--------------- QuickDiag | g3n-h@ckm@n | V4_30.08.18.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 30/08/2018 21:38:55 Updated 30/08/2018 | 03:10 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [colis (Administrator)] - [JC-10-01-2018] (S-1-5-21-1812020250-49885185-2009104261-1001) System: Microsoft Windows 10 Famille - - (10.0.17134) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (1803) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\WINDOWS|\Device\Harddisk0\Partition3 Boot : Normal boot PC: GL703VD - ASUSTeK COMPUTER INC. - IdNumber: HAN0CX13568341B - UUID: 304E4148-5843-3331-3536-383334314241 Processor : X64 - 2808 Mhz - Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz GL703VD.304 - - American Megatrends Inc. - S/N: HAN0CX13568341B - GL703VD.304 - _ASUS_ - 1072009 CoreTemp : 75 Celsius ----------| Quick ---------- | SoundDevice Son Intel(R) pour écrans - Status: OK - Manufacturer: Intel(R) Corporation - PNPDeviceID: HDAUDIO\FUNC_01&VEN_8086&DEV_280B&SUBSYS_80860101&REV_1000\4&32DCCF76&0&0201 Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0295&SUBSYS_10431BC0&REV_1000\4&32DCCF76&0&0001 NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000 ---------- | Video Intel(R) HD Graphics 630 - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igdumdim64.dll,C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igd10iumd64.dll,C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igd10iumd64.dll,C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igd12umd64.dll - PNPDeviceID: PCI\VEN_8086&DEV_591B&SUBSYS_1BC01043&REV_04\3&11583659&1&10 - AdapterCompatibility: Intel Corporation - RAM: 1073741824 NVIDIA GeForce GTX 1050 - Resolution: x - Colors: - RefreshRate: - Bits Per Pixel - DeviceID: VideoController2 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_40f9e134b62f4f99\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_40f9e134b62f4f99\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_40f9e134b62f4f99\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_40f9e134b62f4f99\nvldumdx.dll - PNPDeviceID: PCI\VEN_10DE&DEV_1C8D&SUBSYS_1BC01043&REV_A1\4&1C23A489&0&0008 - AdapterCompatibility: NVIDIA - RAM: -2147483648 Inegrated Video Chipset DeviceName: Intel(R) HD Graphics 630 - DriverVersion: 22.20.16.4708 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 53760 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 28160 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42480 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 39424 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34696 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25408 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 36264 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 86016 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK ---------- | CPU CPU #1 value:7 % CPU #2 value:13 % CPU #3 value:13 % CPU #4 value:1 % CPU #5 value:1 % CPU #6 value:1 % CPU #7 value:1 % CPU #8 value:1 % Total Overall CPU Usage value:5 % ---------- | Network Realtek PCIe GBE Family Controller : SENT:0 bytes/sec / RECVD:0 bytes/sec Intel[R] Dual Band Wireless-AC 8265 : SENT:0 bytes/sec / RECVD:0 bytes/sec Overall -> SEND Maxium:5 bytes/sec, / RECEIVE Maximum:0 bytes/sec Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 Realtek PCIe GBE Family Controller - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8168&SUBSYS_200F1043&REV_15\4&288024F7&0&00E0 Intel(R) Dual Band Wireless-AC 8265 - Ethernet 802.3 - Intel Corporation - Status: - PnPID : PCI\VEN_8086&DEV_24FD&SUBSYS_00108086&REV_78\4&2EAD3D69&0&00E6 Bluetooth Device (RFCOMM Protocol TDI) - - Microsoft - Status: - PnPID : BTH\MS_RFCOMM\6&161B2479&0&0 Bluetooth Device (Personal Area Network) - Ethernet 802.3 - Microsoft - Status: - PnPID : BTH\MS_BTHPAN\6&161B2479&0&2 Microsoft Wi-Fi Direct Virtual Adapter #3 - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&48D7285&0&11 Microsoft Wi-Fi Direct Virtual Adapter - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&48D7285&0&12 WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_SSTPMINIPORT WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_AGILEVPNMINIPORT WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_L2TPMINIPORT WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPTPMINIPORT WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPPOEMINIPORT WAN Miniport (IP) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIP WAN Miniport (IPv6) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIPV6 WAN Miniport (Network Monitor) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANBH RAS Async Adapter - - - Status: - PnPID : ---------- | Memory RAM = Total (MB) : 8270 | Free (MB) : 3522 Pagefile = Total (MB) : 13251 | Free (MB) : 6262 Virtual = Total (MB) : 4194 | Free (MB) : 3891 Physical Memory 0 : Capacity: 8589934592 - ChannelA-DIMM0 - Posit.: 0 - Manufacturer: SK Hynix - PartNumber: HMA81GS6AFR8N-UH - S/N: 29FB1E93 ---------- | SID Users Administrateur : [S-1-5-21-1812020250-49885185-2009104261-500] colis : [S-1-5-21-1812020250-49885185-2009104261-1001] DefaultAccount : [S-1-5-21-1812020250-49885185-2009104261-503] Invité : [S-1-5-21-1812020250-49885185-2009104261-501] WDAGUtilityAccount : [S-1-5-21-1812020250-49885185-2009104261-504] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [OS] | Total : 118.19 Go | Free : 8.89 Go -> NTFS (SSD) [RAID] D:\ -> [Fixed] | [DATA] | Total : 931.51 Go | Free : 143.69 Go -> NTFS [RAID] I:\ -> [Removable] | [JCOLISSON] | Total : 3.92 Go | Free : 0.03 Go -> FAT32 [USB] Disk Usage Information [3 total Physical Disks] Physical Drive #0 [C:] : Read:0 bytes/sec, Written:16,339 bytes/sec Max Read:0 bytes/sec, Max Write:16,339 bytes/sec Physical Drive #1 [D:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #2 [I:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:0 bytes/sec, Write Maximum:16,339 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - SCSI - Fixed hard disk media - 3 Part. - PnPID : SCSI\DISK&VEN_HFS128G3&PROD_9TND-N210A\4&1AED6427&0&000000 DeviceID: \\.\PHYSICALDRIVE2 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC&PROD_FLASH_DISK&REV_8.07\D9FA2027&0 DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - SCSI - Fixed hard disk media - 1 Part. - PnPID : SCSI\DISK&VEN_HGST&PROD_HTS721010A9E630\4&1AED6427&0&000200 ---------- | Windows updates - Activation - License Test 1 : Windows Is Activated Test 2 : Windows Is Activated Volume License ---------- | Browsers IE : 11.0.17134.1 (© Microsoft Corporation. Tous droits réservés.) GC : 68.0.3440.106 (Copyright 2017 Google Inc.) Default : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" ---------- | FlashPlayer FlashPlayer ActiveX : 30.0.0.154 ---------- | Security AV : Windows Defender Enabled AS : Windows Defender Enabled FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Manual(3)] = Running AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 408 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.17134.1) = C:\Windows\System32\smss.exe [12/04/2018 01:34:22] CPU Usage:0 % 624 | [Owner : Système | Parent : 604() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.17134.1) = C:\Windows\System32\csrss.exe [12/04/2018 01:34:22] CPU Usage:0 % 728 | [Owner : Système | Parent : 720() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.17134.1) = C:\Windows\System32\csrss.exe [12/04/2018 01:34:22] CPU Usage:0 % 736 | [Owner : Système | Parent : 604() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.17134.1) = C:\Windows\System32\wininit.exe [12/04/2018 01:34:22] CPU Usage:0 % 804 | [Owner : Système | Parent : 736(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.17134.191) = C:\Windows\System32\services.exe [24/08/2018 12:01:52] CPU Usage:0 % 824 | [Owner : Système | Parent : 736(wininit.exe) | 16.12 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.17134.1) = C:\Windows\System32\lsass.exe [12/04/2018 01:34:23] CPU Usage:0 % 936 | [Owner : Système | Parent : 804(services.exe) | 2.53 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 964 | [Owner : Système | Parent : 804(services.exe) | 30.22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 992 | [Owner : UMFD-0 | Parent : 736(wininit.exe) | 2 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.17134.228) = C:\Windows\System32\fontdrvhost.exe [24/08/2018 12:01:53] CPU Usage:0 % 380 | [Owner : SERVICE RÉSEAU | Parent : 804(services.exe) | 16.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 552 | [Owner : Système | Parent : 804(services.exe) | 6.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 568 | [Owner : Système | Parent : 720() | 7.17 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.17134.165) = C:\Windows\System32\winlogon.exe [12/07/2018 20:58:56] CPU Usage:0 % 1060 | [Owner : UMFD-1 | Parent : 568(winlogon.exe) | 4.8 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.17134.228) = C:\Windows\System32\fontdrvhost.exe [24/08/2018 12:01:53] CPU Usage:0 % 1132 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 8.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1140 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 7.29 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1168 | [Owner : Système | Parent : 804(services.exe) | 7.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1176 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 8.49 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1308 | [Owner : Système | Parent : 804(services.exe) | 4.55 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1392 | [Owner : Système | Parent : 804(services.exe) | 9.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1480 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 15.42 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1536 | [Owner : DWM-1 | Parent : 568(winlogon.exe) | 88.31 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.17134.1) = C:\Windows\System32\dwm.exe [12/04/2018 01:34:19] CPU Usage:1 % 1688 | [Owner : Système | Parent : 804(services.exe) | 8.09 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1696 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 9.59 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1764 | [Owner : Système | Parent : 804(services.exe) | 9.64 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.2.0.0) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [17/10/2017 07:56:16] CPU Usage:0 % 1776 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 6.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1860 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 4.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1944 | [Owner : Système | Parent : 804(services.exe) | 8.06 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1952 | [Owner : Système | Parent : 804(services.exe) | 9.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1960 | [Owner : Système | Parent : 804(services.exe) | 3.9 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1968 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 6.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1428 | [Owner : Système | Parent : 804(services.exe) | 6.41 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1352 | [Owner : SERVICE RÉSEAU | Parent : 804(services.exe) | 10.51 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2152 | [Owner : Système | Parent : 804(services.exe) | 7.27 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2200 | [Owner : Système | Parent : 804(services.exe) | 12.39 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2244 | [Owner : Système | Parent : 804(services.exe) | 5.46 Mo] - (.Intel Corporation - igfxCUIService Module.) - (6.15.10.4708) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igfxCUIService.exe [29/08/2017 09:56:02] CPU Usage:0 % 2320 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 8.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2392 | [Owner : Système | Parent : 804(services.exe) | 6.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2400 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 6.91 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2664 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 10.72 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2708 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 7.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2792 | [Owner : Système | Parent : 804(services.exe) | 16.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2816 | [Owner : SERVICE RÉSEAU | Parent : 804(services.exe) | 7.62 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2824 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 9.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2832 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 4.76 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3008 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 6.11 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2100 | [Owner : Système | Parent : 804(services.exe) | 10.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3080 | [Owner : Système | Parent : 804(services.exe) | 11.19 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3088 | [Owner : Système | Parent : 804(services.exe) | 3.77 Mo] - (.ASUSTek Computer Inc. - ASLDR Service.) - (1.0.101.2) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [28/07/2017 12:26:02] CPU Usage:0 % 3124 | [Owner : Système | Parent : 2100(svchost.exe) | 10.06 Mo] - (.Microsoft Corporation - Infrastructure d’extensibilité pour les services réseau Windows sans fil 802.11.) - (10.0.17134.1) = C:\Windows\System32\wlanext.exe [12/04/2018 01:34:43] CPU Usage:0 % 3140 | [Owner : Système | Parent : 3124(wlanext.exe) | 3.32 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17134.1) = C:\Windows\System32\conhost.exe [12/04/2018 01:34:20] CPU Usage:0 % 3284 | [Owner : Système | Parent : 804(services.exe) | 12.09 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.17134.1) = C:\Windows\System32\spoolsv.exe [12/04/2018 01:34:41] CPU Usage:0 % 3336 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 21.58 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3388 | [Owner : SERVICE RÉSEAU | Parent : 804(services.exe) | 5.69 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3544 | [Owner : Système | Parent : 804(services.exe) | 3.44 Mo] - (.ASUSTek Computer Inc. - ASUS HID Access Service.) - (1.0.101.3) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [28/07/2017 12:25:56] CPU Usage:0 % 3552 | [Owner : Système | Parent : 804(services.exe) | 8.38 Mo] - (.ALLPLAN GmbH - AllplanUpdateLauncher.) - (1.803.5387.960) = C:\Program Files\Allplan\AllplanUpdateLauncher 2018\AllplanUpdateLauncher.exe [24/01/2018 22:31:39] CPU Usage:0 % 3560 | [Owner : Système | Parent : 804(services.exe) | 17.41 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3568 | [Owner : Système | Parent : 804(services.exe) | 4.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3576 | [Owner : Système | Parent : 804(services.exe) | 8.38 Mo] - (.Allplan GmbH - AllplanUpdateLauncher.) - (1.612.4762.555) = C:\Program Files\Nemetschek\AllplanUpdateLauncher 2016\AllplanUpdateLauncher.exe [30/01/2018 20:42:04] CPU Usage:0 % 3584 | [Owner : Système | Parent : 804(services.exe) | 16.7 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.6.2250.7081) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [17/10/2017 07:57:02] CPU Usage:0 % 3600 | [Owner : Système | Parent : 804(services.exe) | 9.23 Mo] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - (19.60.0.0) = C:\Program Files\Intel\WiFi\bin\EvtEng.exe [21/03/2017 12:40:32] CPU Usage:0 % 3608 | [Owner : Système | Parent : 804(services.exe) | 4.04 Mo] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.27.2646) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [21/03/2018 02:21:48] CPU Usage:0 % 3616 | [Owner : Système | Parent : 804(services.exe) | 6.08 Mo] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - (19.60.0.0) = C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [21/03/2017 12:40:22] CPU Usage:0 % 3624 | [Owner : Système | Parent : 804(services.exe) | 26.11 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3632 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 5.72 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3640 | [Owner : SERVICE RÉSEAU | Parent : 804(services.exe) | 4.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3648 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 21.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3656 | [Owner : Système | Parent : 804(services.exe) | 11.4 Mo] - (.ASUSTeK COMPUTER INC. - ROGGamingCenterService.) - (2.1.4.1) = C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingCenterService.exe [17/08/2017 17:35:16] CPU Usage:0 % 3664 | [Owner : SERVICE RÉSEAU | Parent : 804(services.exe) | 8.52 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.4.2237.9333) = C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [17/10/2017 07:57:02] CPU Usage:0 % 3672 | [Owner : Système | Parent : 804(services.exe) | 11.68 Mo] - (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Service.) - (19.60.0.0) = C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [21/03/2017 12:40:46] CPU Usage:0 % 3684 | [Owner : Système | Parent : 804(services.exe) | 18.22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3692 | [Owner : SERVICE RÉSEAU | Parent : 804(services.exe) | 11.79 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3700 | [Owner : Système | Parent : 804(services.exe) | 5.1 Mo] - (.Intel Corporation - IntelCpHDCPSvc Executable.) - (1.0.0.1) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\IntelCpHDCPSvc.exe [29/08/2017 09:56:04] CPU Usage:0 % 3708 | [Owner : Système | Parent : 804(services.exe) | 3.38 Mo] - (.Intel Corporation - Intel(R) Wireless Bluetooth(R) iBtSiva Service.) - (19.60.0.3) = C:\Windows\System32\ibtsiva.exe [13/04/2017 18:50:36] CPU Usage:0 % 3716 | [Owner : Système | Parent : 804(services.exe) | ?????] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.18.1807.18075) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe [31/07/2018 19:08:30] CPU Usage:0 % 3752 | [Owner : Système | Parent : 804(services.exe) | 31.08 Mo] - (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - (16.0.10325.20118) = C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [23/05/2018 21:44:17] CPU Usage:0 % 3876 | [Owner : Système | Parent : 804(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.13.17134.191) = C:\Windows\System32\SecurityHealthService.exe [24/08/2018 12:01:56] CPU Usage:0 % 3964 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 3.94 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2844 | [Owner : Système | Parent : 804(services.exe) | 8.01 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 4336 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 14.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 4420 | [Owner : Système | Parent : 804(services.exe) | 9.85 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 4512 | [Owner : Système | Parent : 804(services.exe) | 20.39 Mo] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - (6.50.2640.503) = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [12/09/2017 07:50:00] CPU Usage:0 % 4568 | [Owner : Système | Parent : 804(services.exe) | 6.88 Mo] - (.Intel Corporation - IntelCpHeciSvc Executable.) - (9.0.14.317) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\IntelCpHeciSvc.exe [29/08/2017 09:56:04] CPU Usage:0 % 4620 | [Owner : Système | Parent : 804(services.exe) | 9.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 5320 | [Owner : SERVICE RÉSEAU | Parent : 964(svchost.exe) | 23.41 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17134.1) = C:\Windows\System32\wbem\WmiPrvSE.exe [12/04/2018 01:34:40] CPU Usage:0 % 5876 | [Owner : Système | Parent : 964(svchost.exe) | 4.81 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (10.0.17134.1) = C:\Windows\System32\wbem\unsecapp.exe [12/04/2018 01:34:40] CPU Usage:0 % 6076 | [Owner : Système | Parent : 964(svchost.exe) | 11.13 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17134.1) = C:\Windows\System32\wbem\WmiPrvSE.exe [12/04/2018 01:34:40] CPU Usage:0 % 6208 | [Owner : Système | Parent : 804(services.exe) | 15.99 Mo] - (.Intel(R) Corporation - XtuService.) - (6.2.0.27) = C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [11/05/2017 16:14:38] CPU Usage:0 % 7000 | [Owner : SERVICE RÉSEAU | Parent : 804(services.exe) | ?????] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Service.) - (4.18.1807.18075) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe [31/07/2018 19:08:30] CPU Usage:0 % 7072 | [Owner : Système | Parent : 1764(NVDisplay.Container.exe) | 20.24 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.2.0.0) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [17/10/2017 07:56:16] CPU Usage:0 % 6980 | [Owner : Système | Parent : 3088(AsLdrSrv.exe) | 6.72 Mo] - (.ASUSTek Computer Inc. - HControl.) - (1.0.101.2) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [28/07/2017 12:26:18] CPU Usage:0 % 6372 | [Owner : colis | Parent : 3584(nvcontainer.exe) | 21.27 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.6.2250.7081) = C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [17/10/2017 07:57:02] CPU Usage:0 % 2944 | [Owner : colis | Parent : 1944(svchost.exe) | 33.87 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.17134.1) = C:\Windows\System32\sihost.exe [12/04/2018 01:34:12] CPU Usage:0 % 7144 | [Owner : colis | Parent : 804(services.exe) | 22.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 6424 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 11.01 Mo] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.8931) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe [16/05/2018 00:42:40] CPU Usage:0 % 7172 | [Owner : colis | Parent : 804(services.exe) | 35.75 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 7316 | [Owner : colis | Parent : 2200(svchost.exe) | 12.96 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.17134.1) = C:\Windows\System32\taskhostw.exe [12/04/2018 01:34:37] CPU Usage:0 % 7332 | [Owner : colis | Parent : 2200(svchost.exe) | 2.12 Mo] - (.ASUSTek Computer Inc. - ROG Gaming Key.) - (2.1.0.8) = C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingKey.exe [17/08/2017 17:35:16] CPU Usage:0 % 7576 | [Owner : Système | Parent : 804(services.exe) | 4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 7656 | [Owner : Système | Parent : 804(services.exe) | 5.