--------------- QuickDiag | g3n-h@ckm@n | V3_30.04.17.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 30/04/2017 23:04:12 Updated 30/04/2017 | 21.20 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [ldjaps (Administrator)] - [LDJAPS-PC] (S-1-5-21-2960159090-924148967-2076729095-1000) System: Microsoft Windows 7 Édition Familiale Premium - Service Pack 1 - (6.1.7601) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 7 Édition Familiale Premium |C:\Windows|\Device\Harddisk0\Partition2 Boot : Normal boot PC: System Product Name - System manufacturer - IdNumber: System Serial Number - UUID: 1E000E60-008C-E100-D1F3-BCAEC53A5EE0 Processor : X64 - 3411 Mhz - AMD Phenom(tm) II X4 965 Processor BIOS Date: 11/16/10 11:24:46 Ver: 08.00.15 - en|US|iso8859-1 - American Megatrends Inc. - S/N: System Serial Number - 1703 - ACRSYS - 20101116 CoreTemp : ? Celsius ----------| Quick ---------- | SoundDevice AMD High Definition Audio Device - Status: OK - Manufacturer: Advanced Micro Devices - PNPDeviceID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1002\5&17C48E1&0&0001 Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0892&SUBSYS_104383C0&REV_1003\4&1DDE902D&0&0001 ---------- | Video AMD Radeon HD 5800 Series - Resolution: 1680x1050 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: aticfx64.dll,aticfx64.dll,aticfx64.dll,aticfx32,aticfx32,aticfx32,atiumd64.dll,atidxx64.dll,atidxx64.dll,atiumdag,atidxx32,atidxx32,atiumdva,atiumd6a.cap,atitmm64.dll - PNPDeviceID: PCI\VEN_1002&DEV_6899&SUBSYS_E174174B&REV_00\4&19D28DA3&0&0018 - AdapterCompatibility: Advanced Micro Devices, Inc. - RAM: 1073741824 Inegrated Video Chipset DeviceName: AMD Radeon HD 5800 Series - DriverVersion: 8.14.01.6367 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16384 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 22016 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 29184 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 24064 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25600 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 81408 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK ---------- | CPU CPU #1 value:81 % CPU #2 value:18 % CPU #3 value:18 % CPU #4 value:18 % Total Overall CPU Usage value:34 % ---------- | Network Realtek PCIe GBE Family Controller : SENT:0 bytes/sec / RECVD:0 bytes/sec Realtek PCIe GBE Family Controller _2 : SENT:852,475 bytes/sec / RECVD:852,475 bytes/sec isatap.home : SENT:0 bytes/sec / RECVD:0 bytes/sec isatap.{A35DFCEE-A223-4D12-BF83-0D3478C8C5B9} : SENT:0 bytes/sec / RECVD:0 bytes/sec Teredo Tunneling Pseudo-Interface : SENT:0 bytes/sec / RECVD:0 bytes/sec Overall -> SEND Maxium:852,475 bytes/sec, / RECEIVE Maximum:852,475 bytes/sec WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : ROOT\MS_SSTPMINIPORT\0000 WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : ROOT\MS_AGILEVPNMINIPORT\0000 WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : ROOT\MS_L2TPMINIPORT\0000 WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : ROOT\MS_PPTPMINIPORT\0000 WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : ROOT\MS_PPPOEMINIPORT\0000 WAN Miniport (IPv6) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIPV6\0000 WAN Miniport (Network Monitor) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANBH\0000 Realtek PCIe GBE Family Controller - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8168&SUBSYS_34687470&REV_06\E0750000684CE00000 WAN Miniport (IP) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIP\0000 Carte Microsoft ISATAP - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0000 RAS Async Adapter - - - Status: - PnPID : Realtek PCIe GBE Family Controller #2 - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8168&SUBSYS_84321043&REV_06\01000000684CE00000 Carte Microsoft ISATAP #2 - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0001 Teredo Tunneling Pseudo-Interface - Tunnel - Microsoft - Status: - PnPID : ROOT\*TEREDO\0000 ---------- | Memory RAM = Total (MB) : 4192 | Free (MB) : 1172 Pagefile = Total (MB) : 8383 | Free (MB) : 5860 Virtual = Total (MB) : 4194 | Free (MB) : 4019 Physical Memory 0 : Capacity: 2147483648 - DIMM0 - Posit.: 0 - Manufacturer: Kingston - PartNumber: 9905403-169.A00LF - S/N: 86BA046D Physical Memory 1 : Capacity: 2147483648 - DIMM1 - Posit.: 0 - Manufacturer: Kingston - PartNumber: 9905403-169.A00LF - S/N: 86FA046B ---------- | SID Users Administrateur : [S-1-5-21-2960159090-924148967-2076729095-500] Invité : [S-1-5-21-2960159090-924148967-2076729095-501] ldjaps : [S-1-5-21-2960159090-924148967-2076729095-1000] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Utilisateurs : [S-1-5-32-545] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] AMD FUEL : [S-1-5-21-2960159090-924148967-2076729095-1001] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [] | Total : 299.38 Go | Free : 266.06 Go -> NTFS [ATA] D:\ -> [Fixed] | [Documents] | Total : 632.03 Go | Free : 194.43 Go -> NTFS [ATA] Disk Usage Information [5 total Physical Disks] Physical Drive #0 [C:, D:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [F:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #2 [G:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #3 [H:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #4 [I:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:0 bytes/sec, Write Maximum:0 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 3 Part. - PnPID : IDE\DISKST1000DM003-1CH162______________________CC46____\5&1F832EF9&0&0.0.0 DeviceID: \\.\PHYSICALDRIVE2 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC&PROD_USB_CF_READER&REV_1.01\058F312D81B&1 DeviceID: \\.\PHYSICALDRIVE4 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC&PROD_USB_MS_READER&REV_1.03\058F312D81B&3 DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC&PROD_USB_SD_READER&REV_1.00\058F312D81B&0 DeviceID: \\.\PHYSICALDRIVE3 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC&PROD_USB_SM_READER&REV_1.02\058F312D81B&2 ---------- | Windows updates Last detection : 2017-04-30 17:05:32 Downloaded last ones : 2017-04-30 21:01:47 Installed last ones : 2017-04-30 18:40:29 Next search : 2017-05-01 14:11:56 Test 1 : Windows Is Activated ---------- | Browsers IE : 8.0.7601.17514 (© Microsoft Corporation. Tous droits réservés.) Default : "C:\Users\ldjaps\AppData\Local\Google\Chrome\Application\chrome.exe" -- "" ---------- | FlashPlayer ---------- | Security AV : Malwarebytes Enabled AS : Windows Defender Enabled FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Auto(2)] = Running AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 288 | [Owner : Système | Parent : 4(System) | 0.42 Mo] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7601.18229) = C:\Windows\System32\smss.exe [30/04/2017 18:49:01] CPU Usage:0 % 416 | [Owner : Système | Parent : 408() | 2.29 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe [14/07/2009 01:19:49] CPU Usage:0 % 472 | [Owner : Système | Parent : 408() | 1.28 Mo] - (.Microsoft Corporation - Application de démarrage de Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe [14/07/2009 01:52:37] CPU Usage:0 % 508 | [Owner : Système | Parent : 488() | 14.53 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe [14/07/2009 01:19:49] CPU Usage:0 % 532 | [Owner : Système | Parent : 472(wininit.exe) | 5.09 Mo] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.1.7600.16385) = C:\Windows\System32\services.exe [14/07/2009 01:19:46] CPU Usage:0 % 548 | [Owner : Système | Parent : 472(wininit.exe) | 7.22 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.18717) = C:\Windows\System32\lsass.exe [30/04/2017 18:49:25] CPU Usage:0 % 556 | [Owner : Système | Parent : 472(wininit.exe) | 1.98 Mo] - (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe [21/11/2010 05:23:53] CPU Usage:0 % 676 | [Owner : Système | Parent : 488() | 2.12 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.1.7601.17514) = C:\Windows\System32\winlogon.exe [21/11/2010 05:24:29] CPU Usage:0 % 712 | [Owner : Système | Parent : 532(services.exe) | 4.78 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 796 | [Owner : SERVICE RÉSEAU | Parent : 532(services.exe) | 4.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 876 | [Owner : Système | Parent : 532(services.exe) | 1.02 Mo] - (.AMD - AMD External Events Service Module.) - (6.14.11.1168) = C:\Windows\System32\atiesrxx.exe [24/02/2014 05:04:34] CPU Usage:0 % 936 | [Owner : SERVICE LOCAL | Parent : 532(services.exe) | 18.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 972 | [Owner : Système | Parent : 532(services.exe) | 136.31 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1008 | [Owner : Système | Parent : 532(services.exe) | 104.18 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 332 | [Owner : SERVICE LOCAL | Parent : 936(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (6.1.7601.17514) = C:\Windows\System32\audiodg.exe [21/11/2010 05:24:32] CPU Usage:4 % 492 | [Owner : SERVICE LOCAL | Parent : 532(services.exe) | 6.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1044 | [Owner : Système | Parent : 876(atiesrxx.exe) | 2.26 Mo] - (.AMD - AMD External Events Client Module.) - (6.14.11.1168) = C:\Windows\System32\atieclxx.exe [24/02/2014 05:05:30] CPU Usage:0 % 1132 | [Owner : SERVICE RÉSEAU | Parent : 532(services.exe) | 11.58 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1276 | [Owner : Système | Parent : 532(services.exe) | 2.86 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17514) = C:\Windows\System32\spoolsv.exe [21/11/2010 05:24:27] CPU Usage:0 % 1312 | [Owner : SERVICE LOCAL | Parent : 532(services.exe) | 8.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1412 | [Owner : Système | Parent : 532(services.exe) | 2.77 Mo] - (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - (1.0.0.0) = C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [23/02/2014 22:41:38] CPU Usage:0 % 1456 | [Owner : Système | Parent : 532(services.exe) | 124.17 Mo] - (.Hi-Rez Studios - HiPatchService.) - (5.1.1.0) = C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [30/04/2017 20:26:26] CPU Usage:27 % 1660 | [Owner : ldjaps | Parent : 532(services.exe) | 5.98 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.17514) = C:\Windows\System32\taskhost.exe [21/11/2010 05:24:08] CPU Usage:0 % 1744 | [Owner : Système | Parent : 532(services.exe) | 1.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1864 | [Owner : ldjaps | Parent : 972(svchost.exe) | 2.12 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe [14/07/2009 01:37:38] CPU Usage:0 % 1888 | [Owner : ldjaps | Parent : 1704() | 51.17 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.17514) = C:\Windows\explorer.exe [21/11/2010 05:24:11] CPU Usage:0 % 1624 | [Owner : ldjaps | Parent : 1888(explorer.exe) | 5 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.482) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [01/01/2002 01:35:44] CPU Usage:0 % 1788 | [Owner : ldjaps | Parent : 1888(explorer.exe) | 4.74 Mo] - (.Malwarebytes - Malwarebytes Tray Application.) - (3.0.0.912) = C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [30/04/2017 19:22:24] CPU Usage:0 % 2228 | [Owner : Système | Parent : 532(services.exe) | 302.89 Mo] - (.Malwarebytes - Malwarebytes Service.) - (3.1.0.415) = C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [30/04/2017 19:22:26] CPU Usage:0 % 2348 | [Owner : ldjaps | Parent : 2168() | 6.2 Mo] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) - (4.5.0.0) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [07/05/2013 09:51:52] CPU Usage:0 % 2480 | [Owner : ldjaps | Parent : 2348(MOM.exe) | 29.51 Mo] - (.ATI Technologies Inc. - Catalyst Control Center: Host application.) - (4.5.0.0) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [08/10/2013 23:48:30] CPU Usage:0 % 2596 | [Owner : ldjaps | Parent : 1008(svchost.exe) | 2.24 Mo] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe [21/11/2010 05:24:27] CPU Usage:0 % 2680 | [Owner : ldjaps | Parent : 2596(taskeng.exe) | 0.53 Mo] - (.-.) - (0.0.0.0) = C:\Windows\DAODx.exe [30/03/2009 08:32:40] CPU Usage:0 % 1600 | [Owner : Système | Parent : 532(services.exe) | 17.09 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7600.16385) = C:\Windows\System32\SearchIndexer.exe [14/07/2009 02:32:27] CPU Usage:0 % 2716 | [Owner : SERVICE LOCAL | Parent : 972(svchost.exe) | 1.33 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (6.2.9200.16384) = C:\Windows\System32\WUDFHost.exe [30/04/2017 20:39:27] CPU Usage:0 % 2840 | [Owner : SERVICE RÉSEAU | Parent : 532(services.exe) | 3.62 Mo] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe [21/11/2010 05:25:05] CPU Usage:0 % 3400 | [Owner : SERVICE LOCAL | Parent : 532(services.exe) | 9.28 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 4064 | [Owner : ldjaps | Parent : 1008(svchost.exe) | 2.88 Mo] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe [21/11/2010 05:24:27] CPU Usage:0 % 4368 | [Owner : Système | Parent : 532(services.exe) | 4.5 Mo] - (.Microsoft Corporation - .NET Runtime Optimization Service.) - (4.0.30319.17929) = C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [09/07/2012 00:40:10] CPU Usage:0 % 2216 | [Owner : Système | Parent : 532(services.exe) | 5.28 Mo] - (.Microsoft Corporation - .NET Runtime Optimization Service.) - (4.0.30319.17929) = C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [08/07/2012 23:24:30] CPU Usage:0 % 2180 | [Owner : Système | Parent : 532(services.exe) | 28.67 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 3668 | [Owner : ldjaps | Parent : 1008(svchost.exe) | 6.25 Mo] - (.Microsoft Corporation - Windows Update.) - (7.6.7600.320) = C:\Windows\System32\wuauclt.exe [30/04/2017 19:22:08] CPU Usage:0 % 3924 | [Owner : ldjaps | Parent : 1888(explorer.exe) | 74.5 Mo] - (.HI-REZ STUDIOS, INC. - HI-REZ Launcher.) - (5.1.1.0) = C:\Program Files (x86)\Hi-Rez Studios\HirezLauncherUI.exe [30/04/2017 20:26:26] CPU Usage:0 % 4304 | [Owner : ldjaps | Parent : 1888(explorer.exe) | 60.26 Mo] - (.Thorvald Natvig - Mumble - Low-latency VoIP client.) - (1.2.19.0) = C:\Program Files (x86)\Mumble\mumble.exe [27/01/2017 15:32:34] CPU Usage:2 % 1196 | [Owner : ldjaps | Parent : 712(svchost.exe) | 5.88 Mo] - (.Microsoft Corporation - COM Surrogate.) - (6.1.7600.16385) = C:\Windows\SysWOW64\dllhost.exe [14/07/2009 01:43:52] CPU Usage:0 % 2816 | [Owner : ldjaps | Parent : 532(services.exe) | 8.52 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.17514) = C:\Windows\System32\taskhost.exe [21/11/2010 05:24:08] CPU Usage:0 % 1424 | [Owner : ldjaps | Parent : 1888(explorer.exe) | 106.8 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.81) = C:\Users\ldjaps\AppData\Local\Google\Chrome\Application\chrome.exe [30/04/2017 18:53:17] CPU Usage:0 % 216 | [Owner : ldjaps | Parent : 1424(chrome.exe) | 8.92 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.81) = C:\Users\ldjaps\AppData\Local\Google\Chrome\Application\chrome.exe [30/04/2017 18:53:17] CPU Usage:0 % 1492 | [Owner : ldjaps | Parent : 1424(chrome.exe) | 9.65 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.81) = C:\Users\ldjaps\AppData\Local\Google\Chrome\Application\chrome.exe [30/04/2017 18:53:17] CPU Usage:0 % 3552 | [Owner : ldjaps | Parent : 1424(chrome.exe) | 80.4 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.81) = C:\Users\ldjaps\AppData\Local\Google\Chrome\Application\chrome.exe [30/04/2017 18:53:17] CPU Usage:4 % 720 | [Owner : ldjaps | Parent : 1424(chrome.exe) | 300.05 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.81) = C:\Users\ldjaps\AppData\Local\Google\Chrome\Application\chrome.exe [30/04/2017 18:53:17] CPU Usage:10 % 1060 | [Owner : ldjaps | Parent : 1424(chrome.exe) | 157.03 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.81) = C:\Users\ldjaps\AppData\Local\Google\Chrome\Application\chrome.exe [30/04/2017 18:53:17] CPU Usage:0 % 924 | [Owner : ldjaps | Parent : 1888(explorer.exe) | 29.12 Mo] - (.SosVirus - QuickDiag.) - (30.4.17.1) = C:\Users\ldjaps\Downloads\QuickDiag.exe [30/04/2017 23:00:29] CPU Usage:0 % 3444 | [Owner : SERVICE RÉSEAU | Parent : 712(svchost.exe) | 9.34 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe [21/11/2010 05:24:15] CPU Usage:0 % 3164 | [Owner : Système | Parent : 712(svchost.exe) | 6.34 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe [21/11/2010 05:24:15] CPU Usage:0 % 2204 | [Owner : SERVICE RÉSEAU | Parent : 712(svchost.exe) | 7.04 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [21/11/2010 05:24:27] CPU Usage:0 % 4000 | [Owner : SERVICE RÉSEAU | Parent : 532(services.exe) | 8.36 Mo] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe [21/11/2010 05:23:56] CPU Usage:0 % ---------- | MD5 [MD5.AC4C51EB24AA95B77F705AB159189E24] - [21/11/2010 05:24:11] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [2805 Ko] - (6.1.7601.17514) : C:\Windows\Explorer.exe [MD5.5746BD7E255DD6A8AFA06F7C42C1BA41] - [21/11/2010 05:23:55] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [337 Ko] - (6.1.7601.17514) : C:\Windows\System32\cmd.exe [MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [14/07/2009 01:19:49] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [7.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\csrss.exe [MD5.A8EDB86FC2A4D6D1285E4C70384AC35A] - [14/07/2009 01:59:17] - (.© Microsoft Corporation. - COM Surrogate.) - [9.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\dllhost.exe [MD5.7A6326D96D53048FDEC542DF23D875A0] - [21/11/2010 05:24:07] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [1134 Ko] - (6.1.7601.17514) : C:\Windows\System32\Kernel32.dll [MD5.1E31700D9C9E0FB79999D02A8437482C] - [30/04/2017 18:49:25] - (.© Microsoft Corporation. - Local Security Authority Process.) - [30.5 Ko] - (6.1.7601.18717) : C:\Windows\System32\lsass.exe [MD5.5C627D1B1138676C0A7AB2C2C190D123] - [21/11/2010 05:24:01] - (.© Microsoft Corporation. - Distributed COM Services.) - [500 Ko] - (6.1.7601.17514) : C:\Windows\System32\rpcss.dll [MD5.DD81D91FF3B0763C392422865C9AC12E] - [14/07/2009 01:57:20] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [44.