--------------- QuickDiag | g3n-h@ckm@n | V4_27.04.18.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 11/05/2018 23:41:29 Updated 27/04/2018 | 14.15 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [bobcl (Administrator)] - [CLEMENT] (S-1-5-21-2153363518-3719023817-840555237-1001) System: Microsoft Windows 10 Professionnel - - (10.0.16299) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (1709) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Professionnel|C:\WINDOWS|\Device\Harddisk0\Partition4 Boot : Normal boot PC: MS-7917 - MSI - IdNumber: To be filled by O.E.M. - UUID: 00000000-0000-0000-0000-D8CB8A745256 Processor : X64 - 3500 Mhz - Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz V10.3 - en|US|iso8859-1 - American Megatrends Inc. - S/N: To be filled by O.E.M. - V10.3 - ALASKA - 1072009 CoreTemp : 29.8 Celsius ----------| Quick ---------- | SoundDevice Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0900&SUBSYS_1462D917&REV_1000\4&70727CF&0&0001 NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000 NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0072&SUBSYS_14623201&REV_1001\5&752D508&0&0001 ---------- | Video NVIDIA GeForce GTX 960 - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_38c9bee769f9ef1f\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_38c9bee769f9ef1f\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_38c9bee769f9ef1f\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_38c9bee769f9ef1f\nvldumdx.dll - PNPDeviceID: PCI\VEN_10DE&DEV_1401&SUBSYS_32011462&REV_A1\4&B7B0A11&0&0008 - AdapterCompatibility: NVIDIA - RAM: -1048576 Inegrated Video Chipset DeviceName: NVIDIA GeForce GTX 960 - DriverVersion: 24.21.13.9764 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 53760 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 28672 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 33296 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34864 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42480 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25400 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 84480 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK ---------- | CPU CPU #1 value:45 % CPU #2 value:21 % CPU #3 value:39 % CPU #4 value:51 % Total Overall CPU Usage value:39 % ---------- | Network Killer E2200 Gigabit Ethernet Controller : SENT:0 bytes/sec / RECVD:0 bytes/sec Remote NDIS based Internet Sharing Device : SENT:6,111,665 bytes/sec / RECVD:6,111,665 bytes/sec Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter : SENT:0 bytes/sec / RECVD:0 bytes/sec Teredo Tunneling Pseudo-Interface : SENT:0 bytes/sec / RECVD:0 bytes/sec Overall -> SEND Maxium:6,111,665 bytes/sec, / RECEIVE Maximum:6,111,665 bytes/sec Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter - Ethernet 802.3 - Realtek Semiconductor Corp. - Status: - PnPID : USB\VID_0BDA&PID_8174\00E04C000001 WAN Miniport (IKEv2) - - - Status: - PnPID : WAN Miniport (L2TP) - - - Status: - PnPID : WAN Miniport (PPTP) - - - Status: - PnPID : WAN Miniport (PPPOE) - - - Status: - PnPID : WAN Miniport (IP) - - - Status: - PnPID : WAN Miniport (IPv6) - - - Status: - PnPID : WAN Miniport (Network Monitor) - - - Status: - PnPID : Killer E2200 Gigabit Ethernet Controller - - Rivet Networks - Status: - PnPID : PCI\VEN_1969&DEV_E091&SUBSYS_79171462&REV_13\4&164DD7F4&0&00E3 Teredo Tunneling Pseudo-Interface - Tunnel - Microsoft - Status: - PnPID : SWD\IP_TUNNEL_VBUS\TEREDO_TUNNEL_DEVICE RAS Async Adapter - - - Status: - PnPID : Remote NDIS based Internet Sharing Device - Ethernet 802.3 - Microsoft - Status: - PnPID : USB\VID_04E8&PID_6863&RNDIS\6&C53184F&1&0000 WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_SSTPMINIPORT ---------- | Memory RAM = Total (MB) : 8330 | Free (MB) : 3985 Pagefile = Total (MB) : 14360 | Free (MB) : 8689 Virtual = Total (MB) : 4194 | Free (MB) : 3871 Physical Memory 1 : Capacity: 4294967296 - ChannelA-DIMM1 - Posit.: 1 - Manufacturer: Kingston - PartNumber: KHX1866C10D3/4G - S/N: 7524C5D8 Physical Memory 3 : Capacity: 4294967296 - ChannelB-DIMM1 - Posit.: 2 - Manufacturer: Kingston - PartNumber: KHX1866C10D3/4G - S/N: 7324E9D8 ---------- | SID Users Administrateur : [S-1-5-21-2153363518-3719023817-840555237-500] bobcl : [S-1-5-21-2153363518-3719023817-840555237-1001] DefaultAccount : [S-1-5-21-2153363518-3719023817-840555237-503] Invité : [S-1-5-21-2153363518-3719023817-840555237-501] WDAGUtilityAccount : [S-1-5-21-2153363518-3719023817-840555237-504] Administrateurs : [S-1-5-32-544] Administrateurs Hyper-V : [S-1-5-32-578] Duplicateurs : [S-1-5-32-552] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Opérateurs d'assistance de contrôle d'accès : [S-1-5-32-579] Opérateurs de chiffrement : [S-1-5-32-569] Opérateurs de configuration réseau : [S-1-5-32-556] Opérateurs de sauvegarde : [S-1-5-32-551] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs avec pouvoir : [S-1-5-32-547] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du Bureau à distance : [S-1-5-32-555] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [] | Total : 223.02 Go | Free : 82.8 Go -> NTFS (SSD) [SATA] D:\ -> [Fixed] | [HDD] | Total : 1863.01 Go | Free : 1221.73 Go -> NTFS [SATA] Disk Usage Information [2 total Physical Disks] Physical Drive #0 [C:] : Read:31,748 bytes/sec, Written:0 bytes/sec Max Read:31,748 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [D:] : Read:0 bytes/sec, Written:40,638,422 bytes/sec Max Read:0 bytes/sec, Max Write:40,638,422 bytes/sec Overall - Read Maximum:31,748 bytes/sec, Write Maximum:40,638,422 bytes/sec DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - IDE - Fixed hard disk media - 1 Part. - PnPID : SCSI\DISK&VEN_&PROD_ST2000DM006-2DM1\4&2E9B050B&0&010000 DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 3 Part. - PnPID : SCSI\DISK&VEN_&PROD_KINGSTON_SHSS37A\4&2E9B050B&0&000000 ---------- | Windows updates - Activation - License Test 1 : Windows Is Activated Test 2 : Windows Is Activated Volume License ---------- | Browsers IE : 11.0.16299.371 (© Microsoft Corporation. Tous droits réservés.) GC : 66.0.3359.139 (Copyright 2017 Google Inc.) Default : "C:\Program Files\Internet Explorer\iexplore.exe" ---------- | FlashPlayer FlashPlayer ActiveX : 29.0.0.140 ---------- | Security AV : Windows Defender Enabled AS : Windows Defender Enabled FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Auto(2)] = Running AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 368 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.16299.15) = C:\Windows\System32\smss.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 552 | [Owner : Système | Parent : 540() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.16299.15) = C:\Windows\System32\csrss.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 640 | [Owner : Système | Parent : 540() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.16299.15) = C:\Windows\System32\wininit.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 648 | [Owner : Système | Parent : 632() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.16299.15) = C:\Windows\System32\csrss.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 712 | [Owner : Système | Parent : 640(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.16299.192) = C:\Windows\System32\services.exe [09/01/2018 09:32:27] CPU Usage:0 % --> Command Line : 728 | [Owner : Système | Parent : 640(wininit.exe) | 18.66 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.16299.15) = C:\Windows\System32\lsass.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 844 | [Owner : Système | Parent : 712(services.exe) | 10.29 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 864 | [Owner : Système | Parent : 712(services.exe) | 49.95 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 888 | [Owner : UMFD-0 | Parent : 640(wininit.exe) | 3.36 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.16299.402) = C:\Windows\System32\fontdrvhost.exe [28/04/2018 12:21:16] CPU Usage:0 % --> Command Line : 956 | [Owner : SERVICE RÉSEAU | Parent : 712(services.exe) | 25.22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 1012 | [Owner : Système | Parent : 712(services.exe) | 33.49 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 520 | [Owner : Système | Parent : 632() | 9.08 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.16299.371) = C:\Windows\System32\winlogon.exe [28/04/2018 12:21:24] CPU Usage:0 % --> Command Line : 860 | [Owner : UMFD-1 | Parent : 520(winlogon.exe) | 7.84 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.16299.402) = C:\Windows\System32\fontdrvhost.exe [28/04/2018 12:21:16] CPU Usage:0 % --> Command Line : 1052 | [Owner : SERVICE RÉSEAU | Parent : 712(services.exe) | 37.02 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 1080 | [Owner : DWM-1 | Parent : 520(winlogon.exe) | 64.65 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.16299.15) = C:\Windows\System32\dwm.exe [29/09/2017 15:41:41] CPU Usage:0 % --> Command Line : 1136 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 12.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 1224 | [Owner : Système | Parent : 712(services.exe) | 20.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 1236 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 23.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 1352 | [Owner : Système | Parent : 712(services.exe) | 12.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 1388 | [Owner : Système | Parent : 712(services.exe) | 35.83 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 1456 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 31.68 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 1492 | [Owner : Système | Parent : 712(services.exe) | 36.51 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 1500 | [Owner : Système | Parent : 712(services.exe) | 36.78 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 1604 | [Owner : Système | Parent : 712(services.exe) | 12.58 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.10.2318.3615) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [27/10/2017 11:33:22] CPU Usage:0 % --> Command Line : 1624 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 15.77 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 1680 | [Owner : Système | Parent : 712(services.exe) | 18.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 1752 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 16.26 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 1812 | [Owner : Système | Parent : 712(services.exe) | 17.58 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 1848 | [Owner : Système | Parent : 712(services.exe) | 25.29 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 1856 | [Owner : Système | Parent : 712(services.exe) | 12.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 1872 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 1940 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 38.44 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 1984 | [Owner : SERVICE RÉSEAU | Parent : 712(services.exe) | 22.09 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 1232 | [Owner : Système | Parent : 712(services.exe) | 13.82 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 2076 | [Owner : Système | Parent : 712(services.exe) | 17.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 2116 | [Owner : SERVICE RÉSEAU | Parent : 712(services.exe) | 17.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 2128 | [Owner : Système | Parent : 712(services.exe) | 16.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 2136 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 15.75 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 2216 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 18.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 2264 | [Owner : Système | Parent : 712(services.exe) | 28.01 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 2396 | [Owner : Système | Parent : 1604(NVDisplay.Container.exe) | 25.18 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.10.2318.3615) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [27/10/2017 11:33:22] CPU Usage:0 % --> Command Line : 2548 | [Owner : SERVICE RÉSEAU | Parent : 712(services.exe) | 16.17 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 2696 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 24.75 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 2716 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 15.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 2744 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 28.74 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 2796 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 19.91 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 2888 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 13.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 2896 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 30.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 2968 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 27.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 2988 | [Owner : Système | Parent : 712(services.exe) | 17.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 3048 | [Owner : Système | Parent : 712(services.exe) | 29.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 2192 | [Owner : Système | Parent : 712(services.exe) | 21.99 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 2284 | [Owner : Système | Parent : 712(services.exe) | 37.84 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 3132 | [Owner : Système | Parent : 712(services.exe) | 30.29 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 3184 | [Owner : Système | Parent : 712(services.exe) | 71.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 3236 | [Owner : Système | Parent : 712(services.exe) | 26.17 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 3308 | [Owner : Système | Parent : 712(services.exe) | 13.64 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.16299.371) = C:\Windows\System32\spoolsv.exe [28/04/2018 12:21:25] CPU Usage:0 % --> Command Line : 3508 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 23.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 3572 | [Owner : Système | Parent : 712(services.exe) | 39.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 3624 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 50.11 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 3640 | [Owner : Système | Parent : 712(services.exe) | 20.28 Mo] - (.Micro-Star Int'l Co., Ltd. - GamingApp_Service.) - (6.2.0.65) = C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [09/01/2018 09:37:57] CPU Usage:0 % --> Command Line : 3668 | [Owner : Système | Parent : 712(services.exe) | 57.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 3684 | [Owner : SERVICE RÉSEAU | Parent : 712(services.exe) | 27.05 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 3692 | [Owner : Système | Parent : 712(services.exe) | 6.2 Mo] - (.Apple Inc. - Bonjour Service.) - (3.0.0.10) = C:\Program Files\Bonjour\mDNSResponder.exe [31/08/2011 00:05:32] CPU Usage:0 % --> Command Line : 3712 | [Owner : Système | Parent : 712(services.exe) | 43.56 Mo] - (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - (16.0.9126.2072) = C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [08/03/2018 20:00:43] CPU Usage:0 % --> Command Line : 3720 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 42.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 3728 | [Owner : Système | Parent : 712(services.exe) | 8.74 Mo] - (.Micro-Star INT'L CO., LTD. - Gaming Hotkey Service.) - (1.0.0.9) = C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [09/01/2018 09:37:57] CPU Usage:0 % --> Command Line : 3740 | [Owner : Système | Parent : 712(services.exe) | 13.07 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 3772 | [Owner : Système | Parent : 712(services.exe) | 15.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 3796 | [Owner : Système | Parent : 712(services.exe) | 13.02 Mo] - (.Microsoft Corporation - Windows IP Over USB PC Service.) - (10.0.16299.15) = C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [28/09/2017 23:30:00] CPU Usage:0 % --> Command Line : 3820 | [Owner : Système | Parent : 712(services.exe) | 33.53 Mo] - (.Rivet Networks - Killer Network Service.) - (1.5.1626.0) = C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe [30/11/2017 17:56:42] CPU Usage:0 % --> Command Line : 3836 | [Owner : Système | Parent : 712(services.exe) | 13.09 Mo] - (.- ISCT Agent Application.) - (5.0.10.2850) = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [18/06/2014 18:18:36] CPU Usage:0 % --> Command Line : 3884 | [Owner : Système | Parent : 712(services.exe) | 5.6 Mo] - (.Logitech Inc. - Logitech Surround Sound Service.) - (8.96.88.0) = C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [20/10/2017 05:29:10] CPU Usage:0 % --> Command Line : 3900 | [Owner : Système | Parent : 712(services.exe) | 22.2 Mo] - (.Micro-Star INT'L CO., LTD. - MSI_ActiveX_Service.) - (1.0.1.33) = C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [11/05/2018 18:35:49] CPU Usage:0 % --> Command Line : 3932 | [Owner : Système | Parent : 712(services.exe) | 8.81 Mo] - (.MSI - FastBootService.) - (1.0.0.7) = C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [27/10/2017 16:05:27] CPU Usage:0 % --> Command Line : 3952 | [Owner : Système | Parent : 712(services.exe) | 19.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 3960 | [Owner : Système | Parent : 712(services.exe) | 8.78 Mo] - (.MSI -.) - (3.0.0.16) = C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [27/10/2017 15:30:58] CPU Usage:0 % --> Command Line : 4032 | [Owner : Système | Parent : 712(services.exe) | 5.02 Mo] - (.MSI - Super Charger Service.) - (1.3.0.21) = C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [27/10/2017 15:31:11] CPU Usage:0 % --> Command Line : 4048 | [Owner : Système | Parent : 712(services.exe) | 22.94 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.10.2366.3209) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [08/11/2017 13:37:45] CPU Usage:0 % --> Command Line : 4056 | [Owner : Système | Parent : 712(services.exe) | 10.59 Mo] - (.Micro-Star INT'L CO., LTD. - MSI ECO_Service.) - (1.0.0.35) = C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe [27/10/2017 15:31:07] CPU Usage:0 % --> Command Line : 4064 | [Owner : SERVICE RÉSEAU | Parent : 712(services.exe) | 14.48 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.10.2354.7482) = C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [08/11/2017 13:37:45] CPU Usage:0 % --> Command Line : 4072 | [Owner : Système | Parent : 712(services.exe) | 11.1 Mo] - (.Micro-Star INT'L CO., LTD. - MSI Live Update Service.) - (1.0.0.56) = C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [14/04/2018 13:54:25] CPU Usage:0 % --> Command Line : 4092 | [Owner : Système | Parent : 712(services.exe) | 17.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 4164 | [Owner : Système | Parent : 712(services.exe) | 9.8 Mo] - (.-.) - (0.0.0.0) = C:\Windows\System32\PnkBstrA.exe [15/11/2017 23:47:55] CPU Usage:0 % --> Command Line : 4264 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 17.78 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 4272 | [Owner : Système | Parent : 712(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.12.16299.309) = C:\Windows\System32\SecurityHealthService.exe [15/03/2018 19:26:30] CPU Usage:0 % --> Command Line : 4284 | [Owner : Système | Parent : 712(services.exe) | 7 Mo] - (.Microsoft Corporation - SQL Server VSS Writer - 64 Bit.) - (2015.130.1601.5) = C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [30/04/2016 10:11:08] CPU Usage:0 % --> Command Line : 4300 | [Owner : Système | Parent : 712(services.exe) | 6.46 Mo] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - (2.5.11.0) = C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [28/04/2018 11:37:27] CPU Usage:0 % --> Command Line : 4328 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 18.09 Mo] - (.Electronic Arts - OriginWebHelperService.) - (10.5.18.58059) = D:\Program Files (x86)\Origin\OriginWebHelperService.exe [11/05/2018 18:42:06] CPU Usage:0 % --> Command Line : 4432 | [Owner : Système | Parent : 712(services.exe) | 12.15 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 4460 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 14.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 4504 | [Owner : Système | Parent : 712(services.exe) | ?????] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.14.17639.18041) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\MsMpEng.exe [28/04/2018 12:28:20] CPU Usage:0 % --> Command Line : 4516 | [Owner : Système | Parent : 712(services.exe) | 52.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 4568 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 19.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 4612 | [Owner : Système | Parent : 712(services.exe) | 25.24 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.16299.402) = C:\Windows\System32\SearchIndexer.exe [28/04/2018 12:21:38] CPU Usage:0 % --> Command Line : 4652 | [Owner : Système | Parent : 712(services.exe) | 29.87 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 5224 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 19.11 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 5404 | [Owner : SERVICE LOCAL | Parent : 3740(svchost.exe) | 13.37 Mo] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.16299.15) = C:\Windows\System32\dasHost.exe [29/09/2017 15:41:33] CPU Usage:0 % --> Command Line : 5556 | [Owner : Système | Parent : 712(services.exe) | 18.86 Mo] - (.TeamViewer GmbH - TeamViewer 13.) - (13.0.6447.0) = D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [19/12/2017 09:42:23] CPU Usage:0 % --> Command Line : 6304 | [Owner : Système | Parent : 864(svchost.exe) | 9.3 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.16299.248) = C:\Windows\System32\wbem\WmiPrvSE.exe [22/02/2018 15:13:25] CPU Usage:0 % --> Command Line : 6596 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 15.63 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 6848 | [Owner : Système | Parent : 712(services.exe) | 15.78 Mo] - (.CloudBees, Inc. - Windows Service Wrapper.) - (1.18.0.0) = C:\Program Files\Killer Networking\Killer Control Center\RNDBWMService.exe [30/11/2017 17:56:42] CPU Usage:0 % --> Command Line : 5784 | [Owner : Système | Parent : 6848(RNDBWMService.exe) | 12.82 Mo] - (.Rivet Networks LLC - Rivet Networks Dynamic Bandwidth Manager.) - (1.5.0.1626) = C:\Program Files\Killer Networking\Killer Control Center\RNDBWM.exe [30/11/2017 17:56:42] CPU Usage:0 % --> Command Line : 5868 | [Owner : Système | Parent : 5784(RNDBWM.exe) | 6.54 Mo] - (.Microsoft Corporation - Console Window Host.) - (10.0.16299.15) = C:\Windows\System32\conhost.exe [29/09/2017 15:41:45] CPU Usage:0 % --> Command Line : 7920 | [Owner : bobcl | Parent : 4048(nvcontainer.exe) | 22.5 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.10.2366.3209) = C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [08/11/2017 13:37:45] CPU Usage:0 % --> Command Line : 7928 | [Owner : bobcl | Parent : 1680(svchost.exe) | 26.6 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.16299.15) = C:\Windows\System32\sihost.exe [29/09/2017 15:41:31] CPU Usage:0 % --> Command Line : 7936 | [Owner : bobcl | Parent : 712(services.exe) | 45.25 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 7996 | [Owner : bobcl | Parent : 4048(nvcontainer.exe) | 26.1 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.10.2366.3209) = C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [08/11/2017 13:37:45] CPU Usage:0 % --> Command Line : 8012 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | ?????] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Service.) - (4.14.17639.18041) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\NisSrv.exe [28/04/2018 12:28:20] CPU Usage:0 % --> Command Line : 8092 | [Owner : bobcl | Parent : 712(services.exe) | 71.13 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 8136 | [Owner : Système | Parent : 712(services.exe) | 38.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 7348 | [Owner : bobcl | Parent : 1388(svchost.exe) | 52.83 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.16299.15) = C:\Windows\System32\taskhostw.exe [29/09/2017 15:42:01] CPU Usage:0 % --> Command Line : 8376 | [Owner : Système | Parent : 3900(MSI_ActiveX_Service.exe) | 25.01 Mo] - (.Micro-Star INT'L CO., LTD. - VideoCardMonitor.) - (1.0.1.6) = C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe [11/05/2018 18:35:50] CPU Usage:0 % --> Command Line : 8388 | [Owner : Système | Parent : 3900(MSI_ActiveX_Service.exe) | 27.78 Mo] - (.Micro-Star INT'L CO., LTD. - EyeRest.) - (1.0.1.23) = C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe [11/05/2018 18:35:49] CPU Usage:0 % --> Command Line : 8396 | [Owner : Système | Parent : 3900(MSI_ActiveX_Service.exe) | 27.18 Mo] - (.Micro-Star INT'L CO., LTD. - TriggerModeMonitor.) - (1.0.1.24) = C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe [11/05/2018 18:35:50] CPU Usage:0 % --> Command Line : 8772 | [Owner : bobcl | Parent : 8736() | 131.92 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.16299.402) = C:\Windows\explorer.exe [28/04/2018 12:21:22] CPU Usage:0 % --> Command Line : 8844 | [Owner : Système | Parent : 864(svchost.exe) | 8.78 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.16299.248) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [22/02/2018 15:13:25] CPU Usage:0 % --> Command Line : 9248 | [Owner : Système | Parent : 712(services.exe) | 12.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 9652 | [Owner : bobcl | Parent : 864(svchost.exe) | 102.93 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.16299.334) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [28/04/2018 12:21:15] CPU Usage:0 % --> Command Line : 9836 | [Owner : bobcl | Parent : 864(svchost.exe) | 173.12 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.16299.251) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [15/03/2018 19:26:31] CPU Usage:0 % --> Command Line : 10112 | [Owner : bobcl | Parent : 864(svchost.exe) | 23.91 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 15:41:25] CPU Usage:0 % --> Command Line : 9944 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 25.41 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 9956 | [Owner : bobcl | Parent : 864(svchost.exe) | 31.06 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 15:41:25] CPU Usage:0 % --> Command Line : 10292 | [Owner : bobcl | Parent : 864(svchost.exe) | 21.72 Mo] - (.Microsoft Corporation - Reminders WinRT OOP Server.) - (10.0.16299.15) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe [29/09/2017 15:42:28] CPU Usage:0 % --> Command Line : 10520 | [Owner : bobcl | Parent : 864(svchost.exe) | 0.79 Mo] - (.-.) - (12.1813.286.0) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe [11/05/2018 20:10:07] CPU Usage:0 % --> Command Line : 10664 | [Owner : bobcl | Parent : 864(svchost.exe) | 24.28 Mo] - (.Microsoft Corporation - Speech Runtime Executable.) - (10.0.16299.15) = C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe [29/09/2017 15:41:37] CPU Usage:0 % --> Command Line : 10808 | [Owner : bobcl | Parent : 864(svchost.exe) | 20.78 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.16299.15) = C:\Windows\System32\SettingSyncHost.exe [29/09/2017 15:41:26] CPU Usage:0 % --> Command Line : 10836 | [Owner : Système | Parent : 712(services.exe) | 7.1 Mo] - (.Intel Corporation - Intel(R) Integrated Clock Controller Service - Intel(R) ICCS.) - (1.0.0.1) = C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [27/10/2017 15:31:04] CPU Usage:0 % --> Command Line : 10348 | [Owner : SERVICE LOCAL | Parent : 2744(svchost.exe) | 21.61 Mo] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.16299.248) = C:\Windows\System32\audiodg.exe [22/02/2018 15:13:47] CPU Usage:0 % --> Command Line : 1300 | [Owner : bobcl | Parent : 864(svchost.exe) | 6.24 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 15:41:25] CPU Usage:0 % --> Command Line : 8360 | [Owner : bobcl | Parent : 7116() | 10.42 Mo] - (.Node.js - NVIDIA Web Helper Service.) - (6.12.2.0) = C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [08/11/2017 13:37:51] CPU Usage:0 % --> Command Line : 384 | [Owner : bobcl | Parent : 8360(NVIDIA Web Helper.exe) | 0.58 Mo] - (.Microsoft Corporation - Console Window Host.) - (10.0.16299.15) = C:\Windows\System32\conhost.exe [29/09/2017 15:41:45] CPU Usage:0 % --> Command Line : 11416 | [Owner : bobcl | Parent : 712(services.exe) | 83.26 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 13172 | [Owner : bobcl | Parent : 8772(explorer.exe) | 9.03 Mo] - (.Microsoft Corporation - Windows Defender notification icon.) - (4.12.16299.15) = C:\Program Files\Windows Defender\MSASCuiL.exe [29/09/2017 15:41:19] CPU Usage:0 % --> Command Line : 13256 | [Owner : bobcl | Parent : 864(svchost.exe) | 3.09 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 15:41:25] CPU Usage:0 % --> Command Line : 12388 | [Owner : bobcl | Parent : 8772(explorer.exe) | 13.36 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.438.0) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [29/10/2017 23:22:57] CPU Usage:0 % --> Command Line : 2388 | [Owner : bobcl | Parent : 8772(explorer.exe) | 9.79 Mo] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.16299.15) = C:\Windows\System32\rundll32.exe [29/09/2017 15:41:58] CPU Usage:0 % --> Command Line : 13000 | [Owner : bobcl | Parent : 8772(explorer.exe) | 34.46 Mo] - (.Logitech Inc. - Logitech Gaming Framework.) - (8.96.88.0) = C:\Program Files\Logitech Gaming Software\LCore.exe [20/10/2017 05:29:08] CPU Usage:0 % --> Command Line : 13108 | [Owner : bobcl | Parent : 13000(LCore.exe) | 11.62 Mo] - (.Logitech Inc. - Logitech LCD Clock/Performance Monitor.) - (8.96.88.0) = C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe [20/10/2017 05:29:08] CPU Usage:0 % --> Command Line : 13392 | [Owner : bobcl | Parent : 8772(explorer.exe) | 8.57 Mo] - (.Microsoft Corporation - XBoxStat.exe.) - (1.20.146.0) = C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe [01/10/2009 02:57:29] CPU Usage:0 % --> Command Line : 13476 | [Owner : bobcl | Parent : 8772(explorer.exe) | 12.45 Mo] - (.Intel Corporation - ISCT SysTray.) - (5.0.10.2850) = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [18/06/2014 18:18:10] CPU Usage:0 % --> Command Line : 13528 | [Owner : bobcl | Parent : 8772(explorer.exe) | 48.59 Mo] - (.Microsoft Corporation - Microsoft OneDrive.) - (18.80.419.3) = C:\Users\bobcl\AppData\Local\Microsoft\OneDrive\OneDrive.exe [27/10/2017 00:52:36] CPU Usage:0 % --> Command Line : 14288 | [Owner : bobcl | Parent : 8772(explorer.exe) | 108.53 Mo] - (.Rivet Networks - Killer Control Center.) - (1.5.1626.0) = C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe [30/11/2017 17:56:42] CPU Usage:0 % --> Command Line : 13772 | [Owner : bobcl | Parent : 14232() | 45.02 Mo] - (.Creative Technology Ltd - Sound Blaster Cinema 2.) - (1.0.11.0) = C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [27/10/2017 15:31:51] CPU Usage:0 % --> Command Line : 9308 | [Owner : bobcl | Parent : 14232() | 10.69 Mo] - (.MSI - Super Charger.) - (1.3.0.20) = C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [27/10/2017 15:31:11] CPU Usage:0 % --> Command Line : 13828 | [Owner : Système | Parent : 712(services.exe) | 12.74 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 15112 | [Owner : bobcl | Parent : 15068() | 42.08 Mo] - (.Micro-Star INT'L CO.,LTD. - Fast Boot.) - (1.0.1.13) = C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe [27/10/2017 16:05:27] CPU Usage:0 % --> Command Line : 15488 | [Owner : bobcl | Parent : 4048(nvcontainer.exe) | 11.84 Mo] - (.NVIDIA Corporation - NVIDIA ShadowPlay Helper.) - (3.13.1.30) = C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe [15/11/2017 21:25:00] CPU Usage:0 % --> Command Line : 15508 | [Owner : bobcl | Parent : 7920(nvcontainer.exe) | 70.82 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (64.3282.1731.2) = C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [08/11/2017 13:37:52] CPU Usage:0 % --> Command Line : 15748 | [Owner : bobcl | Parent : 15508(NVIDIA Share.exe) | 19.9 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (64.3282.1731.2) = C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [08/11/2017 13:37:52] CPU Usage:0 % --> Command Line : 15760 | [Owner : bobcl | Parent : 15508(NVIDIA Share.exe) | 44.45 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (64.3282.1731.2) = C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [08/11/2017 13:37:52] CPU Usage:0 % --> Command Line : 15928 | [Owner : Système | Parent : 712(services.exe) | 5.88 Mo] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (11.0.0.1158) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [10/07/2015 23:40:08] CPU Usage:0 % --> Command Line : 15932 | [Owner : Système | Parent : 712(services.exe) | 10.95 Mo] - (.Intel Corporation - Intel(R) Local Management Service.) - (11.0.0.1158) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [10/07/2015 23:38:00] CPU Usage:0 % --> Command Line : 13144 | [Owner : Système | Parent : 712(services.exe) | 39.22 Mo] - (.Intel(R) Corporation - XtuService.) - (6.2.0.24) = C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [23/02/2017 11:06:34] CPU Usage:0 % --> Command Line : 1464 | [Owner : Système | Parent : 712(services.exe) | 55.47 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 4216 | [Owner : bobcl | Parent : 864(svchost.exe) | 26.51 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.16299.15) = C:\Windows\System32\dllhost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 1152 | [Owner : bobcl | Parent : 864(svchost.exe) | 27.72 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.16299.15) = C:\Windows\System32\ApplicationFrameHost.exe [29/09/2017 15:41:37] CPU Usage:0 % --> Command Line : 3784 | [Owner : Système | Parent : 712(services.exe) | 33.82 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 14828 | [Owner : SERVICE RÉSEAU | Parent : 712(services.exe) | 37.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 4368 | [Owner : Système | Parent : 712(services.exe) | 33.49 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 964 | [Owner : bobcl | Parent : 8772(explorer.exe) | 20.85 Mo] - (.