--------------- QuickDiag | g3n-h@ckm@n | V4_21.05.18.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 17/06/2018 21:17:47 Updated 21/05/2018 | 10.25 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [jul (Administrator)] - [JULIEN] (S-1-5-21-413593212-2328566316-2910965411-1001) System: Microsoft Windows 10 Professionnel - - (10.0.17134) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (1803) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Professionnel|C:\WINDOWS|\Device\Harddisk0\Partition4 Boot : Normal boot PC: HP ProBook 4340s - Hewlett-Packard - IdNumber: 2CE3100DJ4 - UUID: DC2027C3-8570-11E2-9673-CE39E75CAF03 Processor : X64 - 2494 Mhz - Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz 68IRR Ver. F.60 - fr-FR - Hewlett-Packard - S/N: 2CE3100DJ4 - 68IRR Ver. F.60 - HPQOEM - F CoreTemp : 0 Celsius ----------| Quick ---------- | SoundDevice IDT High Definition Audio CODEC - Status: OK - Manufacturer: IDT - PNPDeviceID: HDAUDIO\FUNC_01&VEN_111D&DEV_76D9&SUBSYS_103C17F0&REV_1001\4&2D20AF2&0&0001 Son Intel(R) pour écrans - Status: OK - Manufacturer: Intel(R) Corporation - PNPDeviceID: HDAUDIO\FUNC_01&VEN_8086&DEV_2806&SUBSYS_80860101&REV_1000\4&2D20AF2&0&0301 ---------- | Video Intel(R) HD Graphics 4000 - Resolution: 1366x768 - Colors: 4294967296 - RefreshRate: 39 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: igdumdim64.dll,igd10iumd64.dll,igd10iumd64.dll - PNPDeviceID: PCI\VEN_8086&DEV_0166&SUBSYS_17F0103C&REV_09\3&21436425&0&10 - AdapterCompatibility: Intel Corporation - RAM: -2143170560 Inegrated Video Chipset DeviceName: Intel(R) HD Graphics 4000 - DriverVersion: 10.18.10.4358 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 28160 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 36264 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 86016 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42480 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\cfhd.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 1334784 - Manufacturer: CineForm Inc. - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 53760 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 39424 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25408 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34696 - Manufacturer: Microsoft Corporation - Status: OK ---------- | CPU CPU #1 value:2 % CPU #2 value:2 % CPU #3 value:8 % CPU #4 value:14 % Total Overall CPU Usage value:6 % ---------- | Network Realtek PCIe GBE Family Controller : SENT:0 bytes/sec / RECVD:0 bytes/sec Ralink RT3290 802.11bgn Wi-Fi Adapter : SENT:0 bytes/sec / RECVD:0 bytes/sec Overall -> SEND Maxium:6 bytes/sec, / RECEIVE Maximum:0 bytes/sec Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 Realtek PCIe GBE Family Controller - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8168&SUBSYS_17F0103C&REV_07\4&1251DBB8&0&00E5 Ralink RT3290 802.11bgn Wi-Fi Adapter - Ethernet 802.3 - Ralink Technology, Corp. - Status: - PnPID : PCI\VEN_1814&DEV_3290&SUBSYS_18EC103C&REV_00\00002D8C92E2B7F400 Microsoft Wi-Fi Direct Virtual Adapter #3 - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&16F5150F&0&11 Microsoft Wi-Fi Direct Virtual Adapter #4 - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&16F5150F&0&12 Bluetooth Device (RFCOMM Protocol TDI) - - Microsoft - Status: - PnPID : BTH\MS_RFCOMM\6&E6C9E1A&0&0 Bluetooth Device (Personal Area Network) - Ethernet 802.3 - Microsoft - Status: - PnPID : BTH\MS_BTHPAN\6&E6C9E1A&0&2 WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_SSTPMINIPORT WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_AGILEVPNMINIPORT WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_L2TPMINIPORT WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPTPMINIPORT WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPPOEMINIPORT WAN Miniport (IP) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIP WAN Miniport (IPv6) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIPV6 WAN Miniport (Network Monitor) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANBH ---------- | Memory RAM = Total (MB) : 4072 | Free (MB) : 1409 Pagefile = Total (MB) : 4793 | Free (MB) : 1882 Virtual = Total (MB) : 4194 | Free (MB) : 3907 Physical Memory 1 : Capacity: 4294967296 - Bottom-Slot 2(under) - Posit.: 1 - Manufacturer: Micron - PartNumber: 8KTF51264HZ-1G6E1 - S/N: D8875FC6 ---------- | SID Users Administrateur : [S-1-5-21-413593212-2328566316-2910965411-500] DefaultAccount : [S-1-5-21-413593212-2328566316-2910965411-503] HomeGroupUser$ : [S-1-5-21-413593212-2328566316-2910965411-1003] Invité : [S-1-5-21-413593212-2328566316-2910965411-501] jul : [S-1-5-21-413593212-2328566316-2910965411-1001] WDAGUtilityAccount : [S-1-5-21-413593212-2328566316-2910965411-504] Administrateurs : [S-1-5-32-544] Administrateurs Hyper-V : [S-1-5-32-578] Duplicateurs : [S-1-5-32-552] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d événements : [S-1-5-32-573] Opérateurs d'assistance de contrôle d'accès : [S-1-5-32-579] Opérateurs de chiffrement : [S-1-5-32-569] Opérateurs de configuration réseau : [S-1-5-32-556] Opérateurs de sauvegarde : [S-1-5-32-551] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs avec pouvoir : [S-1-5-32-547] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l Analyseur de performances : [S-1-5-32-558] Utilisateurs du Bureau à distance : [S-1-5-32-555] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] HomeUsers : [S-1-5-21-413593212-2328566316-2910965411-1002] WinRMRemoteWMIUsers__ : [S-1-5-21-413593212-2328566316-2910965411-1000] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [] | Total : 222.23 Go | Free : 14.89 Go -> NTFS (SSD) [SATA] E:\ -> [Fixed] | [] | Total : 0.82 Go | Free : 0.81 Go -> NTFS (SSD) [SATA] Disk Usage Information [1 total Physical Disks] Physical Drive #0 [C:, E:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:0 bytes/sec, Write Maximum:0 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 4 Part. - PnPID : SCSI\DISK&VEN_ATA&PROD_KINGSTON_SV300S3\4&7DCFA11&0&000000 ---------- | Windows updates - Activation - License Test 1 : Windows Is Activated Volume License ---------- | Browsers IE : 11.0.17134.1 (© Microsoft Corporation. Tous droits réservés.) GC : 67.0.3396.87 (Copyright 2017 Google Inc.) Default : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" ---------- | FlashPlayer FlashPlayer ActiveX : 30.0.0.113 FlashPlayer Plugin : 30.0.0.113 ---------- | Security AM : Malwarebytes' Anti-Malware ( 2.3.125.0) [Update : 12/11/2015 09:29:13] FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Manual(3)] = stopped AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 376 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.17134.1) = C:\Windows\System32\smss.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 548 | [Owner : Système | Parent : 524(MSASCuiL.exe) | ?????] - (.Microsoft Corporation - Processus d exécution client-serveur.) - (10.0.17134.1) = C:\Windows\System32\csrss.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 624 | [Owner : Système | Parent : 524(MSASCuiL.exe) | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.17134.1) = C:\Windows\System32\wininit.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 700 | [Owner : Système | Parent : 624(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.17134.1) = C:\Windows\System32\services.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 720 | [Owner : Système | Parent : 624(wininit.exe) | 17.34 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.17134.1) = C:\Windows\System32\lsass.exe [12/04/2018 01:34:23] CPU Usage:0 % --> Command Line : 828 | [Owner : Système | Parent : 700(services.exe) | 3.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 856 | [Owner : Système | Parent : 700(services.exe) | 25.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 872 | [Owner : UMFD-0 | Parent : 624(wininit.exe) | 1.52 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.17134.1) = C:\Windows\System32\fontdrvhost.exe [12/04/2018 01:34:24] CPU Usage:0 % --> Command Line : 944 | [Owner : SERVICE RÉSEAU | Parent : 700(services.exe) | 14.81 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 988 | [Owner : Système | Parent : 700(services.exe) | 7.94 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 68 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 6.86 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l infrastructure de pilotes en mode utilisateur.) - (10.0.17134.1) = C:\Windows\System32\WUDFHost.exe [12/04/2018 01:34:28] CPU Usage:0 % --> Command Line : 1184 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 9.11 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1212 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 6.25 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1276 | [Owner : Système | Parent : 700(services.exe) | 9.11 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1284 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 11.07 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1348 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 19.36 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1428 | [Owner : Système | Parent : 700(services.exe) | 14.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1516 | [Owner : Système | Parent : 700(services.exe) | 10.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1528 | [Owner : Système | Parent : 700(services.exe) | 10.13 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1568 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 10.02 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1596 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 6.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1640 | [Owner : Système | Parent : 700(services.exe) | 6.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1688 | [Owner : Système | Parent : 700(services.exe) | 8.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1888 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 8.75 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1928 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 15.87 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1972 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 7.31 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1980 | [Owner : Système | Parent : 700(services.exe) | 6.42 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1988 | [Owner : Système | Parent : 700(services.exe) | 8.31 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2000 | [Owner : Système | Parent : 700(services.exe) | 5.47 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2072 | [Owner : Système | Parent : 700(services.exe) | 8.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2116 | [Owner : Système | Parent : 700(services.exe) | 7.77 Mo] - (.Intel Corporation - igfxCUIService Module.) - (6.15.10.4358) = C:\Windows\System32\igfxCUIService.exe [03/05/2016 23:30:46] CPU Usage:0 % --> Command Line : 2132 | [Owner : Système | Parent : 700(services.exe) | 11.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2168 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 7.82 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2176 | [Owner : Système | Parent : 700(services.exe) | 7.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2184 | [Owner : Système | Parent : 700(services.exe) | 9.8 Mo] - (.IDT, Inc. - IDT PC Audio.) - (1.0.6428.0) = C:\Program Files\IDT\WDM\stacsv64.exe [24/04/2015 23:46:53] CPU Usage:0 % --> Command Line : 2324 | [Owner : Système | Parent : 700(services.exe) | 8.19 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2504 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 12.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2520 | [Owner : SERVICE LOCAL | Parent : 1640(svchost.exe) | 17.8 Mo] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.17134.1) = C:\Windows\System32\dasHost.exe [12/04/2018 01:34:12] CPU Usage:0 % --> Command Line : 2596 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 7.81 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2620 | [Owner : Système | Parent : 700(services.exe) | 5.29 Mo] - (.Hewlett-Packard Company - HpService.) - (4.2.2.4) = C:\Windows\System32\hpservice.exe [21/08/2012 17:49:00] CPU Usage:0 % --> Command Line : 2748 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 7.15 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2776 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 8.72 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2860 | [Owner : Système | Parent : 700(services.exe) | 16.06 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2936 | [Owner : SERVICE RÉSEAU | Parent : 700(services.exe) | 8.47 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2952 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 11.49 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2960 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 6.09 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2544 | [Owner : Système | Parent : 700(services.exe) | 25.05 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2680 | [Owner : SERVICE RÉSEAU | Parent : 700(services.exe) | 11.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3332 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 9.15 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3416 | [Owner : Système | Parent : 700(services.exe) | 15.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3604 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 13.72 Mo] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.8931) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe [13/05/2018 11:14:00] CPU Usage:0 % --> Command Line : 3764 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 7.06 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3620 | [Owner : Système | Parent : 700(services.exe) | 12.55 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3740 | [Owner : Système | Parent : 700(services.exe) | 7.35 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3976 | [Owner : Système | Parent : 700(services.exe) | 11.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3192 | [Owner : Système | Parent : 700(services.exe) | 13 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 4104 | [Owner : Système | Parent : 700(services.exe) | 12.96 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.17134.1) = C:\Windows\System32\spoolsv.exe [12/04/2018 01:34:41] CPU Usage:0 % --> Command Line : 4320 | [Owner : SERVICE RÉSEAU | Parent : 700(services.exe) | 7.28 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 4476 | [Owner : Système | Parent : 700(services.exe) | 4.68 Mo] - (.Dropbox, Inc. - Dropbox Service.) - (1.0.24.0) = C:\Windows\System32\DbxSvc.exe [04/06/2018 12:18:30] CPU Usage:0 % --> Command Line : 4488 | [Owner : Système | Parent : 700(services.exe) | 22.92 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 4504 | [Owner : Système | Parent : 700(services.exe) | 5.57 Mo] - (.Alcohol Soft Development Team - Alcohol Virtual AHCI Controller Management Service.) - (1.0.0.3605) = C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe [04/12/2015 21:18:38] CPU Usage:0 % --> Command Line : 4512 | [Owner : Système | Parent : 700(services.exe) | 5.97 Mo] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.26.5200) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [09/02/2018 19:02:50] CPU Usage:0 % --> Command Line : 4536 | [Owner : SERVICE RÉSEAU | Parent : 700(services.exe) | 12.62 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 4552 | [Owner : Système | Parent : 700(services.exe) | 6.2 Mo] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.27.757.1) = C:\Program Files\Intel\iCLS Client\HeciServer.exe [10/12/2012 14:31:28] CPU Usage:0 % --> Command Line : 4560 | [Owner : Système | Parent : 700(services.exe) | 10 Mo] - (.Hewlett-Packard Company - hpHotkeyMonitor Service.) - (4.6.10.1) = C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [28/08/2012 17:17:58] CPU Usage:0 % --> Command Line : 4568 | [Owner : Système | Parent : 700(services.exe) | 5.04 Mo] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (8.1.30.1348) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [23/04/2015 23:23:23] CPU Usage:0 % --> Command Line : 4604 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 24.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 4616 | [Owner : Système | Parent : 700(services.exe) | 8.77 Mo] - (.Flexera Software LLC - Activation Licensing Service.) - (11.14.0.1) = C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [18/02/2018 15:34:27] CPU Usage:0 % --> Command Line : 4628 | [Owner : Système | Parent : 700(services.exe) | 9.02 Mo] - (.Motorola Mobility LLC - MotoHelper Service.) - (2.3.8.0) = C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [08/04/2014 16:56:40] CPU Usage:0 % --> Command Line : 4748 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 5.83 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 4772 | [Owner : Système | Parent : 700(services.exe) | 9.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 4792 | [Owner : Système | Parent : 700(services.exe) | 7.65 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\Repetier-Server\bin\RepetierServer.exe [08/12/2016 11:04:48] CPU Usage:0 % --> Command Line : 4800 | [Owner : Système | Parent : 700(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.13.17134.1) = C:\Windows\System32\SecurityHealthService.exe [12/04/2018 01:34:41] CPU Usage:0 % --> Command Line : 4812 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 8.13 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 4820 | [Owner : Système | Parent : 700(services.exe) | 6.72 Mo] - (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) - (12.1.0.4625) = C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [23/12/2009 23:34:20] CPU Usage:0 % --> Command Line : 4840 | [Owner : Système | Parent : 700(services.exe) | 3.94 Mo] - (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - (19.0.19.63) = C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [19/08/2017 02:01:24] CPU Usage:0 % --> Command Line : 4916 | [Owner : Système | Parent : 700(services.exe) | 5.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 4940 | [Owner : Système | Parent : 700(services.exe) | 12.79 Mo] - (.TeamViewer GmbH - TeamViewer 11.) - (11.0.59518.0) = C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13/06/2016 21:21:35] CPU Usage:0 % --> Command Line : 4964 | [Owner : Système | Parent : 700(services.exe) | 9.2 Mo] - (.Reason Software Company Inc. - Unchecky Service.) - (1.2.0.0) = C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [25/04/2015 14:22:08] CPU Usage:0 % --> Command Line : 5028 | [Owner : Système | Parent : 700(services.exe) | ?????] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.16.17656.18052) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe [31/05/2018 08:28:36] CPU Usage:0 % --> Command Line : 5036 | [Owner : Système | Parent : 700(services.exe) | 7.85 Mo] - (.Validity Sensors, Inc. - Validity Sensors Fingerprint Service.) - (4.5.133.0) = C:\Windows\System32\vcsFPService.exe [12/09/2013 04:41:02] CPU Usage:0 % --> Command Line : 5060 | [Owner : Système | Parent : 700(services.exe) | 28.65 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.17134.1) = C:\Windows\System32\SearchIndexer.exe [12/04/2018 01:34:08] CPU Usage:0 % --> Command Line : 5072 | [Owner : Système | Parent : 700(services.exe) | 19.66 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 5364 | [Owner : Système | Parent : 700(services.exe) | 5.07 Mo] - (.Motorola - ForwardDemon.) - (1.0.0.0) = C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [15/08/2016 00:26:37] CPU Usage:0 % --> Command Line : 5628 | [Owner : Système | Parent : 700(services.exe) | 9.07 Mo] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) - (4.6.10.1) = C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [06/09/2012 10:29:50] CPU Usage:0 % --> Command Line : 5940 | [Owner : Système | Parent : 700(services.exe) | 9.79 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 6396 | [Owner : Système | Parent : 856(svchost.exe) | 6.13 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (10.0.17134.1) = C:\Windows\System32\wbem\unsecapp.exe [12/04/2018 01:34:40] CPU Usage:0 % --> Command Line : 6452 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 3.51 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 6760 | [Owner : Système | Parent : 856(svchost.exe) | 9.43 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17134.1) = C:\Windows\System32\wbem\WmiPrvSE.exe [12/04/2018 01:34:40] CPU Usage:0 % --> Command Line : 6828 | [Owner : Système | Parent : 700(services.exe) | 11.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 5296 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 7.62 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 7268 | [Owner : SERVICE RÉSEAU | Parent : 700(services.exe) | 1.14 Mo] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.17134.1) = C:\Program Files\Windows Media Player\wmpnetwk.exe [12/04/2018 18:19:56] CPU Usage:0 % --> Command Line : 7532 | [Owner : Système | Parent : 700(services.exe) | 15.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 4724 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 10.69 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 8664 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 12.66 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 9504 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 19.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 9744 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 8.42 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 9988 | [Owner : Système | Parent : 3828() | 1.08 Mo] - (.Google Inc. - Google Crash Handler.) - (1.3.33.17) = C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe [19/05/2018 12:31:51] CPU Usage:0 % --> Command Line : 10004 | [Owner : Système | Parent : 3828() | 0.62 Mo] - (.Google Inc. - Google Crash Handler.) - (1.3.33.17) = C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe [19/05/2018 12:31:51] CPU Usage:0 % --> Command Line : 10164 | [Owner : Système | Parent : 700(services.exe) | 6.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 11408 | [Owner : Système | Parent : 700(services.exe) | 8.53 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 12828 | [Owner : Système | Parent : 700(services.exe) | 18.51 Mo] - (.-.) - (0.0.0.0) = C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [12/05/2016 00:39:26] CPU Usage:0 % --> Command Line : 2796 | [Owner : Système | Parent : 700(services.exe) | 32.24 Mo] - (.Intel Corporation - IAStorDataSvc.) - (11.6.5.1006) = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [23/04/2015 23:27:03] CPU Usage:0 % --> Command Line : 3676 | [Owner : Système | Parent : 700(services.exe) | 5.5 Mo] - (.Intel Corporation - Local Manageability Service.) - (8.1.30.1349) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [23/04/2015 23:23:02] CPU Usage:0 % --> Command Line : 3708 | [Owner : Système | Parent : 700(services.exe) | ?????] - (.Microsoft Corporation - Service Broker du moniteur d'exécution System Guard.) - (10.0.17134.1) = C:\Windows\System32\SgrmBroker.exe [12/04/2018 01:34:04] CPU Usage:0 % --> Command Line : 4640 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 8.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 4912 | [Owner : Système | Parent : 700(services.exe) | 12.23 Mo] - (.Intel Corporation - User Notification Service.) - (8.1.30.1349) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [23/04/2015 23:23:16] CPU Usage:0 % --> Command Line : 10848 | [Owner : Système | Parent : 700(services.exe) | 10 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 2612 | [Owner : Système | Parent : 1428(svchost.exe) | 1.47 Mo] - (.Google Inc. - Programme d'installation de Google.) - (1.3.26.9) = C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/05/2015 23:34:24] CPU Usage:0 % --> Command Line : 9756 | [Owner : Système | Parent : 7896(igfxHK.exe) | ?????] - (.Microsoft Corporation - Processus d exécution client-serveur.) - (10.0.17134.1) = C:\Windows\System32\csrss.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 10376 | [Owner : Système | Parent : 7896(igfxHK.exe) | 8.24 Mo] - (.Microsoft Corporation - Application d ouverture de session Windows.) - (10.0.17134.1) = C:\Windows\System32\winlogon.exe [12/04/2018 01:34:23] CPU Usage:0 % --> Command Line : 3716 | [Owner : UMFD-5 | Parent : 10376(winlogon.exe) | 7.55 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.17134.1) = C:\Windows\System32\fontdrvhost.exe [12/04/2018 01:34:24] CPU Usage:0 % --> Command Line : 11448 | [Owner : DWM-5 | Parent : 10376(winlogon.exe) | 62.61 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.17134.1) = C:\Windows\System32\dwm.exe [12/04/2018 01:34:19] CPU Usage:4 % --> Command Line : 3284 | [Owner : jul | Parent : 4964(unchecky_svc.exe) | 9.91 Mo] - (.Reason Software Company Inc. - Unchecky Background Process.) - (1.2.0.0) = C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe [25/04/2015 14:22:08] CPU Usage:0 % --> Command Line : 2280 | [Owner : jul | Parent : 1688(svchost.exe) | 26.41 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.17134.1) = C:\Windows\System32\sihost.exe [12/04/2018 01:34:12] CPU Usage:0 % --> Command Line : 13188 | [Owner : jul | Parent : 700(services.exe) | 22.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 10252 | [Owner : jul | Parent : 700(services.exe) | 35.41 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 6388 | [Owner : jul | Parent : 1428(svchost.exe) | 17.68 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.17134.1) = C:\Windows\System32\taskhostw.exe [12/04/2018 01:34:37] CPU Usage:0 % --> Command Line : 10676 | [Owner : jul | Parent : 4840(SynTPEnhService.exe) | 20.22 Mo] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) - (19.0.19.63) = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [19/08/2017 02:01:22] CPU Usage:0 % --> Command Line : 5700 | [Owner : jul | Parent : 2480() | 12.24 Mo] - (.Intel Corporation - igfxEM Module.) - (6.15.10.4358) = C:\Windows\System32\igfxEM.exe [03/05/2016 23:30:46] CPU Usage:0 % --> Command Line : 7896 | [Owner : jul | Parent : 2480() | 8.47 Mo] - (.Intel Corporation - igfxHK Module.) - (6.15.10.4358) = C:\Windows\System32\igfxHK.exe [03/05/2016 23:30:46] CPU Usage:0 % --> Command Line : 3512 | [Owner : jul | Parent : 2480() | 11.02 Mo] - (.Intel Corporation - igfxTray Module.) - (6.15.10.4358) = C:\Windows\System32\igfxTray.exe [03/05/2016 23:30:46] CPU Usage:0 % --> Command Line : 6628 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 6.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3892 | [Owner : jul | Parent : 8268() | 4.41 Mo] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) - (19.0.19.63) = C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [19/08/2017 02:01:26] CPU Usage:0 % --> Command Line : 13128 | [Owner : jul | Parent : 4628(MotoHelperService.exe) | 10.62 Mo] - (.Motorola Mobility LLC - MotoHelperAgent.) - (14.8.6.1) = C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe [17/09/2014 17:18:00] CPU Usage:0 % --> Command Line : 1104 | [Owner : jul | Parent : 10416() | 132.31 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.17134.1) = C:\Windows\explorer.exe [12/04/2018 01:34:44] CPU Usage:0 % --> Command Line : 200 | [Owner : Système | Parent : 700(services.exe) | 7.18 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 9456 | [Owner : jul | Parent : 856(svchost.exe) | 61.7 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.17134.1) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [12/04/2018 01:33:58] CPU Usage:0 % --> Command Line : 11612 | [Owner : jul | Parent : 856(svchost.exe) | 71.12 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.17134.112) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [13/06/2018 21:54:24] CPU Usage:0 % --> Command Line : 13060 | [Owner : jul | Parent : 856(svchost.exe) | 21.2 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 01:34:06] CPU Usage:0 % --> Command Line : 5660 | [Owner : jul | Parent : 856(svchost.exe) | 23.5 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 01:34:06] CPU Usage:0 % --> Command Line : 3852 | [Owner : jul | Parent : 856(svchost.exe) | 7.86 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.17134.1) = C:\Windows\System32\SettingSyncHost.exe [12/04/2018 01:34:34] CPU Usage:0 % --> Command Line : 1880 | [Owner : jul | Parent : 3740(svchost.exe) | 14.08 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.17134.1) = C:\Windows\System32\ctfmon.exe [12/04/2018 01:34:37] CPU Usage:0 % --> Command Line : 332 | [Owner : jul | Parent : 856(svchost.exe) | 11.59 Mo] - (.-.) - (12.1815.209.0) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe [23/05/2018 22:30:08] CPU Usage:0 % --> Command Line : 7960 | [Owner : jul | Parent : 856(svchost.exe) | 18.08 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 01:34:06] CPU Usage:0 % --> Command Line : 10400 | [Owner : jul | Parent : 1104(explorer.exe) | 239.15 Mo] - (.Mozilla Corporation - Firefox.) - (60.0.2.6730) = C:\Program Files\Mozilla Firefox\firefox.exe [30/01/2018 23:45:43] CPU Usage:0 % --> Command Line : 1112 | [Owner : jul | Parent : 856(svchost.exe) | 18.84 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 01:34:06] CPU Usage:0 % --> Command Line : 9132 | [Owner : jul | Parent : 10400(firefox.exe) | 51.33 Mo] - (.Mozilla Corporation - Firefox.) - (60.0.2.6730) = C:\Program Files\Mozilla Firefox\firefox.exe [30/01/2018 23:45:43] CPU Usage:0 % --> Command Line : 220 | [Owner : jul | Parent : 10400(firefox.exe) | 404.74 Mo] - (.Mozilla Corporation - Firefox.) - (60.0.2.6730) = C:\Program Files\Mozilla Firefox\firefox.exe [30/01/2018 23:45:43] CPU Usage:2 % --> Command Line : 5664 | [Owner : jul | Parent : 10400(firefox.exe) | 60.62 Mo] - (.Mozilla Corporation - Firefox.) - (60.0.2.6730) = C:\Program Files\Mozilla Firefox\firefox.exe [30/01/2018 23:45:43] CPU Usage:0 % --> Command Line : 524 | [Owner : jul | Parent : 1104(explorer.exe) | 9.29 Mo] - (.Microsoft Corporation - Windows Defender notification icon.) - (4.13.17134.1) = C:\Program Files\Windows Defender\MSASCuiL.exe [12/04/2018 01:33:58] CPU Usage:0 % --> Command Line : 12996 | [Owner : jul | Parent : 1104(explorer.exe) | 11.58 Mo] - (.IDT, Inc. - IDT PC Audio.) - (1.0.6428.0) = C:\Program Files\IDT\WDM\sttray64.exe [24/04/2015 23:46:54] CPU Usage:0 % --> Command Line : 7744 | [Owner : jul | Parent : 1104(explorer.exe) | 124.98 Mo] - (.Schneider Electric - Executable for Schneider Electric Software Update.) - (2.0.2.30) = C:\Program Files (x86)\Schneider Electric\Software Update\SoftwareUpdate.exe [01/06/2016 16:18:14] CPU Usage:0 % --> Command Line : 13308 | [Owner : jul | Parent : 700(services.exe) | 25.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 10580 | [Owner : jul | Parent : 1104(explorer.exe) | 19.14 Mo] - (.Dexpot GbR - Dexpot - Virtual desktops for Windows.) - (1.6.0.14) = C:\Program Files (x86)\Dexpot\dexpot.exe [19/07/2016 13:01:02] CPU Usage:0 % --> Command Line : 6724 | [Owner : jul | Parent : 1104(explorer.exe) | 12.4 Mo] - (.Spotify Ltd - SpotifyWebHelper.) - (1.0.82.454) = C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe [08/06/2018 21:53:51] CPU Usage:0 % --> Command Line : 8060 | [Owner : jul | Parent : 5916() | 42.78 Mo] - (.Hewlett-Packard Company - QLBController.) - (4.6.10.1) = C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [28/08/2012 17:19:26] CPU Usage:0 % --> Command Line : 12652 | [Owner : jul | Parent : 1104(explorer.exe) | 30.78 Mo] - (.Logitech Inc. - Logitech Media Server Tray Icon.) - (29413.0.0.0) = C:\Program Files (x86)\Squeezebox\SqueezeTray.exe [19/05/2018 22:43:06] CPU Usage:0 % --> Command Line : 6384 | [Owner : jul | Parent : 10580(dexpot.exe) | 5.74 Mo] - (.Dexpot GbR - Dexpot64 Message Window.) - (1.6.13.0) = C:\Program Files (x86)\Dexpot\Dexpot64.exe [19/07/2016 13:01:08] CPU Usage:0 % --> Command Line : 11040 | [Owner : jul | Parent : 10580(dexpot.exe) | 7.98 Mo] - (.Dexpot GbR - Dexpot Full-screen preview and Window catalog.) - (1.1.8.0) = C:\Program Files (x86)\Dexpot\plugins\DexControl.exe [19/07/2016 13:02:24] CPU Usage:0 % --> Command Line : 4680 | [Owner : jul | Parent : 5916() | 13.77 Mo] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.171.11) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [28/03/2018 16:27:32] CPU Usage:0 % --> Command Line : 6924 | [Owner : jul | Parent : 5916() | 8.26 Mo] - (.CANON INC. - Canon IJ Network Scanner Selector EX.) - (1.5.0.4) = C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [03/05/2018 21:30:48] CPU Usage:0 % --> Command Line : 11572 | [Owner : jul | Parent : 12652(SqueezeTray.exe) | 136.73 Mo] - (.Logitech Inc. - Logitech Media Server.) - (29413.0.0.0) = C:\PROGRA~2\SQUEEZ~1\server\SQUEEZ~3.EXE [19/05/2018 22:42:58] CPU Usage:0 % --> Command Line : 4648 | [Owner : SERVICE LOCAL | Parent : 2504(svchost.exe) | 17.62 Mo] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.17134.112) = C:\Windows\System32\audiodg.exe [13/06/2018 21:54:07] CPU Usage:0 % --> Command Line : 10876 | [Owner : jul | Parent : 8756() | 37.82 Mo] - (.Intel Corporation - IAStorIcon.) - (11.6.5.1006) = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [23/04/2015 23:27:03] CPU Usage:0 % --> Command Line : 1328 | [Owner : jul | Parent : 10400(firefox.exe) | 47.26 Mo] - (.Mozilla Corporation - Firefox.) - (60.0.2.6730) = C:\Program Files\Mozilla Firefox\firefox.exe [30/01/2018 23:45:43] CPU Usage:0 % --> Command Line : 7720 | [Owner : Système | Parent : 700(services.exe) | 24.02 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 7844 | [Owner : jul | Parent : 856(svchost.exe) | 9.76 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.17134.1) = C:\Windows\System32\dllhost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 4872 | [Owner : jul | Parent : 856(svchost.exe) | 39.56 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.17134.1) = C:\Windows\System32\ApplicationFrameHost.exe [12/04/2018 01:34:18] CPU Usage:0 % --> Command Line : 4464 | [Owner : jul | Parent : 700(services.exe) | 11.59 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 9292 | [Owner : Système | Parent : 700(services.exe) | 6.66 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 1904 | [Owner : jul | Parent : 856(svchost.exe) | 44.41 Mo] - (.Microsoft Corporation - Windows Defender application.) - (10.0.17134.81) = C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe [13/06/2018 21:53:59] CPU Usage:0 % --> Command Line : 11564 | [Owner : jul | Parent : 856(svchost.exe) | 10.12 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.17134.1) = C:\Windows\System32\dllhost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 11756 | [Owner : jul | Parent : 856(svchost.exe) | 27.38 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.17134.1) = C:\Windows\System32\smartscreen.exe [12/04/2018 01:34:06] CPU Usage:0 % --> Command Line : 10760 | [Owner : Système | Parent : 700(services.exe) | 7.63 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 10504 | [Owner : SERVICE RÉSEAU | Parent : 700(services.exe) | 7.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 3884 | [Owner : Système | Parent : 700(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 10320 | [Owner : jul | Parent : 856(svchost.exe) | 39.07 Mo] - (.-.) - (10.18041.1461.0) = C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe [31/05/2018 21:40:42] CPU Usage:0 % --> Command Line : 11684 | [Owner : jul | Parent : 856(svchost.exe) | 9.98 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 01:34:06] CPU Usage:0 % --> Command Line : 12456 | [Owner : Système | Parent : 700(services.exe) | 14.89 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 644 | [Owner : jul | Parent : 1104(explorer.exe) | 44.31 Mo] - (.SosVirus - QuickDiag.) - (21.5.18.1) = C:\Users\jul\Desktop\QuickDiag.exe [17/06/2018 21:16:15] CPU Usage:0 % --> Command Line : 9428 | [Owner : Système | Parent : 700(services.exe) | 5.69 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % --> Command Line : 10540 | [Owner : SERVICE RÉSEAU | Parent : 856(svchost.exe) | 9.59 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17134.1) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [12/04/2018 01:34:55] CPU Usage:0 % --> Command Line : ---------- | MD5 [MD5.AD5296B280E8F522A8A897C96BAB0E1D] - [12/04/2018 01:34:44] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3841 Ko] - (10.0.17134.1) : C:\WINDOWS\Explorer.exe [MD5.4E2ACF4F8A396486AB4268C94A6A245F] - [12/04/2018 01:34:14] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [267.5 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\cmd.exe [MD5.DA224D4C138A3ECA95C6C7976AC5D9F1] - [12/04/2018 01:34:22] - (.© Microsoft Corporation. Tous droits réservés. - Processus d exécution client-serveur.) - [17.28 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\csrss.exe [MD5.2528137C6745C4EADD87817A1909677E] - [12/04/2018 01:34:22] - (.© Microsoft Corporation. - COM Surrogate.) - [20.4 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\dllhost.exe [MD5.A8565440629AC87F6FEF7D588FE3FF0F] - [12/04/2018 01:34:40] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [703.74 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Kernel32.dll [MD5.317340CD278A374BCEF6A30194557227] - [12/04/2018 01:34:23] - (.© Microsoft Corporation. - Local Security Authority Process.) - [56.62 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\lsass.exe [MD5.107661923943E9DC06ED2713AC5F7753] - [13/06/2018 21:54:19] - (.© Microsoft Corporation. - Distributed COM Services.) - [1133 Ko] - (10.0.17134.112) : C:\WINDOWS\System32\rpcss.dll [MD5.73C519F050C20580F8A62C849D49215A] - [12/04/2018 01:34:33] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [68 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\rundll32.exe [MD5.E2F4C75AFA20E742DE1B70372F15DCD7] - [12/04/2018 01:34:22] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [622.02 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\services.exe [MD5.32569E403279B3FD2EDB7EBD036273FA] - [12/04/2018 01:34:22] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [50.09 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\svchost.exe [MD5.1B795B9EC9E0EAADC5B37006BBE44646] - [12/04/2018 01:34:14] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l API uilisateur de Windows multi-utilisateurs.) - [1601.02 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\user32.dll [MD5.7866C803DDD8D626D760A313B6D92F16] - [12/04/2018 01:34:22] - (.© Microsoft Corporation. Tous droits réservés. - Application d ouverture de session Userinit.) - [31.5 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\userinit.exe [MD5.A58B0CB069DA7840B935872ADCD7F0C2] - [12/04/2018 01:34:22] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [358.2 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Wininit.exe [MD5.F9017F2DC455AD373DF036F5817A8870] - [12/04/2018 01:34:23] - (.© Microsoft Corporation. Tous droits réservés. - Application d ouverture de session Windows.) - [661.5 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Winlogon.exe [MD5.4DCCC3E02A22ED4A4ADB11386F226071] - [12/04/2018 01:34:23] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de fonction connexe pour WinSock.) - [611.91 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\afd.sys [MD5.90AB4ED8EBD72A1C096A40CC35404B91] - [12/04/2018 01:33:49] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [27.9 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\atapi.sys [MD5.C1E3668BEA28AB3895D1F8AF8ED4606C] - [12/04/2018 01:33:49] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [190.41 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\ataport.sys [MD5.D3CBC6DE5955D014407C7BD1FFE80F00] - [12/04/2018 01:34:23] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [91.5 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\cdfs.sys [MD5.AD4D24434C058AFAFD5AB319B4BF5B66] - [12/04/2018 01:33:48] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [156 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\cdrom.sys [MD5.9E74A900CCCA3EA6C8533CF94B3F8223] - [12/04/2018 01:34:23] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [138 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\dfsc.sys [MD5.DED74127C7A2266715C0B8EA2EE75214] - [12/04/2018 01:33:45] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [84 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\hdaudbus.sys [MD5.DA179667B8CEC22E4ECBBF4210DC0E35] - [12/04/2018 01:33:52] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [103.5 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\i8042prt.sys [MD5.7408B83959A4B8271EF67FD06A6B366B] - [12/04/2018 01:34:14] - (.