--------------- QuickDiag | g3n-h@ckm@n | V3_23.04.17.2 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 25/04/2017 18:58:37 Updated 23/04/2017 | 18.25 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Maestro (Administrator)] - [MAESTRO-PC] (S-1-5-21-2687808087-1106675009-1755940479-1000) System: Microsoft Windows 7 Édition Familiale Premium - Service Pack 1 - (6.1.7601) - BuildType: Multiprocessor Free - OSLanguage: 1036 (080c) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 7 Édition Familiale Premium |C:\Windows|\Device\Harddisk0\Partition3 Boot : Normal boot PC: XPS 8300 - Dell Inc. - IdNumber: 24CC85J - UUID: 4C4C4544-0034-4310-8043-B2C04F38354A Processor : X64 - 3392 Mhz - Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz BIOS Date: 10/17/11 11:18:49 Ver: 04.06.04 - - Dell Inc. - S/N: 24CC85J - A06 - DELL - 20100118 CoreTemp : ? Celsius ----------| Quick ---------- | SoundDevice NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0018&SUBSYS_10DE0101&REV_1001\5&13D0F68E&0&0201 NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000 NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0018&SUBSYS_10DE0101&REV_1001\5&13D0F68E&0&0301 Razer Surround Audio Controller - Status: OK - Manufacturer: Razer Inc - PNPDeviceID: ROOT\MEDIA\0000 Périphérique High Definition Audio - Status: OK - Manufacturer: Microsoft - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0887&SUBSYS_102804AA&REV_1003\4&2718705D&0&0001 Périphérique High Definition Audio - Status: OK - Manufacturer: Microsoft - PNPDeviceID: HDAUDIO\FUNC_01&VEN_8086&DEV_2805&SUBSYS_80862805&REV_1000\4&2718705D&0&0301 NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0018&SUBSYS_10DE0101&REV_1001\5&13D0F68E&0&0001 NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0018&SUBSYS_10DE0101&REV_1001\5&13D0F68E&0&0101 ---------- | Video NVIDIA GeForce GTX 560 Ti - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: nvd3dumx.dll,nvwgf2umx.dll,nvwgf2umx.dll,nvd3dum,nvwgf2um,nvwgf2um - PNPDeviceID: PCI\VEN_10DE&DEV_1082&SUBSYS_087310DE&REV_A1\4&DDE86B&0&0008 - AdapterCompatibility: NVIDIA - RAM: 1342177280 Inegrated Video Chipset DeviceName: NVIDIA GeForce GTX 560 Ti - DriverVersion: 21.21.13.7866 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 22016 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 29184 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 24064 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25600 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\lvcod64.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 475936 - Manufacturer: Logitech Inc. - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16384 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 81408 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK ---------- | CPU CPU #1 value:18 % CPU #2 value:0 % CPU #3 value:6 % CPU #4 value:0 % CPU #5 value:6 % CPU #6 value:0 % CPU #7 value:18 % CPU #8 value:0 % Total Overall CPU Usage value:6 % ---------- | Network Broadcom NetLink [TM] Gigabit Ethernet : SENT:0 bytes/sec / RECVD:0 bytes/sec Carte Half-Mini de réseau local sans fil Wireless-N DW1501 : SENT:806 bytes/sec / RECVD:806 bytes/sec Microsoft Virtual WiFi Miniport Adapter : SENT:0 bytes/sec / RECVD:0 bytes/sec isatap.{A28EE6D5-EC11-4D24-9E70-B9330BB98EE9} : SENT:0 bytes/sec / RECVD:0 bytes/sec Teredo Tunneling Pseudo-Interface : SENT:0 bytes/sec / RECVD:0 bytes/sec Overall -> SEND Maxium:806 bytes/sec, / RECEIVE Maximum:806 bytes/sec WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : ROOT\MS_SSTPMINIPORT\0000 WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : ROOT\MS_AGILEVPNMINIPORT\0000 WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : ROOT\MS_L2TPMINIPORT\0000 WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : ROOT\MS_PPTPMINIPORT\0000 WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : ROOT\MS_PPPOEMINIPORT\0000 WAN Miniport (IPv6) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIPV6\0000 WAN Miniport (Network Monitor) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANBH\0000 Broadcom NetLink (TM) Gigabit Ethernet - Ethernet 802.3 - Broadcom - Status: - PnPID : PCI\VEN_14E4&DEV_1691&SUBSYS_04AA1028&REV_01\4&290E7F79&0&00E3 WAN Miniport (IP) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIP\0000 Carte Microsoft ISATAP - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0001 RAS Async Adapter - - - Status: - PnPID : Teredo Tunneling Pseudo-Interface - Tunnel - Microsoft - Status: - PnPID : ROOT\*TEREDO\0000 Carte Half-Mini de réseau local sans fil Wireless-N DW1501 - Ethernet 802.3 - Broadcom - Status: - PnPID : PCI\VEN_14E4&DEV_4727&SUBSYS_00101028&REV_01\4&AA4FEAE&0&00E0 Apple Mobile Device Ethernet - - - Status: - PnPID : Microsoft Virtual WiFi Miniport Adapter - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&21E31E4A&0&01 Périphérique Bluetooth (réseau personnel) - - - Status: - PnPID : Remote NDIS based Internet Sharing Device - - - Status: - PnPID : ---------- | Memory RAM = Total (MB) : 8371 | Free (MB) : 3848 Pagefile = Total (MB) : 16739 | Free (MB) : 11547 Virtual = Total (MB) : 4194 | Free (MB) : 4002 Physical Memory 1 : Capacity: 4294967296 - DIMM1 - Posit.: 0 - Manufacturer: Hyundai - PartNumber: HMT351U6BFR8C-H9 - S/N: 193CFC6 Physical Memory 3 : Capacity: 4294967296 - DIMM2 - Posit.: 0 - Manufacturer: Hyundai - PartNumber: HMT351U6BFR8C-H9 - S/N: 197CFC6 ---------- | SID Users Administrateur : [S-1-5-21-2687808087-1106675009-1755940479-500] HomeGroupUser$ : [S-1-5-21-2687808087-1106675009-1755940479-1003] Invité : [S-1-5-21-2687808087-1106675009-1755940479-501] Maestro : [S-1-5-21-2687808087-1106675009-1755940479-1000] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Utilisateurs : [S-1-5-32-545] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] HomeUsers : [S-1-5-21-2687808087-1106675009-1755940479-1002] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [] | Total : 918.22 Go | Free : 57.64 Go -> NTFS [SATA] Disk Usage Information [5 total Physical Disks] Physical Drive #0 [C:] : Read:49,158 bytes/sec, Written:360,495 bytes/sec Max Read:49,158 bytes/sec, Max Write:360,495 bytes/sec Physical Drive #1 [G:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #2 [H:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #3 [I:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #4 [J:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:49,158 bytes/sec, Write Maximum:360,495 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 3 Part. - PnPID : IDE\DISKST31000524AS____________________________JC4A____\5&25083765&0&0.0.0 DeviceID: \\.\PHYSICALDRIVE2 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01\18E391066476&1 DeviceID: \\.\PHYSICALDRIVE4 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC-&PROD_MS/MS-PRO&REV_1.03\18E391066476&3 DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC-&PROD_SD/MMC&REV_1.00\18E391066476&0 DeviceID: \\.\PHYSICALDRIVE3 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC-&PROD_SM/XD-PICTURE&REV_1.02\18E391066476&2 ---------- | Windows updates Last detection : 2017-04-25 13:45:18 Downloaded last ones : 2017-04-14 07:54:15 Installed last ones : 2017-04-14 08:03:56 Next search : 2017-04-26 11:35:09 Windows Is Activated ---------- | Browsers IE : 11.0.9600.18639 (© Microsoft Corporation. Tous droits réservés.) Default : "C:\Users\Maestro\AppData\Local\Google\Chrome\Application\chrome.exe" -- "%1" ---------- | FlashPlayer FlashPlayer ActiveX : 25.0.0.148 FlashPlayer Plugin : 25.0.0.148 ---------- | Security AV : Bitdefender Antivirus Disabled AS : Windows Defender Disabled FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Auto(2)] = Running AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 280 | [Owner : Système | Parent : 4(System) | 2.1 Mo] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7601.23714) = C:\Windows\System32\smss.exe [14/04/2017 09:53:50] CPU Usage:0 % 472 | [Owner : Système | Parent : 464() | 5.68 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe [14/07/2009 01:19:49] CPU Usage:0 % 536 | [Owner : Système | Parent : 524() | 7.47 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe [14/07/2009 01:19:49] CPU Usage:0 % 544 | [Owner : Système | Parent : 464() | 5.24 Mo] - (.Microsoft Corporation - Application de démarrage de Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe [14/07/2009 01:52:37] CPU Usage:0 % 592 | [Owner : Système | Parent : 524() | 8.91 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.1.7601.18540) = C:\Windows\System32\winlogon.exe [15/10/2014 23:38:15] CPU Usage:0 % 640 | [Owner : Système | Parent : 544(wininit.exe) | 13.28 Mo] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.1.7601.18829) = C:\Windows\System32\services.exe [15/05/2015 14:19:15] CPU Usage:0 % 648 | [Owner : Système | Parent : 544(wininit.exe) | 15.68 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.23714) = C:\Windows\System32\lsass.exe [14/04/2017 09:53:46] CPU Usage:0 % 656 | [Owner : Système | Parent : 544(wininit.exe) | 5.24 Mo] - (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe [21/11/2010 05:23:53] CPU Usage:0 % 748 | [Owner : Système | Parent : 640(services.exe) | 12.23 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 804 | [Owner : Système | Parent : 640(services.exe) | 374.23 Mo] - (.Bitdefender - Bitdefender Security Service.) - (21.0.25.80) = C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [24/04/2017 17:55:56] CPU Usage:1 % 1040 | [Owner : Système | Parent : 640(services.exe) | 12.54 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.2.0.0) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [07/01/2017 18:09:22] CPU Usage:0 % 1120 | [Owner : SERVICE RÉSEAU | Parent : 640(services.exe) | 11.45 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1276 | [Owner : SERVICE LOCAL | Parent : 640(services.exe) | 27.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1316 | [Owner : Système | Parent : 640(services.exe) | 240.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1348 | [Owner : SERVICE LOCAL | Parent : 640(services.exe) | 23.05 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1372 | [Owner : Système | Parent : 640(services.exe) | 57.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1456 | [Owner : SERVICE LOCAL | Parent : 1276(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (6.1.7601.23471) = C:\Windows\System32\audiodg.exe [12/10/2016 09:31:40] CPU Usage:0 % 1480 | [Owner : Système | Parent : 640(services.exe) | 7.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1588 | [Owner : SERVICE RÉSEAU | Parent : 640(services.exe) | 32.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1680 | [Owner : Système | Parent : 1316(svchost.exe) | 6.7 Mo] - (.Microsoft Corporation - Infrastructure d’extensibilité pour les services réseau Windows sans fil 802.11.) - (6.1.7600.16385) = C:\Windows\System32\wlanext.exe [14/07/2009 02:07:15] CPU Usage:0 % 1692 | [Owner : Système | Parent : 472(csrss.exe) | 3.39 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (6.1.7601.23714) = C:\Windows\System32\conhost.exe [14/04/2017 09:53:50] CPU Usage:0 % 1760 | [Owner : Système | Parent : 640(services.exe) | 16.28 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe [15/08/2012 16:33:02] CPU Usage:0 % 1776 | [Owner : Système | Parent : 1040(NVDisplay.Container.exe) | 27.84 Mo] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.7866) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [09/05/2012 20:35:03] CPU Usage:0 % 1824 | [Owner : SERVICE LOCAL | Parent : 640(services.exe) | 16.57 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1876 | [Owner : SERVICE LOCAL | Parent : 640(services.exe) | 19.09 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1996 | [Owner : Système | Parent : 640(services.exe) | 4.28 Mo] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.21.4663) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [02/02/2017 23:21:46] CPU Usage:0 % 1524 | [Owner : Système | Parent : 640(services.exe) | 12.55 Mo] - (.Apple Inc. - MobileDeviceService.) - (17.364.0.84) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [02/03/2016 15:31:28] CPU Usage:0 % 2260 | [Owner : Système | Parent : 640(services.exe) | 7.61 Mo] - (.Apple Inc. - Bonjour Service.) - (3.1.0.1) = C:\Program Files\Bonjour\mDNSResponder.exe [12/08/2015 17:03:42] CPU Usage:0 % 2280 | [Owner : Système | Parent : 640(services.exe) | 10.23 Mo] - (.Broadcom Corporation - Broadcom Management Agent.) - (1.42.5.0) = C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [29/06/2010 16:12:20] CPU Usage:0 % 2308 | [Owner : Système | Parent : 640(services.exe) | 9.91 Mo] - (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) - (0.9.4.4078) = C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [07/10/2014 15:33:56] CPU Usage:0 % 2476 | [Owner : Système | Parent : 640(services.exe) | 18.22 Mo] - (.BlueStack Systems, Inc. - BlueStacks Updater Service.) - (0.9.4.4078) = C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [07/10/2014 15:36:00] CPU Usage:0 % 2580 | [Owner : Système | Parent : 640(services.exe) | 7.74 Mo] - (.Broadcom Corporation. - Bluetooth Support Server.) - (6.3.0.6200) = C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [21/07/2010 13:46:28] CPU Usage:0 % 2608 | [Owner : Système | Parent : 640(services.exe) | 14.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 2660 | [Owner : Système | Parent : 640(services.exe) | 22.2 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.3.2180.8799) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [07/01/2017 16:20:43] CPU Usage:0 % 2780 | [Owner : SERVICE RÉSEAU | Parent : 640(services.exe) | 14.76 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.2.2159.775) = C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [07/01/2017 16:20:50] CPU Usage:0 % 2816 | [Owner : Système | Parent : 640(services.exe) | 16.81 Mo] - (.Bitdefender - Bitdefender Agent.) - (21.0.24.24) = C:\Program Files\Bitdefender Agent\ProductAgentService.exe [07/01/2017 15:26:37] CPU Usage:0 % 2908 | [Owner : Système | Parent : 640(services.exe) | 7 Mo] - (.Razer Inc. - Razer Chroma SDK Service.) - (1.0.8.3) = C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [21/03/2017 05:11:36] CPU Usage:0 % 2956 | [Owner : Système | Parent : 640(services.exe) | 818.42 Mo] - (.- GameScannerService.) - (1.0.6.2835) = C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [25/09/2016 00:20:57] CPU Usage:0 % 1544 | [Owner : Maestro | Parent : 2660(nvcontainer.exe) | 33.68 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.3.2180.8799) = C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [07/01/2017 16:20:43] CPU Usage:0 % 2360 | [Owner : Maestro | Parent : 1316(svchost.exe) | 44.73 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe [14/07/2009 01:37:38] CPU Usage:1 % 2352 | [Owner : Maestro | Parent : 640(services.exe) | 14.06 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe [10/01/2013 17:06:46] CPU Usage:0 % 2216 | [Owner : Maestro | Parent : 2368() | 100.38 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.23537) = C:\Windows\explorer.exe [12/10/2016 09:31:02] CPU Usage:0 % 3340 | [Owner : Système | Parent : 640(services.exe) | 18.97 Mo] - (.Rsupport Co., Ltd. - Remote View 5.0 Agent.) - (5.2.19.1) = C:\Program Files (x86)\Samsung\Remote PC\rvagent.exe [27/12/2014 00:56:15] CPU Usage:0 % 3464 | [Owner : Maestro | Parent : 1776(nvxdsync.exe) | 14.33 Mo] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.7866) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [09/05/2012 20:35:04] CPU Usage:0 % 3636 | [Owner : Maestro | Parent : 3340(rvagent.exe) | 9.11 Mo] - (.Rsupport Co., Ltd. - RemoteView Agent Tray Application.) - (5.2.16.1) = C:\Program Files (x86)\Samsung\Remote PC\rvagtray.exe [27/12/2014 00:56:15] CPU Usage:0 % 3688 | [Owner : Système | Parent : 640(services.exe) | 15.51 Mo] - (.Razer Inc - RazerSurround VAD Streaming Service.) - (1.1.63.0) = C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [04/11/2016 04:56:50] CPU Usage:0 % 3824 | [Owner : SERVICE LOCAL | Parent : 640(services.exe) | 7.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 3884 | [Owner : Système | Parent : 640(services.exe) | 19.73 Mo] - (.Bitdefender - Bitdefender Update Service.) - (21.0.25.76) = C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [24/04/2017 17:57:50] CPU Usage:0 % 3964 | [Owner : Maestro | Parent : 3372() | 184.27 Mo] - (.Razer Inc. - Razer Synapse.) - (2.20.17.302) = C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [02/03/2017 17:19:24] CPU Usage:0 % 4088 | [Owner : Système | Parent : 640(services.exe) | 17.79 Mo] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4311.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [17/07/2012 16:14:44] CPU Usage:0 % 3684 | [Owner : Système | Parent : 4088(WLIDSVC.EXE) | 5.16 Mo] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4311.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [17/07/2012 16:14:44] CPU Usage:0 % 4520 | [Owner : Système | Parent : 640(services.exe) | 23.45 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe [11/05/2012 15:49:06] CPU Usage:0 % 4744 | [Owner : SERVICE RÉSEAU | Parent : 640(services.exe) | 7.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 4752 | [Owner : Système | Parent : 748(svchost.exe) | 6.91 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) = C:\Windows\System32\wbem\unsecapp.exe [14/07/2009 01:47:12] CPU Usage:0 % 4708 | [Owner : SERVICE LOCAL | Parent : 1316(svchost.exe) | 7.77 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (6.2.9200.16384) = C:\Windows\System32\WUDFHost.exe [18/11/2012 04:00:42] CPU Usage:0 % 5040 | [Owner : Système | Parent : 748(svchost.exe) | 8.45 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe [21/11/2010 05:24:15] CPU Usage:0 % 3936 | [Owner : SERVICE RÉSEAU | Parent : 640(services.exe) | 15.73 Mo] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe [21/11/2010 05:25:05] CPU Usage:0 % 5320 | [Owner : SERVICE LOCAL | Parent : 640(services.exe) | 20.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 5196 | [Owner : Système | Parent : 748(svchost.exe) | 9.28 Mo] - (.Microsoft Corporation - COM Surrogate.) - (6.1.7600.16385) = C:\Windows\System32\dllhost.exe [14/07/2009 01:59:17] CPU Usage:0 % 5564 | [Owner : Maestro | Parent : 4828() | 1.04 Mo] - (.Node.js - NVIDIA Web Helper Service.) - (6.9.5.0) = C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [07/01/2017 16:21:02] CPU Usage:0 % 5164 | [Owner : Maestro | Parent : 536(csrss.exe) | 4.4 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (6.1.7601.23714) = C:\Windows\System32\conhost.exe [14/04/2017 09:53:50] CPU Usage:0 % 4552 | [Owner : Maestro | Parent : 3964(RzSynapse.exe) | 70.61 Mo] - (.- RzStats.Manager.) - (1.2.16.0) = C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe [19/01/2017 05:22:34] CPU Usage:0 % 5520 | [Owner : Système | Parent : 640(services.exe) | 6.28 Mo] - (.Intel Corporation - Local Manageability Service.) - (7.0.0.1135) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [09/05/2012 17:33:26] CPU Usage:0 % 5540 | [Owner : Maestro | Parent : 3964(RzSynapse.exe) | 10.56 Mo] - (.Razer, Inc. - RazerIngameEngine.) - (1.0.12.10108) = C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe [14/12/2016 22:59:18] CPU Usage:0 % 2056 | [Owner : Maestro | Parent : 3964(RzSynapse.exe) | 39.66 Mo] - (.Razer, Inc. - Razer Chromium Render Process.) - (1.0.12.10108) = C:\Users\Maestro\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe [19/04/2016 14:48:16] CPU Usage:0 % 4760 | [Owner : Maestro | Parent : 4552(RzStats.Manager.exe) | 20.25 Mo] - (.Razer, Inc. - Razer Chromium Render Process.) - (1.0.12.10108) = C:\Users\Maestro\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe [19/04/2016 14:53:46] CPU Usage:0 % 3180 | [Owner : Maestro | Parent : 804(vsserv.exe) | 24.81 Mo] - (.Bitdefender - Bitdefender agent.) - (21.0.25.76) = C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [24/04/2017 17:56:06] CPU Usage:0 % 3776 | [Owner : Maestro | Parent : 3964(RzSynapse.exe) | 205.32 Mo] - (.Razer, Inc. - Razer Chromium Render Process.) - (1.0.12.10108) = C:\Users\Maestro\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe [19/04/2016 14:48:16] CPU Usage:1 % 3792 | [Owner : Maestro | Parent : 3964(RzSynapse.exe) | 35.72 Mo] - (.Razer, Inc. - Razer Chromium Render Process.) - (1.0.12.10108) = C:\Users\Maestro\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe [19/04/2016 14:48:16] CPU Usage:0 % 5400 | [Owner : Maestro | Parent : 3964(RzSynapse.exe) | 35.09 Mo] - (.Razer, Inc. - Razer Chromium Render Process.) - (1.0.12.10108) = C:\Users\Maestro\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe [19/04/2016 14:48:16] CPU Usage:0 % 3908 | [Owner : Système | Parent : 640(services.exe) | 10.03 Mo] - (.Intel Corporation - User Notification Service.) - (7.0.0.1135) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [09/05/2012 17:33:27] CPU Usage:0 % 8732 | [Owner : Maestro | Parent : 2216(explorer.exe) | 188.52 Mo] - (.Google Inc. - Google Chrome.) - (57.0.2987.133) = C:\Users\Maestro\AppData\Local\Google\Chrome\Application\chrome.exe [09/05/2012 19:24:03] CPU Usage:1 % 8512 | [Owner : Maestro | Parent : 8732(chrome.exe) | 5.83 Mo] - (.Google Inc. - Google Chrome.) - (57.0.2987.133) = C:\Users\Maestro\AppData\Local\Google\Chrome\Application\chrome.exe [09/05/2012 19:24:03] CPU Usage:0 % 8432 | [Owner : Maestro | Parent : 8732(chrome.exe) | 7.67 Mo] - (.Google Inc. - Google Chrome.) - (57.0.2987.133) = C:\Users\Maestro\AppData\Local\Google\Chrome\Application\chrome.exe [09/05/2012 19:24:03] CPU Usage:0 % 4620 | [Owner : Maestro | Parent : 8732(chrome.exe) | 170.81 Mo] - (.Google Inc. - Google Chrome.) - (57.0.2987.133) = C:\Users\Maestro\AppData\Local\Google\Chrome\Application\chrome.exe [09/05/2012 19:24:03] CPU Usage:2 % 8064 | [Owner : Maestro | Parent : 8732(chrome.exe) | 33.27 Mo] - (.Google Inc. - Google Chrome.) - (57.0.2987.133) = C:\Users\Maestro\AppData\Local\Google\Chrome\Application\chrome.exe [09/05/2012 19:24:03] CPU Usage:0 % 7908 | [Owner : Maestro | Parent : 8732(chrome.exe) | 218.26 Mo] - (.Google Inc. - Google Chrome.) - (57.0.2987.133) = C:\Users\Maestro\AppData\Local\Google\Chrome\Application\chrome.exe [09/05/2012 19:24:03] CPU Usage:0 % 8776 | [Owner : Maestro | Parent : 8732(chrome.exe) | 393.36 Mo] - (.Google Inc. - Google Chrome.) - (57.0.2987.133) = C:\Users\Maestro\AppData\Local\Google\Chrome\Application\chrome.exe [09/05/2012 19:24:03] CPU Usage:0 % 7812 | [Owner : Maestro | Parent : 8732(chrome.exe) | 131.75 Mo] - (.Google Inc. - Google Chrome.) - (57.0.2987.133) = C:\Users\Maestro\AppData\Local\Google\Chrome\Application\chrome.exe [09/05/2012 19:24:03] CPU Usage:0 % 3568 | [Owner : Maestro | Parent : 6136() | 26.59 Mo] - (.Bitdefender - Bitdefender Wallet Agent.) - (21.0.25.76) = C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxag.exe [24/04/2017 17:58:05] CPU Usage:0 % 4544 | [Owner : SERVICE RÉSEAU | Parent : 748(svchost.exe) | 14.36 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe [21/11/2010 05:24:15] CPU Usage:1 % 6772 | [Owner : SERVICE RÉSEAU | Parent : 748(svchost.exe) | 8.02 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [21/11/2010 05:24:27] CPU Usage:0 % 9132 | [Owner : Maestro | Parent : 8732(chrome.exe) | 57.16 Mo] - (.Google Inc. - Google Chrome.) - (57.0.2987.133) = C:\Users\Maestro\AppData\Local\Google\Chrome\Application\chrome.exe [09/05/2012 19:24:03] CPU Usage:0 % 1900 | [Owner : Système | Parent : 3884(updatesrv.exe) | 8.87 Mo] - (.Bitdefender - BitDefender Update Downloader.) - (3.0.4.34) = C:\Program Files\Bitdefender\Bitdefender 2017\downloader.exe [24/04/2017 17:58:09] CPU Usage:0 % 8580 | [Owner : Système | Parent : 472(csrss.exe) | 3.46 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (6.1.7601.23714) = C:\Windows\System32\conhost.exe [14/04/2017 09:53:50] CPU Usage:0 % 4496 | [Owner : Maestro | Parent : 2216(explorer.exe) | 33.38 Mo] - (.SosVirus - QuickDiag.) - (23.4.17.2) = C:\Users\Maestro\Desktop\QuickDiag (1).exe [25/04/2017 18:57:33] CPU Usage:0 % 5512 | [Owner : SERVICE RÉSEAU | Parent : 640(services.exe) | 9.2 Mo] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe [21/11/2010 05:23:56] CPU Usage:0 % ---------- | MD5 [MD5.38AE1B3C38FAEF56FE4907922F0385BA] - [12/10/2016 09:31:02] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3154 Ko] - (6.1.7601.23537) : C:\Windows\Explorer.exe [MD5.5746BD7E255DD6A8AFA06F7C42C1BA41] - [21/11/2010 05:23:55] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [337 Ko] - (6.1.7601.17514) : C:\Windows\System32\cmd.exe [MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [14/07/2009 01:19:49] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [7.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\csrss.exe [MD5.A8EDB86FC2A4D6D1285E4C70384AC35A] - [14/07/2009 01:59:17] - (.© Microsoft Corporation. - COM Surrogate.) - [9.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\dllhost.exe [MD5.404C9AE46D67927E434B2D72B183D5DB] - [14/04/2017 09:53:50] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [1136 Ko] - (6.1.7601.23714) : C:\Windows\System32\Kernel32.dll [MD5.D6CCBE51C4FAA41F21BC451AE2C95B97] - [14/04/2017 09:53:46] - (.© Microsoft Corporation. - Local Security Authority Process.) - [30 Ko] - (6.1.7601.23714) : C:\Windows\System32\lsass.exe [MD5.622C96AFB07BB82C8650B47172137AC4] - [27/03/2016 10:13:40] - (.© Microsoft Corporation. - Distributed COM Services.) - [499.5 Ko] - (6.1.7601.19143) : C:\Windows\System32\rpcss.dll [MD5.DD81D91FF3B0763C392422865C9AC12E] - [14/07/2009 01:57:20] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [44.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\rundll32.exe [MD5.71C85477DF9347FE8E7BC55768473FCA] - [15/05/2015 14:19:15] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [321 Ko] - (6.1.7601.18829) : C:\Windows\System32\services.exe [MD5.C78655BC80301D76ED4FEF1C1EA40A7D] - [14/07/2009 01:31:13] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [26.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\svchost.exe [MD5.34BA256FBF83457F9D5E51A56DB54542] - [13/12/2016 20:45:23] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [985.5 Ko] - (6.1.7601.23594) : C:\Windows\System32\user32.dll [MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [21/11/2010 05:24:28] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [30 Ko] - (6.1.7601.17514) : C:\Windows\System32\userinit.exe [MD5.94355C28C1970635A31B3FE52EB7CEBA] - [14/07/2009 01:52:37] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [126 Ko] - (6.1.7600.16385) : C:\Windows\System32\Wininit.exe [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - [15/10/2014 23:38:15] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [444.5 Ko] - (6.1.7601.18540) : C:\Windows\System32\Winlogon.exe [MD5.9A4A1EEE802BF2F878EE8EAB407B21B7] - [18/11/2015 18:30:45] - (.© Microsoft Corporation. Tous droits réservés. - Ancillary Function Driver for WinSock.) - [486 Ko] - (6.1.7601.19031) : C:\Windows\System32\Drivers\afd.sys [MD5.02062C0B390B7729EDC9E69C680A6F3C] - [14/07/2009 01:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\atapi.sys [MD5.059F00DEF82BF41E433B7ED465847726] - [12/09/2013 12:12:03] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [151.94 Ko] - (6.1.7601.18231) : C:\Windows\System32\Drivers\ataport.sys [MD5.B8BD2BB284668C84865658C77574381A] - [14/07/2009 01:19:47] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\cdfs.sys [MD5.F036CE71586E93D94DAB220D7BDF4416] - [21/11/2010 05:23:47] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\cdrom.sys [MD5.9B38580063D281A99E68EF5813022A5F] - [12/10/2016 09:31:40] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [104 Ko] - (6.1.7601.23542) : C:\Windows\System32\Drivers\dfsc.sys [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - [21/11/2010 05:23:47] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [119.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\hdaudbus.sys [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - [14/07/2009 01:19:58] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [103 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\i8042prt.sys [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - [14/07/2009 02:10:03] - (.© Microsoft Corporation. - IP Network Address Translator.) - [113.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\ipnat.sys [MD5.2EB36DF5E373FCD1783F941A85803F9F] - [14/04/2017 09:53:50] - (.© Microsoft Corporation. - Windows NT SMB Minirdr.) - [156 Ko] - (6.1.7601.23714) : C:\Windows\System32\Drivers\mrxsmb.sys [MD5.F7309F42555F8AAB7144A51A1F2585B0] - [18/11/2015 18:30:39] - (.© Microsoft Corporation. Tous droits réservés. - Pilote NDIS 6.20.) - [928.44 Ko] - (6.1.7601.19030) : C:\Windows\System32\Drivers\ndis.sys [MD5.E47D571FEC2C76E867935109AB2A770C] - [15/06/2016 20:48:16] - (.© Microsoft Corporation. - MBT Transport driver.) - [256 Ko] - (6.1.7601.23451) : C:\Windows\System32\Drivers\netbt.sys [MD5.47B2D0B31BDC3EBE6090228E2BA3764D] - [09/03/2016 17:28:41] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [1644.94 Ko] - (6.1.7601.19116) : C:\Windows\System32\Drivers\ntfs.sys [MD5.0086431C29C35BE1DBC43F52CC273887] - [14/07/2009 02:00:41] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [95 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\parport.sys [MD5.471815800AE33E6F1C32FB1B97C490CA] - [21/11/2010 05:24:33] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [126.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\rasl2tp.sys [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - [14/07/2009 02:09:09] - (.© Microsoft Corporation. - SMB Transport driver.) - [91 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\smb.sys [MD5.B2875D7ABB82867DC3AA03D991940201] - [15/09/2016 10:19:11] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [1851.73 Ko] - (6.1.7601.23496) : C:\Windows\System32\Drivers\tcpip.sys [MD5.AA77EB517D2F07A947294F260E3ACA83] - [18/11/2015 18:30:45] - (.© Microsoft Corporation. - TDI Translation Driver.) - [115.5 Ko] - (6.1.7601.19031) : C:\Windows\System32\Drivers\tdx.sys [MD5.0D08D2F3B3FF84E433346669B5E0F639] - [21/11/2010 05:23:47] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [288.88 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) (.BitDefender S.R.L. Bucharest, ROMANIA.-.BitDefender Active Virus Control Usermode Filtering Library.) - (3.12.17257.6492) -- C:\Program Files\Bitdefender\Bitdefender 2017\Active Virus Control\Avc3_00116_016\avcuf64.dll (.Google.-.Google Drive shell extension.) - (2.34.5075.1619) -- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (..-..) - (14.0.7109.5000) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf (.Fraunhofer Institut Integrierte Schaltungen IIS.-.MPEG Layer-3 Audio Codec for MSACM.) - (1.9.0.401) -- C:\Windows\System32\l3codeca.acm (.Bitdefender.-.Product Info Library.) - (21.0.25.80) -- C:\Program Files\Bitdefender\Bitdefender 2017\IServConfig.dll (.Bitdefender.-.Bitdefender File Shredder Shell Extension.) - (21.0.25.80) -- C:\Program Files\Bitdefender\Bitdefender 2017\lang\fr-FR\fshredctx.txtui (.WinZip Computing, S.L..-.WinZip Shell Extension DLL.) - (4.1.0.0) -- C:\Program Files\WinZip\wzshls64.dll (.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 378.66.) - (21.21.13.7866) -- C:\Windows\system32\nvapi64.dll (.NVIDIA Corporation.-.NVIDIA Display Shell Extension.) - (1.2.0.1) -- C:\Windows\system32\nvshext.dll (.Bitdefender.-.BDShellExt Module.) - (21.0.25.76) -- C:\Program Files\Bitdefender\Bitdefender 2017\bdshellext.dll (.Bitdefender.-.BDShellExt Module.) - (21.0.25.80) -- C:\Program Files\Bitdefender\Bitdefender 2017\lang\fr-FR\bdshellext.txtui (.Bitdefender.-.Bitdefender File Shredder Shell Extension.) - (21.0.25.76) -- C:\Program Files\Bitdefender\Bitdefender 2017\fshredctx.dll (..-..) - (4.11.0.0) -- C:\Program Files\WinRAR\rarext.dll (.TODO: .-.TODO: .) - (1.0.0.1) -- C:\Program Files\Roxio\Roxio Burn\RB_ContextMenu64.dll (.Google.-.Google Drive shell extension.) - (2.34.5075.1619) -- C:\Program Files (x86)\Google\Drive\contextmenu64.dll (.NVIDIA Corporation.-.NVIDIA Shell Extensions.) - (8.17.13.7866) -- C:\Windows\system32\nv3dappshext.dll ---------- | Svchost.exe component call (Microsoft Files Whitelisted) (.BitDefender S.R.L. Bucharest, ROMANIA.-.BitDefender Active Virus Control Usermode Filtering Library.) - (3.12.17257.6492) -- C:\Program Files\Bitdefender\Bitdefender 2017\Active Virus Control\Avc3_00116_016\avcuf64.dll (.Apple Inc..-.Bonjour Namespace Provider.) - (3.1.0.1) -- C:\Program Files\Bonjour\mdnsNSP.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU Google Update - (C:\Users\Maestro\AppData\Local\Google\Update\1.3.33.3\GoogleUpdateCore.exe [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\SOFTWARE\...