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\rundll32.exe [MD5.24ACB7E5BE595468E3B9AA488B9B4FCB] - [14/07/2009 01:19:46] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [321 Ko] - (6.1.7600.16385) : C:\Windows\System32\services.exe [MD5.C78655BC80301D76ED4FEF1C1EA40A7D] - [14/07/2009 01:31:13] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [26.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\svchost.exe [MD5.FE70103391A64039A921DBFFF9C7AB1B] - [21/11/2010 05:24:09] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [984.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\user32.dll [MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [21/11/2010 05:24:28] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [30 Ko] - (6.1.7601.17514) : C:\Windows\System32\userinit.exe [MD5.94355C28C1970635A31B3FE52EB7CEBA] - [14/07/2009 01:52:37] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [126 Ko] - (6.1.7600.16385) : C:\Windows\System32\Wininit.exe [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - [21/11/2010 05:24:29] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [381.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Winlogon.exe [MD5.D31DC7A16DEA4A9BAF179F3D6FBDB38C] - [21/11/2010 05:24:08] - (.© Microsoft Corporation. Tous droits réservés. - Ancillary Function Driver for WinSock.) - [488 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\afd.sys [MD5.02062C0B390B7729EDC9E69C680A6F3C] - [14/07/2009 01:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\atapi.sys [MD5.A34FE1E025E88798E746F484956C0720] - [21/11/2010 05:23:47] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [151.88 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\ataport.sys [MD5.B8BD2BB284668C84865658C77574381A] - [14/07/2009 01:19:47] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\cdfs.sys [MD5.F036CE71586E93D94DAB220D7BDF4416] - [21/11/2010 05:23:47] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\cdrom.sys [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - [21/11/2010 05:24:32] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [100 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\dfsc.sys [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - [21/11/2010 05:23:47] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [119.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\hdaudbus.sys [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - [14/07/2009 01:19:58] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [103 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\i8042prt.sys [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - [14/07/2009 02:10:03] - (.© Microsoft Corporation. - IP Network Address Translator.) - [113.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\ipnat.sys [MD5.FAF015B07E3A2874A790A39B7D2C579F] - [21/11/2010 05:24:03] - (.© Microsoft Corporation. - Windows NT SMB Minirdr.) - [154.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\mrxsmb.sys [MD5.79B47FD40D9A817E932F9D26FAC0A81C] - [21/11/2010 05:23:55] - (.© Microsoft Corporation. Tous droits réservés. - Pilote NDIS 6.20.) - [929.38 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\ndis.sys [MD5.09594D1089C523423B32A4229263F068] - [21/11/2010 05:23:51] - (.© Microsoft Corporation. - MBT Transport driver.) - [255.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\netbt.sys [MD5.05D78AA5CB5F3F5C31160BDB955D0B7C] - [21/11/2010 05:23:55] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [1620.88 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\ntfs.sys [MD5.0086431C29C35BE1DBC43F52CC273887] - [14/07/2009 02:00:41] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [95 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\parport.sys [MD5.471815800AE33E6F1C32FB1B97C490CA] - [21/11/2010 05:24:33] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [126.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\rasl2tp.sys [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - [14/07/2009 02:09:09] - (.© Microsoft Corporation. - SMB Transport driver.) - [91 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\smb.sys [MD5.509383E505C973ED7534A06B3D19688D] - [21/11/2010 05:24:08] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [1879.38 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\tcpip.sys [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - [21/11/2010 05:24:32] - (.© Microsoft Corporation. - TDI Translation Driver.) - [116.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\tdx.sys [MD5.0D08D2F3B3FF84E433346669B5E0F639] - [21/11/2010 05:23:47] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [288.88 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) ---------- | Svchost.exe component call (Microsoft Files Whitelisted) (.Realtek Semiconductor Corp..-.Realtek(r) LFX/GFX DSP component.) - (11.0.6000.132) -- C:\Windows\system32\RtkAPO64.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU Bios - (C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Java.exe [Startup]) - User: ldjaps-PC\ldjaps Mozilla Updates - (C:\Users\ldjaps\AppData\Roaming\Java.exe [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\SOFTWARE\...\Run]) - User: ldjaps-PC\ldjaps Google Update - (C:\Users\ldjaps\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\SOFTWARE\...\Run]) - User: ldjaps-PC\ldjaps RtHDVCpl - (C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [HKLM\SOFTWARE\...\Run]) - User: Public Malwarebytes TrayApp - (C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Mozilla Updates"=C:\Users\ldjaps\AppData\Roaming\Java.exe "Google Update"=C:\Users\ldjaps\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [30/04/2017 18:51:11] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=Microsoft XPS Document Writer,winspool,Ne00: "UserSelectedDefault"=0 [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s "Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [30/04/2017 19:22:24] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "IconServiceLib"=IconCodecService.dll "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "GDIProcessHandleQuota"=10000 "ShutdownWarningDialogTimeout"=4294967295 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 ""=mnmsrvc "DeviceNotSelectedTimeout"=15 "Spooler"=yes "TransmissionRetryTimeout"=90 "AppInit_DLLs"= "LoadAppInit_DLLs"=0 [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] "IconServiceLib"=IconCodecService.dll "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "GDIProcessHandleQuota"=10000 "ShutdownWarningDialogTimeout"=4294967295 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 ""=mnmsrvc "DeviceNotSelectedTimeout"=15 "Spooler"=yes "TransmissionRetryTimeout"=90 "AppInit_DLLs"= "LoadAppInit_DLLs"=0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List explorer GoogleUpdateTaskUserS-1-5-21-2960159090-924148967-2076729095-1000Core GoogleUpdateTaskUserS-1-5-21-2960159090-924148967-2076729095-1000UA ---------- | Startings up registry ¦ Folder ---------- | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "RCDependentServices"=CertPropSvc SessionEnv "NotificationTimeOut"=0 "SnapshotMonitors"=1 "ProductVersion"=5.1 "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "fDenyTSConnections"=1 "StartRCM"=0 "TSAdvertise"=0 "DeleteTempDirsOnExit"=1 "fSingleSessionPerUser"=1 "PerSessionTempDir"=0 "TSUserEnabled"=0 "InstanceID"=6522d217-da98-4b1a-9df8-daff3c5 [HKLM\System\CurrentControlSet\Control\Session Manager] "CriticalSectionTimeout"=2592000 "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "ProcessorControl"=2 "ResourceTimeoutCount"=648000 "BootExecute"=autocheck autochk * "ExcludeFromKnownDlls"= "ObjectDirectories"=\Windows \RPC Control "ProtectionMode"=1 "NumberOfInitialSessions"=2 "SetupExecute"= [HKLM\System\CurrentControlSet\Control] "PreshutdownOrder"=wuauserv gpsvc trustedinstaller "WaitToKillServiceTimeout"=200 "CurrentUser"=USERNAME "BootDriverFlags"=0 "ServiceControlManagerExtension"=%systemroot%\system32\scext.dll "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) [HKLM\System\CurrentControlSet\Control\lsa] "auditbaseobjects"=0 "auditbasedirectories"=0 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "Bounds"=0x0030000000200000 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=scecli "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u "Authentication Packages"=msv1_0 "LsaPid"=548 "SecureBoot"=1 "ProductType"=3 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 ---------- | .LNK with Arguments c:\$recycle.bin\s-1-5-21-2960159090-924148967-2076729095-1000\$rbyyl8l.lnk - Encrypted: False - Target: C:\Program Files (x86)\Internet Explorer\iexplore.exe - Args: (hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN) - Hidden: False - Status: OK ---------- | AppCertDlls ---------- | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Control Panel\Desktop] "ScreenSaveActive"=1 "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "PaintDesktopVersion"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "UserPreferencesMask"=0x9E3E078012000000 "Wallpaper"=C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg [30/04/2017 20:20:02] "Pattern Upgrade"=TRUE "WaitToKillAppTimeout"=200 [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=0 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=0 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003028000000000000000000000000000001000000120000000000000022000000 "CleanShutdown"=0 [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=0 "ShowCompColor"=1 "HideFileExt"=1 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "SuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=4 "TaskbarSizeMove"=0 "DisablePreviewDesktop"=0 "TaskbarSmallIcons"=1 "TaskbarGlomLevel"=0 [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery] "MRUListEx"=0x00000000FFFFFFFF "0"=0x5400680065006D0065005F004300680072006F006D0065000000 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=0 "NoActiveDesktopChanges"=0 "ForceActiveDesktopOn"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=0 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=0 "{871C5380-42A0-1069-A2EA-08002B30309D}"=0 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=0 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=0 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=3 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=0 "NoActiveDesktopChanges"=0 "ForceActiveDesktopOn"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=0 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=0 "{871C5380-42A0-1069-A2EA-08002B30309D}"=0 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=0 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=0 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=3 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s ---------- | Winlogon [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin "BuildNumber"=7601 "FirstLogon"=0 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Userinit"=C:\Windows\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "ShutdownWithoutLogon"=0 "WinStationsDisabled"=0 "DisableCAD"=1 "scremoveoption"=0 "ShutdownFlags"=2147483687 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "DefaultDomainName"= "DefaultUserName"= "Userinit"=C:\Windows\SYSWOW64\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] "PerceivedType"=text ""=htafile "Content Type"=application/hta [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" %* [HKLM\Software\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] "PerceivedType"=text ""=htafile "Content Type"=application/hta [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\WOW6432Node\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\Clients\StartMenuInternet\Google Chrome.5ODRLOC2EVB2CSBRQPL4K3WJT4\Shell\open\Command] ""="C:\Users\ldjaps\AppData\Local\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome.5ODRLOC2EVB2CSBRQPL4K3WJT4\InstallInfo] "ReinstallCommand"="C:\Users\ldjaps\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome.5ODRLOC2EVB2CSBRQPL4K3WJT4\Shell\open\Command] ""="C:\Users\ldjaps\AppData\Local\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome.5ODRLOC2EVB2CSBRQPL4K3WJT4\InstallInfo] "ReinstallCommand"="C:\Users\ldjaps\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "SIGN.MEDIA=51233C .\Bin\ASSETUP.exe"=1 "E:\Drivers\Audio\Driver\Setup.exe"=1 "E:\Drivers\LAN\Windows7\setup.exe"=1 "C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe"=33 "C:\Program Files (x86)\Realtek\NICDRV_8169\RTINSTALLER64.EXE"=1 "D:\WindowsSecurity\Logiciel\Pilote pc 2014\amd_catalyst_14.2_beta1.3.exe"=1 "C:\Users\ldjaps\Downloads\mb3-setup-consumer-3.0.6.1469-10103.exe"=1 "C:\Users\ldjaps\Downloads\mumble-1.2.19_plus_MumbleComSkin.exe"=1 "D:\WindowsSecurity\Jeux\InstallPaladins.exe"=1 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=128920218544262440 "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=0 "ProductStatus"=0 "InstallTime"=0x4E5782175292C101 [HKLM\Software\WOW6432Node\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] ---------- | Winsock (Whitelist) ---------- | Hosts ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [172.217.19.238] avec 32 octets de donn?es?: R?ponse de 172.217.19.238?: octets=32 temps=146 ms TTL=55 R?ponse de 172.217.19.238?: octets=32 temps=162 ms TTL=55 R?ponse de 172.217.19.238?: octets=32 temps=175 ms TTL=55 R?ponse de 172.217.19.238?: octets=32 temps=186 ms TTL=55 Statistiques Ping pour 172.217.19.238: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 146ms, Maximum = 186ms, Moyenne = 167ms ---------- | @ [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\Windows\system32\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "XMLHTTP"=1 "NoUpdateCheck"=1 "UseClearType"=no "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=https://www.google.fr/ "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5E0100001D000000D005000053030000 "Start Page Redirect Cache"=http://www.msn.com/fr-fr/?ocid=iehp "Start Page Redirect Cache_TIMESTAMP"=0x12EE9531D4C1D201 "Start Page Redirect Cache AcceptLangs"=fr "IE8RunOnceLastShown"=1 "IE8RunOnceLastShown_TIMESTAMP"=0xBA3B2335D4C1D201 "IE8TourShown"=1 "IE8TourShownTime"=0x0C5F0D39D4C1D201 "NotifyDownloadComplete"=yes "Check_Associations"=yes [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "WarnOnPost"=0x01000000 "UrlEncoding"=0 "SecureProtocols"=160 "PrivacyAdvanced"=0 "ZonesSecurityUpgrade"=0x1516B0135392C101 "DisableCachingOfSSLPages"=0 "WarnonZoneCrossing"=0 "CertificateRevocation"=1 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "GlobalUserOffline"=0 [HKLM\Software\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157 "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "Tabs"=res://ieframe.dll/tabswelcome.htm "OfflineInformation"=res://ieframe.dll/offcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157 "Local Page"=C:\Windows\SysWOW64\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "Tabs"=res://ieframe.dll/tabswelcome.htm "OfflineInformation"=res://ieframe.dll/offcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- %SystemRoot%\system32\EhStorShell.dll [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} -- %SystemRoot%\system32\ntshrui.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- %SystemRoot%\system32\EhStorShell.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} -- %SystemRoot%\system32\ntshrui.dll ---------- | Toolbar [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} "DownloadRetries"=0 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions ---------- | SearchScopes [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : ---------- | Browser Helper Objects ---------- | Chrome C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx ---------- | Opera ---------- | Firefox [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Users\ldjaps\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Users\ldjaps\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{1F259384-A3A3-4AE7-80C1-C54128A838D9}] "DhcpNameServer"=192.168.1.1 192.168.1.1 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{1F259384-A3A3-4AE7-80C1-C54128A838D9}] "DhcpNameServer"=192.168.1.1 192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{1F259384-A3A3-4AE7-80C1-C54128A838D9}] "DhcpNameServer"=192.168.1.1 192.168.1.1 ---------- | Applications [HKLM\SOFTWARE\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "regsvc"=RemoteRegistry "DcomLaunch"=Power PlugPlay DcomLaunch "secsvcs"=WinDefend "bthsvcs"=bthserv [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power PlugPlay DcomLaunch ---------- | SvcHost - Netsvcs (Whitelist) Term - : ---------- | Software [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\AMD] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\AppDataLow] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\ASUS] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\ATI] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Clients] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\g3n-h@ckm@n] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Google] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Malwarebytes] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Microsoft] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\MozillaPlugins] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Mumble] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Policies] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Raptr] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Realtek] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Sysinternals] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Trolltech] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\UsbFix] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Wow6432Node] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\ZebHelpProcess Helper] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\AMD] [HKLM\Software\ASUS] [HKLM\Software\ATI] [HKLM\Software\ATI Technologies] [HKLM\Software\CBSTEST] [HKLM\Software\Clients] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Microsoft] [HKLM\Software\ODBC] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RTLSetup] [HKLM\Software\Sonic] [HKLM\Software\SRS Labs] [HKLM\Software\sysinternals] [HKLM\Software\Waves Audio] [HKLM\Software\Wow6432Node] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\Software\WOW6432Node\AdwCleaner] [HKLM\Software\WOW6432Node\AMD] [HKLM\Software\WOW6432Node\ATI] [HKLM\Software\WOW6432Node\ATI Technologies] [HKLM\Software\WOW6432Node\g3n-h@ckm@n] [HKLM\Software\WOW6432Node\Hi-Rez Studios] [HKLM\Software\WOW6432Node\HiRez Studios] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\SOSVirus] [HKLM\Software\WOW6432Node\sysinternals] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ---------- | Drives D: [30/04/2017 10:08:05] - |A| - (.