© Microsoft Corporation. - IP Network Address Translator.) - [209.5 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\ipnat.sys [MD5.3C0FA2ED75875481D00F3D77B1A3E336] - [12/04/2018 01:34:24] - (.© Microsoft Corporation. Tous droits réservés. - Minirdr SMB Windows NT.) - [488.9 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\mrxsmb.sys [MD5.5269DDC879DF5FEA2B7DB91AA4726CCA] - [12/04/2018 01:34:22] - (.© Microsoft Corporation. Tous droits réservés. - NDIS (Network Driver Interface Specification).) - [1255.41 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\ndis.sys [MD5.045A018E0BA5F9B75C5928A31C0E822C] - [12/04/2018 01:34:32] - (.© Microsoft Corporation. - MBT Transport driver.) - [304 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\netbt.sys [MD5.60B42947B51D1C6D2DD7250295DF4161] - [13/06/2018 21:54:36] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [2365.91 Ko] - (10.0.17134.112) : C:\WINDOWS\System32\Drivers\ntfs.sys [MD5.13B175715A4391E4E5D2AB2EBC8CDBB5] - [12/04/2018 01:33:49] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [96.5 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\parport.sys [MD5.775ED7E51B58CF9EB415A1DBA540DACF] - [12/04/2018 01:34:34] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [104 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\rasl2tp.sys [MD5.52A6CC99F5934CFAE88353C47B6193E7] - [12/04/2018 01:35:07] - (.© Microsoft Corporation. Tous droits réservés. - Redirecteur de périphérique de Microsoft RDP.) - [178.5 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\rdpdr.sys [MD5.BFCBA5F57D278720718B8CB39C50A8EC] - [12/04/2018 01:34:20] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [2654.4 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\tcpip.sys [MD5.16071C42E21CE3378FA449322FB9AB1D] - [12/04/2018 01:34:22] - (.© Microsoft Corporation. - TDI Translation Driver.) - [118.41 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\tdx.sys [MD5.F0EE4E6028CCA58BEA9A04E7BEAB7DB4] - [12/04/2018 01:34:39] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [388.91 Ko] - (10.0.17134.1) : C:\WINDOWS\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\Windows\System32\InputHost.dll (.Intel Corporation.-.User Mode Driver for Intel(R) Graphics Technology.) - (10.18.10.4358) -- C:\WINDOWS\SYSTEM32\igd10iumd64.dll (.Intel Corporation.-.Unified Shader Compiler for Intel(R) Graphics Accelerator.) - (10.18.10.4358) -- C:\WINDOWS\SYSTEM32\igdusc64.dll (.Dropbox, Inc..-.Dropbox Shell Extension.) - (1.0.22.0) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellExperiences\TileControl.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellComponents\TaskFlowUI.dll (.Dexpot GbR.-.Dexpot Global Hook Library.) - (1.6.11.0) -- C:\Program Files (x86)\Dexpot\hooxpot64.dll (..-.fzshellext Dynamic Link Library.) - (3.28.0.0) -- C:\Program Files\FileZilla FTP Client\fzshellext_64.dll (.Igor Pavlov.-.7-Zip Shell Extension.) - (15.14.0.0) -- C:\Program Files\7-Zip\7-zip.dll (..-.ShellHandler for Notepad++ (64 bit).) - (0.1.0.0) -- C:\Program Files\Notepad++\NppShell_06.dll ---------- | Svchost.exe component call (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\Windows\System32\InputHost.dll (.http://www.sqlite.org/copyright.html.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.21.0.0) -- C:\windows\system32\winsqlite3.dll (.Copyright (C) 2004-2013.-.Dexpot Global Hook Library.) - (1.6.11.0) -- C:\Program Files (x86)\Dexpot\hooxpot64.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU NETGEARGenie - ("C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\...\Run]) - User: JULIEN\jul AlcoholAutomount - ("C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\...\Run]) - User: JULIEN\jul SESU - ("C:\Program Files (x86)\Schneider Electric\Software Update\SoftwareUpdate.exe" "hidden" [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\...\Run]) - User: JULIEN\jul Dexpot - (C:\Program Files (x86)\Dexpot\dexpot.exe [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\...\Run]) - User: JULIEN\jul Outil de la barre d'état système Logitech Media Server - (C:\PROGRA~2\SQUEEZ~1\SQUEEZ~1.EXE [Common Startup]) - User: Public SecurityHealth - (%ProgramFiles%\Windows Defender\MSASCuiL.exe [HKLM\SOFTWARE\...\Run]) - User: Public GoPro Tray App - (C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [HKLM\SOFTWARE\...\Run]) - User: Public SysTrayApp - (C:\Program Files\IDT\WDM\sttray64.exe [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Microsoft\Windows\CurrentVersion\Run] "NETGEARGenie"="C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect "AlcoholAutomount"="C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount "SESU"="C:\Program Files (x86)\Schneider Electric\Software Update\SoftwareUpdate.exe" "hidden" "Dexpot"=C:\Program Files (x86)\Dexpot\dexpot.exe [19/07/2016 13:01:02] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "CCleaner Monitoring"=0x020000000000000000000000 "NETGEARGenie"=0x020000000000000000000000 "AlcoholAutomount"=0x0300000080346842D9D5D101 "SESU"=0x020000000000000000000000 "Dexpot"=0x020000000000000000000000 [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU] "a"=PowerShell\1 "MRUList"=a [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=Canon MG3500 series Printer WS,winspool,Ne04: "IsMRUEstablished"=0 "LegacyDefaultPrinterMode"=1 [HKLM\Software\Microsoft\Command Processor] "DefaultColor"=0 "EnableExtensions"=1 "CompletionChar"=64 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=%ProgramFiles%\Windows Defender\MSASCuiL.exe "GoPro Tray App"=C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [12/05/2016 00:39:26] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [24/04/2015 23:46:54] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "SecurityHealth"=0x060000000000000000000000 "BTMTrayAgent"=0x020000000000000000000000 "SysTrayApp"=0x020000000000000000000000 "SynTPEnh"=0x020000000000000000000000 "GoPro Tray App"=0x0300000080C75E4AD9D5D101 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "IJNetworkScannerSelectorEX"=0x040000000000000000000000 "APSDaemon"=0x020000000000000000000000 "BtTray"=0x020000000000000000000000 "IAStorIcon"=0x020000000000000000000000 "QLBController"=0x020000000000000000000000 "QuickTime Task"=0x03000000C063D04CD9D5D101 "PDF Complete"=0x020000000000000000000000 "GoPro Studio Importer"=0x020000000000000000000000 "Dropbox"=0x03000000302FCB48D9D5D101 "SunJavaUpdateSched"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=1 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D3D1ED98C0F7D8 [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 "QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start "Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List Adobe Acrobat Update Task Adobe Flash Player NPAPI Notifier Adobe Flash Player Updater DropboxUpdateTaskMachineCore DropboxUpdateTaskMachineUA GoogleUpdateTaskMachineCore GoogleUpdateTaskMachineUA Motorola Device Manager Initial Update Motorola Device Manager Update OneDrive Standalone Update Task-S-1-5-21-413593212-2328566316-2910965411-1001 Optimize Start Menu Cache Files-S-1-5-21-413593212-2328566316-2910965411-1001 {75D11F96-4616-42A2-B3FB-59C97A956614} ---------- | Startings up registry ÿý Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=UsoSvc DeviceInstall gpsvc trustedinstaller "SvcHostSplitThresholdInKB"=3670016 "WaitToKillServiceTimeout"=200 "SystemStartOptions"= NOEXECUTE=OPTIN NOVGA "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(4) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=1 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [23/04/2015 23:03:38] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "LsaPid"=720 "ProductType"=6 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 "SecureBoot"=1 "LsaCfgFlagsDefault"=0 [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "AutoChkSkipSystemPartition"=0 "ResourceTimeoutCount"=648000 [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "RailShowallNotifyIcons"=1 "RDPVGCInstalled"=1 "InstanceID"=9ec8d34d-5a49-49ea-9c63-9a9508c "GlassSessionId"=5 ---------- | .LNK with Arguments ---------- | AppCertDlls ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretTimeout"=5000 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "ScreenSaveActive"=1 "SnapSizing"=1 "TileWallpaper"=0 "WallPaper"=c:\windows\web\wallpaper\windows\img0.jpg [12/04/2018 01:33:58] "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=2 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "MouseMonitorEscapeSpeed"=0 "Win8DpiScaling"=0 "UserPreferencesMask"=0x9E1E078012000000 "AutoColorization"=0 "MaxVirtualDesktopDimension"=1920 "MaxMonitorDimension"=1920 "TranscodedImageCount"=1 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC3010090CA01005605000000030000F5DD7690EDD1D30163003A005C00770069006E0064006F00770073005C007700650062005C00770061006C006C00700061007000650072005C00770069006E0064006F00770073005C0069006D00670030002E006A007000670000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ImageColor"=2952184650 "DpiScalingVer"=4096 "WaitToKillAppTimeout"=200 "HungAppTimeout"=200 [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{E31EA727-12ED-4702-820C-4B6445F28E1A}"=1 "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ShellState"=0x240000003E28000000000000000000000000000001000000130000000000000062000000 "ExplorerStartupTraceRecorded"=1 "UserSignedIn"=1 "SlowContextMenuEntries"=0x6024B221EA3A6910A2DC08002B30309DFD020000FB9A790967ADD111ABCD00C04FC30936490100000114020000000000C000000000000046030200005D54A9A2C2A0B4429708A0B2BADD77C8BC0000007696BFE28F5F5C4397EB11607A5BEDF7CB000000 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "TelemetrySalt"=4 "GlobalAssocChangedCounter"=149 "FirstRunTelemetryComplete"=1 "EdgeDesktopShortcutCreated"=1 "AppReadinessLogonComplete"=1 "PostAppInstallTasksCompleted"=1 "Browse For Folder Width"=347 "Browse For Folder Height"=288 [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "StoreAppsOnTaskbar"=1 "ServerAdminUI"=0 "Hidden"=2 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=13 "ReindexedProfile"=1 "EnableStartMenu"=1 "TaskbarSizeMove"=1 "ShowTaskViewButton"=1 "DisablePreviewDesktop"=1 "TaskbarSmallIcons"=0 "TaskbarGlomLevel"=0 "TaskbarStateLastRun"=0xC4AB265B00000000 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoRecentDocsHistory"=0 "NoActiveDesktopChanges"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "AccessDeniedDialog"={100B4FC8-74C1-470F-B1B7-DD7B6BAE79BD} "SmartScreenEnabled"=RequireAdmin [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoRecentDocsHistory"=0 "NoActiveDesktopChanges"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "AccessDeniedDialog"={100B4FC8-74C1-470F-B1B7-DD7B6BAE79BD} [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "PUUActive"=0x0EFB17D00400000045009C00C993040000B2040000B20400D2000000020007001D623AFC188D2B00CFE5080056170200D0ED0100833100000000000075D40500801200009B020000DF49F9344005D40110AC2300000000000100000083C50F00EE420000000000000000000000000000 "BuildNumber"=17134 "FirstLogon"=0 "DP"=0xD200E8003B000000460000000EFB17D00000000000000000655B43E96A06D401655B43E96A06D401000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000F03F805101008BA300C00074800A0074800F7C2101802C240054BE241054C81601800481810984818109701B00000009245004092C54A60A018098020142F9420143992F00C05BE8A0085BE8A42C14420180A2048001B204C041C354008016021E3717139E7751D2000009D8B00189D8B023721F00C01DA8452A1DA8452A3E0D01C04424A9004524AD16 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "scremoveoption"=0 "LastLogOffEndTimePerfCounter"=301439542417 "ShutdownFlags"=2147483883 "Userinit"=C:\Windows\system32\userinit.exe, "DisableCad"=1 "ShutdownWithoutLogon"=0 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-21-413593212-2328566316-2910965411-1001 "LastUsedUsername"=jul [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [12/04/2018 18:19:51] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [12/04/2018 18:19:51] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\SWSetup\BCBTW8\Setup.exe"=1 "C:\SWSetup\BCBTW8\Win64\setup.exe"=1 "C:\SWSetup\IDTAudio\setup.exe"=1 "C:\SWSetup\JMicronMCR\Setup.exe"=1 "C:\SWSetup\JMicronMCR\Driver1\Setup.exe"=1 "C:\SWSetup\JMicronMCR\Driver2\Setup.exe"=1 "C:\SWSetup\RLTCNIC\AutoInst.exe"=1 "C:\SWSetup\RLTCNIC\setup.exe"=1 "C:\Program Files (x86)\InstallShield Installation Information\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}\setup.exe"=33 "C:\Program Files (x86)\Realtek\Realtek Windows NIC Driver\RTINSTALLER64.EXE"=1 "C:\SWSetup\sp63637\Setup.exe"=1 "C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe"=8 [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\SWSetup\AMDVid8T\Setup.exe"=0x5341435001000000000000000700000028000000A8C2080082AC090001000000000000000000010671220000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000006C020100000000000100000001000000 "C:\SWSetup\AthAR900\Setup.exe"=0x534143500100000000000000070000002800000000220100D84A010001000000000000000000010671220000975FD891C99ECE0100000000000000000100000004000000010000000500000010000000000000000000000000000000000000000200000028000000000000000000004000900200000000000080000000000000DD240000000000000200000002000000 "C:\SWSetup\AthAR900\Win8\Install_CD\setup.exe"=0x5341435001000000000000000700000028000000804E0C007FCC0C0001000000000000000000010600210000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000900200000000000080000000000000FC1F0000000000000100000001000000010000000400000001000000 "C:\SWSetup\BCBTW8\Setup.exe"=0x534143500100000000000000070000002800000078A987000533880001000000000000000000010671220000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000323E0000000000000100000001000000 "C:\SWSetup\BCWLAN\Setup.exe"=0x5341435001000000000000000700000028000000F0AE35028DEB350201000000000000000000010600210000975FD891C99ECE010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400010000000000000000000000000000073210000000000000300000003000000 "C:\SWSetup\CMediaS\Setup.exe"=0x534143500100000000000000070000002800000008E204001355050001000000000000000000010600210000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000007F390000000000000100000001000000 "C:\SWSetup\ESUWin8\Setup.exe"=0x5341435001000000000000000700000028000000F814450029B1450001000000000000000000010600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000FC7B0200000000000300000003000000 "C:\Users\jul\Downloads\dotNetFx40_Full_setup.exe"=0x534143500100000000000000070000002800000048920D0061380E0001000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000014360000000000000100000001000000 "C:\Users\jul\Downloads\dotNetFx45_Full_setup.exe"=0x534143500100000000000000070000002800000000580F0078FA0F0001000000000000000000020600010000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000004290000000000000100000001000000 "C:\SWSetup\HP3DDG\setup.exe"=0x5341435001000000000000000700000028000000A00C3901C428390101000000000000000000010600210000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000006B9B0200000000000200000002000000 "C:\SWSetup\HPHKD\setup.exe"=0x534143500100000000000000070000002800000080C6A40164D4A40101000000000000000000010600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000F7660000000000000100000001000000 "C:\SWSetup\AppInstl\SSM.exe"=0x5341435001000000000000000700000028000000A0591900E4561A0001000000000000000000010671220000975FD891C99ECE01000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000003E080300000000000200000002000000 "C:\SWSetup\HPSF\HPSWF.EXE"=0x5341435001000000000000000700000028000000203C26008F4C260001000000000000000000010600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000901F0300000000000100000001000000 "C:\SWSetup\HPUEFISE\Setup.exe"=0x5341435001000000000000000700000028000000B2C723001024040001000000000000000000000671020000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000EE660200000000000100000001000000 "C:\SWSetup\HPWBW8\setup.exe"=0x5341435001000000000000000700000028000000100330002F48300001000000000000000000010600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000673D0000000000000100000001000000 "C:\SWSetup\IDTAudio\setup.exe"=0x5341435001000000000000000700000028000000C0BE0500FA75060001000000000000000000000671020000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000D2F10000000000000100000001000000 "C:\SWSetup\IME8CP\Setup.exe"=0x534143500100000000000000070000002800000040EB0E0062CF0F0001000000000000000000010600210000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000100000000000000000000000000000ED240000000000000100000001000000 "C:\SWSetup\Int1264W8\Setup.exe"=0x5341435001000000000000000700000028000000401B100035D5100001000000000000000000010600210000975FD891C99ECE01000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000009D120000000000000100000001000000 "C:\SWSetup\INTELBTDW8\Autorun.exe"=0x534143500100000000000000070000002800000030C301008310020001000000000000000000010671220000975FD891C99ECE010000000000000000020000002800000000000000800000400000000000000000000000000000000010F20000000000000100000001000000 "C:\SWSetup\INTELRST\Setup.exe"=0x534143500100000000000000070000002800000040AB0E002A6C0F0001000000000000000000010600210000975FD891C99ECE010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000046110000000000000100000001000000 "C:\SWSetup\IntelWin8Widi\Setup.exe"=0x534143500100000000000000070000002800000080648D0F33668D0F01000000000000000000010671000000975FD891C99ECE010000000000000000020000002800000000000000000800400000000000000000000000000000000020BE0000000000000100000001000000 "C:\SWSetup\JMicronMCR\Setup.exe"=0x5341435001000000000000000700000028000000581011004595110001000000000000000000010671220000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000D63C0100000000000100000001000000 "C:\SWSetup\PDF\PDFCO.exe"=0x5341435001000000000000000700000028000000188A5C03299F5C0301000000000000000000010600210000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000095A80000000000000100000001000000 "C:\SWSetup\PINTools\hpCaslDetect.exe"=0x5341435001000000000000000700000028000000A0B32F008B18300001000000000000000000010671220000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000100000000000000000000000000000000D0000000000000200000002000000 "C:\SWSetup\QCATHBT4.0\Setup.exe"=0x5341435001000000000000000700000028000000803001002617020001000000000000000000010671220000975FD891C99ECE010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000018090000000000000200000002000000 "C:\SWSetup\RalinkBT\setup.exe"=0x53414350010000000000000007000000280000001866070065E2070001000000000000000000010671220000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000096380300000000000100000001000000 "C:\SWSetup\RLTCNIC\AutoInst.exe"=0x5341435001000000000000000700000028000000685A0100DFA4010001000000000000000000010671200000975FD891C99ECE0100000000000000000200000028000000000000000008004000000000000000000000000000000000E0B80000000000000100000001000000 "C:\SWSetup\SierraWW\HPun2430DriverPackage.exe"=0x534143500100000000000000070000002800000090FB5A03161A5B0301000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000085110000000000000200000002000000 "C:\SWSetup\sp59202\HPSWF.EXE"=0x5341435001000000000000000700000028000000203C2600B86D260001000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000004B590000000000000100000001000000 "C:\SWSetup\sp59632\setup.exe"=0x5341435001000000000000000700000028000000080B02000D81020001000000000000000000010671020000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000006F820000000000000100000001000000 "C:\SWSetup\sp60492\HPQuickStart.msi"=0x534143500100000000000000070000002800000000FC0000FB41010001000000000000000000010500100000B395E7CF049FCE01000000000000000002000000280000000000000000000000000000000000000000000000000000009A2A0000000000000100000001000000 "C:\Program Files (x86)\Hewlett-Packard\HP Quick Start\HPQuickstart.exe"=0x5341435001000000000000000700000028000000A0BD0D003BB10E00010000000000000000000106F5020000DB80FDAC2839D3010000000000000000020000002800000000000000000000001000000000000000000000000000000043C28100000000002500000025000000 "C:\SWSetup\sp61224\Setup.exe"=0x534143500100000000000000070000002800000038631200EE25130001000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000099950000000000000100000001000000 "C:\SWSetup\sp63637\Setup.exe"=0x5341435001000000000000000700000028000000581011004595110001000000000000000000010671020000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000AD120000000000000100000001000000 "C:\SWSetup\sp63661\Setup.exe"=0x5341435001000000000000000700000028000000D8FF0E001E750F0001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000CED50000000000000100000001000000 "C:\SWSetup\sp63947\Setup.exe"=0x5341435001000000000000000700000028000000F8AC0E009FE70E0001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000B8120100000000000100000001000000 "C:\SWSetup\sp70426\hpqFlash64.exe"=0x5341435001000000000000000700000028000000D8EC8500FEF7850001000000000000000000030673220000B395E7CF049FCE010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000000B10000000000000100000001000000 "C:\SWSetup\Touchpad\Setup.exe"=0x534143500100000000000000070000002800000038BD0300EE58040001000000000000000000010671220000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000020200000000000000000000000000EA0D0000000000000100000001000000 "C:\SWSetup\UCamBEw8\setup.exe"=0x5341435001000000000000000700000028000000F8E1040051A6050001000000000000000000010600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000702B0100000000000100000001000000 "C:\SWSetup\VFPDRV\HPPTVFSSetup.exe"=0x5341435001000000000000000700000028000000780C54025543540201000000000000000000010600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000F1190000000000000100000001000000 "C:\SWSetup\VideoATI\PreinApp.exe"=0x534143500100000000000000070000002800000038D601006D2E020001000000000000000000000671200000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000020000000000000000300000003000000 "C:\SWSetup\VideoInt\PreinApp.exe"=0x5341435001000000000000000700000028000000000002005009020001000000000000000000010671220000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000010000000000000000200000002000000 "C:\SWSetup\W8DefSet\Setup.exe"=0x5341435001000000000000000700000028000000B85042003B41430001000000000000000000010600210000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000000E580100000000000100000001000000 "C:\SWSetup\Wallpaper\Setup.exe"=0x534143500100000000000000070000002800000000A40100994B020001000000000000000000010671220000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000058010000000000000100000001000000 "C:\SWSetup\WLANral2\setup.exe"=0x5341435001000000000000000700000028000000400C07007D15070001000000000000000000010600210000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000EA700000000000000200000002000000 "C:\SWSetup\WlnIntlandrvw8\Autorun.exe"=0x534143500100000000000000070000002800000030C301008EB0020001000000000000000000010671220000975FD891C99ECE01000000000000000002000000280000000000000080000040000000000000000000000000000000009D9E0100000000000100000001000000 "C:\SWSetup\wwandrvE\Launcher.exe"=0x5341435001000000000000000700000028000000808703007BA1030001000000000000000000010600210000975FD891C99ECE0100000000000000000200000028000000000000008000004000000000000000000000000000000000B7060000000000000100000001000000 "C:\SWSetup\wwandrvE\hpcasldetect.exe"=0x5341435001000000000000000700000028000000003620002BAB200001000000000000000000010671220000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000A7060000000000000100000001000000 "C:\Users\jul\Downloads\Firefox Setup Stub 37.0.1.exe"=0x534143500100000000000000070000002800000058B703000000000001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000033780C00000000000100000001000000 "C:\Users\jul\Downloads\unchecky_setup.exe"=0x534143500100000000000000070000002800000018D70E0059C70F0001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000521C0000000000000100000001000000 "C:\Users\jul\Downloads\osmc-installer.exe"=0x5341435001000000000000000700000028000000634E33003713020001000000000000000000010600010000975FD891C99ECE010000000000000000050000001000000000000000000000000000000080000000020000002800000000000000800000000000000000000000000000000000000091500000000000000200000002000000 "C:\Users\jul\Downloads\LinuxLive USB Creator 2.9.3.exe"=0x534143500100000000000000070000002800000096C85D000000000001000000000000000000010600010000975FD891C99ECE010000000000000000 "SIGN.MEDIA=F1800 VirtualBox\Portable-VirtualBox\Portable-VirtualBox.exe"=0x534143500100000000000000070000002800000000180F0072BA0F0001000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000D6B90100000000000100000001000000 "SIGN.MEDIA=1FEFB5 VirtualBox\Virtualize_This_Key.exe"=0x534143500100000000000000070000002800000053E80B0091440A0001000000000000000000010671220000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000053770000000000000100000001000000 "SIGN.MEDIA=52FAF0 setup.exe"=0x5341435001000000000000000700000028000000702E0100E840010001000000000000000000030673020000B395E7CF049FCE010000000000000000020000002800000000000000000000400000000000000000000000000000000063140000000000000100000001000000 "C:\Users\jul\Downloads\GoogleEarthSetup.exe"=0x5341435001000000000000000700000028000000506E0D00B6790D0001000000000000000000030600210000975FD891C99ECE0100000080000000000200000028000000000000000000000000000000000000000000000000000000119C0000000000000100000001000000 "C:\Users\jul\Downloads\uTorrent.exe"=0x5341435001000000000000000700000028000000607E1E0067371F0001000000000000000000030671220000975FD891C99ECE010000000000000000 "C:\Users\jul\AppData\Roaming\ZHP\ZHPCleaner.exe"=0x534143500100000000000000070000002800000000061C006F661C0001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000706A0700000000000600000006000000 "C:\Users\jul\Downloads\windirstat1_1_2_setup.exe"=0x534143500100000000000000070000002800000061DA09000000000001000000000000000000000671000000975FD891C99ECE0100000000000000000200000028000000000000000008004000000000000000000000000000000000D4380300000000000100000001000000 "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe"=0x53414350010000000000000007000000280000006A010B000000000003000000000000000000020600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000613E0000000000000100000001000000 "C:\Users\jul\AppData\Roaming\uTorrent\uTorrent.exe"=0x5341435001000000000000000700000028000000607E1E0067371F0001000000000000000000030671220000DB80FDAC2839D3010000000000000000020000005000000000000000000000000000000000000000000000000000000053920200000000000100000001000000000000000000001000000000000000000000000000000000A5200700000000000300000000000000 "C:\Program Files (x86)\Odin\Odin3 v3.09.exe"=0x534143500100000000000000070000002800000000F42200570B230001000000000000000000020671020000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000C9372405000000000700000007000000 "C:\Program Files (x86)\GoPro\Tools\GoPro Studio.exe"=0x534143500100000000000000070000002800000008CB7B0037AD7C00010000000000000000000306F1200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000047C2800000000000100000001000000 "C:\Program Files (x86)\SDA\SD Formatter\SDFormatter.exe"=0x5341435001000000000000000700000028000000A08711009120120001000000000000000000010600010000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000002000000000000000000000000005E500100000000000D0000000D000000 "C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe"=0x534143500100000000000000070000002800000000330900CA33090001000000000000000000030671220000975FD891C99ECE010000000000000000020000002800000000000000800000600000000000000000000000000000000083D02000000000000100000001000000 "C:\Program Files (x86)\NETGEAR Genie\uninstall.exe"=0x534143500100000000000000070000002800000080F209005B800A0003000000000000000000010671000000975FD891C99ECE0100000000000000000200000028000000000000000008000000000000000000000000000000000000E7950000000000000100000001000000 "SIGN.MEDIA=680DB625 T-HKMDEUC_1411.0.exe"=0x534143500100000000000000070000002800000025B60D680000000001000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000800000000000000000000000000000000000000042CA0400000000000100000001000000 "C:\Users\jul\Downloads\Silverlight_x64.exe"=0x5341435001000000000000000700000028000000E0BCC800E51DC90001000000000000000000010571000000975FD891C99ECE01000000000000000002000000280000000000000080010000000000000000000000000000000000000B270100000000000100000001000000 "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"=0x534143500100000000000000070000002800000038099600CD0E960001000000000000000000000A712200006A920CE5B7BAD0010000000000000000020000002800000000000000000000400000000000000000000000000000000003C20100000000000200000002000000 "C:\Program Files (x86)\ZHPFix\ZHPhep.exe"=0x534143500100000000000000070000002800000000421D0000000000010000000000000000000206712200006A920CE5B7BAD00100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000FE5E0200000000000100000001000000 "C:\Program Files\Windows NT\Accessories\wordpad.exe"=0x534143500100000000000000070000002800000000EE440048A7450001000000010000000000000A73220000EDA4DCB1B3BAD0010000000000000000 "C:\Program Files\Stellarium\stellarium.exe"=0x534143500100000000000000070000002800000000F693000000000001000000000000000000000A73220000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A5CF0000000000000200000002000000 "C:\Program Files\KiCad\bin\kicad.exe"=0x5341435001000000000000000700000028000000001213000112130001000000000000000000000A63200000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000D7537D0F000000000500000005000000 "C:\Program Files (x86)\Arduino\arduino.exe"=0x534143500100000000000000070000002800000000220600FCD6060001000000000000000000000A71200000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000009936810A00000000C9000000C9000000 "C:\Users\jul\Downloads\CDM_v2.12.00_WHQL_Certified.exe"=0x5341435001000000000000000700000028000000F02E22008D3A2200010000000000000000000105710000006A920CE5B7BAD00100000000000000000100000004000000010000000500000010000000000000000000000000000000A0000000020000005000000000000000A00000600000000000000000000000000000000059420000000000000200000002000000000000000000000000021100000000000000110000000000F6180000000000000100000000000000 "C:\Users\jul\Downloads\sscom32E.exe"=0x534143500100000000000000070000002800000000180C0000000000010000000000000000000105510000006A920CE5B7BAD00100000000000000000200000028000000000000000000000000000200000000000000000000000000404D0B00000000000300000003000000 "C:\Users\jul\Documents\Arduino\flash\xtcom\XTCOM_UTIL.exe"=0x534143500100000000000000070000002800000000E00000C01F0100010000000000000000000206710000006A920CE5B7BAD0010000000000000000020000002800000000000000000000000000000000000000000000000000000023170300000000000400000004000000 "C:\Users\jul\Documents\Arduino\flash\FLASH_DOWNLOAD_TOOLS_v0.9.3.1\frame_test.exe"=0x534143500100000000000000070000002800000024527400164D0000010000000000000000000006710200006A920CE5B7BAD0010000000000000000020000002800000000000000000000000000000000000000000000000000000077A80300000000000800000008000000 "C:\Users\jul\Downloads\winzip20-lan.exe"=0x5341435001000000000000000700000028000000307D1000150B3171010000000000000000000306000100006A920CE5B7BAD001000000000000000002000000280000000000000000000000000000000000000000000000000000006CA80200000000000200000002000000 "C:\Users\jul\Documents\Arduino\flash\ESP8266Flasher.exe"=0x534143500100000000000000070000002800000000566C000000000001000000000000000000000A73220000EDA4DCB1B3BAD0010000000000000000020000002800000000000000000000000000000000000000000000000000000067A74600000000000400000004000000 "C:\Users\jul\Documents\Arduino\flash\esp8266_flasher_chi.exe"=0x534143500100000000000000070000002800000021C59B0034330100010000000000000000000006710200006A920CE5B7BAD00100000000000000000200000028000000000000000000000000000000000000000000000000000000C3610100000000000200000002000000 "C:\Users\jul\Downloads\DropboxInstaller.exe"=0x534143500100000000000000070000002800000098870A009BBA0A00010000000000000000000106000100006A920CE5B7BAD00100000080000000000200000028000000000000000000000000000000000000000000000000000000DB2E0100000000000100000001000000 "C:\Users\jul\Desktop\putty.exe"=0x5341435001000000000000000700000028000000007008000000000001000000000000000000000A71200000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000003022F00C000000004E0200004E020000 "C:\Users\jul\Downloads\downloader_for_Alcohol120_trial_2.0.3.8426.exe"=0x534143500100000000000000070000002800000010B00F00B545BAD70100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000ED0A0000000000000100000001000000 "C:\Program Files\7-Zip\7zG.exe"=0x5341435001000000000000000700000028000000007808000000000001000000000000000000000A7320000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000028090000000000000300000003000000 "C:\Program Files\7-Zip\7z.exe"=0x534143500100000000000000070000002800000000D406000000000001000000000000000000000A7320000059193B14E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000005D000000000000000200000002000000 "C:\Program Files\7-Zip\7zFM.exe"=0x534143500100000000000000070000002800000000CA0C000000000001000000000000000000000A7320000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000032E11B0A000000000F0000000F000000 "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Alcohol.exe"=0x5341435001000000000000000700000028000000D03919001B1C1A0001000000000000000000000A00210000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000042E10F01000000000300000003000000 "C:\Users\jul\Downloads\7z1514-x64(1).exe"=0x534143500100000000000000070000002800000014EE14000000000001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000D0CD0000000000000200000002000000 "C:\Program Files\clrmamepro\cmpro64.exe"=0x5341435001000000000000000700000028000000007A7C000000000001000000000000000000000A7322000059193B14E312D10100000000000000000500000010000000000000000000000000000000000000000200000050000000000000000000004000000000000000000000000000000000C44D27000000000001000000010000000000000000000000000000000000000000000000000000007C780000000000000100000000000000 "C:\Program Files (x86)\OpenOffice 4\program\simpress.exe"=0x5341435001000000000000000700000028000000009601000EC7010001000000000000000000000A71220000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000D982AF00000000000A0000000A000000 "C:\Program Files\Autodesk\123D Design\123D Design.exe"=0x534143500100000000000000070000002800000000920600300E070001000000000000000000000A73200000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000E4CA3705000000000500000005000000 "C:\Program Files\FreeCAD 0.16\bin\FreeCAD.exe"=0x5341435001000000000000000700000028000000002202000000000001000000000000000000000A73220000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000E7FB7A07000000008300000083000000 "C:\Users\jul\Downloads\TeamViewer_Setup_fr.exe"=0x5341435001000000000000000700000028000000B07E9300C924940001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000AA020100000000000100000001000000 "C:\Program Files (x86)\TeamViewer\TeamViewer.exe"=0x534143500100000000000000070000002800000010936301304D640101000000000000000000000A00210000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000A8F80A00000000000400000004000000 "C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"=0x534143500100000000000000070000002800000000B0410041E4410001000000010000000000000A7122000019B4C529E312D1010000000000000000 "C:\Users\jul\Downloads\tinytag.msi"=0x534143500100000000000000070000002800000000E400006BAB01000100000000000000000001050010000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000001BE0000000000000100000001000000 "C:\Program Files (x86)\Tinytag\Tinytag Explorer\aspen.exe"=0x5341435001000000000000000700000028000000303F01004BE801000100000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000081FC1700000000000300000003000000 "C:\Users\jul\Downloads\MeshFix\MeshFix-V2.0\bin64\MeshFix.exe"=0x5341435001000000000000000700000028000000003805000000000001000000000000000000000A7322000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000B3640700000000000100000001000000 "C:\Program Files\Blender Foundation\Blender\blender.exe"=0x5341435001000000000000000700000028000000006AA7050000000001000000000000000000000A7322000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000A0193500000000000A0000000A000000 "C:\Users\jul\Downloads\Win32DiskImager-0.9.5-install.exe"=0x53414350010000000000000007000000280000009E8BBB00000000000100000000000000000002060001000019B4C529E312D10100000000000000000200000050000000000000000000004000000000000000000000000000000000844B090000000000010000000100000000000000000000000000000000000000000000000000000072B80000000000000200000000000000 "C:\Program Files (x86)\ImageWriter\Win32DiskImager.exe"=0x5341435001000000000000000500000010000000000000000000000000000000000000000700000028000000001E0200BF47020001000000000000000000030671220000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000A73B1600000000001900000019000000 "C:\Program Files (x86)\LinuxLive USB Creator\LiLi USB Creator.exe"=0x534143500100000000000000070000002800000000BA1500EADC15000100000000000000000003060001000033504C2B57DFD101000000000000000002000000280000000000000000000040000002000000000000000000000000000CCB0E00000000000200000002000000 "SIGN.MEDIA=2A8C53 VirtualBox\Virtualize_This_Key.exe"=0x534143500100000000000000070000002800000053E80B0091440A000100000000000000000001067122000033504C2B57DFD1010000000000000000050000001000000000000000000000000000000000000000020000005000000000000000000000400000001000000000000000000000000061360000000000000100000001000000000000000000000000000010000000000000000000000000B74F000000000000030000000000000006000000080000000000001000000000 "SIGN.MEDIA=2A8C53 VirtualBox\VirtualBox.exe"=0x534143500100000000000000070000002800000000B21000C4B110000100000000000000000003060001000033504C2B57DFD10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000010100010000000000000000000000000A23B0000000000000100000001000000 "C:\Program Files\CCleaner\CCleaner64.exe"=0x5341435001000000000000000700000028000000D88A84004DE4840001000000000000000000000A00210000D5B3B31A57DFD101000000000000000002000000500000000000000000000010000000000000000000000000000000003E0000000000000001000000010000000000000000000000000000000000000000000000000000003E000000000000000100000000000000 "C:\Users\jul\Downloads\npp.7.1.Installer.x64.exe"=0x534143500100000000000000070000002800000058A22B004EAC2B0001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000DD2D0F00000000000100000001000000 "C:\Program Files\Notepad++\notepad++.exe"=0x53414350010000000000000002000000500000000000000000000010000000000000000000000000000000007CAB9200000000001A0000001A000000000000000000000000000000000000000000000000000000F3C5260A000000002E000000000000000700000028000000B082290003D5290001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000 "C:\Users\jul\Downloads\gimp-2.8.18-setup.exe"=0x5341435001000000000000000700000028000000F0199D043EDD9D0401000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000225F0100000000000100000001000000 "C:\Program Files\GIMP 2\bin\gimp-2.8.exe"=0x5341435001000000000000000700000028000000B8015400633C540001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000001091870A000000000600000006000000 "SIGN.MEDIA=FC6 run.bat"=0x5341435001000000000000000700000028000000008E0300E25F040001000000000000000000010500100000D5B3B31A57DFD1010000000000000000 "C:\Program Files\FreeCAD 0.16\Uninstall.exe"=0x53414350010000000000000007000000280000005CD60000000000000300000000000000000001060001000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000008F530000000000000100000001000000 "C:\Users\jul\Downloads\Hyper Electronics Mapper - Mappe grafiche - v6.2.0.3\Setup.exe"=0x534143500100000000000000070000002800000094E4FE00000000000100000000000000000000067102000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000071000900000000000100000001000000 "C:\Program Files (x86)\Hyper Electronics Mappers\HEM.exe"=0x534143500100000000000000070000002800000000A04500139C460001000000000000000000000A7120000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000088B09D00000000001000000010000000 "SIGN.MEDIA=13B669C SelfPlayer\SelfPlayer.exe"=0x534143500100000000000000070000002800000000442200979E220001000000000000000000000A7122000033504C2B57DFD10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000B75C0000000000000200000002000000 "C:\Users\jul\Downloads\Firefox Setup Stub 53.0.exe"=0x5341435001000000000000000700000028000000D8C10300B32A040001000000000000000000000A0021000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000027250100000000000100000001000000 "C:\Program Files (x86)\Balloon Track\Wbaltrak.exe"=0x534143500100000000000000070000002800000000603000EC8F30000100000000000000000001057120000033504C2B57DFD10100000000000000000200000028000000000000000000000000140000000000000000000000000000FE43F904000000001000000010000000 "C:\Users\jul\Downloads\zadig-2.3.exe"=0x534143500100000000000000070000002800000078B24E00561C4F0001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000F2F50800000000000300000003000000 "C:\Program Files\Rtlsdr\install-rtlsdr.bat"=0x5341435001000000000000000700000028000000008E0300E25F040001000000000000000000010500100000D5B3B31A57DFD1010000000000000000 "C:\Program Files\Rtlsdr\SDRSharp.exe"=0x5341435001000000000000000700000028000000003004000000000001000000000000000000000AF122000033504C2B57DFD1010000000000000000050000001000000000000000000000000000000000000000020000005000000000000000000000400000000000000000000000000000000004250500000000000700000005000000000000000000000010000000000000000000000000000000FA0D0000000000000300000000000000 "C:\Users\jul\Documents\SDR\zadig.exe"=0x534143500100000000000000070000002800000078B24E00561C4F0001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000AB920000000000000100000001000000 "C:\Users\jul\Documents\SDR\SDRSharp.exe"=0x5341435001000000000000000700000028000000003004000000000001000000000000000000000AF122000033504C2B57DFD1010000000000000000050000001000000000000000000000000000000000000000020000005000000000000000000000000000000000000000000000000000000016EF340000000000010000000100000000000000000000400000000000000000000000000000000059BA2700000000000200000000000000 "C:\Users\jul\Downloads\setupRepetierHost_2_0_1.exe"=0x534143500100000000000000070000002800000060139802E74C980201000000000000000000000A0021000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000004FB50800000000000100000001000000 "C:\Program Files\Repetier-Host\RepetierHost.exe"=0x534143500100000000000000070000002800000000045B000000000001000000000000000000000A80210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000004465D002000000003F0000003F000000 "C:\Users\jul\Downloads\Etcher-1.0.0-win32-x64.exe"=0x5341435001000000000000000700000028000000E02291046CAE91040100000000000000000001060001000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000030D20100000000000100000001000000 "C:\Program Files (x86)\Etcher\Etcher.exe"=0x5341435001000000000000000700000028000000C820DB04EC1ADC0401000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000050000000000000000000004000000000000000000000000000000000448C0300000000000100000001000000000000000000000000000000000000000000000000000000370D1200000000000500000000000000 "C:\Users\jul\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000D05E9301F3E9930101000000000000000000000A00210000E63F486B2AA0D2010000000100000000 "C:\Users\jul\Desktop\Spykee Vox English\SpykeeVox.exe"=0x5341435001000000000000000700000028000000007000000000000001000000000000000000010671000000E63F486B2AA0D20100000000000000000200000028000000000000000008004000100200000000000000000000000000F4850100000000000200000002000000 "C:\Program Files (x86)\Meccano\Spykee Vox\SpyKee.exe"=0x53414350010000000000000007000000280000000050C004B948C00401000000000000000000010671220000E63F486B2AA0D20100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000841C0600000000000200000002000000 "SIGN.MEDIA=89C58 setup.exe"=0x5341435001000000000000000700000028000000589C08000000000001000000000000000000000A00210000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000046110000000000000100000001000000 "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe"=0x534143500100000000000000070000002800000038353500EE1B360001000000000000000000000A00210000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000A83A0000000000000200000002000000 "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"=0x534143500100000000000000050000001000000000000000000000000000000000000000070000002800000060560300B753040001000000000000000000030600010000BFA2139DEDD1D3010000000000000000020000002800000000000000000000400000000000000000000000000000000081DBA011000000002900000029000000 "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe"=0x5341435001000000000000000700000028000000B0370200A843020001000000000000000000000600010000DB80FDAC2839D301000000000000000002000000500000000000000000000010000000000000000000000000000000009E4B3500000000000800000002000000000000008000001000000000000000000000000000000000F0550000000000000300000000000000 "C:\Users\jul\Downloads\FileZilla_Server-0_9_60_2.exe"=0x5341435001000000000000000700000028000000C0322200F9EB220001000000000000000000000A00210000E63F486B2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000A8EC0200000000000100000001000000 "C:\Users\jul\Downloads\FileZilla_3.28.0_win64-setup_bundled.exe"=0x534143500100000000000000070000002800000080C78600726C870001000000000000000000000A00210000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000D1D12C00000000000100000001000000 "C:\Program Files\FileZilla FTP Client\filezilla.exe"=0x5341435001000000000000000700000028000000A810C800DB57C80001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000001F977D00000000001400000014000000 "C:\Program Files (x86)\Windows Media Player\wmplayer.exe"=0x5341435001000000000000000700000028000000008C0200FD5A030001000000010000000000000A61220000E63F486B2AA0D2010000000000000000 "C:\Program Files\Windows Media Player\wmplayer.exe"=0x5341435001000000000000000700000028000000009802000592030001000000010000000000000A63220000E78E163C2AA0D2010000000000000000 "C:\Users\jul\AppData\Roaming\Mozilla\Firefox\Profiles\xd94uth5.default\extensions\adbhelper@mozilla.org\win32\adb.exe"=0x534143500100000000000000070000002800000000BC1600B61E170001000000000000000000010571000000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000026190000000000000200000002000000 "C:\Program Files\paint.net\PaintDotNet.exe"=0x5341435001000000000000000700000028000000D8321B000A701B0001000000000000000000000A80210000E78E163C2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000294A2400000000000200000002000000 "C:\Users\jul\Downloads\RDS_PreAlpha\RDS_Pre-Alpha.exe"=0x534143500100000000000000070000002800000020D3EE007856EF0001000000000000000000000A71200000DB80FDAC2839D30100000000000000000200000050000000000000000080002000000000000000000000000000000000E5A01A00000000000B0000000B000000000000000000000000000040000000000000000000000000D9260500000000000100000000000000 "C:\Users\jul\Downloads\companion-windows-2.2.1.exe"=0x53414350010000000000000007000000280000008289CD000000000001000000000000000000010600010000E63F486B2AA0D2010000000000000000020000002800000000000000000000400000000000000000000000000000000027067700000000000100000001000000 "C:\Program Files (x86)\OpenTX\Companion 2.2\companion.exe"=0x5341435001000000000000000700000028000000006E8F000000000001000000000000000000000A71220000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000037D0E500000000002200000022000000 "C:\Users\jul\Downloads\ChromeSetup.exe"=0x5341435001000000000000000700000028000000583D1100C0A5110001000000000000000000000A00210000E63F486B2AA0D2010000008100000000 "C:\Users\jul\Downloads\CP210x_Universal_Windows_Driver\CP210x_Universal_Windows_Driver\CP210xVCPInstaller_x64.exe"=0x5341435001000000000000000700000028000000F8041000B9D1100001000000000000000000000A00210000E78E163C2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000DF0F0000000000000100000001000000 "C:\Users\jul\Documents\TaranisQX7\BlHeli\BLHeliSuite16714900\BLHeliSuite.exe"=0x5341435001000000000000000700000028000000001A3D000000000001000000000000000000000A61200000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000AB650E00000000000300000003000000 "C:\Users\jul\Downloads\TTSAutomate.3.0.0.0.Installer\setup.exe"=0x5341435001000000000000000700000028000000002E0800C8A7070001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000CF8C0000000000000100000001000000 "C:\Program Files (x86)\CaffeineAU\TTSAutomate\TTSAutomate.exe"=0x5341435001000000000000000700000028000000006A07000000000001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000ADF04100000000000400000004000000 "C:\Prog\Superior\Superior.exe"=0x53414350010000000000000007000000280000000010A2000000000001000000000000000000000A71200000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000007EE0700000000000100000001000000 "C:\Users\jul\Downloads\liftoff\Liftoff\Liftoff\skidrowgamesreloaded.com\Launcher.exe"=0x5341435001000000000000000700000028000000008C030097D3030001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000008000000000000000000000000000000000000000EBFC3200000000000600000006000000 "C:\Users\jul\Downloads\ZelioSoft2_5.1_FINAL2.exe"=0x5341435001000000000000000700000028000000E7ABA4030000000001000000000000000000000A71200000DB80FDAC2839D3010000000000000000020000005000000000000000000000400000000000000000000000000000000021D201000000000001000000010000000000000000000000000010000000000000000000000000003A5C0000000000000200000000000000 "C:\Program Files (x86)\Schneider Electric\Zelio Soft 2\Zelio2.exe"=0x5341435001000000000000000700000028000000002C68000000000001000000000000000000000A71200000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B7B70A00000000000400000004000000 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"=0x53414350010000000000000007000000280000005823180083DB180001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "C:\Users\jul\Downloads\betaflight-configurator-installer_10.1.0_win32.exe"=0x5341435001000000000000000700000028000000F322DE030000000001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000BB0E3E01000000000100000001000000 "C:\Users\jul\Documents\TaranisQX7\BlHeli\BLHeliSuite\BLHeliSuite32.exe"=0x5341435001000000000000000700000028000000001032000000000001000000000000000000000A61200000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A9050100000000000100000001000000 "C:\Users\jul\Downloads\MediaCreationTool(1).exe"=0x5341435001000000000000000700000028000000C0141C01357C1C0101000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000009EF54B00000000000200000002000000 "C:\Users\jul\Downloads\JavaSetup8u161.exe"=0x534143500100000000000000070000002800000040681C00794D1D0001000000000000000000000A71220000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000027EB0100000000000100000001000000 "C:\Program Files\internet explorer\iexplore.exe"=0x534143500100000000000000070000002800000038950C005F6B0D0001000000010000000000000A00210000DB80FDAC2839D3010000000000000000 "C:\Users\jul\AppData\Local\Microsoft\OneDrive\18.025.0204.0009\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0AE0300F24D040001000000000000000000000A71200000DB80FDAC2839D3010000000100000000 "C:\Users\jul\Downloads\ZHPDiag3(1).exe"=0x534143500100000000000000070000002800000080592E00064B2F0001000000000000000000030600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000034730500000000000300000003000000 "C:\Program Files (x86)\OpenOffice 4\program\sbase.exe"=0x534143500100000000000000070000002800000000960100F6D3010001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A01EA200000000000100000001000000 "C:\Users\jul\Downloads\Autodesk_Meshmixer_v3p4_Win64.exe"=0x5341435001000000000000000700000028000000A0384A06403A4A0601000000000000000000010600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000CF450100000000000100000001000000 "C:\Program Files\Autodesk\Meshmixer\meshmixer.exe"=0x534143500100000000000000070000002800000038958F01059A8F0101000000000000000000000A73200000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000070E10B0B000000000B0000000B000000 "C:\Users\jul\Downloads\dexpot_1614_r2439.exe"=0x534143500100000000000000070000002800000008AB4A00CF654B0001000000000000000000010600010000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000001E6B0000000000000200000002000000 "C:\Program Files (x86)\Dexpot\dexpot.exe"=0x5341435001000000000000000700000028000000F8211C00A4171D0001000000000000000000030600010000DB80FDAC2839D30100000000000000000200000028000000000000000000000000100000000000000000000000000000D4F35D01000000000100000001000000 "C:\Program Files (x86)\WinDirStat\windirstat.exe"=0x534143500100000000000000070000002800000000F009000000000001000000000000000000010571200000DB80FDAC2839D301000000000000000002000000280000000000000000000000000400000000000000000000000000002D100000000000000100000001000000 "C:\Program Files (x86)\Dexpot\plugins\DexControl.exe"=0x5341435001000000000000000700000028000000F8E102007C5F030001000000000000000000030671020000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000C124790B00000000AF000000AF000000 "C:\Users\jul\Downloads\ZHPDiag3.exe"=0x534143500100000000000000070000002800000080692E0059C72E0001000000000000000000030600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000026690E00000000000300000003000000 "C:\Users\jul\Downloads\ccsetup541.exe"=0x534143500100000000000000070000002800000088F8E9004D79EA0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000D91D0D00000000000100000001000000 "C:\Users\jul\AppData\Roaming\ZHP\ZHPDiag3.exe"=0x534143500100000000000000070000002800000080692E0059C72E0001000000000000000000030600010000BFA2139DEDD1D3010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000072EF0300000000000400000004000000 "C:\Program Files\CCleaner\uninst.exe"=0x53414350010000000000000007000000280000001849050003B8050001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000A6280000000000000100000001000000 "C:\Program Files (x86)\ZHPFix\unins000.exe"=0x5341435001000000000000000700000028000000D0990A000000000001000000000000000000000A41220000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000080170000000000000100000001000000 "C:\Users\jul\Downloads\Simplify3D 4.0.0 [Multi]\Simplify3D-4.0.0-windows-x64-installer.exe"=0x5341435001000000000000000700000028000000D6D5440291662B0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000EF5D8A00000000000200000002000000 "C:\Program Files\Simplify3D-4.0.0\Simplify3D.exe"=0x534143500100000000000000070000002800000000884F000000000001000000000000000000000A73220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000030050D0B000000003000000030000000 "C:\Program Files\Simplify3D-4.0.0\uninstall.exe"=0x53414350010000000000000007000000280000005B6B840091662B0003000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B83F0000000000000100000001000000 "C:\Program Files (x86)\OpenOffice 4\program\swriter.exe"=0x5341435001000000000000000700000028000000009601004538020001000000000000000000000A71220000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000008E3B0400000000000500000005000000 "C:\Users\jul\Downloads\FreeCAD-0.17.13509.0258808-WIN-x64-installer.exe"=0x53414350010000000000000007000000280000002C2DA2170000000001000000000000000000010600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000066DC0000000000000100000001000000 "C:\Program Files\FreeCAD 0.17\vcredist_x64.exe"=0x5341435001000000000000000700000028000000C8C66D0084C76D0001000000000000000000030600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000000002020000000000000000000000000075110000000000000100000001000000 "C:\Program Files\FreeCAD 0.17\bin\FreeCAD.exe"=0x5341435001000000000000000700000028000000002602000000000001000000000000000000000A73220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000046040102000000000E0000000E000000 "C:\Users\jul\Downloads\7-PDFSplitMerge.exe"=0x53414350010000000000000007000000280000002814160019D2160001000000000000000000010600010000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000008AC10000000000000100000001000000 "C:\Program Files (x86)\7-PDF\7-PDF Split & Merge\SevenPDFSplitMerge.exe"=0x5341435001000000000000000700000028000000A864220063E9220001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000BE431400000000000100000001000000 "C:\Program Files (x86)\7-PDF\7-PDF Split & Merge\unins000.exe"=0x53414350010000000000000007000000280000001EE90A000000000001000000000000000000010600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000020000000000000000000000000000B1140000000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ink\mip.exe"=0x53414350010000000000000007000000280000000080170039E8170001000000010000000000000A63200000DB80FDAC2839D3010000000000000000 "C:\Program Files (x86)\Betaflight\Betaflight-Configurator\betaflight-configurator.exe"=0x5341435001000000000000000700000028000000515FD9007DE8400001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000083A7BD00000000001500000015000000 "C:\Users\jul\AppData\Local\Temp\Temp1_u-centersetup_v8.29.zip\u-center_v8.29.exe"=0x5341435001000000000000000700000028000000E8554F016CCE4F0101000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000B4B83400000000000100000001000000 "C:\Program Files (x86)\u-blox\u-center_v8.29\u-center.exe"=0x53414350010000000000000007000000280000004033620021B9620001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000FD3F0200000000000200000002000000 "C:\Users\jul\Downloads\setup-x86_64.exe"=0x5341435001000000000000000700000028000000132011000000000001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000E7F61300000000000300000003000000 "C:\cygwin64\bin\mintty.exe"=0x534143500100000000000000070000002800000000EC080089F1080001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000014B49600000000000C0000000C000000 "C:\Program Files\WindowsApps\CanonicalGroupLimited.UbuntuonWindows_1604.2017.922.0_x64__79rhkp1fndgsc\ubuntu.exe"=0x5341435001000000000000000700000028000000006603000000000001000000000000000000000A73220000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000047AA4900000000000100000001000000 "C:\Users\jul\AppData\Local\Temp\jre-8u171-windows-au.exe"=0x5341435001000000000000000700000028000000C8C11C00A8A21D0001000000000000000000000A71220000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000012482500000000000100000001000000 "C:\Users\jul\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000A0548501FEE6850101000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "C:\Users\jul\AppData\Local\Microsoft\OneDrive\18.065.0329.0002\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0E00300017A040001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "C:\Users\jul\Downloads\win-mg3500-1_1-mcd.exe"=0x534143500100000000000000070000002800000030DE09030F580A0301000000000000000000010600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000A0A20F00000000000200000002000000 "C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe"=0x5341435001000000000000000700000028000000A00C21001DB8210001000000000000000000020600010000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000009DAD2600000000000100000001000000 "C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe"=0x534143500100000000000000070000002800000050FA100009E2110001000000000000000000020600210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000E4230000000000000200000002000000 "C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNPUT.EXE"=0x534143500100000000000000070000002800000050CE0A0020A80B0001000000000000000000020600210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000007CEF2500000000000400000004000000 "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"=0x5341435001000000000000000700000028000000F09D220048F1220001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000001000000000000000000000000000000000C4A35500000000000D0000000D000000 "C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe"=0x5341435001000000000000000700000028000000009601002819020001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000FA3E1B00000000000100000001000000 "C:\Program Files (x86)\OpenOffice 4\program\soffice.exe"=0x5341435001000000000000000700000028000000001A96004393960001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000100000000000000000000000000000000009B76D00000000000600000006000000 "C:\Users\jul\Downloads\LogitechMediaServer-7.7.6.exe"=0x5341435001000000000000000700000028000000203A8303792C840301000000000000000000010600010000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000005BA99F00000000000100000001000000 "C:\Program Files (x86)\Squeezebox\SqueezeTray.exe"=0x534143500100000000000000070000002800000063902E0070CD2E0001000000000000000000010671020000BFA2139DEDD1D301000000000000000002000000500000000000000000000000000000020000000000000000000000000D723D0100000000050000000300000000000000000000400000000000000000000000000000000017040000000000000300000000000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.80.474.0_x86__zpdnekdrzrea0\SpotifyMigrator.exe"=0x5341435001000000000000000700000028000000905D0C003C3C0D0001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000CE06EF01000000000300000003000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.80.474.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090F10B00D0000C0001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000065935103000000000400000004000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.80.474.0_x86__zpdnekdrzrea0\SpotifyStartupTask.exe"=0x5341435001000000000000000700000028000000900702001934020001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000699A5600000000000600000006000000 "C:\Users\jul\Downloads\Etcher-Setup-1.4.4-x64.exe"=0x5341435001000000000000000700000028000000C8F28E031F5E8F0301000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000ECC30000000000000100000001000000 "C:\Users\jul\AppData\Local\Programs\etcher\Etcher.exe"=0x5341435001000000000000000700000028000000A8A5D40483BED40401000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000050000000000000000000000000000000000000000000000000000000DA6D6F03000000000900000007000000000000000000004000000000000000000000000000000000174D2400000000000200000000000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.80.474.0_x86__zpdnekdrzrea0\Spotify.exe"=0x534143500100000000000000070000002800000090A9610126CE610101000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000067AD0000000000000400000004000000 "C:\Program Files (x86)\Squeezebox\server\squeezeboxcp.exe"=0x534143500100000000000000070000002800000060F08400126A850001000000000000000000010671020000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000100000000000000000000000000000678B0000000000000A0000000A000000 "C:\Users\jul\AppData\Local\Temp\Temp1_CP210x_Universal_Windows_Driver(1).zip\CP210x_Universal_Windows_Driver\CP210xVCPInstaller_x64.exe"=0x53414350010000000000000007000000280000000005100048BB100001000000000000000000000A00210000BFA2139DEDD1D301000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000007D0D0000000000000100000001000000 "C:\Program Files\Google\Google Earth Pro\client\googleearth.exe"=0x534143500100000000000000070000002800000078EE130069F0130001000000000000000000000A73220000BFA2139DEDD1D30100000000000000000200000028000000000000000000001000000000000000000000000000000000AE270300000000000500000005000000 "C:\Program Files (x86)\OpenOffice 4\program\scalc.exe"=0x534143500100000000000000070000002800000000960100847F020001000000000000000000000A71220000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000006ED33100000000000200000002000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090ED0B003B9E0C0001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000 "C:\Program Files\Mozilla Firefox\firefox.exe"=0x5341435001000000000000000700000028000000D0C106002857070001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Users\jul\Downloads\ZHPDiag3(2).exe"=0x534143500100000000000000070000002800000080CB2F00CD2B300001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000A4F30400000000000200000002000000 "C:\Users\jul\Desktop\QuickDiag.exe"=0x5341435001000000000000000700000028000000A8FF3D000B1C3E0001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=131706737502328198 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "DisableAntiSpyware"=0 "ProductType"=2 "ManagedDefenderProductType"=0 "ProductStatus"=0 "InstallTime"=0xFCD96722087ED001 "OOBEInstallTime"=0x55D7DF9194EAD301 "InstallLocation"=C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\ "DisableAntiVirus"=0 "BackupLocation"=C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) [HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001] : AF_UNIX [HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001] : AF_UNIX [HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001] : AF_UNIX [HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001] : AF_UNIX ---------- | Hosts # Copyright (c) 1993-2009 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. # 127.0.0.1 localhost # ::1 localhost # unchecky_begin # These rules were added by the Unchecky program in order to block advertising software modules 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 rp.yefeneri2.com 0.0.0.0 os.yefeneri2.com 0.0.0.0 os2.yefeneri2.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com 0.0.0.0 cdn.tuto4pc.com 0.0.0.0 cdn.appround.biz 0.0.0.0 cdn.bigspeedpro.com 0.0.0.0 cdn.bispd.com 0.0.0.0 cdn.bisrv.com 0.0.0.0 cdn.cdndp.com 0.0.0.0 cdn.download.sweetpacks.com 0.0.0.0 cdn.dpdownload.com 0.0.0.0 cdn.visualbee.net # unchecky_end ---------- | Ping Envoi d'une requÿýte 'ping' sur google.com [172.217.22.142] avec 32 octets de donnÿýesÿý: Rÿýponse de 172.217.22.142ÿý: octets=32 temps=8 ms TTL=53 Rÿýponse de 172.217.22.142ÿý: octets=32 temps=8 ms TTL=53 Rÿýponse de 172.217.22.142ÿý: octets=32 temps=9 ms TTL=53 Rÿýponse de 172.217.22.142ÿý: octets=32 temps=17 ms TTL=53 Statistiques Ping pour 172.217.22.142: Paquetsÿý: envoyÿýs = 4, reÿýus = 4, perdus = 0 (perte 0%), Durÿýe approximative des boucles en millisecondes : Minimum = 8ms, Maximum = 17ms, Moyenne = 10ms ---------- | @ [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Cache_Update_Frequency"=Once_Per_Session "Local Page"=C:\Windows\system32\blank.htm "NoUpdateCheck"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=http://www.google.com/ "OperationalData"=13 "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2400000024000000790300007C020000 "ImageStoreRandomFolder"=q2ckd51 "Start Page Redirect Cache_TIMESTAMP"=0xCB5B84E04F8FD001 "Start Page Redirect Cache AcceptLangs"=fr-FR "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0x5187E524029AD301 "DownloadWindowPlacement"=0x2C0000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3B01000054000000BB03000034020000 "Use FormSuggest"=yes "ApplicationTileImmersiveActivation"=0 "AssociationActivationMode"=2 "EdgeSwitchingOSBuildNumber"=10586.th2_release.160906-1759 "IE10TourShown"=1 "IE10TourShownTime"=0x5187E524029AD301 "SearchBandMigrationVersion"=1 "Start Page_TIMESTAMP"=0x6AF6B2F7AABED301 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=0x010000001A0000003CE7D06F67ADA793AC20AF52763FA2A5AF65C2BFE650311357C0020000000E000000344E4F65736248474D5263253364 [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "CertificateRevocation"=1 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "ZonesSecurityUpgrade"=0x9C61004C40EAD301 "EmailName"=User@ "AutoConfigProxy"=wininet.dll "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "WarnOnPost"=0x01000000 "UseSchannelDirectly"=0x01000000 "EnableHttp1_1"=1 "UrlEncoding"=0 "WarnonZoneCrossing"=0 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "LockDatabase"=131706737951323854 [HKLM\Software\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "DisableRandomFlighting"=0 "EnableLegacyEdgeSwitching"=1 "DoNotTrack"=1 [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt01] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [09/06/2018 09:18:39] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt02] - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [09/06/2018 09:18:39] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt03] - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [09/06/2018 09:18:39] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt04] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [09/06/2018 09:18:39] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt05] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [09/06/2018 09:18:39] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt06] - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [09/06/2018 09:18:39] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt07] - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [09/06/2018 09:18:39] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt08] - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [09/06/2018 09:18:39] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt09] - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [09/06/2018 09:18:39] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt10] - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [09/06/2018 09:18:39] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [12/04/2018 01:34:24] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81} -- %SystemRoot%\System32\cscui.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt01] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.22.0.dll [09/06/2018 09:18:39] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt02] - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.22.0.dll [09/06/2018 09:18:39] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt03] - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.22.0.dll [09/06/2018 09:18:39] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt04] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.22.0.dll [09/06/2018 09:18:39] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt05] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.22.0.dll [09/06/2018 09:18:39] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt06] - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.22.0.dll [09/06/2018 09:18:39] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt07] - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.22.0.dll [09/06/2018 09:18:39] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt08] - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.22.0.dll [09/06/2018 09:18:39] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt09] - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.22.0.dll [09/06/2018 09:18:39] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt10] - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.22.0.dll [09/06/2018 09:18:39] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} "KnownProvidersUpgradeTime"=0xFAD7E082931CD101 "Version"=5 "UpgradeTime"=0xFAD7E082931CD101 "DefaultPackCorrection"=1 "ShowSearchSuggestionsInAddressGlobal"=1 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2F56DCAA-153B-4479-B4E2-547405B34FB9}] : (Envoyer à Bluetooth) - [] ---------- | SearchScopes [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : ---------- | Browser Helper Objects [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [30/04/2018 20:48:35] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [30/04/2018 20:48:35] ---------- | Chrome C:\Users\jul\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\jul\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\jul\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\jul\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\jul\AppData\Local\Google\Chrome\User Data\Default\extensions\enacoimjcgeinfnnnpajinjgmkahmfgb = : Crossplatform configuration tool for Cleanflight flight control system - map - https://clients2.google.com/service/update2/crx C:\Users\jul\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\jul\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\jul\AppData\Local\Google\Chrome\User Data\Default\extensions\mejfjggmbnocnfibbibmoogocnjbcjnk = : Cross-platform configuration tool for BLHeli-based electronic speed controllers - short_name: blheli-configurator - https://clients2.google.com/service/update2/crx C:\Users\jul\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\jul\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx C:\Users\jul\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx ---------- | Opera ---------- | Firefox C:\Users\jul\AppData\Roaming\Mozilla\Firefox\Profiles\xd94uth5.default\Extensions\adbhelper@mozilla.org : : ADB Helper - : https://github.com/mozilla/adbhelper C:\Users\jul\AppData\Roaming\Mozilla\Firefox\Profiles\xd94uth5.default\Extensions\fxdevtools-adapters@mozilla.org : : Valence - : https://github.com/mozilla/valence C:\Users\jul\AppData\Roaming\Mozilla\Firefox\Profiles\xd94uth5.default\Extensions\firefox@ghostery.com.xpi [HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 30.0.0.113 Plugin) : C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 30.0.0.113 Plugin) : C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66] - (Intel IPT WebApi plugin) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] - (This plugin updates Intel WebAPI component) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.171.2] - (Java!" Deployment Toolkit) : C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.171.2] - (Oracle® Next Generation Java!" Plug-In) : C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll C:\Users\jul\AppData\Roaming\Mozilla\Firefox\Profiles\aa1b03xi.default-1517348748829\Prefs.js user_pref("browser.startup.homepage_override.buildID", "20180605171542"); user_pref("browser.startup.homepage_override.mstone", "60.0.2"); user_pref("extensions.blocklist.lastModified", "Thu, 07 Jun 2018 21:59:30 GMT"); user_pref("extensions.blocklist.pingCountTotal", 108); user_pref("extensions.blocklist.pingCountVersion", 6); user_pref("extensions.databaseSchema", 24); user_pref("extensions.getAddons.cache.lastUpdate", 1529261580); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.lastAppBuildId", "20180605171542"); user_pref("extensions.lastAppVersion", "60.0.2"); user_pref("extensions.lastPlatformVersion", "60.0.2"); user_pref("extensions.pendingOperations", false); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"directory\":\"{fb60fe01-43b2-44e3-99a1-aafc0251e917}\",\"addons\":{\"tls13-version-fallback-rollout-bug1462099@mozilla.org\":{\"version\":\"4.0\"}}}"); user_pref("extensions.webextensions.uuids", "{\"screenshots@mozilla.org\":\"5a282c8c-9149-4762-b5f9-175816b9593f\"}"); user_pref("services.sync.extension-storage.lastSync", "0"); user_pref("services.sync.extension-storage.lastSyncLocal", "0"); C:\Users\jul\AppData\Roaming\Mozilla\Firefox\Profiles\xd94uth5.default\Prefs.js user_pref("browser.startup.homepage_override.buildID", "20180128191252"); user_pref("browser.startup.homepage_override.mstone", "58.0.1"); user_pref("extensions.adbhelper@mozilla.org.debug", false); user_pref("extensions.adblockplus.notificationdata", "{\"shown\":[]}"); user_pref("extensions.blocklist.pingCountTotal", 711); user_pref("extensions.blocklist.pingCountVersion", -1); user_pref("extensions.databaseSchema", 23); user_pref("extensions.e10s.rollout.blocklist", ""); user_pref("extensions.e10s.rollout.hasAddon", true); user_pref("extensions.e10s.rollout.policy", "50allmpc"); user_pref("extensions.e10sBlockedByAddons", false); user_pref("extensions.e10sMultiBlockedByAddons", true); user_pref("extensions.followonsearch.cohortSample", "0.873890"); user_pref("extensions.fxdevtools-adapters@mozilla.org.sdk.baseURI", "resource://fxdevtools-adapters-at-mozilla-dot-org/"); user_pref("extensions.fxdevtools-adapters@mozilla.org.sdk.domain", "fxdevtools-adapters-at-mozilla-dot-org"); user_pref("extensions.fxdevtools-adapters@mozilla.org.sdk.load.reason", "startup"); user_pref("extensions.fxdevtools-adapters@mozilla.org.sdk.rootURI", "file:///C:/Users/jul/AppData/Roaming/Mozilla/Firefox/Profiles/xd94uth5.default/extensions/fxdevtools-adapters@mozilla.org/"); user_pref("extensions.fxdevtools-adapters@mozilla.org.sdk.version", "0.3.8"); user_pref("extensions.getAddons.cache.lastUpdate", 1517315874); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.hotfix.lastVersion", "20170302.01"); user_pref("extensions.lastAppBuildId", "20180128191252"); user_pref("extensions.lastAppVersion", "58.0.1"); user_pref("extensions.lastPlatformVersion", "58.0.1"); user_pref("extensions.pendingOperations", false); user_pref("extensions.shield-recipe-client.first_run", false); user_pref("extensions.shield-recipe-client.startupExperimentMigrated", true); user_pref("extensions.shield-recipe-client.user_id", "aa8a0465-944f-489f-8fff-47c527474659"); user_pref("extensions.shownSelectionUI", true); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}"); user_pref("extensions.ui.dictionary.hidden", true); user_pref("extensions.ui.experiment.hidden", true); user_pref("extensions.ui.lastCategory", "addons://list/extension"); user_pref("extensions.ui.locale.hidden", true); user_pref("extensions.webextensions.uuids", "{\"firefox@ghostery.com\":\"40e9758d-8eb2-4ee4-b035-f4a3bd81ebc1\",\"screenshots@mozilla.org\":\"cb3289b4-b13d-4f96-b873-f70b434da789\"}"); user_pref("services.sync.extension-storage.lastSync", "0"); user_pref("services.sync.extension-storage.lastSyncLocal", "0"); [Profile0] - Name=default -> Profiles/aa1b03xi.default-1517348748829 ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=212.27.40.240 212.27.40.241 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{97f94b3f-248c-45f2-b491-40dccec863a3}] "DhcpNameServer"=192.168.5.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{ffd33770-bdbb-423a-b14e-0536f765e4b7}] "DhcpNameServer"=212.27.40.240 212.27.40.241 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{97f94b3f-248c-45f2-b491-40dccec863a3}] "DhcpNameServer"=192.168.5.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{ffd33770-bdbb-423a-b14e-0536f765e4b7}] "DhcpNameServer"=212.27.40.240 212.27.40.241 ---------- | Applications [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\Classes\Applications\7zFM.exe] : "C:\Program Files\7-Zip\7zFM.exe" "%1" [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\Classes\Applications\7zG.exe] : "C:\Program Files\7-Zip\7zG.exe" "%1" [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\Classes\Applications\FreeCAD.exe] : "C:\Program Files\FreeCAD 0.17\bin\FreeCAD.exe" "%1" [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\Classes\Applications\notepad++.exe] : "C:\Program Files\Notepad++\notepad++.exe" "%1" [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\Classes\Applications\uTorrent.exe] : "C:\Users\jul\AppData\Roaming\uTorrent\uTorrent.exe" "%1" [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\Classes\Applications\Wbaltrak.exe] : "C:\Program Files (x86)\Balloon Track\Wbaltrak.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DcomLaunch DeviceInstall SystemEventsBroker "rdxgroup"=RetailDemo "wusvcs"=WaaSMedicSvc "BthAppGroup"=BluetoothUserService "BcastDVRUserService"=BcastDVRUserService "Camera"=FrameS "diagnostics"=DiagSvc "PrintWorkflow"=PrintWorkflowUserSvc "GraphicsPerfSvcGroup"=GraphicsPerfSvc "DevicesFlow"=DevicesFlowUserSvc DevicePickerUserSvc "smbsvcs"=lanmanserver browser "PeerDist"=PeerDistSvc "AssignedAccessManagerSvc"=AssignedAccessManagerSvc [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=PlugPlay DcomLaunch DeviceInstall "PrintWorkflow"=PrintWorkflowUserSvc "smbsvcs"=lanmanserver ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\573339af-d9e1-5dd3-804c-e0162fac1f41] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\7-PDF, Germany - Th. Hodes] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\7-Zip] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Adobe] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Akeo Consulting] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Alcohol Soft] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\AlcoholSoftGen] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\AppDataLow] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Apple Computer, Inc.] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Apple Inc.] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Autodesk] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\AvastAdSDK] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\BcmSetup] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Betaflight] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\BitTorrent] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Blender Foundation] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Canon] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Chromium] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\CineForm] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Clients] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Cygwin] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Deeplet] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Dexpot] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\DivXNetworks] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Dropbox] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\DropboxUpdate] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\FLEXnet] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\FreeCAD] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Google] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\GoPro] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Hewlett-Packard] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Intel] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Intel Corporation] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\JavaSoft] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\LinuxLive] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Logitech] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\LuGus Studios] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\luxoid] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Macromedia] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Microsoft] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Mozilla] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\NETGEAR] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Netscape] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Nico Mak Computing] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\nwjs] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\OpenOffice] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\OpenTX] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\paint.net] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\PJRC] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Policies] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\QtProject] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\RegisteredApplications] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Repetier] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Schneider] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Schneider Electric] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Seifert] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\SimonTatham] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Simplify3D] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Superior] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Synaptics] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\SyncEngines] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\sysinternals] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\TeamViewer] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Tinytag] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Trolltech] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\u-blox] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Unchecky] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Unity] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Valve] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Wow6432Node] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\ZebHelpProcess Helper] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\ZHP] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Microsoft\Windows\PrivacySettingsBeforeCreatorsUpdate] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Microsoft\Windows\Winlogon] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\7-Zip] [HKLM\Software\ATI Technologies] [HKLM\Software\Autodesk] [HKLM\Software\Canon] [HKLM\Software\Clients] [HKLM\Software\Cygwin] [HKLM\Software\Dell] [HKLM\Software\DigitalPersona] [HKLM\Software\FileZilla 3] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\GoPro] [HKLM\Software\Hewlett-Packard] [HKLM\Software\HPQ] [HKLM\Software\IDT] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\Intel Corporation] [HKLM\Software\Khronos] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\Motorola] [HKLM\Software\Motorola Mobility] [HKLM\Software\Mozilla] [HKLM\Software\mozilla.org] [HKLM\Software\MozillaPlugins] [HKLM\Software\Notepad++] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\One Time Password Providers] [HKLM\Software\paint.net] [HKLM\Software\Partner] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Repetier] [HKLM\Software\RTLSetup] [HKLM\Software\Sierra Wireless Inc] [HKLM\Software\Simplify3D] [HKLM\Software\SONIX] [HKLM\Software\SRS Labs] [HKLM\Software\Synaptics] [HKLM\Software\sysinternals] [HKLM\Software\Validity] [HKLM\Software\WIDCOMM_TEMP] [HKLM\Software\WinChipHead] [HKLM\Software\WOW6432Node] [HKLM\Software\Microsoft\Windows\AssignedAccessConfiguration] [HKLM\Software\Microsoft\Windows\AssignedAccessCsp] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\Dwm] [HKLM\Software\Microsoft\Windows\DynamicManagement] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\Heat] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\PrivacySettingsBeforeCreatorsUpdate] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AssignedAccessManagerSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BcastDVRUserService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\btagservice] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BthAppGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] [HKLM\Software\WOW6432Node\7-PDF] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\Alcohol Soft] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\Arduino] [HKLM\Software\WOW6432Node\Aten International Co., Ltd.] [HKLM\Software\WOW6432Node\ATI Technologies] [HKLM\Software\WOW6432Node\BSPACode] [HKLM\Software\WOW6432Node\Canon] [HKLM\Software\WOW6432Node\Caphyon] [HKLM\Software\WOW6432Node\Chromium] [HKLM\Software\WOW6432Node\clrmamepro] [HKLM\Software\WOW6432Node\Deeplet] [HKLM\Software\WOW6432Node\Dropbox] [HKLM\Software\WOW6432Node\DropboxUpdate] [HKLM\Software\WOW6432Node\FileZilla 3] [HKLM\Software\WOW6432Node\FileZilla Client] [HKLM\Software\WOW6432Node\FLEXnet] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\GoPro] [HKLM\Software\WOW6432Node\Hewlett-Packard] [HKLM\Software\WOW6432Node\Hot-World GmbH & Co. KG] [HKLM\Software\WOW6432Node\Hyper Electronics Mappers] [HKLM\Software\WOW6432Node\IDT] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\IVT Corporation] [HKLM\Software\WOW6432Node\IVTUPDATE] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Licenses] [HKLM\Software\WOW6432Node\LinuxLive USB Creator] [HKLM\Software\WOW6432Node\Logitech] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Macrovision] [HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\WOW6432Node\Meccano] [HKLM\Software\WOW6432Node\Mediatek] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Motorola] [HKLM\Software\WOW6432Node\Motorola Mobility] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\NETGEAR Genie] [HKLM\Software\WOW6432Node\nwjs] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\One Time Password Providers] [HKLM\Software\WOW6432Node\OpenAL] [HKLM\Software\WOW6432Node\OpenOffice] [HKLM\Software\WOW6432Node\Oracle] [HKLM\Software\WOW6432Node\PDFComplete] [HKLM\Software\WOW6432Node\Ralink] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Schneider Electric] [HKLM\Software\WOW6432Node\Sierra Wireless Inc] [HKLM\Software\WOW6432Node\Sonix] [HKLM\Software\WOW6432Node\TeamViewer] [HKLM\Software\WOW6432Node\Unchecky] [HKLM\Software\WOW6432Node\Validity] [HKLM\Software\WOW6432Node\VideoLAN] [HKLM\Software\WOW6432Node\WOW6432Node] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\Heat] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] ---------- | Drives E: ---------- | C: [22/08/2013 17:36:31] - |SHD| - [1162920043] - C:\$Recycle.Bin [23/09/2017 23:42:18] - |D| - [71354] - C:\a [MD5.0B17239B2E03F5AEA96929003CA22337] - [22/08/2013 17:44:03] - |RASH| - (.-.) - [404250] - (0.0.0.0) - C:\bootmgr [MD5.93B885ADFE0DA089CDF634904FD59F71] - [22/08/2013 17:44:04] - |ASH| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT [11/11/2015 17:09:11] - |SHD| - [6354208] - C:\Config.Msi [27/04/2018 22:52:50] - |D| - [533749338] - C:\cygwin64 [MD5.2C50203F5EDC8091CA1D765F3D94AD04] - [12/11/2015 23:51:54] - |A| - (.-.) - [1396] - (0.0.0.0) - C:\DelFix.txt [27/04/2018 23:18:18] - |D| - [1284836744] - C:\dev [30/07/2015 23:51:49] - |SHD| - [0] - C:\Documents and Settings [05/03/2018 23:01:08] - |D| - [0] - C:\ESD [MD5.D41D8CD98F00B204E9800998ECF8427E] - [13/05/2018 10:24:46] - |ASH| - (.-.) - [4169375744] - (0.0.0.0) - C:\hiberfil.sys [23/04/2015 23:10:23] - |D| - [552752] - C:\Intel [10/09/2015 07:56:11] - |D| - [13975552] - C:\Logs [MD5.5FA5152F3FBFAD999ADE805CC22EFAE7] - [12/11/2015 22:16:10] - |A| - (.-.) - [3122] - (0.0.0.0) - C:\mbam.txt [MD5.800B746FDC4D80469AFC7E5E9B510C9C] - [01/12/2006 23:37:14] - |A| - (.© Microsoft Corporation. - Microsoft® Debug Information Accessor.) - [904704] - (8.0.50727.762) - C:\msdia80.dll [12/11/2015 22:04:03] - |HD| - [0] - C:\OneDriveTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [13/05/2018 10:22:03] - |ASH| - (.-.) - [738197504] - (0.0.0.0) - C:\pagefile.sys [12/04/2018 01:38:20] - |D| - [0] - C:\PerfLogs [08/02/2018 11:12:38] - |D| - [19424858] - C:\Prog [12/04/2018 01:38:20] - |RD| - [8915203748] - C:\Program Files [12/04/2018 01:38:20] - |RD| - [9328368168] - C:\Program Files (x86) [12/04/2018 01:38:20] - |HD| - [2126840790] - C:\ProgramData [17/06/2018 21:17:38] - |D| - [68686] - C:\QuickDiag [MD5.F7F20EF96C28875F5015B58044ED0409] - [17/06/2018 21:17:47] - |A| - (.-.) - [457476] - (0.0.0.0) - C:\QuickDiag.txt [23/04/2015 22:58:22] - |SHD| - [257077706] - C:\Recovery [MD5.D41D8CD98F00B204E9800998ECF8427E] - [13/05/2018 10:22:03] - |ASH| - (.-.) - [16777216] - (0.0.0.0) - C:\swapfile.sys [23/04/2015 23:20:13] - |D| - [5891135966] - C:\SWSetup [23/04/2015 22:57:24] - |SHD| - [0] - C:\System Volume Information [24/04/2015 08:48:02] - |D| - [116935] - C:\system.sav [26/01/2018 14:54:39] - |D| - [55] - C:\Temp [02/11/2017 22:47:41] - |D| - [3586213] - C:\test [11/04/2018 23:04:33] - |RD| - [168383922410] - C:\Users [11/04/2018 23:04:33] - |D| - [23911139133] - C:\Windows ---------- | C:\WINDOWS [MD5.87E5AAE1AA9431EF1DDEDC46D2145BDB] - [24/04/2015 23:58:30] - |A| - (.-.) - [32] - (0.0.0.0) - C:\WINDOWS\0 [12/04/2018 01:38:20] - |D| - [802] - C:\WINDOWS\addins [12/04/2018 01:38:20] - |D| - [10530586] - C:\WINDOWS\appcompat [12/04/2018 01:38:20] - |D| - [8315140] - C:\WINDOWS\apppatch [12/04/2018 01:38:20] - |D| - [0] - C:\WINDOWS\AppReadiness [12/04/2018 01:38:20] - |RD| - [1090934562] - C:\WINDOWS\assembly [12/04/2018 01:38:20] - |D| - [720353] - C:\WINDOWS\bcastdvr [MD5.178BA90AA13F6F834E5C060DC923FB55] - [12/04/2018 01:34:02] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [67072] - (10.0.17134.1) - C:\WINDOWS\bfsvc.exe [12/04/2018 18:24:11] - |SHD| - [580179] - C:\WINDOWS\BitLockerDiscoveryVolumeContents [12/04/2018 01:38:20] - |D| - [38317952] - C:\WINDOWS\Boot [MD5.3166BD6508FF3C4A160CE105FC3B851E] - [13/05/2018 11:18:29] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [12/04/2018 01:38:21] - |D| - [2448984] - C:\WINDOWS\Branding [12/04/2018 01:30:02] - |D| - [0] - C:\WINDOWS\CbsTemp [MD5.C8EC0BA7085E2A33EEA5FE9DB1AE0ED6] - [13/05/2018 10:25:14] - |A| - (.-.) - [7252] - (0.0.0.0) - C:\WINDOWS\comsetup.log [12/04/2018 18:41:55] - |D| - [46708378] - C:\WINDOWS\Containers [23/04/2015 22:58:43] - |D| - [0] - C:\WINDOWS\CSC [12/04/2018 01:38:21] - |D| - [11482410] - C:\WINDOWS\Cursors [12/04/2018 01:38:21] - |D| - [2112554] - C:\WINDOWS\debug [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [13/05/2018 10:28:45] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [12/04/2018 01:38:21] - |D| - [4532872] - C:\WINDOWS\diagnostics [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [13/05/2018 10:28:45] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [12/04/2018 18:19:18] - |D| - [0] - C:\WINDOWS\DigitalLocker [12/04/2018 01:38:21] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files [MD5.42C2AAD76E43CC27ACBF226D4B4E941D] - [24/05/2018 00:07:12] - |A| - (.-.) - [1984] - (0.0.0.0) - C:\WINDOWS\DPINST.LOG [MD5.F859F6DFBD677E723F1E12B7615FF0E9] - [12/04/2018 01:40:39] - |A| - (.-.) - [4179] - (0.0.0.0) - C:\WINDOWS\DtcInstall.log [12/04/2018 01:38:21] - |HD| - [44616] - C:\WINDOWS\ELAMBKUP [12/04/2018 18:19:18] - |D| - [0] - C:\WINDOWS\en-US [MD5.5DE0E7BA127EABFD100739EAF5616D2A] - [25/04/2015 00:21:49] - |A| - (.Hewlett Packard - HP Mobile Broadband Drivers' version DLL.) - [12800] - (8.0.8.4) - C:\WINDOWS\EricssonMobileBroadbandWin8.dll [MD5.AD5296B280E8F522A8A897C96BAB0E1D] - [12/04/2018 01:34:44] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3933184] - (10.0.17134.1) - C:\WINDOWS\explorer.exe [12/04/2018 01:38:21] - |RSD| - [372364004] - C:\WINDOWS\Fonts [12/04/2018 18:19:18] - |D| - [109568] - C:\WINDOWS\fr-FR [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter [12/04/2018 01:38:21] - |D| - [47788502] - C:\WINDOWS\Globalization [12/04/2018 01:38:21] - |D| - [961999] - C:\WINDOWS\Help [MD5.B8A76FE97CECCE9233FE87BCDFA9088E] - [12/04/2018 01:34:25] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1054720] - (10.0.17134.1) - C:\WINDOWS\HelpPane.exe [24/04/2015 23:41:53] - |D| - [7682787] - C:\WINDOWS\Hewlett-Packard [MD5.A50C9DF7603E2F1AEA6B54053794A326] - [12/04/2018 01:34:25] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l aide HTML Microsoft®.) - [17920] - (10.0.17134.1) - C:\WINDOWS\hh.exe [MD5.A26D62549F96C1A24C2EB66DD4C12C26] - [14/12/2012 03:18:46] - |A| - (.Sierra Wireless Inc Copyright (C) 2012 - Sierra Wireless (HP un2430) driver package Version info.) - [15304] - (2.12.1212.0) - C:\WINDOWS\HPun2430Version.dll [12/04/2018 01:38:21] - |D| - [29869] - C:\WINDOWS\IdentityCRL [12/04/2018 01:38:21] - |D| - [28827030] - C:\WINDOWS\IME [12/04/2018 01:38:21] - |RD| - [8489793] - C:\WINDOWS\ImmersiveControlPanel [12/04/2018 01:36:48] - |D| - [73270946] - C:\WINDOWS\INF [12/04/2018 01:38:21] - |D| - [1577251959] - C:\WINDOWS\InfusedApps [12/04/2018 01:38:21] - |D| - [38137502] - C:\WINDOWS\InputMethod [12/04/2018 01:38:21] - |SHD| - [2288545070] - C:\WINDOWS\Installer [12/04/2018 01:38:21] - |D| - [94163] - C:\WINDOWS\L2Schemas [12/04/2018 01:38:21] - |HD| - [0] - C:\WINDOWS\LanguageOverlayCache [12/04/2018 01:38:21] - |D| - [653526428] - C:\WINDOWS\LiveKernelReports [11/04/2018 23:04:39] - |D| - [50979964] - C:\WINDOWS\Logs [12/04/2018 01:38:21] - |RSD| - [20703116] - C:\WINDOWS\media [22/08/2013 17:36:31] - |D| - [1619968] - C:\WINDOWS\MediaViewer [MD5.23AF90D2355D8C83AA4567EF1763B467] - [12/04/2018 01:34:36] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [12/04/2018 01:38:20] - |RD| - [804276310] - C:\WINDOWS\Microsoft.NET [12/04/2018 01:38:21] - |D| - [3135] - C:\WINDOWS\Migration [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\ModemLogs [MD5.BB9A06B8F2DD9D24C77F389D7B2B58D2] - [12/04/2018 01:34:20] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [245760] - (10.0.17134.1) - C:\WINDOWS\notepad.exe [12/04/2018 18:23:03] - |D| - [199472] - C:\WINDOWS\OCR [12/04/2018 01:38:21] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [12/05/2018 21:04:07] - |DC| - [302432918] - C:\WINDOWS\Panther [12/04/2018 01:38:21] - |D| - [455631] - C:\WINDOWS\Performance [MD5.61B71E45A3327CDDB0C3175BF1D4B9AE] - [26/10/2016 22:29:16] - |A| - (.-.) - [107238] - (0.0.0.0) - C:\WINDOWS\PFRO.log [12/04/2018 01:38:21] - |D| - [1136442] - C:\WINDOWS\PLA [12/04/2018 01:38:21] - |D| - [7206076] - C:\WINDOWS\PolicyDefinitions [13/05/2018 10:22:35] - |D| - [4574945] - C:\WINDOWS\Prefetch [12/04/2018 01:38:21] - |RD| - [1965014] - C:\WINDOWS\PrintDialog [MD5.37BAA0C11BDFD8E54594E9C923CDF25E] - [12/04/2018 18:24:39] - |A| - (.-.) - [36112] - (0.0.0.0) - C:\WINDOWS\Professional.xml [12/04/2018 01:38:21] - |D| - [5220115] - C:\WINDOWS\Provisioning [MD5.AC91328EE5CFFBD695CE912F75F876F6] - [12/04/2018 01:34:34] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [336384] - (10.0.17134.1) - C:\WINDOWS\regedit.exe [12/04/2018 01:38:21] - |D| - [1141084] - C:\WINDOWS\Registration [12/04/2018 18:24:11] - |D| - [0] - C:\WINDOWS\RemotePackages [12/04/2018 01:38:21] - |D| - [6539568] - C:\WINDOWS\rescache [12/04/2018 01:38:21] - |D| - [3867877] - C:\WINDOWS\Resources [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\SchCache [12/04/2018 01:38:21] - |D| - [189322] - C:\WINDOWS\schemas [12/04/2018 01:38:21] - |D| - [10469231] - C:\WINDOWS\security [MD5.4DF2DFC0790554D375DD0338F02D2011] - [17/01/2017 23:52:00] - |A| - (.Copyright (C) 2014 - SelfPlayer MFC Application.) - [2245632] - (1.0.3.3) - C:\WINDOWS\SelfPlayer.exe [MD5.3431D80B0809F219C9F63086A2A566E8] - [17/01/2017 23:52:00] - |A| - (.-.) - [727] - (0.0.0.0) - C:\WINDOWS\SelfPlayer.ini [MD5.7FAE02A0C66BE0CD99964CCA3333E098] - [17/01/2017 23:52:00] - |A| - (.Copyright c 2008 - SelfPlayerInstall.) - [24576] - (1.0.0.1) - C:\WINDOWS\SelfPlayerInstall.exe [13/05/2018 11:17:56] - |D| - [60178850] - C:\WINDOWS\ServiceProfiles [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\ServiceState [11/04/2018 23:04:33] - |D| - [68238484] - C:\WINDOWS\servicing [12/04/2018 01:41:20] - |D| - [42] - C:\WINDOWS\Setup [MD5.B9917FC4C836776765E311FFF84DD534] - [07/05/2017 17:56:57] - |A| - (.Copyright (C) 1987-1999 Microsoft Corporation - Visual Basic 6.0 Setup Toolkit.) - [249856] - (6.0.0.8804) - C:\WINDOWS\Setup1.exe [MD5.5A8833873FB482A8AF7085E50D1E5BD4] - [13/05/2018 10:22:38] - |A| - (.-.) - [20962] - (0.0.0.0) - C:\WINDOWS\setupact.log [MD5.98D3742BCC68C2FC743BC49FC3BFD47C] - [13/05/2018 10:22:38] - |A| - (.-.) - [360] - (0.0.0.0) - C:\WINDOWS\setuperr.log [12/04/2018 01:38:21] - |D| - [6442496] - C:\WINDOWS\ShellComponents [12/04/2018 01:38:21] - |D| - [53633024] - C:\WINDOWS\ShellExperiences [12/04/2018 18:20:18] - |D| - [3070736] - C:\WINDOWS\SKB [MD5.28CBE9DE37E1A99BDD05441A4B208EAB] - [15/07/2015 23:31:34] - |A| - (.-.) - [15497] - (0.0.0.0) - C:\WINDOWS\snp2uvc.ini [MD5.67FAEAC1D6FD7B0FD0D5B5421AD82630] - [15/07/2015 23:31:34] - |A| - (.-.) - [13021] - (0.0.0.0) - C:\WINDOWS\snp2uvc.src [MD5.BAF324A252276F9C68FB16C5E64293BD] - [15/07/2015 23:35:26] - |A| - (.Copyright (C) 2007 - DisplaySettingMonitor MFC Application.) - [35656] - (1.0.2.1) - C:\WINDOWS\snuvcdsm.exe [23/04/2015 23:03:46] - |D| - [307412863] - C:\WINDOWS\SoftwareDistribution [12/04/2018 01:38:21] - |D| - [86037185] - C:\WINDOWS\Speech [12/04/2018 01:38:21] - |D| - [63476142] - C:\WINDOWS\Speech_OneCore [MD5.8D59B31FF375059E3C32B17BF31A76D5] - [12/04/2018 01:34:41] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [130560] - (10.0.17134.1) - C:\WINDOWS\splwow64.exe [MD5.D422839C99927DB561F5C019643EACEC] - [07/05/2017 17:56:56] - |A| - (.Copyright © 1987-1998 Microsoft Corp. - Visual Basic Setup Toolkit Uninstaller.) - [73216] - (6.0.84.50) - C:\WINDOWS\ST6UNST.EXE [MD5.2664EEEE55F34BC4FAAA8EE41393D2CD] - [31/07/2015 00:25:21] - |A| - (.-.) - [31856] - (0.0.0.0) - C:\WINDOWS\Starter.xml [MD5.9277EA3F9B3613BBB31F6E369A3CE71D] - [24/04/2015 23:47:24] - |A| - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [1664000] - (1.0.6428.0) - C:\WINDOWS\sttray64.exe [MD5.2DAA00FFF77335FEDBBE505734562BD8] - [13/05/2018 10:22:56] - |A| - (.-.) - [531] - (0.0.0.0) - C:\WINDOWS\Synaptics.log [MD5.2DAA00FFF77335FEDBBE505734562BD8] - [13/05/2018 10:22:56] - |A| - (.-.) - [531] - (0.0.0.0) - C:\WINDOWS\Synaptics.PD.log [12/04/2018 01:38:21] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [22/08/2013 15:25:43] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [11/04/2018 23:04:33] - |D| - [5426827993] - C:\WINDOWS\System32 [12/04/2018 01:38:21] - |D| - [226866298] - C:\WINDOWS\SystemApps [12/04/2018 01:38:21] - |D| - [25650717] - C:\WINDOWS\SystemResources [11/04/2018 23:04:41] - |D| - [1477081513] - C:\WINDOWS\SysWOW64 [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\TAPI [22/08/2013 17:36:30] - |D| - [2390] - C:\WINDOWS\Tasks [12/04/2018 01:38:21] - |D| - [2124801] - C:\WINDOWS\Temp [12/04/2018 01:38:21] - |D| - [13606400] - C:\WINDOWS\TextInput [22/08/2013 17:36:30] - |RD| - [0] - C:\WINDOWS\ToastData [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\tracing [12/04/2018 01:38:21] - |D| - [10557718] - C:\WINDOWS\twain_32 [MD5.076387B253E6A381090F59EDBFC5EEF6] - [12/04/2018 01:34:53] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [65536] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [14/06/2017 00:46:33] - |SD| - [0] - C:\WINDOWS\UpdateAssistantV2 [MD5.5C82BE7AD1775B67916EE19C15B99331] - [17/01/2017 23:52:00] - |A| - (.© Microsoft Corporation. - Win32 Cabinet Self-Extractor .) - [2723264] - (6.0.3790.0) - C:\WINDOWS\vcredist_x86.exe [22/08/2013 17:36:30] - |D| - [0] - C:\WINDOWS\vpnplugins [12/04/2018 01:38:21] - |D| - [12420] - C:\WINDOWS\Vss [11/04/2018 23:04:37] - |D| - [25810] - C:\WINDOWS\WaaS [12/04/2018 01:38:21] - |D| - [17312516] - C:\WINDOWS\Web [MD5.23CF8138F49416231807E6DE371FB9E6] - [22/08/2013 15:25:43] - |A| - (.-.) - [92] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [12/04/2018 01:34:36] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.2CC83D93DD1DDE691158CF5E9882420B] - [27/03/2018 23:12:37] - |A| - (.-.) - [276] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.EE1F0DE1ED3E8A5BF080B3497049969E] - [12/04/2018 01:34:52] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.17134.1) - C:\WINDOWS\winhlp32.exe [11/04/2018 23:04:33] - |D| - [8512157750] - C:\WINDOWS\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [12/04/2018 01:33:56] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.5266C61652051E9EF3A4D199001F6B17] - [12/04/2018 01:34:19] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.17134.1) - C:\WINDOWS\write.exe ---------- | C:\WINDOWS\System32\GroupPolicy [MD5.E78254479CFFB940B8D7F4EFD0475436] - [24/05/2017 22:16:47] - |A| - (.-.) - [128] - (0.0.0.0) - C:\WINDOWS\System32\GroupPolicy\gpt.ini [24/05/2017 22:16:47] - |D| - [148] - C:\WINDOWS\System32\GroupPolicy\Machine [24/05/2017 22:16:47] - |D| - [0] - C:\WINDOWS\System32\GroupPolicy\User ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [04/02/2018 00:11:58] - C:\WINDOWS\Installer\14eab53e.msi : ( - Liam O'Hagan) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/12/2012 18:39:46] - C:\WINDOWS\Installer\18cf54.msi : (Intel(R) Trusted Connect Service Client - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/04/2015 23:28:26] - C:\WINDOWS\Installer\18cf64.msi : (HP Wireless Button Driver - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/08/2012 03:04:30] - C:\WINDOWS\Installer\1b5600.msi : (AMD Catalyst Install Manager Installer (64 bit) - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/08/2012 03:05:18] - C:\WINDOWS\Installer\1b5604.msi : (AMD Accelerated Parallel Processing SDK - Advanced Micro Devices Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/04/2015 08:48:40] - C:\WINDOWS\Installer\1b560d.msi : (HP 3D DriveGuard - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/04/2015 08:50:20] - C:\WINDOWS\Installer\1b5612.msi : (HP Hotkey Support - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/04/2015 01:43:54] - C:\WINDOWS\Installer\1e2c51.msi : ( - AT&T Research Labs.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/05/2018 12:31:51] - C:\WINDOWS\Installer\1f5f2e52.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/08/2014 14:09:42] - C:\WINDOWS\Installer\2cbfcec.msi : ( - Motorola Mobility LLC) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/06/2014 16:37:52] - C:\WINDOWS\Installer\2cbfcf6.msi : ( - Motorola Mobility) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/05/2018 09:02:18] - C:\WINDOWS\Installer\33348c1c.msi : (Dropbox Update Helper - Dropbox, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/08/2012 03:56:36] - C:\WINDOWS\Installer\50e3ffc.msi : (Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology - Motorola Solutions, Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/08/2012 08:11:40] - C:\WINDOWS\Installer\52051c9.msi : (Ralink Bluetooth Stack - Ralink Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/03/2014 10:08:06] - C:\WINDOWS\Installer\52051e8.msi : (HP Software Framework - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/03/2014 10:07:00] - C:\WINDOWS\Installer\52051eb.msi : (HP Quick Start [1.0.4660.30220] - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/03/2014 09:52:00] - C:\WINDOWS\Installer\52051f4.msi : (HP ESU for Microsoft Windows 8 - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2015 00:16:32] - C:\WINDOWS\Installer\5205204.msi : (Blank Project Template - InstallShield) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/08/2012 20:44:54] - C:\WINDOWS\Installer\5205207.msi : (Intel® WiFi - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/08/2012 20:43:44] - C:\WINDOWS\Installer\520520b.msi : (Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/03/2018 14:34:20] - C:\WINDOWS\Installer\55b40fbb.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [02/10/2017 23:44:48] - C:\WINDOWS\Installer\5b9d63.msi : ( - dotPDN LLC) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/05/2016 00:40:20] - C:\WINDOWS\Installer\8853ec.msi : (GoPro for Desktop - GoPro, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/05/2016 00:41:02] - C:\WINDOWS\Installer\885474.msi : (GoPro CineForm VFW Codec 64 bit - GoPro, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/05/2016 00:41:00] - C:\WINDOWS\Installer\885479.msi : (GoPro CineForm VFW Codec 32 bit - GoPro, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/03/2015 10:41:29] - C:\WINDOWS\Installer\896e5.msi : ( - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/07/2016 22:00:32] - C:\WINDOWS\Installer\8bcd3.msi : (Tinytag Explorer 4.9 - Gemini Data Loggers) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/11/2015 00:28:05] - C:\WINDOWS\Installer\95347.msi : (Validity Fingerprint Sensor Driver install package - Validity Sensors, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/08/2016 23:57:04] - C:\WINDOWS\Installer\95cddc.msi : (Blender - Blender Foundation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/12/2017 05:24:08] - C:\WINDOWS\Installer\9d0d4af.msi : (OpenOffice 4.1.5 - OpenOffice) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/08/2015 22:52:36] - C:\WINDOWS\Installer\a1e12c.msi : (Blank Project Template - SD Association) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/06/2017 11:26:18] - C:\WINDOWS\Installer\dd17686.msi : (Installation for Schneider Electric Software Update - Schneider Electric) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/02/2018 21:43:38] - C:\WINDOWS\Installer\f103881.msi : (Google Earth Pro - Google) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/04/2018 20:48:18] - C:\WINDOWS\Installer\f17629f.msi : (Java SE Runtime Environment 8 Update 171 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/04/2018 20:48:11] - C:\WINDOWS\Installer\f1762a8.msi : (Java Auto Updater - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/04/2015 23:32:44] - C:\WINDOWS\Installer\HPVFSSVC4.5.133.0.msi : (Validity Fingerprint Sensor Driver install package - Validity Sensors, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [12/04/2018 01:33:56] - [3329] - C:\WINDOWS\System32\ieuinit.inf [13/05/2018 10:27:07] - [1770012] - C:\WINDOWS\System32\PerfStringBackup.INI [12/04/2018 01:34:33] - [60124] - C:\WINDOWS\System32\tcpmon.ini [12/04/2018 01:34:20] - [2404] - C:\WINDOWS\System32\WimBootCompress.ini [12/04/2018 01:34:00] - [3329] - C:\WINDOWS\Syswow64\ieuinit.inf [25/04/2015 00:25:05] - [43] - C:\WINDOWS\Syswow64\LOCALDEVICE.INI [25/04/2015 00:25:05] - [4524] - C:\WINDOWS\Syswow64\LOCALSERVICE.INI [23/04/2015 23:40:11] - [1796904] - C:\WINDOWS\Syswow64\PerfStringBackup.INI [25/04/2015 16:48:13] - [104] - C:\WINDOWS\Syswow64\REMOTEDEVICE.INI [12/04/2018 01:34:49] - [2404] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:20] - [0 Ko] - C:\WINDOWS\AppPatch\Custom\Custom64 [MD5.00000000000000000000000000000000] - |D| - [12/06/2018 08:35:31] - [0 Ko] - C:\WINDOWS\Temp\689A703B-8E23-4AD6-A278-5E09F649799C-Sigs [MD5.2D4AE5F041D945AF40C1C6C76CA70C45] - |A| - [06/06/2018 20:29:01] - (.-.) - [24.75 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\chrome_installer.log [MD5.00000000000000000000000000000000] - |D| - [06/06/2018 20:29:01] - [0.04 Ko] - C:\WINDOWS\Temp\Crashpad [MD5.00000000000000000000000000000000] - |D| - [12/06/2018 23:27:43] - [1891.89 Ko] - C:\WINDOWS\Temp\CR_E6DB2.tmp [MD5.00000000000000000000000000000000] - |D| - [14/06/2018 22:41:47] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_alternativeTrace [MD5.00000000000000000000000000000000] - |D| - [14/06/2018 22:41:47] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_aot [MD5.00000000000000000000000000000000] - |D| - [14/06/2018 22:41:47] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_diag [MD5.00000000000000000000000000000000] - |D| - [14/06/2018 22:41:47] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_miniTrace [MD5.98664017CBF2544A420953B2C1892EF8] - |A| - [22/05/2018 08:30:46] - (.-.) - [75.91 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpCmdRun.log [MD5.B45EAF5F9B239C9571B27D1878B714A5] - |A| - [07/06/2018 13:12:40] - (.-.) - [82.42 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpSigStub.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [24/04/2015 23:58:30] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\System32\0 [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:19:19] - [0 Ko] - C:\WINDOWS\System32\0409 [MD5.DCBADE1C40D65EFC7B95890825402221] - |A| - [24/04/2015 23:47:24] - (.-.) - [3.69 Ko] - (0.0.0.0) - C:\WINDOWS\System32\2hps.ico [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [12/04/2018 01:34:20] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [12/04/2018 01:34:07] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@BackgroundAccessToastIcon.png [MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [12/04/2018 01:34:25] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@bitlockertoastimage.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [12/04/2018 01:34:14] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@EnrollmentToastIcon.png [MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [12/04/2018 01:34:27] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@language_notification_icon.png [MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [12/04/2018 01:34:32] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@optionalfeatures.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [12/04/2018 01:34:33] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@VpnToastIcon.png [MD5.7AC3EA1A5175106ED6467FF0C5315541] - |A| - [12/04/2018 01:34:44] - (.-.) - [14.75 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WiFiNotificationIcon.png [MD5.79166EAF65485F1432DD72B72870026B] - |A| - [12/04/2018 01:34:04] - (.-.) - [190.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@windows-hello-V4.1.gif [MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [12/04/2018 01:34:04] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsHelloFaceToastIcon.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-black.png [MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-white.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [12/04/2018 01:34:20] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WirelessDisplayToast.png [MD5.D0FCF781D0801ABF5F74B54E98076A5B] - |A| - [12/04/2018 01:34:12] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanNotificationIcon.png [MD5.85D91E478AF18125007C531227FF6E59] - |A| - [12/04/2018 01:34:12] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanSimLockIcon.png [MD5.CE5220A46E16903FAD8DBDC560BC1A89] - |A| - [02/08/2012 01:52:50] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 1.1 Runtime.) - [16079 Ko] - (10.0.938.2) - C:\WINDOWS\System32\amdocl64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [25/04/2015 00:30:18] - [0 Ko] - C:\WINDOWS\System32\appmgmt [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [2535.95 Ko] - C:\WINDOWS\System32\appraiser [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 18:24:11] - [287.58 Ko] - C:\WINDOWS\System32\AppV [MD5.F94192B47ACA96AFFEBC1073891EBB42] - |A| - [16/07/2016 13:43:20] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AppVStreamingUX.exe.config [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [345.5 Ko] - C:\WINDOWS\System32\ar-SA [MD5.B4F803BBEAFAD4DE89C6D3718E93F4F0] - |A| - [12/04/2018 01:34:15] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [602 Ko] - (3.3.2.0) - C:\WINDOWS\System32\archiveint.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30.5 Ko] - C:\WINDOWS\System32\as-IN [MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [12/04/2018 01:34:04] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AverageRoom.bin [MD5.77493E0A7EAF4020A6C0D346B4FFA9D4] - |A| - [23/12/2009 12:15:54] - (.Copyright(C) 2002-2010 Alcohol Soft Development Team - Alcohol iSCSI Sharing Center Controal Panel Applet.) - [78.84 Ko] - (2.0.0.1022) - C:\WINDOWS\System32\AxSWindCx64.cpl [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30 Ko] - C:\WINDOWS\System32\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29.5 Ko] - C:\WINDOWS\System32\be-BY [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [345.5 Ko] - C:\WINDOWS\System32\bg-BG [MD5.4DB832701EA2D47F325ED11F012F7338] - |A| - [24/04/2015 23:47:24] - (.-.) - [3.69 Ko] - (0.0.0.0) - C:\WINDOWS\System32\bltinmic.ico [MD5.705628497C0012302212A46ADD463E6E] - |A| - [12/04/2018 01:34:02] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-black.png [MD5.F63C615733A3337BF2BEA96C6EE9B568] - |A| - [12/04/2018 01:34:02] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-high.png [MD5.705628497C0012302212A46ADD463E6E] - |A| - [12/04/2018 01:34:02] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-white.png [MD5.DAF1DCB4AEE839A1965F4CC160C49A53] - |A| - [12/04/2018 01:34:02] - (.-.) - [8.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.png [MD5.28ECA83D7F9D10D69E969675D1FF6725] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.contrast-white.png [MD5.A620186FF1CDE4EE117FC4CAD648B9CC] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28.5 Ko] - C:\WINDOWS\System32\bn-BD [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29.5 Ko] - C:\WINDOWS\System32\bn-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [4832.22 Ko] - C:\WINDOWS\System32\Boot [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28.5 Ko] - C:\WINDOWS\System32\bs-Latn-BA [MD5.06DB0A736F8A78151518276F232669FC] - |A| - [12/04/2018 01:34:19] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [181 Ko] - (1.0.0.1) - C:\WINDOWS\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0.1 Ko] - C:\WINDOWS\System32\Bthprops [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30.5 Ko] - C:\WINDOWS\System32\ca-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [31 Ko] - C:\WINDOWS\System32\ca-ES-valencia [MD5.3D19C2CA51527E65D4273F13317D6655] - |A| - [18/08/2017 18:42:50] - (.-.) - [0.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\calibration.bin [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:33] - [52107.68 Ko] - C:\WINDOWS\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [28168.15 Ko] - C:\WINDOWS\System32\catroot2 [MD5.76B91BD88D1D9DD6397C1018E3EBF8D3] - |A| - [12/05/2016 00:27:38] - (.Copyright © 2001-2015 GoPro Inc. - CineForm VFW CODEC.) - [1303.5 Ko] - (9.2.1.690) - C:\WINDOWS\System32\CFHD.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [23 Ko] - C:\WINDOWS\System32\chr-CHER-US [MD5.A4D31479309A0629B9143A71E2CA6DCE] - |A| - [02/08/2012 01:53:30] - (.-.) - [183 Ko] - (0.0.0.0) - C:\WINDOWS\System32\clinfo.exe [MD5.12CB1C602CC94E771E9B4F41F07D1E23] - |A| - [06/10/2016 21:51:45] - (.Copyright CANON INC. 2000-2012 All Rights Reserved - IJ Language Monitor.) - [382 Ko] - (0.3.0.1) - C:\WINDOWS\System32\CNMLMBV.DLL [MD5.98DC5275FAC302FA8CE49194908AF3D5] - |A| - [03/05/2018 21:29:05] - (.Copyright CANON INC. 2003-2013 All Rights Reserved - Canon IJ Network 64bit comm Module.) - [351.5 Ko] - (3.3.0.30) - C:\WINDOWS\System32\CNMN6PPM.DLL [MD5.9C821D94738FF35B0B324E710B360702] - |A| - [03/05/2018 21:29:05] - (.Copyright CANON INC. 2003-2013 All Rights Reserved - Canon IJ Network 64bit UI Module.) - [38.5 Ko] - (3.3.0.30) - C:\WINDOWS\System32\CNMN6UI.DLL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [3359.48 Ko] - C:\WINDOWS\System32\CodeIntegrity [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [368 Ko] - C:\WINDOWS\System32\com [MD5.535884123FABC2C15AA7DEC9834B55D4] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.contrast-white.png [MD5.89F92266DFC6F93961DFFBB2D6C61A15] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:33] - [287101.72 Ko] - C:\WINDOWS\System32\config [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [53.11 Ko] - C:\WINDOWS\System32\Configuration [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [408 Ko] - C:\WINDOWS\System32\cs-CZ [MD5.3554F5E72CA93DA956EF0A4C4801B8BC] - |A| - [15/07/2015 23:35:26] - (.Copyright (C) 2010 - The utilities for device installation.) - [249.32 Ko] - (1.0.9.0) - C:\WINDOWS\System32\csnp2uvc.dll [MD5.BDEBD2FC4927DA00EEA263AF9CF8F7ED] - |A| - [12/04/2018 01:34:15] - (.© 1996 - 2017 Daniel Stenberg, <daniel@haxx.se>. - The curl executable.) - [414.5 Ko] - (7.55.1.0) - C:\WINDOWS\System32\curl.exe [MD5.59075B2A63DF6A568123218BF4DC2696] - |A| - [30/12/2015 23:52:34] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\CustomModeApp.exe.config [MD5.899E708E589C09700BFF1C73CB7D7002] - |A| - [30/12/2015 23:52:34] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\CustomModeAppv2_0.exe.config [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [31.5 Ko] - C:\WINDOWS\System32\cy-GB [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [403.5 Ko] - C:\WINDOWS\System32\da-DK [MD5.4EDE94905F4910EA8CF91D4101DA198A] - |A| - [12/04/2018 01:34:04] - (.-.) - [138 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DataStoreCacheDumpTool.exe [MD5.0CE751A4B91D0EFD4DA259F1F0DC4477] - |A| - [04/06/2018 12:18:30] - (.Dropbox, Inc. - Dropbox Service.) - [49.83 Ko] - (1.0.24.0) - C:\WINDOWS\System32\DbxSvc.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [217.6 Ko] - C:\WINDOWS\System32\DDFs [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [458 Ko] - C:\WINDOWS\System32\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [12/04/2018 01:34:06] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultAccountTile.png [MD5.618BA9E529EAB7E11DBA43469481835F] - |A| - [12/04/2018 01:34:04] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [12/04/2018 01:38:27] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultQuestions.json [MD5.46BBA24DEED94A68F244D5DBA4161948] - |A| - [30/07/2015 23:55:12] - (.-.) - [15.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DESKTOP-VRKVT78_Administrator_HistoryPrediction.bin [MD5.4A6FA3C0EFD237F104E09A22883D9388] - |A| - [12/04/2018 01:34:17] - (.-.) - [3.85 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DetailedReading-Default.xml [MD5.DCF2510E0745720E543E84F5E921FCC0] - |A| - [21/11/2014 00:56:29] - (.-.) - [256.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\dfpinc.dat [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [923.5 Ko] - C:\WINDOWS\System32\DiagSvcs [MD5.12ACC91FA93C8BF82D4EF3FB779ECEF8] - |A| - [12/04/2018 01:34:24] - (.-.) - [80.27 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:37] - [9773.77 Ko] - C:\WINDOWS\System32\Dism [MD5.0E2B7D35E3DDD21AF04FB4D98C2BCF7F] - |A| - [30/12/2015 23:52:34] - (.-.) - [308.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplayAudiox64.cab [MD5.6AB2B935BF38EB13CFCB9506223FD6E7] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.contrast-white.png [MD5.FF004E0B30E5E4EC747B3D8EF6E3B89E] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.png [MD5.59075B2A63DF6A568123218BF4DC2696] - |A| - [30/12/2015 23:52:34] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DPTopologyApp.exe.config [MD5.899E708E589C09700BFF1C73CB7D7002] - |A| - [30/12/2015 23:52:34] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DPTopologyAppv2_0.exe.config [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:37:59] - [100755.56 Ko] - C:\WINDOWS\System32\drivers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\DriverState [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:33] - [1143469.05 Ko] - C:\WINDOWS\System32\DriverStore [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [161.5 Ko] - C:\WINDOWS\System32\dsc [MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [12/04/2018 01:34:04] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicLong.bin [MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [12/04/2018 01:34:04] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicMedium.bin [MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [12/04/2018 01:34:04] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicShort.bin [MD5.08C33E4AB904EC0960B0781ED26AE039] - |A| - [12/04/2018 01:33:52] - (.-.) - [2.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\edgehtmlpluginpolicy.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [456.5 Ko] - C:\WINDOWS\System32\el-GR [MD5.84E262F362FD7E6DB6726405E239004C] - |A| - [11/11/2015 17:33:43] - (.