--------------- QuickDiag | g3n-h@ckm@n | V4_21.05.18.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 21/05/2018 10:37:51 Updated 21/05/2018 | 10.25 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [PedrOo (Administrator)] - [DESKTOP-MOPM0C1] (S-1-5-21-1559459158-4131074543-171200091-1001) System: Microsoft Windows 10 Famille - - (10.0.17134) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (1803) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\WINDOWS|\Device\Harddisk0\Partition4 Boot : Normal boot PC: G551JW - ASUSTeK COMPUTER INC. - IdNumber: F4N0CJ105026173 - UUID: C9E21868-3845-A549-A261-17DD9481534A Processor : X64 - 2594 Mhz - Intel(R) Core(TM) i7-4720HQ CPU @ 2.60GHz G551JW.202 - en|US|iso8859-1 - American Megatrends Inc. - S/N: F4N0CJ105026173 - G551JW.202 - _ASUS_ - 1072009 CoreTemp : 52 Celsius ----------| Xspeed ---------- | SoundDevice Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0668&SUBSYS_1043185D&REV_1000\4&26C2CD04&0&0001 NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000 Razer Surround Audio Controller - Status: OK - Manufacturer: Razer Inc - PNPDeviceID: ROOT\MEDIA\0000 ---------- | Video Intel(R) HD Graphics 4600 - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: igdumdim64.dll,igd10iumd64.dll,igd10iumd64.dll,igd12umd64.dll - PNPDeviceID: PCI\VEN_8086&DEV_0416&SUBSYS_185D1043&REV_06\3&11583659&0&10 - AdapterCompatibility: Intel Corporation - RAM: 1073741824 NVIDIA GeForce GTX 960M - Resolution: x - Colors: - RefreshRate: - Bits Per Pixel - DeviceID: VideoController2 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_22fbea6bbc185918\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_22fbea6bbc185918\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_22fbea6bbc185918\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_22fbea6bbc185918\nvldumdx.dll - PNPDeviceID: PCI\VEN_10DE&DEV_139B&SUBSYS_185D1043&REV_A2\4&819BC9D&0&0008 - AdapterCompatibility: NVIDIA - RAM: -2147483648 Inegrated Video Chipset DeviceName: Intel(R) HD Graphics 4600 - DriverVersion: 20.19.15.4549 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 39424 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34696 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 53760 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 36264 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 28160 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 86016 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42480 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25408 - Manufacturer: Microsoft Corporation - Status: OK ---------- | CPU CPU #1 value:0 % CPU #2 value:0 % CPU #3 value:9 % CPU #4 value:0 % CPU #5 value:0 % CPU #6 value:0 % CPU #7 value:0 % CPU #8 value:0 % Total Overall CPU Usage value:0 % ---------- | Network Realtek PCIe GBE Family Controller : SENT:0 bytes/sec / RECVD:0 bytes/sec Qualcomm Atheros AR9485WB-EG Wireless Network Adapter : SENT:0 bytes/sec / RECVD:0 bytes/sec Overall -> SEND Maxium:0 bytes/sec, / RECEIVE Maximum:0 bytes/sec Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 Realtek PCIe GBE Family Controller - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8168&SUBSYS_200F1043&REV_12\01000000684CE00001 TAP-Win32 Adapter V9 for OpenVPN Accelerator - Ethernet 802.3 - TAP-Win32 Provider V9 for OpenVPN Accelerator - Status: - PnPID : ROOT\NET\0001 Bluetooth Device (RFCOMM Protocol TDI) - - Microsoft - Status: - PnPID : BTH\MS_RFCOMM\6&15941E6B&1&0 Qualcomm Atheros AR9485WB-EG Wireless Network Adapter - Ethernet 802.3 - Qualcomm Atheros Communications Inc. - Status: - PnPID : PCI\VEN_168C&DEV_0032&SUBSYS_21261A3B&REV_01\4&3864A41D&0&00E2 Bluetooth Device (Personal Area Network) - Ethernet 802.3 - Microsoft - Status: - PnPID : BTH\MS_BTHPAN\6&15941E6B&1&2 Microsoft Wi-Fi Direct Virtual Adapter - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&D0FD5C7&0&11 Microsoft Wi-Fi Direct Virtual Adapter #2 - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&D0FD5C7&0&12 WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_SSTPMINIPORT WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_AGILEVPNMINIPORT WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_L2TPMINIPORT WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPTPMINIPORT WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPPOEMINIPORT WAN Miniport (IP) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIP WAN Miniport (IPv6) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIPV6 WAN Miniport (Network Monitor) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANBH ---------- | Memory RAM = Total (MB) : 8275 | Free (MB) : 3674 Pagefile = Total (MB) : 10241 | Free (MB) : 5299 Virtual = Total (MB) : 4194 | Free (MB) : 3906 Physical Memory 2 : Capacity: 8589934592 - ChannelB-DIMM0 - Posit.: - Manufacturer: Hynix/Hyundai - PartNumber: HMT41GS6BFR8A-PB - S/N: 0426554B ---------- | Drives C:\ -> [Fixed] | [OS] | Total : 372.6 Go | Free : 64.78 Go -> NTFS [SATA] D:\ -> [Fixed] | [Data] | Total : 542.8 Go | Free : 388.82 Go -> NTFS [SATA] Disk Usage Information [2 total Physical Disks] Physical Drive #0 [C:, D:] : Read:0 bytes/sec, Written:523,564 bytes/sec Max Read:0 bytes/sec, Max Write:523,564 bytes/sec Physical Drive #\ [DESKTOP-MOPM0C1\Disque, physique(1)\Écritures, disque,, octets/s] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:0 bytes/sec, Write Maximum:523,564 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 5 Part. - PnPID : SCSI\DISK&VEN_HGST&PROD_HTS721010A9E630\4&1F870206&0&040000 DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - IDE - Fixed hard disk media - 1 Part. - PnPID : SCSI\DISK&VEN_KINGSTON&PROD_RBU-SMSM151S324G\4&1F870206&0&050000 ---------- | Windows updates - Activation - License Test 1 : Windows Is NOT Activated Test 2 : Windows Is Activated Volume License ---------- | Browsers IE : 11.0.17134.1 (© Microsoft Corporation. Tous droits réservés.) FF : 60.0.1.6710 (©Firefox and Mozilla Developers; available under the MPL 2 license.) Default : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "" ---------- | FlashPlayer FlashPlayer ActiveX : 29.0.0.171 FlashPlayer Plugin : 29.0.0.171 ---------- | Security AV : Malwarebytes Enabled AS : Windows Defender Disabled FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Manual(3)] = Running AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 400 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.17134.1) = C:\Windows\System32\smss.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 608 | [Owner : Système | Parent : 592() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.17134.1) = C:\Windows\System32\csrss.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 752 | [Owner : Système | Parent : 592() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.17134.1) = C:\Windows\System32\wininit.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 800 | [Owner : Système | Parent : 752(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.17134.1) = C:\Windows\System32\services.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 908 | [Owner : Système | Parent : 752(wininit.exe) | 17.99 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.17134.1) = C:\Windows\System32\lsass.exe [12/04/2018 01:34:23] CPU Usage:0 % --> Command Line : 100 | [Owner : Système | Parent : 800(services.exe) | 3.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 8 | [Owner : Système | Parent : 800(services.exe) | 28.45 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 560 | [Owner : UMFD-0 | Parent : 752(wininit.exe) | 3.42 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.17134.1) = C:\Windows\System32\fontdrvhost.exe [12/04/2018 01:34:24] CPU Usage:0 % --> Command Line : 796 | [Owner : SERVICE RÉSEAU | Parent : 800(services.exe) | 16.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1064 | [Owner : Système | Parent : 800(services.exe) | 7.91 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1168 | [Owner : Système | Parent : 800(services.exe) | 4.28 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1252 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 18.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1492 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 10.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1500 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 6.95 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1532 | [Owner : Système | Parent : 800(services.exe) | 5.58 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1776 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 11.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1868 | [Owner : Système | Parent : 800(services.exe) | 10.79 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1896 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 17.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2000 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 8.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1132 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 7.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1764 | [Owner : Système | Parent : 800(services.exe) | 9.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2056 | [Owner : Système | Parent : 800(services.exe) | 15.52 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2128 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 6.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2164 | [Owner : SERVICE RÉSEAU | Parent : 800(services.exe) | 10.75 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2168 | [Owner : Système | Parent : 800(services.exe) | 6.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2228 | [Owner : Système | Parent : 800(services.exe) | 11.51 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.10.2318.3615) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [15/04/2017 11:11:56] CPU Usage:0 % --> Command Line : 2272 | [Owner : Système | Parent : 800(services.exe) | 5.52 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2280 | [Owner : Système | Parent : 800(services.exe) | 83.69 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2288 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2376 | [Owner : SERVICE LOCAL | Parent : 2168(svchost.exe) | 4.64 Mo] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.17134.1) = C:\Windows\System32\dasHost.exe [12/04/2018 01:34:12] CPU Usage:0 % --> Command Line : 2464 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 9.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2532 | [Owner : Système | Parent : 800(services.exe) | 8.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2584 | [Owner : Système | Parent : 800(services.exe) | 8.1 Mo] - (.Intel Corporation - igfxCUIService Module.) - (6.15.10.4549) = C:\Windows\System32\igfxCUIService.exe [30/11/2016 22:56:28] CPU Usage:0 % --> Command Line : 2616 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2664 | [Owner : Système | Parent : 800(services.exe) | 7.05 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2672 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 9.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2820 | [Owner : Système | Parent : 800(services.exe) | 9.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2844 | [Owner : Système | Parent : 800(services.exe) | 22.28 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2944 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 12.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3000 | [Owner : SERVICE RÉSEAU | Parent : 800(services.exe) | 7.81 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3008 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 11.75 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3016 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 6.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2972 | [Owner : Système | Parent : 800(services.exe) | 14.92 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3136 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 7.