsas.sys [MD5.C1ABB0F7E3BEA48A0417BDF6FF14AB21] - [22/08/2013 08:57:48] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [17.21 Ko] - (6.3.9391.6) - C:\WINDOWS\System32\Drivers\bcmfn2.sys [MD5.A4A73F631FE2AA2826FBE4A399B04DEF] - [22/08/2013 08:57:55] - (.(c) COPYRIGHT 2001-2012 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [518.84 Ko] - (7.4.14.0) - C:\WINDOWS\System32\Drivers\bxvbda.sys [MD5.2E57136AC3814D7039C6A206E1AA203F] - [15/05/2013 12:16:06] - (.Copyright(C) 2013, Intel Corporation. - Intel(R) Gigabit Adapter NDIS 6.x driver.) - [457.27 Ko] - (12.6.51.9426) - C:\WINDOWS\System32\Drivers\e1d63x64.sys [MD5.114BCFDF367FF37C3F1B0A96AF542E4D] - [22/08/2013 08:57:55] - (.(c) COPYRIGHT 2001-2013 Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) - [3278.34 Ko] - (7.4.33.1) - C:\WINDOWS\System32\Drivers\evbda.sys [MD5.2BB3EAE2EA641515D4B205CAB29E1624] - [15/05/2013 12:15:59] - (.Copyright © 2006-2013, Intel Corporation. - Intel(R) Management Engine Interface.) - [63.11 Ko] - (9.0.0.1287) - C:\WINDOWS\System32\Drivers\HECIx64.sys [MD5.A6AACEA4C785789BDA5912AD1FEDA80D] - [22/08/2013 08:57:45] - (.Copyright (c) 2004-2011 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [62.84 Ko] - (8.0.4.0) - C:\WINDOWS\System32\Drivers\HpSAMD.sys [MD5.5D90E32E36CE5D4C535D17CE08AEAF05] - [22/08/2013 08:57:49] - (.Copyright © 2013, Intel Corporation. - Intel(R) Serial IO GPIO Controller Driver.) - [23.99 Ko] - (1.1.163.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_GPIO.sys [MD5.DD05E7E80F52ADE9AEB292819920F32C] - [22/08/2013 08:57:49] - (.Copyright © 2013, Intel Corporation. - Intel(R) Serial IO I2C Controller Driver.) - [96.99 Ko] - (1.1.163.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_I2C.sys [MD5.28C6F2EB9A27DB6E12D2C08100120563] - [05/11/2012 03:49:26] - (.Copyright (C) 1998 - 2012 Intel Corporation. - NDIS 6.30 Advanced Networking Services..) - [149.38 Ko] - (9.9.0.39) - C:\WINDOWS\System32\Drivers\iANSW60e.sys [MD5.08BFE413B0B4AA8DFA4B5684CE06D3DC] - [22/08/2013 09:01:07] - (.Copyright(C) Intel Corporation 1994-2012 - Intel Rapid Storage Technology driver (inbox) - x64.) - [635.98 Ko] - (12.0.1.1018) - C:\WINDOWS\System32\Drivers\iaStorAV.sys [MD5.A2200C3033FA4EF249FC096A7A7D02A2] - [22/08/2013 09:01:07] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [402.34 Ko] - (8.6.2.1019) - C:\WINDOWS\System32\Drivers\iaStorV.sys [MD5.73A40E29F61E5D142C8F42B28A351190] - [21/02/2013 04:40:52] - (.Copyright (C) 2002-2012 Intel Corporation - Intel(R) Network Adapter Diagnostic Driver.) - [32.83 Ko] - (1.3.0.6) - C:\WINDOWS\System32\Drivers\iqvw64e.sys [MD5.C755AE4635457AA2A11F79C0DF857ABC] - [22/08/2013 08:57:45] - (.Copyright © LSI Corporation 2010 - LSI Fusion-MPT SAS Driver (StorPort).) - [106.84 Ko] - (1.34.3.82) - C:\WINDOWS\System32\Drivers\lsi_sas.sys [MD5.ADAC09CBE7A2040B7F68B5E5C9A75141] - [22/08/2013 08:57:45] - (.Copyright © LSI Corporation 2012 - LSI SAS Gen2 Driver (StorPort).) - [91.34 Ko] - (2.0.60.82) - C:\WINDOWS\System32\Drivers\lsi_sas2.sys [MD5.04D1274BB9BBCCF12BD12374002AA191] - [22/08/2013 08:57:45] - (.Copyright © LSI Corporation 2012 - LSI SAS Gen3 Driver (StorPort).) - [79.84 Ko] - (2.50.65.1) - C:\WINDOWS\System32\Drivers\lsi_sas3.sys [MD5.327469EEF3833D0C584B7E88A76AEC0C] - [22/08/2013 08:57:45] - (.Copyright © LSI Corporation 2012 - LSI SSS PCIe/Flash Driver (StorPort).) - [80.84 Ko] - (2.10.61.81) - C:\WINDOWS\System32\Drivers\lsi_sss.sys [MD5.CFBC6C6D8A492697CABD1D353EE64933] - [22/11/2015 17:16:01] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [25.21 Ko] - (0.1.16.0) - C:\WINDOWS\System32\Drivers\mbam.sys [MD5.42B3F5C9FBC9B3F0E0BA6B5D7FC8E849] - [22/11/2015 17:16:01] - (.