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 7708 | [Owner : colis | Parent : 7656(svchost.exe) | 12.45 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.17134.1) = C:\Windows\System32\ctfmon.exe [12/04/2018 01:34:37] CPU Usage:0 % 8096 | [Owner : colis | Parent : 8024() | 171.2 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.17134.165) = C:\Windows\explorer.exe [12/07/2018 20:59:09] CPU Usage:0 % 8172 | [Owner : Système | Parent : 804(services.exe) | 8.03 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 7412 | [Owner : Système | Parent : 804(services.exe) | 5.51 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 8288 | [Owner : colis | Parent : 7356() | 7.73 Mo] - (.ASUSTek Computer Inc. - ATKOSD2.) - (7.0.39.1) = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [28/03/2017 17:28:32] CPU Usage:0 % 8300 | [Owner : colis | Parent : 7400() | 5.02 Mo] - (.ASUSTek Computer Inc. - ATK Media.) - (2.0.29.2) = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [28/07/2017 12:26:10] CPU Usage:0 % 8328 | [Owner : Système | Parent : 804(services.exe) | 8.22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 8336 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 6.62 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 8736 | [Owner : colis | Parent : 8672() | 8.9 Mo] - (.Intel Corporation - igfxEM Module.) - (6.15.10.4708) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igfxEM.exe [29/08/2017 09:56:03] CPU Usage:0 % 8824 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 16.03 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 8936 | [Owner : Système | Parent : 804(services.exe) | 14.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 8084 | [Owner : colis | Parent : 964(svchost.exe) | 24.36 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.17134.1) = C:\Windows\System32\SettingSyncHost.exe [12/04/2018 01:34:34] CPU Usage:0 % 9868 | [Owner : colis | Parent : 964(svchost.exe) | 92.66 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.17134.1) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [12/04/2018 01:33:58] CPU Usage:0 % 10080 | [Owner : colis | Parent : 964(svchost.exe) | 20.09 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 01:34:06] CPU Usage:0 % 10120 | [Owner : colis | Parent : 964(svchost.exe) | 112.8 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.17134.228) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [24/08/2018 12:02:13] CPU Usage:0 % 4028 | [Owner : colis | Parent : 964(svchost.exe) | 54.34 Mo] - (.Microsoft Corporation - Microsoft.Notes.) - (2.1.18.0) = C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe [11/04/2018 18:05:03] CPU Usage:0 % 9032 | [Owner : Système | Parent : 7288() | 1.14 Mo] - (.Google Inc. - Google Crash Handler.) - (1.3.33.17) = C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe [17/05/2018 17:37:47] CPU Usage:0 % 9628 | [Owner : Système | Parent : 7288() | 1.08 Mo] - (.Google Inc. - Google Crash Handler.) - (1.3.33.17) = C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe [17/05/2018 17:37:47] CPU Usage:0 % 10372 | [Owner : Système | Parent : 804(services.exe) | 31.64 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.17134.228) = C:\Windows\System32\SearchIndexer.exe [24/08/2018 12:01:56] CPU Usage:0 % 10384 | [Owner : colis | Parent : 964(svchost.exe) | 14.71 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 01:34:06] CPU Usage:0 % 10480 | [Owner : colis | Parent : 964(svchost.exe) | 20.56 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 01:34:06] CPU Usage:0 % 10936 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 22.25 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 11244 | [Owner : Système | Parent : 804(services.exe) | 32.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 11528 | [Owner : colis | Parent : 964(svchost.exe) | 7.88 Mo] - (.-.) - (12.1815.210.0) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe [18/07/2018 13:11:07] CPU Usage:0 % 11736 | [Owner : colis | Parent : 964(svchost.exe) | 28.04 Mo] - (.-.) - (10.18071.1181.0) = C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe [24/08/2018 11:54:58] CPU Usage:0 % 11840 | [Owner : colis | Parent : 804(services.exe) | 28.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 5660 | [Owner : colis | Parent : 964(svchost.exe) | 24.52 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 01:34:06] CPU Usage:0 % 11956 | [Owner : colis | Parent : 964(svchost.exe) | 42.62 Mo] - (.Microsoft Corporation - LockApp.exe.) - (10.0.17134.1) = C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe [12/04/2018 01:34:28] CPU Usage:0 % 5664 | [Owner : colis | Parent : 964(svchost.exe) | 26.45 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 01:34:06] CPU Usage:0 % 12588 | [Owner : colis | Parent : 964(svchost.exe) | 3.63 Mo] - (.Microsoft Corporation - Office Hub Task Host.) - (16.0.10314.33875) = C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe [11/07/2018 16:45:53] CPU Usage:0 % 12660 | [Owner : colis | Parent : 964(svchost.exe) | 11.52 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 01:34:06] CPU Usage:0 % 13004 | [Owner : colis | Parent : 964(svchost.exe) | 8.34 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 01:34:06] CPU Usage:0 % 12936 | [Owner : colis | Parent : 8096(explorer.exe) | 6.36 Mo] - (.Microsoft Corporation - Windows Defender notification icon.) - (4.13.17134.1) = C:\Program Files\Windows Defender\MSASCuiL.exe [12/04/2018 01:33:58] CPU Usage:0 % 8764 | [Owner : colis | Parent : 964(svchost.exe) | 6.48 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 01:34:06] CPU Usage:0 % 2848 | [Owner : colis | Parent : 2200(svchost.exe) | 5.19 Mo] - (.ASUSTeK COMPUTER INC. - Sonic Suite 3.) - (3.6.12.44173) = C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe [03/08/2017 16:45:26] CPU Usage:0 % 13832 | [Owner : colis | Parent : 8096(explorer.exe) | 34.81 Mo] - (.Microsoft Corporation - Microsoft OneDrive.) - (18.131.701.7) = C:\Users\colis\AppData\Local\Microsoft\OneDrive\OneDrive.exe [10/01/2018 22:35:53] CPU Usage:0 % 13436 | [Owner : colis | Parent : 2200(svchost.exe) | 2.15 Mo] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.278) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [17/10/2017 08:00:57] CPU Usage:0 % 1708 | [Owner : colis | Parent : 2200(svchost.exe) | 3.5 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.655.0) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [17/10/2017 08:00:57] CPU Usage:0 % 14288 | [Owner : colis | Parent : 964(svchost.exe) | 17.04 Mo] - (.NVIDIA Corporation - NVIDIA Capture Server.) - (3.8.0.89) = C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe [17/10/2017 07:57:08] CPU Usage:0 % 13764 | [Owner : colis | Parent : 3584(nvcontainer.exe) | 7.32 Mo] - (.NVIDIA Corporation - NVIDIA ShadowPlay Helper.) - (3.8.0.89) = C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe [17/10/2017 07:57:07] CPU Usage:0 % 6824 | [Owner : colis | Parent : 14288(nvspcaps64.exe) | 23.8 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (59.3071.1634.2) = C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [17/10/2017 07:57:06] CPU Usage:0 % 13744 | [Owner : colis | Parent : 8096(explorer.exe) | 20.87 Mo] - (.Disc Soft Ltd - DAEMON Tools Lite.) - (10.7.0.336) = C:\Program Files\DAEMON Tools Lite\DTAgent.exe [09/01/2018 12:45:32] CPU Usage:0 % 14316 | [Owner : Système | Parent : 804(services.exe) | 9.73 Mo] - (.Disc Soft Ltd - Disc Soft Bus Service Lite.) - (10.7.0.336) = C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [09/01/2018 12:44:38] CPU Usage:0 % 13084 | [Owner : colis | Parent : 9564() | 56.74 Mo] - (.Valve Corporation - Steam Client Bootstrapper.) - (4.65.64.52) = C:\Program Files (x86)\Steam\Steam.exe [23/07/2016 01:36:30] CPU Usage:0 % 9084 | [Owner : colis | Parent : 10152() | 27.96 Mo] - (.Node.js - NVIDIA Web Helper Service.) - (6.9.5.0) = C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [17/10/2017 07:57:04] CPU Usage:0 % 14020 | [Owner : colis | Parent : 9084(NVIDIA Web Helper.exe) | 3.6 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17134.1) = C:\Windows\System32\conhost.exe [12/04/2018 01:34:20] CPU Usage:0 % 14220 | [Owner : colis | Parent : 13084(Steam.exe) | 30.68 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (4.65.64.52) = C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe [10/01/2018 23:17:49] CPU Usage:0 % 6668 | [Owner : colis | Parent : 14220(steamwebhelper.exe) | 6.87 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (4.65.64.52) = C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe [10/01/2018 23:17:49] CPU Usage:0 % 11552 | [Owner : colis | Parent : 14220(steamwebhelper.exe) | 18.55 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (4.65.64.52) = C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe [10/01/2018 23:17:49] CPU Usage:0 % 14548 | [Owner : colis | Parent : 8096(explorer.exe) | 6.56 Mo] - (.ASUS - AuraCoreListen.) - (2.0.4.0) = C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.23.0_x86__qmba6cd70vzyy\AuraListen.exe [24/08/2018 11:56:04] CPU Usage:0 % 14556 | [Owner : Système | Parent : 804(services.exe) | 6.85 Mo] - (.Valve Corporation - Steam Client Service.) - (4.65.64.52) = C:\Program Files (x86)\Common Files\Steam\SteamService.exe [10/01/2018 23:11:53] CPU Usage:0 % 15076 | [Owner : colis | Parent : 8096(explorer.exe) | 11.1 Mo] - (.WIBU-SYSTEMS AG - CodeMeter Control Center.) - (6.50.2640.503) = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe [12/09/2017 07:50:00] CPU Usage:0 % 15140 | [Owner : colis | Parent : 15100() | 14.48 Mo] - (.-.) - (1.0.0.0) = C:\Program Files (x86)\Asus Espada Gaming Mouse\GT200AP4.exe [11/01/2018 00:02:31] CPU Usage:0 % 13896 | [Owner : colis | Parent : 14992() | 7.78 Mo] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.161.12) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [19/12/2017 20:06:16] CPU Usage:0 % 14564 | [Owner : colis | Parent : 6824(NVIDIA Share.exe) | 26.43 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (59.3071.1634.2) = C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [17/10/2017 07:57:06] CPU Usage:0 % 6024 | [Owner : colis | Parent : 13624() | 3.21 Mo] - (.Microsoft Corporation - Outil de configuration du Planificateur de tâches.) - (10.0.17134.1) = C:\Windows\System32\schtasks.exe [12/04/2018 01:34:36] CPU Usage:0 % 12296 | [Owner : colis | Parent : 6024(schtasks.exe) | 4.36 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17134.1) = C:\Windows\System32\conhost.exe [12/04/2018 01:34:20] CPU Usage:0 % 15172 | [Owner : colis | Parent : 15000() | 42.2 Mo] - (.GOG.com - GOG Galaxy.) - (1.2.45.61) = C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [20/05/2018 15:55:28] CPU Usage:0 % 768 | [Owner : colis | Parent : 2200(svchost.exe) | 4.95 Mo] - (.ASUS - ACMON.) - (1.0.8.0) = C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [21/07/2017 16:56:26] CPU Usage:0 % 4276 | [Owner : Système | Parent : 804(services.exe) | 14.47 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 11540 | [Owner : colis | Parent : 15172(GalaxyClient.exe) | 25.59 Mo] - (.GOG.com - GalaxyClient Helper Application.) - (1.2.45.61) = C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe [20/05/2018 15:55:28] CPU Usage:0 % 15392 | [Owner : colis | Parent : 15172(GalaxyClient.exe) | 42.49 Mo] - (.GOG.com - GalaxyClient Helper Application.) - (1.2.45.61) = C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe [20/05/2018 15:55:28] CPU Usage:0 % 15532 | [Owner : colis | Parent : 15172(GalaxyClient.exe) | 27.26 Mo] - (.GOG.com - GOG Galaxy Notifications Renderer.) - (1.2.45.61) = C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe [20/05/2018 15:55:28] CPU Usage:0 % 14956 | [Owner : colis | Parent : 14220(steamwebhelper.exe) | 29.53 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (4.65.64.52) = C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe [10/01/2018 23:17:49] CPU Usage:0 % 7948 | [Owner : colis | Parent : 14220(steamwebhelper.exe) | 15.52 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (4.65.64.52) = C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe [10/01/2018 23:17:49] CPU Usage:0 % 13524 | [Owner : colis | Parent : 964(svchost.exe) | 7.37 Mo] - (.Intel Corporation - igfxext Module.) - (6.15.10.4708) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igfxext.exe [29/08/2017 09:56:03] CPU Usage:0 % 4440 | [Owner : colis | Parent : 2848(SS3Svc32.exe) | 1.97 Mo] - (.ASUSTeK COMPUTER INC. - Sonic Suite 3.) - (3.6.12.44173) = C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe [03/08/2017 16:49:08] CPU Usage:0 % 11888 | [Owner : SERVICE RÉSEAU | Parent : 804(services.exe) | 13.52 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 15364 | [Owner : Système | Parent : 804(services.exe) | 3.92 Mo] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (11.7.0.1028) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [06/06/2017 01:22:50] CPU Usage:0 % 11344 | [Owner : Système | Parent : 804(services.exe) | 7.34 Mo] - (.Intel Corporation - Intel(R) Local Management Service.) - (11.7.0.1028) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [06/06/2017 01:26:12] CPU Usage:0 % 11880 | [Owner : Système | Parent : 804(services.exe) | ?????] - (.Microsoft Corporation - Service Broker du moniteur d'exécution System Guard.) - (10.0.17134.1) = C:\Windows\System32\SgrmBroker.exe [12/04/2018 01:34:04] CPU Usage:0 % 6512 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 7.83 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 13128 | [Owner : colis | Parent : 14892() | 11.66 Mo] - (.Disc Soft Ltd - DAEMON Tools Shell Extensions Helper.) - (10.7.0.336) = C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe [09/01/2018 12:45:22] CPU Usage:0 % 12868 | [Owner : colis | Parent : 13896(jusched.exe) | 8.75 Mo] - (.Oracle Corporation - Java Update Checker.) - (2.8.161.12) = C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [19/12/2017 20:06:00] CPU Usage:0 % 4132 | [Owner : colis | Parent : 10356() | 0.8 Mo] - (.Microsoft Corporation - Outil de configuration du Planificateur de tâches.) - (10.0.17134.1) = C:\Windows\System32\schtasks.exe [12/04/2018 01:34:36] CPU Usage:0 % 14932 | [Owner : colis | Parent : 4132(schtasks.exe) | 1.34 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17134.1) = C:\Windows\System32\conhost.exe [12/04/2018 01:34:20] CPU Usage:0 % 9916 | [Owner : Système | Parent : 804(services.exe) | 16.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 15280 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 5.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3984 | [Owner : colis | Parent : 964(svchost.exe) | 7.06 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.17134.1) = C:\Windows\System32\dllhost.exe [12/04/2018 01:34:22] CPU Usage:0 % 14828 | [Owner : colis | Parent : 964(svchost.exe) | 25.94 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.17134.1) = C:\Windows\System32\ApplicationFrameHost.exe [12/04/2018 01:34:18] CPU Usage:0 % 7752 | [Owner : colis | Parent : 964(svchost.exe) | 32.95 Mo] - (.Microsoft Corporation - Store.) - (11807.1001.13.0) = C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.App.exe [31/07/2018 10:59:13] CPU Usage:0 % 14204 | [Owner : colis | Parent : 964(svchost.exe) | 20.82 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 01:34:06] CPU Usage:0 % 3820 | [Owner : Système | Parent : 804(services.exe) | 6.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 13700 | [Owner : colis | Parent : 6164() | 25.85 Mo] - (.ASUSTeK Computer Inc. - ASUS Live Update.) - (3.4.4.0) = C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [12/05/2017 12:44:44] CPU Usage:0 % 9968 | [Owner : Système | Parent : 804(services.exe) | 6.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 10292 | [Owner : colis | Parent : 964(svchost.exe) | 11.59 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.17134.1) = C:\Windows\System32\dllhost.exe [12/04/2018 01:34:22] CPU Usage:0 % 10512 | [Owner : colis | Parent : 2200(svchost.exe) | 14.28 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.17134.1) = C:\Windows\System32\taskhostw.exe [12/04/2018 01:34:37] CPU Usage:0 % 8384 | [Owner : colis | Parent : 964(svchost.exe) | 19.3 Mo] - (.Microsoft Corporation - Sélectionner une application.) - (10.0.17134.1) = C:\Windows\System32\OpenWith.exe [12/04/2018 01:34:37] CPU Usage:0 % 2928 | [Owner : colis | Parent : 5740() | 5.62 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17134.1) = C:\Windows\System32\conhost.exe [12/04/2018 01:34:20] CPU Usage:0 % 12160 | [Owner : colis | Parent : 1832() | 3.26 Mo] - (.-.) - (0.0.0.0) = C:\Program Files\Git\usr\bin\sh.exe [26/08/2018 21:42:47] CPU Usage:0 % 8708 | [Owner : colis | Parent : 12160(sh.exe) | 2.18 Mo] - (.-.) - (0.0.0.0) = C:\Program Files\Git\usr\bin\sh.exe [26/08/2018 21:42:47] CPU Usage:0 % 11372 | [Owner : colis | Parent : 8708(sh.exe) | 8.31 Mo] - (.Node.js - Node.js: Server-side JavaScript.) - (8.11.4.0) = C:\Program Files\nodejs\node.exe [15/08/2018 13:37:50] CPU Usage:0 % 8668 | [Owner : colis | Parent : 11372(node.exe) | 3.43 Mo] - (.Microsoft Corporation - Interpréteur de commandes Windows.) - (10.0.17134.1) = C:\Windows\System32\cmd.exe [12/04/2018 01:34:14] CPU Usage:0 % 11392 | [Owner : colis | Parent : 8668(cmd.exe) | 7.96 Mo] - (.Node.js - Node.js: Server-side JavaScript.) - (8.11.4.0) = C:\Program Files\nodejs\node.exe [15/08/2018 13:37:50] CPU Usage:0 % 15504 | [Owner : colis | Parent : 11392(node.exe) | 3.41 Mo] - (.Microsoft Corporation - Interpréteur de commandes Windows.) - (10.0.17134.1) = C:\Windows\System32\cmd.exe [12/04/2018 01:34:14] CPU Usage:0 % 9716 | [Owner : colis | Parent : 15504(cmd.exe) | 7.6 Mo] - (.Node.js - Node.js: Server-side JavaScript.) - (8.11.4.0) = C:\Program Files\nodejs\node.exe [15/08/2018 13:37:50] CPU Usage:0 % 15056 | [Owner : colis | Parent : 9716(node.exe) | 37.8 Mo] - (.GitHub, Inc. - Electron.) - (2.0.8.0) = C:\Users\colis\Desktop\deezloaderremix\node_modules\electron\dist\electron.exe [26/08/2018 21:58:09] CPU Usage:0 % 15912 | [Owner : colis | Parent : 15056(electron.exe) | 16.48 Mo] - (.GitHub, Inc. - Electron.) - (2.0.8.0) = C:\Users\colis\Desktop\deezloaderremix\node_modules\electron\dist\electron.exe [26/08/2018 21:58:09] CPU Usage:0 % 7420 | [Owner : colis | Parent : 964(svchost.exe) | 19.42 Mo] - (.Microsoft Corporation - Sélectionner une application.) - (10.0.17134.1) = C:\Windows\System32\OpenWith.exe [12/04/2018 01:34:37] CPU Usage:0 % 1188 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 6.9 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.17134.1) = C:\Windows\System32\WUDFHost.exe [12/04/2018 01:34:28] CPU Usage:0 % 9356 | [Owner : colis | Parent : 13016() | 4.03 Mo] - (.Microsoft Corporation - Outil de configuration du Planificateur de tâches.) - (10.0.17134.1) = C:\Windows\System32\schtasks.exe [12/04/2018 01:34:36] CPU Usage:0 % 11712 | [Owner : colis | Parent : 9356(schtasks.exe) | 6.06 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17134.1) = C:\Windows\System32\conhost.exe [12/04/2018 01:34:20] CPU Usage:0 % 16480 | [Owner : colis | Parent : 10176() | 4.02 Mo] - (.Microsoft Corporation - Outil de configuration du Planificateur de tâches.) - (10.0.17134.1) = C:\Windows\System32\schtasks.exe [12/04/2018 01:34:36] CPU Usage:0 % 6480 | [Owner : colis | Parent : 16480(schtasks.exe) | 6.02 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17134.1) = C:\Windows\System32\conhost.exe [12/04/2018 01:34:20] CPU Usage:0 % 6748 | [Owner : colis | Parent : 17352() | 4.03 Mo] - (.Microsoft Corporation - Outil de configuration du Planificateur de tâches.) - (10.0.17134.1) = C:\Windows\System32\schtasks.exe [12/04/2018 01:34:36] CPU Usage:0 % 18304 | [Owner : colis | Parent : 6748(schtasks.exe) | 6.03 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17134.1) = C:\Windows\System32\conhost.exe [12/04/2018 01:34:20] CPU Usage:0 % 7924 | [Owner : colis | Parent : 14620() | 4.03 Mo] - (.Microsoft Corporation - Outil de configuration du Planificateur de tâches.) - (10.0.17134.1) = C:\Windows\System32\schtasks.exe [12/04/2018 01:34:36] CPU Usage:0 % 900 | [Owner : colis | Parent : 7924(schtasks.exe) | 6.02 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17134.1) = C:\Windows\System32\conhost.exe [12/04/2018 01:34:20] CPU Usage:0 % 17888 | [Owner : colis | Parent : 17444() | 4.04 Mo] - (.Microsoft Corporation - Outil de configuration du Planificateur de tâches.) - (10.0.17134.1) = C:\Windows\System32\schtasks.exe [12/04/2018 01:34:36] CPU Usage:0 % 16716 | [Owner : colis | Parent : 17888(schtasks.exe) | 6.04 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17134.1) = C:\Windows\System32\conhost.exe [12/04/2018 01:34:20] CPU Usage:0 % 16984 | [Owner : colis | Parent : 2200(svchost.exe) | 12.11 Mo] - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) - (5.812.10240.16384) = C:\Windows\System32\wscript.exe [12/04/2018 01:34:34] CPU Usage:0 % 18156 | [Owner : colis | Parent : 16984(wscript.exe) | 0.82 Mo] - (.Microsoft Corporation - Outil de configuration du Planificateur de tâches.) - (10.0.17134.1) = C:\Windows\System32\schtasks.exe [12/04/2018 01:34:36] CPU Usage:0 % 9104 | [Owner : colis | Parent : 18156(schtasks.exe) | 1.03 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17134.1) = C:\Windows\System32\conhost.exe [12/04/2018 01:34:20] CPU Usage:0 % 11984 | [Owner : Système | Parent : 804(services.exe) | 155.08 Mo] - (.Malwarebytes - Malwarebytes Service.) - (3.1.0.667) = C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [27/08/2018 21:11:17] CPU Usage:0 % 16272 | [Owner : colis | Parent : 11984(MBAMService.exe) | 31.02 Mo] - (.Malwarebytes - Malwarebytes Tray Application.) - (3.1.0.1583) = C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [27/08/2018 21:11:15] CPU Usage:0 % 13152 | [Owner : colis | Parent : 12072() | 26.87 Mo] - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) - (5.812.10240.16384) = C:\Windows\System32\wscript.exe [12/04/2018 01:34:34] CPU Usage:0 % 15784 | [Owner : colis | Parent : 8096(explorer.exe) | 8.04 Mo] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.17134.1) = C:\Windows\System32\rundll32.exe [12/04/2018 01:34:33] CPU Usage:0 % 19308 | [Owner : colis | Parent : 8096(explorer.exe) | 173.94 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 17184 | [Owner : colis | Parent : 19308(chrome.exe) | 8.14 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 16264 | [Owner : colis | Parent : 19308(chrome.exe) | 8.64 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 17856 | [Owner : colis | Parent : 19308(chrome.exe) | 216.35 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:2 % 16516 | [Owner : colis | Parent : 19308(chrome.exe) | 41.26 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 5056 | [Owner : colis | Parent : 964(svchost.exe) | 34.15 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 01:34:06] CPU Usage:0 % 8444 | [Owner : SERVICE LOCAL | Parent : 2664(svchost.exe) | 21.31 Mo] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.17134.137) = C:\Windows\System32\audiodg.exe [12/07/2018 20:59:01] CPU Usage:0 % 7676 | [Owner : colis | Parent : 964(svchost.exe) | 122.57 Mo] - (.