\Run]) - User: Maestro-PC\Maestro DAEMON Tools Lite - ("C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\SOFTWARE\...\Run]) - User: Maestro-PC\Maestro ShadowPlay - ("C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"=C:\Users\Maestro\AppData\Local\Google\Update\1.3.33.3\GoogleUpdateCore.exe [14/04/2017 09:36:50] "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=Envoyer à OneNote 2010,winspool,nul: "UserSelectedDefault"=1 [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "ShadowPlay"="C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "IconServiceLib"=IconCodecService.dll "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "GDIProcessHandleQuota"=10000 "ShutdownWarningDialogTimeout"=4294967295 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 ""=mnmsrvc "DeviceNotSelectedTimeout"=15 "Spooler"=yes "TransmissionRetryTimeout"=90 "LoadAppInit_DLLs"=0 "AppInit_DLLs"= [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] ""= "Razer Synapse"="C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" "RemoteView5 Tray"="C:\Program Files (x86)\Samsung\Remote PC\rvagtray.exe" /background [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] "IconServiceLib"=IconCodecService.dll "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "GDIProcessHandleQuota"=10000 "ShutdownWarningDialogTimeout"=4294967295 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 ""=mnmsrvc "DeviceNotSelectedTimeout"=15 "Spooler"=yes "TransmissionRetryTimeout"=90 "LoadAppInit_DLLs"=0 "AppInit_DLLs"= [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Wininit.ini : [Rename] NUL=7za.exe NUL=C:\Users\Maestro\AppData\Local\Temp\nssE580.tmp\7za.exe NUL=C:\Users\Maestro\AppData\Local\Temp\nssE580.tmp\INSTAL~1.EXE NUL=C:\Users\Maestro\AppData\Local\Temp\nssE580.tmp\ ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List Adobe Acrobat Update Task Adobe Flash Player PPAPI Notifier Adobe Flash Player Updater Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 CCleanerSkipUAC GoogleUpdateTaskMachineCore GoogleUpdateTaskMachineUA GoogleUpdateTaskUserS-1-5-21-2687808087-1106675009-1755940479-1000Core GoogleUpdateTaskUserS-1-5-21-2687808087-1106675009-1755940479-1000UA GoogleUpdateTaskUserS-1-5-21-2687808087-1106675009-1755940479-1000UA1d15b4a8b774fd5 GoogleUpdateTaskUserS-1-5-21-2687808087-1106675009-1755940479-1000UA1d1abbf3aa53764 NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} {1BCFF52D-D6FB-4ADC-92FC-875FF932F1F3} {4C3FB61F-B36F-4CD6-8339-55F501584210} {C559D284-335D-4EDD-A8DA-56C4DC45550A} ---------- | Startings up registry ¦ Folder [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AccuWeatherWidget] : "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] : "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] : "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] : "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BlueStacks Agent] : C:\Program Files (x86)\BlueStacks\HD-Agent.exe [07/10/2014 15:35:06] [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Broadcom Wireless Manager UI] : C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [09/05/2012 17:31:32] [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] : "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] : "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellStage] : "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Desktop Disc Tool] : "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DigipassNativeBridge] : "C:\Users\Maestro\AppData\Local\VASCO\NativeBridge\digipass-nativebridge-monitor.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EvtMgr6] : C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update] : "C:\Users\Maestro\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] : "C:\Users\Maestro\AppData\Local\Google\Update\GoogleUpdate.exe" /c [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] : "C:\Program Files\iTunes\iTunesHelper.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Kernel and Hardware Abstraction Layer] : KHALMNPR.EXE [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Kraken71ChromaHelper] : C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe /start [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Logitech Download Assistant] : C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvBackend] : "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OfficeSyncProcess] : "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteView5 Tray] : "C:\Program Files (x86)\Samsung\Remote PC\rvagtray.exe" /background [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RESTART_STICKY_NOTES] : C:\Windows\System32\StikyNot.exe [14/07/2009 01:57:57] [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RoxWatchTray] : "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ShadowPlay] : "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] : "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\THX Audio Control Panel] : "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdReg] : C:\Windows\UpdReg.EXE [09/05/2012 18:15:01] [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Viber] : "C:\Users\Maestro\AppData\Local\Viber\Viber.exe" StartMinimized [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\XboxStat] : "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\{208D25F6-23DF-4CD4-8081-03CA179A2ED9}] : "E:\Setup.exe" /cmdloc "HKCU\Software\Ubisoft AiTemp\{208D25F6-23DF-4CD4-8081-03CA179A2ED9}" ---------- | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "RCDependentServices"=CertPropSvc SessionEnv "NotificationTimeOut"=0 "SnapshotMonitors"=1 "ProductVersion"=5.1 "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "fDenyTSConnections"=1 "StartRCM"=0 "TSAdvertise"=0 "DeleteTempDirsOnExit"=1 "fSingleSessionPerUser"=1 "PerSessionTempDir"=0 "TSUserEnabled"=0 "InstanceID"=3dcbab0a-decf-409b-adf9-af53b3f "fCredentialLessLogonSupported"=1 "fCredentialLessLogonSupportedTSS"=1 "fCredentialLessLogonSupportedKMRDP"=1 [HKLM\System\CurrentControlSet\Control\Session Manager] "CriticalSectionTimeout"=2592000 "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "ProcessorControl"=2 "ResourceTimeoutCount"=648000 "BootExecute"=autocheck autochk * "ExcludeFromKnownDlls"= "ObjectDirectories"=\Windows \RPC Control "ProtectionMode"=1 "NumberOfInitialSessions"=2 "SetupExecute"= [HKLM\System\CurrentControlSet\Control] "PreshutdownOrder"=wuauserv gpsvc trustedinstaller "WaitToKillServiceTimeout"=200 "CurrentUser"=USERNAME "BootDriverFlags"=0 "ServiceControlManagerExtension"=%systemroot%\system32\scext.dll "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(3) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(2) [HKLM\System\CurrentControlSet\Control\lsa] "auditbaseobjects"=0 "auditbasedirectories"=0 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "Bounds"=0x0030000000200000 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=scecli "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u livessp "Authentication Packages"=msv1_0 "LsaPid"=648 "SecureBoot"=1 "ProductType"=3 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 ---------- | .LNK with Arguments ---------- | AppCertDlls ---------- | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Control Panel\Desktop] "ScreenSaveActive"=1 "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=0 "LeftOverlapChars"=3 "MenuShowDelay"=400 "PaintDesktopVersion"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "UserPreferencesMask"=0x9E3E078012000000 "Wallpaper"=C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg [10/05/2012 02:01:48] "Pattern Upgrade"=TRUE "ActiveWndTrkTimeout"=500 "LogPixels"=96 "WaitToKillAppTimeout"=200 [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003028000000000000000000000000000001000000120000000000000022000000 "CleanShutdown"=0 "link"=0x1E000000 "Browse For Folder Width"=347 "Browse For Folder Height"=346 [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "ShowCompColor"=1 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=4 "EnableBalloonTips"=1 "TaskbarSizeMove"=1 "DisablePreviewDesktop"=0 "TaskbarSmallIcons"=0 "TaskbarGlomLevel"=2 "Start_PowerButtonAction"=2 ""=0 [HKLM\Software\Policies\Microsoft\Windows\System] "DisableCMD"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "DisableTaskMgr"=0 "DisableRegistryTools"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "NoRun"=0 "NoControlPanel"=0 "NoDriveTypeAutoRun"=60 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=56 ""= [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\System] "DisableCMD"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "DisableTaskMgr"=0 "DisableRegistryTools"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "NoRun"=0 "NoControlPanel"=0 "NoDriveTypeAutoRun"=60 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=398 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin "BuildNumber"=7601 "FirstLogon"=0 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Userinit"=C:\Windows\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "ShutdownWithoutLogon"=0 "WinStationsDisabled"=0 "DisableCAD"=1 "scremoveoption"=0 "ShutdownFlags"=43 "AutoAdminLogon"=0 "DefaultUserName"=Maestro [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "DefaultDomainName"= "DefaultUserName"= "Userinit"=userinit.exe "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""="%SystemRoot%\system32\NOTEPAD.EXE" %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] "PerceivedType"=text ""=htafile "Content Type"=application/hta [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" %* [HKLM\Software\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""="%SystemRoot%\system32\NOTEPAD.EXE" %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] "PerceivedType"=text ""=htafile "Content Type"=application/hta [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\WOW6432Node\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Users\Maestro\AppData\Local\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Users\Maestro\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [14/04/2017 09:53:52] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Users\Maestro\AppData\Local\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Users\Maestro\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [14/04/2017 09:53:52] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\dell\drivers\R283190\setup.exe"=1 "C:\dell\drivers\R283190\Win64\setup.exe"=1 "SIGN.MEDIA=270FD92 autoRcd.exe"=1 "C:\dell\drivers\0CPMH\Setup.exe"=1 "C:\dell\drivers\0CPMH\Win64\setup.exe"=1 "C:\dell\drivers\R300480\Install.exe"=1 "SIGN.MEDIA=35494DC8 Setup.exe"=1 "SIGN.MEDIA=FF07E34D setup.exe"=1 "SIGN.MEDIA=DD8A9836 Setup.exe"=1 "SIGN.MEDIA=727386 setup.exe"=1 "SIGN.MEDIA=6FF273C7 Setup.exe"=1 "SIGN.MEDIA=71B567E6 setup.exe"=1 "SIGN.MEDIA=E56FC9E9 setup.exe"=1 "SIGN.MEDIA=D734FECF Installer.exe"=1 "SIGN.MEDIA=0 OriginInstaller.exe"=1 "C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe"=1 "SIGN.MEDIA=16C438 Setup.exe"=1 "C:\Program Files\iTunes\iTunes.exe"=512 "SIGN.MEDIA=C057BF92 setup.exe"=1 "C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe"=1 "C:\Program Files (x86)\World of Warcraft\World of Warcraft Launcher.exe"=1 "SIGN.MEDIA=2FBFF5F8 Setup.exe"=1 "C:\ProgramData\NVIDIA Corporation\Downloader\11fd3931c5aa0a79e5f91ddb3de8bfc2\GeForce_Experience_Update_v3.5.0.70.exe"=1 "SIGN.MEDIA=256C03A4 autorun.exe"=1 ---------- | IFEO ---------- | Mountpoints2 [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{0c4a2213-f08f-11e1-89e3-d4bed989de09}] : J:\LaunchU3.exe -a (AutoRun) [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{dee45894-d9aa-11e1-8496-d4bed989de09}] : E:\LaunchU3.exe -a (AutoRun) ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=128920218544262440 "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=1 "DisableRoutinelyTakingAction"=0 "ProductStatus"=0 "InstallTime"=0x53FB00C4EC2DCD01 [HKLM\Software\WOW6432Node\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 "DefaultInboundAction"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 "DefaultInboundAction"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 "DefaultInboundAction"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] ---------- | Winsock (Whitelist) ---------- | Hosts ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [2a00:1450:400e:808::200e] avec 32 octets de donn?es?: R?ponse de 2a00:1450:400e:808::200e?: temps=29 ms R?ponse de 2a00:1450:400e:808::200e?: temps=28 ms R?ponse de 2a00:1450:400e:808::200e?: temps=36 ms R?ponse de 2a00:1450:400e:808::200e?: temps=33 ms Statistiques Ping pour 2a00:1450:400e:808::200e: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 28ms, Maximum = 36ms, Moyenne = 31ms ---------- | @ [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\Windows\system32\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "XMLHTTP"=1 "NoUpdateCheck"=0 "UseClearType"=no "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=about:blank "DisableFirstRunCustomize"=1 "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF97030000280000004B07000057030000 "NotifyDownloadComplete"=yes "Use FormSuggest"=no "Check_Associations"=no "DisableScriptDebuggerIE"=yes "IconCache"=9vmzlsj "Use Search Asst"=no "DownloadWindowPlacement"=0x2C0000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF50020000F1000000D0040000D1020000 "OperationalData"=5 "Isolation"=PMIL "ImageStoreRandomFolder"=kseovbs "SmoothScroll"=1 "IEWatsonDisabled"=1 "Start Page_TIMESTAMP"=0xA1F033668DCBD101 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"= "Start Page Redirect Cache"=http://www.msn.com/fr-be/?pc=UE07&ocid=UE07DHP "Start Page Redirect Cache_TIMESTAMP"=0x6057F368C0E4D101 "Start Page Redirect Cache AcceptLangs"=fr-BE "DefSpellLang"=fr-BE [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "WarnOnPost"=0x01000000 "UrlEncoding"=0 "SecureProtocols"=2688 "PrivacyAdvanced"=0 "ZonesSecurityUpgrade"=0x02EA836D2BE6CE01 "DisableCachingOfSSLPages"=1 "WarnonZoneCrossing"=0 "CertificateRevocation"=1 "EnableNegotiate"=1 "ProxyEnable"=0 "MigrateProxy"=1 "RefreshRate"=0 "ProxyOverride"=*.local "ProxyHttp1.1"=1 "WarNonBadCertReceving"=1 "WarNonHTTPSToHTTPRedirect"=1 [HKLM\Software\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=about:blank "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Check_Associations"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=about:blank "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Enable Browser Extensions"=yes "Use Search Asst"=no "Check_Associations"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ GoogleDriveBlacklisted] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} -- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [21/03/2017 08:15:16] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ GoogleDriveSynced] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} -- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [21/03/2017 08:15:16] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ GoogleDriveSyncing] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} -- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [21/03/2017 08:15:16] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- %SystemRoot%\system32\EhStorShell.dll [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7} -- C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [19/12/2013 01:44:34] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} -- C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [19/12/2013 01:44:34] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399} -- C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [19/12/2013 01:44:34] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619} -- C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [19/12/2013 01:44:34] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} -- C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [19/12/2013 01:44:34] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\KAVOverlayIcon] - {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} -- %SystemRoot%\system32\ntshrui.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- %SystemRoot%\system32\EhStorShell.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7} -- C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [19/12/2013 01:41:02] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} -- C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [19/12/2013 01:41:02] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399} -- C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [19/12/2013 01:41:02] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619} -- C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [19/12/2013 01:41:02] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} -- C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [19/12/2013 01:41:02] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\KAVOverlayIcon] - {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} -- %SystemRoot%\system32\ntshrui.dll [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=Groove GFS Stub Execution Hook [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=Groove GFS Stub Execution Hook ---------- | Toolbar [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 "ShowDiscussionButton"=Yes [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "ITBar7Height"=22 "ITBar7Layout"=0x13000000000000000000000020000000100001001600000001000000800600005E010000060000008100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000530CAC1D237DB34A856AB04D98CD982A0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ITBar7Layout64"=0x13000000000000000000000020000000100003001600000001000000000700005E01000006000000010300000000000007000000810000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000048BEBB0ED4BA4C4B8E5A516ABECAE064530CAC1D237DB34A856AB04D98CD982A00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ITBar7Height64"=22 "{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}"=0x530CAC1D237DB34A856AB04D98CD982A [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DownloadRetries"=0 "Version"=4 "UpgradeTime"=0x80F1DEDF5606D001 "KnownProvidersUpgradeTime"=0x012AA749AE0ECF01 "DefaultPackCorrection"=1 "DefaultPackNTCorrection"=1 "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}"=0 [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}"=0 ---------- | Extensions [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping] : () - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (&Envoyer à OneNote) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (Notes &liées OneNote) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F}] : (@C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (&Envoyer à OneNote) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (Notes &liées OneNote) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F}] : (Envoyer au périphérique &Bluetooth...) - [] ---------- | SearchScopes [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 : [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3B9D54FD-3F2F-4520-90E4-2B1BD3A0253F}] - (Google) - http://www.google.com/search?hl=en&q={searchTerms} : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - () - : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}] -> (Bitdefender Wallet) : C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [24/04/2017 17:57:11] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] -> (Groove GFS Browser Helper) : C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [19/12/2013 01:41:02] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -> (Programme d’aide de l’Assistant de connexion au compte Microsoft) : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [17/07/2012 15:51:50] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}] -> (Logitech SetPoint) : C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [26/08/2015 03:16:26] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] -> (Office Document Cache Handler) : C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [06/03/2013 08:37:48] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}] -> (Bitdefender Wallet) : C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [24/04/2017 17:57:11] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] -> (Groove GFS Browser Helper) : C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [19/12/2013 01:41:02] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [22/12/2015 12:32:22] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -> (Programme d’aide de l’Assistant de connexion au compte Microsoft) : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [17/07/2012 15:51:50] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}] -> (Logitech SetPoint) : C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [26/08/2015 03:16:26] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] -> () : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] -> (Office Document Cache Handler) : C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [06/03/2013 08:37:48] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [22/12/2015 12:32:22] ---------- | Chrome C:\Users\Maestro\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Maestro\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\Maestro\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\Maestro\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf = : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx C:\Users\Maestro\AppData\Local\Google\Chrome\User Data\Default\extensions\efaidnbmnnnibpcajpcglclefindmkaj = : __MSG_web2pdfExtnDescription__ - __MSG_web2pdfExtnName__ - https://clients2.google.com/service/update2/crx C:\Users\Maestro\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Maestro\AppData\Local\Google\Chrome\User Data\Default\extensions\fheoggkfdfchfphceeifdbepaooicaho = : McAfee® WebAdvisor - McAfee® WebAdvisor - permissions:[tabs\u003Call_urls>downloadsnativeMessagingwebRequest] - https://clients2.google.com/service/update2/crx C:\Users\Maestro\AppData\Local\Google\Chrome\User Data\Default\extensions\gannpgaobkkhmpomoijebaigcapoeebl = : Automatically fills your logins online while keeping them completely secured. - Bitdefender Wallet - permissions:[tabswebNavigationnativeMessaging\u003Call_urls>] - http://clients2.google.com/service/update2/crx C:\Users\Maestro\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Maestro\AppData\Local\Google\Chrome\User Data\Default\extensions\gighmmpiobklfepjocnamgkkbiglidom = : __MSG_description__ - short_name: __MSG_name__ - https://clients2.google.com/service/update2/crx C:\Users\Maestro\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Maestro\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx C:\Users\Maestro\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx [HKLM\Software\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\gannpgaobkkhmpomoijebaigcapoeebl] ---------- | Opera ---------- | Firefox [HKLM\Software\mozilla\Firefox\Extensions] "bdwteffv20@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff\ [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=C:\Program Files (x86)\McAfee\SiteAdvisor "{F003DA68-8256-4b37-A6C4-350FA04494DF}"=C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt "belgiumeid@eid.belgium.be"=C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be "bdwteffv20@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff\ [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Users\Maestro\AppData\Local\Google\Update\1.3.33.3\npGoogleUpdate3.dll [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Users\Maestro\AppData\Local\Google\Update\1.3.33.3\npGoogleUpdate3.dll [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\MozillaPlugins\ubisoft.com/uplaypc] - () : C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 25.0.0.148 Plugin) : C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE] - () : C:\Windows\system32\Wat\npWatWeb.dll [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] - (Office Authorization plug-in for NPAPI browsers) : C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 25.0.0.148 Plugin) : C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Apple.com/iTunes,version=] - (Module iTunes Detector) : [HKLM\Software\WOW6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0] - () : C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4] - (ESN Sonar browser plugin) : C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0] - () : C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.66.2] - (Java™ Deployment Toolkit) : C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.66.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/GENUINE] - () : C:\Windows\system32\Wat\npWatWeb.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] - (Office Authorization plug-in for NPAPI browsers) : C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3522.0110] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVision] - (NVIDIA stereo images plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] - (NVIDIA 3D Vision Streaming plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin] - (This plugin detects and launches Pando Media Booster) : C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=109.88.203.3 62.197.111.140 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{411B99D8-E160-4868-8289-476F3C666F9A}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{58AA6076-46BC-40D2-9598-F673BEA66076}] "DhcpNameServer"=192.168.42.129 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{A28EE6D5-EC11-4D24-9E70-B9330BB98EE9}] "DhcpNameServer"=109.88.203.3 62.197.111.140 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{411B99D8-E160-4868-8289-476F3C666F9A}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{58AA6076-46BC-40D2-9598-F673BEA66076}] "DhcpNameServer"=192.168.42.129 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{A28EE6D5-EC11-4D24-9E70-B9330BB98EE9}] "DhcpNameServer"=109.88.203.3 62.197.111.140 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{411B99D8-E160-4868-8289-476F3C666F9A}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{58AA6076-46BC-40D2-9598-F673BEA66076}] "DhcpNameServer"=192.168.42.129 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{A28EE6D5-EC11-4D24-9E70-B9330BB98EE9}] "DhcpNameServer"=109.88.203.3 62.197.111.140 ---------- | Applications [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\SOFTWARE\Classes\Applications\uTorrent.exe] : "C:\Program Files (x86)\uTorrent\uTorrent.exe" "%1" [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\SOFTWARE\Classes\Applications\Viber.exe] : "C:\Users\Maestro\AppData\Local\Viber\Viber.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\iTunes.exe] : "C:\Program Files\iTunes\iTunes.exe" /open "%L" [HKLM\SOFTWARE\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\ois.exe] : C:\PROGRA~1\MICROS~3\Office14\OIS.EXE /shellOpen "%1" [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\SC2Editor.exe] : "C:/Program Files (x86)/StarCraft II/Support/SC2Editor.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\SC2Switcher.exe] : "C:/Program Files (x86)/StarCraft II/Support/SC2Switcher.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\WLXPhotoGallery.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iTunes.exe] : "C:\Program Files\iTunes\iTunes.exe" /open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ois.exe] : C:\PROGRA~1\MICROS~3\Office14\OIS.EXE /shellOpen "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\SC2Editor.exe] : "C:/Program Files (x86)/StarCraft II/Support/SC2Editor.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\SC2Switcher.exe] : "C:/Program Files (x86)/StarCraft II/Support/SC2Switcher.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WLXPhotoGallery.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "regsvc"=RemoteRegistry "DcomLaunch"=Power PlugPlay DcomLaunch "secsvcs"=WinDefend "bthsvcs"=bthserv "GPSvcGroup"=GPSvc [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power PlugPlay DcomLaunch ---------- | SvcHost - Netsvcs (Whitelist) Term - : ---------- | Software [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\43966InstEnd] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\AC3Filter] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Adobe] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Ankama] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\AppDataLow] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Apple Computer, Inc.] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Apple Inc.] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Audacity] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\BEID] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\BIOSFLASH] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Bitdefender] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\BitTorrent] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Blizzard Entertainment] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Broadcom] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Brother] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Bugsplat] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Caphyon] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Chromium] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Citrix] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Clients] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Colossal Order] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Creative Tech] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\CreativePark] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Dell] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Dell Computer Corporation] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\DT Soft] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Elcom] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\FLEXlm License Manager] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\FLT] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\g3n-h@ckm@n] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\GOG.com] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Google] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\HookNetwork] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\IM Providers] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Intelore] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\JavaSoft] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Leadertech] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Licenses] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\LogiShrd] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Logitech] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Macromedia] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Macrovision] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Malwarebytes] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\MetaQuotes Software] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Microsoft] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Midgar Studio] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\MozillaPlugins] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Netscape] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Nico Mak Computing] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\NVIDIA Corporation] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\ODBC] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Payload] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Piriform] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Policies] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\QtProject] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Razer] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\redsn0w] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Roxio] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Skype] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\SkypeRS] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Sonic] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\SUPERAntiSpyware.com] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Sysinternals] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Trolltech] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Turtle Beach] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Ubisoft] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Ubisoft AiTemp] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Unity] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Valve] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\VASCO] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Viber] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\WIDCOMM] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\WinRAR] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\WinRAR SFX] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\WinZip Computing] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Wow6432Node] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\ZebHelpProcess Helper] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\ZHP] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\SOFTWARE\AppDataLow\Software\JavaSoft] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\AdsFix] [HKLM\Software\AGEIA Technologies] [HKLM\Software\Alienware] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\ArenaNet] [HKLM\Software\ATI Technologies] [HKLM\Software\AVC3] [HKLM\Software\BitDefender] [HKLM\Software\Bitdefender Agent] [HKLM\Software\BlueStacks] [HKLM\Software\Broadcom] [HKLM\Software\CBSTEST] [HKLM\Software\Clients] [HKLM\Software\Creative Tech] [HKLM\Software\Dell] [HKLM\Software\Fingertapps] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\GEAR Software] [HKLM\Software\Google] [HKLM\Software\Ignis] [HKLM\Software\IM Providers] [HKLM\Software\Intel] [HKLM\Software\KasperskyLab] [HKLM\Software\Khronos] [HKLM\Software\Logishrd] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nico Mak Computing] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\PC-Doctor] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Razer] [HKLM\Software\RegisteredApplications] [HKLM\Software\Sonic] [HKLM\Software\SUPERAntiSpyware.com] [HKLM\Software\Sysinternals] [HKLM\Software\TeamSpeak 3 Client] [HKLM\Software\Widcomm] [HKLM\Software\WinRAR] [HKLM\Software\Wow6432Node] [HKLM\Software\ZSMC] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\Help] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GPSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\AviSynth] [HKLM\Software\WOW6432Node\BcmSetup] [HKLM\Software\WOW6432Node\BEID] [HKLM\Software\WOW6432Node\Bitdefender] [HKLM\Software\WOW6432Node\Bitdefender Agent] [HKLM\Software\WOW6432Node\Blizzard Entertainment] [HKLM\Software\WOW6432Node\BlueStacks] [HKLM\Software\WOW6432Node\Brother] [HKLM\Software\WOW6432Node\Bunndle] [HKLM\Software\WOW6432Node\Caphyon] [HKLM\Software\WOW6432Node\Creative Tech] [HKLM\Software\WOW6432Node\Cyberlink] [HKLM\Software\WOW6432Node\Debug] [HKLM\Software\WOW6432Node\Dell] [HKLM\Software\WOW6432Node\Dell Computer Corporation] [HKLM\Software\WOW6432Node\DT Soft] [HKLM\Software\WOW6432Node\EA Games] [HKLM\Software\WOW6432Node\EA Games/Battlefield 4] [HKLM\Software\WOW6432Node\Elcom] [HKLM\Software\WOW6432Node\ESN Launcher] [HKLM\Software\WOW6432Node\ESN Sonar-0.70.4] [HKLM\Software\WOW6432Node\GOG.com] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\illiminable] [HKLM\Software\WOW6432Node\IM Providers] [HKLM\Software\WOW6432Node\InstallShield] [HKLM\Software\WOW6432Node\InstallShieldPendingOperation] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\KasperskyLab] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\logishrd] [HKLM\Software\WOW6432Node\Logitech] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Macrovision] [HKLM\Software\WOW6432Node\MAGIX] [HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\MicroVision] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Nico Mak Computing] [HKLM\Software\WOW6432Node\NoRemove'Microsoft'] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\Oracle] [HKLM\Software\WOW6432Node\Panzar Studio] [HKLM\Software\WOW6432Node\PC-Doctor] [HKLM\Software\WOW6432Node\PocketSoft] [HKLM\Software\WOW6432Node\Razer] [HKLM\Software\WOW6432Node\Razer Chroma SDK] [HKLM\Software\WOW6432Node\Riot Games] [HKLM\Software\WOW6432Node\Roxio] [HKLM\Software\WOW6432Node\RSUPPORT] [HKLM\Software\WOW6432Node\Samsung] [HKLM\Software\WOW6432Node\Sensible Vision] [HKLM\Software\WOW6432Node\Skype] [HKLM\Software\WOW6432Node\Sonic] [HKLM\Software\WOW6432Node\Sysinternals] [HKLM\Software\WOW6432Node\Ubisoft] [HKLM\Software\WOW6432Node\Valve] [HKLM\Software\WOW6432Node\VideoLAN] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\Yahoo] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ---------- | Drives ---------- | C: [14/07/2009 05:18:56] - |SHD| - [77730] - C:\$Recycle.Bin [13/12/2013 01:30:26] - |D| - [90708896] - C:\1e66b599c7ecfb0e06fda2427c559c [MD5.BBE68423267C32F166D797CA82E39740] - [07/01/2017 15:38:32] - |A| - (.