- MSIAfterburner.) - (4.5.0.12819) = C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [23/04/2018 17:16:18] CPU Usage:4 % --> Command Line : 6716 | [Owner : bobcl | Parent : 1388(svchost.exe) | 1.16 Mo] - (.MSI - Windows Host Process.) - (1.0.0.1) = C:\Windows\SysWOW64\muachost.exe [27/10/2017 15:30:59] CPU Usage:0 % --> Command Line : 14588 | [Owner : bobcl | Parent : 864(svchost.exe) | 27.27 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 15:41:25] CPU Usage:0 % --> Command Line : 16248 | [Owner : bobcl | Parent : 1388(svchost.exe) | 50.35 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.16299.15) = C:\Windows\System32\taskhostw.exe [29/09/2017 15:42:01] CPU Usage:0 % --> Command Line : 1104 | [Owner : Système | Parent : 712(services.exe) | 14.95 Mo] - (.Intel Corporation - Intel(R) Security Assist.) - (1.0.0.532) = C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [19/05/2015 09:11:00] CPU Usage:0 % --> Command Line : 15476 | [Owner : Système | Parent : 712(services.exe) | 387.66 Mo] - (.Hi-Rez Studios - HiPatchService.) - (6.0.2.4) = D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [11/05/2018 23:26:08] CPU Usage:26 % --> Command Line : 9508 | [Owner : Système | Parent : 712(services.exe) | 16.11 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 14344 | [Owner : bobcl | Parent : 864(svchost.exe) | 71.48 Mo] - (.Microsoft Corporation - Microsoft Outlook.) - (16.0.9226.2129) = C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9226.21295.0_x64__8wekyb3d8bbwe\HxOutlook.exe [11/05/2018 20:09:18] CPU Usage:0 % --> Command Line : 12228 | [Owner : bobcl | Parent : 864(svchost.exe) | 54.22 Mo] - (.Microsoft Corporation - Microsoft Outlook Communications.) - (16.0.9226.2129) = C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9226.21295.0_x64__8wekyb3d8bbwe\HxTsr.exe [11/05/2018 20:09:18] CPU Usage:0 % --> Command Line : 11152 | [Owner : bobcl | Parent : 864(svchost.exe) | 10.68 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 15:41:25] CPU Usage:0 % --> Command Line : 12188 | [Owner : bobcl | Parent : 864(svchost.exe) | 11.95 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 15:41:25] CPU Usage:0 % --> Command Line : 7864 | [Owner : bobcl | Parent : 8772(explorer.exe) | 99.08 Mo] - (.HI-REZ STUDIOS, INC. - HI-REZ Launcher.) - (6.0.2.4) = D:\Program Files (x86)\Hi-Rez Studios\HirezLauncherUI.exe [11/05/2018 23:26:08] CPU Usage:0 % --> Command Line : 8860 | [Owner : Système | Parent : 712(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 6696 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 8.87 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 13148 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 6.44 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 1868 | [Owner : bobcl | Parent : 864(svchost.exe) | 7.84 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.16299.15) = C:\Windows\System32\dllhost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 7464 | [Owner : Système | Parent : 712(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 11832 | [Owner : bobcl | Parent : 864(svchost.exe) | 23.36 Mo] - (.Microsoft Corporation - System Settings Broker.) - (10.0.16299.15) = C:\Windows\System32\SystemSettingsBroker.exe [29/09/2017 15:42:06] CPU Usage:0 % --> Command Line : 4148 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 8.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 15:41:43] CPU Usage:0 % --> Command Line : 16160 | [Owner : bobcl | Parent : 864(svchost.exe) | 37.68 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.16299.98) = C:\Windows\System32\smartscreen.exe [13/12/2017 20:11:50] CPU Usage:0 % --> Command Line : 4892 | [Owner : bobcl | Parent : 8900() | 42.57 Mo] - (.SosVirus - QuickDiag.) - (27.4.18.1) = D:\Clément\Downloads\QuickDiag.exe [11/05/2018 23:41:06] CPU Usage:0 % --> Command Line : 4400 | [Owner : SERVICE RÉSEAU | Parent : 864(svchost.exe) | 9.57 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.16299.248) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [22/02/2018 15:13:25] CPU Usage:0 % --> Command Line : ---------- | MD5 [MD5.28A9316147DF6223D0AB7774706B55EC] - [28/04/2018 12:21:22] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3812.79 Ko] - (10.0.16299.402) : C:\WINDOWS\Explorer.exe [MD5.E08FE2DE3DDD22123247D49A11B4F53D] - [29/09/2017 15:41:33] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [266.5 Ko] - (10.0.16299.15) : C:\WINDOWS\System32\cmd.exe [MD5.4E043FE41901F1EA1B0FCCEF3C077C56] - [29/09/2017 15:41:43] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [17.27 Ko] - (10.0.16299.15) : C:\WINDOWS\System32\csrss.exe [MD5.5D94FA288F4BB230FE77BC67DE506257] - [29/09/2017 15:41:43] - (.© Microsoft Corporation. - COM Surrogate.) - [20.4 Ko] - (10.0.16299.15) : C:\WINDOWS\System32\dllhost.exe [MD5.6B6F2549BF625F1059270147B9805400] - [11/05/2018 19:55:08] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [686.1 Ko] - (10.0.16299.431) : C:\WINDOWS\System32\Kernel32.dll [MD5.94E06D509D50807774F35BEE3163E806] - [29/09/2017 15:41:43] - (.© Microsoft Corporation. - Local Security Authority Process.) - [56.62 Ko] - (10.0.16299.15) : C:\WINDOWS\System32\lsass.exe [MD5.79BDBB684629A526CCD958F06B9D6FAD] - [29/09/2017 15:41:44] - (.© Microsoft Corporation. - Distributed COM Services.) - [1091 Ko] - (10.0.16299.15) : C:\WINDOWS\System32\rpcss.dll [MD5.731A783A36A8E69A6434D19D98B12A09] - [29/09/2017 15:41:58] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [69.5 Ko] - (10.0.16299.15) : C:\WINDOWS\System32\rundll32.exe [MD5.AB75687641C9ADBE22336EC3C496909C] - [09/01/2018 09:32:27] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [601.34 Ko] - (10.0.16299.192) : C:\WINDOWS\System32\services.exe [MD5.440684C4F823AAE2CC587363F9C477A6] - [29/09/2017 15:41:43] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [47.55 Ko] - (10.0.16299.15) : C:\WINDOWS\System32\svchost.exe [MD5.0370364D4D8846B6CF316ABBB2EDB083] - [13/12/2017 20:11:53] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [1595.98 Ko] - (10.0.16299.125) : C:\WINDOWS\System32\user32.dll [MD5.755ED4FDBD7D6C3980610E26E527E2F5] - [29/09/2017 15:41:43] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [31.5 Ko] - (10.0.16299.15) : C:\WINDOWS\System32\userinit.exe [MD5.BF3E1D9B2360C6BE4CC3094CD2DDC617] - [29/09/2017 15:41:43] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [351.16 Ko] - (10.0.16299.15) : C:\WINDOWS\System32\Wininit.exe [MD5.C67E7F605A830AA96A204ECCDC678FBC] - [28/04/2018 12:21:24] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [699.5 Ko] - (10.0.16299.371) : C:\WINDOWS\System32\Winlogon.exe [MD5.9619C0D7DB55CC3A636A24A7D82B0C8E] - [28/04/2018 12:21:32] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de fonction connexe pour WinSock.) - [599.91 Ko] - (10.0.16299.371) : C:\WINDOWS\System32\Drivers\afd.sys [MD5.6191B9B2EE0E8CB957C683B9B341CC86] - [29/09/2017 15:41:03] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [27.9 Ko] - (10.0.16299.15) : C:\WINDOWS\System32\Drivers\atapi.sys [MD5.10B25A467C6FB6ACBDB2D203B98BEFBC] - [15/03/2018 19:26:28] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [189.9 Ko] - (10.0.16299.251) : C:\WINDOWS\System32\Drivers\ataport.sys [MD5.9E82A95D77AC78C84BA75FF896B060BF] - [29/09/2017 15:41:43] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [91 Ko] - (10.0.16299.15) : C:\WINDOWS\System32\Drivers\cdfs.sys [MD5.6D83565C1652E80447EDEA6947FA89D7] - [29/09/2017 15:41:02] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [156 Ko] - (10.0.16299.15) : C:\WINDOWS\System32\Drivers\cdrom.sys [MD5.FAEC08F583CAD06D4F057DBB733A03A1] - [28/04/2018 12:21:08] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [147.5 Ko] - (10.0.16299.371) : C:\WINDOWS\System32\Drivers\dfsc.sys [MD5.99A34FD1F6431A10D8C3BB50E170D0F2] - [29/09/2017 15:40:59] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [84 Ko] - (10.0.16299.15) : C:\WINDOWS\System32\Drivers\hdaudbus.sys [MD5.56FF074E50F9042FD2856AB3418F4B18] - [29/09/2017 15:41:08] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [103.5 Ko] - (10.0.16299.15) : C:\WINDOWS\System32\Drivers\i8042prt.sys [MD5.7BEC2AF23F586EFF0DB4DBF4331B0C70] - [29/09/2017 15:41:33] - (.© Microsoft Corporation. - IP Network Address Translator.) - [209 Ko] - (10.0.16299.15) : C:\WINDOWS\System32\Drivers\ipnat.sys [MD5.71729B1EE949E1B092CB5CB75CC63715] - [22/02/2018 15:13:47] - (.© Microsoft Corporation. Tous droits réservés. - Minirdr SMB Windows NT.) - [482.9 Ko] - (10.0.16299.248) : C:\WINDOWS\System32\Drivers\mrxsmb.sys [MD5.25D126EFFEC0B117DA4C81F7AE6C99FC] - [28/04/2018 12:21:30] - (.© Microsoft Corporation. Tous droits réservés. - NDIS (Network Driver Interface Specification).) - [1247.91 Ko] - (10.0.16299.371) : C:\WINDOWS\System32\Drivers\ndis.sys [MD5.2A56FA2634A9650EF4ED5DFE976397BA] - [28/04/2018 12:21:35] - (.© Microsoft Corporation. - MBT Transport driver.) - [309.5 Ko] - (10.0.16299.402) : C:\WINDOWS\System32\Drivers\netbt.sys [MD5.BEE4FDB8DE2C90728D93393E4A3B88C2] - [11/05/2018 19:55:17] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [2338.91 Ko] - (10.0.16299.431) : C:\WINDOWS\System32\Drivers\ntfs.sys [MD5.2E07EC2C1622F5E7B535D62DCD61F3AB] - [29/09/2017 15:41:03] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [96.5 Ko] - (10.0.16299.15) : C:\WINDOWS\System32\Drivers\parport.sys [MD5.E0220BB6580D34001D4D1D133052DAA4] - [29/09/2017 15:41:58] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [104 Ko] - (10.0.16299.15) : C:\WINDOWS\System32\Drivers\rasl2tp.sys [MD5.39886C19FB466BBF8AEC31E3E77C034C] - [28/04/2018 12:21:08] - (.© Microsoft Corporation. Tous droits réservés. - Redirecteur de périphérique de Microsoft RDP.) - [178.5 Ko] - (10.0.16299.371) : C:\WINDOWS\System32\Drivers\rdpdr.sys [MD5.AE5CA8D3D81DCC76C5FFF1CD60E48606] - [28/04/2018 12:21:30] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [2708.41 Ko] - (10.0.16299.334) : C:\WINDOWS\System32\Drivers\tcpip.sys [MD5.09125A12CAB5F8D5EAE9C83C25792FDD] - [28/04/2018 12:21:09] - (.© Microsoft Corporation. - TDI Translation Driver.) - [118.41 Ko] - (10.0.16299.371) : C:\WINDOWS\System32\Drivers\tdx.sys [MD5.5B27846CF4B1C21AFB3A35A8336BA02F] - [13/12/2017 20:11:46] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [391.9 Ko] - (10.0.16299.125) : C:\WINDOWS\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\WINDOWS\SYSTEM32\inputhost.dll (.NVIDIA Corporation.-.NVIDIA Driver Loader, Version 397.64.) - (24.21.13.9764) -- C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_38c9bee769f9ef1f\nvldumdx.dll (.NVIDIA Corporation.-.NVIDIA D3D10 Driver, Version 397.64.) - (24.21.13.9764) -- C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_38c9bee769f9ef1f\nvwgf2umx_cfg.dll (..-..) - (0.0.0.0) -- :\Program Files\FileZilla FTP Client\fzshellext_64.dll (.Alexander Roshal.-.WinRAR shell extension.) - (5.50.0.0) -- C:\Program Files\WinRAR\rarext.dll (..-..) - (0.0.0.0) -- :\Program Files\Recuva\RecuvaShell64.dll (.The Eraser Project.-.Eraser Shell Extension.) - (6.2.0.2979) -- C:\Program Files\Eraser\Eraser.Shell.dll (.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 397.64.) - (24.21.13.9764) -- C:\WINDOWS\system32\nvapi64.dll ---------- | Svchost.exe component call (Microsoft Files Whitelisted) (.Copyright (C) 2003-2011 Apple Inc..-.Bonjour Namespace Provider.) - (3.0.0.10) -- C:\Program Files\Bonjour\mdnsNSP.dll (.http://www.sqlite.org/copyright.html.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.19.3.0) -- C:\WINDOWS\System32\winsqlite3.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU OneDrive - ("C:\Users\bobcl\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\SOFTWARE\...\Run]) - User: CLEMENT\bobcl Steam - ("D:\Program Files (x86)\Steam\steam.exe" -silent [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\SOFTWARE\...\Run]) - User: CLEMENT\bobcl CCleaner Monitoring - ("D:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\SOFTWARE\...\Run]) - User: CLEMENT\bobcl Discord - (C:\Users\bobcl\AppData\Local\Discord\app-0.0.301\Discord.exe [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\SOFTWARE\...\Run]) - User: CLEMENT\bobcl Killer Control Center - (C:\PROGRA~1\KILLER~1\KILLER~1\KILLER~1.EXE -minimized [Common Startup]) - User: Public SecurityHealth - (%ProgramFiles%\Windows Defender\MSASCuiL.exe [HKLM\SOFTWARE\...\Run]) - User: Public RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s [HKLM\SOFTWARE\...\Run]) - User: Public MBCfg64 - (C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64 [HKLM\SOFTWARE\...\Run]) - User: Public Launch LCore - (C:\Program Files\Logitech Gaming Software\LCore.exe /minimized [HKLM\SOFTWARE\...\Run]) - User: Public XboxStat - ("C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun [HKLM\SOFTWARE\...\Run]) - User: Public Eraser - ("C:\Program Files\Eraser\Eraser.exe" -atRestart [HKLM\SOFTWARE\...\Run]) - User: Public ISCT Tray - (C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\bobcl\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background "Steam"="D:\Program Files (x86)\Steam\steam.exe" -silent "CCleaner Monitoring"="D:\Program Files\CCleaner\CCleaner64.exe" /MONITOR "Discord"=C:\Users\bobcl\AppData\Local\Discord\app-0.0.301\Discord.exe [03/05/2018 21:36:02] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "Discord"=0x020000000000000000000000 "CCleaner Monitoring"=0x03000000302F1E022757D301 "OneDrive"=0x020000000000000000000000 "Steam"=0x020000000000000000000000 [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=HP3FE204 (HP ENVY 4520 series),winspool,Ne02: "IsMRUEstablished"=1 "LegacyDefaultPrinterMode"=1 [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=%ProgramFiles%\Windows Defender\MSASCuiL.exe "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "MBCfg64"=C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64 "Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe /minimized "XboxStat"="C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun "Eraser"="C:\Program Files\Eraser\Eraser.exe" -atRestart "ISCT Tray"=C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [18/06/2014 18:18:10] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "SecurityHealth"=0x060000000000000000000000 "RTHDVCPL"=0x060000000000000000000000 "MBCfg64"=0x060000000000000000000000 "Launch LCore"=0x020000000000000000000000 "ShadowPlay"=0x020000000000000000000000 "XboxStat"=0x020000000000000000000000 "Eraser"=0x020000000000000000000000 "ISCT Tray"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "Live Update"=0x060000000000000000000000 "Command Center"=0x060000000000000000000000 "Super Charger"=0x060000000000000000000000 "Sound Blaster Cinema 2"=0x060000000000000000000000 "UpdReg"=0x060000000000000000000000 "Fast Boot"=0x060000000000000000000000 "StereoLinksInstall"=0x040000000000000000000000 "SunJavaUpdateSched"=0x020000000000000000000000 "Eraser"=0x03000000002F6458BB83D301 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "EnableMitInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D33928A8E92551 [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "Command Center"=C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [27/10/2017 15:30:58] "Sound Blaster Cinema 2"="C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe" /r "UpdReg"=C:\Windows\UpdReg.EXE [27/10/2017 15:32:02] "Super Charger"=C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [27/10/2017 15:31:11] "Live Update"=C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER "Fast Boot"=C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [27/10/2017 16:05:27] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "EnableMitInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List CCleaner Update CCleanerSkipUAC GoogleUpdateTaskMachineCore GoogleUpdateTaskMachineUA HPEA3JOBS MSIAfterburner MSIGH_Host MSIOSDx64_Host MSIOSDx86_Host MSISW_Host NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} OneDrive Standalone Update Task-S-1-5-21-2153363518-3719023817-840555237-1001 User_Feed_Synchronization-{B9BC02A7-A609-4DA8-9E10-28A734BAA406} ---------- | Startings up registry ? Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=UsoSvc DeviceInstall gpsvc trustedinstaller "SvcHostSplitThresholdInKB"=3670016 "WaitToKillServiceTimeout"=200 "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(4) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "LastBootSucceeded"=1 "LastBootShutdown"=1 "ServicesPipeTimeout"=60000 "DirtyShutdownCount"=13 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [29/10/2017 18:34:08] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "LsaPid"=728 "ProductType"=6 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 "SecureBoot"=1 [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "ResourceTimeoutCount"=648000 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "AutoChkSkipSystemPartition"=0 [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "RailShowallNotifyIcons"=1 "RDPVGCInstalled"=1 "InstanceID"=7f048242-8f8d-4b1a-b713-3372377 "GlassSessionId"=1 "fDenyChildConnections"=0 ---------- | .LNK with Arguments c:\programdata\microsoft\windows\start menu\programs\anaconda3 (64-bit)\anaconda cloud.lnk - Encrypted: False - Target: C:\Program Files\Anaconda3\pythonw.exe - Args: (-m webbrowser -t "hxxps://anaconda.org/") - Hidden: False - Status: OK ---------- | AppCertDlls ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretTimeout"=5000 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "ScreenSaveActive"=1 "SnapSizing"=1 "TileWallpaper"=0 "WallPaper"=D:\Clément\Pictures\Saved Pictures\msi-RGB-1.jpg [09/11/2017 16:00:41] "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "Win8DpiScaling"=0 "DpiScalingVer"=4096 "UserPreferencesMask"=0x9E1E078012000000 "MaxVirtualDesktopDimension"=3600 "MaxMonitorDimension"=1920 "TranscodedImageCount"=2 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC3010000A70C008007000038040000B078F1206359D30144003A005C0043006C00E9006D0065006E0074005C00500069006300740075007200650073005C00530061007600650064002000500069006300740075007200650073005C006D00730069002D005200470042002D0031002E006A00700067000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "PreferredUILanguages"=fr-FR "ScreenSaveTimeout"=0 "LowLevelHooksTimeout"=5000 "WaitToKillAppTimeout"=200 "HungAppTimeout"=200 [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ShellState"=0x240000003428000000000000000000000000000001000000130000000000000062000000 "ExplorerStartupTraceRecorded"=1 "UserSignedIn"=1 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "TelemetrySalt"=4 "GlobalAssocChangedCounter"=299 "FirstRunTelemetryComplete"=1 "AppReadinessLogonComplete"=1 "SlowContextMenuEntries"=0x6A779BBCD7907644A79179D835F30650CE1700006024B221EA3A6910A2DC08002B30309D410A00000114020000000000C000000000000046AF0A000040C7A47B819ECF1199D300AA004AE8376A180000F55D5E4310253C46B223BDA47006D0029B150000 "Browse For Folder Width"=347 "Browse For Folder Height"=346 "PostAppInstallTasksCompleted"=1 [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=2 "ShowCompColor"=1 "HideFileExt"=1 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "StoreAppsOnTaskbar"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=0 "StartMenuInit"=13 "TaskbarStateLastRun"=0x82C4F55A00000000 "TaskbarSizeMove"=0 "DisablePreviewDesktop"=1 "TaskbarGlomLevel"=0 "ReindexedProfile"=1 [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery] "MRUListEx"=0x080000000700000006000000010000000500000004000000030000000200000000000000630000006200000061000000600000005F0000005E0000005D0000005C0000005B0000005A000000590000005800000057000000560000005500000054000000530000005200000051000000500000004F0000004E0000004D0000004C0000004B0000004A00000049000000480000004700000046000000450000004400000043000000420000004100000024000000400000003F0000003E0000003D0000003C0000003B0000003A000000390000000A0000003800000037000000360000003500000034000000330000003200000031000000300000002F0000002E0000002D0000002C0000002B0000002A0000001D0000002900000028000000270000002600000025000000230000002200000021000000200000001F0000001E0000001C0000001B0000001A000000190000001800000017000000160000001500000014000000130000001200000011000000100000000F0000000E0000000D0000000C0000000B00000009000000FFFFFFFF "0"=0x2A002E006400610074000000 "9"=0x5F000000 "11"=0x7400610069006C006C0065003A006D0069006E0075007300630075006C006500200073006F007200740065003A003D0075006E006B006E006F0077006E000000 "12"=0x73006F007200740065003A003D0075006E006B006E006F0077006E0020007400610069006C006C0065003A0076006900640065000000 "13"=0x73006F007200740065003A003D0075006E006B006E006F0077006E000000 "14"=0x73006F007200740065003A003D0068006900730074006F007200690071007500650020007700650062000000 "15"=0x2A002E00630069002A000000 "16"=0x630069000000 "17"=0x69007300630069000000 "18"=0x6700720061006E0064005F000000 "19"=0x6F006C0079006D00700075000000 "20"=0x770069006E000000 "21"=0x2E0077006D0066000000 "22"=0x73006F007200740065003A003D00630061006C0065006E00640072006900650072000000 "23"=0x73006F007200740065003A003D00200066006900630068006900650072000000 "24"=0x2E006D00750069000000 "25"=0x2E006D006F0066000000 "26"=0x2A002E0064006C006C000000 "27"=0x2A002E0050004E0046000000 "28"=0x2E006400610074000000 "30"=0x2E007A006400630074000000 "31"=0x2E007300740072000000 "32"=0x2E00640062000000 "33"=0x2A000000 "34"=0x2A00200073006F007200740065003A003D007400E2006300680065000000 "35"=0x74007900700065003A004100700070006C00690063006100740069006F006E000000 "37"=0x7400610069006C006C0065003A007600690064006500200074007900700065003A000000 "38"=0x74007900700065003A004100700070000000 "39"=0x74007900700065003A006500780065000000 "40"=0x2E00650078000000 "41"=0x2E006F00670067000000 "29"=0x2E000000 "42"=0x2E0068000000 "43"=0x2E007300770066000000 "44"=0x2E006A0073000000 "45"=0x2E00700079000000 "46"=0x2E006500700072000000 "47"=0x2E0063007500620069006E000000 "48"=0x2E0066006F006E000000 "49"=0x2E007000630032000000 "50"=0x2E00740078005F000000 "51"=0x2E006C00750061000000 "52"=0x2E00630074006C000000 "53"=0x2E00700061006B000000 "54"=0x74007900700065003A0046006900630068006900650072000000 "55"=0x2E006700690066000000 "56"=0x7400610069006C006C0065003A0031006B006F000000 "10"=0x7400610069006C006C0065003A006D0069006E0075007300630075006C0065000000 "57"=0x7400610069006C006C0065003A0033006B006F000000 "58"=0x2E006E006C0073000000 "59"=0x2E00630068006D000000 "60"=0x2E006300610074000000 "61"=0x2E006D00730070000000 "62"=0x2E0064006500630054006500730074000000 "63"=0x2E0069002C0069000000 "64"=0x2E0069006E0069000000 "36"=0x7400610069006C006C0065003A0076006900640065000000 "65"=0x7400610069006C006C0065003A0035006B006F000000 "66"=0x2E006D00700033000000 "67"=0x2E0064006F00740078000000 "68"=0x2E006A00610072000000 "69"=0x2E0072006500730078000000 "70"=0x2E00610063006300640074000000 "71"=0x2E007200740066000000 "72"=0x2E006C00690062000000 "73"=0x2E006C006F0067000000 "74"=0x2E007700690064000000 "75"=0x2E006400690072000000 "76"=0x300030002A000000 "77"=0x66006400690073006B000000 "78"=0x2D0031002C002A000000 "79"=0x2E007300790073000000 "80"=0x2E00490043004D000000 "81"=0x2E004900640078000000 "82"=0x64006C006C000000 "83"=0x63000000 "84"=0x630020007400610069006C006C0065003A006D0069006E0075007300630075006C0065000000 "85"=0x2E0072006500730073006F00750072006300650073000000 "86"=0x2E0072006500730073000000 "87"=0x2E00720065000000 "88"=0x2E007200650020007400610069006C006C0065003A006D0069006E0075007300630075006C0065000000 "89"=0x4C000000 "90"=0x4C0020007400610069006C006C0065003A006D0069006E0075007300630075006C0065000000 "91"=0x4C0020007400610069006C006C0065003A00310030006B006F000000 "92"=0x4C0020007400610069006C006C0065003A003E00310030006B006F000000 "93"=0x4C0020007400610069006C006C0065003A003C00310030006B006F000000 "94"=0x4C0020007400610069006C006C0065003A003C003D00310030006B006F000000 "95"=0x7400610069006C006C0065003A003C003D00310030006B006F000000 "96"=0x7400610069006C006C0065003A00360036006B006F000000 "97"=0x7400610069006C006C0065003A003C003D00360036006B006F000000 "98"=0x770069006E0064006F00770073000000 "99"=0x6600740062000000 "2"=0x5200650062006F0072006E002E006400610074000000 "3"=0x5200650062006F0072006E00650064005F000000 "4"=0x50006C0061007900650072000000 "5"=0x70006C00610079006500720064006100740061000000 "1"=0x2A002E006600620078000000 "6"=0x2A002E006F00630078000000 "7"=0x2A002E006D006F000000 "8"=0x5200690076006100540075000000 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "AccessDeniedDialog"={100B4FC8-74C1-470F-B1B7-DD7B6BAE79BD} "GlobalAssocChangedCounter"=66 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "AccessDeniedDialog"={100B4FC8-74C1-470F-B1B7-DD7B6BAE79BD} "GlobalAssocChangedCounter"=56 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "PUUActive"=0xCF2B37B304000000020003008E0E00008E0E00008E0E0000D20000001B011C01D9EC3B35652B0000652B000098080000EC070000CF00000000000000981200007001000006000000312188CE6BE9D301C0680F0000000000010000001E570F00AB3F000000000000 "BuildNumber"=16299 "FirstLogon"=0 "DP"=0xD200E8000000000001000000CF2B37B33A89930000000000C884907C68E9D301161072F951E9D301099E23000000000000000000537312000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "scremoveoption"=0 "LastLogOffEndTimePerfCounter"=33171130286 "ShutdownFlags"=2147483815 "Userinit"=C:\Windows\system32\userinit.exe, "AutoAdminLogon"=1 "DefaultDomainName"=CLEMENT "DefaultUserName"=bobcl "DisableCad"=1 "DisableLockWorkstation"=0 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-21-2153363518-3719023817-840555237-1001 "LastUsedUsername"=bobcl "DefaultDataInformation"=0x01282118 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [28/04/2018 12:21:10] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [28/04/2018 12:21:10] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe"=32 [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "SIGN.MEDIA=3E0FBB1 DVDSetup.exe"=0x5341435001000000000000000700000028000000D0EB170016F6170001000000000000000000000A71220000E63F486B2AA0D2010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000024E90400000000000800000008000000 "SIGN.MEDIA=3E0FBB1 DVDChangeDisc.exe"=0x5341435001000000000000000700000028000000D0AF3600E768370001000000000000000000000A71220000E63F486B2AA0D201000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000001F000000000000000100000001000000 "C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe"=0x53414350010000000000000007000000280000000002160000000000010000000000000000000306F1200000E63F486B2AA0D2010000000000000000 "C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe"=0x5341435001000000000000000700000028000000785E0600CD34070001000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000002DCC540A000000006900000069000000 "C:\Program Files\Logitech Gaming Software\LU_1\LogitechUpdate.exe"=0x5341435001000000000000000700000028000000188D1F00D466200001000000000000000000020671020000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000CE540200000000000600000006000000 "C:\Windows\Updreg.EXE"=0x5341435001000000000000000700000028000000006001000000000001000000000000000000010571200000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000010000000000000000200000002000000 "C:\Program Files (x86)\MSI\Smart Tool\Smart Tool.exe"=0x5341435001000000000000000700000028000000D03D42001817430001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000D43E0200000000000100000001000000 "C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe"=0x5341435001000000000000000700000028000000D09B0F0054B10F0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000057090000000000000200000002000000 "C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Client\XtuUiLauncher.exe"=0x5341435001000000000000000700000028000000587501008461020001000000000000000000010600010000DB80FDAC2839D30100000000000000000200000028000000000000008000000004000000000000000000000000000000E7EC2300000000000100000001000000 "SIGN.MEDIA=6E51DC Sound\Realtek\HD\WIN7\Setup.exe"=0x5341435001000000000000000700000028000000D81A0D0073530D0001000000000000000000030600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000003960400000000000100000001000000 "D:\Program Files (x86)\Origin\legacyPM\OriginLegacyCLI.exe"=0x534143500100000000000000070000002800000070AD0C00F9F30C0001000000000000000000010600010000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000CB000000000000000B0000000B000000 "C:\Program Files\windows nt\accessories\wordpad.exe"=0x53414350010000000000000007000000280000000084440048B7440001000000010000000000000A63220000DB80FDAC2839D3010000000000000000 "D:\Program Files (x86)\Steam\bin\steamservice.exe"=0x5341435001000000000000000700000028000000200B19005A7E190001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000002E630000000000000100000001000000 "D:\Program Files\Recuva\recuva64.exe"=0x5341435001000000000000000700000028000000D8A24B00213C4C0001000000000000000000000A73220000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000093564C03000000000900000009000000 "C:\Users\bobcl\AppData\Local\Microsoft\OneDrive\OneDrive.exe"=0x5341435001000000000000000700000028000000C8B8190089CA190001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "C:\Program Files (x86)\Microsoft Visual Studio\Installer\vs_installer.exe"=0x534143500100000000000000070000002800000060D002006F8A030001000000000000000000000A71220000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000026040000000000000100000001000000 "C:\Windows10Upgrade\Windows10UpgraderApp.exe"=0x5341435001000000000000000700000028000000B086190044BE190001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000F00C0000000000000100000001000000 "C:\Program Files\WinRAR\WinRAR.exe"=0x5341435001000000000000000700000028000000C86718009476180001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000011451F00000000002C0000002C000000 "SIGN.MEDIA=9A0D28 setup.exe"=0x5341435001000000000000000700000028000000B0A509004082010001000000000000000000010600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000632E0000000000000100000001000000 "C:\ProgramData\Package Cache\{0a829ae9-ca13-4f58-a168-648e80cf6739}\winsdksetup.exe"=0x5341435001000000000000000700000028000000D03212004AED120003000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000991F0100000000000100000001000000 "C:\ProgramData\Package Cache\{6195c203-b53c-4bb7-983a-6070a902e704}\winsdksetup.exe"=0x534143500100000000000000070000002800000060531200FF5F120003000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000071C50700000000000100000001000000 "C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\layout\InstallCleanup.exe"=0x534143500100000000000000070000002800000060A8000071EE000001000000000000000000000A75220000DB80FDAC2839D30100000000000000000200000050000000000000000000004000000000000000000000000000000000B9660000000000000100000001000000000000000000000000000000000000000000000000000000F6130000000000000200000000000000 "C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\layout\Setup.exe"=0x534143500100000000000000070000002800000060EC0100261A020001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000002F000000000000000200000002000000 "C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise\Common7\IDE\Blend.exe"=0x534143500100000000000000070000002800000060320B00B7810B0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000 "C:\Program Files\Unity\Editor\Unity.exe"=0x5341435001000000000000000700000028000000C0CDD304C355D40401000000000000000000000A00210000DB80FDAC2839D3010000000000000000 "C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXInstaller.exe"=0x5341435001000000000000000700000028000000E8250500D2CD050001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000BAA90400000000000100000001000000 "C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise\Common7\IDE\devenv.exe"=0x534143500100000000000000070000002800000060B80A00CF240B0001000000000000000000000A00210000DB80FDAC2839D301000000C0000000000200000028000000000000000000000000000000000000000000000000000000E4C04400000000000100000001000000 "D:\Clément\Downloads\KillerPerformanceSuite_1.5.1626-BETA_x64.exe"=0x5341435001000000000000000700000028000000B0F9FC05F422FD0501000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000500000000000000000000040000000000000000000000000000000000542010000000000020000000100000000000000000000000000000000000000000000000000000028090000000000000200000000000000 "C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe"=0x5341435001000000000000000700000028000000C0BC1700EDDC170001000000000000000000000A73220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000000A608F00000000000200000002000000 "SIGN.MEDIA=26BC964 setup.exe"=0x5341435001000000000000000700000028000000B0A509004082010001000000000000000000010600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000127A0000000000000200000002000000 "C:\Program Files\Eraser\Eraser.exe"=0x5341435001000000000000000700000028000000A86510005476100001000000000000000000000A75220000DB80FDAC2839D3010000000000000000020000002800000000000000200000600000000000000000000000000000000045297900000000000600000006000000 "D:\Program Files (x86)\Minecraft\MinecraftLauncher.exe"=0x5341435001000000000000000700000028000000801D53028E7E530201000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000008000000000000000000000000000000000000000ED449701000000001400000014000000 "C:\Program Files\Anaconda3\pythonw.exe"=0x5341435001000000000000000700000028000000006601000000000001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000006E5B0000000000000300000003000000 "C:\Program Files\Anaconda3\python.exe"=0x5341435001000000000000000700000028000000006C01000000000001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000060C0000000000000200000002000000 "C:\Program Files\Logitech Gaming Software\ArxApplets\Counter Strike - GO\CS_GO_Arx_Applet.exe"=0x53414350010000000000000007000000280000007866040020F2040001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A4320100000000000500000005000000 "C:\Program Files (x86)\MSI\Gaming APP\SGamingApp.exe"=0x5341435001000000000000000700000028000000B88E1100DB4E120001000000000000000000000A75220000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000DB0D0000000000000600000006000000 "C:\Program Files (x86)\MSI\Command Center\CC_LoadingPage.exe"=0x53414350010000000000000007000000280000006038140009D9140001000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000000E161600000000000C0000000C000000 "C:\Program Files\MSI Kombustor 3\MSI_Kombustor.exe"=0x534143500100000000000000070000002800000000481A00DA491A0001000000000000000000030673020000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000003D6D0400000000000100000001000000 "C:\Program Files (x86)\MSI\ECO Center\ECO Center.exe"=0x5341435001000000000000000700000028000000A8EC8A00F7008B0001000000000000000000000A75220000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000039D90000000000000600000006000000 "C:\Program Files (x86)\GPU-Z\GPU-Z.exe"=0x5341435001000000000000000700000028000000A8564F00D55B4F0001000000000000000000000A71220000DB80FDAC2839D3010000000000000000 "D:\Program Files (x86)\TeamViewer\TeamViewer.exe"=0x534143500100000000000000070000002800000098628202D6CC820201000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000008776D02000000000700000007000000 "D:\Clé usb\Crack\Vidéo pad +Adobe\videopadsetup_v4.50.exe"=0x5341435001000000000000000700000028000000A8B44F00DFA4500001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000763D0000000000000100000001000000 "D:\Program Files\CCleaner\CCleaner64.exe"=0x534143500100000000000000070000002800000058639C00DAF79C0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000072070000000000000200000002000000 "C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe"=0x5341435001000000000000000700000028000000A83C4B00581F4C0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000BBF40100000000000800000008000000 "D:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe"=0x5341435001000000000000000700000028000000607F04002FDA040001000000000000000000010671220000DB80FDAC2839D3010000000000000000020000002800000000000000100000100000000000000000000000000000000019840900000000000100000001000000 "D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe"=0x534143500100000000000000070000002800000098DCE30080FAE30001000000000000000000000A73220000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000007F012900000000000100000001000000 "D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe"=0x534143500100000000000000070000002800000058CD06007291070001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000DFC10200000000000200000002000000 "D:\Clément\Downloads\AnyDesk.exe"=0x5341435001000000000000000700000028000000C89E1B0041CF1B0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000028901100000000000200000002000000 "C:\Users\bobcl\Desktop\FTB_Launcher.exe"=0x534143500100000000000000070000002800000040FF74003027010001000000000000000000000A71200000DB80FDAC2839D301000000000000000002000000280000000000000080000000000000000000000000000000000000001E6DFE00000000001E0000001E000000 "C:\Program Files\internet explorer\iexplore.exe"=0x534143500100000000000000070000002800000038950C005F6B0D0001000000010000000000000A00210000DB80FDAC2839D3010000000000000000 "D:\Program Files\FileZilla FTP Client\filezilla.exe"=0x5341435001000000000000000700000028000000A8BEC800512DC90001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000009A510000000000000100000001000000 "C:\Program Files (x86)\MSI\Live Update\Live Update.exe"=0x5341435001000000000000000700000028000000B88C8E01ACFB8E0101000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000003E000000000000000100000001000000 "D:\Clé usb\Crack\Microsoft Office Professional Plus 2013 VL Edition x86 x64 FR\Office 2013 64 bit\setup.exe"=0x5341435001000000000000000700000028000000884603004F9D030001000000000000000000010600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000A44E0500000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe"=0x5341435001000000000000000700000028000000B0B81401C9BF140101000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000077CADF00000000000600000006000000 "C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe"=0x5341435001000000000000000700000028000000280A08004D9C080001000000000000000000030600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000DC2C0000000000000100000001000000 "C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE"=0x5341435001000000000000000700000028000000B06A1C006B291D0001000000000000000000000A00210000DB80FDAC2839D3010000009100000000 "D:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe"=0x5341435001000000000000000700000028000000188709009AD6090001000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000780000000000000000000080000000000000000000000000000000000F491700000000000100000001000000000000000000000000000000000000000000000000000000AF32B700000000000300000000000000000000008000000000000000000000000000000000000000B1E97B01000000002A00000000000000 "D:\Clément\Downloads\Nouveau dossier\Office 2016 Setup + Crack\files\setup.exe"=0x5341435001000000000000000700000028000000B0D42600BBC0270001000000000000000000030600010000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000000B060000000000000200000002000000 "D:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe"=0x534143500100000000000000070000002800000018C5020060CA020001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000008000000000000000000000000000000000000000BBA4B500000000000700000007000000 "C:\Program Files\Microsoft Office\root\Client\AppVLP.exe"=0x5341435001000000000000000700000028000000B09C0700E5C7070001000000000000000000000A73220000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A8880000000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.exe"=0x5341435001000000000000000700000028000000B074440002C6440001000000000000000000000A73200000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000024140000000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.exe"=0x5341435001000000000000000700000028000000289D0500A93E060001000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000000F000000000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe"=0x5341435001000000000000000700000028000000B0E281005614820001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000056614600000000003400000034000000 "C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE"=0x5341435001000000000000000700000028000000B0B01C0382871D0301000000000000000000000A00210000DB80FDAC2839D3010000009100000000 "D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe"=0x534143500100000000000000070000002800000058CDD0001A0CD10001000000000000000000020671220000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000029010000000000000100000001000000 "C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE"=0x5341435001000000000000000700000028000000B0A41D0057FD1D0001000000000000000000000A00210000DB80FDAC2839D3010000009100000000 "C:\ProgramData\NVIDIA Corporation\Downloader\9ea5f785c6c51bd4074453f93cd9d725\GeForce_Experience_Update_v3.13.1.30_Official_8540CC.exe"=0x534143500100000000000000070000002800000050A66F0510EF6F0501000000000000000000020600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000068BF0000000000000100000001000000 "C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe"=0x534143500100000000000000070000002800000038C90E00DFFC0E0001000000000000000000000A71200000DB80FDAC2839D3010000000000000000020000002800000000000000800000000000000000000000000000000000000058010000000000000100000001000000 "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"=0x5341435001000000000000000700000028000000C0951F0098D41F0001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000001072FE00000000000100000001000000 "C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\VSLauncher.exe"=0x5341435001000000000000000700000028000000786C04003749050001000000000000000000030600010000DB80FDAC2839D3010000000000000000 "C:\Users\bobcl\AppData\Local\atom\atom.exe"=0x5341435001000000000000000700000028000000009606000000000001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000EF4C5400000000000200000002000000 "D:\Program Files (x86)\Steam\Steam.exe"=0x534143500100000000000000070000002800000020CF3000FB7F310001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000000000000000000000100000001000000 "D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayService.exe"=0x5341435001000000000000000700000028000000585B3600895E360001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000008000000000000000000000000000000000000000D20C0000000000000200000002000000 "SIGN.MEDIA=7D1D8 fx-9860G.exe"=0x534143500100000000000000070000002800000000E80300C801040001000000000000000000010671220000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000020910100000000000100000001000000 "D:\Program Files (x86)\CASIO\CASIO FA-124\FA124.exe"=0x5341435001000000000000000700000028000000006013000000000001000000000000000000000671200000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000005A081100000000000400000004000000 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"=0x5341435001000000000000000700000028000000583318006B9B180001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "D:\Program Files (x86)\Samsung\SideSync4\SideSync.exe"=0x5341435001000000000000000700000028000000A05EBE00B6B6BE0001000000000000000000000A71200000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000761D1800000000000200000002000000 "C:\Users\bobcl\AppData\Local\Discord\Update.exe"=0x5341435001000000000000000700000028000000583F17005341170001000000000000000000000A75220000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000074C60F00000000000100000001000000 "C:\ProgramData\Origin\SelfUpdate\Staged\OriginThinSetupInternal.exe"=0x534143500100000000000000070000002800000038694A01560C4B0101000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000097760000000000000100000001000000 "D:\Program Files (x86)\Origin\OriginClientService.exe"=0x534143500100000000000000070000002800000040EF20008AE8210001000000000000000000010600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000023020000000000000100000001000000 "D:\Program Files (x86)\Origin\OriginWebHelperService.exe"=0x534143500100000000000000070000002800000048372E00610B2F0001000000000000000000010600010000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000006D000000000000000100000001000000 "C:\Users\bobcl\AppData\Local\Temp\d0ddc7eb-0af7-4ce4-b485-5997a47522f6\setup.exe"=0x5341435001000000000000000700000028000000A0730700CD27080001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000008000004000000000000000000000000000000000563A0400000000000100000001000000 "D:\Program Files (x86)\Origin\Origin.exe"=0x534143500100000000000000070000002800000028672F0068C42F0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000 "C:\Users\bobcl\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000A02E8701B5F9870101000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "C:\Users\bobcl\AppData\Local\Microsoft\OneDrive\18.080.0419.0003\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0DC0300667E040001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "D:\Clément\Downloads\ccsetup542.exe"=0x5341435001000000000000000700000028000000E84CF10087C3F10001000000000000000000000A00210000DB80FDAC2839D3010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000035330000000000000100000001000000 "D:\Clément\Downloads\adwcleaner_7.1.1.exe"=0x5341435001000000000000000700000028000000D0F46E0049476F0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000D0290000000000000100000001000000 "D:\Clément\Downloads\RogueKiller_setup.exe"=0x5341435001000000000000000700000028000000C8112F02DED82F0201000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000004BF11600000000000200000002000000 "D:\Program Files\CCleaner\CCleaner.exe"=0x534143500100000000000000070000002800000000D3CF00239CD00001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000AC000000000000000100000001000000 "D:\Clément\Downloads\ZHPCleaner.exe"=0x5341435001000000000000000700000028000000800F3000FB88300001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000D9190500000000000100000001000000 "D:\Clément\Downloads\ZHPFix.exe"=0x534143500100000000000000070000002800000000B82E000000000001000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000006F6D0000000000000100000001000000 "C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe"=0x5341435001000000000000000700000028000000404BA900688AA90001000000000000000000000671000000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000004FA42400000000000100000001000000 "C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe"=0x534143500100000000000000070000002800000028490B002C2A0C0001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000D1890000000000000200000002000000 "D:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe"=0x534143500100000000000000070000002800000090812E0077B32E0001000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000280000000000000080000000000000000000000000000000000000008ED70100000000000100000001000000 "D:\Program Files (x86)\Hi-Rez Studios\HirezLauncherUI.exe"=0x534143500100000000000000070000002800000098C937002F1C380001000000000000000000000A71220000DB80FDAC2839D3010000000000000000 "D:\Clément\Downloads\QuickDiag.exe"=0x5341435001000000000000000700000028000000A8F73C000E5B3D0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=131535882399396465 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "ProductType"=2 "InstallTime"=0xDB119618AC4ED301 "InstallLocation"=C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\ "ProductStatus"=0 "OOBEInstallTime"=0xF3CA034C304FD301 "ManagedDefenderProductType"=0 "OneTimeSqmDataSent"=1 "DisableAntiSpyware"=0 "DisableAntiVirus"=0 "LastEnabledTime"=0x9896E20CFAB3D301 "BackupLocation"=C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17613.18039-0 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\epmntdrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EuGdiDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\epmntdrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EuGdiDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) ---------- | Hosts [41] More lines ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [172.217.18.206] avec 32 octets de donn?es?: R?ponse de 172.217.18.206?: octets=32 temps=132 ms TTL=52 R?ponse de 172.217.18.206?: octets=32 temps=184 ms TTL=52 R?ponse de 172.217.18.206?: octets=32 temps=89 ms TTL=52 R?ponse de 172.217.18.206?: octets=32 temps=217 ms TTL=52 Statistiques Ping pour 172.217.18.206: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 89ms, Maximum = 217ms, Moyenne = 155ms ---------- | @ [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=%11%\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=http://www.google.com/ "ImageStoreRandomFolder"=qkowldh "AutoHide"=yes "OperationalData"=12 "CompatibilityFlags"=0 "SearchBandMigrationVersion"=1 "FullScreen"=no "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF95010000DB000000450600007E030000 "Start Page_TIMESTAMP"=0x7CDF80115D8CD301 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=0x010000001A000000466094E09961BA98CA4F4C32844CA2DF851920A6604CC76ED9E3020000000E000000442F4E3944677174573651253364 "IE10RunOnceLastShown"=1 "IE10RunOnceLastShown_TIMESTAMP"=0x9AF21AAB52ABD301 "IE10TourShown"=1 "IE10TourShownTime"=0x24FE6FC86089D301 "DownloadWindowPlacement"=0x2C0000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF50020000F0000000D0040000D0020000 [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "CertificateRevocation"=1 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "ZonesSecurityUpgrade"=0x3B13A090ECDED301 "WarnonZoneCrossing"=0 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "ProxyOverride"=*.local [HKLM\Software\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vpj] "VideoPad.BAK"=NCH.VideoPad.vpj ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending)] - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced)] - {05B38830-F4E9-4329-978B-1DD28605D202} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing)] - {0596C850-7BDD-4C9D-AFDF-873BE6890637} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7} -- C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [08/03/2018 20:19:50] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE} -- C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [08/03/2018 20:19:50] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} -- C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [08/03/2018 20:19:50] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [29/09/2017 15:41:47] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81} -- %SystemRoot%\System32\cscui.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending)] - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced)] - {05B38830-F4E9-4329-978B-1DD28605D202} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing)] - {0596C850-7BDD-4C9D-AFDF-873BE6890637} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7} -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [08/03/2018 20:26:06] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE} -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [08/03/2018 20:26:06] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [08/03/2018 20:26:06] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 "ShowDiscussionButton"=Yes [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} "KnownProvidersUpgradeTime"=0x24FE6FC86089D301 "Version"=5 "UpgradeTime"=0x24FE6FC86089D301 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{22CC3EBD-C286-43aa-B8E6-06B115F74162}] : (HP Smart Print) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{22CC3EBD-C286-43aa-B8E6-06B115F74162}] : (HP Smart Print) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] : (Lync Click to Call) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] ---------- | SearchScopes [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] -> (Microsoft OneDrive for Business Browser Helper) : C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [08/03/2018 20:26:06] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> () : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] -> (Lync Browser Helper) : C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [08/03/2018 20:26:08] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] -> (Microsoft OneDrive for Business Browser Helper) : C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [08/03/2018 20:26:06] ---------- | Chrome C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\bihmplhobchoageeokmgbdihknkjbknd = : __MSG_description__ - short_name: __MSG_shortName__ - permissions:[\u003Call_urls>tabsstorageproxywebRequestwebRequestBlockingmanagementnativeMessagingnotificationsunlimitedStoragehttp://*/*https://*/*backgroundprivacy] - https://clients2.google.com/service/update2/crx C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\cfhdojbkjhnklbpkdaibdccddilifddb = : __MSG_description__ - short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstorageunlimitedStoragenotifications] - https://clients2.google.com/service/update2/crx C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\cmedhionkhpnakcndndgjdbohmhepckk = : __MSG_extension_description__ - __MSG_extension_name__ - permissions:[tabsstorageunlimitedStoragewebRequestwebRequestBlocking\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\epejdmjgfibjaffbmojllapapjejipkh = : __MSG_LOGIN_INTRO__ - __MSG_EXT_NAME__ - https://clients2.google.com/service/update2/crx C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\gcbommkclmclpchllfjekcdonpmejbdp = : __MSG_about_ext_description__ - __MSG_about_ext_name__ - https://clients2.google.com/service/update2/crx C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\gcmhlmapohffdglflokbgknlknnmogbb = : Google & co - https://www.the-qrcode-generator.com/ - Google & co - [https://www.the-qrcode-generator.com/] - https://clients2.google.com/service/update2/crx C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\gkojfkhlekighikafcpjkiklfbnlmeio = : Google & co - Google & co - permissions:[proxywebRequestwebRequestBlocking\u003Call_urls>storagetabswebNavigationcookies] - https://clients2.google.com/service/update2/crx C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\hfpmbfgodkfcebpgheiedaddoikmljkk = : convert anything to anything - https://cloudconvert.com/ - CloudConvert - [https://cloudconvert.com/] - https://clients2.google.com/service/update2/crx C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\hifhgpdkfodlpnlmlnmhchnkepplebkb = : Allows the user to modify requests as they happen. - Tamper Chrome (extension) - https://clients2.google.com/service/update2/crx C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\ikknnkomiokeodcdkknnhgjmncfiefmn = : Brings new tweet notifications to Chrome - You'll never need a desktop client again! - Notifier for Twitter - https://clients2.google.com/service/update2/crx C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\jmmlbpeogbcmlhodbcojphocomhaihnl = : This page allows you to generate random passwords with the highest quality randomness and is very easy to use - http://www.ngenerator.com/?p=prnd - Password generator - [http://www.ngenerator.com/?p=prnd] - http://clients2.google.com/service/update2/crx C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\macmgoeeggnlnmpiojbcniblabkdjphe = : A plugin that enables AirMirror in AirDroid Web - AirMirror - https://clients2.google.com/service/update2/crx C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\mciiogijehkdemklbdcbfkefimifhecn = : __MSG_extDesc__ - short_name: Chrono - permissions:[alarmsclipboardReadclipboardWritedownloadsdownloads.opendownloads.shelfnotificationstabscontextMenuswebRequestwebRequestBlockingstorageunlimitedStorage\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx C:\Users\bobcl\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx ---------- | Opera ---------- | Firefox [HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=13.0.0.0] - (Java™ Deployment Toolkit) : C:\Program Files\Java\jre-10\bin\dtplugin\npDeployJava1.dll [HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=13.0.0.0] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files\Java\jre-10\bin\plugin2\npjp2.dll [HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4] - (ESN Sonar browser plugin) : C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0] - () : C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68] - (Intel IPT WebApi plugin) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] - (This plugin updates Intel WebAPI component) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVision] - (NVIDIA stereo images plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] - (NVIDIA 3D Vision Streaming plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{3471ae71-8655-4618-af80-35ac875dc5e5}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{99b2ade8-5148-415a-86a0-8f6ee5a8152c}] "DhcpNameServer"=192.168.42.129 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{c092f9e9-4a10-4402-95b0-5444c727ee06}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{eae93edb-1037-4967-a9c6-fe637619b436}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{3471ae71-8655-4618-af80-35ac875dc5e5}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{99b2ade8-5148-415a-86a0-8f6ee5a8152c}] "DhcpNameServer"=192.168.42.129 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{c092f9e9-4a10-4402-95b0-5444c727ee06}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{eae93edb-1037-4967-a9c6-fe637619b436}] "DhcpNameServer"=192.168.1.1 ---------- | Applications [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\SOFTWARE\Classes\Applications\atom.exe] : "C:\Users\bobcl\AppData\Local\atom\app-1.25.0\atom.exe" "%1" [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\SOFTWARE\Classes\Applications\WinRAR.exe] : "C:\Program Files\WinRAR\WinRAR.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\videopad.exe] : "C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe" "%L" [HKLM\SOFTWARE\Classes\Applications\VSLauncher.exe] : "C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\VSLauncher.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\videopad.exe] : "C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe" "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\VSLauncher.exe] : "C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\VSLauncher.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DcomLaunch DeviceInstall SystemEventsBroker "rdxgroup"=RetailDemo "Camera"=FrameS "diagnostics"=DiagSvc "PrintWorkflow"=PrintWorkflowUserSvc "DevicesFlow"=DevicesFlowUserSvc "GraphicsPerfSvcGroup"=GraphicsPerfSvc "smbsvcs"=lanmanserver "PeerDist"=PeerDistSvc "AssignedAccessManagerSvc"=AssignedAccessManagerSvc [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=PlugPlay DcomLaunch DeviceInstall "PrintWorkflow"=PrintWorkflowUserSvc "smbsvcs"=lanmanserver ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Akeo Consulting] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\AppDataLow] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\AvastAdSDK] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\CASIO] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Chromium] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Creative Tech] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Dash] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\EaseUS] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Electronic Arts] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Epic Games] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Eraser] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\ESET] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Google] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Hdd_Recovery_Pro] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\HP] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\IM Providers] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Intel] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Intel Corporation] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\JavaSoft] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Killer Networking] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\LinuxLive] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Litecoin] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Logitech] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\LSoft Technologies] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Microsoft] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Mojang] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\MSI] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\NCH Software] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\NCH Swift Sound] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Netscape] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\NVIDIA Corporation] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\ODBC] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Piriform] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Policies] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\PopCap] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\QtProject] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Realtek] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\RegisteredApplications] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Remo Software] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Samsung] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\SyncEngines] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\sysinternals] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\TCP Optimizer] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\TeamViewer] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\techPowerUp] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\The Undelete Company] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Twitch] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Ubisoft] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Unity] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Unity Technologies] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Valve] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Visan] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\WinRAR] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\WinRAR SFX] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Wow6432Node] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Xamarin] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\ZebHelpProcess Helper] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\ZHP] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Microsoft\Windows\Winlogon] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\AGEIA Technologies] [HKLM\Software\Alienware] [HKLM\Software\Apple Inc.] [HKLM\Software\Clients] [HKLM\Software\Creative Tech] [HKLM\Software\dotnet] [HKLM\Software\EA Games] [HKLM\Software\FileZilla 3] [HKLM\Software\Fortemedia] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\HAXM] [HKLM\Software\Hewlett-Packard] [HKLM\Software\HP] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\Litecoin Core (64-bit)] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nuance] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Oracle] [HKLM\Software\Partner] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Python] [HKLM\Software\R-core] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Remo Software] [HKLM\Software\RivetNetworks] [HKLM\Software\SAMSUNG] [HKLM\Software\Softwin] [HKLM\Software\SRS Labs] [HKLM\Software\SyncIntegrationClients] [HKLM\Software\sysinternals] [HKLM\Software\TeamSpeak 3 Client] [HKLM\Software\Volatile] [HKLM\Software\Waves Audio] [HKLM\Software\WinRAR] [HKLM\Software\WOW6432Node] [HKLM\Software\Microsoft\Windows\AssignedAccessConfiguration] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\Dwm] [HKLM\Software\Microsoft\Windows\DynamicManagement] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\Heat] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AssignedAccessManagerSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\Creative Tech] [HKLM\Software\WOW6432Node\dotnet] [HKLM\Software\WOW6432Node\EA Games] [HKLM\Software\WOW6432Node\EasyAntiCheat] [HKLM\Software\WOW6432Node\Electronic Arts] [HKLM\Software\WOW6432Node\Epic Games] [HKLM\Software\WOW6432Node\EpicGames] [HKLM\Software\WOW6432Node\ESN Launcher] [HKLM\Software\WOW6432Node\ESN Sonar-0.70.4] [HKLM\Software\WOW6432Node\FileZilla 3] [HKLM\Software\WOW6432Node\FileZilla Client] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Hdd_Recovery_Pro] [HKLM\Software\WOW6432Node\Hewlett-Packard] [HKLM\Software\WOW6432Node\Hi-Rez Studios] [HKLM\Software\WOW6432Node\HiRez Studios] [HKLM\Software\WOW6432Node\HP] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mojang] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\MSI] [HKLM\Software\WOW6432Node\NCH Software] [HKLM\Software\WOW6432Node\NCH Swift Sound] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\Nuget] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\Origin] [HKLM\Software\WOW6432Node\Origin Games] [HKLM\Software\WOW6432Node\PopCap] [HKLM\Software\WOW6432Node\Python] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Remo Software] [HKLM\Software\WOW6432Node\RivetNetworks] [HKLM\Software\WOW6432Node\Samsung] [HKLM\Software\WOW6432Node\TeamViewer] [HKLM\Software\WOW6432Node\Ubisoft] [HKLM\Software\WOW6432Node\Unwinder] [HKLM\Software\WOW6432Node\Valve] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\WOW6432Node] [HKLM\Software\WOW6432Node\Xamarin] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Even Balance] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\Heat] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] ---------- | Drives D: ---------- | C: [18/03/2017 23:03:28] - |SHD| - [387] - C:\$Recycle.Bin [21/11/2017 21:07:06] - |HD| - [734422] - C:\$SysReset [17/12/2017 14:34:42] - |HD| - [385376] - C:\$Windows.~WS [09/04/2018 14:22:50] - |SHD| - [235] - C:\82ace7d6-0197-474d-bf4b-a2043e72329b [MD5.BDE3E58C4CB635A4C11D6DA4ECD159B4] - [22/11/2017 21:04:24] - |SH| - (.-.) - [72] - (0.0.0.0) - C:\bootTel.dat [27/10/2017 00:46:25] - |SHD| - [0] - C:\Documents and Settings [16/12/2017 21:33:27] - |D| - [0] - C:\ESD [09/11/2017 16:14:20] - |D| - [1431036124] - C:\ftb [27/10/2017 15:31:03] - |D| - [10476] - C:\Intel [27/10/2017 13:22:26] - |D| - [118346625] - C:\MSI [08/03/2018 19:05:41] - |RHD| - [846036376] - C:\MSOCache [11/05/2018 22:42:31] - |HD| - [0] - C:\OneDriveTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/10/2017 00:45:08] - |ASH| - (.-.) - [6174015488] - (0.0.0.0) - C:\pagefile.sys [29/09/2017 15:46:33] - |D| - [0] - C:\PerfLogs [29/09/2017 15:46:33] - |RD| - [18898794486] - C:\Program Files [29/09/2017 15:46:33] - |RD| - [31623994503] - C:\Program Files (x86) [29/09/2017 15:46:33] - |HD| - [18455053703] - C:\ProgramData [11/05/2018 23:41:23] - |D| - [68686] - C:\QuickDiag [MD5.94ADD734CC5BDFD0C0DC630D3CCC4A16] - [11/05/2018 23:41:29] - |A| - (.-.) - [194751] - (0.0.0.0) - C:\QuickDiag.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/10/2017 15:30:59] - |A| - (.-.) - [0] - (0.0.0.0) - C:\RAMDiskImage.img [27/10/2017 17:26:18] - |SHD| - [1040] - C:\Recovery [MD5.A88CE9E84075F03ADA3D990A4A71CEF9] - [27/10/2017 15:29:28] - |A| - (.-.) - [2959] - (0.0.0.0) - C:\RHDSetup.log [MD5.0A7C8C09DC7627B96EFC141581AB2272] - [27/10/2017 15:31:37] - |A| - (.-.) - [181] - (0.0.0.0) - C:\SBC2setup.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/10/2017 00:45:08] - |ASH| - (.-.) - [16777216] - (0.0.0.0) - C:\swapfile.sys [27/10/2017 00:45:08] - |SHD| - [0] - C:\System Volume Information [29/09/2017 10:45:11] - |RD| - [66632928387] - C:\Users [29/09/2017 10:45:11] - |D| - [27961557580] - C:\Windows ---------- | C:\WINDOWS [MD5.D2A2D69173654899705C88EEE378A5B2] - [27/10/2017 13:22:28] - |A| - (.© Microsoft Corporation. - Resource only DLL containing MOF for ASL code.) - [11248] - (6.1.7600.16385) - C:\WINDOWS\acpimof.dll [29/09/2017 15:46:33] - |D| - [802] - C:\WINDOWS\addins [29/09/2017 15:46:33] - |D| - [21683063] - C:\WINDOWS\appcompat [29/09/2017 15:46:33] - |D| - [8193812] - C:\WINDOWS\apppatch [29/09/2017 15:46:33] - |D| - [0] - C:\WINDOWS\AppReadiness [29/09/2017 15:46:33] - |RSD| - [2141932331] - C:\WINDOWS\assembly [29/09/2017 15:46:33] - |D| - [692493] - C:\WINDOWS\bcastdvr [MD5.55F49769891E4DC7CAB3E293E1238888] - [29/09/2017 15:41:23] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [65536] - (10.0.16299.15) - C:\WINDOWS\bfsvc.exe [30/09/2017 16:41:52] - |SHD| - [580179] - C:\WINDOWS\BitLockerDiscoveryVolumeContents [29/09/2017 15:46:33] - |D| - [38262838] - C:\WINDOWS\Boot [MD5.51BB635F1F16D897960E35CD29455BFB] - [27/10/2017 16:27:23] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [29/09/2017 15:46:33] - |D| - [2448464] - C:\WINDOWS\Branding [29/09/2017 15:37:01] - |D| - [0] - C:\WINDOWS\CbsTemp [27/10/2017 17:23:44] - |D| - [19795170] - C:\WINDOWS\containers [27/10/2017 00:48:00] - |D| - [0] - C:\WINDOWS\CSC [MD5.CE7EA4FD479F7E540EDB01931ED77193] - [27/10/2017 15:31:58] - |A| - (.-.) - [159] - (0.0.0.0) - C:\WINDOWS\ctfile.rfc [29/09/2017 15:46:33] - |D| - [11482410] - C:\WINDOWS\Cursors [29/09/2017 15:46:33] - |D| - [8055309] - C:\WINDOWS\debug [29/09/2017 15:46:33] - |D| - [0] - C:\WINDOWS\DeliveryOptimization [MD5.63FA78E537E5CC2A592C0D3A6D9180BF] - [27/10/2017 16:30:13] - |A| - (.-.) - [20940] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [29/09/2017 15:46:33] - |D| - [4795199] - C:\WINDOWS\diagnostics [MD5.0CB0BCB04400D636B162EAE648666D94] - [27/10/2017 16:30:13] - |A| - (.-.) - [38168] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [30/09/2017 16:39:55] - |D| - [0] - C:\WINDOWS\DigitalLocker [29/09/2017 15:46:33] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files [29/09/2017 15:46:33] - |HD| - [44608] - C:\WINDOWS\ELAMBKUP [30/09/2017 16:39:55] - |D| - [0] - C:\WINDOWS\en-US [MD5.28A9316147DF6223D0AB7774706B55EC] - [28/04/2018 12:21:22] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3904296] - (10.0.16299.402) - C:\WINDOWS\explorer.exe [29/09/2017 15:46:33] - |RSD| - [401088760] - C:\WINDOWS\Fonts [30/09/2017 16:39:55] - |D| - [109568] - C:\WINDOWS\fr-FR [29/09/2017 15:46:33] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter [29/09/2017 15:46:33] - |D| - [55548040] - C:\WINDOWS\Globalization [29/09/2017 15:46:33] - |D| - [71513678] - C:\WINDOWS\Help [MD5.67422BB31C52F0E4697C2A413677E033] - [28/04/2018 12:21:12] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [976896] - (10.0.16299.402) - C:\WINDOWS\HelpPane.exe [MD5.620517DFE23E0DEB918F70538DF8AD67] - [29/09/2017 15:41:47] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [17920] - (10.0.16299.15) - C:\WINDOWS\hh.exe [29/09/2017 15:46:33] - |D| - [173056880] - C:\WINDOWS\IME [29/09/2017 15:46:33] - |RD| - [7817000] - C:\WINDOWS\ImmersiveControlPanel [29/09/2017 15:44:34] - |D| - [73015522] - C:\WINDOWS\INF [29/09/2017 15:46:33] - |D| - [1353075849] - C:\WINDOWS\InfusedApps [29/09/2017 15:46:33] - |D| - [38118841] - C:\WINDOWS\InputMethod [29/09/2017 15:46:33] - |SHD| - [1701629367] - C:\WINDOWS\Installer [29/09/2017 15:46:33] - |D| - [94163] - C:\WINDOWS\L2Schemas [29/09/2017 15:46:33] - |D| - [0] - C:\WINDOWS\LiveKernelReports [29/09/2017 10:45:14] - |D| - [6261297] - C:\WINDOWS\Logs [MD5.157BE5DC8BE87631D75A465AF475FFF8] - [27/10/2017 15:31:59] - |A| - (.-.) - [2783] - (0.0.0.0) - C:\WINDOWS\MBCfg_APOIM.ini [MD5.E9A53A1D9F6C230E40BC71AAE397B9F8] - [27/10/2017 15:31:59] - |A| - (.-.) - [2747] - (0.0.0.0) - C:\WINDOWS\MBCfg_HP_APOIM.ini [MD5.4C391CBB89643DE08EDC06AF60C2BEE1] - [27/10/2017 15:31:59] - |A| - (.-.) - [2835] - (0.0.0.0) - C:\WINDOWS\MBCfg_SP_APOIM.ini [29/09/2017 15:46:33] - |RSD| - [20331141] - C:\WINDOWS\media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [29/09/2017 15:42:00] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [08/03/2018 19:29:55] - |D| - [231363696] - C:\WINDOWS\Microsoft Antimalware [29/09/2017 15:46:33] - |RD| - [889575656] - C:\WINDOWS\Microsoft.NET [29/09/2017 15:46:33] - |D| - [2943] - C:\WINDOWS\Migration [29/09/2017 15:46:33] - |D| - [0] - C:\WINDOWS\ModemLogs [MD5.15750221BBFFA36C055D656C46899460] - [29/09/2017 15:41:38] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [246784] - (10.0.16299.15) - C:\WINDOWS\notepad.exe [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [27/10/2017 11:33:22] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\WINDOWS\NvContainerRecovery.bat [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [08/11/2017 13:37:45] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\WINDOWS\NvTelemetryContainerRecovery.bat [30/09/2017 16:40:48] - |D| - [419226] - C:\WINDOWS\OCR [29/09/2017 15:46:33] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [10/11/2017 09:00:49] - |D| - [3466028] - C:\WINDOWS\Panther [29/09/2017 15:46:33] - |D| - [378450] - C:\WINDOWS\Performance [MD5.BFB3DAB3C0ECD979F00ADD9407FF6F02] - [10/12/2017 23:19:50] - |A| - (.-.) - [45012] - (0.0.0.0) - C:\WINDOWS\PFRO.log [29/09/2017 15:46:33] - |D| - [1136442] - C:\WINDOWS\PLA [29/09/2017 15:46:33] - |D| - [7126318] - C:\WINDOWS\PolicyDefinitions [27/10/2017 16:26:52] - |D| - [3698231] - C:\WINDOWS\Prefetch [29/09/2017 15:46:33] - |RD| - [2166039] - C:\WINDOWS\PrintDialog [MD5.D468EBA1EFD3E30B9F7FC45C5F7D35B5] - [30/09/2017 16:42:34] - |A| - (.