--------------- QuickDiag | g3n-h@ckm@n | V3_23.04.17.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 23/04/2017 15:00:23 Updated 23/04/2017 | 07.20 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Numilog (Administrator)] - [NMGLAP3120] (S-1-5-21-231832257-3894006060-2058159908-1000) System: Microsoft Windows 7 Entreprise - Service Pack 1 - (6.1.7601) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 7 Entreprise |C:\Windows|\Device\Harddisk0\Partition3 Boot : SafeMode PC: HP ProBook 450 G2 - Hewlett-Packard - IdNumber: CND4506BSH - UUID: 7786B9FF-D58D-11E3-A704-8030830000FF Processor : X64 - 1895 Mhz - Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz Default System BIOS - en-US - Hewlett-Packard - S/N: CND4506BSH - M74 Ver. 01.05 - HPQOEM - 1 CoreTemp : 127 Celsius ----------| Quick ---------- | SoundDevice Son Intel(R) pour écrans - Status: Unknown - Manufacturer: Intel(R) Corporation - PNPDeviceID: HDAUDIO\FUNC_01&VEN_8086&DEV_2807&SUBSYS_80860101&REV_1000\4&3B298268&0&0001 Realtek High Definition Audio - Status: Unknown - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0282&SUBSYS_103C2248&REV_1000\4&2B9A020E&0&0001 ---------- | Video Intel(R) HD Graphics Family - Resolution: x - Colors: - RefreshRate: - Bits Per Pixel - DeviceID: VideoController1 - Drivers: igdumdim32.dll,igd10iumd32.dll,igd10iumd32.dll - PNPDeviceID: PCI\VEN_8086&DEV_0A16&SUBSYS_2248103C&REV_0B\3&21436425&0&10 - AdapterCompatibility: Intel Corporation - RAM: 1073741824 Inegrated Video Chipset DeviceName: Intel(R) HD Graphics Family - DriverVersion: 10.18.10.3995 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 22528 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 18432 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 23552 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 12288 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 31744 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 13312 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 50176 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 12288 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 64000 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\iccvid.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 82944 - Manufacturer: Radius Inc. - Status: OK ---------- | CPU CPU #1 value:0 % CPU #2 value:0 % CPU #3 value:0 % CPU #4 value:0 % Total Overall CPU Usage value:0 % ---------- | Network WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : ROOT\MS_SSTPMINIPORT\0000 WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : ROOT\MS_AGILEVPNMINIPORT\0000 WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : ROOT\MS_L2TPMINIPORT\0000 WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : ROOT\MS_PPTPMINIPORT\0000 WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : ROOT\MS_PPPOEMINIPORT\0000 WAN Miniport (IPv6) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIPV6\0000 WAN Miniport (Network Monitor) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANBH\0000 WAN Miniport (IP) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIP\0000 Périphérique Bluetooth (réseau personnel) - - - Status: - PnPID : RAS Async Adapter - - - Status: - PnPID : Carte Microsoft ISATAP - - Microsoft - Status: - PnPID : ROOT\*ISATAP\0000 Realtek RTL8723BE 802.11 b/g/n Wi-Fi Adapter - - Realtek Semiconductor Corp. - Status: - PnPID : PCI\VEN_10EC&DEV_B723&SUBSYS_2231103C&REV_00\0023B7FEFF4CE00000 Carte Microsoft ISATAP - - Microsoft - Status: - PnPID : ROOT\*ISATAP\0001 Realtek PCIe GBE Family Controller - - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8168&SUBSYS_2248103C&REV_10\01000000684CE00000 Carte Microsoft ISATAP - - Microsoft - Status: - PnPID : ROOT\*ISATAP\0002 Microsoft Teredo Tunneling Adapter - - Microsoft - Status: - PnPID : ROOT\*TEREDO\0000 Remote NDIS based Internet Sharing Device - - - Status: - PnPID : Carte Microsoft 6to4 - - Microsoft - Status: - PnPID : ROOT\*6TO4MP\0000 Remote NDIS based Internet Sharing Device - - - Status: - PnPID : Remote NDIS based Internet Sharing Device - - - Status: - PnPID : ---------- | Memory RAM = Total (MB) : 2763 | Free (MB) : 1942 Pagefile = Total (MB) : 5524 | Free (MB) : 4728 Virtual = Total (MB) : 2097 | Free (MB) : 1937 Physical Memory 1 : Capacity: 4294967296 - Bottom-Slot 2(right) - Posit.: 2 - Manufacturer: Samsung - PartNumber: M471B5173QH0-YK0 - S/N: 24181918 ---------- | SID Users Administrateur : [S-1-5-21-231832257-3894006060-2058159908-500] Invité : [S-1-5-21-231832257-3894006060-2058159908-501] Numilog : [S-1-5-21-231832257-3894006060-2058159908-1000] Administrateurs : [S-1-5-32-544] Duplicateurs : [S-1-5-32-552] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Opérateurs de chiffrement : [S-1-5-32-569] Opérateurs de configuration réseau : [S-1-5-32-556] Opérateurs de sauvegarde : [S-1-5-32-551] Utilisateurs : [S-1-5-32-545] Utilisateurs avec pouvoir : [S-1-5-32-547] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du Bureau à distance : [S-1-5-32-555] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] KLAdmins : [S-1-5-21-231832257-3894006060-2058159908-1001] KLOperators : [S-1-5-21-231832257-3894006060-2058159908-1002] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [] | Total : 157.18 Go | Free : 110.05 Go -> NTFS [SATA] D:\ -> [Fixed] | [] | Total : 7.79 Go | Free : 7.59 Go -> FAT32 [SATA] G:\ -> [Fixed] | [Nouveau nom] | Total : 292.97 Go | Free : 292.82 Go -> NTFS [SATA] Disk Usage Information [1 total Physical Disks] Physical Drive #0 [D:, C:, G:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:0 bytes/sec, Write Maximum:0 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 4 Part. - PnPID : IDE\DISKST500LT012-1DG142_______________________1003YAM1\5&1A5E257C&0&0.0.0 ---------- | Windows updates Last detection : 2017-04-23 09:36:42 Downloaded last ones : 2017-04-22 11:28:50 Installed last ones : 2017-04-22 11:31:01 Next search : 2017-04-24 05:27:11 ---------- | Browsers IE : 11.0.9600.18639 (© Microsoft Corporation. Tous droits réservés.) FF : 53.0.0.6312 (©Firefox and Mozilla Developers; available under the MPL 2 license.) GC : 57.0.2987.133 (Copyright 2016 Google Inc.) Default : "C:\Program Files\Internet Explorer\iexplore.exe" %1 ---------- | FlashPlayer ---------- | Security AV : Kaspersky Endpoint Security 10 for Windows Enabled AS : Windows Defender Enabled AM : Malwarebytes' Anti-Malware ( 1.0.0.532) [Update : 13/04/2017 15:18:27] FW : Kaspersky Endpoint Security 10 for Windows Disabled WMI : OK WU: Windows Update Service [Auto(2)] = stopped AS: Windows Defender [Auto(2)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 272 | [Owner : Système | Parent : 4(System) | 0.92 Mo] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7601.23714) = C:\Windows\System32\smss.exe [12/04/2017 13:35:29] CPU Usage:0 % 464 | [Owner : Système | Parent : 456() | 2.87 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe [14/07/2009 00:11:09] CPU Usage:0 % 540 | [Owner : Système | Parent : 456() | 3.56 Mo] - (.Microsoft Corporation - Application de démarrage de Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe [14/07/2009 00:36:49] CPU Usage:0 % 552 | [Owner : Système | Parent : 532() | 4.39 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe [14/07/2009 00:11:09] CPU Usage:0 % 616 | [Owner : Système | Parent : 540(wininit.exe) | 5.35 Mo] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.1.7601.18829) = C:\Windows\System32\services.exe [13/05/2015 09:10:25] CPU Usage:0 % 664 | [Owner : Système | Parent : 540(wininit.exe) | 7.84 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.23714) = C:\Windows\System32\lsass.exe [12/04/2017 13:35:26] CPU Usage:0 % 676 | [Owner : Système | Parent : 540(wininit.exe) | 3.03 Mo] - (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe [20/11/2010 22:29:11] CPU Usage:0 % 692 | [Owner : Système | Parent : 532() | 3.98 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.1.7601.18540) = C:\Windows\System32\winlogon.exe [29/04/2015 09:15:33] CPU Usage:0 % 832 | [Owner : Système | Parent : 616(services.exe) | 6.95 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:19:28] CPU Usage:0 % 904 | [Owner : SERVICE RÉSEAU | Parent : 616(services.exe) | 4.41 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:19:28] CPU Usage:0 % 984 | [Owner : SERVICE LOCAL | Parent : 616(services.exe) | 7.15 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:19:28] CPU Usage:0 % 1032 | [Owner : Système | Parent : 616(services.exe) | 12.03 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:19:28] CPU Usage:0 % 1092 | [Owner : Système | Parent : 616(services.exe) | 3.69 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:19:28] CPU Usage:0 % 1132 | [Owner : SERVICE RÉSEAU | Parent : 616(services.exe) | 3.15 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:19:28] CPU Usage:0 % 1328 | [Owner : Numilog | Parent : 1320() | 32.35 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.23537) = C:\Windows\explorer.exe [13/10/2016 10:44:10] CPU Usage:0 % 1372 | [Owner : Numilog | Parent : 1328(explorer.exe) | 3.2 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (6.1.7600.16385) = C:\Windows\System32\ctfmon.exe [14/07/2009 00:26:10] CPU Usage:0 % 1620 | [Owner : Numilog | Parent : 832(svchost.exe) | 6.61 Mo] - (.Microsoft Corporation - COM Surrogate.) - (6.1.7600.16385) = C:\Windows\System32\dllhost.exe [14/07/2009 00:43:52] CPU Usage:0 % 1732 | [Owner : Numilog | Parent : 1328(explorer.exe) | 25.08 Mo] - (.SosVirus - QuickDiag.) - (23.4.17.1) = C:\Users\Numilog\Desktop\QuickDiag.exe [23/04/2017 14:57:33] CPU Usage:0 % 1796 | [Owner : SERVICE RÉSEAU | Parent : 832(svchost.exe) | 8.73 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe [20/11/2010 22:29:20] CPU Usage:0 % 1844 | [Owner : Système | Parent : 832(svchost.exe) | 5.1 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe [20/11/2010 22:29:20] CPU Usage:0 % ---------- | MD5 [MD5.6DDCA324434FFA506CF7DC4E51DB7935] - [13/10/2016 10:44:10] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [2903 Ko] - (6.1.7601.23537) : C:\Windows\Explorer.exe [MD5.342271F6142E7C70805B8A81E1BA5F5C] - [14/07/2009 00:11:09] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [6 Ko] - (6.1.7600.16385) : C:\Windows\System32\csrss.exe [MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - [14/07/2009 00:43:52] - (.© Microsoft Corporation. - COM Surrogate.) - [7 Ko] - (6.1.7600.16385) : C:\Windows\System32\dllhost.exe [MD5.E79038D7DE7CA76CBDD9B2DF061C17A1] - [12/04/2017 13:35:32] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [852 Ko] - (6.1.7601.23714) : C:\Windows\System32\Kernel32.dll [MD5.99EC6DC301E2EB98DA46EB28AF91ACAC] - [12/04/2017 13:35:26] - (.© Microsoft Corporation. - Local Security Authority Process.) - [21.5 Ko] - (6.1.7601.23714) : C:\Windows\System32\lsass.exe [MD5.1F54F58D7FA2B3442084E32CDE5E309E] - [12/04/2016 22:07:48] - (.© Microsoft Corporation. - Distributed COM Services.) - [367.5 Ko] - (6.1.7601.19143) : C:\Windows\System32\rpcss.dll [MD5.51138BEEA3E2C21EC44D0932C71762A8] - [14/07/2009 00:41:43] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [43.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\rundll32.exe [MD5.0780A42DBD7D9969F9BF4A19AA4285B5] - [13/05/2015 09:10:25] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [253 Ko] - (6.1.7601.18829) : C:\Windows\System32\services.exe [MD5.54A47F6B5E09A77E61649109C6A08866] - [14/07/2009 00:19:28] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [20.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\svchost.exe [MD5.91D4629DA1EBD286D8A7C24FBC5DC641] - [14/12/2016 09:48:06] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [792.5 Ko] - (6.1.7601.23594) : C:\Windows\System32\user32.dll [MD5.61AC3EFDFACFDD3F0F11DD4FD4044223] - [20/11/2010 22:29:06] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [26 Ko] - (6.1.7601.17514) : C:\Windows\System32\userinit.exe [MD5.B5C5DCAD3899512020D135600129D665] - [14/07/2009 00:36:49] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [94 Ko] - (6.1.7600.16385) : C:\Windows\System32\Wininit.exe [MD5.52449FD429D6053B78AE564DEF303870] - [29/04/2015 09:15:33] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [297 Ko] - (6.1.7601.18540) : C:\Windows\System32\Winlogon.exe [MD5.93B49FA857F7036A4EFF32371F6E7391] - [11/11/2015 06:24:00] - (.© Microsoft Corporation. Tous droits réservés. - Ancillary Function Driver for WinSock.) - [331 Ko] - (6.1.7601.19031) : C:\Windows\System32\Drivers\afd.sys [MD5.338C86357871C167A96AB976519BF59E] - [14/07/2009 00:11:15] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [21.08 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\atapi.sys [MD5.DDCE686D76C2B4DB435A3AF5BD0E691D] - [29/04/2015 09:15:42] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [129.94 Ko] - (6.1.7601.18231) : C:\Windows\System32\Drivers\ataport.sys [MD5.77EA11B065E0A8AB902D78145CA51E10] - [14/07/2009 00:11:15] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [69 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\cdfs.sys [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - [20/11/2010 22:29:03] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [106 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\cdrom.sys [MD5.EA9DBD76CE9254C77BAAB4339DD4C4FB] - [13/10/2016 10:48:25] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [79.5 Ko] - (6.1.7601.23542) : C:\Windows\System32\Drivers\dfsc.sys [MD5.9036377B8A6C15DC2EEC53E489D159B5] - [20/11/2010 22:29:03] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [106 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\hdaudbus.sys [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - [14/07/2009 00:11:24] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [79 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\i8042prt.sys [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - [14/07/2009 00:54:29] - (.© Microsoft Corporation. - IP Network Address Translator.) - [99.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\ipnat.sys [MD5.DF054C04C065D628B54D19BB7DDC24C1] - [12/04/2017 13:35:30] - (.© Microsoft Corporation. - Windows NT SMB Minirdr.) - [121.5 Ko] - (6.1.7601.23714) : C:\Windows\System32\Drivers\mrxsmb.sys [MD5.9804FB2E46077F2977552347DFCA7E05] - [11/11/2015 06:23:23] - (.© Microsoft Corporation. Tous droits réservés. - Pilote NDIS 6.20.) - [695.94 Ko] - (6.1.7601.19030) : C:\Windows\System32\Drivers\ndis.sys [MD5.A00996C9BFEF29A93B9F21DBE1DC502D] - [15/06/2016 11:55:02] - (.© Microsoft Corporation. - MBT Transport driver.) - [184.5 Ko] - (6.1.7601.23451) : C:\Windows\System32\Drivers\netbt.sys [MD5.978E7A2E4BF4E8E70D0776EF0D9E97FB] - [13/03/2016 10:46:00] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [1183.94 Ko] - (6.1.7601.19116) : C:\Windows\System32\Drivers\ntfs.sys [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - [14/07/2009 00:45:35] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [77.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\parport.sys [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - [14/07/2009 00:54:34] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [77 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\rasl2tp.sys [MD5.B973FCFC50DC1434E1970A146F7E3885] - [20/11/2010 22:29:49] - (.© Microsoft Corporation. - Microsoft RDP Device redirector.) - [130.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\rdpdr.sys [MD5.3E21C083B8A01CB70BA1F09303010FCE] - [14/07/2009 00:53:41] - (.© Microsoft Corporation. - SMB Transport driver.) - [69.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\smb.sys [MD5.C7E41209132B9CF084CCEA8593F61328] - [14/09/2016 06:48:14] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [1279.23 Ko] - (6.1.7601.23496) : C:\Windows\System32\Drivers\tcpip.sys [MD5.BB8817D0508DD5EA69C770C8DEF5AB67] - [11/11/2015 06:24:00] - (.© Microsoft Corporation. - TDI Translation Driver.) - [73 Ko] - (6.1.7601.19031) : C:\Windows\System32\Drivers\tdx.sys [MD5.F497F67932C6FA693D7DE2780631CFE7] - [20/11/2010 22:29:03] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [239.88 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) ---------- | Svchost.exe component call (Microsoft Files Whitelisted) ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up GarminExpressTrayApp - ("C:\Program Files\Garmin\Express Tray\ExpressTray.exe" [HKU\S-1-5-18\SOFTWARE\...\Run]) - User: AUTORITE NT\Système Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU Skype - ("C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\SOFTWARE\...\Run]) - User: NMGLAP3120\Numilog CCleaner Monitoring - ("C:\Program Files\CCleaner\CCleaner.exe" /MONITOR [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\SOFTWARE\...\Run]) - User: NMGLAP3120\Numilog GarminExpressTrayApp - ("C:\Program Files\Garmin\Express Tray\ExpressTray.exe" [HKU\.DEFAULT\SOFTWARE\...\Run]) - User: .DEFAULT AVP - ("C:\Program Files\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avp.exe" [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe" /MONITOR [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "DebugOptions"=2048 "Documents"= "DosPrint"=no "Load"= "NetMessage"=no "NullPort"=None "Programs"=com exe bat pif cmd "Device"=HP LaserJet Pro M201-M202 PCL 6,winspool,Ne01: "UserSelectedDefault"=0 [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avp.exe" [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "IconServiceLib"=IconCodecService.dll "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "GDIProcessHandleQuota"=10000 "ShutdownWarningDialogTimeout"=4294967295 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 ""=mnmsrvc "DeviceNotSelectedTimeout"=15 "Spooler"=yes "TransmissionRetryTimeout"=90 "AppInit_DLLs"= "LoadAppInit_DLLs"=0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Config.sys : FILES=40 ---------- | Tasks List ---------- | Startings up registry ¦ Folder ---------- | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "RCDependentServices"=CertPropSvc SessionEnv "NotificationTimeOut"=0 "SnapshotMonitors"=1 "ProductVersion"=5.1 "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "fDenyTSConnections"=1 "StartRCM"=0 "TSAdvertise"=0 "DeleteTempDirsOnExit"=1 "fSingleSessionPerUser"=1 "PerSessionTempDir"=0 "TSUserEnabled"=0 "InstanceID"=030a642a-ec56-45d2-ba7e-cb120f3 "RailShowallNotifyIcons"=1 "RDPVGCInstalled"=1 "fCredentialLessLogonSupported"=1 "fCredentialLessLogonSupportedTSS"=1 "fCredentialLessLogonSupportedKMRDP"=1 [HKLM\System\CurrentControlSet\Control\Session Manager] "CriticalSectionTimeout"=2592000 "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "ProcessorControl"=2 "ResourceTimeoutCount"=648000 "BootExecute"=autocheck autochk * "ExcludeFromKnownDlls"= "ObjectDirectories"=\Windows \RPC Control "ProtectionMode"=1 "NumberOfInitialSessions"=2 "SetupExecute"= [HKLM\System\CurrentControlSet\Control] "PreshutdownOrder"=wuauserv gpsvc trustedinstaller "WaitToKillServiceTimeout"=200 "CurrentUser"=USERNAME "BootDriverFlags"=0 "ServiceControlManagerExtension"=%systemroot%\system32\scext.dll "SystemStartOptions"= NOEXECUTE=OPTIN SAFEBOOT:MINIMAL SOS BOOTLOG NOGUIBOOT BOOTLOGO "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(3) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(2) [HKLM\System\CurrentControlSet\Control\lsa] "auditbaseobjects"=0 "auditbasedirectories"=0 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "Bounds"=0x0030000000200000 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=scecli "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u "Authentication Packages"=msv1_0 "LsaPid"=664 "SecureBoot"=1 "ProductType"=4 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 ---------- | .LNK with Arguments c:\users\numilog\desktop\adsfix_donate.lnk - Encrypted: False - Target: C:\Program Files\Internet Explorer\iexplore.exe - Args: (hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN) - Hidden: False - Status: OK ---------- | AppCertDlls ---------- | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Control Panel\Desktop] "ScreenSaveActive"=1 "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "UserPreferencesMask"=0x9E3E078012000000 "Wallpaper"=C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg [28/04/2015 14:45:46] "WaitToKillAppTimeout"=200 [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003028000000000000000000000000000001000000120000000000000022000000 "CleanShutdown"=0 "EnableAutoTray"=1 [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=2 "ShowCompColor"=1 "HideFileExt"=1 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "SuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=4 "Start_ShowMyGames"=1 ""=0 "TaskbarSizeMove"=1 "DisablePreviewDesktop"=0 "TaskbarSmallIcons"=0 "TaskbarGlomLevel"=0 "Start_PowerButtonAction"=2 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveTypeAutoRun"=60 [HKLM\Software\Policies\Microsoft\WindowsFirewall\DomainProfile] "EnableFirewall"=1 [HKLM\Software\Policies\Microsoft\WindowsFirewall\PublicProfile] "EnableFirewall"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=76 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin "BuildNumber"=7601 "FirstLogon"=0 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Userinit"=C:\Windows\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=14 "PowerdownAfterShutdown"=0 "ShutdownWithoutLogon"=0 "WinStationsDisabled"=0 "DisableCAD"=0 "scremoveoption"=0 "ShutdownFlags"=39 "AutoAdminLogon"=0 "DefaultUserName"=Numilog ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] "PerceivedType"=text ""=htafile "Content Type"=application/hta [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\System32\mshta.exe "%1" %* [HKLM\Software\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\Clients\StartMenuInternet\Chromium.M4APBVWJWWSZDZMIIC4U23Q57U\Shell\open\Command] ""="C:\Users\Numilog\AppData\Local\Chromium\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Chromium.M4APBVWJWWSZDZMIIC4U23Q57U\InstallInfo] "ReinstallCommand"="C:\Users\Numilog\AppData\Local\Chromium\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files\Internet Explorer\iexplore.exe" [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "F:\logiciels Utilitaires\drivers HP ProBook 450 G2\sp69918.exe"=1 "F:\logiciels Utilitaires\AdbeRdr1014_fr_FR.exe"=1 "SIGN.MEDIA=33F964 MInst.exe"=1 "\\10.87.2.169\adm\ \LJ_Pro_M201-M202_Full_Solution_16064.exe"=1 "C:\Users\Numilog\Downloads\vlc-2.2.4-win32 (1).exe"=1 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=0 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=128920209537502489 "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=0 "ProductStatus"=0 "InstallTime"=0xDEC71718B081D001 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\53562870.