-.) - [8192] - (0.0.0.0) - D:\Dossier telechargement 2017.exe [30/04/2017 01:07:40] - |A| - (.-.) - [7680] - (0.0.0.0) - D:\Jeux.exe [30/04/2017 01:07:40] - |A| - (.-.) - [7680] - (0.0.0.0) - D:\Logiciel.exe [30/04/2017 01:07:40] - |A| - (.-.) - [7680] - (0.0.0.0) - D:\Logiciel_new.exe [30/04/2017 01:07:41] - |A| - (.-.) - [7680] - (0.0.0.0) - D:\Theme_Chrome.exe ---------- | C: [30/04/2017 19:30:12] - |SHD| - [10576] - C:\$RECYCLE.BIN [MD5.015080735D76947EDD7C4F08A56B68EA] - [30/04/2017 19:07:17] - |A| - (.-.) - [7680] - (0.0.0.0) - C:\$Recycle.Bin.exe [MD5.6271DB507DB7C903983944404DFF4DA7] - [30/04/2017 19:34:21] - |A| - (.-.) - [8192] - (0.0.0.0) - C:\5caceb95d783741ab3387eae31.exe [MD5.3D58576FE2ED88FDACDA13B1687520D6] - [30/04/2017 19:07:17] - |A| - (.-.) - [7680] - (0.0.0.0) - C:\AdwCleaner.exe [MD5.4688BFB6784DA991804BE701E2E91998] - [30/04/2017 19:40:01] - |A| - (.-.) - [7680] - (0.0.0.0) - C:\AMD.exe [30/04/2017 20:34:40] - |SHD| - [0] - C:\Config.Msi [MD5.6CA3781F41B5C219A214B2DCE865EE46] - [30/04/2017 19:14:49] - |A| - (.-.) - [7680] - (0.0.0.0) - C:\Config.Msi.exe [MD5.D41D8CD98F00B204E9800998ECF8427E] - [01/01/2002 01:19:25] - |ASH| - (.-.) - [3219791872] - (0.0.0.0) - C:\hiberfil.sys [MD5.D41D8CD98F00B204E9800998ECF8427E] - [01/01/2002 01:19:26] - |ASH| - (.-.) - [4293058560] - (0.0.0.0) - C:\pagefile.sys [30/04/2017 22:00:15] - |D| - [71151679] - C:\Pre_Scan [MD5.444227363EDD627154E2FACEC6CA1860] - [30/04/2017 22:12:26] - |RA| - (.-.) - [11357] - (0.0.0.0) - C:\Pre_Scan_30_04_2017_22_12_25.txt [14/07/2009 05:20:08] - |RD| - [584508080] - C:\Program Files [14/07/2009 05:20:08] - |RD| - [6191943675] - C:\Program Files (x86) [14/07/2009 05:20:08] - |HD| - [202273765] - C:\ProgramData [30/04/2017 23:03:49] - |D| - [262056] - C:\QuickDiag [MD5.815BDD15D74CB84E7F8746D76DCD62E1] - [30/04/2017 23:04:12] - |A| - (.-.) - [95750] - (0.0.0.0) - C:\QuickDiag.txt [01/01/2002 01:19:25] - |SHD| - [0] - C:\System Volume Information [30/04/2017 18:59:20] - |D| - [5855325] - C:\UsbFix [14/07/2009 05:20:08] - |RD| - [861237069] - C:\Users [14/07/2009 05:20:08] - |D| - [17469106169] - C:\Windows [01/05/2017 12:25:05] - |D| - [1358477896] - C:\WindowsSecurity ---------- | C:\Windows [14/07/2009 07:32:38] - |D| - [802] - C:\Windows\addins [14/07/2009 05:20:08] - |D| - [25344] - C:\Windows\AppCompat [14/07/2009 05:20:08] - |D| - [10972416] - C:\Windows\AppPatch [MD5.6E983B2628677AC6B4CDADB31A40B041] - [01/01/2002 01:34:02] - |A| - (.-.) - [33012] - (0.0.0.0) - C:\Windows\Ascd_tmp.ini [14/07/2009 05:20:08] - |RSD| - [631769695] - C:\Windows\assembly [MD5.9FCFE78AFBA95C1F3AD8E3F99C5C4636] - [01/01/2002 01:36:06] - |A| - (.Copyright (C) 2009 - AsTaskSchedule.) - [16896] - (0.1.0.4) - C:\Windows\AsTaskSched.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - [01/01/2002 00:00:38] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\ativpsrm.bin [MD5.317CD1CE327B6520BF4EE007BCD39E61] - [21/11/2010 05:24:22] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [71168] - (6.1.7601.17514) - C:\Windows\bfsvc.exe [14/07/2009 05:20:09] - |D| - [29001630] - C:\Windows\Boot [MD5.DE460995C880CFADE33112967B1EFBEF] - [14/07/2009 07:38:36] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [14/07/2009 05:20:09] - |D| - [3233280] - C:\Windows\Branding [14/07/2009 05:20:09] - |D| - [2113488] - C:\Windows\Cursors [MD5.6954474CE8D7C32918CF3448160F8DFC] - [30/03/2009 08:32:40] - |RA| - (.-.) - [32768] - (0.0.0.0) - C:\Windows\DAODx.exe [14/07/2009 06:45:54] - |D| - [360] - C:\Windows\debug [14/07/2009 07:32:38] - |D| - [3330461] - C:\Windows\diagnostics [14/07/2009 07:37:46] - |D| - [0] - C:\Windows\DigitalLocker [14/07/2009 07:32:38] - |D| - [65] - C:\Windows\Downloaded Program Files [MD5.3A51A33C10C4AA25B76BC3598B53EFAC] - [14/07/2009 06:46:06] - |A| - (.-.) - [2790] - (0.0.0.0) - C:\Windows\DtcInstall.log [21/11/2010 08:29:32] - |D| - [118084081] - C:\Windows\ehome [14/07/2009 07:37:46] - |D| - [0] - C:\Windows\en-US [MD5.AC4C51EB24AA95B77F705AB159189E24] - [21/11/2010 05:24:11] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [2872320] - (6.1.7601.17514) - C:\Windows\explorer.exe [14/07/2009 05:20:09] - |RSD| - [354823607] - C:\Windows\Fonts [21/11/2010 08:19:00] - |D| - [142336] - C:\Windows\fr-FR [MD5.92BB2E9AA28542C685C59EFCBAC2490B] - [14/07/2009 01:22:13] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de chiffrement de lecteur BitLocker.) - [15360] - (6.1.7600.16385) - C:\Windows\fveupdate.exe [14/07/2009 05:20:09] - |D| - [17807100] - C:\Windows\Globalization [14/07/2009 05:20:09] - |D| - [40554785] - C:\Windows\Help [MD5.CD47548A52B02D254BF6D7F7A5F2BFD3] - [14/07/2009 02:29:53] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [733696] - (6.1.7600.16385) - C:\Windows\HelpPane.exe [MD5.3D0B9EA79BF1F828324447D84AA9DCE2] - [14/07/2009 02:29:03] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [16896] - (6.1.7600.16385) - C:\Windows\hh.exe [MD5.1AEB4967A760D6EC21A3270F1B004AC1] - [21/11/2010 08:30:23] - |A| - (.-.) - [48265] - (0.0.0.0) - C:\Windows\HomePremium.xml [14/07/2009 05:20:09] - |D| - [143547244] - C:\Windows\IME [14/07/2009 05:20:10] - |D| - [132288629] - C:\Windows\inf [01/01/2002 01:47:34] - |SHD| - [331154649] - C:\Windows\Installer [14/07/2009 05:20:10] - |D| - [48371] - C:\Windows\L2Schemas [MD5.718FECF22BF4BD4FC05B79AA4BEC75D0] - [01/01/2002 01:34:08] - |A| - (.-.) - [1769] - (0.0.0.0) - C:\Windows\Language_trs.ini [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\LiveKernelReports [14/07/2009 05:20:10] - |D| - [88501632] - C:\Windows\Logs [14/07/2009 05:20:10] - |RSD| - [13327133] - C:\Windows\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [14/07/2009 02:10:29] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [14/07/2009 05:20:10] - |D| - [847275398] - C:\Windows\Microsoft.NET [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\ModemLogs [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 04:35:42] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\Windows\msdfmap.ini [MD5.F2C7BB8ACC97F92E987A2D4087D021B1] - [14/07/2009 01:56:36] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [193536] - (6.1.7600.16385) - C:\Windows\notepad.exe [14/07/2009 07:32:38] - |D| - [65] - C:\Windows\Offline Web Pages [01/01/2002 01:18:31] - |D| - [2245560] - C:\Windows\Panther [14/07/2009 07:32:38] - |D| - [61734430] - C:\Windows\Performance [MD5.7EDB1083FE518B849663B861214C3441] - [21/11/2010 05:47:07] - |A| - (.-.) - [5146] - (0.0.0.0) - C:\Windows\PFRO.log [14/07/2009 05:20:10] - |D| - [1132015] - C:\Windows\PLA [14/07/2009 05:20:10] - |D| - [3936408] - C:\Windows\PolicyDefinitions [01/01/2002 01:20:58] - |D| - [22928680] - C:\Windows\Prefetch [MD5.2E2C937846A0B8789E5E91739284D17A] - [14/07/2009 01:27:10] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [427008] - (6.1.7600.16385) - C:\Windows\regedit.exe [14/07/2009 05:20:10] - |D| - [22588] - C:\Windows\registration [14/07/2009 05:20:10] - |D| - [8008846] - C:\Windows\rescache [14/07/2009 05:20:10] - |D| - [1674534] - C:\Windows\Resources [MD5.279D87A3635616A9A09E97CF56D10F13] - [01/01/2002 01:35:38] - |RA| - (.Realtek Semiconductor Corp. Copyright (C) 2010 - RtlExUpd DLL for setup utility function.) - [1247776] - (1.0.2.0) - C:\Windows\RtlExUpd.dll [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\SchCache [14/07/2009 05:20:10] - |D| - [55533] - C:\Windows\schemas [14/07/2009 05:20:10] - |D| - [2211912] - C:\Windows\security [14/07/2009 06:45:47] - |D| - [17640810] - C:\Windows\ServiceProfiles [14/07/2009 05:20:10] - |D| - [60015151] - C:\Windows\servicing [14/07/2009 06:45:50] - |D| - [42] - C:\Windows\Setup [MD5.661363D0DB255724B59CB895FFAD31F8] - [14/07/2009 06:51:00] - |A| - (.-.) - [27855] - (0.0.0.0) - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/07/2009 06:51:00] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log [21/11/2010 08:29:32] - |D| - [4544] - C:\Windows\ShellNew [01/01/2002 01:23:04] - |D| - [3572543606] - C:\Windows\SoftwareDistribution [14/07/2009 05:20:10] - |D| - [70579144] - C:\Windows\Speech [MD5.D01628AF9F7FB3F415B357D446FBE6D9] - [21/11/2010 05:24:16] - |A| - (.© Microsoft Corporation. - Print driver host for 32bit applications.) - [67072] - (6.1.7601.17514) - C:\Windows\splwow64.exe [MD5.9060C3C745E7B2D8E1A81DD061021546] - [14/07/2009 07:28:38] - |A| - (.-.) - [48201] - (0.0.0.0) - C:\Windows\Starter.xml [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\system [MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 04:34:57] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [14/07/2009 05:20:10] - |D| - [2974573000] - C:\Windows\System32 [14/07/2009 05:20:14] - |D| - [1163381676] - C:\Windows\SysWOW64 [14/07/2009 05:20:14] - |D| - [15] - C:\Windows\TAPI [14/07/2009 05:20:14] - |D| - [3958] - C:\Windows\Tasks [14/07/2009 05:20:14] - |D| - [17139679] - C:\Windows\Temp [14/07/2009 05:20:14] - |D| - [0] - C:\Windows\tracing [MD5.D3E5C8E4E7EA14DDD8DA83D8F46D4DE1] - [01/01/2002 01:24:09] - |A| - (.-.) - [1355] - (0.0.0.0) - C:\Windows\TSSysprep.log [MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/06/2009 23:41:17] - |A| - (.- Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\Windows\twain.dll [14/07/2009 07:32:38] - |D| - [6144] - C:\Windows\twain_32 [MD5.163A95975E1D8819E653AA3E961371CA] - [21/11/2010 05:25:10] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\Windows\twain_32.dll [MD5.F36A271706EDD23C94956AFB56981184] - [14/07/2009 00:47:26] - |A| - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\Windows\twunk_16.exe [MD5.0BD6E68F3EA0DD62CD86283D86895381] - [14/07/2009 02:14:40] - |A| - (.- Twain.dll Client's 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\Windows\twunk_32.exe [14/07/2009 05:20:14] - |D| - [12420] - C:\Windows\Vss [14/07/2009 05:20:14] - |D| - [40681427] - C:\Windows\Web [MD5.162904DAA5412143F5403233E77F787E] - [14/07/2009 04:34:57] - |A| - (.-.) - [403] - (0.0.0.0) - C:\Windows\win.ini [MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [14/07/2009 06:54:24] - |RA| - (.-.) - [749] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.C0AC696090F9C665314F3957536732D5] - [01/01/2002 01:23:04] - |A| - (.-.) - [1333783] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.1D420D66250BCAAAED05724FB34008CF] - [14/07/2009 02:12:29] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [9728] - (6.1.7600.16385) - C:\Windows\winhlp32.exe [14/07/2009 05:20:14] - |D| - [6672983081] - C:\Windows\winsxs [MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [10/06/2009 22:52:44] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.F8ED3B4B209E2CB49028E36CF06CA851] - [14/07/2009 01:56:28] - |A| - (.© Microsoft Corporation. - Windows Write.) - [10240] - (6.1.7600.16385) - C:\Windows\write.exe ---------- | C:\Windows\System32\GroupPolicy ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [28/01/2017 01:32:16] - C:\Windows\Installer\5cba4e.msi : (Mumble 1.2.19 - Thorvald Natvig) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:33:38] - C:\Windows\Installer\d8fcb.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:40:38] - C:\Windows\Installer\d8fd2.msi : (AMD Catalyst Install Manager Installer (64 bit) - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:41:42] - C:\Windows\Installer\d8fd8.msi : (AMD Wireless Display v3.0 Installer - Advanced Micro Devices Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/10/2013 22:55:58] - C:\Windows\Installer\d915e.msi : (Branding - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:34:42] - C:\Windows\Installer\d9165.msi : (AMD Fuel - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:35:04] - C:\Windows\Installer\d916b.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:31:10] - C:\Windows\Installer\d9171.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:31:16] - C:\Windows\Installer\d9177.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:31:24] - C:\Windows\Installer\d917d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:31:30] - C:\Windows\Installer\d9183.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:31:36] - C:\Windows\Installer\d9189.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:31:42] - C:\Windows\Installer\d918f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:31:48] - C:\Windows\Installer\d9195.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:31:54] - C:\Windows\Installer\d919b.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:32:00] - C:\Windows\Installer\d91a1.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:32:06] - C:\Windows\Installer\d91a7.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:32:12] - C:\Windows\Installer\d91ad.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:32:18] - C:\Windows\Installer\d91b3.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:32:26] - C:\Windows\Installer\d91b9.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:32:32] - C:\Windows\Installer\d91bf.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:32:38] - C:\Windows\Installer\d91c5.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:32:44] - C:\Windows\Installer\d91cb.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:32:50] - C:\Windows\Installer\d91d1.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:32:56] - C:\Windows\Installer\d91d7.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:33:04] - C:\Windows\Installer\d91dd.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:33:10] - C:\Windows\Installer\d91e3.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:33:16] - C:\Windows\Installer\d91e9.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:33:22] - C:\Windows\Installer\d91ef.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:33:32] - C:\Windows\Installer\d91f5.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:33:52] - C:\Windows\Installer\d91fb.msi : (Catalyst Control Center Utility 64 - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:30:58] - C:\Windows\Installer\d9202.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:42:00] - C:\Windows\Installer\d9209.msi : (Drag & Drop Transcoding - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/02/2014 19:41:12] - C:\Windows\Installer\d920f.msi : (AMD Accelerated Video Transcoding INstallation package - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [14/07/2009 06:57:09] - [73] - C:\Windows\System32\desktop.ini [14/07/2009 01:01:52] - [71951] - C:\Windows\System32\ieuinit.inf [14/07/2009 07:13:15] - [1667292] - C:\Windows\System32\PerfStringBackup.INI [10/06/2009 23:01:25] - [60124] - C:\Windows\System32\tcpmon.ini [14/07/2009 00:38:23] - [71951] - C:\Windows\Syswow64\ieuinit.inf [14/07/2009 06:55:01] - [535] - C:\Windows\Syswow64\mapisvc.inf [30/04/2017 19:14:44] - [1629678] - C:\Windows\Syswow64\PerfStringBackup.INI ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.039ED7BC30ED2F669C6B6D5B819E6E10] - |A| - [21/11/2010 05:23:48] - (.-.) - [121.76 Ko] - (0.0.0.0) - C:\Windows\AppPatch\AppPatch64\sysmain.sdb [MD5.CB85C837466DC5AB8327BA7383BD5B52] - |A| - [30/04/2017 20:34:53] - (.-.) - [4.47 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00000.log [MD5.6E43925D887BD12482608CC6DF8A21E8] - |A| - [30/04/2017 20:35:00] - (.-.) - [2.9 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00001.log [MD5.00000000000000000000000000000000] - |SD| - [01/01/2002 00:03:07] - [16 Ko] - C:\Windows\Temp\Cookies [MD5.00000000000000000000000000000000] - |D| - [01/05/2017 12:22:44] - [0.04 Ko] - C:\Windows\Temp\Crashpad [MD5.40C86333FDB627F7CFE86C320C05FB48] - |A| - [30/04/2017 20:34:48] - (.-.) - [4.57 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20170430_183448_086.txt [MD5.A74EC96B53336F03779A3D223F3FF148] - |A| - [30/04/2017 20:34:50] - (.-.) - [2.63 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20170430_183450_925.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/01/2002 01:22:59] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\DMI92FB.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/01/2002 01:23:00] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\DMI980A.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [30/04/2017 20:39:26] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\DMIAA35.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/01/2002 01:23:15] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\DMID152.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/01/2002 01:23:16] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\DMID586.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/01/2002 01:23:17] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\DMID900.tmp [MD5.00000000000000000000000000000000] - |SD| - [01/01/2002 00:03:07] - [32.33 Ko] - C:\Windows\Temp\Fichiers Internet temporaires [MD5.229139C37D97DF0146B637E6990D9DF9] - |A| - [01/01/2002 01:37:01] - (.-.) - [0.14 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile00.sqm [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/01/2002 01:22:57] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\FXSAPIDebugLogFile.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/01/2002 01:22:57] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\FXSTIFFDebugLogFile.txt [MD5.AB68D8531441173F89DB328CD7460CBF] - |A| - [30/04/2017 20:26:53] - (.