-.) - [62971] - (0.0.0.0) - C:\bdlog.txt [MD5.C7FD70F69C7792256EED17FBDD83484F] - [07/01/2017 15:34:59] - |AH| - (.-.) - [3271472] - (0.0.0.0) - C:\bdr-bz01 [MD5.8AE0D73C2553F2614AB27F96C5F96967] - [07/01/2017 15:36:23] - |AH| - (.-.) - [684] - (0.0.0.0) - C:\bdr-cf01 [MD5.13DB54E64CE7C37A2E6265C045D96CDA] - [07/01/2017 15:34:59] - |AH| - (.-.) - [49758588] - (0.0.0.0) - C:\bdr-im01.gz [MD5.8E83A0EAB3AD8599EA4CC21F18564B2D] - [07/01/2017 15:34:59] - |AH| - (.-.) - [253404] - (0.0.0.0) - C:\bdr-ld01 [MD5.0F6AA65A6E1037C915DD38A8109ACAFE] - [07/01/2017 15:34:59] - |AH| - (.-.) - [9216] - (0.0.0.0) - C:\bdr-ld01.mbr [16/01/2014 02:03:55] - |D| - [86054176] - C:\c09edf66fe0491abee [25/12/2015 13:32:51] - |D| - [0] - C:\Data [MD5.4DCA5F3A2BDC89179B2885CA4202F7E5] - [23/12/2015 22:43:29] - |A| - (.-.) - [550] - (0.0.0.0) - C:\DelFix.txt [09/05/2012 17:14:39] - |D| - [1311801644] - C:\dell [14/07/2009 07:08:56] - |SHD| - [0] - C:\Documents and Settings [10/05/2012 02:01:48] - |D| - [0] - C:\Drivers [24/12/2015 10:38:22] - |D| - [0] - C:\HeroesData [MD5.D41D8CD98F00B204E9800998ECF8427E] - [26/12/2015 08:02:26] - |ASH| - (.-.) - [6428643328] - (0.0.0.0) - C:\hiberfil.sys [10/05/2012 02:01:48] - |D| - [0] - C:\Hotfix [09/05/2012 17:28:24] - |D| - [500904] - C:\Intel [MD5.D41D8CD98F00B204E9800998ECF8427E] - [01/12/2006 23:37:14] - |A| - (.-.) - [904704] - (0.0.0.0) - C:\msdia80.dll [16/03/2013 00:13:58] - |RHD| - [828206174] - C:\MSOCache [20/08/2013 10:03:39] - |D| - [0] - C:\NvidiaLogging [MD5.D41D8CD98F00B204E9800998ECF8427E] - [09/05/2012 16:02:41] - |ASH| - (.-.) - [8571527168] - (0.0.0.0) - C:\pagefile.sys [14/07/2009 05:20:08] - |D| - [0] - C:\PerfLogs [14/07/2009 05:20:08] - |D| - [18263189148] - C:\Program Files [14/07/2009 05:20:08] - |RD| - [176762939463] - C:\Program Files (x86) [14/07/2009 05:20:08] - |HD| - [85682809044] - C:\ProgramData [25/04/2017 18:45:10] - |D| - [119676] - C:\QuickDiag [MD5.64E6F35BB2501CF7D857F59643DD029C] - [25/04/2017 18:52:04] - |A| - (.-.) - [142709] - (0.0.0.0) - C:\QuickDiag.txt [09/05/2012 16:09:41] - |SHD| - [295090159] - C:\Recovery [22/05/2014 12:49:01] - |D| - [0] - C:\SUPERDelete [09/05/2012 16:02:40] - |SHD| - [0] - C:\System Volume Information [22/12/2015 13:23:33] - |D| - [10134] - C:\temp [17/12/2012 12:59:50] - |D| - [0] - C:\Turtle Beach [14/07/2009 05:20:08] - |RD| - [1432391076898] - C:\Users [14/07/2009 05:20:08] - |D| - [61086223330] - C:\Windows ---------- | C:\Windows [14/07/2009 07:32:38] - |D| - [802] - C:\Windows\addins [14/07/2009 05:20:08] - |D| - [28641718] - C:\Windows\AppCompat [14/07/2009 05:20:08] - |D| - [11036508] - C:\Windows\AppPatch [14/07/2009 05:20:08] - |RSD| - [1634576014] - C:\Windows\assembly [MD5.3857D1C055ADF4854E09D9A1F1910F4D] - [07/09/2012 00:54:12] - |A| - (.-.) - [1129] - (0.0.0.0) - C:\Windows\AZPR3.INI [MD5.317CD1CE327B6520BF4EE007BCD39E61] - [21/11/2010 05:24:22] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [71168] - (6.1.7601.17514) - C:\Windows\bfsvc.exe [14/07/2009 05:20:09] - |D| - [29189358] - C:\Windows\Boot [MD5.C0C60EB3C3B0248BA3D746239F916FB6] - [14/07/2009 07:38:36] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [14/07/2009 05:20:09] - |D| - [3233280] - C:\Windows\Branding [MD5.CBAD4C1F41BF88C5DE0C5FD37A357284] - [29/12/2014 18:51:27] - |A| - (.-.) - [13055] - (0.0.0.0) - C:\Windows\BRRBCOM.INI [MD5.9130CCE19B5DB3D2E31F9F789263FC4A] - [07/01/2017 15:35:28] - |A| - (.Copyright (c) 1999-2006 Microsoft Corporation - CAPICOM Module.) - [511328] - (2.1.0.2) - C:\Windows\capicom.dll [MD5.DB8DA5E9883091498FC1F4590A2F8718] - [27/12/2014 00:56:41] - |A| - (.Copyright (C) 2014 Rsupport Co., Ltd. - Rsupport Credential Provider.) - [25896] - (5.0.3.2) - C:\Windows\cremgr64.dll [MD5.A4C15BCAD35B4DB7A9DCF859B4E0BEF7] - [10/05/2012 02:01:48] - |RA| - (.-.) - [13] - (0.0.0.0) - C:\Windows\csup.txt [MD5.CE7EA4FD479F7E540EDB01931ED77193] - [09/05/2012 18:14:59] - |RAH| - (.-.) - [159] - (0.0.0.0) - C:\Windows\ctfile.rfc [14/07/2009 05:20:09] - |D| - [2113488] - C:\Windows\Cursors [14/07/2009 06:45:54] - |D| - [3273] - C:\Windows\debug [09/05/2012 17:15:36] - |D| - [272] - C:\Windows\Dell [14/07/2009 07:32:38] - |D| - [3044378] - C:\Windows\diagnostics [14/07/2009 07:37:46] - |D| - [0] - C:\Windows\DigitalLocker [14/07/2009 07:32:38] - |D| - [382341] - C:\Windows\Downloaded Program Files [21/11/2010 09:16:47] - |D| - [118084593] - C:\Windows\ehome [14/07/2009 07:37:46] - |D| - [0] - C:\Windows\en-US [MD5.38AE1B3C38FAEF56FE4907922F0385BA] - [12/10/2016 09:31:02] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3229696] - (6.1.7601.23537) - C:\Windows\explorer.exe [14/07/2009 05:20:09] - |RSD| - [401048691] - C:\Windows\Fonts [17/03/2014 22:47:04] - |D| - [117440] - C:\Windows\fr [10/05/2012 02:00:44] - |D| - [142336] - C:\Windows\fr-FR [MD5.92BB2E9AA28542C685C59EFCBAC2490B] - [14/07/2009 01:22:13] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de chiffrement de lecteur BitLocker.) - [15360] - (6.1.7600.16385) - C:\Windows\fveupdate.exe [14/07/2009 05:20:09] - |D| - [34181371] - C:\Windows\Globalization [14/07/2009 05:20:09] - |D| - [142653528] - C:\Windows\Help [MD5.37BABEA44C50E8022324DB7A22A9679F] - [16/03/2017 12:26:14] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [733696] - (6.1.7601.23674) - C:\Windows\HelpPane.exe [MD5.3D0B9EA79BF1F828324447D84AA9DCE2] - [14/07/2009 02:29:03] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [16896] - (6.1.7600.16385) - C:\Windows\hh.exe [MD5.1AEB4967A760D6EC21A3270F1B004AC1] - [21/11/2010 09:17:39] - |A| - (.-.) - [48265] - (0.0.0.0) - C:\Windows\HomePremium.xml [14/07/2009 05:20:09] - |D| - [143547244] - C:\Windows\IME [14/07/2009 05:20:10] - |D| - [157597658] - C:\Windows\inf [09/05/2012 17:15:07] - |SHD| - [10870216627] - C:\Windows\Installer [14/07/2009 05:20:10] - |D| - [48371] - C:\Windows\L2Schemas [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\LiveKernelReports [14/07/2009 05:20:10] - |D| - [26975106] - C:\Windows\Logs [14/07/2009 05:20:10] - |RSD| - [13327133] - C:\Windows\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [14/07/2009 02:10:29] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [14/07/2009 05:20:10] - |D| - [982894639] - C:\Windows\Microsoft.NET [26/02/2014 04:02:22] - |D| - [3634] - C:\Windows\Migration [02/06/2012 14:44:23] - |D| - [0] - C:\Windows\Minidump [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\ModemLogs [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 04:35:42] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\Windows\msdfmap.ini [15/04/2014 21:46:20] - |HD| - [0] - C:\Windows\msdownld.tmp [MD5.B32189BDFF6E577A92BAA61AD49264E6] - [03/11/2015 15:24:01] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [193536] - (6.1.7601.18917) - C:\Windows\notepad.exe [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [07/01/2017 16:20:52] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\Windows\NvContainerRecovery.bat [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [07/01/2017 16:20:50] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\Windows\NvTelemetryContainerRecovery.bat [14/07/2009 07:32:38] - |D| - [65] - C:\Windows\Offline Web Pages [10/05/2012 02:02:15] - |D| - [9885178] - C:\Windows\Panther [15/06/2012 00:45:34] - |D| - [0] - C:\Windows\PCHEALTH [14/07/2009 07:32:38] - |D| - [66011633] - C:\Windows\Performance [MD5.91521023F66BCD3238C846E190FE7DE2] - [13/09/2012 22:34:00] - |A| - (.-.) - [11] - (0.0.0.0) - C:\Windows\permis.ini [MD5.D5F850B970AD32D26ED757DCE86E458F] - [25/04/2017 15:34:23] - |A| - (.-.) - [588] - (0.0.0.0) - C:\Windows\PFRO.log [14/07/2009 05:20:10] - |D| - [1132015] - C:\Windows\PLA [14/07/2009 05:20:10] - |D| - [2971790] - C:\Windows\PolicyDefinitions [09/05/2012 16:03:14] - |D| - [30244729] - C:\Windows\Prefetch [21/12/2015 21:47:01] - |D| - [2679] - C:\Windows\pss [MD5.2E2C937846A0B8789E5E91739284D17A] - [14/07/2009 01:27:10] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [427008] - (6.1.7600.16385) - C:\Windows\regedit.exe [14/07/2009 05:20:10] - |D| - [22588] - C:\Windows\Registration [14/07/2009 05:20:10] - |D| - [5843305] - C:\Windows\rescache [14/07/2009 05:20:10] - |D| - [1674534] - C:\Windows\Resources [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\SchCache [14/07/2009 05:20:10] - |D| - [58021] - C:\Windows\schemas [14/07/2009 05:20:10] - |D| - [5267456] - C:\Windows\security [14/07/2009 06:45:47] - |D| - [282600670] - C:\Windows\ServiceProfiles [14/07/2009 05:20:10] - |D| - [194487040] - C:\Windows\servicing [14/07/2009 06:45:50] - |D| - [4038] - C:\Windows\Setup [MD5.D74E3C688AA4F552EB9F55CB8EA67170] - [25/04/2017 15:35:50] - |A| - (.-.) - [56] - (0.0.0.0) - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [25/04/2017 15:35:50] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log [21/11/2010 09:16:47] - |D| - [98104] - C:\Windows\ShellNew [09/05/2012 16:09:39] - |D| - [1484254980] - C:\Windows\SoftwareDistribution [14/07/2009 05:20:10] - |D| - [70579144] - C:\Windows\Speech [MD5.127AA81343A7C6F665C22CB1293B0A90] - [15/08/2012 16:33:02] - |A| - (.© Microsoft Corporation. - Print driver host for 32bit applications.) - [67072] - (6.1.7601.17777) - C:\Windows\splwow64.exe [MD5.9060C3C745E7B2D8E1A81DD061021546] - [14/07/2009 07:28:38] - |A| - (.-.) - [48201] - (0.0.0.0) - C:\Windows\Starter.xml [23/08/2012 16:10:00] - |D| - [0] - C:\Windows\Sun [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\system [MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 04:34:57] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [14/07/2009 05:20:10] - |D| - [17700751047] - C:\Windows\System32 [14/07/2009 05:20:14] - |D| - [1516570313] - C:\Windows\SysWOW64 [14/07/2009 05:20:14] - |D| - [15] - C:\Windows\TAPI [14/07/2009 05:20:14] - |D| - [34752] - C:\Windows\Tasks [14/07/2009 05:20:14] - |D| - [18543394] - C:\Windows\Temp [MD5.80914E8DE687BFA8DE765E5090B82590] - [09/05/2012 18:15:01] - |A| - (.-.) - [1247] - (0.0.0.0) - C:\Windows\THXCfg_APOIM.ini [MD5.7E7FBA46533FA06B640102A4F534C0E5] - [09/05/2012 18:15:01] - |A| - (.-.) - [1247] - (0.0.0.0) - C:\Windows\THXCfg_HP_APOIM.ini [MD5.DB447A583C4B5225A257F281B0F1F427] - [09/05/2012 18:15:01] - |A| - (.-.) - [1264] - (0.0.0.0) - C:\Windows\THXCfg_SP_APOIM.ini [14/07/2009 05:20:14] - |D| - [0] - C:\Windows\tracing [MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/06/2009 23:41:17] - |A| - (.- Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\Windows\twain.dll [14/07/2009 07:32:38] - |D| - [7368347] - C:\Windows\twain_32 [MD5.163A95975E1D8819E653AA3E961371CA] - [21/11/2010 05:25:10] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\Windows\twain_32.dll [MD5.F36A271706EDD23C94956AFB56981184] - [14/07/2009 00:47:26] - |A| - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\Windows\twunk_16.exe [MD5.0BD6E68F3EA0DD62CD86283D86895381] - [14/07/2009 02:14:40] - |A| - (.- Twain.dll Client's 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\Windows\twunk_32.exe [MD5.C419DF63E0121D72411285780C2FC6CC] - [09/05/2012 18:15:01] - |A| - (.Copyright (c) Creative Technology Ltd. 2000 - Creative UpdReg.) - [90112] - (1.0.2.0) - C:\Windows\Updreg.EXE [MD5.6DDEAC7F76CCAEF12BB645ECE83F3549] - [10/05/2012 02:01:48] - |RAH| - (.-.) - [28] - (0.0.0.0) - C:\Windows\version [14/07/2009 05:20:14] - |D| - [12420] - C:\Windows\Vss [14/07/2009 05:20:14] - |D| - [44155055] - C:\Windows\Web [MD5.C667A0A4D08227ED19D7720FAF7E2D54] - [14/07/2009 04:34:57] - |A| - (.-.) - [510] - (0.0.0.0) - C:\Windows\win.ini [MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [14/07/2009 06:54:24] - |RAH| - (.-.) - [749] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.BED1E0CA27A3D2D96878E6E277CD77E7] - [24/01/2016 14:43:13] - |A| - (.-.) - [1212116] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.1D420D66250BCAAAED05724FB34008CF] - [14/07/2009 02:12:29] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [9728] - (6.1.7600.16385) - C:\Windows\winhlp32.exe [MD5.9BA8536DB4A9D0943CAE5B1D62408DD3] - [12/06/2016 20:16:30] - |A| - (.-.) - [204] - (0.0.0.0) - C:\Windows\wininit.ini [14/07/2009 05:20:14] - |D| - [25032877600] - C:\Windows\winsxs [MD5.11B01B3F4AF229467DBA81F9F80A6766] - [10/01/2014 14:31:32] - |A| - (.© 2012 Microsoft Corporation. Tous droits réservés. - Écran de veille de la Galerie de photos.) - [322240] - (16.4.3522.110) - C:\Windows\WLXPGSS.SCR [MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [10/06/2009 22:52:44] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.F8ED3B4B209E2CB49028E36CF06CA851] - [14/07/2009 01:56:28] - |A| - (.© Microsoft Corporation. - Windows Write.) - [10240] - (6.1.7600.16385) - C:\Windows\write.exe [MD5.F9F4905664C5B42B49E78EFA12D1A6B6] - [12/12/2013 21:39:59] - |A| - (.-.) - [20] - (0.0.0.0) - C:\Windows\˜ø‘ ---------- | C:\Windows\System32\GroupPolicy ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [14/04/2017 09:40:18] - C:\Windows\Installer\107097.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/04/2017 09:35:16] - C:\Windows\Installer\107150.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/03/2015 10:41:29] - C:\Windows\Installer\11dc00.msi : ( - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/05/2016 10:35:22] - C:\Windows\Installer\12789c.msi : (Belgium e-ID middleware 4.1.18 (build 1730) - Belgian Government) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/03/2016 18:08:28] - C:\Windows\Installer\1278a1.msi : (DIGIPASS Native Bridge 2.2.1 - VASCO Data Security) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/09/2014 21:18:02] - C:\Windows\Installer\12b3fbb.msi : ( - Turtle Beach) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/10/2014 23:51:07] - C:\Windows\Installer\134157.msi : (BlueStacks - BlueStack Systems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/11/2008 00:57:38] - C:\Windows\Installer\14888dc.msi : (Logitech eReg 1.12 merge module-to-MSI converter - Logitech, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/12/2012 14:32:59] - C:\Windows\Installer\16321b.msi : ( - Oliver Carr) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/01/2012 08:46:20] - C:\Windows\Installer\177449.msi : (LWS Help_main - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/11/2011 00:10:48] - C:\Windows\Installer\17744e.msi : (LWS Webcam Software - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2011 21:23:14] - C:\Windows\Installer\177453.msi : (LWS VideoEffects - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/11/2011 00:10:44] - C:\Windows\Installer\177458.msi : (CameraHelperMsi - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/01/2012 19:00:46] - C:\Windows\Installer\17745d.msi : (Logitech eReg 1.12 merge module-to-MSI converter - Logitech, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/11/2011 00:10:36] - C:\Windows\Installer\177462.msi : (LWS Facebook - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/11/2011 00:10:42] - C:\Windows\Installer\177467.msi : (LWS Gallery - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/11/2011 00:10:32] - C:\Windows\Installer\17746c.msi : (LWS Launcher - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/08/2011 00:52:54] - C:\Windows\Installer\177471.msi : (LWS Motion Detection - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/11/2011 00:14:24] - C:\Windows\Installer\177476.msi : (LWS Pictures And Video - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/07/2011 04:51:16] - C:\Windows\Installer\17747b.msi : (LWS Twitter - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2011 22:02:56] - C:\Windows\Installer\177480.msi : (LWS Video Mask Maker - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/06/2011 05:26:48] - C:\Windows\Installer\177485.msi : (LWS WLM Plugin - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/11/2011 00:14:28] - C:\Windows\Installer\17748a.msi : (LWS YouTube Plugin - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/05/2012 19:48:55] - C:\Windows\Installer\200d6.msi : (Dell Stage - Fingertapps) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/05/2012 18:07:01] - C:\Windows\Installer\21e747.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/05/2012 18:13:02] - C:\Windows\Installer\21e77f.msi : (Blank Project Template - Sonic Solutions) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/05/2012 18:13:04] - C:\Windows\Installer\21e785.msi : (Roxio Easy Media Creator 8 - ¹«Ë¾Ãû³Æ) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/05/2012 18:13:06] - C:\Windows\Installer\21e7a1.msi : (Roxio Creator Starter - Roxio, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/05/2012 18:13:05] - C:\Windows\Installer\21e7a6.msi : (RBVirtualFolder 64 bit installer - Roxio, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/05/2012 18:13:05] - C:\Windows\Installer\21e7ac.msi : (PhotoShowTouch - Sonic Solutions) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/05/2012 18:13:03] - C:\Windows\Installer\21e7b2.msi : (Roxio Express Labeler 3 - Roxio, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/05/2012 18:13:02] - C:\Windows\Installer\21e7b8.msi : (Sonic CinePlayer Decoder Pack - Sonic Solutions) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/05/2012 18:13:01] - C:\Windows\Installer\21e7cf.msi : (Roxio File Backup - Roxio, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/05/2012 18:13:01] - C:\Windows\Installer\21e7e7.msi : (Roxio BackOnTrack - Roxio, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/05/2012 18:13:00] - C:\Windows\Installer\21e7ff.msi : (Roxio Burn - Roxio, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/05/2012 18:13:00] - C:\Windows\Installer\21e805.msi : (Roxio Activation Module - Roxio, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/05/2012 18:28:15] - C:\Windows\Installer\21e80a.msi : (DELLST~1|Dell Stage - ArcSoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/05/2012 18:11:23] - C:\Windows\Installer\21e874.msi : (Dell MusicStage - Fingertapps) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2017 16:18:17] - C:\Windows\Installer\295090.msi : (Emily - Razer Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/05/2015 14:32:48] - C:\Windows\Installer\298f13.msi : (Skype - Skype Technologies S.A.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/12/2015 12:32:02] - C:\Windows\Installer\2aba2f.msi : (Java SE Runtime Environment 8 Update 66 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/12/2015 12:31:59] - C:\Windows\Installer\2aba3c.msi : (Java Auto Updater - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/12/2012 12:58:59] - C:\Windows\Installer\2b44ff.msi : (PX5 Advanced Sound Editor - Turtle Beach) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/12/2015 21:31:58] - C:\Windows\Installer\31615c.msi : ([ProductName] Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/01/2015 15:34:06] - C:\Windows\Installer\3ba972.msi : (VoiceOver Kit Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/05/2012 17:15:02] - C:\Windows\Installer\3e52d5.msi : (Broadcom NetXtreme-I Netlink Driver and Management Installer - Broadcom Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/09/2005 23:18:51] - C:\Windows\Installer\46e420.msi : (Blank Project Template - InstallShield Software Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/07/2010 14:11:06] - C:\Windows\Installer\4dfdc.msi : (WIDCOMM Bluetooth Profile Pack - Broadcom Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [02/03/2013 16:31:46] - C:\Windows\Installer\5014cc.msi : (ForceDownload - Aedge Performance BCN SL) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/04/2016 20:44:50] - C:\Windows\Installer\510c67.msi : (Apple Application Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/04/2016 20:45:04] - C:\Windows\Installer\510dc5.msi : (Apple Application Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/04/2016 20:45:05] - C:\Windows\Installer\510e46.msi : (Apple Software Update Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/04/2016 20:45:10] - C:\Windows\Installer\510e99.msi : (Apple Mobile Device Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/04/2016 20:45:34] - C:\Windows\Installer\511e5f.msi : (iTunes Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/06/2012 21:55:02] - C:\Windows\Installer\6ebe2.msi : (Java FX 2.1 Installer - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/11/2013 01:52:03] - C:\Windows\Installer\888c71.msi : (League of Legends - Riot Games) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/11/2014 01:00:44] - C:\Windows\Installer\89b2c.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/05/2012 01:48:11] - C:\Windows\Installer\8d3632.msi : (Google SketchUp 8 Installer - Google, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/03/2017 18:59:36] - C:\Windows\Installer\bf92a.msi : (Google Drive - Google, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/07/2012 20:05:42] - C:\Windows\Installer\e4251.msi : (WinZip Compression Utility - Copyright (c) 1991-2011 WinZip International LLC - All Rights Reserved) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [14/07/2009 06:57:09] - [73] - C:\Windows\System32\desktop.ini [15/05/2015 14:19:23] - [16303] - C:\Windows\System32\ieuinit.inf [09/05/2007 20:35:54] - [57126] - C:\Windows\System32\lvcoin64.ini [09/05/2012 18:15:01] - [5262] - C:\Windows\System32\MBEptMon.ini [09/05/2012 18:15:01] - [5262] - C:\Windows\System32\MCEptMon.ini [09/05/2012 17:32:00] - [918424] - C:\Windows\System32\oem14.inf [14/07/2009 07:13:15] - [1669584] - C:\Windows\System32\PerfStringBackup.INI [10/06/2009 23:01:25] - [60124] - C:\Windows\System32\tcpmon.ini [09/05/2012 18:15:01] - [6507] - C:\Windows\System32\THXCfg64.ini [20/08/2013 07:32:46] - [114] - C:\Windows\Syswow64\BRLMW03A.INI [15/04/2014 20:34:35] - [497] - C:\Windows\Syswow64\FeAnim.ini [15/04/2014 20:34:35] - [571] - C:\Windows\Syswow64\FeMakro.ini [15/05/2015 14:19:24] - [16303] - C:\Windows\Syswow64\ieuinit.inf [14/07/2009 06:55:01] - [535] - C:\Windows\Syswow64\mapisvc.inf [17/12/2012 12:58:26] - [1643716] - C:\Windows\Syswow64\PerfStringBackup.INI [01/11/2006 15:25:18] - [1923] - C:\Windows\Syswow64\SysPro.inf ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:08] - [0 Ko] - C:\Windows\AppPatch\Custom\Custom64 [MD5.D9FDE19432E8B011DB8574C6CF5443AA] - |A| - [12/10/2016 09:32:03] - (.-.) - [122.35 Ko] - (0.0.0.0) - C:\Windows\AppPatch\AppPatch64\sysmain.sdb [MD5.129E494338F9640081A938EECD4547FF] - |A| - [09/05/2012 17:23:59] - (.-.) - [0.81 Ko] - (0.0.0.0) - C:\Windows\PSS\Bluetooth.lnk.CommonStartup [MD5.2826491737D24C750AAD2335CAA76C7E] - |A| - [17/05/2012 16:46:53] - (.-.) - [1.8 Ko] - (0.0.0.0) - C:\Windows\PSS\Logitech SetPoint.lnk.CommonStartup [MD5.AFBBD23889AFF809EE19E406379DE1C1] - |A| - [24/04/2017 21:43:11] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile00.sqm [MD5.A73DC29D1A4AC08BE42A89F3BE8A3B3A] - |A| - [25/04/2017 15:37:22] - (.-.) - [2.62 Ko] - (0.0.0.0) - C:\Windows\Temp\lpksetup-20170425-153722-0.log [MD5.00000000000000000000000000000000] - |D| - [24/04/2017 21:00:26] - [0 Ko] - C:\Windows\Temp\tmp00006309 [MD5.00000000000000000000000000000000] - |D| - [25/04/2017 16:53:52] - [0 Ko] - C:\Windows\Temp\tmp00007474 [MD5.00000000000000000000000000000000] - |D| - [24/04/2017 18:41:15] - [18098 Ko] - C:\Windows\Temp\update [MD5.D222A62F9257705FD0031426F8AE0BD8] - |A| - [24/04/2017 18:41:14] - (.-.) - [7.57 Ko] - (0.0.0.0) - C:\Windows\Temp\update.zip [MD5.00000000000000000000000000000000] - |D| - [10/05/2012 02:00:42] - [0 Ko] - C:\Windows\System32\040C [MD5.4F588FC37AFCADD5B5A6FDF6610F7D09] - |AH| - [14/07/2009 06:45:49] - (.-.) - [27.69 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [MD5.4F588FC37AFCADD5B5A6FDF6610F7D09] - |AH| - [14/07/2009 06:45:49] - (.-.) - [27.69 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [4987.5 Ko] - C:\Windows\System32\AdvancedInstallers [MD5.6EFDA8DB98B0C9100D79680C0B6C7FFF] - |A| - [09/05/2012 18:14:59] - (.-.) - [225.5 Ko] - (1.0.262.0) - C:\Windows\System32\APOMgr64.DLL [MD5.00000000000000000000000000000000] - |D| - [14/12/2014 11:55:22] - [2485.78 Ko] - C:\Windows\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [203.5 Ko] - C:\Windows\System32\ar-SA [MD5.98AA7D3763423147644E985B2DB05AB3] - |A| - [03/08/2010 17:35:28] - (.Copyright (C) 2003-2010 - BACSCPL DLL.) - [265.35 Ko] - (12.4.18.0) - C:\Windows\System32\BACSCPL.cpl [MD5.108FD130A38FD2C315C876EB4415E940] - |A| - [09/05/2012 17:31:46] - (.1998-2010, Dell Inc. - Wireless Network Logon Provider.) - [1063.5 Ko] - (5.60.48.35) - C:\Windows\System32\BCMLogon.dll [MD5.36CC073996AA07300AD06F17BF97ECBB] - |A| - [09/05/2012 17:31:33] - (.1998-2010, Dell Inc. - DW EAP Provider EAP-TTLS.) - [4639.5 Ko] - (5.60.48.35) - C:\Windows\System32\bcmttls.dll [MD5.C756F4BA3F34862A58C3514A1381E8A1] - |A| - [09/05/2012 17:31:32] - (.1998-2010, Dell Inc. - DW WLAN Card Utility.) - [7886.5 Ko] - (5.60.48.35) - C:\Windows\System32\BCMWLCPL.CPL [MD5.FF5AC2680CA3755811803F083E136C22] - |A| - [09/05/2012 17:31:34] - (.-.) - [6.5 Ko] - (0.0.0.0) - C:\Windows\System32\bcmwlrc.dll [MD5.0895EF8DD5CDD8315175B6A1CC798E85] - |A| - [20/05/2016 10:28:24] - (.Copyright (C) 2015 - beidminidriver Dynamic Link Library.) - [157 Ko] - (4.1.18.1730) - C:\Windows\System32\beidmdrv64.dll [MD5.FF78DBA04AC0FBAC133A4B7DCBCB9AE0] - |A| - [20/05/2016 10:28:20] - (.Copyright (C) 2015 - pkcs11 Dynamic Link Library.) - [396.5 Ko] - (4.1.18.1730) - C:\Windows\System32\beidpkcs11.dll [MD5.444DB426B226AFF35591300A769E1E58] - |A| - [20/05/2016 10:28:48] - (.Copyright (C) 2015 - pkcs11 Dynamic Link Library.) - [398.5 Ko] - (4.1.18.1730) - C:\Windows\System32\beid_ff_pkcs11.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [175 Ko] - C:\Windows\System32\bg-BG [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [2589.81 Ko] - C:\Windows\System32\Boot [MD5.B85BD3570B9DE292E32BD8715E40FB9B] - |A| - [20/08/2013 07:32:46] - (.1997-2011Copyright(C) Brother Industries Ltd. - Multi Function CoInstaller for imaging device (64bit).) - [12.5 Ko] - (1.0.1.1) - C:\Windows\System32\BrCiImg.dll [MD5.9D881BE34B359D0010C676ECA6D219A4] - |A| - [20/08/2013 07:32:40] - (.(C) 1993 - 2013 Brother Industries, Ltd. - Printer Driver CoInstaller.) - [217.5 Ko] - (1.13.0.0) - C:\Windows\System32\BRCOI12I.DLL [MD5.F02F93D5AEC524052E4A37C1BB7CCF31] - |A| - [14/07/2009 03:20:24] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother Multi Function CoInstaller.) - [19 Ko] - (1.0.0.20) - C:\Windows\System32\brcoinst.dll [MD5.1719A58DC4127FA80F62A94494947568] - |A| - [20/08/2013 07:32:30] - (.Copyright(C) 2008-2011 Brother Industries, Ltd. - Scanning module for Brother Scanner.) - [272.5 Ko] - (1.0.10.3) - C:\Windows\System32\BrJDec.dll [MD5.6658D4912F67B40BE373DD09F5FCF301] - |A| - [20/08/2013 07:32:32] - (.Copyright(C) 2001-2012 Brother Industries, Ltd. - USB STI device accessing module for Brother MFC(for 64Bit).) - [54.5 Ko] - (2.0.13.5) - C:\Windows\System32\BrUsi12a.dll [MD5.6965400607B0B337B2125FE8B8277E23] - |A| - [20/08/2013 07:32:40] - (.Copyright (C) Brother Industries. 1996-2012 - Brother MFC WIA minidriver(for 64Bit).) - [1408 Ko] - (3.16.3.3) - C:\Windows\System32\BrWi212a.dll [MD5.E87A0113472E448A69F6C84E73A44E12] - |A| - [03/08/2010 17:35:46] - (.Copyright © 2002-2010 - Broadcom Corporation Teaming Device List.) - [53.35 Ko] - (6.30.0.0) - C:\Windows\System32\BSelList.dll [MD5.7D00FF6A4315FDF4ACAFBB4EF157EA9F] - |A| - [14/07/2009 02:07:04] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [91.5 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll [MD5.6794D9D442E31DC5E95BDF65F37E4386] - |A| - [14/07/2009 01:56:54] - (.Copyright (C) 2006 - CardGames Resources.) - [6068.5 Ko] - (1.0.0.1) - C:\Windows\System32\CardGames.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [161426.73 Ko] - C:\Windows\System32\catroot [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [29904.84 Ko] - C:\Windows\System32\catroot2 [MD5.505F03C9B60B104107C83A3402850E19] - |A| - [09/05/2012 18:15:01] - (.