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3252 | [Owner : Système | Parent : 800(services.exe) | 12.78 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3280 | [Owner : Système | Parent : 800(services.exe) | 5.36 Mo] - (.ASUSTek Computer Inc. - ASLDR Service.) - (1.0.81.2) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [26/03/2014 15:24:44] CPU Usage:0 % --> Command Line : 3296 | [Owner : Système | Parent : 800(services.exe) | 3.32 Mo] - (.ASUS - GFNEXSrv.) - (1.0.11.1) = C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [21/11/2011 14:19:50] CPU Usage:0 % --> Command Line : 3304 | [Owner : Système | Parent : 800(services.exe) | 10.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3464 | [Owner : Système | Parent : 800(services.exe) | 21.35 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.17134.1) = C:\Windows\System32\spoolsv.exe [12/04/2018 01:34:41] CPU Usage:0 % --> Command Line : 3532 | [Owner : SERVICE LOCAL | Parent : 2944(svchost.exe) | 22.28 Mo] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.17134.1) = C:\Windows\System32\audiodg.exe [12/04/2018 01:34:04] CPU Usage:0 % --> Command Line : 3640 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 25.06 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3652 | [Owner : Système | Parent : 800(services.exe) | 5.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3664 | [Owner : Système | Parent : 800(services.exe) | 11.01 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3672 | [Owner : SERVICE RÉSEAU | Parent : 800(services.exe) | 15.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3784 | [Owner : Système | Parent : 800(services.exe) | 7.06 Mo] - (.Windows (R) Win 7 DDK provider - Windows Setup API.) - (6.2.9200.16384) = C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [19/06/2017 04:11:32] CPU Usage:0 % --> Command Line : 3812 | [Owner : Système | Parent : 800(services.exe) | 6.47 Mo] - (.Apple Inc. - Bonjour Service.) - (3.1.0.1) = C:\Program Files\Bonjour\mDNSResponder.exe [12/08/2015 16:03:42] CPU Usage:0 % --> Command Line : 3820 | [Owner : Système | Parent : 800(services.exe) | 216.61 Mo] - (.Malwarebytes - Malwarebytes Service.) - (3.1.0.643) = C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [26/04/2018 13:35:45] CPU Usage:0 % --> Command Line : 3828 | [Owner : Système | Parent : 800(services.exe) | 25.09 Mo] - (.McAfee, Inc. - Intel Security True Key.) - (4.20.110.0) = C:\Program Files\TrueKey\McTkSchedulerService.exe [29/08/2016 16:07:59] CPU Usage:0 % --> Command Line : 3836 | [Owner : Système | Parent : 800(services.exe) | 6.45 Mo] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.26.5200) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [09/02/2018 19:02:50] CPU Usage:0 % --> Command Line : 3844 | [Owner : Système | Parent : 800(services.exe) | 22.89 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.10.2366.3209) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [07/10/2016 20:13:23] CPU Usage:0 % --> Command Line : 3852 | [Owner : SERVICE RÉSEAU | Parent : 800(services.exe) | 13.74 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.10.2354.7482) = C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [16/12/2016 18:47:28] CPU Usage:0 % --> Command Line : 3860 | [Owner : Système | Parent : 800(services.exe) | 11.33 Mo] - (.Apple Inc. - MobileDeviceService.) - (423.50.209.1) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [29/03/2018 12:48:44] CPU Usage:0 % --> Command Line : 3868 | [Owner : Système | Parent : 800(services.exe) | 45.19 Mo] - (.McAfee, Inc. - Intel Security True Key.) - (4.20.110.0) = C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [17/04/2018 21:27:22] CPU Usage:0 % --> Command Line : 3884 | [Owner : Système | Parent : 800(services.exe) | 8.92 Mo] - (.Intel Corporation - IntelCpHeciSvc Executable.) - (9.0.31.9015) = C:\Windows\SysWOW64\IntelCpHeciSvc.exe [30/11/2016 22:58:06] CPU Usage:0 % --> Command Line : 3900 | [Owner : Système | Parent : 800(services.exe) | 11.6 Mo] - (.Razer Inc - RazerSurround VAD Streaming Service.) - (1.1.63.0) = C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [09/01/2018 05:38:44] CPU Usage:0 % --> Command Line : 3968 | [Owner : Système | Parent : 800(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.13.17134.1) = C:\Windows\System32\SecurityHealthService.exe [12/04/2018 01:34:41] CPU Usage:0 % --> Command Line : 4000 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 5.68 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 944 | [Owner : SERVICE RÉSEAU | Parent : 800(services.exe) | 8.45 Mo] - (.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) - (2001.12.10941.16384) = C:\Windows\System32\msdtc.exe [12/04/2018 01:34:20] CPU Usage:0 % --> Command Line : 1752 | [Owner : Système | Parent : 800(services.exe) | 33.94 Mo] - (.Intel Corporation - IAStorDataSvc.) - (14.10.0.1016) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [03/02/2016 14:17:32] CPU Usage:0 % --> Command Line : 3264 | [Owner : Système | Parent : 800(services.exe) | 22.69 Mo] - (.McAfee, Inc. - McAfee WebAdvisor.) - (4.0.7.190) = C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [03/05/2018 12:08:21] CPU Usage:0 % --> Command Line : 1212 | [Owner : Système | Parent : 800(services.exe) | ?????] - (.Microsoft Corporation - Service Broker du moniteur d'exécution System Guard.) - (10.0.17134.1) = C:\Windows\System32\SgrmBroker.exe [12/04/2018 01:34:04] CPU Usage:0 % --> Command Line : 5176 | [Owner : Système | Parent : 800(services.exe) | 41.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3724 | [Owner : Système | Parent : 800(services.exe) | 14.43 Mo] - (.- Intel(R) System Usage Report.) - (1.2.1.1498) = C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [19/10/2016 13:18:50] CPU Usage:0 % --> Command Line : 2196 | [Owner : Système | Parent : 800(services.exe) | 9.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3068 | [Owner : Système | Parent : 800(services.exe) | 14.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 5028 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 6.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 4012 | [Owner : Système | Parent : 800(services.exe) | 11.36 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1924 | [Owner : Système | Parent : 800(services.exe) | 17.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3196 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 20.41 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 4140 | [Owner : Système | Parent : 800(services.exe) | 14.78 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1744 | [Owner : SERVICE RÉSEAU | Parent : 800(services.exe) | 7.74 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3180 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 9.36 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1076 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 19.93 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3240 | [Owner : Système | Parent : 800(services.exe) | 19.51 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1612 | [Owner : Système | Parent : 800(services.exe) | 15.77 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 6756 | [Owner : Système | Parent : 800(services.exe) | 26.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3564 | [Owner : Système | Parent : 800(services.exe) | 9.9 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 7256 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 18.82 Mo] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.8931) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe [17/05/2018 07:32:14] CPU Usage:0 % --> Command Line : 7312 | [Owner : Système | Parent : 800(services.exe) | 7.28 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 8012 | [Owner : Système | Parent : 800(services.exe) | 5.94 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 11848 | [Owner : Système | Parent : 800(services.exe) | 8.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 10820 | [Owner : SERVICE RÉSEAU | Parent : 800(services.exe) | 20.19 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 18384 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 9.63 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 13056 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 8.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 22792 | [Owner : Système | Parent : 800(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 29116 | [Owner : Système | Parent : 800(services.exe) | 5.62 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 28416 | [Owner : Système | Parent : 28976() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.17134.1) = C:\Windows\System32\csrss.exe [12/04/2018 01:34:22] CPU Usage:1 % --> Command Line : 25628 | [Owner : Système | Parent : 28976() | 10.68 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.17134.1) = C:\Windows\System32\winlogon.exe [12/04/2018 01:34:23] CPU Usage:0 % --> Command Line : 24884 | [Owner : UMFD-2 | Parent : 25628(winlogon.exe) | 9.79 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.17134.1) = C:\Windows\System32\fontdrvhost.exe [12/04/2018 01:34:24] CPU Usage:0 % --> Command Line : 24048 | [Owner : DWM-2 | Parent : 25628(winlogon.exe) | 45.52 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.17134.1) = C:\Windows\System32\dwm.exe [12/04/2018 01:34:19] CPU Usage:0 % --> Command Line : 20592 | [Owner : Système | Parent : 2228(NVDisplay.Container.exe) | 25.22 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.10.2318.3615) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [15/04/2017 11:11:56] CPU Usage:0 % --> Command Line : 17672 | [Owner : PedrOo | Parent : 3820(MBAMService.exe) | 27.42 Mo] - (.Malwarebytes - Malwarebytes Tray Application.) - (3.0.0.1429) = C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [26/04/2018 13:35:44] CPU Usage:0 % --> Command Line : 19808 | [Owner : Système | Parent : 3280(AsLdrSrv.exe) | 8.96 Mo] - (.ASUSTek Computer Inc. - HControl.) - (1.0.86.1) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [25/06/2015 19:07:08] CPU Usage:0 % --> Command Line : 1420 | [Owner : PedrOo | Parent : 3264(mcsacore.exe) | 31.75 Mo] - (.McAfee, Inc. - McAfee WebAdvisor.) - (4.0.7.190) = C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe [03/05/2018 12:08:24] CPU Usage:0 % --> Command Line : 7464 | [Owner : PedrOo | Parent : 3844(nvcontainer.exe) | 35.1 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.10.2366.3209) = C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [07/10/2016 20:13:23] CPU Usage:0 % --> Command Line : 25472 | [Owner : SERVICE LOCAL | Parent : 800(services.exe) | 6.58 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 27808 | [Owner : PedrOo | Parent : 800(services.exe) | 23.78 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 28316 | [Owner : PedrOo | Parent : 800(services.exe) | 32.