© Malwarebytes. - Malwarebytes Chameleon Protection Driver.) - [106.71 Ko] - (1.1.21.0) - C:\WINDOWS\System32\Drivers\mbamchameleon.sys [MD5.78488AF2AB2111D67B3C4044707A519B] - [22/11/2015 17:16:13] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [187.71 Ko] - (0.3.0.4) - C:\WINDOWS\System32\Drivers\MBAMSwissArmy.sys [MD5.EB5C03A070F30D64A6DF80E53B22F53F] - [22/08/2013 08:57:45] - (.Copyright © LSI Corporation 2013 - MEGASAS RAID Controller Driver for Windows.) - [55.34 Ko] - (6.3.9466.0) - C:\WINDOWS\System32\Drivers\megasas.sys [MD5.F6F13533196DE7A582D422B0241E4363] - [22/08/2013 08:57:45] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [562.34 Ko] - (15.2.2013.129) - C:\WINDOWS\System32\Drivers\megasr.sys [MD5.B8C35C94DCB2DFEAF03BB42131F2F77F] - [22/08/2013 08:57:45] - (.Copyright (c) Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) - [62.34 Ko] - (1.0.5.1015) - C:\WINDOWS\System32\Drivers\mvumis.sys [MD5.08DECFCB9BA97786165A69AB1015BC30] - [22/11/2015 17:16:01] - (.© Malwarebytes Corporation. - Malwarebytes Web Access Control.) - [62.71 Ko] - (1.0.6.0) - C:\WINDOWS\System32\Drivers\mwac.sys [MD5.554964B900AE2954B8B589B6287034AC] - [05/09/2013 02:46:46] - (.(C) NVIDIA Corporation. - NVIDIA HDMI Audio Driver.) - [191.78 Ko] - (1.3.26.4) - C:\WINDOWS\System32\Drivers\nvhda64v.sys [MD5.9B93CC9C70EDE60A9C486E7719DB9E8D] - [05/09/2013 02:46:52] - (.(C) 2013 NVIDIA Corporation. - NVIDIA Windows Kernel Mode Driver, Version 327.02.) - [11009.28 Ko] - (9.18.13.2702) - C:\WINDOWS\System32\Drivers\nvlddmkm.sys [MD5.BC6B5942AFF25EBAF62DE43C3807EDF8] - [22/08/2013 09:01:09] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [146.84 Ko] - (10.6.0.22) - C:\WINDOWS\System32\Drivers\nvraid.sys [MD5.1F43ABFFAC3D6CA356851D517392966E] - [22/08/2013 09:01:09] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [164.34 Ko] - (10.6.0.22) - C:\WINDOWS\System32\Drivers\nvstor.sys [MD5.8524178B895E4BC04776B319DA3A70EC] - [06/11/2013 18:41:14] - (.Copyright (c) Realtek Semiconductor Corp.1998-2012 - Realtek(r) High Definition Audio Function Driver.) - [4006.77 Ko] - (6.0.1.6699) - C:\WINDOWS\System32\Drivers\RTKVHD64.sys [MD5.105ADD864BED225584E6E50577C5CB3F] - [06/11/2013 18:33:28] - (.Copyright (C) Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7/Win8.) - [318.72 Ko] - (6.2.9200.39039) - C:\WINDOWS\System32\Drivers\RtsUVStor.sys [MD5.10603B518193700119E51A41AF3B4E1E] - [22/10/2016 13:11:13] - (.Copyright (C) 2013 Realtek Semiconductor Corporation - Realtek WLAN USB NDIS Driver.) - [2971.21 Ko] - (1026.6.1217.2013) - C:\WINDOWS\System32\Drivers\RTWlanU.sys [MD5.3EA8A16169C26AFBEB544E0E48421186] - [22/08/2013 17:36:40] - (.© 2006 Macrovision Corporation - Macrovision SECURITY Driver.) - [22.5 Ko] - (4.3.86.0) - C:\WINDOWS\System32\Drivers\secdrv.sys [MD5.2F518D13DD6F3053837FE606F1A2EA1F] - [22/08/2013 09:01:09] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [43.84 Ko] - (5.1.1039.2600) - C:\WINDOWS\System32\Drivers\sisraid2.sys [MD5.1AC9A200A9C49C4508F04AAFFCA34A3F] - [22/08/2013 09:01:09] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [79.84 Ko] - (5.1.1039.3600) - C:\WINDOWS\System32\Drivers\sisraid4.sys [MD5.366DEA74BBA65B362BCCFC6FC2ADFD8B] - [22/08/2013 08:57:45] - (.© Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) - [30.34 Ko] - (5.1.0.10) - C:\WINDOWS\System32\Drivers\stexstor.sys [MD5.06D38968028E9AB19DE9B618C7B6D199] - [22/08/2013 14:22:58] - (.Copyright (C) VIA Technologies, Inc. 2000-2007 - VIA Generic PCI IDE Bus Driver.) - [19.34 Ko] - (6.0.6000.170) - C:\WINDOWS\System32\Drivers\viaide.sys [MD5.4539F45F9F4C9757A86A56C949421E07] - [22/08/2013 09:01:09] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [164.84 Ko] - (7.0.9200.6320) - C:\WINDOWS\System32\Drivers\vsmraid.sys [MD5.0849B7260F26FE05EA56DED0672E2F4B] - [22/08/2013 09:01:10] - (.Copyright (C) 2008 VIA Corporation - VIA StorX RAID Controller Driver.) - [298.34 Ko] - (8.0.9200.8110) - C:\WINDOWS\System32\Drivers\VSTXRAID.SYS [MD5.29CCFF428E5EB70AE429C3DA8968E1EC] - [11/03/2017 12:29:21] - (.EnTech Taiwan, 1997-2009 - DriverAgent Direct I/O for 64-bit Windows.) - [20.38 Ko] - (1.0.0.1) - C:\WINDOWS\Syswow64\Drivers\DrvAgent64.SYS ---------- | Uninstall [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Aff Packages] : (Aff Packages.