-.) - [87 Ko] - (1.0.62.0) - C:\Windows\System32\CmdRtr64.DLL [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [9467.66 Ko] - C:\Windows\System32\CodeIntegrity [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [357 Ko] - C:\Windows\System32\com [MD5.00000000000000000000000000000000] - |SD| - [01/05/2014 01:33:00] - [4945.69 Ko] - C:\Windows\System32\CompatTel [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [503767.19 Ko] - C:\Windows\System32\config [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [434 Ko] - C:\Windows\System32\cs-CZ [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [429.5 Ko] - C:\Windows\System32\da-DK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [459.5 Ko] - C:\Windows\System32\de-DE [MD5.079B8AEB4A55BF8493BD1EC70285D920] - |ASH| - [14/07/2009 06:57:09] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\Windows\System32\desktop.ini [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [5335 Ko] - C:\Windows\System32\Dism [MD5.6F71252C2428D5B0DB985B76AEAC1468] - |A| - [29/08/2016 11:22:56] - (.Copyright © 2016 Razer Inc. All rights reserved - Installation Helper Custom Actions for wix.) - [73.97 Ko] - (1.0.0.1) - C:\Windows\System32\DriverInstallCA.dll [MD5.E0E0927DABCDCA4A5E3DD7F5A691663D] - |A| - [29/08/2016 11:22:56] - (.Copyright © 2016 Razer Inc. All rights reserved - Razer CA installation for drivers.) - [245.97 Ko] - (1.0.0.1) - C:\Windows\System32\DriverInstallCACMD.exe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [70737.4 Ko] - C:\Windows\System32\drivers [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [14106225.17 Ko] - C:\Windows\System32\DriverStore [MD5.00000000000000000000000000000000] - |DC| - [01/06/2012 22:19:16] - [314.91 Ko] - C:\Windows\System32\DRVSTORE [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [459 Ko] - C:\Windows\System32\el-GR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [2877.59 Ko] - C:\Windows\System32\en-US [MD5.044EEC41BB39C3F8FC6175DAEAADDB35] - |N| - [09/05/2012 18:15:01] - (.Copyright (C) 2009 -.) - [21 Ko] - (1.0.0.2) - C:\Windows\System32\EptMon64.dll [MD5.D5ACF04BA5A9D7D92387CA1D5C8E8A6D] - |N| - [09/05/2012 18:15:01] - (.Copyright (c) 2009 Creative Technology Ltd. -.) - [138 Ko] - (0.0.0.6) - C:\Windows\System32\EptMon64.exe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [450 Ko] - C:\Windows\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [162.5 Ko] - C:\Windows\System32\et-EE [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [432 Ko] - C:\Windows\System32\fi-FI [MD5.C5CF9E1FA57DB5627FDC6CC2A8484544] - |A| - [25/04/2017 15:34:30] - (.-.) - [451.13 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [10/05/2012 02:00:42] - [1840 Ko] - C:\Windows\System32\fr [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [41468.25 Ko] - C:\Windows\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\System32\FxsTmp [MD5.2AE808CB0D9A667B0CF41EA74B3B9BAC] - |A| - [10/06/2009 22:36:24] - (.-.) - [39.6 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs [MD5.5C7B8533FEC9E65368D14965EC4C9D8A] - |A| - [01/06/2012 22:19:16] - (.Copyright © 2000-2012 GEAR Software Inc. - GEARAspi.) - [122.92 Ko] - (2.1.3.1) - C:\Windows\System32\GEARAspi64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\Windows\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [193.5 Ko] - C:\Windows\System32\he-IL [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [170 Ko] - C:\Windows\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [436.5 Ko] - C:\Windows\System32\hu-HU [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [5.36 Ko] - C:\Windows\System32\ias [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [36.27 Ko] - C:\Windows\System32\icsxml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [36875.94 Ko] - C:\Windows\System32\IME [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\Windows\System32\inetsrv [MD5.AAA0C03BF54FC8A4E895B576861A9848] - |A| - [21/11/2010 05:07:41] - (.-.) - [29.12 Ko] - (0.0.0.0) - C:\Windows\System32\InstallPackage_ETW.Log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [454 Ko] - C:\Windows\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [367 Ko] - C:\Windows\System32\ja-JP [MD5.A64E1F87CBA9F8798F4616A19224EC35] - |A| - [17/05/2012 16:46:46] - (.(C) 1998-2009 Logitech. - Logitech Ultimate Toolbox (UNICODE).) - [230.02 Ko] - (4.80.103.0) - C:\Windows\System32\kemutb.dll [MD5.DBD02768B49B4EA7C1C57616808F307F] - |A| - [17/05/2012 16:46:46] - (.(C) 1998-2009 Logitech. - Logitech Utility (UNICODE).) - [230.02 Ko] - (4.80.103.0) - C:\Windows\System32\KemUtil.dll [MD5.74F271478C8F271E58716476D2182C36] - |A| - [17/05/2012 16:46:46] - (.(C) 1998-2009 Logitech. - Logitech Windows Utilities Support (UNICODE).) - [155.52 Ko] - (4.80.103.0) - C:\Windows\System32\KemWnd.dll [MD5.89380A510B6019E1F1FA0D42AF591AF7] - |A| - [17/05/2012 16:46:46] - (.(C) 1998-2009 Logitech. - Logitech XML Support (UNICODE).) - [94.02 Ko] - (4.80.103.0) - C:\Windows\System32\KemXML.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [362 Ko] - C:\Windows\System32\ko-KR [MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [14/07/2009 04:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\System32\korwbrkr.lex [MD5.017DE305B057897CA13666AAB79F0CE3] - |A| - [07/07/2014 07:34:14] - (.Copyright © 2014 Razer Inc. All rights reserved - Kraken 7.1 Chroma APO lfx dll.) - [4603.16 Ko] - (6.2.9200.20789) - C:\Windows\System32\Kraken71Chromalfx.dll [MD5.3A990028C3616E00E7CA95A10408B80C] - |A| - [18/06/2015 04:25:00] - (.(C) 1998-2015 Logitech. - Logitech KMDF Co-Installer (UNICODE).) - [1810.64 Ko] - (5.90.38.0) - C:\Windows\System32\LkmdfCoInst.dll [MD5.7C3788193D1E0F1ACE8B6E9F414FAD41] - |A| - [18/06/2015 04:25:00] - (.(C) 1998-2015 Logitech. - Logitech Bluetooth Co-Installer (UNICODE).) - [61.64 Ko] - (5.90.38.0) - C:\Windows\System32\LMouFiltCoInst.dll [MD5.E89C001FB4D9E08CC7072CE774CDB999] - |A| - [21/11/2010 04:52:07] - (.-.) - [0.01 Ko] - (0.0.0.0) - C:\Windows\System32\LocalGroupAdminAdd.log [MD5.563C3703A9B57CC9B370A76D6173D09C] - |A| - [21/11/2010 04:52:08] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\System32\Local_LLU.log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [2369.47 Ko] - C:\Windows\System32\LogFiles [MD5.AC012AD7539A8F9FFD31CF80BAA06CC7] - |A| - [20/09/2012 17:02:06] - (.Copyright © 2010-2012 Logitech. All Rights Reserved - Logitech Download Assistant.) - [1789.8 Ko] - (1.10.77.0) - C:\Windows\System32\LogiLDA.DLL [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [167 Ko] - C:\Windows\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [168 Ko] - C:\Windows\System32\lv-LV [MD5.0FCAAAC991D26EDD6B1941BEFC31DA82] - |A| - [09/05/2007 21:47:46] - (.(c) 1996-2007 Logitech. - Logitech Co-Installer.) - [251.78 Ko] - (11.0.0.1213) - C:\Windows\System32\lvco1100.dll [MD5.5C3295C0206AA62BFE5A2CCAF69590CD] - |A| - [09/05/2007 21:47:34] - (.(c) 1996-2007 Logitech. - Video Codec.) - [464.78 Ko] - (11.0.0.1213) - C:\Windows\System32\lvcod64.dll [MD5.E83164B43624AC0DAB3280E77A524FF5] - |A| - [09/05/2007 20:35:54] - (.-.) - [55.79 Ko] - (0.0.0.0) - C:\Windows\System32\lvcoin64.ini [MD5.B62272260AEC27E5F3323433EC7B82F6] - |A| - [11/05/2012 21:00:21] - (.-.) - [10.56 Ko] - (0.0.0.0) - C:\Windows\System32\lvcoinst.log [MD5.9B490E135B450722A7DA50C4BAB423B2] - |A| - [09/05/2007 21:50:26] - (.(c) 1996-2007 Logitech. - Logitech Camera Property Pages.) - [668.78 Ko] - (11.0.0.1213) - C:\Windows\System32\LVUI64.dll [MD5.CD2389B1167FC6ACF20237131BC2285E] - |A| - [09/05/2007 21:50:36] - (.(c) 1996-2007 Logitech. - Logitech Camera Property Pages.) - [475.78 Ko] - (11.0.0.1213) - C:\Windows\System32\LVUIRC64.dll [MD5.00000000000000000000000000000000] - |D| - [09/05/2012 17:18:17] - [89038.02 Ko] - C:\Windows\System32\Macromed [MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [13/07/2009 22:17:48] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\Windows\System32\manage-bde.wsf [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [1981.88 Ko] - C:\Windows\System32\manifeststore [MD5.51ABC892625A3643312EED429891E51F] - |N| - [09/05/2012 18:15:01] - (.-.) - [5.14 Ko] - (0.0.0.0) - C:\Windows\System32\MBEptMon.ini [MD5.A5C2F411EB72515B727BF13655B63910] - |N| - [09/05/2012 18:15:01] - (.-.) - [5.14 Ko] - (0.0.0.0) - C:\Windows\System32\MCEptMon.ini [MD5.BFCDF65F8513E396889A62DC1397273F] - |RA| - [09/05/2012 18:30:10] - (.Copyright© 1995-2011 McAfee, Inc. - McAfee Process Validation Service.) - [155.11 Ko] - (14.4.0.385) - C:\Windows\System32\mfevtps.exe.55fe.deleteme [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 06:45:42] - [1132.63 Ko] - C:\Windows\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [3464.93 Ko] - C:\Windows\System32\migration [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [37792.2 Ko] - C:\Windows\System32\migwiz [MD5.39E801545FFF6230C80140E0F8A06629] - |A| - [14/07/2009 06:57:09] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\Windows\System32\migwiz.lnk [MD5.00000000000000000000000000000000] - |D| - [21/07/2013 03:00:34] - [0 Ko] - C:\Windows\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [4148.28 Ko] - C:\Windows\System32\Msdtc [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [24.48 Ko] - C:\Windows\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [424.5 Ko] - C:\Windows\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [768 Ko] - C:\Windows\System32\NDF [MD5.CD48AD912839B9FB6CCA5D4AA9B37500] - |A| - [14/07/2009 00:01:19] - (.-.) - [21.3 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [153 Ko] - C:\Windows\System32\NetworkList [MD5.8E24A7BCAEF2045DA1FF29217622843E] - |A| - [21/11/2010 04:52:07] - (.-.) - [0.04 Ko] - (0.0.0.0) - C:\Windows\System32\Network_LLU.log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [445.5 Ko] - C:\Windows\System32\nl-NL [MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [14/07/2009 04:35:51] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\System32\noise.kor [MD5.2BF0CEEDCF4C5581E199FC4A265B3F71] - |A| - [04/03/2017 21:40:45] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\Windows\System32\nv-vk64.json [MD5.B118600075AA8BD0596510F44D9F4274] - |A| - [09/05/2012 20:35:04] - (.-.) - [7608.61 Ko] - (0.0.0.0) - C:\Windows\System32\nvcoproc.bin [MD5.476EB8125090F7B12E32A34FC664CF96] - |A| - [07/01/2017 18:02:08] - (.-.) - [41.61 Ko] - (0.0.0.0) - C:\Windows\System32\nvinfo.pb [MD5.533792FB8D49D7724372730936EAD17C] - |A| - [07/01/2017 16:21:11] - (.-.) - [118.44 Ko] - (0.0.0.0) - C:\Windows\System32\NvRtmpStreamer64.dll [MD5.EB5B3EF77362DAB2A5D9151D30E88381] - |A| - [09/05/2012 17:32:00] - (.-.) - [896.9 Ko] - (0.0.0.0) - C:\Windows\System32\oem14.inf [MD5.2901049544FDF863362FABA2363EB647] - |A| - [13/07/2009 22:24:21] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\Windows\System32\onlinesetup.cmd [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [14293.75 Ko] - C:\Windows\System32\oobe [MD5.9BA931673075B4E4E781B6566FBDD0BA] - |A| - [14/07/2009 04:36:59] - (.-.) - [119.26 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat [MD5.AF3AAA96AB13CF3724E8E60196DD1B59] - |A| - [10/05/2012 02:01:03] - (.-.) - [146.65 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00C.dat [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 22:33:35] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\System32\PerfCenterCpl.ico [MD5.7AAA3E23CE4C7845B112F7A79B110E60] - |A| - [14/07/2009 04:36:59] - (.-.) - [30.81 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat [MD5.07BA000B2E67565BDF112C35171865A5] - |A| - [10/05/2012 02:01:03] - (.-.) - [37.27 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00C.dat [MD5.7751C1EBDDFBC40C47C6396F94CE3D19] - |A| - [14/07/2009 04:36:59] - (.-.) - [638.92 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat [MD5.90DF6B69E1AB79C82D85DB7A0222755D] - |A| - [10/05/2012 02:01:03] - (.-.) - [730.12 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00C.dat [MD5.89B2E708837828302AD01017756BDB66] - |A| - [14/07/2009 07:13:15] - (.-.) - [1630.45 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI [MD5.845F613E1EE0A685C37FA270D5FFC919] - |A| - [26/12/2015 08:02:55] - (.-.) - [3 Ko] - (0.0.0.0) - C:\Windows\System32\persistent_q.db [MD5.BB7DF04E1B0A2570657527A7E108AE23] - |A| - [26/12/2015 08:02:55] - (.-.) - [32 Ko] - (0.0.0.0) - C:\Windows\System32\persistent_q.db-shm [MD5.A3ABA429E9B99B75FEF7582E07521C7F] - |A| - [26/12/2015 08:02:55] - (.-.) - [3.1 Ko] - (0.0.0.0) - C:\Windows\System32\persistent_q.db-wal [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [441 Ko] - C:\Windows\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 09:06:50] - [420.42 Ko] - C:\Windows\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [438 Ko] - C:\Windows\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [440.5 Ko] - C:\Windows\System32\pt-PT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [23.75 Ko] - C:\Windows\System32\ras [MD5.E374D08058345975D8767670F79C4A4C] - |A| - [27/07/2015 09:21:08] - (.Copyright © 2014 Razer Inc. All rights reserved - RazerCoinstaller.) - [87.02 Ko] - (0.0.0.5) - C:\Windows\System32\RazerCoinstaller.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0.78 Ko] - C:\Windows\System32\Recovery [MD5.27B12DCC320C4E96205215EF0A17E0CB] - |A| - [09/05/2007 20:37:32] - (.-.) - [15.19 Ko] - (0.0.0.0) - C:\Windows\System32\Repository.reg [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0.07 Ko] - C:\Windows\System32\restore [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [171 Ko] - C:\Windows\System32\ro-RO [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [436 Ko] - C:\Windows\System32\ru-RU [MD5.47CA9EFA1A8AF2E218C209EF627029D1] - |A| - [21/03/2017 05:11:58] - (.Copyright (c) 2011-2015 Razer Inc. - Razer Chroma SDK.) - [112.13 Ko] - (1.0.10.2) - C:\Windows\System32\RzChromaSDK64.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/04/2016 21:15:55] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\System32\RzSurroundVADAudioDeviceManager_log.txt [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [21/11/2010 05:24:25] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [171.5 Ko] - C:\Windows\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [168 Ko] - C:\Windows\System32\sl-SI [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 09:06:51] - [42.67 Ko] - C:\Windows\System32\slmgr [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [31874.02 Ko] - C:\Windows\System32\SMI [MD5.C74D61FCA22F36791105D7878AF73572] - |A| - [10/06/2009 23:08:17] - (.-.) - [8.09 Ko] - (0.0.0.0) - C:\Windows\System32\spcinstrumentation.man [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [17378 Ko] - C:\Windows\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [59400.39 Ko] - C:\Windows\System32\spool [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [1959.75 Ko] - C:\Windows\System32\spp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [30.19 Ko] - C:\Windows\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [170 Ko] - C:\Windows\System32\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [428.5 Ko] - C:\Windows\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [137.88 Ko] - C:\Windows\System32\sysprep [MD5.5EC92F0EAE3CA59F647C3CA5AA7CB053] - |A| - [21/11/2010 05:24:36] - (.-.) - [339.75 Ko] - (0.0.0.0) - C:\Windows\System32\systemsf.ebd [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [357.71 Ko] - C:\Windows\System32\Tasks [MD5.47F22CAD4A16BB40153555D631546B94] - |A| - [10/06/2009 23:01:25] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [159 Ko] - C:\Windows\System32\th-TH [MD5.76B59C460C95503032E35F00BE125F7D] - |N| - [09/05/2012 18:15:01] - (.Copyright (C) 2009 -.) - [17.5 Ko] - (1.3.0.0) - C:\Windows\System32\THXCfg64.dll [MD5.D5ACF04BA5A9D7D92387CA1D5C8E8A6D] - |N| - [09/05/2012 18:15:01] - (.Copyright (c) 2009 Creative Technology Ltd. -.) - [138 Ko] - (0.0.0.6) - C:\Windows\System32\THXCfg64.exe [MD5.3121A832B0E95BBEF7A40CA68789F65D] - |N| - [09/05/2012 18:15:01] - (.-.) - [6.35 Ko] - (0.0.0.0) - C:\Windows\System32\THXCfg64.ini [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [426 Ko] - C:\Windows\System32\tr-TR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [166.5 Ko] - C:\Windows\System32\uk-UA [MD5.05F9840831C29F5BE93AD8BE810D5614] - |A| - [14/07/2009 06:45:37] - (.-.) - [18 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup.etl [MD5.F736AA948D0C3CBCE212B7B2CB0EF115] - |A| - [14/07/2009 06:45:37] - (.-.) - [45 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup000.etl [MD5.4E8F2BB3A5A87E75C35533723B50E685] - |A| - [07/01/2017 15:37:12] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\Windows\System32\user_gensett.xml [MD5.F2CD1BCAF88E9B8605FABA59D95D6112] - |A| - [09/05/2012 17:31:32] - (.-.) - [0.45 Ko] - (0.0.0.0) - C:\Windows\System32\vcredist_x64.bat [MD5.7B56B40C416D6DCAA7972EA322AD094A] - |A| - [27/12/2014 00:56:58] - (.Copyright (C) 2007-2009 RSUPPORT CO., LTD. - Rsupport VRVD5.) - [69.03 Ko] - (5.3.0.40) - C:\Windows\System32\vrvd5.dll [MD5.B0ECA1A7A27554613D52FF60328D75DA] - |A| - [14/02/2016 03:46:26] - (.-.) - [123.27 Ko] - (0.0.0.0) - C:\Windows\System32\vulkan-1-1-0-3-0.dll [MD5.F5AA1CD090726ED32C0026FBD023FCF7] - |A| - [26/01/2017 02:09:16] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [315 Ko] - (1.0.39.1) - C:\Windows\System32\vulkan-1-1-0-39-1.dll [MD5.F5AA1CD090726ED32C0026FBD023FCF7] - |A| - [27/09/2016 11:06:21] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [315 Ko] - (1.0.39.1) - C:\Windows\System32\vulkan-1.dll [MD5.8B3FD814D7DD1D35540C8C8883E83FF2] - |A| - [14/02/2016 03:45:26] - (.-.) - [44.77 Ko] - (0.0.0.0) - C:\Windows\System32\vulkaninfo-1-1-0-3-0.exe [MD5.6D2AD21CD6674F1B66CCB8C4C433A4E1] - |A| - [26/01/2017 02:09:50] - (.-.) - [115.5 Ko] - (0.0.0.0) - C:\Windows\System32\vulkaninfo-1-1-0-39-1.exe [MD5.6D2AD21CD6674F1B66CCB8C4C433A4E1] - |A| - [27/09/2016 11:06:21] - (.-.) - [115.5 Ko] - (0.0.0.0) - C:\Windows\System32\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [15/05/2012 21:10:34] - [1754.83 Ko] - C:\Windows\System32\Wat [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [56435.15 Ko] - C:\Windows\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 09:06:50] - [47.61 Ko] - C:\Windows\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [44686.02 Ko] - C:\Windows\System32\wdi [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [13/07/2009 23:54:15] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [128 Ko] - C:\Windows\System32\wfp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [73.5 Ko] - C:\Windows\System32\WinBioPlugIns [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [9124.89 Ko] - C:\Windows\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [120860 Ko] - C:\Windows\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 09:06:51] - [106.26 Ko] - C:\Windows\System32\winrm [MD5.0318EF37B87CE585BAFB81FCE93D7D1F] - |A| - [09/05/2012 18:15:01] - (.-.) - [173.5 Ko] - (1.0.262.0) - C:\Windows\SysWOW64\APOMngr.DLL [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [201.5 Ko] - C:\Windows\SysWOW64\ar-SA [MD5.33D5D09599980E3FFBE5AAFB6FF80807] - |A| - [22/07/2012 00:45:54] - (.© 2000-2009 Ben Rudiak-Gould and others - Avisynth video processing scripting language.) - [360.5 Ko] - (2.6.0.1) - C:\Windows\SysWOW64\avisynth.dll [MD5.6586E91828FB64B7236771C0EBE25D4D] - |A| - [22/07/2012 00:45:54] - (.-.) - [31.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\AVSredirect.dll [MD5.CA7D65DE56BC6884131FE30F7201C13D] - |A| - [20/05/2016 10:27:26] - (.Copyright (C) 2015 - beidminidriver Dynamic Link Library.) - [139 Ko] - (4.1.18.1730) - C:\Windows\SysWOW64\beidmdrv32.dll [MD5.6E96E44CBE6410A0E62AEED4F4EA0F17] - |A| - [20/05/2016 10:27:24] - (.Copyright (C) 2015 - pkcs11 Dynamic Link Library.) - [328 Ko] - (4.1.18.1730) - C:\Windows\SysWOW64\beidpkcs11.dll [MD5.00000000000000000000000000000000] - |D| - [21/06/2016 09:12:47] - [60 Ko] - C:\Windows\SysWOW64\beidpp [MD5.6997A16E11593D001F27B0E7DB7EB69B] - |A| - [20/05/2016 10:27:52] - (.Copyright (C) 2015 - pkcs11 Dynamic Link Library.) - [329.5 Ko] - (4.1.18.1730) - C:\Windows\SysWOW64\beid_ff_pkcs11.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [173 Ko] - C:\Windows\SysWOW64\bg-BG [MD5.114E9DE7781BEE1FF4738658C12C013A] - |A| - [20/08/2013 07:32:34] - (.Copyright Brother Industries, Ltd 2004 - brlm03a.) - [24.71 Ko] - (1.0.6.4) - C:\Windows\SysWOW64\BRLM03A.DLL [MD5.822B31A9FC679366560BC4D416BBBB0E] - |A| - [20/08/2013 07:32:48] - (.Copyright (C) 2003,2004 Brother Industries, Ltd. - Wraper DLL for brlm03a(NT/2K/XP) / brif03a(9x).) - [76 Ko] - (1.0.0.182) - C:\Windows\SysWOW64\BRLMW03A.DLL [MD5.C0497C30E6976143CB46C016E8333707] - |A| - [20/08/2013 07:32:46] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\BRLMW03A.INI [MD5.38E5E24BEDE6F59AFC648CB7EF897D69] - |A| - [20/08/2013 07:32:48] - (.Copyright (C) 1999-2008 Brother Industries, Ltd. - BrMuSNMP.) - [176 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\BROSNMP.DLL [MD5.6F25A4E12EF09A37C3EAC2ACD9BE8FF2] - |A| - [20/08/2013 07:32:44] - (.Copyright (C) 2008-2012 Brother Industries, Ltd. - Brother Printer Driver Setting Controller.) - [49.5 Ko] - (2.0.0.0) - C:\Windows\SysWOW64\BRPRTINK.DLL [MD5.043B27A3D5E63CDF711D8BE500C5AFB3] - |A| - [20/08/2013 07:32:48] - (.Copyright (C) 2000-2012 Brother Industries Ltd. - brrbtool.) - [111.08 Ko] - (0.1.7.1) - C:\Windows\SysWOW64\BRRBTOOL.EXE [MD5.954388D98B5CBFA1D32C5D43D5FA5275] - |A| - [20/08/2013 07:32:34] - (.-.) - [44 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\BRTCPCON.DLL [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot2 [MD5.FE02416988970A924C302C8E448BB703] - |A| - [09/05/2012 18:15:01] - (.-.) - [72 Ko] - (1.0.62.0) - C:\Windows\SysWOW64\CmdRtr.DLL [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [302.5 Ko] - C:\Windows\SysWOW64\com [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [14784.39 Ko] - C:\Windows\SysWOW64\config [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [427.5 Ko] - C:\Windows\SysWOW64\cs-CZ [MD5.B9A550873AB27DB299AEA3D9DE5489D4] - |A| - [09/05/2012 17:28:29] - (.Copyright 2008 - CSVer.) - [52 Ko] - (9.2.0.1015) - C:\Windows\SysWOW64\CSVer.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [422.5 Ko] - C:\Windows\SysWOW64\da-DK [MD5.87A2ADF125BE51CDD5D8D3843E0F0B7E] - |A| - [15/04/2014 20:28:04] - (.-.) - [71.47 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\dao2535.tlb [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [452 Ko] - C:\Windows\SysWOW64\de-DE [MD5.00000000000000000000000000000000] - |D| - [09/05/2012 18:03:52] - [137.73 Ko] - C:\Windows\SysWOW64\Dell [MD5.D27959321703B70120025A9356E89A7D] - |A| - [22/07/2012 00:45:55] - (.Copyright © 2000-2002 - DevIL: A portable image library in development.) - [703 Ko] - (0.1.6.5) - C:\Windows\SysWOW64\devil.dll [MD5.00000000000000000000000000000000] - |D| - [15/04/2014 21:46:17] - [0 Ko] - C:\Windows\SysWOW64\directx [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [4156 Ko] - C:\Windows\SysWOW64\Dism [MD5.079525F2434437FA1624285657B617BD] - |A| - [22/07/2012 00:44:47] - (.Copyright(c) RealNetworks, Inc. 1995-2004, - RealNetworks RealVideo 8+9+10.) - [320.07 Ko] - (10.0.0.938) - C:\Windows\SysWOW64\drvc.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [451.5 Ko] - C:\Windows\SysWOW64\el-GR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [2845.59 Ko] - C:\Windows\SysWOW64\en-US [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [443 Ko] - C:\Windows\SysWOW64\es-ES [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [160.5 Ko] - C:\Windows\SysWOW64\et-EE [MD5.8A98241E75F876050610EB60AE598A0C] - |A| - [15/04/2014 20:34:35] - (.-.) - [0.49 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\FeAnim.ini [MD5.C7B5C1D376542A1E5518A2BA1656D8B5] - |A| - [15/04/2014 20:34:35] - (.-.) - [0.56 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\FeMakro.ini [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [425 Ko] - C:\Windows\SysWOW64\fi-FI [MD5.8B1259955295F0610577C25D010891FF] - |A| - [15/04/2014 20:28:04] - (.Copyright 2003-2005 -.) - [1876 Ko] - (4.4.0.0) - C:\Windows\SysWOW64\FlexCell.ocx [MD5.00000000000000000000000000000000] - |D| - [10/05/2012 02:00:42] - [1680 Ko] - C:\Windows\SysWOW64\fr [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [37747.98 Ko] - C:\Windows\SysWOW64\fr-FR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\SysWOW64\FxsTmp [MD5.498BD12B38B549887D9E856EB734354E] - |A| - [01/06/2012 22:19:16] - (.Copyright © 2000-2012 GEAR Software Inc. - GEARAspi.) - [104.42 Ko] - (2.1.3.1) - C:\Windows\SysWOW64\GEARAspi.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [191.5 Ko] - C:\Windows\SysWOW64\he-IL [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [168 Ko] - C:\Windows\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [429 Ko] - C:\Windows\SysWOW64\hu-HU [MD5.F4D500D9ADC17058F2A8C31F01FDE592] - |A| - [22/07/2012 00:45:54] - (.www.helixcommunity.org - Helix I420 YUV Codec.) - [69 Ko] - (1.2.0.0) - C:\Windows\SysWOW64\i420vfw.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [36.27 Ko] - C:\Windows\SysWOW64\icsxml [MD5.D5A05EB14FEA2A52A1CE8580B3FF7486] - |A| - [15/04/2014 20:28:07] - (.Copyright(c) 1997-2006 Infragistics, Inc. - ActiveThreed Controls.) - [341.64 Ko] - (4.0.1.14) - C:\Windows\SysWOW64\IGThreed40.ocx [MD5.79C7F1AE292CC1C027058FFC856A7996] - |A| - [15/04/2014 20:28:07] - (.Copyright(c) 1997-2006 Infragistics, Inc. - ActiveToolBars Plus Control.) - [485.63 Ko] - (5.0.2.11) - C:\Windows\SysWOW64\IGToolBars50.ocx [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [34097.44 Ko] - C:\Windows\SysWOW64\IME [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\inetsrv [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1160 Ko] - C:\Windows\SysWOW64\InstallShield [MD5.AF18A47087A012C469381B6759AAF6F3] - |A| - [15/04/2014 20:28:04] - (.-.) - [1.72 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\iobjsafe.tlb [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [447 Ko] - C:\Windows\SysWOW64\it-IT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [361 Ko] - C:\Windows\SysWOW64\ja-JP [MD5.52C8B9FD016E6317FDB151296FF90877] - |A| - [06/11/2014 18:45:07] - (.Copyright © 2015 - Java(TM) Web Start Launcher.) - [265.91 Ko] - (11.31.2.13) - C:\Windows\SysWOW64\javaws.exe [MD5.65B8F33B13A35DA828673BED9DEA586A] - |A| - [26/06/2012 21:54:32] - (.-.) - [2.96 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\jupdate-1.7.0_05-b05.log [MD5.9535A33D427AB6A1C6BBD0696BA1E98D] - |A| - [24/10/2012 22:04:21] - (.-.) - [4.13 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\jupdate-1.7.0_09-b05.log [MD5.906D2362553419A0A2FE1E80C122917C] - |A| - [16/01/2013 14:58:32] - (.-.) - [4.44 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\jupdate-1.7.0_11-b21.log [MD5.43E1DADA8C90A43B44B4EC978596709A] - |A| - [15/05/2013 20:09:06] - (.-.) - [3.92 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\jupdate-1.7.0_21-b11.log [MD5.E84A35277D82E0FFC89E25827F601926] - |A| - [22/10/2013 18:46:16] - (.-.) - [4.75 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log [MD5.B9843CE0489B65129694CF52D4861070] - |A| - [31/01/2014 00:54:45] - (.-.) - [5.26 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log [MD5.07F8B49FF7CC57C2269BFED686429ADD] - |A| - [22/04/2014 14:35:35] - (.-.) - [4.21 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log [MD5.0D11C800E6666169961F6A1D9F6336E3] - |A| - [23/07/2014 23:55:51] - (.-.) - [4.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [356.5 Ko] - C:\Windows\SysWOW64\ko-KR [MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [14/07/2009 04:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\korwbrkr.lex [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [09/05/2012 17:33:29] - (.-.) - [0.02 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\log.txt [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\SysWOW64\LogFiles [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [165 Ko] - C:\Windows\SysWOW64\lt-LT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [166 Ko] - C:\Windows\SysWOW64\lv-LV [MD5.DA087A4040CF247917D4A3DDB0CC7388] - |A| - [09/05/2007 21:48:20] - (.(c) 1996-2007 Logitech. - Video Codec.) - [406.78 Ko] - (11.0.0.1213) - C:\Windows\SysWOW64\lvcodec2.dll [MD5.09B25A2909AA746910B1F3C1584C3983] - |A| - [09/05/2007 21:51:12] - (.(c) 1996-2007 Logitech. - Logitech Camera Property Pages.) - [478.78 Ko] - (11.0.0.1213) - C:\Windows\SysWOW64\LVUI2.dll [MD5.317F647DCD5AAA0F27691FF9C5D467AF] - |A| - [09/05/2007 21:51:22] - (.(c) 1996-2007 Logitech. - Logitech Camera Property Pages.) - [454.78 Ko] - (11.0.0.1213) - C:\Windows\SysWOW64\LVUI2RC.dll [MD5.00000000000000000000000000000000] - |D| - [09/05/2012 17:18:18] - [66044.32 Ko] - C:\Windows\SysWOW64\Macromed [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1968.26 Ko] - C:\Windows\SysWOW64\manifeststore [MD5.98071B6EE16AA76DABFF377A5DC69C86] - |A| - [14/07/2009 06:55:01] - (.-.) - [0.52 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mapisvc.inf [MD5.D4EF656D9C071154E0DFD6743F44FF3F] - |A| - [15/04/2014 20:28:04] - (.Copyright © 1997 - mbctrl ActiveX Control Module.) - [75.5 Ko] - (1.0.0.4) - C:\Windows\SysWOW64\Mbctrl.ocx [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [3178.93 Ko] - C:\Windows\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [32695.71 Ko] - C:\Windows\SysWOW64\migwiz [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [52.28 Ko] - C:\Windows\SysWOW64\Msdtc [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [24.48 Ko] - C:\Windows\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [418 Ko] - C:\Windows\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [51 Ko] - C:\Windows\SysWOW64\NetworkList [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [438.5 Ko] - C:\Windows\SysWOW64\nl-NL [MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [14/07/2009 04:35:50] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\noise.kor [MD5.E256CF02FDF09732C42AF1C7AB9521DD] - |A| - [04/03/2017 21:40:45] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\nv-vk32.json [MD5.A8D88F8F5B7ACD863C92C138B469D445] - |A| - [15/04/2014 20:28:07] - (.Copyright 2000 ELECO Software GmbH - o2c simple object construction module.) - [912 Ko] - (1.0.1.14) - C:\Windows\SysWOW64\o2cAreas.OCX [MD5.D4DA9A9BD6348DB10F64103E1FCE7EAB] - |A| - [15/04/2014 20:28:06] - (.Copyright © 1999 - 2003 Eleco plc - Display module for O2C 3D objects.) - [1180 Ko] - (1.9.9.165) - C:\Windows\SysWOW64\o2cplayer.ocx [MD5.B77E1AFD4A79C9847EE687537E2F0D2E] - |A| - [15/04/2014 20:28:07] - (.Copyright © 1999 - 2003 Eleco plc - Display module for O2C 3D objects.) - [1181.16 Ko] - (100.99.99.190) - C:\Windows\SysWOW64\O2CPlayerAC.OCX [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [2566.05 Ko] - C:\Windows\SysWOW64\oobe [MD5.1604D12F3E637C3EF7895910E75C0794] - |A| - [21/06/2012 10:37:14] - (.-.) - [3092.57 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\pbsvc.exe [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 23:17:19] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfCenterCpl.ico [MD5.61AA2B466B8258B57B1597F9FEB77349] - |A| - [17/12/2012 12:58:26] - (.-.) - [1605.19 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [434 Ko] - C:\Windows\SysWOW64\pl-PL [MD5.13001EB0A58B4DE96126B16AB15FD8CC] - |A| - [22/07/2012 00:44:47] - (.Copyright (C) Real Networks 1999 - Real Networks C/C++ Runtime Library.) - [272 Ko] - (6.0.0.0) - C:\Windows\SysWOW64\pncrt.dll [MD5.5564EE004708EBB76086F6D66ACF60FF] - |A| - [05/11/2012 23:42:15] - (.-.) - [275.09 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PnkBstrB.ex0 [MD5.5564EE004708EBB76086F6D66ACF60FF] - |A| - [06/12/2012 01:34:21] - (.-.) - [275.09 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PnkBstrB.xtr [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 09:06:51] - [420.42 Ko] - C:\Windows\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [431 Ko] - C:\Windows\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [433 Ko] - C:\Windows\SysWOW64\pt-PT [MD5.609FCB19EEEE6EB1FF57EC14DDDE0D01] - |A| - [15/04/2014 20:28:07] - (.Copyright © 2000 - Infragistics Numeric Control.) - [160 Ko] - (8.0.4.2) - C:\Windows\SysWOW64\PVNum.ocx [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [23.75 Ko] - C:\Windows\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0.64 Ko] - C:\Windows\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\SysWOW64\restore [MD5.E63120B36817E7236F60B60CB0FDD557] - |A| - [27/12/2014 00:56:24] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RKey.dat [MD5.B569692BB32DBB069512F65E131CA7BD] - |AH| - [18/12/2016 18:52:51] - (.