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 24968 | [Owner : PedrOo | Parent : 1764(svchost.exe) | 26.15 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.17134.1) = C:\Windows\System32\sihost.exe [12/04/2018 01:34:12] CPU Usage:0 % --> Command Line : 28580 | [Owner : PedrOo | Parent : 4140(svchost.exe) | 18.39 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.17134.1) = C:\Windows\System32\taskhostw.exe [12/04/2018 01:34:37] CPU Usage:0 % --> Command Line : 2852 | [Owner : PedrOo | Parent : 12060() | 10.82 Mo] - (.Intel Corporation - igfxEM Module.) - (6.15.10.4549) = C:\Windows\System32\igfxEM.exe [30/11/2016 22:56:54] CPU Usage:0 % --> Command Line : 21588 | [Owner : PedrOo | Parent : 12060() | 8.13 Mo] - (.Intel Corporation - igfxHK Module.) - (6.15.10.4549) = C:\Windows\System32\igfxHK.exe [30/11/2016 22:57:14] CPU Usage:0 % --> Command Line : 11156 | [Owner : PedrOo | Parent : 29144() | 95.69 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.17134.1) = C:\Windows\explorer.exe [12/04/2018 01:34:44] CPU Usage:0 % --> Command Line : 21632 | [Owner : PedrOo | Parent : 25260() | 7.07 Mo] - (.ASUSTek Computer Inc. - ATK Media.) - (2.0.21.4) = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [25/03/2015 11:34:44] CPU Usage:0 % --> Command Line : 25884 | [Owner : PedrOo | Parent : 23012() | 8.55 Mo] - (.ASUSTek Computer Inc. - ATKOSD2.) - (7.0.32.3) = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [25/03/2015 11:05:08] CPU Usage:0 % --> Command Line : 20616 | [Owner : PedrOo | Parent : 8(svchost.exe) | 8.84 Mo] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.17134.1) = C:\Windows\System32\rundll32.exe [12/04/2018 01:34:33] CPU Usage:0 % --> Command Line : 22968 | [Owner : PedrOo | Parent : 22516() | 1.61 Mo] - (.AsusTek - ASUS Smart Gesture Loader.) - (1.0.51.0) = C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe [09/03/2017 11:19:14] CPU Usage:0 % --> Command Line : 29012 | [Owner : PedrOo | Parent : 4140(svchost.exe) | 2.13 Mo] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.276) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [17/01/2018 23:49:12] CPU Usage:0 % --> Command Line : 25064 | [Owner : PedrOo | Parent : 4140(svchost.exe) | 1.97 Mo] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.276) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [17/01/2018 23:49:12] CPU Usage:0 % --> Command Line : 23560 | [Owner : PedrOo | Parent : 8(svchost.exe) | 81.24 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.17134.1) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [12/04/2018 01:33:58] CPU Usage:0 % --> Command Line : 10724 | [Owner : PedrOo | Parent : 8(svchost.exe) | 21.73 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 01:34:06] CPU Usage:0 % --> Command Line : 24768 | [Owner : PedrOo | Parent : 8(svchost.exe) | 179.02 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.17134.48) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [17/05/2018 07:40:54] CPU Usage:0 % --> Command Line : 19668 | [Owner : PedrOo | Parent : 8(svchost.exe) | 28.44 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 01:34:06] CPU Usage:0 % --> Command Line : 8336 | [Owner : PedrOo | Parent : 8(svchost.exe) | 53.88 Mo] - (.-.) - (12.1813.286.0) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe [26/04/2018 08:23:48] CPU Usage:0 % --> Command Line : 25496 | [Owner : PedrOo | Parent : 7312(svchost.exe) | 15.44 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.17134.1) = C:\Windows\System32\ctfmon.exe [12/04/2018 01:34:37] CPU Usage:0 % --> Command Line : 21680 | [Owner : PedrOo | Parent : 8(svchost.exe) | 29.08 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 01:34:06] CPU Usage:0 % --> Command Line : 26580 | [Owner : Système | Parent : 8(svchost.exe) | 9.4 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17134.1) = C:\Windows\System32\wbem\WmiPrvSE.exe [12/04/2018 01:34:40] CPU Usage:0 % --> Command Line : 10704 | [Owner : PedrOo | Parent : 11156(explorer.exe) | 8.52 Mo] - (.Microsoft Corporation - Windows Defender notification icon.) - (4.13.17134.1) = C:\Program Files\Windows Defender\MSASCuiL.exe [12/04/2018 01:33:58] CPU Usage:0 % --> Command Line : 2956 | [Owner : PedrOo | Parent : 11156(explorer.exe) | 11.56 Mo] - (.ELAN Microelectronics Corp. - ETD Control Center.) - (11.66.8.7) = C:\Program Files\Elantech\ETDCtrl.exe [03/08/2015 15:59:40] CPU Usage:0 % --> Command Line : 5720 | [Owner : PedrOo | Parent : 11156(explorer.exe) | 5.92 Mo] - (.Saitek - Saitek MFD File System Driver.) - (7.0.45.2) = C:\Program Files\SmartTechnology\Software\SaiMfd.exe [01/10/2015 10:25:08] CPU Usage:0 % --> Command Line : 9472 | [Owner : PedrOo | Parent : 11156(explorer.exe) | 22.5 Mo] - (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) - (6.67.83.0) = C:\Program Files\Logitech\SetPointP\SetPoint.exe [26/08/2015 03:21:56] CPU Usage:0 % --> Command Line : 716 | [Owner : PedrOo | Parent : 11156(explorer.exe) | 29.14 Mo] - (.Apple Inc. - iCloud Photo Stream.) - (62.0.0.54) = C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [18/09/2017 15:08:32] CPU Usage:0 % --> Command Line : 728 | [Owner : PedrOo | Parent : 9472(SetPoint.exe) | 10.15 Mo] - (.Logitech, Inc. - Logitech KHAL Main Process.) - (5.90.41.0) = C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe [02/07/2015 22:28:44] CPU Usage:0 % --> Command Line : 24252 | [Owner : PedrOo | Parent : 22968(AsusTPLoader.exe) | 2.19 Mo] - (.AsusTek - ASUS Smart Gesture Center.) - (1.0.0.87) = C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe [09/03/2017 11:19:04] CPU Usage:0 % --> Command Line : 25444 | [Owner : PedrOo | Parent : 29348() | 4.57 Mo] - (.Node.js - NVIDIA Web Helper Service.) - (6.12.2.0) = C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [07/10/2016 20:13:34] CPU Usage:0 % --> Command Line : 22788 | [Owner : PedrOo | Parent : 25444(NVIDIA Web Helper.exe) | 1.12 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17134.1) = C:\Windows\System32\conhost.exe [12/04/2018 01:34:20] CPU Usage:0 % --> Command Line : 27904 | [Owner : PedrOo | Parent : 8112() | 18.15 Mo] - (.Piriform Ltd - CCleaner.) - (5.25.0.5902) = C:\Program Files\CCleaner\CCleaner64.exe [06/12/2016 16:09:52] CPU Usage:0 % --> Command Line : 25620 | [Owner : PedrOo | Parent : 8(svchost.exe) | 15.19 Mo] - (.Apple Inc. - Apple Push.) - (2.7.30.72) = C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [16/03/2018 15:20:02] CPU Usage:0 % --> Command Line : 27324 | [Owner : PedrOo | Parent : 800(services.exe) | 29.31 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 23848 | [Owner : PedrOo | Parent : 28456() | 31.76 Mo] - (.Intel Corporation - IAStorIcon.) - (14.10.0.1016) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [03/02/2016 14:17:34] CPU Usage:0 % --> Command Line : 25384 | [Owner : PedrOo | Parent : 8(svchost.exe) | 12.35 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.17134.1) = C:\Windows\System32\dllhost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 30516 | [Owner : PedrOo | Parent : 8(svchost.exe) | 17.47 Mo] - (.Apple, Inc. - Apple Security Manager.) - (106.1.0.34) = C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe [16/03/2018 15:20:00] CPU Usage:0 % --> Command Line : 26108 | [Owner : PedrOo | Parent : 24252(AsusTPCenter.exe) | 1.1 Mo] - (.AsusTek - ASUS Smart Gesture Helper.) - (1.0.22.0) = C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe [09/03/2017 11:19:50] CPU Usage:0 % --> Command Line : 20044 | [Owner : PedrOo | Parent : 30628() | 17.55 Mo] - (.- Intel(R) System Usage Report.) - (1.2.1.1498) = C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe [19/10/2016 13:18:50] CPU Usage:0 % --> Command Line : 30716 | [Owner : PedrOo | Parent : 20044(esrv.exe) | 10.92 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17134.1) = C:\Windows\System32\conhost.exe [12/04/2018 01:34:20] CPU Usage:0 % --> Command Line : 31448 | [Owner : PedrOo | Parent : 8(svchost.exe) | 18.24 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 01:34:06] CPU Usage:0 % --> Command Line : 31484 | [Owner : Système | Parent : 800(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 26148 | [Owner : Système | Parent : 800(services.exe) | 57.87 Mo] - (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - (16.0.9226.2156) = C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [14/05/2018 23:17:08] CPU Usage:0 % --> Command Line : 31144 | [Owner : Système | Parent : 26148(OfficeClickToRun.exe) | 7.88 Mo] - (.Microsoft Corporation - AppVShNotify.) - (5.1.137.0) = C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe [14/05/2018 23:17:08] CPU Usage:0 % --> Command Line : 31100 | [Owner : PedrOo | Parent : 26148(OfficeClickToRun.exe) | 7.9 Mo] - (.Microsoft Corporation - AppVShNotify.) - (5.1.137.0) = C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe [14/05/2018 23:17:08] CPU Usage:0 % --> Command Line : 30976 | [Owner : Système | Parent : 800(services.exe) | 33.64 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.17134.1) = C:\Windows\System32\SearchIndexer.exe [12/04/2018 01:34:08] CPU Usage:0 % --> Command Line : 27932 | [Owner : PedrOo | Parent : 4140(svchost.exe) | 15.08 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.17134.1) = C:\Windows\System32\taskhostw.exe [12/04/2018 01:34:37] CPU Usage:0 % --> Command Line : 32396 | [Owner : PedrOo | Parent : 24404() | 3.43 Mo] - (.- LiveUpdate Checker.) - (2.0.1000.0) = C:\Program Files\DriverSetupUtility\FUB\LiveUpdateChecker.exe [10/07/2015 01:08:36] CPU Usage:0 % --> Command Line : 32232 | [Owner : PedrOo | Parent : 8(svchost.exe) | 10.1 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.17134.1) = C:\Windows\System32\dllhost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 35564 | [Owner : PedrOo | Parent : 8(svchost.exe) | 33.8 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.17134.1) = C:\Windows\System32\smartscreen.exe [12/04/2018 01:34:06] CPU Usage:0 % --> Command Line : 34204 | [Owner : Système | Parent : 30976(SearchIndexer.exe) | 9.63 Mo] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.17134.1) = C:\Windows\System32\SearchProtocolHost.exe [12/04/2018 01:34:08] CPU Usage:0 % --> Command Line : 21976 | [Owner : Système | Parent : 30976(SearchIndexer.exe) | 6.08 Mo] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.17134.1) = C:\Windows\System32\SearchFilterHost.exe [12/04/2018 01:34:08] CPU Usage:0 % --> Command Line : 32304 | [Owner : PedrOo | Parent : 8(svchost.exe) | 11.45 Mo] - (.Microsoft Corporation - Microsoft Outlook Communications.) - (16.0.9226.2159) = C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9226.21595.0_x64__8wekyb3d8bbwe\HxTsr.exe [21/05/2018 10:27:55] CPU Usage:0 % --> Command Line : 25716 | [Owner : PedrOo | Parent : 8(svchost.exe) | 5.63 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 01:34:06] CPU Usage:0 % --> Command Line : 32420 | [Owner : PedrOo | Parent : 22996() | 45.42 Mo] - (.SosVirus - QuickDiag.) - (21.5.18.1) = C:\Users\g\Downloads\quickdiag_V4_21.05.18.1.exe [21/05/2018 10:37:22] CPU Usage:0 % --> Command Line : 33060 | [Owner : SERVICE RÉSEAU | Parent : 8(svchost.exe) | 9.69 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17134.1) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [12/04/2018 01:34:55] CPU Usage:0 % --> Command Line : ---------- | MD5 [MD5.AD5296B280E8F522A8A897C96BAB0E1D] - [12/04/2018 01:34:44] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3841 Ko] - (10.0.17134.1) : C:\WINDOWS\Explorer.exe [MD5.4E2ACF4F8A396486AB4268C94A6A245F] - [12/04/2018 01:34:14] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [267.5 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\cmd.exe [MD5.DA224D4C138A3ECA95C6C7976AC5D9F1] - [12/04/2018 01:34:22] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [17.28 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\csrss.exe [MD5.2528137C6745C4EADD87817A1909677E] - [12/04/2018 01:34:22] - (.© Microsoft Corporation. - COM Surrogate.) - [20.4 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\dllhost.exe [MD5.A8565440629AC87F6FEF7D588FE3FF0F] - [12/04/2018 01:34:40] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [703.74 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Kernel32.dll [MD5.317340CD278A374BCEF6A30194557227] - [12/04/2018 01:34:23] - (.© Microsoft Corporation. - Local Security Authority Process.) - [56.62 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\lsass.exe [MD5.8CE6D7338F84B228450C8240BB77DB16] - [17/05/2018 07:40:38] - (.