-.) - [35522] - (0.0.0.0) - C:\WINDOWS\Professional.xml [29/09/2017 15:46:33] - |D| - [3771313] - C:\WINDOWS\Provisioning [MD5.BE9724AFAA266029863B6CC82AE62804] - [08/07/2017 05:15:32] - |A| - (.Copyright © 2001-2016 Python Software Foundation. Copyright © 2000 BeOpen.com. Copyright © 1995-2001 CNRI. Copyright © 1991-1995 SMC. - Python.) - [889496] - (3.6.2150.1013) - C:\WINDOWS\py.exe [MD5.8B795006A25DF1EBBF8CD02658865085] - [08/07/2017 03:13:08] - |A| - (.Copyright © 2001-2016 Python Software Foundation. Copyright © 2000 BeOpen.com. Copyright © 1995-2001 CNRI. Copyright © 1991-1995 SMC. - Python.) - [55456] - (3.6.2122.1013) - C:\WINDOWS\pyshellext.amd64.dll [MD5.917470AF394E5A0D0FC14BC30FD1E1F8] - [08/07/2017 05:15:32] - |A| - (.Copyright © 2001-2016 Python Software Foundation. Copyright © 2000 BeOpen.com. Copyright © 1995-2001 CNRI. Copyright © 1991-1995 SMC. - Python.) - [890008] - (3.6.2150.1013) - C:\WINDOWS\pyw.exe [MD5.14A3681D6247758B1F4880022ABEE0D7] - [29/09/2017 15:41:58] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [335872] - (10.0.16299.15) - C:\WINDOWS\regedit.exe [29/09/2017 15:46:33] - |D| - [1095144] - C:\WINDOWS\registration [30/09/2017 16:41:52] - |D| - [0] - C:\WINDOWS\RemotePackages [29/09/2017 15:46:33] - |D| - [4989664] - C:\WINDOWS\rescache [29/09/2017 15:46:33] - |D| - [3623417] - C:\WINDOWS\Resources [MD5.49F66188C137CEEEBDAF751041B60B79] - [27/10/2017 15:29:28] - |A| - (.Copyright (C) 2017 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2839488] - (1.0.7.1) - C:\WINDOWS\RtlExUpd.dll [29/09/2017 15:46:33] - |D| - [0] - C:\WINDOWS\SchCache [29/09/2017 15:46:33] - |D| - [156399] - C:\WINDOWS\schemas [29/09/2017 15:46:33] - |D| - [7909173] - C:\WINDOWS\security [27/10/2017 17:24:08] - |D| - [63814285] - C:\WINDOWS\ServiceProfiles [29/09/2017 10:45:11] - |D| - [179654507] - C:\WINDOWS\servicing [29/09/2017 15:49:45] - |D| - [42] - C:\WINDOWS\Setup [MD5.B29CAA5270D95C5062D015BC4CF162B0] - [11/05/2018 22:42:12] - |A| - (.-.) - [845] - (0.0.0.0) - C:\WINDOWS\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [11/05/2018 22:42:12] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\setuperr.log [29/09/2017 15:46:33] - |D| - [53788160] - C:\WINDOWS\ShellExperiences [30/09/2017 16:40:33] - |D| - [6828144] - C:\WINDOWS\SKB [27/10/2017 00:46:35] - |D| - [692560298] - C:\WINDOWS\SoftwareDistribution [29/09/2017 15:46:33] - |D| - [174665190] - C:\WINDOWS\Speech [29/09/2017 15:46:33] - |D| - [102305354] - C:\WINDOWS\Speech_OneCore [MD5.B3FBABDA876CFA2B4695471D5348F59F] - [29/09/2017 15:42:06] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [130560] - (10.0.16299.15) - C:\WINDOWS\splwow64.exe [30/11/2017 23:44:41] - |D| - [11776] - C:\WINDOWS\symbols [29/09/2017 15:46:33] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [18/03/2017 23:03:33] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [29/09/2017 10:45:11] - |D| - [7295532937] - C:\WINDOWS\System32 [29/09/2017 15:46:34] - |D| - [200654056] - C:\WINDOWS\SystemApps [29/09/2017 15:46:34] - |D| - [24143522] - C:\WINDOWS\SystemResources [29/09/2017 10:45:15] - |D| - [1614890531] - C:\WINDOWS\SysWOW64 [29/09/2017 15:46:34] - |D| - [0] - C:\WINDOWS\TAPI [18/03/2017 23:03:29] - |D| - [258] - C:\WINDOWS\Tasks [29/09/2017 15:46:34] - |D| - [19868465] - C:\WINDOWS\Temp [29/09/2017 15:46:34] - |D| - [13428736] - C:\WINDOWS\TextInput [29/09/2017 15:46:34] - |D| - [983040] - C:\WINDOWS\tracing [29/09/2017 15:46:34] - |D| - [7680] - C:\WINDOWS\twain_32 [MD5.F6C33A8A65C6AF007812EED398D783B2] - [29/09/2017 15:42:16] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [65536] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [MD5.C419DF63E0121D72411285780C2FC6CC] - [27/10/2017 15:32:02] - |A| - (.Copyright (c) Creative Technology Ltd. 2000 - Creative UpdReg.) - [90112] - (1.0.2.0) - C:\WINDOWS\Updreg.EXE [29/09/2017 15:46:34] - |D| - [12420] - C:\WINDOWS\Vss [29/09/2017 15:46:34] - |D| - [15729830] - C:\WINDOWS\Web [MD5.DAA6AAD525D12F8985695B882301336F] - [18/03/2017 23:03:33] - |A| - (.-.) - [167] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [29/09/2017 15:41:58] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.2CC83D93DD1DDE691158CF5E9882420B] - [11/05/2018 22:42:07] - |A| - (.-.) - [276] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.02BD03E57C66CB40AEDB7039E93E7CB0] - [29/09/2017 15:42:16] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.16299.15) - C:\WINDOWS\winhlp32.exe [29/09/2017 10:45:11] - |D| - [10171018409] - C:\WINDOWS\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [29/09/2017 15:41:16] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.0D5D4E344F5581C954355D7164DD4BE1] - [29/09/2017 15:41:38] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.16299.15) - C:\WINDOWS\write.exe ---------- | C:\WINDOWS\System32\GroupPolicy [MD5.AFE76AE54F4FF6A36C11A2941C7D25EC] - [14/11/2017 19:25:27] - |A| - (.-.) - [244] - (0.0.0.0) - C:\WINDOWS\System32\GroupPolicy\gpt.ini [14/11/2017 19:25:27] - |D| - [853] - C:\WINDOWS\System32\GroupPolicy\Machine [14/11/2017 19:25:27] - |D| - [0] - C:\WINDOWS\System32\GroupPolicy\User ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [20/03/2017 13:49:18] - C:\WINDOWS\Installer\17216ec.msi : (Gtk# for .Net 2.12.26 - Xamarin, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/09/2017 12:41:56] - C:\WINDOWS\Installer\173d3c.msi : (HP ePrint SW - HP Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/09/2017 12:43:36] - C:\WINDOWS\Installer\173d41.msi : (HP ePrint SW - HP Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/09/2017 10:46:46] - C:\WINDOWS\Installer\173d47.msi : ([ProductName] Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/09/2017 12:36:16] - C:\WINDOWS\Installer\173d4c.msi : (HP ePrint SW - HP Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/09/2017 12:38:24] - C:\WINDOWS\Installer\173d51.msi : (HP ePrint SW - HP Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/09/2017 12:39:28] - C:\WINDOWS\Installer\173d56.msi : (HP ePrint SW - HP Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/09/2017 12:37:20] - C:\WINDOWS\Installer\173d5b.msi : (HP ePrint SW - HP Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/12/2017 21:15:42] - C:\WINDOWS\Installer\26ff9.msi : (Blank Project Template - Rivet Networks) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/12/2017 21:12:06] - C:\WINDOWS\Installer\2ce54.msi : (Blank Project Template - Rivet Networks) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/06/2014 19:04:36] - C:\WINDOWS\Installer\3509d3.msi : (Intel Smart Connect Technology enables your computer to periodically wake from sleep to keep your content fresh - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/11/2017 13:55:00] - C:\WINDOWS\Installer\35be8d.msi : (Epic Games Launcher - Epic Games, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/11/2017 21:03:03] - C:\WINDOWS\Installer\3fa6af.msi : (Eraser Installer - The Eraser Project) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/03/2017 13:49:18] - C:\WINDOWS\Installer\464cb.msi : (Gtk# for .Net 2.12.26 - Xamarin, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2018 21:05:14] - C:\WINDOWS\Installer\52e707.msi : (Java(TM) SE Development Kit 10 (64-bit) - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/11/2017 19:23:22] - C:\WINDOWS\Installer\5c050.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/10/2010 17:08:55] - C:\WINDOWS\Installer\6ef9d1.msi : (ProductName from default.wxl - Electronic Arts) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/07/2017 06:02:48] - C:\WINDOWS\Installer\81d0c8.msi : (Python 3.6.2 Core Interpreter (64-bit) - Python Software Foundation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/11/2017 22:42:28] - C:\WINDOWS\Installer\81d0cd.msi : (Python 3.6.2 Core Interpreter (64-bit symbols) - Python Software Foundation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/07/2017 06:03:10] - C:\WINDOWS\Installer\81d0d2.msi : (Python 3.6.2 Development Libraries (64-bit) - Python Software Foundation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/07/2017 06:03:22] - C:\WINDOWS\Installer\81d0d7.msi : (Python 3.6.2 Executables (64-bit) - Python Software Foundation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/11/2017 22:42:33] - C:\WINDOWS\Installer\81d0dc.msi : (Python 3.6.2 Executables (64-bit symbols) - Python Software Foundation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/07/2017 06:03:44] - C:\WINDOWS\Installer\81d0e1.msi : (Python 3.6.2 Standard Library (64-bit) - Python Software Foundation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/11/2017 22:45:46] - C:\WINDOWS\Installer\81d0e6.msi : (Python 3.6.2 Standard Library (64-bit symbols) - Python Software Foundation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/07/2017 06:05:00] - C:\WINDOWS\Installer\81d0eb.msi : (Python 3.6.2 Test Suite (64-bit) - Python Software Foundation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/11/2017 22:45:58] - C:\WINDOWS\Installer\81d0f0.msi : (Python 3.6.2 Test Suite (64-bit symbols) - Python Software Foundation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/07/2017 06:03:18] - C:\WINDOWS\Installer\81d0f5.msi : (Python 3.6.2 Documentation (64-bit) - Python Software Foundation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/07/2017 06:05:10] - C:\WINDOWS\Installer\81d0fa.msi : (Python 3.6.2 Utility Scripts (64-bit) - Python Software Foundation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/07/2017 06:04:34] - C:\WINDOWS\Installer\81d0ff.msi : (Python 3.6.2 Tcl/Tk Support (64-bit) - Python Software Foundation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/11/2017 22:46:04] - C:\WINDOWS\Installer\81d104.msi : (Python 3.6.2 Tcl/Tk Support (64-bit symbols) - Python Software Foundation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/07/2017 05:19:42] - C:\WINDOWS\Installer\81d109.msi : (Python Launcher - Python Software Foundation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/07/2017 06:04:20] - C:\WINDOWS\Installer\81d10e.msi : (Python 3.6.2 pip Bootstrap (64-bit) - Python Software Foundation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/12/2010 03:51:46] - C:\WINDOWS\Installer\87a5c.msi : (CASIO FA-124 - CASIO COMPUTER CO., LTD.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/11/2017 23:01:13] - C:\WINDOWS\Installer\99d94b.msi : (Xamarin.Bonjour v1.0.13 - Xamarin) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/11/2017 23:01:13] - C:\WINDOWS\Installer\99d950.msi : (Xamarin PCL Profiles v1.0.9 - Xamarin) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/11/2017 23:24:10] - C:\WINDOWS\Installer\99d955.msi : (Xamarin Workbooks and Inspector - Xamarin) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/11/2017 23:25:04] - C:\WINDOWS\Installer\99d95a.msi : (Xamarin Profiler - Xamarin, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/11/2017 23:25:23] - C:\WINDOWS\Installer\99d95f.msi : (Xamarin Remoted iOS Simulator - Xamarin) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/07/2015 23:44:38] - C:\WINDOWS\Installer\a94321.msi : (Intel(R) ME UninstallLegacy - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/07/2015 23:46:36] - C:\WINDOWS\Installer\a94326.msi : (Intel(R) Management Engine Components - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/07/2015 23:47:32] - C:\WINDOWS\Installer\a9432b.msi : (Intel(R) Management Engine Components - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/05/2015 17:27:22] - C:\WINDOWS\Installer\a94330.msi : (Intel(R) Trusted Connect Service Client - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/05/2015 01:25:00] - C:\WINDOWS\Installer\a94335.msi : (Intel® Security Assist - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2015 13:51:48] - C:\WINDOWS\Installer\a9433a.msi : (Intel(R) Chipset Device Software - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/10/2017 15:30:29] - C:\WINDOWS\Installer\a94342.msi : (Asmedia USB Host Controller Driver - Asmedia Technology) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/02/2017 11:07:54] - C:\WINDOWS\Installer\a94360.msi : (Intel Extreme Tuning Utility - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/11/2015 11:56:58] - C:\WINDOWS\Installer\bcfb59.msi : (Epic Games Launcher Prerequisites (x64) - Epic Games, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/11/2017 23:56:15] - C:\WINDOWS\Installer\c6db0d.msi : (Java SE Development Kit 8 Update 131 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/11/2017 23:56:42] - C:\WINDOWS\Installer\c6e0cb.msi : (Java SE Development Kit 8 Update 131 (64-bit) - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/01/2018 23:19:50] - C:\WINDOWS\Installer\cc3f20.msi : (Java SE Runtime Environment 8 Update 161 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/07/2017 18:41:34] - C:\WINDOWS\Installer\d18383.msi : (Intel® Hardware Accelerated Execution Manager - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/11/2017 00:06:19] - C:\WINDOWS\Installer\eaebe8.msi : (Minecraft - Mojang) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [22/02/2018 15:13:24] - [3329] - C:\WINDOWS\System32\ieuinit.inf [27/10/2017 15:31:59] - [13741] - C:\WINDOWS\System32\MBCfg64.ini [27/10/2017 15:31:59] - [5856] - C:\WINDOWS\System32\MBCfgUninstall64.ini [27/10/2017 16:33:59] - [8761836] - C:\WINDOWS\System32\PerfStringBackup.INI [29/09/2017 15:41:57] - [60124] - C:\WINDOWS\System32\tcpmon.ini [29/09/2017 15:41:41] - [2307] - C:\WINDOWS\System32\WimBootCompress.ini [22/02/2018 15:13:24] - [3329] - C:\WINDOWS\Syswow64\ieuinit.inf [27/10/2017 15:31:59] - [13741] - C:\WINDOWS\Syswow64\MBCfg32.ini [27/10/2017 15:31:59] - [5856] - C:\WINDOWS\Syswow64\MBCfgUninstall32.ini [29/09/2017 15:42:13] - [2307] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [0 Ko] - C:\WINDOWS\AppPatch\Custom\Custom64 [MD5.7079A9ECFCBAB385EF3E74EB03EB962D] - |A| - [11/05/2018 18:26:41] - (.-.) - [44.16 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CLEMENT-20180511-1826.log [MD5.B38CC7FD922CF3B30EF372982051592C] - |A| - [11/05/2018 18:29:46] - (.-.) - [15.58 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CLEMENT-20180511-1829.log [MD5.DD8FBE4714B22A1190CF789041EEC9E5] - |A| - [11/05/2018 18:29:46] - (.-.) - [7.32 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CLEMENT-20180511-1829a.log [MD5.0BFC2B9C106FEADE9F59EC79B40E0A3C] - |A| - [11/05/2018 18:31:45] - (.-.) - [16.03 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CLEMENT-20180511-1831.log [MD5.9D2248B6FB96BA8E487B6667ABE1B194] - |A| - [11/05/2018 18:52:53] - (.-.) - [35.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CLEMENT-20180511-1852.log [MD5.EDD68D7CE5C959C6D7AC329BA0910E17] - |A| - [11/05/2018 18:57:57] - (.-.) - [16.03 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CLEMENT-20180511-1857.log [MD5.9D038EBF67B38A3E0C1D4F4209A405B5] - |A| - [11/05/2018 19:02:26] - (.-.) - [84.38 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CLEMENT-20180511-1902.log [MD5.10C27B47F3673E5202FE9B4DA7187ED6] - |A| - [11/05/2018 19:07:30] - (.-.) - [16.03 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CLEMENT-20180511-1907.log [MD5.1A94808CB4F35A6054F300E8EEDD9732] - |A| - [11/05/2018 19:24:36] - (.-.) - [28.04 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CLEMENT-20180511-1924.log [MD5.9E009C922EB10D15230C82A674167227] - |A| - [11/05/2018 19:29:41] - (.-.) - [9.05 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CLEMENT-20180511-1929.log [MD5.9EFA4B645E90FF4E4BA231C636867D51] - |A| - [11/05/2018 19:45:12] - (.-.) - [25.05 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CLEMENT-20180511-1945.log [MD5.FEEC7D3247FAA5BB2A66CEEBC129AA22] - |A| - [11/05/2018 19:45:47] - (.-.) - [16.31 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CLEMENT-20180511-1945a.log [MD5.9F7FC695EA302867A79C1FE1480C5A33] - |A| - [11/05/2018 19:50:51] - (.-.) - [9.1 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CLEMENT-20180511-1950.log [MD5.76B33B15D998E0490F15F7D76E8752E4] - |A| - [11/05/2018 20:00:11] - (.-.) - [32.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CLEMENT-20180511-2000.log [MD5.FFF8250F224D4345F1F1A6707F26E96B] - |A| - [11/05/2018 20:08:18] - (.-.) - [8.72 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CLEMENT-20180511-2008.log [MD5.DD83967E5423DD7B26B5DB9F5B8F7AFB] - |A| - [11/05/2018 22:42:08] - (.-.) - [10.29 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CLEMENT-20180511-2242.log [MD5.4522314B2065CB154CA4DA8041AE80D7] - |A| - [11/05/2018 22:47:12] - (.-.) - [9.09 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CLEMENT-20180511-2247.log [MD5.C4FCA4B043CE634B42B9660E72480F61] - |A| - [11/05/2018 18:30:29] - (.-.) - [18.3 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\dd_setup_20180511183029.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [11/05/2018 18:30:29] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\dd_setup_20180511183029_errors.log [MD5.AAC96DCAD38E55BB49F012B7801456EF] - |A| - [11/05/2018 18:30:34] - (.-.) - [1529.58 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\dd_setup_20180511183034.log [MD5.0BF24D55B37EBC0B46BBA6FCA9000251] - |A| - [11/05/2018 18:30:43] - (.-.) - [7.19 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\dd_setup_20180511183034_000_Microsoft.VisualStudio.Product.Enterprise.log [MD5.000DF02F035F782307FF01C10EBED965] - |A| - [11/05/2018 18:30:43] - (.-.) - [26.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\dd_setup_20180511183034_001_Redgate.SQLPrompt.VsPackage.log [MD5.DDB063C34633A536AC76F5D9DB13B747] - |A| - [11/05/2018 18:31:12] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\dd_setup_20180511183034_002_Win10SDK_10.0.15063.UWP.log [MD5.0AC23989340F2AC378169162917BFC6C] - |A| - [11/05/2018 18:32:08] - (.-.) - [72.92 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\dd_setup_20180511183034_003_Redgate.SQLPrompt.VsPackage.log [MD5.B6A011B75CFFAFC94641B806A37BFD71] - |A| - [11/05/2018 18:32:20] - (.-.) - [11.72 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\dd_setup_20180511183034_004_Microsoft.VisualStudio.Product.Enterprise.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [11/05/2018 18:30:34] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\dd_setup_20180511183034_errors.log [MD5.21750D88C17C7C72E7A9F6E24E1EE0D5] - |A| - [11/05/2018 18:32:38] - (.-.) - [17.49 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\dd_setup_20180511183238.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [11/05/2018 18:32:38] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\dd_setup_20180511183238_errors.log [MD5.059BB7B8DCE0A65357C377219C9D2350] - |A| - [11/05/2018 18:32:23] - (.-.) - [245.37 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\dev5338.tmp [MD5.00000000000000000000000000000000] - |D| - [11/05/2018 22:42:08] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_alternativeTrace [MD5.00000000000000000000000000000000] - |D| - [11/05/2018 22:42:08] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_aot [MD5.00000000000000000000000000000000] - |D| - [11/05/2018 22:42:08] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_diag [MD5.00000000000000000000000000000000] - |D| - [11/05/2018 22:42:08] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_miniTrace [MD5.6B3F47B0EADC7E88E97F508488AE870C] - |A| - [11/05/2018 19:45:30] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\FailureReportMetadata_16508.txt [MD5.E19ABC1C002A71027321F72D454B79AF] - |A| - [11/05/2018 19:59:47] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\FailureReportMetadata_19307.txt [MD5.AB22EA6D90FD384422F5B8F4B0E5C15C] - |A| - [11/05/2018 20:22:25] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\FailureReportMetadata_23741.txt [MD5.0136CAA09E9378A107503780C0DB9E6A] - |A| - [11/05/2018 23:24:38] - (.-.) - [16.82 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\f_bc [MD5.7910522D0BC3EA77CB51D93165FD43EC] - |A| - [11/05/2018 23:26:06] - (.-.) - [1.62 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\HiRezUpdateInstallLog.txt [MD5.00000000000000000000000000000000] - |D| - [11/05/2018 20:00:20] - [3.99 Ko] - C:\WINDOWS\Temp\HP [MD5.C7B5A1183C6DE10BC68ADCE15E18C40B] - |A| - [11/05/2018 23:24:38] - (.-.) - [6.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\ibef [MD5.685E4DDA87A084BF29DEAC47697EBC33] - |A| - [11/05/2018 23:24:55] - (.-.) - [0.21 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\ibefa [MD5.F1D3FF8443297732862DF21DC4E57262] - |A| - [11/05/2018 19:35:55] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\iphttps.txt [MD5.CCC0EA46986480868F1A2B49109CBA36] - |A| - [11/05/2018 19:55:51] - (.-.) - [7.76 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpCmdRun.log [MD5.539AF00A01725B1F7CC660016873CA83] - |A| - [11/05/2018 19:57:25] - (.-.) - [8.23 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpSigStub.log [MD5.2EFA84C6DF4622CB7CC591F62C179585] - |A| - [21/02/2018 23:36:12] - (.-.) - [17.48 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\msimb_SCCLog.txt [MD5.00000000000000000000000000000000] - |D| - [11/05/2018 19:24:44] - [0 Ko] - C:\WINDOWS\Temp\OfficeC2R0E7CFBBD-95DF-453D-AB5E-4639E797BB3A [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [11/05/2018 19:24:37] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\officeclicktorun.exe_streamserver(20180511192437EE0).log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [11/05/2018 22:42:08] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\officeclicktorun.exe_streamserver(20180511224208E80).log [MD5.D1B08DF2C39F8FB53B7ACC41AFBB0187] - |A| - [21/02/2018 23:36:11] - (.-.) - [15.37 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\SymCCISDll.txt [MD5.09FCCAD883CC90861C1C08174A091065] - |A| - [11/05/2018 19:35:55] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\teredo.txt [MD5.6523023BD2133B597028F37632C40408] - |A| - [11/05/2018 18:29:53] - (.-.) - [38.4 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXInstaller_5e8c3991-a438-4b3e-b56c-51008b43a4dc.log [MD5.418526F1D823E565A377C0C4EC88E4FA] - |A| - [11/05/2018 18:30:07] - (.-.) - [16827.59 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXjczi2hyb.vsix [MD5.00000000000000000000000000000000] - |D| - [05/12/2017 19:12:43] - [23.17 Ko] - C:\WINDOWS\Temp\VSRemoteControl [MD5.76C71DBFB9FBBA3EDCF33E6DF9CC14AA] - |A| - [11/05/2018 18:49:59] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\WER6F3E.tmp.WERDataCollectionStatus.txt [MD5.00000000000000000000000000000000] - |D| - [28/03/2018 19:39:41] - [130.55 Ko] - C:\WINDOWS\Temp\windowssdk [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:39:55] - [0 Ko] - C:\WINDOWS\System32\0409 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:54] - [105.7 Ko] - C:\WINDOWS\System32\1028 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:54] - [110.2 Ko] - C:\WINDOWS\System32\1029 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:54] - [111.2 Ko] - C:\WINDOWS\System32\1031 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:54] - [438.39 Ko] - C:\WINDOWS\System32\1033 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:54] - [477.5 Ko] - C:\WINDOWS\System32\1036 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:54] - [110.7 Ko] - C:\WINDOWS\System32\1040 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:54] - [107.7 Ko] - C:\WINDOWS\System32\1041 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:54] - [107.2 Ko] - C:\WINDOWS\System32\1042 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:54] - [111.7 Ko] - C:\WINDOWS\System32\1045 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:54] - [110.7 Ko] - C:\WINDOWS\System32\1046 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:54] - [110.7 Ko] - C:\WINDOWS\System32\1049 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:54] - [110.7 Ko] - C:\WINDOWS\System32\1055 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:54] - [105.2 Ko] - C:\WINDOWS\System32\2052 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:54] - [110.7 Ko] - C:\WINDOWS\System32\3082 [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [29/09/2017 15:41:41] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [29/09/2017 15:41:27] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@BackgroundAccessToastIcon.png [MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [29/09/2017 15:41:47] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@bitlockertoastimage.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [29/09/2017 15:41:33] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@EnrollmentToastIcon.png [MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [29/09/2017 15:41:50] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@language_notification_icon.png [MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [29/09/2017 15:41:56] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@optionalfeatures.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [29/09/2017 15:41:58] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@VpnToastIcon.png [MD5.7AC3EA1A5175106ED6467FF0C5315541] - |A| - [29/09/2017 15:42:07] - (.-.) - [14.75 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WiFiNotificationIcon.png [MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [29/09/2017 15:41:33] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsHelloFaceToastIcon.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [29/09/2017 15:41:12] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-black.png [MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [29/09/2017 15:41:12] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-white.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [29/09/2017 15:41:12] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [29/09/2017 15:41:41] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WirelessDisplayToast.png [MD5.D0FCF781D0801ABF5F74B54E98076A5B] - |A| - [29/09/2017 15:41:31] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanNotificationIcon.png [MD5.85D91E478AF18125007C531227FF6E59] - |A| - [29/09/2017 15:41:31] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanSimLockIcon.png [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 10:45:14] - [2985.4 Ko] - C:\WINDOWS\System32\AdvancedInstallers [MD5.394D95C9903DDA40F2A3B469A4E4D602] - |A| - [27/10/2017 15:31:58] - (.-.) - [357.5 Ko] - (1.0.340.0) - C:\WINDOWS\System32\APOMgr64.DLL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [0 Ko] - C:\WINDOWS\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [09/11/2017 11:39:17] - [0 Ko] - C:\WINDOWS\System32\appmgmt [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [2524.88 Ko] - C:\WINDOWS\System32\appraiser [MD5.00000000000000000000000000000000] - |SD| - [30/09/2017 16:41:52] - [287.58 Ko] - C:\WINDOWS\System32\AppV [MD5.6CBD4E2DCE4577A476EA4860AE1B567D] - |A| - [28/09/2017 16:49:46] - (.-.) - [637.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\appverif.chm [MD5.1EFDE9856C34F297ED57407030C331A5] - |A| - [12/06/2017 22:55:32] - (.-.) - [126.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\appverifUI.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [299 Ko] - C:\WINDOWS\System32\ar-SA [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [30.5 Ko] - C:\WINDOWS\System32\as-IN [MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [29/09/2017 15:41:25] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AverageRoom.bin [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [30 Ko] - C:\WINDOWS\System32\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [29.5 Ko] - C:\WINDOWS\System32\be-BY [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [287 Ko] - C:\WINDOWS\System32\bg-BG [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [28.5 Ko] - C:\WINDOWS\System32\bn-BD [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [29.5 Ko] - C:\WINDOWS\System32\bn-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [4638.66 Ko] - C:\WINDOWS\System32\Boot [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [28.5 Ko] - C:\WINDOWS\System32\bs-Latn-BA [MD5.5712256A8FAB555CC50AEAC2A899A17A] - |A| - [29/09/2017 15:41:41] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [180.5 Ko] - (1.0.0.1) - C:\WINDOWS\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [0.1 Ko] - C:\WINDOWS\System32\Bthprops [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [30.5 Ko] - C:\WINDOWS\System32\ca-ES [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [31 Ko] - C:\WINDOWS\System32\ca-ES-valencia [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 10:45:11] - [116496.41 Ko] - C:\WINDOWS\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [39874.3 Ko] - C:\WINDOWS\System32\catroot2 [MD5.C507DAFEEA42E4568CFA32DC0DDF64F0] - |A| - [27/10/2017 15:31:59] - (.Copyright (c) 2011 Creative Technology Ltd. - Creative Host SoundCore Module.) - [366.63 Ko] - (1.0.7.0) - C:\WINDOWS\System32\ChezSC64.DLL [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [23 Ko] - C:\WINDOWS\System32\chr-CHER-US [MD5.BAB0E8D890110BE248F4F9F995EF4B8B] - |A| - [27/10/2017 15:31:58] - (.-.) - [87.5 Ko] - (1.0.64.0) - C:\WINDOWS\System32\CmdRtr64.DLL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [3547.1 Ko] - C:\WINDOWS\System32\CodeIntegrity [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [358 Ko] - C:\WINDOWS\System32\com [MD5.6E14F444A2506049EEC25CB5EDFE0905] - |A| - [29/10/2017 23:21:40] - (.2013 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [110.91 Ko] - (1.0.0.4) - C:\WINDOWS\System32\CONEQMSAPOGUILibrary.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 10:45:11] - [589872.8 Ko] - C:\WINDOWS\System32\config [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 15:46:33] - [53.11 Ko] - C:\WINDOWS\System32\Configuration [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [350.5 Ko] - C:\WINDOWS\System32\cs-CZ [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [31.5 Ko] - C:\WINDOWS\System32\cy-GB [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [346.5 Ko] - C:\WINDOWS\System32\da-DK [MD5.A45B720B90F84A68AECB6E305C17B126] - |A| - [28/04/2018 12:21:07] - (.-.) - [83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DataStoreCacheDumpTool.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [203.41 Ko] - C:\WINDOWS\System32\DDFs [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [391 Ko] - C:\WINDOWS\System32\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [29/09/2017 15:41:26] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultAccountTile.png [MD5.618BA9E529EAB7E11DBA43469481835F] - |A| - [29/09/2017 15:41:25] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [29/09/2017 15:46:41] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultQuestions.json [MD5.81271FF2F081F4BA71BCC802A3AD3E26] - |A| - [14/03/2018 22:41:06] - (.-.) - [0.01 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DELETE [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 15:46:33] - [865 Ko] - C:\WINDOWS\System32\DiagSvcs [MD5.5FF3FA1BFBB0CD05534F650EA27A6651] - |A| - [29/09/2017 15:41:45] - (.-.) - [90.75 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 10:45:13] - [8762.32 Ko] - C:\WINDOWS\System32\Dism [MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [29/09/2017 15:41:25] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicLong.bin [MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [29/09/2017 15:41:25] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicMedium.bin [MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [29/09/2017 15:41:25] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicShort.bin [MD5.4D1B8C9983D257EE86B6CC57C639E8E5] - |A| - [29/09/2017 15:41:12] - (.-.) - [3.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\edgehtmlpluginpolicy.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [386.5 Ko] - C:\WINDOWS\System32\el-GR [MD5.98A4BC705962BD01039D6E50734458E8] - |A| - [27/10/2017 16:30:00] - (.-.) - [22.57 Ko] - (0.0.0.0) - C:\WINDOWS\System32\emptyregdb.dat [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:39:55] - [0 Ko] - C:\WINDOWS\System32\en [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [358.63 Ko] - C:\WINDOWS\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [2175.5 Ko] - C:\WINDOWS\System32\en-US [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [376.5 Ko] - C:\WINDOWS\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [298.5 Ko] - C:\WINDOWS\System32\es-MX [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [266.5 Ko] - C:\WINDOWS\System32\et-EE [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [29 Ko] - C:\WINDOWS\System32\eu-ES [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 15:46:33] - [28352.16 Ko] - C:\WINDOWS\System32\F12 [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [28.5 Ko] - C:\WINDOWS\System32\fa-IR [MD5.4C3F9C29272215D7C6D07D03BC30E877] - |A| - [21/11/2017 23:13:31] - (.-.) - [953 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FaceProcessor.dll [MD5.9100FDF61D7977FD2C2E1D62589171DC] - |A| - [21/11/2017 23:13:29] - (.-.) - [263.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FaceProcessorCore.dll [MD5.812CDFD967D2E82A3D24FCAA5784749D] - |A| - [29/09/2017 15:41:33] - (.-.) - [1325.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FaceTrackerInternal.dll [MD5.E65D2A37B6D4445D0CD9234BA933475B] - |A| - [22/02/2018 15:13:30] - (.-.) - [72.96 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastHeroImg.jpg [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [350.5 Ko] - C:\WINDOWS\System32\fi-FI [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [32.5 Ko] - C:\WINDOWS\System32\fil-PH [MD5.1195C9BA79397CD051EABF07DD081F0F] - |A| - [06/11/2017 19:03:33] - (.TODO: (c) . ?????,???????? - TODO: .) - [30.78 Ko] - (1.0.0.1) - C:\WINDOWS\System32\FintekIcon1.dll [MD5.86177A958F4B9AD449C1EC7569DE2193] - |A| - [01/10/2012 21:35:42] - (.- Microsoft® Forms DLL.) - [1555.13 Ko] - (15.0.4420.1017) - C:\WINDOWS\System32\FM20.DLL [MD5.E44C360B261B0C35F175370F20D5DDCD] - |A| - [01/10/2012 21:38:12] - (.- Microsoft® Forms International DLL.) - [31.14 Ko] - (15.0.4420.1017) - C:\WINDOWS\System32\FM20ENU.DLL [MD5.2A7D873D71572E1EF6D0552BABC1B03E] - |A| - [01/10/2012 22:04:00] - (.- Microsoft® Forms International DLL.) - [35.16 Ko] - (15.0.4420.1017) - C:\WINDOWS\System32\FM20FRA.DLL [MD5.9F3426D6B535437A5728E5008E86B0E8] - |A| - [27/10/2017 16:26:40] - (.-.) - [394.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:39:56] - [3490 Ko] - C:\WINDOWS\System32\fr [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [306.5 Ko] - C:\WINDOWS\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [46708.47 Ko] - C:\WINDOWS\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [0 Ko] - C:\WINDOWS\System32\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [32.5 Ko] - C:\WINDOWS\System32\ga-IE [MD5.D07F2281427BD098356EE74B6CB26B86] - |A| - [29/09/2017 15:42:03] - (.-.) - [89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\gatherNetworkInfo.vbs [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [34 Ko] - C:\WINDOWS\System32\gd-GB [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [31 Ko] - C:\WINDOWS\System32\gl-ES [MD5.00000000000000000000000000000000] - |HD| - [18/03/2017 23:03:29] - [1.07 Ko] - C:\WINDOWS\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [18/03/2017 23:03:29] - [0 Ko] - C:\WINDOWS\System32\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [29 Ko] - C:\WINDOWS\System32\gu-IN [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [29 Ko] - C:\WINDOWS\System32\ha-Latn-NG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [284 Ko] - C:\WINDOWS\System32\he-IL [MD5.4CD16A9C15397E1FAD5F19E35A13BE58] - |A| - [29/09/2017 15:41:27] - (.-.) - [215.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [29 Ko] - C:\WINDOWS\System32\hi-IN [MD5.8BDAC9F5BB4784520E285F3786ECA8EB] - |A| - [27/03/2017 05:52:26] - (.© 2015 HPDC LP - DeviceCoInstaller.) - [320.63 Ko] - (40.11.1108.1741) - C:\WINDOWS\System32\hpinkcoiD711.dll [MD5.9AB98E5DE9A91DC666BA364197CA7218] - |A| - [27/03/2017 05:52:26] - (.