-.) - [22.66 Ko] - (0.0.0.0) - C:\WINDOWS\System32\emptyregdb.dat [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:19:19] - [0 Ko] - C:\WINDOWS\System32\en [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [324 Ko] - C:\WINDOWS\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [2150.5 Ko] - C:\WINDOWS\System32\en-US [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [438.5 Ko] - C:\WINDOWS\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [358.5 Ko] - C:\WINDOWS\System32\es-MX [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [318.5 Ko] - C:\WINDOWS\System32\et-EE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29 Ko] - C:\WINDOWS\System32\eu-ES [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [17223.14 Ko] - C:\WINDOWS\System32\F12 [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28.5 Ko] - C:\WINDOWS\System32\fa-IR [MD5.BA1979B438A6CD4B458E082E524A5D4A] - |A| - [12/04/2018 01:34:04] - (.-.) - [1279.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FaceProcessor.dll [MD5.BBF29A467B7BA9F6CD1BFAD45CF1C52F] - |A| - [12/04/2018 01:34:04] - (.-.) - [530.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FaceProcessorCore.dll [MD5.BB0137476B1EC8B10CE944BF023C91F6] - |A| - [12/04/2018 01:34:04] - (.-.) - [1317.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FaceTrackerInternal.dll [MD5.4DED57BD7ACB9B0EBBE82034EC44645A] - |A| - [12/04/2018 01:34:41] - (.-.) - [43.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastBulldogImg.png [MD5.E65D2A37B6D4445D0CD9234BA933475B] - |A| - [12/04/2018 01:33:53] - (.-.) - [72.96 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastHeroImg.jpg [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [409 Ko] - C:\WINDOWS\System32\fi-FI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [32.5 Ko] - C:\WINDOWS\System32\fil-PH [MD5.01CD0128E39C2F42BE7FB9E5DAB98467] - |A| - [13/05/2018 10:22:04] - (.-.) - [262.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:19:19] - [3490 Ko] - C:\WINDOWS\System32\fr [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [369 Ko] - C:\WINDOWS\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [47325.38 Ko] - C:\WINDOWS\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [32.5 Ko] - C:\WINDOWS\System32\ga-IE [MD5.41FD64AE28A0C932CA7B2A250993D675] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.contrast-white.png [MD5.6DC77FD8B062264AF1C6DA325ABB7010] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.png [MD5.2E6AF4D5BF6E31E728F409984C3045D4] - |A| - [12/04/2018 01:34:39] - (.-.) - [86.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\gatherNetworkInfo.vbs [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [34 Ko] - C:\WINDOWS\System32\gd-GB [MD5.899E708E589C09700BFF1C73CB7D7002] - |A| - [30/12/2015 23:52:36] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Gfxv2_0.exe.config [MD5.59075B2A63DF6A568123218BF4DC2696] - |A| - [30/12/2015 23:52:36] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Gfxv4_0.exe.config [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [31 Ko] - C:\WINDOWS\System32\gl-ES [MD5.00000000000000000000000000000000] - |HD| - [22/08/2013 17:36:31] - [0.27 Ko] - C:\WINDOWS\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\WINDOWS\System32\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29 Ko] - C:\WINDOWS\System32\gu-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29 Ko] - C:\WINDOWS\System32\ha-Latn-NG [MD5.EA99A87E98D995DE6E280CF85CEAD413] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.contrast-white.png [MD5.B8E586ED92DB703FFA480E254996160E] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [327.5 Ko] - C:\WINDOWS\System32\he-IL [MD5.6E9E9D56B192B2995493E529CFF2BBFE] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.contrast-white.png [MD5.7F1E9502267F778F3A8139C35A352190] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.png [MD5.202A07E4526B050E22624328E64E0470] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.contrast-white.png [MD5.1892ACC10CAC009BCAC146AD650ABA58] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.png [MD5.031713BFD5F30E63336D3CA5D2767BE9] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.contrast-white.png [MD5.C1BD7976C99830E33A713D02374054EC] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.png [MD5.D6906D226393F94E7D8B3B2AC1E41D94] - |A| - [12/04/2018 01:34:10] - (.-.) - [247.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29 Ko] - C:\WINDOWS\System32\hi-IN [MD5.6F214A43904F9324B33E0E3E8AA43D41] - |A| - [24/04/2015 23:47:24] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [219 Ko] - (1.0.6428.0) - C:\WINDOWS\System32\HPToneCtrls64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [335 Ko] - C:\WINDOWS\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [416 Ko] - C:\WINDOWS\System32\hu-HU [MD5.E1712E7E7F912EC72EEDA318C3B25E25] - |A| - [12/04/2018 01:33:54] - (.-.) - [31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HvSocket.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [27.5 Ko] - C:\WINDOWS\System32\hy-AM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:24:11] - [278.87 Ko] - C:\WINDOWS\System32\hydrogen [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [5.36 Ko] - C:\WINDOWS\System32\ias [MD5.69EA6698680C130BB37C7CE74B70E583] - |A| - [03/05/2016 23:30:46] - (.-.) - [109.01 Ko] - (0.0.0.0) - C:\WINDOWS\System32\IccLibDll_x64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [36.27 Ko] - C:\WINDOWS\System32\icsxml [MD5.CD591279F103D5E02F84ABD7ED450E57] - |RA| - [12/04/2018 01:34:12] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1848 Ko] - (59.1.0.0) - C:\WINDOWS\System32\icuin.dll [MD5.4185EE055F39FD2D726A91E6A8A1A093] - |RA| - [12/04/2018 01:34:12] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1311.5 Ko] - (59.1.0.0) - C:\WINDOWS\System32\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28.5 Ko] - C:\WINDOWS\System32\id-ID [MD5.9615A9FCBECEB73A4B04611FA3CB58F7] - |A| - [24/04/2015 23:47:24] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [1778.5 Ko] - (1.0.6428.0) - C:\WINDOWS\System32\IDTNC64.cpl [MD5.4EE77402A1EC56CAAA459961CE7A507B] - |A| - [24/04/2015 23:47:24] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [7815.5 Ko] - (1.0.6428.0) - C:\WINDOWS\System32\IDTNGUI.exe [MD5.CF9F84CD7873B5FEB9FB4BFD90DB5929] - |A| - [24/04/2015 23:47:24] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [7825.5 Ko] - (1.0.6428.0) - C:\WINDOWS\System32\IDTNHP.dll [MD5.B53F2E40F542DB6F850FAF81BE8BCF1F] - |A| - [24/04/2015 23:47:24] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [248 Ko] - (1.0.6428.0) - C:\WINDOWS\System32\IDTNJ.exe [MD5.9F207BA9311C24BB925D6896F7B28EA9] - |A| - [24/04/2015 23:47:24] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [2163 Ko] - (1.0.6428.0) - C:\WINDOWS\System32\IDTNX.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [27 Ko] - C:\WINDOWS\System32\ig-NG [MD5.B6E428E02148357877B157CC0639DA9E] - |A| - [03/05/2016 23:30:44] - (.-.) - [175.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igdail64.dll [MD5.3E492F4CC8B2A725C51B68086593CCA1] - |A| - [03/05/2016 23:30:46] - (.-.) - [233.01 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igdde64.dll [MD5.8D48192378591B7020555BE0F2053F7D] - |A| - [03/05/2016 23:30:46] - (.Copyright (C) 2012-2013 - MDF(CM) Runtime DX11 Dynamic Link Library.) - [197.51 Ko] - (3.0.0.1284) - C:\WINDOWS\System32\igfx11cmrt64.dll [MD5.99381DBFE7D1EC55EBFFC818D5B4C261] - |A| - [03/05/2016 23:30:46] - (.Copyright (C) 2010 - 2013 - MDF(CM) JIT Dynamic Link Library.) - [1996.51 Ko] - (3.0.0.1284) - C:\WINDOWS\System32\igfxcmjit64.dll [MD5.FA1BC8B5D88A67BF5893BEB18729E0D8] - |A| - [03/05/2016 23:31:28] - (.Copyright (C) 2010 - 2013 - MDF(CM) Runtime Dynamic Link Library.) - [204.73 Ko] - (3.0.0.1284) - C:\WINDOWS\System32\igfxcmrt64.dll [MD5.BE8148B25062A0008741050DDC831CD3] - |A| - [03/05/2016 23:30:46] - (.-.) - [266.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igfxCPL.cpl [MD5.A93B4E0D9F460480D6273A3D77CBC41B] - |A| - [03/05/2016 23:30:46] - (.-.) - [101.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igfxCUIServicePS.dll [MD5.2645C797FA81819282FFA26F1B1743B2] - |A| - [03/05/2016 23:30:46] - (.-.) - [75.51 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxDHLib.dll [MD5.78D2D935BE4765FDB8161552F2522181] - |A| - [03/05/2016 23:30:46] - (.-.) - [85.01 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxDHLibv2_0.dll [MD5.C6B5714EE703CE75BF4CC2F0A068C7C2] - |A| - [03/05/2016 23:30:46] - (.-.) - [27.51 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxDILib.dll [MD5.B4607D004BAC24D0204FB60FC5A28D48] - |A| - [03/05/2016 23:30:46] - (.-.) - [27.51 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxDILibv2_0.dll [MD5.BDB7715B7121BAC65B49ED1A20EB4762] - |A| - [03/05/2016 23:30:46] - (.-.) - [27.01 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxEMLib.dll [MD5.DC09F79852DFE9A957ADC4A917AAE29D] - |A| - [03/05/2016 23:30:46] - (.-.) - [27.01 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxEMLibv2_0.dll [MD5.CE12AB540A39C6D695DD556118150A2D] - |A| - [03/05/2016 23:30:46] - (.-.) - [22.01 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxLHMLib.dll [MD5.26D5D96A154CA199F3F11DCE1242B29F] - |A| - [03/05/2016 23:30:46] - (.-.) - [22.01 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxLHMLibv2_0.dll [MD5.6C0F36ABFE80433B352FA7748ED887BF] - |A| - [30/12/2015 23:52:52] - (.-.) - [2748 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxa64.cpa [MD5.2FCCF7939D4D3F392AB3C0F5F40039DD] - |A| - [30/12/2015 23:52:52] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxa64.vp [MD5.B226B85123619EF1394339C1B5EB5A8D] - |A| - [30/12/2015 23:52:52] - (.-.) - [42.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxc64.vp [MD5.55C71EDC47B57E5115B40095EEC9E205] - |A| - [30/12/2015 23:52:52] - (.-.) - [42.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxc64_dev.vp [MD5.94ED4F871997E5DFC610DC1649C38911] - |A| - [30/12/2015 23:52:52] - (.-.) - [42.24 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxg64.vp [MD5.04590E9E52E13EF34B2AA02C7EA2431B] - |A| - [30/12/2015 23:52:52] - (.-.) - [42.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxg64_dev.vp [MD5.3B6EF4F03F2DE75A3B7DDF627A3EC146] - |A| - [30/12/2015 23:52:52] - (.-.) - [42.99 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxo64.vp [MD5.715DBDBED4599E798F94EDF6003F75B6] - |A| - [30/12/2015 23:52:52] - (.-.) - [41.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxo64_dev.vp [MD5.6E9392C7BC5A96AAC89882D910A6F2AD] - |A| - [30/12/2015 23:52:52] - (.-.) - [2.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxs64.vp [MD5.67B646C256190F118619C9D10AAE4B5C] - |A| - [12/04/2018 01:34:04] - (.-.) - [168 Ko] - (0.0.0.0) - C:\WINDOWS\System32\IHDS.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [25220 Ko] - C:\WINDOWS\System32\IME [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\inetsrv [MD5.BB1480586B5C174900A1051CEB2B462F] - |A| - [12/04/2018 01:34:12] - (.-.) - [480.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [6766 Ko] - C:\WINDOWS\System32\InputMethod [MD5.8DE9AE82152650C178BF1E24014E8503] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.contrast-white.png [MD5.0B9FBD6F3ED617CD36D042D3422F1C2B] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.png [MD5.3FF007DCE48038E858DA50353324D50D] - |A| - [03/05/2016 23:30:46] - (.Copyright © The Khronos Group Inc 2011 - OpenCL Client DLL.) - [79.51 Ko] - (1.2.11.0) - C:\WINDOWS\System32\Intel_OpenCL_ICD64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\Ipmi [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29 Ko] - C:\WINDOWS\System32\is-IS [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [437 Ko] - C:\WINDOWS\System32\it-IT [MD5.289BD7053FE907BD5059AEF4694D334C] - |A| - [24/04/2015 00:28:28] - (.Copyright (C) - JMCR ICON DLL.) - [198.59 Ko] - (1.0.0.3) - C:\WINDOWS\System32\jmcricon.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28.5 Ko] - C:\WINDOWS\System32\ka-GE [MD5.23AC7515B6D8A794BCC01B582F044078] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.contrast-white.png [MD5.3DF873E16CCEA9B42857FB5FA085CB00] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28.5 Ko] - C:\WINDOWS\System32\kk-KZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28 Ko] - C:\WINDOWS\System32\km-KH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [31.5 Ko] - C:\WINDOWS\System32\kn-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [301 Ko] - C:\WINDOWS\System32\ko-KR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29 Ko] - C:\WINDOWS\System32\kok-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29.5 Ko] - C:\WINDOWS\System32\ku-Arab-IQ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30 Ko] - C:\WINDOWS\System32\ky-KG [MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [12/04/2018 01:34:04] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LargeRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [33 Ko] - C:\WINDOWS\System32\lb-LU [MD5.4F5120E44845A78D5920D2F0BDE0340F] - |A| - [12/04/2018 18:23:31] - (.-.) - [1953 Ko] - (2.6.4.0) - C:\WINDOWS\System32\libcrypto.dll [MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [12/04/2018 01:35:23] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\WINDOWS\System32\manage-bde.wsf [MD5.9F46840758431946CA096F8096B016B4] - |A| - [13/06/2018 21:54:01] - (.-.) - [790 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MBR2GPT.EXE [MD5.F23EB28468FC8B62AF941308EC30387F] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.contrast-white.png [MD5.6E27512E38D598E0A60F8E5ADCF032CD] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.png [MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [12/04/2018 01:34:04] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediumRoom.bin [MD5.D225B2044789A6059344503C1AE33347] - |A| - [12/04/2018 01:34:29] - (.-.) - [3.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\mmc.exe.config [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30.5 Ko] - C:\WINDOWS\System32\mn-MN [MD5.BFCAC401B7FB654756E39BB4A536B934] - |A| - [23/07/2013 14:25:50] - (.Copyright (C) Motorola Inc 2006 - Class-Installer DLL for Motorola USB Devices.) - [15.25 Ko] - (1.1.0.0) - C:\WINDOWS\System32\mot_ci.dll [MD5.B43E43FFFDD0F06A6925C7C89594042B] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.contrast-white.png [MD5.5D2F0D3E50BF1129D260AC1405FF2A18] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29.5 Ko] - C:\WINDOWS\System32\mr-IN [MD5.00000000000000000000000000000000] - |D| - [25/04/2015 19:07:53] - [0 Ko] - C:\WINDOWS\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30 Ko] - C:\WINDOWS\System32\ms-MY [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [45.5 Ko] - C:\WINDOWS\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [4340.28 Ko] - C:\WINDOWS\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [31 Ko] - C:\WINDOWS\System32\mt-MT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [19.15 Ko] - C:\WINDOWS\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [34.35 Ko] - C:\WINDOWS\System32\my-mm [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [398 Ko] - C:\WINDOWS\System32\nb-NO [MD5.2B2ACEEAA42B3AFA1BA86587F0191D90] - |A| - [24/04/2015 23:47:24] - (.-.) - [17.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nbspkrs.ico [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [512 Ko] - C:\WINDOWS\System32\NDF [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [31.5 Ko] - C:\WINDOWS\System32\ne-NP [MD5.19A6ED270159F0F622AFD02AAFC7D12B] - |A| - [19/07/2017 00:15:06] - (.-.) - [131.81 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetSetupMig.log [MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [12/04/2018 01:34:39] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [51 Ko] - C:\WINDOWS\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [427 Ko] - C:\WINDOWS\System32\nl-NL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28.5 Ko] - C:\WINDOWS\System32\nn-NO [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30.5 Ko] - C:\WINDOWS\System32\nso-ZA [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [3781.5 Ko] - C:\WINDOWS\System32\Nui [MD5.1F8E72D18D9DF680D0E0E5AA10ECA760] - |A| - [12/04/2018 01:38:28] - (.-.) - [16.94 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OEMDefaultAssociations.xml [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-black.png [MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-white.png [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [15999.14 Ko] - C:\WINDOWS\System32\oobe [MD5.2AD7B4F3C8D2BB686D231EDFF404B7A4] - |A| - [15/06/2016 23:20:39] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [120.02 Ko] - (6.14.357.24) - C:\WINDOWS\System32\OpenAL32.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:32] - [3834.5 Ko] - C:\WINDOWS\System32\OpenSSH [MD5.7EBF6D0A6768458463DE0932507BEE1A] - |A| - [02/08/2012 01:53:14] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenVideo 1.1 Runtime.) - [74 Ko] - (10.0.938.2) - C:\WINDOWS\System32\OpenVideo64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [32.5 Ko] - C:\WINDOWS\System32\or-IN [MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [12/04/2018 01:34:04] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OutdoorAudioEnvironment.bin [MD5.DBBCBF114B0F13E7CD4A2ED6810927EB] - |A| - [02/08/2012 01:53:02] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OVDecode 1.1 Runtime.) - [62 Ko] - (10.0.938.2) - C:\WINDOWS\System32\OVDecode64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28.5 Ko] - C:\WINDOWS\System32\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30 Ko] - C:\WINDOWS\System32\pa-IN [MD5.652F1F54E573AF4D59E0AE658376D077] - |A| - [17/08/2015 13:23:01] - (.Copyright © 2005-2010 CACE Technologies. Copyright © 1999-2005 NetGroup, Politecnico di Torino. - packet.dll (Vista) Dynamic Link Library.) - [103.52 Ko] - (4.1.0.2001) - C:\WINDOWS\System32\packet.dll [MD5.0CD57DAD990877F4518BBB607B23821B] - |A| - [12/10/2011 01:55:48] - (.-.) - [208.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PassThroughOTP.dll [MD5.6A28189FC524572F9CE3AC1D79BBB197] - |A| - [12/10/2011 01:55:48] - (.-.) - [0.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PassThroughOTP.dll.hpsign [MD5.2164BDC5EFA9823F109CCD70AF62C9C5] - |A| - [18/08/2017 18:42:50] - (.-.) - [226.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\pca-manta.bin [MD5.874B0871DA3EC061D1BF30423C1E165B] - |A| - [12/04/2018 01:34:43] - (.-.) - [48.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerceptionSimulationInput.exe [MD5.F85036EA492BF014196B0D1A423CE694] - |A| - [12/04/2018 01:40:29] - (.-.) - [130.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc009.dat [MD5.D6C69C764AEE88A59F10DABD6B0D1476] - |A| - [12/04/2018 18:19:23] - (.-.) - [146.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc00C.dat [MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [12/04/2018 01:40:29] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd009.dat [MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [12/04/2018 18:19:23] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd00C.dat [MD5.E36F8B62E9E28C54110308F07552C13E] - |A| - [12/04/2018 01:40:29] - (.-.) - [684.57 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh009.dat [MD5.C0F7FCC380E21B9CCB94A606A7471C91] - |A| - [12/04/2018 18:19:23] - (.-.) - [773.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh00C.dat [MD5.24233E741D1D3F1E2BC9FCA613607B8E] - |A| - [13/05/2018 10:27:07] - (.-.) - [1728.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerfStringBackup.INI [MD5.79D34E3B62076D4C875C748F5BE71ECA] - |A| - [12/04/2018 01:34:02] - (.-.) - [2.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.contrast-white.png [MD5.4D9495349D00D9AD907F227FF51F289F] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.92 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [424.5 Ko] - C:\WINDOWS\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [682 Ko] - C:\WINDOWS\System32\PointOfService [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:19:20] - [420.74 Ko] - C:\WINDOWS\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\ProximityToast [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30.5 Ko] - C:\WINDOWS\System32\prs-AF [MD5.007893E8374C766471239EB291BA8C17] - |A| - [12/04/2018 01:34:40] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [427 Ko] - C:\WINDOWS\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [422 Ko] - C:\WINDOWS\System32\pt-PT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [32.5 Ko] - C:\WINDOWS\System32\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30.5 Ko] - C:\WINDOWS\System32\quz-PE [MD5.631CDDD1844BDC24200C5E3A1B4FC1B5] - |A| - [23/09/2016 14:47:27] - (.-.) - [1.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RaCoInst.log [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [23.75 Ko] - C:\WINDOWS\System32\ras [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\RasToast [MD5.5BBEA6A833CAE2CAB5E400D757998BBF] - |A| - [13/05/2018 11:16:20] - (.-.) - [1907.5 Ko] - (1.0.1802.7001) - C:\WINDOWS\System32\rdpnano.dll [MD5.0BF1E2262C95164A0B244174167FBD85] - |A| - [12/04/2018 01:35:13] - (.Copyright (C) 2009 - RemoteFX Helper.) - [104.5 Ko] - (1.1.0.0) - C:\WINDOWS\System32\RDVGHelper.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [526382.6 Ko] - C:\WINDOWS\System32\Recovery [MD5.826549DF7B1333179BA8CA939B12DAD3] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.contrast-white.png [MD5.B4DEEC96F9DF6961D5DE054F11BF9C2B] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.png [MD5.45B13DCD38BD8D5400FCAD7488B3A776] - |A| - [30/12/2015 23:53:10] - (.-.) - [161.07 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resARA.cui [MD5.6659852D082515116691907217EE12CF] - |A| - [30/12/2015 23:53:10] - (.-.) - [145.57 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resCHS.cui [MD5.4C753D32EE16231059379157A5F13EB2] - |A| - [30/12/2015 23:53:10] - (.-.) - [146.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resCHT.cui [MD5.7EE04EA51220641630C60B6C1D381766] - |A| - [30/12/2015 23:53:10] - (.-.) - [152.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resCSY.cui [MD5.7500547A42B144BAECCF3FB2F8C394AC] - |A| - [30/12/2015 23:53:10] - (.-.) - [149.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resDAN.cui [MD5.90B669D2378C6C604C66E7A3EF10A30E] - |A| - [30/12/2015 23:53:10] - (.-.) - [154.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resDEU.cui [MD5.02233DAB3FA1D7E0D29E4A92E39B27EA] - |A| - [30/12/2015 23:53:10] - (.-.) - [179.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resELL.cui [MD5.2A494F1A69642804A69EEC07B1961DDA] - |A| - [30/12/2015 23:53:10] - (.-.) - [148.13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resENU.cui [MD5.93BFE18055C725BE62F326BF21A8BBEE] - |A| - [30/12/2015 23:53:10] - (.-.) - [153.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resESN.cui [MD5.D2DC0F286A18CD604D614796EEF43DD7] - |A| - [30/12/2015 23:53:10] - (.-.) - [151.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resFIN.cui [MD5.DF222231EEB1A30C571C939E8D093B3E] - |A| - [30/12/2015 23:53:10] - (.-.) - [155.97 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resFRA.cui [MD5.6CFDEC7F925B4FB7B790691604CB45D8] - |A| - [30/12/2015 23:53:10] - (.-.) - [160.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resHEB.cui [MD5.7D71A8DA29E4793E4903A69F7E1904DB] - |A| - [30/12/2015 23:53:10] - (.-.) - [151.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resHRV.cui [MD5.2E20C34A1C4187F74B595095E588B661] - |A| - [30/12/2015 23:53:10] - (.-.) - [155.99 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resHUN.cui [MD5.C4635F995A560E940CB53D856C4C2262] - |A| - [30/12/2015 23:53:10] - (.-.) - [154.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resITA.cui [MD5.0B3FF7F09EE2F2CB46E5A6666295E8F4] - |A| - [30/12/2015 23:53:10] - (.-.) - [160.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resJPN.cui [MD5.7A746D9E4CE17816EF79A9D281549C9C] - |A| - [30/12/2015 23:53:10] - (.-.) - [154.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resKOR.cui [MD5.F437178473513F674448DDD563E21EC6] - |A| - [30/12/2015 23:53:10] - (.-.) - [153.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resNLD.cui [MD5.C0E4A8CD76BAF7E34DD884C2B11F9157] - |A| - [30/12/2015 23:53:10] - (.-.) - [149.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resNOR.cui [MD5.8DA2EE8AF3BA9795D5858A03419E2582] - |A| - [30/12/2015 23:53:10] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resPLK.cui [MD5.93915F385A4EED6C0FBEE364EA90CE56] - |A| - [12/04/2018 01:34:43] - (.-.) - [9.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageList [MD5.39A2449AFF6ABAD80B97EA7C7CEB3F8E] - |A| - [12/04/2018 01:34:43] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageList [MD5.7FF2CC47007D028C70D260CD3BE3A3E9] - |A| - [30/12/2015 23:53:10] - (.-.) - [152.57 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resPTB.cui [MD5.53BC9C2E21EFB2F6383316B8F7E49B5E] - |A| - [30/12/2015 23:53:10] - (.-.) - [152.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resPTG.cui [MD5.DD636076410053695210D7FE335B4612] - |A| - [30/12/2015 23:53:10] - (.-.) - [153.97 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resROM.cui [MD5.D49A6F32AF0C0CACD3E28011752CD7BB] - |A| - [30/12/2015 23:53:10] - (.-.) - [175.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resRUS.cui [MD5.BE427823C85F7356B08F87D7A3652A0F] - |A| - [30/12/2015 23:53:10] - (.-.) - [153.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resSKY.cui [MD5.790ABA99CCCA436A7F14BED99054676C] - |A| - [30/12/2015 23:53:10] - (.-.) - [150.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resSLV.cui [MD5.B61D17AB060B76EF699D5C561DF5937D] - |A| - [30/12/2015 23:53:10] - (.-.) - [151 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resSVE.cui [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-black.png [MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-white.png [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.png [MD5.F92CD71D1F33737C1B44520A4FA46F41] - |A| - [30/12/2015 23:53:10] - (.-.) - [186.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resTHA.cui [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0.07 Ko] - C:\WINDOWS\System32\restore [MD5.6811F7D1D1DD791AD5EF4B34021DDA41] - |A| - [30/12/2015 23:53:10] - (.-.) - [152.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resTRK.cui [MD5.F915DC620051D23B18FCD61AC6774A47] - |A| - [23/04/2015 23:38:46] - (.-.) - [15.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\results.xml [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [342 Ko] - C:\WINDOWS\System32\ro-RO [MD5.6053F2C2C3E771F77E4255BA013307A7] - |A| - [15/07/2015 23:35:26] - (.Copyright (C) 2010 - ResourceDLL.) - [400.32 Ko] - (1.3.2.0) - C:\WINDOWS\System32\rsnp2uvc.dll [MD5.0F0CE558A9D992E8E0336E6ACB3FAF85] - |A| - [12/04/2018 01:34:04] - (.-.) - [51.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\runexehelper.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29.5 Ko] - C:\WINDOWS\System32\rw-RW [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [12/04/2018 01:35:22] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScavengeSpace.xml [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-black.png [MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-white.png [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30 Ko] - C:\WINDOWS\System32\sd-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [6.92 Ko] - C:\WINDOWS\System32\SecureBootUpdates [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [12/04/2018 01:34:39] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\settings.dat [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [2246 Ko] - C:\WINDOWS\System32\ShellExperiences [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [53.2 Ko] - C:\WINDOWS\System32\si-lk [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [339 Ko] - C:\WINDOWS\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [335.5 Ko] - C:\WINDOWS\System32\sl-SI [MD5.612C713CF5E2224213BD03FF9D7B3545] - |A| - [24/04/2015 23:47:24] - (.(c) 2010 SRS Labs, Inc. - SRS APO COM Interface.) - [453.5 Ko] - (1.1.3.0) - C:\WINDOWS\System32\slapoi64.dll [MD5.00000000000000000000000000000000] - |D| - [13/05/2018 10:22:05] - [24903.99 Ko] - C:\WINDOWS\System32\SleepStudy [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:19:20] - [52.14 Ko] - C:\WINDOWS\System32\slmgr [MD5.5DA94C1082B9331928DFC87F5E13EAB2] - |A| - [23/01/2012 13:15:14] - (.- SlotMaximizerAg.dll.) - [120 Ko] - (1.0.2.32) - C:\WINDOWS\System32\SlotMaximizerAg.dll [MD5.E93999885EA5519A5D4B1EEF6EA448B3] - |A| - [23/01/2012 13:15:14] - (.- SlotMaximizerBe.dll.) - [2420.5 Ko] - (1.0.2.32) - C:\WINDOWS\System32\SlotMaximizerBe.dll [MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [12/04/2018 01:34:04] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:33] - [13385.02 Ko] - C:\WINDOWS\System32\SMI [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-black.png [MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-white.png [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.png [MD5.DE3EAAF17BC934C77C4FC0C626EEA03B] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.contrast-white.png [MD5.3308374DB8D20CFDA4D4204E2B5E559E] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.png [MD5.3C238A27DD48D63F21CBB8AE6E4210BD] - |A| - [12/04/2018 01:34:41] - (.-.) - [37 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpectrumSyncClient.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [7505.4 Ko] - C:\WINDOWS\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [12278.17 Ko] - C:\WINDOWS\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [130076.11 Ko] - C:\WINDOWS\System32\spool [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [12855.34 Ko] - C:\WINDOWS\System32\spp [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [23.61 Ko] - C:\WINDOWS\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30.5 Ko] - C:\WINDOWS\System32\sq-AL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29.5 Ko] - C:\WINDOWS\System32\sr-Cyrl-BA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29.5 Ko] - C:\WINDOWS\System32\sr-Cyrl-RS [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 13:47:48] - [0 Ko] - C:\WINDOWS\System32\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [456.93 Ko] - C:\WINDOWS\System32\sr-Latn-RS [MD5.2E00E08420875FAE0B173C6A34C2A575] - |A| - [13/06/2018 21:54:00] - (.-.) - [18.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms-apr.dat [MD5.7E1751B71990C70D1AC08BD7983E6594] - |A| - [12/04/2018 01:34:35] - (.-.) - [56.94 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms.dat [MD5.8DCCD24E011A1BA20702E101F597CE61] - |A| - [13/06/2012 08:45:20] - (.-.) - [10.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SROF.dll [MD5.00000000000000000000000000000000] - |D| - [19/07/2017 00:15:41] - [3133.66 Ko] - C:\WINDOWS\System32\SRSLabs [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [44888 Ko] - C:\WINDOWS\System32\sru [MD5.BC8F563F38C2EA6C4CF72622405D4700] - |A| - [24/04/2015 23:47:24] - (.-.) - [31.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SS13&14.xml [MD5.8A02EF186BDC952CA75EFA689EC4F275] - |A| - [12/04/2018 01:34:04] - (.-.) - [434 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ssdm.dll [MD5.088418BD7475E333CFAB8303BFF9BCB8] - |A| - [23/04/2015 23:25:05] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [250 Ko] - (1.0.6435.0) - C:\WINDOWS\System32\st646435.dll [MD5.9911652E0F4B7C5D28EE45CBBB696194] - |N| - [23/04/2015 23:25:05] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [656.5 Ko] - (1.0.6428.0) - C:\WINDOWS\System32\stapi64.dll [MD5.11D7B576458527363EC54FFACD2DBFD1] - |A| - [23/04/2015 23:25:05] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [2137.5 Ko] - (1.0.6428.0) - C:\WINDOWS\System32\stapo64.dll [MD5.AB51B81CCE6EA0A6C27ECEC927E64149] - |A| - [23/04/2015 23:25:06] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [487.5 Ko] - (1.0.6428.0) - C:\WINDOWS\System32\stcplx64.dll [MD5.C54A7A7F1E90E40B2000FAEECD452F45] - |A| - [24/04/2015 23:47:24] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [5959 Ko] - (1.0.6428.0) - C:\WINDOWS\System32\stlang64.dll [MD5.00000000000000000000000000000000] - |D| - [03/05/2018 21:29:05] - [153 Ko] - C:\WINDOWS\System32\STRING [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [406 Ko] - C:\WINDOWS\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29 Ko] - C:\WINDOWS\System32\sw-KE [MD5.20C4FE2B130D9F0C92D7629E71AFBB66] - |A| - [12/04/2018 01:35:10] - (.-.) - [1.68 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SyncAppvPublishingServer.vbs [MD5.70AF63C21B7756BF207341D83CD98BF4] - |A| - [19/08/2017 02:00:56] - (.Copyright (C) Synaptics Incorporated 1996-2017 - SynCOM.) - [760.59 Ko] - (19.0.19.63) - C:\WINDOWS\System32\SynCOM.dll [MD5.2776966BE8FC837717377323F079FDDB] - |A| - [19/08/2017 02:01:14] - (.Copyright (C) Synaptics Incorporated 1996-2017 - SynTPAPI.) - [271.09 Ko] - (19.0.19.63) - C:\WINDOWS\System32\SynTPAPI.dll [MD5.72BC34B385EDAC57992E4D7B816929E2] - |A| - [03/07/2015 05:52:12] - (.Copyright (C) Synaptics Incorporated 1996-2015 - Synaptics Pointing Device Driver Co-Installer.) - [249.7 Ko] - (19.0.12.0) - C:\WINDOWS\System32\SynTPCo31.dll [MD5.0CFD80F125D938BDBE7D12689166BB0C] - |A| - [19/08/2017 02:01:18] - (.Copyright (C) Synaptics Incorporated 1996-2017 - Synaptics Pointing Device Driver Co-Installer.) - [283.59 Ko] - (19.0.19.63) - C:\WINDOWS\System32\SynTPCo35-02.dll [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:37] - [1403.22 Ko] - C:\WINDOWS\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [923.28 Ko] - C:\WINDOWS\System32\SystemResetPlatform [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [44.73 Ko] - C:\WINDOWS\System32\ta-in [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [10.73 Ko] - C:\WINDOWS\System32\ta-lk [MD5.9CD66B93520B6DD13C71EAEF487D7899] - |A| - [12/04/2018 01:34:16] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [49 Ko] - (3.3.2.0) - C:\WINDOWS\System32\tar.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [645.74 Ko] - C:\WINDOWS\System32\Tasks [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [614.39 Ko] - C:\WINDOWS\System32\Tasks_Migrated [MD5.1C72A12766A5EE7B09DEFBEDE5C9DE4A] - |A| - [13/06/2018 21:54:00] - (.-.) - [1.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcbres.wim [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [12/04/2018 01:34:33] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30 Ko] - C:\WINDOWS\System32\te-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [32 Ko] - C:\WINDOWS\System32\tg-Cyrl-TJ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [308.5 Ko] - C:\WINDOWS\System32\th-TH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [22.5 Ko] - C:\WINDOWS\System32\ti-ET [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [27.5 Ko] - C:\WINDOWS\System32\tk-TM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [32.5 Ko] - C:\WINDOWS\System32\tn-ZA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [397 Ko] - C:\WINDOWS\System32\tr-TR [MD5.B88B8D017386A00D7724519F475317A0] - |A| - [12/04/2018 01:34:44] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [12/04/2018 01:34:44] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlanCredentials.xslt [MD5.23BA372A3EF56A3569408E1E6DC3B66A] - |A| - [14/08/2012 11:41:40] - (.-.) - [1.36 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tsinfo.htm [MD5.5D016EDBBE2374778CC5003354B05C18] - |A| - [14/08/2012 11:41:40] - (.-.) - [1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tssms.htm [MD5.E9A4F64DC1270547D8F607AE54577B98] - |A| - [14/08/2012 11:41:40] - (.Copyright 2007 - TS_IExplorer Module.) - [83 Ko] - (1.0.0.1) - C:\WINDOWS\System32\TS_IExplorer.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28.5 Ko] - C:\WINDOWS\System32\tt-RU [MD5.D200497DD3A24F138123F0EB6C385D1D] - |A| - [12/04/2018 01:35:10] - (.-.) - [0.14 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UevAppMonitor.exe.config [MD5.4AAEE8D86EC81DA2A1514ABC77E71F57] - |A| - [12/04/2018 01:35:10] - (.-.) - [3.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UevCustomActionTypes.tlb [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28 Ko] - C:\WINDOWS\System32\ug-CN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [334.5 Ko] - C:\WINDOWS\System32\uk-UA [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [2716.9 Ko] - C:\WINDOWS\System32\UNP [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29.5 Ko] - C:\WINDOWS\System32\ur-PK [MD5.5B0D59652F66ABB715DC53C312B26BD0] - |A| - [12/04/2018 01:34:14] - (.-.) - [37 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UsbPmApi.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [32 Ko] - C:\WINDOWS\System32\uz-Latn-UZ [MD5.F9A6AD38EB67BADFA3D6FB85BAD9FE81] - |A| - [12/09/2013 05:48:30] - (.Copyright © 2006-2013, Validity Sensors, Inc. - Validity VCS Extended API Library.) - [4839.89 Ko] - (4.5.133.0) - C:\WINDOWS\System32\vcsAPIShared.dll [MD5.83CB261053867ACF5A9EF3DD6D204B94] - |A| - [23/09/2013 03:22:12] - (.-.) - [0.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vcsAPIShared.dll.hpsign [MD5.C54FBABBA2B468BA09C49E0FC3DE30F5] - |A| - [12/09/2013 04:28:38] - (.Copyright © 2006-2013, Validity Sensors, Inc. - Validity VCS Event Message Library for Windows.) - [10 Ko] - (4.5.133.0) - C:\WINDOWS\System32\vcsEventMsg.dll [MD5.2A4070AF8A1674161905D8D0264423DC] - |A| - [12/09/2013 04:41:02] - (.Copyright © 2006-2013, Validity Sensors, Inc. - Validity Sensors Fingerprint Service.) - [3145.89 Ko] - (4.5.133.0) - C:\WINDOWS\System32\vcsFPService.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [31.5 Ko] - C:\WINDOWS\System32\vi-VN [MD5.311FBD42D210FF3289CF244106E96AD4] - |A| - [15/07/2015 23:35:26] - (.Copyright (C) 2010 - camext20.) - [378.82 Ko] - (1.8.0.1) - C:\WINDOWS\System32\vsnp2uvc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [95291.2 Ko] - C:\WINDOWS\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:19:20] - [0 Ko] - C:\WINDOWS\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [112920.38 Ko] - C:\WINDOWS\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [12/04/2018 01:34:19] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [31/07/2015 00:42:06] - [0 Ko] - C:\WINDOWS\System32\wfp [MD5.39B36FC36B577FDD2CDCDDD1C6D1D422] - |A| - [10/09/2015 07:58:39] - (.-.) - [15.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WIN-QRM73VC4CP6_Administrator_HistoryPrediction.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [1.12 Ko] - C:\WINDOWS\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [44134.61 Ko] - C:\WINDOWS\System32\WinBioPlugIns [MD5.9FB33FC28587B322B6563F73A8F0CBBD] - |A| - [12/04/2018 01:34:10] - (.-.) - [123 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [14.53 Ko] - C:\WINDOWS\System32\WindowsInternal.Inbox.Media.Shared [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [27.59 Ko] - C:\WINDOWS\System32\WindowsInternal.Inbox.Shared [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [11054.4 Ko] - C:\WINDOWS\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [120848 Ko] - C:\WINDOWS\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [5569.42 Ko] - C:\WINDOWS\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:19:20] - [107.53 Ko] - C:\WINDOWS\System32\winrm [MD5.00000000000000000000000000000000] - |HD| - [25/04/2015 00:21:14] - [0.05 Ko] - C:\WINDOWS\System32\WLANProfiles [MD5.A2473CC88ABA67391CE7929E5C69E767] - |A| - [17/08/2015 13:23:01] - (.Copyright © 2005-2010 CACE Technologies. Copyright © 1999-2005 NetGroup, Politecnico di Torino. - wpcap.dll Dynamic Link Library - based on libpcap 1.0rel0b branch (20091008).) - [360.52 Ko] - (4.1.0.2001) - C:\WINDOWS\System32\wpcap.dll [MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [12/04/2018 01:34:42] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcmon.png [MD5.A853BF78DA5ED707FC4430FBEA74CC15] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpr.config.xml [MD5.549347BCD4AACD63243D78E8F869DBB1] - |A| - [15/06/2016 23:20:39] - (.Copyright © 2008 - OpenAL32.) - [455.52 Ko] - (2.2.0.5) - C:\WINDOWS\System32\wrap_oal.dll [MD5.DE198ABE13B6E663E60E006E17CF68B1] - |A| - [12/04/2018 01:34:06] - (.-.) - [79.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30 Ko] - C:\WINDOWS\System32\xh-ZA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29 Ko] - C:\WINDOWS\System32\yo-NG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [290.49 Ko] - C:\WINDOWS\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 13:47:48] - [6.5 Ko] - C:\WINDOWS\System32\zh-HK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [255 Ko] - C:\WINDOWS\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30 Ko] - C:\WINDOWS\System32\zu-ZA [MD5.CB136B267569A62EF63D798BC90ABD5A] - |A| - [24/04/2015 00:05:15] - (.