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\53562870.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] ---------- | Winsock (Whitelist) ---------- | Hosts ---------- | Ping ---------- | @ [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\Windows\system32\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "XMLHTTP"=1 "NoUpdateCheck"=1 "UseClearType"=no "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"= "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF27000000270000007C0300007F020000 "Start Page Redirect Cache"=http://www.msn.com/ar-eg/?ocid=iehp "Start Page Redirect Cache_TIMESTAMP"=0x3CEC76124C82D001 "Start Page Redirect Cache AcceptLangs"=fr "OperationalData"=5 "ImageStoreRandomFolder"=2qxur6e "IE10RunOnceLastShown"=1 "IE10RunOnceLastShown_TIMESTAMP"=0x84F1998A1A8BD001 "IE10TourShown"=1 "IE10TourShownTime"=0xA592A18A1A8BD001 "DisableScriptDebuggerIE"=yes "DoNotTrack"=1 "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0xE3DEFAE2AAB4D201 [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "WarnOnPost"=0x01000000 "UrlEncoding"=0 "SecureProtocols"=2688 "PrivacyAdvanced"=0 "ZonesSecurityUpgrade"=0xFF0894F5F116D101 "DisableCachingOfSSLPages"=0 "WarnonZoneCrossing"=0 "CertificateRevocation"=1 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "ProxyHttp1.1"=1 "ProxyOverride"=*.local "WarNonBadCertReceving"=1 "WarNonHTTPSToHTTPRedirect"=1 [HKLM\Software\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Check_Associations"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files\Internet Explorer\IEXPLORE.EXE [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- %SystemRoot%\system32\EhStorShell.dll [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7} -- C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [19/12/2013 00:41:02] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} -- C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [19/12/2013 00:41:02] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399} -- C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [19/12/2013 00:41:02] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619} -- C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [19/12/2013 00:41:02] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} -- C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [19/12/2013 00:41:02] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81} -- %SystemRoot%\System32\cscui.dll [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} -- %SystemRoot%\system32\ntshrui.dll [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=Groove GFS Stub Execution Hook ---------- | Toolbar [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 "ShowDiscussionButton"=Yes [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultPackCorrection"=1 "KnownProvidersUpgradeTime"=0x970666821A8BD001 "Version"=4 "UpgradeTime"=0xFADE3D851A8BD001 "DefaultPackNTCorrection"=1 ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (&Envoyer à OneNote) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (Notes &liées OneNote) - [] ---------- | SearchScopes [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] -> (Groove GFS Browser Helper) : C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [19/12/2013 00:41:02] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [26/05/2015 17:11:35] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] -> (Office Document Cache Handler) : C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [06/03/2013 07:37:48] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [26/05/2015 17:11:34] ---------- | Chrome C:\Users\mehdi.benhadid\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\mehdi.benhadid\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\mehdi.benhadid\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\mehdi.benhadid\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\mehdi.benhadid\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\mehdi.benhadid\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\mehdi.benhadid\AppData\Local\Google\Chrome\User Data\Default\extensions\noaijdpnepcgjemiklgfkcfbkokogabh = : __MSG_extDescription__ - short_name: ImTranslator - matches:[\u003Call_urls>] - http://clients2.google.com/service/update2/crx C:\Users\mehdi.benhadid\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx C:\Users\Numilog\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Numilog\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Create share and access your Google Docs from anywhere. - Docs - http://clients2.google.com/service/update2/crx C:\Users\Numilog\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\Numilog\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com/ - Google & co - http://clients2.google.com/service/update2/crx C:\Users\Numilog\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Numilog\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Numilog\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Numilog\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx C:\Users\Numilog\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx ---------- | Opera ---------- | Firefox [HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2] - (Java™ Deployment Toolkit) : C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] - (Office Authorization plug-in for NPAPI browsers) : C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [HKLM\Software\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll C:\Users\mehdi.benhadid\AppData\Roaming\Mozilla\Firefox\Profiles\8o74i544.default-1488819881494\Prefs.js user_pref("browser.startup.homepage", "https://www.google.com/"); user_pref("browser.startup.homepage_override.buildID", "20170413192749"); user_pref("browser.startup.homepage_override.mstone", "53.0"); user_pref("extensions.adblockplus.currentVersion", "2.8.2"); user_pref("extensions.adblockplus.notificationdata", "{\"lastCheck\":1492939432177,\"softExpiration\":1492997734448,\"hardExpiration\":1493070672137,\"data\":{\"notifications\":[],\"version\":\"201704222151\"},\"lastError\":0,\"downloadStatus\":\"synchronize_ok\",\"downloadCount\":6,\"shown\":[\"antiadblock\"]}"); user_pref("extensions.adblockplus.recentReports", "[{\"site\":\"www.leboncoin.fr\",\"reportURL\":\"https://reports.adblockplus.org/8c8c62a5-e0ca-4708-ae20-0187c021c75d\",\"time\":1492381739507}]"); user_pref("extensions.blocklist.pingCountTotal", 26); user_pref("extensions.blocklist.pingCountVersion", -1); user_pref("extensions.bootstrappedAddons", "{\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"version\":\"2.8.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\mehdi.benhadid\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8o74i544.default-1488819881494\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":false,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"e10srollout@mozilla.org\":{\"version\":\"1.14\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"firefox@getpocket.com\":{\"version\":\"1.0.5\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"webcompat@mozilla.org\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\webcompat@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"aushelper@mozilla.org\":{\"version\":\"2.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\aushelper@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false}}"); user_pref("extensions.databaseSchema", 19); user_pref("extensions.e10s.rollout.blocklist", "{dc572301-7619-498c-a57d-39143191b318};firefox@mega.co.nz"); user_pref("extensions.e10s.rollout.hasAddon", true); user_pref("extensions.e10s.rollout.policy", "50allmpc"); user_pref("extensions.e10sBlockedByAddons", true); user_pref("extensions.enabledAddons", "%7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:10.36,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:53.0"); user_pref("extensions.getAddons.cache.lastUpdate", 1492898085); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.hotfix.lastVersion", "20170302.01"); user_pref("extensions.lastAppVersion", "53.0"); user_pref("extensions.lastPlatformVersion", "53.0"); user_pref("extensions.pendingOperations", false); user_pref("extensions.pocket.settings.test.panelSignUp", "control"); user_pref("extensions.pocket.settings.test.panelTab", "control"); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}"); user_pref("extensions.ui.dictionary.hidden", true); user_pref("extensions.ui.experiment.hidden", true); user_pref("extensions.ui.lastCategory", "addons://search/traducteur"); user_pref("extensions.ui.locale.hidden", true); user_pref("extensions.xpiState", "{\"app-profile\":{\"{9AA46F4F-4DC7-4c06-97AF-5035170634FE}\":{\"d\":\"C:\\\\Users\\\\mehdi.benhadid\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8o74i544.default-1488819881494\\\\extensions\\\\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi\",\"e\":true,\"v\":\"10.36\",\"st\":1492459124575},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"d\":\"C:\\\\Users\\\\mehdi.benhadid\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8o74i544.default-1488819881494\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"e\":true,\"v\":\"2.8.2\",\"st\":1492285923763}},\"app-system-defaults\":{\"aushelper@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\aushelper@mozilla.org.xpi\",\"e\":true,\"v\":\"2.0\",\"st\":1492151853892},\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.14\",\"st\":1492151853900},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"e\":true,\"v\":\"1.0.5\",\"st\":1492151867376},\"webcompat@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\webcompat@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1492151853918}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":true,\"v\":\"53.0\",\"st\":1492151853925}}}"); user_pref("network.proxy.type", 4); C:\Users\Numilog\AppData\Roaming\Mozilla\Firefox\Profiles\b2v0n63f.default\Prefs.js user_pref("browser.startup.homepage_override.buildID", "20170413192749"); user_pref("browser.startup.homepage_override.mstone", "53.0"); user_pref("extensions.blocklist.pingCountTotal", 2); user_pref("extensions.blocklist.pingCountVersion", -1); user_pref("extensions.bootstrappedAddons", "{\"e10srollout@mozilla.org\":{\"version\":\"1.14\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"firefox@getpocket.com\":{\"version\":\"1.0.5\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"webcompat@mozilla.org\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\webcompat@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"aushelper@mozilla.org\":{\"version\":\"2.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\aushelper@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false}}"); user_pref("extensions.databaseSchema", 19); user_pref("extensions.e10s.rollout.blocklist", "{dc572301-7619-498c-a57d-39143191b318};firefox@mega.co.nz"); user_pref("extensions.e10s.rollout.hasAddon", false); user_pref("extensions.e10s.rollout.policy", "50allmpc"); user_pref("extensions.e10sBlockedByAddons", false); user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:53.0"); user_pref("extensions.getAddons.cache.lastUpdate", 1481931386); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.hotfix.lastVersion", "20160826.01"); user_pref("extensions.lastAppVersion", "53.0"); user_pref("extensions.lastPlatformVersion", "53.0"); user_pref("extensions.pendingOperations", false); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}"); user_pref("extensions.xpiState", "{\"app-system-defaults\":{\"aushelper@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\aushelper@mozilla.org.xpi\",\"e\":true,\"v\":\"2.0\",\"st\":1492151853892},\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.14\",\"st\":1492151853900},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"e\":true,\"v\":\"1.0.5\",\"st\":1492151867376},\"webcompat@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\webcompat@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1492151853918}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":true,\"v\":\"53.0\",\"st\":1492151853925}}}"); [Profile0] - Name=default-1488819881494 -> Profiles/8o74i544.default-1488819881494 [Profile0] - Name=default -> Profiles/b2v0n63f.default ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "Domain"=Cevital.com [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{0FF6F090-2490-479C-AD2E-59B31B2A022D}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{10222F3F-B1DA-458E-BDC2-52BD0D8EBCF9}] "DhcpNameServer"=192.168.42.129 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{70D3C4D1-A1CE-440F-A995-654146473100}] "DhcpNameServer"=192.168.42.129 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{B98334F3-1535-4CB4-8835-581F72BBAC1B}] "NameServer"=8.8.8.8 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{0FF6F090-2490-479C-AD2E-59B31B2A022D}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{10222F3F-B1DA-458E-BDC2-52BD0D8EBCF9}] "DhcpNameServer"=192.168.42.129 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{70D3C4D1-A1CE-440F-A995-654146473100}] "DhcpNameServer"=192.168.42.129 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{B98334F3-1535-4CB4-8835-581F72BBAC1B}] "NameServer"=8.8.8.8 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{0FF6F090-2490-479C-AD2E-59B31B2A022D}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{10222F3F-B1DA-458E-BDC2-52BD0D8EBCF9}] "DhcpNameServer"=192.168.42.129 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{70D3C4D1-A1CE-440F-A995-654146473100}] "DhcpNameServer"=192.168.42.129 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{B98334F3-1535-4CB4-8835-581F72BBAC1B}] "NameServer"=8.8.8.8 ---------- | Applications [HKLM\SOFTWARE\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\ois.exe] : C:\PROGRA~1\MICROS~1\Office14\OIS.EXE /shellOpen "%1" [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "regsvc"=RemoteRegistry "DcomLaunch"=Power PlugPlay DcomLaunch "secsvcs"=WinDefend "bthsvcs"=bthserv "PeerDist"=PeerDistSvc "HPZ12"=Pml Driver HPZ12 Net Driver HPZ12 ---------- | SvcHost - Netsvcs (Whitelist) Term - : ---------- | Software [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Adobe] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Aiseesoft Studio] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\AppDataLow] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Apple Inc.] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\BoaSoftware] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Canon] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Clients] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Clubic] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Developer Express] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\g3n-h@ckm@n] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Google] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Hewlett-Packard] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\HP] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\IM Providers] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Intel] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\JavaSoft] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\KasperskyLab] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Microsoft] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Mirage] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Mozilla] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\MozillaPlugins] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Netscape] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Northcode Inc] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\ODBC] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Piriform] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Policies] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Realtek] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Skype] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\sysinternals] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Trolltech] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\VB and VBA Program Settings] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\VS Revo Group] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\WinRAR] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\WinRAR SFX] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\ZHP] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\SOFTWARE\AppDataLow\Software\JavaSoft] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\Adobe] [HKLM\Software\AdsFix] [HKLM\Software\Apple Inc.] [HKLM\Software\ATI Technologies] [HKLM\Software\Canon] [HKLM\Software\CBSTEST] [HKLM\Software\Cisco Systems, Inc.] [HKLM\Software\Clients] [HKLM\Software\DigitalPersona] [HKLM\Software\Dolby] [HKLM\Software\DTS] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Global IP Solutions] [HKLM\Software\Google] [HKLM\Software\GuidGuid13] [HKLM\Software\Hewlett-Packard] [HKLM\Software\HSPA] [HKLM\Software\IM Providers] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KasperskyLab] [HKLM\Software\Khronos] [HKLM\Software\Knowles] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\mozilla.org] [HKLM\Software\MozillaPlugins] [HKLM\Software\ODBC] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\REALTEK Semiconductor Corp.] [HKLM\Software\RegisteredApplications] [HKLM\Software\RtWLan] [HKLM\Software\Skype] [HKLM\Software\Sonic] [HKLM\Software\SonicFocus] [HKLM\Software\SRS Labs] [HKLM\Software\Sysinternals] [HKLM\Software\TeamViewer] [HKLM\Software\Validity] [HKLM\Software\Volatile] [HKLM\Software\Waves Audio] [HKLM\Software\WinRAR] [HKLM\Software\WOW6432Node] [HKLM\Software\ZKSoftware] [HKLM\Software\ZKTeco] [HKLM\Software\ZKTimeNetV2] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\Help] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] ---------- | Drives D: [08/05/2014 10:37:01] - |A| - (.-.) - [2831] - (0.0.0.0) - D:\BNB14WWR4AD301.ini [23/01/2009 16:20:42] - |A| - (.-.) - [66945] - (0.0.0.0) - D:\command.com G: ---------- | C: [23/04/2017 14:19:20] - |SHD| - [129] - C:\$RECYCLE.BIN [23/04/2017 10:54:47] - |D| - [573941669] - C:\AdsFix [MD5.2D28AF3172CDAC9C3AF92DBD8D334BFE] - [23/04/2017 12:02:09] - |A| - (.-.) - [21247] - (0.0.0.0) - C:\AdsFix_23_04_2017_14_18_30.txt [13/04/2017 11:27:53] - |D| - [6878902] - C:\AdwCleaner [MD5.D9EBEC6668A6092FCBD1713C347AA5E0] - [14/07/2009 03:04:04] - |A| - (.-.) - [24] - (0.0.0.0) - C:\autoexec.bat [MD5.ED4FC5980BD8B1AD869FF725C7776338] - [14/07/2009 03:04:04] - |A| - (.-.) - [10] - (0.0.0.0) - C:\config.sys [14/07/2009 05:53:55] - |SHD| - [0] - C:\Documents and Settings [MD5.D41D8CD98F00B204E9800998ECF8427E] - [28/04/2015 13:34:33] - |ASH| - (.-.) - [2121879552] - (0.0.0.0) - C:\hiberfil.sys [07/12/2016 13:45:37] - |D| - [206848266] - C:\HP_LaserJet_Pro_M201-M202 [28/04/2015 14:55:18] - |D| - [58956] - C:\Intel [MD5.D41D8CD98F00B204E9800998ECF8427E] - [07/12/2016 18:22:13] - |RASH| - (.-.) - [0] - (0.0.0.0) - C:\IO.SYS [MD5.D41D8CD98F00B204E9800998ECF8427E] - [07/12/2016 18:22:13] - |RASH| - (.-.) - [0] - (0.0.0.0) - C:\MSDOS.SYS [28/04/2015 17:12:29] - |RHD| - [741479601] - C:\MSOCache [MD5.D41D8CD98F00B204E9800998ECF8427E] - [28/04/2015 13:34:34] - |ASH| - (.-.) - [2829172736] - (0.0.0.0) - C:\pagefile.sys [14/07/2009 03:37:05] - |D| - [0] - C:\PerfLogs [14/07/2009 03:37:05] - |RD| - [3336457840] - C:\Program Files [14/07/2009 03:37:05] - |HD| - [3720269311] - C:\ProgramData [23/04/2017 15:00:18] - |D| - [261556] - C:\QuickDiag [MD5.97AEE8BC61E13ECCDEBDC485B63A7DB0] - [23/04/2017 15:00:23] - |A| - (.-.) - [87962] - (0.0.0.0) - C:\QuickDiag.txt [28/04/2015 14:45:30] - |SHD| - [150201734] - C:\Recovery [28/04/2015 14:53:52] - |D| - [230564467] - C:\SWSetup [28/04/2015 15:57:45] - |D| - [422986] - C:\SysInfo [28/04/2015 13:34:33] - |SHD| - [0] - C:\System Volume Information [MD5.FCA29E32BE5E8405CC16FCAA2A920E25] - [16/04/2017 00:36:49] - |A| - (.-.) - [418568] - (0.0.0.0) - C:\TDSSKiller.3.1.0.12_16.04.2017_00.36.49_log.txt [16/04/2017 00:41:12] - |D| - [28784] - C:\TDSSKiller_Quarantine [14/07/2009 03:37:05] - |RD| - [10304075578] - C:\Users [14/07/2009 03:37:05] - |D| - [24859300369] - C:\Windows ---------- | C:\Windows [14/07/2009 05:52:30] - |D| - [802] - C:\Windows\addins [14/07/2009 03:37:05] - |D| - [20868440] - C:\Windows\AppCompat [14/07/2009 03:37:05] - |D| - [9916402] - C:\Windows\AppPatch [14/07/2009 03:37:05] - |RSD| - [894471420] - C:\Windows\assembly [MD5.DBD14D0DB0382DFE96D7B5007DDD5ABE] - [20/11/2010 22:29:04] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [65024] - (6.1.7601.17514) - C:\Windows\bfsvc.exe [21/11/2010 01:25:32] - |SHD| - [553227] - C:\Windows\BitLockerDiscoveryVolumeContents [14/07/2009 03:37:06] - |D| - [18320680] - C:\Windows\Boot [MD5.8FDA8133FF5C5C527F64EE802162888F] - [14/07/2009 05:57:37] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [14/07/2009 03:37:06] - |D| - [3233280] - C:\Windows\Branding [21/11/2010 01:25:32] - |D| - [0] - C:\Windows\CSC [14/07/2009 03:37:06] - |D| - [2113488] - C:\Windows\Cursors [14/07/2009 05:34:21] - |D| - [28627] - C:\Windows\debug [14/07/2009 05:52:30] - |D| - [3044159] - C:\Windows\diagnostics [21/11/2010 01:20:20] - |D| - [0] - C:\Windows\DigitalLocker [02/04/2017 15:01:02] - |D| - [2300] - C:\Windows\dot3svc [14/07/2009 05:52:30] - |D| - [65] - C:\Windows\Downloaded Program Files [20/07/2016 11:00:44] - |D| - [2019730] - C:\Windows\dpdrv [MD5.A8D1A9C8D9DBD2FD4FA8E8F09D83C97A] - [20/02/2017 23:56:10] - |A| - (.