© 2015 HPDC LP - hpinkins.exe.) - [2883.63 Ko] - (40.11.1108.1741) - C:\WINDOWS\System32\hpinkinsD711.exe [MD5.44EAFF07BB1321E0D0A0B2F14AB35884] - |A| - [27/03/2017 05:52:28] - (.© 2015 HPDC LP - Print Status Language Monitor.) - [384.13 Ko] - (40.11.1108.1741) - C:\WINDOWS\System32\hpinkstsD711LM.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [278 Ko] - C:\WINDOWS\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [357.5 Ko] - C:\WINDOWS\System32\hu-HU [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [27.5 Ko] - C:\WINDOWS\System32\hy-AM [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:41:52] - [124.21 Ko] - C:\WINDOWS\System32\hydrogen [MD5.A565537F1580872AE5B95D0CA457D780] - |A| - [29/09/2017 15:41:23] - (.-.) - [44.4 Ko] - (0.0.0.0) - C:\WINDOWS\System32\hypervisor.mof [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [5.36 Ko] - C:\WINDOWS\System32\ias [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [36.27 Ko] - C:\WINDOWS\System32\icsxml [MD5.FC7A71725A4887AD88FB4A0B764FFBF4] - |RA| - [29/09/2017 15:41:30] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1856 Ko] - (59.1.0.0) - C:\WINDOWS\System32\icuin.dll [MD5.FB96578635DB1CFC08871A599539349E] - |RA| - [29/09/2017 15:41:30] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1309.5 Ko] - (59.1.0.0) - C:\WINDOWS\System32\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [28.5 Ko] - C:\WINDOWS\System32\id-ID [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [27 Ko] - C:\WINDOWS\System32\ig-NG [MD5.19C3C8394B1A8EBE7CF61A8C0221C024] - |A| - [29/09/2017 15:41:25] - (.-.) - [168.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\IHDS.dll [MD5.2D3964203B7B958E2936AD178D930A70] - |A| - [11/05/2018 19:35:28] - (.-.) - [192 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Ikeext.etl [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [24877.17 Ko] - C:\WINDOWS\System32\IME [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [0 Ko] - C:\WINDOWS\System32\inetsrv [MD5.B98C0E77C3C1034303C20843DE05455E] - |A| - [29/09/2017 15:41:31] - (.-.) - [180.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [6389.5 Ko] - C:\WINDOWS\System32\InputMethod [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [0 Ko] - C:\WINDOWS\System32\Ipmi [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [29 Ko] - C:\WINDOWS\System32\is-IS [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [376 Ko] - C:\WINDOWS\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [274.91 Ko] - C:\WINDOWS\System32\ja-jp [MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [29/09/2017 15:41:25] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LargeRoom.bin [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [33 Ko] - C:\WINDOWS\System32\lb-LU [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [212.14 Ko] - C:\WINDOWS\System32\Licenses [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [27 Ko] - C:\WINDOWS\System32\lo-LA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [981.32 Ko] - C:\WINDOWS\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [274.5 Ko] - C:\WINDOWS\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [276 Ko] - C:\WINDOWS\System32\lv-LV [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [30012.97 Ko] - C:\WINDOWS\System32\Macromed [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [32.68 Ko] - C:\WINDOWS\System32\MailContactsCalendarSync [MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [29/09/2017 15:43:12] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\WINDOWS\System32\manage-bde.wsf [MD5.75616F8DB5C092A8A50AFEC273859DD7] - |A| - [29/10/2017 23:22:11] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [311.34 Ko] - (2.2.9.0) - C:\WINDOWS\System32\MaxxAudioAPO20.dll [MD5.E93ADE8C38CA41442FE60E844DED92AC] - |A| - [29/10/2017 23:22:16] - (.Copyright © 1996-2014 -.) - [1993.59 Ko] - (4.1.1.0) - C:\WINDOWS\System32\MaxxAudioEQ64.dll [MD5.58109AD53D7A19375F1E4171807D222D] - |A| - [29/10/2017 23:22:07] - (.Copyright (c) 2006-2013 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [1953.75 Ko] - (1.2.16.74) - C:\WINDOWS\System32\MBAPO264.dll [MD5.01409C36EAE864B98A5F3B4DA6E20F0E] - |A| - [27/10/2017 15:31:59] - (.Copyright (C) 2014 -.) - [40.13 Ko] - (1.21.0.0) - C:\WINDOWS\System32\MBCfg64.dll [MD5.F55DC8BFC0B4EEBA996FA297817CC682] - |A| - [27/10/2017 15:31:59] - (.Copyright (c) 2009 Creative Technology Ltd. -.) - [144.63 Ko] - (0.0.0.6) - C:\WINDOWS\System32\MBCfg64.exe [MD5.32B2157AB3B90F7AB725C10037515894] - |A| - [27/10/2017 15:31:59] - (.-.) - [13.42 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MBCfg64.ini [MD5.222FAD09ACEA780623E9E8364EFDB6B8] - |A| - [27/10/2017 15:31:59] - (.-.) - [5.72 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MBCfgUninstall64.ini [MD5.B209D959831AEF092817ECF8756F71B3] - |A| - [29/09/2017 15:41:58] - (.-.) - [776 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MBR2GPT.EXE [MD5.36544621023139B4604460CC81113543] - |A| - [29/10/2017 23:22:10] - (.Copyright (c) 2006-2010 Creative Technology Ltd. - Audio Processing Object Chaining Module.) - [388.27 Ko] - (1.0.0.270) - C:\WINDOWS\System32\MBWrp64.dll [MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [29/09/2017 15:41:25] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediumRoom.bin [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [29 Ko] - C:\WINDOWS\System32\mi-NZ [MD5.00000000000000000000000000000000] - |D| - [27/10/2017 17:24:08] - [1107.7 Ko] - C:\WINDOWS\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [6817.36 Ko] - C:\WINDOWS\System32\migration [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:33] - [47086.6 Ko] - C:\WINDOWS\System32\migwiz [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [30 Ko] - C:\WINDOWS\System32\mk-MK [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [32.5 Ko] - C:\WINDOWS\System32\ml-IN [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [30.5 Ko] - C:\WINDOWS\System32\mn-MN [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [29.5 Ko] - C:\WINDOWS\System32\mr-IN [MD5.00000000000000000000000000000000] - |D| - [27/10/2017 11:37:01] - [0 Ko] - C:\WINDOWS\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [30 Ko] - C:\WINDOWS\System32\ms-MY [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [45.5 Ko] - C:\WINDOWS\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [5460.28 Ko] - C:\WINDOWS\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [31 Ko] - C:\WINDOWS\System32\mt-MT [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [19.15 Ko] - C:\WINDOWS\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [338.5 Ko] - C:\WINDOWS\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [0 Ko] - C:\WINDOWS\System32\NDF [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [31.5 Ko] - C:\WINDOWS\System32\ne-NP [MD5.5B9FA5B03D1CC9C04A24FF079BBDCDD4] - |A| - [27/10/2017 16:26:41] - (.-.) - [15.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetSetupMig.log [MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [29/09/2017 15:42:03] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [51 Ko] - C:\WINDOWS\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [364 Ko] - C:\WINDOWS\System32\nl-NL [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [28.5 Ko] - C:\WINDOWS\System32\nn-NO [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [30.5 Ko] - C:\WINDOWS\System32\nso-ZA [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 15:46:34] - [3781.5 Ko] - C:\WINDOWS\System32\Nui [MD5.BFA86C6F9F8DF9FEBCE6C5B945965DFF] - |A| - [27/10/2017 11:33:48] - (.-.) - [7981.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvcoproc.bin [MD5.2B9E8F6FB38DB33A8927C2D3EB78E992] - |A| - [09/10/2017 10:47:56] - (.-.) - [43.24 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvinfo.pb [MD5.5D4A5E27D573738E0C8C8FF4C0715DAF] - |A| - [29/09/2017 15:46:43] - (.-.) - [17.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OEMDefaultAssociations.xml [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [29/09/2017 15:41:12] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-black.png [MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [29/09/2017 15:41:12] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-white.png [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [29/09/2017 15:41:12] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.png [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [13355.83 Ko] - C:\WINDOWS\System32\oobe [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [32.5 Ko] - C:\WINDOWS\System32\or-IN [MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [29/09/2017 15:41:25] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OutdoorAudioEnvironment.bin [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [28.5 Ko] - C:\WINDOWS\System32\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [30 Ko] - C:\WINDOWS\System32\pa-IN [MD5.69C0F218761395324DD0A17E17170779] - |A| - [29/09/2017 15:48:30] - (.-.) - [1081.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc009.dat [MD5.3290F56C3A835041B0325B2397128741] - |A| - [30/09/2017 16:39:59] - (.-.) - [1229.63 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc00C.dat [MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [29/09/2017 15:48:30] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd009.dat [MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [30/09/2017 16:39:59] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd00C.dat [MD5.79284F7A438612134D2F76607BF58623] - |A| - [29/09/2017 15:48:30] - (.-.) - [1731.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh009.dat [MD5.1B7BE92BE3DC9E34C3E068BAD4D792ED] - |A| - [30/09/2017 16:39:59] - (.-.) - [4362.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh00C.dat [MD5.B64569C827EEE9939C04488342BE1FAF] - |A| - [27/10/2017 16:33:59] - (.-.) - [8556.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [363 Ko] - C:\WINDOWS\System32\pl-PL [MD5.CD421DDB5C6E5458CE52EDC36DE7DC5B] - |A| - [15/11/2017 23:47:55] - (.-.) - [74.37 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PnkBstrA.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [673 Ko] - C:\WINDOWS\System32\PointOfService [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:39:56] - [420.42 Ko] - C:\WINDOWS\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [0 Ko] - C:\WINDOWS\System32\ProximityToast [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [30.5 Ko] - C:\WINDOWS\System32\prs-AF [MD5.007893E8374C766471239EB291BA8C17] - |A| - [29/09/2017 15:42:04] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [364.5 Ko] - C:\WINDOWS\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [359.5 Ko] - C:\WINDOWS\System32\pt-PT [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [32.5 Ko] - C:\WINDOWS\System32\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [30.5 Ko] - C:\WINDOWS\System32\quz-PE [MD5.3C907D5DC3AAA611A5B6C3C779462033] - |A| - [12/01/2018 15:27:18] - (.Copyright (C) Qualitative Software [QSoft] - RAMDisk Installer / Propertypage (x64).) - [87.5 Ko] - (5.3.2.15) - C:\WINDOWS\System32\RAMDriv.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [23.75 Ko] - C:\WINDOWS\System32\ras [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [0 Ko] - C:\WINDOWS\System32\RasToast [MD5.A25B7B080B9743F1CC1E176C0F4F550A] - |A| - [29/09/2017 15:42:37] - (.Copyright (C) 2009 - RemoteFX Helper.) - [104.5 Ko] - (1.1.0.0) - C:\WINDOWS\System32\RDVGHelper.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [2.13 Ko] - C:\WINDOWS\System32\Recovery [MD5.692DC6EF573FFCDD9DFB55D1C783DB93] - |A| - [29/09/2017 15:41:23] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\removehypervisor.mof [MD5.E17EAD4E09FB96BD6DB717CB605B17F1] - |A| - [29/09/2017 15:42:06] - (.-.) - [8.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageList [MD5.8286304CD9A20E2A4621D931F1CEF5CB] - |A| - [29/09/2017 15:42:06] - (.-.) - [8.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageList [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [29/09/2017 15:41:12] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-black.png [MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [29/09/2017 15:41:12] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-white.png [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [29/09/2017 15:41:12] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.png [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [0.07 Ko] - C:\WINDOWS\System32\restore [MD5.E9D4A333DF15D06C68AC4BFB9B6581CB] - |A| - [29/10/2017 23:22:47] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DAA64.dll [MD5.B6FE01558CC03F3866C9AD0ED19261D8] - |A| - [29/10/2017 23:22:47] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DHT64.dll [MD5.A6286A6C7A1BBFCBA17AA54384A21D1C] - |A| - [29/10/2017 23:22:49] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [199.34 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEED64A.dll [MD5.6F4CD493196100EEF349D7132CECAFD9] - |A| - [29/10/2017 23:22:49] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [76.84 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEG64A.dll [MD5.ECAEC5FBBBEF8612AF0A866AFA5F7EF2] - |A| - [29/10/2017 23:22:49] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [98.84 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEL64A.dll [MD5.D0D0D82B7366E691275E433CD34F89B2] - |A| - [29/10/2017 23:22:49] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [366.34 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEP64A.dll [MD5.F0908588473B8D92BD62D6C99C3739BB] - |A| - [28/04/2018 12:21:26] - (.-.) - [96 Ko] - (0.0.0.0) - C:\WINDOWS\System32\runexehelper.exe [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [29.5 Ko] - C:\WINDOWS\System32\rw-RW [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [29/09/2017 15:43:11] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScavengeSpace.xml [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [29/09/2017 15:41:12] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-black.png [MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [29/09/2017 15:41:12] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-white.png [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [29/09/2017 15:41:12] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.png [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [30 Ko] - C:\WINDOWS\System32\sd-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [6.92 Ko] - C:\WINDOWS\System32\SecureBootUpdates [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [29/09/2017 15:42:04] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\settings.dat [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [29.5 Ko] - C:\WINDOWS\System32\si-LK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [283 Ko] - C:\WINDOWS\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [279.5 Ko] - C:\WINDOWS\System32\sl-SI [MD5.00000000000000000000000000000000] - |D| - [27/10/2017 16:26:40] - [55395.16 Ko] - C:\WINDOWS\System32\SleepStudy [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:39:56] - [52.14 Ko] - C:\WINDOWS\System32\slmgr [MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [29/09/2017 15:41:25] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 10:45:11] - [13377.02 Ko] - C:\WINDOWS\System32\SMI [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [29/09/2017 15:41:12] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-black.png [MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [29/09/2017 15:41:12] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-white.png [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [29/09/2017 15:41:12] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.png [MD5.8D30AAF519A40D69F6BABFFD60C75E56] - |A| - [15/03/2018 19:26:28] - (.-.) - [37 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpectrumSyncClient.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [7568.9 Ko] - C:\WINDOWS\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [13443.71 Ko] - C:\WINDOWS\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [68838.83 Ko] - C:\WINDOWS\System32\spool [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [29739.7 Ko] - C:\WINDOWS\System32\spp [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [23.61 Ko] - C:\WINDOWS\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [30.5 Ko] - C:\WINDOWS\System32\sq-AL [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [29.5 Ko] - C:\WINDOWS\System32\sr-Cyrl-BA [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [29.5 Ko] - C:\WINDOWS\System32\sr-Cyrl-RS [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [282 Ko] - C:\WINDOWS\System32\sr-Latn-RS [MD5.B461D2CE1D93ADAB10E0E5495A06E403] - |A| - [29/09/2017 15:42:07] - (.-.) - [16.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms-apr.dat [MD5.047BCF71FB0E5EC754437879E8DAA7F6] - |A| - [29/09/2017 15:42:00] - (.-.) - [56.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms.dat [MD5.A88BE9A6C4E646A2B2A1BD3A7F4B58E7] - |A| - [29/10/2017 23:23:01] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [194.23 Ko] - (1.1.0.0) - C:\WINDOWS\System32\SRSHP64.dll [MD5.A028717B791416182959B325D5B40679] - |A| - [29/10/2017 23:23:01] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [206.23 Ko] - (1.1.4.0) - C:\WINDOWS\System32\SRSTSH64.dll [MD5.018D3D2478754AA411DE6DA6DE5F8F21] - |A| - [29/10/2017 23:23:02] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [506.73 Ko] - (3.2.0.0) - C:\WINDOWS\System32\SRSTSX64.dll [MD5.2FCADCC14F8E540F6ADE4BF92BD8AEDD] - |A| - [29/10/2017 23:23:02] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [152.23 Ko] - (1.1.3.0) - C:\WINDOWS\System32\SRSWOW64.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [18648 Ko] - C:\WINDOWS\System32\sru [MD5.1BA92CDCF58B0D7D298CC09799B4D431] - |A| - [29/09/2017 15:41:25] - (.-.) - [410 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ssdm.dll [MD5.81271FF2F081F4BA71BCC802A3AD3E26] - |A| - [14/03/2018 22:27:08] - (.-.) - [0.01 Ko] - (0.0.0.0) - C:\WINDOWS\System32\start [MD5.81271FF2F081F4BA71BCC802A3AD3E26] - |A| - [14/03/2018 22:21:50] - (.-.) - [0.01 Ko] - (0.0.0.0) - C:\WINDOWS\System32\stop [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [345.5 Ko] - C:\WINDOWS\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [29 Ko] - C:\WINDOWS\System32\sw-KE [MD5.20C4FE2B130D9F0C92D7629E71AFBB66] - |A| - [29/09/2017 15:42:35] - (.-.) - [1.68 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SyncAppvPublishingServer.vbs [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 10:45:13] - [1267.52 Ko] - C:\WINDOWS\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [907.28 Ko] - C:\WINDOWS\System32\SystemResetPlatform [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [34 Ko] - C:\WINDOWS\System32\ta-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [607.14 Ko] - C:\WINDOWS\System32\Tasks [MD5.00000000000000000000000000000000] - |D| - [18/03/2017 23:03:29] - [516.83 Ko] - C:\WINDOWS\System32\Tasks_Migrated [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [29/09/2017 15:41:57] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [30 Ko] - C:\WINDOWS\System32\te-IN [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:56] - [32 Ko] - C:\WINDOWS\System32\tg-Cyrl-TJ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [260 Ko] - C:\WINDOWS\System32\th-TH [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [22.5 Ko] - C:\WINDOWS\System32\ti-ET [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [27.5 Ko] - C:\WINDOWS\System32\tk-TM [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [32.5 Ko] - C:\WINDOWS\System32\tn-ZA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [340.5 Ko] - C:\WINDOWS\System32\tr-TR [MD5.B88B8D017386A00D7724519F475317A0] - |A| - [29/09/2017 15:42:07] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [29/09/2017 15:42:07] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlanCredentials.xslt [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [28.5 Ko] - C:\WINDOWS\System32\tt-RU [MD5.D200497DD3A24F138123F0EB6C385D1D] - |A| - [29/09/2017 15:42:35] - (.-.) - [0.14 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UevAppMonitor.exe.config [MD5.4AAEE8D86EC81DA2A1514ABC77E71F57] - |A| - [29/09/2017 15:42:35] - (.-.) - [3.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UevCustomActionTypes.tlb [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [28 Ko] - C:\WINDOWS\System32\ug-CN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [277.5 Ko] - C:\WINDOWS\System32\uk-UA [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 15:46:34] - [2739.52 Ko] - C:\WINDOWS\System32\UNP [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [29.5 Ko] - C:\WINDOWS\System32\ur-PK [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [32 Ko] - C:\WINDOWS\System32\uz-Latn-UZ [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [31.5 Ko] - C:\WINDOWS\System32\vi-VN [MD5.5BBC56240C406AC2615AEDA365DBE115] - |A| - [02/03/2018 04:03:42] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [937.8 Ko] - (1.1.70.0) - C:\WINDOWS\System32\vulkan-1-1-1-70-0.dll [MD5.5BBC56240C406AC2615AEDA365DBE115] - |A| - [11/05/2018 18:50:25] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [937.8 Ko] - (1.1.70.0) - C:\WINDOWS\System32\vulkan-1.dll [MD5.4E08923AD6265C8E319EC93DCF68AD3C] - |A| - [02/03/2018 04:03:32] - (.-.) - [667.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo-1-1-1-70-0.exe [MD5.4E08923AD6265C8E319EC93DCF68AD3C] - |A| - [11/05/2018 18:50:25] - (.-.) - [667.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [91145.59 Ko] - C:\WINDOWS\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:39:56] - [0 Ko] - C:\WINDOWS\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [119369.43 Ko] - C:\WINDOWS\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [29/09/2017 15:41:40] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [1.12 Ko] - C:\WINDOWS\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [80245.93 Ko] - C:\WINDOWS\System32\WinBioPlugIns [MD5.D6AAE667B357DF5A36E5B241A20934EE] - |A| - [29/10/2017 18:01:02] - (.Copyright © 2018 - Java(TM) Platform SE binary.) - [141.94 Ko] - (10.0.0.0) - C:\WINDOWS\System32\WindowsAccessBridge-64.dll [MD5.1E38A547C9380DAB0F0692E1EE9CC5B3] - |A| - [29/09/2017 15:41:27] - (.-.) - [102.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [10641.45 Ko] - C:\WINDOWS\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [161792 Ko] - C:\WINDOWS\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [5286.48 Ko] - C:\WINDOWS\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:39:56] - [107.53 Ko] - C:\WINDOWS\System32\winrm [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [27.5 Ko] - C:\WINDOWS\System32\wo-SN [MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [29/09/2017 15:42:07] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcmon.png [MD5.D224E07A6F89FD14C3FD8A83127811CC] - |A| - [29/09/2017 15:41:43] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpr.config.xml [MD5.200BCDE9B44C32B1633B68A9AADA8AAA] - |A| - [29/09/2017 15:41:25] - (.-.) - [78 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [30 Ko] - C:\WINDOWS\System32\xh-ZA [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [29 Ko] - C:\WINDOWS\System32\yo-NG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [263.54 Ko] - C:\WINDOWS\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [229 Ko] - C:\WINDOWS\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [30 Ko] - C:\WINDOWS\System32\zu-ZA [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:39:57] - [0 Ko] - C:\WINDOWS\SysWOW64\0409 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:53] - [99.2 Ko] - C:\WINDOWS\SysWOW64\1028 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:53] - [110.7 Ko] - C:\WINDOWS\SysWOW64\1029 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:53] - [112.2 Ko] - C:\WINDOWS\SysWOW64\1031 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:53] - [437.89 Ko] - C:\WINDOWS\SysWOW64\1033 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:53] - [480 Ko] - C:\WINDOWS\SysWOW64\1036 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:53] - [112.2 Ko] - C:\WINDOWS\SysWOW64\1040 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:53] - [103.2 Ko] - C:\WINDOWS\SysWOW64\1041 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:53] - [101.7 Ko] - C:\WINDOWS\SysWOW64\1042 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:53] - [113.7 Ko] - C:\WINDOWS\SysWOW64\1045 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:53] - [112.2 Ko] - C:\WINDOWS\SysWOW64\1046 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:53] - [112.2 Ko] - C:\WINDOWS\SysWOW64\1049 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:53] - [111.2 Ko] - C:\WINDOWS\SysWOW64\1055 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:53] - [98.05 Ko] - C:\WINDOWS\SysWOW64\2052 [MD5.00000000000000000000000000000000] - |D| - [30/11/2017 20:14:53] - [113.2 Ko] - C:\WINDOWS\SysWOW64\3082 [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [29/09/2017 15:42:13] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [29/09/2017 15:42:11] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [29/09/2017 15:42:24] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@VpnToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [29/09/2017 15:42:13] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@WirelessDisplayToast.png [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 10:45:15] - [2001.4 Ko] - C:\WINDOWS\SysWOW64\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [29.5 Ko] - C:\WINDOWS\SysWOW64\af-ZA [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [22 Ko] - C:\WINDOWS\SysWOW64\am-ET [MD5.E4BF71F72E211B12AFC77CACEE12628A] - |A| - [27/10/2017 15:31:58] - (.-.) - [268.5 Ko] - (1.0.340.0) - C:\WINDOWS\SysWOW64\APOMngr.DLL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [0 Ko] - C:\WINDOWS\SysWOW64\AppLocker [MD5.6CBD4E2DCE4577A476EA4860AE1B567D] - |A| - [22/09/2017 19:18:44] - (.-.) - [637.35 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\appverif.chm [MD5.96DF5B5A3B36037B95A4C40DED00E422] - |A| - [12/06/2017 22:55:30] - (.-.) - [101.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\appverifUI.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [280.5 Ko] - C:\WINDOWS\SysWOW64\ar-SA [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [30.5 Ko] - C:\WINDOWS\SysWOW64\as-IN [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [30 Ko] - C:\WINDOWS\SysWOW64\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [29.5 Ko] - C:\WINDOWS\SysWOW64\be-BY [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [265.5 Ko] - C:\WINDOWS\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [28.5 Ko] - C:\WINDOWS\SysWOW64\bn-BD [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [29.5 Ko] - C:\WINDOWS\SysWOW64\bn-IN [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [28.5 Ko] - C:\WINDOWS\SysWOW64\bs-Latn-BA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [0.1 Ko] - C:\WINDOWS\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [30.5 Ko] - C:\WINDOWS\SysWOW64\ca-ES [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [31 Ko] - C:\WINDOWS\SysWOW64\ca-ES-valencia [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot [MD5.FAB1F423FAC9F69024BAA3F9CD3B7916] - |A| - [27/10/2017 15:31:59] - (.Copyright (c) 2011 Creative Technology Ltd. - Creative Host SoundCore Module.) - [319.63 Ko] - (1.0.7.0) - C:\WINDOWS\SysWOW64\ChezSC32.DLL [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [23 Ko] - C:\WINDOWS\SysWOW64\chr-CHER-US [MD5.BDBB29F1C23665A4721F79D9BFF60FA6] - |A| - [27/10/2017 15:31:58] - (.-.) - [72.5 Ko] - (1.0.64.0) - C:\WINDOWS\SysWOW64\CmdRtr.DLL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [315 Ko] - C:\WINDOWS\SysWOW64\com [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [20539.66 Ko] - C:\WINDOWS\SysWOW64\config [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 15:46:34] - [53.11 Ko] - C:\WINDOWS\SysWOW64\Configuration [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [325 Ko] - C:\WINDOWS\SysWOW64\cs-CZ [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [31.5 Ko] - C:\WINDOWS\SysWOW64\cy-GB [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [322 Ko] - C:\WINDOWS\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [364 Ko] - C:\WINDOWS\SysWOW64\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [29/09/2017 15:42:09] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\DefaultAccountTile.png [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 15:46:34] - [200.5 Ko] - C:\WINDOWS\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [19/12/2017 11:40:12] - [0 Ko] - C:\WINDOWS\SysWOW64\directx [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [6896.81 Ko] - C:\WINDOWS\SysWOW64\Dism [MD5.4AF6ADF75A89CDE3DB2D501F3539DF6A] - |A| - [27/10/2017 15:35:50] - (.-.) - [9.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gms.log [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [0.01 Ko] - C:\WINDOWS\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [29 Ko] - C:\WINDOWS\SysWOW64\gu-IN [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [29 Ko] - C:\WINDOWS\SysWOW64\ha-Latn-NG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [266.5 Ko] - C:\WINDOWS\SysWOW64\he-IL [MD5.3A7F920893FD6F49BC4CC07B72914013] - |A| - [29/09/2017 15:42:09] - (.-.) - [188.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [29 Ko] - C:\WINDOWS\SysWOW64\hi-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [258 Ko] - C:\WINDOWS\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [331 Ko] - C:\WINDOWS\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [27.5 Ko] - C:\WINDOWS\SysWOW64\hy-AM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [36.27 Ko] - C:\WINDOWS\SysWOW64\icsxml [MD5.F0851D76262FF35F76156F628A04099B] - |RA| - [29/09/2017 15:42:11] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1602.5 Ko] - (59.1.0.0) - C:\WINDOWS\SysWOW64\icuin.dll [MD5.40E2D734687DAF397D472B70FC305781] - |RA| - [29/09/2017 15:42:11] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1131.5 Ko] - (59.1.0.0) - C:\WINDOWS\SysWOW64\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [28.5 Ko] - C:\WINDOWS\SysWOW64\id-ID [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [27 Ko] - C:\WINDOWS\SysWOW64\ig-NG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [20706.67 Ko] - C:\WINDOWS\SysWOW64\IME [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [0 Ko] - C:\WINDOWS\SysWOW64\inetsrv [MD5.4F6BFC6464D620149C2BB60243C6A3B8] - |A| - [29/09/2017 15:42:11] - (.-.) - [146.33 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [218.5 Ko] - C:\WINDOWS\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [1160 Ko] - C:\WINDOWS\SysWOW64\InstallShield [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [0 Ko] - C:\WINDOWS\SysWOW64\Ipmi [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [29 Ko] - C:\WINDOWS\SysWOW64\is-IS [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [350 Ko] - C:\WINDOWS\SysWOW64\it-IT [MD5.C6799169EC81A6D9A294F4E86A1E1AD3] - |A| - [29/10/2017 23:22:06] - (.Copyright (c) 2006-2013 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [1688.25 Ko] - (1.2.16.74) - C:\WINDOWS\SysWOW64\MBAPO232.dll [MD5.20FD18FE9EA2612ED9B421064D69F3D8] - |A| - [27/10/2017 15:31:59] - (.Copyright (C) 2014 -.) - [37.13 Ko] - (1.21.0.0) - C:\WINDOWS\SysWOW64\MBCfg32.dll [MD5.7391C842DFF4D7ACCA1B3C38486178E8] - |A| - [27/10/2017 15:31:59] - (.Copyright (c) 2009 Creative Technology Ltd. -.) - [135.63 Ko] - (0.0.0.6) - C:\WINDOWS\SysWOW64\MBCfg32.exe [MD5.32B2157AB3B90F7AB725C10037515894] - |A| - [27/10/2017 15:31:59] - (.-.) - [13.42 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\MBCfg32.ini [MD5.222FAD09ACEA780623E9E8364EFDB6B8] - |A| - [27/10/2017 15:31:59] - (.-.) - [5.72 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\MBCfgUninstall32.ini [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [29 Ko] - C:\WINDOWS\SysWOW64\mi-NZ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [3003.94 Ko] - C:\WINDOWS\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [815.4 Ko] - C:\WINDOWS\SysWOW64\migwiz [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [30 Ko] - C:\WINDOWS\SysWOW64\mk-MK [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [32.5 Ko] - C:\WINDOWS\SysWOW64\ml-IN [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [30.5 Ko] - C:\WINDOWS\SysWOW64\mn-MN [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [29.5 Ko] - C:\WINDOWS\SysWOW64\mr-IN [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [30 Ko] - C:\WINDOWS\SysWOW64\ms-MY [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [45.5 Ko] - C:\WINDOWS\SysWOW64\MSDRM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [52.28 Ko] - C:\WINDOWS\SysWOW64\Msdtc [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [31 Ko] - C:\WINDOWS\SysWOW64\mt-MT [MD5.B9966F800D2A3A1522B1825077785C40] - |A| - [27/10/2017 15:30:59] - (.Copyright (c) 2015 Micro-Star INT'L CO.,LTD. - Windows Host Process.) - [1653.16 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\muachost.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [19.15 Ko] - C:\WINDOWS\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [315 Ko] - C:\WINDOWS\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [0 Ko] - C:\WINDOWS\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [31.5 Ko] - C:\WINDOWS\SysWOW64\ne-NP [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [51 Ko] - C:\WINDOWS\SysWOW64\networklist [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [338 Ko] - C:\WINDOWS\SysWOW64\nl-NL [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [28.5 Ko] - C:\WINDOWS\SysWOW64\nn-NO [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [30.5 Ko] - C:\WINDOWS\SysWOW64\nso-ZA [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 15:46:34] - [3781.5 Ko] - C:\WINDOWS\SysWOW64\Nui [MD5.3A2E85F7D90D15460C337CE80C2E3B29] - |A| - [09/11/2017 15:51:40] - (.-.) - [75.09 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PnkBstrA.exe [MD5.FC72546EA23DD8144D4FF44152378729] - |A| - [09/11/2017 15:51:41] - (.-.) - [209.37 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PnkBstrB.ex0 [MD5.7216827676AE6B40F7873C481B9E9446] - |A| - [09/11/2017 15:51:41] - (.-.) - [220.87 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PnkBstrB.exe [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:39:57] - [420.42 Ko] - C:\WINDOWS\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [30.5 Ko] - C:\WINDOWS\SysWOW64\prs-AF [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [338.5 Ko] - C:\WINDOWS\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [333.5 Ko] - C:\WINDOWS\SysWOW64\pt-PT [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [32.5 Ko] - C:\WINDOWS\SysWOW64\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [30.5 Ko] - C:\WINDOWS\SysWOW64\quz-PE [MD5.F760C56D6EFB2272F1712218BBD1B20A] - |A| - [12/01/2018 15:27:18] - (.Copyright (C) Qualitative Software [QSoft] - RAMDisk Image utility (x86/x64).) - [335.4 Ko] - (5.3.2.14) - C:\WINDOWS\SysWOW64\RAMDiskImage.exe [MD5.3C907D5DC3AAA611A5B6C3C779462033] - |A| - [12/01/2018 15:27:18] - (.Copyright (C) Qualitative Software [QSoft] - RAMDisk Installer / Propertypage (x64).) - [87.5 Ko] - (5.3.2.15) - C:\WINDOWS\SysWOW64\RAMDriv.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [23.75 Ko] - C:\WINDOWS\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [0 Ko] - C:\WINDOWS\SysWOW64\RasToast [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [0.82 Ko] - C:\WINDOWS\SysWOW64\Recovery [MD5.98F6807EBE3215EBEB8D4F6C21C86A2E] - |A| - [27/10/2017 15:31:59] - (.Copyright (C) 2011 - Command Router Restore Utility.) - [15.13 Ko] - (2.0.13.0) - C:\WINDOWS\SysWOW64\ResDefA.