-.) - [0.14 Ko] - (0.0.0.0) - C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat [MD5.9F45771914360A925252A1B7226EC7EC] - |A| - [23/04/2015 23:38:34] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:19:20] - [0 Ko] - C:\WINDOWS\SysWOW64\0409 [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [12/04/2018 01:34:49] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [12/04/2018 01:34:48] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [12/04/2018 01:34:59] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@VpnToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [12/04/2018 01:34:49] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@WirelessDisplayToast.png [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:41] - [1900.9 Ko] - C:\WINDOWS\SysWOW64\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29.5 Ko] - C:\WINDOWS\SysWOW64\af-ZA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [22 Ko] - C:\WINDOWS\SysWOW64\am-ET [MD5.40C05CB8BB06266A4F1C6A78F9B72FC0] - |A| - [02/08/2012 01:52:06] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 1.1 Runtime.) - [12708.5 Ko] - (10.0.938.2) - C:\WINDOWS\SysWOW64\amdocl.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [326.5 Ko] - C:\WINDOWS\SysWOW64\ar-SA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30.5 Ko] - C:\WINDOWS\SysWOW64\as-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30 Ko] - C:\WINDOWS\SysWOW64\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29.5 Ko] - C:\WINDOWS\SysWOW64\be-BY [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [324 Ko] - C:\WINDOWS\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28.5 Ko] - C:\WINDOWS\SysWOW64\bn-BD [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29.5 Ko] - C:\WINDOWS\SysWOW64\bn-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28.5 Ko] - C:\WINDOWS\SysWOW64\bs-Latn-BA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0.1 Ko] - C:\WINDOWS\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30.5 Ko] - C:\WINDOWS\SysWOW64\ca-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [31 Ko] - C:\WINDOWS\SysWOW64\ca-ES-valencia [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot [MD5.8B14367B22C376FB8CDEE6666798F844] - |A| - [12/05/2016 00:27:42] - (.Copyright © 2001-2015 GoPro Inc. - CineForm VFW CODEC.) - [1093.5 Ko] - (9.2.1.690) - C:\WINDOWS\SysWOW64\CFHD.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [23 Ko] - C:\WINDOWS\SysWOW64\chr-CHER-US [MD5.EAD9B9B98682111CC54B4A2979440E6C] - |A| - [03/05/2018 21:24:13] - (.-.) - [86.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CNC176ED.TBL [MD5.EC6626695C7B02FEB4D528D27F48DE93] - |A| - [03/05/2018 21:24:13] - (.Copyright CANON INC. 2013 All Rights Reserved - LLD.) - [314 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\CNC_BVL.dll [MD5.D16CF34B17899F90A8FCF2A3F77B4A27] - |A| - [03/05/2018 21:24:13] - (.Copyright CANON INC. 2007-2008 All Rights Reserved - Canon Device Dependent Informations for Scanner Library.) - [15.5 Ko] - (1.4.1.1) - C:\WINDOWS\SysWOW64\CNHMCA.dll [MD5.6975FBEBF9EA81617D289A375C8A768C] - |A| - [03/05/2018 21:29:05] - (.Copyright CANON INC. 2003-2013 All Rights Reserved - Canon IJ Network 32bit comm Module.) - [358 Ko] - (3.3.0.30) - C:\WINDOWS\SysWOW64\CNMNPPM.DLL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [320.5 Ko] - C:\WINDOWS\SysWOW64\com [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [13577.97 Ko] - C:\WINDOWS\SysWOW64\config [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [53.11 Ko] - C:\WINDOWS\SysWOW64\Configuration [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [382 Ko] - C:\WINDOWS\SysWOW64\cs-CZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [31.5 Ko] - C:\WINDOWS\SysWOW64\cy-GB [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [379 Ko] - C:\WINDOWS\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [430.5 Ko] - C:\WINDOWS\SysWOW64\de-DE [MD5.946F12C4277ADEA081462BCE36961F4C] - |A| - [28/11/2011 21:53:06] - (.Copyright (C) 2011 - TODO: <File description>.) - [42.06 Ko] - (1.0.0.3) - C:\WINDOWS\SysWOW64\DebugLevel.dll [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [12/04/2018 01:34:46] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\DefaultAccountTile.png [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [205 Ko] - C:\WINDOWS\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [7783.23 Ko] - C:\WINDOWS\SysWOW64\Dism [MD5.78AA5371E637E9FC5AF940DB2C470DEA] - |A| - [26/10/2012 13:50:30] - (.Copyright © DigitalPersona, Inc. 2009-2012 - DPFPApi functions.) - [444.37 Ko] - (5.4.0.1824) - C:\WINDOWS\SysWOW64\DPFPApi.dll [MD5.C3B8629535F12C3C6D1A04059C02BCEB] - |A| - [26/10/2012 13:50:30] - (.-.) - [0.25 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\DPFPApi.dll.hpsign [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [3450.74 Ko] - C:\WINDOWS\SysWOW64\drivers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0.32 Ko] - C:\WINDOWS\SysWOW64\DriverStore [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [428 Ko] - C:\WINDOWS\SysWOW64\el-GR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:19:20] - [0 Ko] - C:\WINDOWS\SysWOW64\en [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [304 Ko] - C:\WINDOWS\SysWOW64\en-GB [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [1563 Ko] - C:\WINDOWS\SysWOW64\en-US [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [411.5 Ko] - C:\WINDOWS\SysWOW64\es-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [336.5 Ko] - C:\WINDOWS\SysWOW64\es-MX [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [299.5 Ko] - C:\WINDOWS\SysWOW64\et-EE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29 Ko] - C:\WINDOWS\SysWOW64\eu-ES [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [13089.65 Ko] - C:\WINDOWS\SysWOW64\F12 [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28.5 Ko] - C:\WINDOWS\SysWOW64\fa-IR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [383 Ko] - C:\WINDOWS\SysWOW64\fi-FI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [32.5 Ko] - C:\WINDOWS\SysWOW64\fil-PH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:19:20] - [3149.5 Ko] - C:\WINDOWS\SysWOW64\fr [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [346 Ko] - C:\WINDOWS\SysWOW64\fr-CA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [37905.39 Ko] - C:\WINDOWS\SysWOW64\fr-FR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [32.5 Ko] - C:\WINDOWS\SysWOW64\ga-IE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [34 Ko] - C:\WINDOWS\SysWOW64\gd-GB [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [31 Ko] - C:\WINDOWS\SysWOW64\gl-ES [MD5.1E91815C329345AD54FE08BF7A98F749] - |A| - [12/04/2018 18:19:56] - (.Copyright (C) 2017 - Gracenote SDK component.) - [4073.5 Ko] - (3.10.5.5585) - C:\WINDOWS\SysWOW64\gnsdk_fp.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29 Ko] - C:\WINDOWS\SysWOW64\gu-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29 Ko] - C:\WINDOWS\SysWOW64\ha-Latn-NG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [309.5 Ko] - C:\WINDOWS\SysWOW64\he-IL [MD5.B4242227EAA6B910E3D0B985816DB2E7] - |A| - [12/04/2018 01:34:45] - (.-.) - [218 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HeatCore.dll [MD5.32C5A91670FD238785175B3C3F2038D7] - |A| - [17/01/2017 23:52:02] - (.Copyright © 2002-2014 - DirectShow and VFW video and audio decoding/encoding/processing filter.) - [4068 Ko] - (1.2.4486.3) - C:\WINDOWS\SysWOW64\HEMffdshow.ax [MD5.AC1A7BB6732EFA205D17A875CDEA12E2] - |A| - [17/01/2017 23:52:01] - (.- HEM_COMM.) - [208 Ko] - (6.2.0.3) - C:\WINDOWS\SysWOW64\HEM_COMM.ax [MD5.328FEEA7D8738217D39A2AF38052B83A] - |A| - [17/01/2017 23:52:01] - (.- HEM_DPVR.) - [108 Ko] - (6.2.0.3) - C:\WINDOWS\SysWOW64\HEM_DPVR.ax [MD5.670716CB2CFF767286C0B8C40BC42F97] - |A| - [17/01/2017 23:52:01] - (.Copyright (C) 2006 - HEM_OCX_H264 ActiveX Control Module.) - [1768 Ko] - (6.2.0.3) - C:\WINDOWS\SysWOW64\HEM_OCX_H264.ocx [MD5.446B88F4DC6996A67E3B81FC1DB3AD91] - |A| - [17/01/2017 23:52:02] - (.- HEM_SEL.) - [92 Ko] - (6.2.0.3) - C:\WINDOWS\SysWOW64\HEM_SEL.ax [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29 Ko] - C:\WINDOWS\SysWOW64\hi-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [314.5 Ko] - C:\WINDOWS\SysWOW64\hr-HR [MD5.17F5D3282D520EB2EA7C488AA6C57438] - |RA| - [12/04/2018 01:34:47] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1594 Ko] - (59.1.0.0) - C:\WINDOWS\SysWOW64\icuin.dll [MD5.A456E020684366A0DB0714ABFB1B5A2A] - |RA| - [12/04/2018 01:34:47] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1134 Ko] - (59.1.0.0) - C:\WINDOWS\SysWOW64\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28.5 Ko] - C:\WINDOWS\SysWOW64\id-ID [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [27 Ko] - C:\WINDOWS\SysWOW64\ig-NG [MD5.E19A3AA5AA3A5BBE4A2FA912B52A3789] - |A| - [03/05/2016 23:30:44] - (.-.) - [157.51 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\igdail32.dll [MD5.9DDE110E76DD3D7FAA7282361069528E] - |A| - [12/04/2018 01:34:47] - (.-.) - [355.66 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [215.5 Ko] - C:\WINDOWS\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [1160 Ko] - C:\WINDOWS\SysWOW64\InstallShield [MD5.6587CEC591522F2D0EFE091B59ACCBCC] - |A| - [03/05/2016 23:30:46] - (.Copyright © The Khronos Group Inc 2011 - OpenCL Client DLL.) - [76.01 Ko] - (1.2.11.0) - C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\Ipmi [MD5.EE3612BA4E24456EFB34B285323A7705] - |A| - [10/12/2012 14:12:50] - (.-.) - [1.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\IusEventLog.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [288 Ko] - C:\WINDOWS\SysWOW64\ja-JP [MD5.289BD7053FE907BD5059AEF4694D334C] - |A| - [24/04/2015 00:28:28] - (.Copyright (C) - JMCR ICON DLL.) - [198.59 Ko] - (1.0.0.3) - C:\WINDOWS\SysWOW64\jmcricon.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28.5 Ko] - C:\WINDOWS\SysWOW64\ka-GE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28.5 Ko] - C:\WINDOWS\SysWOW64\kk-KZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28 Ko] - C:\WINDOWS\SysWOW64\km-KH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [31.5 Ko] - C:\WINDOWS\SysWOW64\kn-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [283.5 Ko] - C:\WINDOWS\SysWOW64\ko-KR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29 Ko] - C:\WINDOWS\SysWOW64\kok-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29.5 Ko] - C:\WINDOWS\SysWOW64\ku-Arab-IQ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30 Ko] - C:\WINDOWS\SysWOW64\ky-KG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [33 Ko] - C:\WINDOWS\SysWOW64\lb-LU [MD5.B4246ED99D6C2B90CBD2291716672377] - |A| - [20/07/2012 10:26:50] - (.Copyright (C) 2011 - function DLL.) - [92.5 Ko] - (1.0.0.23) - C:\WINDOWS\SysWOW64\legap.dll [MD5.DA1EC7A173EB4A9ADC28FF8DD270D4E8] - |A| - [25/04/2015 00:25:05] - (.-.) - [0.04 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\LOCALDEVICE.INI [MD5.3A61CF113C64C68EECBFEED0991D058E] - |A| - [25/04/2015 00:25:05] - (.-.) - [4.42 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\LOCALSERVICE.INI [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [23/04/2015 23:23:20] - (.-.) - [0.02 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\log.txt [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\LogFiles [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [313 Ko] - C:\WINDOWS\SysWOW64\lt-LT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [311.5 Ko] - C:\WINDOWS\SysWOW64\lv-LV [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [50542.5 Ko] - C:\WINDOWS\SysWOW64\Macromed [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [32.68 Ko] - C:\WINDOWS\SysWOW64\MailContactsCalendarSync [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29 Ko] - C:\WINDOWS\SysWOW64\mi-NZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [3048.41 Ko] - C:\WINDOWS\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [827.4 Ko] - C:\WINDOWS\SysWOW64\migwiz [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30 Ko] - C:\WINDOWS\SysWOW64\mk-MK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [32.5 Ko] - C:\WINDOWS\SysWOW64\ml-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30.5 Ko] - C:\WINDOWS\SysWOW64\mn-MN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29.5 Ko] - C:\WINDOWS\SysWOW64\mr-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30 Ko] - C:\WINDOWS\SysWOW64\ms-MY [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [45.5 Ko] - C:\WINDOWS\SysWOW64\MSDRM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [52.28 Ko] - C:\WINDOWS\SysWOW64\Msdtc [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [31 Ko] - C:\WINDOWS\SysWOW64\mt-MT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [19.15 Ko] - C:\WINDOWS\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [374 Ko] - C:\WINDOWS\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [31.5 Ko] - C:\WINDOWS\SysWOW64\ne-NP [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [51 Ko] - C:\WINDOWS\SysWOW64\networklist [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [400.5 Ko] - C:\WINDOWS\SysWOW64\nl-NL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28.5 Ko] - C:\WINDOWS\SysWOW64\nn-NO [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30.5 Ko] - C:\WINDOWS\SysWOW64\nso-ZA [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [3781.5 Ko] - C:\WINDOWS\SysWOW64\Nui [MD5.B3B9C8925432FDA674ACCA908FE3CFDE] - |A| - [12/04/2018 01:34:02] - (.-.) - [36.79 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\OneDrive.ico [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [685.69 Ko] - C:\WINDOWS\SysWOW64\oobe [MD5.235355A8DD26903E75D5E812ECF50E53] - |A| - [15/06/2016 23:20:39] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [106.52 Ko] - (6.14.357.24) - C:\WINDOWS\SysWOW64\OpenAL32.dll [MD5.315C20EB3BC6BE9C2FE5F8F84748893E] - |A| - [02/08/2012 01:53:08] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenVideo 1.1 Runtime.) - [63.5 Ko] - (10.0.938.2) - C:\WINDOWS\SysWOW64\OpenVideo.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [32.5 Ko] - C:\WINDOWS\SysWOW64\or-IN [MD5.96EF804ECF5777F7F4A1EA6F30FE3C4C] - |A| - [02/08/2012 01:52:58] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OVDecode 1.1 Runtime.) - [55 Ko] - (10.0.938.2) - C:\WINDOWS\SysWOW64\OVDecode.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28.5 Ko] - C:\WINDOWS\SysWOW64\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30 Ko] - C:\WINDOWS\SysWOW64\pa-IN [MD5.1250BEF11BFA086F772CD2A273BC036E] - |A| - [17/08/2015 13:23:01] - (.Copyright © 2005-2010 CACE Technologies. Copyright © 1999-2005 NetGroup, Politecnico di Torino. - packet.dll (Vista) Dynamic Link Library.) - [94.52 Ko] - (4.1.0.2001) - C:\WINDOWS\SysWOW64\packet.dll [MD5.F7315C9A2C55381F2F226E70DFC44483] - |A| - [12/10/2011 01:56:44] - (.-.) - [183.33 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PassThroughOTP.dll [MD5.3C18F902BF4C8892B0CAF16C88F79583] - |A| - [12/10/2011 01:56:50] - (.-.) - [0.25 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PassThroughOTP.dll.hpsign [MD5.D93394BC9622B3B29E2D5F1423677B76] - |A| - [23/04/2015 23:40:11] - (.-.) - [1754.79 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [397.5 Ko] - C:\WINDOWS\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:19:21] - [420.74 Ko] - C:\WINDOWS\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30.5 Ko] - C:\WINDOWS\SysWOW64\prs-AF [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [400.5 Ko] - C:\WINDOWS\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [395.5 Ko] - C:\WINDOWS\SysWOW64\pt-PT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [32.5 Ko] - C:\WINDOWS\SysWOW64\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30.5 Ko] - C:\WINDOWS\SysWOW64\quz-PE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [23.75 Ko] - C:\WINDOWS\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\RasToast [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0.82 Ko] - C:\WINDOWS\SysWOW64\Recovery [MD5.4754B96FE02DEEF0341D202ED7193EE3] - |A| - [25/04/2015 16:48:13] - (.-.) - [0.1 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\REMOTEDEVICE.INI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\restore [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [321 Ko] - C:\WINDOWS\SysWOW64\ro-RO [MD5.222F93D774E5F3D6E9865248C5D78A2C] - |A| - [15/07/2015 23:35:26] - (.Copyright (C) 2010 - ResourceDLL.) - [401.82 Ko] - (1.3.2.0) - C:\WINDOWS\SysWOW64\rsnp2uvc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [391 Ko] - C:\WINDOWS\SysWOW64\ru-RU [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29.5 Ko] - C:\WINDOWS\SysWOW64\rw-RW [MD5.FD06B87888751BD318DE8CBAE141050D] - |A| - [14/08/2012 11:42:00] - (.-.) - [11 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\SCChangeMonitor.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30 Ko] - C:\WINDOWS\SysWOW64\sd-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [24/04/2015 23:52:45] - [78.59 Ko] - C:\WINDOWS\SysWOW64\SDA [MD5.F3D8C7B0EFA313DAA9F7B2030652DA4B] - |A| - [21/06/2010 17:19:46] - (.Copyright (C) TOSHIBA/MEI 2000-2004 -.) - [36 Ko] - (1.1.3.40202) - C:\WINDOWS\SysWOW64\SDDEVMGR.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29.5 Ko] - C:\WINDOWS\SysWOW64\si-LK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [316.5 Ko] - C:\WINDOWS\SysWOW64\sk-SK [MD5.5FA82F81EE911AD73B358D0B03371635] - |A| - [14/08/2012 11:42:00] - (.(c) Skype Technologies. - Skype for COM API.) - [1677.59 Ko] - (1.0.0.22) - C:\WINDOWS\SysWOW64\skype4com.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [314.5 Ko] - C:\WINDOWS\SysWOW64\sl-SI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:19:21] - [52.14 Ko] - C:\WINDOWS\SysWOW64\slmgr [MD5.5DA94C1082B9331928DFC87F5E13EAB2] - |A| - [23/01/2012 13:29:14] - (.- SlotMaximizerAg.dll.) - [120 Ko] - (1.0.2.32) - C:\WINDOWS\SysWOW64\SlotMaximizerAg.dll [MD5.E93999885EA5519A5D4B1EEF6EA448B3] - |A| - [23/01/2012 13:29:14] - (.- SlotMaximizerBe.dll.) - [2420.5 Ko] - (1.0.2.32) - C:\WINDOWS\SysWOW64\SlotMaximizerBe.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\SMI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [4133.4 Ko] - C:\WINDOWS\SysWOW64\Speech [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [8987.12 Ko] - C:\WINDOWS\SysWOW64\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [1772.09 Ko] - C:\WINDOWS\SysWOW64\spp [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [23.61 Ko] - C:\WINDOWS\SysWOW64\sppui [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30.5 Ko] - C:\WINDOWS\SysWOW64\sq-AL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29.5 Ko] - C:\WINDOWS\SysWOW64\sr-Cyrl-BA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29.5 Ko] - C:\WINDOWS\SysWOW64\sr-Cyrl-RS [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 13:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [436.43 Ko] - C:\WINDOWS\SysWOW64\sr-Latn-RS [MD5.2E00E08420875FAE0B173C6A34C2A575] - |A| - [13/06/2018 21:54:00] - (.-.) - [18.28 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\srms-apr.dat [MD5.7B7D3D627FF277F0E9DBD54A7BE45B81] - |A| - [13/06/2012 08:45:02] - (.-.) - [8.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\SROF.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\sru [MD5.DC2DB04CA829CAD7910CE71263F68C90] - |A| - [12/04/2018 01:34:45] - (.-.) - [321.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [381.5 Ko] - C:\WINDOWS\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29 Ko] - C:\WINDOWS\SysWOW64\sw-KE [MD5.330C0F1FA5D99AEC86C5B5408D7F33E4] - |A| - [19/08/2017 02:00:58] - (.Copyright (C) Synaptics Incorporated 1996-2017 - SynCOM.) - [419.09 Ko] - (19.0.19.63) - C:\WINDOWS\SysWOW64\SynCom.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:19:21] - [0 Ko] - C:\WINDOWS\SysWOW64\sysprep [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [34 Ko] - C:\WINDOWS\SysWOW64\ta-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30 Ko] - C:\WINDOWS\SysWOW64\te-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [32 Ko] - C:\WINDOWS\SysWOW64\tg-Cyrl-TJ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [289.5 Ko] - C:\WINDOWS\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [22.5 Ko] - C:\WINDOWS\SysWOW64\ti-ET [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [27.5 Ko] - C:\WINDOWS\SysWOW64\tk-TM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [32.5 Ko] - C:\WINDOWS\SysWOW64\tn-ZA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [372.5 Ko] - C:\WINDOWS\SysWOW64\tr-TR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28.5 Ko] - C:\WINDOWS\SysWOW64\tt-RU [MD5.01E96A85B337B702AE2BC7F838AE7B65] - |A| - [12/04/2018 01:35:13] - (.-.) - [3.34 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\UevCustomActionTypes.tlb [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [28 Ko] - C:\WINDOWS\SysWOW64\ug-CN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [314 Ko] - C:\WINDOWS\SysWOW64\uk-UA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29.5 Ko] - C:\WINDOWS\SysWOW64\ur-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [32 Ko] - C:\WINDOWS\SysWOW64\uz-Latn-UZ [MD5.D65607620DA8EA27303E180A6FDA8082] - |A| - [12/09/2013 05:25:58] - (.Copyright © 2006-2013, Validity Sensors, Inc. - Validity VCS Extended API Library.) - [4217.39 Ko] - (4.5.133.0) - C:\WINDOWS\SysWOW64\vcsAPIShared.dll [MD5.E71B60E549CE6E52062B15A5BB11A4B8] - |A| - [23/09/2013 03:22:22] - (.-.) - [0.25 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vcsAPIShared.dll.hpsign [MD5.AD18E4F14CD2C875E798A90013EF6854] - |A| - [12/09/2013 04:15:58] - (.Copyright © 2006-2013, Validity Sensors, Inc. - Validity VCS Event Message Library for Windows.) - [10 Ko] - (4.5.133.0) - C:\WINDOWS\SysWOW64\vcsEventMsg.dll [MD5.2A35848AF3A144EF716CE66A4DC1AE90] - |A| - [12/09/2013 04:28:00] - (.Copyright © 2006-2013, Validity Sensors, Inc. - Validity Sensors Fingerprint Service.) - [2677.39 Ko] - (4.5.133.0) - C:\WINDOWS\SysWOW64\vcsFPService.exe [MD5.15D2B42B2348686B01B751B29E7CCE1F] - |A| - [12/04/2018 01:35:13] - (.-.) - [33.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vmstaging.dll [MD5.A4E5696E7248A3F279CE3EE9D0724764] - |A| - [15/07/2015 23:35:26] - (.Copyright (C) 2010 - camext20.) - [311.82 Ko] - (1.8.0.1) - C:\WINDOWS\SysWOW64\vsnp2uvc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [18432.14 Ko] - C:\WINDOWS\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:19:21] - [0 Ko] - C:\WINDOWS\SysWOW64\WCN [MD5.F8A04B2ADF9693ADF0D70B966CA4498E] - |A| - [12/04/2018 01:34:45] - (.-.) - [109 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [10271.69 Ko] - C:\WINDOWS\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [5569.41 Ko] - C:\WINDOWS\SysWOW64\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:19:21] - [107.53 Ko] - C:\WINDOWS\SysWOW64\winrm [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [27.5 Ko] - C:\WINDOWS\SysWOW64\wo-SN [MD5.190FB481D293D85B507D071E75BCB05C] - |A| - [17/08/2015 13:23:01] - (.Copyright © 2005-2010 CACE Technologies. Copyright © 1999-2005 NetGroup, Politecnico di Torino. - wpcap.dll Dynamic Link Library - based on libpcap 1.0rel0b branch (20091008).) - [274.52 Ko] - (4.1.0.2001) - C:\WINDOWS\SysWOW64\wpcap.dll [MD5.D494267BC169604FAC5E3679B9A97FED] - |A| - [15/06/2016 23:20:39] - (.Copyright © 2008 - OpenAL32.) - [434.52 Ko] - (2.2.0.5) - C:\WINDOWS\SysWOW64\wrap_oal.dll [MD5.62236256C14EBAB96F24E4F1D7049CA8] - |A| - [12/04/2018 01:34:45] - (.-.) - [54.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30 Ko] - C:\WINDOWS\SysWOW64\xh-ZA [MD5.00000000000000000000000000000000] - |D| - [13/05/2018 11:14:21] - [10.16 Ko] - C:\WINDOWS\SysWOW64\XPSViewer [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [29 Ko] - C:\WINDOWS\SysWOW64\yo-NG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [245.5 Ko] - C:\WINDOWS\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 13:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\zh-HK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [240.5 Ko] - C:\WINDOWS\SysWOW64\zh-TW [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [30 Ko] - C:\WINDOWS\SysWOW64\zu-ZA ---------- | Shell Folders [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "!Do not use this registry key"=Use the SHGetFolderPath or SHGetKnownFolderPath function instead "AppData"=C:\Users\jul\AppData\Roaming [13/05/2018 10:23:21] "Local AppData"=C:\Users\jul\AppData\Local [13/05/2018 10:23:21] "CD Burning"=C:\Users\jul\AppData\Local\Microsoft\Windows\Burn\Burn [13/05/2018 11:33:07] "{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"=C:\Users\jul\AppData\Roaming\Microsoft\Windows\Libraries [23/04/2015 23:03:55] "My Video"=C:\Users\jul\Videos [23/04/2015 23:03:38] "My Pictures"=C:\Users\jul\Pictures [23/04/2015 23:03:38] "Desktop"=C:\Users\jul\Desktop [23/04/2015 23:03:38] "History"=C:\Users\jul\AppData\Local\Microsoft\Windows\History [23/04/2015 23:03:38] "NetHood"=C:\Users\jul\AppData\Roaming\Microsoft\Windows\Network Shortcuts [13/05/2018 10:23:21] "{56784854-C6CB-462B-8169-88E350ACB882}"=C:\Users\jul\Contacts [23/04/2015 23:03:55] "{00BCFC5A-ED94-4E48-96A1-3F6217F21990}"=C:\Users\jul\AppData\Local\Microsoft\Windows\RoamingTiles [23/04/2015 23:03:53] "Cookies"=C:\Users\jul\AppData\Local\Microsoft\Windows\INetCookies [23/04/2015 23:03:38] "Favorites"=C:\Users\jul\Favorites [23/04/2015 23:03:38] "SendTo"=C:\Users\jul\AppData\Roaming\Microsoft\Windows\SendTo [23/09/2016 14:48:29] "Start Menu"=C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu [23/09/2016 14:48:29] "My Music"=C:\Users\jul\Music [23/04/2015 23:03:38] "Programs"=C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [23/09/2016 14:48:29] "Recent"=C:\Users\jul\AppData\Roaming\Microsoft\Windows\Recent [23/04/2015 23:03:38] "PrintHood"=C:\Users\jul\AppData\Roaming\Microsoft\Windows\Printer Shortcuts [13/05/2018 10:23:21] "{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"=C:\Users\jul\Searches [23/04/2015 23:03:55] "{374DE290-123F-4565-9164-39C4925E467B}"=C:\Users\jul\Downloads [23/04/2015 23:03:38] "{A520A1A4-1780-4FF6-BD18-167343C5AF16}"=C:\Users\jul\AppData\LocalLow [23/04/2015 23:03:38] "Startup"=C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [23/04/2015 23:03:55] "Administrative Tools"=C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [23/04/2015 23:03:55] "Personal"=C:\Users\jul\Documents [23/04/2015 23:03:38] "{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"=C:\Users\jul\Links [23/04/2015 23:03:38] "Cache"=C:\Users\jul\AppData\Local\Microsoft\Windows\INetCache [13/05/2018 10:23:21] "Templates"=C:\Users\jul\AppData\Roaming\Microsoft\Windows\Templates [13/05/2018 10:23:21] "{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"=C:\Users\jul\Saved Games [23/04/2015 23:03:38] "Fonts"=C:\WINDOWS\Fonts [12/04/2018 01:38:21] [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "AppData"=%USERPROFILE%\AppData\Roaming "Cache"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCache "Cookies"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCookies "Desktop"=%USERPROFILE%\Desktop "Favorites"=%USERPROFILE%\Favorites "History"=%USERPROFILE%\AppData\Local\Microsoft\Windows\History "Local AppData"=%USERPROFILE%\AppData\Local "My Music"=%USERPROFILE%\Music "My Pictures"=%USERPROFILE%\Pictures "My Video"=%USERPROFILE%\Videos "NetHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts "Personal"=%USERPROFILE%\Documents "PrintHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts "Programs"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs "Recent"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent "SendTo"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo "Start Menu"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu "Startup"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup "Templates"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates "{374DE290-123F-4565-9164-39C4925E467B}"=%USERPROFILE%\Downloads [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [12/04/2018 01:38:20] "Common AppData"=C:\ProgramData [12/04/2018 01:38:20] "Common Desktop"=C:\Users\Public\Desktop [22/08/2013 17:36:30] "Common Documents"=C:\Users\Public\Documents [22/08/2013 17:36:30] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [12/04/2018 01:38:20] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [12/04/2018 01:38:20] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [12/04/2018 01:38:20] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [22/08/2013 17:36:30] "CommonMusic"=C:\Users\Public\Music [22/08/2013 17:36:30] "CommonPictures"=C:\Users\Public\Pictures [22/08/2013 17:36:30] "CommonVideo"=C:\Users\Public\Videos [22/08/2013 17:36:30] "OEM Links"=C:\ProgramData\OEM\Links [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [12/04/2018 01:38:20] "Common AppData"=C:\ProgramData [12/04/2018 01:38:20] "Common Desktop"=C:\Users\Public\Desktop [22/08/2013 17:36:30] "Common Documents"=C:\Users\Public\Documents [22/08/2013 17:36:30] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [12/04/2018 01:38:20] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [12/04/2018 01:38:20] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [12/04/2018 01:38:20] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [22/08/2013 17:36:30] "CommonMusic"=C:\Users\Public\Music [22/08/2013 17:36:30] "CommonPictures"=C:\Users\Public\Pictures [22/08/2013 17:36:30] "CommonVideo"=C:\Users\Public\Videos [22/08/2013 17:36:30] "OEM Links"=C:\ProgramData\OEM\Links [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads ---------- | [jul] [11/11/2015 11:45:25] - |D| - [2424] - C:\Users\jul\.android [11/11/2016 00:40:01] - |D| - [416228] - C:\Users\jul\.gimp-2.8 [02/12/2015 00:23:13] - |D| - [67072] - C:\Users\jul\.jssc [25/06/2017 10:51:54] - |D| - [63930] - C:\Users\jul\.matplotlib [02/12/2015 00:23:10] - |D| - [52] - C:\Users\jul\.oracle_jre_usage [17/08/2016 23:59:35] - |D| - [60897] - C:\Users\jul\.thumbnails [30/11/2016 14:41:16] - |RD| - [6575890] - C:\Users\jul\3D Objects [13/05/2018 10:23:21] - |HD| - [5792093462] - C:\Users\jul\AppData [13/05/2018 10:23:21] - |SHD| - [0] - C:\Users\jul\Application Data [13/09/2016 23:56:18] - |A| - [189] - C:\Users\jul\CDE CP.txt [23/04/2015 23:03:55] - |RD| - [412] - C:\Users\jul\Contacts [13/05/2018 10:23:21] - |SHD| - [0] - C:\Users\jul\Cookies [20/07/2016 00:19:01] - |A| - [610] - C:\Users\jul\declarationassurance.txt [23/04/2015 23:03:38] - |RD| - [38623980] - C:\Users\jul\Desktop [25/03/2018 19:10:23] - |D| - [7672] - C:\Users\jul\Desktop 2 [25/03/2018 19:22:45] - |D| - [39599655] - C:\Users\jul\Desktop 3 [25/03/2018 19:53:09] - |D| - [0] - C:\Users\jul\Desktop 4 [23/04/2015 23:03:38] - |RD| - [41535912253] - C:\Users\jul\Documents [23/04/2015 23:03:38] - |RD| - [16225814727] - C:\Users\jul\Downloads [14/12/2015 23:57:35] - |RD| - [8203764617] - C:\Users\jul\Dropbox [23/04/2015 23:03:38] - |RD| - [690] - C:\Users\jul\Favorites [23/04/2015 23:38:35] - |SHD| - [24444] - C:\Users\jul\IntelGraphicsProfiles [23/04/2015 23:03:38] - |RD| - [4201] - C:\Users\jul\Links [13/05/2018 10:23:21] - |SHD| - [0] - C:\Users\jul\Local Settings [26/04/2015 00:21:44] - |A| - [887] - C:\Users\jul\log.txt [13/05/2018 10:23:21] - |SHD| - [0] - C:\Users\jul\Menu Démarrer [13/05/2018 10:23:21] - |SHD| - [0] - C:\Users\jul\Mes documents [30/01/2018 09:44:40] - |HD| - [3158403] - C:\Users\jul\MicrosoftEdgeBackups [13/05/2018 10:23:21] - |SHD| - [0] - C:\Users\jul\Modèles [23/04/2015 23:03:38] - |RD| - [49505876] - C:\Users\jul\Music [13/05/2018 10:23:21] - |AH| - [8650752] - C:\Users\jul\NTUSER.DAT [13/05/2018 10:23:21] - |ASH| - [2236416] - C:\Users\jul\ntuser.dat.LOG1 [13/05/2018 10:23:21] - |ASH| - [1556480] - C:\Users\jul\ntuser.dat.LOG2 [13/05/2018 10:23:21] - |ASH| - [65536] - C:\Users\jul\NTUSER.DAT{1571da00-568f-11e8-ba93-b4b52f8b2014}.TM.blf [13/05/2018 10:23:21] - |ASH| - [524288] - C:\Users\jul\NTUSER.DAT{1571da00-568f-11e8-ba93-b4b52f8b2014}.TMContainer00000000000000000001.regtrans-ms [13/05/2018 10:23:21] - |ASH| - [524288] - C:\Users\jul\NTUSER.DAT{1571da00-568f-11e8-ba93-b4b52f8b2014}.TMContainer00000000000000000002.regtrans-ms [13/05/2018 10:29:23] - |SH| - [20] - C:\Users\jul\ntuser.ini [23/04/2015 23:08:29] - |RAD| - [27823708] - C:\Users\jul\OneDrive [23/04/2015 23:03:38] - |RD| - [45208599360] - C:\Users\jul\Pictures [13/05/2018 10:23:21] - |SHD| - [0] - C:\Users\jul\Recent [13/05/2018 10:23:21] - |D| - [0] - C:\Users\jul\Roaming [23/04/2015 23:03:38] - |RD| - [282] - C:\Users\jul\Saved Games [23/04/2015 23:03:55] - |RD| - [1875] - C:\Users\jul\Searches [13/05/2018 10:23:21] - |SHD| - [0] - C:\Users\jul\SendTo [24/05/2017 22:16:46] - |D| - [6359208] - C:\Users\jul\usb_driver [23/04/2015 23:03:38] - |RD| - [49096796980] - C:\Users\jul\Videos [13/05/2018 10:23:21] - |SHD| - [0] - C:\Users\jul\Voisinage d'impression [13/05/2018 10:23:21] - |SHD| - [0] - C:\Users\jul\Voisinage réseau [12/11/2015 22:05:49] - |A| - [1968128] - C:\Users\jul\ZHPDiag3.exe [13/05/2018 10:23:21] - |D| - [4152973212] - C:\Users\jul\AppData\Local [23/04/2015 23:03:38] - |D| - [145018167] - C:\Users\jul\AppData\LocalLow [13/05/2018 10:23:21] - |D| - [1494102083] - C:\Users\jul\AppData\Roaming [19/12/2015 23:37:50] - |D| - [0] - C:\Users\jul\AppData\Local\ActiveSync [26/04/2015 23:57:44] - |D| - [11309927] - C:\Users\jul\AppData\Local\Adobe [26/04/2015 00:27:55] - |D| - [0] - C:\Users\jul\AppData\Local\Apple [13/05/2018 10:23:21] - |SHD| - [0] - C:\Users\jul\AppData\Local\Application Data [02/12/2015 00:23:11] - |D| - [606805607] - C:\Users\jul\AppData\Local\Arduino15 [19/02/2018 19:18:36] - |D| - [44514907] - C:\Users\jul\AppData\Local\betaflight-configurator [25/04/2015 00:25:37] - |D| - [2517] - C:\Users\jul\AppData\Local\bluesoleil [25/03/2018 17:33:19] - |D| - [90045] - C:\Users\jul\AppData\Local\cache [13/11/2015 22:28:03] - |D| - [0] - C:\Users\jul\AppData\Local\CEF [11/11/2015 17:36:01] - |D| - [33266998] - C:\Users\jul\AppData\Local\Comms [23/09/2016 23:40:21] - |D| - [1629381] - C:\Users\jul\AppData\Local\ConnectedDevicesPlatform [26/04/2015 01:16:27] - |D| - [220] - C:\Users\jul\AppData\Local\CrystalDiskMark [02/06/2018 12:48:37] - |D| - [68516] - C:\Users\jul\AppData\Local\D3DSCache [23/08/2017 23:00:24] - |D| - [0] - C:\Users\jul\AppData\Local\DBG [26/04/2015 00:15:07] - |D| - [62277] - C:\Users\jul\AppData\Local\Diagnostics [13/08/2015 22:52:36] - |D| - [6336000] - C:\Users\jul\AppData\Local\Downloaded Installations [14/12/2015 23:54:31] - |D| - [46019334] - C:\Users\jul\AppData\Local\Dropbox [07/03/2017 12:22:57] - |D| - [0] - C:\Users\jul\AppData\Local\ElevatedDiagnostics [23/04/2015 23:13:09] - |SHD| - [0] - C:\Users\jul\AppData\Local\EmieBrowserModeList [23/04/2015 23:13:09] - |SHD| - [0] - C:\Users\jul\AppData\Local\EmieSiteList [23/04/2015 23:13:09] - |SHD| - [0] - C:\Users\jul\AppData\Local\EmieUserList [12/10/2017 23:17:22] - |D| - [16796] - C:\Users\jul\AppData\Local\FileZilla [11/11/2016 00:40:02] - |D| - [1242612] - C:\Users\jul\AppData\Local\fontconfig [27/05/2016 00:32:24] - |D| - [1104246] - C:\Users\jul\AppData\Local\freecad [11/11/2016 00:40:01] - |D| - [660] - C:\Users\jul\AppData\Local\gegl-0.2 [19/05/2015 23:34:18] - |D| - [141285494] - C:\Users\jul\AppData\Local\Google [10/07/2015 23:25:47] - |D| - [402817027] - C:\Users\jul\AppData\Local\GoPro [11/11/2016 01:19:31] - |D| - [201] - C:\Users\jul\AppData\Local\gtk-2.0 [03/06/2015 22:42:38] - |D| - [71] - C:\Users\jul\AppData\Local\GWX [13/05/2018 10:23:21] - |SHD| - [0] - C:\Users\jul\AppData\Local\Historique [25/04/2015 00:05:31] - |D| - [0] - C:\Users\jul\AppData\Local\HP Quick Start [13/05/2018 12:24:25] - |AH| - [75987] - C:\Users\jul\AppData\Local\IconCache.db [26/04/2015 23:59:48] - |D| - [0] - C:\Users\jul\AppData\Local\Macromedia [13/05/2018 10:23:21] - |D| - [854162492] - C:\Users\jul\AppData\Local\Microsoft [13/11/2015 21:21:14] - |D| - [75524] - C:\Users\jul\AppData\Local\MicrosoftEdge [25/04/2015 14:20:47] - |D| - [379095443] - C:\Users\jul\AppData\Local\Mozilla [17/08/2015 13:23:20] - |D| - [47208] - C:\Users\jul\AppData\Local\NETGEARGenie [11/11/2015 23:55:16] - |D| - [0] - C:\Users\jul\AppData\Local\NetworkTiles [07/12/2015 01:29:38] - |D| - [26] - C:\Users\jul\AppData\Local\Nico Mak Computing [30/01/2018 09:37:36] - |D| - [1210353414] - C:\Users\jul\AppData\Local\Packages [13/05/2018 10:29:40] - |D| - [0] - C:\Users\jul\AppData\Local\PackageStaging [25/04/2015 14:23:13] - |D| - [128] - C:\Users\jul\AppData\Local\paint.net [25/04/2015 00:25:37] - |D| - [0] - C:\Users\jul\AppData\Local\PDFC [12/11/2015 09:27:40] - |D| - [0] - C:\Users\jul\AppData\Local\PeerDistRepub [27/04/2018 22:38:22] - |D| - [0] - C:\Users\jul\AppData\Local\PlaceholderTileLogoFolder [25/04/2015 14:22:19] - |D| - [232294097] - C:\Users\jul\AppData\Local\Programs [11/11/2015 17:36:19] - |D| - [162274] - C:\Users\jul\AppData\Local\Publishers [15/08/2015 00:03:57] - |A| - [600] - C:\Users\jul\AppData\Local\PUTTY.RND [16/05/2018 21:49:57] - |A| - [4803] - C:\Users\jul\AppData\Local\recently-used.xbel [25/04/2015 14:22:36] - |D| - [2074555] - C:\Users\jul\AppData\Local\RepetierHost [25/04/2015 14:29:10] - |A| - [7620] - C:\Users\jul\AppData\Local\Resmon.ResmonCfg [18/02/2018 15:33:36] - |D| - [2304252] - C:\Users\jul\AppData\Local\Schneider Electric [31/03/2018 14:34:39] - |D| - [508929] - C:\Users\jul\AppData\Local\Simplify3D [09/11/2015 01:12:01] - |D| - [423] - C:\Users\jul\AppData\Local\stellarium [13/05/2018 10:23:21] - |D| - [20010316] - C:\Users\jul\AppData\Local\Temp [13/05/2018 10:23:21] - |SHD| - [0] - C:\Users\jul\AppData\Local\Temporary Internet Files [11/11/2015 17:35:56] - |D| - [17364841] - C:\Users\jul\AppData\Local\TileDataLayer [19/07/2016 22:01:29] - |D| - [0] - C:\Users\jul\AppData\Local\Tinytag [26/04/2018 21:00:46] - |D| - [136052736] - C:\Users\jul\AppData\Local\u-blox [11/07/2017 20:22:03] - |D| - [0] - C:\Users\jul\AppData\Local\UNP [23/04/2015 23:03:54] - |D| - [1514839] - C:\Users\jul\AppData\Local\VirtualStore [04/01/2017 00:08:49] - |D| - [17408] - C:\Users\jul\AppData\Local\webkit [24/04/2015 23:50:12] - |A| - [11883] - C:\Users\jul\AppData\Local\WiDiSetupLog.20150424.235012.txt [21/03/2018 00:22:56] - |D| - [260578] - C:\Users\jul\AppData\Local\ZHP [13/11/2015 22:28:01] - |D| - [2150163] - C:\Users\jul\AppData\LocalLow\Adobe [26/04/2015 00:27:21] - |D| - [11574] - C:\Users\jul\AppData\LocalLow\Apple Computer [23/04/2015 23:13:15] - |SHD| - [0] - C:\Users\jul\AppData\LocalLow\EmieBrowserModeList [23/04/2015 23:13:08] - |SHD| - [0] - C:\Users\jul\AppData\LocalLow\EmieSiteList [23/04/2015 23:13:15] - |SHD| - [0] - C:\Users\jul\AppData\LocalLow\EmieUserList [19/05/2015 23:34:57] - |D| - [142703445] - C:\Users\jul\AppData\LocalLow\Google [23/04/2015 23:24:29] - |D| - [0] - C:\Users\jul\AppData\LocalLow\Intel [23/04/2015 23:03:39] - |SD| - [137194] - C:\Users\jul\AppData\LocalLow\Microsoft [19/11/2016 14:39:32] - |D| - [0] - C:\Users\jul\AppData\LocalLow\Mozilla [18/03/2018 13:16:47] - |D| - [15791] - C:\Users\jul\AppData\LocalLow\Sun [10/05/2015 22:03:38] - |D| - [0] - C:\Users\jul\AppData\LocalLow\Temp [23/04/2015 23:03:54] - |D| - [3843641] - C:\Users\jul\AppData\Roaming\Adobe [26/04/2015 10:17:40] - |D| - [24678] - C:\Users\jul\AppData\Roaming\Apple Computer [05/12/2015 23:55:09] - |D| - [606981811] - C:\Users\jul\AppData\Roaming\Arduino15 [08/05/2016 23:34:08] - |D| - [25439] - C:\Users\jul\AppData\Roaming\Autodesk [18/08/2016 00:03:18] - |D| - [116664] - C:\Users\jul\AppData\Roaming\Blender Foundation [04/02/2018 00:22:02] - |D| - [1414] - C:\Users\jul\AppData\Roaming\caffeineau@gmail.com [10/05/2018 22:08:37] - |D| - [105376] - C:\Users\jul\AppData\Roaming\Canon [25/03/2018 18:03:36] - |D| - [364390] - C:\Users\jul\AppData\Roaming\Dexpot [14/12/2015 23:55:17] - |D| - [248732] - C:\Users\jul\AppData\Roaming\Dropbox [20/12/2017 00:44:17] - |D| - [203] - C:\Users\jul\AppData\Roaming\dvdcss [11/06/2017 23:36:09] - |D| - [7972462] - C:\Users\jul\AppData\Roaming\etcher [12/10/2017 23:17:22] - |D| - [65075] - C:\Users\jul\AppData\Roaming\FileZilla [12/10/2017 23:15:40] - |D| - [391] - C:\Users\jul\AppData\Roaming\FileZilla Server [25/04/2015 18:18:51] - |D| - [2580788] - C:\Users\jul\AppData\Roaming\FLEXnet [25/04/2015 14:30:33] - |D| - [33623] - C:\Users\jul\AppData\Roaming\FreeCAD [26/04/2015 00:25:38] - |D| - [108458547] - C:\Users\jul\AppData\Roaming\GoPro [24/04/2015 08:48:41] - |D| - [0] - C:\Users\jul\AppData\Roaming\Hewlett-Packard [23/04/2015 