-.) - [7192] - (0.0.0.0) - C:\Windows\DPINST.LOG [21/11/2010 01:25:32] - |D| - [106301103] - C:\Windows\ehome [MD5.8E2EAB159E66CEF2CA63671C20D08AA0] - [21/11/2010 01:26:00] - |A| - (.-.) - [53555] - (0.0.0.0) - C:\Windows\Enterprise.xml [MD5.6DDCA324434FFA506CF7DC4E51DB7935] - [13/10/2016 10:44:10] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [2972672] - (6.1.7601.23537) - C:\Windows\explorer.exe [14/07/2009 03:37:06] - |RSD| - [396149455] - C:\Windows\Fonts [21/11/2010 01:20:20] - |D| - [142336] - C:\Windows\fr-FR [MD5.F9202335BBA03A02F084FE588564BBF5] - [14/07/2009 00:12:58] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de chiffrement de lecteur BitLocker.) - [13824] - (6.1.7600.16385) - C:\Windows\fveupdate.exe [14/07/2009 03:37:06] - |D| - [21741460] - C:\Windows\Globalization [14/07/2009 03:37:06] - |D| - [41245835] - C:\Windows\Help [MD5.155DA2D5BCA16FB7B017D0F3A7C93C03] - [15/03/2017 14:20:30] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [497152] - (6.1.7601.23674) - C:\Windows\HelpPane.exe [MD5.9B90B0C78671A4881D06C91941F6F379] - [14/07/2009 01:12:22] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [15360] - (6.1.7600.16385) - C:\Windows\hh.exe [14/07/2009 03:37:06] - |D| - [143547244] - C:\Windows\IME [14/07/2009 03:37:06] - |D| - [134060315] - C:\Windows\inf [28/04/2015 14:54:38] - |SHD| - [6408177055] - C:\Windows\Installer [14/07/2009 03:37:06] - |D| - [48371] - C:\Windows\L2Schemas [14/07/2009 03:37:06] - |D| - [0] - C:\Windows\LiveKernelReports [14/07/2009 03:37:06] - |D| - [32332016] - C:\Windows\Logs [14/07/2009 03:37:06] - |RSD| - [13358214] - C:\Windows\Media [MD5.D498D7603E7871BD95FD6B5B2F1E995C] - [16/04/2017 16:21:46] - |A| - (.-.) - [200900694] - (0.0.0.0) - C:\Windows\MEMORY.DMP [MD5.23AF90D2355D8C83AA4567EF1763B467] - [14/07/2009 00:55:01] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [14/07/2009 03:37:07] - |D| - [723809658] - C:\Windows\Microsoft.NET [07/06/2015 07:09:42] - |D| - [3634] - C:\Windows\Migration [03/04/2017 13:26:54] - |D| - [683336] - C:\Windows\Minidump [14/07/2009 03:37:07] - |D| - [0] - C:\Windows\ModemLogs [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 03:04:57] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\Windows\msdfmap.ini [MD5.A4F6DF0E33E644E802C8798ED94D80EA] - [24/08/2015 06:46:09] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [179712] - (6.1.7601.18917) - C:\Windows\notepad.exe [MD5.FD7928E828BBB2D06D930A94AB4724D3] - [14/04/2017 01:07:41] - |A| - (.-.) - [1510690] - (0.0.0.0) - C:\Windows\ntbtlog.txt [14/07/2009 05:52:30] - |D| - [65] - C:\Windows\Offline Web Pages [28/04/2015 14:34:03] - |D| - [670883] - C:\Windows\Panther [28/04/2015 17:14:11] - |D| - [0] - C:\Windows\PCHEALTH [14/07/2009 05:52:30] - |D| - [62166069] - C:\Windows\Performance [MD5.0478EC80D57CF6EDD57101C063F0281E] - [05/02/2017 13:24:49] - |A| - (.-.) - [17070] - (0.0.0.0) - C:\Windows\PFRO.log [14/07/2009 03:37:07] - |D| - [1132015] - C:\Windows\PLA [14/07/2009 03:37:07] - |D| - [5806266] - C:\Windows\PolicyDefinitions [28/04/2015 13:35:22] - |D| - [68524801] - C:\Windows\Prefetch [MD5.8A4883F5E7AC37444F23279239553878] - [14/07/2009 00:17:08] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [398336] - (6.1.7600.16385) - C:\Windows\regedit.exe [14/07/2009 03:37:07] - |D| - [21544] - C:\Windows\registration [21/11/2010 01:25:32] - |D| - [0] - C:\Windows\RemotePackages [14/07/2009 03:37:07] - |D| - [8372307] - C:\Windows\rescache [14/07/2009 03:37:07] - |D| - [1674534] - C:\Windows\Resources [14/07/2009 03:37:07] - |D| - [0] - C:\Windows\SchCache [14/07/2009 03:37:07] - |D| - [58021] - C:\Windows\schemas [14/07/2009 03:37:07] - |D| - [4502484] - C:\Windows\security [14/07/2009 05:34:13] - |D| - [55966026] - C:\Windows\ServiceProfiles [14/07/2009 03:37:07] - |D| - [81447028] - C:\Windows\servicing [14/07/2009 05:34:16] - |D| - [42] - C:\Windows\Setup [MD5.36E5414BDB0AC891E040FB23EA2440C6] - [05/02/2017 13:24:55] - |A| - (.-.) - [12027] - (0.0.0.0) - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [05/02/2017 13:24:55] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log [21/11/2010 01:25:32] - |D| - [98104] - C:\Windows\ShellNew [28/04/2015 13:37:37] - |D| - [1027317727] - C:\Windows\SoftwareDistribution [14/07/2009 03:37:07] - |D| - [70586312] - C:\Windows\Speech [MD5.9060C3C745E7B2D8E1A81DD061021546] - [14/07/2009 05:48:09] - |A| - (.-.) - [48201] - (0.0.0.0) - C:\Windows\Starter.xml [14/07/2009 03:37:07] - |D| - [700380] - C:\Windows\system [MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 03:04:23] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [14/07/2009 03:37:07] - |D| - [3817640517] - C:\Windows\System32 [14/07/2009 03:37:09] - |D| - [15] - C:\Windows\TAPI [14/07/2009 03:37:09] - |D| - [32502] - C:\Windows\Tasks [14/07/2009 03:37:09] - |D| - [524288] - C:\Windows\Temp [14/07/2009 03:37:09] - |D| - [0] - C:\Windows\tracing [MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/06/2009 22:41:17] - |A| - (.- Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\Windows\twain.dll [14/07/2009 05:52:30] - |D| - [15628206] - C:\Windows\twain_32 [MD5.163A95975E1D8819E653AA3E961371CA] - [20/11/2010 22:29:41] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\Windows\twain_32.dll [MD5.F36A271706EDD23C94956AFB56981184] - [13/07/2009 23:47:26] - |A| - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\Windows\twunk_16.exe [MD5.0BD6E68F3EA0DD62CD86283D86895381] - [14/07/2009 01:14:40] - |A| - (.- Twain.dll Client's 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\Windows\twunk_32.exe [14/07/2009 03:37:09] - |D| - [12420] - C:\Windows\Vss [14/07/2009 03:37:09] - |D| - [40681427] - C:\Windows\Web [MD5.2465EBC8CD6E412CDC1AB9FEF40BCAE6] - [14/07/2009 03:04:23] - |A| - (.-.) - [478] - (0.0.0.0) - C:\Windows\win.ini [MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [14/07/2009 05:41:57] - |RAH| - (.-.) - [749] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.C335B2A338E0985A9A2B70CFF06E34D7] - [28/04/2015 13:37:36] - |A| - (.-.) - [1284074] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.8E6F7D51A5CB299C25621C6C1AB57E84] - [13/07/2009 21:29:46] - |A| - (.Copyright © Microsoft Corp. 1991-1992 - Windows Help Engine application file.) - [256192] - (3.10.0.425) - C:\Windows\winhelp.exe [MD5.1D420D66250BCAAAED05724FB34008CF] - [14/07/2009 01:12:29] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [9728] - (6.1.7600.16385) - C:\Windows\winhlp32.exe [14/07/2009 03:37:09] - |D| - [10410655206] - C:\Windows\winsxs [MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [10/06/2009 22:34:23] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.6E8EACC0B339365D79A2C06896865D3D] - [14/07/2009 00:41:00] - |A| - (.© Microsoft Corporation. - Windows Write.) - [9216] - (6.1.7600.16385) - C:\Windows\write.exe [MD5.B317B33694BAC49D492DD3F23E374899] - [13/07/2009 22:30:30] - |A| - (.-.) - [707] - (0.0.0.0) - C:\Windows\_default.pif ---------- | C:\Windows\System32\GroupPolicy ---------- | Systemroot\System [14/07/2009 00:00:47] - |A| - [69584] - C:\Windows\System\avicap.dll (Copyright © Microsoft Corp. 1992-1994) - (AVI Capture DLL) [14/07/2009 00:00:47] - |A| - [109456] - C:\Windows\System\avifile.dll (Copyright © Microsoft Corp. 1991-2000) - (Microsoft AVI File support library) [13/07/2009 22:41:42] - |A| - [32816] - C:\Windows\System\COMMDLG.DLL (Copyright © Microsoft Corp. 1981-1996) - (Common Dialogs libraries) [13/07/2009 22:41:23] - |A| - [2000] - C:\Windows\System\keyboard.drv (Copyright © Microsoft Corp. 1981-1996) - (WOW Keyboard Driver Module) [13/07/2009 21:29:46] - |A| - [9936] - C:\Windows\System\lzexpand.dll (Copyright © Microsoft Corp. 1989-1992) - (Windows file expansion library) [14/07/2009 00:00:47] - |A| - [73376] - C:\Windows\System\mciavi.drv (Copyright © Microsoft Corp. 1992-1994) - (MCI driver for AVI) [14/07/2009 00:00:47] - |A| - [25264] - C:\Windows\System\mciseq.drv (Copyright © Microsoft Corp. 1991) - (MCI driver for MIDI sequencer) [14/07/2009 00:00:47] - |A| - [28160] - C:\Windows\System\mciwave.drv (Copyright © Microsoft Corp. 1991) - (MCI driver for waveform audio) [13/07/2009 22:41:32] - |A| - [68992] - C:\Windows\System\MMSYSTEM.DLL (Copyright © Microsoft Corp. 1981-1996) - (System APIs for Multimedia) [13/07/2009 22:41:32] - |A| - [1152] - C:\Windows\System\mmtask.tsk (Copyright © Microsoft Corp. 1981-1996) - (Multimedia background task support module) [13/07/2009 22:41:27] - |A| - [2032] - C:\Windows\System\mouse.drv (Copyright © Microsoft Corp. 1981-1996) - (WOW MOUSE Driver Module) [10/06/2009 22:21:50] - |A| - [126912] - C:\Windows\System\msvideo.dll (Copyright © Microsoft Corp. 1992-1994) - (Microsoft Video for Windows DLL) [13/07/2009 21:29:46] - |A| - [82944] - C:\Windows\System\olecli.dll (Copyright © Microsoft Corp. 1991-1993) - (Object Linking and Embedding Client Library) [13/07/2009 22:41:50] - |A| - [24064] - C:\Windows\System\OLESVR.DLL (Copyright © Microsoft Corp. 1991-1996) - (Object Linking and Embedding Server Library) [13/07/2009 22:41:22] - |A| - [5120] - C:\Windows\System\SHELL.DLL (Copyright © Microsoft Corp. 1981-1996) - (Windows Shell library) [13/07/2009 22:41:23] - |A| - [1744] - C:\Windows\System\sound.drv (Copyright © Microsoft Corp. 1981-1996) - (WOW SOUND Driver Module) [13/07/2009 23:00:27] - |A| - [5532] - C:\Windows\System\stdole.tlb (Copyright © Microsoft Corp. 1993-1995) - (OLE 2.1 16/32 Interoperability Type Library) [13/07/2009 22:41:21] - |A| - [3360] - C:\Windows\System\system.drv (Copyright © Microsoft Corp. 1981-1996) - (Windows System Driver core component) [13/07/2009 22:41:39] - |A| - [4048] - C:\Windows\System\TIMER.DRV (Copyright © Microsoft Corp. 1981-1996) - (Timer driver for PC compatibles) [13/07/2009 21:29:46] - |A| - [9008] - C:\Windows\System\ver.dll (Copyright © Microsoft Corp. 1991) - (Version Checking and File Installation Libraries) [13/07/2009 22:41:26] - |A| - [2176] - C:\Windows\System\vga.drv (Copyright © Microsoft Corp. 1981-1996) - (WOW Display Driver Module) [13/07/2009 22:41:45] - |A| - [12704] - C:\Windows\System\WFWNET.DRV (Copyright © Microsoft Corp. 1981-1996) - (Windows for Workgroups network driver) ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [26/05/2015 17:11:16] - C:\Windows\Installer\130c36.msi : (Java SE Runtime Environment 8.0 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/05/2015 17:11:08] - C:\Windows\Installer\130c3d.msi : (Java Auto Updater - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/03/2015 09:41:29] - C:\Windows\Installer\176968.msi : ( - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/09/2012 08:49:12] - C:\Windows\Installer\21c425.msi : (HP Unified IO - HP) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/02/2014 01:13:14] - C:\Windows\Installer\21c42e.msi : (32 Bit HP CIO Components Installer Package - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/06/2013 16:14:58] - C:\Windows\Installer\21c435.msi : (HP Update - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/11/2013 09:42:46] - C:\Windows\Installer\21c43c.msi : (hppM201-M202LaserJetService - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/06/2014 07:32:52] - C:\Windows\Installer\21c443.msi : ( - ) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/02/2014 21:10:14] - C:\Windows\Installer\21c44a.msi : (HP Product FWUpdater - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/10/2015 09:50:50] - C:\Windows\Installer\21c452.msi : (hpStatusAlertsM201-M202 - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/07/2015 21:49:04] - C:\Windows\Installer\21c459.msi : (hpStatusAlerts - HP Development Company, L.P.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/03/2014 13:32:14] - C:\Windows\Installer\21c460.msi : (HP LaserJet Pro M201-M202 HP Device Toolbox - Hewlett-Packard Co.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/03/2014 17:21:22] - C:\Windows\Installer\21c467.msi : (HP LaserJet Pro M201-M202 Common Files - Hewlett-Packard Co.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/08/2015 15:21:28] - C:\Windows\Installer\21c46e.msi : (HPLJUT - HP) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/01/2014 08:06:20] - C:\Windows\Installer\21c476.msi : (HPLJUTM201_202 - HP) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/04/2014 04:42:06] - C:\Windows\Installer\21c47d.msi : (HPDXP - HP) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/05/2014 20:52:40] - C:\Windows\Installer\21c484.msi : ( - HP) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/05/2014 20:52:46] - C:\Windows\Installer\21c48b.msi : ( - HP) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/01/2014 20:25:26] - C:\Windows\Installer\21c493.msi : (HPLASE~1|HP LaserJet Pro M201-M202 - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/12/2016 10:28:20] - C:\Windows\Installer\233ddd.msi : (Kaspersky Endpoint Security 10 for Windows - Kaspersky Lab) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/04/2017 17:45:54] - C:\Windows\Installer\3db5b6a.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/04/2017 22:52:27] - C:\Windows\Installer\519eef1.msi : (Skype - Skype Technologies S.A.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/04/2017 15:14:22] - C:\Windows\Installer\612e2b.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/03/2017 09:49:46] - C:\Windows\Installer\679a22c.msi : (Cisco IP Communicator - Cisco Systems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/05/2015 15:11:07] - C:\Windows\Installer\e5016.msi : (HSPA USB Modem - HSPA) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/11/2012 06:05:48] - C:\Windows\Installer\e7084.msi : ( - Cisco Systems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/11/2012 06:11:40] - C:\Windows\Installer\e708b.msi : ( - Cisco Systems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/11/2012 06:09:42] - C:\Windows\Installer\e7092.msi : ( - Cisco Systems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/12/2016 10:28:22] - C:\Windows\Installer\ee0d0.msi : (Agent d'administration de Kaspersky Security Center - Kaspersky Lab) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [04/11/2015 12:42:13] - [545] - C:\Windows\System32\CNCMFP39.INI [14/07/2009 05:42:29] - [73] - C:\Windows\System32\desktop.ini [16/09/2009 11:44:52] - [3235] - C:\Windows\System32\hptcpmon.ini [04/05/2015 10:12:40] - [16303] - C:\Windows\System32\ieuinit.inf [14/07/2009 05:42:26] - [535] - C:\Windows\System32\mapisvc.inf [20/11/2010 22:01:02] - [1668256] - C:\Windows\System32\PerfStringBackup.INI [10/06/2009 22:39:59] - [60124] - C:\Windows\System32\tcpmon.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.00000000000000000000000000000000] - |D| - [03/08/2015 13:19:43] - [0 Ko] - C:\Windows\System32\%PersonalRootCertificateFolder% [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 01:20:19] - [0 Ko] - C:\Windows\System32\040C [MD5.7A496E955077AE734B6FF5700394FD3D] - |AH| - [14/07/2009 05:34:15] - (.-.) - [21.66 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [MD5.7A496E955077AE734B6FF5700394FD3D] - |AH| - [14/07/2009 05:34:15] - (.-.) - [21.66 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:07] - [2913.5 Ko] - C:\Windows\System32\AdvancedInstallers [MD5.8AAD333C876590293F72B315E162BCC7] - |A| - [13/07/2009 22:40:41] - (.-.) - [8.82 Ko] - (0.0.0.0) - C:\Windows\System32\ANSI.SYS [MD5.D753EEE17725526A67ACDDAA5D63EF68] - |A| - [13/07/2009 22:40:49] - (.-.) - [12.21 Ko] - (0.0.0.0) - C:\Windows\System32\append.exe [MD5.00000000000000000000000000000000] - |D| - [16/10/2016 22:04:32] - [0 Ko] - C:\Windows\System32\appmgmt [MD5.00000000000000000000000000000000] - |D| - [04/05/2015 10:32:30] - [2389.45 Ko] - C:\Windows\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:07] - [201.5 Ko] - C:\Windows\System32\ar-SA [MD5.30475F091008E24550523515A023270D] - |A| - [14/07/2009 03:04:04] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\Windows\System32\autoexec.nt [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:07] - [173 Ko] - C:\Windows\System32\bg-BG [MD5.214B0DB6EF4AA23AB07EB37CEFA3CDE4] - |A| - [20/07/2016 11:00:45] - (.Copyright (c) 2008-2011 ZKFinger Inc. - ZKFinger SDK 5.0.) - [860 Ko] - (5.0.1.1383) - C:\Windows\System32\biokey.ocx [MD5.84BDB1E378591D930482B896A1648C53] - |A| - [10/06/2009 22:42:54] - (.-.) - [27.75 Ko] - (0.0.0.0) - C:\Windows\System32\bios1.rom [MD5.B44C4C9CA9D4BCC8430F3276576F562B] - |A| - [13/07/2009 22:30:26] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\System32\bios4.rom [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:07] - [1047.2 Ko] - C:\Windows\System32\Boot [MD5.278EE111CB021686C7BDB45C12EAC6E2] - |A| - [14/07/2009 01:59:14] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother Multi Function CoInstaller.) - [17 Ko] - (1.0.0.20) - C:\Windows\System32\brcoinst.dll [MD5.D1E5E5826ECB8F87BDB0CF9E28B48465] - |A| - [14/07/2009 00:51:43] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [72 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |HD| - [04/11/2015 12:42:31] - [2975.55 Ko] - C:\Windows\System32\CanonMF Uninstaller Information [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:07] - [57975.87 Ko] - C:\Windows\System32\catroot [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:07] - [22345.59 Ko] - C:\Windows\System32\catroot2 [MD5.DB283CF24BA09E8961748CFB0C832F84] - |A| - [04/11/2015 12:41:28] - (.Copyright CANON INC. 2012 All Rights Reserved - Canon CP Language Monitor 3b.) - [664 Ko] - (1.1.4.0) - C:\Windows\System32\CNAS0MOK.DLL [MD5.61062968B59B97BE9568E68B4B527CB2] - |A| - [14/07/2009 01:58:24] - (.Copyright CANON INC. 2008 All Rights Reserved - Canon Inkjet Printer Driver.) - [212.5 Ko] - (0.3.1536.1) - C:\Windows\System32\CNBLM4.DLL [MD5.3C6B338025D872924D1A5190A7017BE3] - |A| - [04/11/2015 12:42:08] - (.Copyright CANON INC. 2013 All Rights Reserved - WIA Scanner Driver dll for ScanGear MF.) - [315 Ko] - (3.0.0.0) - C:\Windows\System32\CNCC1133.DLL [MD5.BA55C534CE6F3F632A222FEBC51E331F] - |A| - [04/11/2015 12:42:09] - (.Copyright CANON INC. 2013 All Rights Reserved - WIA Scanner Driver Image Processing Filter dll.) - [134.5 Ko] - (3.0.0.0) - C:\Windows\System32\CNCE1133.DLL [MD5.61244BD763D037DA3FA07BFAEFA10976] - |A| - [04/11/2015 12:40:58] - (.Copyright CANON INC. 2012 All Rights Reserved - Canon MF Series Network 32bit PM Server Module.) - [191 Ko] - (1.0.6.0) - C:\Windows\System32\CNCENPM.dll [MD5.FB48C037C278092A5D4A51A365C1F146] - |A| - [04/11/2015 12:40:58] - (.-.) - [18.1 Ko] - (0.0.0.0) - C:\Windows\System32\CNCENPMF.chm [MD5.ADCCB9A6702994E0DEA3F0FBF889B0B4] - |A| - [04/11/2015 12:40:58] - (.Copyright CANON INC. 2012 All Rights Reserved - Canon MF Series Network 32bit PM UI Resource Module.) - [191.5 Ko] - (1.0.1.0) - C:\Windows\System32\CNCENPR.dll [MD5.0807382B57762B66E3634C57D264929D] - |A| - [04/11/2015 12:40:58] - (.Copyright CANON INC. 2013 All Rights Reserved - Canon MF Series Network 32bit PM UI Module.) - [103 Ko] - (1.0.3.0) - C:\Windows\System32\CNCENPU.dll [MD5.8080276E843AD8948EE3718BFD81420A] - |A| - [04/11/2015 12:42:11] - (.Copyright CANON INC. 2013 All Rights Reserved - WIA Scanner Driver Image Enhancement dll.) - [80.5 Ko] - (3.0.0.0) - C:\Windows\System32\CNCI1133.DLL [MD5.5E67F54A2CC0C531ED3E8E891601B783] - |A| - [04/11/2015 12:42:11] - (.Copyright CANON INC. 2013 All Rights Reserved - CNCL1133.) - [108 Ko] - (11.3.0.0) - C:\Windows\System32\CNCL1133.DLL [MD5.4F51B1BDE3D53ABC69898073D74E8A58] - |A| - [04/11/2015 12:42:13] - (.Copyright CANON INC. 2013 All Rights Reserved - ACTif command generation.) - [72 Ko] - (3.9.0.1) - C:\Windows\System32\CNCLSC39a.DLL [MD5.C215A4AA6AC65894582B65AFC40EBC1A] - |A| - [04/11/2015 12:42:13] - (.Copyright CANON INC. 2013 All Rights Reserved - Exposed API to the MFP Scanner Interface.) - [109.5 Ko] - (3.9.0.1) - C:\Windows\System32\CNCLSD39a.DLL [MD5.989CF916B075D087241A068AF24E1DA7] - |A| - [04/11/2015 12:42:13] - (.Copyright CANON INC. 2013 All Rights Reserved - Exposed API to the MP Interface.) - [98 Ko] - (3.9.0.1) - C:\Windows\System32\CNCLSI39a.DLL [MD5.5C0E76B353B285608C9335C27A87548B] - |A| - [04/11/2015 12:42:13] - (.Copyright CANON INC. 2013 All Rights Reserved - Exposed API to the MFP TransPort.) - [88.5 Ko] - (3.9.0.1) - C:\Windows\System32\CNCLST39a.DLL [MD5.66CF154700CBD53CA80649B349F58D55] - |A| - [04/11/2015 12:42:13] - (.Copyright CANON INC. 2013 All Rights Reserved - MFP System services Module.) - [165.5 Ko] - (3.9.0.1) - C:\Windows\System32\CNCLSU39a.DLL [MD5.B1EB64E4A5179F49A53590BC213D1618] - |A| - [04/11/2015 12:42:13] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\Windows\System32\CNCMFP39.INI [MD5.3CE63EE3A3B4EB72F8480194FD2348B5] - |A| - [04/11/2015 12:41:48] - (.Copyright CANON INC. 2013 All Rights Reserved - Canon XPSDrv Printer Driver Language Monitor.) - [993.5 Ko] - (1.7.5.0) - C:\Windows\System32\cnnx0_flm.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:07] - [6382.38 Ko] - C:\Windows\System32\CodeIntegrity [MD5.64430E214B5B229D426D2D35538C402D] - |A| - [28/10/2014 01:40:04] - (.-.) - [366.38 Ko] - (0.0.0.0) - C:\Windows\System32\ColorImageEnhancement.wmv [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:07] - [302.5 Ko] - C:\Windows\System32\com [MD5.BA597F9A4BB90F038266CE1A3C3BE3FB] - |A| - [13/07/2009 22:40:48] - (.-.) - [49.46 Ko] - (0.0.0.0) - C:\Windows\System32\COMMAND.COM [MD5.00000000000000000000000000000000] - |SD| - [04/05/2015 10:32:30] - [3684.19 Ko] - C:\Windows\System32\CompatTel [MD5.254ACF29130F8143C88A54ED81738ACF] - |A| - [28/04/2015 15:58:36] - (.2012 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [88.5 Ko] - (1.0.0.2) - C:\Windows\System32\CONEQMSAPOGUILibrary.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:07] - [306302.91 Ko] - C:\Windows\System32\config [MD5.01C47C2ECED034EF6F8C1552A97CFF00] - |A| - [14/07/2009 03:04:04] - (.