-.) - [15.66 Ko] - (0.0.0.0) - C:\Windows\Temp\f_bc [MD5.D2CA56A52C6434E9DB95023E414F999C] - |A| - [30/04/2017 20:29:13] - (.-.) - [1.6 Ko] - (0.0.0.0) - C:\Windows\Temp\HiRezUpdateInstallLog.txt [MD5.00000000000000000000000000000000] - |SD| - [01/01/2002 00:03:07] - [32.14 Ko] - C:\Windows\Temp\History [MD5.4146F1954A31C6898AAF06B7F3890469] - |A| - [30/04/2017 20:26:53] - (.-.) - [6.8 Ko] - (0.0.0.0) - C:\Windows\Temp\ibef [MD5.5991C0F6398EBDF99949FF0A538088C9] - |A| - [30/04/2017 20:27:20] - (.-.) - [0.21 Ko] - (0.0.0.0) - C:\Windows\Temp\ibefa [MD5.259B8A914909D17DAD04089F202E96CB] - |A| - [30/04/2017 20:40:00] - (.-.) - [2908.69 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2737083_20170430_203958199-Microsoft .NET Framework 4.5-MSP0.txt [MD5.C4D0088394FD0853123938637000CB82] - |A| - [30/04/2017 20:39:57] - (.-.) - [66.95 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2737083_20170430_203958199.html [MD5.B347C25EF4E11C190D2B26A0E5CA6143] - |A| - [30/04/2017 20:34:28] - (.-.) - [4549.57 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2805226_20170430_203412549-Microsoft .NET Framework 4.5-MSP0.txt [MD5.81EFB196E611A426A9CD6DE68D0A9AAA] - |A| - [30/04/2017 20:34:11] - (.-.) - [69.15 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2805226_20170430_203412549.html [MD5.B02C2DF889647FE3371822D7D569D4AA] - |A| - [30/04/2017 20:36:18] - (.-.) - [4294.78 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2898864_20170430_203615914-Microsoft .NET Framework 4.5-MSP0.txt [MD5.7EAD8BD4950913E3069DB130EFEBCC60] - |A| - [30/04/2017 20:36:15] - (.-.) - [77.63 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2898864_20170430_203615914.html [MD5.F827CF462F62848DF37C5E1E94A4DA74] - |A| - [01/05/2017 12:40:04] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\LoWrUUg.txt [MD5.15FB490713A766413B4E807A90DB8780] - |A| - [01/01/2002 01:47:24] - (.-.) - [13.29 Ko] - (0.0.0.0) - C:\Windows\Temp\MpCmdRun.log [MD5.B4DA401DAB4D334A96F06FD69C2D0B6D] - |A| - [30/04/2017 20:34:56] - (.-.) - [10.1 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI8AA5.tmp [MD5.6F430C55AEC23BC128397127F8E31B19] - |A| - [30/04/2017 20:34:56] - (.-.) - [8.7 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI8AA5.tmp-tmp [MD5.C404E4C50DF70E49A214B16984682BA5] - |A| - [01/05/2017 12:40:04] - (.-.) - [0.06 Ko] - (0.0.0.0) - C:\Windows\Temp\tgZblRv.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - |AT| - [30/04/2017 23:07:26] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP000003B65A5BE11B2E8EA025 [MD5.59071590099D21DD439896592338BF95] - |AT| - [30/04/2017 19:37:38] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP000004A5DE6AFF9F4563D92F [MD5.59071590099D21DD439896592338BF95] - |AT| - [30/04/2017 19:37:50] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP000004A6AD2C7DEC496FB3B0 [MD5.59071590099D21DD439896592338BF95] - |AT| - [01/05/2017 12:44:16] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP000006C5328F3720452BF016 [MD5.F3C56768005966FE187FBDEA4F203E3E] - |A| - [01/01/2002 01:24:33] - (.-.) - [320 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_19D.tmp [MD5.53D7ECA53FE7C614DC16B5A6113A0C68] - |A| - [01/01/2002 01:24:17] - (.-.) - [320 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_C439.tmp [MD5.80362AB5DF56A233E81F6AA691D21B6E] - |A| - [01/01/2002 01:24:19] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_C9E5.tmp [MD5.77992B25B796223E35B1670A05A93238] - |A| - [01/01/2002 01:24:21] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_D339.tmp [MD5.CDAD56E52014FECAD9ED34CCF65105D6] - |A| - [01/01/2002 01:24:22] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_D646.tmp [MD5.F563F53575B5F9D021D79984DD35E925] - |A| - [01/01/2002 01:24:23] - (.-.) - [768 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_D8A7.tmp [MD5.E4FC37E94500BD229576E80F9D146AEB] - |A| - [01/01/2002 01:24:28] - (.-.) - [256 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_EE4A.tmp [MD5.72464A6E7ACA23F496F0C2C74701C8A0] - |A| - [01/01/2002 01:24:29] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_F222.tmp [MD5.7049974DEAA0F0E8BC0B04C286378996] - |RA| - [02/04/2009 14:30:14] - (.-.) - [11.55 Ko] - (0.0.0.0) - C:\Windows\Temp\UDDD7E7.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:58] - [0 Ko] - C:\Windows\System32\040C [MD5.D41D8CD98F00B204E9800998ECF8427E] - |AH| - [14/07/2009 06:45:49] - (.-.) - [20.58 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [MD5.D41D8CD98F00B204E9800998ECF8427E] - |AH| - [14/07/2009 06:45:49] - (.-.) - [20.58 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [4986 Ko] - C:\Windows\System32\AdvancedInstallers [MD5.FFBEC241E367BEB6B72473D6E4D2CE96] - |A| - [24/02/2014 05:27:30] - (.Copyright (C) 2013 AMD Inc. - Mantle driver, support for SI family and above.) - [5266.5 Ko] - (9.1.10.9) - C:\Windows\System32\amdmantle64.dll [MD5.02815FDC938844863BE81D080961F38A] - |A| - [24/02/2014 04:50:56] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MMOCL Universal Driver.) - [43.5 Ko] - (1.5.0.0) - C:\Windows\System32\amdmmcl6.dll [MD5.81B646748775CA45EDA81F7E373BA049] - |A| - [24/02/2014 05:47:38] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 1.2 Runtime.) - [27758.5 Ko] - (10.0.1411.4) - C:\Windows\System32\amdocl64.dll [MD5.ECC9D68F5BEF5CD67BE2D2F758661980] - |A| - [24/02/2014 05:48:06] - (.-.) - [1159.51 Ko] - (0.0.0.0) - C:\Windows\System32\amdocl_as64.exe [MD5.DD3E0FE46F9AB3F9A339F4DD3B2B2E4C] - |A| - [24/02/2014 05:48:06] - (.-.) - [1037.01 Ko] - (0.0.0.0) - C:\Windows\System32\amdocl_ld64.exe [MD5.75A94AA3150274214202EAF8EEF4D2C3] - |A| - [24/02/2014 06:08:36] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [76.59 Ko] - (8.14.10.23) - C:\Windows\System32\amdpcom64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [201.5 Ko] - C:\Windows\System32\ar-SA [MD5.A0993CC16D198946D407EBF372B7AFD6] - |A| - [24/02/2014 04:28:50] - (.Copyright (C) 2008-2011 Advanced Micro Devices, Inc. - ADL.) - [1121.5 Ko] - (6.14.10.1300) - C:\Windows\System32\atiadlxx.dll [MD5.0DEC11ABA5C1950853BFC5A720BC8E1A] - |A| - [24/02/2014 05:27:30] - (.-.) - [562.25 Ko] - (0.0.0.0) - C:\Windows\System32\atiapfxx.blb [MD5.620DF38E04B526DBDD9D22056A2A7AA7] - |A| - [24/02/2014 05:27:02] - (.Copyright (C) 2009 Advanced Micro Devices, Inc. - atiapfxx Application.) - [360 Ko] - (6.14.10.1001) - C:\Windows\System32\atiapfxx.exe [MD5.749584902AE80A53EFDA4F8FA03E1713] - |A| - [10/04/2013 17:34:24] - (.Copyright (C) 2008 Advanced Micro Devices, Inc. - ATIBRTMON.) - [116 Ko] - (2.0.0.0) - C:\Windows\System32\atibtmon.exe [MD5.48820079C40319A8C07283706A148654] - |A| - [24/02/2014 05:26:42] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [54.5 Ko] - (6.14.10.1848) - C:\Windows\System32\aticalcl64.dll [MD5.5A02F654D767BE614FB861C977FA998F] - |A| - [24/02/2014 05:26:26] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [15348 Ko] - (6.14.10.1848) - C:\Windows\System32\aticaldd64.dll [MD5.7ED7062B58402C7BFACC8EB771741200] - |A| - [24/02/2014 05:26:52] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [61 Ko] - (6.14.10.1848) - C:\Windows\System32\aticalrt64.dll [MD5.95AD1CFBDD7EC4C8638146F9113CBF7B] - |A| - [24/02/2014 06:08:16] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx64.dll.) - [1297.2 Ko] - (8.17.10.1267) - C:\Windows\System32\aticfx64.dll [MD5.9101F84FFB310B61CD8F1F220FDE658B] - |A| - [24/02/2014 05:05:48] - (.2002-2012 - Graphics DEM.) - [432 Ko] - (4.5.5167.39774) - C:\Windows\System32\atidemgy.dll [MD5.0C9AD7ACCDD9A1080FDCDEC0302B8D94] - |A| - [24/02/2014 06:08:08] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx64.dll.) - [9931.54 Ko] - (8.17.10.539) - C:\Windows\System32\atidxx64.dll [MD5.38CFA329F643581742AAB54EA9C7BE0F] - |A| - [24/02/2014 05:05:30] - (.Copyright © 2008-2009 AMD - AMD External Events Client Module.) - [572.5 Ko] - (6.14.11.1168) - C:\Windows\System32\atieclxx.exe [MD5.F9B4B5E545E4B8B3EAFD6ADB6417B67D] - |A| - [24/02/2014 05:04:34] - (.Copyright © 2008-2009 AMD - AMD External Events Service Module.) - [234.5 Ko] - (6.14.11.1168) - C:\Windows\System32\atiesrxx.exe [MD5.C70053EDDC8843C789EE99E5D6A6BEB6] - |A| - [24/02/2014 04:28:20] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [73.5 Ko] - (8.14.1.6367) - C:\Windows\System32\atig6pxx.dll [MD5.0F44E502952350C107C5D9FDE255814B] - |A| - [24/02/2014 04:28:10] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [143 Ko] - (8.14.1.6367) - C:\Windows\System32\atig6txx.dll [MD5.C7B6B0BB4283FF8CB061EC267737BFE3] - |A| - [24/02/2014 04:28:16] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [68 Ko] - (8.14.1.6367) - C:\Windows\System32\atiglpxx.dll [MD5.BC93F76B6713F25DBCC46C46F47AD7F2] - |A| - [16/01/2014 10:34:52] - (.-.) - [706.88 Ko] - (0.0.0.0) - C:\Windows\System32\atiicdxx.dat [MD5.75A94AA3150274214202EAF8EEF4D2C3] - |A| - [24/02/2014 06:08:36] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [76.59 Ko] - (8.14.10.23) - C:\Windows\System32\atimpc64.dll [MD5.01406BFD2DF7E6EEE7E1006F942F0EC2] - |A| - [24/02/2014 05:05:38] - (.Copyright ? 2009 AMD - Multi-language DPPE DLL.) - [30.5 Ko] - (6.14.10.1002) - C:\Windows\System32\atimuixx.dll [MD5.AEE50F2F984342FE42858E1BB9831DAC] - |A| - [24/02/2014 05:28:08] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [26516 Ko] - (6.14.10.12795) - C:\Windows\System32\atio6axx.dll [MD5.A6BAAA6608A9B00220E9D5C023FC53D1] - |A| - [10/04/2013 17:34:24] - (.Copyright (C) 2008 - ATIODCLI Application.) - [50 Ko] - (1.0.0.1) - C:\Windows\System32\ATIODCLI.exe [MD5.463FFBD3350E3EB57F7D5746EBD233CA] - |A| - [10/04/2013 17:34:24] - (.Copyright (C) 2008 - ATIODE Application.) - [325 Ko] - (1.0.0.1) - C:\Windows\System32\ATIODE.exe [MD5.64A0869F18560CD529120ADE00155C3E] - |A| - [13/09/2011 00:06:16] - (.-.) - [3.83 Ko] - (0.0.0.0) - C:\Windows\System32\atipblag.dat [MD5.E6EDBCB225E57E06E674B3D3A91B5B84] - |A| - [24/02/2014 05:02:58] - (.Copy Right © 2012 Advanced Micro Devices, Inc - TMM Clone Control Module.) - [186.5 Ko] - (6.14.11.25) - C:\Windows\System32\atitmm64.dll [MD5.8376CED45B9903D001AEBB5466480CE5] - |A| - [24/02/2014 06:08:22] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [113.3 Ko] - (8.14.1.6367) - C:\Windows\System32\atiu9p64.dll [MD5.1119A0308DD2B358968FC7064FE3A25B] - |A| - [24/02/2014 06:07:38] - (.Copyright (C) 1998-2011 AMD Inc. - atiumd64.dll.) - [7707.03 Ko] - (9.14.10.1017) - C:\Windows\System32\atiumd64.dll [MD5.CB690702C3A1DE2E894014E0D0B98C2B] - |A| - [24/02/2014 04:46:32] - (.-.) - [3353.8 Ko] - (0.0.0.0) - C:\Windows\System32\atiumd6a.cap [MD5.7BE2C1D0267EBC98AA26C26E44241AD0] - |A| - [24/02/2014 06:07:42] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [10644.16 Ko] - (8.14.10.441) - C:\Windows\System32\atiumd6a.dll [MD5.6B637884124AF0B3FA743681F950CEED] - |A| - [24/02/2014 06:08:24] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [139.95 Ko] - (8.14.1.6367) - C:\Windows\System32\atiuxp64.dll [MD5.2902ACAB52F6143FAA4631240734141E] - |A| - [30/11/2013 00:23:06] - (.-.) - [80.19 Ko] - (0.0.0.0) - C:\Windows\System32\ativce02.dat [MD5.AD40CFE4C32DE68D9A1CC76D07CEA31A] - |A| - [11/01/2014 01:50:32] - (.-.) - [229.18 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_cik.dat [MD5.0B351A09818DBCCBC40F0FA985064383] - |A| - [16/10/2013 19:51:38] - (.-.) - [227.05 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_cik_nd.dat [MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [24/02/2014 04:43:40] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\Windows\System32\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [24/02/2014 04:43:40] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\Windows\System32\ativvsvl.dat [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [173 Ko] - C:\Windows\System32\bg-BG [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [2409 Ko] - C:\Windows\System32\Boot [MD5.F02F93D5AEC524052E4A37C1BB7CCF31] - |A| - [14/07/2009 03:20:24] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother Multi Function CoInstaller.) - [19 Ko] - (1.0.0.20) - C:\Windows\System32\brcoinst.dll [MD5.7D00FF6A4315FDF4ACAFBB4EF157EA9F] - |A| - [14/07/2009 02:07:04] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [91.5 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll [MD5.6794D9D442E31DC5E95BDF65F37E4386] - |A| - [14/07/2009 01:56:54] - (.Copyright (C) 2006 - CardGames Resources.) - [6068.5 Ko] - (1.0.0.1) - C:\Windows\System32\CardGames.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [40739.43 Ko] - C:\Windows\System32\catroot [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [28189.45 Ko] - C:\Windows\System32\catroot2 [MD5.889D8C36DF01BB35DA8E7E77366C884F] - |A| - [24/02/2014 05:48:18] - (.-.) - [225.5 Ko] - (0.0.0.0) - C:\Windows\System32\clinfo.exe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [5955.9 Ko] - C:\Windows\System32\CodeIntegrity [MD5.8AA0824A8A69B0586827C706AC5004C8] - |A| - [24/02/2014 04:40:30] - (.AMD. - CoInstaller DLL.) - [788 Ko] - (1.0.5.9) - C:\Windows\System32\coinst_13.350.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [357 Ko] - C:\Windows\System32\com [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [145765.52 Ko] - C:\Windows\System32\config [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [219.5 Ko] - C:\Windows\System32\cs-CZ [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [216.5 Ko] - C:\Windows\System32\da-DK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [240.5 Ko] - C:\Windows\System32\de-DE [MD5.7DCC48F2FEC4C1ED81E9232C462A9B21] - |A| - [19/12/2013 18:44:00] - (.Advanced Micro Devices. - TODO: .) - [107.5 Ko] - (1.0.0.1) - C:\Windows\System32\DelayAPO.dll [MD5.079B8AEB4A55BF8493BD1EC70285D920] - |ASH| - [14/07/2009 06:57:09] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\Windows\System32\desktop.ini [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [4440 Ko] - C:\Windows\System32\Dism [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [59602.12 Ko] - C:\Windows\System32\drivers [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [1092972.35 Ko] - C:\Windows\System32\DriverStore [MD5.DE6E5B926B9610EF56BDE4D0C786D5BD] - |A| - [01/01/2002 01:35:41] - (.(c) DTS. - DTS Bass Enhancement COM DLL.) - [492.77 Ko] - (1.0.0.1) - C:\Windows\System32\DTSBassEnhancementDLL64.dll [MD5.D18563EACBA8F6A2A72D2F0E5FB2BA85] - |A| - [01/01/2002 01:35:41] - (.(c) DTS. - DTS Boost COM DLL.) - [1084.77 Ko] - (1.0.0.1) - C:\Windows\System32\DTSBoostDLL64.dll [MD5.B507F4F5B3511AF5CC3C5B25F350553C] - |A| - [01/01/2002 01:35:41] - (.(c) DTS. - DTS Gain Compensator COM DLL.) - [259.27 Ko] - (1.0.0.1) - C:\Windows\System32\DTSGainCompensatorDLL64.dll [MD5.8166DC224B2A94F6AFDF679830EBA6E1] - |A| - [01/01/2002 01:35:41] - (.(c) DTS. - DTS GFX APO.) - [120.27 Ko] - (1.0.0.1) - C:\Windows\System32\DTSGFXAPO64.dll [MD5.AF4C3EF86948E6C29AC0AAC90A35961B] - |A| - [01/01/2002 01:35:42] - (.(c) DTS. - DTS LFX APO.) - [120.77 Ko] - (1.0.0.1) - C:\Windows\System32\DTSLFXAPO64.dll [MD5.2BBA69E37995CD5F7B55EAB7E2C0585F] - |A| - [01/01/2002 01:35:42] - (.(c) DTS. - DTS Limiter COM DLL.) - [262.27 Ko] - (1.0.0.1) - C:\Windows\System32\DTSLimiterDLL64.dll [MD5.7C13EC4E581AF7AA8807DE3B6E131440] - |A| - [01/01/2002 01:35:42] - (.(c) DTS. - DTS NEO:PC COM DLL.) - [307.77 Ko] - (1.0.0.1) - C:\Windows\System32\DTSNeoPCDLL64.dll [MD5.1DA288F5CE50BAF239B3DB2FFE406403] - |A| - [01/01/2002 01:35:42] - (.(c) DTS. - DTS Surround Sensation Headphone COM DLL.) - [1150.77 Ko] - (1.0.0.1) - C:\Windows\System32\DTSS2HeadphoneDLL64.dll [MD5.02D7167E5E263D2F3BA549D257911450] - |A| - [01/01/2002 01:35:42] - (.(c) DTS. - DTS Surround Sensation Speaker COM DLL.) - [1294.27 Ko] - (1.0.0.1) - C:\Windows\System32\DTSS2SpeakerDLL64.dll [MD5.789C3C3FDCA799F905861961F39BE174] - |A| - [01/01/2002 01:35:42] - (.(c) DTS. - DTS Voice Clarity COM DLL.) - [463.77 Ko] - (1.0.0.1) - C:\Windows\System32\DTSVoiceClarityDLL64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [240.5 Ko] - C:\Windows\System32\el-GR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [227.43 Ko] - C:\Windows\System32\en-US [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [230.5 Ko] - C:\Windows\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [160.5 Ko] - C:\Windows\System32\et-EE [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [218 Ko] - C:\Windows\System32\fi-FI [MD5.7E95190918DB4DADF7E29CD652EE8E7B] - |A| - [14/07/2009 06:45:34] - (.-.) - [268.03 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:58] - [1840 Ko] - C:\Windows\System32\fr [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [40368.25 Ko] - C:\Windows\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\System32\FxsTmp [MD5.2AE808CB0D9A667B0CF41EA74B3B9BAC] - |A| - [10/06/2009 22:36:24] - (.-.) - [39.6 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\Windows\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [191.5 Ko] - C:\Windows\System32\he-IL [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [168 Ko] - C:\Windows\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [221 Ko] - C:\Windows\System32\hu-HU [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [5.36 Ko] - C:\Windows\System32\ias [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [36.27 Ko] - C:\Windows\System32\icsxml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [36874.94 Ko] - C:\Windows\System32\IME [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\Windows\System32\inetsrv [MD5.AAA0C03BF54FC8A4E895B576861A9848] - |A| - [21/11/2010 05:07:41] - (.-.) - [29.12 Ko] - (0.0.0.0) - C:\Windows\System32\InstallPackage_ETW.Log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [235 Ko] - C:\Windows\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [163 Ko] - C:\Windows\System32\ja-JP [MD5.2AE82F747509725E30578DC025A91493] - |A| - [23/02/2014 22:58:32] - (.-.) - [50 Ko] - (0.0.0.0) - C:\Windows\System32\kdbsdk64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [162 Ko] - C:\Windows\System32\ko-KR [MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [14/07/2009 04:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\System32\korwbrkr.lex [MD5.E89C001FB4D9E08CC7072CE774CDB999] - |A| - [21/11/2010 04:52:07] - (.