-.) - [0.06 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1176_3588.freespace.log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [169 Ko] - C:\Windows\SysWOW64\ro-RO [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [429.5 Ko] - C:\Windows\SysWOW64\ru-RU [MD5.86A6E106E64FD245FC2009FF7A977186] - |A| - [21/03/2017 05:12:02] - (.Copyright (c) 2011-2015 Razer Inc. - Razer Chroma API.) - [47.63 Ko] - (1.0.8.1) - C:\Windows\SysWOW64\RzAPIChromaSDK.dll [MD5.EC83FB2E4432562D6248A36211BF8D9E] - |A| - [22/02/2016 04:25:54] - (.Copyright © 2016 Razer Inc. All rights reserved - Razer Audio Manager.) - [498 Ko] - (1.0.45.2) - C:\Windows\SysWOW64\rzaudiodll.dll [MD5.569CF215274D7C29D9DDA0A36CAE287B] - |A| - [10/02/2016 07:25:38] - (.Copyright © 2015 Razer Inc. All rights reserved - Razer RzBtle Manager.) - [91 Ko] - (1.0.45.0) - C:\Windows\SysWOW64\RzBTLE.dll [MD5.575CB87BE03AED5BFF95DFDBC624A8C7] - |A| - [21/03/2017 05:12:00] - (.Copyright (c) 2011-2015 Razer Inc. - Razer Chroma SDK.) - [102.63 Ko] - (1.0.10.2) - C:\Windows\SysWOW64\RzChromaSDK.dll [MD5.C26643935137D005CDE3126A88271C05] - |A| - [22/02/2016 04:25:54] - (.Copyright © 2016 Razer Inc. All rights reserved - Razer RzDeviceDLL Manager.) - [1324 Ko] - (1.0.45.2) - C:\Windows\SysWOW64\rzdevicedll.dll [MD5.1987E86DCBEF29B9ABFF648303BDAF16] - |A| - [14/03/2016 07:36:22] - (.Copyright © 2016 Razer Inc. All rights reserved - Razer RzDeviceDLL Manager.) - [95.46 Ko] - (1.0.45.6) - C:\Windows\SysWOW64\rzdevinfo.dll [MD5.EF487F6DCB4D33C634284E07F3CC6D2C] - |A| - [10/02/2016 07:24:02] - (.Copyright © 2015 Razer Inc. All rights reserved - Razer RzDisplayDLL Manager.) - [114.5 Ko] - (1.0.45.0) - C:\Windows\SysWOW64\rzdisplaydll.dll [MD5.486F30D8C87A028CAFF6BD1C9C170941] - |A| - [09/01/2017 05:46:26] - (.Copyright (C) 2015 - Razer Analytics IPC.) - [15.45 Ko] - (1.0.0.5) - C:\Windows\SysWOW64\RzStats.IPC.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/04/2016 21:15:54] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RzSurroundVADAudioDeviceManager_log.txt [MD5.7FB80EF701234920AAF9C12F597A9D87] - |A| - [10/02/2016 07:24:06] - (.Copyright © 2015 Razer Inc. All rights reserved - Razer RzTouchDll.) - [152 Ko] - (1.0.45.0) - C:\Windows\SysWOW64\rztouchdll.dll [MD5.89176F54E33F4477FBB6301715BC30F1] - |A| - [09/03/2016 09:48:42] - (.Copyright (c) 2015 Razer Inc. - RzVAD.) - [139.45 Ko] - (1.5.4.0) - C:\Windows\SysWOW64\RzVAD.dll [MD5.80274D1F238B3DA2335DD9D2F1A2F9CC] - |A| - [22/02/2016 04:26:06] - (.Copyright © 2016 Razer Inc. All rights reserved - Razer RzVirtualDev Manager.) - [101 Ko] - (1.0.45.2) - C:\Windows\SysWOW64\rzvirtualdev.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [169.5 Ko] - C:\Windows\SysWOW64\sk-SK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [166 Ko] - C:\Windows\SysWOW64\sl-SI [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 09:06:51] - [42.67 Ko] - C:\Windows\SysWOW64\slmgr [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [2803 Ko] - C:\Windows\SysWOW64\Speech [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1142.37 Ko] - C:\Windows\SysWOW64\spp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [30.19 Ko] - C:\Windows\SysWOW64\sppui [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [170 Ko] - C:\Windows\SysWOW64\sr-Latn-CS [MD5.49278B08E16800C3E7C59616FD779A45] - |A| - [15/04/2014 20:28:06] - (.Copyright(c) 1991-2000 Infragistics, Inc. - ActiveThreed Controls.) - [341.77 Ko] - (3.0.3.8) - C:\Windows\SysWOW64\ssa3d30.ocx [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [421.5 Ko] - C:\Windows\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 09:06:51] - [0 Ko] - C:\Windows\SysWOW64\sysprep [MD5.D7DFAA3EFB31CBCFA4454A79DF5399EB] - |A| - [01/11/2006 15:25:18] - (.-.) - [1.88 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\SysPro.inf [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [157 Ko] - C:\Windows\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [419 Ko] - C:\Windows\SysWOW64\tr-TR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [166.5 Ko] - C:\Windows\SysWOW64\uk-UA [MD5.BAD2BCB798B49A56B70A459A30DD93D1] - |A| - [09/05/2012 17:31:33] - (.-.) - [0.45 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\vcredist_x64.bat [MD5.15BD0F8D507546F512EE5D73C3721FA8] - |A| - [14/07/2009 04:35:41] - (.Copyright © 2000 - vfpodbc.) - [20.05 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\vfpodbc.dll [MD5.7B3AAC6D2DB9AAB0D1BD0CB753E4AF4D] - |A| - [14/02/2016 03:47:02] - (.-.) - [122.77 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\vulkan-1-1-0-3-0.dll [MD5.4287C9D06A1086CDF75C697A494BE4B7] - |A| - [26/01/2017 02:12:46] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [319 Ko] - (1.0.39.1) - C:\Windows\SysWOW64\vulkan-1-1-0-39-1.dll [MD5.4287C9D06A1086CDF75C697A494BE4B7] - |A| - [27/09/2016 11:06:21] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [319 Ko] - (1.0.39.1) - C:\Windows\SysWOW64\vulkan-1.dll [MD5.9D33E598C94B522D780B8023F9F5A207] - |A| - [14/02/2016 03:45:46] - (.-.) - [41.27 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\vulkaninfo-1-1-0-3-0.exe [MD5.BB0B3644D206847B9E39745E7A25BC64] - |A| - [26/01/2017 02:13:16] - (.-.) - [101.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\vulkaninfo-1-1-0-39-1.exe [MD5.BB0B3644D206847B9E39745E7A25BC64] - |A| - [27/09/2016 11:06:21] - (.-.) - [101.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [15/05/2012 21:10:35] - [237.33 Ko] - C:\Windows\SysWOW64\Wat [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [9057.18 Ko] - C:\Windows\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 09:06:51] - [47.61 Ko] - C:\Windows\SysWOW64\WCN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [101.23 Ko] - C:\Windows\SysWOW64\wdi [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [9079.89 Ko] - C:\Windows\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 09:06:51] - [106.26 Ko] - C:\Windows\SysWOW64\winrm [MD5.00000000000000000000000000000000] - |D| - [05/06/2013 18:29:33] - [137.63 Ko] - C:\Windows\SysWOW64\xlive [MD5.A96108D16C92DCC2CE5C9B8856575CA7] - |A| - [28/09/2011 17:44:14] - (.-.) - [175.07 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xlive.dll.cat [MD5.CF3003C6C8C1340AA0864FD2BBDC20AD] - |A| - [15/04/2014 20:28:07] - (.Copyright (C) 2003 - XLS DLL.) - [108 Ko] - (1.0.0.1) - C:\Windows\SysWOW64\xls.dll [MD5.00000000000000000000000000000000] - |D| - [10/05/2012 02:00:42] - [10.16 Ko] - C:\Windows\SysWOW64\XPSViewer [MD5.7029A7634C8DFA8EE619E79B1B9A378F] - |A| - [22/07/2012 00:45:54] - (.www.helixcommunity.org - Helix YV12 YUV Codec.) - [69 Ko] - (1.2.0.0) - C:\Windows\SysWOW64\yv12vfw.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [333.5 Ko] - C:\Windows\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [255.5 Ko] - C:\Windows\SysWOW64\zh-HK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [334 Ko] - C:\Windows\SysWOW64\zh-TW ---------- | Shell Folders [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "!Do not use this registry key"=Use the SHGetFolderPath or SHGetKnownFolderPath function instead "AppData"=C:\Users\Maestro\AppData\Roaming [09/05/2012 16:09:47] "Local AppData"=C:\Users\Maestro\AppData\Local [09/05/2012 16:09:47] "My Video"=C:\Users\Maestro\Videos [09/05/2012 16:09:47] "{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"=C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Libraries [09/05/2012 16:10:03] "My Pictures"=C:\Users\Maestro\Pictures [09/05/2012 16:09:47] "Desktop"=C:\Users\Maestro\Desktop [09/05/2012 16:09:47] "History"=C:\Users\Maestro\AppData\Local\Microsoft\Windows\History [09/05/2012 16:09:47] "NetHood"=C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Network Shortcuts [09/05/2012 16:09:47] "{56784854-C6CB-462B-8169-88E350ACB882}"=C:\Users\Maestro\Contacts [09/05/2012 16:09:54] "Cookies"=C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Cookies [09/05/2012 16:09:47] "Favorites"=C:\Users\Maestro\Favorites [09/05/2012 16:09:47] "SendTo"=C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\SendTo [09/05/2012 16:09:47] "Start Menu"=C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Start Menu [09/05/2012 16:09:47] "My Music"=C:\Users\Maestro\Music [09/05/2012 16:09:47] "Programs"=C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [09/05/2012 16:09:47] "Recent"=C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Recent [09/05/2012 16:09:47] "CD Burning"=C:\Users\Maestro\AppData\Local\Microsoft\Windows\Burn\Burn [09/05/2012 16:10:10] "PrintHood"=C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Printer Shortcuts [09/05/2012 16:09:47] "{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"=C:\Users\Maestro\Searches [09/05/2012 16:10:03] "{374DE290-123F-4565-9164-39C4925E467B}"=C:\Users\Maestro\Downloads [09/05/2012 16:09:47] "{A520A1A4-1780-4FF6-BD18-167343C5AF16}"=C:\Users\Maestro\AppData\LocalLow [09/05/2012 16:09:47] "Startup"=C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [09/05/2012 16:10:03] "Administrative Tools"=C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [09/05/2012 16:10:03] "Personal"=C:\Users\Maestro\Documents [09/05/2012 16:09:47] "{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"=C:\Users\Maestro\Links [09/05/2012 16:09:47] "Cache"=C:\Users\Maestro\AppData\Local\Microsoft\Windows\Temporary Internet Files [09/05/2012 16:09:47] "Templates"=C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Templates [09/05/2012 16:09:47] "{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"=C:\Users\Maestro\Saved Games [09/05/2012 16:09:47] "Fonts"=C:\Windows\Fonts [14/07/2009 05:20:09] [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "AppData"=%USERPROFILE%\AppData\Roaming "Cache"=%USERPROFILE%\AppData\Local\Microsoft\Windows\Temporary Internet Files "Cookies"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Cookies "Desktop"=%USERPROFILE%\Desktop "Favorites"=%USERPROFILE%\Favorites "History"=%USERPROFILE%\AppData\Local\Microsoft\Windows\History "Local AppData"=%USERPROFILE%\AppData\Local "My Music"=%USERPROFILE%\Music "My Pictures"=%USERPROFILE%\Pictures "My Video"=%USERPROFILE%\Videos "NetHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts "Personal"=%USERPROFILE%\Documents "Programs"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs "Recent"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent "SendTo"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo "Startup"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup "Start Menu"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu "Templates"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates "{374DE290-123F-4565-9164-39C4925E467B}"=%USERPROFILE%\Downloads "PrintHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Desktop"=C:\Users\Public\Desktop [14/07/2009 05:20:08] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 05:20:08] "CommonVideo"=C:\Users\Public\Videos [14/07/2009 05:20:08] "CommonPictures"=C:\Users\Public\Pictures [14/07/2009 05:20:08] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 05:20:08] "CommonMusic"=C:\Users\Public\Music [14/07/2009 05:20:08] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [14/07/2009 07:32:38] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 05:20:08] "Common Documents"=C:\Users\Public\Documents [14/07/2009 05:20:08] "OEM Links"=C:\ProgramData\OEM Links "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [14/07/2009 05:20:08] "Common AppData"=C:\ProgramData [14/07/2009 05:20:08] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "CommonPictures"=%PUBLIC%\Pictures "CommonMusic"=%PUBLIC%\Music "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common AppData"=%ProgramData% "Common Templates"=%ProgramData%\Microsoft\Windows\Templates [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Desktop"=C:\Users\Public\Desktop [14/07/2009 05:20:08] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 05:20:08] "CommonVideo"=C:\Users\Public\Videos [14/07/2009 05:20:08] "CommonPictures"=C:\Users\Public\Pictures [14/07/2009 05:20:08] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 05:20:08] "CommonMusic"=C:\Users\Public\Music [14/07/2009 05:20:08] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [14/07/2009 07:32:38] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 05:20:08] "Common Documents"=C:\Users\Public\Documents [14/07/2009 05:20:08] "OEM Links"=C:\ProgramData\OEM Links "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [14/07/2009 05:20:08] "Common AppData"=C:\ProgramData [14/07/2009 05:20:08] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "CommonPictures"=%PUBLIC%\Pictures "CommonMusic"=%PUBLIC%\Music "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common AppData"=%ProgramData% "Common Templates"=%ProgramData%\Microsoft\Windows\Templates ---------- | [Maestro] [09/05/2012 16:09:47] - |D| - [304991093703] - C:\Users\Maestro\AppData\Local [09/05/2012 16:09:47] - |D| - [30288470] - C:\Users\Maestro\AppData\LocalLow [20/02/2016 19:55:43] - |A| - [12188] - C:\Users\Maestro\AppData\Localtransition_255a0a7e49dd836d3acab57fcc79eb10.ini [04/12/2014 23:38:35] - |A| - [10700] - C:\Users\Maestro\AppData\Localtransition_de5b5ee88154afeabefe8f879e75e9cf.ini [09/05/2012 16:09:47] - |D| - [4070739578] - C:\Users\Maestro\AppData\Roaming [07/01/2017 16:06:14] - |D| - [14063] - C:\Users\Maestro\AppData\Temp [22/06/2012 12:19:58] - |D| - [41800567] - C:\Users\Maestro\AppData\Local\Adobe [04/12/2014 23:38:24] - |D| - [11867383] - C:\Users\Maestro\AppData\Local\Ankama [01/06/2012 22:17:41] - |D| - [0] - C:\Users\Maestro\AppData\Local\Apple [01/06/2012 22:19:18] - |D| - [105618115] - C:\Users\Maestro\AppData\Local\Apple Computer [09/05/2012 16:09:47] - |SHD| - [276581583756] - C:\Users\Maestro\AppData\Local\Application Data [09/05/2012 17:19:48] - |D| - [9336375] - C:\Users\Maestro\AppData\Local\Apps [25/12/2015 13:25:12] - |D| - [419460430] - C:\Users\Maestro\AppData\Local\Battle.net [27/01/2014 03:36:32] - |D| - [122860] - C:\Users\Maestro\AppData\Local\Blizzard [23/01/2014 13:56:06] - |D| - [50925] - C:\Users\Maestro\AppData\Local\Blizzard Entertainment [15/10/2014 23:50:49] - |D| - [0] - C:\Users\Maestro\AppData\Local\Bluestacks [09/05/2012 17:49:28] - |D| - [0] - C:\Users\Maestro\AppData\Local\Broadcom [01/02/2016 21:15:07] - |D| - [15245257] - C:\Users\Maestro\AppData\Local\CEF [07/01/2017 16:21:20] - |D| - [40] - C:\Users\Maestro\AppData\Local\Chromium [09/05/2012 17:19:54] - |D| - [1509584] - C:\Users\Maestro\AppData\Local\Citrix [07/03/2016 21:12:22] - |D| - [22054877] - C:\Users\Maestro\AppData\Local\Colossal Order [21/12/2015 23:50:25] - |D| - [0] - C:\Users\Maestro\AppData\Local\CrashDumps [11/05/2012 01:20:50] - |A| - [3584] - C:\Users\Maestro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [09/05/2012 19:48:59] - |D| - [22785656] - C:\Users\Maestro\AppData\Local\Dell [09/05/2012 17:19:48] - |D| - [0] - C:\Users\Maestro\AppData\Local\Deployment [09/05/2012 16:12:47] - |D| - [0] - C:\Users\Maestro\AppData\Local\Diagnostics [09/05/2012 17:15:02] - |D| - [96921088] - C:\Users\Maestro\AppData\Local\Downloaded Installations [22/11/2014 15:19:01] - |SHD| - [0] - C:\Users\Maestro\AppData\Local\EmieBrowserModeList [30/07/2014 14:40:02] - |SHD| - [0] - C:\Users\Maestro\AppData\Local\EmieSiteList [30/07/2014 14:40:02] - |SHD| - [0] - C:\Users\Maestro\AppData\Local\EmieUserList [14/07/2012 21:56:49] - |D| - [174547] - C:\Users\Maestro\AppData\Local\Facebook [15/10/2012 11:59:35] - |D| - [1668109] - C:\Users\Maestro\AppData\Local\FLT [24/04/2017 21:33:17] - |A| - [126120] - C:\Users\Maestro\AppData\Local\GDIPFONTCACHEV1.DAT [17/03/2016 13:10:29] - |D| - [1410284] - C:\Users\Maestro\AppData\Local\Glyph [09/05/2012 19:23:24] - |D| - [984684034] - C:\Users\Maestro\AppData\Local\Google [17/07/2015 13:52:19] - |D| - [71] - C:\Users\Maestro\AppData\Local\GWX [09/05/2012 16:09:47] - |SHD| - [290] - C:\Users\Maestro\AppData\Local\Historique [28/03/2017 21:06:06] - |AH| - [4121930] - C:\Users\Maestro\AppData\Local\IconCache.db [24/07/2012 00:18:40] - |D| - [5621] - C:\Users\Maestro\AppData\Local\libimobiledevice [10/03/2016 22:06:24] - |D| - [0] - C:\Users\Maestro\AppData\Local\Logishrd [25/07/2012 23:59:07] - |D| - [2914129] - C:\Users\Maestro\AppData\Local\Logitech® Webcam Software [09/05/2012 16:09:47] - |D| - [406668110] - C:\Users\Maestro\AppData\Local\Microsoft [16/03/2013 00:14:23] - |D| - [77164] - C:\Users\Maestro\AppData\Local\Microsoft Help [30/07/2012 16:45:43] - |D| - [0] - C:\Users\Maestro\AppData\Local\My Games [22/04/2013 13:04:26] - |D| - [404577950] - C:\Users\Maestro\AppData\Local\NVIDIA [19/11/2013 18:57:39] - |D| - [104722599] - C:\Users\Maestro\AppData\Local\NVIDIA Corporation [21/06/2016 09:17:24] - |D| - [2745812] - C:\Users\Maestro\AppData\Local\Package Cache [27/03/2013 19:32:44] - |D| - [0] - C:\Users\Maestro\AppData\Local\Programs [06/12/2012 01:34:14] - |D| - [2865399] - C:\Users\Maestro\AppData\Local\PunkBuster [19/04/2016 14:45:01] - |D| - [176225102] - C:\Users\Maestro\AppData\Local\Razer [19/04/2016 14:38:33] - |D| - [864] - C:\Users\Maestro\AppData\Local\Razer_Inc [18/12/2015 11:28:49] - |A| - [7609] - C:\Users\Maestro\AppData\Local\Resmon.ResmonCfg [14/11/2013 21:46:18] - |A| - [0] - C:\Users\Maestro\AppData\Local\rx_image32.Cache [19/04/2016 14:53:29] - |D| - [1367] - C:\Users\Maestro\AppData\Local\RzStats [30/07/2012 16:42:23] - |D| - [37] - C:\Users\Maestro\AppData\Local\SKIDROW [29/09/2016 10:48:04] - |D| - [4887745] - C:\Users\Maestro\AppData\Local\Skype [09/06/2012 02:34:27] - |D| - [8363943] - C:\Users\Maestro\AppData\Local\Sonic_Solutions [01/02/2016 21:15:05] - |D| - [329714402] - C:\Users\Maestro\AppData\Local\Steam [09/05/2012 16:09:47] - |D| - [9727636] - C:\Users\Maestro\AppData\Local\Temp [09/05/2012 16:09:47] - |SHD| - [128] - C:\Users\Maestro\AppData\Local\Temporary Internet Files [13/12/2012 14:33:58] - |D| - [2206388] - C:\Users\Maestro\AppData\Local\TomTom [12/09/2014 21:19:26] - |D| - [352] - C:\Users\Maestro\AppData\Local\Turtle_Beach [19/12/2013 14:36:52] - |D| - [1477] - C:\Users\Maestro\AppData\Local\Ubisoft [05/11/2012 23:43:53] - |D| - [2396] - C:\Users\Maestro\AppData\Local\Ubisoft Game Launcher [21/06/2016 09:17:26] - |D| - [3715062] - C:\Users\Maestro\AppData\Local\VASCO [06/04/2014 15:31:13] - |D| - [488948718] - C:\Users\Maestro\AppData\Local\Viber [09/05/2012 16:09:53] - |D| - [24583333309] - C:\Users\Maestro\AppData\Local\VirtualStore [15/06/2012 00:44:19] - |D| - [141217688] - C:\Users\Maestro\AppData\Local\Windows Live [29/07/2012 20:05:58] - |D| - [442070] - C:\Users\Maestro\AppData\Local\WinZip [24/04/2017 18:04:19] - |D| - [162404] - C:\Users\Maestro\AppData\Local\ZHP [22/06/2012 12:19:58] - |D| - [467257] - C:\Users\Maestro\AppData\LocalLow\Adobe [22/11/2014 15:18:50] - |SHD| - [0] - C:\Users\Maestro\AppData\LocalLow\EmieBrowserModeList [09/08/2014 00:53:54] - |SHD| - [0] - C:\Users\Maestro\AppData\LocalLow\EmieSiteList [09/08/2014 00:53:54] - |SHD| - [0] - C:\Users\Maestro\AppData\LocalLow\EmieUserList [09/05/2012 17:16:57] - |D| - [335726] - C:\Users\Maestro\AppData\LocalLow\Microsoft [09/05/2012 20:27:07] - |D| - [22876160] - C:\Users\Maestro\AppData\LocalLow\Oracle [01/02/2016 23:35:58] - |D| - [846] - C:\Users\Maestro\AppData\LocalLow\Payload [22/12/2015 13:25:48] - |D| - [2194209] - C:\Users\Maestro\AppData\LocalLow\PCDr [09/05/2012 20:26:27] - |D| - [4414272] - C:\Users\Maestro\AppData\LocalLow\Sun [29/07/2012 20:05:34] - |D| - [0] - C:\Users\Maestro\AppData\LocalLow\Temp [07/03/2016 21:12:24] - |D| - [0] - C:\Users\Maestro\AppData\Roaming\.mono [09/05/2012 17:18:21] - |D| - [6415177] - C:\Users\Maestro\AppData\Roaming\Adobe [01/06/2012 22:19:18] - |D| - [3378275863] - C:\Users\Maestro\AppData\Roaming\Apple Computer [25/07/2013 21:38:01] - |D| - [2830] - C:\Users\Maestro\AppData\Roaming\Audacity [11/12/2013 01:48:01] - |D| - [9124021] - C:\Users\Maestro\AppData\Roaming\Awesomium [23/07/2016 12:29:56] - |D| - [82437] - C:\Users\Maestro\AppData\Roaming\BACS.exe [25/12/2015 13:25:12] - |D| - [10288] - C:\Users\Maestro\AppData\Roaming\Battle.net [07/01/2017 15:35:01] - |D| - [195559] - C:\Users\Maestro\AppData\Roaming\Bitdefender [11/03/2016 21:20:43] - |D| - [14078] - C:\Users\Maestro\AppData\Roaming\com.playa-games.sfgame [13/09/2012 22:32:27] - |D| - [2103843] - C:\Users\Maestro\AppData\Roaming\DAEMON Tools Lite [09/05/2012 18:17:43] - |D| - [940301] - C:\Users\Maestro\AppData\Roaming\Dell [09/05/2012 18:17:44] - |D| - [0] - C:\Users\Maestro\AppData\Roaming\Dell Touch Zone [15/06/2014 00:28:17] - |D| - [70736] - C:\Users\Maestro\AppData\Roaming\Dropbox [08/08/2012 00:07:02] - |D| - [203] - C:\Users\Maestro\AppData\Roaming\dvdcss [15/04/2014 20:35:16] - |D| - [61] - C:\Users\Maestro\AppData\Roaming\EASYTools [09/05/2012 19:50:06] - |D| - [13312] - C:\Users\Maestro\AppData\Roaming\Fingertapps [06/11/2016 16:19:40] - |D| - [2016368] - C:\Users\Maestro\AppData\Roaming\FiraxisLive [15/04/2014 22:04:25] - |D| - [0] - C:\Users\Maestro\AppData\Roaming\Google [14/02/2014 22:36:23] - |D| - [43260776] - C:\Users\Maestro\AppData\Roaming\Guild Wars 2 [09/05/2012 16:09:56] - |D| - [0] - C:\Users\Maestro\AppData\Roaming\Identities [17/05/2012 16:48:45] - |D| - [353] - C:\Users\Maestro\AppData\Roaming\Leadertech [15/04/2014 21:48:00] - |D| - [2259] - C:\Users\Maestro\AppData\Roaming\LiveCAD3 [10/03/2016 21:59:00] - |D| - [143292] - C:\Users\Maestro\AppData\Roaming\Logishrd [17/05/2012 16:48:49] - |D| - [23080] - C:\Users\Maestro\AppData\Roaming\Logitech [18/11/2013 02:54:23] - |D| - [0] - C:\Users\Maestro\AppData\Roaming\LolClient [09/05/2012 17:18:22] - |D| - [511] - C:\Users\Maestro\AppData\Roaming\Macromedia [15/05/2012 20:27:49] - |D| - [299] - C:\Users\Maestro\AppData\Roaming\Macrovision [09/05/2012 16:09:47] - |D| - [0] - C:\Users\Maestro\AppData\Roaming\Media Center Programs [09/05/2012 16:09:47] - |SD| - [9337816] - C:\Users\Maestro\AppData\Roaming\Microsoft [14/07/2012 21:57:36] - |D| - [10598315] - C:\Users\Maestro\AppData\Roaming\NVIDIA [22/12/2015 13:23:36] - |D| - [1360032] - C:\Users\Maestro\AppData\Roaming\PCDr [07/01/2017 15:28:29] - |D| - [0] - C:\Users\Maestro\AppData\Roaming\QuickScan [01/06/2012 22:14:03] - |D| - [3618565] - C:\Users\Maestro\AppData\Roaming\redsn0w [17/03/2016 14:30:59] - |D| - [15003] - C:\Users\Maestro\AppData\Roaming\RIFT [18/11/2013 01:52:02] - |D| - [0] - C:\Users\Maestro\AppData\Roaming\Riot Games [09/05/2012 19:48:29] - |D| - [1360873] - C:\Users\Maestro\AppData\Roaming\Roxio [15/05/2012 20:28:14] - |D| - [0] - C:\Users\Maestro\AppData\Roaming\Roxio Burn [09/05/2012 18:19:56] - |D| - [36633939] - C:\Users\Maestro\AppData\Roaming\Roxio Log Files [13/08/2012 21:46:53] - |D| - [13094085] - C:\Users\Maestro\AppData\Roaming\Skype [07/03/2016 21:12:19] - |D| - [1544] - C:\Users\Maestro\AppData\Roaming\Steam [22/12/2015 12:32:34] - |D| - [0] - C:\Users\Maestro\AppData\Roaming\Sun [01/12/2012 05:40:32] - |D| - [42410] - C:\Users\Maestro\AppData\Roaming\Theta [13/12/2012 14:33:58] - |D| - [38164277] - C:\Users\Maestro\AppData\Roaming\TomTom [07/11/2016 20:33:35] - |D| - [100058] - C:\Users\Maestro\AppData\Roaming\TS3Client [29/07/2012 20:24:17] - |D| - [21032967] - C:\Users\Maestro\AppData\Roaming\uTorrent [06/04/2014 15:31:44] - |D| - [485757127] - C:\Users\Maestro\AppData\Roaming\ViberPC [19/06/2012 16:41:11] - |D| - [1577798] - C:\Users\Maestro\AppData\Roaming\vlc [25/07/2012 23:45:37] - |D| - [7478] - C:\Users\Maestro\AppData\Roaming\WebCam Recorder [19/05/2012 01:12:41] - |D| - [12] - C:\Users\Maestro\AppData\Roaming\WinRAR [19/12/2013 14:36:49] - |SHD| - [43] - C:\Users\Maestro\AppData\Roaming\wyUpdate AU [20/12/2015 20:52:14] - |D| - [5341589] - C:\Users\Maestro\AppData\Roaming\ZHP [09/05/2012 16:10:03] - |ASH| - [174] - C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [09/05/2012 16:09:47] - |SHD| - [24484] - C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [09/05/2012 16:09:47] - |RD| - [24484] - C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [09/05/2012 16:09:47] - |RD| - [14643] - C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [09/05/2012 16:10:03] - |RD| - [174] - C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [18/12/2015 12:22:00] - |D| - [372] - C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell [09/05/2012 16:10:03] - |ASH| - [476] - C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [14/11/2013 01:15:47] - |D| - [216] - C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [09/05/2012 19:24:04] - |A| - [2386] - C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [09/05/2012 16:10:05] - |A| - [1433] - C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [09/05/2012 16:09:47] - |RD| - [580] - C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [09/05/2012 16:10:03] - |RD| - [174] - C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [06/04/2014 15:31:41] - |A| - [1004] - C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk [19/05/2012 01:12:41] - |D| - [3026] - C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [09/05/2012 16:10:03] - |ASH| - [174] - C:\Users\Maestro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] ---------- | C:\ProgramData [07/03/2016 21:12:24] - |D| - [0] - C:\ProgramData\.mono [07/06/2014 15:29:02] - |D| - [5862] - C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [09/05/2012 18:18:54] - |D| - [560895215] - C:\ProgramData\Adobe [14/11/2013 01:15:51] - |D| - [37] - C:\ProgramData\Age of Empires 3 [07/01/2017 15:26:50] - |A| - [47142] - C:\ProgramData\agent.1483795597.bdinstall.bin [17/03/2017 10:34:12] - |A| - [29978] - C:\ProgramData\agent.update.1489739542.bdinstall.bin [01/06/2012 22:16:42] - |D| - [589167430] - C:\ProgramData\Apple [01/06/2012 22:18:48] - |D| - [76755451] - C:\ProgramData\Apple Computer [14/07/2009 07:08:56] - |SHD| - [78531006670] - C:\ProgramData\Application Data [25/12/2015 13:23:15] - |D| - [33979730] - C:\ProgramData\Battle.net [07/01/2017 15:35:49] - |D| - [0] - C:\ProgramData\BDLogging [07/01/2017 15:32:59] - |D| - [5933571] - C:\ProgramData\Bitdefender [07/01/2017 15:26:37] - |D| - [0] - C:\ProgramData\Bitdefender Agent [25/12/2015 13:25:13] - |D| - [104974404] - C:\ProgramData\Blizzard Entertainment [15/10/2014 23:51:21] - |D| - [603344267] - C:\ProgramData\BlueStacks [15/10/2014 23:50:49] - |D| - [0] - C:\ProgramData\BlueStacksSetup [29/12/2014 18:51:27] - |D| - [46] - C:\ProgramData\Brother [09/05/2012 16:09:41] - |SHD| - [10038] - C:\ProgramData\Bureau [31/05/2014 17:05:31] - |D| - [0] - C:\ProgramData\Caphyon [09/05/2012 17:20:29] - |D| - [8143] - C:\ProgramData\Citrix [07/01/2017 15:37:12] - |A| - [368715] - C:\ProgramData\cl.1483795709.bdinstall.bin [09/05/2012 18:14:27] - |D| - [1101] - C:\ProgramData\Creative [13/09/2012 22:34:11] - |D| - [0] - C:\ProgramData\CreativePark [13/09/2012 22:30:48] - |D| - [1734] - C:\ProgramData\DAEMON Tools Lite [09/05/2012 18:17:18] - |D| - [35348656] - C:\ProgramData\Dell [14/07/2009 07:08:56] - |SHD| - [10038] - C:\ProgramData\Desktop [14/07/2009 07:08:56] - |SHD| - [326761123] - C:\ProgramData\Documents [09/03/2015 15:49:02] - |D| - [5862] - C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 [09/05/2012 16:09:41] - |SHD| - [0] - C:\ProgramData\Favoris [14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Favorites [09/05/2012 18:14:04] - |D| - [24076] - C:\ProgramData\FLEXnet [17/03/2016 13:10:29] - |D| - [86] - C:\ProgramData\Glyph [15/04/2014 22:04:25] - |D| - [0] - C:\ProgramData\Google [09/05/2012 18:32:40] - |D| - [3263] - C:\ProgramData\install_clap [26/01/2015 19:20:38] - |D| - [47727743] - C:\ProgramData\Kaspersky Lab [10/03/2016 22:03:46] - |D| - [23420840] - C:\ProgramData\Logishrd [09/05/2012 18:20:53] - |D| - [3553562] - C:\ProgramData\Macrovision [28/05/2014 11:45:27] - |D| - [23365930] - C:\ProgramData\Malwarebytes [09/05/2012 16:09:41] - |SHD| - [572488] - C:\ProgramData\Menu Démarrer [14/07/2009 05:20:08] - |SD| - [573536768] - C:\ProgramData\Microsoft [16/03/2013 00:14:15] - |D| - [89316] - C:\ProgramData\Microsoft Help [09/05/2012 16:09:41] - |SHD| - [0] - C:\ProgramData\Modèles [26/01/2015 19:20:35] - |A| - [262144] - C:\ProgramData\ntuser.dat [26/01/2015 19:20:35] - |ASH| - [5120] - C:\ProgramData\ntuser.dat.LOG1 [26/01/2015 19:20:35] - |ASH| - [0] - C:\ProgramData\ntuser.dat.LOG2 [26/01/2015 19:20:36] - |ASH| - [65536] - C:\ProgramData\ntuser.dat{6f9d4e90-a57e-11e4-9b4d-d4bed989de09}.TM.blf [26/01/2015 19:20:36] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{6f9d4e90-a57e-11e4-9b4d-d4bed989de09}.TMContainer00000000000000000001.regtrans-ms [26/01/2015 19:20:36] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{6f9d4e90-a57e-11e4-9b4d-d4bed989de09}.TMContainer00000000000000000002.regtrans-ms [26/01/2015 19:21:15] - |ASH| - [65536] - C:\ProgramData\ntuser.dat{6f9d4ea4-a57e-11e4-9b4d-d4bed989de09}.TM.blf [26/01/2015 19:21:15] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{6f9d4ea4-a57e-11e4-9b4d-d4bed989de09}.TMContainer00000000000000000001.regtrans-ms [26/01/2015 19:21:15] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{6f9d4ea4-a57e-11e4-9b4d-d4bed989de09}.TMContainer00000000000000000002.regtrans-ms [09/05/2012 20:27:35] - |D| - [2709158] - C:\ProgramData\NVIDIA [09/05/2012 17:21:55] - |D| - [1368148502] - C:\ProgramData\NVIDIA Corporation [07/01/2017 16:21:15] - |A| - [5110] - C:\ProgramData\NvTelemetryContainer.log [07/01/2017 16:21:15] - |A| - [5110] - C:\ProgramData\NvTelemetryContainer.log_backup1 [22/10/2013 18:47:23] - |D| - [70997662] - C:\ProgramData\Oracle [06/12/2012 01:33:59] - |D| - [81687] - C:\ProgramData\Orbit [09/12/2013 22:27:02] - |D| - [45138623] - C:\ProgramData\Package Cache [22/12/2015 13:25:18] - |D| - [4220952] - C:\ProgramData\PC-Doctor for Windows [22/12/2015 13:25:18] - |D| - [13303072] - C:\ProgramData\PCDr [09/05/2012 18:23:14] - |D| - [18109475] - C:\ProgramData\PhotoShow Shared Assets [19/04/2016 14:29:47] - |D| - [2430485079] - C:\ProgramData\Razer [28/08/2014 12:29:55] - |D| - [39] - C:\ProgramData\Riot Games [24/12/2015 11:37:34] - |D| - [513991] - C:\ProgramData\RogueKiller [09/05/2012 18:21:19] - |D| - [21846494] - C:\ProgramData\Roxio [20/04/2016 21:16:04] - |D| - [1505] - C:\ProgramData\RzSurroundVAD_1.1.61.0 [30/09/2016 11:42:42] - |D| - [1561] - C:\ProgramData\RzSurroundVAD_1.1.62.0 [13/08/2012 21:46:41] - |D| - [110285488] - C:\ProgramData\Skype [09/05/2012 18:22:07] - |D| - [161775] - C:\ProgramData\Sonic [14/07/2009 07:08:56] - |SHD| - [572488] - C:\ProgramData\Start Menu [06/11/2016 16:19:19] - |D| - [79] - C:\ProgramData\Steam [09/05/2012 20:27:30] - |D| - [399] - C:\ProgramData\Sun [09/05/2012 18:16:28] - |D| - [165160] - C:\ProgramData\Temp [14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Templates [13/12/2012 14:34:03] - |D| - [26178] - C:\ProgramData\TomTom [09/05/2012 18:25:05] - |D| - [6107508] - C:\ProgramData\Uninstall [29/07/2012 20:05:51] - |D| - [2413823] - C:\ProgramData\WinZip ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 07:01:14] - |A| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk [14/07/2009 06:49:40] - |ASH| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [09/05/2012 18:28:40] - |A| - [2072] - C:\ProgramData\Microsoft\Windows\Start Menu\PhotoStage.lnk [09/05/2012 16:09:41] - |SHD| - [282077] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [14/07/2009 05:20:08] - |RD| - [282077] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 06:49:40] - |A| - [1266] - C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk [29/07/2012 20:06:04] - |A| - [2319] - C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk [29/07/2012 20:27:28] - |A| - [953] - C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 05:20:08] - |RD| - [42418] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [14/04/2017 09:46:16] - |A| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [27/10/2016 19:08:16] - |A| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [14/07/2009 07:32:38] - |RD| - [18363] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [01/06/2012 22:17:41] - |A| - [2519] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [25/07/2013 21:37:55] - |A| - [1023] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk [25/12/2015 13:25:09] - |D| - [1100] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net [21/06/2016 09:13:19] - |D| - [3905] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID [07/01/2017 15:35:54] - |D| - [4255] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017 [09/05/2012 17:15:57] - |D| - [1986] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broadcom [06/07/2015 14:32:36] - |D| - [922] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [01/03/2016 22:15:15] - |D| - [2270] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cities Skylines Snowfall [09/05/2012 18:14:55] - |D| - [4419] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative [06/12/2012 01:21:26] - |D| - [3269] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [22/12/2015 13:25:19] - |D| - [2184] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell [09/05/2012 18:17:19] - |RD| - [10726] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Stage [14/07/2009 06:54:23] - |ASH| - [1556] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [15/05/2012 20:28:28] - |D| - [1098] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III [09/05/2012 17:32:03] - |RD| - [4110] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DW WLAN [14/07/2009 07:32:38] - |RD| - [8396] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [17/03/2016 13:10:29] - |D| - [2053] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph [28/06/2014 21:47:20] - |D| - [7246] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive [15/04/2014 22:01:48] - |D| - [2043] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 8 [23/04/2017 20:55:04] - |D| - [1340] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2 [27/01/2014 03:30:41] - |D| - [1135] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone [26/12/2015 14:17:33] - |D| - [936] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm [26/04/2016 20:49:21] - |D| - [3839] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [20/09/2013 22:15:30] - |D| - [2026] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ivalice Sienna Launcher [06/11/2014 18:44:58] - |D| - [9256] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [18/11/2013 01:54:14] - |D| - [1756] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends [17/05/2012 16:46:53] - |D| - [3364] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [14/07/2009 05:20:08] - |RD| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [09/05/2012 16:06:46] - |A| - [1345] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [22/04/2017 21:21:18] - |D| - [15881] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games [05/06/2013 18:29:22] - |D| - [1245] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [16/03/2013 00:19:10] - |D| - [45935] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [15/03/2013 01:37:03] - |D| - [2265] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [17/03/2014 22:46:41] - |A| - [1305] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk [04/06/2012 02:34:14] - |D| - [10852] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [12/12/2013 21:40:08] - |A| - [1374] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk [19/04/2016 14:33:03] - |D| - [1965] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer [09/05/2012 18:22:55] - |D| - [4354] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator Starter [27/12/2014 00:56:00] - |D| - [3141] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung [16/03/2013 00:19:10] - |D| - [3181] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [14/07/2009 06:57:08] - |A| - [1330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk [15/05/2015 14:33:20] - |D| - [2137] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [18/04/2017 09:55:07] - |D| - [854] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II [14/07/2009 05:20:08] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [01/02/2016 21:10:53] - |D| - [1043] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [07/11/2016 20:33:30] - |A| - [889] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk [17/12/2012 12:59:50] - |D| - [2719] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Turtle Beach [02/10/2013 00:17:47] - |D| - [7958] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [14/07/2009 06:57:09] - |A| - [1352] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk [09/05/2012 16:06:47] - |A| - [1326] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [14/07/2009 06:54:59] - |A| - [1210] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk [15/06/2012 00:47:07] - |A| - [2530] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [14/07/2009 06:57:06] - |A| - [1547] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [19/05/2012 01:12:41] - |D| - [2972] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [08/01/2016 23:01:08] - |D| - [1182] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft [14/07/2009 06:57:08] - |A| - [1246] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 06:54:23] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [27/10/2016 19:08:15] - |D| - [264542008] - C:\Program Files (x86)\Adobe [20/02/2016 19:55:20] - |D| - [0] - C:\Program Files (x86)\Ankama [24/04/2017 20:25:59] - |A| - [18624] - C:\Program Files (x86)\api-ms-win-core-console-l1-1-0.dll [24/04/2017 20:25:59] - |A| - [17600] - C:\Program Files (x86)\api-ms-win-core-datetime-l1-1-0.dll [24/04/2017 20:25:59] - |A| - [17600] - C:\Program Files (x86)\api-ms-win-core-debug-l1-1-0.dll [24/04/2017 20:25:59] - |A| - [18112] - C:\Program Files (x86)\api-ms-win-core-errorhandling-l1-1-0.dll [24/04/2017 20:25:59] - |A| - [21696] - C:\Program Files (x86)\api-ms-win-core-file-l1-1-0.dll [24/04/2017 20:25:59] - |A| - [18112] - C:\Program Files (x86)\api-ms-win-core-file-l1-2-0.dll [24/04/2017 20:25:59] - |A| - [18112] - C:\Program Files (x86)\api-ms-win-core-file-l2-1-0.dll [24/04/2017 20:25:59] - |A| - [18112] - C:\Program Files (x86)\api-ms-win-core-handle-l1-1-0.dll [24/04/2017 20:25:59] - |A| - [18112] - C:\Program Files (x86)\api-ms-win-core-heap-l1-1-0.dll [24/04/2017 20:25:59] - |A| - [18112] - C:\Program Files (x86)\api-ms-win-core-interlocked-l1-1-0.dll [24/04/2017 20:25:59] - |A| - [18624] - C:\Program Files (x86)\api-ms-win-core-libraryloader-l1-1-0.dll [24/04/2017 20:25:59] - |A| - [20672] - C:\Program Files (x86)\api-ms-win-core-localization-l1-2-0.dll [24/04/2017 20:25:59] - |A| - [18624] - C:\Program Files (x86)\api-ms-win-core-memory-l1-1-0.dll [24/04/2017 20:25:59] - |A| - [18112] - C:\Program Files (x86)\api-ms-win-core-namedpipe-l1-1-0.dll [24/04/2017 20:25:59] - |A| - [19136] - C:\Program Files (x86)\api-ms-win-core-processenvironment-l1-1-0.dll [24/04/2017 20:25:59] - |A| - [20160] - C:\Program Files (x86)\api-ms-win-core-processthreads-l1-1-0.dll [24/04/2017 20:25:59] - |A| - [18624] - C:\Program Files (x86)\api-ms-win-core-processthreads-l1-1-1.dll [24/04/2017 20:25:59] - |A| - [17600] - C:\Program Files (x86)\api-ms-win-core-profile-l1-1-0.dll [24/04/2017 20:26:00] - |A| - [17600] - C:\Program Files (x86)\api-ms-win-core-rtlsupport-l1-1-0.dll [24/04/2017 20:26:00] - |A| - [18112] - C:\Program Files (x86)\api-ms-win-core-string-l1-1-0.dll [24/04/2017 20:26:00] - |A| - [20160] - C:\Program Files (x86)\api-ms-win-core-synch-l1-1-0.dll [24/04/2017 20:26:00] - |A| - [18624] - C:\Program Files (x86)\api-ms-win-core-synch-l1-2-0.dll [24/04/2017 20:26:00] - |A| - [19136] - C:\Program Files (x86)\api-ms-win-core-sysinfo-l1-1-0.dll [24/04/2017 20:26:00] - |A| - [18112] - C:\Program Files (x86)\api-ms-win-core-timezone-l1-1-0.dll [24/04/2017 20:26:00] - |A| - [18112] - C:\Program Files (x86)\api-ms-win-core-util-l1-1-0.dll [24/04/2017 20:26:00] - |A| - [19136] - C:\Program Files (x86)\api-ms-win-crt-conio-l1-1-0.dll [24/04/2017 20:26:00] - |A| - [22208] - C:\Program Files (x86)\api-ms-win-crt-convert-l1-1-0.dll [24/04/2017 20:26:00] - |A| - [18624] - C:\Program Files (x86)\api-ms-win-crt-environment-l1-1-0.dll [24/04/2017 20:26:00] - |A| - [20160] - C:\Program Files (x86)\api-ms-win-crt-filesystem-l1-1-0.dll [24/04/2017 20:26:00] - |A| - [18624] - C:\Program Files (x86)\api-ms-win-crt-heap-l1-1-0.dll [24/04/2017 20:26:00] - |A| - [18624] - C:\Program Files (x86)\api-ms-win-crt-locale-l1-1-0.dll [24/04/2017 20:26:00] - |A| - [28864] - C:\Program Files (x86)\api-ms-win-crt-math-l1-1-0.dll [24/04/2017 20:26:00] - |A| - [25792] - C:\Program Files (x86)\api-ms-win-crt-multibyte-l1-1-0.dll [24/04/2017 20:26:00] - |A| - [72896] - C:\Program Files (x86)\api-ms-win-crt-private-l1-1-0.dll [24/04/2017 20:26:00] - |A| - [19136] - C:\Program Files (x86)\api-ms-win-crt-process-l1-1-0.dll [24/04/2017 20:26:00] - |A| - [22720] - C:\Program Files (x86)\api-ms-win-crt-runtime-l1-1-0.dll [24/04/2017 20:26:00] - |A| - [24256] - C:\Program Files (x86)\api-ms-win-crt-stdio-l1-1-0.dll [24/04/2017 20:26:00] - |A| - [24256] - C:\Program Files (x86)\api-ms-win-crt-string-l1-1-0.dll [24/04/2017 20:26:00] - |A| - [20672] - C:\Program Files (x86)\api-ms-win-crt-time-l1-1-0.dll [24/04/2017 20:26:00] - |A| - [18624] - C:\Program Files (x86)\api-ms-win-crt-utility-l1-1-0.dll [26/04/2016 20:46:56] - |D| - [2743854] - C:\Program Files (x86)\Apple Software Update [25/07/2013 21:37:42] - |D| - [46471547] - C:\Program Files (x86)\Audacity [22/07/2012 00:45:52] - |D| - [146393] - C:\Program Files (x86)\AviSynth 2.5 [23/01/2014 13:55:59] - |D| - [347902963] - C:\Program Files (x86)\Battle.net [08/10/2012 23:03:48] - |D| - [10786434] - C:\Program Files (x86)\Battlelog Web Plugins [21/06/2016 09:12:34] - |D| - [11864984] - C:\Program Files (x86)\Belgium Identity Card [15/10/2014 23:51:21] - |D| - [35142078] - C:\Program Files (x86)\BlueStacks [21/12/2015 21:34:25] - |D| - [631636] - C:\Program Files (x86)\Bonjour [24/04/2017 20:25:58] - |A| - [324048] - C:\Program Files (x86)\BsSndRpt.exe [24/04/2017 20:25:58] - |A| - [303568] - C:\Program Files (x86)\BugSplat.dll [24/04/2017 20:25:58] - |A| - [198784] - C:\Program Files (x86)\BugSplatRc.dll [01/03/2016 22:12:47] - |D| - [5423443493] - C:\Program Files (x86)\Cities Skylines Snowfall [09/05/2012 17:20:00] - |D| - [0] - C:\Program Files (x86)\Citrix [14/07/2009 05:20:08] - |D| - [873666729] - C:\Program Files (x86)\Common Files [24/04/2017 20:25:59] - |A| - [243016] - C:\Program Files (x86)\concrt140.dll [18/11/2013 03:01:59] - |D| - [53167] - C:\Program Files (x86)\Config [09/05/2012 18:14:51] - |D| - [5413781] - C:\Program Files (x86)\Creative [06/12/2012 01:20:55] - |D| - [27944562] - C:\Program Files (x86)\DAEMON Tools Lite [09/05/2012 18:03:52] - |D| - [162908806] - C:\Program Files (x86)\Dell [09/05/2012 18:17:43] - |D| - [177250518] - C:\Program Files (x86)\Dell Stage [09/05/2012 19:50:00] - |D| - [291] - C:\Program Files (x86)\Dell Touch Software Suite [14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [26/12/2015 15:37:50] - |D| - [15998941153] - C:\Program Files (x86)\Diablo III [12/06/2016 20:27:08] - |D| - [0] - C:\Program Files (x86)\ElcomSoft [17/03/2016 13:10:24] - |D| - [129245014] - C:\Program Files (x86)\Glyph [15/04/2014 22:01:00] - |D| - [156064540] - C:\Program Files (x86)\Google [28/08/2012 13:29:53] - |D| - [29919933888] - C:\Program Files (x86)\Guild Wars 2 [27/01/2014 03:30:41] - |D| - [1209742072] - C:\Program Files (x86)\Hearthstone [25/12/2015 13:26:30] - |D| - [13315741964] - C:\Program Files (x86)\Heroes of the Storm [22/07/2012 00:45:23] - |D| - [0] - C:\Program Files (x86)\hpmonitor [09/05/2012 18:14:27] - |HD| - [25923829] - C:\Program Files (x86)\InstallShield Installation Information [09/05/2012 17:28:29] - |D| - [9425413] - C:\Program Files (x86)\Intel [08/11/2013 23:09:32] - |D| - [990565] - C:\Program Files (x86)\Intelore [14/07/2009 05:20:08] - |D| - [10535673] - C:\Program Files (x86)\Internet Explorer [07/10/2013 01:54:23] - |D| - [189227] - C:\Program Files (x86)\iTunes [06/11/2014 18:44:53] - |D| - [164950552] - C:\Program Files (x86)\Java [24/04/2017 20:26:00] - |A| - [3358336] - C:\Program Files (x86)\LeagueClient.exe [24/04/2017 20:26:00] - |A| - [2104960] - C:\Program Files (x86)\libcrypto-1_1.dll [24/04/2017 20:26:00] - |A| - [284800] - C:\Program Files (x86)\libcurl.dll [24/04/2017 20:26:00] - |A| - [99456] - C:\Program Files (x86)\libnghttp2.dll [24/04/2017 20:26:00] - |A| - [383616] - C:\Program Files (x86)\libssl-1_1.dll [25/07/2012 23:51:50] - |D| - [56082511] - C:\Program Files (x86)\Logitech [18/11/2013 01:55:37] - |D| - [122278589] - C:\Program Files (x86)\Logs [12/06/2013 19:10:18] - |A| - [97856] - C:\Program Files (x86)\lol.launcher.admin.exe [12/06/2013 19:10:44] - |A| - [97856] - C:\Program Files (x86)\lol.launcher.exe [16/03/2013 00:15:03] - |D| - [39769547] - C:\Program Files (x86)\Microsoft Analysis Services [16/10/2014 00:52:59] - |D| - [1670519] - C:\Program Files (x86)\Microsoft ASP.NET [27/07/2012 00:55:34] - |D| - [800662] - C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 [13/11/2013 15:15:32] - |D| - [2197737001] - C:\Program Files (x86)\Microsoft Games [05/06/2013 18:29:21] - |D| - [9362570] - C:\Program Files (x86)\Microsoft Games for Windows - LIVE [16/03/2013 00:14:21] - |D| - [29590532] - C:\Program Files (x86)\Microsoft Office [15/03/2013 01:36:26] - |D| - [42884494] - C:\Program Files (x86)\Microsoft Silverlight [12/12/2013 21:39:59] - |D| - [1829877] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [16/03/2013 00:16:22] - |D| - [1378033] - C:\Program Files (x86)\Microsoft Visual Studio 8 [17/05/2012 10:53:19] - |D| - [8175999] - C:\Program Files (x86)\Microsoft.NET [21/06/2016 09:12:47] - |D| - [40909] - C:\Program Files (x86)\Mozilla Firefox [14/07/2009 07:32:38] - |D| - [26521] - C:\Program Files (x86)\MSBuild [24/04/2017 20:25:59] - |A| - [438080] - C:\Program Files (x86)\msvcp140.dll [09/05/2012 17:21:52] - |D| - [429477860] - C:\Program Files (x86)\NVIDIA Corporation [26/06/2012 21:55:36] - |D| - [34818345] - C:\Program Files (x86)\Oracle [18/11/2013 01:52:40] - |D| - [0] - C:\Program Files (x86)\Pando Networks [18/11/2013 01:54:15] - |D| - [8950840960] - C:\Program Files (x86)\RADS [19/04/2016 14:29:35] - |D| - [354562377] - C:\Program Files (x86)\Razer [19/04/2016 14:33:15] - |D| - [1715069] - C:\Program Files (x86)\Razer Chroma SDK [14/07/2009 07:32:38] - |D| - [39175425] - C:\Program Files (x86)\Reference Assemblies [09/05/2012 18:20:53] - |D| - [474887079] - C:\Program Files (x86)\Roxio [27/12/2014 00:56:00] - |D| - [35212318] - C:\Program Files (x86)\Samsung [20/09/2013 22:15:28] - |D| - [24669143285] - C:\Program Files (x86)\Sienna [15/05/2015 14:33:19] - |RD| - [46215968] - C:\Program Files (x86)\Skype [18/04/2017 09:45:05] - |D| - [17530003222] - C:\Program Files (x86)\StarCraft II [01/02/2016 21:10:52] - |D| - [1200566625] - C:\Program Files (x86)\Steam [24/04/2017 20:26:00] - |A| - [23149] - C:\Program Files (x86)\system.yaml [05/11/2012 23:27:23] - |D| - [40547684] - C:\Program Files (x86)\Ubisoft [24/04/2017 20:26:00] - |A| - [917184] - C:\Program Files (x86)\ucrtbase.dll [14/07/2009 06:57:06] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [29/07/2012 20:05:25] - |D| - [399224] - C:\Program Files (x86)\uTorrent [24/04/2017 20:25:59] - |A| - [83792] - C:\Program Files (x86)\vcruntime140.dll [19/06/2012 16:40:23] - |D| - [137949549] - C:\Program Files (x86)\VideoLAN [10/06/2016 21:17:15] - |D| - [1485903] - C:\Program Files (x86)\VulkanRT [14/07/2009 07:32:38] - |D| - [524800] - C:\Program Files (x86)\Windows Defender [15/06/2012 00:45:57] - |D| - [113945111] - C:\Program Files (x86)\Windows Live [14/07/2009 05:20:08] - |D| - [6181376] - C:\Program Files (x86)\Windows Mail [14/07/2009 07:32:38] - |D| - [5024017] - C:\Program Files (x86)\Windows Media Player [14/07/2009 05:20:08] - |D| - [12197044] - C:\Program Files (x86)\Windows NT [14/07/2009 07:32:38] - |D| - [4417800] - C:\Program Files (x86)\Windows Photo Viewer [14/07/2009 07:32:38] - |D| - [189952] - C:\Program Files (x86)\Windows Portable Devices [14/07/2009 07:32:38] - |D| - [5994626] - C:\Program Files (x86)\Windows Sidebar [08/01/2016 22:56:11] - |D| - [51813202767] - C:\Program Files (x86)\World of Warcraft [24/04/2017 20:26:00] - |A| - [128640] - C:\Program Files (x86)\yaml.dll [22/12/2015 22:08:19] - |D| - [0] - C:\Program Files (x86)\ZHPFix [24/04/2017 20:26:00] - |A| - [108672] - C:\Program Files (x86)\zlib.dll ---------- | C:\Program Files [07/01/2017 15:32:58] - |D| - [668569205] - C:\Program Files\Bitdefender [07/01/2017 15:26:37] - |D| - [40531559] - C:\Program Files\Bitdefender Agent [21/12/2015 21:34:25] - |D| - [615046] - C:\Program Files\Bonjour [09/05/2012 17:15:56] - |D| - [43693395] - C:\Program Files\Broadcom [06/07/2015 14:32:35] - |D| - [18326142] - C:\Program Files\CCleaner [14/07/2009 05:20:08] - |D| - [1871037408] - C:\Program Files\Common Files [09/05/2012 17:31:30] - |D| - [251156415] - C:\Program Files\Dell [22/12/2015 13:25:18] - |D| - [9729824] - C:\Program Files\Dell Support Center [14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files\desktop.ini [21/06/2016 09:13:19] - |D| - [707464] - C:\Program Files\DIFX [14/07/2009 07:32:38] - |D| - [90256404] - C:\Program Files\DVD Maker [09/05/2012 16:09:41] - |SHD| - [1871037408] - C:\Program Files\Fichiers communs [14/07/2009 05:20:08] - |D| - [30571916] - C:\Program Files\Internet Explorer [26/04/2016 20:49:07] - |D| - [4170211] - C:\Program Files\iPod [21/12/2015 21:36:19] - |D| - [233600011] - C:\Program Files\iTunes [21/06/2016 09:12:47] - |D| - [0] - C:\Program Files\log [10/03/2016 22:03:29] - |D| - [62711669] - C:\Program Files\Logitech [16/03/2013 00:15:03] - |D| - [66182091] - C:\Program Files\Microsoft Analysis Services [14/07/2009 07:32:38] - |D| - [149237810] - C:\Program Files\Microsoft Games [16/03/2013 00:14:16] - |D| - [1144708327] - C:\Program Files\Microsoft Office [15/03/2013 01:36:26] - |D| - [55714702] - C:\Program Files\Microsoft Silverlight [16/03/2013 00:17:22] - |D| - [2966976] - C:\Program Files\Microsoft SQL Server Compact Edition [16/03/2013 00:17:22] - |D| - [1014647] - C:\Program Files\Microsoft Sync Framework [16/03/2013 00:17:49] - |D| - [326800] - C:\Program Files\Microsoft Synchronization Services [14/07/2009 07:32:38] - |D| - [25757] - C:\Program Files\MSBuild [09/05/2012 17:21:52] - |D| - [11164507817] - C:\Program Files\NVIDIA Corporation [19/04/2016 14:33:15] - |D| - [114816] - C:\Program Files\Razer Chroma SDK [14/07/2009 07:32:38] - |D| - [36834473] - C:\Program Files\Reference Assemblies [09/05/2012 18:23:12] - |D| - [994272] - C:\Program Files\Roxio [20/12/2015 20:39:40] - |D| - [15011048] - C:\Program Files\Speccy [07/11/2016 20:33:28] - |D| - [67399238] - C:\Program Files\TeamSpeak 3 Client [14/07/2009 07:09:26] - |HD| - [0] - C:\Program Files\Uninstall Information [09/05/2012 17:23:43] - |D| - [184882186] - C:\Program Files\WIDCOMM [14/07/2009 07:32:38] - |D| - [4039680] - C:\Program Files\Windows Defender [14/07/2009 05:20:08] - |D| - [6667776] - C:\Program Files\Windows Mail [14/07/2009 07:32:38] - |D| - [7687085] - C:\Program Files\Windows Media Player [14/07/2009 05:20:08] - |D| - [17634484] - C:\Program Files\Windows NT [14/07/2009 07:32:38] - |D| - [5516056] - C:\Program Files\Windows Photo Viewer [14/07/2009 07:32:38] - |D| - [244736] - C:\Program Files\Windows Portable Devices [14/07/2009 07:32:38] - |D| - [8547375] - C:\Program Files\Windows Sidebar [19/05/2012 01:12:37] - |D| - [4644282] - C:\Program Files\WinRAR [29/07/2012 20:05:49] - |D| - [121572463] - C:\Program Files\WinZip ---------- | C:\Program Files (x86)\Common Files [09/05/2012 18:18:51] - |D| - [9325275] - C:\Program Files (x86)\Common Files\Adobe [01/06/2012 22:16:42] - |D| - [132965637] - C:\Program Files (x86)\Common Files\Apple [10/05/2012 20:24:55] - |D| - [194] - C:\Program Files (x86)\Common Files\Blizzard Entertainment [09/12/2013 22:28:43] - |HD| - [853824] - C:\Program Files (x86)\Common Files\EAInstaller [09/05/2012 18:14:01] - |D| - [5284404] - C:\Program Files (x86)\Common Files\InstallShield [22/12/2015 12:33:17] - |D| - [1955984] - C:\Program Files (x86)\Common Files\Java [17/05/2012 16:47:01] - |D| - [101178192] - C:\Program Files (x86)\Common Files\LogiShrd [25/07/2012 23:52:02] - |D| - [5241923] - C:\Program Files (x86)\Common Files\LWS [09/05/2012 18:14:03] - |D| - [1045483] - C:\Program Files (x86)\Common Files\Macrovision Shared [13/11/2013 15:20:54] - |D| - [1370] - C:\Program Files (x86)\Common Files\Microsoft Games [14/07/2009 05:20:08] - |D| - [135933620] - C:\Program Files (x86)\Common Files\microsoft shared [09/05/2012 17:33:26] - |D| - [161212] - C:\Program Files (x86)\Common Files\postureAgent [09/05/2012 18:21:14] - |D| - [4538192] - C:\Program Files (x86)\Common Files\PX Storage Engine [09/05/2012 18:20:45] - |D| - [272987058] - C:\Program Files (x86)\Common Files\Roxio Shared [14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [15/05/2015 14:33:20] - |D| - [2399872] - C:\Program Files (x86)\Common Files\Skype [09/05/2012 18:21:02] - |D| - [3765807] - C:\Program Files (x86)\Common Files\Sonic Shared [14/07/2009 05:20:08] - |D| - [41103783] - C:\Program Files (x86)\Common Files\SpeechEngines [05/06/2013 17:59:48] - |D| - [1670304] - C:\Program Files (x86)\Common Files\Steam [09/05/2012 18:23:26] - |D| - [732768] - C:\Program Files (x86)\Common Files\SureThing Shared [14/07/2009 05:20:08] - |D| - [10534435] - C:\Program Files (x86)\Common Files\System [15/06/2012 00:44:17] - |D| - [141984690] - C:\Program Files (x86)\Common Files\Windows Live ---------- | C:\Program Files\Common files [01/06/2012 22:17:08] - |D| - [174424534] - C:\Program Files\Common files\Apple [03/11/2015 17:35:03] - |D| - [501416] - C:\Program Files\Common files\AV [07/01/2017 15:28:22] - |D| - [1347037777] - C:\Program Files\Common files\Bitdefender [15/05/2014 23:32:54] - |D| - [99992] - C:\Program Files\Common files\DESIGNER [11/05/2012 21:00:21] - |D| - [56889437] - C:\Program Files\Common files\logishrd [14/07/2009 05:20:08] - |D| - [278743795] - C:\Program Files\Common files\Microsoft Shared [14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files\Common files\Services [14/07/2009 05:20:08] - |D| - [608768] - C:\Program Files\Common files\SpeechEngines [14/07/2009 05:20:08] - |D| - [12728987] - C:\Program Files\Common files\System ---------- | Tasks [MD5.917D0FEC69CA9C361B402A7F62EAB486] - [09/05/2012 19:23:26] - |A| - [1086] - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2687808087-1106675009-1755940479-1000UA.job [MD5.4E314F2D63CA89240868445DA0F82112] - [30/01/2016 12:39:49] - |A| - [1086] - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2687808087-1106675009-1755940479-1000UA1d15b4a8b774fd5.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [14/07/2009 07:08:49] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.AF0A9D8E0C248C41C3A781C609ED3485] - [14/07/2009 07:08:49] - |A| - [32574] - C:\Windows\Tasks\SCHEDLGU.TXT [MD5.3165429B5D7C97C94F6AEBA4AF658601] - [06/07/2015 14:31:51] - |A| - [4476] - C:\Windows\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.8D0D2E120F7D6DAD3BBFB0C885727E71] - [04/03/2017 21:34:28] - |A| - [4630] - C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier : C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe [MD5.E524286FC734A31175867A727A49915C] - [09/05/2012 17:18:19] - |A| - [4484] - C:\Windows\System32\Tasks\Adobe Flash Player Updater : C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.00000000000000000000000000000000] - [26/04/2016 20:46:58] - |D| - [3386] - C:\Windows\System32\Tasks\Apple [MD5.790FFC44106E3B682A73AE846AEB712C] - [07/01/2017 15:28:50] - |A| - [3640] - C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 : C:\Program Files\Bitdefender Agent\WatchDog.exe [MD5.53B073F9F597BADA7AA74FB983CF88E6] - [06/07/2015 14:32:38] - |A| - [2798] - C:\Windows\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.00000000000000000000000000000000] - [29/11/2012 05:42:47] - |D| - [0] - C:\Windows\System32\Tasks\Games [MD5.8F70EBD6616C7C544F60BE28D9EE9B06] - [28/06/2014 21:46:54] - |A| - [3372] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.545B7DBAA158FBB8E5487CA620537D36] - [28/06/2014 21:46:56] - |A| - [3500] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00B19D253C1D7523474AB0326B0AB737] - [09/05/2012 19:23:25] - |A| - [3410] - C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2687808087-1106675009-1755940479-1000Core : C:\Users\Maestro\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.E4411A815B4BF86170F6339EAEBB3416] - [09/05/2012 19:23:26] - |A| - [4060] - C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2687808087-1106675009-1755940479-1000UA : C:\Users\Maestro\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.083F8F81059C71C9A574082FACFEF5A8] - [30/01/2016 12:39:49] - |A| - [4060] - C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2687808087-1106675009-1755940479-1000UA1d15b4a8b774fd5 : C:\Users\Maestro\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.5FD0732B8112A065A4184896DBD815E7] - [11/05/2016 21:56:38] - |A| - [3682] - C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2687808087-1106675009-1755940479-1000UA1d1abbf3aa53764 : C:\Users\Maestro\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [14/07/2009 05:20:13] - |D| - [276624] - C:\Windows\System32\Tasks\Microsoft [MD5.4D4D57172BE39BD84A53F333DEBD474E] - [07/01/2017 16:20:59] - |A| - [4146] - C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [MD5.366C88057950048B3838817BCD9FDC18] - [07/01/2017 16:21:08] - |A| - [3852] - C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [MD5.6358A0780C1525E4C425F4AC50BF88A5] - [07/01/2017 16:20:46] - |A| - [3738] - C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.8C70F48179F211F0163FB1D1491FD41B] - [07/01/2017 16:20:43] - |A| - [3494] - C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.4D656907EC768BDF92B5706DEE3CB6C4] - [07/01/2017 16:20:47] - |A| - [3730] - C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [MD5.94B283B7B2AF25D3803D3151C2E712E3] - [07/01/2017 16:20:49] - |A| - [3554] - C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [MD5.8AD65BF3083BDBA65FBBF3D02C6CEFE5] - [07/01/2017 16:20:48] - |A| - [3738] - C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [MD5.00000000000000000000000000000000] - [16/03/2013 00:19:40] - |D| - [4392] - C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform [MD5.00000000000000000000000000000000] - [14/07/2009 07:09:57] - |D| - [4486] - C:\Windows\System32\Tasks\WPD [MD5.969EABEEF4125B554B221E73AD9BDC12] - [19/01/2013 22:17:45] - |A| - [2960] - C:\Windows\System32\Tasks\{1BCFF52D-D6FB-4ADC-92FC-875FF932F1F3} : C:\Users\Maestro\Downloads\Odin3-v1.838.exe [MD5.6A5830673E0061F0FF6C771F18F44445] - [25/04/2014 22:09:40] - |A| - [3122] - C:\Windows\System32\Tasks\{4C3FB61F-B36F-4CD6-8339-55F501584210} : "c:\users\maestro\appdata\local\google\chrome\application\chrome.exe" [MD5.42C52B47BD796C5D348A45ACFB6EC274] - [29/07/2012 20:23:29] - |A| - [2962] - C:\Windows\System32\Tasks\{C559D284-335D-4EDD-A8DA-56C4DC45550A} : C:\Program Files (x86)\uTorrent\uTorrent.exe [MD5.00000000000000000000000000000000] - [14/07/2009 05:20:14] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "Netlogon-NamedPipe-In"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "{64310722-E821-4CAC-8C3F-13D2D3C2FF3E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Dell\VideoStage\VideoStage.exe|Name=Dell VideoStage|Desc=Dell VideoStage| "{E68FA9B2-8584-46BD-8163-721A5AC3185B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\uTorrent\uTorrent.exe|Name=µTorrent (TCP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| "{C9659986-E29E-46CC-A83B-15FFDD6F691E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\uTorrent\uTorrent.exe|Name=µTorrent (UDP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| "{D7845031-6433-4229-BE21-1BAFE49DAE6E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Skype\Phone\Skype.exe|Name=Skype| "{4B0EA8FC-BD05-4EA0-82CA-C8D1E6598351}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002| "{7396CA64-1C49-417F-BF75-227FFC834E17}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Sienna\Game\Launcher.exe|Name=Blizzard Launcher| "{5771B801-B71F-488F-BD2B-C796DF529784}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Sienna\Game\Launcher.exe|Name=Blizzard Launcher| "{8D066E05-E863-40AB-BED7-F9AE3ADFA2C3}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe|Name=ESN Sonar Host Application| "{8405B436-BCB8-4955-BA0A-2859066F4BFB}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe|Name=ESN Sonar Host Application| "{1B72E489-13A5-4A6B-A5EB-A2DC0B2EAD66}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|App=C:\Program Files (x86)\Battle.net\Battle.net.exe|Name=Battle.net| "{3E3C6762-37F4-4785-ADF2-FF55C7E0ADA1}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Battle.net\Battle.net.exe|Name=Battle.net| "{3C3FF32F-C058-429B-90F3-51DC6C5A8E53}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Hearthstone\Hearthstone.exe|Name=Hearthstone| "{EAEDCB6C-8771-45F3-9CBC-90164FFE88ED}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Hearthstone\Hearthstone.exe|Name=Hearthstone| "{565C892B-A187-4F1D-90C2-024624507830}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe|Name=Windows Live Communications Platform|Edge=TRUE| "{7737D894-E8B2-464F-9BDB-2BAC590049CA}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (UPnP)| "{4C214685-AD24-4D62-B8ED-7A0B6DA739FA}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (SSDP)| "{CA796FE5-16B0-4EA2-AC30-C7CE640D62E6}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe|Name=Windows Live Messenger|Edge=TRUE| "{BB6C7F64-7162-415F-B4B2-D3980DD07E3D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\Maestro\AppData\Local\Viber\Viber.exe|Name=Viber| "{8769E4FA-EB86-43DA-8B72-F2F3C9FABF25}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{29106970-EB86-4FF2-B596-118CAB7AC39E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{C312021E-815C-48B0-A77C-7259883C6BBF}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{8B09CAD0-EA80-4414-BF20-A224B23D63D2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{AFBB7829-5021-4ACF-B61B-B6A2E65F5CFC}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=47984|LPort=47989|LPort=48010|App=C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe|Name=SHIELD Streaming NSS TCP Exception|Desc=TCP exceptions for SHIELD Streaming NSS (HTTP)| "{A4CCB8B9-D83A-4C7F-892D-9FC98BAA323D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=47998|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe|Name=SHIELD Streaming SSAU UDP Exception|Desc=UDP exceptions for SHIELD Streaming SSAU (NWT)| "{579D771F-F974-484D-8332-99D5E77AFB2F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=47995|LPort=48010|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe|Name=SHIELD Streaming NvStreamer TCP Exception|Desc=TCP exceptions for SHIELD Streaming NvStreamer (RTSP/RI)| "{730372E9-F74B-4015-886A-9002A137C9BA}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=47995|LPort=47998|LPort=47999|LPort=48000|LPort=48010|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe|Name=SHIELD Streaming NvStreamer UDP Exception|Desc=UDP exceptions for SHIELD Streaming NvStreamer (RTSP/RI/A/V)| "{9E44F3C7-7195-4361-BD7C-F99BB058DD5F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=3724|Name=Blizzard|Desc=créé moi même| "{D518EB2A-23F6-49E2-8084-2C2FA654724C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=80|LPort=1119|LPort=1120|LPort=3724|LPort=4000|LPort=6112|LPort=6113|LPort=6114|LPort=80|LPort=443|Name=blizzard all| "{099955EA-BAEF-4542-9473-8D68034FE3EB}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe|Name=SHIELD Streaming SSAS UDP Exception|Desc=UDP exceptions for SHIELD Streaming SSAS (mDNS)| "{42E3B26B-6C26-4F06-88D5-F46DFD3F2717}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=3724|Name=battel net 3| "{927C1158-5355-4126-ACF4-E8FAB1C64141}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=80|LPort=1119|Name=dibalo 3| "{68E3E719-FC6C-4661-BEE3-1C168D82C8EB}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=1119|LPort=6120|Name=diablo 3 .1| "TCP Query User{1A6728EE-74E3-4E97-A95E-96BC4E577E89}C:\users\maestro\appdata\local\google\chrome\application\chrome.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\maestro\appdata\local\google\chrome\application\chrome.exe|Name=Google Chrome|Desc=Google Chrome| "UDP Query User{011AA341-730D-4084-9C06-6F0C9E0B3302}C:\users\maestro\appdata\local\google\chrome\application\chrome.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\maestro\appdata\local\google\chrome\application\chrome.exe|Name=Google Chrome|Desc=Google Chrome| "TCP Query User{2D9E5ED8-0B28-4548-A8B3-6C3ED9B02AE2}C:\program files (x86)\microsoft games\age of empires iii\age3.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\microsoft games\age of empires iii\age3.exe|Name=Age of Empires 3|Desc=Age of Empires 3|Defer=User| "UDP Query User{81B33BCE-2217-4326-A06C-6375668E816D}C:\program files (x86)\microsoft games\age of empires iii\age3.