-.) - [2.52 Ko] - (0.0.0.0) - C:\Windows\System32\config.nt [MD5.0FE9F16075C9ACB941C957B7C649176E] - |A| - [13/07/2009 22:40:44] - (.-.) - [26.46 Ko] - (0.0.0.0) - C:\Windows\System32\country.sys [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:07] - [432 Ko] - C:\Windows\System32\cs-CZ [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:07] - [427.5 Ko] - C:\Windows\System32\da-DK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:07] - [457.5 Ko] - C:\Windows\System32\de-DE [MD5.C17AFA0AAD78C621F818DD6729572C48] - |A| - [13/07/2009 22:40:52] - (.-.) - [20.15 Ko] - (0.0.0.0) - C:\Windows\System32\debug.exe [MD5.079B8AEB4A55BF8493BD1EC70285D920] - |ASH| - [14/07/2009 05:42:29] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\Windows\System32\desktop.ini [MD5.0B14D839AF484237C19E84B54672C89D] - |A| - [20/07/2016 11:00:45] - (.-.) - [40 Ko] - (0.0.0.0) - C:\Windows\System32\dewarp.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:07] - [4156 Ko] - C:\Windows\System32\Dism [MD5.03783D0840B2C54D7665248425C74417] - |A| - [20/11/2010 22:29:20] - (.-.) - [52.34 Ko] - (0.0.0.0) - C:\Windows\System32\dosx.exe [MD5.C6B10E374843609D14552134232A432A] - |A| - [20/07/2016 11:00:44] - (.Copyright © DigitalPersona, Inc. 1996-2007 - Pilote pour controller le lecteur U.are.U® 4000.) - [304 Ko] - (4.0.0.32) - C:\Windows\System32\dpD00701.dll [MD5.15E1081867AB04E4D4E833823D98E99A] - |A| - [20/07/2016 11:00:45] - (.Copyright © DigitalPersona, Inc. 1996-2006 - Database Component.) - [184 Ko] - (4.0.0.493) - C:\Windows\System32\dpDbase.dll [MD5.E643BD9C94B12FAC5FA4A5812CA59A13] - |A| - [20/07/2016 11:00:45] - (.Copyright © DigitalPersona, Inc. 1996-2006 - Device Driver Client Component.) - [136 Ko] - (3.0.2.334) - C:\Windows\System32\dpDevClt.dll [MD5.3430287D3793A9E37D7209F46D4259E5] - |A| - [20/07/2016 11:00:44] - (.Copyright © DigitalPersona, Inc. 1996-2007 - Énumérez et commandez les lecteurs d'empreinte digitale.) - [252 Ko] - (4.0.0.32) - C:\Windows\System32\dpdevctl.dll [MD5.0EC239CFB59DB714EBF9FA7B03ED5865] - |A| - [20/07/2016 11:00:44] - (.Copyright © DigitalPersona, Inc. 1996-2007 - Analyse les données brutes d'empreinte digitale.) - [184 Ko] - (4.0.0.32) - C:\Windows\System32\dpdevdat.dll [MD5.9F5F0F5FA27072B5FAE9D686FBE45E4C] - |A| - [20/07/2016 11:00:44] - (.Copyright © DigitalPersona, Inc. 1996-2006 - High Level Component.) - [160 Ko] - (4.0.0.493) - C:\Windows\System32\dpFpFns.dll [MD5.0F552FC22D19EDFA55BF7D3BBE2D38D0] - |A| - [20/07/2016 11:00:44] - (.Copyright © DigitalPersona, Inc. 1996-2006 - Features Extraction Component.) - [560 Ko] - (4.0.0.493) - C:\Windows\System32\dpFtrEx.dll [MD5.9860088D3C0CB7D191C0E1E38E5497B3] - |A| - [20/07/2016 11:00:44] - (.Copyright © DigitalPersona, Inc. 1996-2007 - Pilote pour filter les données de U.are.U® 4000 & 4000B.) - [184 Ko] - (4.0.0.32) - C:\Windows\System32\dpI00701.dll [MD5.436D52265B8715AF44C1897F74F092F9] - |A| - [20/07/2016 11:00:45] - (.Copyright © DigitalPersona, Inc. 1996-2006 - Matching Component.) - [284 Ko] - (4.0.0.493) - C:\Windows\System32\dpMatch.dll [MD5.60E6C68CB0B797EDD0386A68526935A4] - |A| - [28/10/2014 01:40:04] - (.-.) - [0.91 Ko] - (0.0.0.0) - C:\Windows\System32\DPTopologyApp.exe.config [MD5.899E708E589C09700BFF1C73CB7D7002] - |A| - [28/10/2014 01:40:04] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\Windows\System32\DPTopologyAppv2_0.exe.config [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [58067.07 Ko] - C:\Windows\System32\drivers [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [1242908.51 Ko] - C:\Windows\System32\DriverStore [MD5.4A635AE3CC50F6BF1317957D1FEE975A] - |A| - [28/04/2015 15:58:36] - (.(c) DTS. - DTS Bass Enhancement COM DLL.) - [639.6 Ko] - (1.0.0.1) - C:\Windows\System32\DTSBassEnhancementDLL.dll [MD5.B447DFE249DAD3577A9CCCC6960A57D2] - |A| - [28/04/2015 15:58:36] - (.(c) DTS. - DTS Boost COM DLL.) - [1191.6 Ko] - (1.0.0.1) - C:\Windows\System32\DTSBoostDLL.dll [MD5.5A65D120056B4B814E703E100FDE14C6] - |A| - [28/04/2015 15:58:36] - (.(c) DTS. - DTS Gain Compensator COM DLL.) - [380.6 Ko] - (1.0.0.1) - C:\Windows\System32\DTSGainCompensatorDLL.dll [MD5.C77A4CA13CF78E242C5844D045EDFDA0] - |A| - [28/04/2015 15:58:36] - (.(c) DTS. - DTS GFX APO.) - [213.6 Ko] - (1.0.0.3) - C:\Windows\System32\DTSGFXAPO.dll [MD5.3B7950071A28E861C877BA77742D9577] - |A| - [28/04/2015 15:58:36] - (.(c) DTS. - DTS GFX APO.) - [213.6 Ko] - (1.0.0.3) - C:\Windows\System32\DTSGFXAPONS.dll [MD5.5328523AC3FE93F61054823D90DA73A5] - |A| - [28/04/2015 15:58:36] - (.(c) DTS. - DTS LFX APO.) - [213.1 Ko] - (1.0.0.3) - C:\Windows\System32\DTSLFXAPO.dll [MD5.255A4B9B8008773D0B143E22A21AB4FA] - |A| - [28/04/2015 15:58:36] - (.(c) DTS. - DTS Limiter COM DLL.) - [366.6 Ko] - (1.0.0.1) - C:\Windows\System32\DTSLimiterDLL.dll [MD5.4CB970E9423433CC834BF54588E0AA5A] - |A| - [28/04/2015 15:58:36] - (.(c) DTS. - DTS NEO:PC COM DLL.) - [447.6 Ko] - (1.0.0.1) - C:\Windows\System32\DTSNeoPCDLL.dll [MD5.5ADA836A4F9E4C0CF9CC1BFDBAA9D37F] - |A| - [28/04/2015 15:58:36] - (.(c) DTS. - DTS Surround Sensation Headphone COM DLL.) - [1262.6 Ko] - (1.0.0.1) - C:\Windows\System32\DTSS2HeadphoneDLL.dll [MD5.C1D3FC8F45C3AA7F0F03DA2A0D384524] - |A| - [28/04/2015 15:58:36] - (.(c) DTS. - DTS Surround Sensation Speaker COM DLL.) - [1474.1 Ko] - (1.0.0.1) - C:\Windows\System32\DTSS2SpeakerDLL.dll [MD5.426246A4B6A7D1A1D12AAB6BB2E483C5] - |A| - [28/04/2015 15:58:36] - (.(c) DTS. - DTS Symmetry COM DLL.) - [616.6 Ko] - (1.0.0.1) - C:\Windows\System32\DTSSymmetryDLL.dll [MD5.6BAC9D0A9F38FB860D6C47AFC2A21998] - |A| - [28/04/2015 15:58:36] - (.(c) DTS. - DTS GFX APO.) - [393.45 Ko] - (2.1.0.0) - C:\Windows\System32\DTSU2PGFX32.dll [MD5.5BC8A66FB8807402B7C5A42FCE04F10C] - |A| - [28/04/2015 15:58:36] - (.(c) DTS. - DTS LFX APO.) - [416.95 Ko] - (2.1.0.0) - C:\Windows\System32\DTSU2PLFX32.dll [MD5.9700F162FD168B95FAFA76013A104C43] - |A| - [28/04/2015 15:58:36] - (.(c) DTS. - DTS LFX APO.) - [337.95 Ko] - (2.1.0.0) - C:\Windows\System32\DTSU2PREC32.dll [MD5.BAF09FCD09873CF0A3ADF4752F6B144B] - |A| - [28/04/2015 15:58:36] - (.(c) DTS. - DTS Voice Clarity COM DLL.) - [587.6 Ko] - (1.0.0.1) - C:\Windows\System32\DTSVoiceClarityDLL.dll [MD5.F6E368E10B600836DD349FF937B183A2] - |A| - [10/06/2009 22:42:32] - (.-.) - [68.25 Ko] - (0.0.0.0) - C:\Windows\System32\edit.com [MD5.8AA8DCC96FA0492E3B5D415537FAB8FE] - |A| - [10/06/2009 22:42:32] - (.-.) - [10.54 Ko] - (0.0.0.0) - C:\Windows\System32\EDIT.HLP [MD5.B7A0AA49CBB604B2C3A42A49C36D8A4F] - |A| - [13/07/2009 22:40:50] - (.-.) - [12.35 Ko] - (0.0.0.0) - C:\Windows\System32\edlin.exe [MD5.52E91EAC2F3175B1A5B0150382B6D771] - |A| - [13/07/2009 21:31:17] - (.-.) - [124.23 Ko] - (0.0.0.0) - C:\Windows\System32\ega.cpi [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [457 Ko] - C:\Windows\System32\el-GR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [2875.43 Ko] - C:\Windows\System32\en-US [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [448 Ko] - C:\Windows\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [160.5 Ko] - C:\Windows\System32\et-EE [MD5.683626544E81387771ED55E1A0F2047B] - |A| - [13/07/2009 22:40:51] - (.-.) - [8.23 Ko] - (0.0.0.0) - C:\Windows\System32\exe2bin.exe [MD5.68062C0ECE86AB7801B5B47FDC855A06] - |A| - [13/07/2009 22:41:02] - (.-.) - [0.86 Ko] - (0.0.0.0) - C:\Windows\System32\fastopen.exe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [430 Ko] - C:\Windows\System32\fi-FI [MD5.A08B87CC51FB774ED45FDF4284B1974F] - |A| - [28/10/2014 01:40:04] - (.-.) - [626.49 Ko] - (0.0.0.0) - C:\Windows\System32\FilmModeDetection.wmv [MD5.0F06B4D45FCDF11E178D216DC03D91D1] - |A| - [14/07/2009 05:33:53] - (.-.) - [393.3 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT [MD5.86EE2F94E14915887062D134E0C1F771] - |A| - [20/07/2016 11:00:45] - (.-.) - [132.5 Ko] - (0.0.0.0) - C:\Windows\System32\FPCom.dll [MD5.19C2C8FFCCA08CCA23E165E25F2C34ED] - |A| - [20/07/2016 11:00:45] - (.Copyright (C) 2007-2009 Innovatrics - IDKit PC Dynamic Link Library.) - [4211.94 Ko] - (2.10.2.0) - C:\Windows\System32\fppswsk.dll [MD5.9C190FB796D82A1C2628A3A3DF1A91A7] - |A| - [20/07/2016 11:00:45] - (.-.) - [83.5 Ko] - (0.0.0.0) - C:\Windows\System32\fpslib.dll [MD5.670617FD3084BC572E4A7174297963C7] - |A| - [20/07/2016 11:00:45] - (.-.) - [82 Ko] - (0.0.0.0) - C:\Windows\System32\fpslib_m.dll [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 01:20:19] - [1840 Ko] - C:\Windows\System32\fr [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [42850.5 Ko] - C:\Windows\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:52:30] - [0 Ko] - C:\Windows\System32\FxsTmp [MD5.2AE808CB0D9A667B0CF41EA74B3B9BAC] - |A| - [10/06/2009 22:19:05] - (.-.) - [39.6 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs [MD5.CCA964F05FF2DF3BF9918380E7ABB39F] - |A| - [20/07/2016 11:00:45] - (.-.) - [412 Ko] - (1.8.0.0) - C:\Windows\System32\genpcid10.exe [MD5.899E708E589C09700BFF1C73CB7D7002] - |A| - [28/10/2014 01:40:04] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxv2_0.exe.config [MD5.60E6C68CB0B797EDD0386A68526935A4] - |A| - [28/10/2014 01:40:04] - (.-.) - [0.91 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxv4_0.exe.config [MD5.6E4E7884E6489AC4F5E6DAB176A73E52] - |A| - [13/07/2009 22:41:01] - (.-.) - [19.23 Ko] - (0.0.0.0) - C:\Windows\System32\GRAPHICS.COM [MD5.BC33AA625D6B807F718627386DF78426] - |A| - [10/06/2009 22:42:32] - (.-.) - [20.73 Ko] - (0.0.0.0) - C:\Windows\System32\graphics.pro [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [0 Ko] - C:\Windows\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [191.5 Ko] - C:\Windows\System32\he-IL [MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - |A| - [13/07/2009 22:40:40] - (.-.) - [4.66 Ko] - (0.0.0.0) - C:\Windows\System32\HIMEM.SYS [MD5.35B22868F94D61336E00E7329D8E6EC6] - |A| - [07/12/2016 13:46:42] - (.Copyright (C) 2010 - HPB Print Coinstaller.) - [238.28 Ko] - (1.0.0.3) - C:\Windows\System32\hpbcoins32.dll [MD5.B28C7F723964C4B4714755539ED71902] - |A| - [19/01/2010 15:10:44] - (.Copyright © 2009 - WSDResolver Dynamic Link Library.) - [62 Ko] - (1.0.0.1) - C:\Windows\System32\HPBWSDR.DLL [MD5.B2601F2A60C49272159E90116B8AAB3B] - |A| - [07/12/2016 13:48:00] - (.© Copyright 1997-2014 HPDC -.) - [410.28 Ko] - (0.3.1584.17779) - C:\Windows\System32\hpcpn165.dll [MD5.939E7445BF115CB675939A996385AF12] - |A| - [06/05/2010 15:19:02] - (.Copyright © 2005 - bidichan.) - [159 Ko] - (1.5.4.1) - C:\Windows\System32\hplbddrv.dll [MD5.A93573055D33BE69F55F168597E1D767] - |A| - [16/09/2009 11:44:52] - (.-.) - [3.16 Ko] - (0.0.0.0) - C:\Windows\System32\hptcpmon.ini [MD5.5F3110954E7320FEAD137641246ED979] - |A| - [16/09/2009 18:40:14] - (.-.) - [9.52 Ko] - (0.0.0.0) - C:\Windows\System32\hptcpmui.hlp [MD5.3584A093E8778C9E5F80CED99F0B7F35] - |A| - [16/09/2009 11:44:46] - (.Copyright © 2003-2005 - HP Rediscovery Library.) - [136 Ko] - (2.1.0.4) - C:\Windows\System32\hpzjrd01.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [168 Ko] - C:\Windows\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [434.5 Ko] - C:\Windows\System32\hu-HU [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [5.36 Ko] - C:\Windows\System32\ias [MD5.16D5661D176EE6523B1B142454F999CF] - |A| - [28/10/2014 01:17:54] - (.-.) - [92 Ko] - (0.0.0.0) - C:\Windows\System32\IccLibDll.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [36.27 Ko] - C:\Windows\System32\icsxml [MD5.0D8CF512886CF513F8532EBBB503BD2E] - |A| - [28/10/2014 01:46:16] - (.-.) - [16433.2 Ko] - (0.0.0.0) - C:\Windows\System32\igd11dxva32.dll [MD5.543D64C4B750F6F36C7CE57AB1B46661] - |A| - [28/10/2014 01:40:04] - (.-.) - [230 Ko] - (0.0.0.0) - C:\Windows\System32\igfxCPL.cpl [MD5.C2C1712B8C6162A8362B8603AEB8E97D] - |A| - [28/10/2014 01:40:04] - (.-.) - [61.5 Ko] - (0.0.0.0) - C:\Windows\System32\igfxCUIServicePS.dll [MD5.6D10FEF9D6EFEC443762A5AF980D0749] - |A| - [28/10/2014 01:40:04] - (.-.) - [58 Ko] - (1.0.0.0) - C:\Windows\System32\igfxDHLib.dll [MD5.4487A1DDE01FF81AD72F82FCE0C8523C] - |A| - [28/10/2014 01:40:04] - (.-.) - [68 Ko] - (1.0.0.0) - C:\Windows\System32\igfxDHLibv2_0.dll [MD5.E11B8F66EFA2340DCA012730D96FF7F9] - |A| - [28/10/2014 01:40:04] - (.-.) - [10.5 Ko] - (1.0.0.0) - C:\Windows\System32\igfxDILib.dll [MD5.58DC46F20B474AE643AF78C06476F81A] - |A| - [28/10/2014 01:40:04] - (.-.) - [10.5 Ko] - (1.0.0.0) - C:\Windows\System32\igfxDILibv2_0.dll [MD5.55B89C6DE83A63887E0C3992EEC1E5B6] - |A| - [28/10/2014 01:40:06] - (.-.) - [10 Ko] - (1.0.0.0) - C:\Windows\System32\igfxEMLib.dll [MD5.E3511280181DAACDF0343B466DAB85E6] - |A| - [28/10/2014 01:40:06] - (.-.) - [10 Ko] - (1.0.0.0) - C:\Windows\System32\igfxEMLibv2_0.dll [MD5.B84C4B5703A534DB4EECAEBF731F2148] - |A| - [28/10/2014 01:40:06] - (.-.) - [5 Ko] - (1.0.0.0) - C:\Windows\System32\igfxLHMLib.dll [MD5.2D6E2120FF09452FF671E19505B4D05B] - |A| - [28/10/2014 01:40:06] - (.-.) - [5 Ko] - (1.0.0.0) - C:\Windows\System32\igfxLHMLibv2_0.dll [MD5.8A1B12FA3B99A29E4A5A755815BABBFE] - |A| - [28/10/2014 01:49:22] - (.-.) - [403.39 Ko] - (0.0.0.0) - C:\Windows\System32\igfxTray.exe [MD5.72E26B1A458853B5DC37FCEDDFFDD88E] - |A| - [28/10/2014 01:17:54] - (.-.) - [2059.26 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxa32.cpa [MD5.823B39A80903BACD254C50C3C40F6426] - |A| - [28/10/2014 01:17:54] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxa32.vp [MD5.12BA8E0EA1106E58AEE0D8504ED14FF0] - |A| - [28/10/2014 01:17:54] - (.-.) - [42.26 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxc32.vp [MD5.9720958624890F990DA0BFC53C4E3E31] - |A| - [28/10/2014 01:17:54] - (.-.) - [41.65 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxc32_dev.vp [MD5.53DF92C90CA3EA672672241F6B3307EB] - |A| - [28/10/2014 01:17:54] - (.-.) - [43.43 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxg32.vp [MD5.DBAEB8BBEB973A5D236350D1B1A30AD9] - |A| - [28/10/2014 01:17:54] - (.-.) - [42.73 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxg32_dev.vp [MD5.6706D702A030850243AF95F25BDF685C] - |A| - [28/10/2014 01:17:54] - (.-.) - [43.2 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxo32.vp [MD5.B62C7F5A2BCBF8362A0B8B69AE39DEB8] - |A| - [28/10/2014 01:17:54] - (.-.) - [43.02 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxo32_dev.vp [MD5.E6D497BED78E6ACF1D4C8096FC84971A] - |A| - [28/10/2014 01:46:42] - (.-.) - [80.07 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxs32.vp [MD5.3ED204C864E5CC3C78D3DBB707D102D1] - |A| - [28/10/2014 01:40:04] - (.-.) - [394.21 Ko] - (0.0.0.0) - C:\Windows\System32\ImageStabilization.wmv [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [34097.44 Ko] - C:\Windows\System32\IME [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [0 Ko] - C:\Windows\System32\inetsrv [MD5.C24A7C74FE4219F9940FC77AB548FB34] - |A| - [20/11/2010 22:18:30] - (.-.) - [29.09 Ko] - (0.0.0.0) - C:\Windows\System32\InstallPackage_ETW.Log [MD5.08FAECE0B4579CA0583FFC49EF4B9B8B] - |A| - [28/10/2014 01:17:58] - (.Copyright © The Khronos Group Inc 2014 - OpenCL Client DLL.) - [72.5 Ko] - (2.0.0.0) - C:\Windows\System32\Intel_OpenCL_ICD32.dll [MD5.EDD400CC92C6D43F98D3D3AFC97C2559] - |A| - [28/04/2015 14:54:12] - (.-.) - [440.5 Ko] - (0.0.0.0) - C:\Windows\System32\ISSRemoveSP.exe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [452 Ko] - C:\Windows\System32\it-IT [MD5.1381D83B8E609A947FA927916C369DCB] - |A| - [20/07/2016 11:00:46] - (.-.) - [5.35 Ko] - (0.0.0.0) - C:\Windows\System32\izscrr1b55.bin [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [365 Ko] - C:\Windows\System32\ja-JP [MD5.56056DF5DC4CFCCA657E57E8FF3714B0] - |A| - [28/04/2015 15:58:36] - (.© Knowles Electronics. - Knowles HD Audio APO.) - [349.33 Ko] - (4.1105.6000.53) - C:\Windows\System32\KAAPORT.dll [MD5.4D7E256377A5E934EA1820B2CEA79131] - |A| - [13/07/2009 22:40:59] - (.-.) - [14.37 Ko] - (0.0.0.0) - C:\Windows\System32\KB16.COM [MD5.492090267B9608C62B956CD29BE3AFB7] - |A| - [13/07/2009 22:40:43] - (.-.) - [41.81 Ko] - (0.0.0.0) - C:\Windows\System32\KEY01.SYS [MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - |A| - [13/07/2009 22:40:43] - (.-.) - [41.54 Ko] - (0.0.0.0) - C:\Windows\System32\KEYBOARD.SYS [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [360 Ko] - C:\Windows\System32\ko-KR [MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [14/07/2009 03:05:05] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\System32\korwbrkr.lex [MD5.535779909A40B42F4F3E48598F5778A5] - |A| - [20/07/2016 11:00:46] - (.2002-2009 S. Meyer; 2010 T. Robinson - libusb-win32 - DLL.) - [66.09 Ko] - (1.2.6.0) - C:\Windows\System32\libusb0.dll [MD5.536460507B20AE0F03D7BEE8111028CF] - |A| - [13/07/2009 22:40:57] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\Windows\System32\LOADFIX.COM [MD5.E89C001FB4D9E08CC7072CE774CDB999] - |A| - [20/11/2010 21:58:07] - (.-.) - [0.01 Ko] - (0.0.0.0) - C:\Windows\System32\LocalGroupAdminAdd.log [MD5.9EB325EC6E6DC9418A391C852F96B623] - |A| - [20/11/2010 21:58:08] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\System32\Local_LLU.log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [7750.69 Ko] - C:\Windows\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [165 Ko] - C:\Windows\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [166 Ko] - C:\Windows\System32\lv-LV [MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [13/07/2009 21:22:04] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\Windows\System32\manage-bde.wsf [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [2029.01 Ko] - C:\Windows\System32\manifeststore [MD5.98071B6EE16AA76DABFF377A5DC69C86] - |A| - [14/07/2009 05:42:26] - (.-.) - [0.52 Ko] - (0.0.0.0) - C:\Windows\System32\mapisvc.inf [MD5.2DA45A7C735C91F90E2D3B33F5A0C52E] - |A| - [20/07/2016 11:00:45] - (.-.) - [78 Ko] - (0.0.0.0) - C:\Windows\System32\match.dll [MD5.2DA45A7C735C91F90E2D3B33F5A0C52E] - |A| - [20/07/2016 11:00:45] - (.-.) - [78 Ko] - (0.0.0.0) - C:\Windows\System32\matchdll.dll [MD5.84AB243EBB8839C268BA45975BD6558C] - |A| - [28/04/2015 15:58:36] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [129.27 Ko] - (1.2.2.0) - C:\Windows\System32\MaxxAudioAPO.dll [MD5.57C588F098C811E9459AC7034349AF6F] - |A| - [28/04/2015 15:58:36] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [227.34 Ko] - (2.2.9.0) - C:\Windows\System32\MaxxAudioAPO20.dll [MD5.06A3725B528E476E322643833B76539B] - |A| - [28/04/2015 15:58:36] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [342.45 Ko] - (3.4.1.0) - C:\Windows\System32\MaxxAudioAPO30.dll [MD5.90910A510F0807E623BCCC70F9AC3776] - |A| - [28/04/2015 15:58:36] - (.Copyright (C) 2010-2012 - MaxxAudio APO Shell.) - [756.77 Ko] - (4.7.3.0) - C:\Windows\System32\MaxxAudioAPOShell.dll [MD5.8FDF19B70CB3044547C9F11A603D97F5] - |A| - [28/04/2015 15:58:36] - (.Copyright © 1996-2012 -.) - [1885.95 Ko] - (4.1.0.0) - C:\Windows\System32\MaxxAudioEQ.dll [MD5.484D824F73DAAAFE24C5761F69E426E2] - |A| - [28/04/2015 15:58:38] - (.Copyright © 1996-2013 -.) - [12811.77 Ko] - (4.4.5.0) - C:\Windows\System32\MaxxAudioRealtek.dll [MD5.5217F2D3DA8C8343CAD3B1EE6C14A966] - |A| - [28/04/2015 15:58:38] - (.- Waves Realtek App.) - [1613.77 Ko] - (5.2.4.0) - C:\Windows\System32\MaxxAudioRealtek2.dll [MD5.5B09E398815F06AE3DC9E465AEB250BE] - |A| - [28/04/2015 15:58:38] - (.© Waves Audio Ltd. - MaxxVolumeSD APO.) - [340.87 Ko] - (3.4.0.0) - C:\Windows\System32\MaxxVolumeSDAPO.dll [MD5.390762963E6B4C861E5E0CA5A3E56E40] - |A| - [13/07/2009 22:40:56] - (.-.) - [38.35 Ko] - (0.0.0.0) - C:\Windows\System32\mem.exe [MD5.A311363F3C887D8C3A524A51B7F20D69] - |A| - [14/07/2009 05:42:29] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\Windows\System32\migwiz.lnk [MD5.00000000000000000000000000000000] - |D| - [07/12/2016 23:42:11] - [0 Ko] - C:\Windows\System32\MRT [MD5.52C7505D68C3CE8496EC8DC17D8FF75A] - |A| - [13/07/2009 22:41:05] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\Windows\System32\mscdexnt.exe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [4148.28 Ko] - C:\Windows\System32\Msdtc [MD5.EA65E37686BA38E13CA722A81F622C2E] - |A| - [07/12/2016 13:50:37] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\Windows\System32\msiexec.log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [24.48 Ko] - C:\Windows\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [422.5 Ko] - C:\Windows\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [1024 Ko] - C:\Windows\System32\NDF [MD5.CD48AD912839B9FB6CCA5D4AA9B37500] - |A| - [13/07/2009 23:10:48] - (.-.) - [21.3 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [255 Ko] - C:\Windows\System32\NetworkList [MD5.8E24A7BCAEF2045DA1FF29217622843E] - |A| - [20/11/2010 21:58:08] - (.-.) - [0.04 Ko] - (0.0.0.0) - C:\Windows\System32\Network_LLU.log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [443.5 Ko] - C:\Windows\System32\nl-NL [MD5.5E835121A3899CFA37E285E0CA2B4E7D] - |A| - [13/07/2009 22:40:57] - (.-.) - [6.89 Ko] - (0.0.0.0) - C:\Windows\System32\nlsfunc.exe [MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [14/07/2009 03:05:05] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\System32\noise.kor [MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - |A| - [13/07/2009 22:40:23] - (.-.) - [27.21 Ko] - (0.0.0.0) - C:\Windows\System32\NTDOS.SYS [MD5.CF9ED169FF86D935E47999E82359E898] - |A| - [13/07/2009 22:40:31] - (.-.) - [28.46 Ko] - (0.0.0.0) - C:\Windows\System32\NTDOS404.SYS [MD5.03B945AC0481CD8BB161C3569D8ED1C3] - |A| - [13/07/2009 22:40:35] - (.-.) - [28.68 Ko] - (0.0.0.0) - C:\Windows\System32\NTDOS411.SYS [MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - |A| - [13/07/2009 22:40:39] - (.-.) - [28.59 Ko] - (0.0.0.0) - C:\Windows\System32\NTDOS412.SYS [MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - |A| - [13/07/2009 22:40:27] - (.-.) - [28.46 Ko] - (0.0.0.0) - C:\Windows\System32\NTDOS804.SYS [MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - |A| - [13/07/2009 22:40:11] - (.