© Microsoft Corporation. - Distributed COM Services.) - [1133 Ko] - (10.0.17134.48) : C:\WINDOWS\System32\rpcss.dll [MD5.73C519F050C20580F8A62C849D49215A] - [12/04/2018 01:34:33] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [68 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\rundll32.exe [MD5.E2F4C75AFA20E742DE1B70372F15DCD7] - [12/04/2018 01:34:22] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [622.02 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\services.exe [MD5.32569E403279B3FD2EDB7EBD036273FA] - [12/04/2018 01:34:22] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [50.09 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\svchost.exe [MD5.1B795B9EC9E0EAADC5B37006BBE44646] - [12/04/2018 01:34:14] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [1601.02 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\user32.dll [MD5.7866C803DDD8D626D760A313B6D92F16] - [12/04/2018 01:34:22] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [31.5 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\userinit.exe [MD5.A58B0CB069DA7840B935872ADCD7F0C2] - [12/04/2018 01:34:22] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [358.2 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Wininit.exe [MD5.F9017F2DC455AD373DF036F5817A8870] - [12/04/2018 01:34:23] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [661.5 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Winlogon.exe [MD5.4DCCC3E02A22ED4A4ADB11386F226071] - [12/04/2018 01:34:23] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de fonction connexe pour WinSock.) - [611.91 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\afd.sys [MD5.90AB4ED8EBD72A1C096A40CC35404B91] - [12/04/2018 01:33:49] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [27.9 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\atapi.sys [MD5.C1E3668BEA28AB3895D1F8AF8ED4606C] - [12/04/2018 01:33:49] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [190.41 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\ataport.sys [MD5.D3CBC6DE5955D014407C7BD1FFE80F00] - [12/04/2018 01:34:23] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [91.5 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\cdfs.sys [MD5.AD4D24434C058AFAFD5AB319B4BF5B66] - [12/04/2018 01:33:48] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [156 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\cdrom.sys [MD5.9E74A900CCCA3EA6C8533CF94B3F8223] - [12/04/2018 01:34:23] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [138 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\dfsc.sys [MD5.DED74127C7A2266715C0B8EA2EE75214] - [12/04/2018 01:33:45] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [84 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\hdaudbus.sys [MD5.DA179667B8CEC22E4ECBBF4210DC0E35] - [12/04/2018 01:33:52] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [103.5 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\i8042prt.sys [MD5.7408B83959A4B8271EF67FD06A6B366B] - [12/04/2018 01:34:14] - (.© Microsoft Corporation. - IP Network Address Translator.) - [209.5 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\ipnat.sys [MD5.3C0FA2ED75875481D00F3D77B1A3E336] - [12/04/2018 01:34:24] - (.© Microsoft Corporation. Tous droits réservés. - Minirdr SMB Windows NT.) - [488.9 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\mrxsmb.sys [MD5.5269DDC879DF5FEA2B7DB91AA4726CCA] - [12/04/2018 01:34:22] - (.© Microsoft Corporation. Tous droits réservés. - NDIS (Network Driver Interface Specification).) - [1255.41 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\ndis.sys [MD5.045A018E0BA5F9B75C5928A31C0E822C] - [12/04/2018 01:34:32] - (.© Microsoft Corporation. - MBT Transport driver.) - [304 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\netbt.sys [MD5.2B98586D5D7D536E8BDD33E276A1EE16] - [17/05/2018 07:40:41] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [2365.4 Ko] - (10.0.17134.48) : C:\WINDOWS\System32\Drivers\ntfs.sys [MD5.13B175715A4391E4E5D2AB2EBC8CDBB5] - [12/04/2018 01:33:49] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [96.5 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\parport.sys [MD5.775ED7E51B58CF9EB415A1DBA540DACF] - [12/04/2018 01:34:34] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [104 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\rasl2tp.sys [MD5.52A6CC99F5934CFAE88353C47B6193E7] - [12/04/2018 01:35:07] - (.© Microsoft Corporation. Tous droits réservés. - Redirecteur de périphérique de Microsoft RDP.) - [178.5 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\rdpdr.sys [MD5.BFCBA5F57D278720718B8CB39C50A8EC] - [12/04/2018 01:34:20] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [2654.4 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\tcpip.sys [MD5.16071C42E21CE3378FA449322FB9AB1D] - [12/04/2018 01:34:22] - (.© Microsoft Corporation. - TDI Translation Driver.) - [118.41 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\tdx.sys [MD5.F0EE4E6028CCA58BEA9A04E7BEAB7DB4] - [12/04/2018 01:34:39] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [388.91 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\Windows\System32\InputHost.dll (.Intel Corporation.-.User Mode Driver for Intel(R) Graphics Technology.) - (20.19.15.4549) -- C:\WINDOWS\SYSTEM32\igd10iumd64.dll (.Intel Corporation.-.Unified Shader Compiler for Intel(R) Graphics Accelerator.) - (20.19.15.4549) -- C:\WINDOWS\SYSTEM32\igdusc64.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellExperiences\TileControl.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellComponents\TaskFlowUI.dll (.NVIDIA Corporation.-.NVIDIA Display Shell Extension.) - (1.2.0.1) -- C:\WINDOWS\system32\nvshext.dll (.Intel Corporation.-.igfxDTCM Module.) - (6.15.10.4549) -- C:\WINDOWS\system32\igfxDTCM.dll ---------- | Svchost.exe component call (Microsoft Files Whitelisted) (.http://www.sqlite.org/copyright.html.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.21.0.0) -- C:\WINDOWS\System32\winsqlite3.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU OneDrive - ("C:\Users\g\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-1559459158-4131074543-171200091-1001\SOFTWARE\...\Run]) - User: DESKTOP-MOPM0C1\PedrOo CCleaner Monitoring - ("C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-1559459158-4131074543-171200091-1001\SOFTWARE\...\Run]) - User: DESKTOP-MOPM0C1\PedrOo Steam - ("D:\Steam\steam.exe" -silent [HKU\S-1-5-21-1559459158-4131074543-171200091-1001\SOFTWARE\...\Run]) - User: DESKTOP-MOPM0C1\PedrOo CCleaner - ("C:\Program Files\CCleaner\CCleaner64.exe" /AUTO [HKU\S-1-5-21-1559459158-4131074543-171200091-1001\SOFTWARE\...\Run]) - User: DESKTOP-MOPM0C1\PedrOo iCloudServices - ("C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [HKU\S-1-5-21-1559459158-4131074543-171200091-1001\SOFTWARE\...\Run]) - User: DESKTOP-MOPM0C1\PedrOo iCloudDrive - (C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [HKU\S-1-5-21-1559459158-4131074543-171200091-1001\SOFTWARE\...\Run]) - User: DESKTOP-MOPM0C1\PedrOo ApplePhotoStreams - (C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [HKU\S-1-5-21-1559459158-4131074543-171200091-1001\SOFTWARE\...\Run]) - User: DESKTOP-MOPM0C1\PedrOo iCloudPhotos - (C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [HKU\S-1-5-21-1559459158-4131074543-171200091-1001\SOFTWARE\...\Run]) - User: DESKTOP-MOPM0C1\PedrOo SecurityHealth - (%ProgramFiles%\Windows Defender\MSASCuiL.exe [HKLM\SOFTWARE\...\Run]) - User: Public ETDCtrl - (%ProgramFiles%\Elantech\ETDCtrl.exe [HKLM\SOFTWARE\...\Run]) - User: Public ProfilerU - (C:\Program Files\SmartTechnology\Software\ProfilerU.exe [HKLM\SOFTWARE\...\Run]) - User: Public SaiMfd - (C:\Program Files\SmartTechnology\Software\SaiMfd.exe [HKLM\SOFTWARE\...\Run]) - User: Public EvtMgr6 - (C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming [HKLM\SOFTWARE\...\Run]) - User: Public IAStorIcon - ("C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [HKLM\SOFTWARE\...\Run]) - User: Public iTunesHelper - ("C:\Program Files\iTunes\iTunesHelper.exe" [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-1559459158-4131074543-171200091-1001\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-1559459158-4131074543-171200091-1001\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\g\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR "Steam"="D:\Steam\steam.exe" -silent "CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe" /AUTO "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [18/09/2017 15:08:16] "ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [18/09/2017 15:08:32] "iCloudPhotos"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [18/09/2017 15:09:02] [HKU\S-1-5-21-1559459158-4131074543-171200091-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "CCleaner Monitoring"=0x020000000000000000000000 "OneDrive"=0x0300000080112B858F5FD201 "Steam"=0x0300000040832EB95C51D201 "Plex Media Server"=0x03000000B08DB6BB5C51D201 "iCloudServices"=0x030000005079056E2CB8D201 "CCleaner"=0x020000000000000000000000 "iCloudDrive"=0x03000000E05E2083FAEDD301 "iCloudPhotos"=0x0300000000B22885FAEDD301 [HKU\S-1-5-21-1559459158-4131074543-171200091-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=Canon MG2200 series,winspool,Ne03: "IsMRUEstablished"=1 "LegacyDefaultPrinterMode"=0 [HKLM\Software\Microsoft\Command Processor] "DefaultColor"=0 "EnableExtensions"=1 "CompletionChar"=64 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=%ProgramFiles%\Windows Defender\MSASCuiL.exe "ETDCtrl"=%ProgramFiles%\Elantech\ETDCtrl.exe "ProfilerU"=C:\Program Files\SmartTechnology\Software\ProfilerU.exe [01/10/2015 10:25:02] "SaiMfd"=C:\Program Files\SmartTechnology\Software\SaiMfd.exe [01/10/2015 10:25:08] "EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "IAStorIcon"=0x040000000000000000000000 "WindowsDefender"=0x040000000000000000000000 "SecurityHealth"=0x060000000000000000000000 "ETDCtrl"=0x060000000000000000000000 "Logitech Download Assistant"=0x060000000000000000000000 "NvBackend"=0x020000000000000000000000 "ShadowPlay"=0x030000009012A4113D27D301 "SaiMfd"=0x020000000000000000000000 "ProfilerU"=0x03000000105C698FFAEDD301 "iTunesHelper"=0x03000000B01BE1B75C51D201 "Malwarebytes TrayApp"=0x020000000000000000000000 "EvtMgr6"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "Razer Synapse"=0x0300000000687C80FAEDD301 "SunJavaUpdateSched"=0x030000005061ECFB3C27D301 "WDAppManager"=0x0300000060477B41D0DDD201 "ETDCtrl"=0x0300000040FED686FAEDD301 "IAStorIcon"=0x0300000040CEB48DFAEDD301 "ManOWar71Helper"=0x03000000D055FA2D9B50D301 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D3D1ED98C0F7D8 [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "WDAppManager"=C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [13/04/2017 02:32:30] "Razer Synapse"="C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" "ManOWar71Helper"=C:\Program Files (x86)\Razer\Razer_ManOWar71_Driver\Drivers\SysAudio\ManOWar71Helper.exe /start "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List ACC Adobe Acrobat Update Task Adobe Flash Player NPAPI Notifier Adobe Flash Player PPAPI Notifier Adobe Flash Player Updater Apple Diagnostics ASUS Smart Gesture Launcher ATK Package 36D18D69AFC3 ATK Package A22126881260 CCleanerSkipUAC Intel PTT EK Recertification NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} OneDrive Standalone Update Task-S-1-5-21-1559459158-4131074543-171200091-1001 RtHDVBg RtHDVBg_ListenToDevice RTKCPL USER_ESRV_SVC_WILLAMETTE {1A42AFEA-1036-46F8-B68E-FFDBFBF21CFE} {F4A9D65B-828E-4338-A281-D7A2BA81EFA9} {F56411AB-507A-4607-BE4B-6793037902C8} ---------- | Startings up registry ? Folder ---------- | .LNK with Arguments ---------- | AppCertDlls ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Hosts [34] More lines ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [172.217.19.238] avec 32 octets de donn?es?: R?ponse de 172.217.19.238?: octets=32 temps=22 ms TTL=55 R?ponse de 172.217.19.238?: octets=32 temps=22 ms TTL=55 R?ponse de 172.217.19.238?: octets=32 temps=23 ms TTL=55 R?ponse de 172.217.19.238?: octets=32 temps=22 ms TTL=55 Statistiques Ping pour 172.217.19.238: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 22ms, Maximum = 23ms, Moyenne = 22ms ---------- | @ [HKU\S-1-5-21-1559459158-4131074543-171200091-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=%11%\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=about:blank "ApplicationTileImmersiveActivation"=0 "AssociationActivationMode"=2 "SmoothScroll"=1 "OperationalData"=12 "EdgeSwitchingOSBuildNumber"=10586.th2_release_sec.160527-1834 "ImageStoreRandomFolder"=p6tbimz "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2A0000002A000000DA040000CD020000 "Start Page_TIMESTAMP"=0xAEF598812FCDD101 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"= "IE10RunOnceLastShown"=1 "IE10RunOnceLastShown_TIMESTAMP"=0xC3AED4876ABFD301 "IE10TourShown"=1 "IE10TourShownTime"=0xB6ADDB1D6188D301 "FormSuggest Passwords"=no "FormSuggest PW Ask"=no "SearchBandMigrationVersion"=1 [HKU\S-1-5-21-1559459158-4131074543-171200091-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "CertificateRevocation"=1 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "ZonesSecurityUpgrade"=0xACE2480B9EEDD301 "WarnonZoneCrossing"=0 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "ProxyOverride"=*.local "LockDatabase"=131713638688509317 [HKLM\Software\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 ---------- | Proxy ---------- | Notify [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn] : c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll ---------- | Execution FileExts ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}] -> (True Key Helper) : C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [17/02/2018 19:35:20] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}] -> (Logitech SetPoint) : C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [26/08/2015 03:16:26] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] -> (McAfee WebAdvisor BHO) : c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [03/05/2018 12:08:24] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}] -> (True Key Helper) : C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [17/02/2018 19:35:20] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [04/09/2017 20:07:31] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}] -> (Logitech SetPoint) : C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [26/08/2015 03:16:26] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] -> (McAfee WebAdvisor BHO) : c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [03/05/2018 12:08:24] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [04/09/2017 20:07:24] ---------- | Chrome [HKLM\Software\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho] ---------- | Opera ---------- | Firefox [HKLM\Software\mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi "{F003DA68-8256-4b37-A6C4-350FA04494DF}"=C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 29.0.0.171 Plugin) : C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.6] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 29.0.0.171 Plugin) : C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.144.2] - (Java™ Deployment Toolkit) : C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.144.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{2c68d1b5-90c2-4260-83bc-ab5bfd9938b2}] "DhcpNameServer"=172.20.10.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{3a811967-5353-4dce-b4b4-f8250cdd4dc0}] "DhcpNameServer"=201.33.16.24 8.8.4.4 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{b0aedf85-1214-4d45-ab3a-213268a9f727}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{cc48b937-f378-4482-a57b-79e3b0cc0a64}] "DhcpNameServer"=8.8.8.8 168.95.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{e9898852-127d-4f7a-9917-b68116b940f7}] "DhcpNameServer"=8.8.8.8 8.8.4.4 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{2c68d1b5-90c2-4260-83bc-ab5bfd9938b2}] "DhcpNameServer"=172.20.10.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{3a811967-5353-4dce-b4b4-f8250cdd4dc0}] "DhcpNameServer"=201.33.16.24 8.8.4.4 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{b0aedf85-1214-4d45-ab3a-213268a9f727}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{cc48b937-f378-4482-a57b-79e3b0cc0a64}] "DhcpNameServer"=8.8.8.8 168.95.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{e9898852-127d-4f7a-9917-b68116b940f7}] "DhcpNameServer"=8.8.8.8 8.8.4.4 ---------- | Drives D: ---------- | C: [MD5.D41D8CD98F00B204E9800998ECF8427E] - [17/05/2018 08:12:11] - |ASH| - (.-.) - [3389431808] - (0.0.0.0) - C:\hiberfil.sys [MD5.D41D8CD98F00B204E9800998ECF8427E] - [20/06/2016 08:57:20] - |ASH| - (.-.) - [2013265920] - (0.0.0.0) - C:\pagefile.sys [MD5.675F629087470A3E3A7D33102ED513F8] - [21/05/2018 10:37:51] - |A| - (.-.) - [80206] - (0.0.0.0) - C:\QuickDiag.txt [MD5.436805243DB14AEAB1B862151F261D6E] - [04/05/2018 13:44:40] - |RA| - (.-.) - [482960] - (0.0.0.0) - C:\QuickDiag_04_05_2018_13_44_40.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - [20/06/2016 08:57:21] - |ASH| - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys ---------- | C:\WINDOWS [MD5.178BA90AA13F6F834E5C060DC923FB55] - [12/04/2018 01:34:02] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [67072] - (10.0.17134.1) - C:\WINDOWS\bfsvc.exe [MD5.CF0FC0A953438A9542D034F3C6D21C96] - [17/05/2018 07:45:10] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [MD5.A155FFABF2F04265A97274CCAB44D773] - [12/04/2018 18:23:39] - |A| - (.-.) - [35138] - (0.0.0.0) - C:\WINDOWS\Core.xml [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [17/05/2018 08:22:59] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [17/05/2018 08:22:59] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [MD5.AD5296B280E8F522A8A897C96BAB0E1D] - [12/04/2018 01:34:44] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3933184] - (10.0.17134.1) - C:\WINDOWS\explorer.exe [MD5.B8A76FE97CECCE9233FE87BCDFA9088E] - [12/04/2018 01:34:25] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1054720] - (10.0.17134.1) - C:\WINDOWS\HelpPane.exe [MD5.A50C9DF7603E2F1AEA6B54053794A326] - [12/04/2018 01:34:25] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [17920] - (10.0.17134.1) - C:\WINDOWS\hh.exe [MD5.23AF90D2355D8C83AA4567EF1763B467] - [12/04/2018 01:34:36] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [MD5.BB9A06B8F2DD9D24C77F389D7B2B58D2] - [12/04/2018 01:34:20] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [245760] - (10.0.17134.1) - C:\WINDOWS\notepad.exe [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [15/04/2017 11:11:56] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\WINDOWS\NvContainerRecovery.bat [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [16/12/2016 18:47:28] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\WINDOWS\NvTelemetryContainerRecovery.bat [MD5.AC91328EE5CFFBD695CE912F75F876F6] - [12/04/2018 01:34:34] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [336384] - (10.0.17134.1) - C:\WINDOWS\regedit.exe [MD5.A095B3E67C8EB8F2137EAC63687F2F5B] - [04/07/2017 09:11:13] - |A| - (.Copyright (C) 2016 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2839520] - (1.0.7.0) - C:\WINDOWS\RtlExUpd.dll [MD5.8D59B31FF375059E3C32B17BF31A76D5] - [12/04/2018 01:34:41] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [130560] - (10.0.17134.1) - C:\WINDOWS\splwow64.exe [MD5.286A9EDB379DC3423A528B0864A0F111] - [19/06/2016 23:39:10] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [MD5.076387B253E6A381090F59EDBFC5EEF6] - [12/04/2018 01:34:53] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [65536] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [MD5.23CF8138F49416231807E6DE371FB9E6] - [19/06/2016 23:39:10] - |A| - (.-.) - [92] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [12/04/2018 01:34:36] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.EE1F0DE1ED3E8A5BF080B3497049969E] - [12/04/2018 01:34:52] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.17134.1) - C:\WINDOWS\winhlp32.exe [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [12/04/2018 01:33:56] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.5266C61652051E9EF3A4D199001F6B17] - [12/04/2018 01:34:19] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.17134.1) - C:\WINDOWS\write.exe ---------- | C:\WINDOWS\System32\GroupPolicy ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [12/02/2016 15:29:16] - C:\WINDOWS\Installer\137dae40.msi : (Intel(R) Rapid Storage Technology - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/03/2015 10:41:29] - C:\WINDOWS\Installer\14358a37.msi : ( - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/10/2015 08:55:00] - C:\WINDOWS\Installer\1446a673.msi : (Intel® RealSense™ SDK 2014 Runtime (x64): Core - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/03/2017 10:26:32] - C:\WINDOWS\Installer\198f7c.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/04/2018 21:45:18] - C:\WINDOWS\Installer\19b988.msi : (Apple Application Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/04/2018 21:46:47] - C:\WINDOWS\Installer\19be0c.msi : (Apple Application Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/04/2018 21:46:53] - C:\WINDOWS\Installer\19bffa.msi : (Apple Software Update Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/08/2016 11:11:02] - C:\WINDOWS\Installer\1aed53.msi : (.. . - Intel) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/08/2016 11:11:30] - C:\WINDOWS\Installer\1aed58.msi : (Intel(R) Driver Update Utility - Intel) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/08/2015 05:43:05] - C:\WINDOWS\Installer\1ed14314.msi : (Autodesk Pixlr - Autodesk) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/12/2017 12:55:00] - C:\WINDOWS\Installer\1f231c91.msi : (Hardware Detection DriversCloud.com - Cybelsoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/11/2017 19:28:50] - C:\WINDOWS\Installer\1f31653f.msi : (Intel(R) Management Engine Driver - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/11/2017 19:28:38] - C:\WINDOWS\Installer\1f316544.msi : (Intel(R) Management Engine Components - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/03/2017 10:26:32] - C:\WINDOWS\Installer\2041d.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/09/2016 23:48:10] - C:\WINDOWS\Installer\23c4effa.msi : (MSVCRT Redists - MAGIX Computer Products Intl. Co.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/11/2016 19:13:37] - C:\WINDOWS\Installer\23c4efff.msi : (VEGAS Pro 14.0 (64-bit) - VEGAS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/09/2017 20:05:25] - C:\WINDOWS\Installer\24cd6e6d.msi : (Java SE Runtime Environment 8 Update 144 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/09/2017 20:05:20] - C:\WINDOWS\Installer\24cd6e78.msi : (Java Auto Updater - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/03/2017 10:26:32] - C:\WINDOWS\Installer\2517b.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/01/2000 02:00:00] - C:\WINDOWS\Installer\33b79.msi : (Blank Project Template - Waves Audio Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/08/2015 20:55:46] - C:\WINDOWS\Installer\510d0.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/02/2018 18:51:25] - C:\WINDOWS\Installer\5378c.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/11/2017 02:46:06] - C:\WINDOWS\Installer\585d9.msi : (Intel(R) Trusted Connect Service Client x64 - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/11/2017 02:42:42] - C:\WINDOWS\Installer\585de.msi : (Intel(R) Trusted Connect Service Client x86 - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [02/10/2017 18:43:22] - C:\WINDOWS\Installer\6156cb07.msi : (iCloud for Windows installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/01/2000 02:00:00] - C:\WINDOWS\Installer\8777195.msi : (DriverSetupUtility - Acer Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2018 11:30:19] - C:\WINDOWS\Installer\89c840e.msi : (Emily - Razer Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/06/2016 12:30:00] - C:\WINDOWS\Installer\9067e.