-.) - (10.18071.1171.0) = C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18071.11711.0_x64__8wekyb3d8bbwe\Music.UI.exe [24/08/2018 11:51:57] CPU Usage:0 % 21116 | [Owner : colis | Parent : 964(svchost.exe) | 27.36 Mo] - (.-.) - (2018.18071.15310.0) = C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe [30/08/2018 09:56:56] CPU Usage:0 % 16768 | [Owner : colis | Parent : 964(svchost.exe) | 21.14 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 01:34:06] CPU Usage:0 % 13168 | [Owner : colis | Parent : 964(svchost.exe) | 12.18 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.17134.1) = C:\Windows\System32\dllhost.exe [12/04/2018 01:34:22] CPU Usage:0 % 11432 | [Owner : Système | Parent : 804(services.exe) | 12.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2904 | [Owner : colis | Parent : 19308(chrome.exe) | 288.89 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 10476 | [Owner : colis | Parent : 19308(chrome.exe) | 47.46 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 17920 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 10.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 19104 | [Owner : Système | Parent : 804(services.exe) | 6.59 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 19636 | [Owner : colis | Parent : 964(svchost.exe) | 38.46 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.17134.137) = C:\Windows\System32\smartscreen.exe [12/07/2018 20:59:08] CPU Usage:0 % 12412 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 5.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 7240 | [Owner : colis | Parent : 8096(explorer.exe) | 68.19 Mo] - (.- Best Usb Anti-Malware Professionnal with Real Time Protection !.) - (11.0.0.2) = C:\Program Files (x86)\UsbFix\UsbFix.exe [14/08/2018 17:16:36] CPU Usage:0 % 19176 | [Owner : colis | Parent : 19308(chrome.exe) | 110.42 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 7476 | [Owner : colis | Parent : 7240(UsbFix.exe) | 15.47 Mo] - (.Microsoft Corporation - Bloc-notes.) - (10.0.17134.1) = C:\Windows\SysWOW64\notepad.exe [12/04/2018 01:34:57] CPU Usage:0 % 21160 | [Owner : colis | Parent : 19308(chrome.exe) | 67.67 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 20396 | [Owner : Système | Parent : 804(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2028 | [Owner : colis | Parent : 19308(chrome.exe) | 24.08 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 20220 | [Owner : colis | Parent : 19308(chrome.exe) | 47.4 Mo] - (.SosVirus - QuickDiag.) - (30.8.18.1) = D:\Download\QuickDiag.exe [30/08/2018 21:36:56] CPU Usage:0 % 7484 | [Owner : Système | Parent : 804(services.exe) | 5.66 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 18984 | [Owner : SERVICE RÉSEAU | Parent : 964(svchost.exe) | 9.64 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17134.1) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [12/04/2018 01:34:55] CPU Usage:0 % ---------- | Locked Applications ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\Windows\System32\InputHost.dll (.Intel Corporation.-.User Mode Driver for Intel(R) Graphics Technology.) - (22.20.16.4708) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igd10iumd64.dll (.Intel Corporation.-.Intel Graphics Shader Compiler for Intel(R) Graphics Accelerator.) - (22.20.16.4708) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igc64.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellExperiences\TileControl.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellComponents\TaskFlowUI.dll (..-..) - (0.0.0.0) -- C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll (.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 391.01.) - (23.21.13.9101) -- C:\WINDOWS\system32\nvapi64.dll (.NVIDIA Corporation.-.NVIDIA French language resource library.) - (6.14.13.9101) -- C:\WINDOWS\SYSTEM32\Nv3DAppShExtR.dll (.Disc Soft Ltd.-.DAEMON Tools Lite.) - (10.7.0.336) -- C:\Program Files\DAEMON Tools Lite\DTShl64.dll (.Alexander Roshal.-.WinRAR shell extension.) - (5.50.0.0) -- C:\Program Files (x86)\WinRAR\rarext64.dll (.NVIDIA Corporation.-.NVIDIA Shell Extensions.) - (6.14.13.9101) -- C:\WINDOWS\system32\nv3dappshext.dll (.NVIDIA Corporation.-.NVIDIA Display Shell Extension.) - (1.2.0.1) -- C:\WINDOWS\system32\nvshext.dll (.Intel Corporation.-.igfxDTCM Module.) - (6.15.10.4708) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igfxDTCM.dll (.Malwarebytes.-.Malwarebytes.) - (3.0.0.57) -- C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll (.Intel Corporation.-.igfxDH Module.) - (6.15.10.4708) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igfxDH.dll (.Intel Corporation.-.igfxLHM Module.) - (6.15.10.4708) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igfxLHM.dll (.Intel Corporation.-.igfxDI Module.) - (6.15.10.4708) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igfxDI.dll ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) ---------- | svchost.exe Modules (Microsoft Files Whitelisted) (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.21.0.0) -- C:\WINDOWS\System32\winsqlite3.dll (..-..) - (0.0.0.0) -- C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU OneDrive - ("C:\Users\colis\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\...\Run]) - User: JC-10-01-2018\colis Steam - ("C:\Program Files (x86)\Steam\steam.exe" -silent [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\...\Run]) - User: JC-10-01-2018\colis DAEMON Tools Lite Automount - ("C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\...\Run]) - User: JC-10-01-2018\colis GalaxyClient - (C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\...\Run]) - User: JC-10-01-2018\colis Z0BZNI3BHI - ("C:\Users\colis\AppData\Local\avertissement_de_bannissement.js" [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\...\Run]) - User: JC-10-01-2018\colis CodeMeter Control Center - (C:\PROGRA~2\CODEME~1\Runtime\bin\CODEME~2.EXE [Common Startup]) - User: Public SecurityHealth - (%ProgramFiles%\Windows Defender\MSASCuiL.exe [HKLM\SOFTWARE\...\Run]) - User: Public ShadowPlay - ("C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [HKLM\SOFTWARE\...\Run]) - User: Public Sonic Studio 3 - ("C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe" /start SonicStudioSystray /silent [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\colis\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background "Steam"="C:\Program Files (x86)\Steam\steam.exe" -silent "DAEMON Tools Lite Automount"="C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun "GalaxyClient"=C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart "Z0BZNI3BHI"="C:\Users\colis\AppData\Local\avertissement_de_bannissement.js" [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "DAEMON Tools Lite Automount"=0x020000000000000000000000 "OneDrive"=0x020000000000000000000000 "Steam"=0x020000000000000000000000 "GalaxyClient"= [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU] "a"=%appdata%\1 "MRUList"=a [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=Canon MP495 series,winspool,Ne04: "IsMRUEstablished"=1 "LegacyDefaultPrinterMode"=0 [HKLM\Software\Microsoft\Command Processor] "DefaultColor"=0 "EnableExtensions"=1 "CompletionChar"=64 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=%ProgramFiles%\Windows Defender\MSASCuiL.exe "ShadowPlay"="C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart "Sonic Studio 3"="C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe" /start SonicStudioSystray /silent [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "SecurityHealth"=0x060000000000000000000000 "ShadowPlay"=0x020000000000000000000000 "Sonic Studio 3"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "AsInstCD"=0x020000000000000000000000 "ASUS MG611U"=0x020000000000000000000000 "SunJavaUpdateSched"=0x020000000000000000000000 "vspdfprsrv.exe"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D3D1ED98C0F7D8 [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "ASUS MG611U"="C:\Program Files (x86)\Asus Espada Gaming Mouse\GT200St.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce] ""= [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : VideoDevice2=@device:pnp:\\?\usb#vid_090c&pid_f37d&mi_00#6&14a44c2f&0&0000#{65e8773d-8f56-11d0-a3b9-00a0c9223196}\global AudioDevice2=@device:cm:{33D9A762-90C8-11D0-BD43-00A0C911CE86}\wave:{9E589298-EA66-49E3-9076-C5024340B327} ---------- | Tasks List Adobe Acrobat Update Task ASUS Live Update1 ASUS Live Update2 ASUS Splendid ACMON ATK Package 36D18D69AFC3 ATK Package A22126881260 AutoUpdate Allplan 2016 AutoUpdate Allplan 2018 GoogleUpdateTaskMachineCore GoogleUpdateTaskMachineUA Intel PTT EK Recertification NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} OneDrive Standalone Update Task v2 OneDrive Standalone Update Task-S-1-5-21-1812020250-49885185-2009104261-1001 Optimize Push Notification Data File-S-1-5-21-1812020250-49885185-2009104261-1001 ROG Gaming Center RtHDVBg_ListenToDevice RTKCPL Skype SS3svc32Run SS3svc64Run Update Checker User_Feed_Synchronization-{B9D83AF0-CEDC-427C-A03A-4B0134D827F4} ---------- | Startings up registry ? Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=UsoSvc DeviceInstall gpsvc trustedinstaller "SvcHostSplitThresholdInKB"=3670016 "WaitToKillServiceTimeout"=200 "SystemStartOptions"= NOEXECUTE=OPTIN NOVGA "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(3) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=1 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [14/01/2018 21:03:43] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "LsaPid"=824 "ProductType"=3 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 "SecureBoot"=1 [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "AutoChkSkipSystemPartition"=0 "ResourceTimeoutCount"=648000 "PendingFileRenameOperations"=\??\C:\WINDOWS\System32\DriverStore\Temp\DEL3C3D.tmp \??\C:\WINDOWS\System32\DriverStore\Temp\DEL3C4E.tmp \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\MXDWDRV.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\MXDWDRV.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\PJLMON.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\PJLMON.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\PS5UI.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\PS5UI.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\PSCRIPT5.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\PSCRIPT5.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\UNIDRV.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\UNIDRV.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\UNIDRVUI.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\UNIDRVUI.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\UNIRES.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\UNIRES.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\New\mxdwdrv.dll \??\C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\mxdwdrv.dll \??\C:\Users\colis\AppData\Local\Temp\nsjCF94.tmp\nsProcess.dll \??\C:\Users\colis\AppData\Local\Temp\nsjCF94.tmp\ [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=4c000fe8-017f-4602-a77b-f9e5715 "GlassSessionId"=1 ---------- | .LNK with Arguments ---------- | AppCertDlls ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretTimeout"=5000 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "ScreenSaveActive"=1 "SnapSizing"=1 "TileWallpaper"=0 "WallPaper"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper [16/05/2018 10:10:25] "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=0 "WheelScrollChars"=3 "WindowArrangementActive"=1 "WheelScrollLines"=5 "Win8DpiScaling"=0 "DpiScalingVer"=4096 "UserPreferencesMask"=0x9E1E078012000000 "MaxVirtualDesktopDimension"=1920 "MaxMonitorDimension"=1920 "TranscodedImageCount"=1 "LastUpdated"=0 "TranscodedImageCache"=0x7AC3010083FD0A00000A0000A00500002E7B7631BD9AD30144003A005C0046006F006E006400200064002700E9006300720061006E005C003600370038003600330031002E006A007000670000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "PreferredUILanguages"=fr-FR "TranscodedImageCache_000"=0x7AC3010083FD0A00000A0000A00500002E7B7631BD9AD30144003A005C0046006F006E006400200064002700E9006300720061006E005C003600370038003600330031002E006A00700067000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005C005C003F005C0044004900530050004C004100590023004C004700440030003400450038002300340026003100300065003800630033006200610026003000260055004900440032003600350039003800380023007B00650036006600300037006200350066002D0065006500390037002D0034006100390030002D0062003000370036002D003300330066003500370062006600340065006100610037007D0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "WaitToKillAppTimeout"=200 "HungAppTimeout"=200 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ShellState"=0x240000003F2800000000000000000000000000000100000013000000000000006A000000 "ExplorerStartupTraceRecorded"=1 "UserSignedIn"=1 "SlowContextMenuEntries"=0x6024B221EA3A6910A2DC08002B30309DE20400007B5D1B1DC90F2E45902C12BACD4FBC209B0800000114020000000000C00000000000004698130000CEC429A936FD7042B4F534ECAC5BD63C4611000062B06A59D2B415429F74E9109B0A8153D5010000 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "TelemetrySalt"=3 "GlobalAssocChangedCounter"=181 "AppReadinessLogonComplete"=1 "FirstRunTelemetryComplete"=1 "EdgeDesktopShortcutCreated"=1 "PostAppInstallTasksCompleted"=1 "Browse For Folder Width"=361 "Browse For Folder Height"=361 "link"=0x1E000000 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=1 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=1 "SeparateProcess"=0 "AutoCheckSelect"=1 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "StoreAppsOnTaskbar"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=13 "TaskbarStateLastRun"=0x84077F5B00000000 "ReindexedProfile"=1 "SnapAssist"=0 "TaskbarSmallIcons"=0 "DisablePreviewDesktop"=0 "TaskbarBadges"=1 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery] "MRUListEx"=0x00000000FFFFFFFF "0"=0x640078000000 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableTaskMgr"=0 "DisableRegistryTools"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 "NoRun"=0 "NoFolderOptions"=0 "NoControlPanel"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{26afdb68-5aba-49cb-9207-f4b7fcdbc980}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{26afdb68-5aba-49cb-9207-f4b7fcdbc980}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableTaskMgr"=0 "DisableRegistryTools"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 "NoRun"=0 "NoFolderOptions"=0 "NoControlPanel"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=11 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "PUUActive"=0x0EFB17D0040000000C00460103520D009D660D009D660D00D20000000200080059F231B2FF5E8C0059121E00449E0600B7080600B7B4020080070000D6C91C00B2210000EF0300008A11A4649840D4015FB6230000000000010000002C511D00EE420000722E00004719C50000000000 "BuildNumber"=17134 "FirstLogon"=0 "DP"=0xD200E8008C0000000C0000000EFB17D00000000000000000E4BD77517A40D401E4BD77517A40D401000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000F03F80510100170900400320821003228210582501C02205020C6205030C573501800C9050500CF05251B35800C00000C8500008C870369700800580914005A0954722250180454165206543E5244096008034040B023404AB12A9F400803100206233007262A22101801403112B1413112B818800801280302352A23223AD4901802201AD482229AD5A "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "scremoveoption"=0 "LastLogOffEndTimePerfCounter"=5254529520740 "ShutdownFlags"=135 "Userinit"=C:\Windows\system32\userinit.exe, "DisableCad"=1 "DisableLockWorkstation"=0 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-21-1812020250-49885185-2009104261-1001 "LastUsedUsername"=colis [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=C:\WINDOWS\system32\userinit.exe [12/04/2018 01:34:22] ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [12/04/2018 18:19:11] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [12/04/2018 18:19:11] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"=0x534143500100000000000000070000002800000078A30600ECAE060001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000004C25A28A000000002C0000002C000000 "C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"=0x5341435001000000000000000700000028000000789303004D67040001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000EE24A28A000000002C0000002C000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000787C03003765040001000000000000000000000A00210000E63F486B2AA0D2010000000100000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C89C0300B381040001000000000000000000000A71200000E63F486B2AA0D2010000000100000000 "C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"=0x534143500100000000000000070000002800000078F3290096F9290001000000000000000000000AF1220000BFA2139DEDD1D301000000800000000002000000280000000000000000000000000000000000000000000000000000000CBBE680000000008400000084000000 "C:\Users\colis\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\ChromeSetup.exe"=0x5341435001000000000000000700000028000000583D1100C0A5110001000000000000000000000A00210000E63F486B2AA0D2010000008100000000 "C:\Users\colis\AppData\Local\Temp\GUM6301.tmp\GoogleUpdateSetup.exe"=0x5341435001000000000000000700000028000000583D1100C0A5110001000000000000000000000A00210000E63F486B2AA0D20100000080000000000200000028000000000000000000004000000000000000000000000000000000987B0000000000000100000001000000 "C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.0.5.0_x86__qmba6cd70vzyy\ROG Aura Core\Aura.exe"=0x534143500100000000000000070000002800000078E18C0123628D0101000000000000000000000A00210000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000C26F0300000000000200000002000000 "C:\Users\colis\Downloads\DTLiteInstaller.exe"=0x5341435001000000000000000700000028000000A0140C00E3800C0001000000000000000000000A00210000E63F486B2AA0D201000000000000000002000000280000000000000000000040000000000000000000000000000000009FD90500000000000100000001000000 "C:\Users\colis\Downloads\wrar550fr.exe"=0x5341435001000000000000000700000028000000C8DC1F00C1EC1F0001000000000000000000000A00210000E63F486B2AA0D201000000800000000002000000280000000000000000000040000000000000000000000000000000003A610000000000000100000001000000 "C:\Users\colis\Downloads\SteamSetup.exe"=0x534143500100000000000000070000002800000088131600052B160001000000000000000000000A00210000E63F486B2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000882D0000000000000100000001000000 "C:\Program Files (x86)\WinRAR\WinRAR.exe"=0x5341435001000000000000000700000028000000C8411700F3B9170001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000057699B00000000003E0000003E000000 "C:\Program Files (x86)\McAfee\msc\mchlp32.exe"=0x534143500100000000000000070000002800000070F20B007ED70C0001000000000000000000000A00210000E63F486B2AA0D201000000000000000002000000280000000000000000000000000000000000000000000000000000002F000000000000000100000001000000 "C:\Program Files\mcafee\msc\mcuihost.exe"=0x534143500100000000000000070000002800000040931100100C120001000000000000000000000A00210000E78E163C2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000DD3F0C00000000000100000001000000 "C:\Users\colis\AppData\Local\Temp\Rar$EXa2116.41321\Asus Espada Gaming Mouse.exe"=0x53414350010000000000000007000000280000003687AE000000000001000000000000000000010600010000E63F486B2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000CAE80000000000000100000001000000 "C:\Users\colis\Desktop\They.Are.Billions.v0.5.3.5\They Are Billions\TheyAreBillions.exe"=0x5341435001000000000000000700000028000000002826000000000001000000000000000000000AF5220000E78E163C2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000033787200000000000400000004000000 "C:\Program Files\DAEMON Tools Lite\DTAgent.exe"=0x5341435001000000000000000700000028000000C04E5000AE2B510001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000073131500000000000D0000000D000000 "SIGN.MEDIA=5AC3F68A Setup.exe"=0x534143500100000000000000070000002800000000BC5F003410600001000000000000000000020671220000E63F486B2AA0D2010000000000000000 "C:\Program Files (x86)\Need for Speed Most Wanted 2012\NFS13.exe"=0x534143500100000000000000070000002800000000F0DD001A0CD10001000000000000000000020671220000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000099180000000000000300000003000000 "C:\Users\colis\Desktop\NFS13.exe"=0x534143500100000000000000070000002800000000F0DD001A0CD10001000000000000000000020671220000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000024070000000000000100000001000000 "C:\Users\colis\AppData\Roaming\.minecraft\minecraft launcher\Minecraft Launcher.exe"=0x534143500100000000000000070000002800000022A3190046D9000001000000000000000000010600010000BFA2139DEDD1D30100000000000000000200000028000000000000008000000000020000000000000000000000000000201B4700000000000900000009000000 "C:\Users\colis\Downloads\JavaSetup8u151.exe"=0x534143500100000000000000070000002800000040461C00D6281D0001000000000000000000000A71220000E63F486B2AA0D2010000000000000000020000002800000000000000000000400000000000000000000000000000000095610400000000000100000001000000 "C:\Program Files\Internet Explorer\iexplore.exe"=0x534143500100000000000000070000002800000040950C0053520D0001000000010000000000000A00210000E78E163C2AA0D2010000000000000000 "C:\Users\colis\Downloads\League of Legends installer EUW.exe"=0x5341435001000000000000000700000028000000C8AB5A04655D5B0401000000000000000000000A00210000E63F486B2AA0D2010000000000000000 "C:\Users\colis\Desktop\JEU\Forager\Forager.exe"=0x534143500100000000000000070000002800000000884A0040654B0001000000000000000000000A71220000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000A1B81400000000000100000001000000 "D:\Jeu\Assassins.Creed.Unity.v1.5.0.Inclu.ALL.DLC\Assassin's Creed - Unity\ACU.exe"=0x5341435001000000000000000700000028000000D89CD701657ED80101000000000000000000000A73220000E78E163C2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000E2400000000000000400000004000000 "D:\Jeu\Assassins.Creed.Unity.v1.5.0.Inclu.ALL.DLC\Assassin's Creed - Unity\GDF.exe"=0x5341435001000000000000000700000028000000D85A01003564010001000000000000000000010671000000E63F486B2AA0D20100000000000000000100000004000000010000000500000010000000000000000000000000000000000000000200000028000000000000000000000000002000000000000000200000000000CF1C0000000000000200000002000000 "D:\Jeu\Assassins.Creed.Unity.v1.5.0.Inclu.ALL.DLC\Assassin's Creed - Unity\GDFInstall.exe"=0x5341435001000000000000000700000028000000D8EE010047AE020001000000000000000000030671000000E63F486B2AA0D20100000000000000000500000010000000000000000000000000000000000800000200000028000000000000000008004000020000000000000000000000000000E4230000000000000100000001000000 "D:\Jeu\Assassins.Creed.Unity.v1.5.0.Inclu.ALL.DLC\Assassin's Creed - Unity\GDF_rem.exe"=0x5341435001000000000000000700000028000000D858010023D1010001000000000000000000010671000000E63F486B2AA0D201000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000020000000000000002000000000006B100000000000000100000001000000010000000400000001000000 "D:\Jeu\Tooth.and.Tail.v1.1.1.4\setup_tooth_and_tail_1.1.1.4_(17934).exe"=0x5341435001000000000000000700000028000000A8E7F02796B6F12701000000000000000000000A00210000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000075AF0100000000000100000001000000 "D:\Jeu\Tooth and Tail\ToothAndTail.exe"=0x534143500100000000000000070000002800000000F222000000000001000000000000000000000AF1220000E63F486B2AA0D20100000000000000000200000028000000000000001000002000000000000000000000000000000000F52D3800000000000100000001000000 "C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe"=0x5341435001000000000000000700000028000000F87DAA00CE6AAB0001000000000000000000000A00210000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000983D1000000000000100000001000000 "D:\Allplan\setup.exe"=0x534143500100000000000000070000002800000098471200FE2D130001000000000000000000000A00210000E63F486B2AA0D201000000000000000002000000280000000000000000000040000000000000000000000000000000007A78B200000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0A203006855040001000000000000000000000A71200000E63F486B2AA0D2010000000100000000 "D:\Download\Allplan 2018-0-2.exe"=0x5341435001000000000000000700000028000000306C118F6E9F118F01000000000000000000000A00210000E78E163C2AA0D2010000000000000000020000002800000000000000000000400000000000000000000000000000000077D01C00000000000100000001000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.72.117.0_x86__zpdnekdrzrea0\SpotifyMigrator.exe"=0x534143500100000000000000070000002800000090550C00B9290D0001000000000000000000000A00210000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000093868801000000000100000001000000 "D:\Allplan\Prg\nemstart.2018.exe"=0x5341435001000000000000000700000028000000981D080087F4080001000000000000000000000A00210000E78E163C2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000059EF0500000000000100000001000000 "D:\Allplan\Prg\Allplan_2018.exe"=0x5341435001000000000000000700000028000000986D5500D819560001000000000000000000030600010000E78E163C2AA0D20100000000000000000200000028000000000000000000000000000200000000000000000000000000483E8C00000000000100000001000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.72.117.