-.) - [33.16 Ko] - (0.0.0.0) - C:\Windows\System32\NTIO.SYS [MD5.A98EBD4C2DF983665BF2D1AF49949974] - |A| - [13/07/2009 22:40:15] - (.-.) - [33.86 Ko] - (0.0.0.0) - C:\Windows\System32\NTIO404.SYS [MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - |A| - [13/07/2009 22:40:17] - (.-.) - [34.94 Ko] - (0.0.0.0) - C:\Windows\System32\NTIO411.SYS [MD5.3E64D681B776CC57BDC38A46D881F85B] - |A| - [13/07/2009 22:40:19] - (.-.) - [34.7 Ko] - (0.0.0.0) - C:\Windows\System32\NTIO412.SYS [MD5.D86B6435729231C171432B4E77801BDB] - |A| - [13/07/2009 22:40:13] - (.-.) - [33.86 Ko] - (0.0.0.0) - C:\Windows\System32\NTIO804.SYS [MD5.2901049544FDF863362FABA2363EB647] - |A| - [13/07/2009 21:30:24] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\Windows\System32\onlinesetup.cmd [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [12076.09 Ko] - C:\Windows\System32\oobe [MD5.6C02A1228C6E95C3C57E9E2809C7DA24] - |A| - [14/07/2009 03:05:48] - (.-.) - [119.15 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat [MD5.6FC3AD73FB3D443459BB62313858291D] - |A| - [21/11/2010 01:20:27] - (.-.) - [146.54 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00C.dat [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 22:17:19] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\System32\PerfCenterCpl.ico [MD5.7AAA3E23CE4C7845B112F7A79B110E60] - |A| - [14/07/2009 03:05:48] - (.-.) - [30.81 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat [MD5.07BA000B2E67565BDF112C35171865A5] - |A| - [21/11/2010 01:20:27] - (.-.) - [37.27 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00C.dat [MD5.32219AC100CEB5E6CA95AADB655E43C6] - |A| - [14/07/2009 03:05:48] - (.-.) - [638.81 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat [MD5.8CFFF8D828B08E69CD769E26F0AE7CCC] - |A| - [21/11/2010 01:20:27] - (.-.) - [730.05 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00C.dat [MD5.1A3C54ED153ED5AA9762C48202C17652] - |A| - [20/11/2010 22:01:02] - (.-.) - [1629.16 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI [MD5.78694579AC1747589A7B76CE9D4B4F29] - |A| - [27/05/2015 14:08:17] - (.-.) - [1 Ko] - (0.0.0.0) - C:\Windows\System32\persistent_q.db [MD5.BB7DF04E1B0A2570657527A7E108AE23] - |A| - [27/05/2015 14:08:17] - (.-.) - [32 Ko] - (0.0.0.0) - C:\Windows\System32\persistent_q.db-shm [MD5.5CF89EBF6932F45F7D6C1E2EBF9E1557] - |A| - [27/05/2015 14:08:17] - (.-.) - [3.1 Ko] - (0.0.0.0) - C:\Windows\System32\persistent_q.db-wal [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [439 Ko] - C:\Windows\System32\pl-PL [MD5.EB6C16CE0163AD282E95FCE5EE9BA518] - |A| - [20/11/2010 22:29:26] - (.Copyright (C) 2001 - Application PrintBrm.) - [64.5 Ko] - (1.0.0.0) - C:\Windows\System32\PrintBrmUi.exe [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 01:20:19] - [420.42 Ko] - C:\Windows\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [436 Ko] - C:\Windows\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [438.5 Ko] - C:\Windows\System32\pt-PT [MD5.529B7B0F1FAEDE12A00CC76320A52D44] - |A| - [28/04/2015 15:59:21] - (.©2012 Dolby Laboratories. - Dolby PCEE4 ASL Analog x86.) - [89.77 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EEA32A.dll [MD5.82341D2B49561E5081939B2FEF9D41BA] - |A| - [28/04/2015 15:59:21] - (.©2012 Dolby Laboratories. - Dolby PCEE4 COM DLL x86.) - [343.77 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EED32A.dll [MD5.1B8EF7B0D8A6D95CBAB680EF4337ED9A] - |A| - [28/04/2015 15:59:21] - (.©2012 Dolby Laboratories. - Dolby PCEE4 GFX APO x86.) - [60.77 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EEG32A.dll [MD5.427A6067C4064E3388B721C0C97D2BB3] - |A| - [28/04/2015 15:59:21] - (.©2012 Dolby Laboratories. - Dolby PCEE4 LFX APO x86.) - [104.27 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EEL32A.dll [MD5.C5094875B5A04B7BC3064B4A84EC174C] - |A| - [28/04/2015 15:59:21] - (.©2012 Dolby Laboratories. - Dolby PCEE4 Control Panel x86.) - [6994.27 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EEP32A.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [23.75 Ko] - C:\Windows\System32\ras [MD5.A04C06A2142226D79DDA75920A496243] - |A| - [20/11/2010 22:29:34] - (.Copyright (C) 2009 - RemoteFX Helper.) - [79 Ko] - (1.1.0.0) - C:\Windows\System32\RDVGHelper.exe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [0.78 Ko] - C:\Windows\System32\Recovery [MD5.BBB40CA86B88918864D16CFAC9D4ABA4] - |A| - [13/07/2009 22:41:04] - (.-.) - [2.78 Ko] - (0.0.0.0) - C:\Windows\System32\redir.exe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:52:30] - [0.07 Ko] - C:\Windows\System32\restore [MD5.C753A0F3CA4A38BF3FF879F068E05324] - |A| - [28/04/2015 15:54:18] - (.-.) - [15.47 Ko] - (0.0.0.0) - C:\Windows\System32\results.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [169 Ko] - C:\Windows\System32\ro-RO [MD5.C619CDFA5CDC5A346C89870010A2391C] - |A| - [28/04/2015 15:58:38] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x86.) - [288.84 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DAA32.dll [MD5.4F92047498EFEA076E3745C291481975] - |A| - [28/04/2015 15:58:38] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x86.) - [288.84 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DHT32.dll [MD5.00000000000000000000000000000000] - |D| - [28/04/2015 16:00:23] - [2057.14 Ko] - C:\Windows\System32\RTCOM [MD5.E232507C219A1957880D4EB6D022FAC7] - |A| - [28/04/2015 15:58:39] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x86.) - [166.84 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEED32A.dll [MD5.3DE99987154319C901A6537BA8777CB9] - |A| - [28/04/2015 15:58:39] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x86.) - [63.34 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEG32A.dll [MD5.5B18398DEDE4A4A78651CD34F0A217A5] - |A| - [28/04/2015 15:58:39] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x86.) - [76.84 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEL32A.dll [MD5.A6686775084244141483AEA0391508D2] - |A| - [28/04/2015 15:58:39] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x86.) - [351.34 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEP32A.dll [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [20/11/2010 22:29:06] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml [MD5.0D2318DEACE52B52A8D99AD56A02F8C0] - |A| - [07/12/2016 05:03:08] - (.Copyright © 2004-2016 Synaptics Incorporated. All rights reserved, Synaptics Incorporated - Synaptics Secure Migration DLL.) - [32.47 Ko] - (4.5.338.0) - C:\Windows\System32\secureMigrationCI.dll [MD5.AD7B906FC883959E56E210B2B077CA00] - |A| - [13/07/2009 22:40:54] - (.-.) - [11.48 Ko] - (0.0.0.0) - C:\Windows\System32\setver.exe [MD5.D9397A5E3929F61FFA83F07285C414C5] - |A| - [28/04/2015 15:58:39] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFAPO.DLL.) - [67.34 Ko] - (3.0.0.16) - C:\Windows\System32\SFAPO.dll [MD5.736B9CBB1AF8324171CFA3787A024588] - |A| - [28/04/2015 15:58:39] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFCOM.DLL.) - [72.34 Ko] - (3.0.0.16) - C:\Windows\System32\SFCOM.dll [MD5.4D7D49A61594B8A643EA8EAF74F2150C] - |A| - [28/04/2015 15:58:39] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFNHK.DLL.) - [209.34 Ko] - (3.0.0.16) - C:\Windows\System32\SFNHK.dll [MD5.68062C0ECE86AB7801B5B47FDC855A06] - |A| - [13/07/2009 22:41:02] - (.-.) - [0.86 Ko] - (0.0.0.0) - C:\Windows\System32\share.exe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:08] - [169.5 Ko] - C:\Windows\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:09] - [166 Ko] - C:\Windows\System32\sl-SI [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 01:20:19] - [42.67 Ko] - C:\Windows\System32\slmgr [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:09] - [17154.02 Ko] - C:\Windows\System32\SMI [MD5.C74D61FCA22F36791105D7878AF73572] - |A| - [10/06/2009 22:46:53] - (.-.) - [8.09 Ko] - (0.0.0.0) - C:\Windows\System32\spcinstrumentation.man [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:09] - [16337.5 Ko] - C:\Windows\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:09] - [188828.26 Ko] - C:\Windows\System32\spool [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:09] - [1736.24 Ko] - C:\Windows\System32\spp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:09] - [30.19 Ko] - C:\Windows\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:09] - [170 Ko] - C:\Windows\System32\sr-Latn-CS [MD5.272BF8E5DBDAF0614CC367A25EA3B256] - |A| - [28/04/2015 15:58:39] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [169.23 Ko] - (1.1.0.0) - C:\Windows\System32\SRSHP360.dll [MD5.029F36DE21AFBDD2865CC657E252EBA7] - |A| - [28/04/2015 15:58:39] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [181.23 Ko] - (1.1.4.0) - C:\Windows\System32\SRSTSHD.dll [MD5.8C83CED38F8CAC3E8D5A953C03BCF4B4] - |A| - [28/04/2015 15:58:39] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [337.23 Ko] - (3.2.0.0) - C:\Windows\System32\SRSTSXT.dll [MD5.A258F7B2B84E88118369B0B2196CC257] - |A| - [28/04/2015 15:58:39] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [137.23 Ko] - (1.1.3.0) - C:\Windows\System32\SRSWOW.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:09] - [426.5 Ko] - C:\Windows\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:09] - [124.76 Ko] - C:\Windows\System32\sysprep [MD5.B8CBB46B42570D373C9933FBDF25EBCE] - |A| - [20/11/2010 22:29:24] - (.-.) - [143.41 Ko] - (0.0.0.0) - C:\Windows\System32\systemsf.ebd [MD5.47F22CAD4A16BB40153555D631546B94] - |A| - [10/06/2009 22:39:59] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini [MD5.52BAA773D4A2CC3A7767598C21F532C8] - |A| - [14/07/2009 05:34:00] - (.-.) - [18 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup.etl [MD5.FDC9FB711442ADC6EDD34BE7F27F16CD] - |A| - [14/07/2009 05:34:00] - (.-.) - [45 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup000.etl [MD5.130FD11BEF93C6C673A8C4D4425CCEFA] - |A| - [20/07/2016 11:00:45] - (.Copyright ? 2008 - generalHID.) - [40 Ko] - (2.0.0.2) - C:\Windows\System32\USB.dll [MD5.4EA62600A854992B7ACE5C9DB1FA788E] - |A| - [20/07/2016 11:00:45] - (.Copyright c 2007 - usb_dll.) - [100 Ko] - (1.0.3.0) - C:\Windows\System32\usb_dll.dll [MD5.8C8E4C4E718F824625845798B74E4BCF] - |A| - [20/07/2016 11:00:45] - (.-.) - [100 Ko] - (0.0.0.0) - C:\Windows\System32\UVCXUControl.dll [MD5.86491AD7BC0964089CD4E703E65D45DB] - |A| - [13/07/2009 22:30:26] - (.-.) - [18.39 Ko] - (0.0.0.0) - C:\Windows\System32\v7vga.rom [MD5.219BC06B83A703666A68A9B2CFFF34A3] - |A| - [07/12/2016 05:03:16] - (.Copyright © 2004-2016 Synaptics Incorporated. All rights reserved, Synaptics Incorporated - Synaptics WBF Driver (COGENT).) - [652.25 Ko] - (4.5.338.0) - C:\Windows\System32\ValEFIResDll.dll [MD5.C4FF08D39E1A61DBA98399FFF2F65BCA] - |A| - [07/12/2016 05:03:20] - (.Copyright © 2004-2016 Synaptics Incorporated. All rights reserved, Synaptics Incorporated - SynapticsWBF Policy Service (COGENT).) - [80.49 Ko] - (4.5.338.0) - C:\Windows\System32\valWBFPolicyService.exe [MD5.F9FBC3C1FB87BA4304E8976269A6BAA7] - |A| - [07/12/2016 05:03:22] - (.Copyright © 2004-2016 Synaptics Incorporated. All rights reserved, Synaptics Incorporated - Synaptics Extended API Library (COGENT).) - [2545.47 Ko] - (4.5.338.0) - C:\Windows\System32\vcsAPIFORWBF.dll [MD5.15BD0F8D507546F512EE5D73C3721FA8] - |A| - [14/07/2009 03:04:56] - (.Copyright © 2000 - vfpodbc.) - [20.05 Ko] - (1.0.2.0) - C:\Windows\System32\vfpodbc.dll [MD5.7074DE91A70490C79300621308C55112] - |A| - [20/07/2016 11:00:45] - (.Copyright (c) Vimicro.,2004. - DirectShow Extension Page.) - [220.08 Ko] - (1.0.1.0) - C:\Windows\System32\VM31BPRP.AX [MD5.E9273E74A15D238A900B9167C3BA9985] - |A| - [20/07/2016 11:00:45] - (.VM., 2002. - Still Image (STI) Driver.) - [60 Ko] - (4.2.510.21) - C:\Windows\System32\VM31BSTI.DLL [MD5.881D934CE8B7A0AAE102B7F98C3765E3] - |A| - [28/04/2015 15:58:39] - (.Copyright © 1996-2012 - General Library for Plug-Ins.) - [1779.27 Ko] - (4.3.2.0) - C:\Windows\System32\WavesGUILib.dll [MD5.CE1E84AA03EE50362D3C69382DCFA294] - |A| - [28/04/2015 15:58:39] - (.Copyright © 1996-2007 - General Library for Plug-Ins.) - [1741.27 Ko] - (5.9.7.0) - C:\Windows\System32\WavesLib.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:09] - [51624.64 Ko] - C:\Windows\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 01:20:19] - [47.61 Ko] - C:\Windows\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:09] - [65363.09 Ko] - C:\Windows\System32\wdi [MD5.BDDF10F9D8E179323BC1B49603809EB0] - |A| - [13/07/2009 22:38:33] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml [MD5.3C2D9E6BAC0153A69D62E07849F4A1AB] - |A| - [20/07/2016 11:00:45] - (.Copyright © Jungo 2002 - 2005 - wd_utils 7.00.) - [108 Ko] - (7.0.0.0) - C:\Windows\System32\wd_utils.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:09] - [32 Ko] - C:\Windows\System32\wfp [MD5.C980C971AD4FF3CA5CEFDEF40932D3A1] - |A| - [13/07/2009 21:29:46] - (.-.) - [13 Ko] - (0.0.0.0) - C:\Windows\System32\win87em.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:52:30] - [0 Ko] - C:\Windows\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:52:30] - [291.87 Ko] - C:\Windows\System32\WinBioPlugIns [MD5.204FBC5577EEF260B5FEA3326148CF4A] - |A| - [26/05/2015 17:11:57] - (.Copyright © 2015 - Java(TM) Platform SE binary.) - [94.09 Ko] - (8.0.45.15) - C:\Windows\System32\WindowsAccessBridge.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:52:30] - [9162.93 Ko] - C:\Windows\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:09] - [125368 Ko] - C:\Windows\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 01:20:20] - [106.26 Ko] - C:\Windows\System32\winrm [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 01:20:19] - [10.16 Ko] - C:\Windows\System32\XPSViewer [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:09] - [336.5 Ko] - C:\Windows\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:09] - [258.5 Ko] - C:\Windows\System32\zh-HK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 03:37:09] - [337 Ko] - C:\Windows\System32\zh-TW [MD5.2AB94144049FE92B37D947907FE970F8] - |A| - [20/07/2016 11:00:45] - (.ZKSoftware Inc.Copyright All rights - ZKSensor.) - [299.5 Ko] - (4.1.2.0) - C:\Windows\System32\zkDevCtl.dll [MD5.8915A58EC05871054D89800C8B2B8DF0] - |A| - [20/07/2016 11:00:44] - (.-.) - [78.5 Ko] - (0.0.0.0) - C:\Windows\System32\zkfpri.dll [MD5.8A63A03AE53A58DCD77C31B5DD1D591A] - |A| - [28/04/2015 16:02:25] - (.-.) - [0.12 Ko] - (0.0.0.0) - C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat [MD5.C05BB66907A1D24EE707E46599B3AB90] - |A| - [28/04/2015 15:54:00] - (.-.) - [0.42 Ko] - (0.0.0.0) - C:\Windows\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat ---------- | Shell Folders [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "!Do not use this registry key"=Use the SHGetFolderPath or SHGetKnownFolderPath function instead "AppData"=C:\Users\Numilog\AppData\Roaming [28/04/2015 14:45:37] "Local AppData"=C:\Users\Numilog\AppData\Local [28/04/2015 14:45:37] "My Video"=C:\Users\Numilog\Videos [28/04/2015 14:45:37] "{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"=C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Libraries [28/04/2015 14:45:56] "My Pictures"=C:\Users\Numilog\Pictures [28/04/2015 14:45:37] "Desktop"=C:\Users\Numilog\Desktop [28/04/2015 14:45:37] "History"=C:\Users\Numilog\AppData\Local\Microsoft\Windows\History [28/04/2015 14:45:37] "NetHood"=C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Network Shortcuts [28/04/2015 14:45:37] "{56784854-C6CB-462B-8169-88E350ACB882}"=C:\Users\Numilog\Contacts [28/04/2015 14:45:47] "Cookies"=C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Cookies [28/04/2015 14:45:37] "Favorites"=C:\Users\Numilog\Favorites [28/04/2015 14:45:37] "SendTo"=C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\SendTo [28/04/2015 14:45:37] "Start Menu"=C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Start Menu [28/04/2015 14:45:37] "My Music"=C:\Users\Numilog\Music [28/04/2015 14:45:37] "Programs"=C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [28/04/2015 14:45:37] "Recent"=C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Recent [28/04/2015 14:45:37] "CD Burning"=C:\Users\Numilog\AppData\Local\Microsoft\Windows\Burn\Burn [28/04/2015 14:45:59] "PrintHood"=C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Printer Shortcuts [28/04/2015 14:45:37] "{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"=C:\Users\Numilog\Searches [28/04/2015 14:45:56] "{374DE290-123F-4565-9164-39C4925E467B}"=C:\Users\Numilog\Downloads [28/04/2015 14:45:37] "{A520A1A4-1780-4FF6-BD18-167343C5AF16}"=C:\Users\Numilog\AppData\LocalLow [28/04/2015 14:45:38] "Startup"=C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [28/04/2015 14:45:56] "Administrative Tools"=C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [28/04/2015 14:45:56] "Personal"=C:\Users\Numilog\Documents [28/04/2015 14:45:37] "{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"=C:\Users\Numilog\Links [28/04/2015 14:45:37] "Cache"=C:\Users\Numilog\AppData\Local\Microsoft\Windows\Temporary Internet Files [28/04/2015 14:45:37] "Templates"=C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Templates [28/04/2015 14:45:37] "{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"=C:\Users\Numilog\Saved Games [28/04/2015 14:45:37] "Fonts"=C:\Windows\Fonts [14/07/2009 03:37:06] [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "AppData"=%USERPROFILE%\AppData\Roaming "Cache"=%USERPROFILE%\AppData\Local\Microsoft\Windows\Temporary Internet Files "Cookies"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Cookies "Desktop"=%USERPROFILE%\Desktop "Favorites"=%USERPROFILE%\Favorites "History"=%USERPROFILE%\AppData\Local\Microsoft\Windows\History "Local AppData"=%USERPROFILE%\AppData\Local "My Music"=%USERPROFILE%\Music "My Pictures"=%USERPROFILE%\Pictures "My Video"=%USERPROFILE%\Videos "NetHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts "Personal"=%USERPROFILE%\Documents "Programs"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs "Recent"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent "SendTo"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo "Startup"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup "Start Menu"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu "Templates"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates "{374DE290-123F-4565-9164-39C4925E467B}"=%USERPROFILE%\Downloads "PrintHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Desktop"=C:\Users\Public\Desktop [14/07/2009 03:37:05] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 03:37:05] "CommonVideo"=C:\Users\Public\Videos [14/07/2009 03:37:05] "CommonPictures"=C:\Users\Public\Pictures [14/07/2009 03:37:05] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 03:37:05] "CommonMusic"=C:\Users\Public\Music [14/07/2009 03:37:05] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [14/07/2009 05:52:30] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 03:37:05] "Common Documents"=C:\Users\Public\Documents [14/07/2009 03:37:05] "OEM Links"=C:\ProgramData\OEM Links "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [14/07/2009 03:37:05] "Common AppData"=C:\ProgramData [14/07/2009 03:37:05] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "CommonPictures"=%PUBLIC%\Pictures "CommonMusic"=%PUBLIC%\Music "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common AppData"=%ProgramData% "Common Templates"=%ProgramData%\Microsoft\Windows\Templates ---------- | [ibrahim.siahmed] [22/12/2016 13:36:35] - |D| - [76506681] - C:\Users\ibrahim.siahmed\AppData\Local [22/12/2016 13:36:35] - |D| - [32380] - C:\Users\ibrahim.siahmed\AppData\LocalLow [22/12/2016 13:36:35] - |D| - [931497] - C:\Users\ibrahim.siahmed\AppData\Roaming [22/12/2016 13:36:35] - |SHD| - [0] - C:\Users\ibrahim.siahmed\AppData\Local\Application Data [23/03/2017 15:14:49] - |D| - [16758178] - C:\Users\ibrahim.siahmed\AppData\Local\Cisco [22/12/2016 13:37:21] - |A| - [109280] - C:\Users\ibrahim.siahmed\AppData\Local\GDIPFONTCACHEV1.DAT [22/12/2016 13:39:35] - |D| - [40] - C:\Users\ibrahim.siahmed\AppData\Local\Google [22/12/2016 13:36:35] - |SHD| - [0] - C:\Users\ibrahim.siahmed\AppData\Local\Historique [23/12/2016 22:32:41] - |AH| - [782164] - C:\Users\ibrahim.siahmed\AppData\Local\IconCache.db [22/12/2016 13:36:35] - |D| - [58857019] - C:\Users\ibrahim.siahmed\AppData\Local\Microsoft [22/12/2016 13:36:35] - |D| - [0] - C:\Users\ibrahim.siahmed\AppData\Local\Microsoft Help [22/12/2016 13:36:35] - |D| - [0] - C:\Users\ibrahim.siahmed\AppData\Local\Temp [22/12/2016 13:36:35] - |SHD| - [0] - C:\Users\ibrahim.siahmed\AppData\Local\Temporary Internet Files [22/12/2016 13:39:24] - |D| - [0] - C:\Users\ibrahim.siahmed\AppData\Local\VirtualStore [22/12/2016 13:39:38] - |SD| - [16598] - C:\Users\ibrahim.siahmed\AppData\LocalLow\Microsoft [22/12/2016 13:44:38] - |D| - [15782] - C:\Users\ibrahim.siahmed\AppData\LocalLow\Sun [22/12/2016 13:39:26] - |D| - [0] - C:\Users\ibrahim.siahmed\AppData\Roaming\Adobe [23/03/2017 15:14:49] - |D| - [213985] - C:\Users\ibrahim.siahmed\AppData\Roaming\Cisco [22/12/2016 13:39:40] - |D| - [160] - C:\Users\ibrahim.siahmed\AppData\Roaming\HP Development Company, L.P [22/12/2016 13:39:31] - |D| - [0] - C:\Users\ibrahim.siahmed\AppData\Roaming\Identities [22/12/2016 13:36:35] - |D| - [0] - C:\Users\ibrahim.siahmed\AppData\Roaming\Media Center Programs [22/12/2016 13:36:35] - |SD| - [717352] - C:\Users\ibrahim.siahmed\AppData\Roaming\Microsoft [22/12/2016 13:39:34] - |SH| - [174] - C:\Users\ibrahim.siahmed\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [22/12/2016 13:36:35] - |SHD| - [0] - C:\Users\ibrahim.siahmed\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [22/12/2016 13:36:35] - |RD| - [17330] - C:\Users\ibrahim.siahmed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [22/12/2016 13:36:35] - |RD| - [14639] - C:\Users\ibrahim.siahmed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [22/12/2016 13:39:35] - |RD| - [174] - C:\Users\ibrahim.siahmed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [22/12/2016 