-.) -> C:\Users\Odilia\AppData\Roaming\1H1Q\Aff Packages\uninstaller.exe /Uninstall /NM="Aff Packages" /AN="1H1Q" /MBN="Aff Packages" [HKU\S-1-5-21-2928477998-3593914962-1294348929-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\bb920e9cd17f6bd3] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\EPSON SX235 Series] : (EPSON SX235 Series Printer Uninstall.-.SEIKO EPSON Corporation) -> C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IINSHLE.EXE /R /APD /P:"EPSON SX235 Series" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\PDF Creator] : (PDF Creator.-.) -> C:\\PROGRA~1\\PDFCRE~1\\Actual\\UNINST~1.EXE /uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\PROSetDX] : (Intel(R) Network Connections 18.1.59.0.-.Intel) -> MsiExec.exe /i{644B5296-5B22-40EE-B954-9598E2E1427E} ARPREMOVE=1 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}] : (Acer Recovery Management.-.Acer Incorporated) -> Msiexec.exe /i {07F2005A-8CAC-4A4B-83A2-DA98A722CA61} ACER=1 PRODUCTNAME="Acer Recovery Management" REMOVEUSEC=1 BOOTSTRATOR=1 ACERPRELOAD=1 ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{44B72151-611E-429D-9765-9BA093D7E48A}] : (Intel® Trusted Connect Service Client.-.Intel Corporation) -> MsiExec.exe /I{44B72151-611E-429D-9765-9BA093D7E48A} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{54F2237F-018C-483B-8884-9FC0D88840C3}] : (VC_CRT_x64.-.Intel Corporation) -> MsiExec.exe /I{54F2237F-018C-483B-8884-9FC0D88840C3} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{644B5296-5B22-40EE-B954-9598E2E1427E}] : (Intel(R) Network Connections 18.1.59.0.-.Intel) -> MsiExec.exe /i{644B5296-5B22-40EE-B954-9598E2E1427E} ARPREMOVE=1 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{91F52DE4-B789-42B0-9311-A349F10E5479}] : (Acer Power Management.-.Acer Incorporated) -> MsiExec.exe /i {91F52DE4-B789-42B0-9311-A349F10E5479} PRODUCTNAME="Acer Power Management" BRANDNAME="Acer" NEWUPGRADE=0 BOOTSTRATOR=1 ISDT=1 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision] : (NVIDIA Pilote 3D Vision 327.02.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{8021B09E-8D5E-44F8-A87E-DF6240B968C2}\NVI2.DLL",UninstallPackage Display.3DVision ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 327.02.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] : (NVIDIA Pilote graphique 327.02.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{8021B09E-8D5E-44F8-A87E-DF6240B968C2}\NVI2.DLL",UninstallPackage Display.Driver [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB] : (NVIDIA Pilote du contrôleur 3D Vision 311.06.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{00B1FF01-FA57-4D56-A7F1-8B657981CD39}\NVI2.DLL",UninstallPackage Display.NVIRUSB [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] : (NVIDIA Logiciel système PhysX 9.12.1031.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{00B1FF01-FA57-4D56-A7F1-8B657981CD39}\NVI2.DLL",UninstallPackage Display.PhysX [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver] : (NVIDIA Pilote audio HD : 1.3.26.4.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{242C71CA-6B91-4EC5-AAF4-51D852044F2A}\NVI2.DLL",UninstallPackage HDAudio.Driver ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{EF79C448-6946-4D71-8134-03407888C054}] : (Shared C Run-time for x64.-.McAfee) -> MsiExec.exe /I{EF79C448-6946-4D71-8134-03407888C054} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Acer Remote1.0] : (Acer Remote.-.Acer Inc.) -> "C:\Program Files (x86)\Acer Remote\uninstall.exe" "/U:C:\Program Files (x86)\Acer Remote\Uninstall\uninstall.xml" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Avast Antivirus] : (Avast Antivirus Gratuit.