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [0 Ko] - C:\WINDOWS\SysWOW64\restore [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [261.5 Ko] - C:\WINDOWS\SysWOW64\ro-RO [MD5.00000000000000000000000000000000] - |D| - [27/10/2017 15:29:39] - [4648.66 Ko] - C:\WINDOWS\SysWOW64\RTCOM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [329.5 Ko] - C:\WINDOWS\SysWOW64\ru-RU [MD5.0F3C52B590140859CFF7D4A25947C378] - |A| - [12/02/2018 19:21:41] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\runrefog.lnk [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [29.5 Ko] - C:\WINDOWS\SysWOW64\rw-RW [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [30 Ko] - C:\WINDOWS\SysWOW64\sd-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [29.5 Ko] - C:\WINDOWS\SysWOW64\si-LK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [261 Ko] - C:\WINDOWS\SysWOW64\sk-SK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [259 Ko] - C:\WINDOWS\SysWOW64\sl-SI [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:39:57] - [52.14 Ko] - C:\WINDOWS\SysWOW64\slmgr [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [0 Ko] - C:\WINDOWS\SysWOW64\SMI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [4119.9 Ko] - C:\WINDOWS\SysWOW64\Speech [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [9050.14 Ko] - C:\WINDOWS\SysWOW64\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [1780.75 Ko] - C:\WINDOWS\SysWOW64\spp [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [23.61 Ko] - C:\WINDOWS\SysWOW64\sppui [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [30.5 Ko] - C:\WINDOWS\SysWOW64\sq-AL [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [29.5 Ko] - C:\WINDOWS\SysWOW64\sr-Cyrl-BA [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [29.5 Ko] - C:\WINDOWS\SysWOW64\sr-Cyrl-RS [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [262 Ko] - C:\WINDOWS\SysWOW64\sr-Latn-RS [MD5.B461D2CE1D93ADAB10E0E5495A06E403] - |A| - [29/09/2017 15:42:27] - (.-.) - [16.74 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\srms-apr.dat [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [0 Ko] - C:\WINDOWS\SysWOW64\sru [MD5.30FE146E2F0712AFEEA1ECF3E0EA270C] - |A| - [29/09/2017 15:42:09] - (.-.) - [302 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [321.5 Ko] - C:\WINDOWS\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [29 Ko] - C:\WINDOWS\SysWOW64\sw-KE [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:39:57] - [0 Ko] - C:\WINDOWS\SysWOW64\sysprep [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [34 Ko] - C:\WINDOWS\SysWOW64\ta-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [0 Ko] - C:\WINDOWS\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [30 Ko] - C:\WINDOWS\SysWOW64\te-IN [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [32 Ko] - C:\WINDOWS\SysWOW64\tg-Cyrl-TJ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [241 Ko] - C:\WINDOWS\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [22.5 Ko] - C:\WINDOWS\SysWOW64\ti-ET [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [27.5 Ko] - C:\WINDOWS\SysWOW64\tk-TM [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [32.5 Ko] - C:\WINDOWS\SysWOW64\tn-ZA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [316.5 Ko] - C:\WINDOWS\SysWOW64\tr-TR [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [28.5 Ko] - C:\WINDOWS\SysWOW64\tt-RU [MD5.01E96A85B337B702AE2BC7F838AE7B65] - |A| - [29/09/2017 15:42:38] - (.-.) - [3.34 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\UevCustomActionTypes.tlb [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [28 Ko] - C:\WINDOWS\SysWOW64\ug-CN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [257 Ko] - C:\WINDOWS\SysWOW64\uk-UA [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [29.5 Ko] - C:\WINDOWS\SysWOW64\ur-PK [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [32 Ko] - C:\WINDOWS\SysWOW64\uz-Latn-UZ [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [31.5 Ko] - C:\WINDOWS\SysWOW64\vi-VN [MD5.4983E141C97259AEF3B566C2910611B9] - |A| - [29/09/2017 15:42:37] - (.-.) - [38.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vmstaging.dll [MD5.768180716EE376D2FD512DAF4ABFAE1E] - |A| - [02/03/2018 04:04:08] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [808.8 Ko] - (1.1.70.0) - C:\WINDOWS\SysWOW64\vulkan-1-1-1-70-0.dll [MD5.768180716EE376D2FD512DAF4ABFAE1E] - |A| - [11/05/2018 18:50:25] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [808.8 Ko] - (1.1.70.0) - C:\WINDOWS\SysWOW64\vulkan-1.dll [MD5.1C72AB64394A2DAE512A701B1F574F3D] - |A| - [02/03/2018 04:03:58] - (.-.) - [562.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-1-1-70-0.exe [MD5.1C72AB64394A2DAE512A701B1F574F3D] - |A| - [11/05/2018 18:50:25] - (.-.) - [562.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [17179.55 Ko] - C:\WINDOWS\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:39:57] - [0 Ko] - C:\WINDOWS\SysWOW64\WCN [MD5.ACC1181C0AA4D01B537F53A1CC33E766] - |A| - [29/09/2017 15:42:09] - (.-.) - [90 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [10018.82 Ko] - C:\WINDOWS\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [5286.49 Ko] - C:\WINDOWS\SysWOW64\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:39:57] - [107.53 Ko] - C:\WINDOWS\SysWOW64\winrm [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [27.5 Ko] - C:\WINDOWS\SysWOW64\wo-SN [MD5.12D91C9A9837995A137ACE4B2E674918] - |A| - [29/09/2017 15:42:09] - (.-.) - [54.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [30 Ko] - C:\WINDOWS\SysWOW64\xh-ZA [MD5.00000000000000000000000000000000] - |D| - [09/11/2017 19:48:00] - [10.16 Ko] - C:\WINDOWS\SysWOW64\XPSViewer [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [29 Ko] - C:\WINDOWS\SysWOW64\yo-NG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [220.5 Ko] - C:\WINDOWS\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [214.5 Ko] - C:\WINDOWS\SysWOW64\zh-TW [MD5.00000000000000000000000000000000] - |D| - [30/09/2017 16:40:57] - [30 Ko] - C:\WINDOWS\SysWOW64\zu-ZA ---------- | Shell Folders [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "!Do not use this registry key"=Use the SHGetFolderPath or SHGetKnownFolderPath function instead "AppData"=C:\Users\bobcl\AppData\Roaming [27/10/2017 16:27:42] "Local AppData"=C:\Users\bobcl\AppData\Local [27/10/2017 16:27:42] "CD Burning"=C:\Users\bobcl\AppData\Local\Microsoft\Windows\Burn\Burn [27/10/2017 16:32:56] "{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"=C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Libraries [27/10/2017 00:50:46] "My Video"=D:\Clément\Videos [22/03/2017 23:45:20] "My Pictures"=D:\Clément\Pictures [22/03/2017 23:45:16] "Desktop"=C:\Users\bobcl\Desktop [27/10/2017 00:49:37] "History"=C:\Users\bobcl\AppData\Local\Microsoft\Windows\History [27/10/2017 00:49:37] "NetHood"=C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Network Shortcuts [27/10/2017 16:27:42] "{56784854-C6CB-462B-8169-88E350ACB882}"=C:\Users\bobcl\Contacts [27/10/2017 00:50:46] "{00BCFC5A-ED94-4E48-96A1-3F6217F21990}"=C:\Users\bobcl\AppData\Local\Microsoft\Windows\RoamingTiles [27/10/2017 00:50:46] "Cookies"=C:\Users\bobcl\AppData\Local\Microsoft\Windows\INetCookies [27/10/2017 00:49:37] "Favorites"=C:\Users\bobcl\Favorites [27/10/2017 00:49:37] "SendTo"=C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\SendTo [27/10/2017 00:49:37] "Start Menu"=C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu [27/10/2017 00:49:37] "My Music"=D:\Clément\Music [22/03/2017 23:45:13] "Programs"=C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [27/10/2017 00:49:37] "Recent"=C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Recent [27/10/2017 00:49:37] "PrintHood"=C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Printer Shortcuts [27/10/2017 16:27:42] "{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"=C:\Users\bobcl\Searches [27/10/2017 00:50:46] "{374DE290-123F-4565-9164-39C4925E467B}"=D:\Clément\Downloads [29/10/2017 18:34:08] "{A520A1A4-1780-4FF6-BD18-167343C5AF16}"=C:\Users\bobcl\AppData\LocalLow [27/10/2017 00:49:37] "Startup"=C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [27/10/2017 00:50:46] "Administrative Tools"=C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [27/10/2017 00:50:46] "Personal"=D:\Clément\Documents [22/03/2017 23:45:11] "{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"=C:\Users\bobcl\Links [27/10/2017 00:49:37] "Cache"=C:\Users\bobcl\AppData\Local\Microsoft\Windows\INetCache [27/10/2017 16:27:42] "Templates"=C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Templates [27/10/2017 16:27:42] "{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"=C:\Users\bobcl\Saved Games [27/10/2017 00:49:37] "Fonts"=C:\WINDOWS\Fonts [29/09/2017 15:46:33] [HKU\S-1-5-21-2153363518-3719023817-840555237-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "AppData"=%USERPROFILE%\AppData\Roaming "Cache"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCache "Cookies"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCookies "Desktop"=%USERPROFILE%\Desktop "Favorites"=%USERPROFILE%\Favorites "History"=%USERPROFILE%\AppData\Local\Microsoft\Windows\History "Local AppData"=%USERPROFILE%\AppData\Local "NetHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts "PrintHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts "Programs"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs "Recent"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent "SendTo"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo "Start Menu"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu "Startup"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup "Templates"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates "{374DE290-123F-4565-9164-39C4925E467B}"=D:\Clément\Downloads [29/10/2017 18:34:08] "{339719B5-8C47-4894-94C2-D8F77ADD44A6}"=C:\Users\bobcl\OneDrive\Images [13/03/2018 23:16:41] "{767E6811-49CB-4273-87C2-20F355E1085B}"=C:\Users\bobcl\OneDrive\Images\Pellicule "My Pictures"=D:\Clément\Pictures [22/03/2017 23:45:16] "My Music"=D:\Clément\Music [22/03/2017 23:45:13] "My Video"=D:\Clément\Videos [22/03/2017 23:45:20] "Personal"=D:\Clément\Documents [22/03/2017 23:45:11] "{F42EE2D3-909F-4907-8871-4C22FC0BF756}"=D:\Clément\Documents [22/03/2017 23:45:11] "{0DDD015D-B06C-45D5-8C4C-F59713854639}"=D:\Clément\Pictures [22/03/2017 23:45:16] "{A0C69A99-21C8-4671-8703-7934162FCF1D}"=D:\Clément\Music [22/03/2017 23:45:13] "{35286A68-3C57-41A1-BBB1-0EAE73D76C95}"=D:\Clément\Videos [22/03/2017 23:45:20] "{7D83EE9B-2244-4E70-B1F5-5393042AF1E4}"=D:\Clément\Downloads [29/10/2017 18:34:08] "{C3F2459E-80D6-45DC-BFEF-1F769F2BE730}"=C:\Users\bobcl\OneDrive\Musique "{31C0DD25-9439-4F12-BF41-7FF4EDA38722}"=D:\Clément\3D Objects [29/10/2017 18:34:51] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [29/09/2017 15:46:33] "Common AppData"=C:\ProgramData [29/09/2017 15:46:33] "Common Desktop"=C:\Users\Public\Desktop [18/03/2017 23:03:29] "Common Documents"=C:\Users\Public\Documents [18/03/2017 23:03:29] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [29/09/2017 15:46:33] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [29/09/2017 15:46:33] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [29/09/2017 15:46:33] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [18/03/2017 23:03:29] "CommonMusic"=C:\Users\Public\Music [18/03/2017 23:03:29] "CommonPictures"=C:\Users\Public\Pictures [18/03/2017 23:03:29] "CommonVideo"=C:\Users\Public\Videos [18/03/2017 23:03:29] "OEM Links"=C:\ProgramData\OEM\Links [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [29/09/2017 15:46:33] "Common AppData"=C:\ProgramData [29/09/2017 15:46:33] "Common Desktop"=C:\Users\Public\Desktop [18/03/2017 23:03:29] "Common Documents"=C:\Users\Public\Documents [18/03/2017 23:03:29] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [29/09/2017 15:46:33] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [29/09/2017 15:46:33] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [29/09/2017 15:46:33] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [18/03/2017 23:03:29] "CommonMusic"=C:\Users\Public\Music [18/03/2017 23:03:29] "CommonPictures"=C:\Users\Public\Pictures [18/03/2017 23:03:29] "CommonVideo"=C:\Users\Public\Videos [18/03/2017 23:03:29] "OEM Links"=C:\ProgramData\OEM\Links [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads ---------- | [bobcl] [12/12/2017 22:37:12] - |D| - [1002] - C:\Users\bobcl\.anaconda [01/12/2017 03:02:23] - |D| - [2227177227] - C:\Users\bobcl\.android [27/03/2018 22:14:26] - |D| - [114150694] - C:\Users\bobcl\.atom [12/12/2017 22:38:43] - |A| - [1939] - C:\Users\bobcl\.bash_history [01/12/2017 03:04:36] - |D| - [8706003] - C:\Users\bobcl\.cordova [30/11/2017 22:25:11] - |D| - [69] - C:\Users\bobcl\.dotnet [12/12/2017 22:36:37] - |D| - [0] - C:\Users\bobcl\.matplotlib [29/10/2017 22:50:37] - |D| - [0] - C:\Users\bobcl\.Origin [29/10/2017 22:50:37] - |D| - [0] - C:\Users\bobcl\.QtWebEngineProcess [12/12/2017 22:36:31] - |D| - [51389] - C:\Users\bobcl\.spyder-py3 [04/12/2017 19:56:59] - |D| - [2516614] - C:\Users\bobcl\.templateengine [29/11/2017 22:52:38] - |D| - [112198] - C:\Users\bobcl\.VirtualBox [01/02/2018 19:03:24] - |D| - [0] - C:\Users\bobcl\ansel [27/10/2017 16:27:42] - |HD| - [11113719288] - C:\Users\bobcl\AppData [27/10/2017 16:27:42] - |SHD| - [0] - C:\Users\bobcl\Application Data [27/10/2017 00:50:46] - |RD| - [412] - C:\Users\bobcl\Contacts [27/10/2017 16:27:42] - |SHD| - [0] - C:\Users\bobcl\Cookies [27/10/2017 00:49:37] - |RD| - [34566123660] - C:\Users\bobcl\Desktop [27/10/2017 16:31:39] - |RD| - [282] - C:\Users\bobcl\Documents [27/10/2017 16:31:39] - |RD| - [282] - C:\Users\bobcl\Downloads [27/10/2017 00:49:37] - |RD| - [974] - C:\Users\bobcl\Favorites [27/10/2017 00:49:37] - |RD| - [1906] - C:\Users\bobcl\Links [27/10/2017 16:27:42] - |SHD| - [0] - C:\Users\bobcl\Local Settings [27/10/2017 16:27:42] - |SHD| - [0] - C:\Users\bobcl\Menu Démarrer [27/10/2017 16:27:42] - |SHD| - [0] - C:\Users\bobcl\Mes documents [27/10/2017 16:31:56] - |HD| - [457] - C:\Users\bobcl\MicrosoftEdgeBackups [27/10/2017 16:27:42] - |SHD| - [0] - C:\Users\bobcl\Modèles [27/10/2017 16:31:39] - |RD| - [384] - C:\Users\bobcl\Music [27/10/2017 16:27:42] - |AH| - [7077888] - C:\Users\bobcl\ntuser.dat [27/10/2017 16:27:42] - |ASH| - [1826816] - C:\Users\bobcl\ntuser.dat.log1 [27/10/2017 16:27:42] - |ASH| - [1812480] - C:\Users\bobcl\ntuser.dat.log2 [21/12/2017 17:29:15] - |ASH| - [1048576] - C:\Users\bobcl\NTUSER.DAT{37f66b3d-bb2b-11e7-9751-d8cb8a745256}.TxR.0.regtrans-ms [21/12/2017 17:29:15] - |ASH| - [1048576] - C:\Users\bobcl\NTUSER.DAT{37f66b3d-bb2b-11e7-9751-d8cb8a745256}.TxR.1.regtrans-ms [21/12/2017 17:29:15] - |ASH| - [1048576] - C:\Users\bobcl\NTUSER.DAT{37f66b3d-bb2b-11e7-9751-d8cb8a745256}.TxR.2.regtrans-ms [21/12/2017 17:29:15] - |ASH| - [65536] - C:\Users\bobcl\NTUSER.DAT{37f66b3d-bb2b-11e7-9751-d8cb8a745256}.TxR.blf [27/10/2017 16:27:42] - |ASH| - [65536] - C:\Users\bobcl\NTUSER.DAT{37f66b3e-bb2b-11e7-9751-d8cb8a745256}.TM.blf [27/10/2017 16:27:42] - |ASH| - [524288] - C:\Users\bobcl\NTUSER.DAT{37f66b3e-bb2b-11e7-9751-d8cb8a745256}.TMContainer00000000000000000001.regtrans-ms [27/10/2017 16:27:42] - |ASH| - [524288] - C:\Users\bobcl\NTUSER.DAT{37f66b3e-bb2b-11e7-9751-d8cb8a745256}.TMContainer00000000000000000002.regtrans-ms [21/12/2017 18:04:33] - |ASH| - [65536] - C:\Users\bobcl\ntuser.dat{9ee659e7-e668-11e7-b24a-d8cb8a745256}.TM.blf [21/12/2017 18:04:33] - |ASH| - [524288] - C:\Users\bobcl\ntuser.dat{9ee659e7-e668-11e7-b24a-d8cb8a745256}.TMContainer00000000000000000001.regtrans-ms [21/12/2017 18:04:33] - |ASH| - [524288] - C:\Users\bobcl\ntuser.dat{9ee659e7-e668-11e7-b24a-d8cb8a745256}.TMContainer00000000000000000002.regtrans-ms [27/10/2017 16:31:36] - |SH| - [20] - C:\Users\bobcl\ntuser.ini [27/10/2017 00:52:36] - |RAD| - [129273161] - C:\Users\bobcl\OneDrive [27/10/2017 16:31:39] - |RD| - [384] - C:\Users\bobcl\Pictures [27/10/2017 16:27:42] - |SHD| - [0] - C:\Users\bobcl\Recent [27/10/2017 00:49:37] - |RD| - [282] - C:\Users\bobcl\Saved Games [27/10/2017 00:50:46] - |RD| - [1875] - C:\Users\bobcl\Searches [27/10/2017 16:27:42] - |SHD| - [0] - C:\Users\bobcl\SendTo [09/11/2017 16:24:33] - |D| - [0] - C:\Users\bobcl\source [27/10/2017 16:31:39] - |RD| - [384] - C:\Users\bobcl\Videos [27/10/2017 16:27:42] - |SHD| - [0] - C:\Users\bobcl\Voisinage d'impression [27/10/2017 16:27:42] - |SHD| - [0] - C:\Users\bobcl\Voisinage réseau [27/10/2017 16:27:42] - |D| - [6853056944] - C:\Users\bobcl\AppData\Local [27/10/2017 00:49:37] - |D| - [859421067] - C:\Users\bobcl\AppData\LocalLow [27/10/2017 16:27:42] - |D| - [3401241277] - C:\Users\bobcl\AppData\Roaming [09/11/2017 11:39:11] - |D| - [12968] - C:\Users\bobcl\AppData\Local\.IdentityService [27/10/2017 16:27:42] - |SHD| - [0] - C:\Users\bobcl\AppData\Local\Application Data [27/03/2018 22:13:47] - |D| - [695116213] - C:\Users\bobcl\AppData\Local\atom [29/10/2017 18:20:52] - |D| - [4246696] - C:\Users\bobcl\AppData\Local\CEF [27/10/2017 00:50:57] - |D| - [51326445] - C:\Users\bobcl\AppData\Local\Comms [27/10/2017 00:50:46] - |D| - [3332051] - C:\Users\bobcl\AppData\Local\ConnectedDevicesPlatform [08/11/2017 16:58:14] - |D| - [0] - C:\Users\bobcl\AppData\Local\CrashDumps [21/12/2017 16:58:15] - |D| - [19208] - C:\Users\bobcl\AppData\Local\CrashReportClient [27/10/2017 15:52:37] - |D| - [465] - C:\Users\bobcl\AppData\Local\Creative [13/03/2018 18:44:45] - |D| - [44] - C:\Users\bobcl\AppData\Local\Daybreak Game Company [27/10/2017 01:18:19] - |D| - [0] - C:\Users\bobcl\AppData\Local\DBG [27/10/2017 17:13:51] - |D| - [3086089] - C:\Users\bobcl\AppData\Local\Diagnostics [23/01/2018 22:32:29] - |D| - [310126114] - C:\Users\bobcl\AppData\Local\Discord [11/05/2018 22:53:09] - |D| - [0] - C:\Users\bobcl\AppData\Local\Electronic Arts [31/10/2017 18:30:40] - |D| - [1430988] - C:\Users\bobcl\AppData\Local\ElevatedDiagnostics [14/11/2017 13:57:13] - |D| - [17989505] - C:\Users\bobcl\AppData\Local\EpicGamesLauncher [21/11/2017 21:10:25] - |D| - [55] - C:\Users\bobcl\AppData\Local\Eraser 6 [05/02/2018 17:20:48] - |D| - [14654] - C:\Users\bobcl\AppData\Local\FileZilla [15/11/2017 21:34:10] - |D| - [39633272] - C:\Users\bobcl\AppData\Local\FortniteGame [09/11/2017 16:14:01] - |D| - [413149185] - C:\Users\bobcl\AppData\Local\ftblauncher [27/10/2017 16:10:27] - |D| - [1050580557] - C:\Users\bobcl\AppData\Local\Google [10/01/2018 13:44:01] - |D| - [279] - C:\Users\bobcl\AppData\Local\HirezLauncherUI [27/10/2017 16:27:42] - |SHD| - [0] - C:\Users\bobcl\AppData\Local\Historique [25/11/2017 15:19:33] - |D| - [54374] - C:\Users\bobcl\AppData\Local\HP [27/10/2017 17:14:19] - |AH| - [218555] - C:\Users\bobcl\AppData\Local\IconCache.db [29/11/2017 22:46:32] - |D| - [934] - C:\Users\bobcl\AppData\Local\Intel_Corporation [29/11/2017 22:03:48] - |A| - [102] - C:\Users\bobcl\AppData\Local\killertool.log [29/10/2017 17:55:25] - |D| - [1835158] - C:\Users\bobcl\AppData\Local\Logitech [11/03/2018 17:12:47] - |D| - [0] - C:\Users\bobcl\AppData\Local\Mega Limited [27/10/2017 16:27:42] - |D| - [515267626] - C:\Users\bobcl\AppData\Local\Microsoft [08/03/2018 19:05:46] - |D| - [0] - C:\Users\bobcl\AppData\Local\Microsoft Help [27/10/2017 00:55:47] - |D| - [75927] - C:\Users\bobcl\AppData\Local\MicrosoftEdge [08/11/2017 13:51:31] - |D| - [163060422] - C:\Users\bobcl\AppData\Local\NVIDIA [08/11/2017 13:51:27] - |D| - [51878800] - C:\Users\bobcl\AppData\Local\NVIDIA Corporation [29/10/2017 22:50:34] - |D| - [470058471] - C:\Users\bobcl\AppData\Local\Origin [30/11/2017 22:41:02] - |D| - [838852] - C:\Users\bobcl\AppData\Local\Package Cache [27/10/2017 16:27:49] - |D| - [1293240601] - C:\Users\bobcl\AppData\Local\Packages [27/10/2017 01:03:36] - |D| - [0] - C:\Users\bobcl\AppData\Local\PackageStaging [29/10/2017 17:51:30] - |D| - [0] - C:\Users\bobcl\AppData\Local\PeerDistRepub [08/11/2017 21:37:51] - |D| - [0] - C:\Users\bobcl\AppData\Local\PlaceholderTileLogoFolder [21/11/2017 20:59:57] - |D| - [0] - C:\Users\bobcl\AppData\Local\Programs [27/10/2017 00:50:48] - |D| - [881798] - C:\Users\bobcl\AppData\Local\Publishers [15/11/2017 23:37:52] - |D| - [3625093] - C:\Users\bobcl\AppData\Local\PunkBuster [27/10/2017 01:00:44] - |D| - [13482] - C:\Users\bobcl\AppData\Local\Recovery [13/12/2017 23:32:12] - |A| - [7607] - C:\Users\bobcl\AppData\Local\Resmon.ResmonCfg [13/03/2018 18:44:47] - |D| - [0] - C:\Users\bobcl\AppData\Local\SCE [08/11/2017 22:35:48] - |D| - [32] - C:\Users\bobcl\AppData\Local\ServiceHub [20/11/2017 19:48:41] - |D| - [940] - C:\Users\bobcl\AppData\Local\speech [29/10/2017 17:46:33] - |D| - [26579] - C:\Users\bobcl\AppData\Local\SquirrelTemp [29/10/2017 22:52:57] - |D| - [375455689] - C:\Users\bobcl\AppData\Local\Steam [19/12/2017 10:28:43] - |D| - [0] - C:\Users\bobcl\AppData\Local\Sun [31/10/2017 18:29:20] - |D| - [898] - C:\Users\bobcl\AppData\Local\TeamViewer [27/10/2017 16:27:42] - |D| - [1374043982] - C:\Users\bobcl\AppData\Local\Temp [19/03/2018 19:56:38] - |D| - [0] - C:\Users\bobcl\AppData\Local\TempOfficeC2R1201B68A-EC7A-4665-98FC-9A7AE752D7F7 [11/05/2018 19:29:13] - |D| - [0] - C:\Users\bobcl\AppData\Local\TempOfficeC2R135DB1BC-91D7-4D20-9291-AA39ABEE522F [15/04/2018 22:19:42] - |D| - [0] - C:\Users\bobcl\AppData\Local\TempOfficeC2R2B9144BA-931E-4672-A47B-E3F8EE884257 [20/04/2018 23:07:49] - |D| - [0] - C:\Users\bobcl\AppData\Local\TempOfficeC2R5314C4E4-A29D-4ACB-8E68-1D21ECAE1BB9 [22/04/2018 13:07:33] - |D| - [0] - C:\Users\bobcl\AppData\Local\TempOfficeC2R66C45864-D5E5-4063-A632-3946E25D421C [16/04/2018 18:26:20] - |D| - [0] - C:\Users\bobcl\AppData\Local\TempOfficeC2R686598DB-FA8F-4C0D-85A5-5A41A4A919B2 [23/03/2018 19:10:15] - |D| - [0] - C:\Users\bobcl\AppData\Local\TempOfficeC2R82126100-EC5D-464E-BA8A-D5B9920FBA22 [26/03/2018 18:41:46] - |D| - [0] - C:\Users\bobcl\AppData\Local\TempOfficeC2R8A317E78-D98A-4B3D-A12D-9F3E03319C8F [11/05/2018 18:27:37] - |D| - [0] - C:\Users\bobcl\AppData\Local\TempOfficeC2RB1B148D0-538D-42AF-9148-18326861B0D9 [11/05/2018 18:54:23] - |D| - [0] - C:\Users\bobcl\AppData\Local\TempOfficeC2RD53F4E9F-369F-4C19-9AE8-2B43750058FE [27/10/2017 16:27:42] - |SHD| - [0] - C:\Users\bobcl\AppData\Local\Temporary Internet Files [27/10/2017 00:50:46] - |D| - [11879747] - C:\Users\bobcl\AppData\Local\TileDataLayer [08/11/2017 14:08:47] - |D| - [3620] - C:\Users\bobcl\AppData\Local\Ubisoft Game Launcher [01/12/2017 14:56:41] - |D| - [321562] - C:\Users\bobcl\AppData\Local\Unity [14/11/2017 13:57:13] - |D| - [187] - C:\Users\bobcl\AppData\Local\UnrealEngine [14/11/2017 13:57:14] - |D| - [500] - C:\Users\bobcl\AppData\Local\UnrealEngineLauncher [27/10/2017 00:50:46] - |D| - [0] - C:\Users\bobcl\AppData\Local\VirtualStore [15/01/2018 23:09:48] - |D| - [0] - C:\Users\bobcl\AppData\Local\VisualStudio [15/01/2018 23:09:47] - |D| - [7976] - C:\Users\bobcl\AppData\Local\Xamarin [11/05/2018 22:46:25] - |D| - [192642] - C:\Users\bobcl\AppData\Local\ZHP [13/03/2018 18:44:45] - |D| - [1003366] - C:\Users\bobcl\AppData\LocalLow\Daybreak Game Company [01/12/2017 15:05:26] - |D| - [1598] - C:\Users\bobcl\AppData\LocalLow\DefaultCompany [27/10/2017 00:50:48] - |SD| - [226262] - C:\Users\bobcl\AppData\LocalLow\Microsoft [09/11/2017 09:38:57] - |D| - [850963040] - C:\Users\bobcl\AppData\LocalLow\Oracle [29/10/2017 18:01:12] - |D| - [20877] - C:\Users\bobcl\AppData\LocalLow\Sun [08/11/2017 23:03:14] - |D| - [0] - C:\Users\bobcl\AppData\LocalLow\Temp [01/12/2017 14:56:41] - |D| - [7205924] - C:\Users\bobcl\AppData\LocalLow\Unity [10/11/2017 00:12:32] - |D| - [2986808572] - C:\Users\bobcl\AppData\Roaming\.minecraft [27/10/2017 00:50:46] - |D| - [0] - C:\Users\bobcl\AppData\Roaming\Adobe [10/01/2018 13:53:10] - |D| - [355384] - C:\Users\bobcl\AppData\Roaming\AnyDesk [27/03/2018 22:14:23] - |D| - [36984731] - C:\Users\bobcl\AppData\Roaming\Atom [29/10/2017 17:46:38] - |D| - [166686854] - C:\Users\bobcl\AppData\Roaming\discord [11/05/2018 23:26:17] - |D| - [2661319] - C:\Users\bobcl\AppData\Roaming\EasyAntiCheat [05/02/2018 17:20:28] - |D| - [33418] - C:\Users\bobcl\AppData\Roaming\FileZilla [09/11/2017 16:14:01] - |D| - [65845] - C:\Users\bobcl\AppData\Roaming\ftblauncher [29/10/2017 17:58:34] - |D| - [0] - C:\Users\bobcl\AppData\Roaming\Google [25/11/2017 15:19:58] - |D| - [0] - C:\Users\bobcl\AppData\Roaming\HpUpdate [11/12/2017 19:50:09] - |D| - [66786] - C:\Users\bobcl\AppData\Roaming\HP_Easy_Start [21/11/2017 00:13:35] - |A| - [115] - C:\Users\bobcl\AppData\Roaming\LogFile.txt [29/10/2017 17:53:30] - |D| - [9159] - C:\Users\bobcl\AppData\Roaming\Logishrd [29/10/2017 17:53:30] - |D| - [0] - C:\Users\bobcl\AppData\Roaming\Logitech [27/10/2017 16:27:42] - |SD| - [61130573] - C:\Users\bobcl\AppData\Roaming\Microsoft [15/01/2018 23:09:47] - |D| - [0] - C:\Users\bobcl\AppData\Roaming\Microsoft Corporation [04/12/2017 19:50:28] - |D| - [0] - C:\Users\bobcl\AppData\Roaming\Microsoft FxCop [10/01/2018 11:16:30] - |D| - [395370] - C:\Users\bobcl\AppData\Roaming\NCH Software [09/11/2017 16:25:38] - |D| - [210] - C:\Users\bobcl\AppData\Roaming\NuGet [29/10/2017 18:31:59] - |D| - [474947] - C:\Users\bobcl\AppData\Roaming\NVIDIA [29/10/2017 23:03:13] - |D| - [43126] - C:\Users\bobcl\AppData\Roaming\Origin [13/01/2018 12:53:17] - |D| - [4004] - C:\Users\bobcl\AppData\Roaming\Remo [28/04/2018 11:38:32] - |D| - [49224952] - C:\Users\bobcl\AppData\Roaming\Samsung [08/03/2018 20:38:28] - |D| - [77] - C:\Users\bobcl\AppData\Roaming\Skype [29/10/2017 18:01:07] - |D| - [0] - C:\Users\bobcl\AppData\Roaming\Sun [31/10/2017 18:28:30] - |D| - [460] - C:\Users\bobcl\AppData\Roaming\TeamViewer [01/12/2017 14:56:40] - |D| - [92386432] - C:\Users\bobcl\AppData\Roaming\Unity [08/11/2017 22:35:48] - |D| - [557613] - C:\Users\bobcl\AppData\Roaming\Visual Studio Setup [08/11/2017 22:35:48] - |D| - [66] - C:\Users\bobcl\AppData\Roaming\vstelemetry [22/11/2017 08:25:15] - |D| - [12] - C:\Users\bobcl\AppData\Roaming\WinRAR [11/05/2018 22:46:25] - |D| - [3351252] - C:\Users\bobcl\AppData\Roaming\ZHP [27/10/2017 00:50:46] - |SH| - [174] - C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [27/10/2017 16:27:42] - |SHD| - [0] - C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [27/10/2017 00:49:37] - |RD| - [49438] - C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [27/10/2017 16:27:42] - |RD| - [3888] - C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [27/10/2017 16:27:42] - |RD| - [2925] - C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [27/10/2017 00:50:46] - |RD| - [174] - C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [29/10/2017 18:01:01] - |D| - [2783] - C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome [27/10/2017 16:31:39] - |SH| - [174] - C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [29/10/2017 17:46:39] - |D| - [2247] - C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc [27/03/2018 22:14:24] - |D| - [2255] - C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc [27/10/2017 16:27:42] - |D| - [170] - C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [01/12/2017 03:03:13] - |D| - [3045] - C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2017 Tools for Unity [19/12/2017 11:38:35] - |D| - [7647] - C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner [27/10/2017 00:52:36] - |A| - [2407] - C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [27/10/2017 00:50:46] - |RD| - [174] - C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [27/10/2017 16:27:42] - |RD| - [3496] - C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [21/12/2017 22:49:58] - |D| - [3945] - C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z [08/11/2017 14:08:47] - |D| - [1941] - C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft [27/10/2017 16:27:42] - |RD| - [7790] - C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [22/11/2017 08:25:10] - |D| - [4377] - C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [27/10/2017 00:50:46] - |SH| - [174] - C:\Users\bobcl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] [27/10/2017 00:50:46] - |RHD| - [60827] - C:\Users\Public\AccountPictures [09/04/2018 14:22:50] - |AHD| - [0] - C:\Users\Public\AppData [18/03/2017 23:03:29] - |RHD| - [40816] - C:\Users\Public\Desktop [29/09/2017 15:46:38] - |ASH| - [174] - C:\Users\Public\desktop.ini [18/03/2017 23:03:29] - |RD| - [278] - C:\Users\Public\Documents [18/03/2017 23:03:29] - |RD| - [174] - C:\Users\Public\Downloads [29/09/2017 15:46:33] - |RHD| - [1135] - C:\Users\Public\Libraries [12/01/2018 16:12:18] - |SH| - [237] - C:\Users\Public\Libraries.ini [18/03/2017 23:03:29] - |RD| - [380] - C:\Users\Public\Music [18/03/2017 23:03:29] - |RD| - [1263209] - C:\Users\Public\Pictures [18/03/2017 23:03:29] - |RD| - [380] - C:\Users\Public\Videos ---------- | C:\ProgramData [25/11/2017 15:19:51] - |A| - [57] - C:\ProgramData\Ament.ini [11/12/2017 19:53:03] - |D| - [2682368] - C:\ProgramData\Apple [27/10/2017 16:31:21] - |SHD| - [0] - C:\ProgramData\Application Data [27/10/2017 00:46:25] - |SHD| - [0] - C:\ProgramData\Bureau [27/10/2017 15:31:59] - |D| - [48342] - C:\ProgramData\Creative [30/11/2017 22:31:04] - |D| - [228] - C:\ProgramData\dftmp [27/10/2017 16:31:21] - |SHD| - [0] - C:\ProgramData\Documents [27/10/2017 15:32:09] - |D| - [139231736] - C:\ProgramData\Downloaded Installations [19/11/2017 14:30:31] - |D| - [0] - C:\ProgramData\EA Core [14/01/2018 23:57:16] - |D| - [364] - C:\ProgramData\EA Logs [09/11/2017 15:52:18] - |D| - [17536] - C:\ProgramData\Electronic Arts [14/11/2017 13:57:02] - |D| - [57465904] - C:\ProgramData\Epic [30/11/2017 23:06:46] - |D| - [179] - C:\ProgramData\Git [10/01/2018 13:43:48] - |D| - [1538812] - C:\ProgramData\Hi-Rez Studios [25/11/2017 15:19:54] - |D| - [304] - C:\ProgramData\HP [27/10/2017 15:28:47] - |D| - [88629823] - C:\ProgramData\Intel [29/10/2017 17:55:39] - |D| - [255] - C:\ProgramData\LogiShrd [27/10/2017 00:46:25] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [29/09/2017 15:46:33] - |SD| - [15440627416] - C:\ProgramData\Microsoft [08/03/2018 19:05:44] - |D| - [16] - C:\ProgramData\Microsoft Help [27/10/2017 16:33:07] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [27/10/2017 00:46:25] - |SHD| - [0] - C:\ProgramData\Modèles [10/01/2018 11:16:29] - |D| - [87084] - C:\ProgramData\NCH Software [14/11/2017 19:27:15] - |RASH| - [580] - C:\ProgramData\ntuser.pol [27/10/2017 11:33:22] - |D| - [3820190] - C:\ProgramData\NVIDIA [27/10/2017 11:33:07] - |D| - [1090330296] - C:\ProgramData\NVIDIA Corporation [18/11/2017 22:29:28] - |D| - [2492] - C:\ProgramData\Office Genuine Advantage [29/10/2017 18:00:51] - |D| - [244569292] - C:\ProgramData\Oracle [29/10/2017 22:50:35] - |D| - [366056877] - C:\ProgramData\Origin [27/10/2017 15:28:57] - |D| - [973451041] - C:\ProgramData\Package Cache [14/01/2018 23:57:40] - |D| - [32403052] - C:\ProgramData\PopCap Games [29/09/2017 15:46:33] - |D| - [3211] - C:\ProgramData\regid.1991-06.com.microsoft [27/10/2017 16:57:55] - |D| - [7839133] - C:\ProgramData\RivetNetworks [11/05/2018 22:14:35] - |D| - [989780] - C:\ProgramData\RogueKiller [28/04/2018 11:37:13] - |D| - [191814] - C:\ProgramData\Samsung [29/09/2017 15:46:33] - |D| - [0] - C:\ProgramData\SoftwareDistribution [19/11/2017 00:34:53] - |D| - [376] - C:\ProgramData\Solidshield [07/12/2017 23:43:36] - |D| - [4176] - C:\ProgramData\SystemAcCrux [01/12/2017 14:56:41] - |D| - [9101] - C:\ProgramData\Unity [29/09/2017 15:46:33] - |D| - [3512] - C:\ProgramData\USOPrivate [27/10/2017 16:32:22] - |D| - [3174400] - C:\ProgramData\USOShared [25/11/2017 15:19:59] - |D| - [95268] - C:\ProgramData\Visan [30/11/2017 21:55:02] - |D| - [1829967] - C:\ProgramData\Windows App Certification Kit [30/09/2017 16:41:52] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [29/09/2017 15:46:38] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [11/12/2017 19:53:06] - |A| - [2682] - C:\ProgramData\Microsoft\Windows\Start Menu\HP ePrint SW.lnk [30/11/2017 23:44:25] - |D| - [2288] - C:\ProgramData\Microsoft\Windows\Start Menu\Microsoft R Client [27/10/2017 00:46:25] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [29/09/2017 15:46:33] - |RD| - [270691] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [08/03/2018 20:37:53] - |A| - [2472] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk [29/09/2017 15:46:33] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [29/09/2017 15:46:33] - |RD| - [14299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [29/09/2017 15:46:33] - |RD| - [24294] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [30/11/2017 23:06:33] - |D| - [16659] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit) [09/11/2017 09:50:39] - |D| - [3926] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools [21/11/2017 20:07:00] - |A| - [731] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistant Mise à jour de Windows 10.lnk [30/11/2017 17:54:14] - |A| - [1805] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend pour Visual Studio 2017.lnk [20/04/2018 22:27:48] - |D| - [1825] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CASIO [29/10/2017 22:37:49] - |D| - [820] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [27/10/2017 15:31:56] - |D| - [4790] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative [29/09/2017 15:46:38] - |ASH| - [530] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [14/11/2017 13:57:06] - |A| - [951] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk [21/11/2017 21:03:24] - |A| - [1828] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eraser.lnk [08/03/2018 20:37:53] - |A| - [2445] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk [05/02/2018 17:20:24] - |D| - [1748] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client [27/10/2017 16:06:27] - |A| - [2299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [10/01/2018 13:43:48] - |D| - [2979] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios [29/09/2017 15:43:11] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [27/10/2017 15:31:30] - |D| - [5054] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [29/10/2017 18:01:01] - |D| - [6598] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [09/11/2017 09:39:06] - |D| - [2293] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit [07/12/2017 21:16:28] - |D| - [4868] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killer Networking [29/10/2017 17:54:30] - |D| - [988] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [29/09/2017 15:46:33] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [30/11/2017 22:31:04] - |D| - [16845] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Azure [15/11/2017 21:40:32] - |D| - [6887] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories [10/11/2017 00:06:33] - |D| - [780] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft [27/10/2017 13:22:28] - |D| - [23741] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI [21/12/2017 17:00:08] - |D| - [2289] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 3 [08/11/2017 13:37:44] - |D| - [6641] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [08/03/2018 20:37:53] - |A| - [2534] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk [08/03/2018 20:37:53] - |A| - [2445] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk [29/10/2017 23:02:54] - |D| - [2448] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [08/03/2018 20:37:53] - |D| - [18133] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016 [08/03/2018 20:37:53] - |A| - [2433] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk [08/03/2018 20:37:53] - |A| - [2472] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk [08/03/2018 20:37:53] - |A| - [2503] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk [08/03/2018 20:37:53] - |A| - [2395] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk [30/11/2017 22:42:29] - |D| - [6082] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.6 [07/11/2017 22:32:01] - |D| - [1652] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva [11/05/2018 