13:39:26] - |SH| - [334] - C:\Users\ibrahim.siahmed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [22/12/2016 13:39:26] - |A| - [1429] - C:\Users\ibrahim.siahmed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [22/12/2016 13:36:35] - |RD| - [580] - C:\Users\ibrahim.siahmed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [22/12/2016 13:39:35] - |RD| - [174] - C:\Users\ibrahim.siahmed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [22/12/2016 13:39:35] - |SH| - [174] - C:\Users\ibrahim.siahmed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [kxb_admin] [06/12/2016 12:15:06] - |D| - [5837824] - C:\Users\kxb_admin\AppData\Local [06/12/2016 12:15:07] - |D| - [0] - C:\Users\kxb_admin\AppData\LocalLow [06/12/2016 12:15:06] - |D| - [16104] - C:\Users\kxb_admin\AppData\Roaming [06/12/2016 12:15:07] - |SHD| - [0] - C:\Users\kxb_admin\AppData\Local\Application Data [06/12/2016 12:15:07] - |SHD| - [0] - C:\Users\kxb_admin\AppData\Local\Historique [06/12/2016 12:15:06] - |D| - [5837824] - C:\Users\kxb_admin\AppData\Local\Microsoft [06/12/2016 12:15:06] - |D| - [0] - C:\Users\kxb_admin\AppData\Local\Microsoft Help [06/12/2016 12:15:09] - |D| - [0] - C:\Users\kxb_admin\AppData\Local\Programs [06/12/2016 12:15:06] - |D| - [0] - C:\Users\kxb_admin\AppData\Local\Temp [06/12/2016 12:15:07] - |SHD| - [0] - C:\Users\kxb_admin\AppData\Local\Temporary Internet Files [06/12/2016 12:15:06] - |D| - [0] - C:\Users\kxb_admin\AppData\Roaming\Media Center Programs [06/12/2016 12:15:06] - |SD| - [16104] - C:\Users\kxb_admin\AppData\Roaming\Microsoft [06/12/2016 12:15:07] - |SHD| - [0] - C:\Users\kxb_admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [06/12/2016 12:15:06] - |D| - [13586] - C:\Users\kxb_admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [06/12/2016 12:15:06] - |RD| - [13006] - C:\Users\kxb_admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [06/12/2016 12:15:06] - |RD| - [580] - C:\Users\kxb_admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance ---------- | [mehdi.benhadid] [06/12/2016 12:13:52] - |D| - [1048399533] - C:\Users\mehdi.benhadid\AppData\Local [06/12/2016 12:13:52] - |D| - [2236131] - C:\Users\mehdi.benhadid\AppData\LocalLow [06/12/2016 12:13:52] - |D| - [90918149] - C:\Users\mehdi.benhadid\AppData\Roaming [06/12/2016 14:08:24] - |D| - [42401167] - C:\Users\mehdi.benhadid\AppData\Local\Adobe [21/02/2017 00:25:15] - |D| - [1338] - C:\Users\mehdi.benhadid\AppData\Local\Aiseesoft Studio [06/12/2016 12:13:52] - |SHD| - [0] - C:\Users\mehdi.benhadid\AppData\Local\Application Data [16/04/2017 14:04:24] - |D| - [2346998] - C:\Users\mehdi.benhadid\AppData\Local\Apps [16/01/2017 15:58:21] - |D| - [0] - C:\Users\mehdi.benhadid\AppData\Local\CEF [23/03/2017 15:17:10] - |D| - [69278155] - C:\Users\mehdi.benhadid\AppData\Local\Cisco [16/04/2017 15:18:00] - |D| - [0] - C:\Users\mehdi.benhadid\AppData\Local\CrashDumps [16/04/2017 14:04:24] - |D| - [0] - C:\Users\mehdi.benhadid\AppData\Local\Deployment [04/02/2017 17:38:26] - |D| - [14181394] - C:\Users\mehdi.benhadid\AppData\Local\Diagnostics [06/12/2016 14:09:11] - |A| - [110040] - C:\Users\mehdi.benhadid\AppData\Local\GDIPFONTCACHEV1.DAT [06/12/2016 12:14:19] - |D| - [245624764] - C:\Users\mehdi.benhadid\AppData\Local\Google [06/12/2016 12:13:52] - |SHD| - [0] - C:\Users\mehdi.benhadid\AppData\Local\Historique [23/04/2017 11:43:20] - |AH| - [938986] - C:\Users\mehdi.benhadid\AppData\Local\IconCache.db [06/12/2016 12:13:52] - |D| - [673179334] - C:\Users\mehdi.benhadid\AppData\Local\Microsoft [06/12/2016 12:13:52] - |D| - [300752] - C:\Users\mehdi.benhadid\AppData\Local\Microsoft Help [14/12/2016 09:15:08] - |D| - [36605] - C:\Users\mehdi.benhadid\AppData\Local\Mozilla [06/12/2016 12:13:52] - |D| - [0] - C:\Users\mehdi.benhadid\AppData\Local\Temp [06/12/2016 12:13:52] - |SHD| - [0] - C:\Users\mehdi.benhadid\AppData\Local\Temporary Internet Files [06/12/2016 12:13:56] - |D| - [0] - C:\Users\mehdi.benhadid\AppData\Local\VirtualStore [06/12/2016 14:08:24] - |D| - [1951929] - C:\Users\mehdi.benhadid\AppData\LocalLow\Adobe [06/12/2016 12:14:43] - |SD| - [268731] - C:\Users\mehdi.benhadid\AppData\LocalLow\Microsoft [19/03/2017 17:51:14] - |D| - [0] - C:\Users\mehdi.benhadid\AppData\LocalLow\Mozilla [06/12/2016 12:19:31] - |D| - [15471] - C:\Users\mehdi.benhadid\AppData\LocalLow\Sun [06/12/2016 12:14:03] - |D| - [325624] - C:\Users\mehdi.benhadid\AppData\Roaming\Adobe [23/03/2017 15:17:10] - |D| - [177302] - C:\Users\mehdi.benhadid\AppData\Roaming\Cisco [07/12/2016 18:23:28] - |D| - [160] - C:\Users\mehdi.benhadid\AppData\Roaming\HP Development Company, L.P [14/12/2016 14:17:43] - |D| - [4497] - C:\Users\mehdi.benhadid\AppData\Roaming\HpUpdate [06/12/2016 12:14:10] - |D| - [0] - C:\Users\mehdi.benhadid\AppData\Roaming\Identities [06/12/2016 12:13:52] - |D| - [0] - C:\Users\mehdi.benhadid\AppData\Roaming\Media Center Programs [06/12/2016 12:13:52] - |SD| - [14125714] - C:\Users\mehdi.benhadid\AppData\Roaming\Microsoft [14/12/2016 09:15:08] - |D| - [70062751] - C:\Users\mehdi.benhadid\AppData\Roaming\Mozilla [19/04/2017 22:53:28] - |D| - [6185573] - C:\Users\mehdi.benhadid\AppData\Roaming\Skype [11/12/2016 19:22:18] - |D| - [36516] - C:\Users\mehdi.benhadid\AppData\Roaming\TeamViewer [07/12/2016 00:10:14] - |D| - [12] - C:\Users\mehdi.benhadid\AppData\Roaming\WinRAR [06/12/2016 12:14:18] - |ASH| - [174] - C:\Users\mehdi.benhadid\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [06/12/2016 12:13:52] - |SHD| - [0] - C:\Users\mehdi.benhadid\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [06/12/2016 12:13:52] - |RD| - [17330] - C:\Users\mehdi.benhadid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [06/12/2016 12:13:52] - |RD| - [14639] - C:\Users\mehdi.benhadid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [06/12/2016 12:14:18] - |RD| - [174] - C:\Users\mehdi.benhadid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [06/12/2016 12:14:03] - |ASH| - [334] - C:\Users\mehdi.benhadid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [06/12/2016 12:14:03] - |A| - [1429] - C:\Users\mehdi.benhadid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [06/12/2016 12:13:52] - |RD| - [580] - C:\Users\mehdi.benhadid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [06/12/2016 12:14:18] - |RD| - [174] - C:\Users\mehdi.benhadid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [06/12/2016 12:14:18] - |ASH| - [174] - C:\Users\mehdi.benhadid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Numilog] [28/04/2015 14:45:37] - |D| - [490115884] - C:\Users\Numilog\AppData\Local [28/04/2015 14:45:38] - |D| - [608732] - C:\Users\Numilog\AppData\LocalLow [28/04/2015 14:45:37] - |D| - [46792288] - C:\Users\Numilog\AppData\Roaming [10/06/2015 08:12:19] - |D| - [15826685] - C:\Users\Numilog\AppData\Local\Adobe [28/04/2015 14:45:38] - |SHD| - [0] - C:\Users\Numilog\AppData\Local\Application Data [15/12/2016 13:03:19] - |D| - [2698129] - C:\Users\Numilog\AppData\Local\Diagnostics [21/03/2016 17:18:36] - |D| - [2635577] - C:\Users\Numilog\AppData\Local\ElevatedDiagnostics [10/05/2015 13:11:51] - |SHD| - [0] - C:\Users\Numilog\AppData\Local\EmieBrowserModeList [10/05/2015 13:11:51] - |SHD| - [0] - C:\Users\Numilog\AppData\Local\EmieSiteList [10/05/2015 13:11:51] - |SHD| - [0] - C:\Users\Numilog\AppData\Local\EmieUserList [07/08/2015 16:06:39] - |D| - [1066] - C:\Users\Numilog\AppData\Local\Garmin_Ltd._or_its_subsid [20/07/2016 11:05:00] - |A| - [110040] - C:\Users\Numilog\AppData\Local\GDIPFONTCACHEV1.DAT [19/07/2015 10:05:14] - |D| - [156604579] - C:\Users\Numilog\AppData\Local\Google [28/04/2015 14:45:38] - |SHD| - [0] - C:\Users\Numilog\AppData\Local\Historique [23/04/2017 14:58:07] - |AH| - [1098461] - C:\Users\Numilog\AppData\Local\IconCache.db [28/04/2015 14:45:37] - |D| - [180505802] - C:\Users\Numilog\AppData\Local\Microsoft [28/04/2015 17:12:41] - |D| - [0] - C:\Users\Numilog\AppData\Local\Microsoft Help [17/12/2016 00:25:52] - |D| - [2743] - C:\Users\Numilog\AppData\Local\Mozilla [20/07/2016 11:00:20] - |D| - [0] - C:\Users\Numilog\AppData\Local\Programs [04/11/2015 12:15:26] - |D| - [0] - C:\Users\Numilog\AppData\Local\Skype [28/04/2015 14:45:37] - |D| - [1578715] - C:\Users\Numilog\AppData\Local\Temp [28/04/2015 14:45:38] - |SHD| - [0] - C:\Users\Numilog\AppData\Local\Temporary Internet Files [28/04/2015 14:45:41] - |D| - [0] - C:\Users\Numilog\AppData\Local\VirtualStore [02/02/2017 17:11:44] - |D| - [128500347] - C:\Users\Numilog\AppData\Local\VS Revo Group [16/04/2017 01:32:07] - |D| - [553384] - C:\Users\Numilog\AppData\Local\ZHP [09/08/2016 14:08:01] - |D| - [356] - C:\Users\Numilog\AppData\Local\ZKTeco_Inc [31/07/2016 10:20:41] - |D| - [93719] - C:\Users\Numilog\AppData\LocalLow\Adobe [28/04/2015 17:05:25] - |SD| - [186503] - C:\Users\Numilog\AppData\LocalLow\Microsoft [23/04/2017 12:00:17] - |D| - [0] - C:\Users\Numilog\AppData\LocalLow\Mozilla [26/05/2015 17:07:55] - |D| - [328510] - C:\Users\Numilog\AppData\LocalLow\Sun [29/04/2015 08:14:07] - |SD| - [0] - C:\Users\Numilog\AppData\LocalLow\Temp [10/05/2015 13:11:50] - |D| - [78525] - C:\Users\Numilog\AppData\Roaming\Adobe [21/02/2017 00:23:29] - |D| - [164] - C:\Users\Numilog\AppData\Roaming\Apple Computer [07/08/2015 16:06:37] - |D| - [0] - C:\Users\Numilog\AppData\Roaming\Garmin [07/12/2016 13:51:05] - |D| - [160] - C:\Users\Numilog\AppData\Roaming\HP Development Company, L.P [07/12/2016 13:50:29] - |D| - [561] - C:\Users\Numilog\AppData\Roaming\HpUpdate [28/04/2015 14:45:48] - |D| - [0] - C:\Users\Numilog\AppData\Roaming\Identities [28/04/2015 14:45:37] - |D| - [0] - C:\Users\Numilog\AppData\Roaming\Media Center Programs [28/04/2015 14:45:37] - |SD| - [6321603] - C:\Users\Numilog\AppData\Roaming\Microsoft [17/12/2016 00:25:52] - |D| - [26010001] - C:\Users\Numilog\AppData\Roaming\Mozilla [04/11/2015 12:14:59] - |D| - [6635252] - C:\Users\Numilog\AppData\Roaming\Skype [07/12/2016 23:29:51] - |D| - [0] - C:\Users\Numilog\AppData\Roaming\Sun [11/12/2016 14:36:16] - |D| - [8688] - C:\Users\Numilog\AppData\Roaming\TeamViewer [10/12/2016 16:14:09] - |D| - [12] - C:\Users\Numilog\AppData\Roaming\WinRAR [16/04/2017 01:32:07] - |D| - [7737322] - C:\Users\Numilog\AppData\Roaming\ZHP [28/04/2015 14:45:56] - |ASH| - [174] - C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [28/04/2015 14:45:38] - |SHD| - [0] - C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [28/04/2015 14:45:37] - |RD| - [24325] - C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [28/04/2015 14:45:37] - |RD| - [14635] - C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [28/04/2015 14:45:56] - |RD| - [174] - C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [28/04/2015 14:45:56] - |ASH| - [338] - C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [07/12/2016 13:49:40] - |D| - [2894] - C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP [28/04/2015 14:45:57] - |A| - [1429] - C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [28/04/2015 14:45:37] - |RD| - [580] - C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [28/04/2015 14:45:56] - |RD| - [174] - C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [10/05/2015 13:12:04] - |D| - [4101] - C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [28/04/2015 14:45:56] - |ASH| - [174] - C:\Users\Numilog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] ---------- | C:\ProgramData [28/04/2015 17:37:22] - |D| - [334361839] - C:\ProgramData\Adobe [14/07/2009 05:53:55] - |SHD| - [0] - C:\ProgramData\Application Data [28/04/2015 14:45:30] - |SHD| - [0] - C:\ProgramData\Bureau [04/11/2015 12:42:01] - |D| - [490995] - C:\ProgramData\Canon [04/11/2015 12:09:47] - |HD| - [174296] - C:\ProgramData\CanonBJ [23/03/2017 15:08:57] - |D| - [0] - C:\ProgramData\Cisco [14/07/2009 05:53:55] - |SHD| - [0] - C:\ProgramData\Desktop [14/07/2009 05:53:55] - |SHD| - [0] - C:\ProgramData\Documents [28/04/2015 14:45:30] - |SHD| - [0] - C:\ProgramData\Favoris [14/07/2009 05:53:55] - |SHD| - [0] - C:\ProgramData\Favorites [07/08/2015 16:06:14] - |D| - [0] - C:\ProgramData\Garmin [03/05/2015 09:18:38] - |D| - [0] - C:\ProgramData\GroupPolicy [07/12/2016 13:50:13] - |D| - [115639] - C:\ProgramData\Hewlett-Packard [07/12/2016 13:47:08] - |D| - [10766] - C:\ProgramData\HP [28/04/2015 17:33:59] - |D| - [1573941652] - C:\ProgramData\Kaspersky Lab [27/12/2016 14:20:01] - |D| - [20523158] - C:\ProgramData\KasperskyLab [13/04/2017 15:18:25] - |D| - [10434148] - C:\ProgramData\Malwarebytes [28/04/2015 14:45:30] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [14/07/2009 03:37:05] - |SD| - [1571265650] - C:\ProgramData\Microsoft [28/04/2015 17:12:39] - |D| - [63858] - C:\ProgramData\Microsoft Help [28/04/2015 14:45:30] - |SHD| - [0] - C:\ProgramData\Modèles [12/05/2015 10:55:04] - |D| - [37102] - C:\ProgramData\Mozilla [06/12/2016 11:55:36] - |A| - [262144] - C:\ProgramData\ntuser.dat [06/12/2016 11:55:36] - |ASH| - [5120] - C:\ProgramData\ntuser.dat.LOG1 [06/12/2016 11:55:36] - |ASH| - [0] - C:\ProgramData\ntuser.dat.LOG2 [06/12/2016 11:55:37] - |ASH| - [65536] - C:\ProgramData\ntuser.dat{d9a7ead7-bba1-11e6-b4bf-7429af93e752}.TM.blf [06/12/2016 11:55:37] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{d9a7ead7-bba1-11e6-b4bf-7429af93e752}.TMContainer00000000000000000001.regtrans-ms [06/12/2016 11:55:37] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{d9a7ead7-bba1-11e6-b4bf-7429af93e752}.TMContainer00000000000000000002.regtrans-ms [06/12/2016 11:55:42] - |ASH| - [65536] - C:\ProgramData\ntuser.dat{d9a7eaf1-bba1-11e6-b4bf-7429af93e752}.TM.blf [06/12/2016 11:55:42] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{d9a7eaf1-bba1-11e6-b4bf-7429af93e752}.TMContainer00000000000000000001.regtrans-ms [06/12/2016 11:55:42] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{d9a7eaf1-bba1-11e6-b4bf-7429af93e752}.TMContainer00000000000000000002.regtrans-ms [03/05/2015 09:18:31] - |RASH| - [6128] - C:\ProgramData\ntuser.pol [26/05/2015 17:11:30] - |D| - [51] - C:\ProgramData\Oracle [07/08/2015 15:55:06] - |D| - [8625454] - C:\ProgramData\Package Cache [07/05/2015 13:03:19] - |D| - [169967616] - C:\ProgramData\Skype [14/07/2009 05:53:55] - |SHD| - [0] - C:\ProgramData\Start Menu [26/05/2015 17:12:09] - |D| - [119] - C:\ProgramData\Sun [15/03/2017 23:45:12] - |D| - [27753566] - C:\ProgramData\Synaptics [14/07/2009 05:53:55] - |SHD| - [0] - C:\ProgramData\Templates [02/02/2017 17:11:37] - |D| - [1786] - C:\ProgramData\VS Revo Group [16/04/2017 01:11:45] - |D| - [0] - C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 05:46:35] - |A| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk [14/07/2009 05:37:43] - |ASH| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [28/04/2015 14:45:30] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [14/07/2009 03:37:05] - |RD| - [197649] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 05:37:43] - |A| - [1266] - C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 03:37:05] - |RD| - [41853] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [12/04/2017 17:46:44] - |A| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [13/01/2017 01:06:55] - |A| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [14/07/2009 05:52:30] - |RD| - [21157] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [04/11/2015 12:42:27] - |D| - [13375] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon [02/02/2017 16:52:05] - |D| - [1065] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [23/03/2017 15:09:02] - |D| - [6224] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco IP Communicator [14/07/2009 05:41:57] - |SH| - [964] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [14/07/2009 05:52:30] - |RD| - [778] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [16/04/2017 14:16:35] - |A| - [2211] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [07/12/2016 13:50:31] - |D| - [7133] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [06/05/2015 15:11:37] - |D| - [4865] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HSPA USB Modem [26/05/2015 17:11:44] - |D| - [6710] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [27/12/2016 16:09:20] - |D| - [6923] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Endpoint Security 10 for Windows [14/07/2009 03:37:05] - |RD| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [13/04/2017 15:18:28] - |D| - [3553] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [28/04/2015 13:38:19] - |A| - [1345] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [28/04/2015 17:15:09] - |D| - [45935] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [16/04/2017 14:20:37] - |D| - [2223] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [12/05/2015 10:55:06] - |A| - [1117] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [02/02/2017 17:11:37] - |D| - [3859] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro [28/04/2015 17:15:10] - |D| - [3181] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [14/07/2009 05:42:29] - |A| - [1330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk [19/04/2017 22:52:58] - |D| - [2095] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [14/07/2009 03:37:05] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [05/04/2017 02:50:19] - |A| - [1001] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk [28/04/2015 13:38:05] - |A| - [1326] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [14/07/2009 05:42:24] - |A| - [1210] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk [14/07/2009 05:46:36] - |A| - [1515] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [10/05/2015 13:12:04] - |D| - [4029] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [14/07/2009 05:42:30] - |A| - [1246] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 05:41:57] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files [13/01/2017 01:06:53] - |D| - [264184368] - C:\Program Files\Adobe [04/11/2015 12:42:20] - |D| - [22161267] - C:\Program Files\Canon [02/02/2017 16:52:03] - |D| - [8455064] - C:\Program Files\CCleaner [28/04/2015 14:54:41] - |D| - [2698305] - C:\Program Files\Cisco [23/03/2017 15:08:57] - |D| - [75742390] - C:\Program Files\Cisco Systems [14/07/2009 03:37:05] - |D| - [349910879] - C:\Program Files\Common Files [14/07/2009 05:41:57] - |ASH| - [174] - C:\Program Files\desktop.ini [28/04/2015 16:01:02] - |D| - [2755998] - C:\Program Files\DIFX [14/07/2009 05:52:30] - |D| - [83226644] - C:\Program Files\DVD Maker [28/04/2015 14:45:30] - |SHD| - [0] - C:\Program Files\Fichiers communs [20/07/2016 11:00:44] - |D| - [2439942] - C:\Program Files\FPSensor [16/07/2015 12:36:37] - |D| - [372555617] - C:\Program Files\Google [07/12/2016 13:47:45] - |D| - [69483282] - C:\Program Files\HP [06/05/2015 15:11:35] - |D| - [13067923] - C:\Program Files\HSPA USB Modem [28/04/2015 14:54:12] - |HD| - [24910441] - C:\Program Files\InstallShield Installation Information [28/04/2015 14:56:43] - |D| - [15751606] - C:\Program Files\Intel [14/07/2009 03:37:05] - |D| - [26839224] - C:\Program Files\Internet Explorer [26/05/2015 17:11:27] - |D| - [310284481] - C:\Program Files\Java [27/12/2016 14:19:54] - |D| - [137383464] - C:\Program Files\Kaspersky Lab [13/04/2017 15:18:25] - |D| - [48227569] - C:\Program Files\Malwarebytes Anti-Malware [28/04/2015 17:13:00] - |D| - [39848379] - C:\Program Files\Microsoft Analysis Services [28/04/2015 17:12:39] - |D| - [998144662] - C:\Program Files\Microsoft Office [16/04/2017 14:20:31] - |D| - [42892246] - C:\Program Files\Microsoft Silverlight [28/04/2015 17:14:11] - |D| - [1805760] - C:\Program Files\Microsoft SQL Server Compact Edition [28/04/2015 17:14:11] - |D| - [793991] - C:\Program Files\Microsoft Sync Framework [28/04/2015 17:14:28] - |D| - [326800] - C:\Program Files\Microsoft Synchronization Services [28/04/2015 17:13:38] - |D| - [1378033] - C:\Program Files\Microsoft Visual Studio 8 [28/04/2015 17:14:11] - |D| - [8175999] - C:\Program Files\Microsoft.NET [04/04/2017 15:49:44] - |D| - [93341877] - C:\Program Files\Mozilla Firefox [12/05/2015 10:55:04] - |D| - [302869] - C:\Program Files\Mozilla Maintenance Service [14/07/2009 05:52:30] - |D| - [26521] - C:\Program Files\MSBuild [28/04/2015 14:54:12] - |D| - [40473543] - C:\Program Files\Realtek [14/07/2009 05:52:30] - |D| - [39175425] - C:\Program Files\Reference Assemblies [19/04/2017 22:52:56] - |RD| - [90688895] - C:\Program Files\Skype [11/12/2016 14:36:10] - |D| - [66080938] - C:\Program Files\TeamViewer [14/07/2009 05:53:23] - |HD| - [0] - C:\Program Files\Uninstall Information [02/02/2017 17:11:35] - |D| - [39111849] - C:\Program Files\VS Revo Group [14/07/2009 05:52:30] - |D| - [3050496] - C:\Program Files\Windows Defender [14/07/2009 03:37:05] - |D| - [6181376] - C:\Program Files\Windows Mail [14/07/2009 05:52:30] - |D| - [6604034] - C:\Program Files\Windows Media Player [14/07/2009 03:37:05] - |D| - [12197044] - C:\Program Files\Windows NT [14/07/2009 05:52:30] - |D| - [4417800] - C:\Program Files\Windows Photo Viewer [14/07/2009 05:52:30] - |D| - [189952] - C:\Program Files\Windows Portable Devices [14/07/2009 05:52:30] - |D| - [6683807] - C:\Program Files\Windows Sidebar [10/05/2015 13:12:00] - |D| - [4486906] - C:\Program Files\WinRAR ---------- | C:\Program Files\Common Files [13/01/2017 01:06:53] - |D| - [7751739] - C:\Program Files\Common Files\Adobe [20/12/2016 09:19:59] - |D| - [1608875] - C:\Program Files\Common Files\AV [27/12/2016 14:19:57] - |D| - [1684403] - C:\Program Files\Common Files\Cisco Systems [08/11/2015 06:02:01] - |D| - [99992] - C:\Program Files\Common Files\DESIGNER [28/04/2015 14:56:41] - |D| - [33318843] - C:\Program Files\Common Files\Intel [26/05/2015 17:12:07] - |D| - [1663401] - C:\Program Files\Common Files\Java [14/07/2009 03:37:05] - |D| - [249235658] - C:\Program Files\Common Files\microsoft shared [14/07/2009 03:37:05] - |D| - [2702] - C:\Program Files\Common Files\Services [19/04/2017 22:52:56] - |D| - [2574296] - C:\Program Files\Common Files\Skype [14/07/2009 