-.AVAST Software) -> C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\BSPlayerf] : (BS.Player FREE.-.AB Team, d.o.o.) -> "C:\Program Files (x86)\Webteh\BSPlayer\uninstall.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EPSON Scanner] : (EPSON Scan.-.Seiko Epson Corporation) -> C:\Program Files (x86)\epson\escndv\setup\setup.exe /r [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Faire-part et remerciements_is1] : (Faire-part et remerciements.-.Anuman Interactive) -> "C:\Program Files (x86)\Anuman Interactive\Faire-part et remerciements\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\setup.exe" --uninstall --system-level --verbose-logging [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}] : (CyberLink MediaEspresso 6.5.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] : (Malwarebytes Anti-Malware version 2.2.0.1024.-.Malwarebytes) -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\NVIDIAStereo] : (NVIDIA Stereoscopic 3D Driver.-.NVIDIA Corporation) -> "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SafeZone 3.55.2393.596] : (SafeZone Stable 3.55.2393.596.-.Avast Software) -> "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Spotify] : (Spotify.-.Spotify AB) -> "C:\Program Files (x86)\Spotify\Spotify.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall] : (WildTangent Games.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGameProvider-acer-genres] : (Canaux de jeu.-.WildTangent, Inc.) -> "C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGameProvider-acer-main] : (Canaux de jeu.-.WildTangent, Inc.) -> "C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - main\Uninstall.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-021f802d-9f3d-4f5c-a6ec-b95f555fad3e] : (Tales of Lagoona.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Tales of Lagoona\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-2c1b101a-cb04-4317-9053-9681f894c6fe] : (Jewel Match 3.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Jewel Match 3\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-36c37cb2-dc74-4822-9151-a04870af5070] : (Bejeweled 3.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Bejeweled 3\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-3e0b424f-a46c-463e-b48f-8b836a2bf37d] : (John Deere Drive Green.-.WildTangent) -> "C:\Program Files (x86)\WildGames\John Deere Drive Green\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-68712320-b392-4e9b-8da2-a6ed6ea44fd5] : (Magic Academy.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Magic Academy\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-abbd5138-18bb-45cb-89f1-74a3bb48cf9d] : (Delicious: Emily's Childhood Memories Premium Edition.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Delicious Emilys Childhood Memories Premium Edition\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-bcf4cbc0-6137-4179-904a-60dd5ce33e7d] : (Plants vs. Zombies - Game of the Year.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Plants vs Zombies - Game of the Year\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-da97ad61-fbb9-4f6c-a8c9-54968e10c249] : (Governor of Poker 2 Premium Edition.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Governor of Poker 2 Premium Edition\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0B311221-05A5-4766-8D03-7A6446794156}] : (Nero RescueAgent Help (CHM).-.Nero AG) -> MsiExec.exe /X{0B311221-05A5-4766-8D03-7A6446794156} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}] : (Nero Launcher.-.Nero AG) -> MsiExec.exe /X{0E4630AF-0AB7-440E-A978-1A78FC4F43B9} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1E496A68-4943-424E-829D-5C3C85B7B8F2}] : (Realtek USB Card Reader.-.Realtek Semiconductor Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{1E496A68-4943-424E-829D-5C3C85B7B8F2}\setup.exe" -runfromtemp -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F32180101F0}] : (Java 8 Update 101.