22:14:27] - |D| - [917] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller [28/04/2018 11:37:43] - |D| - [881] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung [29/09/2017 15:46:33] - |RD| - [2530] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [29/10/2017 22:41:47] - |D| - [792] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [29/09/2017 15:46:33] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [15/01/2018 15:32:22] - |A| - [817] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk [11/11/2017 18:41:52] - |A| - [786] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk [01/12/2017 03:04:27] - |D| - [3207] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2017.1.0p5 (64-bit) [10/01/2018 11:16:30] - |A| - [1249] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad - Logiciel de montage vidéo.lnk [08/03/2018 20:37:53] - |A| - [2489] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk [08/11/2017 23:16:26] - |D| - [18174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017 [30/11/2017 17:49:55] - |A| - [1503] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017.lnk [30/11/2017 21:20:06] - |A| - [1355] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk [30/11/2017 21:54:59] - |D| - [13740] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits [27/10/2017 16:28:39] - |A| - [1576] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [22/11/2017 08:25:10] - |D| - [4305] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [08/03/2018 20:37:53] - |A| - [2455] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk [30/11/2017 23:45:53] - |D| - [1243] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xamarin Profiler [30/11/2017 23:45:52] - |D| - [2599] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xamarin Workbooks ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [29/09/2017 15:46:38] - |SH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [07/12/2017 21:16:28] - |A| - [2356] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Control Center.lnk ---------- | C:\Program Files (x86) [09/11/2017 09:44:19] - |D| - [7610522742] - C:\Program Files (x86)\Android [30/11/2017 21:54:59] - |D| - [314561] - C:\Program Files (x86)\Application Verifier [27/10/2017 15:30:30] - |D| - [5559616] - C:\Program Files (x86)\ASM104xUSB3 [09/11/2017 15:52:13] - |D| - [11486068] - C:\Program Files (x86)\Battlelog Web Plugins [11/12/2017 19:53:03] - |D| - [631190] - C:\Program Files (x86)\Bonjour [29/09/2017 15:46:33] - |D| - [161087791] - C:\Program Files (x86)\Common Files [13/01/2018 12:58:54] - |D| - [0] - C:\Program Files (x86)\Convar [27/10/2017 15:31:37] - |D| - [46553183] - C:\Program Files (x86)\Creative [29/09/2017 15:46:37] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [18/01/2018 13:25:37] - |D| - [1634632] - C:\Program Files (x86)\EasyAntiCheat [30/11/2017 22:17:04] - |D| - [109354541] - C:\Program Files (x86)\Entity Framework Tools [27/10/2017 16:06:20] - |D| - [424058972] - C:\Program Files (x86)\Google [21/12/2017 22:49:57] - |D| - [5261154] - C:\Program Files (x86)\GPU-Z [01/12/2017 03:04:34] - |D| - [71525874] - C:\Program Files (x86)\GtkSharp [25/11/2017 15:20:00] - |D| - [1771958] - C:\Program Files (x86)\Hewlett-Packard [25/11/2017 15:19:54] - |D| - [0] - C:\Program Files (x86)\HP [30/11/2017 22:25:23] - |D| - [1182443] - C:\Program Files (x86)\IIS [30/11/2017 22:25:21] - |D| - [18421628] - C:\Program Files (x86)\IIS Express [27/10/2017 15:29:29] - |HD| - [32123486] - C:\Program Files (x86)\InstallShield Installation Information [27/10/2017 15:28:46] - |D| - [89566158] - C:\Program Files (x86)\Intel [29/09/2017 15:46:33] - |D| - [2015807] - C:\Program Files (x86)\Internet Explorer [30/11/2017 23:56:18] - |D| - [415221845] - C:\Program Files (x86)\Java [30/11/2017 23:44:39] - |D| - [4302269] - C:\Program Files (x86)\Microsoft [30/11/2017 23:07:00] - |D| - [199261702] - C:\Program Files (x86)\Microsoft Analysis Services [30/11/2017 21:35:50] - |D| - [1523524209] - C:\Program Files (x86)\Microsoft SDKs [30/11/2017 21:38:49] - |D| - [3982987] - C:\Program Files (x86)\Microsoft SQL Server [27/10/2017 15:31:22] - |D| - [343335] - C:\Program Files (x86)\Microsoft Synchronization Services [30/11/2017 20:37:39] - |D| - [7400491495] - C:\Program Files (x86)\Microsoft Visual Studio [01/12/2017 03:03:13] - |D| - [1047619] - C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity [30/11/2017 22:25:28] - |D| - [790219899] - C:\Program Files (x86)\Microsoft Web Tools [29/09/2017 15:46:33] - |D| - [28485043] - C:\Program Files (x86)\Microsoft.NET [08/11/2017 23:16:25] - |D| - [218491169] - C:\Program Files (x86)\MSBuild [27/10/2017 13:22:26] - |D| - [381698492] - C:\Program Files (x86)\MSI [19/12/2017 11:38:28] - |D| - [51714236] - C:\Program Files (x86)\MSI Afterburner [10/01/2018 11:16:29] - |D| - [21232976] - C:\Program Files (x86)\NCH Software [30/11/2017 20:11:04] - |D| - [236] - C:\Program Files (x86)\NuGet [27/10/2017 11:33:05] - |D| - [492681834] - C:\Program Files (x86)\NVIDIA Corporation [30/11/2017 23:44:39] - |D| - [22095876] - C:\Program Files (x86)\Open XML SDK [13/03/2018 21:42:31] - |D| - [8047124486] - C:\Program Files (x86)\Origin Games [27/10/2017 15:29:29] - |D| - [13452057] - C:\Program Files (x86)\Realtek [08/11/2017 23:16:40] - |D| - [643653804] - C:\Program Files (x86)\Reference Assemblies [30/11/2017 22:40:58] - |D| - [180542] - C:\Program Files (x86)\ShellDir [27/10/2017 15:29:29] - |HD| - [0] - C:\Program Files (x86)\Temp [27/10/2017 16:27:06] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [11/05/2018 18:50:24] - |D| - [1912546] - C:\Program Files (x86)\VulkanRT [29/09/2017 15:46:33] - |D| - [1794312] - C:\Program Files (x86)\Windows Defender [08/11/2017 23:16:40] - |D| - [2516465237] - C:\Program Files (x86)\Windows Kits [29/09/2017 15:46:33] - |D| - [627712] - C:\Program Files (x86)\Windows Mail [30/09/2017 16:40:25] - |D| - [3295175] - C:\Program Files (x86)\Windows Media Player [29/09/2017 15:46:33] - |D| - [42960] - C:\Program Files (x86)\Windows Multimedia Platform [29/09/2017 15:46:33] - |D| - [7569090] - C:\Program Files (x86)\windows nt [30/11/2017 21:55:37] - |D| - [3314504] - C:\Program Files (x86)\Windows Phone Kits [29/09/2017 15:46:33] - |D| - [5358896] - C:\Program Files (x86)\Windows Photo Viewer [29/09/2017 15:46:33] - |D| - [42960] - C:\Program Files (x86)\Windows Portable Devices [29/09/2017 15:46:33] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [29/09/2017 15:46:33] - |D| - [2251143] - C:\Program Files (x86)\WindowsPowerShell [30/11/2017 23:44:40] - |D| - [5392863] - C:\Program Files (x86)\Workflow Manager Tools [30/11/2017 23:44:56] - |D| - [223649016] - C:\Program Files (x86)\Xamarin ---------- | C:\Program Files [30/11/2017 23:01:09] - |D| - [2002902295] - C:\Program Files\Anaconda3 [30/11/2017 21:54:59] - |D| - [357657] - C:\Program Files\Application Verifier [11/12/2017 19:53:03] - |D| - [613987] - C:\Program Files\Bonjour [29/09/2017 15:46:33] - |D| - [177823348] - C:\Program Files\Common Files [29/09/2017 15:46:37] - |ASH| - [174] - C:\Program Files\desktop.ini [30/11/2017 22:24:36] - |D| - [1383450034] - C:\Program Files\dotnet [21/11/2017 21:03:24] - |D| - [5079290] - C:\Program Files\Eraser [27/10/2017 00:46:25] - |SHD| - [0] - C:\Program Files\Fichiers communs [25/11/2017 15:19:54] - |D| - [47276788] - C:\Program Files\HP [30/11/2017 22:25:23] - |D| - [5481155] - C:\Program Files\IIS [30/11/2017 22:25:21] - |D| - [19029372] - C:\Program Files\IIS Express [27/10/2017 15:28:48] - |D| - [31286794] - C:\Program Files\Intel [29/09/2017 15:46:33] - |D| - [2639394] - C:\Program Files\internet explorer [21/12/2017 14:03:22] - |D| - [564880129] - C:\Program Files\ITbrain [29/10/2017 18:00:50] - |D| - [1417962028] - C:\Program Files\Java [07/12/2017 21:12:54] - |D| - [209046238] - C:\Program Files\Killer Networking [29/10/2017 17:54:00] - |D| - [314288097] - C:\Program Files\Logitech Gaming Software [30/11/2017 23:07:15] - |D| - [682273204] - C:\Program Files\Microsoft [30/11/2017 23:07:00] - |D| - [212809158] - C:\Program Files\Microsoft Analysis Services [30/11/2017 22:25:17] - |D| - [13581] - C:\Program Files\Microsoft ASP.NET Core Runtime Package Store [30/11/2017 23:44:37] - |D| - [16243] - C:\Program Files\Microsoft Identity Extensions [30/11/2017 23:07:05] - |D| - [7025353] - C:\Program Files\Microsoft MPI [08/03/2018 19:57:03] - |D| - [3383111635] - C:\Program Files\Microsoft Office [08/03/2018 20:00:43] - |D| - [8982880] - C:\Program Files\Microsoft Office 15 [30/11/2017 22:31:04] - |D| - [93922152] - C:\Program Files\Microsoft SDKs [30/11/2017 18:52:07] - |D| - [237286935] - C:\Program Files\Microsoft SQL Server [27/10/2017 15:31:24] - |D| - [4421503] - C:\Program Files\Microsoft SQL Server Compact Edition [27/10/2017 15:31:24] - |D| - [343335] - C:\Program Files\Microsoft Synchronization Services [15/11/2017 21:40:32] - |D| - [8087955] - C:\Program Files\Microsoft Xbox 360 Accessories [09/11/2017 19:47:59] - |D| - [25757] - C:\Program Files\MSBuild [21/12/2017 17:00:06] - |D| - [43656668] - C:\Program Files\MSI Kombustor 3 [27/10/2017 11:33:05] - |D| - [2328294104] - C:\Program Files\NVIDIA Corporation [30/11/2017 22:41:02] - |D| - [178250020] - C:\Program Files\Python36 [27/10/2017 15:29:39] - |D| - [31473216] - C:\Program Files\Realtek [09/11/2017 19:47:59] - |D| - [39389428] - C:\Program Files\Reference Assemblies [11/05/2018 22:14:25] - |D| - [85399930] - C:\Program Files\RogueKiller [28/04/2018 11:37:24] - |D| - [25825277] - C:\Program Files\Samsung [27/10/2017 00:45:22] - |HD| - [0] - C:\Program Files\Uninstall Information [01/12/2017 03:03:29] - |D| - [1850548933] - C:\Program Files\Unity [30/11/2017 22:32:21] - |D| - [21324] - C:\Program Files\VS2010Schemas [30/11/2017 22:32:21] - |D| - [21324] - C:\Program Files\VS2012Schemas [29/09/2017 15:46:33] - |RD| - [17900385] - C:\Program Files\Windows Defender [30/09/2017 16:41:52] - |D| - [7475296] - C:\Program Files\Windows Defender Advanced Threat Protection [30/11/2017 23:44:38] - |D| - [91625] - C:\Program Files\Windows Identity Foundation [29/09/2017 15:46:33] - |D| - [638976] - C:\Program Files\Windows Mail [30/09/2017 16:40:25] - |D| - [4825067] - C:\Program Files\Windows Media Player [29/09/2017 15:46:33] - |D| - [49680] - C:\Program Files\Windows Multimedia Platform [29/09/2017 15:46:33] - |D| - [7836866] - C:\Program Files\windows nt [29/09/2017 15:46:33] - |D| - [6137656] - C:\Program Files\Windows Photo Viewer [29/09/2017 15:46:33] - |D| - [49688] - C:\Program Files\Windows Portable Devices [29/09/2017 15:46:33] - |D| - [96941] - C:\Program Files\Windows Security [29/09/2017 15:46:33] - |SHD| - [0] - C:\Program Files\Windows Sidebar [29/09/2017 15:46:33] - |HD| - [3441501865] - C:\Program Files\WindowsApps [29/09/2017 15:46:33] - |D| - [2501937] - C:\Program Files\WindowsPowerShell [22/11/2017 08:25:06] - |D| - [6371809] - C:\Program Files\WinRAR ---------- | C:\Program Files (x86)\Common Files [15/11/2017 21:34:01] - |D| - [12954136] - C:\Program Files (x86)\Common Files\BattlEye [30/11/2017 17:54:17] - |D| - [24736] - C:\Program Files (x86)\Common Files\Designer [09/11/2017 15:52:15] - |HD| - [10817491] - C:\Program Files (x86)\Common Files\EAInstaller [27/10/2017 15:31:35] - |D| - [3869727] - C:\Program Files (x86)\Common Files\InstallShield [30/11/2017 21:55:04] - |D| - [2221] - C:\Program Files (x86)\Common Files\Microsoft [29/09/2017 15:46:33] - |D| - [119279093] - C:\Program Files (x86)\Common Files\microsoft shared [28/03/2018 21:05:45] - |D| - [14] - C:\Program Files (x86)\Common Files\Oracle [27/10/2017 15:28:48] - |D| - [204796] - C:\Program Files (x86)\Common Files\PostureAgent [29/09/2017 15:46:33] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [29/10/2017 22:41:47] - |D| - [3951168] - C:\Program Files (x86)\Common Files\Steam [29/09/2017 15:46:33] - |D| - [9981707] - C:\Program Files (x86)\Common Files\system ---------- | C:\Program Files\Common files [15/03/2018 19:24:16] - |D| - [24240] - C:\Program Files\Common files\DESIGNER [29/09/2017 15:46:33] - |D| - [167043115] - C:\Program Files\Common files\microsoft shared [29/09/2017 15:46:33] - |D| - [2702] - C:\Program Files\Common files\Services [29/09/2017 15:46:33] - |D| - [10753291] - C:\Program Files\Common files\system ---------- | Tasks [MD5.3338A5F02F0D65F63BFF819DEA54A8DE] - [27/10/2017 16:29:23] - |AH| - [252] - C:\WINDOWS\Tasks\MSISW_Host.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [27/10/2017 16:29:58] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.A946A052D19A57201F0C83B5CB963BB3] - [29/10/2017 22:37:49] - |A| - [3936] - C:\WINDOWS\System32\Tasks\CCleaner Update : D:\Program Files\CCleaner\CCUpdate.exe [MD5.CC4208A7D9C40C55CD8820AB9EE68952] - [29/10/2017 22:37:49] - |A| - [2854] - C:\WINDOWS\System32\Tasks\CCleanerSkipUAC : "D:\Program Files\CCleaner\CCleaner.exe" [MD5.F82DE33EAEBB9A895AA1CDEA9377880F] - [27/10/2017 16:29:58] - |A| - [3462] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.B1047AC2CDA6F575CF27867D6FBA8F44] - [27/10/2017 16:29:58] - |A| - [3586] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.324C4566108CD01E91C943EBEEC9D74D] - [11/12/2017 19:53:06] - |A| - [3420] - C:\WINDOWS\System32\Tasks\HPEA3JOBS : C:\Program [MD5.00000000000000000000000000000000] - [27/10/2017 16:29:58] - |D| - [3372] - C:\WINDOWS\System32\Tasks\Intel [MD5.00000000000000000000000000000000] - [11/03/2018 17:12:47] - |D| - [0] - C:\WINDOWS\System32\Tasks\MEGA [MD5.00000000000000000000000000000000] - [29/09/2017 15:46:34] - |D| - [543866] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.A438BE8712AF019C94CDB86264CFAEC4] - [21/12/2017 22:27:02] - |A| - [3126] - C:\WINDOWS\System32\Tasks\MSIAfterburner : C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [MD5.82E7DE159B52985597EB4D8300BDE1B0] - [11/05/2018 18:35:48] - |A| - [3190] - C:\WINDOWS\System32\Tasks\MSIGH_Host : C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe [MD5.1001AD0C9E0654BDEF984D31AFDEEB21] - [11/05/2018 18:35:47] - |A| - [3132] - C:\WINDOWS\System32\Tasks\MSIOSDx64_Host : C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe [MD5.75D13771C6BECC87D06ABC092A9464DA] - [11/05/2018 18:35:47] - |A| - [3132] - C:\WINDOWS\System32\Tasks\MSIOSDx86_Host : C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe [MD5.0B8357995BC53148030440E34D583DA6] - [27/10/2017 16:29:58] - |A| - [2148] - C:\WINDOWS\System32\Tasks\MSISW_Host : C:\Windows\SysWOW64\muachost.exe [MD5.00000000000000000000000000000000] - [10/01/2018 11:16:32] - |D| - [0] - C:\WINDOWS\System32\Tasks\NCH Software [MD5.AB1C72547C1A73F34969F9409137ABE1] - [27/03/2018 19:15:17] - |A| - [4088] - C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [MD5.5755F88A29BA594F725660B43E8AADC2] - [08/11/2017 13:37:50] - |A| - [4308] - C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [MD5.09B5EF68C8E4E211CCF3E5B73A11BAEF] - [08/11/2017 13:37:53] - |A| - [4000] - C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe" [MD5.9200A7AEAD4C78C61F5CA9964667C70D] - [08/11/2017 13:37:53] - |A| - [3940] - C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [MD5.B80E3DDF2243F854F376AFC3687FC2AC] - [08/11/2017 13:37:49] - |A| - [3894] - C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.4C1943F7A098FE04B84E9B3BDC3715BF] - [08/11/2017 13:37:49] - |A| - [3654] - C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.2D62DE7DD46269BF68D84A2724403FB5] - [08/11/2017 13:37:49] - |A| - [3858] - C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [MD5.3C29C4CE38B6CDB3B21795AC6A6E6605] - [08/11/2017 13:37:49] - |A| - [3866] - C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [MD5.2B3954E63C4AD2D0E5B6EABA2210B4F0] - [27/10/2017 16:29:58] - |A| - [3360] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2153363518-3719023817-840555237-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.00000000000000000000000000000000] - [17/04/2018 10:16:56] - |D| - [3364] - C:\WINDOWS\System32\Tasks\S-1-5-21-2153363518-3719023817-840555237-1001 [MD5.02EBBE109FEBB04D61E0A272434C450E] - [13/01/2018 12:55:50] - |A| - [4160] - C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B9BC02A7-A609-4DA8-9E10-28A734BAA406} : C:\WINDOWS\system32\msfeedssync.exe [MD5.00000000000000000000000000000000] - [29/09/2017 15:46:34] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "WirelessDisplay-Infra-In-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "WirelessDisplay-Out-UDP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-In-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "Netlogon-TCP-RPC-In"=v2.27|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-NamedPipe-In"=v2.27|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "DeliveryOptimization-UDP-In"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-TCP-In"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "WiFiDirect-KM-Driver-Out-UDP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-UDP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "TCP Query User{5255E673-18CC-4FB8-B62E-B6361A1C49EE}C:\program files\logitech gaming software\lcore.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\logitech gaming software\lcore.exe|Name=Logitech Gaming Framework|Desc=Logitech Gaming Framework|Defer=User| "UDP Query User{CE39EF14-DE05-4142-BE01-B5B2DFD39B0D}C:\program files\logitech gaming software\lcore.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\logitech gaming software\lcore.exe|Name=Logitech Gaming Framework|Desc=Logitech Gaming Framework|Defer=User| "TCP Query User{20CB0E69-039B-474E-A5E0-1D28CB04F754}D:\program files (x86)\origin games\battlefield 4\bf4.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\program files (x86)\origin games\battlefield 4\bf4.exe|Name=Battlefield 4™|Desc=Battlefield 4™|Defer=User| "UDP Query User{149232AD-AD78-4804-B4A7-C0ADAC786835}D:\program files (x86)\origin games\battlefield 4\bf4.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\program files (x86)\origin games\battlefield 4\bf4.exe|Name=Battlefield 4™|Desc=Battlefield 4™|Defer=User| "{3C7684C8-B523-40E5-B51A-86C362AD5316}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Shell Input Application|Desc=Shell Input Application|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-3945102849-3632965805-3846928828-240845225-3300287824-62672950-817265009|EmbedCtxt=Shell Input Application|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{39543218-1048-4AFD-8DDF-D92539857D68}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "UDP Query User{3A6885C7-A0B7-41ED-BDE9-4C768F3C8533}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "TCP Query User{01F0AB4B-7B2B-4668-AC28-37BE339C71AE}D:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe|Name=Need for Speed™ Most Wanted|Desc=Need for Speed™ Most Wanted|Defer=User| "UDP Query User{3260EE6B-E83E-46E5-8C01-2946CBBE9FC7}D:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe|Name=Need for Speed™ Most Wanted|Desc=Need for Speed™ Most Wanted|Defer=User| "{E3D6DC46-C19A-422B-9B14-994F3828CECC}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=MEGA Privacy (beta)|Desc=MEGA Privacy (beta)|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-3687171390-1900577192-3212807322-3516810312-1127569691-2809369145-2561456760|EmbedCtxt=MEGA Privacy (beta)|Platform=2:6:2|Platform2=GTEQ| "{8DDE18AB-9F26-40D6-BDA9-1250E026D410}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=MEGA Privacy (beta)|Desc=MEGA Privacy (beta)|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-3687171390-1900577192-3212807322-3516810312-1127569691-2809369145-2561456760|EmbedCtxt=MEGA Privacy (beta)|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{D724A949-98CA-4B94-980D-ADBA3018873C}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{9800FF6E-2A4A-44FA-AB05-640C434936E4}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{F0AE12B5-FED4-46F1-A2B3-78718CA7C211}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Pay|Desc=Microsoft Pay|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Microsoft Pay|Platform=2:6:2|Platform2=GTEQ| "{C1A15C60-DDA1-48DE-A85A-4268A5E896F3}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{9E0EA2D9-463E-4F8C-9FA0-C4DC3367F040}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{CCA9195F-F5FE-42BB-B2E9-5D7843D4BD6C}C:\program files\logitech gaming software\lcore.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\logitech gaming software\lcore.exe|Name=Logitech Gaming Framework|Desc=Logitech Gaming Framework| "UDP Query User{048DD07C-ADE3-4C20-8337-BB4DE9DF62DE}C:\program files\logitech gaming software\lcore.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\logitech gaming software\lcore.exe|Name=Logitech Gaming Framework|Desc=Logitech Gaming Framework| "{34F19097-1EEB-4663-836B-9504DAC2EC53}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{49BDEB17-5F45-4DC6-9DCA-66D0E9EC5C22}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{B4C7E9A0-3A7A-4ABF-B327-0D23310AAA1D}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=3D Builder|Desc=3D Builder|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-3995430443-3719053022-3339397951-2895237338-2437516106-1575886070-2755610054|EmbedCtxt=3D Builder|Platform=2:6:2|Platform2=GTEQ| "{45F9DBC5-4C4F-4347-BB31-701D4C89F905}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe|Name=Dead Space| "{BC67C1B6-7022-4F17-BD2C-B8261908E9AC}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe|Name=Dead Space| "{F318C988-5857-42E1-9053-993A012FA240}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "{2FE23079-AD60-4A0C-AC68-1AD36151DDED}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\Program Files (x86)\Samsung\SideSync4\SideSync.exe|Name=Samsung SideSync| "{153BC36D-2214-4852-AABB-22133F2EDC14}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\Program Files (x86)\Samsung\SideSync4\SideSync.exe|Name=Samsung SideSync| "TCP Query User{1ED89111-9D16-4184-B73B-84F61057ED69}D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "UDP Query User{3D5EDEBE-0268-48C4-A838-821F66A23EB8}D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "{1C4B7BFB-8C10-4DD1-9E3B-8B9674298A11}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Minecraft for Windows 10|Desc=Minecraft for Windows 10|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-1958404141-86561845-1752920682-3514627264-368642714-62675701-733520436|EmbedCtxt=Minecraft for Windows 10|Platform=2:6:2|Platform2=GTEQ| "{F6867297-B6E5-4264-B830-8891063DC3B9}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Minecraft for Windows 10|Desc=Minecraft for Windows 10|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-1958404141-86561845-1752920682-3514627264-368642714-62675701-733520436|EmbedCtxt=Minecraft for Windows 10|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{BF5C35BB-CB93-4B83-B521-782545EBC40E}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Autodesk SketchBook|Desc=Autodesk SketchBook|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-1047515161-358678321-1182485124-675918906-21415711-1529155774-789380781|EmbedCtxt=Autodesk SketchBook|Platform=2:6:2|Platform2=GTEQ| "{BC747FF4-B9AA-4A79-A9A0-694DF706381F}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Autodesk SketchBook|Desc=Autodesk SketchBook|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-1047515161-358678321-1182485124-675918906-21415711-1529155774-789380781|EmbedCtxt=Autodesk SketchBook|Platform=2:6:2|Platform2=GTEQ| "{2446E31C-5A1E-49D3-B9B2-0C2E268AB6CE}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Keeper - Password Manager & Secure File Storage|Desc=Keeper - Password Manager & Secure File Storage|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-1693445186-3345176799-2248129915-4000651515-812732840-1010160964-1868342332|EmbedCtxt=Keeper - Password Manager & Secure File Storage|Platform=2:6:2|Platform2=GTEQ| "{5E9212F9-CC75-476B-A2F1-863C0F6EF60E}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Keeper - Password Manager & Secure File Storage|Desc=Keeper - Password Manager & Secure File Storage|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-1693445186-3345176799-2248129915-4000651515-812732840-1010160964-1868342332|EmbedCtxt=Keeper - Password Manager & Secure File Storage|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{156590BD-5DD4-4002-8D62-0CFE2411DE62}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{A278AB0D.MarchofEmpires_3.2.0.9_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|Desc=@{A278AB0D.MarchofEmpires_3.2.0.9_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-792116756-2163651165-1029707900-2144380252-3717869303-3061844081-355238664|EmbedCtxt=@{A278AB0D.MarchofEmpires_3.2.0.9_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|Platform=2:6:2|Platform2=GTEQ| "{5465421A-A2A3-4E7D-9207-EC0D0EFE8D6D}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{A278AB0D.MarchofEmpires_3.2.0.9_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|Desc=@{A278AB0D.MarchofEmpires_3.2.0.9_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-792116756-2163651165-1029707900-2144380252-3717869303-3061844081-355238664|EmbedCtxt=@{A278AB0D.MarchofEmpires_3.2.0.9_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|Platform=2:6:2|Platform2=GTEQ| "{BEE8A7B7-3FA7-4677-95F5-ACFE3915018A}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{king.com.BubbleWitch3Saga_4.5.5.0_x86__kgqvnymyfvs32?ms-resource://king.com.BubbleWitch3Saga/Resources/AppName}|Desc=@{king.com.BubbleWitch3Saga_4.5.5.0_x86__kgqvnymyfvs32?ms-resource://king.com.BubbleWitch3Saga/Resources/AppName}|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-2480992608-1527340332-3131305588-448447103-1026586663-3117074242-2125591980|EmbedCtxt=@{king.com.BubbleWitch3Saga_4.5.5.0_x86__kgqvnymyfvs32?ms-resource://king.com.BubbleWitch3Saga/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{91B9B66D-02D6-4A77-96D8-FA79294E66C0}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{F65B6F5E-6BEA-45F8-B7B6-62E72A53E98B}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{9C3BB873-269C-47B8-A141-CEB076D61B6B}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=HP Smart|Desc=HP Smart|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-744533573-2444454674-265863901-3215465728-4115286053-1341080355-789689510|EmbedCtxt=HP Smart|Platform=2:6:2|Platform2=GTEQ| "{1ADCC724-55EE-44BC-B364-51E656D02DCC}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=HP Smart|Desc=HP Smart|LUOwn=S-1-5-21-2153363518-3719023817-840555237-1001|AppPkgId=S-1-15-2-744533573-2444454674-265863901-3215465728-4115286053-1341080355-789689510|EmbedCtxt=HP Smart|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{D702F436-A009-4853-A3D3-ABF4026138AB}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=26789|Name=Gaming APP Server| "TCP Query User{D836A33E-009D-45FE-99E8-1D01655CB17D}D:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win64\paladins.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win64\paladins.exe|Name=paladins|Desc=paladins|Defer=User| "UDP Query User{8EF4C31B-301C-444F-B9B1-ACB307C3AD86}D:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win64\paladins.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win64\paladins.exe|Name=paladins|Desc=paladins|Defer=User| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{091BC97E-2352-4362-A539-10A6D8FF7596}] : (RDPDR) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2EA9B43F-3045-43B5-80F2-FD06C55FBB90}] : (vhdmp) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3f966bd9-fa04-4ec5-991c-d326973b5128}] : (AndroidUsbDeviceClass) [] -> @oem11.inf,%ClassName%;SAMSUNG Android Phone [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b91b7968-6435-4966-8928-79bf082e3e30}] : (Logitech LCDs) [] -> @oem14.inf,%LGLCD%;Logitech LCDs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras [HKLM\SYSTEM\CurrentControlSet\Control\Class\{CC41EBA2-AB57-4F4E-8C3D-1BC33B1E74E3}] : (RDPDR) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{dd18574c-b785-4e3c-a74f-8bc4990d790b}] : (USBKCXTRLER) [] -> @oem1.inf,%USBKCXTRLER%;Universal Serial Bus Keyboard Controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e24e7a3c-87cd-4ac9-b426-eec8521b7710}] : (LGWinUSB) [] -> @oem20.inf,%DEVICEMANAGERCATEGORY%;Logitech USB Gaming Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ffb1c341-4539-11d3-b88d-00c04fad5172}] : (RAMDriv) [] -> @oem26.inf,%ClassName%;RAM Drive [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [13/01/2018 12:53:18] - (2.0.18.79) - (EldoS Corporation - RawDisk Driver. Allows write access to files and raw disk sectors for user mode applications in Windows 2000, XP, 2003, Vista, 2008.) - C:\WINDOWS\system32\drivers\rsdrvx64.sys [11/05/2018 18:47:39] - (24.21.13.9764) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 397.64) - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_38c9bee769f9ef1f\nvlddmkm.sys [27/05/2014 12:21:08] - (1.1.0.0) - ( - Intel(R) Smart Connect Technology Device Driver) - C:\WINDOWS\System32\drivers\ISCTD.sys [08/11/2017 13:35:29] - (4.4.0.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\WINDOWS\system32\drivers\nvvad64v.sys [08/11/2017 13:35:30] - (202.0.0.0) - (NVIDIA Corporation - Virtual USB Host Controller driver) - C:\WINDOWS\System32\drivers\nvvhci.sys [06/11/2017 19:03:33] - (1.0.2014.217) - (FINTEK Corp. - FINTEK Corp. FitGpBus Device Driver) - C:\WINDOWS\system32\drivers\I2cHkBurn.sys [09/10/2017 11:14:10] - (1.3.37.1) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\WINDOWS\system32\drivers\nvhda64v.sys [29/10/2017 23:23:06] - (6.10.0.8) - (Creative Technology Ltd. - Creative Audio Driver) - C:\WINDOWS\system32\drivers\MBfilt64.sys [27/05/2014 12:21:08] - (0.0.0.0) - ( -) - C:\WINDOWS\system32\DRIVERS\imsevent.sys [27/05/2014 12:21:04] - (0.0.0.0) - ( -) - C:\WINDOWS\system32\DRIVERS\ikbevent.sys [12/01/2018 15:27:18] - (5.3.2.15) - (Micro-Star Int'l Co., Ltd. - RAMDisk Driver (x64)) - C:\WINDOWS\system32\DRIVERS\ramdriv.sys [30/11/2017 17:51:36] - (7.5.1.20) - (Rivet Networks, LLC. - RN Traffic Control Callout Driver) - C:\WINDOWS\system32\DRIVERS\RfeCo10X64.sys [27/10/2017 15:30:59] - (1.0.0.0) - (MSI - NTIOLib for MSIDDR_CC) - C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [27/10/2017 15:31:07] - (1.0.0.0) - (MSI - NTIOLib For NTIOLib_ECO) - C:\Program Files (x86)\MSI\ECO Center\NTIOLib_X64.sys [27/10/2017 16:05:27] - (2.0.0.4) - (MSI - NTIOLib_FastBoot Driver) - C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [28/11/2017 21:15:48] - (0.0.0.0) - ( -) - C:\WINDOWS\System32\Drivers\INETMON.sys [27/08/2017 16:44:40] - (0.0.0.0) - ( -) - C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [28/04/2018 11:37:25] - (2.12.4.0) - (Samsung Electronics Co., Ltd. - SAMSUNG USB Composite Device Driver) - C:\WINDOWS\system32\DRIVERS\ssudbus.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - bttflt (@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter) -> System32\drivers\bttflt.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - cht4iscsi () -> System32\drivers\cht4sx64.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Disk (@disk.inf,%disk_ServiceDesc%;Pilote de disque) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorAV (@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows) -> System32\drivers\iaStorAV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-101) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - MsSecFlt (@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001) -> system32\drivers\mssecflt.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;Pilote de bus PCI) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> system32\DRIVERS\ramdisk.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> system32\drivers\wd\WdBoot.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> system32\drivers\wd\WdFilter.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - bam (@%SystemRoot%\system32\drivers\bam.sys,-100) -> system32\drivers\bam.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - CSC (@%systemroot%\system32\cscsvc.dll,-202) -> system32\drivers\csc.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ElRawDisk (ElRawDisk) -> \??\C:\WINDOWS\system32\drivers\rsdrvx64.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - MpKsl723fea4e () -> \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B161C376-84D6-415D-AFE7-A1469331EB2B}\MpKsl723fea4e.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> system32\drivers\cldflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - IntelHaxm (Intel HAXM Service) -> \SystemRoot\system32\DRIVERS\IntelHaxm.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - iocbios2 (iocbios2) -> \??\C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - LGCoreTemp (Logitech CPU Core Tempurature) -> \??\C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - RAMDriv (@oem26.inf,%DiskServiceDesc%;MSI RAMDrive) -> \SystemRoot\system32\DRIVERS\ramdriv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - RfeCoSvc (RfeCoSvc) -> \SystemRoot\system32\DRIVERS\RfeCo10X64.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) [MD5.303DD964E6F49E661F7A4AF839B0ED29] - [12/01/2018 15:27:18] - (.Copyright (C) Qualitative Software [QSoft] - RAMDisk Driver (x64).) - [84.9 Ko] - (5.3.2.15) - C:\WINDOWS\Syswow64\Drivers\RAMDriv.sys ---------- | Uninstall (Whitelist) [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Python 3.6.1 (Anaconda3 4.4.0 64-bit)] : (Python 3.6.1 (Anaconda3 4.4.0 64-bit).-.Continuum Analytics, Inc.) -> "C:\Program Files\\Anaconda3\Uninstall-Anaconda.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{16311D0B-D57C-46F8-AE64-9D4D44227271}] : (HP ePrint SW.-.HP Inc.) -> MsiExec.exe /I{16311D0B-D57C-46F8-AE64-9D4D44227271} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1D2E9660-8DD7-4830-AFA6-5EC160F37A4E}] : (Python 3.6.2 Standard Library (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{1D2E9660-8DD7-4830-AFA6-5EC160F37A4E} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1FDAF764-0447-4E62-9FE6-56E7B906552A}] : (Killer Performance Driver Suite.-.Rivet Networks) -> MsiExec.exe /X{1FDAF764-0447-4E62-9FE6-56E7B906552A} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{22676F90-06C7-4DC0-96C2-FAE79AB306F4}] : (Intel® Hardware Accelerated Execution Manager.-.Intel Corporation) -> MsiExec.exe /X{22676F90-06C7-4DC0-96C2-FAE79AB306F4} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F64180161F0}] : (Java 8 Update 161 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180161F0} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{27B26342-82FB-4CA4-9ADB-D09982631CB0}] : (Python 3.6.2 Tcl/Tk Support (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{27B26342-82FB-4CA4-9ADB-D09982631CB0} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{28AC6C7B-38C1-4723-9E72-52FD1AD415C7}] : (Python 3.6.2 Standard Library (64-bit symbols).-.Python Software Foundation) -> MsiExec.exe /I{28AC6C7B-38C1-4723-9E72-52FD1AD415C7} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4C246A91-6BAE-450E-BDEA-70D01663DF43}] : (HP ePrint SW.-.HP Inc.) -> MsiExec.exe /I{4C246A91-6BAE-450E-BDEA-70D01663DF43} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4FF902DF-D960-4A78-9C04-9D8E1CC33149}] : (Python 3.6.2 pip Bootstrap (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{4FF902DF-D960-4A78-9C04-9D8E1CC33149} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{55398EAC-F58E-4F19-B553-BDF8B9EFD839}] : (Intel(R) Chipset Device Software.-.Intel Corporation) -> MsiExec.exe /I{55398EAC-F58E-4F19-B553-BDF8B9EFD839} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{564A1AEB-44AC-5E04-A56D-B296D9865A66}] : (Java(TM) SE Development Kit 10 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{564A1AEB-44AC-5E04-A56D-B296D9865A66} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{64A3A4F4-B792-11D6-A78A-00B0D0180131}] : (Java SE Development Kit 8 Update 131 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{64A3A4F4-B792-11D6-A78A-00B0D0180131} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{66C5838F-B854-4A55-89E6-A6138747A4DF}] : (Epic Games Launcher Prerequisites (x64).