03:37:05] - |D| - [41103783] - C:\Program Files\Common Files\SpeechEngines [14/07/2009 03:37:05] - |D| - [10867187] - C:\Program Files\Common Files\System ---------- | Tasks [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [14/07/2009 05:53:47] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.07AA9AE949B67DD41B9BB3D625D0C277] - [14/07/2009 05:53:46] - |A| - [32496] - C:\Windows\Tasks\SCHEDLGU.TXT [MD5.56C4106B4A4B56559600A388D499BB9C] - [13/01/2017 01:07:21] - |A| - [4464] - C:\Windows\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.FD833D6E346805969CC86A7A34D04547] - [02/02/2017 16:52:10] - |A| - [2776] - C:\Windows\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.00000000000000000000000000000000] - [20/06/2016 12:44:45] - |D| - [4762] - C:\Windows\System32\Tasks\Games [MD5.3DFBD395CC2DC23EF165404BBA9A59A9] - [16/04/2017 14:07:09] - |A| - [3360] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.B6A57CE9EFB3239B48194FEEAD84BB1A] - [16/04/2017 14:07:10] - |A| - [3488] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.30F51CFB47B15FAA0D664FC3C0A66D8C] - [07/12/2016 13:51:17] - |A| - [3478] - C:\Windows\System32\Tasks\HPLJCustParticipation : "C:\Program Files\HP\HPLJUT\HPLJUTSCH.exe" [MD5.00000000000000000000000000000000] - [14/07/2009 03:37:09] - |D| - [264412] - C:\Windows\System32\Tasks\Microsoft [MD5.00000000000000000000000000000000] - [28/04/2015 17:15:39] - |D| - [4392] - C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform [MD5.00000000000000000000000000000000] - [14/07/2009 05:54:35] - |D| - [8976] - C:\Windows\System32\Tasks\WPD [MD5.CC0802DD72FE4C7C55C8B850B7D9526F] - [03/08/2015 10:58:53] - |A| - [3082] - C:\Windows\System32\Tasks\{3D899F95-4B20-4FC9-A6D3-845945233EA7} : "C:\Program Files\Internet Explorer\iexplore.exe" [MD5.B78D08B03E02BBEEAE06D65960D3CA1B] - [17/12/2016 02:07:38] - |A| - [3082] - C:\Windows\System32\Tasks\{40092486-B71B-41C0-A118-2F59FF1E1234} : "c:\program files\google\chrome\application\chrome.exe" ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "Netlogon-NamedPipe-In"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "{41E0EAC2-9047-49B9-931E-299BFF13DA6F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Users\Numilog\AppData\Local\Chromium\Application\chrome.exe|Name=Chromium (mDNS-In)|Desc=Règle de trafic entrant pour Chromium autorisant le trafic mDNS|EmbedCtxt=Chromium| "{A601C03A-B5C7-4EC2-BE25-54766D9E7AF8}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files\Mozilla Firefox)| "{911D6DF3-16E7-4773-93AB-0FFDDD531280}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files\Mozilla Firefox)| "{3D3C6E7B-1700-4280-A0D6-DBA53BCE774E}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelEvents.dll,-2002| "{C930C669-08BF-4EA6-99E5-6C7F59957861}"=v2.10|Action=Allow|Active=TRUE|Dir=In|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\HP\HP LaserJet Pro M201-M202\bin\EWSProxy.exe|Name=HP LaserJet Pro M201-M202 EWSProxy|Edge=TRUE| "{75619021-4DD1-4BBC-974B-1A7E6E67F185}"=v2.10|Action=Allow|Active=TRUE|Dir=In|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\HP\HP LaserJet Pro M201-M202\Bin\HPNetworkCommunicatorCom.exe|Name=Communicateur réseau COM HP x86 (HP LaserJet Pro M201-M202)|Edge=TRUE| "{6D47F23B-57ED-4AC7-A823-00CAC5A2E007}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|LPort=15000|Name=Kaspersky Administration Kit| "{8C1C8A67-16D9-45B5-BF6F-AF4B98E21CE6}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Kaspersky Lab\NetworkAgent\klnagwds.exe|Name=klnagwds.exe| "{17B8333D-89A9-47E5-9EC0-EFFF3FC13094}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Kaspersky Lab\NetworkAgent\klnagwds.exe|Name=klnagwds.exe| "{C8CADADB-CB9C-4803-AF39-34077051FA4F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=15000|Name=Kaspersky Administration Kit| "{7039557A-6552-4132-8E1C-8CDE61BE9BAA}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=15000|Name=Kaspersky Administration Kit| "{1D17BD43-5019-4B27-95B8-91CF766CC46D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=C:\Program Files\Kaspersky Lab\NetworkAgent\klnagwds.exe|Name=Kaspersky Security Center WDS| "{5F0084F2-D615-4080-9EEA-E59D7B2D5EC7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|App=C:\Program Files\Kaspersky Lab\NetworkAgent\klnagwds.exe|Name=Kaspersky Security Center WDS| "{1F927B03-879B-42DE-8177-8E13EEF82864}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Kaspersky Lab\NetworkAgent\klnagwds.exe|Name=Kaspersky Security Center WDS| "{E686AD68-AAB6-413E-A276-3BDA92B051BF}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Kaspersky Lab\NetworkAgent\klnagwds.exe|Name=Kaspersky Security Center WDS| "{21F76253-D027-48B5-B438-11B208DEB1DD}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=15001|Name=Kaspersky Administration Kit| "{9A9708EF-144C-409A-8866-7515366DF839}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=15001|Name=Kaspersky Administration Kit| "{8990C41F-E3E8-4F25-82AD-E6586B3D9E7E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|LPort=15001|Name=Kaspersky Administration Kit| "{89D8C37E-811B-430F-AE7B-E365B8B98171}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\TeamViewer\TeamViewer.exe|Name=Teamviewer Remote Control Application| "{7A642D18-96CA-404B-BABE-7CE9D5E9FAB6}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\TeamViewer\TeamViewer.exe|Name=Teamviewer Remote Control Application| "{83CC013A-A0CA-43A3-B17F-67DC1431F99D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\TeamViewer\TeamViewer_Service.exe|Name=Teamviewer Remote Control Service| "{552DD164-6AA4-4EAA-BB86-F8FC7AEC1024}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\TeamViewer\TeamViewer_Service.exe|Name=Teamviewer Remote Control Service| "{0D5A299A-3FA3-4AFD-8ACF-179EF923D195}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "{D85C355D-CDCA-43ED-AFF7-783C73DB8CB1}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\Skype\Phone\Skype.exe|Name=Skype| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (igfx) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{091BC97E-2352-4362-A539-10A6D8FF7596}] : (RDPDR) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{37C9A9DF-DC57-451E-8ED1-81D2EBB3F713}] : (cm_km) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}] : (IPMIDRV) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] : (Display) [] -> @DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) [] -> @mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}] : (Monitor) [] -> @Montr_CI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}] : (MTD) [] -> @SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}] : (Net) [] -> @NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}] : (NetClient) [] -> @NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}] : (NetService) [] -> @NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}] : (NetTrans) [] -> @NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) [] -> @StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175D334-C371-4806-B3BA-71FD53C9258D}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53D29EF7-377C-4D14-864B-EB3A85769359}] : (BiometricDevice) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) [] -> @NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (igfx) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7240100F-6512-4548-8418-9EBB5C6A1A94}] : () [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) [] -> @%SystemRoot%\system32\batt.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) [] -> @hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{95C7A0A0-3094-11D7-A202-00508B9D7D5A}] : () [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990A2BD7-E738-46C7-B26F-1CF8FB9F1391}] : (SmartCard) [] -> @sccls.dll,-300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}] : (SideShow) [] -> @%systemroot%\system32\AuxiliaryDisplayClassInstaller.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9b21fd3a-b1ab-4eb9-956f-e56acfe78bce}] : () [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}] : (Transfer Cable) [] -> @%SystemRoot%\System32\migwiz\migres.dll,-20 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{CC41EBA2-AB57-4F4E-8C3D-1BC33B1E74E3}] : (RDPDR) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}] : (XnaComposite) [] -> @%SystemRoot%\system32\XInput9_1_0.dll,-1000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{DB4F6DDD-9C0E-45E4-9597-78DBBAD0F412}] : (SmartCardFilter) [] -> @sccls.dll,-301 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}] : (WPD) [] -> @wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{F12D3CF8-B11D-457E-8641-BE2AF2D6D204}] : () [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [11/09/2015 20:30:36] - (6.8.0.54) - (Kaspersky Lab ZAO - Kaspersky Unified Driver) - C:\Windows\system32\DRIVERS\kl1.sys [28/04/2015 15:58:23] - (2.1.1.0) - (Infineon Technologies AG - Infineon Trusted Platform Module) - C:\Windows\system32\DRIVERS\IFXTPM.SYS [28/04/2015 15:58:23] - (1.0.7.0) - ( - ISCT and IFFS Driver) - C:\Windows\system32\DRIVERS\ISCTD.sys [12/04/2017 13:35:34] - (5.1.2.251) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\Windows\System32\ATMFD.DLL ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service R0 - [Kernel Driver] - ACPI (Pilote ACPI Microsoft) -> system32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - amdxata () -> system32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - atapi (Canal IDE) -> system32\drivers\atapi.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Compbatt (Pilote de batterie composite Microsoft) -> system32\DRIVERS\compbatt.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Disk (Pilote de disque) -> system32\drivers\disk.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iusb3hcs (Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0) -> system32\DRIVERS\iusb3hcs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - kl1 (kl1) -> system32\DRIVERS\kl1.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msahci () -> system32\drivers\msahci.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> system32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (Pilote de bus PCI) -> system32\drivers\pci.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - spldr (Security Processor Loader Driver) -> (?) - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - storflt (@%SystemRoot%\system32\vmstorfltres.dll,-1000) -> system32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (Pilote d’énumérateur de lecteur virtuel Microsoft) -> system32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgr (Pilote du Gestionnaire de volume) -> system32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (Volumes de stockage) -> system32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: False R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - blbdrive () -> system32\DRIVERS\blbdrive.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (Pilote de CD-ROM) -> system32\DRIVERS\cdrom.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - CSC (@%systemroot%\system32\cscsvc.dll,-202) -> system32\drivers\csc.sys - AcceptPause: False - AcceptStop: False S1 - [File System Driver] - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: False S1 - [Kernel Driver] - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys - AcceptPause: False - AcceptStop: False S1 - [Kernel Driver] - KLFLTDEV (Kaspersky Lab KLFltDev) -> system32\DRIVERS\klfltdev.sys - AcceptPause: False - AcceptStop: False S1 - [File System Driver] - KLIF (Kaspersky Lab Driver) -> system32\DRIVERS\klif.sys - AcceptPause: False - AcceptStop: False S1 - [Kernel Driver] - KLIM6 (Kaspersky Anti-Virus NDIS 6 Filter) -> system32\DRIVERS\klim6.sys - AcceptPause: False - AcceptStop: False S1 - [Kernel Driver] - kltdi (kltdi) -> system32\DRIVERS\kltdi.sys - AcceptPause: False - AcceptStop: False S1 - [Kernel Driver] - kneps (kneps) -> system32\DRIVERS\kneps.sys - AcceptPause: False - AcceptStop: False R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (Pilote BIOS de gestion de systèmes Microsoft) -> system32\DRIVERS\mssmbios.sys - AcceptPause: False - AcceptStop: True S1 - [File System Driver] - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys - AcceptPause: False - AcceptStop: False S1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: False R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: False R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys - AcceptPause: False - AcceptStop: False S1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: False S1 - [Kernel Driver] - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys - AcceptPause: False - AcceptStop: False S1 - [Kernel Driver] - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys - AcceptPause: False - AcceptStop: False S1 - [Kernel Driver] - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys - AcceptPause: False - AcceptStop: False S1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: False R1 - [Kernel Driver] - TermDD (Pilote de périphérique terminal) -> system32\DRIVERS\termdd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - VgaSave () -> \SystemRoot\System32\drivers\vga.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - vwififlt (Virtual WiFi Filter Driver) -> system32\DRIVERS\vwififlt.sys - AcceptPause: False - AcceptStop: False S1 - [Kernel Driver] - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: False S1 - [Kernel Driver] - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys - AcceptPause: False - AcceptStop: False S2 - [Kernel Driver] - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys - AcceptPause: False - AcceptStop: False S2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: False S2 - [Kernel Driver] - Parvdm () -> \SystemRoot\system32\drivers\parvdm.sys - AcceptPause: False - AcceptStop: False S2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: False S2 - [Kernel Driver] - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys - AcceptPause: False - AcceptStop: False S2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: False ---------- | System files (Microsoft Files whitelisted) [MD5.21E785EBD7DC90A06391141AAC7892FB] - [10/06/2009 22:19:05] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - [413.06 Ko] - (1.6.6.4) - C:\Windows\System32\Drivers\adp94xx.sys [MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - [13/07/2009 23:09:16] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - [290.58 Ko] - (1.6.6.1) - C:\Windows\System32\Drivers\adpahci.sys [MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - [13/07/2009 23:09:16] - (.Copyright © 2003 Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) - [143.08 Ko] - (7.2.0.0) - C:\Windows\System32\Drivers\adpu320.sys [MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - [14/07/2009 00:11:17] - (.Copyright (C) Acer Laboratories Inc. 2000 - ALi mini IDE Driver.) - [14.06 Ko] - (1.2.0.0) - C:\Windows\System32\Drivers\aliide.sys [MD5.CD5914170297126B6266860198D1D4F0] - [14/07/2009 00:11:19] - (.Copyright (C) AMD 2003 - Pilote IDE AMD.) - [14.56 Ko] - (6.1.7600.16385) - C:\Windows\System32\Drivers\amdide.sys [MD5.D320BF87125326F996D4904FE24300FC] - [03/05/2015 13:42:12] - (.Copyright © 2008-2010 AMD, Inc. - AHCI 1.2 Device Driver.) - [78.38 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdsata.sys [MD5.EA43AF0C423FF267355F74E7A53BDABA] - [10/06/2009 22:20:03] - (.2008 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows family.) - [155.58 Ko] - (3.6.1540.127) - C:\Windows\System32\Drivers\amdsbs.sys [MD5.46387FB17B086D16DEA267D5BE23A2F2] - [03/05/2015 13:42:12] - (.Copyright © 2008-2010 AMD, Inc. - Storage Filter Driver.) - [21.88 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdxata.sys [MD5.2932004F49677BD84DBC72EDB754FFB3] - [13/07/2009 23:09:17] - (.Copyright 2007 Adaptec, Inc. - Adaptec RAID Storport Driver.) - [74.58 Ko] - (5.2.0.10384) - C:\Windows\System32\Drivers\arc.sys [MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - [13/07/2009 23:09:17] - (.Copyright 2008 Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - [84.58 Ko] - (5.2.0.16119) - C:\Windows\System32\Drivers\arcsas.sys [MD5.BD8869EB9CDE6BBE4508D869929869EE] - [13/07/2009 23:02:49] - (.Copyright 2000-2007, Broadcom Corporation. - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) - [224.5 Ko] - (10.100.4.0) - C:\Windows\System32\Drivers\b57nd60x.sys [MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - [14/07/2009 01:59:16] - (.Copyright (C) Brother Industries, Ltd. 2001-2003 - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) - [13.25 Ko] - (1.10.0.2) - C:\Windows\System32\Drivers\BrFiltLo.sys [MD5.56801AD62213A41F6497F96DEE83755A] - [14/07/2009 01:58:59] - (.Copyright (C) Brother Industries, Ltd. 2001 - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) - [5.13 Ko] - (1.4.0.1) - C:\Windows\System32\Drivers\BrFiltUp.sys [MD5.845B8CE732E67F3B4133164868C666EA] - [14/07/2009 01:57:25] - (.Copyright (C) Brother Industries Ltd.1997-2006 - Pilote Brother Série I/F (WDM).) - [265.75 Ko] - (1.0.1.6) - C:\Windows\System32\Drivers\BrSerId.sys [MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - [14/07/2009 01:59:02] - (.Copyright (C) Brother Industries Ltd.1997-2003 - Brother Serial driver (WDM version).) - [60.88 Ko] - (1.0.0.20) - C:\Windows\System32\Drivers\BrSerWdm.sys [MD5.BD456606156BA17E60A04E18016AE54B] - [14/07/2009 01:58:27] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB MDM Driver.) - [11.88 Ko] - (1.0.0.12) - C:\Windows\System32\Drivers\BrUsbMdm.sys [MD5.AF72ED54503F717A43268B3CC5FAEC2E] - [14/07/2009 01:58:35] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB Serial Driver.) - [11.63 Ko] - (1.0.1.3) - C:\Windows\System32\Drivers\BrUsbSer.sys [MD5.1A231ABEC60FD316EC54C66715543CEC] - [10/06/2009 22:17:52] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [420 Ko] - (4.8.2.0) - C:\Windows\System32\Drivers\bxvbdx.sys [MD5.C0D77BCC53B0D2F5F2E68389069F7018] - [12/04/2010 08:26:26] - (.Copyright (C) 2010 Cisco Systems - CIPC Cisco Discovery Protocol Driver.) - [23.44 Ko] - (1.0.0.0) - C:\Windows\System32\Drivers\CipcCdp.sys [MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - [14/07/2009 00:11:18] - (.Copyright (C) CMD Technology, Inc. 1999-2000 - CMD PCI IDE Bus Driver.) - [15.58 Ko] - (2.0.7.0) - C:\Windows\System32\Drivers\cmdide.sys [MD5.BDDE322DD3E6ABBC589C5DC8A948A661] - [29/08/2008 16:54:40] - (.Copyright © 2001-2008 - USB Modem/Serial Device Driver.) - [101.13 Ko] - (2.0.5.1) - C:\Windows\System32\Drivers\cmusbser.sys [MD5.8B30250D573A8F6B4BD23195160D8707] - [10/06/2009 22:20:26] - (.Copyright © Adaptec, Inc. 2000 - Adaptec Ultra SCSI miniport.) - [69.06 Ko] - (6.0.0.0) - C:\Windows\System32\Drivers\djsvs.sys [MD5.B012A07B584D3A3D6F7C1770ED76E409] - [20/07/2016 11:00:44] - (.Copyright © DigitalPersona, Inc. 1996-2007 - Pilote des lecteurs de caméra d'empreinte digitale.) - [45.5 Ko] - (4.0.0.32) - C:\Windows\System32\Drivers\dpK00701.sys [MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - [10/06/2009 22:19:19] - (.Copyright © 2003-2009 Emulex - Storport Miniport Driver for LightPulse HBAs.) - [443.08 Ko] - (5.2.10.211) - C:\Windows\System32\Drivers\elxstor.sys [MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - [10/06/2009 22:17:55] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) - [3027.5 Ko] - (4.8.13.0) - C:\Windows\System32\Drivers\evbdx.sys [MD5.C44E3C2BAB6837DB337DDEE7544736DB] - [13/07/2009 23:54:14] - (.Copyright ©2007-2009 Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) - [26 Ko] - (1.31.27127.0) - C:\Windows\System32\Drivers\hcw85cir.sys [MD5.295FDC419039090EB8B49FFDBB374549] - [13/07/2009 23:09:17] - (.Copyright (c) 2004-2008 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [65.58 Ko] - (6.12.4.32) - C:\Windows\System32\Drivers\HpSAMD.sys [MD5.5CD5F9A5444E6CDCB0AC89BD62D8B76E] - [03/05/2015 13:42:12] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - ia32.) - [324.38 Ko] - (8.6.2.1014) - C:\Windows\System32\Drivers\iaStorV.sys [MD5.91C5E9F49F32110CED27E2F902FAD607] - [28/04/2015 15:58:23] - (.© Infineon Technologies AG 2003-2007 - Infineon Trusted Platform Module.) - [43.75 Ko] - (2.1.1.0) - C:\Windows\System32\Drivers\ifxtpm.sys [MD5.650EC0E14A59201469820DEBBFE76197] - [28/10/2014 01:48:08] - (.Copyright (c) 1998-2013 Intel Corporation. - Intel Graphics Kernel Mode Driver.) - [3971.93 Ko] - (10.18.10.3995) - C:\Windows\System32\Drivers\igdkmd32.sys [MD5.4173FF5708F3236CF25195FECD742915] - [13/07/2009 23:09:17] - (.Copyright © 2002-05 Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - [40.08 Ko] - (5.4.22.0) - C:\Windows\System32\Drivers\iirsp.sys [MD5.25C5B9FBA67F387B0990526D17D0EDB7] - [30/10/2014 08:37:04] - (.Intel(R) Corporation. - Intel(R) Display Audio Driver.) - [360.27 Ko] - (6.16.0.3155) - C:\Windows\System32\Drivers\IntcDAud.sys [MD5.804504083DFBA3F942145D52A30E568A] - [28/04/2015 15:58:23] - (.Copyright (C) 2011 - ISCT and IFFS Driver.) - [39.94 Ko] - (1.0.7.0) - C:\Windows\System32\Drivers\ISCTD.sys [MD5.18EDC0ACAE6BFA404621A7DB1BAD0C10] - [28/04/2015 15:58:44] - (.(C) 2010-2011 Intel Corporation - Intel(R) USB 3.0 Host Controller Switch Driver.) - [16.05 Ko] - (1.0.7.248) - C:\Windows\System32\Drivers\iusb3hcs.sys [MD5.B1DE832A8D46E3AB591EFE7BBD343338] - [11/09/2015 20:30:36] - (.© 2015 Kaspersky Lab ZAO. - Kaspersky Unified Driver.) - [151.66 Ko] - (6.8.0.54) - C:\Windows\System32\Drivers\kl1.sys [MD5.FBA1476823E3FA834663F2F9A3207224] - [27/12/2016 16:05:21] - (.Copyright © Kaspersky Lab ZAO 1996-2012. - Filter Core [fre_wlh_x86].) - [90.36 Ko] - (1.2.0.42) - C:\Windows\System32\Drivers\klflt.sys [MD5.9B92D9136CF98ABF48DF14C94A1E47CE] - [05/10/2015 11:23:40] - (.Copyright © Kaspersky Lab ZAO 1996-2012. - Klfltdev Pnp device filter [fre_wlh_x86].) - [34.18 Ko] - (8.12.0.76) - C:\Windows\System32\Drivers\klfltdev.sys [MD5.3D7737C78EC2FC9F239E3CAD559C480F] - [27/12/2016 16:05:21] - (.Copyright © Kaspersky Lab ZAO 1996-2013. - Klif Mini-Filter [fre_wlh_x86].) - [648.38 Ko] - (8.12.4.80) - C:\Windows\System32\Drivers\klif.sys [MD5.127A224745FA61227CDEDE03F76C74AC] - [06/08/2015 14:30:08] - (.