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\microsoft games\age of empires iii\age3.exe|Name=Age of Empires 3|Desc=Age of Empires 3|Defer=User| "TCP Query User{5092719B-D990-4128-9BFF-9D16BFF23B4C}C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe|Name=StarCraft II|Desc=StarCraft II|Defer=User| "UDP Query User{1CBE0423-1D1D-4681-B119-20C538DB5073}C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe|Name=StarCraft II|Desc=StarCraft II|Defer=User| "{4D61C40E-CE29-4767-BE86-59BD96FA10AA}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=%ProgramFiles% (x86)\Guild Wars 2\Gw2.exe|Name=gw2| [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\standardprofile\authorizedapplications\list] ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{37C9A9DF-DC57-451E-8ED1-81D2EBB3F713}] : (cm_km_w) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3F966BD9-FA04-4EC5-991C-D326973B5128}] : (AndroidUsbDeviceClass) [] -> @oem70.inf,%ClassName%;SAMSUNG Android Phone [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}] : (IPMIDRV) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4532C9EB-FEF9-43AC-83DA-D5DE1F9A2BFF}] : (nvpciflt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] : (Display) [] -> @DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) [] -> @mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}] : (Monitor) [] -> @Montr_CI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}] : (MTD) [] -> @SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}] : (Net) [] -> @NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}] : (NetClient) [] -> @NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}] : (NetService) [] -> @NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}] : (NetTrans) [] -> @NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{502EB68B-57B4-4FEE-9890-18F2D8AD1E3E}] : (mfencbdc) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) [] -> @StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175D334-C371-4806-B3BA-71FD53C9258D}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53D29EF7-377C-4D14-864B-EB3A85769359}] : (BiometricDevice) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{59F44B03-CCD2-460B-ACD8-53CBF375D174}] : (GEARAspiWDM) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) [] -> @NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) [] -> @%SystemRoot%\system32\batt.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) [] -> @hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990A2BD7-E738-46C7-B26F-1CF8FB9F1391}] : (SmartCard) [] -> @sccls.dll,-300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}] : (SideShow) [] -> @%systemroot%\system32\AuxiliaryDisplayClassInstaller.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9D3039DD-CCA5-4B4D-B33D-E2DDC8A8C52E}] : (dtsoftbus01) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}] : (Transfer Cable) [] -> @%SystemRoot%\System32\migwiz\migres.dll,-20 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C7C038AD-1F2D-44D4-B2FE-D912BE20E6D5}] : (BluetoothVirtual) [] -> @oem19.inf,%BluetoothVirtualName%;Bluetooth Virtual Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D41DD63A-1395-4419-AE14-A534F5F2AD29}] : (DriverInterface) [] -> DriverInterface [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}] : (XnaComposite) [] -> @%SystemRoot%\system32\XInput9_1_0.dll,-1000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{DA89094D-4B35-4D92-ABF3-9808A44B6E59}] : (LMouFilt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{DB4F6DDD-9C0E-45E4-9597-78DBBAD0F412}] : (SmartCardFilter) [] -> @sccls.dll,-301 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}] : (WPD) [] -> @wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{FCBEEF3E-F7AA-4F70-A494-A19CFE10FD1E}] : (Rsupport) [] -> Rsupport Drivers [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [07/01/2017 15:32:58] - (2.4.986.68) - (BitDefender S.R.L. - Trufos Kernel Module) - C:\Windows\system32\DRIVERS\trufos.sys [07/01/2017 15:35:04] - (3.12.15976.6498) - (BitDefender - Active Virus Control filter driver) - C:\Windows\system32\DRIVERS\avc3.sys [09/05/2012 18:21:32] - (3.0.93.0) - (Sonic Solutions - Px Engine Device Driver for 64-bit Windows) - C:\Windows\System32\Drivers\PxHlpa64.sys [06/12/2012 01:21:00] - (5.0.1.282) - (DT Soft Ltd - DAEMON Tools Virtual Bus Driver) - C:\Windows\system32\DRIVERS\dtsoftbus01.sys [07/01/2017 15:35:02] - (7.0.0.31) - (BitDefender LLC - BitDefender Firewall WFP Filter Driver) - C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [04/03/2017 21:40:54] - (21.21.13.7866) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 378.66) - C:\Windows\system32\DRIVERS\nvlddmkm.sys [12/01/2013 13:04:28] - (2.2.3.0) - (GEAR Software Inc. - CD DVD Filter) - C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [16/10/2016 13:04:08] - (6.1.7600.16385) - (Windows (R) Win 7 DDK provider - RazerSurround VAD Audio driver) - C:\Windows\system32\drivers\RzSurroundVAD.sys [27/12/2014 00:56:58] - (5.2.0.0) - (Rsupport Corporation - Rsupport VRVD5) - C:\Windows\system32\DRIVERS\vrvd5.sys [31/05/2014 17:22:48] - (1.0.0.103) - (Scarlet.Crush Productions - Scp Virtual Bus Driver) - C:\Windows\system32\DRIVERS\ScpVBus.sys [18/04/2017 10:19:20] - (3.60.1.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\Windows\system32\drivers\nvvad64v.sys [18/04/2017 10:19:22] - (202.0.0.0) - (NVIDIA Corporation - Virtual USB Host Controller driver) - C:\Windows\system32\DRIVERS\nvvhci.sys [04/03/2017 21:40:57] - (1.3.34.21) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\Windows\system32\drivers\nvhda64v.sys [04/02/2016 14:31:08] - (1.0.45.0) - (Razer Inc - Razer RzMPos) - C:\Windows\system32\DRIVERS\rzmpos.sys [04/02/2016 14:31:20] - (1.0.45.0) - (Razer Inc - Razer Rzudd Engine) - C:\Windows\system32\DRIVERS\rzudd.sys [09/05/2012 20:06:17] - (0.50.0.2) - (MotioninJoy - MotioninJoy DS3 driver) - C:\Windows\system32\DRIVERS\MijXfilt.sys [04/02/2016 14:31:26] - (1.0.45.0) - (Razer Inc - Razer RzEndPt) - C:\Windows\system32\DRIVERS\rzkeypadendpt.sys [04/02/2016 14:31:06] - (1.0.45.0) - (Razer Inc - Razer JoyStick Device) - C:\Windows\system32\DRIVERS\rzjstk.sys [07/01/2017 15:32:58] - (2.0.0.75) - (BitDefender LLC - BitDefender Gonzales FileSystem Driver) - C:\Windows\system32\DRIVERS\gzflt.sys [14/04/2017 09:53:54] - (5.1.2.251) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\Windows\System32\ATMFD.DLL [07/10/2014 15:33:44] - (0.9.4.4078) - (BlueStack Systems - BlueStacks Hypervisor for amd64) - C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [07/01/2017 16:05:23] - (1.0.12.7465) - (Razer, Inc. - Razer Overlay Support) - C:\Windows\system32\drivers\rzpnk.sys [07/01/2017 15:35:04] - (3.12.15976.6498) - (BitDefender - Active Virus Control Kernel Filtering driver) - C:\Windows\system32\DRIVERS\avckf.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service R0 - [Kernel Driver] - ACPI (Pilote ACPI Microsoft) -> system32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - amdxata () -> system32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - atapi (Canal IDE) -> system32\drivers\atapi.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - avc3 (avc3) -> system32\DRIVERS\avc3.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Disk (Pilote de disque) -> system32\drivers\disk.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - gzflt (gzflt) -> system32\DRIVERS\gzflt.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msahci () -> system32\drivers\msahci.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> system32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (Pilote de bus PCI) -> system32\drivers\pci.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - PxHlpa64 (PxHlpa64) -> System32\Drivers\PxHlpa64.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - spldr (Security Processor Loader Driver) -> (?) - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - trufos (trufos) -> system32\DRIVERS\trufos.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (Pilote d’énumérateur de lecteur virtuel Microsoft) -> system32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgr (Pilote du Gestionnaire de volume) -> system32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (Volumes de stockage) -> system32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - bdfwfpf (bdfwfpf) -> \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - blbdrive () -> system32\DRIVERS\blbdrive.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (Pilote de CD-ROM) -> system32\DRIVERS\cdrom.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - dtsoftbus01 (DAEMON Tools Virtual Bus Driver) -> system32\DRIVERS\dtsoftbus01.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (Pilote BIOS de gestion de systèmes Microsoft) -> system32\DRIVERS\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - TermDD (Pilote de périphérique terminal) -> system32\DRIVERS\termdd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - VgaSave () -> \SystemRoot\System32\drivers\vga.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (Virtual WiFi Filter Driver) -> system32\DRIVERS\vwififlt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - BstHdDrv (BlueStacks Hypervisor) -> \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rzpnk (rzpnk) -> \??\C:\Windows\system32\drivers\rzpnk.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True ---------- | System files (Microsoft Files whitelisted) [MD5.2F6B34B83843F0C5118B63AC634F5BF4] - [10/06/2009 22:36:24] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - [479.58 Ko] - (1.6.6.4) - C:\Windows\System32\Drivers\adp94xx.sys [MD5.597F78224EE9224EA1A13D6350CED962] - [13/07/2009 23:59:32] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - [331.58 Ko] - (1.6.6.1) - C:\Windows\System32\Drivers\adpahci.sys [MD5.E109549C90F62FB570B9540C4B148E54] - [13/07/2009 23:59:33] - (.Copyright © 2003 Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) - [178.58 Ko] - (7.2.0.0) - C:\Windows\System32\Drivers\adpu320.sys [MD5.5812713A477A3AD7363C7438CA2EE038] - [14/07/2009 01:19:47] - (.Copyright (C) Acer Laboratories Inc. 2000 - ALi mini IDE Driver.) - [15.08 Ko] - (1.2.0.0) - C:\Windows\System32\Drivers\aliide.sys [MD5.1FF8B4431C353CE385C875F194924C0C] - [14/07/2009 01:19:49] - (.Copyright (C) AMD 2003 - Pilote IDE AMD.) - [15.08 Ko] - (6.1.7600.16385) - C:\Windows\System32\Drivers\amdide.sys [MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - [12/05/2012 13:16:50] - (.Copyright © 2008-2010 AMD, Inc. - AHCI 1.2 Device Driver.) - [105.38 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdsata.sys [MD5.F67F933E79241ED32FF46A4F29B5120B] - [10/06/2009 22:37:35] - (.2008 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [189.58 Ko] - (3.6.1540.127) - C:\Windows\System32\Drivers\amdsbs.sys [MD5.540DAF1CEA6094886D72126FD7C33048] - [12/05/2012 13:16:50] - (.Copyright © 2008-2010 AMD, Inc. - Storage Filter Driver.) - [26.38 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdxata.sys [MD5.C484F8CEB1717C540242531DB7845C4E] - [13/07/2009 23:59:33] - (.Copyright 2007 Adaptec, Inc. - Adaptec RAID Storport Driver.) - [85.58 Ko] - (5.2.0.10384) - C:\Windows\System32\Drivers\arc.sys [MD5.019AF6924AEFE7839F61C830227FE79C] - [13/07/2009 23:59:33] - (.Copyright 2008 Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - [95.56 Ko] - (5.2.0.16119) - C:\Windows\System32\Drivers\arcsas.sys [MD5.DA978AB6E0AAEA82235C943DEED3484C] - [07/01/2017 15:35:04] - (.Copyright © BitDefender - Active Virus Control filter driver.) - [1567.75 Ko] - (3.12.15976.6498) - C:\Windows\System32\Drivers\avc3.sys [MD5.09A3015AEA14CF9A4ECDE1CEA6AFE0AA] - [07/01/2017 15:35:04] - (.Copyright © BitDefender - Active Virus Control Kernel Filtering driver.) - [857.49 Ko] - (3.12.15976.6498) - C:\Windows\System32\Drivers\avckf.sys [MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - [10/06/2009 22:34:23] - (.Copyright 2000-2008, Broadcom Corporation. - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) - [264.5 Ko] - (10.100.4.0) - C:\Windows\System32\Drivers\b57nd60a.sys [MD5.AC4E2D84DE54CD3A013AEFF0CC56095C] - [09/05/2012 17:31:33] - (.1998-2010, Broadcom Corporation - Broadcom iLine10(tm) PCI Network Adapter Proxy Protocol Driver.) - [21.99 Ko] - (5.60.48.35) - C:\Windows\System32\Drivers\bcm42rly.sys [MD5.0B0DF4CD7C2C188C95C4E09C568AD54A] - [09/05/2012 17:31:30] - (.1998-2010, Broadcom Corp. All Rights Rsvd - Broadcom 802.11 Network Adapter wireless driver.) - [2986.49 Ko] - (5.60.48.35) - C:\Windows\System32\Drivers\BCMWL664.SYS [MD5.D8FAF7CFBC81E5E15CA7A7EC8EE1B409] - [07/01/2017 15:35:05] - (.Copyright© BitDefender - FileVault Disk Driver.) - [85.85 Ko] - (13.1.1.4) - C:\Windows\System32\Drivers\bdvedisk.sys [MD5.8D23697EB055F44489520E09A9C0B2C2] - [24/05/2010 18:22:10] - (.(c) COPYRIGHT 2001-2010 Broadcom Corporation - Broadcom NetXtreme Unified Crash Dump (x64).) - [275.54 Ko] - (6.0.1.0) - C:\Windows\System32\Drivers\bnxcd64.sys [MD5.F09EEE9EDC320B5E1501F749FDE686C8] - [14/07/2009 03:19:59] - (.Copyright (C) Brother Industries, Ltd. 2001-2003 - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) - [18 Ko] - (1.10.0.2) - C:\Windows\System32\Drivers\BrFiltLo.sys [MD5.B114D3098E9BDB8BEA8B053685831BE6] - [14/07/2009 03:20:21] - (.Copyright (C) Brother Industries, Ltd. 2001 - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) - [8.5 Ko] - (1.4.0.1) - C:\Windows\System32\Drivers\BrFiltUp.sys [MD5.43BEA8D483BF1870F018E2D02E06A5BD] - [14/07/2009 03:19:06] - (.Copyright (C) Brother Industries Ltd.1997-2006 - Pilote Brother Série I/F (WDM).) - [280 Ko] - (1.0.1.6) - C:\Windows\System32\Drivers\BrSerId.sys [MD5.A6ECA2151B08A09CACECA35C07F05B42] - [14/07/2009 03:20:11] - (.Copyright (C) Brother Industries Ltd.1997-2003 - Brother Serial driver (WDM version).) - [46 Ko] - (1.0.0.20) - C:\Windows\System32\Drivers\BrSerWdm.sys [MD5.B79968002C277E869CF38BD22CD61524] - [14/07/2009 03:20:26] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB MDM Driver.) - [14.63 Ko] - (1.0.0.12) - C:\Windows\System32\Drivers\BrUsbMdm.sys [MD5.A87528880231C54E75EA7A44943B38BF] - [14/07/2009 03:20:15] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB Serial Driver.) - [14.38 Ko] - (1.0.1.3) - C:\Windows\System32\Drivers\BrUsbSer.sys [MD5.7A2CE8C1BF4DAA1F2766E21E9CA11078] - [09/05/2012 17:45:54] - (.Copyright (C) 2000-2010, Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windows Vista.) - [336.54 Ko] - (6.3.0.6060) - C:\Windows\System32\Drivers\btwampfl.sys [MD5.A75BF6802A967F5AACECC3C67FEBDF55] - [09/05/2012 17:45:54] - (.Copyright (C) 2000-2010, Broadcom Corporation. - Bluetooth Audio Device.) - [100.54 Ko] - (6.3.0.6150) - C:\Windows\System32\Drivers\btwaudio.sys [MD5.D895DC213EDBDA5FCC53AAD1F1E0E63B] - [09/05/2012 17:45:54] - (.Copyright (C) 2000-2010, Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) - [132.54 Ko] - (6.3.0.6150) - C:\Windows\System32\Drivers\btwavdt.sys [MD5.07096D2BC22CCB6CEA5A532DF0BE8A75] - [09/05/2012 17:45:54] - (.Copyright (C) 2000-2009, Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) - [38.54 Ko] - (6.3.0.3850) - C:\Windows\System32\Drivers\btwl2cap.sys [MD5.6D7AA2BDE0135599C5F230D69DB3B420] - [09/05/2012 17:45:54] - (.Copyright (C) 2000-2010, Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) - [21.04 Ko] - (6.3.0.6150) - C:\Windows\System32\Drivers\btwrchid.sys [MD5.3E5B191307609F7514148C6832BB0842] - [10/06/2009 22:34:28] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [457.5 Ko] - (4.8.2.0) - C:\Windows\System32\Drivers\bxvbda.sys [MD5.EFE63BDFC12A1DD65FBB9E621F29B78C] - [09/05/2012 18:21:32] - (.Copyright (c) 1994-2005 Sonic Solutions - CDR4 64-bit CD and DVD Place Holder Driver (see PxHelp).) - [9.98 Ko] - (8.0.0.212) - C:\Windows\System32\Drivers\cdr4_xp.sys [MD5.60B3B1A2544EB7843F26EC291BB590BB] - [09/05/2012 18:21:32] - (.Copyright (c) 1994-2005 Sonic Solutions - CDRAL 64-bit Place Holder Driver (see PxHelp).) - [9.98 Ko] - (8.0.0.212) - C:\Windows\System32\Drivers\cdralw2k.sys [MD5.E19D3F095812725D88F9001985B94EDD] - [14/07/2009 01:19:48] - (.Copyright (C) CMD Technology, Inc. 1999-2000 - CMD PCI IDE Bus Driver.) - [17.08 Ko] - (2.0.7.0) - C:\Windows\System32\Drivers\cmdide.sys [MD5.46571ED73AE84469DCA53081D33CF3C8] - [06/12/2012 01:21:00] - (.© 2000-2012 DT Soft Ltd. - DAEMON Tools Virtual Bus Driver.) - [276.56 Ko] - (5.0.1.282) - C:\Windows\System32\Drivers\dtsoftbus01.sys [MD5.0E5DA5369A0FCAEA12456DD852545184] - [10/06/2009 22:36:49] - (.Copyright © 2003-2009 Emulex - Storport Miniport Driver for LightPulse HBAs.) - [518.06 Ko] - (7.2.10.211) - C:\Windows\System32\Drivers\elxstor.sys [MD5.DC5D737F51BE844D8C82C695EB17372F] - [10/06/2009 22:34:33] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) - [3209 Ko] - (4.8.13.0) - C:\Windows\System32\Drivers\evbda.sys [MD5.8E98D21EE06192492A5671A6144D092F] - [12/01/2013 13:04:28] - (.Copyright (C) GEAR Software Inc. 1997-2012 - CD DVD Filter.) - [32.46 Ko] - (2.2.3.0) - C:\Windows\System32\Drivers\GEARAspiWDM.sys [MD5.F72818A52CBB5A9E8B2C9E350638A945] - [07/01/2017 15:32:58] - (.Copyright (C) BitDefender LLC - BitDefender Gonzales FileSystem Driver.) - [178.66 Ko] - (2.0.0.75) - C:\Windows\System32\Drivers\gzflt.sys [MD5.F2523EF6460FC42405B12248338AB2F0] - [14/07/2009 00:53:43] - (.Copyright ©2007-2009 Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) - [30.5 Ko] - (1.31.27127.0) - C:\Windows\System32\Drivers\hcw85cir.sys [MD5.A6518DCC42F7A6E999BB3BEA8FD87567] - [19/10/2010 23:34:26] - (.Copyright © 2006-2010, Intel Corporation. - Intel(R) Management Engine Interface.) - [55.02 Ko] - (7.0.0.1144) - C:\Windows\System32\Drivers\HECIx64.sys [MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - [21/11/2010 05:23:47] - (.Copyright (c) 2004-2010 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [76.88 Ko] - (6.12.6.64) - C:\Windows\System32\Drivers\HpSAMD.sys [MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - [12/05/2012 13:16:50] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [400.88 Ko] - (8.6.2.1014) - C:\Windows\System32\Drivers\iaStorV.sys [MD5.4AB719D0CEB64ED85D30EB974A5C806E] - [07/01/2017 15:56:13] - (.Copyright © Bitdefender - IGNIS filter driver.) - [297.97 Ko] - (1.1.0.719) - C:\Windows\System32\Drivers\ignis.sys [MD5.5C18831C61933628F5BB0EA2675B9D21] - [13/07/2009 23:59:33] - (.Copyright © 2002-05 Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - [43.08 Ko] - (5.4.22.0) - C:\Windows\System32\Drivers\iirsp.sys [MD5.12E27942DBB7C91880163634B0D8A776] - [08/06/2010 04:36:18] - (.Copyright 2000-2010, Broadcom Corporation. - Broadcom NetLink (TM) Gigabit Ethernet NDIS6.x Unified Driver..) - [396.54 Ko] - (14.2.0.7) - C:\Windows\System32\Drivers\k57nd60a.sys [MD5.EAB70270BDDCFEF56FCC7425C2D9883D] - [18/06/2015 04:25:00] - (.© Logitech, Inc. 1987-2015. - Logitech Equad USB Driver..) - [85.64 Ko] - (5.90.38.0) - C:\Windows\System32\Drivers\LEqdUsb.sys [MD5.5EBB7C1FC685D45A1D3D8B2B9A656E48] - [18/06/2015 04:25:00] - (.© Logitech, Inc. 1987-2015. - Logitech HID Filter Driver..) - [22.64 Ko] - (5.90.38.0) - C:\Windows\System32\Drivers\LHidEqd.sys [MD5.AFDFA4A6B0F7B15AA38E494FD4595741] - [18/06/2015 04:25:00] - (.© Logitech, Inc. 1987-2015. - Logitech HID Filter Driver..) - [84.64 Ko] - (5.90.38.0) - C:\Windows\System32\Drivers\LHidFilt.Sys [MD5.C3E82B320F34C97F32B8026F4C249BEF] - [18/06/2015 04:25:00] - (.© Logitech, Inc. 1987-2015. - Logitech Mouse Filter Driver..) - [67.64 Ko] - (5.90.38.0) - C:\Windows\System32\Drivers\LMouFilt.Sys [MD5.64AEB5790901EA8854884981F104CAA6] - [10/03/2016 22:04:40] - (.© Logitech, Inc. 1987-2009. - Logitech Non-Plug and Play Driver..) - [18.52 Ko] - (4.90.30.0) - C:\Windows\System32\Drivers\LNonPnP.sys [MD5.1A93E54EB0ECE102495A51266DCDB6A6] - [13/07/2009 23:59:34] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT FC Driver (StorPort).) - [112.06 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_fc.sys [MD5.1047184A9FDC8BDBFF857175875EE810] - [13/07/2009 23:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SAS Driver (StorPort).) - [104.06 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_sas.sys [MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - [13/07/2009 23:59:34] - (.Copyright © LSI Corporation 2009 - LSI SAS Gen2 Driver (StorPort).) - [64.06 Ko] - (2.0.2.71) - C:\Windows\System32\Drivers\lsi_sas2.sys [MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - [13/07/2009 23:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SCSI Driver (StorPort).) - [113.06 Ko] - (1.28.3.67) - C:\Windows\System32\Drivers\lsi_scsi.sys [MD5.4CB64D7458ABD8396BCD389A69C8FC80] - [09/05/2007 21:46:36] - (.(c) 1996-2007 Logitech. - Audio filter for Express Plus.) - [15.66 Ko] - (11.0.0.1213) - C:\Windows\System32\Drivers\lv302a64.sys [MD5.37EA62238E17AE88E4713D9246CA1C1C] - [09/05/2007 21:46:48] - (.(c) 1996-2007 Logitech. - Logitech QuickCam Driver.) - [1100.91 Ko] - (11.0.0.1213) - C:\Windows\System32\Drivers\LV302V64.SYS [MD5.0034F69D0007D3F77F6B96FA51228E85] - [09/05/2007 21:50:48] - (.(c) 1996-2007 Logitech. - USB Statistic Driver.) - [49.03 Ko] - (11.0.0.1213) - C:\Windows\System32\Drivers\LVUSBS64.sys [MD5.A55805F747C6EDB6A9080D7C633BD0F4] - [10/06/2009 22:37:14] - (.Copyright © LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64.) - [34.56 Ko] - (4.5.1.64) - C:\Windows\System32\Drivers\megasas.sys [MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - [13/07/2009 23:59:33] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [278.06 Ko] - (13.5.409.2009) - C:\Windows\System32\Drivers\MegaSR.sys [MD5.BAE52DFE620CC9030EF0016984763CD8] - [09/05/2012 20:06:17] - (.MotioninJoy - MotioninJoy DS3 driver.) - [119.07 Ko] - (0.50.0.2) - C:\Windows\System32\Drivers\MijXfilt.sys [MD5.6F4607E2333FE21E9E3FF8133A88B35B] - [02/08/2011 16:38:44] - (.Copyright (C) 2009 Apple Inc. - Apple Mobile Device Ethernet.) - [22 Ko] - (1.8.4.1) - C:\Windows\System32\Drivers\netaapl64.sys [MD5.77889813BE4D166CDAB78DDBA990DA92] - [13/07/2009 23:59:33] - (.(C) Copyright IBM Corp. 1994, 2002. - IBM ServeRAID Controller Driver.) - [50.06 Ko] - (7.10.0.0) - C:\Windows\System32\Drivers\nfrd960.sys [MD5.324C4D3C3FC6ACCB72D5D83986442EBB] - [09/05/2012 17:31:34] - (.Copyright © 2005-2008 CACE Technologies. Copyright © 1999-2005 NetGroup, Politecnico di Torino. - npf.sys (NT5/6 AMD64) Kernel Driver.) - [46.52 Ko] - (4.1.0.1452) - C:\Windows\System32\Drivers\npf.sys [MD5.786DB821BFD57C0551DBBE4F75384A7D] - [16/02/2011 03:25:49] - (.(C) 2010 Renesas Electronics Corporation - USB 3.0 Hub Driver.) - [78.5 Ko] - (2.0.26.0) - C:\Windows\System32\Drivers\nusb3hub.sys [MD5.DAA8005CAF745042BB427A1ED7433354] - [16/02/2011 03:25:49] - (.(C) 2010 Renesas Electronics Corporation - USB 3.0 Host Controller Driver.) - [176.5 Ko] - (2.0.26.0) - C:\Windows\System32\Drivers\nusb3xhc.sys [MD5.207A78939B7BBA0EFE8BFA947A35E71C] - [04/03/2017 21:40:57] - (.(C) NVIDIA Corporation. - NVIDIA HDMI Audio Driver.) - [212.43 Ko] - (1.3.34.21) - C:\Windows\System32\Drivers\nvhda64v.sys [MD5.5953E6353A3D22275F7CE92A7F00A8BB] - [04/03/2017 21:40:54] - (.(C) 2017 NVIDIA Corporation. - NVIDIA Windows Kernel Mode Driver, Version 378.66.) - [14036.94 Ko] - (21.21.13.7866) - C:\Windows\System32\Drivers\nvlddmkm.sys [MD5.6459D3B45C0B6A6AF82C8B4B0C18B2FE] - [04/04/2016 14:05:20] - (.(C) 2016 NVIDIA Corporation. - NVIDIA Windows Kernel Mode Driver, Version 364.72.) - [39.05 Ko] - (10.18.13.6472) - C:\Windows\System32\Drivers\nvpciflt.sys [MD5.0A92CB65770442ED0DC44834632F66AD] - [12/05/2012 13:16:50] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [144.88 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvraid.sys [MD5.DAB0E87525C10052BF65F06152F37E4A] - [12/05/2012 13:16:50] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [162.38 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvstor.sys [MD5.0EE2295234652B8B32E74D867303A3B8] - [18/04/2017 10:19:20] - (.(C) NVIDIA Corporation. - NVIDIA Virtual Audio Driver.) - [46.44 Ko] - (3.60.1.0) - C:\Windows\System32\Drivers\nvvad64v.sys [MD5.974D960E82CB68BAA9C5C4AE28382A91] - [18/04/2017 10:19:22] - (.(C) 2017 NVIDIA Corporation. - Virtual USB Host Controller driver.) - [56.44 Ko] - (202.0.0.0) - C:\Windows\System32\Drivers\nvvhci.sys [MD5.87B04878A6D59D6C79251DC960C674C1] - [09/05/2012 18:21:32] - (.Copyright © Sonic Solutions - Px Engine Device Driver for 64-bit Windows.) - [54.55 Ko] - (3.0.93.0) - C:\Windows\System32\Drivers\PxHlpa64.sys [MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - [10/06/2009 22:37:36] - (.Copyright © QLogic Corporation 1996-2009 - QLogic Fibre Channel Stor Miniport Driver.) - [1489.08 Ko] - (9.1.8.6) - C:\Windows\System32\Drivers\ql2300.sys [MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - [13/07/2009 23:59:34] - (.© QLogic Corporation. - QLogic iSCSI Storport Miniport Driver.) - [125.58 Ko] - (2.1.3.20) - C:\Windows\System32\Drivers\ql40xx.sys [MD5.3D4A47980E7886FCE3499A8E91EF728E] - [04/02/2016 14:31:00] - (.Copyright © 2015 Razer Inc. All rights reserved - Razer RzEndPt.) - [50.02 Ko] - (1.0.45.0) - C:\Windows\System32\Drivers\rzendpt.sys [MD5.61C1CA1FB945D3C80604A0ADBEC1C037] - [04/02/2016 14:31:06] - (.Copyright © 2015 Razer Inc. All rights reserved - Razer JoyStick Device.) - [35.52 Ko] - (1.0.45.0) - C:\Windows\System32\Drivers\rzjstk.sys [MD5.7900B1A58607219A3B52A3B9B5F9EC85] - [04/02/2016 14:31:26] - (.Copyright © 2015 Razer Inc. All rights reserved - Razer RzEndPt.) - [44.02 Ko] - (1.0.45.0) - C:\Windows\System32\Drivers\rzkeypadendpt.sys [MD5.4B6B192981769DDA24ED0B0FF2C50AF2] - [04/02/2016 14:31:08] - (.Copyright © 2015 Razer Inc. All rights reserved - Razer RzMPos.) - [46.52 Ko] - (1.0.45.0) - C:\Windows\System32\Drivers\rzmpos.sys [MD5.B4598C05D5440250633E25933FFF42B0] - [07/01/2017 16:05:23] - (.Copyright (C) 2010-2014 - Razer Overlay Support.) - [134.61 Ko] - (1.0.12.7465) - C:\Windows\System32\Drivers\rzpnk.sys [MD5.9B07BB39BE7B684492EDDF4AA7CB3149] - [16/10/2016 13:04:08] - (.Copyright (C) Razer.2012 - RazerSurround VAD Audio driver.) - [48.02 Ko] - (6.1.7600.16385) - C:\Windows\System32\Drivers\RzSurroundVAD.sys [MD5.BF4DCCFB983F219DAD8AD43CC63CCB24] - [04/02/2016 14:31:20] - (.Copyright © 2016 Razer Inc. All rights reserved - Razer Rzudd Engine.) - [198.52 Ko] - (1.0.45.0) - C:\Windows\System32\Drivers\rzudd.sys [MD5.AD7189E85A0801DE0507C610963A3CD0] - [31/05/2014 17:22:48] - (.Copyright © 2012, 2013 Scarlet.Crush Productions. - Scp Virtual Bus Driver.) - [38.25 Ko] - (1.0.0.103) - C:\Windows\System32\Drivers\ScpVBus.sys [MD5.3EA8A16169C26AFBEB544E0E48421186] - [14/07/2009 04:36:07] - (.© 2006 Macrovision Corporation - Macrovision SECURITY Driver.) - [22.5 Ko] - (4.3.86.0) - C:\Windows\System32\Drivers\secdrv.sys [MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - [10/06/2009 22:37:40] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [42.56 Ko] - (5.1.1039.2600) - C:\Windows\System32\Drivers\sisraid2.sys [MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - [13/07/2009 23:59:33] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [78.58 Ko] - (5.1.1039.3600) - C:\Windows\System32\Drivers\sisraid4.sys [MD5.9593475FBC857A05D93BFF4FA7323C2B] - [05/09/2016 05:47:06] - (.Copyright ? SAMSUNG - SAMSUNG USB Composite Device Driver.) - [128.63 Ko] - (2.12.4.0) - C:\Windows\System32\Drivers\ssudbus.sys [MD5.592FF34A2FD6C6351B8A3AA76B2C0A9E] - [05/09/2016 05:47:12] - (.Copyright ? SAMSUNG - SAMSUNG Android Modem Device Driver.) - [161.63 Ko] - (2.12.4.0) - C:\Windows\System32\Drivers\ssudmdm.sys [MD5.F3817967ED533D08327DC73BC4D5542A] - [13/07/2009 23:59:33] - (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) - [24.08 Ko] - (5.0.1.1) - C:\Windows\System32\Drivers\stexstor.sys [MD5.0D5A09B08568760AE85A801FCBC0F83D] - [24/12/2015 11:37:36] - (.-.) - [27.61 Ko] - (2.0.2.0) - C:\Windows\System32\Drivers\TrueSight.sys [MD5.AA129EFF64E41947F6A46388A7F5F966] - [07/01/2017 15:32:58] - (.(c) 2014 BitDefender S.R.L. - Trufos Kernel Module.) - [507.84 Ko] - (2.4.986.68) - C:\Windows\System32\Drivers\trufos.sys [MD5.F957092C63CD71D85903CA0D8370F473] - [17/06/2015 18:04:24] - (.© Apple, Inc. - Apple Mobile Device USB Driver.) - [53.5 Ko] - (1.67.0.0) - C:\Windows\System32\Drivers\usbaapl64.sys [MD5.E5689D93FFE4E5D66C0178761240DD54] - [14/07/2009 01:19:50] - (.Copyright (C) VIA Technologies, Inc. 2000-2007 - VIA Generic PCI IDE Bus Driver.) - [17.08 Ko] - (6.0.6000.170) - C:\Windows\System32\Drivers\viaide.sys [MD5.DDF7522FBEF8D50E015E743813595801] - [27/12/2014 00:56:58] - (.Copyright (C) 2007-2009 RSUPPORT CO., LTD. - Rsupport VRVD5.) - [13.03 Ko] - (5.2.0.0) - C:\Windows\System32\Drivers\vrvd5.sys [MD5.5E2016EA6EBACA03C04FEAC5F330D997] - [10/06/2009 22:37:58] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [158.08 Ko] - (6.0.6000.6210) - C:\Windows\System32\Drivers\vsmraid.sys ---------- | Uninstall [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\58d94f3ce2c27db0] : (Dell System Detect.-.Dell) -> "C:\Users\Maestro\AppData\Local\Apps\2.0\PRLK70WM.H2L\2QVA1TNV.WDO\dell..tion_6d0a76327dca4869_0006.000c_9ebce3b7bfa8d3cd\Uninstaller.exe" uninstall [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) -> "C:\Users\Maestro\AppData\Local\Google\Chrome\Application\57.0.2987.133\Installer\setup.exe" --uninstall --verbose-logging [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\uTorrent] : (µTorrent.-.BitTorrent Inc.) -> "C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL [HKU\S-1-5-21-2687808087-1106675009-1755940479-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{40e2a436-e77b-4a2f-ac1a-384bd499cccc}] : (DIGIPASS Native Bridge 2.2.1.-.VASCO Data Security) -> "C:\Users\Maestro\AppData\Local\Package Cache\{40e2a436-e77b-4a2f-ac1a-384bd499cccc}\digipass-nativebridge-installer.exe" /uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958] : (Package de pilotes Windows - Fedict SmartCard (08/08/2015 4.1.5).-.Fedict) -> rundll32.exe C:\PROGRA~1\DIFX\4CBAA680AB78144E\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\beidmdrv.inf_amd64_neutral_434c3be66d9de384\beidmdrv.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Bitdefender] : (Bitdefender Antivirus Plus 2017.-.Bitdefender) -> C:\Program Files\Common Files\Bitdefender\SetupInformation\{C12EDCD9-A219-4778-A5FC-0D0F1F219F12}\installer.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Bitdefender Agent] : (Bitdefender Agent.-.Bitdefender) -> C:\Program Files\Bitdefender Agent\installer\installer.exe /uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe" ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Dell Support Center] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DW WLAN Card Utility] : (DW WLAN Card Utility.-.Dell Inc.) -> "C:\Program Files\Dell\DW WLAN Card\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Dell\DW WLAN Card" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Guild Wars 2] : (Guild Wars 2.-.NCsoft Corporation, Ltd.) -> "C:\Program Files (x86)\Guild Wars 2\Guild Wars 2\Gw2-64.exe" -uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\PC-Doctor for Windows] : (Dell SupportAssist.-.Dell) -> C:\Program Files\Dell\SupportAssist\uninstaller.exe /arp [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\sp6] : (Logitech SetPoint 6.67.-.Logitech) -> C:\Program Files\Common Files\LogiShrd\sp6_Uninstall\setup.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Speccy] : (Speccy.-.Piriform) -> "C:\Program Files\Speccy\uninst.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\TeamSpeak 3 Client] : (TeamSpeak 3 Client.-.TeamSpeak Systems GmbH) -> "C:\Program Files\TeamSpeak 3 Client\uninstall.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VulkanRT1.0.11.1] : (Vulkan Run Time Libraries 1.0.11.1.-.LunarG, Inc.) -> C:\Program Files (x86)\VulkanRT\1.0.11.1\UninstallVulkanRT.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VulkanRT1.0.39.1] : (Vulkan Run Time Libraries 1.0.39.1.-.LunarG, Inc.) -> C:\Program Files (x86)\VulkanRT\1.0.39.1\UninstallVulkanRT.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 4.11 (64-bit).-.win.rar GmbH) -> C:\Program Files\WinRAR\uninstall.exe ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{138A4072-9E64-46BD-B5F9-DB2BB395391F}] : (LWS VideoEffects.-.Logitech) -> MsiExec.exe /I{138A4072-9E64-46BD-B5F9-DB2BB395391F} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2937FD88-C9D6-4B82-B539-37CD0A572F42}] : (Apple Application Support (64 bits).-.Apple Inc.) -> MsiExec.exe /I{2937FD88-C9D6-4B82-B539-37CD0A572F42} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}] : (Apple Mobile Device Support.-.Apple Inc.) -> MsiExec.exe /I{2E4AF2A6-50EA-4260-9BA4-5E582D11879A} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}] : (WIDCOMM Bluetooth Software.-.Broadcom Corporation) -> MsiExec.exe /X{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}] : (Bonjour.-.Apple Inc.) -> MsiExec.exe /X{56DDDFB8-7F79-4480-89D5-25E1F52AB28F} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}] : (Roxio File Backup.-.Roxio) -> MsiExec.exe /I{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{703D47B8-2869-4A50-B988-BDE18772A474}] : (VoiceOver Kit.-.Apple Inc.) -> MsiExec.exe /I{703D47B8-2869-4A50-B988-BDE18772A474} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{982E1601-0DFC-4FD3-A427-AC6570697858}] : (Broadcom NetXtreme-I Netlink Driver and Management Installer.-.Broadcom Corporation) -> MsiExec.exe /I{982E1601-0DFC-4FD3-A427-AC6570697858} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}] : (RBVirtualFolder64Inst.-.Roxio, Inc.) -> MsiExec.exe /I{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A31C5565-90D9-4615-AE13-94D86C3836C7}] : (iTunes.-.Apple Inc.) -> MsiExec.exe /I{A31C5565-90D9-4615-AE13-94D86C3836C7} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel] : (Ansel.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision] : (NVIDIA Pilote 3D Vision 378.66.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.3DVision ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 378.66.