-.Epic Games, Inc.) -> MsiExec.exe /X{66C5838F-B854-4A55-89E6-A6138747A4DF} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6A3DE09C-615D-4D3D-9087-EDED261BC0E6}] : (Killer Drivers.-.Rivet Networks) -> MsiExec.exe /X{6A3DE09C-615D-4D3D-9087-EDED261BC0E6} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}] : (Bonjour.-.Apple Inc.) -> MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{749C57BE-1822-465B-8332-9CBE341B83DA}] : (Python 3.6.2 Test Suite (64-bit symbols).-.Python Software Foundation) -> MsiExec.exe /I{749C57BE-1822-465B-8332-9CBE341B83DA} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{78525DEA-1E62-429B-9CA4-A78F899A9F29}] : (HP ePrint SW.-.HP Inc.) -> MsiExec.exe /I{78525DEA-1E62-429B-9CA4-A78F899A9F29} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7D84E343-A23D-451C-B123-0195B2D903A6}] : (Intel® Trusted Connect Service Client.-.Intel Corporation) -> MsiExec.exe /I{7D84E343-A23D-451C-B123-0195B2D903A6} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7EC331E8-5683-4B2B-A22B-5925DBE5E06E}] : (Python 3.6.2 Development Libraries (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{7EC331E8-5683-4B2B-A22B-5925DBE5E06E} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{907B8BA6-C91D-4A8E-8237-828BFAB77C63}] : (Python 3.6.2 Utility Scripts (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{907B8BA6-C91D-4A8E-8237-828BFAB77C63} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90A9D089-DB6E-48DC-9EEC-7F2229B2DFF0}] : (Python 3.6.2 Executables (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{90A9D089-DB6E-48DC-9EEC-7F2229B2DFF0} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{945357E1-6DEF-4AFF-A850-436BCB4436F6}] : (Python 3.6.2 Core Interpreter (64-bit symbols).-.Python Software Foundation) -> MsiExec.exe /I{945357E1-6DEF-4AFF-A850-436BCB4436F6} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{978543A0-731D-4BEF-9CB6-9835B1DFFB33}] : (Python 3.6.2 Documentation (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{978543A0-731D-4BEF-9CB6-9835B1DFFB33} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9B506A0E-10D4-4B1D-AE7A-CADDDAF73F39}] : (Python 3.6.2 Tcl/Tk Support (64-bit symbols).-.Python Software Foundation) -> MsiExec.exe /I{9B506A0E-10D4-4B1D-AE7A-CADDDAF73F39} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9EE8E58D-3021-40C5-8FBB-BF3A91A0B44D}] : (Python 3.6.2 Test Suite (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{9EE8E58D-3021-40C5-8FBB-BF3A91A0B44D} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2CFD444-5088-4ECC-A1F1-28620C082C36}] : (HP ePrint SW.-.HP Inc.) -> MsiExec.exe /I{B2CFD444-5088-4ECC-A1F1-28620C082C36} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel] : (NVIDIA Ansel.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 397.64.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus] : (NVIDIA Optimus Update 31.1.10.0.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (Mises à jour NVIDIA 31.1.10.0.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer] : (DisplayDriverAnalyzer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (NVIDIA SHIELD Streaming.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend] : (NVIDIA Backend.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer] : (NVIDIA Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHelper] : (NVIDIA TelemetryApi helper for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem] : (NVIDIA LocalSystem Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus] : (NVIDIA Message Bus for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService] : (NVIDIA NetworkService Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session] : (NVIDIA Session Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User] : (NVIDIA User Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer] : (NVIDIA Display Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS] : (NVIDIA Display Container LS.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog] : (NVIDIA Display Watchdog Plugin.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer] : (NVIDIA Display Session Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs] : (NVIDIA NodeJS.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog] : (NVIDIA Watchdog Plugin for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry] : (NVIDIA Telemetry Client.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer] : (NVIDIA Telemetry Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci] : (NVIDIA Virtual Host Controller.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC] : (Nvidia Share.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 3.13.1.30.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (NVIDIA SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 4.04.0.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BF46D11E-638D-4254-A7BD-E9B355C4ECEA}] : (Intel(R) Smart Connect Technology.-.Intel Corporation) -> MsiExec.exe /I{BF46D11E-638D-4254-A7BD-E9B355C4ECEA} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BFACB3F5-7091-429E-A6A9-59C0696B710E}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{BFACB3F5-7091-429E-A6A9-59C0696B710E} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C5900DE9-D199-4C27-B692-354C9A6A6C8B}] : (Eraser 6.2.0.2979.-.The Eraser Project) -> MsiExec.exe /I{C5900DE9-D199-4C27-B692-354C9A6A6C8B} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CCCB484E-79D5-4398-9377-CA6EEB6B53AE}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{CCCB484E-79D5-4398-9377-CA6EEB6B53AE} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D3CF3208-359F-43D5-934A-C8F0C041441D}] : (Python 3.6.2 Executables (64-bit symbols).-.Python Software Foundation) -> MsiExec.exe /I{D3CF3208-359F-43D5-934A-C8F0C041441D} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DBBB1BBC-A398-4262-9C25-D7A6E9B06841}] : (Python 3.6.2 Core Interpreter (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{DBBB1BBC-A398-4262-9C25-D7A6E9B06841} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DF17C0DB-76D8-4A45-B26E-674F8455B803}] : (Intel(R) ME UninstallLegacy.-.Intel Corporation) -> MsiExec.exe /I{DF17C0DB-76D8-4A45-B26E-674F8455B803} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E9726856-DB00-5543-B792-70AFD18EA482}] : (Java 10 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{E9726856-DB00-5543-B792-70AFD18EA482} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Sound Blaster Cinema 2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Unity] : (Unity.-.Unity Technologies ApS) -> C:\Program Files\Unity\Editor\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0B988985-38C9-4DD4-9835-5AC17EEC26F7}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1] : (MSI Fast Boot.-.MSI) -> "C:\Program Files (x86)\MSI\Fast Boot\unins001.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}] : (Minecraft.-.Mojang) -> MsiExec.exe /X{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1CEAC85D-2590-4760-800F-8DE5E91F3700}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1E55202F-4D31-498A-8F72-97DCBA9F2866}_is1] : (MSI ECO Center.-.MSI) -> "C:\Program Files (x86)\MSI\ECO Center\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2636F1E4-2BC5-4B19-BFFD-A08F72598309}] : (Python Launcher.-.Python Software Foundation) -> MsiExec.exe /X{2636F1E4-2BC5-4B19-BFFD-A08F72598309} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{32A3A4F4-B792-11D6-A78A-00B0D0180131}] : (Java SE Development Kit 8 Update 131.-.Oracle Corporation) -> MsiExec.exe /X{32A3A4F4-B792-11D6-A78A-00B0D0180131} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{32B2DF61-DE93-4AF9-A7A6-79B03299A0AA}] : (Xamarin.Bonjour v1.0.13.-.Xamarin) -> MsiExec.exe /I{32B2DF61-DE93-4AF9-A7A6-79B03299A0AA} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3D00C669-D447-4A04-AFDA-25E9E76E7873}] : (HP ePrint SW.-.HP Inc.) -> MsiExec.exe /I{3D00C669-D447-4A04-AFDA-25E9E76E7873} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4B230374-6475-4A73-BA6E-41015E9C5013}] : (Intel® Security Assist.-.Intel Corporation) -> MsiExec.exe /I{4B230374-6475-4A73-BA6E-41015E9C5013} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4C9771FB-6EB6-4E89-A2BE-BDE8B61C1BEC}] : (Xamarin Workbooks and Inspector.-.Xamarin) -> MsiExec.exe /X{4C9771FB-6EB6-4E89-A2BE-BDE8B61C1BEC} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4E08CC97-912D-458B-8705-9A14C325532F}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1] : (MSI Live Update 6.-.MSI) -> "C:\Program Files (x86)\MSI\Live Update\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{59649835-21FD-4523-9AB0-9E67ED77F0CA}] : (HP ePrint SW.-.HP Inc.) -> MsiExec.exe /I{59649835-21FD-4523-9AB0-9E67ED77F0CA} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5E6844AB-A867-419C-A376-B12B574AA5F7}] : (Xamarin PCL Profiles v1.0.9.-.Xamarin) -> MsiExec.exe /I{5E6844AB-A867-419C-A376-B12B574AA5F7} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65B7E0C3-A276-4765-8408-90AEA4DFE40F}] : (Xamarin Profiler.-.Xamarin, Inc.) -> MsiExec.exe /X{65B7E0C3-A276-4765-8408-90AEA4DFE40F} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{79E98F35-0524-446C-8EF5-4E863C4D87E2}] : (Intel Extreme Tuning Utility.-.Intel Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1] : (MSI Super Charger.-.MSI) -> "C:\Program Files (x86)\MSI\Super Charger\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7DB3B70A-1CEE-4744-B272-FA5E79E19C39}] : (Epic Games Launcher.-.Epic Games, Inc.) -> MsiExec.exe /X{7DB3B70A-1CEE-4744-B272-FA5E79E19C39} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}] : (Need for Speed(TM) Hot Pursuit.-.Electronic Arts) -> MsiExec.exe /X{83A606F5-BF6F-42ED-9F33-B9F74297CDED} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9D19C9E8-92C7-4825-AD7C-E0D25BE7A6ED}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}] : (Gtk# for .Net 2.12.26.-.Xamarin, Inc.) -> MsiExec.exe /X{BC25B808-A11C-4C9F-9C0A-6682E47AAB83} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CB2452BE-9749-41C9-96EB-9226E5EA1F65}] : (Xamarin Remoted iOS Simulator.-.Xamarin) -> MsiExec.exe /X{CB2452BE-9749-41C9-96EB-9226E5EA1F65} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1] : (MSI Smart Tool.-.MSI) -> "C:\Program Files (x86)\MSI\Smart Tool\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1] : (MSI Gaming APP.-.MSI) -> "C:\Program Files (x86)\MSI\Gaming APP\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}] : (Asmedia USB Host Controller Driver.-.Asmedia Technology) -> MsiExec.exe /X{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FB47E710-6249-4EFA-BE36-E922B0612AF4}] : (CASIO FA-124.-.CASIO COMPUTER CO., LTD.) -> MsiExec.exe /X{FB47E710-6249-4EFA-BE36-E922B0612AF4} ---------- | Ports ---------- | Installer [HKCR\Installer\Products\00006109C80000000100000000F01FEC] : Office 16 Click-to-Run Extensibility Component [HKCR\Installer\Products\00006109C800C0400100000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109E70000000100000000F01FEC] : Office 16 Click-to-Run Licensing Component [HKCR\Installer\Products\017E74BF9426AFE4EB639E220B16A24F] : CASIO FA-124 -> C:\WINDOWS\Installer\{FB47E710-6249-4EFA-BE36-E922B0612AF4}\ARPPRODUCTICON.exe [HKCR\Installer\Products\01DF74040108A3541A01AEC27F51199B] : vs_codecoveragemsi [HKCR\Installer\Products\03CCD45AAE1E21947A9FC6A5A31FBFA3] : IIS 10.0 Express -> C:\WINDOWS\Installer\{A54DCC30-E1EA-4912-A7F9-6C5A3AF1FB3A}\Icon_IisExpress [HKCR\Installer\Products\04137CB66BC3A6843805FB535FE4AF91] : icecap_collection_x64 [HKCR\Installer\Products\0669E2D17DD80384FA6AE51C063FA7E4] : Python 3.6.2 Standard Library (64-bit) [HKCR\Installer\Products\08198CFF77A966015CF55ACD04BCA812] : Windows SDK for Windows Store Apps DirectX x86 Remote [HKCR\Installer\Products\09F676227C600CD4692CAF7EA93B604F] : Intel® Hardware Accelerated Execution Manager -> C:\WINDOWS\Installer\{22676F90-06C7-4DC0-96C2-FAE79AB306F4}\arp_icon [HKCR\Installer\Products\0A345879D137FEB4C96B89531BFDBF33] : Python 3.6.2 Documentation (64-bit) [HKCR\Installer\Products\0A8171E34A5EBE408EC5FD4997F0CC4F] : WinRT Intellisense Desktop - en-us [HKCR\Installer\Products\0CA03602324B922233990A5B82C53B52] : Windows SDK Desktop Headers x64 [HKCR\Installer\Products\0DB2FEDD827F40D40A585BCA9CDA3C11] : vs_filehandler_amd64 [HKCR\Installer\Products\1056F5E8C22B2B437CE02D27C7E9A42D] : Windows Desktop Extension SDK [HKCR\Installer\Products\10CD803F9BAF8CC4DADAD247DA68A9EA] : Workflow Manager Tools 1.0 for Visual Studio -> C:\WINDOWS\Installer\{F308DC01-FAB9-4CC8-ADAD-2D74AD869AAE}\ARPIcon [HKCR\Installer\Products\13E4BE2893D9F6A3B90EF9460CF025C8] : Visual C++ Library CRT ARM64 Appx Package [HKCR\Installer\Products\1418DB3CA23141D32BD47FF6A65DB087] : Visual C++ Library CRT Desktop Appx Package [HKCR\Installer\Products\155386464A364154CB441273732F3BC8] : Windows Mobile Connectivity Tools 10.0.15063.0 - Desktop x86 [HKCR\Installer\Products\15E8605773C73004482C6C47168C6DA0] : VS JIT Debugger [HKCR\Installer\Products\16FD2B2339ED9FA47A6A970B23990AAA] : Xamarin.Bonjour v1.0.13 [HKCR\Installer\Products\1713DD7D85AD1A25592B7496468055FA] : WinRT Intellisense Desktop - Other Languages [HKCR\Installer\Products\1761C7D2D3F67AA2AD3A199CB6069B91] : Application Verifier x64 External Package [HKCR\Installer\Products\19A642C4EAB6E054DBAE070D6136FD34] : HP ePrint SW [HKCR\Installer\Products\1AEC162DD8BAAFC94470CBFE7C6816CA] : Universal General MIDI DLS Extension SDK [HKCR\Installer\Products\1D12E230F6556D945981FC3502A26FB3] : vs_tipsmsi [HKCR\Installer\Products\1E753549FED6FFA48A0534B6BC44636F] : Python 3.6.2 Core Interpreter (64-bit symbols) [HKCR\Installer\Products\24362B72BF284AC4A9BD0D992836C10B] : Python 3.6.2 Tcl/Tk Support (64-bit) [HKCR\Installer\Products\25B7E1E9A3A062A11AECDAC6C82C099A] : Windows SDK for Windows Store Apps Libs [HKCR\Installer\Products\2624EE2725EAE14A6AA5AB221B148636] : Windows SDK for Windows Store Apps Metadata [HKCR\Installer\Products\28B7B859C108CC42B19DC294E9EF3D90] : Windows SDK for Windows Store Managed Apps Libs [HKCR\Installer\Products\2ACAC379810EB56050082F8784202E99] : MSI Development Tools [HKCR\Installer\Products\2AF6EADF1EB85684782AAC116C1CC53B] : Visual F# 4.1 SDK [HKCR\Installer\Products\2B0163E6D0340BE4183EB2758E9BEDD8] : Bonjour -> C:\WINDOWS\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\Bonjour.ico [HKCR\Installer\Products\2B06706A38FE6BE1CBE89B7ACE193D6D] : Windows SDK DirectX x64 Remote [HKCR\Installer\Products\2C2B173FED453844686702C2FB1CD0DD] : IntelliTraceProfilerProxy [HKCR\Installer\Products\3022CB47277D0261EDD90AA2B418FAC4] : Windows SDK EULA [HKCR\Installer\Products\30A2770D2CF702B4CAF12B8792A99A7C] : vs_minshellinteropmsi [HKCR\Installer\Products\319BF0E667E05B440B4DB2177A89B42D] : vs_enterprisemsi [HKCR\Installer\Products\343E48D7D32AC1541B3210592B9D306A] : Intel® Trusted Connect Service Client [HKCR\Installer\Products\3839B67F77A5A84C999E1D459AC161B8] : Windows SDK Modern Versioned Developer Tools [HKCR\Installer\Products\38FEB9D044D4ACB553F370ABA061AC64] : Windows App Certification Kit x64 [HKCR\Installer\Products\3ACB61C11CBE6F946832F8FB9BCC8C27] : Minecraft -> C:\WINDOWS\Installer\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}\minecraft.ico [HKCR\Installer\Products\3BDB3F7ED76DEBE2ADE7D28ED4AD2107] : Windows SDK Facade Windows WinMD Versioned [HKCR\Installer\Products\3C0E7B56672A5674488009EA4AFD4EF0] : Xamarin Profiler -> C:\WINDOWS\Installer\{65B7E0C3-A276-4765-8408-90AEA4DFE40F}\xamarinprofiler.ico [HKCR\Installer\Products\3C9301DFB822BB3428A0CAEA5D089A5D] : VS Immersive Activate Helper [HKCR\Installer\Products\3D9686FDFDD71F242919F6CBBE53C79E] : Windows Mobile Extension SDK 10.0.15063.0 - ARM [HKCR\Installer\Products\3F6DF3589CB0A41489B609FE35D8AB1A] : vs_minshellmsires [HKCR\Installer\Products\4099D1293132F730134B6DB299882E63] : Windows SDK [HKCR\Installer\Products\42EF6E3B4E4A454005408D3ACC9C0B6F] : WinRT Intellisense IoT - en-us [HKCR\Installer\Products\4318A9FE08FD8A6458FAF7DBE148C821] : VS WCF Debugging [HKCR\Installer\Products\444DFC2B8805CCE41A1F8226C080C263] : HP ePrint SW [HKCR\Installer\Products\46304D1C8C8874B4192BAC1064DE3039] : Active Directory Authentication Library pour SQL Server -> C:\WINDOWS\Installer\{C1D40364-88C8-4B47-91B2-CA0146ED0393}\ARPIco [HKCR\Installer\Products\467FADF1744026E4F96E657E9B6055A2] : Killer Performance Driver Suite -> C:\WINDOWS\Installer\{1FDAF764-0447-4E62-9FE6-56E7B906552A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\46BA6A7DC5E92E5E458356F5D76374D5] : Windows Mobile Extension SDK Contracts [HKCR\Installer\Products\473032B4574637A4ABE61410E5C90531] : Intel® Security Assist -> C:\Windows\Installer\{4B230374-6475-4A73-BA6E-41015E9C5013}\isa.ico [HKCR\Installer\Products\474A414E78A066F44C904A9D58C7DF43] : WinRT Intellisense IoT - Other Languages [HKCR\Installer\Products\4AFD8B44D59427996F3655B7B10CBC17] : Windows Desktop Extension SDK Contracts [HKCR\Installer\Products\4B3D61640F5BFBCE647130549C556094] : Windows SDK Desktop Headers x86 [HKCR\Installer\Products\4E1F63625CB291B4FBDF0AF827953890] : Python Launcher -> C:\WINDOWS\Installer\{2636F1E4-2BC5-4B19-BFFD-A08F72598309}\ARPIcon [HKCR\Installer\Products\4EA42A62D9304AC4784BF2468110160F] : Java 8 Update 161 (64-bit) -> C:\Program Files\Java\jre1.8.0_161\\bin\javaws.exe [HKCR\Installer\Products\4F4A3A23297B6D117AA8000B0D811013] : Java SE Development Kit 8 Update 131 -> C:\Program Files (x86)\Java\jdk1.8.0_131\\bin\javaws.exe [HKCR\Installer\Products\4F4A3A46297B6D117AA8000B0D811013] : Java SE Development Kit 8 Update 131 (64-bit) -> C:\Program Files\Java\jdk1.8.0_131\\bin\javaws.exe [HKCR\Installer\Products\50AC99852776CE5924160AE9E50EBF2F] : Windows IoT Extension SDK [HKCR\Installer\Products\5353159798F60F555EF0D565C3D4AE7F] : Windows SDK Modern Versioned Developer Tools [HKCR\Installer\Products\53894695DF123254A90BE976DE770FAC] : HP ePrint SW [HKCR\Installer\Products\53F89E974250C644E85FE468C3D4782E] : Intel Extreme Tuning Utility -> C:\Windows\Installer\{79E98F35-0524-446C-8EF5-4E863C4D87E2}\arp_icon.ico [HKCR\Installer\Products\55F1E431BC017384F9348C419533AAE3] : vs_Graphics_Singletonx64 [HKCR\Installer\Products\560764CB47395435ADF3CF0F3703A452] : WinRT Intellisense UAP - Other Languages [HKCR\Installer\Products\561CEC5BF1F28434733ABB13AD09DB86] : Windows SDK for Windows Store Apps [HKCR\Installer\Products\5C4B937BCEEE07E82067834C77A93F89] : Universal CRT Headers Libraries and Sources [HKCR\Installer\Products\5C4E5018E973317FA8D4412A13A7A7EB] : Windows SDK Desktop Tools x64 [HKCR\Installer\Products\5F3BCAFB1907E9246A9A950C96B617E0] : Intel(R) Management Engine Components [HKCR\Installer\Products\5F606A38F6FBDE24F9339B7F2479DCDE] : Need for Speed(TM) Hot Pursuit [HKCR\Installer\Products\609C1F3F943952B1630856102581DB99] : WinRT Intellisense UAP - en-us [HKCR\Installer\Products\60B55566474A89F49A4D7D355EBEBA8E] : vs_minshellmsi [HKCR\Installer\Products\61A94235BE7794140B6BF0A6409CC72E] : Windows Simulator [HKCR\Installer\Products\6220B22C4C0A379B0CFB423A6DB6C8E3] : WinRT Intellisense PPI - Other Languages [HKCR\Installer\Products\629E5CCA5DC57F54786E21CF7E703546] : windows_toolscorepkg [HKCR\Installer\Products\63053DA117E083C14E8F416FDE57AE89] : WinAppDeploy [HKCR\Installer\Products\64A20FB50823275479609FD042F9BEB9] : Visual F# 4.1 SDK [HKCR\Installer\Products\6586279E00BD34557B2907FA1DE84A28] : Java 10 (64-bit) -> C:\Program Files\Java\jre-10\\bin\javaws.exe [HKCR\Installer\Products\65B1DE9A918341B49A9298DDE3612E61] : VS Script Debugging Common [HKCR\Installer\Products\65EC0961132295E409600A78D649E98A] : Tools for .Net 3.5 [HKCR\Installer\Products\660BD559310D3F3409C8BC8C153E4DFF] : Intellisense Lang Pack Mobile Extension SDK 10.0.15063.0 [HKCR\Installer\Products\66AA653C7D6C5C34D913D985FD0BEFF2] : vs_cuitextensionmsi [HKCR\Installer\Products\6882AF5A5291F331D0149B8ACEAEA0D2] : Universal CRT Extension SDK [HKCR\Installer\Products\68B067ECB579415F6537E04D33B208B1] : WinRT Intellisense Mobile - en-us [HKCR\Installer\Products\68F6D0C706BDF99A552994F33E0138B0] : Windows SDK for Windows Store Apps Contracts [HKCR\Installer\Products\696D75CC5B6DD4BDA7CB3C37FCE7D637] : WinRT Intellisense IoT - Other Languages [HKCR\Installer\Products\6AB8B709D19CE8A4287328B8AF7BC736] : Python 3.6.2 Utility Scripts (64-bit) [HKCR\Installer\Products\6AC68175D4B5E1D1A00F6A5F42B4AB63] : Windows SDK for Windows Store Apps Libs [HKCR\Installer\Products\6DDB88ADB6C42AA3D9E41D79C80906F5] : Visual C++ Library CRT Desktop Appx Package [HKCR\Installer\Products\7119C5BFE9CCCA442BEA93AB77BBD1AF] : Windows Mobile Extension SDK 10.0.15063.0 - x86 [HKCR\Installer\Products\73531CB6F93D2FB5583F0E37EAE34D64] : Windows App Certification Kit SupportedApiList x86 [HKCR\Installer\Products\7831A583884A09E96353801692160043] : WinRT Intellisense Desktop - en-us [HKCR\Installer\Products\78A3C854F9602E8EFA253451B29A5184] : Windows SDK for Windows Store Managed Apps Libs [HKCR\Installer\Products\7960012566C93F44AB02868F41C8FDB9] : vs_communitymsi [HKCR\Installer\Products\7B65CB858BCD66EEAA04E2EAE7E20B2F] : Windows IoT Extension SDK Contracts [HKCR\Installer\Products\7CA51290F51B151A9BA0B634E2DA088A] : Windows App Certification Kit Native Components [HKCR\Installer\Products\7D294820B55881040B8A5B14E1DE45A1] : vs_BlendMsi [HKCR\Installer\Products\7D3193479D140C8479D7CF7847A3B9CE] : icecap_collection_neutral [HKCR\Installer\Products\8023FC3DF9535D3439A48C0F0C1444D1] : Python 3.6.2 Executables (64-bit symbols) [HKCR\Installer\Products\80F4249B71606F4C7A89A529051C7A83] : Universal CRT Tools x86 [HKCR\Installer\Products\83EA6F55C06518AA772AE4E3DE448BA3] : Windows Team Extension SDK [HKCR\Installer\Products\8552F20D7FFA6383EB962004E74E55C2] : Visual C++ Library CRT Desktop Appx Package [HKCR\Installer\Products\85CAFBC88503DA2B012EE9A258B955B4] : Windows IP Over USB [HKCR\Installer\Products\889509B8B2C1DBD89653CBBA2CBB2734] : Windows IoT Extension SDK Contracts [HKCR\Installer\Products\8D01023CA5E3F2E478E4A9EA2B830460] : vs_clickoncebootstrappermsires [HKCR\Installer\Products\8E133CE73865B2B42AB29552BD5E0EE6] : Python 3.6.2 Development Libraries (64-bit) [HKCR\Installer\Products\8F2B85380EEFABF7415ECA487A6E5125] : Windows Desktop Extension SDK [HKCR\Installer\Products\8F2CEB2885724A0E1FB4ACFA2343EF00] : Windows SDK Desktop Libs x86 [HKCR\Installer\Products\934C407110516443972333AD28E25879] : Kits Configuration Installer [HKCR\Installer\Products\93B0BF4E199C7EE459DDA1A187753DD3] : Asmedia USB Host Controller Driver -> C:\Windows\Installer\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\966C00D3744D40A4FAAD529E7EE68737] : HP ePrint SW [HKCR\Installer\Products\980D9A09E6BDCD84E9CEF722922BFD0F] : Python 3.6.2 Executables (64-bit) [HKCR\Installer\Products\995EEB39BC201E8147E49D75428E1175] : Windows Mobile Extension SDK [HKCR\Installer\Products\99E80CA9B0328e74791254777B1F42AE] : [HKCR\Installer\Products\9BE17451A4D8C7B2DD68445BA92C6461] : Windows SDK for Windows Store Apps Tools [HKCR\Installer\Products\9ED0095C991D72C46B2953C4A9A6C6B8] : Eraser 6.2.0.2979 -> C:\WINDOWS\Installer\{C5900DE9-D199-4C27-B692-354C9A6A6C8B}\Eraser.exe [HKCR\Installer\Products\A029CFB30C3CBFD25790305FFE9C6545] : Windows Team Extension SDK [HKCR\Installer\Products\A07B3BD7EEC144742B27AFE5971EC993] : Epic Games Launcher -> C:\WINDOWS\Installer\{7DB3B70A-1CEE-4744-B272-FA5E79E19C39}\Installer.ico [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A124AEA44AB3C01449CCBEA904089520] : icecap_collectionresourcesx64 [HKCR\Installer\Products\A312DF634BFCD9C469C416E542F923A9] : vcpp_crt.redist.clickonce [HKCR\Installer\Products\A4F7C4D79A20434E46158C87D72FC8F1] : WinRT Intellisense UAP - en-us [HKCR\Installer\Products\A60421AEDEE8BA944AB7FF4AD7F4A9ED] : vs_cuitextensionmsi_x64 [HKCR\Installer\Products\A6819615AC6B6E83CB9245BAAFDF7312] : Windows SDK Desktop Tools x86 [HKCR\Installer\Products\A6ADD1984D9C75C9CBE47BC72EB8FA3C] : WinRT Intellisense PPI - en-us [HKCR\Installer\Products\A6F1625B5E6F2773C9FDD128431B6E94] : Windows Phone SDK 8.0 Assemblies for Visual Studio 2017 [HKCR\Installer\Products\ADC53CC9F97EB0746958FC9617264444] : Windows Simulator - ENU [HKCR\Installer\Products\AED5258726E1B924C94A7AF898A9F992] : HP ePrint SW [HKCR\Installer\Products\B03A531C852711E46806785C46A2A4EA] : vs_professionalmsi [HKCR\Installer\Products\B0D11361C75D8F64EA46D9D444222717] : HP ePrint SW [HKCR\Installer\Products\B5D3251523CF4BAC5EE44EC1E0C47162] : Universal CRT Headers Libraries and Sources [HKCR\Installer\Products\B644B4541CD64253355D44935D3685FE] : Windows SDK Modern Non-Versioned Developer Tools [HKCR\Installer\Products\B7C6CA821C833274E92725DFA14D517C] : Python 3.6.2 Standard Library (64-bit symbols) [HKCR\Installer\Products\B9F09C70020347DA352A04D4A0776E8A] : Windows SDK for Windows Store Apps Headers [HKCR\Installer\Products\BA4486E5768AC9143A671BB275A45A7F] : Xamarin PCL Profiles v1.0.9 [HKCR\Installer\Products\BAF825A53DA6A9F4A9C165A6C5203C6D] : vs_Graphics_Singletonx86 [HKCR\Installer\Products\BB0B5EADCB2F5F8916748AB3D64F2BAA] : Windows SDK Desktop Libs x64 [HKCR\Installer\Products\BD0C71FD8D6754A42BE676F448558B30] : Intel(R) ME UninstallLegacy [HKCR\Installer\Products\BE94C912ED186E1B22ABB86297333D13] : Windows Team Extension SDK Contracts [HKCR\Installer\Products\BEA1A465CA4440E55AD62B699D68A566] : Java(TM) SE Development Kit 10 (64-bit) -> C:\Program Files\Java\jdk-10\\bin\javaws.exe [HKCR\Installer\Products\BEBE9641A1AC6BE5C00CCD15FE351E3C] : Windows SDK for Windows Store Apps DirectX x64 Remote [HKCR\Installer\Products\BF13F483D99B7A84D9271EEFEB2C02A1] : vs_FileTracker_Singleton [HKCR\Installer\Products\BF1779C46BE698E42AEBDB8E6BC1B1CE] : Xamarin Workbooks and Inspector -> C:\WINDOWS\Installer\{4C9771FB-6EB6-4E89-A2BE-BDE8B61C1BEC}\xamarininspector.ico [HKCR\Installer\Products\BFF2AFFB5901DDA43A256388602D14B2] : vs_devenvmsi [HKCR\Installer\Products\C076B0442689A7843A187571D3430493] : vs_clickoncesigntoolmsi [HKCR\Installer\Products\C0F4DACD2F125594C9A0B2C7AE16A047] : vs_clickoncebootstrappermsi [HKCR\Installer\Products\C15D0969534402C1879166CCBAF0309F] : WinAppDeploy [HKCR\Installer\Products\C25F6D9AE49614E3A78BB5BE4674245A] : Universal CRT Redistributable [HKCR\Installer\Products\C283C113CDF6DE540AC426A958D21684] : DiagnosticsHub_CollectionService [HKCR\Installer\Products\C2FDE2A017A97D3469A496B67BECCA56] : IntelliTraceProfilerProxy [HKCR\Installer\Products\C4DB71BC7D6C7D5E05133F67542D5297] : Windows SDK for Windows Store Apps Tools [HKCR\Installer\Products\C576100E889ED65280ADDE6E2CF67F2D] : Windows SDK Signing Tools [HKCR\Installer\Products\C57C551B76515ACE7DB1685FFCD11EDE] : Windows Team Extension SDK Contracts [HKCR\Installer\Products\C5F6D8F88AF6F73408CC9F80B57548E2] : icecap_collectionresources [HKCR\Installer\Products\C87E1C6E6C484A73CB9FA69173C0EB75] : Visual C++ Library CRT Appx Package [HKCR\Installer\Products\C90ED3A6D516D3D40978DEDE62B10C6E] : Killer Drivers -> C:\WINDOWS\Installer\{6A3DE09C-615D-4D3D-9087-EDED261BC0E6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\CA59467F68A207DBF3A0023DE3A63300] : Windows SDK Facade Windows WinMD Versioned [HKCR\Installer\Products\CA786DE3D6F3B91893840FBC42115142] : Windows SDK Signing Tools [HKCR\Installer\Products\CAE89355E85F91F45B35DB8F9BFE8D93] : Intel(R) Chipset Device Software [HKCR\Installer\Products\CBB1BBBD893A2624C9527D6A9E0B8614] : Python 3.6.2 Core Interpreter (64-bit) [HKCR\Installer\Products\CEC680501C26C21BF2CE5CE861F67A8E] : Universal General MIDI DLS Extension SDK [HKCR\Installer\Products\D018A5CD462608244857C46B3BD648EA] : vs_networkemulationmsi_x64 [HKCR\Installer\Products\D1D373C25E38608B2CAAC9B6ED68062A] : Windows IoT Extension SDK [HKCR\Installer\Products\D2FC174A27522784880A5D853B9C17CD] : Workflow Manager Client 1.0 -> C:\WINDOWS\Installer\{A471CF2D-2572-4872-88A0-D558B3C971DC}\ARPIcon [HKCR\Installer\Products\D549B7A12FCAF744FA559A53F1A207BA] : vs_communitymsires [HKCR\Installer\Products\D733A889094620FDC174C057AC4F2EF1] : Windows Desktop Extension SDK Contracts [HKCR\Installer\Products\D85E8EE912035C04F8BBFBA3190A4BD4] : Python 3.6.2 Test Suite (64-bit) [HKCR\Installer\Products\D8C8252AA89BF82D6C0527523015A639] : Windows SDK EULA [HKCR\Installer\Products\D9B94ACE254EB9618F2E9E4E510F91D0] : Windows SDK for Windows Store Apps Metadata [HKCR\Installer\Products\DADB63776B5A7EB83EB45F230844C892] : Windows SDK for Windows Store Apps Contracts [HKCR\Installer\Products\DC20608376F5B684F889635AAE1D8AF9] : Windows SDK Redistributables [HKCR\Installer\Products\DC3BFE6A4B4CE878D1FF0FF1FAA9A143] : Windows SDK DirectX x86 Remote [HKCR\Installer\Products\DC9CD32D078562D9D59E2637AC7CDDB5] : Universal CRT Extension SDK [HKCR\Installer\Products\DCE0F053387092547879890FDA33AE0C] : Windows SDK AddOn [HKCR\Installer\Products\DEC8099DBBA59EEFCF4847F3D48336C7] : Application Verifier x64 External Package [HKCR\Installer\Products\E0A605B94D01D1B4EAA7ACDDAD7FF393] : Python 3.6.2 Tcl/Tk Support (64-bit symbols) [HKCR\Installer\Products\E0E23D545C72ED287B93A669802A14A1] : Windows SDK for Windows Store Apps DirectX x64 Remote [HKCR\Installer\Products\E11D64FBD83645247ADB9E3B554CCEAE] : Intel(R) Smart Connect Technology -> C:\WINDOWS\Installer\{BF46D11E-638D-4254-A7BD-E9B355C4ECEA}\ISCT.ico [HKCR\Installer\Products\E360AA2A05FA5F1A98520AE61B556644] : WinRT Intellisense PPI - Other Languages [HKCR\Installer\Products\E484BCCC5D9789343977ACE6BEB635EA] : Intel(R) Management Engine Components [HKCR\Installer\Products\E5D286C586176C7478DC352E01B380CA] : vs_SQLClickOnceBootstrappermsi [HKCR\Installer\Products\E7440C8FC54D25E4498E6C43A0CAD98B] : Entity Framework 6.1.3 Tools for Visual Studio 15 [HKCR\Installer\Products\E78F1AFCB2FE587418C2B4EE2AC2DF60] : TypeScript SDK -> C:\WINDOWS\Installer\{CFA1F87E-EF2B-4785-812C-4BEEA22CFD06}\TypeScriptIcon.ico [HKCR\Installer\Products\E7F6DF62FD03BA61F9B3E26C563C4689] : WinRT Intellisense Desktop - Other Languages [HKCR\Installer\Products\E980350E3597912318F44F58CF51C145] : Universal CRT Tools x64 [HKCR\Installer\Products\EB2542BC94799C1469BE29625EAEF156] : Xamarin Remoted iOS Simulator -> C:\WINDOWS\Installer\{CB2452BE-9749-41C9-96EB-9226E5EA1F65}\Xamarin.Simulator.ico [HKCR\Installer\Products\EB75C9472281B5643823C9EB43B138AD] : Python 3.6.2 Test Suite (64-bit symbols) [HKCR\Installer\Products\EB8F76E52D8DF752EC9114A9D215527C] : WinRT Intellisense PPI - en-us [HKCR\Installer\Products\EC0A24D1E4940BDE69315543785B59D3] : Windows SDK for Windows Store Apps DirectX x86 Remote [HKCR\Installer\Products\EC3A21524E1E5D64B80482ADA32E62E1] : vs_filehandler_x86 [HKCR\Installer\Products\EE26973C42EEF9E4A81415A4DC9771C7] : Tools for .Net 3.5 - FRA Lang Pack [HKCR\Installer\Products\EF527867E42C84D4BB70066467C1A200] : vs_codeduitestframeworkmsi [HKCR\Installer\Products\F0A77C98ABB3E923E91399E6E2E239FE] : Visual C++ Library CRT Appx Resource Package [HKCR\Installer\Products\F8385C66458B55A4986E6A3178744AFD] : Epic Games Launcher Prerequisites (x64) -> C:\WINDOWS\Installer\{66C5838F-B854-4A55-89E6-A6138747A4DF}\UnrealEngineLauncher.ico [HKCR\Installer\Products\F87C4AA142B78968BA58513C9E01C32C] : Windows SDK for Windows Store Apps Headers [HKCR\Installer\Products\F9726337F8F803555A34B39E3648C6A0] : WinRT Intellisense IoT - en-us [HKCR\Installer\Products\FB3528BC4B26405AE760AB01F2840CB2] : WinRT Intellisense UAP - Other Languages [HKCR\Installer\Products\FB77746958EF5323E821F83EFA7F2264] : Visual C++ Library CRT Appx Package [HKCR\Installer\Products\FBE408535A65748448B8A160A76CED65] : vs_cuitcommoncoremsi [HKCR\Installer\Products\FD209FF4069D87A4C940D9E8C13C1394] : Python 3.6.2 pip Bootstrap (64-bit) ---------- | ADS ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Windows ne parvient pas à charger la DLL de compteur extensible rdyboost. Le premier mot (DWORD) de la section Données contient le code d’erreur Windows. ------------ Nom de l’application défaillante MSIDDRService.exe, version : 3.0.0.16, horodatage : 0x58a41e28 Nom du module défaillant : MSIDDRService.exe, version : 3.0.0.16, horodatage : 0x58a41e28 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00026eaf ID du processus défaillant : 0xf84 Heure de début de l’application défaillante : 0x01d3e968871cf653 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe ID de rapport : d82cc1e7-93bf-4b6d-b29c-84736ddedf01 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ La création du contexte d’activation a échoué pour « D:\Program Files (x86)\Samsung\SideSync4\SideSync.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.431_none_15c7d3ee93659e73.manifest. Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.431_none_5d750ac5a7e1c779.manifest. ------------ Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID CLEMENT\bobcl de l’utilisateur (S-1-5-21-2153363518-3719023817-840555237-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. ------------ Le miniport Remote NDIS based Internet Sharing Device, {26869B6D-F975-483C-B507-BCF5D79488FA}, a eu l’événement L’interface réseau a été supprimée alors que le périphérique Plug-and-Play existe toujours. Notez que cet événement est fourni à titre d’information et ne constitue pas systématiquement une erreur (par exemple, lorsqu’un commutateur virtuel vient d’être désinstallé ou lorsqu’une équipe LBFO a été supprimée) ------------ Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID CLEMENT\bobcl de l’utilisateur (S-1-5-21-2153363518-3719023817-840555237-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. ------------ Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID CLEMENT\bobcl de l’utilisateur (S-1-5-21-2153363518-3719023817-840555237-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. ------------ Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID CLEMENT\bobcl de l’utilisateur (S-1-5-21-2153363518-3719023817-840555237-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. ------------ Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID CLEMENT\bobcl de l’utilisateur (S-1-5-21-2153363518-3719023817-840555237-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. ------------ Le service MSI Command Center DDR Service s’est terminé de façon inattendue pour la 1ème fois. ------------ Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID CLEMENT\bobcl de l’utilisateur (S-1-5-21-2153363518-3719023817-840555237-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. ------------ Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} et l’APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. ------------ Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} et l’APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. ------------ Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} et l’APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. ------------ Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} et l’APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. ------------ Le service MainLSyncHost n’a pas pu démarrer en raison de l’erreur : Le fichier spécifié est introuvable. ------------ Les fonctionnalités de gestion de l’alimentation relatives aux performances sur le processeur 3 du groupe 0 sont désactivées en raison d’un problème de microprogramme. Vérifiez auprès du fabricant de l’ordinateur si une mise à jour du microprogramme est disponible. ------------ Les fonctionnalités de gestion de l’alimentation relatives aux performances sur le processeur 2 du groupe 0 sont désactivées en raison d’un problème de microprogramme. Vérifiez auprès du fabricant de l’ordinateur si une mise à jour du microprogramme est disponible. ------------ Les fonctionnalités de gestion de l’alimentation relatives aux performances sur le processeur 1 du groupe 0 sont désactivées en raison d’un problème de microprogramme. Vérifiez auprès du fabricant de l’ordinateur si une mise à jour du microprogramme est disponible. ------------ ----------( EOF)---------- - 4652 | 23:48:38