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2015 07:00:08] - C:\WINDOWS\Installer\9ad98f2.msi : ([ProductName] Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/10/2015 10:03:24] - C:\WINDOWS\Installer\a03737c.msi : (Smart Technology Programming Software - Mad Catz) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/04/2018 21:40:23] - C:\WINDOWS\Installer\a5f7c98.msi : (Apple Mobile Device Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/04/2017 02:58:32] - C:\WINDOWS\Installer\ca46e53.msi : (WD Backup plugin - Western Digital Technologies, Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/05/2017 08:45:25] - C:\WINDOWS\Installer\cbb78c3.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/10/2017 15:03:24] - C:\WINDOWS\Installer\e466db4.msi : (Blank Project Template - InstallShield) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/04/2017 07:33:34] - C:\WINDOWS\Installer\e4f1edd.msi : (Intel(R) ME UninstallLegacy - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | [PedrOo] [01/03/2017 10:13:33] - |D| - [1627452] - C:\Users\g\.fontconfig [18/09/2016 16:57:12] - |D| - [411993] - C:\Users\g\.gimp-2.8 [23/06/2016 11:13:13] - |D| - [113] - C:\Users\g\.oracle_jre_usage [18/09/2016 17:01:20] - |D| - [0] - C:\Users\g\.thumbnails [09/12/2017 11:25:34] - |RD| - [298] - C:\Users\g\3D Objects [31/01/2018 20:50:14] - |D| - [0] - C:\Users\g\ansel [17/05/2018 08:08:13] - |HD| - [23759731724] - C:\Users\g\AppData [17/05/2018 08:08:13] - |SHD| - [0] - C:\Users\g\Application Data [20/06/2016 09:17:06] - |RD| - [412] - C:\Users\g\Contacts [17/05/2018 08:08:13] - |SHD| - [0] - C:\Users\g\Cookies [20/06/2016 09:16:50] - |RD| - [341249340] - C:\Users\g\Desktop [20/06/2016 09:16:50] - |RD| - [2019574089] - C:\Users\g\Documents [18/09/2016 16:55:54] - |RD| - [4004160800] - C:\Users\g\Downloads [20/06/2016 09:16:50] - |RD| - [690] - C:\Users\g\Favorites [27/04/2018 08:51:28] - |RD| - [17762956] - C:\Users\g\iCloudDrive [01/07/2017 13:12:10] - |D| - [4642967] - C:\Users\g\Intel [20/06/2016 09:16:59] - |SHD| - [25308] - C:\Users\g\IntelGraphicsProfiles [20/06/2016 09:16:50] - |RD| - [2795] - C:\Users\g\Links [17/05/2018 08:08:13] - |SHD| - [0] - C:\Users\g\Local Settings [17/05/2018 08:08:13] - |SHD| - [0] - C:\Users\g\Menu Démarrer [17/05/2018 08:08:13] - |SHD| - [0] - C:\Users\g\Mes documents [09/12/2017 11:27:56] - |HD| - [2634447] - C:\Users\g\MicrosoftEdgeBackups [17/05/2018 08:08:13] - |SHD| - [0] - C:\Users\g\Modèles [20/06/2016 09:16:50] - |RD| - [2205173] - C:\Users\g\Music [17/05/2018 08:08:13] - |AH| - [6815744] - C:\Users\g\NTUSER.DAT [17/05/2018 08:08:13] - |ASH| - [1179648] - C:\Users\g\ntuser.dat.LOG1 [17/05/2018 08:08:13] - |ASH| - [1904640] - C:\Users\g\ntuser.dat.LOG2 [17/05/2018 08:08:13] - |ASH| - [65536] - C:\Users\g\NTUSER.DAT{3c3e19d0-59a0-11e8-a72d-086266b54fb1}.TM.blf [17/05/2018 08:08:13] - |ASH| - [524288] - C:\Users\g\NTUSER.DAT{3c3e19d0-59a0-11e8-a72d-086266b54fb1}.TMContainer00000000000000000001.regtrans-ms [17/05/2018 08:08:13] - |ASH| - [524288] - C:\Users\g\NTUSER.DAT{3c3e19d0-59a0-11e8-a72d-086266b54fb1}.TMContainer00000000000000000002.regtrans-ms [17/05/2018 08:25:21] - |SH| - [20] - C:\Users\g\ntuser.ini [20/06/2016 09:19:23] - |RD| - [92] - C:\Users\g\OneDrive [20/06/2016 09:16:50] - |RD| - [36197617969] - C:\Users\g\Pictures [09/12/2016 12:13:02] - |D| - [2710] - C:\Users\g\Privax Ltd [17/05/2018 08:08:13] - |SHD| - [0] - C:\Users\g\Recent [20/06/2016 09:16:50] - |RD| - [32209605] - C:\Users\g\Saved Games [20/06/2016 09:17:06] - |RD| - [1875] - C:\Users\g\Searches [17/05/2018 08:08:13] - |SHD| - [0] - C:\Users\g\SendTo [20/06/2016 09:16:50] - |RD| - [202014038704] - C:\Users\g\Videos [17/05/2018 08:08:13] - |SHD| - [0] - C:\Users\g\Voisinage d'impression [17/05/2018 08:08:13] - |SHD| - [0] - C:\Users\g\Voisinage réseau ---------- | [AppData] [17/05/2018 08:08:13] - |D| - [2878796511] - C:\Users\g\AppData\Local [20/06/2016 09:16:50] - |D| - [2886669] - C:\Users\g\AppData\LocalLow [17/05/2018 08:08:13] - |D| - [20878048544] - C:\Users\g\AppData\Roaming ---------- | [AppData\Local] [27/04/2018 08:50:32] - |D| - [1678336] - C:\Users\g\AppData\Local\42CC8007-E66A-4894-8209-220610E71F63.aplzod [20/06/2016 09:18:58] - |D| - [0] - C:\Users\g\AppData\Local\ActiveSync [28/06/2016 09:09:36] - |D| - [22417622] - C:\Users\g\AppData\Local\Adobe [27/08/2016 14:45:45] - |D| - [147177472] - C:\Users\g\AppData\Local\Apple [27/08/2016 14:48:12] - |D| - [8526557] - C:\Users\g\AppData\Local\Apple Computer [27/03/2017 10:46:18] - |D| - [45026542] - C:\Users\g\AppData\Local\Apple Inc [17/05/2018 08:08:13] - |SHD| - [0] - C:\Users\g\AppData\Local\Application Data [23/09/2016 18:02:37] - |D| - [19190437] - C:\Users\g\AppData\Local\Autodesk [23/06/2016 11:04:01] - |D| - [9418237] - C:\Users\g\AppData\Local\CEF [13/12/2016 21:00:56] - |D| - [40] - C:\Users\g\AppData\Local\Chromium [20/06/2016 00:58:50] - |D| - [39141432] - C:\Users\g\AppData\Local\Comms [05/08/2016 20:30:45] - |D| - [4421976] - C:\Users\g\AppData\Local\ConnectedDevicesPlatform [01/03/2017 10:13:09] - |D| - [0] - C:\Users\g\AppData\Local\converter [28/06/2016 17:19:50] - |D| - [0] - C:\Users\g\AppData\Local\CrashDumps [20/04/2017 20:20:35] - |D| - [0] - C:\Users\g\AppData\Local\DBG [19/10/2016 11:19:53] - |D| - [2436422] - C:\Users\g\AppData\Local\Diagnostics [21/05/2017 17:28:23] - |D| - [4469] - C:\Users\g\AppData\Local\Disc_Soft_Ltd [25/06/2016 11:24:01] - |D| - [0] - C:\Users\g\AppData\Local\ElevatedDiagnostics [18/09/2016 16:57:13] - |D| - [1767620] - C:\Users\g\AppData\Local\fontconfig [18/09/2016 16:57:12] - |D| - [660] - C:\Users\g\AppData\Local\gegl-0.2 [09/03/2017 22:19:52] - |D| - [120134] - C:\Users\g\AppData\Local\Golden Frog, GmbH [09/03/2017 22:19:53] - |D| - [1321] - C:\Users\g\AppData\Local\Golden_Frog,_GmbH [09/03/2017 22:05:19] - |D| - [47235] - C:\Users\g\AppData\Local\Google [18/09/2016 17:02:47] - |D| - [201] - C:\Users\g\AppData\Local\gtk-2.0 [17/05/2018 08:08:13] - |SHD| - [0] - C:\Users\g\AppData\Local\Historique [17/05/2018 18:19:21] - |AH| - [13718] - C:\Users\g\AppData\Local\IconCache.db [01/01/2018 12:12:32] - |D| - [106] - C:\Users\g\AppData\Local\id Software [19/10/2016 13:21:11] - |D| - [759] - C:\Users\g\AppData\Local\Intel [28/06/2016 09:11:05] - |D| - [0] - C:\Users\g\AppData\Local\Macromedia [17/05/2018 08:08:13] - |D| - [406368687] - C:\Users\g\AppData\Local\Microsoft [20/06/2016 00:20:38] - |D| - [75524] - C:\Users\g\AppData\Local\MicrosoftEdge [01/03/2017 10:13:09] - |D| - [51122] - C:\Users\g\AppData\Local\Movavi [23/06/2016 10:52:39] - |D| - [96231154] - C:\Users\g\AppData\Local\Mozilla [20/06/2016 08:21:12] - |D| - [0] - C:\Users\g\AppData\Local\NetworkTiles [23/06/2016 12:29:11] - |D| - [170188636] - C:\Users\g\AppData\Local\NVIDIA [23/06/2016 12:31:16] - |D| - [158200833] - C:\Users\g\AppData\Local\NVIDIA Corporation [09/12/2017 10:51:11] - |D| - [773262797] - C:\Users\g\AppData\Local\Packages [09/12/2017 11:26:44] - |D| - [0] - C:\Users\g\AppData\Local\PackageStaging [17/05/2018 10:25:31] - |D| - [0] - C:\Users\g\AppData\Local\PlaceholderTileLogoFolder [24/11/2016 15:39:40] - |D| - [381428774] - C:\Users\g\AppData\Local\Plex Media Server [09/12/2016 12:13:03] - |D| - [0] - C:\Users\g\AppData\Local\Privax Ltd [23/06/2016 10:59:42] - |D| - [0] - C:\Users\g\AppData\Local\Programs [20/06/2016 09:17:26] - |D| - [11042303] - C:\Users\g\AppData\Local\Publishers [27/06/2017 17:56:50] - |D| - [88749664] - C:\Users\g\AppData\Local\Razer [27/06/2017 18:04:11] - |D| - [864] - C:\Users\g\AppData\Local\Razer_Inc [18/09/2016 17:03:12] - |A| - [47511] - C:\Users\g\AppData\Local\recently-used.xbel [25/04/2017 08:31:58] - |A| - [7605] - C:\Users\g\AppData\Local\Resmon.ResmonCfg [30/09/2017 16:24:51] - |D| - [684] - C:\Users\g\AppData\Local\RzStats [25/06/2016 11:28:27] - |D| - [1049] - C:\Users\g\AppData\Local\SmartTechnology [28/11/2016 19:18:19] - |D| - [23038] - C:\Users\g\AppData\Local\Sony [23/06/2016 11:04:00] - |D| - [451526827] - C:\Users\g\AppData\Local\Steam [17/05/2018 08:08:13] - |D| - [17988] - C:\Users\g\AppData\Local\Temp [17/05/2018 08:08:13] - |SHD| - [0] - C:\Users\g\AppData\Local\Temporary Internet Files [20/06/2016 09:16:58] - |D| - [17163806] - C:\Users\g\AppData\Local\TileDataLayer [29/08/2016 16:09:40] - |D| - [20532193] - C:\Users\g\AppData\Local\tkdata [02/02/2017 23:00:14] - |D| - [2581] - C:\Users\g\AppData\Local\Ubisoft Game Launcher [14/04/2017 08:09:30] - |D| - [0] - C:\Users\g\AppData\Local\UNP [28/11/2016 19:14:31] - |D| - [0] - C:\Users\g\AppData\Local\VEGAS [28/11/2016 19:18:19] - |D| - [2347237] - C:\Users\g\AppData\Local\VEGAS Pro [20/06/2016 09:17:03] - |D| - [0] - C:\Users\g\AppData\Local\VirtualStore [21/05/2017 08:16:50] - |D| - [82] - C:\Users\g\AppData\Local\Wondershare [03/05/2018 13:48:21] - |D| - [134256] - C:\Users\g\AppData\Local\ZHP ---------- | [AppData\LocalLow] [29/08/2016 15:50:16] - |D| - [2431702] - C:\Users\g\AppData\LocalLow\Adobe [20/06/2016 00:20:53] - |SD| - [366411] - C:\Users\g\AppData\LocalLow\Microsoft [21/11/2016 18:15:57] - |D| - [0] - C:\Users\g\AppData\LocalLow\Mozilla [23/06/2016 11:13:13] - |D| - [88556] - C:\Users\g\AppData\LocalLow\Sun [13/07/2016 18:40:49] - |D| - [0] - C:\Users\g\AppData\LocalLow\Temp ---------- | [AppData\Roaming] [20/06/2016 09:17:04] - |D| - [2284153] - C:\Users\g\AppData\Roaming\Adobe [27/08/2016 14:48:11] - |D| - [20514386276] - C:\Users\g\AppData\Roaming\Apple Computer [23/09/2016 18:00:30] - |D| - [3166] - C:\Users\g\AppData\Roaming\Autodesk [07/02/2017 12:23:31] - |D| - [5927] - C:\Users\g\AppData\Roaming\Command & Conquer 3 Tiberium Wars [21/05/2017 17:26:55] - |D| - [0] - C:\Users\g\AppData\Roaming\DAEMON Tools Lite [07/03/2018 22:27:45] - |D| - [203] - C:\Users\g\AppData\Roaming\dvdcss [17/06/2017 13:22:29] - |D| - [46] - C:\Users\g\AppData\Roaming\epm [03/10/2016 10:14:16] - |D| - [2053839] - C:\Users\g\AppData\Roaming\FiraxisLive [01/07/2017 13:13:05] - |D| - [1356] - C:\Users\g\AppData\Roaming\Intel Corporation [26/02/2017 20:48:56] - |D| - [3757] - C:\Users\g\AppData\Roaming\Kalypso Media [25/06/2017 12:59:09] - |D| - [82] - C:\Users\g\AppData\Roaming\livestreamer [01/07/2017 13:11:19] - |D| - [177176] - C:\Users\g\AppData\Roaming\Logishrd [01/07/2017 13:11:19] - |D| - [3814] - C:\Users\g\AppData\Roaming\Logitech [20/06/2016 08:04:54] - |D| - [2171] - C:\Users\g\AppData\Roaming\Macromedia [28/11/2016 19:17:57] - |D| - [0] - C:\Users\g\AppData\Roaming\MAGIX [17/05/2018 08:08:13] - |SD| - [52112087] - C:\Users\g\AppData\Roaming\Microsoft [03/10/2016 10:12:55] - |D| - [173] - C:\Users\g\AppData\Roaming\ModLauncherWPF [23/06/2016 10:52:38] - |D| - [50898060] - C:\Users\g\AppData\Roaming\Mozilla [07/10/2016 21:03:38] - |D| - [0] - C:\Users\g\AppData\Roaming\NVIDIA [23/06/2016 11:21:46] - |D| - [0] - C:\Users\g\AppData\Roaming\Oracle [28/11/2016 19:18:30] - |D| - [0] - C:\Users\g\AppData\Roaming\Publish Providers [17/08/2016 09:50:28] - |D| - [75] - C:\Users\g\AppData\Roaming\Skype [28/11/2016 19:13:37] - |D| - [606162] - C:\Users\g\AppData\Roaming\Sony [23/06/2016 11:13:13] - |D| - [0] - C:\Users\g\AppData\Roaming\Sun [23/06/2016 11:25:08] - |D| - [133925219] - C:\Users\g\AppData\Roaming\The Creative Assembly [26/02/2017 20:50:11] - |D| - [117795621] - C:\Users\g\AppData\Roaming\Tropico 5 [28/11/2016 19:18:25] - |D| - [238] - C:\Users\g\AppData\Roaming\VEGAS [28/11/2016 19:18:19] - |D| - [0] - C:\Users\g\AppData\Roaming\VEGAS Pro [26/06/2016 21:15:15] - |D| - [89541] - C:\Users\g\AppData\Roaming\vlc [21/05/2017 08:25:46] - |D| - [1494] - C:\Users\g\AppData\Roaming\Western Digital [25/06/2016 11:26:24] - |D| - [12] - C:\Users\g\AppData\Roaming\WinRAR [19/10/2016 13:21:36] - |D| - [3697896] - C:\Users\g\AppData\Roaming\ZHP ---------- | [AppData\Roaming\Microsoft\Windows\Start Menu] [20/06/2016 09:17:06] - |SH| - [174] - C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [17/05/2018 08:08:13] - |SHD| - [0] - C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [05/08/2016 