-.) - [0.01 Ko] - (0.0.0.0) - C:\Windows\System32\LocalGroupAdminAdd.log [MD5.563C3703A9B57CC9B370A76D6173D09C] - |A| - [21/11/2010 04:52:08] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\System32\Local_LLU.log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [2443.11 Ko] - C:\Windows\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [165 Ko] - C:\Windows\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [166 Ko] - C:\Windows\System32\lv-LV [MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [13/07/2009 22:17:48] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\Windows\System32\manage-bde.wsf [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [1981.88 Ko] - C:\Windows\System32\manifeststore [MD5.D97392336540B4AD226693199A00BCEE] - |A| - [24/02/2014 05:28:10] - (.Copyright (C) 2013 AMD Inc. - Mantle loader.) - [123.5 Ko] - (9.1.10.9) - C:\Windows\System32\mantle64.dll [MD5.456BC7B60ED22E8BFBCC338DB4F3CA3A] - |A| - [24/02/2014 05:00:54] - (.Copyright (C) 2013 AMD Inc. - Mantle extension library.) - [80 Ko] - (9.1.10.9) - C:\Windows\System32\mantleaxl64.dll [MD5.974D8D8A0823CDFDE5D6C70B6C092939] - |A| - [01/01/2002 01:35:43] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [318.27 Ko] - (2.2.6.0) - C:\Windows\System32\MaxxAudioAPO20.dll [MD5.87B5AB256A5A068EDDA0F4B4FAC728CC] - |A| - [01/01/2002 01:35:43] - (.Copyright © 1996-2007 -.) - [2145.77 Ko] - (5.9.7.0) - C:\Windows\System32\MaxxAudioEQ.dll [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 06:45:42] - [2.33 Ko] - C:\Windows\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [3516.93 Ko] - C:\Windows\System32\migration [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [37792.2 Ko] - C:\Windows\System32\migwiz [MD5.39E801545FFF6230C80140E0F8A06629] - |A| - [14/07/2009 06:57:09] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\Windows\System32\migwiz.lnk [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [4148.28 Ko] - C:\Windows\System32\Msdtc [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [23.66 Ko] - C:\Windows\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [212 Ko] - C:\Windows\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\Windows\System32\NDF [MD5.CD48AD912839B9FB6CCA5D4AA9B37500] - |A| - [14/07/2009 00:01:19] - (.-.) - [21.3 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [68 Ko] - C:\Windows\System32\NetworkList [MD5.8E24A7BCAEF2045DA1FF29217622843E] - |A| - [21/11/2010 04:52:07] - (.-.) - [0.04 Ko] - (0.0.0.0) - C:\Windows\System32\Network_LLU.log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [229 Ko] - C:\Windows\System32\nl-NL [MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [14/07/2009 04:35:51] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\System32\noise.kor [MD5.2901049544FDF863362FABA2363EB647] - |A| - [13/07/2009 22:24:21] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\Windows\System32\onlinesetup.cmd [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [13095.58 Ko] - C:\Windows\System32\oobe [MD5.6D6F5A40C92D05196C7BC5754C1E1880] - |A| - [24/02/2014 05:48:02] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenVideo 1.1 Runtime.) - [96.5 Ko] - (10.0.1411.4) - C:\Windows\System32\OpenVideo64.dll [MD5.94F745EC2D36C8BB0C14CC1B0071AA5B] - |A| - [24/02/2014 05:47:50] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OVDecode 1.1 Runtime.) - [84.5 Ko] - (10.0.1411.4) - C:\Windows\System32\OVDecode64.dll [MD5.1D0DC39F7227DD51875B55984FFB9B5D] - |A| - [14/07/2009 04:36:59] - (.-.) - [118.55 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat [MD5.8C2BA0419F046530210046E7FA085FA2] - |A| - [21/11/2010 08:19:09] - (.-.) - [145.94 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00C.dat [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 22:33:35] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\System32\PerfCenterCpl.ico [MD5.7AAA3E23CE4C7845B112F7A79B110E60] - |A| - [14/07/2009 04:36:59] - (.-.) - [30.81 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat [MD5.07BA000B2E67565BDF112C35171865A5] - |A| - [21/11/2010 08:19:09] - (.-.) - [37.27 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00C.dat [MD5.6E11C0DD1FE680B93709388ECFB5D5C1] - |A| - [14/07/2009 04:36:59] - (.-.) - [638.21 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat [MD5.B7E899FA17EC42574A988E1BC5DE85B1] - |A| - [21/11/2010 08:19:09] - (.-.) - [729.41 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00C.dat [MD5.79FEB223C0F8E451B6B99D7253FB6E67] - |A| - [14/07/2009 07:13:15] - (.-.) - [1628.21 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [224 Ko] - C:\Windows\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:58] - [420.42 Ko] - C:\Windows\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [222.5 Ko] - C:\Windows\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [224 Ko] - C:\Windows\System32\pt-PT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [23.75 Ko] - C:\Windows\System32\ras [MD5.5245E1443EE4DC110DF9217E1D0AEB0A] - |A| - [01/01/2002 01:35:45] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [300.7 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DAA64.dll [MD5.95A95297D5689F61F1FBC6A328075356] - |A| - [01/01/2002 01:35:45] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [300.7 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DHT64.dll [MD5.483849E481652C22BAFC8052414B3099] - |A| - [01/01/2002 01:35:45] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [197.2 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEED64A.dll [MD5.CDB380C1138EDCDC5BE166DE887D581C] - |A| - [01/01/2002 01:35:45] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [74.7 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEG64A.dll [MD5.CB3CF9915ED7888FDBAF3694775DCCC7] - |A| - [01/01/2002 01:35:45] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [96.7 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEL64A.dll [MD5.6B0EBD56951F62D4E86B7CBE8613B05A] - |A| - [01/01/2002 01:35:45] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [364.2 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEP64A.dll [MD5.92C704590FCEDDA971B7A77945DCCDA4] - |A| - [01/01/2002 01:36:47] - (.- About Page.) - [72.53 Ko] - (1.2.0.3) - C:\Windows\System32\RtNicProp64.dll [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [21/11/2010 05:24:25] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml [MD5.C74D61FCA22F36791105D7878AF73572] - |A| - [10/06/2009 23:08:17] - (.-.) - [8.09 Ko] - (0.0.0.0) - C:\Windows\System32\spcinstrumentation.man [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [17378 Ko] - C:\Windows\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [26288.83 Ko] - C:\Windows\System32\spool [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [1956.87 Ko] - C:\Windows\System32\spp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [30.19 Ko] - C:\Windows\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [170 Ko] - C:\Windows\System32\sr-Latn-CS [MD5.A88BE9A6C4E646A2B2A1BD3A7F4B58E7] - |A| - [01/01/2002 01:35:47] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [194.23 Ko] - (1.1.0.0) - C:\Windows\System32\SRSHP64.dll [MD5.A028717B791416182959B325D5B40679] - |A| - [01/01/2002 01:35:47] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [206.23 Ko] - (1.1.4.0) - C:\Windows\System32\SRSTSH64.dll [MD5.018D3D2478754AA411DE6DA6DE5F8F21] - |A| - [01/01/2002 01:35:47] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [506.73 Ko] - (3.2.0.0) - C:\Windows\System32\SRSTSX64.dll [MD5.2FCADCC14F8E540F6ADE4BF92BD8AEDD] - |A| - [01/01/2002 01:35:47] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [152.23 Ko] - (1.1.3.0) - C:\Windows\System32\SRSWOW64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [216.5 Ko] - C:\Windows\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [137.88 Ko] - C:\Windows\System32\sysprep [MD5.5EC92F0EAE3CA59F647C3CA5AA7CB053] - |A| - [21/11/2010 05:24:36] - (.-.) - [339.75 Ko] - (0.0.0.0) - C:\Windows\System32\systemsf.ebd [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [254.97 Ko] - C:\Windows\System32\Tasks [MD5.47F22CAD4A16BB40153555D631546B94] - |A| - [10/06/2009 23:01:25] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [157 Ko] - C:\Windows\System32\th-TH [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [212.5 Ko] - C:\Windows\System32\tr-TR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [166.5 Ko] - C:\Windows\System32\uk-UA [MD5.05F9840831C29F5BE93AD8BE810D5614] - |A| - [14/07/2009 06:45:37] - (.-.) - [18 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup.etl [MD5.F736AA948D0C3CBCE212B7B2CB0EF115] - |A| - [14/07/2009 06:45:37] - (.-.) - [45 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup000.etl [MD5.80007E259BCB3C0534AF73E9E1DB81EC] - |A| - [01/01/2002 01:35:48] - (.Copyright © 1996-2007 - General Library for Plug-Ins.) - [2655.77 Ko] - (1.2.3.4) - C:\Windows\System32\WavesGUILib.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [52161.88 Ko] - C:\Windows\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:58] - [47.61 Ko] - C:\Windows\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [17420.87 Ko] - C:\Windows\System32\wdi [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [13/07/2009 23:54:15] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [16 Ko] - C:\Windows\System32\wfp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [73.5 Ko] - C:\Windows\System32\WinBioPlugIns [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [9124.89 Ko] - C:\Windows\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [17560 Ko] - C:\Windows\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:59] - [106.26 Ko] - C:\Windows\System32\winrm [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [141.5 Ko] - C:\Windows\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [63 Ko] - C:\Windows\System32\zh-HK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [141.5 Ko] - C:\Windows\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:59] - [0 Ko] - C:\Windows\SysWOW64\040C [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [2258.5 Ko] - C:\Windows\SysWOW64\AdvancedInstallers [MD5.7E0E1D73AC6005ED56F1354AB141DC45] - |A| - [24/02/2014 05:13:16] - (.Copyright (C) 2013 AMD Inc. - Mantle driver, support for SI family and above.) - [4218 Ko] - (9.1.10.9) - C:\Windows\SysWOW64\amdmantle32.dll [MD5.114182986EA30F586B06B9930C996252] - |A| - [24/02/2014 04:50:50] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MMOCL Universal Driver.) - [35 Ko] - (1.5.0.0) - C:\Windows\SysWOW64\amdmmcl.dll [MD5.C7C6899A54EE473D661D4E8BFF89F21F] - |A| - [24/02/2014 05:45:10] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 1.2 Runtime.) - [23343 Ko] - (10.0.1411.4) - C:\Windows\SysWOW64\amdocl.dll [MD5.56B986D13C74903FE27B71BA85C76037] - |A| - [24/02/2014 05:48:04] - (.-.) - [972.01 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\amdocl_as32.exe [MD5.28F4F5BAC73505F71B8AEC95B7FBE1DD] - |A| - [24/02/2014 05:48:04] - (.-.) - [780.01 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\amdocl_ld32.exe [MD5.E23E252594AEF2F6603B0DC6D7076A8E] - |A| - [24/02/2014 06:08:36] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [70.02 Ko] - (8.14.10.23) - C:\Windows\SysWOW64\amdpcom32.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [201.5 Ko] - C:\Windows\SysWOW64\ar-SA [MD5.B63E1B440B77A29F5F662D38A22BD625] - |A| - [24/02/2014 04:28:38] - (.Copyright (C) 2008-2011 Advanced Micro Devices, Inc. - ADL.) - [809 Ko] - (6.14.10.1300) - C:\Windows\SysWOW64\atiadlxy.dll [MD5.0DEC11ABA5C1950853BFC5A720BC8E1A] - |A| - [24/02/2014 05:27:30] - (.-.) - [562.25 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atiapfxx.blb [MD5.C7621C96369C6F6E10DF086A9FD1E408] - |A| - [24/02/2014 05:26:40] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [48 Ko] - (6.14.10.1848) - C:\Windows\SysWOW64\aticalcl.dll [MD5.7B24D0B4409BD5F3EA100F94AF72E1CA] - |A| - [24/02/2014 05:22:52] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [13967 Ko] - (6.14.10.1848) - C:\Windows\SysWOW64\aticaldd.dll [MD5.5E488DB72CCD9F62A52970BFFF711D60] - |A| - [24/02/2014 05:26:50] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [51 Ko] - (6.14.10.1848) - C:\Windows\SysWOW64\aticalrt.dll [MD5.8AE64A053DCDCD8B8626EF565747F593] - |A| - [24/02/2014 06:08:14] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx32.dll.) - [1080.43 Ko] - (8.17.10.1267) - C:\Windows\SysWOW64\aticfx32.dll [MD5.A2A6EC1977996FFDEC4BEA4EF75B0F68] - |A| - [24/02/2014 06:08:04] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx32.dll.) - [8554 Ko] - (8.17.10.539) - C:\Windows\SysWOW64\atidxx32.dll [MD5.7A6F8FE11D1CD3EB958A591BB5AEAD5D] - |A| - [24/02/2014 04:27:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [130 Ko] - (8.14.1.6367) - C:\Windows\SysWOW64\atigktxx.dll [MD5.C7B6B0BB4283FF8CB061EC267737BFE3] - |A| - [24/02/2014 04:28:16] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [68 Ko] - (8.14.1.6367) - C:\Windows\SysWOW64\atiglpxx.dll [MD5.E23E252594AEF2F6603B0DC6D7076A8E] - |A| - [24/02/2014 06:08:36] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [70.02 Ko] - (8.14.10.23) - C:\Windows\SysWOW64\atimpc32.dll [MD5.8AE559D14FE93F72ED666C8DB22E317E] - |A| - [24/02/2014 05:07:50] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [22299.5 Ko] - (6.14.10.12795) - C:\Windows\SysWOW64\atioglxx.dll [MD5.64A0869F18560CD529120ADE00155C3E] - |A| - [13/09/2011 00:06:16] - (.-.) - [3.83 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atipblag.dat [MD5.2E473124A97C5527D95F8AB58D47A971] - |A| - [24/02/2014 06:08:20] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [96.19 Ko] - (8.14.1.6367) - C:\Windows\SysWOW64\atiu9pag.dll [MD5.BA3151EE2654D5DE35855C842CC1D0D8] - |A| - [24/02/2014 06:07:48] - (.Copyright (C) 1998-2011 AMD Inc. - atiumdag.dll.) - [6558.85 Ko] - (9.14.10.1017) - C:\Windows\SysWOW64\atiumdag.dll [MD5.971F5E9C263567B99311DF9DBD455D4F] - |A| - [24/02/2014 04:35:08] - (.-.) - [3387.05 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atiumdva.cap [MD5.EACF510CE529CD033FD1C089E8E1EC97] - |A| - [24/02/2014 06:07:56] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [9907.35 Ko] - (8.14.10.441) - C:\Windows\SysWOW64\atiumdva.dll [MD5.7C63AE78B8D004C97157AA8062D4CC2B] - |A| - [24/02/2014 06:08:24] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [123.38 Ko] - (8.14.1.6367) - C:\Windows\SysWOW64\atiuxpag.dll [MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [24/02/2014 04:43:40] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [24/02/2014 04:43:40] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ativvsvl.dat [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [173 Ko] - C:\Windows\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot2 [MD5.60FDF3D9A67F79200EF50ACF133C2FAF] - |A| - [30/04/2017 19:22:44] - (.-.) - [16.35 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\CCCInstall_201704301922448919.log [MD5.7B0D08B05649C2706E431AC0B6F4F2BF] - |A| - [30/04/2017 19:26:13] - (.-.) - [59.35 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\CCCInstall_201704301926131156.log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [302.5 Ko] - C:\Windows\SysWOW64\com [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [68.48 Ko] - C:\Windows\SysWOW64\config [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [219.5 Ko] - C:\Windows\SysWOW64\cs-CZ [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [216.5 Ko] - C:\Windows\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [240.5 Ko] - C:\Windows\SysWOW64\de-DE [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [3407 Ko] - C:\Windows\SysWOW64\Dism [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [3492.77 Ko] - C:\Windows\SysWOW64\drivers [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1.09 Ko] - C:\Windows\SysWOW64\DriverStore [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [240.5 Ko] - C:\Windows\SysWOW64\el-GR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [227.43 Ko] - C:\Windows\SysWOW64\en-US [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [230.5 Ko] - C:\Windows\SysWOW64\es-ES [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [160.5 Ko] - C:\Windows\SysWOW64\et-EE [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [218 Ko] - C:\Windows\SysWOW64\fi-FI [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:59] - [1680 Ko] - C:\Windows\SysWOW64\fr [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [36705.1 Ko] - C:\Windows\SysWOW64\fr-FR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\SysWOW64\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [191.5 Ko] - C:\Windows\SysWOW64\he-IL [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [168 Ko] - C:\Windows\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [221 Ko] - C:\Windows\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [36.27 Ko] - C:\Windows\SysWOW64\icsxml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [34095.44 Ko] - C:\Windows\SysWOW64\IME [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\inetsrv [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1160 Ko] - C:\Windows\SysWOW64\InstallShield [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [235 Ko] - C:\Windows\SysWOW64\it-IT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [163 Ko] - C:\Windows\SysWOW64\ja-JP [MD5.1590598E94B6B9B8CADBE36688D6CE34] - |A| - [23/02/2014 22:53:44] - (.-.) - [38 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\kdbsdk32.