23:28:40] - |D| - [658993] - C:\Users\jul\AppData\Roaming\hpqLog [23/04/2015 23:21:59] - |D| - [0] - C:\Users\jul\AppData\Roaming\InstallShield [25/04/2015 00:20:59] - |D| - [1224] - C:\Users\jul\AppData\Roaming\Intel [23/04/2015 23:39:59] - |D| - [0] - C:\Users\jul\AppData\Roaming\Intel Corporation [24/11/2015 23:43:29] - |D| - [24450] - C:\Users\jul\AppData\Roaming\kicad [23/04/2015 23:13:11] - |D| - [1315] - C:\Users\jul\AppData\Roaming\Macromedia [25/04/2015 18:18:52] - |D| - [2348480] - C:\Users\jul\AppData\Roaming\Macrovision [13/05/2018 10:23:21] - |SD| - [5131029] - C:\Users\jul\AppData\Roaming\Microsoft [15/08/2016 00:26:16] - |D| - [209] - C:\Users\jul\AppData\Roaming\Motorola [15/08/2016 00:26:41] - |D| - [123] - C:\Users\jul\AppData\Roaming\Motorola Mobility [25/04/2015 14:20:47] - |D| - [276739694] - C:\Users\jul\AppData\Roaming\Mozilla [22/10/2016 20:59:05] - |D| - [2386731] - C:\Users\jul\AppData\Roaming\Notepad++ [21/07/2015 23:50:07] - |D| - [34566554] - C:\Users\jul\AppData\Roaming\OpenOffice [25/04/2015 00:03:10] - |D| - [10576] - C:\Users\jul\AppData\Roaming\Sierra Wireless [19/07/2017 00:29:16] - |D| - [77] - C:\Users\jul\AppData\Roaming\Skype [14/06/2015 21:24:12] - |D| - [6661] - C:\Users\jul\AppData\Roaming\Slic3r [28/05/2017 21:27:55] - |D| - [6663] - C:\Users\jul\AppData\Roaming\Slic3rPE [15/02/2018 01:21:54] - |D| - [54] - C:\Users\jul\AppData\Roaming\SmartSteamEmu [09/11/2015 01:12:01] - |D| - [1652377] - C:\Users\jul\AppData\Roaming\Stellarium [18/03/2018 13:16:47] - |D| - [0] - C:\Users\jul\AppData\Roaming\Sun [23/04/2015 23:38:57] - |D| - [0] - C:\Users\jul\AppData\Roaming\Synaptics [13/06/2016 21:21:38] - |D| - [455] - C:\Users\jul\AppData\Roaming\TeamViewer [19/07/2016 22:01:29] - |D| - [4100] - C:\Users\jul\AppData\Roaming\Tinytag [20/05/2015 13:55:33] - |D| - [7931627] - C:\Users\jul\AppData\Roaming\uTorrent [26/04/2015 00:30:53] - |D| - [190456] - C:\Users\jul\AppData\Roaming\vlc [21/05/2015 08:36:29] - |D| - [431617001] - C:\Users\jul\AppData\Roaming\ZHP [23/04/2015 23:03:55] - |SH| - [174] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [13/05/2018 10:23:21] - |SHD| - [0] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [23/09/2016 14:48:29] - |RD| - [53390] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [20/05/2015 13:56:26] - |A| - [873] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk [13/05/2018 10:23:21] - |RD| - [3888] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [13/05/2018 10:23:21] - |RD| - [2925] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [23/04/2015 23:03:55] - |RD| - [174] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [24/01/2018 00:55:25] - |D| - [5726] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome [25/03/2018 17:32:18] - |D| - [4050] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk [07/05/2017 17:57:16] - |D| - [1175] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Balloon Track [19/02/2018 19:18:22] - |D| - [2944] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Betaflight [17/08/2016 23:58:20] - |D| - [1189] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender [13/05/2018 10:23:21] - |SH| - [264] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [25/03/2018 18:03:28] - |D| - [814] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot [21/05/2018 00:22:55] - |A| - [2369] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Etcher.lnk [15/05/2015 22:23:33] - |D| - [2627] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator [13/05/2018 10:23:21] - |D| - [170] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [13/05/2018 10:23:21] - |A| - [1105] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [21/01/2018 23:11:42] - |D| - [3819] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenTX Companion 2.2 [23/04/2015 23:03:55] - |RD| - [174] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [13/05/2018 10:23:21] - |RD| - [3496] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [04/02/2018 00:12:37] - |A| - [3163] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TTSAutomate.lnk [26/04/2018 21:00:43] - |D| - [5564] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\u-blox [14/06/2015 00:28:26] - |D| - [0] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat [13/05/2018 10:23:21] - |RD| - [7754] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [23/04/2015 23:03:55] - |SH| - [174] - C:\Users\jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] [10/09/2015 07:56:21] - |RHD| - [196] - C:\Users\Public\AccountPictures [26/04/2015 00:25:17] - |D| - [3613590] - C:\Users\Public\CineForm [22/08/2013 17:36:30] - |RHD| - [5035] - C:\Users\Public\Desktop [12/04/2018 01:38:24] - |ASH| - [174] - C:\Users\Public\desktop.ini [22/08/2013 17:36:30] - |RD| - [278] - C:\Users\Public\Documents [22/08/2013 17:36:30] - |RD| - [174] - C:\Users\Public\Downloads [12/04/2018 01:38:20] - |RHD| - [1135] - C:\Users\Public\Libraries [22/08/2013 17:36:30] - |RD| - [380] - C:\Users\Public\Music [22/08/2013 17:36:30] - |RD| - [380] - C:\Users\Public\Pictures [25/04/2015 00:20:52] - |D| - [0] - C:\Users\Public\Roaming [22/08/2013 17:36:30] - |RD| - [380] - C:\Users\Public\Videos ---------- | C:\ProgramData [13/11/2015 21:25:13] - |D| - [365689580] - C:\ProgramData\Adobe [31/01/2016 21:26:10] - |D| - [37] - C:\ProgramData\Alcohol Soft [26/04/2015 00:27:54] - |D| - [0] - C:\ProgramData\Apple [13/05/2018 10:29:11] - |SHD| - [0] - C:\ProgramData\Application Data [08/05/2016 23:34:08] - |D| - [1929] - C:\ProgramData\Autodesk [23/04/2015 22:58:45] - |SHD| - [0] - C:\ProgramData\Bureau [03/05/2018 21:30:49] - |D| - [0] - C:\ProgramData\Canon IJ Network Tool [06/10/2016 21:51:55] - |HD| - [29466916] - C:\ProgramData\CanonBJ [10/05/2018 22:08:00] - |HD| - [116] - C:\ProgramData\CanonIJEGV [03/05/2018 21:19:48] - |HD| - [139] - C:\ProgramData\CanonIJETV [23/05/2018 22:36:37] - |HD| - [116] - C:\ProgramData\CanonIJMyPrinter [03/05/2018 21:26:21] - |D| - [3106] - C:\ProgramData\CanonIJPLM [03/05/2018 21:24:07] - |D| - [3066] - C:\ProgramData\CanonIJWSpt [16/07/2016 13:47:48] - |D| - [0] - C:\ProgramData\Comms [13/05/2018 10:29:11] - |SHD| - [0] - C:\ProgramData\Documents [14/12/2015 23:54:31] - |D| - [753044] - C:\ProgramData\Dropbox [25/04/2015 18:18:27] - |D| - [2720] - C:\ProgramData\FLEXnet [23/04/2015 23:28:26] - |D| - [58702428] - C:\ProgramData\Hewlett-Packard [25/04/2015 18:19:01] - |D| - [1056] - C:\ProgramData\HPQLOG [31/03/2018 14:30:07] - |SHD| - [0] - C:\ProgramData\icsxml [24/04/2015 00:39:06] - |D| - [6669] - C:\ProgramData\install_clap [23/04/2015 23:23:19] - |D| - [1828895] - C:\ProgramData\Intel [25/04/2015 00:20:24] - |D| - [15175] - C:\ProgramData\Intel.sav [25/04/2015 18:18:53] - |D| - [0] - C:\ProgramData\Macrovision [31/05/2015 20:08:48] - |D| - [25220278] - C:\ProgramData\Malwarebytes [23/04/2015 22:58:45] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [12/04/2018 01:38:20] - |SD| - [1117923984] - C:\ProgramData\Microsoft [13/05/2018 11:33:19] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [23/04/2015 22:58:45] - |SHD| - [0] - C:\ProgramData\Modèles [31/03/2018 14:30:07] - |SHD| - [0] - C:\ProgramData\ms-drivers [24/05/2017 22:16:47] - |RASH| - [430] - C:\ProgramData\ntuser.pol [18/03/2018 13:16:19] - |D| - [72367495] - C:\ProgramData\Oracle [26/04/2015 00:24:53] - |D| - [231057448] - C:\ProgramData\Package Cache [14/06/2018 08:32:13] - |D| - [114688] - C:\ProgramData\Packages [13/11/2015 22:38:24] - |D| - [0] - C:\ProgramData\PDFC [23/04/2015 23:32:03] - |D| - [1897] - C:\ProgramData\Qualcomm Atheros [24/04/2015 23:58:34] - |D| - [5291808] - C:\ProgramData\Ralink Bluetooth Stack [23/04/2015 23:22:19] - |D| - [7328608] - C:\ProgramData\Ralink Driver [12/04/2018 01:38:20] - |D| - [993] - C:\ProgramData\regid.1991-06.com.microsoft [01/12/2015 23:56:38] - |D| - [1284167] - C:\ProgramData\Repetier-Server [25/04/2015 00:20:52] - |D| - [0] - C:\ProgramData\Roaming [12/04/2018 01:38:20] - |D| - [0] - C:\ProgramData\SoftwareDistribution [19/05/2018 22:42:56] - |D| - [208200630] - C:\ProgramData\Squeezebox [25/04/2015 14:36:30] - |D| - [225680] - C:\ProgramData\Synaptics [24/04/2015 00:39:07] - |AD| - [79144] - C:\ProgramData\Temp [25/04/2015 14:22:09] - |D| - [4310] - C:\ProgramData\Unchecky [12/04/2018 01:38:20] - |D| - [6766] - C:\ProgramData\USOPrivate [13/05/2018 10:27:01] - |D| - [1257472] - C:\ProgramData\USOShared [23/04/2015 23:32:53] - |D| - [0] - C:\ProgramData\Validity [12/04/2018 18:24:11] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices [07/12/2015 01:29:35] - |D| - [0] - C:\ProgramData\WinZip ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [08/05/2016 23:33:32] - |A| - [1990] - C:\ProgramData\Microsoft\Windows\Start Menu\123D Design.lnk [12/04/2018 01:38:24] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [23/04/2015 22:58:45] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [12/04/2018 01:38:20] - |RD| - [310740] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [04/02/2016 23:54:43] - |D| - [1557] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [12/04/2018 01:38:20] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [12/04/2018 01:38:20] - |RD| - [14299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [11/04/2017 21:08:01] - |A| - [2457] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [13/11/2015 21:25:37] - |A| - [2457] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [12/04/2018 01:38:20] - |RD| - [24294] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [31/01/2016 21:25:47] - |D| - [6309] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120% [05/12/2015 23:54:55] - |A| - [1072] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arduino.lnk [08/05/2016 23:33:32] - |D| - [4005] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk [03/05/2018 21:23:46] - |D| - [2433] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3500 series Manual [03/05/2018 21:24:05] - |D| - [8556] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [15/02/2016 00:20:41] - |D| - [4637] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clrmamepro [27/04/2018 21:20:32] - |D| - [577] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cygwin [12/04/2018 01:38:24] - |ASH| - [530] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [09/06/2018 09:18:46] - |D| - [1312] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox [03/05/2018 21:29:00] - |D| - [2156] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enregistrement utilisateur de Canon MG3500 series [11/06/2017 23:35:56] - |D| - [2229] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Etcher [12/10/2017 23:17:18] - |D| - [2013] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client [30/01/2018 23:45:48] - |A| - [1005] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk [09/01/2017 00:40:39] - |D| - [2040] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCAD 0.16 [13/04/2018 23:12:30] - |D| - [1886] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCAD 0.17 [11/11/2016 00:39:47] - |A| - [939] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk [24/01/2018 00:44:55] - |A| - [2299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [09/02/2018 21:43:47] - |A| - [2245] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk [18/10/2015 00:12:31] - |D| - [1738] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro [31/05/2016 22:14:56] - |D| - [101530] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graphviz 2.38 [17/01/2017 23:51:52] - |D| - [912] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hyper Electronics Mappers [22/08/2016 23:22:16] - |D| - [2374] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer [12/04/2018 01:35:21] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [23/04/2015 23:27:58] - |RD| - [1616] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [23/04/2015 23:36:17] - |A| - [724] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk [18/03/2018 13:16:35] - |D| - [6886] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [24/11/2015 23:43:08] - |D| - [11579] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KiCad [19/05/2018 22:43:07] - |D| - [4640] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech Media Server [12/04/2018 01:38:20] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [12/11/2015 09:29:19] - |D| - [5271] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [09/11/2015 14:26:08] - |D| - [2338] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [15/08/2016 00:26:37] - |D| - [2673] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager [19/09/2015 13:59:49] - |A| - [2078] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR Genie.lnk [22/10/2016 20:59:07] - |D| - [883] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ [22/03/2018 22:07:24] - |SD| - [7392] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.5 [25/04/2015 14:23:17] - |A| - [1140] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk [24/04/2015 23:53:50] - |D| - [1133] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools [25/04/2015 14:22:42] - |D| - [926] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repetier-Host [01/12/2015 23:56:37] - |D| - [3758] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repetier-Server [18/02/2018 15:33:50] - |D| - [4555] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Schneider Electric [13/08/2015 22:52:52] - |D| - [2118] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDFormatter [31/03/2018 14:37:39] - |D| - [3045] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simplify3D Software [24/04/2015 23:47:24] - |A| - [1715] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Premium Sound.lnk [12/04/2018 01:38:20] - |RD| - [1297] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [09/11/2015 01:11:54] - |D| - [17309] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium [08/02/2018 11:12:39] - |D| - [1573] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Superior [12/04/2018 01:38:20] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [13/06/2016 21:21:37] - |A| - [1112] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk [19/07/2016 22:00:59] - |D| - [5116] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tinytag Explorer 4.9 [25/04/2015 14:22:09] - |D| - [2195] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky [26/04/2015 00:30:35] - |D| - [7188] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [14/06/2015 00:28:26] - |D| - [3223] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat [13/05/2018 10:24:10] - |A| - [1576] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [18/02/2018 15:34:45] - |A| - [2229] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zelio Soft 2.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [12/04/2018 01:38:24] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [19/05/2018 22:43:09] - |A| - [1123] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Outil de la barre d'état système Logitech Media Server.lnk ---------- | C:\Program Files (x86) [13/11/2015 21:25:29] - |D| - [283898271] - C:\Program Files (x86)\Adobe [31/01/2016 21:25:35] - |D| - [8036565] - C:\Program Files (x86)\Alcohol Soft [24/04/2015 00:34:51] - |AD| - [2249244] - C:\Program Files (x86)\AMD APP [02/12/2015 00:21:15] - |D| - [655375168] - C:\Program Files (x86)\Arduino [18/02/2018 15:49:12] - |D| - [1872074] - C:\Program Files (x86)\Aten International Co., Ltd [07/05/2017 17:57:12] - |D| - [3256308] - C:\Program Files (x86)\Balloon Track [19/02/2018 19:18:17] - |D| - [157636718] - C:\Program Files (x86)\Betaflight [04/02/2018 00:12:37] - |D| - [7598072] - C:\Program Files (x86)\CaffeineAU [03/05/2018 21:18:59] - |D| - [23033829] - C:\Program Files (x86)\Canon [26/04/2015 00:25:18] - |D| - [7934976] - C:\Program Files (x86)\CineForm [25/04/2015 00:20:27] - |D| - [0] - C:\Program Files (x86)\Cisco [12/04/2018 01:38:20] - |D| - [184724215] - C:\Program Files (x86)\Common Files [12/04/2018 01:38:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [25/03/2018 18:03:27] - |D| - [10461725] - C:\Program Files (x86)\Dexpot [14/12/2015 23:54:35] - |D| - [383032592] - C:\Program Files (x86)\Dropbox [11/06/2017 23:35:51] - |D| - [230721078] - C:\Program Files (x86)\Etcher [19/05/2015 23:34:23] - |D| - [475964640] - C:\Program Files (x86)\Google [09/06/2015 00:07:30] - |AD| - [155377112] - C:\Program Files (x86)\GoPro [31/05/2016 22:14:54] - |AD| - [119381087] - C:\Program Files (x86)\Graphviz2.38 [23/04/2015 23:28:40] - |AD| - [21059604] - C:\Program Files (x86)\Hewlett-Packard [17/01/2017 23:51:52] - |AD| - [26818149] - C:\Program Files (x86)\Hyper Electronics Mappers [22/08/2016 23:22:14] - |AD| - [47044986] - C:\Program Files (x86)\ImageWriter [23/04/2015 23:22:18] - |HD| - [48203460] - C:\Program Files (x86)\InstallShield Installation Information [23/04/2015 23:11:23] - |D| - [142059155] - C:\Program Files (x86)\Intel [12/04/2018 01:38:20] - |D| - [2260451] - C:\Program Files (x86)\Internet Explorer [18/03/2018 13:16:16] - |D| - [178958814] - C:\Program Files (x86)\Java [24/04/2015 23:52:49] - |AD| - [2059520] - C:\Program Files (x86)\JMicron [15/05/2015 22:23:25] - |AD| - [273096662] - C:\Program Files (x86)\LinuxLive USB Creator [12/11/2015 09:29:12] - |AD| - [58591101] - C:\Program Files (x86)\Malwarebytes Anti-Malware [24/07/2017 20:41:41] - |D| - [111909121] - C:\Program Files (x86)\Meccano [09/11/2015 14:26:07] - |D| - [42892246] - C:\Program Files (x86)\Microsoft Silverlight [12/04/2018 01:38:20] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [15/08/2016 00:26:36] - |D| - [459328] - C:\Program Files (x86)\Motorola [15/08/2016 00:26:36] - |D| - [12810420] - C:\Program Files (x86)\Motorola Mobility [30/01/2018 23:45:47] - |D| - [308218] - C:\Program Files (x86)\Mozilla Maintenance Service [13/05/2018 11:14:20] - |D| - [25757] - C:\Program Files (x86)\MSBuild [15/08/2016 00:26:35] - |AD| - [154033] - C:\Program Files (x86)\MSXML 4.0 [19/09/2015 13:59:30] - |D| - [130581487] - C:\Program Files (x86)\NETGEAR Genie [19/06/2015 19:48:36] - |D| - [4512286997] - C:\Program Files (x86)\Odin [26/10/2016 22:58:26] - |D| - [36421] - C:\Program Files (x86)\OneWire [15/06/2016 23:20:39] - |D| - [809496] - C:\Program Files (x86)\OpenAL [21/07/2015 23:42:29] - |AD| - [382196511] - C:\Program Files (x86)\OpenOffice 4 [21/01/2018 23:11:39] - |D| - [45752881] - C:\Program Files (x86)\OpenTX [25/04/2015 00:02:14] - |D| - [2362444] - C:\Program Files (x86)\Realtek [13/05/2018 11:14:20] - |D| - [38454529] - C:\Program Files (x86)\Reference Assemblies [01/12/2015 23:56:28] - |D| - [60159024] - C:\Program Files (x86)\Repetier-Server [18/02/2018 15:33:49] - |D| - [141993283] - C:\Program Files (x86)\Schneider Electric [13/08/2015 22:52:52] - |D| - [3806744] - C:\Program Files (x86)\SDA [19/05/2018 22:42:56] - |D| - [77461405] - C:\Program Files (x86)\Squeezebox [13/06/2016 21:21:30] - |AD| - [43624909] - C:\Program Files (x86)\TeamViewer [19/07/2016 22:00:58] - |D| - [28167676] - C:\Program Files (x86)\Tinytag [26/04/2018 21:00:40] - |D| - [22903812] - C:\Program Files (x86)\u-blox [25/04/2015 14:22:08] - |AD| - [5239468] - C:\Program Files (x86)\Unchecky [23/09/2016 14:54:12] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [26/04/2015 00:30:27] - |D| - [130604903] - C:\Program Files (x86)\VideoLAN [14/06/2015 00:28:26] - |D| - [812064] - C:\Program Files (x86)\WinDirStat [12/04/2018 01:38:20] - |D| - [1780752] - C:\Program Files (x86)\Windows Defender [12/04/2018 01:38:20] - |D| - [625664] - C:\Program Files (x86)\Windows Mail [12/04/2018 18:20:01] - |D| - [3254215] - C:\Program Files (x86)\Windows Media Player [12/04/2018 01:38:20] - |D| - [40328] - C:\Program Files (x86)\Windows Multimedia Platform [12/04/2018 01:38:20] - |D| - [7556440] - C:\Program Files (x86)\windows nt [12/04/2018 01:38:20] - |D| - [5370120] - C:\Program Files (x86)\Windows Photo Viewer [12/04/2018 01:38:20] - |D| - [40328] - C:\Program Files (x86)\Windows Portable Devices [12/04/2018 01:38:20] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [12/04/2018 01:38:20] - |D| - [3157459] - C:\Program Files (x86)\WindowsPowerShell [12/11/2015 23:27:55] - |AD| - [0] - C:\Program Files (x86)\ZHPFix ---------- | C:\Program Files [31/01/2016 21:48:01] - |AD| - [4960070] - C:\Program Files\7-Zip [24/04/2015 00:34:49] - |D| - [27483196] - C:\Program Files\ATI [24/04/2015 00:34:35] - |D| - [0] - C:\Program Files\ATI Technologies [08/05/2016 23:32:03] - |D| - [1159104484] - C:\Program Files\Autodesk [17/08/2016 23:58:10] - |D| - [305885954] - C:\Program Files\Blender Foundation [03/05/2018 21:24:03] - |D| - [13772114] - C:\Program Files\Canon [03/05/2018 21:22:52] - |HD| - [11116768] - C:\Program Files\CanonBJ [15/02/2016 00:20:40] - |D| - [11586692] - C:\Program Files\clrmamepro [12/04/2018 01:38:20] - |D| - [82194127] - C:\Program Files\Common Files [12/04/2018 01:38:23] - |ASH| - [174] - C:\Program Files\desktop.ini [23/04/2015 23:29:08] - |D| - [2777920] - C:\Program Files\DIFX [23/04/2015 22:58:45] - |SHD| - [0] - C:\Program Files\Fichiers communs [12/10/2017 23:17:16] - |AD| - [27902149] - C:\Program Files\FileZilla FTP Client [09/01/2017 00:39:52] - |D| - [556538453] - C:\Program Files\FreeCAD 0.16 [13/04/2018 23:11:56] - |D| - [941966264] - C:\Program Files\FreeCAD 0.17 [11/11/2016 00:39:00] - |AD| - [295953924] - C:\Program Files\GIMP 2 [09/02/2018 21:43:44] - |D| - [211004217] - C:\Program Files\Google [15/06/2016 23:20:41] - |D| - [165740552] - C:\Program Files\GoPro [24/04/2015 08:49:51] - |AD| - [7417549] - C:\Program Files\Hewlett-Packard [23/04/2015 23:24:57] - |AD| - [106064635] - C:\Program Files\IDT [19/07/2017 00:15:38] - |D| - [74236620] - C:\Program Files\Intel [12/04/2018 01:38:20] - |D| - [2639358] - C:\Program Files\internet explorer [24/11/2015 23:40:45] - |AD| - [1140899782] - C:\Program Files\KiCad [09/11/2015 14:26:07] - |AD| - [55725526] - C:\Program Files\Microsoft Silverlight [15/08/2016 00:26:26] - |D| - [8366] - C:\Program Files\Motorola Mobility LLC [30/01/2018 23:45:42] - |D| - [150681133] - C:\Program Files\Mozilla Firefox [13/05/2018 11:14:20] - |D| - [25757] - C:\Program Files\MSBuild [22/10/2016 20:59:05] - |D| - [7215275] - C:\Program Files\Notepad++ [25/04/2015 14:23:14] - |AD| - [60657081] - C:\Program Files\paint.net [13/05/2018 11:14:20] - |D| - [36854953] - C:\Program Files\Reference Assemblies [12/01/2018 14:34:50] - |AD| - [8183723] - C:\Program Files\rempl [25/04/2015 14:22:36] - |AD| - [231136534] - C:\Program Files\Repetier-Host [24/05/2017 22:28:44] - |D| - [8789488] - C:\Program Files\Rtlsdr [31/03/2018 14:29:17] - |D| - [57458515] - C:\Program Files\Simplify3D-4.0.0 [09/11/2015 01:11:43] - |AD| - [235793241] - C:\Program Files\Stellarium [19/07/2017 00:15:44] - |D| - [148715007] - C:\Program Files\Synaptics [30/07/2015 23:52:28] - |HD| - [0] - C:\Program Files\Uninstall Information [09/07/2017 21:47:01] - |AD| - [6553600] - C:\Program Files\UNP [23/04/2015 23:32:50] - |AD| - [21165562] - C:\Program Files\Validity Sensors [12/04/2018 01:38:20] - |RD| - [19333067] - C:\Program Files\Windows Defender [12/04/2018 18:24:11] - |D| - [11868976] - C:\Program Files\Windows Defender Advanced Threat Protection [12/04/2018 01:38:20] - |D| - [635392] - C:\Program Files\Windows Mail [12/04/2018 18:20:01] - |D| - [4783083] - C:\Program Files\Windows Media Player [12/04/2018 01:38:20] - |D| - [46576] - C:\Program Files\Windows Multimedia Platform [12/04/2018 01:38:20] - |D| - [7823192] - C:\Program Files\windows nt [12/04/2018 01:38:20] - |D| - [6170376] - C:\Program Files\Windows Photo Viewer [12/04/2018 01:38:20] - |D| - [46576] - C:\Program Files\Windows Portable Devices [12/04/2018 01:38:20] - |D| - [106165] - C:\Program Files\Windows Security [12/04/2018 01:38:20] - |SHD| - [0] - C:\Program Files\Windows Sidebar [12/04/2018 01:38:20] - |HD| - [2682771735] - C:\Program Files\WindowsApps [12/04/2018 01:38:20] - |D| - [3409847] - C:\Program Files\WindowsPowerShell ---------- | C:\Program Files (x86)\Common Files [13/11/2015 21:25:29] - |AD| - [9430811] - C:\Program Files (x86)\Common Files\Adobe [25/04/2015 18:18:53] - |D| - [1368053] - C:\Program Files (x86)\Common Files\InstallShield [19/07/2017 00:15:35] - |D| - [107006637] - C:\Program Files (x86)\Common Files\Intel [23/04/2015 23:40:11] - |D| - [183802] - C:\Program Files (x86)\Common Files\Intel Corporation [30/04/2018 20:49:33] - |D| - [1948384] - C:\Program Files (x86)\Common Files\Java [18/02/2018 15:34:27] - |D| - [1244358] - C:\Program Files (x86)\Common Files\Macrovision Shared [12/04/2018 01:38:20] - |D| - [45623745] - C:\Program Files (x86)\Common Files\microsoft shared [15/08/2016 00:26:36] - |D| - [707584] - C:\Program Files (x86)\Common Files\MSSoap [30/04/2018 20:48:40] - |D| - [1369776] - C:\Program Files (x86)\Common Files\Oracle [23/04/2015 23:23:02] - |D| - [195948] - C:\Program Files (x86)\Common Files\postureAgent [18/02/2018 15:33:50] - |D| - [520] - C:\Program Files (x86)\Common Files\Schneider Electric Shared [12/04/2018 01:38:20] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [23/04/2015 23:30:53] - |AD| - [6090652] - C:\Program Files (x86)\Common Files\SNP2UVC [12/04/2018 01:38:20] - |D| - [9551243] - C:\Program Files (x86)\Common Files\system ---------- | C:\Program Files\Common files [25/04/2015 00:20:27] - |D| - [0] - C:\Program Files\Common files\Intel [12/04/2018 01:38:20] - |D| - [66597627] - C:\Program Files\Common files\microsoft shared [15/08/2016 00:26:26] - |D| - [5328827] - C:\Program Files\Common files\Motorola Shared [12/04/2018 01:38:20] - |D| - [2702] - C:\Program Files\Common files\Services [12/04/2018 01:38:20] - |D| - [10264971] - C:\Program Files\Common files\system ---------- | Tasks [MD5.4D6EC43D1CDBCD5ED2DA406B3F3D8C4E] - [14/12/2015 23:54:36] - |A| - [1190] - C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job [MD5.CA2615B193126FF99E98297CF777F4D5] - [14/12/2015 23:54:36] - |A| - [1194] - C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [13/05/2018 10:29:10] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.75AE4497B54A528BB29D085C5DD22292] - [13/05/2018 10:29:09] - |A| - [4562] - C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.B146A8630DCAB644F46BB01C2EFDC00F] - [13/05/2018 10:29:09] - |A| - [4738] - C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier : C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe [MD5.CBAB37455FDA66622BA43D87E4BA3C06] - [13/05/2018 10:29:09] - |A| - [4558] - C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater : C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.00000000000000000000000000000000] - [13/05/2018 10:29:09] - |D| - [0] - C:\WINDOWS\System32\Tasks\Dexpot [MD5.653447339F1BF731D6C9ACF0A39C6743] - [13/05/2018 10:29:09] - |A| - [4022] - C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore : C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [MD5.FBC85C7871E21D2F1D37F5433AEB658F] - [13/05/2018 10:29:09] - |A| - [4254] - C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA : C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [MD5.12DE22087F094957ECD5C5011322634A] - [13/05/2018 10:29:09] - |A| - [3464] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.7B0644344CA7ACEB08578CC03D126F53] - [13/05/2018 10:29:09] - |A| - [3588] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [12/04/2018 01:38:21] - |D| - [618972] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.96F08CF0944F924B72EBD17A0F0B0FC4] - [13/05/2018 10:29:10] - |A| - [2402] - C:\WINDOWS\System32\Tasks\Motorola Device Manager Initial Update : "C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe" [MD5.169DFD050F880A489CE209AF2C392B46] - [13/05/2018 10:29:10] - |A| - [2578] - C:\WINDOWS\System32\Tasks\Motorola Device Manager Update : "C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe" [MD5.9AE951381B66CF942A7108A12D4F353E] - [13/05/2018 10:29:10] - |A| - [2856] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-413593212-2328566316-2910965411-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.9882185C54BF3FA6DA85ECB923AE2A1D] - [13/05/2018 10:29:10] - |A| - [2938] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-413593212-2328566316-2910965411-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.4423239512BBCECA382BF29B083E09E9] - [13/05/2018 10:29:10] - |A| - [2302] - C:\WINDOWS\System32\Tasks\{75D11F96-4616-42A2-B3FB-59C97A956614} : C:\WINDOWS\system32\pcalua.exe [MD5.00000000000000000000000000000000] - [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "WiFiDirect-KM-Driver-In-TCP"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-TCP"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-UDP"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-UDP"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "DeliveryOptimization-TCP-In"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "Netlogon-NamedPipe-In"=v2.28|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.28|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Infra-In-TCP"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "{4FAE5895-03E4-4348-A95B-DE16DAE7C1BF}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=3D Builder|Desc=3D Builder|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-3995430443-3719053022-3339397951-2895237338-2437516106-1575886070-2755610054|EmbedCtxt=3D Builder|Platform=2:6:2|Platform2=GTEQ| "{EFCD6B40-9323-41E5-89D8-21D1D2CB2DDA}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=myCANAL|Desc=myCANAL|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-1632416125-1416647863-1840667290-1844223772-3805989583-3794928471-1784174128|EmbedCtxt=myCANAL|Platform=2:6:2|Platform2=GTEQ| "{B2A56B4A-081A-4569-A86E-797B4227685D}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=myCANAL|Desc=myCANAL|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-1632416125-1416647863-1840667290-1844223772-3805989583-3794928471-1784174128|EmbedCtxt=myCANAL|Platform=2:6:2|Platform2=GTEQ| "{7A22190B-B352-4A9A-82FF-0780E2BDA55A}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{CE6218F0-4F55-4EA0-BBF0-34D27CE49F54}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{A67BC578-1C4E-4DAC-B393-83D8571F946A}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{4C7EB3E7-1879-4367-8896-56893C614B66}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "UDP Query User{DEE13861-2068-409C-83F0-1AE8431CEA0A}C:\users\jul\downloads\liftoff\liftoff\liftoff\skidrowgamesreloaded.com\liftoff.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\jul\downloads\liftoff\liftoff\liftoff\skidrowgamesreloaded.com\liftoff.exe|Name=liftoff.exe|Desc=liftoff.exe| "TCP Query User{9BA75B2D-9077-4D03-BE40-150CE5759F25}C:\users\jul\downloads\liftoff\liftoff\liftoff\skidrowgamesreloaded.com\liftoff.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\jul\downloads\liftoff\liftoff\liftoff\skidrowgamesreloaded.com\liftoff.exe|Name=liftoff.exe|Desc=liftoff.exe| "{87111814-A750-4F7E-A25E-FC11200BB14B}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ| "{3628D906-E933-4A3F-8DA2-E7E8D9BCD4B0}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Repetier-Server\bin\RepetierServer.exe|Name=Repetier-Server| "{034336F5-CFEE-4E4B-8C68-129C428B9512}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Repetier-Server\bin\RepetierServer.exe|Name=Repetier-Server| "{751D8985-9585-4518-A4D3-C224C59BBF33}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Xerox Print Experience|Desc=Xerox Print Experience|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-1375605007-1101320117-3040504297-2038252773-852520260-593594363-4002695151|EmbedCtxt=Xerox Print Experience|Platform=2:6:2|Platform2=GTEQ| "{77AC3356-A609-4C19-B455-8EBBD600BCCE}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Xerox Print Experience|Desc=Xerox Print Experience|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-1375605007-1101320117-3040504297-2038252773-852520260-593594363-4002695151|EmbedCtxt=Xerox Print Experience|Platform=2:6:2|Platform2=GTEQ| "UDP Query User{DE9BF80D-897A-4088-B780-DD7728617327}C:\program files (x86)\arduino\java\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\arduino\java\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "TCP Query User{11EB1B05-C33B-4FAA-AE02-A9C79E7EFF6A}C:\program files (x86)\arduino\java\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\arduino\java\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=SonicWALL.MobileConnect|Desc=SonicWALL.MobileConnect|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL.MobileConnect|Platform=2:6:2|Platform2=GTEQ| "{560448D6-095C-4907-B046-AC7F710701A7}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=SonicWALL.MobileConnect|Desc=SonicWALL.MobileConnect|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL.MobileConnect|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{D6980480-941A-4DF6-AB81-3734ECD3D779}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=JuniperNetworks.JunosPulseVpn|Desc=JuniperNetworks.JunosPulseVpn|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=JuniperNetworks.JunosPulseVpn|Platform=2:6:2|Platform2=GTEQ| "{EC799E33-72BA-42D7-9127-DEFE68F9799D}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=JuniperNetworks.JunosPulseVpn|Desc=JuniperNetworks.JunosPulseVpn|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=JuniperNetworks.JunosPulseVpn|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{F64300AD-D559-4000-BD45-0997BCC8E70A}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=f5.vpn.client|Desc=f5.vpn.client|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=f5.vpn.client|Platform=2:6:2|Platform2=GTEQ| "{F77E5446-4378-4E99-8B7A-7061AAAEA193}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=f5.vpn.client|Desc=f5.vpn.client|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=f5.vpn.client|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=CheckPoint.VPN|Desc=CheckPoint.VPN|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=CheckPoint.VPN|Platform=2:6:2|Platform2=GTEQ| "{4282FE99-8560-4BC7-9576-5F3ED84E263F}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=CheckPoint.VPN|Desc=CheckPoint.VPN|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=CheckPoint.VPN|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{A35872E0-7D3D-4C59-8211-067A252F7C67}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-413593212-2328566316-2910965411-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{F4BDC0AC-5967-4670-B4F1-49DCEAA07571}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Users\jul\AppData\Roaming\uTorrent\uTorrent.exe|Name=¼Torrent (TCP-In)|Desc=Allow ¼Torrent network traffic with Edge Traversal|Edge=TRUE| "{6B91C7FC-AA54-4FE8-86C8-34C4B2D267D7}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Users\jul\AppData\Roaming\uTorrent\uTorrent.exe|Name=¼Torrent (UDP-In)|Desc=Allow ¼Torrent network traffic with Edge Traversal|Edge=TRUE| "TCP Query User{D2EC4006-B47C-4D81-9D6B-7E2D7D3A5D78}C:\program files (x86)\netgear genie\bin\netgeargenie.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\program files (x86)\netgear genie\bin\netgeargenie.exe|Name=NETGEAR Genie|Desc=NETGEAR Genie|Defer=User| "UDP Query User{89799DC5-588E-47E7-8A22-F8C8C5642323}C:\program files (x86)\netgear genie\bin\netgeargenie.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\program files (x86)\netgear genie\bin\netgeargenie.exe|Name=NETGEAR Genie|Desc=NETGEAR Genie|Defer=User| "{DCA7572F-6791-4A02-B3AA-C118A23ED490}"=v2.24|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-413593212-2328566316-2910965411-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{CA0FA0D1-4F25-4ADC-8660-A96C48548D89}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\TeamViewer\TeamViewer.exe|Name=Teamviewer Remote Control Application| "{F8D3673A-4E1F-42A6-B6B1-054CD8B75AF1}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\TeamViewer\TeamViewer.exe|Name=Teamviewer Remote Control Application| "{4ED87E02-9B8D-4466-9044-C43D7C93D34A}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe|Name=Teamviewer Remote Control Service| "{7D52C18A-BD1A-43FA-BBDD-85EEEF44125F}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe|Name=Teamviewer Remote Control Service| "{17A878A5-3EF3-4647-936A-2B3CA525466E}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files\GoPro\GoPro Desktop App\GoPro.exe|Name=GoPro Desktop App|Edge=TRUE| "{FB5A4989-EB82-4542-B25A-0E16EF230961}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe|Name=GoPro Messaging|Edge=TRUE| "{8242FF4D-48A3-42D4-BACE-069DB3A5FC69}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe|Name=GoPro ID Service|Edge=TRUE| "{88ED4D50-7A5A-4F11-AD02-ACD08DA2C4A3}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe|Name=GoPro Launcher|Edge=TRUE| "TCP Query User{AA9F4006-11E6-4CDA-87C0-2CC5F999E775}C:\program files (x86)\arduino\java\bin\javaw.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\arduino\java\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary| "UDP Query User{21F98B58-D3C2-4766-84C8-B045E4050F36}C:\program files (x86)\arduino\java\bin\javaw.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\arduino\java\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary| "{66E1274D-17A7-4C9C-9F6D-F467536173D6}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Sway|Desc=Sway|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ| "{699E628C-653E-4005-86B9-A31CCE124514}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Canon Inkjet Print Utility|Desc=Canon Inkjet Print Utility|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-115199243-2764431856-1086699609-1912897127-1214238601-531789971-2447004905|EmbedCtxt=Canon Inkjet Print Utility|Platform=2:6:2|Platform2=GTEQ| "{2E7F5644-2536-41CE-A9C3-E382A7879901}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Canon Inkjet Print Utility|Desc=Canon Inkjet Print Utility|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-115199243-2764431856-1086699609-1912897127-1214238601-531789971-2447004905|EmbedCtxt=Canon Inkjet Print Utility|Platform=2:6:2|Platform2=GTEQ| "{878A2832-9497-4FB1-AE94-DC6540A0BC2F}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{6586EE64-7E26-45E2-8ACF-27C43B1ED376}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Pay|Desc=Microsoft Pay|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Microsoft Pay|Platform=2:6:2|Platform2=GTEQ| "{274FA453-1C07-4273-9D77-C43504C797C4}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Win32WebViewHost|Desc=Win32WebViewHost|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-1310292540-1029022339-4008023048-2190398717-53961996-4257829345-603366646|EmbedCtxt=Win32WebViewHost|Platform=2:6:2|Platform2=GTEQ| "{762CF592-D53A-4103-A0DE-D8B84E33672F}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Win32WebViewHost|Desc=Win32WebViewHost|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-1310292540-1029022339-4008023048-2190398717-53961996-4257829345-603366646|EmbedCtxt=Win32WebViewHost|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{01EE127D-5400-4C56-9ADC-C8CF83C7D8AA}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Shell Input Application|Desc=Shell Input Application|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-3945102849-3632965805-3846928828-240845225-3300287824-62672950-817265009|EmbedCtxt=Shell Input Application|Platform=2:6:2|Platform2=GTEQ| "{76F925C1-1963-4BF8-ACF2-9017CD6EDD25}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox gaming overlay|Desc=Xbox gaming overlay|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-1714399563-1326177402-2048222277-143663168-2151391019-765408921-4098702777|EmbedCtxt=Xbox gaming overlay|Platform=2:6:2|Platform2=GTEQ| "{CCF95027-6EE1-43FC-AA42-98B42384F4CF}"=v2.28|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Squeezebox\server\SqueezeSvr.exe|Name=Logitech Media Server|Desc=Allow Logitech Media Server to accept inbound connections.| "{CA72AAB3-0A2E-46A8-BB5A-0935CD840BE3}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{18B3BF45-21D5-492F-BDBE-B8535A59D9EB}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "TCP Query User{663FEC94-7F9B-409E-977A-57174E915C7B}C:\programdata\squeezebox\cache\installedplugins\plugins\spotty\bin\mswin32-x86-multi-thread\spotty.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\programdata\squeezebox\cache\installedplugins\plugins\spotty\bin\mswin32-x86-multi-thread\spotty.exe|Name=spotty|Desc=spotty|Defer=User| "UDP Query User{2D8EC494-C3B7-471A-8859-0907B73C30F5}C:\programdata\squeezebox\cache\installedplugins\plugins\spotty\bin\mswin32-x86-multi-thread\spotty.