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F32180101F0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F32180121F0}] : (Java 8 Update 121.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F32180121F0} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App] : (Update Installer for WildTangent Games App.-.WildTangent) -> "C:\Program Files (x86)\WildTangent Games\App\Uninstall.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3AAB08A3-F129-4BD5-B409-AE674F93759D}] : (Prerequisite installer.-.Nero AG) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3D9CB654-99AD-4301-89C6-0D12A790767C}] : (Identity Card.-.Acer Incorporated) -> MsiExec.exe /X{3D9CB654-99AD-4301-89C6-0D12A790767C} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}] : (AOP Framework.-.Acer Incorporated) -> C:\Program Files (x86)\Acer\AOP Framework\AOPSetup.exe -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}] : (Nero BackItUp 12 Essentials OEM.a01.-.Nero AG) -> MsiExec.exe /I{4CA8F973-6377-4ABF-9ED5-CC2323B3C000} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{582876EC-A178-44D4-9823-C10D6C62EAFF}] : (.-.) -> MsiExec /X{8B922CF8-8A6C-41CE-A858-F1755D7F5D29} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}] : (Nero Update.-.Nero AG) -> MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}] : (Office Addin.-.Acer) -> MsiExec.exe /I{6D2BBE1D-E600-4695-BA37-0B0E605542CC} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer] : (WildTangent Games App.-.WildTangent) -> "C:\Program Files (x86)\WildTangent Games\Touchpoints\acer\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}] : (Intel(R) Update Manager.-.Intel Corporation) -> MsiExec.exe /I{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{852E893E-E4FD-45BB-8B17-72ADDF686974}] : (TP-LINK TL-WN821N(C)_TL-WN822N_TL-WN823N Pilote.-.TP-LINK) -> "C:\Program Files (x86)\InstallShield Installation Information\{852E893E-E4FD-45BB-8B17-72ADDF686974}\setup.exe" -runfromtemp -l0x040c -removeonly DriverOnly ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}] : (NVIDIA PhysX.-.NVIDIA Corporation) -> MsiExec.exe /I{8B922CF8-8A6C-41CE-A858-F1755D7F5D29} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8D5D54B8-3D29-4AB4-8DA8-1868DAF941D8}] : (OpenOffice 4.0.1.-.Apache Software Foundation) -> MsiExec.exe /I{8D5D54B8-3D29-4AB4-8DA8-1868DAF941D8} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{91589413-6675-4C27-8AFC-EFB9103B90A5}] : (eBay Worldwide.-.OEM) -> MsiExec.exe /I{91589413-6675-4C27-8AFC-EFB9103B90A5} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}] : (Nero RescueAgent.-.Nero AG) -> MsiExec.exe /X{A2D43081-CF7B-4637-A9F3-E2651AA5C4A8} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A6DC88AD-501A-44BC-884D-57435F972E2C}] : (Hotkey Utility.-.Acer Incorporated) -> MsiExec.exe /i {A6DC88AD-501A-44BC-884D-57435F972E2C} PRODUCTNAME="Hotkey Utility" BRANDNAME="Acer" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ABC88553-8770-4B97-B43E-5A90647A5B63}] : (Nero ControlCenter.-.Nero AG) -> MsiExec.exe /X{ABC88553-8770-4B97-B43E-5A90647A5B63} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}] : (Nero Core Components.-.Nero AG) -> MsiExec.exe /X{BEBEE34D-84A2-4EDD-8BEA-96CC54371263} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C994C746-C6D0-4EBA-B09E-DF7B18381B69}] : (Nero ControlCenter Help (CHM).-.Nero AG) -> MsiExec.exe /X{C994C746-C6D0-4EBA-B09E-DF7B18381B69} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7}] : (Nero BackItUp.-.Nero AG) -> MsiExec.exe /X{DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DCBF3379-246B-47E1-8173-639B63940838}] : (Acer Docs Office AddIn.-.Acer) -> MsiExec.exe /I{DCBF3379-246B-47E1-8173-639B63940838} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E3739848-5329-48E3-8D28-5BBD6E8BE384}] : (CyberLink MediaEspresso 6.5.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EE26E302-876A-48D9-9058-3129E5B99999}] : (Live Updater.