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [162 Ko] - C:\Windows\SysWOW64\ko-KR [MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [14/07/2009 04:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\korwbrkr.lex [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\SysWOW64\LogFiles [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [165 Ko] - C:\Windows\SysWOW64\lt-LT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [166 Ko] - C:\Windows\SysWOW64\lv-LV [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1968.26 Ko] - C:\Windows\SysWOW64\manifeststore [MD5.95214476EB686034DCF2055CE9D69165] - |A| - [24/02/2014 05:27:52] - (.Copyright (C) 2013 AMD Inc. - Mantle loader.) - [110.5 Ko] - (9.1.10.9) - C:\Windows\SysWOW64\mantle32.dll [MD5.E7730666B4DC650E69465EB5761A485D] - |A| - [24/02/2014 05:00:44] - (.Copyright (C) 2013 AMD Inc. - Mantle extension library.) - [77.5 Ko] - (9.1.10.9) - C:\Windows\SysWOW64\mantleaxl32.dll [MD5.98071B6EE16AA76DABFF377A5DC69C86] - |A| - [14/07/2009 06:55:01] - (.-.) - [0.52 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mapisvc.inf [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [3211.43 Ko] - C:\Windows\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [32695.71 Ko] - C:\Windows\SysWOW64\migwiz [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [52.28 Ko] - C:\Windows\SysWOW64\Msdtc [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [23.66 Ko] - C:\Windows\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [212 Ko] - C:\Windows\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [51 Ko] - C:\Windows\SysWOW64\NetworkList [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [229 Ko] - C:\Windows\SysWOW64\nl-NL [MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [14/07/2009 04:35:50] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\noise.kor [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [2566.05 Ko] - C:\Windows\SysWOW64\oobe [MD5.3EF171AE9C8D710B9716C72AF4D88BA9] - |A| - [24/02/2014 05:47:54] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenVideo 1.1 Runtime.) - [81.5 Ko] - (10.0.1411.4) - C:\Windows\SysWOW64\OpenVideo.dll [MD5.50453AF7C90010678C27E8F8D7E70F3F] - |A| - [24/02/2014 05:47:44] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OVDecode 1.1 Runtime.) - [71.5 Ko] - (10.0.1411.4) - C:\Windows\SysWOW64\OVDecode.dll [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 23:17:19] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfCenterCpl.ico [MD5.9DE2731A3C6E0F8C187A20DBB34FD932] - |A| - [30/04/2017 19:14:44] - (.-.) - [1591.48 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [224 Ko] - C:\Windows\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:59] - [420.42 Ko] - C:\Windows\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [222.5 Ko] - C:\Windows\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [224 Ko] - C:\Windows\SysWOW64\pt-PT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [23.75 Ko] - C:\Windows\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0.64 Ko] - C:\Windows\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\SysWOW64\restore [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [169 Ko] - C:\Windows\SysWOW64\ro-RO [MD5.00000000000000000000000000000000] - |D| - [01/01/2002 01:35:56] - [1331.59 Ko] - C:\Windows\SysWOW64\RTCOM [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [219 Ko] - C:\Windows\SysWOW64\ru-RU [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [169.5 Ko] - C:\Windows\SysWOW64\sk-SK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [166 Ko] - C:\Windows\SysWOW64\sl-SI [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:59] - [42.67 Ko] - C:\Windows\SysWOW64\slmgr [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [2803 Ko] - C:\Windows\SysWOW64\Speech [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1142.37 Ko] - C:\Windows\SysWOW64\spp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [30.19 Ko] - C:\Windows\SysWOW64\sppui [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [170 Ko] - C:\Windows\SysWOW64\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [216.5 Ko] - C:\Windows\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:59] - [0 Ko] - C:\Windows\SysWOW64\sysprep [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [157 Ko] - C:\Windows\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [212.5 Ko] - C:\Windows\SysWOW64\tr-TR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [166.5 Ko] - C:\Windows\SysWOW64\uk-UA [MD5.15BD0F8D507546F512EE5D73C3721FA8] - |A| - [14/07/2009 04:35:41] - (.Copyright © 2000 - vfpodbc.) - [20.05 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\vfpodbc.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [8905.41 Ko] - C:\Windows\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:59] - [47.61 Ko] - C:\Windows\SysWOW64\WCN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [88.24 Ko] - C:\Windows\SysWOW64\wdi [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [9079.89 Ko] - C:\Windows\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:19:00] - [106.26 Ko] - C:\Windows\SysWOW64\winrm [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:59] - [10.16 Ko] - C:\Windows\SysWOW64\XPSViewer [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [141.5 Ko] - C:\Windows\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [63 Ko] - C:\Windows\SysWOW64\zh-HK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [141.5 Ko] - C:\Windows\SysWOW64\zh-TW ---------- | Shell Folders [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "!Do not use this registry key"=Use the SHGetFolderPath or SHGetKnownFolderPath function instead "AppData"=C:\Users\ldjaps\AppData\Roaming [01/01/2002 01:29:59] "Local AppData"=C:\Users\ldjaps\AppData\Local [01/01/2002 01:29:59] "My Video"=C:\Users\ldjaps\Videos [01/01/2002 01:29:59] "{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"=C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Libraries [01/01/2002 01:30:19] "My Pictures"=C:\Users\ldjaps\Pictures [01/01/2002 01:29:59] "Desktop"=C:\Users\ldjaps\Desktop [01/01/2002 01:29:59] "History"=C:\Users\ldjaps\AppData\Local\Microsoft\Windows\History [01/01/2002 01:29:59] "NetHood"=C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Network Shortcuts "{56784854-C6CB-462B-8169-88E350ACB882}"=C:\Users\ldjaps\Contacts [01/01/2002 01:30:08] "Cookies"=C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Cookies [01/01/2002 00:13:28] "Favorites"=C:\Users\ldjaps\Favorites [01/01/2002 01:29:59] "SendTo"=C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\SendTo [01/01/2002 01:29:59] "Start Menu"=C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Start Menu [01/01/2002 01:29:59] "My Music"=C:\Users\ldjaps\Music [01/01/2002 01:29:59] "Programs"=C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [01/01/2002 01:29:59] "Recent"=C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Recent [01/01/2002 01:29:59] "CD Burning"=C:\Users\ldjaps\AppData\Local\Microsoft\Windows\Burn\Burn [01/01/2002 01:30:25] "PrintHood"=C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Printer Shortcuts "{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"=C:\Users\ldjaps\Searches [01/01/2002 01:30:19] "{374DE290-123F-4565-9164-39C4925E467B}"=C:\Users\ldjaps\Downloads [01/01/2002 01:29:59] "{A520A1A4-1780-4FF6-BD18-167343C5AF16}"=C:\Users\ldjaps\AppData\LocalLow [01/01/2002 00:11:41] "Startup"=C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [01/01/2002 01:30:19] "Administrative Tools"=C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [01/01/2002 01:30:19] "Personal"=C:\Users\ldjaps\Documents [01/01/2002 01:29:59] "{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"=C:\Users\ldjaps\Links [01/01/2002 01:29:59] "Cache"=C:\Users\ldjaps\AppData\Local\Microsoft\Windows\Temporary Internet Files [01/01/2002 01:29:59] "Templates"=C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Templates "{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"=C:\Users\ldjaps\Saved Games [01/01/2002 01:29:59] "Fonts"=C:\Windows\Fonts [14/07/2009 05:20:09] [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "AppData"=%USERPROFILE%\AppData\Roaming "Cache"=%USERPROFILE%\AppData\Local\Microsoft\Windows\Temporary Internet Files "Cookies"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Cookies "Desktop"=%USERPROFILE%\Desktop "Favorites"=%USERPROFILE%\Favorites "History"=%USERPROFILE%\AppData\Local\Microsoft\Windows\History "Local AppData"=%USERPROFILE%\AppData\Local "My Music"=%USERPROFILE%\Music "My Pictures"=%USERPROFILE%\Pictures "My Video"=%USERPROFILE%\Videos "NetHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts "Personal"=%USERPROFILE%\Documents "Programs"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs "Recent"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent "SendTo"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo "Startup"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup "Start Menu"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu "Templates"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates "{374DE290-123F-4565-9164-39C4925E467B}"=%USERPROFILE%\Downloads "PrintHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Desktop"=C:\Users\Public\Desktop [14/07/2009 05:20:08] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 05:20:08] "CommonVideo"=C:\Users\Public\Videos [14/07/2009 05:20:08] "CommonPictures"=C:\Users\Public\Pictures [14/07/2009 05:20:08] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 05:20:08] "CommonMusic"=C:\Users\Public\Music [14/07/2009 05:20:08] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [14/07/2009 07:32:38] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 05:20:08] "Common Documents"=C:\Users\Public\Documents [14/07/2009 05:20:08] "OEM Links"=C:\ProgramData\OEM Links "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [14/07/2009 05:20:08] "Common AppData"=C:\ProgramData [14/07/2009 05:20:08] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "CommonPictures"=%PUBLIC%\Pictures "CommonMusic"=%PUBLIC%\Music "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common AppData"=%ProgramData% "Common Templates"=%ProgramData%\Microsoft\Windows\Templates [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Desktop"=C:\Users\Public\Desktop [14/07/2009 05:20:08] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 05:20:08] "CommonVideo"=C:\Users\Public\Videos [14/07/2009 05:20:08] "CommonPictures"=C:\Users\Public\Pictures [14/07/2009 05:20:08] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 05:20:08] "CommonMusic"=C:\Users\Public\Music [14/07/2009 05:20:08] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [14/07/2009 07:32:38] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 05:20:08] "Common Documents"=C:\Users\Public\Documents [14/07/2009 05:20:08] "OEM Links"=C:\ProgramData\OEM Links "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [14/07/2009 05:20:08] "Common AppData"=C:\ProgramData [14/07/2009 05:20:08] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "CommonPictures"=%PUBLIC%\Pictures "CommonMusic"=%PUBLIC%\Music "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common AppData"=%ProgramData% "Common Templates"=%ProgramData%\Microsoft\Windows\Templates ---------- | [ldjaps] [01/01/2002 01:29:59] - |D| - [782851435] - C:\Users\ldjaps\AppData\Local [01/01/2002 00:11:41] - |D| - [536445] - C:\Users\ldjaps\AppData\LocalLow [01/01/2002 01:29:59] - |HD| - [3796068] - C:\Users\ldjaps\AppData\Roaming [01/01/2002 00:01:49] - |D| - [6] - C:\Users\ldjaps\AppData\Local\AMD [30/04/2017 18:50:18] - |D| - [2348318] - C:\Users\ldjaps\AppData\Local\Apps [01/01/2002 00:12:04] - |D| - [65584] - C:\Users\ldjaps\AppData\Local\ATI [30/04/2017 18:50:17] - |D| - [0] - C:\Users\ldjaps\AppData\Local\Deployment [01/01/2002 00:02:10] - |A| - [57560] - C:\Users\ldjaps\AppData\Local\GDIPFONTCACHEV1.DAT [30/04/2017 18:50:47] - |D| - [716061383] - C:\Users\ldjaps\AppData\Local\Google [30/04/2017 20:26:58] - |D| - [269] - C:\Users\ldjaps\AppData\Local\HirezLauncherUI [01/01/2002 00:20:53] - |AH| - [2279607] - C:\Users\ldjaps\AppData\Local\IconCache.db [01/01/2002 01:29:59] - |D| - [63492565] - C:\Users\ldjaps\AppData\Local\Microsoft [30/04/2017 19:22:10] - |D| - [0] - C:\Users\ldjaps\AppData\Local\Programs [01/01/2002 01:29:59] - |D| - [22556] - C:\Users\ldjaps\AppData\Local\Temp [01/01/2002 00:16:52] - |D| - [0] - C:\Users\ldjaps\AppData\Local\VirtualStore [01/01/2002 00:16:51] - |SD| - [536445] - C:\Users\ldjaps\AppData\LocalLow\Microsoft [01/01/2002 00:12:04] - |D| - [0] - C:\Users\ldjaps\AppData\Roaming\ATI [30/04/2017 18:53:58] - |D| - [0] - C:\Users\ldjaps\AppData\Roaming\Google [30/04/2017 19:28:23] - |D| - [0] - C:\Users\ldjaps\AppData\Roaming\library_dir [01/01/2002 01:29:59] - |SD| - [1602402] - C:\Users\ldjaps\AppData\Roaming\Microsoft [30/04/2017 21:40:25] - |D| - [292273] - C:\Users\ldjaps\AppData\Roaming\Mumble [01/01/2002 00:16:49] - |D| - [1901393] - C:\Users\ldjaps\AppData\Roaming\ZHP [01/01/2002 01:30:19] - |ASH| - [174] - C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [01/01/2002 01:29:59] - |RD| - [21975] - C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [01/01/2002 01:29:59] - |RD| - [14665] - C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [01/01/2002 01:30:19] - |RD| - [174] - C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [01/01/2002 01:30:19] - |ASH| - [476] - C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [30/04/2017 18:53:17] - |A| - [2353] - C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [01/01/2002 01:30:23] - |A| - [1425] - C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [01/01/2002 01:30:20] - |A| - [1459] - C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [01/01/2002 01:29:59] - |RD| - [580] - C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [01/01/2002 01:30:19] - |RD| - [843] - C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [30/04/2017 19:08:17] - |A| - [669] - C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Bios.lnk [01/01/2002 01:30:19] - |ASH| - [174] - C:\Users\ldjaps\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] ---------- | C:\ProgramData [30/04/2017 19:23:39] - |D| - [385] - C:\ProgramData\AMD [14/07/2009 07:08:56] - |SHD| - [2225339967] - C:\ProgramData\Application Data [01/01/2002 00:01:19] - |D| - [188] - C:\ProgramData\ATI [01/01/2002 01:29:54] - |SHD| - [2041] - C:\ProgramData\Bureau [14/07/2009 07:08:56] - |SHD| - [2041] - C:\ProgramData\Desktop [14/07/2009 07:08:56] - |SHD| - [278] - C:\ProgramData\Documents [01/01/2002 01:29:54] - |SHD| - [0] - C:\ProgramData\Favoris [14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Favorites [30/04/2017 20:26:28] - |D| - [298411] - C:\ProgramData\Hi-Rez Studios [30/04/2017 19:22:23] - |D| - [85190827] - C:\ProgramData\Malwarebytes [01/01/2002 01:29:54] - |SHD| - [101300] - C:\ProgramData\Menu Démarrer [14/07/2009 05:20:08] - |SD| - [95740955] - C:\ProgramData\Microsoft [01/01/2002 01:29:54] - |SHD| - [0] - C:\ProgramData\Modèles [30/04/2017 19:12:13] - |D| - [22716549] - C:\ProgramData\Package Cache [14/07/2009 07:08:56] - |SHD| - [101300] - C:\ProgramData\Start Menu [14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Templates [30/04/2017 19:07:12] - |SHD| - [5436] - C:\ProgramData\WindowsSecurity ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 07:01:14] - |A| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk [14/07/2009 06:49:40] - |ASH| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [01/01/2002 01:29:54] - |SHD| - [98310] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [14/07/2009 05:20:08] - |RD| - [98310] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 06:49:40] - |A| - [1266] - C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 05:20:08] - |RD| - [43590] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [14/07/2009 07:32:38] - |RD| - [18363] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [30/04/2017 19:25:34] - |D| - [4215] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center [14/07/2009 06:54:23] - |ASH| - [1130] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [14/07/2009 07:32:38] - |RD| - [6112] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [30/04/2017 20:26:29] - |D| - [6174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios [14/07/2009 05:20:08] - |RD| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [30/04/2017 19:22:30] - |D| - [3794] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes [01/01/2002 01:24:32] - |A| - [1345] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [30/04/2017 20:25:22] - |D| - [1032] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble [14/07/2009 06:57:08] - |A| - [1330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk [14/07/2009 05:20:08] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [21/11/2010 08:29:25] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [14/07/2009 06:57:09] - |A| - [1352] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk [01/01/2002 01:24:22] - |A| - [1326] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [14/07/2009 06:54:59] - |A| - [1210] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk [14/07/2009 06:57:06] - |A| - [1547] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [14/07/2009 06:57:08] - |A| - [1246] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 06:54:23] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [30/04/2017 19:26:40] - |D| - [764656] - C:\Program Files (x86)\AMD AVT [01/01/2002 01:48:37] - |D| - [99754281] - C:\Program Files (x86)\ATI Technologies [14/07/2009 05:20:08] - |D| - [73620341] - C:\Program Files (x86)\Common Files [14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [01/05/2017 12:21:21] - |D| - [239264831] - C:\Program Files (x86)\Google [30/04/2017 20:26:25] - |D| - [5689142633] - C:\Program Files (x86)\Hi-Rez Studios [01/01/2002 01:35:40] - |HD| - [13345676] - C:\Program Files (x86)\InstallShield Installation Information [14/07/2009 05:20:08] - |D| - [4594981] - C:\Program Files (x86)\Internet Explorer [01/05/2017 12:26:49] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [14/07/2009 07:32:38] - |D| - [25757] - C:\Program Files (x86)\MSBuild [30/04/2017 20:24:33] - |D| - [36184174] - C:\Program Files (x86)\Mumble [01/01/2002 01:35:41] - |D| - [5547092] - C:\Program Files (x86)\Realtek [14/07/2009 07:32:38] - |D| - [39175425] - C:\Program Files (x86)\Reference Assemblies [01/01/2002 01:35:39] - |D| - [0] - C:\Program Files (x86)\Temp [14/07/2009 06:57:06] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [14/07/2009 07:32:38] - |D| - [524800] - C:\Program Files (x86)\Windows Defender [14/07/2009 05:20:08] - |D| - [6181376] - C:\Program Files (x86)\Windows Mail [14/07/2009 07:32:38] - |D| - [5024017] - C:\Program Files (x86)\Windows Media Player [14/07/2009 05:20:08] - |D| - [12197556] - C:\Program Files (x86)\Windows NT [14/07/2009 07:32:38] - |D| - [4417800] - C:\Program Files (x86)\Windows Photo Viewer [14/07/2009 07:32:38] - |D| - [189952] - C:\Program Files (x86)\Windows Portable Devices [14/07/2009 07:32:38] - |D| - [5994626] - C:\Program Files (x86)\Windows Sidebar ---------- | C:\Program Files [30/04/2017 19:21:44] - |D| - [46802] - C:\Program Files\AMD [01/01/2002 01:38:02] - |D| - [27520630] - C:\Program Files\ATI [30/04/2017 19:11:32] - |D| - [5597468] - C:\Program Files\ATI Technologies [14/07/2009 05:20:08] - |D| - [67620543] - C:\Program Files\Common Files [14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files\desktop.ini [14/07/2009 07:32:38] - |D| - [90256916] - C:\Program Files\DVD Maker [14/07/2009 05:20:08] - |D| - [5182765] - C:\Program Files\Internet Explorer [30/04/2017 19:22:23] - |D| - [133939510] - C:\Program Files\Malwarebytes [14/07/2009 07:32:38] - |D| - [149237810] - C:\Program Files\Microsoft Games [14/07/2009 07:32:38] - |D| - [25757] - C:\Program Files\MSBuild [01/01/2002 01:35:56] - |D| - [15192672] - C:\Program Files\Realtek [14/07/2009 07:32:38] - |D| - [36834473] - C:\Program Files\Reference Assemblies [14/07/2009 07:32:38] - |D| - [4039680] - C:\Program Files\Windows Defender [21/11/2010 08:29:46] - |D| - [9224824] - C:\Program Files\Windows Journal [14/07/2009 05:20:08] - |D| - [6667776] - C:\Program Files\Windows Mail [14/07/2009 07:32:38] - |D| - [7687085] - C:\Program Files\Windows Media Player [14/07/2009 05:20:08] - |D| - [12627636] - C:\Program Files\Windows NT [14/07/2009 07:32:38] - |D| - [5516056] - C:\Program Files\Windows Photo Viewer [14/07/2009 07:32:38] - |D| - [244736] - C:\Program Files\Windows Portable Devices [14/07/2009 07:32:38] - |D| - [7044767] - C:\Program Files\Windows Sidebar ---------- | C:\Program Files (x86)\Common Files [30/04/2017 19:26:32] - |D| - [2459912] - C:\Program Files (x86)\Common Files\ATI Technologies [01/01/2002 01:35:35] - |D| - [2106564] - C:\Program Files (x86)\Common Files\InstallShield [14/07/2009 05:20:08] - |D| - [17705857] - C:\Program Files (x86)\Common Files\microsoft shared [14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [14/07/2009 05:20:08] - |D| - [41103783] - C:\Program Files (x86)\Common Files\SpeechEngines [14/07/2009 05:20:08] - |D| - [10241523] - C:\Program Files (x86)\Common Files\System ---------- | C:\Program Files\Common files [30/04/2017 19:20:48] - |D| - [4029057] - C:\Program Files\Common files\ATI Technologies [14/07/2009 05:20:08] - |D| - [50789821] - C:\Program Files\Common files\Microsoft Shared [14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files\Common files\Services [14/07/2009 05:20:08] - |D| - [608768] - C:\Program Files\Common files\SpeechEngines [14/07/2009 05:20:08] - |D| - [12190195] - C:\Program Files\Common files\System ---------- | Tasks [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [14/07/2009 07:08:49] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.6EA2B5FAE6D6E5F77234D9129D2CB236] - [14/07/2009 07:08:49] - |A| - [3952] - C:\Windows\Tasks\SCHEDLGU.TXT [MD5.00000000000000000000000000000000] - [01/01/2002 01:34:20] - |D| - [2926] - C:\Windows\System32\Tasks\ASUS [MD5.BF40DA393837502B2D0106EF659B0FE7] - [30/04/2017 19:08:18] - |A| - [3468] - C:\Windows\System32\Tasks\explorer : C:\Users\ldjaps\AppData\Roaming\Java.exe [MD5.F1B3AB3B46BED85BBF9EF547C2214DF9] - [30/04/2017 18:51:11] - |A| - [3406] - C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2960159090-924148967-2076729095-1000Core : C:\Users\ldjaps\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.2082DD2E78D64548A5292FECE798AEE8] - [30/04/2017 18:51:12] - |A| - [3678] - C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2960159090-924148967-2076729095-1000UA : C:\Users\ldjaps\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [14/07/2009 05:20:13] - |D| - [247610] - C:\Windows\System32\Tasks\Microsoft [MD5.00000000000000000000000000000000] - [14/07/2009 07:09:57] - |D| - [0] - C:\Windows\System32\Tasks\WPD [MD5.00000000000000000000000000000000] - [14/07/2009 05:20:14] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "Netlogon-NamedPipe-In"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "{8A572105-0616-4435-9570-9742F83EB4D4}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002| "{5FE22FEB-967F-4509-9B42-D283BBB55A80}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe|Name=Raptr Desktop App| "{DBD4556B-3BDA-405F-8C26-DA4E411D5F3B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe|Name=Raptr Desktop App| "{0BFAEBAB-A0A5-4FA7-9DE0-DEDD357543AF}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe|Name=Raptr IM| "{4AE7E3E6-7BAC-4B85-A8C0-4AB8B9EF9693}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe|Name=Raptr IM| "{01DCD7D6-3D10-487A-8306-811C588EB658}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe|Name=Plays.tv client| "{AAD43F8E-3E10-43A4-B9C9-66B898C43177}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe|Name=Plays.tv client| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (amdkmdap) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}] : (IPMIDRV) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] : (Display) [] -> @DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) [] -> @mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}] : (Monitor) [] -> @Montr_CI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}] : (MTD) [] -> @SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}] : (Net) [] -> @NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}] : (NetClient) [] -> @NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}] : (NetService) [] -> @NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}] : (NetTrans) [] -> @NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) [] -> @StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175D334-C371-4806-B3BA-71FD53C9258D}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53D29EF7-377C-4D14-864B-EB3A85769359}] : (BiometricDevice) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) [] -> @NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (amdkmdap) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) [] -> @%SystemRoot%\system32\batt.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) [] -> @hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990A2BD7-E738-46C7-B26F-1CF8FB9F1391}] : (SmartCard) [] -> @sccls.dll,-300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}] : (SideShow) [] -> @%systemroot%\system32\AuxiliaryDisplayClassInstaller.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}] : (Transfer Cable) [] -> @%SystemRoot%\System32\migwiz\migres.dll,-20 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}] : (XnaComposite) [] -> @%SystemRoot%\system32\XInput9_1_0.dll,-1000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{DB4F6DDD-9C0E-45E4-9597-78DBBAD0F412}] : (SmartCardFilter) [] -> @sccls.dll,-301 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E004269C-D387-4461-B955-25A64CFE23CE}] : (amdkmdag) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}] : (WPD) [] -> @wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [30/04/2017 19:22:28] - (0.0.0.0) - ( -) - C:\Windows\system32\drivers\mbae64.sys [16/07/2009 05:38:40] - (1043.6.0.0) - ( - ATK0110 ACPI Utility) - C:\Windows\system32\DRIVERS\ASACPI.sys [14/07/2009 04:36:07] - (4.3.86.0) - (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. - Macrovision SECURITY Driver) - C:\Windows\System32\Drivers\secdrv.SYS [21/11/2010 05:24:08] - (5.1.2.230) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\Windows\System32\ATMFD.DLL ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service R0 - [Kernel Driver] - ACPI (Pilote ACPI Microsoft) -> system32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - amdxata () -> system32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - atapi (Canal IDE) -> system32\drivers\atapi.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Disk (Pilote de disque) -> system32\drivers\disk.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> system32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (Pilote de bus PCI) -> system32\drivers\pci.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pciide () -> system32\drivers\pciide.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - spldr (Security Processor Loader Driver) -> (?) - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (Pilote d’énumérateur de lecteur virtuel Microsoft) -> system32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgr (Pilote du Gestionnaire de volume) -> system32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (Volumes de stockage) -> system32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Wdf01000 (Kernel Mode Driver Frameworks service) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - blbdrive () -> system32\DRIVERS\blbdrive.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (Pilote de CD-ROM) -> system32\DRIVERS\cdrom.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ESProtectionDriver (Malwarebytes Anti-Exploit) -> \??\C:\Windows\system32\drivers\mbae64.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (Pilote BIOS de gestion de systèmes Microsoft) -> system32\DRIVERS\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Serial (Pilote de port série) -> system32\DRIVERS\serial.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - TermDD (Pilote de périphérique terminal) -> system32\DRIVERS\termdd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - VgaSave () -> \SystemRoot\System32\drivers\vga.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys - AcceptPause: False - AcceptStop: True S2 - [Kernel Driver] - agp440 (Intel AGP Bus Filter) -> \SystemRoot\system32\drivers\agp440.sys - AcceptPause: False - AcceptStop: False R2 - [Kernel Driver] - AODDriver4.3 (AODDriver4.3) -> \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - MBAMChameleon (MBAMChameleon) -> \SystemRoot\system32\drivers\MBAMChameleon.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - secdrv (Security Driver) -> (?) - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True ---------- | System files (Microsoft|Avast|Atheros Files whitelisted) [MD5.2F6B34B83843F0C5118B63AC634F5BF4] - [10/06/2009 22:36:24] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - [479.58 Ko] - (1.6.6.4) - C:\Windows\System32\Drivers\adp94xx.sys [MD5.597F78224EE9224EA1A13D6350CED962] - [13/07/2009 23:59:32] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - [331.58 Ko] - (1.6.6.1) - C:\Windows\System32\Drivers\adpahci.sys [MD5.E109549C90F62FB570B9540C4B148E54] - [13/07/2009 23:59:33] - (.Copyright © 2003 Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) - [178.58 Ko] - (7.2.0.0) - C:\Windows\System32\Drivers\adpu320.sys [MD5.5812713A477A3AD7363C7438CA2EE038] - [14/07/2009 01:19:47] - (.Copyright (C) Acer Laboratories Inc. 2000 - ALi mini IDE Driver.) - [15.08 Ko] - (1.2.0.0) - C:\Windows\System32\Drivers\aliide.sys [MD5.1FF8B4431C353CE385C875F194924C0C] - [14/07/2009 01:19:49] - (.Copyright (C) AMD 2003 - Pilote IDE AMD.) - [15.08 Ko] - (6.1.7600.16385) - C:\Windows\System32\Drivers\amdide.sys [MD5.6EC6D772EAE38DC17C14AED9B178D24B] - [21/11/2010 05:23:47] - (.Copyright © 2008-2010 AMD, Inc. - AHCI 1.2 Device Driver.) - [105.38 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdsata.sys [MD5.F67F933E79241ED32FF46A4F29B5120B] - [10/06/2009 22:37:35] - (.2008 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [189.58 Ko] - (3.6.1540.127) - C:\Windows\System32\Drivers\amdsbs.sys [MD5.1142A21DB581A84EA5597B03A26EBAA0] - [21/11/2010 05:23:47] - (.Copyright © 2008-2010 AMD, Inc. - Storage Filter Driver.) - [26.38 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdxata.sys [MD5.C484F8CEB1717C540242531DB7845C4E] - [13/07/2009 23:59:33] - (.Copyright 2007 Adaptec, Inc. - Adaptec RAID Storport Driver.) - [85.58 Ko] - (5.2.0.10384) - C:\Windows\System32\Drivers\arc.sys [MD5.019AF6924AEFE7839F61C830227FE79C] - [13/07/2009 23:59:33] - (.Copyright 2008 Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - [95.56 Ko] - (5.2.0.16119) - C:\Windows\System32\Drivers\arcsas.sys [MD5.19B006B181E3875FD254F7B67ACF1E7C] - [16/07/2009 05:38:40] - (.- ATK0110 ACPI Utility.) - [15.05 Ko] - (1043.6.0.0) - C:\Windows\System32\Drivers\ASACPI.sys [MD5.C22D4905DDDF73EB0349D3B0604234A2] - [19/12/2013 18:45:50] - (.© Advanced Micro Devices. - AMD High Definition Audio Function Driver.) - [92.5 Ko] - (7.12.0.7718) - C:\Windows\System32\Drivers\AtihdW76.sys [MD5.AA5E8F39880046443E57B646F24840F3] - [24/02/2014 06:01:48] - (.Copyright (C) 1998-2012 Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - [13603 Ko] - (8.1.1.1379) - C:\Windows\System32\Drivers\atikmdag.sys [MD5.EFA2AC1F4BB4618CDD6B00DDE8035942] - [24/02/2014 04:27:24] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) - [622 Ko] - (8.14.1.6367) - C:\Windows\System32\Drivers\atikmpag.sys [MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - [10/06/2009 22:34:23] - (.Copyright 2000-2008, Broadcom Corporation. - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) - [264.5 Ko] - (10.100.4.0) - C:\Windows\System32\Drivers\b57nd60a.sys [MD5.F09EEE9EDC320B5E1501F749FDE686C8] - [14/07/2009 03:19:59] - (.Copyright (C) Brother Industries, Ltd. 2001-2003 - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) - [18 Ko] - (1.10.0.2) - C:\Windows\System32\Drivers\BrFiltLo.sys [MD5.B114D3098E9BDB8BEA8B053685831BE6] - [14/07/2009 03:20:21] - (.Copyright (C) Brother Industries, Ltd. 2001 - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) - [8.5 Ko] - (1.4.0.1) - C:\Windows\System32\Drivers\BrFiltUp.sys [MD5.43BEA8D483BF1870F018E2D02E06A5BD] - [14/07/2009 03:19:06] - (.Copyright (C) Brother Industries Ltd.1997-2006 - Pilote Brother Série I/F (WDM).) - [280 Ko] - (1.0.1.6) - C:\Windows\System32\Drivers\BrSerId.sys [MD5.A6ECA2151B08A09CACECA35C07F05B42] - [14/07/2009 03:20:11] - (.Copyright (C) Brother Industries Ltd.1997-2003 - Brother Serial driver (WDM version).) - [46 Ko] - (1.0.0.20) - C:\Windows\System32\Drivers\BrSerWdm.sys [MD5.B79968002C277E869CF38BD22CD61524] - [14/07/2009 03:20:26] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB MDM Driver.) - [14.63 Ko] - (1.0.0.12) - C:\Windows\System32\Drivers\BrUsbMdm.sys [MD5.A87528880231C54E75EA7A44943B38BF] - [14/07/2009 03:20:15] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB Serial Driver.) - [14.38 Ko] - (1.0.1.3) - C:\Windows\System32\Drivers\BrUsbSer.sys [MD5.3E5B191307609F7514148C6832BB0842] - [10/06/2009 22:34:28] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [457.5 Ko] - (4.8.2.0) - C:\Windows\System32\Drivers\bxvbda.sys [MD5.E19D3F095812725D88F9001985B94EDD] - [14/07/2009 01:19:48] - (.Copyright (C) CMD Technology, Inc. 1999-2000 - CMD PCI IDE Bus Driver.) - [17.08 Ko] - (2.0.7.0) - C:\Windows\System32\Drivers\cmdide.sys [MD5.0E5DA5369A0FCAEA12456DD852545184] - [10/06/2009 22:36:49] - (.Copyright © 2003-2009 Emulex - Storport Miniport Driver for LightPulse HBAs.) - [518.06 Ko] - (7.2.10.211) - C:\Windows\System32\Drivers\elxstor.sys [MD5.DC5D737F51BE844D8C82C695EB17372F] - [10/06/2009 22:34:33] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) - [3209 Ko] - (4.8.13.0) - C:\Windows\System32\Drivers\evbda.sys [MD5.F9808F9763FBC7AA830B1F54C0CA1C25] - [30/04/2017 19:23:00] - (.(C) Malwarebytes. - Malwarebytes Anti-Ransomware Protection.) - [108.93 Ko] - (3.0.0.266) - C:\Windows\System32\Drivers\farflt.sys [MD5.F2523EF6460FC42405B12248338AB2F0] - [14/07/2009 00:53:43] - (.Copyright ©2007-2009 Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) - [30.5 Ko] - (1.31.27127.0) - C:\Windows\System32\Drivers\hcw85cir.sys [MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - [21/11/2010 05:23:47] - (.Copyright (c) 2004-2010 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [76.88 Ko] - (6.12.6.64) - C:\Windows\System32\Drivers\HpSAMD.sys [MD5.3DF4395A7CF8B7A72A5F4606366B8C2D] - [21/11/2010 05:23:47] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [400.88 Ko] - (8.6.2.1014) - C:\Windows\System32\Drivers\iaStorV.sys [MD5.5C18831C61933628F5BB0EA2675B9D21] - [13/07/2009 23:59:33] - (.Copyright © 2002-05 Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - [43.08 Ko] - (5.4.22.0) - C:\Windows\System32\Drivers\iirsp.sys [MD5.1A93E54EB0ECE102495A51266DCDB6A6] - [13/07/2009 23:59:34] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT FC Driver (StorPort).) - [112.06 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_fc.sys [MD5.1047184A9FDC8BDBFF857175875EE810] - [13/07/2009 23:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SAS Driver (StorPort).) - [104.06 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_sas.sys [MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - [13/07/2009 23:59:34] - (.Copyright © LSI Corporation 2009 - LSI SAS Gen2 Driver (StorPort).) - [64.06 Ko] - (2.0.2.71) - C:\Windows\System32\Drivers\lsi_sas2.sys [MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - [13/07/2009 23:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SCSI Driver (StorPort).) - [113.06 Ko] - (1.28.3.67) - C:\Windows\System32\Drivers\lsi_scsi.sys [MD5.F1CEA9D2626D5933162C72F0C47B496C] - [30/04/2017 19:22:28] - (.-.) - [75.63 Ko] - (0.0.0.0) - C:\Windows\System32\Drivers\mbae64.sys [MD5.88BD122C3A35DE63D75D382DF75554CE] - [30/04/2017 19:22:55] - (.(C) Malwarebytes. - Malwarebytes Real-Time Protection.) - [42.94 Ko] - (3.0.0.83) - C:\Windows\System32\Drivers\mbam.sys [MD5.835E1D6B5835EF70FC3BDF93ED42243A] - [30/04/2017 19:23:14] - (.(C) Malwarebytes. - Malwarebytes Chameleon.) - [181.94 Ko] - (3.0.0.155) - C:\Windows\System32\Drivers\MBAMChameleon.sys [MD5.53283EB9998AC9350E14C35A880989DB] - [30/04/2017 19:22:48] - (.