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] : (NVIDIA Pilote graphique 378.66.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience] : (NVIDIA GeForce Experience 3.5.0.70.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB] : (NVIDIA Pilote du contrôleur 3D Vision 369.04.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NVIRUSB ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus] : (NVIDIA Optimus Update 2.11.2.55.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] : (NVIDIA Logiciel système PhysX 9.16.0318.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (Mises à jour NVIDIA 24.0.0.0.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (SHIELD Streaming.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService] : (NVIDIA Wireless Controller Service.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver] : (NVIDIA Pilote audio HD : 1.3.34.21.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend] : (NVIDIA Backend.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer] : (NVIDIA Container.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem] : (NVIDIA LocalSystem Container.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus] : (NVIDIA Message Bus for NvContainer.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService] : (NVIDIA NetworkService Container.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session] : (NVIDIA Session Container.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User] : (NVIDIA User Container.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer] : (NVIDIA Display Container.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS] : (NVIDIA Display Container LS.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs] : (NvNodejs.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog] : (NVIDIA Watchdog Plugin for NvContainer.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry] : (NvTelemetry.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer] : (NVIDIA Telemetry Container.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci] : (NvvHci.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC] : (Nvidia Share.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 3.5.0.70.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 3.60.1.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}] : (WinZip 16.0.-.WinZip Computing, S.L.) -> MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DB942AEA-93D6-4FE4-8862-180D35A71730}] : (Belgium e-ID middleware 4.1.18 (build 1730).-.Belgian Government) -> MsiExec.exe /I{DB942AEA-93D6-4FE4-8862-180D35A71730} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] : (Adobe Flash Player 25 ActiveX.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_ActiveX.exe -maintain activex [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI] : (Adobe Flash Player 25 NPAPI.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_Plugin.exe -maintain plugin [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player PPAPI] : (Adobe Flash Player 25 PPAPI.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe -maintain pepperplugin [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Audacity_is1] : (Audacity 2.0.3.-.Audacity Team) -> "C:\Program Files (x86)\Audacity\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Battle.net] : (Battle.net.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=battle.net --displayname="Battle.net" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Cities Skylines Snowfall_is1] : (Cities Skylines Snowfall.-.) -> "C:\Program Files (x86)\Cities Skylines Snowfall\unins000.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DAEMON Tools Lite] : (DAEMON Tools Lite.-.DT Soft Ltd) -> C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Diablo III] : (Diablo III.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=diablo3_frfr --displayname="Diablo III" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ForgedByChaos] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Glyph] : (Glyph.-.Trion Worlds, Inc.) -> C:\Program Files (x86)\Glyph\glyphuninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Hearthstone] : (Hearthstone.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=hs_beta --displayname="Hearthstone" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Heroes of the Storm] : (Heroes of the Storm.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=heroes --displayname="Heroes of the Storm" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}] : (Dell VideoStage.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}\setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\League of Legends 3.0.1] : (League of Legends.-.Riot Games) -> msiexec.exe /x {3E75652D-99B1-417E-B163-BEF33CAD3F16} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\NVIDIAStereo] : (NVIDIA Stereoscopic 3D Driver.-.NVIDIA Corporation) -> "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Razer Chroma SDK] : (Razer Chroma SDK Core Components.-.Razer Inc.) -> C:\Program Files (x86)\Razer Chroma SDK\Razer_Chroma_SDK_Uninstaller.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Razer Surround] : (Razer Surround.-.Razer Inc.) -> "C:\ProgramData\Razer\Synapse\ProductUpdates\Uninstallers\Razer Surround\Razer Surround_Uninstaller.exe" /S [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\StarCraft II] : (StarCraft II.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=s2_frfr --displayname="StarCraft II" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam] : (Steam.-.Valve Corporation) -> C:\Program Files (x86)\Steam\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 313990] : (TerraTech Demo.-.Payload Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/313990 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\THX TruStudio PC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\THXAudioCP] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DDCCBB78-8FFB-4FDE-912F-930E4D9FBC67}\setup.exe" -l0x40c /remove [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\uTorrent] : (µTorrent.-.) -> "C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\VLC media player] : (VLC media player.-.VideoLAN) -> C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\World of Warcraft] : (World of Warcraft.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=wow_frfr --displayname="World of Warcraft" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{010A785B-F920-4350-821B-6309909C20BB}] : (THX TruStudio PC.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{010A785B-F920-4350-821B-6309909C20BB}\setup.exe" -l0x40c /remove ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{08610298-29AE-445B-B37D-EFBE05802967}] : (LWS Pictures And Video.-.Logitech) -> MsiExec.exe /I{08610298-29AE-445B-B37D-EFBE05802967} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}] : (Razer Synapse.-.Razer Inc.) -> MsiExec.exe /I{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0EE30424-E151-4CC5-8421-9886D0FDDB67}] : (Dell MusicStage.-.Fingertapps) -> MsiExec.exe /X{0EE30424-E151-4CC5-8421-9886D0FDDB67} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1111706F-666A-4037-7777-211328764D10}] : (JavaFX 2.1.1.-.Oracle Corporation) -> MsiExec.exe /X{1111706F-666A-4037-7777-211328764D10} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{152E0B21-19D5-4772-9EF8-8E76074B0C0A}] : (BlueStacks Notification Center.-.BlueStack Systems, Inc.) -> MsiExec.exe /X{152E0B21-19D5-4772-9EF8-8E76074B0C0A} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{15634701-BACE-4449-8B25-1567DA8C9FD3}] : (CameraHelperMsi.-.Logitech) -> MsiExec.exe /I{15634701-BACE-4449-8B25-1567DA8C9FD3} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1651216E-E7AD-4250-92A1-FB8ED61391C9}] : (LWS Help_main.-.Logitech) -> MsiExec.exe /I{1651216E-E7AD-4250-92A1-FB8ED61391C9} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{174A3B31-4C43-43DD-866F-73C9DB887B48}] : (LWS Twitter.-.Logitech) -> MsiExec.exe /I{174A3B31-4C43-43DD-866F-73C9DB887B48} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}] : (LWS YouTube Plugin.-.Logitech) -> MsiExec.exe /I{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}] : (Skype™ 7.0.-.Skype Technologies S.A.) -> MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F03217065FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217005FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217009FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217011FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217021FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217045FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217051FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217055FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218066F0}] : (Java 8 Update 66.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218066F0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{276B495F-9DB0-4FC6-BEB0-85C91FC0F5E2}] : (PX5 Advanced Sound Editor.-.Turtle Beach) -> MsiExec.exe /I{276B495F-9DB0-4FC6-BEB0-85C91FC0F5E2} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3250260C-7A95-4632-893B-89657EB5545B}] : (PhotoShowExpress.-.Sonic Solutions) -> MsiExec.exe /I{3250260C-7A95-4632-893B-89657EB5545B} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3E75652D-99B1-417E-B163-BEF33CAD3F16}] : (League of Legends.-.Riot Games) -> MsiExec.exe /X{3E75652D-99B1-417E-B163-BEF33CAD3F16} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}] : (erLT.-.Logitech, Inc.) -> MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{56EC47AA-5813-4FF6-8E75-544026FBEA83}] : (Apple Software Update.-.Apple Inc.) -> MsiExec.exe /I{56EC47AA-5813-4FF6-8E75-544026FBEA83} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}] : (Roxio BackOnTrack.-.Roxio) -> MsiExec.exe /I{5A06423A-210C-49FB-950E-CB0EB8C5CEC7} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}] : (Roxio Express Labeler 3.-.Roxio) -> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{692A0367-5220-4F14-9066-7BE2668C54E1}] : (DIGIPASS Native Bridge 2.2.1.-.VASCO Data Security) -> MsiExec.exe /I{692A0367-5220-4F14-9066-7BE2668C54E1} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}] : (Roxio Creator Starter.-.Roxio) -> C:\ProgramData\Uninstall\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}\setup.exe /x {6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC} /qb ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}] : (LWS Gallery.-.Logitech) -> MsiExec.exe /I{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{71E66D3F-A009-44AB-8784-75E2819BA4BA}] : (LWS Motion Detection.-.Logitech) -> MsiExec.exe /I{71E66D3F-A009-44AB-8784-75E2819BA4BA} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}] : (Roxio Burn.-.Roxio) -> MsiExec.exe /I{7746BFAA-2B5D-4FFD-A0E8-4558F4668105} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{82730AAC-04BA-4684-A63F-286FB9847C15}] : (Remote PC Agent.-.RSUPPORT) -> "C:\Program Files (x86)\InstallShield Installation Information\{82730AAC-04BA-4684-A63F-286FB9847C15}\setup.exe" -runfromtemp -l0x0409 -removeonly ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}] : (LWS Launcher.-.Logitech) -> MsiExec.exe /I{83C8FA3C-F4EA-46C4-8392-D3CE353738D6} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8937D274-C281-42E4-8CDB-A0B2DF979189}] : (LWS Webcam Software.-.Logitech) -> MsiExec.exe /I{8937D274-C281-42E4-8CDB-A0B2DF979189} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}] : (TomTom HOME Visual Studio Merge Modules.-.TomTom International B.V.) -> MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{92F59AB3-8B11-4552-8F40-462270A8FD5E}] : (PX5 Advanced Sound Editor.-.Turtle Beach) -> MsiExec.exe /I{92F59AB3-8B11-4552-8F40-462270A8FD5E} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9A00EC4E-27E1-42C4-98DD-662F32AC8870}] : (Sonic CinePlayer Decoder Pack.-.Sonic Solutions) -> MsiExec.exe /I{9A00EC4E-27E1-42C4-98DD-662F32AC8870} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9DAEA76B-E50F-4272-A595-0124E826553D}] : (LWS WLM Plugin.-.Logitech) -> MsiExec.exe /I{9DAEA76B-E50F-4272-A595-0124E826553D} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A121EEDE-C68F-461D-91AA-D48BA226AF1C}] : (Roxio Activation Module.-.Roxio) -> MsiExec.exe /I{A121EEDE-C68F-461D-91AA-D48BA226AF1C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}] : (Google Drive.-.Google, Inc.) -> MsiExec.exe /X{A1238426-ECDF-4639-BE2F-8D12A97AE23C} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A498D9EB-927B-459B-85D6-DD6EF8C2C564}] : (erLT.-.Logitech, Inc.) -> MsiExec.exe /I{A498D9EB-927B-459B-85D6-DD6EF8C2C564} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824214663}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824214663} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}] : (Adobe Acrobat Reader DC - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AC0F074E4100} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}] : (DirectX 9 Runtime.-.Sonic Solutions) -> MsiExec.exe /I{AF9E97C1-7431-426D-A8D5-ABE40995C0B1} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D2E4FBCD-6CB1-432B-BDCF-CEE0892381C7}] : (Dell Stage.-.Fingertapps) -> MsiExec.exe /X{D2E4FBCD-6CB1-432B-BDCF-CEE0892381C7} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D40EB009-0499-459c-A8AF-C9C110766215}] : (Logitech Webcam Software.-.Logitech Inc.) -> "C:\Program Files (x86)\Common Files\LogiShrd\Installer\{D40EB009-0499-459c-A8AF-C9C110766215}\setup.exe" /lang=FRA /guid="{D40EB009-0499-459c-A8AF-C9C110766215}" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}] : (Dell VideoStage.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}\setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DDCCBB78-8FFB-4FDE-912F-930E4D9FBC67}] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DDCCBB78-8FFB-4FDE-912F-930E4D9FBC67}\setup.exe" -l0x40c [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E3F4EA31-41D7-4789-9AC4-F26CDAF797BA}] : (Google SketchUp 8.-.Google, Inc.) -> MsiExec.exe /X{E3F4EA31-41D7-4789-9AC4-F26CDAF797BA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E4335E82-17B3-460F-9E70-39D9BC269DB3}] : (Dell PhotoStage.-.ArcSoft) -> MsiExec.exe /I{E4335E82-17B3-460F-9E70-39D9BC269DB3} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E6FF55D6-094C-4690-A0CA-B9F9FB8694ED}_is1] : (Ivalice Sienna Launcher version 4.0.-.Midgar Studio) -> "C:\Program Files (x86)\Sienna\unins000.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EED027B7-0DB6-404B-8F45-6DFEE34A0441}] : (LWS Video Mask Maker.-.Logitech) -> MsiExec.exe /I{EED027B7-0DB6-404B-8F45-6DFEE34A0441} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EF56258E-0326-48C5-A86C-3BAC26FC15DF}] : (Roxio Creator Starter.-.Roxio) -> MsiExec.exe /I{EF56258E-0326-48C5-A86C-3BAC26FC15DF} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EF79C448-6946-4D71-8134-03407888C054}] : (.-.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}] : (Roxio Creator Starter.-.Roxio) -> MsiExec.exe /I{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}] : (Apple Application Support (32 bits).-.Apple Inc.) -> MsiExec.exe /I{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}] : (LWS Facebook.-.Logitech) -> MsiExec.exe /I{FF167195-9EE4-46C0-8CD7-FBA3457E88AB} ---------- | Ports ---------- | Installer [HKCR\Installer\Products\0AB19942EE0FDA44C98CE55CA0CE6F7B] : Skype™ 7.0 -> C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe [HKCR\Installer\Products\1061E289CFD03DF44A72CA5607968785] : Broadcom NetXtreme-I Netlink Driver and Management Installer -> C:\Windows\Installer\{982E1601-0DFC-4FD3-A427-AC6570697858}\ARPPRODUCTICON.exe [HKCR\Installer\Products\10743651ECAB9444B8525176ADC8F93D] : CameraHelperMsi [HKCR\Installer\Products\12B0E2515D912774E98FE86770B4C0A0] : BlueStacks Notification Center -> C:\Windows\Installer\{152E0B21-19D5-4772-9EF8-8E76074B0C0A}\BlueStacksIcon [HKCR\Installer\Products\13AE4F3E7D149874A94C2FC6AD7F79AB] : Google SketchUp 8 [HKCR\Installer\Products\13B3A47134C4DD3468F6379CBD88B784] : LWS Twitter [HKCR\Installer\Products\166F59DC4C5A5F446AAACEDD192C04DC] : WinZip 16.0 [HKCR\Installer\Products\2704A83146E9DB645B9FBDB23B5993F1] : LWS VideoEffects [HKCR\Installer\Products\28E5334E3B71F064E907939DCB62D93B] : Dell PhotoStage -> C:\Windows\Installer\{E4335E82-17B3-460F-9E70-39D9BC269DB3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2EEB87D0FF8F8944FAA1F38FC1DEA86C] : Razer Synapse -> C:\Windows\Installer\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3BA95F2911B82554F8046422078ADFE5] : PX5 Advanced Sound Editor -> C:\Windows\Installer\{92F59AB3-8B11-4552-8F40-462270A8FD5E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\42403EE0151E5CC4481289680DDFBD76] : Dell MusicStage -> C:\Windows\Installer\{0EE30424-E151-4CC5-8421-9886D0FDDB67}\MusicStage.exe [HKCR\Installer\Products\472D7398182C4E24C8BD0A2BFD791998] : LWS Webcam Software [HKCR\Installer\Products\47FA88A5F1521EC49A4CA526D701EA61] : Movie Maker [HKCR\Installer\Products\4920FD12D9B61474BAF62BBABF2D83E7] : LWS YouTube Plugin [HKCR\Installer\Products\492A22C8ABBDF5445BC52E8671CCEF96] : Movie Maker [HKCR\Installer\Products\4EA42A62D9304AC4784BF2381208660F] : Java 8 Update 66 -> C:\Program Files (x86)\Java\jre1.8.0_66\\bin\javaws.exe [HKCR\Installer\Products\5655C13A9D095164EA31498DC683637C] : iTunes -> C:\Windows\Installer\{A31C5565-90D9-4615-AE13-94D86C3836C7}\Installer.ico [HKCR\Installer\Products\591761FF4EE90C64C87DBF3A54E788BA] : LWS Facebook [HKCR\Installer\Products\5C13C3F8A3C98AA4E8AF1792A0A75D33] : TomTom HOME Visual Studio Merge Modules [HKCR\Installer\Products\6248321AFDCE9364EBF2D8219AA72EC3] : Google Drive -> C:\Windows\Installer\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}\DriveIcon [HKCR\Installer\Products\68AB67CA408033019195008142126436] : Adobe Refresh Manager -> C:\Windows\Installer\{AC76BA86-0804-1033-1959-001824214663}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA76301B744CAF070E41400] : Adobe Acrobat Reader DC - Français -> C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico [HKCR\Installer\Products\6A2FA4E2AE050624B94AE585D21178A9] : Apple Mobile Device Support -> C:\Windows\Installer\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}\Installer.ico [HKCR\Installer\Products\6DAFD6D95E90E5444A5B3A88EFBE9DD0] : RBVirtualFolder64Inst -> C:\Windows\Installer\{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\6E8A266FCD4F2A1409E1C8110F44DBCE] : MSXML 4.0 SP2 (KB973688) [HKCR\Installer\Products\79407899D9A1CF9449F9CE4F89A6ABF1] : ForceDownload -> C:\Windows\Installer\{99870497-1A9D-49FC-949F-ECF4986ABA1F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7B720DEE6BD0B404F854D6EF3EA44014] : LWS Video Mask Maker [HKCR\Installer\Products\7BD4C90EC03660F46A13E87A329932FA] : D3DX10 [HKCR\Installer\Products\88DF73926D9C28B45B9373DCA075F224] : Apple Application Support (64 bits) -> C:\Windows\Installer\{2937FD88-C9D6-4B82-B539-37CD0A572F42}\WinInstall.ico [HKCR\Installer\Products\89201680EA92B5443BD7FEEB50089276] : LWS Pictures And Video [HKCR\Installer\Products\8B74D307968205A49B88DB1E78274A47] : VoiceOver Kit -> C:\Windows\Installer\{703D47B8-2869-4A50-B988-BDE18772A474}\WinInstall.ico [HKCR\Installer\Products\8BFDDD6597F70844985D521E5FA22BF8] : Bonjour -> C:\Windows\Installer\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}\Bonjour.ico [HKCR\Installer\Products\8CDD41E806AE81E43B3E917301D4B5AD] : MSVCRT110 [HKCR\Installer\Products\8E5775848BEADB6429B24282970ED35D] : Age of Empires III -> C:\Windows\Installer\{485775E8-AEB8-46BD-922B-242879E03DD5}\ARPPRODUCTICON.exe [HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper [HKCR\Installer\Products\97B0E634BFC2F5E439081EC7B1520D5C] : WIDCOMM Bluetooth Software -> C:\Windows\Installer\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9F2FDFE0D6387BE43AD230B83D1FBFA2] : Security Update for CAPICOM (KB931906) -> C:\Windows\Installer\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}\folder.ico [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A32460A5C012BF9459E0BCE08B5CEC7C] : Roxio BackOnTrack -> C:\Windows\Installer\{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}\BackupCentral.exe [HKCR\Installer\Products\A6C64DD86500CEF47BA082BB611A1FF1] : MSVCRT [HKCR\Installer\Products\A97E0ECDCA9BCA14891CE70F35B8ACF7] : VideoStage -> C:\Windows\Installer\{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\AA74CE6531856FF4E857450462BFAE38] : Apple Software Update -> C:\Windows\Installer\{56EC47AA-5813-4FF6-8E75-544026FBEA83}\Installer.ico [HKCR\Installer\Products\AAF2C5EFD81190545BD1F317CCE9B1E3] : Apple Application Support (32 bits) -> C:\Windows\Installer\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}\WinInstall.ico [HKCR\Installer\Products\AAFB6477D5B2DFF40A8E54854F661850] : Roxio Burn [HKCR\Installer\Products\AEA249BD6D394EF4882681D0537A7103] : Belgium e-ID middleware 4.1.18 (build 1730) -> C:\Windows\Installer\{DB942AEA-93D6-4FE4-8862-180D35A71730}\eid.ico [HKCR\Installer\Products\B67AEAD9F05E27245A5910428E6255D3] : LWS WLM Plugin [HKCR\Installer\Products\BC1DC1BB8E924EF42A6E278FD72F413E] : Photo Common [HKCR\Installer\Products\BE9D894AB729B954586DDDE68F2C5C46] : erLT -> C:\Windows\Installer\{A498D9EB-927B-459B-85D6-DD6EF8C2C564}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C062052359A7236498B39856E75B45B5] : PhotoShowExpress -> C:\Windows\Installer\{3250260C-7A95-4632-893B-89657EB5545B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C3AF8C38AE4F4C6438293DEC5373836D] : LWS Launcher [HKCR\Installer\Products\C3CE67F61B43E63479BF845CD8B7DEDC] : LWS Gallery [HKCR\Installer\Products\C4C5B60FE2D842B4D934A754EE6C8C87] : Roxio Creator Starter [HKCR\Installer\Products\D25657E31B99E7141B36EB3FC3DAF361] : League of Legends -> C:\Windows\Installer\{3E75652D-99B1-417E-B163-BEF33CAD3F16}\lol.launcher_1.exe [HKCR\Installer\Products\D54CD7FDC3A8C0947AF0C8A61698DE9F] : Photo Gallery [HKCR\Installer\Products\DCBF4E2D1BC6B234DBFCEC0E9832187C] : Dell Stage -> C:\Windows\Installer\{D2E4FBCD-6CB1-432B-BDCF-CEE0892381C7}\stage_primary.exe [HKCR\Installer\Products\DDA39468D428E8B4DB27C8D5DC5CA217] : MSXML 4.0 SP2 (KB954430) [HKCR\Installer\Products\E4CE00A91E724C2489DD66F223CA8807] : Sonic CinePlayer Decoder Pack -> C:\Windows\Installer\{9A00EC4E-27E1-42C4-98DD-662F32AC8870}\CPIcon.exe [HKCR\Installer\Products\E6121561DA7E0524291ABFE86D31199C] : LWS Help_main [HKCR\Installer\Products\E85265FE62305C848AC6B3CA62CF51FD] : Roxio Creator Starter -> C:\Windows\Installer\{EF56258E-0326-48C5-A86C-3BAC26FC15DF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E8B1173487EA38C448CEE3686D9813C1] : Galerie de photos [HKCR\Installer\Products\EDEE121AF86CD16419AA4DB82A62FAC1] : Roxio Activation Module -> C:\Windows\Installer\{A121EEDE-C68F-461D-91AA-D48BA226AF1C}\RoxioCentral.exe [HKCR\Installer\Products\F187AF9E08E3993428A5DAE3112CC877] : MSVCRT110_amd64 [HKCR\Installer\Products\F3D66E17900ABA447848572E18B94AAB] : LWS Motion Detection [HKCR\Installer\Products\F5132B06F0863BE48BDDCCCD687ACCBA] : Roxio File Backup -> C:\Windows\Installer\{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}\BackupCentral.exe [HKCR\Installer\Products\F594B6720BD96CF4EB0B589CF10C5F2E] : PX5 Advanced Sound Editor -> C:\Windows\Installer\{276B495F-9DB0-4FC6-BEB0-85C91FC0F5E2}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F6071111A6667304777712318267D401] : JavaFX 2.1.1 -> C:\Windows\Installer\{1111706F-666A-4037-7777-211328764D10}\javaIcon.ico [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\F7AC5766B15EA6F4994D8F0F21C4E6AA] : Roxio Express Labeler 3 ---------- | ADS ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Nom de l’application défaillante rsautoup_.exe, version : 3.1.6.1, horodatage : 0x4eeb154e Nom du module défaillant : msvcrt.dll, version : 7.0.7601.17744, horodatage : 0x4eeaf722 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000d193 ID du processus défaillant : 0x1cd8 Heure de début de l’application défaillante : 0x01d2bde241e81146 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Samsung\Remote PC\rsautoup_.exe Chemin d’accès du module défaillant: C:\Windows\syswow64\msvcrt.dll ID de rapport : 94fba719-29d5-11e7-8c5d-d4bed989de09 ------------ Nom de l’application défaillante rsautoup_.exe, version : 3.1.6.1, horodatage : 0x4eeb154e Nom du module défaillant : msvcrt.dll, version : 7.0.7601.17744, horodatage : 0x4eeaf722 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000d193 ID du processus défaillant : 0x17ac Heure de début de l’application défaillante : 0x01d2bdd9dfd2093a Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Samsung\Remote PC\rsautoup_.exe Chemin d’accès du module défaillant: C:\Windows\syswow64\msvcrt.dll ID de rapport : 2e6d73ac-29cd-11e7-8c5d-d4bed989de09 ------------ Nom de l’application défaillante rsautoup_.exe, version : 3.1.6.1, horodatage : 0x4eeb154e Nom du module défaillant : msvcrt.dll, version : 7.0.7601.17744, horodatage : 0x4eeaf722 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000d193 ID du processus défaillant : 0x1ca0 Heure de début de l’application défaillante : 0x01d2bdd17dc17f83 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Samsung\Remote PC\rsautoup_.exe Chemin d’accès du module défaillant: C:\Windows\syswow64\msvcrt.dll ID de rapport : cb9d40a6-29c4-11e7-8c5d-d4bed989de09 ------------ Nom de l’application défaillante rsautoup_.exe, version : 3.1.6.1, horodatage : 0x4eeb154e Nom du module défaillant : msvcrt.dll, version : 7.0.7601.17744, horodatage : 0x4eeaf722 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000d193 ID du processus défaillant : 0x15a4 Heure de début de l’application défaillante : 0x01d2bdc91c74bdd9 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Samsung\Remote PC\rsautoup_.exe Chemin d’accès du module défaillant: C:\Windows\syswow64\msvcrt.dll ID de rapport : 920b84ba-29bc-11e7-8c5d-d4bed989de09 ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Le service ne peut pas être démarré. System.IO.FileNotFoundException: Impossible de trouver le fichier 'C:\ProgramData\BlueStacks\Android\kernel.elf'. Nom du fichier : 'C:\ProgramData\BlueStacks\Android\kernel.elf' à BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) à System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) ------------ Nom de l’application défaillante vsserv.exe, version : 21.0.24.62, horodatage : 0x58d55bdd Nom du module défaillant : ntdll.dll, version : 6.1.7601.23714, horodatage : 0x58bf89e8 Code d’exception : 0xc0000374 Décalage d’erreur : 0x00000000000bf3e2 ID du processus défaillant : 0x354 Heure de début de l’application défaillante : 0x01d2bd10ebaa0588 Chemin d’accès de l’application défaillante : C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe Chemin d’accès du module défaillant: C:\Windows\SYSTEM32\ntdll.dll ID de rapport : 378a7d3c-2926-11e7-9282-d4bed989de09 ------------ Nom de l’application défaillante rsautoup_.exe, version : 3.1.6.1, horodatage : 0x4eeb154e Nom du module défaillant : msvcrt.dll, version : 7.0.7601.17744, horodatage : 0x4eeaf722 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000d193 ID du processus défaillant : 0x1518 Heure de début de l’application défaillante : 0x01d2bd32ba701ca2 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Samsung\Remote PC\rsautoup_.exe Chemin d’accès du module défaillant: C:\Windows\syswow64\msvcrt.dll ID de rapport : 0ada817b-2926-11e7-9282-d4bed989de09 ------------ Nom de l’application défaillante rsautoup_.exe, version : 3.1.6.1, horodatage : 0x4eeb154e Nom du module défaillant : msvcrt.dll, version : 7.0.7601.17744, horodatage : 0x4eeaf722 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000d193 ID du processus défaillant : 0x199c Heure de début de l’application défaillante : 0x01d2bd2a5868bacd Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Samsung\Remote PC\rsautoup_.exe Chemin d’accès du module défaillant: C:\Windows\syswow64\msvcrt.dll ID de rapport : ab26b54f-291d-11e7-9282-d4bed989de09 ------------ Nom de l’application défaillante rsautoup_.exe, version : 3.1.6.1, horodatage : 0x4eeb154e Nom du module défaillant : msvcrt.dll, version : 7.0.7601.17744, horodatage : 0x4eeaf722 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000d193 ID du processus défaillant : 0x1848 Heure de début de l’application défaillante : 0x01d2bd21f63b0bb8 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Samsung\Remote PC\rsautoup_.exe Chemin d’accès du module défaillant: C:\Windows\syswow64\msvcrt.dll ID de rapport : 452b9c49-2915-11e7-9282-d4bed989de09 ------------ Nom de l’application défaillante rsautoup_.exe, version : 3.1.6.1, horodatage : 0x4eeb154e Nom du module défaillant : msvcrt.dll, version : 7.0.7601.17744, horodatage : 0x4eeaf722 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000d193 ID du processus défaillant : 0x1964 Heure de début de l’application défaillante : 0x01d2bd199452f228 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Samsung\Remote PC\rsautoup_.exe Chemin d’accès du module défaillant: C:\Windows\syswow64\msvcrt.dll ID de rapport : ebbbc189-290c-11e7-9282-d4bed989de09 ------------ Nom de l’application défaillante rsautoup_.exe, version : 3.1.6.1, horodatage : 0x4eeb154e Nom du module défaillant : msvcrt.dll, version : 7.0.7601.17744, horodatage : 0x4eeaf722 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000d193 ID du processus défaillant : 0x12c0 Heure de début de l’application défaillante : 0x01d2bd11336955bf Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Samsung\Remote PC\rsautoup_.exe Chemin d’accès du module défaillant: C:\Windows\syswow64\msvcrt.dll ID de rapport : 9a0f6e20-2904-11e7-9282-d4bed989de09 ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Le service ne peut pas être démarré. System.IO.FileNotFoundException: Impossible de trouver le fichier 'C:\ProgramData\BlueStacks\Android\kernel.elf'. Nom du fichier : 'C:\ProgramData\BlueStacks\Android\kernel.elf' à BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) à System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) ------------ Nom de l’application défaillante rsautoup_.exe, version : 3.1.6.1, horodatage : 0x4eeb154e Nom du module défaillant : msvcrt.dll, version : 7.0.7601.17744, horodatage : 0x4eeaf722 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000d193 ID du processus défaillant : 0x177c Heure de début de l’application défaillante : 0x01d2bcc5ea31add7 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Samsung\Remote PC\rsautoup_.exe Chemin d’accès du module défaillant: C:\Windows\syswow64\msvcrt.dll ID de rapport : 3a648720-28b9-11e7-92b6-d4bed989de09 ------------ Nom de l’application défaillante rsautoup_.exe, version : 3.1.6.1, horodatage : 0x4eeb154e Nom du module défaillant : msvcrt.dll, version : 7.0.7601.17744, horodatage : 0x4eeaf722 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000d193 ID du processus défaillant : 0x156c Heure de début de l’application défaillante : 0x01d2bcbd881e64f5 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Samsung\Remote PC\rsautoup_.exe Chemin d’accès du module défaillant: C:\Windows\syswow64\msvcrt.dll ID de rapport : d50c8e4e-28b0-11e7-92b6-d4bed989de09 ------------ Nom de l’application défaillante rsautoup_.exe, version : 3.1.6.1, horodatage : 0x4eeb154e Nom du module défaillant : msvcrt.dll, version : 7.0.7601.17744, horodatage : 0x4eeaf722 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000d193 ID du processus défaillant : 0x1410 Heure de début de l’application défaillante : 0x01d2bcb5260b4324 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Samsung\Remote PC\rsautoup_.exe Chemin d’accès du module défaillant: C:\Windows\syswow64\msvcrt.dll ID de rapport : 72af6a17-28a8-11e7-92b6-d4bed989de09 ------------ Nom de l’application défaillante rsautoup_.exe, version : 3.1.6.1, horodatage : 0x4eeb154e Nom du module défaillant : msvcrt.dll, version : 7.0.7601.17744, horodatage : 0x4eeaf722 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000d193 ID du processus défaillant : 0x608 Heure de début de l’application défaillante : 0x01d2bcacc3f6c1bd Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Samsung\Remote PC\rsautoup_.exe Chemin d’accès du module défaillant: C:\Windows\syswow64\msvcrt.dll ID de rapport : 11839e69-28a0-11e7-92b6-d4bed989de09 ------------ Nom de l’application défaillante rsautoup_.exe, version : 3.1.6.1, horodatage : 0x4eeb154e Nom du module défaillant : msvcrt.dll, version : 7.0.7601.17744, horodatage : 0x4eeaf722 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000d193 ID du processus défaillant : 0x1c90 Heure de début de l’application défaillante : 0x01d2bca461e7708a Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Samsung\Remote PC\rsautoup_.exe Chemin d’accès du module défaillant: C:\Windows\syswow64\msvcrt.dll ID de rapport : af4fd4bd-2897-11e7-92b6-d4bed989de09 ------------ ----------( EOF)---------- - 4153 | 19:23:50