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090E90B0093820C0001000000000000000000000A00210000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000EFB06605000000000200000002000000 "D:\Allplan\Prg\nemstart.2016.exe"=0x534143500100000000000000070000002800000098FD0400D247050001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000000E4E3F00000000000500000005000000 "D:\Allplan\Prg\Allplan_2016.exe"=0x5341435001000000000000000700000028000000989B3F00BF32400001000000000000000000030600010000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000200000000000000000000000000847C5C00000000000500000005000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090E90B006DFE0B0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000F3F9682C000000000800000008000000 "D:\Jeu\Slay.the.Spire.Patch.9\SlayTheSpire.exe"=0x534143500100000000000000070000002800000000B00500BFC7050001000000000000000000000A73220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000009C75BF00000000002800000028000000 "D:\Jeu\RimWorld.v0.18.1722\RimWorldWin.exe"=0x5341435001000000000000000700000028000000007615010000000001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000030A19B00000000000500000005000000 "D:\Jeu\Rogue Legacy by Nicomouk9\setup_rogue_legacy_2.2.0.10.exe"=0x5341435001000000000000000700000028000000900B2F0C01102F0C01000000000000000000010600010000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000908C0000000000000100000001000000 "D:\Jeu\Rogue Legacy by Nicomouk9\patch_rogue_legacy_2.2.1.11.exe"=0x5341435001000000000000000700000028000000A0D20E007D630F0001000000000000000000010600010000E63F486B2AA0D2010000008000000000020000002800000000000000000000000000000000000000000000000000000030270000000000000100000001000000 "D:\Jeu\Rogue Legacy\RogueLegacy.exe"=0x534143500100000000000000070000002800000000C6110000000000010000000000000000000206F1020000DB80FDAC2839D301000000000000000002000000280000000000000030000060000000000000000000000000000000005C96BA00000000000900000009000000 "SIGN.MEDIA=FD1BDF6C setup.exe"=0x5341435001000000000000000700000028000000BE7841000000000001000000000000000000010600010000E63F486B2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000B7070200000000000100000001000000 "D:\Jeu\Snake Pass\SnakePass.exe"=0x5341435001000000000000000700000028000000000607003AFA010001000000000000000000000A73200000E78E163C2AA0D201000000000000000005000000100000000000000000000000000000002000000002000000280000000000000020000060000000000000000000000000000000001E920A00000000000200000002000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\SpotifyMigrator.exe"=0x534143500100000000000000070000002800000090550C008AE20C0001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000005320A301000000000300000003000000 "D:\Jeu\Turmoil by Nicomouk9\TurmoilSteam.exe"=0x5341435001000000000000000700000028000000000E3700B1CA320001000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000001E073600000000000200000002000000 "D:\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe"=0x5341435001000000000000000700000028000000C0872E00DED82E0001000000000000000000000A71220000E63F486B2AA0D201000000000000000002000000280000000000000080000000000000000000000000000000000000002CBD0200000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\17.005.0107.0008\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0AC03001457040001000000000000000000000A71200000E63F486B2AA0D2010000000100000000 "D:\Download\winx-youtube-downloader.exe"=0x534143500100000000000000070000002800000008153301A780330101000000000000000000030600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000B8950000000000000100000001000000 "D:\Deezloader-win32-x64\Deezloader.exe"=0x53414350010000000000000007000000280000000058D8040000000001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000500000000000000000000040000000000000000000000000000000003F41000000000000010000000100000000000000000000000000000000000000000000000000000095CF0000000000000500000000000000 "D:\Jeu\Dragon Cliff\game.exe"=0x534143500100000000000000070000002800000000EE14010000000001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000065801500000000000300000003000000 "D:\Jeu\Aegis Defenders\AegisDefenders.exe"=0x5341435001000000000000000700000028000000007615010000000001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A88F3900000000000300000003000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.74.380.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090E90B0022F90B0001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000003D90F80F000000000500000005000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.74.380.0_x86__zpdnekdrzrea0\SpotifyMigrator.exe"=0x534143500100000000000000070000002800000090550C003B370D0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000 "C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE"=0x5341435001000000000000000700000028000000B06A1C00B9DD1C0001000000000000000000000A00210000DB80FDAC2839D3010000009100000000 "J:\office 2007\SETUP.EXE"=0x534143500100000000000000070000002800000030110700C7F8070001000000000000000000000671020000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000004D00300000000000100000001000000 "C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.8830.7600.0_x64__8wekyb3d8bbwe\Office16\OfficeHubWin32.exe"=0x5341435001000000000000000700000028000000A8381E0089FB1E0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000DF8C0000000000000100000001000000 "C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE"=0x5341435001000000000000000700000028000000301907002F59070001000000000000000000000671020000DB80FDAC2839D3010000000100000000 "C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE"=0x5341435001000000000000000700000028000000284D0500AAA8050001000000000000000000000671020000BFA2139DEDD1D3010000000100000000 "D:\Jeu\Into the Breach\Breach.exe"=0x5341435001000000000000000700000028000000002A3F000000000001000000000000000000000A71220000DB80FDAC2839D3010000000000000000020000002800000000000000100000200000000000000000000000000000000050677100000000000700000007000000 "C:\Program Files (x86)\Java\jre1.8.0_151\bin\javaw.exe"=0x534143500100000000000000070000002800000040EC0200B2B0030001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000467F0900000000000200000002000000 "D:\Prog\Deezer Downloader v3.2.3.exe"=0x5341435001000000000000000700000028000000421639009693000001000000000000000000000A71200000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000265F0700000000000100000001000000 "D:\Prog\Deezloader-win-64.exe"=0x5341435001000000000000000700000028000000B3275C020000000001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000044CC0100000000000100000001000000 "D:\Prog\Deezloader X64\DeezLoader.exe"=0x534143500100000000000000070000002800000000A2D3040000000001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000005000000000000000000000000000000000000000000000000000000001FF2100000000000E00000003000000000000000000004000000000000000000000000000000000A0C80000000000000200000000000000 "C:\Users\colis\AppData\Local\Temp\{94207815-20cd-4ee5-B240-596274AED21E}\{7B28E39C-883C-4f49-ABFB-5D16796F2DD9}\ISAdmin.exe"=0x5341435001000000000000000700000028000000C01B0D00EC3A0D0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000B3680200000000000100000001000000 "D:\Prog\PDF creator\vspdfprsrv.exe"=0x5341435001000000000000000700000028000000001A6E000000000001000000000000000000020671020000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000001820000000000000100000001000000 "D:\Download\PDFCreator-3_1_2-Setup.exe"=0x53414350010000000000000007000000280000003087F201D064F30101000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000FFF40000000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.025.0204.0009\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0AE0300F24D040001000000000000000000000A71200000DB80FDAC2839D3010000000100000000 "C:\Users\colis\Desktop\FTL.Advanced.Edition.v1.6.7\setup_ftl_-_advanced_edition_1.6.7_(18661).exe"=0x53414350010000000000000007000000280000009887660BA8C0660B01000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000087080100000000000100000001000000 "D:\Jeu\FTL - Advanced Edition\FTLGame.exe"=0x534143500100000000000000070000002800000000B6560035F7560001000000000000000000030600010000BFA2139DEDD1D3010000000000000000020000002800000000000000100000200000000000000000000000000000000033DC7400000000001500000015000000 "D:\Jeu\FTL\FTL_v1.5.4_Install.exe"=0x5341435001000000000000000700000028000000694F420B0000000001000000000000000000020600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000022170000000000000100000001000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090F10B00E25E0C0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000BFF09A29000000000600000006000000 "C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLED.EXE"=0x534143500100000000000000070000002800000010E70000EEE0010001000000000000000000000671020000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000BD820000000000000100000001000000 "C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE"=0x534143500100000000000000070000002800000028FF1001D228110101000000000000000000000671020000BFA2139DEDD1D3010000000100000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\SpotifyMigrator.exe"=0x5341435001000000000000000700000028000000905D0C00A5580D0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000 "C:\Users\colis\AppData\Local\Temp\7zSC8A8F1F4\GenericSetup.exe"=0x5341435001000000000000000700000028000000F80A020026AB020001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000FBA30100000000000100000001000000 "SIGN.MEDIA=33B8494 OriginSetup.exe"=0x5341435001000000000000000700000028000000007067000000000001000000000000000000000A61200000DB80FDAC2839D3010000000000000000020000002800000000000000000800400000000000000000000000000000000096640A00000000000100000001000000 "C:\Program Files (x86)\Need For Speed Payback\NeedForSpeedPayback.exe"=0x534143500100000000000000070000002800000000065C0ABD6A5C0A01000000000000000000000A73220000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000CF160B00000000000400000004000000 "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"=0x5341435001000000000000000700000028000000C0271A0087351A0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000076E8670B000000000100000001000000 "D:\Download\jre-8u161-windows-x64.exe"=0x534143500100000000000000070000002800000040624004C712410401000000000000000000000A73220000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000F9440300000000000100000001000000 "SIGN.MEDIA=3BDF70EB setup.exe"=0x53414350010000000000000007000000280000008F2652000000000001000000000000000000010600010000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000000E380200000000000100000001000000 "D:\Games\Surviving Mars\MarsSteam.exe"=0x5341435001000000000000000700000028000000B8939800B05B990001000000000000000000000A73220000DB80FDAC2839D301000000000000000002000000280000000000000020000060000000000000000000000000000000007132AD00000000000B0000000B000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.044.0301.0006\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0BC0300204F040001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "C:\Users\colis\Desktop\SMLoadr-win-x64_v1.8.0.exe"=0x53414350010000000000000007000000280000008DB815020000000001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000741A5E00000000000100000001000000 "D:\Jeu\Minit\minit.exe"=0x534143500100000000000000070000002800000000E46D0658F76F0601000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000008001000000000000000000000000000000000000DBE26A00000000000500000005000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090F10B0018650C0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000091B59454000000000300000003000000 "C:\Users\colis\Desktop\smloader\SMLoadr-win-x64_v1.8.0.exe"=0x53414350010000000000000007000000280000008DB815020000000001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B0770000000000000100000001000000 "C:\Users\colis\Desktop\smloader\Nouveau dossier\SMLoader_GUI.exe"=0x5341435001000000000000000700000028000000002031000000000001000000000000000000000A73200000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000087280000000000000100000001000000 "C:\Users\colis\Desktop\smloader\Nouveau dossier\SMLoadr-win-x64_v1.9.0.exe"=0x53414350010000000000000007000000280000004CB629020000000001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000005691500000000000200000002000000 "D:\Jeu\Dead.Cells.v04.04.2018\deadcells.exe"=0x5341435001000000000000000700000028000000A8B68B00EB438C0001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000007DDB700000000000800000008000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\SpotifyMigrator.exe"=0x5341435001000000000000000700000028000000905D0C00BF2D0D0001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000004BBA0D01000000000300000003000000 "D:\Download\FreeConvertFLACToMP3Setup.exe"=0x5341435001000000000000000700000028000000A4DF59010000000001000000000000000000010600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000036FA2600000000000100000001000000 "C:\Program Files (x86)\4dots Software\Free Convert FLAC To MP3\FreeConvertFLACToMP3.exe"=0x5341435001000000000000000700000028000000009008000000000001000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000003B011000000000000400000004000000 "D:\Download\Setup_FreeAudioConverter.exe"=0x5341435001000000000000000700000028000000F02829002462290001000000000000000000010600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000042650000000000000100000001000000 "C:\Program Files (x86)\Kastor Free Mp3 M4a Wma Converter\FreeMp3M4aWmaConverter.exe"=0x534143500100000000000000070000002800000000C007000000000001000000000000000000010671200000DB80FDAC2839D30100000000000000000200000028000000000000000000000000100000000000000000000000000000902E1E00000000000300000003000000 "D:\Download\ovideocapture.exe"=0x5341435001000000000000000700000028000000F63D0A000000000001000000000000000000000A41220000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000281B0700000000000100000001000000 "D:\Jeu\NeonDS.exe"=0x534143500100000000000000070000002800000000E026000000000001000000000000000000000671200000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000BD890100000000000100000001000000 "D:\Jeu\DS\DeSmuME_0.9.10_x86.exe"=0x5341435001000000000000000700000028000000001610000000000001000000000000000000020671020000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000001C2C4300000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.065.0329.0002\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0E00300017A040001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "SIGN.MEDIA=5FEDE0C6 setup.exe"=0x5341435001000000000000000700000028000000922652000000000001000000000000000000010600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000034E10100000000000100000001000000 "D:\Games\Frostpunk\Frostpunk.exe"=0x53414350010000000000000007000000280000000090B2010000000001000000000000000000000A73220000DB80FDAC2839D30100000000000000000500000010000000000000000000000000000000200000000200000028000000000000002000006000000000000000000000000000000000F7909700000000000A0000000A000000 "C:\Users\colis\Desktop\smloader\SMLoadr-win-x64_v1.9.2.exe"=0x5341435001000000000000000700000028000000290D1E020000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000AAC75800000000000700000007000000 "C:\Users\colis\Desktop\smloader\GUI\SMLoader.exe"=0x5341435001000000000000000700000028000000002031000000000001000000000000000000000A73200000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A7490100000000000400000004000000 "C:\Program Files\Common Files\EAInstaller\Need for Speed Payback\Cleanup.exe"=0x5341435001000000000000000700000028000000E0270E007ED50E0001000000000000000000020600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000D51B0000000000000100000001000000 "C:\Program Files (x86)\Need for Speed Most Wanted 2012\unins000.exe"=0x534143500100000000000000070000002800000021020B000000000001000000000000000000020600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000020000000000000000000000000000A7130000000000000100000001000000 "C:\Riot Games\League of Legends\LeagueClient.exe"=0x534143500100000000000000070000002800000080E43400951A350001000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000000F336E00000000000200000002000000 "D:\Download\Endless.Legend.v1.5.7.S3.Incl.DLC\Endless.Legend.v1.5.7.S3.Incl.DLC\EndlessLegend.exe"=0x534143500100000000000000070000002800000000823B010000000001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000E69A5001000000000400000004000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.80.474.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090F10B00D0000C0001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000003ABDBF3B000000000600000006000000 "C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.18.0_x86__qmba6cd70vzyy\AuraListen.exe"=0x534143500100000000000000070000002800000000FA24000000000001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000DB000000000000000700000007000000 "D:\Jeu\Endless.Legend.v1.5.7.S3.Incl.DLC\Endless.Legend.v1.5.7.S3.Incl.DLC\EndlessLegend.exe"=0x534143500100000000000000070000002800000000823B010000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000FF91BC01000000000700000007000000 "D:\Prog\CASIO FA-124.exe"=0x534143500100000000000000070000002800000072A71F010000000001000000000000000000010600210000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000009F380100000000000100000001000000 "D:\Prog\Casio FA-124\FA124.exe"=0x5341435001000000000000000700000028000000006013000000000001000000000000000000000671200000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000200000000000000000000000000C4066D00000000000100000001000000 "D:\Jeu\Machiavillain.v1.01.GOG\machiavillain_v1.01_x64_setup.exe"=0x534143500100000000000000070000002800000038BD0B1A61090C1A01000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B7801E00000000000100000001000000 "D:\Jeu\MachiaVillain\MachiaVillain.exe"=0x534143500100000000000000070000002800000000E609000000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000010000020000000000000000000000000000000009A609500000000000300000003000000 "D:\Jeu\STAY.v1.0.2.4\stay.exe"=0x534143500100000000000000070000002800000000C209000000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000208D7D01000000000100000001000000 "D:\Jeu\Wizard of Legend\WizardOfLegend.exe"=0x534143500100000000000000070000002800000000585C010000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000010000020000000000000000000000000000000008EA03300000000000200000002000000 "C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\Office Setup Controller\SETUP.EXE"=0x534143500100000000000000070000002800000030B50600FF1E070003000000000000000000000671020000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000045A0400000000000200000002000000 "D:\Download\office-2016_16-0-7167-2060_fr_431791_64.exe"=0x5341435001000000000000000700000028000000385354005BA9540001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000001B9B1300000000000400000004000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe"=0x5341435001000000000000000700000028000000A8DA2E016B402F0101000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000076141300000000000100000001000000 "D:\Jeu\Graveyard.Keeper.Alpha.v0.669\Graveyard Keeper Alpha\Graveyard Keeper.exe"=0x534143500100000000000000070000002800000000B015010000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000559A6E00000000000500000005000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.091.0506.0003\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0E00300C327040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "D:\Download\readerdc_fr_xa_crd_install.exe"=0x5341435001000000000000000700000028000000F86D12000459130001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000066740300000000000100000001000000 "D:\Jeu\Asylamba.Influence\Influence\influence.exe"=0x53414350010000000000000007000000280000006475A2030000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A1004E00000000000200000002000000 "C:\Users\colis\Desktop\FTBLauncher_64bit.exe"=0x5341435001000000000000000700000028000000B31899000000000001000000000000000000000A73200000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B27D9001000000000700000007000000 "D:\Jeu\Cultist.Simulator\Cultist Simulator\cultistsimulator.exe"=0x534143500100000000000000070000002800000000C209000000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000009B6F2900000000000100000001000000 "D:\Jeu\Duskers\Duskers.exe"=0x5341435001000000000000000700000028000000003E00010000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B66E1E00000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.091.0506.0006\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0E00300534A040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE"=0x5341435001000000000000000700000028000000B09C1A03C5FA1A0301000000000000000000000A00210000BFA2139DEDD1D3010000009100000000 "D:\Download\Solibri-Model-Checker_v9_8_windows_64bit_9_8_30-20180504.exe"=0x5341435001000000000000000700000028000000501BB30F0000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000000D451600000000000100000001000000 "C:\Program Files (x86)\Steam\Steam.exe"=0x534143500100000000000000070000002800000020D930004769310001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000D9E56D0B000000001900000019000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090ED0B003B9E0C0001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000009F123342000000000100000001000000 "SIGN.MEDIA=3629CB96 Install.exe"=0x5341435001000000000000000700000028000000AB68FD000000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000003B200300000000000100000001000000 "D:\Jeu\Egypt - Old Kingdom\win64\Egypt Old Kingdom.exe"=0x5341435001000000000000000700000028000000009A54010000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000005FB30B01000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.091.0506.0007\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A8E003002796040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Users\colis\AppData\Roaming\uTorrent\uTorrent.exe"=0x5341435001000000000000000700000028000000B8461E00E9041F0001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B83DEB0F000000000400000004000000 "SIGN.MEDIA=55AAAEAE SetFH3.exe"=0x534143500100000000000000070000002800000095101C000000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000500000010000000000000000000000000000000800000000200000028000000000000008000000000000000000000000000000000000000DF4C1C00000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.111.0603.0004\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0F603000E59040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files (x86)\Steam\bin\steamservice.exe"=0x53414350010000000000000007000000280000002089190036B9190001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000005FF20000000000000100000001000000 "D:\Jeu\Salt.and.Sanctuary.v1.0.0.7\salt.exe"=0x534143500100000000000000070000002800000000AC18000000000001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000025C6C422000000000100000001000000 "C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE"=0x5341435001000000000000000700000028000000B0C41D000B921E0001000000000000000000000A00210000BFA2139DEDD1D3010000009100000000 "SIGN.MEDIA=45A8435F Win64\setup.exe"=0x5341435001000000000000000700000028000000754D73000000000001000000000000000000010600010000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000004C600100000000000100000001000000 "D:\Games\Slime Rancher The Little Big Storage\SlimeRancher.exe"=0x5341435001000000000000000700000028000000005A66010000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000020000060000000000000000000000000000000005C813000000000000100000001000000 "D:\Jeu\Death.Skid.Marks.v1.16\IGG-Death.Skid.Marks.v1.16\DeathSkidMarks.exe"=0x53414350010000000000000007000000280000001050E200F8D7DC0001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000011DE1600000000000200000002000000 "SIGN.MEDIA=A61FAC56 setup.exe"=0x5341435001000000000000000700000028000000E02652000000000001000000000000000000010600010000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000947F1300000000000100000001000000 "D:\Games\Crash Bandicoot N Sane Trilogy\CrashBandicootNSaneTrilogy.exe"=0x53414350010000000000000007000000280000005890C801EE33C90101000000000000000000000A73200000BFA2139DEDD1D30100000000000000000200000028000000000000002000006000000000000000000000000000000000CF691F00000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.111.0603.0006\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0F60300D140040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.22.0_x86__qmba6cd70vzyy\AuraListen.exe"=0x5341435001000000000000000700000028000000004C27000000000001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000DA630000000000000600000006000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090ED0B00CBC50C0001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000C4D95B14000000000200000002000000 "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"=0x5341435001000000000000000700000028000000F0A522004741230001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000100000000000000000000000000000000083013C00000000002100000021000000 "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"=0x5341435001000000000000000700000028000000182012004E9B120001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000029010000000000000100000001000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090D10B0093AD0C0001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000067E93F51000000000100000001000000 "D:\Jeu\Infectonator.3.Apocalypse.v1.3.2.2\Infectonator3.exe"=0x5341435001000000000000000700000028000000006C5C010000000001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000071875200000000000200000002000000 "D:\Jeu\Infectonator.Survivors.v1.1.2\Survivors.exe"=0x5341435001000000000000000700000028000000003A0200D308010001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000001A759200000000000100000001000000 "D:\Download\xp68-win-mp495-5_56-ea24.exe"=0x5341435001000000000000000700000028000000986C5C01F2315D0101000000000000000000010600010000BFA2139DEDD1D30100000000000000000200000028000000000000008000004000000000000000000000000000000000F0620000000000000100000001000000 "D:\Download\qm__-win-2_8_5-ea31_2.exe"=0x5341435001000000000000000700000028000000802E9100B53B910001000000000000000000010600010000BFA2139DEDD1D3010000000000000000020000002800000000000000800000400000000000000000000000000000000091430000000000000100000001000000 "C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE"=0x5341435001000000000000000700000028000000800A14003987140001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000002AFCA729000000000100000001000000 "C:\Program Files (x86)\Canon\Quick Menu\CNSEMAIN.EXE"=0x534143500100000000000000070000002800000098F405002EFB050001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000EE020000000000000100000001000000 "D:\Jeu\Star Traders Frontiers\StarTradersFrontiers.exe"=0x534143500100000000000000070000002800000000966D000000000001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A9030000000000000100000001000000 "D:\Jeu\Star Traders Frontiers\LAUNCHER_x64.exe"=0x5341435001000000000000000700000028000000002A04007CA4040001000000000000000000000A73220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000D0743F00000000000100000001000000 "D:\Download\DeezLoader-3.1.1-win-64&32-installer.exe"=0x5341435001000000000000000700000028000000E52066040000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000EF280100000000000200000002000000 "C:\Users\colis\AppData\Local\Programs\DeezLoader\DeezLoader.exe"=0x5341435001000000000000000700000028000000009409040000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000009C7A0700000000000100000001000000 "D:\Download\MP3 Loader Remix 4.1.2-Win64.exe"=0x534143500100000000000000070000002800000011F73E020000000001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000072500000000000000100000001000000 "C:\Users\colis\AppData\Local\Programs\Deezloader Remix\Deezloader Remix.exe"=0x5341435001000000000000000700000028000000006E08040000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000624A0B00000000000200000002000000 "D:\Download\DeezLoader Remaster Setup 5.0.2-ALPHA.exe"=0x5341435001000000000000000700000028000000B8DAE1040000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000002A5C0000000000000100000001000000 "C:\Users\colis\AppData\Local\Programs\DeezLoader Remaster\DeezLoader Remaster.exe"=0x5341435001000000000000000700000028000000002A0B040000000001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000054470100000000000100000001000000 "C:\Users\colis\AppData\Local\Programs\Deezloader Remix\Uninstall Deezloader Remix.exe"=0x5341435001000000000000000700000028000000C5E303000000000003000000000000000000000A00210000BFA2139DEDD1D30100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000130F0000000000000100000001000000 "C:\Users\colis\AppData\Local\Programs\DeezLoader Remaster\Uninstall DeezLoader Remaster.exe"=0x5341435001000000000000000700000028000000D25E07000000000003000000000000000000000A00210000BFA2139DEDD1D3010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000028300000000000000100000001000000 "C:\Users\colis\AppData\Local\Programs\DeezLoader\Uninstall DeezLoader.exe"=0x5341435001000000000000000700000028000000525E07000000000003000000000000000000000A00210000BFA2139DEDD1D3010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000037450000000000000100000001000000 "D:\Prog\Deezloader X64\Uninstall DeezLoader.exe"=0x5341435001000000000000000700000028000000795A07000000000003000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000575F0000000000000100000001000000 "C:\Users\colis\Documents\telegram\Deezloader Remix 4.1.2 - Setup.exe"=0x534143500100000000000000070000002800000011F73E020000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000FE4B0000000000000100000001000000 "C:\Program Files\Java\jre1.8.0_161\bin\javaw.exe"=0x534143500100000000000000070000002800000040280300E5A7030001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000459C3A00000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000A0B09301B75E940101000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"=0x5341435001000000000000000700000028000000581318009955180001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A80204003EA4040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.23.0_x86__qmba6cd70vzyy\AuraListen.exe"=0x5341435001000000000000000700000028000000005427000000000001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe"=0x5341435001000000000000000700000028000000E0198700D28B870001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000035540100000000000400000004000000 "C:\Users\colis\Desktop\Nouveau dossier (3)\jarfix.exe"=0x534143500100000000000000070000002800000041FF00000000000001000000000000000000010600010000BFA2139DEDD1D3010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400002010000000000000000000000000053360000000000000100000001000000 "C:\Users\colis\Desktop\Nouveau dossier (3)\SkaiaCraft Launcher v2.0.exe"=0x534143500100000000000000070000002800000026D937003ED3010001000000000000000000000A71200000BFA2139DEDD1D30100000000000000000200000028000000000000008000000000000000000000000000000000000000C63F1100000000000100000001000000 "D:\Jeu\Minecraft\SkaiaCraft Launcher v2.0.exe"=0x534143500100000000000000070000002800000026D937003ED3010001000000000000000000000A71200000BFA2139DEDD1D301000000000000000002000000280000000000000080000000000000000000000000000000000000000E685001000000000300000003000000 "D:\Download\Deezloader Remix\Deezloader Remix 4.1.3 Setup-x64.exe"=0x5341435001000000000000000700000028000000F31031020000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000002A830000000000000100000001000000 "D:\Download\Deezloader Remix\Deezloader Remix 4.1.3 Setup-x32.exe"=0x534143500100000000000000070000002800000005EEE0010000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000D3450000000000000100000001000000 "D:\Prog\Deezloader Remix\Deezloader Remix.exe"=0x53414350010000000000000007000000280000000082F4020000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B5CD1600000000000300000003000000 "D:\Download\Git-2.18.0-64-bit.exe"=0x5341435001000000000000000700000028000000108C73022039740201000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000356A0D00000000000100000001000000 "C:\Program Files\Git\git-bash.exe"=0x53414350010000000000000007000000280000001843020056A9020001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000F8370000000000000100000001000000 "D:\Jeu\The.Binding.of.Isaac.Afterbirth.Plus.Update.22\isaac-ng.exe"=0x5341435001000000000000000700000028000000705159000000000001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000032A8600000000000E0000000E000000 "D:\Download\UsbFix_11.002.exe"=0x5341435001000000000000000700000028000000A0C03D0056703E0001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000400000000000000000000000000000000078800700000000000100000001000000 "C:\Program Files (x86)\UsbFix\UsbFix.exe"=0x534143500100000000000000070000002800000090821E0017181F0001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000BE380B00000000000200000002000000 "D:\Download\mb3-setup-consumer-3.5.1.2522-1.0.421-1.0.6511.exe"=0x53414350010000000000000007000000280000007831EB0435BEEB0401000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000006D810500000000000100000001000000 "C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe"=0x534143500100000000000000070000002800000050C77B0097507C0001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000081020000000000000100000001000000 "C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe"=0x534143500100000000000000070000002800000020510E002FD70E0001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000400000000000000000000000000000000026040000000000000100000001000000 "D:\Download\QuickDiag.exe"=0x5341435001000000000000000700000028000000981D4A0083494A0001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=131709317925146040 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "DisableAntiSpyware"=0 "TrustedImageIdentifier"={GL703VD0-0000-0000-0000-000000000000} "ProductType"=2 "InstallLocation"=C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\ "ProductStatus"=0 "InstallTime"=0x81ECCA640B47D301 "OOBEInstallTime"=0xA3787861EDECD301 "DisableAntiVirus"=0 "LastEnabledTime"=0xAFB0C6FC5C8AD301 "ManagedDefenderProductType"=0 "BackupLocation"=C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) [HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001] : AF_UNIX [HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001] : AF_UNIX [HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001] : AF_UNIX [HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001] : AF_UNIX ---------- | Hosts ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [172.217.22.142] avec 32 octets de donn?es?: R?ponse de 172.217.22.142?: octets=32 temps=47 ms TTL=50 R?ponse de 172.217.22.142?: octets=32 temps=67 ms TTL=50 R?ponse de 172.217.22.142?: octets=32 temps=64 ms TTL=50 R?ponse de 172.217.22.142?: octets=32 temps=62 ms TTL=50 Statistiques Ping pour 172.217.22.142: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 47ms, Maximum = 67ms, Moyenne = 60ms ---------- | @ [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=%11%\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=about:blank "Default_Page_URL"=http://asus17win10.msn.com/?pc=ASTE "DisableFirstRunCustomize"=3 "ImageStoreRandomFolder"=fp1f8mf "OperationalData"=12 "CompatibilityFlags"=0 "SearchBandMigrationVersion"=1 "FullScreen"=no "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF530100004600000003060000E9020000 "Start Page_TIMESTAMP"=0xE2A955FA1E8BD301 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=0x010000000F00000039BB737F79F35E040F7106E633061C020000000E0000005A64584D744F4D4B6F4A41253364 "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0x6172CF28628AD301 "IE10RunOnceLastShown"=1 "IE10RunOnceLastShown_TIMESTAMP"=0xA65B21B818B7D301 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "CertificateRevocation"=1 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "ZonesSecurityUpgrade"=0x200D51AD94ECD301 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "WarnonZoneCrossing"=0 "LockDatabase"=131709318414158698 [HKLM\Software\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Start Page"=about:blank "TabProcGrowth"=Medium [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.SMC] "Progid"=Solibri Model Checker v9.8 ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [12/04/2018 01:34:24] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} "KnownProvidersUpgradeTime"=0x998513E0BEA5D301 "Version"=5 "UpgradeTime"=0x998513E0BEA5D301 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] : (Lync Click to Call) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] ---------- | SearchScopes [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] -> (Skype for Business Browser Helper) : C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [23/05/2018 21:56:35] ---------- | Chrome C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\cfhdojbkjhnklbpkdaibdccddilifddb = : __MSG_description__ - short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstorageunlimitedStoragenotifications] - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\clhhggbfdinjmjhajaheehoeibfljjno = : Telegram Web App.\nMore info & source code here: https://github.com/zhukov/webogram - short_name: Telegram - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\fanagokoaogopceablgmpndejhedkjjb = : __MSG_desc__ - __MSG_name__ - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\femoooemgmjaebeodbbikbkmhlafenpl = : The games feature each level that is a scenario of stickmen going about their daily activities. Your job is to kill all of them. - http://causalitygame.com/chrome/ - short_name: Causality Games - [http://causalitygame.com/chrome/] - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\fjbdgmikfnklbopkafjgbcejoiipemkl = : Google & co - http://en.start.gamigo.com/cultures-online/?affiliateID=778 - Google & co - [http://play.cultures-online.gamigo.com/co/bin/index.php?affiliateID=778] - http://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\gdkfaieogniecdceabnnkfloeomailhg = : Le jeu de serpent renouvelé : palpitant comme jamais ! - http://www.snaky360.fr/ - Snaky 360 - [http://www.snaky360.fr/http://static.snaky360.fr/] - http://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\hfpeacgpdnhofhebmincihdelcemhagd = : Google & co - http://creaturesandcastles.hiive.com/? - Google & co - [http://creaturesandcastles.hiive.com/?] - http://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\hgoflmajhinnohnhkfeggflmmppiilck = : - Black blue shards - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\imkkdabijgkodinlhgncdfmghdcdacmg = : Google & co - short_name: D2NE - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\jlehaidnnmjjkhgbbiombcdifogolhap = : __MSG_bd_gamedesc_696_frameDescription_medium__ - https://www.skyrama.com/?aid=3306&utm_source=online&utm_medium=cws&utm_campaign=default - __MSG_bd_gameTitles_696__ - [https://www.skyrama.com/] - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\knkapnclbofjjgicpkfoagdjohlfjhpd = : A simple but addictive game. Start with four basic items and use them to find dinosaurs unicorns and spaceships! - http://littlealchemy.com/ - Little Alchemy - [*://littlealchemy.com/] - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\lcdhpokmalcfjnfkjlfncgekebcojinn = : Face off against increasingly deadly waves of enemies in this aerial strategy game. - http://www.steambirds.com/ - Steambirds: Survival - [http://www.steambirds.com/] - http://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\mhpdbcnfpodnaefldpdohoibdajcfabp = : Launch Arrows Hurl Fireballs And Swing A Mighty Axe! Explore the fantasy themed desktop and mobile MMO Pocket Legends for FREE! - http://account.spacetimestudios.com/pocketlegends - Pocket Legends - [http://account.spacetimestudios.com/pocketlegends] - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\poknhlcknimnnbfcombaooklofipaibk = : An experiment to render Free Rider tracks in HTML5. - http://canvasrider.com/tracks/featured - Canvas Rider - [http://canvasrider.com/] - https://clients2.google.com/service/update2/crx ---------- | Opera ---------- | Firefox [HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.161.2] - (Java™ Deployment Toolkit) : C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.161.