20:15:10] - |RD| - [39624] - C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs ---------- | [AppData\Roaming\Microsoft\Windows\Start Menu\Programs] [17/05/2018 08:08:13] - |RD| - [3888] - C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [17/05/2018 08:08:13] - |RD| - [2927] - C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [20/06/2016 09:17:06] - |RD| - [174] - C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [21/05/2017 17:43:13] - |D| - [4008] - C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar [17/05/2018 08:08:13] - |SH| - [264] - C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [09/12/2016 12:25:10] - |D| - [5276] - C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlyVPN [27/04/2018 08:51:31] - |D| - [810] - C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud [17/05/2018 08:08:13] - |D| - [170] - C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [31/01/2018 20:25:18] - |A| - [1330] - C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee WebAdvisor.lnk [17/05/2018 08:08:13] - |A| - [1105] - C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [20/06/2016 09:17:06] - |RD| - [174] - C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [26/02/2017 17:28:41] - |D| - [1158] - C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [17/05/2018 08:08:13] - |RD| - [3496] - C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [02/02/2017 23:00:15] - |D| - [2705] - C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft [17/05/2018 08:08:13] - |RD| - [7754] - C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [23/06/2016 11:15:29] - |D| - [4385] - C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ---------- | [AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup] [20/06/2016 09:17:06] - |SH| - [174] - C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\ProgramData [12/07/2016 12:47:40] - |D| - [461629] - C:\ProgramData\acer [29/08/2016 15:49:15] - |D| - [356951788] - C:\ProgramData\Adobe [27/08/2016 14:44:45] - |D| - [1555966096] - C:\ProgramData\Apple [27/08/2016 14:47:18] - |D| - [165885288] - C:\ProgramData\Apple Computer [17/05/2018 08:24:34] - |SHD| - [0] - C:\ProgramData\Application Data [20/06/2016 07:47:40] - |D| - [3052] - C:\ProgramData\ASUS Smart Gesture [23/09/2016 18:00:30] - |D| - [9674] - C:\ProgramData\Autodesk [09/12/2016 12:14:09] - |D| - [3424] - C:\ProgramData\boost_interprocess [20/06/2016 09:07:56] - |SHD| - [0] - C:\ProgramData\Bureau [27/06/2016 12:16:11] - |HD| - [35602211] - C:\ProgramData\CanonBJ [16/07/2016 13:47:48] - |D| - [0] - C:\ProgramData\Comms [21/05/2017 17:26:47] - |D| - [3494] - C:\ProgramData\DAEMON Tools Lite [17/05/2018 08:24:34] - |SHD| - [0] - C:\ProgramData\Documents [15/04/2017 11:11:08] - |A| - [0] - C:\ProgramData\DP45977C.lfl [15/10/2016 12:18:14] - |D| - [2063060] - C:\ProgramData\DriversCloud.com [12/07/2016 12:14:52] - |D| - [6024] - C:\ProgramData\DriverSetupUtility [09/12/2016 12:29:00] - |D| - [310137] - C:\ProgramData\FlyVPN [09/03/2017 22:18:40] - |D| - [232511] - C:\ProgramData\Golden Frog, GmbH [19/10/2016 13:18:43] - |D| - [58842846] - C:\ProgramData\Intel [21/05/2017 08:34:41] - |RASHD| - [1024] - C:\ProgramData\Key-Base [01/07/2017 13:12:07] - |D| - [23178009] - C:\ProgramData\Logishrd [28/11/2016 19:17:57] - |D| - [0] - C:\ProgramData\MAGIX [23/06/2016 11:00:11] - |D| - [221619408] - C:\ProgramData\Malwarebytes [23/06/2016 11:18:41] - |D| - [89555396] - C:\ProgramData\McAfee [20/06/2016 09:07:56] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [12/04/2018 01:38:20] - |SD| - [1110469363] - C:\ProgramData\Microsoft [17/05/2018 17:40:41] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [01/03/2017 10:12:24] - |A| - [16] - C:\ProgramData\mntemp [20/06/2016 09:07:56] - |SHD| - [0] - C:\ProgramData\Modèles [01/03/2017 10:12:40] - |D| - [5389] - C:\ProgramData\Movavi [01/03/2017 10:12:24] - |D| - [64] - C:\ProgramData\Movavi Video Converter 17 [01/03/2017 10:12:24] - |A| - [5054] - C:\ProgramData\mudtcpaz.vzs [15/04/2017 11:11:56] - |D| - [2739389] - C:\ProgramData\NVIDIA [15/04/2017 11:11:53] - |D| - [1948998249] - C:\ProgramData\NVIDIA Corporation [16/12/2016 18:48:12] - |A| - [5943] - C:\ProgramData\NvTelemetryContainer.log [16/12/2016 18:48:12] - |A| - [6776] - C:\ProgramData\NvTelemetryContainer.log_backup1 [23/06/2016 11:13:03] - |D| - [72304898] - C:\ProgramData\Oracle [23/06/2016 11:22:47] - |D| - [63520758] - C:\ProgramData\Package Cache [27/06/2017 17:56:50] - |D| - [678868458] - C:\ProgramData\Razer [12/04/2018 01:38:20] - |D| - [5298] - C:\ProgramData\regid.1991-06.com.microsoft [27/06/2017 18:03:19] - |D| - [1545] - C:\ProgramData\RzSurroundVAD_1.1.62.0 [17/01/2018 23:50:20] - |D| - [1566] - C:\ProgramData\RzSurroundVAD_1.1.63.0 [15/04/2017 11:05:54] - |D| - [58391090] - C:\ProgramData\SetupTPDriver [25/06/2016 11:09:53] - |D| - [672929] - C:\ProgramData\SmartTechnology [12/04/2018 01:38:20] - |D| - [0] - C:\ProgramData\SoftwareDistribution [29/08/2016 16:08:26] - |D| - [8228] - C:\ProgramData\TrueKey [12/07/2016 12:47:10] - |D| - [1480859] - C:\ProgramData\updater2 [12/04/2018 01:38:20] - |D| - [8525] - C:\ProgramData\USOPrivate [17/05/2018 08:06:24] - |D| - [122880] - C:\ProgramData\USOShared [28/11/2016 19:14:31] - |D| - [3190561] - C:\ProgramData\VEGAS [28/11/2016 19:18:32] - |D| - [0] - C:\ProgramData\VEGAS Pro [21/05/2017 08:25:00] - |D| - [31758] - C:\ProgramData\Western Digital [12/04/2018 18:23:20] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices [21/05/2017 08:16:40] - |D| - [0] - C:\ProgramData\Wondershare [21/05/2017 08:34:41] - |D| - [0] - C:\ProgramData\{3CCF49E8-2FEE-2F22-FA86-2A78B9882A3A} ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [12/04/2018 01:38:24] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [29/08/2016 15:49:32] - |D| - [283898271] - C:\Program Files (x86)\Adobe [17/04/2018 21:55:29] - |D| - [4057910] - C:\Program Files (x86)\Apple Software Update [15/04/2017 11:06:00] - |D| - [86062226] - C:\Program Files (x86)\ASUS [23/09/2016 18:01:36] - |D| - [148364264] - C:\Program Files (x86)\Autodesk [29/10/2017 15:03:42] - |AD| - [1122214] - C:\Program Files (x86)\Bluetooth Suite [27/08/2016 14:45:27] - |AD| - [631715] - C:\Program Files (x86)\Bonjour [12/04/2018 01:38:20] - |D| - [398112788] - C:\Program Files (x86)\Common Files [21/05/2017 17:43:13] - |D| - [7202991] - C:\Program Files (x86)\Convar [12/04/2018 01:38:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [17/06/2017 13:18:55] - |D| - [199615098] - C:\Program Files (x86)\EaseUS [11/07/2016 23:01:39] - |AD| - [6034298] - C:\Program Files (x86)\FlyVPN [09/03/2017 22:05:22] - |D| - [0] - C:\Program Files (x86)\Google [12/07/2016 11:47:48] - |HD| - [30139858] - C:\Program Files (x86)\InstallShield Installation Information [12/07/2016 11:46:25] - |D| - [8806598] - C:\Program Files (x86)\Intel [19/10/2016 13:18:14] - |AD| - [12249636] - C:\Program Files (x86)\Intel Driver Update Utility [12/04/2018 01:38:20] - |D| - [2007019] - C:\Program Files (x86)\Internet Explorer [19/10/2016 12:01:26] - |D| - [167658621] - C:\Program Files (x86)\Java [23/06/2016 11:27:31] - |D| - [172788782] - C:\Program Files (x86)\McAfee [25/06/2016 10:57:54] - |D| - [1670519] - C:\Program Files (x86)\Microsoft ASP.NET [12/07/2016 11:19:32] - |AD| - [2306705427] - C:\Program Files (x86)\Microsoft Office [23/06/2016 11:10:05] - |AD| - [42892246] - C:\Program Files (x86)\Microsoft Silverlight [12/04/2018 01:38:20] - |D| - [8175999] - C:\Program Files (x86)\Microsoft.NET [20/11/2016 18:50:07] - |AD| - [151029080] - C:\Program Files (x86)\Mozilla Firefox [23/06/2016 10:52:29] - |D| - [520509] - C:\Program Files (x86)\Mozilla Maintenance Service [17/05/2018 07:34:03] - |D| - [25757] - C:\Program Files (x86)\MSBuild [15/04/2017 11:11:56] - |D| - [454173920] - C:\Program Files (x86)\NVIDIA Corporation [27/06/2017 17:58:27] - |AD| - [384811309] - C:\Program Files (x86)\Razer [20/06/2016 09:04:17] - |D| - [174101281] - C:\Program Files (x86)\Realtek [17/05/2018 07:34:03] - |D| - [38454529] - C:\Program Files (x86)\Reference Assemblies [04/05/2018 12:28:42] - |D| - [505707] - C:\Program Files (x86)\SEAF [12/07/2016 11:58:08] - |HD| - [0] - C:\Program Files (x86)\Temp [02/02/2017 23:00:13] - |D| - [154362544] - C:\Program Files (x86)\Ubisoft [05/08/2016 20:11:22] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [04/05/2018 11:21:45] - |D| - [10735381] - C:\Program Files (x86)\UsbFix [28/11/2016 19:14:31] - |D| - [67669696] - C:\Program Files (x86)\VEGAS [27/04/2018 08:50:18] - |D| - [1912546] - C:\Program Files (x86)\VulkanRT [09/03/2017 22:16:56] - |D| - [341730] - C:\Program Files (x86)\VyprVPN [21/05/2017 08:25:00] - |D| - [11822739] - C:\Program Files (x86)\Western Digital [12/04/2018 01:38:20] - |D| - [1780752] - C:\Program Files (x86)\Windows Defender [12/04/2018 01:38:20] - |D| - [625664] - C:\Program Files (x86)\Windows Mail [12/04/2018 18:19:21] - |D| - [3254215] - C:\Program Files (x86)\Windows Media Player [12/04/2018 01:38:20] - |D| - [40328] - C:\Program Files (x86)\Windows Multimedia Platform [12/04/2018 01:38:20] - |D| - [7556440] - C:\Program Files (x86)\windows nt [12/04/2018 01:38:20] - |D| - [5370120] - C:\Program Files (x86)\Windows Photo Viewer [12/04/2018 01:38:20] - |D| - [40328] - C:\Program Files (x86)\Windows Portable Devices [12/04/2018 01:38:20] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [12/04/2018 01:38:20] - |D| - [2251159] - C:\Program Files (x86)\WindowsPowerShell [23/06/2016 11:15:24] - |AD| - [4615807] - C:\Program Files (x86)\WinRAR [21/05/2017 08:16:40] - |D| - [0] - C:\Program Files (x86)\Wondershare ---------- | C:\Program Files [27/08/2016 14:45:27] - |AD| - [615066] - C:\Program Files\Bonjour [20/06/2016 00:22:16] - |AD| - [19929544] - C:\Program Files\CCleaner [12/04/2018 01:38:20] - |D| - [792573172] - C:\Program Files\Common Files [12/04/2018 01:38:23] - |ASH| - [174] - C:\Program Files\desktop.ini [20/06/2016 00:28:25] - |D| - [1049584] - C:\Program Files\DIFX [01/01/2018 19:12:11] - |D| - [19416723] - C:\Program Files\DriversCloud.com [12/07/2016 12:14:49] - |D| - [2062607] - C:\Program Files\DriverSetupUtility [21/05/2017 08:11:48] - |D| - [597752] - C:\Program Files\EaseUS [19/06/2016 23:49:36] - |D| - [77029043] - C:\Program Files\Elantech [20/06/2016 09:07:56] - |SHD| - [0] - C:\Program Files\Fichiers communs [15/04/2017 11:11:30] - |D| - [82537594] - C:\Program Files\Intel [29/08/2016 16:07:58] - |D| - [131791101] - C:\Program Files\Intel Security [12/04/2018 01:38:20] - |D| - [2639350] - C:\Program Files\internet explorer [19/04/2018 21:48:09] - |D| - [4028219] - C:\Program Files\iPod [19/04/2018 21:47:19] - |D| - [402939203] - C:\Program Files\iTunes [01/07/2017 13:12:02] - |D| - [62710034] - C:\Program Files\Logitech [19/03/2017 20:32:52] - |D| - [158763006] - C:\Program Files\Malwarebytes [23/06/2016 11:28:01] - |AD| - [19039318] - C:\Program Files\McAfee [14/05/2018 23:17:14] - |D| - [9032032] - C:\Program Files\Microsoft Office 15 [23/06/2016 11:10:05] - |AD| - [55725526] - C:\Program Files\Microsoft Silverlight [17/05/2018 07:34:03] - |D| - [25757] - C:\Program Files\MSBuild [15/04/2017 11:11:46] - |D| - [2054869839] - C:\Program Files\NVIDIA Corporation [15/04/2017 11:11:00] - |D| - [48564150] - C:\Program Files\Realtek [21/05/2017 08:47:00] - |AD| - [0] - C:\Program Files\Recuva [17/05/2018 07:34:03] - |D| - [36854953] - C:\Program Files\Reference Assemblies [12/07/2016 11:28:10] - |D| - [850432] - C:\Program Files\ReviverSoft [12/07/2016 11:44:12] - |D| - [0] - C:\Program Files\Simple Driver Updater [25/06/2016 11:09:52] - |D| - [118734848] - C:\Program Files\SmartTechnology [15/04/2017 11:05:53] - |D| - [6085] - C:\Program Files\Synaptics [29/08/2016 15:50:04] - |D| - [123343819] - C:\Program Files\TrueKey [15/04/2017 11:05:56] - |HD| - [0] - C:\Program Files\Uninstall Information [14/04/2017 05:54:03] - |AD| - [6553600] - C:\Program Files\UNP [28/11/2016 19:14:31] - |D| - [852820643] - C:\Program Files\VEGAS [26/06/2016 21:14:50] - |D| - [137576484] - C:\Program Files\VideoLAN [17/05/2018 08:06:00] - |D| - [4958128] - C:\Program Files\Waves [06/09/2016 19:22:58] - |AD| - [6433373] - C:\Program Files\WhoCrashed [12/04/2018 01:38:20] - |D| - [19333067] - C:\Program Files\Windows Defender [12/04/2018 01:38:20] - |D| - [635392] - C:\Program Files\Windows Mail [12/04/2018 18:19:21] - |D| - [4783083] - C:\Program Files\Windows Media Player [12/04/2018 01:38:20] - |D| - [46576] - C:\Program Files\Windows Multimedia Platform [12/04/2018 01:38:20] - |D| - [7823192] - C:\Program Files\windows nt [12/04/2018 01:38:20] - |D| - [6170376] - C:\Program Files\Windows Photo Viewer [12/04/2018 01:38:20] - |D| - [46576] - C:\Program Files\Windows Portable Devices [12/04/2018 01:38:20] - |D| - [106165] - C:\Program Files\Windows Security [12/04/2018 01:38:20] - |SHD| - [0] - C:\Program Files\Windows Sidebar [12/04/2018 01:38:20] - |HD| - [4260417580] - C:\Program Files\WindowsApps [12/04/2018 01:38:20] - |D| - [2501953] - C:\Program Files\WindowsPowerShell [23/06/2016 11:16:24] - |D| - [6299307] - C:\Program Files\WinRAR ---------- | Tasks [MD5.5BD143B77B1B2E104A98941C33A6FC63] - [17/05/2018 08:13:58] - |AH| - [322] - C:\WINDOWS\Tasks\Intel PTT EK Recertification.