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\programdata\squeezebox\cache\installedplugins\plugins\spotty\bin\mswin32-x86-multi-thread\spotty.exe|Name=spotty|Desc=spotty|Defer=User| "{B72A8CCD-5C05-4D5F-B19C-046894E9F36F}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{9631736E-2889-4474-8A98-6DAF53F1BCBA}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game bar|Desc=Xbox Game bar|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-1823635404-1364722122-2170562666-1762391777-2399050872-3465541734-3732476201|EmbedCtxt=Xbox Game bar|Platform=2:6:2|Platform2=GTEQ| "{5DFB42B3-92B6-481B-99A9-BBF1F6E3FE41}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4371-4379|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{F3EC7D7D-DB60-4751-99FB-67288DF843BE}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4381-4389|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{F66A2D03-694A-494E-B986-ABE19C24BF75}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{F030CB01-DB04-41AB-8D78-19EFA1340EA9}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{E0499A3D-8FB2-455F-904F-6F8096FD774B}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=57621|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{D5BC8454-C30E-4960-BF32-D3E737759222}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=57621-57631|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{468B0A81-867D-4186-806E-210FA40DB34A}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{FA062A5C-DD79-4A62-AD1E-4B0545BEDB7B}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{D6AD4603-AD38-409D-9E1C-D19FDAD566B9}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=4370|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{10AD47BF-D6C1-41DD-8EE9-DCBA431EE116}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=4380|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{66840056-8323-4ED8-BBD0-80204C02CD3C}"=v2.28|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe|Name=Dropbox| "{47A0DE47-B7F1-4595-8794-12BD95BEEB63}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Spotify Music|Desc=Spotify Music|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-557819504-3144503769-3460048582-2468406004-2969798954-3397036932-4166026031|EmbedCtxt=Spotify Music|Platform=2:6:2|Platform2=GTEQ| "{AA377A79-FD46-47CE-8C26-0622AA850723}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "{F6F61F6F-0536-449E-9E87-67E5416DBD80}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{AFE9A948-6715-48CB-8654-5E42505323D9}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{D07D9598-3B67-42AC-ABDB-2CE638F1D6CC}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=9 zip|Desc=9 zip|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-2126339086-631918405-3975621386-2146566617-729962014-4099843922-1407745213|EmbedCtxt=9 zip|Platform=2:6:2|Platform2=GTEQ| "{EC4CAC55-9263-48CC-A4E9-A56C55563D29}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=9 zip|Desc=9 zip|LUOwn=S-1-5-21-413593212-2328566316-2910965411-1001|AppPkgId=S-1-15-2-2126339086-631918405-3975621386-2146566617-729962014-4099843922-1407745213|EmbedCtxt=9 zip|Platform=2:6:2|Platform2=GTEQ| [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\Tinytag\Tinytag Explorer\aspen.exe"=C:\Program Files (x86)\Tinytag\Tinytag Explorer\aspen.exe:*:Enabled:Tinytag Explorer "C:\Program Files (x86)\Tinytag\Tinytag Explorer\kola.exe"=C:\Program Files (x86)\Tinytag\Tinytag Explorer\kola.exe:LocalSubNet:Enabled:Tinytag Explorer Radio Gateway [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\domainprofile\authorizedapplications\list] "C:\Program Files (x86)\Tinytag\Tinytag Explorer\aspen.exe"=C:\Program Files (x86)\Tinytag\Tinytag Explorer\aspen.exe:*:Enabled:Tinytag Explorer "C:\Program Files (x86)\Tinytag\Tinytag Explorer\kola.exe"=C:\Program Files (x86)\Tinytag\Tinytag Explorer\kola.exe:LocalSubNet:Enabled:Tinytag Explorer Radio Gateway ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{146bf252-9f25-4209-a6dd-c45a1180abc4}] : (AndroidUsbDeviceClass) [] -> @oem56.inf,%ClassName%;Android Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3f966bd9-fa04-4ec5-991c-d326973b5128}] : (AndroidUsbDeviceClass) [] -> @oem29.inf,%ClassName%;SAMSUNG Android Phone [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{78a1c341-4539-11d3-b88d-00c04fad5171}] : (Universal Serial Bus devices) [] -> @oem16.inf,%ClassName%;Universal Serial Bus devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8a2edc79-c759-46f2-88af-9d4efe3b5eee}] : (UoIP BUS Driver) [] -> @oem45.inf,%ClassName%;Intel WiUSB [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b2728d24-ac56-42db-9e02-8edaf5db652f}] : (RDCamera) [] -> @rdcameradriver.inf,%ClassName%;Remote Desktop Camera devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d2de069d-7286-420b-baf8-225d700ce748}] : (Bluetooth Device) [] -> @oem31.inf,%BtPCIeDevClassName%;Bluetooth Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{dad27e18-2598-4484-98b0-5dba8e007f6a}] : (AMPPAL) [] -> @oem30.inf,%ClassName%;Périphériques Intel® Centrino® Wireless Bluetooth® + High Speed [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e6f1aa1c-7f3b-4473-b2e8-c97d8ac71d53}] : (UCM) [] -> @c_ucm.inf,%ClassDesc%;USB Connector Managers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eb781aaf-9c70-4523-a5df-642a87eca567}] : (libusb-win32 devices) [] -> libusb-win32 devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f72fe0d4-cbcb-407d-8814-9ed673d0dd6b}] : (USB) [] -> @oem44.inf,%ClassName%;ADB Interface [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{FC34DBA0-E36F-425D-9A28-ADDE5467D4D7}] : (sptd2) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{feb8d079-0681-11d4-9531-0060089abc08}] : (MOTUSB) [] -> @oem42.inf,%MotDev.ClassName%;Motorola USB Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ff5262c8-9032-4b05-92cf-9f53044592a6}] : (Biometric) [] -> @oem7.inf,%ClassName%;Biometric [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [31/01/2016 21:23:34] - (2.8.0.0) - (Duplex Secure Ltd - SCSI Pass Through Direct Driver) - C:\WINDOWS\System32\Drivers\sptd2.sys [21/08/2012 17:49:00] - (5.0.1.12) - (Hewlett-Packard Company - HP Disk Filter - SATA/RAID) - C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [02/02/2018 13:01:50] - (2.1.3.1) - (HP - HP Wireless Button Driver) - C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [12/04/2018 01:33:48] - (5.0.57.0) - (MediaTek Inc. - MediaTek 802.11 Wireless Adapter Driver) - C:\WINDOWS\System32\drivers\netr28x.sys [03/06/2015 02:27:02] - (2.9.30.0) - (Ralink Technology, Corp. - Ralink Bluetooth Adapter) - C:\WINDOWS\System32\drivers\rtbth.sys [19/08/2017 02:01:12] - (19.0.19.63) - (Synaptics Incorporated - Synaptics Touchpad Win64 Driver) - C:\WINDOWS\system32\DRIVERS\SynTP.sys [17/07/2012 00:39:22] - (15.5.0.14) - (Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter) - C:\WINDOWS\System32\drivers\AMPPAL.sys [23/04/2015 23:25:06] - (6.10.6435.0) - (IDT, Inc. - IDT PC Audio) - C:\WINDOWS\system32\DRIVERS\stwrt64.sys [21/08/2012 17:48:00] - (5.0.0.2) - (Hewlett-Packard Company - HP Accelerometer) - C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [15/07/2015 23:35:26] - (6.0.1114.4) - (Sonix Tech. Co., Ltd. - UVC Camera Streaming Driver) - C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [17/08/2015 13:23:01] - (4.1.0.2001) - (CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver) - C:\Windows\system32\drivers\npf.sys [24/04/2015 00:28:28] - (1.0.72.4) - (JMicron Technology Corporation - JMicron PCIe Flash Media Controller Driver) - C:\WINDOWS\System32\drivers\jmcr.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - bttflt (@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter) -> System32\drivers\bttflt.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - cht4iscsi () -> System32\drivers\cht4sx64.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - hpdskflt (@oem33.inf,%service_desc%;HP Filter) -> system32\DRIVERS\hpdskflt.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - iaStorA () -> System32\drivers\iaStorA.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - iaStorAVC (@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller) -> System32\drivers\iaStorAVC.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-101) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - ItSas35i () -> System32\drivers\ItSas35i.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - lxss (@%SystemRoot%\system32\drivers\lxss.sys,-100) -> system32\drivers\lxss.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas35i () -> System32\drivers\megasas35i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - MsSecFlt (@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001) -> system32\drivers\mssecflt.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;PCI Bus Driver) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> system32\DRIVERS\ramdisk.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - SgrmAgent (@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001) -> system32\drivers\SgrmAgent.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - sptd2 (sptd2) -> System32\Drivers\sptd2.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - VMSNPXY (VmSwitch NIC Proxy Driver) -> system32\drivers\VmsProxyHNic.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - VmsProxy (VmSwitch Proxy Driver) -> system32\drivers\VmsProxy.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> system32\drivers\wd\WdBoot.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> system32\drivers\wd\WdFilter.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - afunix (afunix) -> \SystemRoot\system32\drivers\afunix.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - bam (@%SystemRoot%\system32\drivers\bam.sys,-100) -> system32\drivers\bam.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - CSC (@%systemroot%\system32\cscsvc.dll,-202) -> system32\drivers\csc.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> system32\drivers\cldflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - NPF (NetGroup Packet Filter Driver) -> \??\C:\Windows\system32\drivers\npf.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - VMSP (VmSwitch Protocol Driver) -> System32\drivers\vmswitch.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\573339af-d9e1-5dd3-804c-e0162fac1f41] : (Etcher 1.4.4 (only current user).-.Resin Inc.) -> "C:\Users\jul\AppData\Local\Programs\etcher\Uninstall Etcher.exe" /currentuser [HKU\S-1-5-21-413593212-2328566316-2910965411-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Dexpot] : (Dexpot.-.Dexpot GbR) -> "C:\Program Files (x86)\Dexpot\uninstall.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\FreeCAD 0.16] : (FreeCAD 0.16 - A free open source CAD system.-.Juergen Riegel) -> "C:\Program Files\FreeCAD 0.16\uninstall.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\FreeCAD 0.17] : (FreeCAD 0.17 - A free open source CAD system.-.Juergen Riegel) -> "C:\Program Files\FreeCAD 0.17\uninstall.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\GIMP-2_is1] : (GIMP 2.8.18.-.The GIMP Team) -> "C:\Program Files\GIMP 2\uninst\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Simplify3D Software 4.0.0] : (Simplify3D Software.-.Simplify3D) -> C:\Program Files\Simplify3D-4.0.0\uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1143F758-929B-4EEB-8784-46CCB622F037}_is1] : (Repetier-Host version 2.0.1.-.repetier) -> "C:\Program Files\Repetier-Host\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1E92618C-EB66-4C4C-9F45-93EC6EF53273}] : (GoPro.-.GoPro, Inc.) -> MsiExec.exe /X{1E92618C-EB66-4C4C-9F45-93EC6EF53273} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}] : (Motorola Mobile Drivers Installation 6.4.0.-.Motorola Mobility LLC) -> MsiExec.exe /X{27986EDD-C9EC-4B52-B92F-06D073F0AA52} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{45324571-83B7-307A-6114-DAE65A50DC8E}] : (AMD Catalyst Install Manager.-.Advanced Micro Devices, Inc.) -> msiexec /q/x{45324571-83B7-307A-6114-DAE65A50DC8E} REBOOT=ReallySuppress [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{47A0EA10-D506-4473-AE99-5E07DD1062DE}] : (Blender.-.Blender Foundation) -> MsiExec.exe /I{47A0EA10-D506-4473-AE99-5E07DD1062DE} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{503F672D-6C84-448A-8F8F-4BC35AC83441}] : (AMD APP SDK Runtime.-.Advanced Micro Devices Inc.) -> MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{57BD2921-F020-459A-8D55-6E3497B29BCE}] : (HP 3D DriveGuard.-.Hewlett-Packard Company) -> MsiExec.exe /X{57BD2921-F020-459A-8D55-6E3497B29BCE} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{68413D4F-C3C9-4B6F-9B39-AC7444C8C05C}] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7010885D-3378-4C9B-B330-88271728EDE5}] : (VFW_Codec64.-.GoPro, Inc.) -> MsiExec.exe /I{7010885D-3378-4C9B-B330-88271728EDE5} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}] : (Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology.-.Motorola Solutions, Inc) -> MsiExec.exe /X{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{99FDAE3B-6905-45A6-8F73-595363AAD3D1}] : (Logiciel Intel® PROSet/Wireless WiFi.-.Intel Corporation) -> MsiExec.exe /I{99FDAE3B-6905-45A6-8F73-595363AAD3D1} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}] : (Validity Fingerprint Sensor Driver.-.Validity Sensors, Inc.) -> MsiExec.exe /X{ADAA7361-54B8-4FC8-804E-94EC6C11ED68} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D9EF644E-2FAE-493B-8180-5617CC774C4F}] : (Google Earth Pro.-.Google) -> MsiExec.exe /I{D9EF644E-2FAE-493B-8180-5617CC774C4F} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{ED818A3C-3DF5-CDCF-3DB2-A646D7B31A16}] : (Ralink Bluetooth Stack64.-.Ralink Corporation) -> MsiExec.exe /X{ED818A3C-3DF5-CDCF-3DB2-A646D7B31A16} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F10AAD91-58DF-44EC-A647-810197141667}] : (paint.net.-.dotPDN LLC) -> MsiExec.exe /X{F10AAD91-58DF-44EC-A647-810197141667} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{FA00A3CC-7440-4938-A271-F186F50DD40D}] : (Intel® Trusted Connect Service Client.-.Intel Corporation) -> MsiExec.exe /I{FA00A3CC-7440-4938-A271-F186F50DD40D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Betaflight Configurator] : (Betaflight Configurator.-.The Betaflight open source project.) -> "C:\Program Files (x86)\Betaflight\Betaflight-Configurator\uninstall-betaflight-configurator.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\clrmamepro] : (clrmamepro.-.Roman Scherzer) -> C:\Program Files\clrmamepro\uninstall.exe ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Etcher] : (Etcher.-.Resin.io) -> C:\Program Files (x86)\Etcher\Uninstall Etcher.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\KiCad] : (KiCad 4.0.0_rc2.-.) -> C:\Program Files\KiCad\uninstaller.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Logitech Media Server_is1] : (Logitech Media Server 7.7.6.-.Logitech) -> "C:\Program Files (x86)\Squeezebox\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\OpenTX Companion 2.2] : (OpenTX Companion 2.2.-.OpenTX) -> "C:\Program Files (x86)\OpenTX\Companion 2.2\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Repetier-Server] : (Repetier-Server.-.Hot-World GmbH & Co. KG) -> C:\Program Files (x86)\Repetier-Server\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Superior_is1] : (Superior v5.7.0.-.) -> "c:\Prog\Superior\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\u-center_v8.29] : (u-center_v8.29.-.u-blox) -> C:\Program Files (x86)\u-blox\u-center_v8.29\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{099218A5-A723-43DC-8DB5-6173656A1E94}] : (Dropbox Update Helper.-.Dropbox, Inc.) -> MsiExec.exe /I{099218A5-A723-43DC-8DB5-6173656A1E94} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{155C4F2E-7381-4B80-B258-FD0600C9C46B}] : (OpenOffice 4.1.5.-.Apache Software Foundation) -> MsiExec.exe /I{155C4F2E-7381-4B80-B258-FD0600C9C46B} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{179324FF-7B16-4BA8-9836-055CAAEE4F08}] : (SDFormatter.-.SD Association) -> MsiExec.exe /X{179324FF-7B16-4BA8-9836-055CAAEE4F08} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1A295C25-6E02-49FB-826B-F0D2C56FFA4E}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{262EA371-9974-4200-9EAF-360330514FAA}] : (Schneider Electric Software Update.-.Schneider Electric) -> MsiExec.exe /X{262EA371-9974-4200-9EAF-360330514FAA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F32180171F0}] : (Java 8 Update 171.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F32180171F0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2F8A00FC-1F12-44B2-AA37-F9A358EDC161}] : (HP ESU for Microsoft Windows 8.-.Hewlett-Packard Company) -> MsiExec.exe /X{2F8A00FC-1F12-44B2-AA37-F9A358EDC161} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}] : (HP Wireless Button Driver.-.Hewlett-Packard Company) -> MsiExec.exe /X{30B2D1D8-0A07-4B71-9553-0710C5D31E35} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4275850F-4E2E-4F60-9E73-8BD8F70891D3}] : (VFW_Codec32.-.GoPro, Inc.) -> MsiExec.exe /I{4275850F-4E2E-4F60-9E73-8BD8F70891D3} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{884CF059-9A11-4DF7-A2A7-17EFE90B9278}] : (Graphviz.-.AT&T Research Labs.) -> MsiExec.exe /I{884CF059-9A11-4DF7-A2A7-17EFE90B9278} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}] : (Motorola Device Software Update.-.Motorola Mobility) -> MsiExec.exe /I{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{98D5A5FA-1AA3-4CBE-B26C-A737E20F8A6D}] : (HP Software Framework.-.Hewlett-Packard Company) -> MsiExec.exe /X{98D5A5FA-1AA3-4CBE-B26C-A737E20F8A6D} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{99502BF0-655A-425D-8754-9EEC557D3D73}] : (GoPro Studio.-.GoPro, Inc.) -> MsiExec.exe /X{99502BF0-655A-425D-8754-9EEC557D3D73} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A9088865-5AB9-4E37-A82F-CB264E0B5415}] : (HP System Default Settings.-.Hewlett-Packard Company) -> MsiExec.exe /X{A9088865-5AB9-4E37-A82F-CB264E0B5415} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824161310}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824166751}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824184103}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824191728}] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824265200}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824265200} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}] : (Adobe Acrobat Reader DC - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AC0F074E4100} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B9494F9E-5EA9-4C70-9F38-659F5E6C0BF3}] : (HP Quick Start.-.Hewlett-Packard) -> MsiExec.exe /X{B9494F9E-5EA9-4C70-9F38-659F5E6C0BF3} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C2DACCBC-8031-4DCE-AB58-242C78EE7AB4}] : (Tinytag Explorer 4.9.-.Gemini Data Loggers) -> MsiExec.exe /I{C2DACCBC-8031-4DCE-AB58-242C78EE7AB4} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C97CC14E-4789-4FC5-BC75-79191F7CE009}] : (HP Hotkey Support.-.Hewlett-Packard Company) -> MsiExec.exe /X{C97CC14E-4789-4FC5-BC75-79191F7CE009} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E439FC46-6AA8-4919-A399-A8981893CC97}] : (TTSAutomate.-.CaffeineAU) -> MsiExec.exe /I{E439FC46-6AA8-4919-A399-A8981893CC97} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F521FF84-E690-40CF-977C-4103A4D8E5D0}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FD85BB37-D0AD-4684-B052-4CE9DF72455A}] : (.-.) -> ---------- | Ports [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "9000:TCP"=9000:TCP:*:Enabled:Logitech Media Server 9000 tcp (UI) "9001:TCP"=9001:TCP:*:Enabled:Logitech Media Server 9001 tcp (UI) "9002:TCP"=9002:TCP:*:Enabled:Logitech Media Server 9002 tcp (UI) "9003:TCP"=9003:TCP:*:Enabled:Logitech Media Server 9003 tcp (UI) "9004:TCP"=9004:TCP:*:Enabled:Logitech Media Server 9004 tcp (UI) "9005:TCP"=9005:TCP:*:Enabled:Logitech Media Server 9005 tcp (UI) "9006:TCP"=9006:TCP:*:Enabled:Logitech Media Server 9006 tcp (UI) "9007:TCP"=9007:TCP:*:Enabled:Logitech Media Server 9007 tcp (UI) "9008:TCP"=9008:TCP:*:Enabled:Logitech Media Server 9008 tcp (UI) "9009:TCP"=9009:TCP:*:Enabled:Logitech Media Server 9009 tcp (UI) "9010:TCP"=9010:TCP:*:Enabled:Logitech Media Server 9010 tcp (UI) "9100:TCP"=9100:TCP:*:Enabled:Logitech Media Server 9100 tcp (UI) "8000:TCP"=8000:TCP:*:Enabled:Logitech Media Server 8000 tcp (UI) "10000:TCP"=10000:TCP:*:Enabled:Logitech Media Server 10000 tcp (UI) "9090:TCP"=9090:TCP:*:Enabled:Logitech Media Server 9090 tcp (UI) "3483:UDP"=3483:UDP:*:Enabled:Logitech Media Server 3483 udp "3483:TCP"=3483:TCP:*:Enabled:Logitech Media Server 3483 tcp [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\domainprofile\GloballyOpenPorts\List] "9000:TCP"=9000:TCP:*:Enabled:Logitech Media Server 9000 tcp (UI) "9001:TCP"=9001:TCP:*:Enabled:Logitech Media Server 9001 tcp (UI) "9002:TCP"=9002:TCP:*:Enabled:Logitech Media Server 9002 tcp (UI) "9003:TCP"=9003:TCP:*:Enabled:Logitech Media Server 9003 tcp (UI) "9004:TCP"=9004:TCP:*:Enabled:Logitech Media Server 9004 tcp (UI) "9005:TCP"=9005:TCP:*:Enabled:Logitech Media Server 9005 tcp (UI) "9006:TCP"=9006:TCP:*:Enabled:Logitech Media Server 9006 tcp (UI) "9007:TCP"=9007:TCP:*:Enabled:Logitech Media Server 9007 tcp (UI) "9008:TCP"=9008:TCP:*:Enabled:Logitech Media Server 9008 tcp (UI) "9009:TCP"=9009:TCP:*:Enabled:Logitech Media Server 9009 tcp (UI) "9010:TCP"=9010:TCP:*:Enabled:Logitech Media Server 9010 tcp (UI) "9100:TCP"=9100:TCP:*:Enabled:Logitech Media Server 9100 tcp (UI) "8000:TCP"=8000:TCP:*:Enabled:Logitech Media Server 8000 tcp (UI) "10000:TCP"=10000:TCP:*:Enabled:Logitech Media Server 10000 tcp (UI) "9090:TCP"=9090:TCP:*:Enabled:Logitech Media Server 9090 tcp (UI) "3483:UDP"=3483:UDP:*:Enabled:Logitech Media Server 3483 udp "3483:TCP"=3483:TCP:*:Enabled:Logitech Media Server 3483 tcp ---------- | Installer [HKCR\Installer\Products\0FB20599A556D5247845E9CE55D7D337] : GoPro Studio -> C:\WINDOWS\Installer\{99502BF0-655A-425D-8754-9EEC557D3D73}\AppIcon.exe [HKCR\Installer\Products\1292DB75020FA954D855E643792BB9EC] : HP 3D DriveGuard -> C:\Windows\Installer\{57BD2921-F020-459A-8D55-6E3497B29BCE}\controlPanelIcon.exe [HKCR\Installer\Products\13C874988EC5A1640948A9A00F958FF4] : Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed -> C:\Windows\Installer\{89478C31-5CE8-461A-9084-9A0AF059F84F}\IntelBluetoothICO [HKCR\Installer\Products\1637AADA8B458CF408E449CEC611DE86] : Validity Fingerprint Sensor Driver -> C:\Windows\Installer\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}\ValidityLogo.ico [HKCR\Installer\Products\173AE26247990024E9FA63300315F4AA] : Schneider Electric Software Update -> C:\WINDOWS\Installer\{262EA371-9974-4200-9EAF-360330514FAA}\ARPProductIcon.ico [HKCR\Installer\Products\175423547B38A7031641AD6EA505CDE8] : AMD Catalyst Install Manager -> C:\Windows\Installer\{45324571-83B7-307A-6114-DAE65A50DC8E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\19DAA01FFD85CE446A74181079416176] : paint.net -> C:\WINDOWS\Installer\{F10AAD91-58DF-44EC-A647-810197141667}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\1DD3F5240B3BC2E498E095AA2DCEEED5] : [HKCR\Installer\Products\1F764691F11C67F458B88521DA8CB349] : MSXML 4.0 SP3 Parser [HKCR\Installer\Products\22AA45870F2A92F42A9E0D5C2A6B587E] : Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology -> C:\Windows\Installer\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}\IntelBluetoothICO [HKCR\Installer\Products\3C29A53407D22EC40972BC8CAE0625CF] : [HKCR\Installer\Products\4EA42A62D9304AC4784BF2238110170F] : Java 8 Update 171 -> C:\Program Files (x86)\Java\jre1.8.0_171\\bin\javaws.exe [HKCR\Installer\Products\5688809A9BA573E48AF2BC62E4B04551] : HP System Default Settings -> C:\Windows\Installer\{A9088865-5AB9-4E37-A82F-CB264E0B5415}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5A812990327ACD34D85B163756A6E149] : Dropbox Update Helper [HKCR\Installer\Products\68AB67CA408033019195008142622500] : Adobe Refresh Manager -> C:\WINDOWS\Installer\{AC76BA86-0804-1033-1959-001824265200}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA76301B744CAF070E41400] : Adobe Acrobat Reader DC - Français -> C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico [HKCR\Installer\Products\8D1D2B0370A017B4593570015C3DE153] : HP Wireless Button Driver -> C:\Windows\Installer\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}\ARPPRODUCTICON.exe [HKCR\Installer\Products\950FC48811A97FD42A7A71FE9EB02987] : Graphviz [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A4DCCF5E9161BA84BA730E6A87DFF31F] : [HKCR\Installer\Products\AC3BA730042A70C45B8EB17E156A8AB7] : [HKCR\Installer\Products\AF5A5D893AA1EBC42BC67A732EF0A8D6] : HP Software Framework -> C:\Windows\Installer\{98D5A5FA-1AA3-4CBE-B26C-A737E20F8A6D}\app_1.exe [HKCR\Installer\Products\B031D0CA9088521418F16687399B6044] : Update for Windows 10 for x64-based Systems (KB4023057) [HKCR\Installer\Products\B3EADF9950966A54F837953536AA3D1D] : Logiciel Intel® PROSet/Wireless WiFi -> C:\Windows\Installer\{99FDAE3B-6905-45A6-8F73-595363AAD3D1}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C3A818DE5FD3FCDCD32B6A647D3BA161] : Ralink Bluetooth Stack64 -> C:\Windows\Installer\{ED818A3C-3DF5-CDCF-3DB2-A646D7B31A16}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C81629E166BEC4C4F95439CEE65F2337] : GoPro -> C:\WINDOWS\Installer\{1E92618C-EB66-4C4C-9F45-93EC6EF53273}\AppIcon.exe [HKCR\Installer\Products\CA161E091FE633F4B90B940B86082EB0] : [HKCR\Installer\Products\CBCCAD2C1308ECD4BA8542C287EEA74B] : Tinytag Explorer 4.9 [HKCR\Installer\Products\CC3A00AF044783942A171F685FD04DD0] : Intel® Trusted Connect Service Client [HKCR\Installer\Products\D276F30548C6A844F8F8B43CA58C4314] : AMD APP SDK Runtime -> C:\Windows\Installer\{503F672D-6C84-448A-8F8F-4BC35AC83441}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D38BA498FA9A45E4FB3F7A62A2A0C631] : Motorola Device Software Update -> C:\WINDOWS\Installer\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\D58801078733B9C43B0388727182DE5E] : VFW_Codec64 [HKCR\Installer\Products\DDE68972CE9C25B49BF2600D370FAA25] : Motorola Mobile Drivers Installation 6.4.0 -> C:\WINDOWS\Installer\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\E2F4C551183708B42B85DF60009C4CB6] : OpenOffice 4.1.5 -> C:\WINDOWS\Installer\{155C4F2E-7381-4B80-B258-FD0600C9C46B}\soffice.ico [HKCR\Installer\Products\E41CC79C98745CF4CB579791F1C70E90] : HP Hotkey Support -> C:\Windows\Installer\{C97CC14E-4789-4FC5-BC75-79191F7CE009}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E446FE9DEAF2B39418086571CC77C4F4] : Google Earth Pro -> C:\WINDOWS\Installer\{D9EF644E-2FAE-493B-8180-5617CC774C4F}\MainIcon.ico [HKCR\Installer\Products\E9F4949B9AE507C4F98356F9E5C6B03F] : HP Quick Start -> C:\Windows\Installer\{B9494F9E-5EA9-4C70-9F38-659F5E6C0BF3}\HPQuickLaunchIcon [HKCR\Installer\Products\F0585724E2E406F4E937B88D7F80193D] : VFW_Codec32 [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\FF42397161B78AB4896350C5AAEEF480] : SDFormatter -> C:\Windows\Installer\{179324FF-7B16-4BA8-9836-055CAAEE4F08}\ARPPRODUCTICON.exe ---------- | ADS ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Le programme firefox.exe version 60.0.1.6710 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance. ID de processus : 3550 Heure de début : 01d3fa5f0ece5ae6 Heure de fin : 4294967295 Chemin d'accès de l'application : C:\Program Files\Mozilla Firefox\firefox.exe ID de rapport : cfa410ad-4ad6-4ffa-a0f5-37db4cf3606e Nom complet du package défaillant : ID de l'application relative au package défaillant : ------------ Windows ne peut pas accéder au fichier pour une des raisons suivantes : un problème s est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les pilotes de stockage installés sur cet ordinateur, ou le disque est manquant. Windows a fermé le programme spotty.exe en raison de cette erreur. Programme : spotty.exe Fichier : La valeur de l erreur est affichée dans la section Données supplémentaires. Action utilisateur 1. Ouvrez à nouveau le fichier. Cette situation peut résulter d un problème temporaire qui se corrigera de lui-même à la prochaine exécution du programme. 2. Si le fichier est toujours inaccessible et - Il se trouve sur le réseau : votre administrateur réseau devrait vérifier qu il n y a aucun problème avec le réseau et que le serveur peut être contacté. - Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l ordinateur. 3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l invite de commandes, entrez CHKDSK /F et appuyez sur Entrée. 4. Si le problème persiste, restaurez le fichier à partir d une copie de sauvegarde. 5. Déterminez si d autres fichiers du même disque peuvent être ouverts. Si ce n est pas le cas, le disque est peut-être endommagé. S il s agit d un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur pour obtenir une assistance supplémentaire. Données supplémentaires Valeur de l erreur : 00000000 Type du disque : 0 ------------ Nom de l application défaillante spotty.exe, version : 0.0.0.0, horodatage : 0x5aff361f Nom du module défaillant : spotty.exe, version : 0.0.0.0, horodatage : 0x5aff361f Code d exception : 0xc000001d Décalage d erreur : 0x0029ac0d ID du processus défaillant : 0x36b4 Heure de début de l application défaillante : 0x01d3f7e053461f07 Chemin d accès de l application défaillante : C:\PROGRA~3\SQUEEZ~1\Cache\INSTAL~1\Plugins\Spotty\Bin\MSWIN3~1\spotty.exe Chemin d accès du module défaillant: C:\PROGRA~3\SQUEEZ~1\Cache\INSTAL~1\Plugins\Spotty\Bin\MSWIN3~1\spotty.exe ID de rapport : 592b55d9-2a9b-4ac3-a5f6-7cea9d117f3e Nom complet du package défaillant : ID de l application relative au package défaillant : ------------ Windows ne peut pas accéder au fichier pour une des raisons suivantes : un problème s est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les pilotes de stockage installés sur cet ordinateur, ou le disque est manquant. Windows a fermé le programme spotty.exe en raison de cette erreur. Programme : spotty.exe Fichier : La valeur de l erreur est affichée dans la section Données supplémentaires. Action utilisateur 1. Ouvrez à nouveau le fichier. Cette situation peut résulter d un problème temporaire qui se corrigera de lui-même à la prochaine exécution du programme. 2. Si le fichier est toujours inaccessible et - Il se trouve sur le réseau : votre administrateur réseau devrait vérifier qu il n y a aucun problème avec le réseau et que le serveur peut être contacté. - Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l ordinateur. 3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l invite de commandes, entrez CHKDSK /F et appuyez sur Entrée. 4. Si le problème persiste, restaurez le fichier à partir d une copie de sauvegarde. 5. Déterminez si d autres fichiers du même disque peuvent être ouverts. Si ce n est pas le cas, le disque est peut-être endommagé. S il s agit d un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur pour obtenir une assistance supplémentaire. Données supplémentaires Valeur de l erreur : 00000000 Type du disque : 0 ------------ Nom de l application défaillante spotty.exe, version : 0.0.0.0, horodatage : 0x5aff361f Nom du module défaillant : spotty.exe, version : 0.0.0.0, horodatage : 0x5aff361f Code d exception : 0xc000001d Décalage d erreur : 0x0029ac0d ID du processus défaillant : 0x1494 Heure de début de l application défaillante : 0x01d3f6d3f993f19b Chemin d accès de l application défaillante : C:\ProgramData\Squeezebox\Cache\InstalledPlugins\Plugins\Spotty\Bin\MSWin32-x86-multi-thread\spotty.exe Chemin d accès du module défaillant: C:\ProgramData\Squeezebox\Cache\InstalledPlugins\Plugins\Spotty\Bin\MSWin32-x86-multi-thread\spotty.exe ID de rapport : a9018e92-db99-4fd9-9a22-3de2bd12d38c Nom complet du package défaillant : ID de l application relative au package défaillant : ------------ Nom de l application défaillante TiWorker.exe, version : 10.0.17134.1, horodatage : 0xa47a93f3 Nom du module défaillant : wcp.dll, version : 10.0.17134.1, horodatage : 0x572e28df Code d exception : 0xc0000005 Décalage d erreur : 0x00000000001862ae ID du processus défaillant : 0x1c18 Heure de début de l application défaillante : 0x01d3f6b3d2f3f596 Chemin d accès de l application défaillante : C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.1_none_eedfeda03074e04e\TiWorker.exe Chemin d accès du module défaillant: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.1_none_eedfeda03074e04e\wcp.dll ID de rapport : 6c27ed06-f39e-4334-bab1-14f76b3ef9e1 Nom complet du package défaillant : ID de l application relative au package défaillant : ------------ Nom de l application défaillante squeezeboxcp.exe, version : 29413.0.0.0, horodatage : 0x4e209e9f Nom du module défaillant : Wx.dll_unloaded, version : 0.0.0.0, horodatage : 0x516c5dcb Code d exception : 0xc0000005 Décalage d erreur : 0x00067cc0 ID du processus défaillant : 0x2ad4 Heure de début de l application défaillante : 0x01d3f5da0a5aeb18 Chemin d accès de l application défaillante : C:\Program Files (x86)\Squeezebox\server\squeezeboxcp.exe Chemin d accès du module défaillant: Wx.dll ID de rapport : 0e45efec-0c22-4969-996f-f6815ba892df Nom complet du package défaillant : ID de l application relative au package défaillant : ------------ Nom de l application défaillante squeezeboxcp.exe, version : 29413.0.0.0, horodatage : 0x4e209e9f Nom du module défaillant : Wx.dll_unloaded, version : 0.0.0.0, horodatage : 0x516c5dcb Code d exception : 0xc0000005 Décalage d erreur : 0x00067cc0 ID du processus défaillant : 0x4a4 Heure de début de l application défaillante : 0x01d3f5d9e6d47b40 Chemin d accès de l application défaillante : C:\Program Files (x86)\Squeezebox\server\squeezeboxcp.exe Chemin d accès du module défaillant: Wx.dll ID de rapport : 6cd9411e-52e3-4fc7-bcc6-f77057c89fd1 Nom complet du package défaillant : ID de l application relative au package défaillant : ------------ Nom de l application défaillante squeezeboxcp.exe, version : 29413.0.0.0, horodatage : 0x4e209e9f Nom du module défaillant : Wx.dll_unloaded, version : 0.0.0.0, horodatage : 0x516c5dcb Code d exception : 0xc0000005 Décalage d erreur : 0x00067cc0 ID du processus défaillant : 0xd44 Heure de début de l application défaillante : 0x01d3f53f65f9f57d Chemin d accès de l application défaillante : C:\Program Files (x86)\Squeezebox\server\squeezeboxcp.exe Chemin d accès du module défaillant: Wx.dll ID de rapport : ca18cf4f-09f5-4517-88ab-74dfb60af63b Nom complet du package défaillant : ID de l application relative au package défaillant : ------------ Le marshaleur standard COM n'est pas parvenu à corriger la différence entre l'IID {618736E0-3C3D-11CF-810C-00AA00389B71} fourni par le serveur et l'IID {00020400-0000-0000-C000-000000000046} demandé par le client, avec le gestionnaire CLSID {00000000-0003-0000-0000-000010010000}. Le code d'erreur était 0x80010114. ------------ Nom de l application défaillante squeezeboxcp.exe, version : 29413.0.0.0, horodatage : 0x4e209e9f Nom du module défaillant : Wx.dll_unloaded, version : 0.0.0.0, horodatage : 0x516c5dcb Code d exception : 0xc0000005 Décalage d erreur : 0x00067cc0 ID du processus défaillant : 0x2e98 Heure de début de l application défaillante : 0x01d3f39e722b4adb Chemin d accès de l application défaillante : C:\Program Files (x86)\Squeezebox\server\squeezeboxcp.exe Chemin d accès du module défaillant: Wx.dll ID de rapport : a8ba4643-ce9c-4127-9834-3650c74d950a Nom complet du package défaillant : ID de l application relative au package défaillant : ------------ Nom de l application défaillante squeezeboxcp.exe, version : 29413.0.0.0, horodatage : 0x4e209e9f Nom du module défaillant : Wx.dll_unloaded, version : 0.0.0.0, horodatage : 0x516c5dcb Code d exception : 0xc0000005 Décalage d erreur : 0x00067cc0 ID du processus défaillant : 0x2cb4 Heure de début de l application défaillante : 0x01d3f39e2c1655c4 Chemin d accès de l application défaillante : C:\Program Files (x86)\Squeezebox\server\squeezeboxcp.exe Chemin d accès du module défaillant: Wx.dll ID de rapport : 5dd4e9d7-387f-4b5b-ad18-fd973cba0c96 Nom complet du package défaillant : ID de l application relative au package défaillant : ------------ Nom de l application défaillante squeezeboxcp.exe, version : 29413.0.0.0, horodatage : 0x4e209e9f Nom du module défaillant : Wx.dll_unloaded, version : 0.0.0.0, horodatage : 0x516c5dcb Code d exception : 0xc0000005 Décalage d erreur : 0x00067cc0 ID du processus défaillant : 0xa0c Heure de début de l application défaillante : 0x01d3f39d724f268a Chemin d accès de l application défaillante : C:\Program Files (x86)\Squeezebox\server\squeezeboxcp.exe Chemin d accès du module défaillant: Wx.dll ID de rapport : 7741c0e8-2cc4-451f-a94a-8081bcae1a99 Nom complet du package défaillant : ID de l application relative au package défaillant : ------------ Nom de l application défaillante squeezeboxcp.exe, version : 29413.0.0.0, horodatage : 0x4e209e9f Nom du module défaillant : Wx.dll_unloaded, version : 0.0.0.0, horodatage : 0x516c5dcb Code d exception : 0xc0000005 Décalage d erreur : 0x00067cc0 ID du processus défaillant : 0x2c44 Heure de début de l application défaillante : 0x01d3f39d5f2385e2 Chemin d accès de l application défaillante : C:\Program Files (x86)\Squeezebox\server\squeezeboxcp.exe Chemin d accès du module défaillant: Wx.dll ID de rapport : 493eb725-c10c-44aa-884a-fa24e30d75d5 Nom complet du package défaillant : ID de l application relative au package défaillant : ------------ Nom de l application défaillante squeezeboxcp.exe, version : 29413.0.0.0, horodatage : 0x4e209e9f Nom du module défaillant : Wx.dll_unloaded, version : 0.0.0.0, horodatage : 0x516c5dcb Code d exception : 0xc0000005 Décalage d erreur : 0x00067cc0 ID du processus défaillant : 0x3304 Heure de début de l application défaillante : 0x01d3f39d4bff1a95 Chemin d accès de l application défaillante : C:\Program Files (x86)\Squeezebox\server\squeezeboxcp.exe Chemin d accès du module défaillant: Wx.dll ID de rapport : 0468bb29-a250-4996-bcb2-9bbafaa1954e Nom complet du package défaillant : ID de l application relative au package défaillant : ------------ Nom de l application défaillante squeezeboxcp.exe, version : 29413.0.0.0, horodatage : 0x4e209e9f Nom du module défaillant : Wx.dll_unloaded, version : 0.0.0.0, horodatage : 0x516c5dcb Code d exception : 0xc0000005 Décalage d erreur : 0x00067cc0 ID du processus défaillant : 0x2ae0 Heure de début de l application défaillante : 0x01d3f39b26cf9732 Chemin d accès de l application défaillante : C:\Program Files (x86)\Squeezebox\server\squeezeboxcp.exe Chemin d accès du module défaillant: Wx.dll ID de rapport : add06720-5cff-43bc-bec8-90b1b34368f9 Nom complet du package défaillant : ID de l application relative au package défaillant : ------------ Nom de l application défaillante CNMNPUT.EXE, version : 3.3.0.30, horodatage : 0x5100e090 Nom du module défaillant : combase.dll, version : 10.0.17134.1, horodatage : 0xb1d4ad05 Code d exception : 0xc0000602 Décalage d erreur : 0x0008143a ID du processus défaillant : 0x3d48 Heure de début de l application défaillante : 0x01d3f2d5eeaf6549 Chemin d accès de l application défaillante : C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNPUT.EXE Chemin d accès du module défaillant: C:\WINDOWS\System32\combase.dll ID de rapport : 48e9d8fc-9283-4cd5-bc1d-95ffb959a633 Nom complet du package défaillant : ID de l application relative au package défaillant : ------------ Nom de l application défaillante squeezeboxcp.exe, version : 29413.0.0.0, horodatage : 0x4e209e9f Nom du module défaillant : Wx.dll_unloaded, version : 0.0.0.0, horodatage : 0x516c5dcb Code d exception : 0xc0000005 Décalage d erreur : 0x00067cc0 ID du processus défaillant : 0x1f60 Heure de début de l application défaillante : 0x01d3f147e657df8c Chemin d accès de l application défaillante : C:\Program Files (x86)\Squeezebox\server\squeezeboxcp.exe Chemin d accès du module défaillant: Wx.dll ID de rapport : 99c582b0-f26d-4046-b299-6047ae87ea9c Nom complet du package défaillant : ID de l application relative au package défaillant : ------------ Nom de l application défaillante squeezeboxcp.exe, version : 29413.0.0.0, horodatage : 0x4e209e9f Nom du module défaillant : Wx.dll_unloaded, version : 0.0.0.0, horodatage : 0x516c5dcb Code d exception : 0xc0000005 Décalage d erreur : 0x00067cc0 ID du processus défaillant : 0xe18 Heure de début de l application défaillante : 0x01d3f147cc27a640 Chemin d accès de l application défaillante : C:\Program Files (x86)\Squeezebox\server\squeezeboxcp.exe Chemin d accès du module défaillant: Wx.dll ID de rapport : 9c8eb594-ba58-49f1-922f-894248f5c594 Nom complet du package défaillant : ID de l application relative au package défaillant : ------------ ----------( EOF)---------- - 4929 | 21:23:11