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVision] - (NVIDIA stereo images plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] - (NVIDIA 3D Vision Streaming plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{0771dd91-7dc7-4264-8517-a9621d7c59f4}] "DhcpNameServer"=40.53.1.12 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{f7710695-4faa-4549-8e29-6ea5ef54c4f7}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{0771dd91-7dc7-4264-8517-a9621d7c59f4}] "DhcpNameServer"=40.53.1.12 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{f7710695-4faa-4549-8e29-6ea5ef54c4f7}] "DhcpNameServer"=192.168.1.1 ---------- | Applications [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Classes\Applications\POWERPNT.EXE] : "C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE" "%1" [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Classes\Applications\uTorrent.exe] : "C:\Users\colis\AppData\Roaming\uTorrent\uTorrent.exe" "%1" /SHELLASSOC [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\PDFEditor.exe] : D:\Prog\PDF creator\PDFEditor.exe "%1" [HKLM\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\PDFEditor.exe] : D:\Prog\PDF creator\PDFEditor.exe "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DcomLaunch DeviceInstall SystemEventsBroker "rdxgroup"=RetailDemo "wusvcs"=WaaSMedicSvc "BthAppGroup"=BluetoothUserService "BcastDVRUserService"=BcastDVRUserService "Camera"=FrameS "diagnostics"=DiagSvc "PrintWorkflow"=PrintWorkflowUserSvc "GraphicsPerfSvcGroup"=GraphicsPerfSvc "DevicesFlow"=DevicesFlowUserSvc DevicePickerUserSvc "smbsvcs"=lanmanserver browser [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=PlugPlay DcomLaunch DeviceInstall "PrintWorkflow"=PrintWorkflowUserSvc "smbsvcs"=lanmanserver ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\5eed4b40-1ed5-51be-ab52-56cdb94a998f] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\8floor] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Adobe] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\AMPLITUDE Studios] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\AppDataLow] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Appnormals] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\ASUS] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\ASUS GT200 Gaming Mouse] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\ASUSTeKcomputer.Inc] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\BitTorrent] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Canon] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\CASIO] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Chromium] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Clarus Victoria] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Clever Endeavour Games] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Contingent99] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\DigitByteStudio] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Disc Soft] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\ej-technologies] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Epic Games] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Free Lives] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\GOG.com] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Google] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\GUTS Department] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Haemimont Games] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\IGA] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Imagination Technologies] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Intel] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\JavaSoft] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Lazy Bear Games] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Local AppWizard-Generated Applications] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Logitech] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Ludeon Studios] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Malwarebytes] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Meta Interaction] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Misfits Attic] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Monomi Park] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Nahimic] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Nemetschek] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\NeonDS.com] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Netscape] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Node.js] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\NVIDIA Corporation] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\nwjs] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\ODBC] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\pdfforge] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Policies] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\QtProject] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Realtek] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\RegisteredApplications] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\SyncEngines] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\sysinternals] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Toge Productions] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Unity] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Valve] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Weather Factory] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\WIBU-SYSTEMS] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Wild Factor] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\WinRAR] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\WinRAR SFX] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Wow6432Node] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\Winlogon] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\4dots Software] [HKLM\Software\AGEIA Technologies] [HKLM\Software\Apple Inc.] [HKLM\Software\ASUS] [HKLM\Software\ASUSTeKcomputer.Inc] [HKLM\Software\Canon] [HKLM\Software\Clients] [HKLM\Software\Disc Soft] [HKLM\Software\Dolby] [HKLM\Software\DTS] [HKLM\Software\EA Games] [HKLM\Software\ej-technologies] [HKLM\Software\Fortemedia] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\GitForWindows] [HKLM\Software\Google] [HKLM\Software\Intel] [HKLM\Software\IPS] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\Knowles] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nahimic] [HKLM\Software\Nemetschek] [HKLM\Software\Node.js] [HKLM\Software\Nuance] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Oracle] [HKLM\Software\Partner] [HKLM\Software\pdfforge] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RTLSetup] [HKLM\Software\Solibri] [HKLM\Software\SonicFocus] [HKLM\Software\SoundResearch] [HKLM\Software\SRS Labs] [HKLM\Software\SyncIntegrationClients] [HKLM\Software\sysinternals] [HKLM\Software\WIBU-SYSTEMS] [HKLM\Software\WOW6432Node] [HKLM\Software\Yamaha APO] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\Dwm] [HKLM\Software\Microsoft\Windows\DynamicManagement] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\Heat] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BcastDVRUserService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\btagservice] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BthAppGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\ASUS] [HKLM\Software\WOW6432Node\Avanquest] [HKLM\Software\WOW6432Node\Canon] [HKLM\Software\WOW6432Node\Caphyon] [HKLM\Software\WOW6432Node\Codemasters] [HKLM\Software\WOW6432Node\Epic Games] [HKLM\Software\WOW6432Node\EpicGames] [HKLM\Software\WOW6432Node\GOG.com] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Nemetschek] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OpenAL] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Riot Games, Inc] [HKLM\Software\WOW6432Node\SplitmediaLabs] [HKLM\Software\WOW6432Node\SRS Labs] [HKLM\Software\WOW6432Node\UsbFix] [HKLM\Software\WOW6432Node\Valve] [HKLM\Software\WOW6432Node\WIBU-SYSTEMS] [HKLM\Software\WOW6432Node\WinRAR] [HKLM\Software\WOW6432Node\WOW6432Node] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\Heat] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] ---------- | Drives D: I: ---------- | C: [18/03/2017 23:03:28] - |SHD| - [5595921339] - C:\$Recycle.Bin [27/08/2018 20:50:50] - |RASHD| - [2] - C:\autorun.inf [MD5.E715EBDAD90FDD5448677E924C3A6FDD] - [17/10/2017 08:58:51] - |AH| - (.-.) - [14261] - (0.0.0.0) - C:\devlist.txt [14/02/2018 01:27:57] - |SHD| - [0] - C:\Documents and Settings [31/05/2017 12:08:39] - |D| - [4329549551] - C:\eSupport [MD5.01224851F19C9423A1D7E06F44DBFB6A] - [17/10/2017 08:58:51] - |AH| - (.-.) - [9] - (0.0.0.0) - C:\Finish.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [16/05/2018 10:07:21] - |ASH| - (.-.) - [3387301888] - (0.0.0.0) - C:\hiberfil.sys [17/10/2017 07:52:47] - |HD| - [423221] - C:\Intel [24/08/2018 20:12:31] - |HD| - [0] - C:\OneDriveTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [17/10/2017 07:46:59] - |ASH| - (.-.) - [5100273664] - (0.0.0.0) - C:\pagefile.sys [12/04/2018 01:38:20] - |D| - [0] - C:\PerfLogs [12/04/2018 01:38:20] - |RD| - [9232426452] - C:\Program Files [12/04/2018 01:38:20] - |RD| - [3026889252] - C:\Program Files (x86) [12/04/2018 01:38:20] - |HD| - [6243562454] - C:\ProgramData [30/08/2018 21:38:45] - |D| - [1989827] - C:\QuickDiag [MD5.ADB769F747FE05FBCEF37243645FED16] - [30/08/2018 21:38:55] - |A| - (.-.) - [220557] - (0.0.0.0) - C:\QuickDiag.txt [17/10/2017 16:45:37] - |HD| - [5215655281] - C:\Recovery [12/01/2018 22:03:55] - |D| - [11016916473] - C:\Riot Games [MD5.D41D8CD98F00B204E9800998ECF8427E] - [17/10/2017 07:46:59] - |ASH| - (.-.) - [16777216] - (0.0.0.0) - C:\swapfile.sys [17/10/2017 07:46:57] - |SHD| - [0] - C:\System Volume Information [11/04/2018 23:04:33] - |RD| - [55383211546] - C:\Users [11/04/2018 23:04:33] - |AD| - [29337138082] - C:\Windows ---------- | C:\WINDOWS [12/04/2018 01:38:20] - |D| - [802] - C:\WINDOWS\addins [12/04/2018 01:38:20] - |D| - [15129713] - C:\WINDOWS\appcompat [12/04/2018 01:38:20] - |D| - [8341054] - C:\WINDOWS\apppatch [12/04/2018 01:38:20] - |D| - [0] - C:\WINDOWS\AppReadiness [MD5.F3B25701FE362EC84616A93A45CE9998] - [17/10/2017 16:45:10] - |A| - (.-.) - [2] - (0.0.0.0) - C:\WINDOWS\AsCDProc.log [MD5.E429B09E589DF973E89EE3DDC544262E] - [29/08/2017 10:02:30] - |A| - (.-.) - [24] - (0.0.0.0) - C:\WINDOWS\AsDCDVer.txt [MD5.4DF8E3492AA7D08F93997F4CB546DEC5] - [31/05/2017 12:08:39] - |A| - (.-.) - [28] - (0.0.0.0) - C:\WINDOWS\AsHDIVer.txt [MD5.FFFC81F77E2E26AA5F281FB2E52B7A44] - [20/02/2017 05:08:32] - |A| - (.-.) - [80] - (0.0.0.0) - C:\WINDOWS\ASOFSVer.txt [MD5.3BB2F5C9A68B59B1B6F2EEB1E03103D1] - [17/10/2017 16:45:42] - |A| - (.-.) - [96] - (0.0.0.0) - C:\WINDOWS\AsPEToolVer.txt [MD5.858ED80087AB0CA7FDC94017BC333F37] - [17/10/2017 16:45:20] - |A| - (.-.) - [65] - (0.0.0.0) - C:\WINDOWS\AsProcKitVer.txt [12/04/2018 01:38:20] - |RSD| - [1256742792] - C:\WINDOWS\assembly [MD5.C7A13F5302AD240C0E3D0DEF4EB383EB] - [17/10/2017 16:45:42] - |A| - (.-.) - [55] - (0.0.0.0) - C:\WINDOWS\AsToolCDVer.txt [31/05/2017 12:08:39] - |AD| - [336574511] - C:\WINDOWS\ASUS [12/04/2018 01:38:20] - |D| - [720353] - C:\WINDOWS\bcastdvr [MD5.178BA90AA13F6F834E5C060DC923FB55] - [12/04/2018 01:34:02] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [67072] - (10.0.17134.1) - C:\WINDOWS\bfsvc.exe [12/04/2018 01:38:20] - |D| - [38319346] - C:\WINDOWS\Boot [MD5.56D49C4C185A94E1C66ABFF1AD6F85B7] - [16/05/2018 00:46:04] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [12/04/2018 01:38:21] - |D| - [2448984] - C:\WINDOWS\Branding [12/04/2018 01:30:02] - |D| - [0] - C:\WINDOWS\CbsTemp [MD5.FE4D4D40C19F2F07700F20F2C4C4566E] - [16/05/2018 10:07:40] - |A| - (.-.) - [18433] - (0.0.0.0) - C:\WINDOWS\comsetup.log [MD5.A155FFABF2F04265A97274CCAB44D773] - [12/04/2018 18:23:39] - |A| - (.-.) - [35138] - (0.0.0.0) - C:\WINDOWS\Core.xml [MD5.F471CF70EE6D49C5650A4D5295531435] - [20/03/2017 05:43:33] - |A| - (.-.) - [34390] - (0.0.0.0) - C:\WINDOWS\CoreSingleLanguage.xml [24/01/2018 21:02:54] - |D| - [2866688] - C:\WINDOWS\Crystal [MD5.098A3BBE38D28D0378074EAD5729E2EF] - [31/05/2017 12:33:39] - |A| - (.-.) - [10] - (0.0.0.0) - C:\WINDOWS\csup.txt [12/04/2018 01:38:21] - |D| - [11482410] - C:\WINDOWS\Cursors [MD5.0E9C5C5D2B44DF5B3577BBA113F42737] - [14/05/2018 17:27:41] - |A| - (.-.) - [2714] - (0.0.0.0) - C:\WINDOWS\DDACLSys.log [12/04/2018 01:38:21] - |D| - [872455] - C:\WINDOWS\debug [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [16/05/2018 10:09:40] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [12/04/2018 01:38:21] - |D| - [4530019] - C:\WINDOWS\diagnostics [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [16/05/2018 10:09:40] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [12/04/2018 18:18:37] - |D| - [0] - C:\WINDOWS\DigitalLocker [MD5.149EF409980E7CF710DE7B4AE1CA917A] - [19/01/2018 11:04:04] - |A| - (.-.) - [64831] - (0.0.0.0) - C:\WINDOWS\DirectX.log [12/04/2018 01:38:21] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files [MD5.92219C3ADC5DDFBF60B85A73E5A23BE6] - [17/10/2017 08:02:35] - |A| - (.-.) - [57156] - (0.0.0.0) - C:\WINDOWS\DPINST.LOG [MD5.587B47BAB4B90B57A8693DBECBD1C8F9] - [29/08/2017 09:55:42] - |A| - (.-.) - [7810] - (0.0.0.0) - C:\WINDOWS\DriverCD_Template.txt [MD5.534154ABF2C3F1CDEDC4C444148C947A] - [12/04/2018 01:40:39] - |A| - (.-.) - [4179] - (0.0.0.0) - C:\WINDOWS\DtcInstall.log [12/04/2018 01:38:21] - |HD| - [44616] - C:\WINDOWS\ELAMBKUP [12/04/2018 18:18:37] - |D| - [0] - C:\WINDOWS\en-US [MD5.E4A81EDDFF8B844D85C8B45354E4144E] - [12/07/2018 20:59:09] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3932672] - (10.0.17134.165) - C:\WINDOWS\explorer.exe [12/04/2018 01:38:21] - |RSD| - [414579632] - C:\WINDOWS\Fonts [12/04/2018 18:18:37] - |D| - [109568] - C:\WINDOWS\fr-FR [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter [12/04/2018 01:38:21] - |D| - [69353621] - C:\WINDOWS\Globalization [12/04/2018 01:38:21] - |D| - [71526356] - C:\WINDOWS\Help [MD5.FFD31D96B8D4BAB8B0F83E42B7430A54] - [12/07/2018 20:58:59] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1054720] - (10.0.17134.137) - C:\WINDOWS\HelpPane.exe [MD5.A50C9DF7603E2F1AEA6B54053794A326] - [12/04/2018 01:34:25] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [17920] - (10.0.17134.1) - C:\WINDOWS\hh.exe [16/05/2018 00:41:12] - |D| - [2630960] - C:\WINDOWS\IAStorAfsService [12/04/2018 01:38:21] - |D| - [29869] - C:\WINDOWS\IdentityCRL [12/04/2018 01:38:21] - |D| - [28827030] - C:\WINDOWS\IME [12/04/2018 01:38:21] - |RD| - [8489793] - C:\WINDOWS\ImmersiveControlPanel [12/04/2018 01:36:48] - |D| - [83234559] - C:\WINDOWS\INF [12/04/2018 01:38:21] - |D| - [1450002749] - C:\WINDOWS\InfusedApps [12/04/2018 01:38:21] - |D| - [38137502] - C:\WINDOWS\InputMethod [MD5.5DDE0C07FC98DC505FCC484D78D2C28F] - [17/10/2017 07:49:14] - |A| - (.-.) - [1572648] - (0.0.0.0) - C:\WINDOWS\Inst.log [12/04/2018 01:38:21] - |SHDC| - [1169041237] - C:\WINDOWS\Installer [MD5.8A4031ADC6DBDB241F1CE0483127E33F] - [17/10/2017 08:36:36] - |A| - (.-.) - [696] - (0.0.0.0) - C:\WINDOWS\Inst_AsModelCopy.log [MD5.F291D415A9A4A06C8F5AFA4375498744] - [17/10/2017 07:50:45] - |A| - (.-.) - [18840] - (0.0.0.0) - C:\WINDOWS\Inst_CMD.log [MD5.53FAB06BC2923D11041AC1851CC29275] - [17/10/2017 07:52:01] - |A| - (.-.) - [3248234] - (0.0.0.0) - C:\WINDOWS\Inst_Device.log [12/04/2018 01:38:21] - |D| - [94163] - C:\WINDOWS\L2Schemas [12/04/2018 01:38:21] - |HD| - [0] - C:\WINDOWS\LanguageOverlayCache [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\LiveKernelReports [31/05/2017 12:08:39] - |D| - [112520624] - C:\WINDOWS\Log [11/04/2018 23:04:39] - |D| - [64623284] - C:\WINDOWS\Logs [12/04/2018 01:38:21] - |RSD| - [20517644] - C:\WINDOWS\media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [12/04/2018 01:34:36] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [12/04/2018 01:38:20] - |RD| - [832170512] - C:\WINDOWS\Microsoft.NET [12/04/2018 01:38:21] - |D| - [3135] - C:\WINDOWS\Migration [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\ModemLogs [MD5.BB9A06B8F2DD9D24C77F389D7B2B58D2] - [12/04/2018 01:34:20] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [245760] - (10.0.17134.1) - C:\WINDOWS\notepad.exe [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [17/10/2017 07:56:16] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\WINDOWS\NvContainerRecovery.bat [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [17/10/2017 07:57:02] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\WINDOWS\NvTelemetryContainerRecovery.bat [12/04/2018 18:22:25] - |D| - [638980] - C:\WINDOWS\OCR [12/04/2018 01:38:21] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [14/05/2018 15:43:48] - |DC| - [531796910] - C:\WINDOWS\Panther [12/04/2018 01:38:21] - |D| - [588356] - C:\WINDOWS\Performance [MD5.8869179A5FDCE875D5B12595462F89EB] - [17/10/2017 07:46:57] - |A| - (.-.) - [83930] - (0.0.0.0) - C:\WINDOWS\PFRO.log [12/04/2018 01:38:21] - |D| - [1136442] - C:\WINDOWS\PLA [12/04/2018 01:38:21] - |D| - [2821730] - C:\WINDOWS\PolicyDefinitions [15/05/2018 23:48:28] - |D| - [5972981] - C:\WINDOWS\Prefetch [12/04/2018 01:38:21] - |RD| - [1965018] - C:\WINDOWS\PrintDialog [12/04/2018 01:38:21] - |D| - [5261619] - C:\WINDOWS\Provisioning [MD5.AC91328EE5CFFBD695CE912F75F876F6] - [12/04/2018 01:34:34] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [336384] - (10.0.17134.1) - C:\WINDOWS\regedit.exe [12/04/2018 01:38:21] - |D| - [1117876] - C:\WINDOWS\Registration [12/04/2018 01:38:21] - |D| - [8736936] - C:\WINDOWS\rescache [12/04/2018 01:38:21] - |D| - [3992241] - C:\WINDOWS\Resources [MD5.0DD3698CBEE8CB6ACEC3379A813F62C1] - [17/10/2017 08:01:50] - |A| - (.Copyright (C) Realtek Semiconductor Corp. - RtCRU.) - [4332032] - (1.13.0.0) - C:\WINDOWS\RtCRU64.exe [MD5.A095B3E67C8EB8F2137EAC63687F2F5B] - [17/10/2017 08:00:55] - |A| - (.Copyright (C) 2016 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2839520] - (1.0.7.0) - C:\WINDOWS\RtlExUpd.dll [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\SchCache [12/04/2018 01:38:21] - |D| - [122082] - C:\WINDOWS\schemas [12/04/2018 01:38:21] - |D| - [7085220] - C:\WINDOWS\security [16/05/2018 00:45:33] - |D| - [64503375] - C:\WINDOWS\ServiceProfiles [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\ServiceState [11/04/2018 23:04:33] - |D| - [114166197] - C:\WINDOWS\servicing [12/04/2018 01:41:20] - |D| - [42] - C:\WINDOWS\Setup [MD5.D69A5BF4D58E4B151A31E86EFF493037] - [04/08/2018 17:01:42] - |A| - (.-.) - [4248] - (0.0.0.0) - C:\WINDOWS\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [04/07/2018 12:26:26] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\setuperr.log [12/04/2018 01:38:21] - |D| - [6442496] - C:\WINDOWS\ShellComponents [12/04/2018 01:38:21] - |D| - [53630976] - C:\WINDOWS\ShellExperiences [12/04/2018 18:19:39] - |D| - [6828144] - C:\WINDOWS\SKB [17/10/2017 07:50:06] - |D| - [658539156] - C:\WINDOWS\SoftwareDistribution [12/04/2018 01:38:21] - |D| - [174665190] - C:\WINDOWS\Speech [12/04/2018 01:38:21] - |D| - [104511624] - C:\WINDOWS\Speech_OneCore [MD5.8D59B31FF375059E3C32B17BF31A76D5] - [12/04/2018 01:34:41] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [130560] - (10.0.17134.1) - C:\WINDOWS\splwow64.exe [12/04/2018 01:38:21] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [18/03/2017 23:03:33] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [11/04/2018 23:04:33] - |D| - [6966805385] - C:\WINDOWS\System32 [12/04/2018 01:38:21] - |D| - [225278122] - C:\WINDOWS\SystemApps [12/04/2018 01:38:21] - |D| - [25650125] - C:\WINDOWS\SystemResources [11/04/2018 23:04:41] - |D| - [1537304320] - C:\WINDOWS\SysWOW64 [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\TAPI [18/03/2017 23:03:29] - |D| - [6] - C:\WINDOWS\Tasks [12/04/2018 01:38:21] - |D| - [4537129] - C:\WINDOWS\Temp [12/04/2018 01:38:21] - |D| - [13610496] - C:\WINDOWS\TextInput [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\tracing [12/04/2018 01:38:21] - |D| - [14898490] - C:\WINDOWS\twain_32 [MD5.076387B253E6A381090F59EDBFC5EEF6] - [12/04/2018 01:34:53] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [65536] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [10/01/2018 22:26:28] - |SD| - [0] - C:\WINDOWS\UpdateAssistantV2 [12/04/2018 01:38:21] - |D| - [12420] - C:\WINDOWS\Vss [11/04/2018 23:04:37] - |D| - [25814] - C:\WINDOWS\WaaS [12/04/2018 01:38:21] - |D| - [15729830] - C:\WINDOWS\Web [MD5.1C7127EA2BC3B2D8713FB0DE8BDCF962] - [18/03/2017 23:03:33] - |A| - (.-.) - [463] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [12/04/2018 01:34:36] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.2CC83D93DD1DDE691158CF5E9882420B] - [17/10/2017 07:50:06] - |A| - (.-.) - [276] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.EE1F0DE1ED3E8A5BF080B3497049969E] - [12/04/2018 01:34:52] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.17134.1) - C:\WINDOWS\winhlp32.exe [11/04/2018 23:04:33] - |D| - [12716118250] - C:\WINDOWS\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [12/04/2018 01:33:56] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.5266C61652051E9EF3A4D199001F6B17] - [12/04/2018 01:34:19] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.17134.1) - C:\WINDOWS\write.exe ---------- | C:\WINDOWS\System32\GroupPolicy ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [09/05/2017 12:07:18] - C:\WINDOWS\Installer\1468d.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/04/2017 12:53:28] - C:\WINDOWS\Installer\14692.msi : (Intel® WiFi - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/03/2017 16:53:48] - C:\WINDOWS\Installer\14697.msi : (Intel® WiFi - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/07/2017 10:08:49] - C:\WINDOWS\Installer\17b24.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/01/2018 13:40:51] - C:\WINDOWS\Installer\1c15c2fb.msi : (Install/UnInstall PhysX Driver + Engines: 2.7.1/3/4/5/6; 2.8.0/1/3 - NVIDIA Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 16:48:44] - C:\WINDOWS\Installer\23468.msi : (NahimicSettingsConfigurator - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 16:48:34] - C:\WINDOWS\Installer\2346d.msi : (AudioCaptureNotificationConfigurator - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 16:48:30] - C:\WINDOWS\Installer\23472.msi : (DeviceRoutingConfigurator - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 17:05:00] - C:\WINDOWS\Installer\23477.msi : (SonicStudio3Setup - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 17:04:30] - C:\WINDOWS\Installer\2347c.msi : (ProfileSwitcherCleanup - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 16:45:56] - C:\WINDOWS\Installer\24e68.msi : (ApoDispatchConfigurator - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 16:49:22] - C:\WINDOWS\Installer\24e6d.msi : (ProductDaemonSetup - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 16:58:58] - C:\WINDOWS\Installer\24e72.msi : (SonicRadar3Setup - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 16:59:02] - C:\WINDOWS\Installer\24e77.msi : (SonicMapperConfigurator - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/01/2018 21:04:50] - C:\WINDOWS\Installer\288f7375.msi : (Epic Games Launcher - Epic Games, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/11/2015 11:56:58] - C:\WINDOWS\Installer\28a283d6.msi : (Epic Games Launcher Prerequisites (x64) - Epic Games, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [02/10/2017 16:00:28] - C:\WINDOWS\Installer\2931c84a.msi : (CodeMeter Runtime Installer - WIBU-SYSTEMS AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/07/2017 08:46:42] - C:\WINDOWS\Installer\2931c84f.msi : (Intel(R) C++ Redistributables on Intel(R) 64 - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/03/2015 10:41:29] - C:\WINDOWS\Installer\295cd832.msi : ( - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/03/2018 13:29:32] - C:\WINDOWS\Installer\35b2720a.msi : (Java SE Runtime Environment 8 Update 161 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/03/2018 13:32:55] - C:\WINDOWS\Installer\35b27308.msi : (Java Auto Updater - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/12/2017 12:08:00] - C:\WINDOWS\Installer\38374b21.msi : (Install the system files needed for Allplan - Nemetschek Allplan GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/12/2017 12:08:44] - C:\WINDOWS\Installer\38374b27.msi : (Install the system files needed for Allplan - Nemetschek Allplan GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/06/2017 04:56:16] - C:\WINDOWS\Installer\3a3ae.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/08/2017 10:52:30] - C:\WINDOWS\Installer\3a3b3.msi : ( - ASUSTeK COMPUTER INC.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/06/2016 15:08:30] - C:\WINDOWS\Installer\4b8e456.msi : (Install the system files needed for Allplan - Nemetschek Allplan GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/06/2016 15:09:04] - C:\WINDOWS\Installer\4b8e45b.msi : (Install the system files needed for Allplan - Nemetschek Allplan GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/11/2016 06:04:32] - C:\WINDOWS\Installer\6115d.msi : (Device Setup - ASUSTek COMPUTER INC.