-.Acer Incorporated) -> MsiExec.exe /X{EE26E302-876A-48D9-9058-3129E5B99999} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EF0D1292-8FC1-41BE-9740-DBC134F66415}] : (Nero BackItUp Help (CHM).-.Nero AG) -> MsiExec.exe /X{EF0D1292-8FC1-41BE-9740-DBC134F66415} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EF79C448-6946-4D71-8134-03407888C054}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}] : (Intel(R) Control Center.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm ---------- | Ports ---------- | Installer [HKCR\Installer\Products\05835BF8A6427053A8ED000690F3EF6A] : Visual Studio Tools for the Office system 3.0 Runtime [HKCR\Installer\Products\122113B05A506674D830A74664971465] : Nero RescueAgent Help (CHM) -> c:\windows\Installer\{0B311221-05A5-4766-8D03-7A6446794156}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945 [HKCR\Installer\Products\15127B44E116D9247956B90A397D4EA8] : Intel® Trusted Connect Service Client [HKCR\Installer\Products\18034D2AB7FC73649A3F2E56A15A4C8A] : Nero RescueAgent -> c:\windows\Installer\{A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}\ARPPRODUCTICON.exe [HKCR\Installer\Products\203E62EEA6789D84098513925E9B9999] : Live Updater -> C:\windows\Installer\{EE26E302-876A-48D9-9058-3129E5B99999}\icon.ico [HKCR\Installer\Products\2921D0FE1CF8EB147904BD1C436F4651] : Nero BackItUp Help (CHM) -> c:\windows\Installer\{EF0D1292-8FC1-41BE-9740-DBC134F66415}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945 [HKCR\Installer\Products\31498519576672C4A8CFFE9B01B3095A] : eBay Worldwide -> c:\Windows\Installer\{91589413-6675-4C27-8AFC-EFB9103B90A5}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\35588CBA077879B44BE3A50946A7B536] : Nero ControlCenter -> c:\windows\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63}\ARPPRODUCTICON.exe [HKCR\Installer\Products\379F8AC47736FBA4E95DCC32323B0C00] : Nero BackItUp 12 Essentials OEM.a01 -> c:\windows\Installer\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3A80BAA3921F5DB44B90EA76F43957D9] : Prerequisite installer -> c:\windows\Installer\{3AAB08A3-F129-4BD5-B409-AE674F93759D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\411A73A4F20755044A6B6175D1A43535] : AOP Framework -> C:\Windows\Installer\{4A37A114-702F-4055-A4B6-16571D4A5353}\icon.ico [HKCR\Installer\Products\456BC9D3DA991034986CD0217A0967C7] : Identity Card -> C:\windows\Installer\{3D9CB654-99AD-4301-89C6-0D12A790767C}\icon.ico [HKCR\Installer\Products\4EA42A62D9304AC4784BF2238110100F] : Java 8 Update 101 -> C:\Program Files (x86)\Java\jre1.8.0_101\\bin\javaws.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF2238110120F] : Java 8 Update 121 -> C:\Program Files (x86)\Java\jre1.8.0_121\\bin\javaws.exe [HKCR\Installer\Products\4ED25F19987B0B2439113A941FE04597] : Acer Power Management [HKCR\Installer\Products\647C499C0D6CABE40BE9FDB78183B196] : Nero ControlCenter Help (CHM) -> c:\windows\Installer\{C994C746-C6D0-4EBA-B09E-DF7B18381B69}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D [HKCR\Installer\Products\6925B44622B5EE049B4559892E1E24E7] : -> C:\Windows\Installer\{644B5296-5B22-40EE-B954-9598E2E1427E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7040BB568CC47CD459E2E3FEFD5006A2] : Nero Update -> c:\windows\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\844C97FE649617D41843300487880C45] : Shared C Run-time for x64 [HKCR\Installer\Products\8489373E92353E84D882B5DBE6B83E48] : MediaEspresso -> C:\windows\Installer\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8703D2ADC85A8E54E80E818BEBB6437F] : Nero BackItUp -> c:\windows\Installer\{DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8B45D5D892D34BA4D88A8186AD9F148D] : OpenOffice 4.0.1 -> C:\Windows\Installer\{8D5D54B8-3D29-4AB4-8DA8-1868DAF941D8}\soffice.ico [HKCR\Installer\Products\8FC229B8C6A8EC148A851F57D5F7D592] : NVIDIA PhysX -> C:\Windows\Installer\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}\icon.ico [HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper [HKCR\Installer\Products\9733FBCDB6421E74183736B936498083] : Acer Docs Office AddIn [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A5002F70CAC8B4A4382AAD897A22AC16] : Recovery Management -> C:\Windows\Installer\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}\Bitmaps\eRecoveryicon.ico [HKCR\Installer\Products\D43EEBEB2A48DDE4B8AE69CC45732136] : Nero Core Components [HKCR\Installer\Products\DA88CD6AA105CB4488D47534F579E2C2] : Hotkey Utility [HKCR\Installer\Products\EC7B4227C691A2E41AEAD1B72F95DF63] : Intel(R) Update Manager -> C:\WINDOWS\Installer\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}\icon.ico [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\F7322F45C810B3848848F90C8D88043C] : VC_CRT_x64 [HKCR\Installer\Products\FA0364E07BA0E0449A87A187CFF4349B] : Nero Launcher -> c:\windows\Installer\{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}\ARPPRODUCTICON.exe ---------- | ADS ---------- | Drives Disk: 0 Size=954G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 EE-UNKNWN 21.0T No No 1 294,967,295 ---------- | MBR Windows Version: Windows Information: (build 9200), 64-bit Base Board Manufacturer: Acer BIOS Manufacturer: American Megatrends Inc. System Manufacturer: Acer System Product Name: Aspire TC-603 Logical Drives Mask: 0x0000001c Analysis of file "C:\QuickDiag\MBR.bin": Unknown MBR code 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Nom de l’application défaillante updater.exe, version : 2.0.3008.0, horodatage : 0x5126f5f8 Nom du module défaillant : KERNELBASE.dll, version : 6.3.9600.18340, horodatage : 0x57366075 Code d’exception : 0xe0434352 Décalage d’erreur : 0x0000000000008a5c ID du processus défaillant : 0x6b4 Heure de début de l’application défaillante : 0x01d2c0bfcb4d7321 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Acer\Live Updater\updater.exe Chemin d’accès du module défaillant: C:\WINDOWS\system32\KERNELBASE.dll ID de rapport : 4ea87aeb-2cb3-11e7-bed3-d43d7ed9341a Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Application : updater.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.Xml.XmlException Pile : à System.Xml.XmlTextReaderImpl.ThrowWithoutLineInfo(System.String) à System.Xml.XmlTextReaderImpl.ParseDocumentContent() à System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean) à System.Xml.XmlDocument.Load(System.Xml.XmlReader) à System.Xml.XmlDocument.Load(System.String) à updater.Report.AddFPToResult(updater.Result) à updater.UpgradeItem.DiagnosticDownloadEvent(NotifyMgrArgs) à updater.DownloadMgr.DownloadFile(System.String, System.String) à updater.DownloadMgr.Worker(System.Object) à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() à System.Threading.ThreadPoolWorkQueue.Dispatch() ------------ Échec de l’instanciation du dossier de stockage C:\Users\Odilia\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState pour le package microsoft.windowscommunicationsapps_8wekyb3d8bbwe avec le code d’erreur : -2147023741 ------------ Échec de l’instanciation du dossier de stockage C:\Users\Odilia\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState pour le package microsoft.windowscommunicationsapps_8wekyb3d8bbwe avec le code d’erreur : -2147023741 ------------ Échec de l’instanciation du dossier de stockage C:\Users\Odilia\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState pour le package microsoft.windowscommunicationsapps_8wekyb3d8bbwe avec le code d’erreur : -2147023741 ------------ Échec de l’instanciation du dossier de stockage C:\Users\Odilia\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState pour le package microsoft.windowscommunicationsapps_8wekyb3d8bbwe avec le code d’erreur : -2147023741 ------------ Échec de l’instanciation du dossier de stockage C:\Users\Odilia\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState pour le package microsoft.windowscommunicationsapps_8wekyb3d8bbwe avec le code d’erreur : -2147023741 ------------ Échec de l’instanciation du dossier de stockage C:\Users\Odilia\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState pour le package microsoft.windowscommunicationsapps_8wekyb3d8bbwe avec le code d’erreur : -2147023741 ------------ Échec de l’instanciation du dossier de stockage C:\Users\Odilia\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState pour le package microsoft.windowscommunicationsapps_8wekyb3d8bbwe avec le code d’erreur : -2147023741 ------------ Échec de l’instanciation du dossier de stockage C:\Users\Odilia\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState pour le package microsoft.windowscommunicationsapps_8wekyb3d8bbwe avec le code d’erreur : -2147023741 ------------ Échec de l’instanciation du dossier de stockage C:\Users\Odilia\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState pour le package microsoft.windowscommunicationsapps_8wekyb3d8bbwe avec le code d’erreur : -2147023741 ------------ Échec de l’instanciation du dossier de stockage C:\Users\Odilia\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState pour le package microsoft.windowscommunicationsapps_8wekyb3d8bbwe avec le code d’erreur : -2147023741 ------------ Échec de l’instanciation du dossier de stockage C:\Users\Odilia\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState pour le package microsoft.windowscommunicationsapps_8wekyb3d8bbwe avec le code d’erreur : -2147023741 ------------ Échec de l’instanciation du dossier de stockage C:\Users\Odilia\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState pour le package microsoft.windowscommunicationsapps_8wekyb3d8bbwe avec le code d’erreur : -2147023741 ------------ Échec de l’instanciation du dossier de stockage C:\Users\Odilia\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState pour le package microsoft.windowscommunicationsapps_8wekyb3d8bbwe avec le code d’erreur : -2147023741 ------------ Échec de l’instanciation du dossier de stockage C:\Users\Odilia\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState pour le package microsoft.windowscommunicationsapps_8wekyb3d8bbwe avec le code d’erreur : -2147023741 ------------ Nom de l’application défaillante updater.exe, version : 2.0.3008.0, horodatage : 0x5126f5f8 Nom du module défaillant : KERNELBASE.dll, version : 6.3.9600.18340, horodatage : 0x57366075 Code d’exception : 0xe0434352 Décalage d’erreur : 0x0000000000008a5c ID du processus défaillant : 0x36c Heure de début de l’application défaillante : 0x01d2c06e78c64ee1 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Acer\Live Updater\updater.exe Chemin d’accès du module défaillant: C:\WINDOWS\system32\KERNELBASE.dll ID de rapport : b9551810-2c61-11e7-bed3-d43d7ed9341a Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Application : updater.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.Xml.XmlException Pile : à System.Xml.XmlTextReaderImpl.ThrowWithoutLineInfo(System.String) à System.Xml.XmlTextReaderImpl.ParseDocumentContent() à System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean) à System.Xml.XmlDocument.Load(System.Xml.XmlReader) à System.Xml.XmlDocument.Load(System.String) à updater.Report.AddFPToResult(updater.Result) à updater.UpgradeItem.DiagnosticDownloadEvent(NotifyMgrArgs) à updater.DownloadMgr.DownloadFile(System.String, System.String) à updater.DownloadMgr.Worker(System.Object) à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() à System.Threading.ThreadPoolWorkQueue.Dispatch() ------------ Échec de l’instanciation du dossier de stockage C:\Users\Odilia\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState pour le package microsoft.windowscommunicationsapps_8wekyb3d8bbwe avec le code d’erreur : -2147023741 ------------ ----------( EOF)---------- - 3723 | 10:15:13