© 2015 AO Kaspersky Lab. - Packet Network Filter [fre_wlh_x86].) - [34.68 Ko] - (10.0.0.13) - C:\Windows\System32\Drivers\klim6.sys [MD5.8E682FBB727A3A3C3B7FAF986FF4EA54] - [11/06/2015 15:52:38] - (.Copyright © Kaspersky Lab ZAO 1996-2012. - Network filtering component [fre_wxp_x86].) - [53.05 Ko] - (1.7.0.15) - C:\Windows\System32\Drivers\kltdi.sys [MD5.9F1D8F9DC94B86EE45FBCBED7BF357EC] - [11/09/2015 18:18:46] - (.Copyright © Kaspersky Lab ZAO 1996-2012. - KNEPS Power [fre_wxp_x86].) - [151.66 Ko] - (5.2.2.12) - C:\Windows\System32\Drivers\kneps.sys [MD5.EB119A53CCF2ACC000AC71B065B78FEF] - [13/07/2009 23:09:19] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT FC Driver (StorPort).) - [93.58 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_fc.sys [MD5.8ADE1C877256A22E49B75D1CC9161F9C] - [13/07/2009 23:09:18] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SAS Driver (StorPort).) - [87.08 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_sas.sys [MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - [13/07/2009 23:09:18] - (.Copyright © LSI Corporation 2009 - LSI SAS Gen2 Driver (StorPort).) - [53.58 Ko] - (2.0.2.71) - C:\Windows\System32\Drivers\lsi_sas2.sys [MD5.0A036C7D7CAB643A7F07135AC47E0524] - [13/07/2009 23:09:18] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SCSI Driver (StorPort).) - [94.58 Ko] - (1.28.3.67) - C:\Windows\System32\Drivers\lsi_scsi.sys [MD5.8683C1B450F4B3872839308D836E0F92] - [13/04/2017 15:18:25] - (.© Malwarebytes Corporation. - Malwarebytes Anti-Malware.) - [22.71 Ko] - (0.1.13.0) - C:\Windows\System32\Drivers\mbam.sys [MD5.1AA835E8A0B8EDF3D676B4ED4BF5EF07] - [13/04/2017 15:18:25] - (.© Malwarebytes Corporation. - Malwarebytes Chameleon Protection Driver.) - [72.71 Ko] - (1.0.4.0) - C:\Windows\System32\Drivers\mbamchameleon.sys [MD5.12E71DA845D76665B56753AD149E32B3] - [23/04/2017 11:07:46] - (.© Malwarebytes Corporation. - Malwarebytes Anti-Malware.) - [107.71 Ko] - (0.1.7.0) - C:\Windows\System32\Drivers\MBAMSwissArmy.sys [MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - [10/06/2009 22:19:35] - (.Copyright © LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) - [30.08 Ko] - (4.5.1.32) - C:\Windows\System32\Drivers\megasas.sys [MD5.DCBAB2920C75F390CAF1D29F675D03D6] - [13/07/2009 23:09:17] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [230.06 Ko] - (13.5.409.2009) - C:\Windows\System32\Drivers\MegaSR.sys [MD5.BD27D97297934FD4217A37FD28A7ABC7] - [13/04/2017 15:18:25] - (.© Malwarebytes Corporation. - Malwarebytes Web Access Control.) - [50.71 Ko] - (1.0.1.0) - C:\Windows\System32\Drivers\mwac.sys [MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - [13/07/2009 23:09:17] - (.(C) Copyright IBM Corp. 1994, 2002. - IBM ServeRAID Controller Driver.) - [43.58 Ko] - (7.10.0.0) - C:\Windows\System32\Drivers\nfrd960.sys [MD5.B3E25EE28883877076E0E1FF877D02E0] - [03/05/2015 13:42:12] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [114.38 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvraid.sys [MD5.4380E59A170D88C4F1022EFF6719A8A4] - [03/05/2015 13:42:12] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [140.38 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvstor.sys [MD5.AB95ECF1F6659A60DDC166D8315B0751] - [10/06/2009 22:20:06] - (.Copyright © QLogic Corporation 1996-2009 - QLogic Fibre Channel Stor Miniport Driver.) - [1351.06 Ko] - (9.1.8.6) - C:\Windows\System32\Drivers\ql2300.sys [MD5.B4DD51DD25182244B86737DC51AF2270] - [13/07/2009 23:09:18] - (.© QLogic Corporation. - QLogic iSCSI Storport Miniport Driver.) - [103.58 Ko] - (2.1.3.20) - C:\Windows\System32\Drivers\ql40xx.sys [MD5.53B46882544F2E4CA0C0B1B5401259B1] - [02/02/2017 17:11:36] - (.© VS Revo Group, Ltd. - Revo Uninstaller Minifilter.) - [34.8 Ko] - (1.0.0.4) - C:\Windows\System32\Drivers\revoflt.sys [MD5.9AA3A8EBB12201D24211AB003612BA04] - [28/04/2015 15:58:30] - (.Copyright (C) 2012 Realtek Semiconductor Corporation. All Right Reserved. - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver .) - [600.22 Ko] - (7.67.1226.2012) - C:\Windows\System32\Drivers\Rt86win7.sys [MD5.CFE498E0A56212D5345DF8866BF1B65F] - [28/04/2015 15:58:41] - (.Copyright (c) Realtek Semiconductor Corp.1998-2012 - Realtek(r) High Definition Audio Function Driver.) - [2530.76 Ko] - (6.0.1.6828) - C:\Windows\System32\Drivers\RTKVHDA.sys [MD5.D73F31510499D3EE5449A5778B56CE18] - [28/04/2015 15:58:22] - (.Copyright (C) Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7/Win8.) - [201.14 Ko] - (6.2.9200.29038) - C:\Windows\System32\Drivers\RtsP2Stor.sys [MD5.AFF6591724010A8B38DA8F5BF8EE16DA] - [28/04/2015 14:54:15] - (.Copyright (C) 2013 Realtek Semiconductor Corporation - Realtek PCIE NDIS Driver 32428.) - [3009.71 Ko] - (2013.10.1015.2014) - C:\Windows\System32\Drivers\rtwlane.sys [MD5.90A3935D05B494A5A39D37E71F09A677] - [14/07/2009 03:05:20] - (.© 2006 Macrovision Corporation - Macrovision SECURITY Driver.) - [20 Ko] - (4.3.86.0) - C:\Windows\System32\Drivers\secdrv.sys [MD5.A9F0486851BECB6DDA1D89D381E71055] - [10/06/2009 22:20:08] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [39.08 Ko] - (5.1.1039.2600) - C:\Windows\System32\Drivers\sisraid2.sys [MD5.3727097B55738E2F554972C3BE5BC1AA] - [13/07/2009 23:09:18] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [76.06 Ko] - (5.1.1039.3600) - C:\Windows\System32\Drivers\sisraid4.sys [MD5.DB32D325C192B801DF274BFD12A7E72B] - [13/07/2009 23:09:18] - (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) - [20.58 Ko] - (5.0.1.1) - C:\Windows\System32\Drivers\stexstor.sys [MD5.113412F2962F700710BB22FCFE266B65] - [12/09/2013 21:22:10] - (.Copyright © 2006-2013, Intel Corporation. - Intel(R) Management Engine Interface.) - [83.46 Ko] - (9.5.15.1730) - C:\Windows\System32\Drivers\TeeDriver.sys [MD5.0C997B061E3C66BD9E927C1288EB1CC7] - [13/04/2017 14:23:40] - (.-.) - [24.11 Ko] - (2.0.2.0) - C:\Windows\System32\Drivers\TrueSight.sys [MD5.D989D5CF14B91E7C88CBDF3C9341F0EF] - [16/08/2016 03:18:34] - (.Copyright (C) - USB Modem/Serial Device Driver.) - [125.69 Ko] - (3.0.1504.0) - C:\Windows\System32\Drivers\usb2ser.sys [MD5.C7722A92EA3D49631EFDB0CD37EC4A47] - [20/07/2016 11:00:44] - (.Copyright © DigitalPersona, Inc. 1996-2007 - Pilote de la classe USB biométrique de DigitalPersona.) - [46 Ko] - (4.0.0.32) - C:\Windows\System32\Drivers\usbdpfp.sys [MD5.0BDA50FF4DF8E4E3A4B5C031B6622F26] - [20/07/2016 11:00:45] - (.VM. 2007. - Video and Capture Device Driver.) - [1437.63 Ko] - (303.7.1012.2) - C:\Windows\System32\Drivers\USBVM31B.SYS [MD5.E43574F6A56A0EE11809B48C09E4FD3C] - [14/07/2009 00:11:20] - (.Copyright (C) VIA Technologies, Inc. 2000-2007 - VIA Generic PCI IDE Bus Driver.) - [16.58 Ko] - (6.0.6000.170) - C:\Windows\System32\Drivers\viaide.sys [MD5.AC137F3E11AC836ABB20BAD8CA940755] - [20/07/2016 11:00:45] - (.VM. 2007. - Video and Capture Device Driver.) - [1457.5 Ko] - (303.7.1012.2) - C:\Windows\System32\Drivers\VM31bx64.sys [MD5.9DFA0CC2F8855A04816729651175B631] - [10/06/2009 22:20:24] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [138.58 Ko] - (6.0.6000.6210) - C:\Windows\System32\Drivers\vsmraid.sys ---------- | Uninstall [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\cccc473c73fa9fe975b483b4fb5ac3e8] : (.-.) -> [HKU\S-1-5-21-231832257-3894006060-2058159908-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Chromium] : (Chromium.-.Chromium) -> C:\Users\Numilog\AppData\Local\Chromium\APPLIC~1\440238~1.0\INSTAL~1\UNINST~1.EXE /Uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\47C4B1951F670B290BE84EAC76AE6F8CB91FA4D8] : (Package de pilotes Windows - Intel System (12/14/2012 9.4.0.1012).-.Intel) -> C:\PROGRA~1\DIFX\E2D27B125BA94D24\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\lxlpcore.inf_x86_neutral_18ae23427734c71a\lxlpcore.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\526D4C7293E721BAAFB3B00116944540C53D50C8] : (Package de pilotes Windows - Intel hdc (12/14/2012 9.4.0.1012).-.Intel) -> C:\PROGRA~1\DIFX\E2D27B125BA94D24\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\lxlpahci.inf_x86_neutral_bf358228a5c411b1\lxlpahci.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\5E1744503DB85D77B243E49344A8040501869219] : (Package de pilotes Windows - Intel USB (12/14/2012 9.4.0.1012).-.Intel) -> C:\PROGRA~1\DIFX\E2D27B125BA94D24\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\lxlpusb.inf_x86_neutral_2a9292e677a2fc7a\lxlpusb.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\6AA30ABF1916CC0CB3167372846F0DC7B513891A] : (Package de pilotes Windows - Infineon Technologies AG (IFXTPM) System (12/14/2007 2.01.0001.00).-.Infineon Technologies AG) -> C:\PROGRA~1\DIFX\E2D27B125BA94D24\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\ifxtpm.inf_x86_neutral_816932fd6cc123d1\ifxtpm.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\84F48A1FDB4E69B0DD96D248F1534A7FB9F89300] : (Package de pilotes Windows - Realtek Semiconductor Corp. HD Audio Driver (01/22/2013 6.0.1.6828).-.Realtek Semiconductor Corp.) -> C:\PROGRA~1\DIFX\E2D27B125BA94D24\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\hdart.inf_x86_neutral_3e873ebb8777a49b\hdart.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\A622652B4869B1314DCC16D080C296C44380F1F9] : (Package de pilotes Windows - Intel (iusb3hcs) System (12/04/2012 1.0.7.248).-.Intel) -> C:\PROGRA~1\DIFX\E2D27B125BA94D24\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\iusb3hcs.inf_x86_neutral_a9efb878eb3021e2\iusb3hcs.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\BA4A29E3D72B3F64A3873CC0B67F70501C765091] : (Package de pilotes Windows - Realtek Semiconduct Corp. (RSP2STOR) MTD (09/05/2012 6.2.9200.29038).-.Realtek Semiconduct Corp.) -> C:\PROGRA~1\DIFX\E2D27B125BA94D24\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\rtsp2stormsi.inf_x86_neutral_529c9031c0ffd72d\rtsp2stormsi.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\C8CA88388A58C08FD1318BB111CC8BDC79A3B577] : (Package de pilotes Windows - Intel (ISCT) System (05/04/2012 1.0.7.0).-.Intel) -> C:\PROGRA~1\DIFX\E2D27B125BA94D24\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\isctd.inf_x86_neutral_c0c2c75f8d1df6cc\isctd.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe" ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\F7452125C75E9A7A88EB5656E6E33F345CC310E3] : (Package de pilotes Windows - Realtek (RTL8167) Net (12/26/2012 7.067.1226.2012).-.Realtek) -> C:\PROGRA~1\DIFX\E2D27B125BA94D24\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\rt86win7.inf_x86_neutral_2a44e4fd0ac5e970\rt86win7.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fingerprint Reader Driver_is1] : (Fingerprint Reader Driver 2.3.3.5.-.ZKTeco Inc.) -> "C:\Program Files\FPSensor\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) -> "C:\Program Files\Google\Chrome\Application\57.0.2987.133\Installer\setup.exe" --uninstall --system-level --verbose-logging [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{AFE2039C-010F-4EA1-9A0E-F2D7293F68E9}] : (HSPA USB Modem.-.Nom de votre société) -> "C:\Program Files\InstallShield Installation Information\{AFE2039C-010F-4EA1-9A0E-F2D7293F68E9}\setup.exe" -runfromtemp -l0x040c -removeonly [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\InstallWIX_{2924BEDA-E0D7-4DAF-A224-50D2E0B12F5B}] : (Agent d'administration de Kaspersky Security Center.-.Kaspersky Lab) -> MsiExec.exe /I{2924BEDA-E0D7-4DAF-A224-50D2E0B12F5B} /l*v "C:\Windows\Temp\$klnagent-uninstall.log" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] : (Malwarebytes Anti-Malware version 2.0.2.1012.-.Malwarebytes Corporation) -> "C:\Program Files\Malwarebytes Anti-Malware\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 53.0 (x86 fr)] : (Mozilla Firefox 53.0 (x86 fr).-.Mozilla) -> "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files\Mozilla Maintenance Service\uninstall.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\TeamViewer] : (TeamViewer 12.-.TeamViewer) -> "C:\Program Files\TeamViewer\uninstall.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 5.21 (32-bit).-.win.rar GmbH) -> C:\Program Files\WinRAR\uninstall.exe ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{010788AB-706E-4604-A46B-6785EAB64B5E}] : (HPLJDXPHelper.-.HP) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{06C9D648-CFC6-48CC-A11B-C4A21BEDDAF1}] : (HPLJUTCore.-.HP) -> MsiExec.exe /I{06C9D648-CFC6-48CC-A11B-C4A21BEDDAF1} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}] : (Cisco PEAP Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}] : (hppLaserJetService.-.Hewlett-Packard) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0F3E9AF6-6694-4E53-930C-176124F7782D}] : (HP Product FWUpdater.-.Hewlett-Packard Company) -> MsiExec.exe /I{0F3E9AF6-6694-4E53-930C-176124F7782D} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218045F0}] : (Java 8 Update 45.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218045F0} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2924BEDA-E0D7-4DAF-A224-50D2E0B12F5B}] : (Agent d'administration de Kaspersky Security Center.-.Kaspersky Lab) -> MsiExec.exe /X{2924BEDA-E0D7-4DAF-A224-50D2E0B12F5B} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{32DE03E8-D0B3-4D13-A885-D3EDFC959EEC}] : (hpStatusAlerts.-.HP Development Company, L.P.) -> MsiExec.exe /I{32DE03E8-D0B3-4D13-A885-D3EDFC959EEC} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}] : (Skype™ 7.33.-.Skype Technologies S.A.) -> MsiExec.exe /X{3B7E914A-93D5-4A29-92BB-AF8C3F66C431} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3DE07612-060C-4FB1-BCF1-B912DF617CF2}] : (HP LaserJet Pro M201-M202 HP Device Toolbox.-.Hewlett-Packard Co.) -> MsiExec.exe /I{3DE07612-060C-4FB1-BCF1-B912DF617CF2} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{624F17AE-216E-481D-A899-35B76913CFCE}] : (hppM201-M202LaserJetService.-.Hewlett-Packard) -> MsiExec.exe /I{624F17AE-216E-481D-A899-35B76913CFCE} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}] : (Cisco EAP-FAST Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1] : (Revo Uninstaller Pro 3.1.9.-.VS Revo Group, Ltd.) -> "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6767DFEE-8909-453A-B553-C7693912B2EB}] : (Canon MF Toolbox 4.9.1.1.mf15.-.CANON INC.) -> C:\Program Files\Canon\MF Toolbox Ver4.9\Uninst.exe ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{69FAB441-44DD-46BD-A3D9-74D22D260C63}] : (hpStatusAlertsM201-M202.-.Hewlett-Packard) -> MsiExec.exe /I{69FAB441-44DD-46BD-A3D9-74D22D260C63} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7A4192A1-84C4-4E90-A31B-B4847CA8E23A}] : (Kaspersky Endpoint Security 10 for Windows.-.Kaspersky Lab) -> msiexec.exe /x {7A4192A1-84C4-4E90-A31B-B4847CA8E23A} /qn ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{81AF5BDD-628F-4368-8FD7-093B6AD2B907}] : (HPLJUTM201_202.-.HP) -> MsiExec.exe /I{81AF5BDD-628F-4368-8FD7-093B6AD2B907} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{83F19659-71E9-452C-8D23-9A7731E713C5}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}] : (HP Update.-.Hewlett-Packard) -> MsiExec.exe /X{912D30CF-F39E-4B31-AD9A-123C6B794EE2} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A5107464-AA9B-4177-8129-5FF2F42DD322}] : (REALTEK Wireless LAN Driver.-.REALTEK Semiconductor Corp.) -> C:\Program Files\InstallShield Installation Information\{A5107464-AA9B-4177-8129-5FF2F42DD322}\Install.exe -uninst -l0x40C ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824214663}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824214663} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}] : (Adobe Acrobat Reader DC - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AC0F074E4100} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{ACCC614F-2B0E-4F35-BE76-9B936D1E91A0}] : (32 Bit HP CIO Components Installer.-.Hewlett-Packard) -> MsiExec.exe /I{ACCC614F-2B0E-4F35-BE76-9B936D1E91A0} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AF312B06-5C5C-468E-89B3-BE6DE2645722}] : (Cisco LEAP Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{AF312B06-5C5C-468E-89B3-BE6DE2645722} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AFE2039C-010F-4EA1-9A0E-F2D7293F68E9}] : (HSPA USB Modem.-.Nom de votre société) -> MsiExec.exe /I{AFE2039C-010F-4EA1-9A0E-F2D7293F68E9} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2D94BC8-389B-4C9E-9C45-3E3D4C257DE0}] : (Cisco IP Communicator.-.Cisco Systems, Inc.) -> MsiExec.exe /X{B2D94BC8-389B-4C9E-9C45-3E3D4C257DE0} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B458B100-FE6F-4E6C-BEA9-1C6CBAA5B7EC}] : (HP LaserJet Pro M201-M202 Common Files.-.Hewlett-Packard Co.) -> MsiExec.exe /I{B458B100-FE6F-4E6C-BEA9-1C6CBAA5B7EC} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}] : (LJDXPHelperUI.-.HP) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{e71f6d30-080d-43ef-87e0-1ac4d7f8adfa}] : (HP LaserJet Pro M201-M202.-.Hewlett-Packard) -> C:\Program Files\HP\csiInstaller\e71f6d30-080d-43ef-87e0-1ac4d7f8adfa\Setup.exe /Uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}] : (Intel(R) Processor Graphics.-.Intel Corporation) -> "C:\Program Files\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe" -uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> C:\Program Files\Realtek\Audio\HDA\RtlUpd.exe -r -m -nrg2709 ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F1390872-2500-4408-A46C-CD16C960C661}] : (HP Unified IO.-.HP) -> MsiExec.exe /I{F1390872-2500-4408-A46C-CD16C960C661} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F29F0573-5F6F-48B4-8A1E-46B04CB40EC7}] : (HPDXP.-.HP) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F2C371CB-0B8B-4135-82AA-DA2147635412}] : (HPLJProM201M202.-.Hewlett-Packard) -> MsiExec.exe /X{F2C371CB-0B8B-4135-82AA-DA2147635412} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F8D35826-1004-4c08-925B-7BB31CAFA0D6}] : (Canon iR1133 Series.-.CANON INC.) -> "C:\Windows\system32\CanonMF Uninstaller Information\{F8D35826-1004-4c08-925B-7BB31CAFA0D6}\misc\DelDrv.exe" /U:{F8D35826-1004-4c08-925B-7BB31CAFA0D6} /L0x0000 ---------- | Installer [HKCR\Installer\Products\001B854BF6EFC6E4EB9AC1C6AB5A7BCE] : HP LaserJet Pro M201-M202 Common Files [HKCR\Installer\Products\144BAF96DD44DB643A9D472DD262C036] : hpStatusAlertsM201-M202 [HKCR\Installer\Products\1A2914A74C4809E43AB14B48C78A2EA3] : Kaspersky Endpoint Security 10 for Windows -> C:\Windows\Installer\{7A4192A1-84C4-4E90-A31B-B4847CA8E23A}\setup2.ico [HKCR\Installer\Products\1BF32BEDFF40CA44895BEE2B346DA582] : LJDXPHelperUI [HKCR\Installer\Products\21670ED3C0601BF4CB1F9B21FD16C72F] : HP LaserJet Pro M201-M202 HP Device Toolbox [HKCR\Installer\Products\2780931F005280444AC6DC619C066C16] : HP Unified IO [HKCR\Installer\Products\3750F92FF6F54B84A8E1640BC44BE07C] : HPDXP [HKCR\Installer\Products\4663C4C0A75196D44B4713BE2FEEA13E] : hppLaserJetService [HKCR\Installer\Products\4EA42A62D9304AC4784BF2381208540F] : Java 8 Update 45 [HKCR\Installer\Products\60B213FAC5C5E864983BEBD62E467522] : Cisco LEAP Module [HKCR\Installer\Products\68AB67CA408033019195008142126436] : Adobe Refresh Manager -> C:\Windows\Installer\{AC76BA86-0804-1033-1959-001824214663}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA76301B744CAF070E41400] : Adobe Acrobat Reader DC - Français -> C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico [HKCR\Installer\Products\6E0FE4A0219AEDC47A3FE6657E1CA3F2] : Cisco PEAP Module [HKCR\Installer\Products\7810FB462D3FB89499AE61A39FEAE69C] : Cisco EAP-FAST Module [HKCR\Installer\Products\846D9C606CFCCC841AB14C2AB1DEAD1F] : HPLJUTCore [HKCR\Installer\Products\8CB49D2BB983E9C4C954E3D3C452D70E] : Cisco IP Communicator -> C:\Windows\Installer\{B2D94BC8-389B-4C9E-9C45-3E3D4C257DE0}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8E30ED233B0D31D48A583DDECF59E9CE] : hpStatusAlerts [HKCR\Installer\Products\9D5AC231547CB0B43A2BC8A7E63CEEE7] : [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A419E7B35D3992A429BBFAC8F3664C13] : Skype™ 7.33 -> C:\Windows\Installer\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}\SkypeIcon.exe [HKCR\Installer\Products\ADEB42927D0EFAD42A42052D0E1BF2B5] : Agent d'administration de Kaspersky Security Center -> C:\Windows\Installer\{2924BEDA-E0D7-4DAF-A224-50D2E0B12F5B}\setup2.ico [HKCR\Installer\Products\BA887010E60740644AB67658AE6BB4E5] : HPLJDXPHelper [HKCR\Installer\Products\BC173C2FB8B0531428AAAD1274364521] : HPLJProM201M202 -> C:\Windows\Installer\{F2C371CB-0B8B-4135-82AA-DA2147635412}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C9302EFAF0101AE4A9E02F7D92F3869E] : HSPA USB Modem -> C:\Windows\Installer\{AFE2039C-010F-4EA1-9A0E-F2D7293F68E9}\ARPPRODUCTICON.exe [HKCR\Installer\Products\DDB5FA18F8268634F87D90B3A62D9B70] : HPLJUTM201_202 [HKCR\Installer\Products\EA71F426E612D1848A99537B9631FCEC] : hppM201-M202LaserJetService [HKCR\Installer\Products\EEFD76769098A3545B357C9693212BBE] : [HKCR\Installer\Products\F416CCCAE0B253F4EB67B939D6E1190A] : 32 Bit HP CIO Components Installer [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\FC03D219E93F13B4DAA921C3B697E42E] : HP Update -> C:\Windows\Installer\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}\ARPPRODUCTICON.exe ---------- | ADS ---------- | Drives ---------- | MBR ---------- | 20 LastEventLog Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Le service Services de chiffrement n’a pas pu initialiser l’objet sauvegarde VSS « System Writer ». Details: Could not query the status of the EventSystem service. System Error: Un arrêt système est en cours. . ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ L’inscription automatique de certificat pour CEVITAL\mehdi.benhadid a échoué (0x8007003a) (Le serveur spécifié ne peut pas exécuter l’opération demandée. ). ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ ------------ ------------ ------------ ------------ ------------ ------------ ------------ ------------ ------------ ------------ ------------ ----------( EOF)---------- - 2837 | 15:04:26