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/04/2017 17:30:40] - C:\WINDOWS\Installer\6313.msi : (Intel(R) Chipset Device Software - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/05/2018 21:30:45] - C:\WINDOWS\Installer\66dff41.msi : (CASIO FA-124 - CASIO COMPUTER CO., LTD.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/05/2017 05:45:40] - C:\WINDOWS\Installer\694d.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/04/2017 07:33:34] - C:\WINDOWS\Installer\697c.msi : (Intel(R) ME UninstallLegacy - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/06/2017 01:34:10] - C:\WINDOWS\Installer\6981.msi : (Intel(R) Management Engine Components - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/06/2017 01:33:12] - C:\WINDOWS\Installer\6986.msi : (Microsoft VC++ redistributables repacked. - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/06/2017 01:33:22] - C:\WINDOWS\Installer\698b.msi : (Microsoft VC++ redistributables repacked. - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/06/2017 01:33:56] - C:\WINDOWS\Installer\6990.msi : (Intel(R) Management Engine Components - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/04/2017 17:06:34] - C:\WINDOWS\Installer\6995.msi : (Intel(R) Trusted Connect Service Client - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/06/2017 11:30:52] - C:\WINDOWS\Installer\699a.msi : (Intel(R) Serial IO - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/04/2017 04:01:30] - C:\WINDOWS\Installer\6b12.msi : (Intel(R) Wireless Bluetooth(R) Patch/Audio Package Installation - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/07/2017 05:31:42] - C:\WINDOWS\Installer\6b17.msi : ( - ASUSTeK COMPUTER INC.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/08/2016 08:31:14] - C:\WINDOWS\Installer\6b41.msi : ( - ASUSTeK COMPUTER INC.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/06/2017 13:55:28] - C:\WINDOWS\Installer\6b46.msi : (XSplit Gamecaster - SplitmediaLabs) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/06/2017 21:02:44] - C:\WINDOWS\Installer\6b9e.msi : (Intel(R) Rapid Storage Technology - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/05/2018 17:37:47] - C:\WINDOWS\Installer\6c762c0.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/08/2018 21:53:10] - C:\WINDOWS\Installer\aaadc88.msi : (Node.js - Node.js Foundation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/07/2018 21:49:43] - C:\WINDOWS\Installer\cbf0b4.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [12/04/2018 01:33:56] - [3329] - C:\WINDOWS\System32\ieuinit.inf [16/05/2018 10:13:43] - [1766590] - C:\WINDOWS\System32\PerfStringBackup.INI [12/04/2018 01:34:33] - [60124] - C:\WINDOWS\System32\tcpmon.ini [12/04/2018 01:34:20] - [2404] - C:\WINDOWS\System32\WimBootCompress.ini [12/04/2018 01:34:00] - [3329] - C:\WINDOWS\Syswow64\ieuinit.inf [12/04/2018 01:34:49] - [2404] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.E38998C7117A97B6D4B76714C0049B6A] - |A| - [24/08/2018 11:52:22] - (.-.) - [1.82 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AdobeARM.log [MD5.0D2F6930E8218A3D79113B03E2C5D001] - |A| - [24/08/2018 11:52:43] - (.-.) - [0.17 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AdobeARM_NotLocked.log [MD5.864C22FB9A1C0670EDF01C6ED3E4FBE4] - |A| - [24/08/2018 11:52:36] - (.-.) - [251.88 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\ArmUI.ini [MD5.A042BA29D5C2AFBC267E979728B6215D] - |A| - [02/08/2018 11:36:53] - (.-.) - [32.87 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\chrome_installer.log [MD5.00000000000000000000000000000000] - |D| - [02/08/2018 11:36:53] - [0.04 Ko] - C:\WINDOWS\Temp\Crashpad [MD5.00000000000000000000000000000000] - |D| - [23/08/2018 21:13:13] - [1889.5 Ko] - C:\WINDOWS\Temp\CR_3FE76.tmp [MD5.5E20C24F616316F12FAB4ABCC6B13654] - |A| - [02/08/2018 15:54:40] - (.-.) - [200.4 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180802-1554.log [MD5.EB10C4AE096187D292041B1CFE6127B2] - |A| - [24/08/2018 11:50:30] - (.-.) - [22.62 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1150.log [MD5.D4A627412E85DF2ACB7DD5186A5C96EC] - |A| - [24/08/2018 11:50:32] - (.-.) - [6.51 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1150a.log [MD5.345A92625F2DEC4795F24F8B0B5D178D] - |A| - [24/08/2018 11:51:57] - (.-.) - [104.49 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1151.log [MD5.F7CEFC044D1F75E245B89A94A1D161FE] - |A| - [24/08/2018 11:58:47] - (.-.) - [177.15 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1158.log [MD5.AF756F2FB08C32EE56076AAB5B061B6D] - |A| - [24/08/2018 11:58:59] - (.-.) - [10.86 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1158a.log [MD5.FF66CD232888B8BAE8A8A7C7C86F1469] - |A| - [24/08/2018 11:59:22] - (.-.) - [30.88 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1159.log [MD5.093F140B51BEF9062ACB1586066BC2A9] - |A| - [24/08/2018 12:09:29] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1209.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [24/08/2018 14:30:56] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1430.log [MD5.D2888C4984D669A1885F6993EBCA2BCB] - |A| - [24/08/2018 17:53:30] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1753.log [MD5.55479433DE93F1456FF4F3F6480FD479] - |A| - [24/08/2018 18:22:01] - (.-.) - [12.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1822.log [MD5.1C0D71095926347CE3967026D5F29FB5] - |A| - [24/08/2018 18:26:57] - (.-.) - [11.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1826.log [MD5.159DD64ED250ECE0173041575B5D22BD] - |A| - [24/08/2018 19:13:47] - (.-.) - [11.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1913.log [MD5.4BFEDD2B9CA9E3EB5F9155608C7F11DF] - |A| - [24/08/2018 19:52:30] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1952.log [MD5.F6054144FF4B34C1DD9C4BE575040281] - |A| - [24/08/2018 20:11:54] - (.-.) - [166.1 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-2011.log [MD5.65686B558C2C95346441F9AA9C6546EE] - |A| - [24/08/2018 23:43:21] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-2343.log [MD5.6A8D6D49B45B008E5FAA62C7376062C4] - |A| - [25/08/2018 14:09:06] - (.-.) - [6.51 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180825-1409.log [MD5.B5C5C1029343DF6765DACB6BFC5ECEFE] - |A| - [25/08/2018 14:09:06] - (.-.) - [22.62 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180825-1409a.log [MD5.D97A44BF48846102DAFCC754A58F0767] - |A| - [25/08/2018 14:09:46] - (.-.) - [61.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180825-1409b.log [MD5.9718FE8E4389B25E885699701EAEDC75] - |A| - [25/08/2018 14:33:43] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180825-1433.log [MD5.D786B0F26A78B7829DEE9DAD80AE9470] - |A| - [25/08/2018 14:44:50] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180825-1444.log [MD5.DC74540B9C302228BD948C5D556E6A14] - |A| - [25/08/2018 16:35:01] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180825-1635.log [MD5.5C72711BC9B13675C2E746209785C167] - |A| - [25/08/2018 18:28:43] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180825-1828.log [MD5.12EC5113847DF155D0421BE8F746AF86] - |A| - [25/08/2018 19:35:29] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180825-1935.log [MD5.6106CA6BDC80639980F6C1DCC78FC395] - |A| - [25/08/2018 19:40:40] - (.-.) - [11.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180825-1940.log [MD5.382AE895FEBF53755692F9F65C622F9A] - |A| - [25/08/2018 20:22:00] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180825-2022.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [25/08/2018 23:52:14] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180825-2352.log [MD5.806E4879F3ECD35AF45E15D7C8298BFF] - |A| - [26/08/2018 12:24:00] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180826-1224.log [MD5.63BA68C81CEBA7B43B1935870FD211E8] - |A| - [26/08/2018 12:24:00] - (.-.) - [2.15 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180826-1224a.log [MD5.1C50ABFE3EDD839E48B26B2FF10E2A44] - |A| - [26/08/2018 12:45:28] - (.-.) - [11.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180826-1245.log [MD5.C355E4FE026DF46DB40A2D9B85867B40] - |A| - [26/08/2018 14:04:47] - (.-.) - [12.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180826-1404.log [MD5.D66750A712C5ED5AC0378A97E143E984] - |A| - [26/08/2018 14:09:06] - (.-.) - [2.14 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180826-1409.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [26/08/2018 15:53:11] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180826-1553.log [MD5.8850504C9C25E9A71F6832FBD63C6DF5] - |A| - [26/08/2018 23:06:13] - (.-.) - [22.62 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180826-2306.log [MD5.CCA40ADF1453FC26EF2B810044FA2F2E] - |A| - [27/08/2018 03:10:09] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180827-0310.log [MD5.693CF012ADFE44DA09F7D173B76000BB] - |A| - [27/08/2018 08:34:55] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180827-0834.log [MD5.8B70D045C11170634095BC0E2EB6E64B] - |A| - [27/08/2018 09:12:23] - (.-.) - [6.51 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180827-0912.log [MD5.2F0EC012FDB9BDE894697C9E717EF9FF] - |A| - [27/08/2018 12:07:09] - (.-.) - [11.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180827-1207.log [MD5.28EB2C227AF1BE322510548CD2213B50] - |A| - [27/08/2018 12:20:58] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180827-1220.log [MD5.79A53C930F6EAB99F572A280FA1A2368] - |A| - [27/08/2018 12:23:59] - (.-.) - [2.51 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180827-1223.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 12:31:23] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180827-1231.log [MD5.616989A9CBD1DD15E2D301090F46DF12] - |A| - [27/08/2018 16:31:32] - (.-.) - [12.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180827-1631.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 18:51:12] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180827-1851.log [MD5.60A4B868AAFDCB3B8216BFE571724E3B] - |A| - [27/08/2018 21:38:10] - (.-.) - [12.21 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180827-2138.log [MD5.46D6402D3926CEC346AA92962AAEA666] - |A| - [28/08/2018 00:31:43] - (.-.) - [1.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180828-0031.log [MD5.74BAAB57577EE571440176F60205FD51] - |A| - [28/08/2018 11:19:30] - (.-.) - [6.51 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180828-1119.log [MD5.F69329EC513C9135901ADA99BE5B039F] - |A| - [28/08/2018 11:22:23] - (.-.) - [2.51 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180828-1122.log [MD5.E013C7A912408DEF1542673456B8AB7E] - |A| - [28/08/2018 11:22:23] - (.-.) - [22.98 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180828-1122a.log [MD5.F4C71A5829D7AA5BC9AB67598D51AEBB] - |A| - [28/08/2018 12:14:47] - (.-.) - [12.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180828-1214.log [MD5.20092E551CDEC3965CE34C29F1E66CF8] - |A| - [28/08/2018 15:01:23] - (.-.) - [12.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180828-1501.log [MD5.44026562CEDA7AE0142F47E9729B2C7F] - |A| - [28/08/2018 20:15:19] - (.-.) - [11.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180828-2015.log [MD5.AC66B77C7D06944AD856D4E2E232B4EA] - |A| - [28/08/2018 20:31:53] - (.-.) - [12.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180828-2031.log [MD5.EB9AFCA67A8BCAA6FC02A4AC930B0EFA] - |A| - [28/08/2018 22:12:44] - (.-.) - [1.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180828-2212.log [MD5.31855EBBFC7673618640C18772999B31] - |A| - [30/08/2018 09:53:11] - (.-.) - [8.13 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180830-0953.log [MD5.CD2946FCC18A1099C0F360123754549E] - |A| - [30/08/2018 09:56:07] - (.-.) - [8.22 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180830-0956.log [MD5.D98814BB4B887C17FAD5A12A317B3E41] - |A| - [30/08/2018 09:56:07] - (.-.) - [25.26 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180830-0956a.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [30/08/2018 12:59:29] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180830-1259.log [MD5.3CEF4DE60EEABA6E884683E9486D4AAC] - |A| - [30/08/2018 18:45:50] - (.-.) - [1.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180830-1845.log [MD5.0C8CF307DB800C3ADD1F2CA389309AB8] - |A| - [24/08/2018 20:12:09] - (.-.) - [2.59 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20180824-201209-0.log [MD5.044AE6315DCF0923973C7C4185496C70] - |A| - [16/05/2018 10:09:51] - (.-.) - [323.94 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpCmdRun.log [MD5.B36608054DD07CEF78E31591AFF325CE] - |A| - [16/05/2018 12:16:51] - (.-.) - [677.52 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpSigStub.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [24/08/2018 20:11:54] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\officeclicktorun.exe_streamserver(20180824201154EA8).log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 21:39:02] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tmp138D.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 15:52:53] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tmp270B.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 15:52:53] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tmp270C.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 17:05:03] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tmp390C.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 17:39:02] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tmp570D.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 11:05:02] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tmp9FBA.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 11:39:02] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tmpBF41.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 09:05:02] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tmpC1C0.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 20:29:56] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tmpCF24.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 20:29:56] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tmpCF25.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 09:39:01] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tmpE03E.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 21:05:02] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tmpF1F2.tmp [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:38] - [0 Ko] - C:\WINDOWS\System32\0409 [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [12/04/2018 01:34:20] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [12/04/2018 01:34:07] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@BackgroundAccessToastIcon.png [MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [12/04/2018 01:34:25] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@bitlockertoastimage.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [12/04/2018 01:34:14] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@EnrollmentToastIcon.png [MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [12/04/2018 01:34:27] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@language_notification_icon.png [MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [12/04/2018 01:34:32] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@optionalfeatures.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [12/04/2018 01:34:33] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@VpnToastIcon.png [MD5.7AC3EA1A5175106ED6467FF0C5315541] - |A| - [12/04/2018 01:34:44] - (.-.) - [14.75 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WiFiNotificationIcon.png [MD5.79166EAF65485F1432DD72B72870026B] - |A| - [12/04/2018 01:34:04] - (.-.) - [190.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@windows-hello-V4.1.gif [MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [12/04/2018 01:34:04] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsHelloFaceToastIcon.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-black.png [MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-white.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [12/04/2018 01:34:20] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WirelessDisplayToast.png [MD5.D0FCF781D0801ABF5F74B54E98076A5B] - |A| - [12/04/2018 01:34:12] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanNotificationIcon.png [MD5.85D91E478AF18125007C531227FF6E59] - |A| - [12/04/2018 01:34:12] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanSimLockIcon.png [MD5.6BB3F65282D9162F188C66D22EAC9D9E] - |A| - [17/10/2017 08:00:56] - (.-.) - [115.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AcpiServiceVnA64.dll [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:39] - [2891.9 Ko] - C:\WINDOWS\System32\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\System32\af-ZA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [27.97 Ko] - C:\WINDOWS\System32\am-et [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [2576.89 Ko] - C:\WINDOWS\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [345.5 Ko] - C:\WINDOWS\System32\ar-SA [MD5.B4F803BBEAFAD4DE89C6D3718E93F4F0] - |A| - [12/04/2018 01:34:15] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [602 Ko] - (3.3.2.0) - C:\WINDOWS\System32\archiveint.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\System32\as-IN [MD5.26129D1FB6104D78DE299AC9EFBEC78C] - |A| - [17/10/2017 08:00:56] - (.-.) - [102.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\audioLibVc.dll [MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [12/04/2018 01:34:04] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AverageRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\System32\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\System32\be-BY [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [345.5 Ko] - C:\WINDOWS\System32\bg-BG [MD5.705628497C0012302212A46ADD463E6E] - |A| - [12/04/2018 01:34:02] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-black.png [MD5.F63C615733A3337BF2BEA96C6EE9B568] - |A| - [12/04/2018 01:34:02] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-high.png [MD5.705628497C0012302212A46ADD463E6E] - |A| - [12/04/2018 01:34:02] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-white.png [MD5.DAF1DCB4AEE839A1965F4CC160C49A53] - |A| - [12/04/2018 01:34:02] - (.-.) - [8.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.png [MD5.28ECA83D7F9D10D69E969675D1FF6725] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.contrast-white.png [MD5.A620186FF1CDE4EE117FC4CAD648B9CC] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\System32\bn-BD [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\System32\bn-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [4832.22 Ko] - C:\WINDOWS\System32\Boot [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\System32\bs-Latn-BA [MD5.06DB0A736F8A78151518276F232669FC] - |A| - [12/04/2018 01:34:19] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [181 Ko] - (1.0.0.1) - C:\WINDOWS\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0.1 Ko] - C:\WINDOWS\System32\Bthprops [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\System32\ca-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [31 Ko] - C:\WINDOWS\System32\ca-ES-valencia [MD5.00000000000000000000000000000000] - |HD| - [20/01/2018 18:19:53] - [4487.05 Ko] - C:\WINDOWS\System32\CanonIJ Uninstaller Information [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:33] - [85219.02 Ko] - C:\WINDOWS\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [41580.24 Ko] - C:\WINDOWS\System32\catroot2 [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [23 Ko] - C:\WINDOWS\System32\chr-CHER-US [MD5.EA88F93CA71EDEB959BB483998E84730] - |A| - [14/02/2018 01:13:15] - (.-.) - [12.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\CNC1747D.TBL [MD5.022E082550DB4ABA33AAF06DD1C9048D] - |A| - [14/02/2018 01:13:15] - (.Copyright CANON INC. 2010 All Rights Reserved - WIA Scanner Driver 64-bit Edition.) - [1322.5 Ko] - (1.0.0.0) - C:\WINDOWS\System32\CNC495C.dll [MD5.8E29A4B8746BB7146F420DDB3192F20C] - |A| - [14/02/2018 01:13:15] - (.Copyright CANON INC. 2010 All Rights Reserved - WIA Scanner Driver Image Enhancement dll 64-bit Edition.) - [109.5 Ko] - (1.0.0.0) - C:\WINDOWS\System32\CNC495I.dll [MD5.2DC005681DEA0EB6E710940035DE9DE7] - |A| - [14/02/2018 01:13:15] - (.Copyright CANON INC. 2010 All Rights Reserved - LLD.) - [340.5 Ko] - (1.0.0.0) - C:\WINDOWS\System32\CNC495L.dll [MD5.832AC9632BC028DE0FC6F405D991E406] - |A| - [03/06/2010 07:12:14] - (.Copyright CANON INC. 2010 All Rights Reserved - Canon WIA scanner co-installer 64bit Edition.) - [101 Ko] - (3.1.2.60) - C:\WINDOWS\System32\CNC495O.dll [MD5.493574E218AA18161D14EECFD572A0E8] - |A| - [14/02/2018 01:13:15] - (.Copyright CANON INC. 2007-2008 All Rights Reserved - Canon Device Dependent Informations for Scanner Library.) - [17.5 Ko] - (1.4.1.1) - C:\WINDOWS\System32\CNHMCA6.dll [MD5.09F6C9BF8B22D230CA73CBF17C5F9700] - |A| - [11/03/2010 00:57:08] - (.Copyright CANON INC. 2006-2010 All Rights Reserved - Canon IJ Driver Installer.) - [242.5 Ko] - (1.8.0.70) - C:\WINDOWS\System32\CNMIUA9.DLL [MD5.488256C0AFA4D9C1CB3084C2956288DF] - |A| - [20/01/2018 18:18:17] - (.Copyright CANON INC. 2000-2010 All Rights Reserved - IJ Language Monitor.) - [353 Ko] - (0.3.0.1) - C:\WINDOWS\System32\CNMLMA9.DLL [MD5.CADD2A28BAE455036E9B85E2920F472D] - |A| - [25/07/2018 13:37:15] - (.Copyright CANON INC. 2007-2011 All Rights Reserved - IJ Language Monitor.) - [376 Ko] - (0.3.0.1) - C:\WINDOWS\System32\CNMXLMA9.DLL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [3076.42 Ko] - C:\WINDOWS\System32\CodeIntegrity [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [368 Ko] - C:\WINDOWS\System32\com [MD5.535884123FABC2C15AA7DEC9834B55D4] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.contrast-white.png [MD5.89F92266DFC6F93961DFFBB2D6C61A15] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.png [MD5.A797B0B9070744F439340B5DE54E83BB] - |A| - [17/10/2017 08:00:56] - (.2013 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [119.45 Ko] - (1.0.0.4) - C:\WINDOWS\System32\CONEQMSAPOGUILibrary.dll [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:33] - [307354.8 Ko] - C:\WINDOWS\System32\config [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [53.11 Ko] - C:\WINDOWS\System32\Configuration [MD5.21CFA73B9FE6A74D622D3EF4E7460549] - |A| - [29/08/2017 09:55:52] - (.-.) - [738.92 Ko] - (0.0.0.0) - C:\WINDOWS\System32\cp_resources.