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [17/05/2018 08:24:00] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.91719752DC05DED3E63193DC17CE2E30] - [17/05/2018 08:23:59] - |A| - [2798] - C:\WINDOWS\System32\Tasks\ACC : C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat [MD5.0CE40DB02D1C97F0F05D5B86C6468B89] - [17/05/2018 08:23:59] - |A| - [3482] - C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.FC5D26717FE19C56E9FFF6FACFCFC495] - [17/05/2018 08:23:59] - |A| - [3922] - C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier : C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe [MD5.194AE49D41ED3F7086336AC6A67F1322] - [17/05/2018 08:23:59] - |A| - [3754] - C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier : C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_pepper.exe [MD5.08F1AAA6D6BC2F11FF1DEE0D00682017] - [17/05/2018 08:23:59] - |A| - [3450] - C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater : C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.00000000000000000000000000000000] - [17/05/2018 08:23:59] - |D| - [2604] - C:\WINDOWS\System32\Tasks\Apple [MD5.76825B438805C7FABE74AEAFC6E0AFB2] - [17/05/2018 08:23:59] - |A| - [2642] - C:\WINDOWS\System32\Tasks\Apple Diagnostics : C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [MD5.898F91A234602BF536D2BE4D3A443B32] - [17/05/2018 08:23:59] - |A| - [2866] - C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher : "C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe" [MD5.AEDC8E22D7F58845F9132CC2B36C1E1A] - [17/05/2018 08:23:59] - |A| - [2924] - C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3 : "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe" [MD5.A4C90D430197DE626B28A0D0B60C8981] - [17/05/2018 08:23:59] - |A| - [2214] - C:\WINDOWS\System32\Tasks\ATK Package A22126881260 : "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe" [MD5.EFF60C168B52A54E072C49116EEC05E6] - [17/05/2018 08:23:59] - |A| - [2218] - C:\WINDOWS\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.00000000000000000000000000000000] - [17/05/2018 08:23:59] - |D| - [3348] - C:\WINDOWS\System32\Tasks\Intel [MD5.25F7A64FA56FA6B33AAC6DB7B746BE77] - [17/05/2018 08:23:59] - |A| - [3180] - C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification : "C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe" [MD5.00000000000000000000000000000000] - [17/05/2018 08:23:59] - |D| - [0] - C:\WINDOWS\System32\Tasks\McAfee [MD5.00000000000000000000000000000000] - [12/04/2018 01:38:21] - |D| - [564050] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.B8EACD5922556E4CAACC877750CC5204] - [17/05/2018 08:24:00] - |A| - [3140] - C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [MD5.55609DFE568DB1120966524B16FF91FB] - [17/05/2018 08:24:00] - |A| - [3398] - C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [MD5.D271B57C704ED9FE8F7BDF6C46E504F6] - [17/05/2018 08:24:00] - |A| - [3176] - C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe" [MD5.4C16A7D7D4E05C74CF806CADB99C4205] - [17/05/2018 08:24:00] - |A| - [2914] - C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [MD5.E9B84975F2CBB1CE3EE747251A97FE37] - [17/05/2018 08:24:00] - |A| - [2984] - C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.A416713998B405C15DF29DC980393AF6] - [17/05/2018 08:24:00] - |A| - [2744] - C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.1A919F03C70ACB361EBE07E705BA7845] - [17/05/2018 08:24:00] - |A| - [2838] - C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [MD5.75AD156C0121FB24587AFE114A4DF021] - [17/05/2018 08:24:00] - |A| - [2956] - C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [MD5.735EE36DC3181C927A59581F3DDE2A55] - [17/05/2018 08:24:00] - |A| - [2856] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1559459158-4131074543-171200091-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.FA7F3C3764313AE4B60584EFCD35510E] - [17/05/2018 08:24:00] - |A| - [2288] - C:\WINDOWS\System32\Tasks\RtHDVBg : "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" [MD5.C4DEFE179456697578CC4A86444DE4F5] - [17/05/2018 08:24:00] - |A| - [2346] - C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice : "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" [MD5.4C6CC4303327A6B6000033C426FAA5C8] - [17/05/2018 08:24:00] - |A| - [2282] - C:\WINDOWS\System32\Tasks\RTKCPL : "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" [MD5.27F3F5B1047C0EA50D0C4C4B70795EF3] - [17/05/2018 08:24:00] - |A| - [2110] - C:\WINDOWS\System32\Tasks\USER_ESRV_SVC_WILLAMETTE : "C:\WINDOWS\System32\Wscript.exe" [MD5.03526F5525599F67B6B1DD5DB90AABD3] - [17/05/2018 08:24:00] - |A| - [2310] - C:\WINDOWS\System32\Tasks\{1A42AFEA-1036-46F8-B68E-FFDBFBF21CFE} : C:\WINDOWS\system32\pcalua.exe [MD5.63D96AC887567DBCC8B4FF1061603B6A] - [17/05/2018 08:24:00] - |A| - [2304] - C:\WINDOWS\System32\Tasks\{F4A9D65B-828E-4338-A281-D7A2BA81EFA9} : C:\WINDOWS\system32\pcalua.exe [MD5.BCECF30A9463FC9D34FB059D4108D7AA] - [17/05/2018 08:24:00] - |A| - [2304] - C:\WINDOWS\System32\Tasks\{F56411AB-507A-4607-BE4B-6793037902C8} : C:\WINDOWS\system32\pcalua.exe [MD5.00000000000000000000000000000000] - [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service R2 - [Kernel Driver] - ASMMAP64 (ASMMAP64) -> \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> system32\drivers\cldflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rzpmgrk (rzpmgrk) -> \??\C:\WINDOWS\system32\drivers\rzpmgrk.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rzpnk (rzpnk) -> \??\C:\WINDOWS\system32\drivers\rzpnk.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True ---------- | Installer [HKCR\Installer\Products\00006109C80000000000000000F01FEC] : Office 16 Click-to-Run Extensibility Component [HKCR\Installer\Products\00006109C800C0400000000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109DD0000000100000000F01FEC] : Office 16 Click-to-Run Extensibility Component 64-bit Registration [HKCR\Installer\Products\00006109F80000000100000000F01FEC] : Office 16 Click-to-Run Licensing Component [HKCR\Installer\Products\007AE03A51550F84880BE999CD53B688] : Apple Software Update -> C:\WINDOWS\Installer\{A30EA700-5515-48F0-88B0-9E99DC356B88}\Installer.ico [HKCR\Installer\Products\07C611259F976E115914BB595F3A90DB] : MSVCRT Redists [HKCR\Installer\Products\0D2A25BD1AAC1DE41B22927EDEED81F7] : . . . [HKCR\Installer\Products\10F45C0B848371B4A8589BB7AF84DA86] : Intel(R) Management Engine Components [HKCR\Installer\Products\1BF4A48A307DBD84980E866B94D98210] : Qualcomm Atheros Bluetooth Suite (64) -> C:\WINDOWS\Installer\{A84A4FB1-D703-48DB-89E0-68B6499D2801}\ARPPRODUCTICON.exe [HKCR\Installer\Products\274EC82895B5C0941B167FACEF7E4F0C] : Smart Technology Programming Software 7.0.45.2 [HKCR\Installer\Products\2B2307032FA67D649B332634D8BEB2A9] : Maxx Audio Installer (x64) -> C:\WINDOWS\Installer\{307032B2-6AF2-46D7-B933-62438DEB2B9A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2EEB87D0FF8F8944FAA1F38FC1DEA86C] : Razer Synapse -> C:\WINDOWS\Installer\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\34B7450BEEA3C354995408D0FD2950D2] : Autodesk Pixlr -> C:\WINDOWS\Installer\{B0547B43-3AEE-453C-9945-800DDF92052D}\Pixlr.ico [HKCR\Installer\Products\48F5F8FF0669BD04DBDACC0DF3B61D6F] : Intel(R) Rapid Storage Technology [HKCR\Installer\Products\4EA42A62D9304AC4784BF2238110440F] : Java 8 Update 144 -> C:\Program Files (x86)\Java\jre1.8.0_144\\bin\javaws.exe [HKCR\Installer\Products\522D436CA358DBD438E973ECA6D22FDA] : Intel(R) Management Engine Driver [HKCR\Installer\Products\5282559C2FB74434AB193DDC644F4C14] : Intel(R) Trusted Connect Service Client x86 [HKCR\Installer\Products\5282559C2FB74434AB193DDC644F4C24] : Intel(R) Trusted Connect Service Client x64 [HKCR\Installer\Products\5A1A9B9E893699C4F8ED0197F456505C] : Intel(R) ME UninstallLegacy [HKCR\Installer\Products\5BB3ACE00144B4142B6242F11F1CC20D] : Apple Application Support (64 bits) -> C:\WINDOWS\Installer\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}\WinInstall.ico [HKCR\Installer\Products\68AB67CA408033019195008142622500] : Adobe Refresh Manager -> C:\WINDOWS\Installer\{AC76BA86-0804-1033-1959-001824265200}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA76301B744CAF070E41400] : Adobe Acrobat Reader DC - Français -> C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico [HKCR\Installer\Products\698D4647C36CE214E83D23169C1FE412] : iCloud -> C:\WINDOWS\Installer\{7464D896-C63C-412E-8ED3-3261C9F14E21}\ARP.ico [HKCR\Installer\Products\6A6823D4BA6FA894284A4E0F0425F9D3] : ASUS Smart Gesture -> C:\WINDOWS\Installer\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\79A14D7320B603C478355801B71E6D47] : Intel® RealSense™ SDK 2014 Runtime (x64): Core -> C:\WINDOWS\Installer\{37D41A97-6B02-4C30-8753-85107BE1D674}\arp.ico [HKCR\Installer\Products\8214CD9298FC9D945A424B34F030F641] : DriversCloud.com (64 bits) -> C:\WINDOWS\Installer\{29DC4128-CF89-49D9-A524-B4430F036F14}\maconfico [HKCR\Installer\Products\8BFDDD6597F70844985D521E5FA22BF8] : Bonjour -> C:\WINDOWS\Installer\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}\Bonjour.ico [HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper [HKCR\Installer\Products\99E80CA9B0328e74791254777B1F42AE] : [HKCR\Installer\Products\9C1F807DF77492C4DA14C9E15D1FFD1F] : WD Backup [HKCR\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C] : DriverSetupUtility -> C:\Windows\Installer\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}\Bitmaps\Registration.ico [HKCR\Installer\Products\AAA500E93A18E874984435D2539025EE] : Apple Mobile Device Support -> C:\WINDOWS\Installer\{9E005AAA-81A3-478E-8944-532D350952EE}\Installer.ico [HKCR\Installer\Products\AFCFF382D801D43429AEDB06B6738D96] : iTunes -> C:\WINDOWS\Installer\{283FFCFA-108D-434D-92EA-BD606B37D869}\Installer.ico [HKCR\Installer\Products\B928F3451954F2B4FA36E6E6A65EE92B] : Apple Application Support (32 bits) -> C:\WINDOWS\Installer\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}\WinInstall.ico [HKCR\Installer\Products\D124AD6032EED78478F80FFA79FE96DA] : . . . -> C:\WINDOWS\Installer\{06DA421D-EE23-487D-878F-F0AF97EF69AD}\ProductIcon [HKCR\Installer\Products\E339C5BAD7C503D43B41C9384AB949EB] : ATK Package -> C:\WINDOWS\Installer\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\F4F813D49F976E11682CBB595F3A90DB] : VEGAS Pro 14.0 (64-bit) -> C:\WINDOWS\Installer\{4D318F4F-79F9-11E6-86C2-BB95F5A309BD}\vegas.ico [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater ---------- | ADS ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ----------( EOF)---------- - 1356 | 10:43:16