(C) Malwarebytes. - Malwarebytes SwissArmy.) - [245.93 Ko] - (4.2.0.112) - C:\Windows\System32\Drivers\MBAMSwissArmy.sys [MD5.A55805F747C6EDB6A9080D7C633BD0F4] - [10/06/2009 22:37:14] - (.Copyright © LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64.) - [34.56 Ko] - (4.5.1.64) - C:\Windows\System32\Drivers\megasas.sys [MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - [13/07/2009 23:59:33] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [278.06 Ko] - (13.5.409.2009) - C:\Windows\System32\Drivers\MegaSR.sys [MD5.C56DD910B243D7DC9FA82505C2B668C1] - [30/04/2017 19:22:59] - (.(C) Malwarebytes. - Malwarebytes Web Protection.) - [80.78 Ko] - (3.0.0.144) - C:\Windows\System32\Drivers\mwac.sys [MD5.77889813BE4D166CDAB78DDBA990DA92] - [13/07/2009 23:59:33] - (.(C) Copyright IBM Corp. 1994, 2002. - IBM ServeRAID Controller Driver.) - [50.06 Ko] - (7.10.0.0) - C:\Windows\System32\Drivers\nfrd960.sys [MD5.5D9FD91F3D38DC9DA01E3CB5FA89CD48] - [21/11/2010 05:23:47] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [144.88 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvraid.sys [MD5.F7CD50FE7139F07E77DA8AC8033D1832] - [21/11/2010 05:23:47] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [162.38 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvstor.sys [MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - [10/06/2009 22:37:36] - (.Copyright © QLogic Corporation 1996-2009 - QLogic Fibre Channel Stor Miniport Driver.) - [1489.08 Ko] - (9.1.8.6) - C:\Windows\System32\Drivers\ql2300.sys [MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - [13/07/2009 23:59:34] - (.© QLogic Corporation. - QLogic iSCSI Storport Miniport Driver.) - [125.58 Ko] - (2.1.3.20) - C:\Windows\System32\Drivers\ql40xx.sys [MD5.20A466B9EA2BD828C0EC723F99B8CFE7] - [01/01/2002 01:36:47] - (.Copyright (C) 2010 Realtek Semiconductor Corporation. All Right Reserved. - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver .) - [326.1 Ko] - (7.21.531.2010) - C:\Windows\System32\Drivers\Rt64win7.sys [MD5.A3BCBD0F710580A07D1B929D787D36CE] - [01/01/2002 01:35:45] - (.Copyright (c) Realtek Semiconductor Corp.1998-2012 - Realtek(r) High Definition Audio Function Driver.) - [2207.28 Ko] - (6.0.1.6037) - C:\Windows\System32\Drivers\RTKVHD64.sys [MD5.3EA8A16169C26AFBEB544E0E48421186] - [14/07/2009 04:36:07] - (.© 2006 Macrovision Corporation - Macrovision SECURITY Driver.) - [22.5 Ko] - (4.3.86.0) - C:\Windows\System32\Drivers\secdrv.sys [MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - [10/06/2009 22:37:40] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [42.56 Ko] - (5.1.1039.2600) - C:\Windows\System32\Drivers\sisraid2.sys [MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - [13/07/2009 23:59:33] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [78.58 Ko] - (5.1.1039.3600) - C:\Windows\System32\Drivers\sisraid4.sys [MD5.F3817967ED533D08327DC73BC4D5542A] - [13/07/2009 23:59:33] - (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) - [24.08 Ko] - (5.0.1.1) - C:\Windows\System32\Drivers\stexstor.sys [MD5.E5689D93FFE4E5D66C0178761240DD54] - [14/07/2009 01:19:50] - (.Copyright (C) VIA Technologies, Inc. 2000-2007 - VIA Generic PCI IDE Bus Driver.) - [17.08 Ko] - (6.0.6000.170) - C:\Windows\System32\Drivers\viaide.sys [MD5.5E2016EA6EBACA03C04FEAC5F330D997] - [10/06/2009 22:37:58] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [158.08 Ko] - (6.0.6000.6210) - C:\Windows\System32\Drivers\vsmraid.sys [MD5.19166026A93206F9C6A8CD3A1F010AE4] - [02/04/2009 14:30:14] - (.-.) - [10.05 Ko] - (0.0.0.0) - C:\Windows\Syswow64\Drivers\ASUSHWIO.SYS ---------- | Uninstall [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) -> "C:\Users\ldjaps\AppData\Local\Google\Chrome\Application\58.0.3029.81\Installer\setup.exe" --uninstall --verbose-logging [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0FE68D3F-A4FE-72A9-CA27-AC53BFD392AF}] : (AMD Fuel.-.Nom de votre société) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1] : (Malwarebytes version 3.0.6.1469.-.Malwarebytes) -> "C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe" ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{35255C07-EECE-CC3B-F4D3-EDEC0C3AF683}] : (ccc-utility64.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{39FD51D4-F006-76A1-9F59-76EA44FC06D0}] : (AMD Wireless Display v3.0.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{39FD51D4-F006-76A1-9F59-76EA44FC06D0} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{61EDB14F-7FCE-BE34-2A7E-1454C6FB9BD4}] : (AMD Drag and Drop Transcoding.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{61EDB14F-7FCE-BE34-2A7E-1454C6FB9BD4} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7043100E-0163-0931-1CE5-D621DA4850C0}] : (AMD Accelerated Video Transcoding.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{7043100E-0163-0931-1CE5-D621DA4850C0} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A081D35B-0AF0-588A-D0D6-259D25C03E50}] : (AMD Catalyst Install Manager.-.Advanced Micro Devices, Inc.) -> msiexec /q/x{A081D35B-0AF0-588A-D0D6-259D25C03E50} REBOOT=ReallySuppress [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Usbfix] : (UsbFix.-.www.SOSVirus.Net) -> C:\UsbFix\Un-UsbFix.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{01D249F7-CED7-9302-BD00-5D6D15E9AB42}] : (CCC Help French.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0A2AABAB-A7E3-AED6-4F7B-C79EBA1B8A99}] : (CCC Help Turkish.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0BFE9D7D-46CF-F5C6-3AFD-21ACCA232E2A}] : (CCC Help Finnish.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1BD62453-FA62-35DF-2500-D32B43BDB51F}] : (CCC Help Thai.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1C2AABF8-F34C-F642-5207-F2767ABBC923}] : (Catalyst Control Center InstallProxy.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{344AD857-BC54-EDE0-5E6A-76EA2DFB9878}] : (AMD Catalyst Control Center.-.Nom de votre société) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{37F87C9E-EDBE-B315-6A22-27C94F8180B6}] : (CCC Help Dutch.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}] : (HiPatch.-.Hi-Rez Studios) -> "C:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe" uninstall=0 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}] : (Hi-Rez Studios Authenticate and Update Service.-.Hi-Rez Studios) -> "C:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe" uninstall=all ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{57EF7E75-719C-39A8-0F40-104E156F85F0}] : (CCC Help Danish.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7C752BAC-44E4-E166-E3DF-87CED74733C9}] : (Catalyst Control Center Graphics Previews Common.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7F71688A-134B-BB70-63E1-44BEFFA8AA1E}] : (CCC Help Spanish.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{818DA5DD-8B98-1134-C155-E2CF241C260B}] : (CCC Help Swedish.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] : (Realtek Ethernet Controller Driver For Windows 7.-.Realtek) -> C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{887458F8-94A2-3CEF-62E0-65FDC8D8AB0A}] : (CCC Help Japanese.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{968AF13F-BED4-21CF-6236-97B2EA96638C}] : (CCC Help Czech.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9A5584A7-C6B1-6A24-50FA-91D0C195B760}] : (CCC Help Russian.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9BCF5203-72BB-4425-A391-83BF298EF376}] : (Mumble 1.2.19.-.Thorvald Natvig) -> MsiExec.exe /I{9BCF5203-72BB-4425-A391-83BF298EF376} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ACC77BD3-0F2C-3ED9-80E7-3D6EF247BB70}] : (CCC Help Korean.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ACCF566E-1082-EB48-8CB0-1B25507DBE52}] : (CCC Help Italian.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B83B0D2D-4CFA-B4E0-3530-C25800EDC5FE}] : (CCC Help English.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BD98AEDE-06D9-602A-71D2-506D14C71F63}] : (Catalyst Control Center Localization All.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C0657FC0-37AE-1A64-18A2-18C3B6E1D544}] : (CCC Help Chinese Standard.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CB79256B-C0E0-40C6-8EB7-BDD796203581}] : (Catalyst Control Center - Branding.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /I{CB79256B-C0E0-40C6-8EB7-BDD796203581} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D10E48F2-E338-334A-C57F-4FBCDC652483}] : (CCC Help Chinese Traditional.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E58FD4D7-26C8-037E-CE22-3351F38DDB19}] : (CCC Help German.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EE2FC0A8-FE7D-9CCB-6BD0-7A05857F4FE6}] : (CCC Help Greek.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F507BCF7-9B72-9111-9828-B987004F3DAB}] : (CCC Help Norwegian.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FDFE8B44-305A-947E-42C9-0A7737C70536}] : (CCC Help Polish.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FF988B97-F2DB-11DA-8EB3-D6D1489BBD25}] : (CCC Help Portuguese.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FFFFA0A3-25D5-9C56-0708-9C84DF9FAD3E}] : (CCC Help Hungarian.-.Advanced Micro Devices, Inc.) -> ---------- | Ports ---------- | Installer [HKCR\Installer\Products\0CF7560CEA7346A1812A813C6B1E5D44] : CCC Help Chinese Standard -> C:\Windows\Installer\{C0657FC0-37AE-1A64-18A2-18C3B6E1D544}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2F84E01D833EA4335CF7F4CBCD564238] : CCC Help Chinese Traditional -> C:\Windows\Installer\{D10E48F2-E338-334A-C57F-4FBCDC652483}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3025FCB9BB2752443A1938FB92E83F67] : Mumble 1.2.19 -> C:\Windows\Installer\{9BCF5203-72BB-4425-A391-83BF298EF376}\mumble.ico [HKCR\Installer\Products\35426DB126AFFD5352003DB234DB5BF1] : CCC Help Thai -> C:\Windows\Installer\{1BD62453-FA62-35DF-2500-D32B43BDB51F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3A0AFFFF5D5265C97080C948FDF9DAE3] : CCC Help Hungarian -> C:\Windows\Installer\{FFFFA0A3-25D5-9C56-0708-9C84DF9FAD3E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3DB77CCAC2F09DE3087ED3E62F74BB07] : CCC Help Korean -> C:\Windows\Installer\{ACC77BD3-0F2C-3ED9-80E7-3D6EF247BB70}\ARPPRODUCTICON.exe [HKCR\Installer\Products\44B8EFDFA503E749249CA077737C5063] : CCC Help Polish -> C:\Windows\Installer\{FDFE8B44-305A-947E-42C9-0A7737C70536}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4D15DF93600F1A67F99567AE44CF600D] : AMD Wireless Display v3.0 -> C:\Windows\Installer\{39FD51D4-F006-76A1-9F59-76EA44FC06D0}\ARPPRODUCTICON.exe [HKCR\Installer\Products\57E7FE75C9178A93F00401E451F6580F] : CCC Help Danish -> C:\Windows\Installer\{57EF7E75-719C-39A8-0F40-104E156F85F0}\ARPPRODUCTICON.exe [HKCR\Installer\Products\70C55253ECEEB3CC4F3DDECEC0A36F38] : ccc-utility64 -> C:\Windows\Installer\{35255C07-EECE-CC3B-F4D3-EDEC0C3AF683}\ARPPRODUCTICON.exe [HKCR\Installer\Products\758DA44345CB0EDEE5A667AED2BF8987] : AMD Catalyst Control Center -> C:\Windows\Installer\{344AD857-BC54-EDE0-5E6A-76EA2DFB9878}\ARPPRODUCTICON.exe [HKCR\Installer\Products\79B889FFBD2FAD11E83B6D1D84B9DB52] : CCC Help Portuguese -> C:\Windows\Installer\{FF988B97-F2DB-11DA-8EB3-D6D1489BBD25}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7A4855A91B6C42A605AF190D1C597B06] : CCC Help Russian -> C:\Windows\Installer\{9A5584A7-C6B1-6A24-50FA-91D0C195B760}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7D4DF85E8C62E730EC2233153FD8BD91] : CCC Help German -> C:\Windows\Installer\{E58FD4D7-26C8-037E-CE22-3351F38DDB19}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7F942D107DEC2039DB00D5D6519EBA24] : CCC Help French -> C:\Windows\Installer\{01D249F7-CED7-9302-BD00-5D6D15E9AB42}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7FCB705F27B9111989829B7800F4D3BA] : CCC Help Norwegian -> C:\Windows\Installer\{F507BCF7-9B72-9111-9828-B987004F3DAB}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8A0CF2EED7EFBCC9B60DA75058F7F46E] : CCC Help Greek -> C:\Windows\Installer\{EE2FC0A8-FE7D-9CCB-6BD0-7A05857F4FE6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8F8547882A49FEC3260E56DF8C8DBAA0] : CCC Help Japanese -> C:\Windows\Installer\{887458F8-94A2-3CEF-62E0-65FDC8D8AB0A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8FBAA2C1C43F246F25702F67A7BB9C32] : Catalyst Control Center InstallProxy -> C:\Windows\Installer\{1C2AABF8-F34C-F642-5207-F2767ABBC923}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A88617F7B43107BB361E44EBFF8AAAE1] : CCC Help Spanish -> C:\Windows\Installer\{7F71688A-134B-BB70-63E1-44BEFFA8AA1E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B53D180A0FA0A8850D6D52D9520CE305] : AMD Catalyst Install Manager -> C:\Windows\Installer\{A081D35B-0AF0-588A-D0D6-259D25C03E50}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B65297BC0E0C6C04E87BDB7D69025318] : Catalyst Control Center - Branding -> C:\Windows\Installer\{CB79256B-C0E0-40C6-8EB7-BDD796203581}\ARPPRODUCTICON.exe [HKCR\Installer\Products\BABAA2A03E7A6DEAF4B77CE9ABB1A899] : CCC Help Turkish -> C:\Windows\Installer\{0A2AABAB-A7E3-AED6-4F7B-C79EBA1B8A99}\ARPPRODUCTICON.exe [HKCR\Installer\Products\CAB257C74E44661E3EFD78EC7D74339C] : Catalyst Control Center Graphics Previews Common -> C:\Windows\Installer\{7C752BAC-44E4-E166-E3DF-87CED74733C9}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D2D0B38BAFC40E4B53032C8500DE5CEF] : CCC Help English -> C:\Windows\Installer\{B83B0D2D-4CFA-B4E0-3530-C25800EDC5FE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D7D9EFB0FC646C5FA3DF12CAAC32E2A2] : CCC Help Finnish -> C:\Windows\Installer\{0BFE9D7D-46CF-F5C6-3AFD-21ACCA232E2A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\DD5AD81889B843111C552EFC42C162B0] : CCC Help Swedish -> C:\Windows\Installer\{818DA5DD-8B98-1134-C155-E2CF241C260B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E001340736101390C15E6D12AD84050C] : AMD Accelerated Video Transcoding -> C:\Windows\Installer\{7043100E-0163-0931-1CE5-D621DA4850C0}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E665FCCA280184BEC80BB15205D7EB25] : CCC Help Italian -> C:\Windows\Installer\{ACCF566E-1082-EB48-8CB0-1B25507DBE52}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E9C78F73EBDE513BA622729CF418086B] : CCC Help Dutch -> C:\Windows\Installer\{37F87C9E-EDBE-B315-6A22-27C94F8180B6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\EDEA89DB9D60A206172D05D6417CF136] : Catalyst Control Center Localization All -> C:\Windows\Installer\{BD98AEDE-06D9-602A-71D2-506D14C71F63}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F31FA8694DEBFC122663792BAE6936C8] : CCC Help Czech -> C:\Windows\Installer\{968AF13F-BED4-21CF-6236-97B2EA96638C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F3D86EF0EF4A9A27AC72CA35FB3D29FA] : AMD Fuel -> C:\Windows\Installer\{0FE68D3F-A4FE-72A9-CA27-AC53BFD392AF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F41BDE16ECF743EBA2E741456CBFB94D] : AMD Drag and Drop Transcoding -> C:\Windows\Installer\{61EDB14F-7FCE-BE34-2A7E-1454C6FB9BD4}\ARPPRODUCTICON.exe ---------- | ADS ---------- | Drives Disk: 0 Size=954G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 07-NTFS 100M Yes No 2,048 204,800 1 1 07-NTFS 307G No No 206,848 627,849,216 2 2 0F-EXTEND 647G No No 628,058,049 325,462,016 ---------- | MBR Windows Version: Windows 7 Home Premium Edition Windows Information: Service Pack 1 (build 7601), 64-bit Base Board Manufacturer: ASUSTeK Computer INC. BIOS Manufacturer: American Megatrends Inc. System Manufacturer: System manufacturer System Product Name: System Product Name Logical Drives Mask: 0x000001fc Analysis of file "C:\QuickDiag\MBR.bin": Windows 7 MBR code detected 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Nom de l’application défaillante UsbFix.exe, version : 0.0.0.0, horodatage : 0x58f8a7cb Nom du module défaillant : ltc_help32-119906.dll_unloaded, version : 0.0.0.0, horodatage : 0x58892906 Code d’exception : 0xc0000005 Décalage d’erreur : 0x707a3f82 ID du processus défaillant : 0x6c0 Heure de début de l’application défaillante : 0x01d2c1d31caf0334 Chemin d’accès de l’application défaillante : C:\UsbFix\UsbFix.exe Chemin d’accès du module défaillant: ltc_help32-119906.dll ID de rapport : c31ddaf1-2dc7-11e7-9dea-bcaec53a5ee0 ------------ Nom de l’application défaillante Explorer.EXE, version : 6.1.7601.17514, horodatage : 0x4ce7a144 Nom du module défaillant : ltc_help64-119906.dll_unloaded, version : 0.0.0.0, horodatage : 0x58892ac3 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000007feed994c15 ID du processus défaillant : 0x848 Heure de début de l’application défaillante : 0x01c19246a06a9eb6 Chemin d’accès de l’application défaillante : C:\Windows\Explorer.EXE Chemin d’accès du module défaillant: ltc_help64-119906.dll ID de rapport : c2cf4d88-2dc7-11e7-9dea-bcaec53a5ee0 ------------ Le programme iexplore.exe version 8.0.7601.17514 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : cdc Heure de début : 01c19246b8464faf Heure de fin : 16 Chemin d’accès de l’application : C:\Program Files (x86)\Internet Explorer\iexplore.exe ID de rapport : fdeed61b-2dc4-11e7-9dea-bcaec53a5ee0 ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . ------------ Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . ------------ Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . ------------ Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . ------------ Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . ------------ Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . ------------ Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . ------------ Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . ------------ Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . ------------ Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . ------------ Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . ------------ Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . ------------ Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . ------------ ----------( EOF)---------- - 2928 | 23:09:26