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [403.5 Ko] - C:\WINDOWS\System32\cs-CZ [MD5.BDEBD2FC4927DA00EEA263AF9CF8F7ED] - |A| - [12/04/2018 01:34:15] - (.© 1996 - 2017 Daniel Stenberg, . - The curl executable.) - [414.5 Ko] - (7.55.1.0) - C:\WINDOWS\System32\curl.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [31.5 Ko] - C:\WINDOWS\System32\cy-GB [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [399 Ko] - C:\WINDOWS\System32\da-DK [MD5.4EDE94905F4910EA8CF91D4101DA198A] - |A| - [12/04/2018 01:34:04] - (.-.) - [138 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DataStoreCacheDumpTool.exe [MD5.00000000000000000000000000000000] - |D| - [17/10/2017 08:01:12] - [14664.75 Ko] - C:\WINDOWS\System32\DAX2 [MD5.00000000000000000000000000000000] - |D| - [17/10/2017 08:01:12] - [7069.54 Ko] - C:\WINDOWS\System32\DAX3 [MD5.1066F597FB3B01BCFA79584D3314FD2A] - |A| - [17/10/2017 08:00:56] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX APO Property Page.) - [1518.16 Ko] - (1.1.3.10) - C:\WINDOWS\System32\DAX3APOProp.dll [MD5.3FB5CE5E7990DEBBD2D5869A1D507F90] - |A| - [17/10/2017 08:00:56] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX APO.) - [1295.34 Ko] - (1.1.3.10) - C:\WINDOWS\System32\DAX3APOv251.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [217.6 Ko] - C:\WINDOWS\System32\DDFs [MD5.245DDFDAB6B9CC680D459E548074122C] - |A| - [17/10/2017 08:00:56] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [266.32 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPA64.dll [MD5.3A218313ECF3027B84E300F6420C8A24] - |A| - [17/10/2017 08:00:56] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [303.14 Ko] - (7.6.7.2) - C:\WINDOWS\System32\DDPA64F3.dll [MD5.E0E1648A5451BD2C23C8ED88DAFFC614] - |A| - [17/10/2017 08:00:56] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1919.73 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPD64A.dll [MD5.C04061A1B5E5C08923DBAB3292111738] - |A| - [17/10/2017 08:00:56] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1913.67 Ko] - (7.6.7.2) - C:\WINDOWS\System32\DDPD64AF3.dll [MD5.57AF362CD9AC1A09CDED9F8C2ED2D9DC] - |A| - [17/10/2017 08:00:56] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [319.78 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPO64A.dll [MD5.BBB2AD353DC5CC8DF1BC5013CFC71C11] - |A| - [17/10/2017 08:00:56] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [353.56 Ko] - (7.6.7.2) - C:\WINDOWS\System32\DDPO64AF3.dll [MD5.7BEB2D5A9CC83F7EAACED62734F5A13D] - |A| - [17/10/2017 08:00:56] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6929.87 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPP64A.dll [MD5.EB09D2160EA25ECAB83E27C4608C86ED] - |A| - [17/10/2017 08:00:56] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6117.8 Ko] - (7.6.7.2) - C:\WINDOWS\System32\DDPP64AF3.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [453 Ko] - C:\WINDOWS\System32\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [12/04/2018 01:34:06] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultAccountTile.png [MD5.618BA9E529EAB7E11DBA43469481835F] - |A| - [12/04/2018 01:34:04] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [12/04/2018 01:38:27] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultQuestions.json [MD5.4A6FA3C0EFD237F104E09A22883D9388] - |A| - [12/04/2018 01:34:17] - (.-.) - [3.85 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DetailedReading-Default.xml [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [923.5 Ko] - C:\WINDOWS\System32\DiagSvcs [MD5.12ACC91FA93C8BF82D4EF3FB779ECEF8] - |A| - [12/04/2018 01:34:24] - (.-.) - [80.27 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:37] - [9773.77 Ko] - C:\WINDOWS\System32\Dism [MD5.6AB2B935BF38EB13CFCB9506223FD6E7] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.contrast-white.png [MD5.FF004E0B30E5E4EC747B3D8EF6E3B89E] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.png [MD5.9C1F0EE9215B2CF8072FD7C03956AB86] - |A| - [17/10/2017 08:00:56] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX2 APO Property Page.) - [1132.02 Ko] - (0.8.4.32) - C:\WINDOWS\System32\DolbyDAX2APOProp.dll [MD5.50396D8271278EEEEE0A02CACCD42B20] - |A| - [17/10/2017 08:00:56] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [2387.39 Ko] - (0.8.4.32) - C:\WINDOWS\System32\DolbyDAX2APOv201.dll [MD5.256AB6D153CC9E006F28BBE7BAC9F295] - |A| - [17/10/2017 08:00:56] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [5221.67 Ko] - (0.8.4.32) - C:\WINDOWS\System32\DolbyDAX2APOv211.dll [MD5.C290C360E32A38B01C4717AA3C80EB46] - |A| - [17/10/2017 08:00:56] - (.© 2016 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [1143.43 Ko] - (1.6.0.47) - C:\WINDOWS\System32\DolbyDAX2APOvlldp.dll [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:37] - [2404.09 Ko] - C:\WINDOWS\System32\downlevel [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:37:59] - [132722 Ko] - C:\WINDOWS\System32\drivers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\DriverState [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:33] - [2371327.91 Ko] - C:\WINDOWS\System32\DriverStore [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [161.5 Ko] - C:\WINDOWS\System32\dsc [MD5.1C1C5BA02FEC449DDB79170F336FC6F4] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS Bass Enhancement COM DLL.) - [726.52 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSBassEnhancementDLL64.dll [MD5.C312BAC9FA677A8659044FCFC9F9C4A7] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS Boost COM DLL.) - [1473.56 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSBoostDLL64.dll [MD5.8DCB34E8DC1FDF221FCC448B2DFD7296] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS Gain Compensator COM DLL.) - [430.92 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSGainCompensatorDLL64.dll [MD5.EB6DA5FBB498F96021FE64829CF65CBD] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS GFX APO.) - [247.95 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSGFXAPO64.dll [MD5.27CEEA2F09A659C786D89275E93DB8CD] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS GFX APO.) - [246.95 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSGFXAPONS64.dll [MD5.553B28568222DF25D1ED502F8EF55961] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS LFX APO.) - [247.91 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSLFXAPO64.dll [MD5.B4CCFC91F00037CD41603854A57F54CA] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS Limiter COM DLL.) - [434.96 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSLimiterDLL64.dll [MD5.94E1F7565FD49FC915BAD5F1EFDD9798] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS NEO:PC COM DLL.) - [492.48 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSNeoPCDLL64.dll [MD5.ED1CCF259A2E783CF91A1B77FC15ECF6] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS Surround Sensation Headphone COM DLL.) - [1553.77 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSS2HeadphoneDLL64.dll [MD5.7707F85938B67602EB1B7BB6EA5A4E3E] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS Surround Sensation Speaker COM DLL.) - [1738.88 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSS2SpeakerDLL64.dll [MD5.7246D90C88D4CE99796A946EF3AD78C3] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS Symmetry COM DLL.) - [710.38 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSSymmetryDLL64.dll [MD5.7506FC08AE9330B0986B01B8005A3AC5] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS Voice Clarity COM DLL.) - [691.7 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSVoiceClarityDLL64.dll [MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [12/04/2018 01:34:04] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicLong.bin [MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [12/04/2018 01:34:04] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicMedium.bin [MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [12/04/2018 01:34:04] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicShort.bin [MD5.08C33E4AB904EC0960B0781ED26AE039] - |A| - [12/04/2018 01:33:52] - (.-.) - [2.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\edgehtmlpluginpolicy.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [451.5 Ko] - C:\WINDOWS\System32\el-GR [MD5.E99BBDE3AA3B3180CF7DAD46B75F3F51] - |A| - [14/02/2018 01:26:32] - (.-.) - [22.66 Ko] - (0.0.0.0) - C:\WINDOWS\System32\emptyregdb.dat [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:38] - [0 Ko] - C:\WINDOWS\System32\en [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [861.35 Ko] - C:\WINDOWS\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [2774.82 Ko] - C:\WINDOWS\System32\en-US [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [433.5 Ko] - C:\WINDOWS\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [358.5 Ko] - C:\WINDOWS\System32\es-MX [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [318.5 Ko] - C:\WINDOWS\System32\et-EE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\System32\eu-ES [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [17125.14 Ko] - C:\WINDOWS\System32\F12 [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\System32\fa-IR [MD5.4DBB768C8F7E49566670FF10A61726A3] - |A| - [12/07/2018 20:59:05] - (.-.) - [1278 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FaceProcessor.dll [MD5.F5A3997555DA1A4F7036D4E8B2FCB386] - |A| - [12/07/2018 20:58:58] - (.-.) - [530.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FaceProcessorCore.dll [MD5.BB0137476B1EC8B10CE944BF023C91F6] - |A| - [12/04/2018 01:34:04] - (.-.) - [1317.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FaceTrackerInternal.dll [MD5.4DED57BD7ACB9B0EBBE82034EC44645A] - |A| - [12/04/2018 01:34:41] - (.-.) - [43.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastBulldogImg.png [MD5.E65D2A37B6D4445D0CD9234BA933475B] - |A| - [12/04/2018 01:33:53] - (.-.) - [72.96 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastHeroImg.jpg [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [404.5 Ko] - C:\WINDOWS\System32\fi-FI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32.5 Ko] - C:\WINDOWS\System32\fil-PH [MD5.A6905D1302CFB88E284914852CF37BD0] - |A| - [15/05/2018 23:48:06] - (.-.) - [413.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:38] - [3403 Ko] - C:\WINDOWS\System32\fr [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [369 Ko] - C:\WINDOWS\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [45629.5 Ko] - C:\WINDOWS\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32.5 Ko] - C:\WINDOWS\System32\ga-IE [MD5.41FD64AE28A0C932CA7B2A250993D675] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.contrast-white.png [MD5.6DC77FD8B062264AF1C6DA325ABB7010] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.png [MD5.2E6AF4D5BF6E31E728F409984C3045D4] - |A| - [12/04/2018 01:34:39] - (.-.) - [86.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\gatherNetworkInfo.vbs [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [34 Ko] - C:\WINDOWS\System32\gd-GB [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [17/10/2017 07:53:35] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GfxValDisplayLog.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [31 Ko] - C:\WINDOWS\System32\gl-ES [MD5.00000000000000000000000000000000] - |D| - [18/03/2017 23:03:29] - [0 Ko] - C:\WINDOWS\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [18/03/2017 23:03:29] - [0 Ko] - C:\WINDOWS\System32\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\System32\gu-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\System32\ha-Latn-NG [MD5.EA99A87E98D995DE6E280CF85CEAD413] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.contrast-white.png [MD5.B8E586ED92DB703FFA480E254996160E] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.png [MD5.109BE7608A886F64B1BE78E93A257684] - |A| - [17/10/2017 08:00:56] - (.(c) 2016 Harman. - Harman APO Interface.) - [150.74 Ko] - (1.2.0.0) - C:\WINDOWS\System32\HarmanAudioInterface.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [327.5 Ko] - C:\WINDOWS\System32\he-IL [MD5.6E9E9D56B192B2995493E529CFF2BBFE] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.contrast-white.png [MD5.7F1E9502267F778F3A8139C35A352190] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.png [MD5.202A07E4526B050E22624328E64E0470] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.contrast-white.png [MD5.1892ACC10CAC009BCAC146AD650ABA58] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.png [MD5.031713BFD5F30E63336D3CA5D2767BE9] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.contrast-white.png [MD5.C1BD7976C99830E33A713D02374054EC] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.png [MD5.D6906D226393F94E7D8B3B2AC1E41D94] - |A| - [12/04/2018 01:34:10] - (.-.) - [247.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\System32\hi-IN [MD5.E39CB90645A15503E701E460D4612C0D] - |A| - [17/10/2017 08:00:57] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX2 HiFi API.) - [369.52 Ko] - (0.8.4.82) - C:\WINDOWS\System32\HiFiDAX2API.dll [MD5.B68453B63EEAA6E55FBD5411B779E4F5] - |A| - [17/10/2017 08:00:57] - (.© 2016 Dolby Laboratories, Inc. - Dolby DAX2 HiFi API.) - [396.92 Ko] - (1.6.0.47) - C:\WINDOWS\System32\HiFiDAX2APIPCLL.dll [MD5.0C41F1B45371B9CE83DFC0BA77A9CF74] - |A| - [17/10/2017 08:00:57] - (.© Harman. - Audio by Harman APO.) - [351.9 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMClariFi.dll [MD5.E111D8A64187D7186E507FD4AD93F07A] - |A| - [17/10/2017 08:00:57] - (.© Harman. - Audio by Harman APO.) - [186.46 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMEQ.dll [MD5.CB9C417F9CD6B4A382509425D2B6C3E1] - |A| - [17/10/2017 08:00:57] - (.© Harman. - Audio by Harman APO.) - [186.45 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMEQ_Voice.dll [MD5.F739A3E7E9C8EAD418A80715C765EB41] - |A| - [17/10/2017 08:00:57] - (.© Harman. - Audio by Harman APO.) - [199.06 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMHVS.dll [MD5.C4CDBA5B592882476FEDA2A2056E86CB] - |A| - [17/10/2017 08:00:57] - (.© Harman. - Audio by Harman APO.) - [175.38 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMLimiter.dll [MD5.D74F25DE979F40AD4E47ECF8B7BC34F1] - |A| - [17/10/2017 08:00:57] - (.?Harman. - Audio by Harman APO UI.) - [406.74 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMUI.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [335 Ko] - C:\WINDOWS\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [411 Ko] - C:\WINDOWS\System32\hu-HU [MD5.E1712E7E7F912EC72EEDA318C3B25E25] - |A| - [12/04/2018 01:33:54] - (.-.) - [31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HvSocket.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [27.5 Ko] - C:\WINDOWS\System32\hy-AM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:20] - [160.64 Ko] - C:\WINDOWS\System32\hydrogen [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [5.36 Ko] - C:\WINDOWS\System32\ias [MD5.9FD9E3896EF9ACE30AEB559CB158FB30] - |A| - [17/10/2017 08:00:57] - (.Copyright (c) 2017, ICEpower a/s - ICEpower ICEsound APO.) - [664.6 Ko] - (1.0.0.29) - C:\WINDOWS\System32\ICEsoundAPO64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [36.27 Ko] - C:\WINDOWS\System32\icsxml [MD5.CD591279F103D5E02F84ABD7ED450E57] - |RA| - [12/04/2018 01:34:12] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1848 Ko] - (59.1.0.0) - C:\WINDOWS\System32\icuin.dll [MD5.4185EE055F39FD2D726A91E6A8A1A093] - |RA| - [12/04/2018 01:34:12] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1311.5 Ko] - (59.1.0.0) - C:\WINDOWS\System32\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\System32\id-ID [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [27 Ko] - C:\WINDOWS\System32\ig-NG [MD5.0490CF9C8A9DB32FE6EA245D29EC2E3E] - |A| - [29/08/2017 09:56:02] - (.-.) - [270.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igfxCPL.cpl [MD5.67B646C256190F118619C9D10AAE4B5C] - |A| - [12/04/2018 01:34:04] - (.-.) - [168 Ko] - (0.0.0.0) - C:\WINDOWS\System32\IHDS.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [25220 Ko] - C:\WINDOWS\System32\IME [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\inetsrv [MD5.BB1480586B5C174900A1051CEB2B462F] - |A| - [12/04/2018 01:34:12] - (.-.) - [480.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [6671.5 Ko] - C:\WINDOWS\System32\InputMethod [MD5.8DE9AE82152650C178BF1E24014E8503] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.contrast-white.png [MD5.0B9FBD6F3ED617CD36D042D3422F1C2B] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.png [MD5.A30A83D8B928F400083B8B71890FA000] - |A| - [29/08/2017 09:56:04] - (.Copyright © The Khronos Group Inc 2014 - OpenCL Client DLL.) - [136.98 Ko] - (2.1.0.0) - C:\WINDOWS\System32\Intel_OpenCL_ICD64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\Ipmi [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\System32\is-IS [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [432.5 Ko] - C:\WINDOWS\System32\it-IT [MD5.23AC7515B6D8A794BCC01B582F044078] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.contrast-white.png [MD5.3DF873E16CCEA9B42857FB5FA085CB00] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\System32\kk-KZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28 Ko] - C:\WINDOWS\System32\km-KH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [31.5 Ko] - C:\WINDOWS\System32\kn-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [297 Ko] - C:\WINDOWS\System32\ko-KR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\System32\kok-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\System32\ku-Arab-IQ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\System32\ky-KG [MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [12/04/2018 01:34:04] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LargeRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [33 Ko] - C:\WINDOWS\System32\lb-LU [MD5.4F5120E44845A78D5920D2F0BDE0340F] - |A| - [12/04/2018 18:22:53] - (.-.) - [1953 Ko] - (2.6.4.0) - C:\WINDOWS\System32\libcrypto.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [559.86 Ko] - C:\WINDOWS\System32\Licenses [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [27 Ko] - C:\WINDOWS\System32\lo-LA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [2012.35 Ko] - C:\WINDOWS\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [333 Ko] - C:\WINDOWS\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [331.5 Ko] - C:\WINDOWS\System32\lv-LV [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [30061.23 Ko] - C:\WINDOWS\System32\Macromed [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32.68 Ko] - C:\WINDOWS\System32\MailContactsCalendarSync [MD5.9F46840758431946CA096F8096B016B4] - |A| - [13/06/2018 18:51:11] - (.-.) - [790 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MBR2GPT.EXE [MD5.F23EB28468FC8B62AF941308EC30387F] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.contrast-white.png [MD5.6E27512E38D598E0A60F8E5ADCF032CD] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.png [MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [12/04/2018 01:34:04] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediumRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\System32\mi-NZ [MD5.00000000000000000000000000000000] - |D| - [16/05/2018 00:45:33] - [1110.9 Ko] - C:\WINDOWS\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [5564.46 Ko] - C:\WINDOWS\System32\migration [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [47362.99 Ko] - C:\WINDOWS\System32\migwiz [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\System32\mk-MK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32.5 Ko] - C:\WINDOWS\System32\ml-IN [MD5.D225B2044789A6059344503C1AE33347] - |A| - [12/04/2018 01:34:29] - (.-.) - [3.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\mmc.exe.config [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\System32\mn-MN [MD5.B43E43FFFDD0F06A6925C7C89594042B] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.contrast-white.png [MD5.5D2F0D3E50BF1129D260AC1405FF2A18] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\System32\mr-IN [MD5.00000000000000000000000000000000] - |D| - [11/01/2018 01:16:53] - [0 Ko] - C:\WINDOWS\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\System32\ms-MY [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [45.5 Ko] - C:\WINDOWS\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [4260.28 Ko] - C:\WINDOWS\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [31 Ko] - C:\WINDOWS\System32\mt-MT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [19.15 Ko] - C:\WINDOWS\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [34.35 Ko] - C:\WINDOWS\System32\my-mm [MD5.505D4334EE8AA8205C6BA4835263F43D] - |A| - [17/10/2017 08:00:57] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [5462.51 Ko] - (6.3.9600.17246) - C:\WINDOWS\System32\NAHIMICAPOlfx.dll [MD5.DDCEB99B7BE4FA07C5BC56151E371264] - |A| - [17/10/2017 08:00:57] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO Settings Communication Dll.) - [980.33 Ko] - (1.0.0.14866) - C:\WINDOWS\System32\NahimicAPONSControl.dll [MD5.FA5300E74175A469924DC5E901B3CB1F] - |A| - [17/10/2017 08:00:57] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [5799.72 Ko] - (6.3.9600.17246) - C:\WINDOWS\System32\NAHIMICV2apo.dll [MD5.B8112CA86B0E387C1A004914B4ACFFE0] - |A| - [17/10/2017 08:00:57] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [6311.68 Ko] - (10.0.10011.16384) - C:\WINDOWS\System32\NAHIMICV3apo.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [393.5 Ko] - C:\WINDOWS\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\NDF [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [31.5 Ko] - C:\WINDOWS\System32\ne-NP [MD5.96E1A76E333C4642F2266B3F2E6B670F] - |A| - [14/02/2018 01:21:01] - (.-.) - [78.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetSetupMig.log [MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [12/04/2018 01:34:39] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [51 Ko] - C:\WINDOWS\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [422.5 Ko] - C:\WINDOWS\System32\nl-NL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\System32\nn-NO [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\System32\nso-ZA [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [3781.5 Ko] - C:\WINDOWS\System32\Nui [MD5.2A398F2468B85F862EF66A7B2F138C44] - |A| - [17/10/2017 07:56:33] - (.-.) - [7894.24 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvcoproc.bin [MD5.BEC655D093FD1081E0592AAE8BF2B4B7] - |A| - [18/03/2018 18:59:15] - (.-.) - [47.27 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvinfo.pb [MD5.D73A30E4A19CEF650E5D596EF05EC059] - |A| - [17/10/2017 07:57:08] - (.-.) - [118.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NvRtmpStreamer64.dll [MD5.1F8E72D18D9DF680D0E0E5AA10ECA760] - |A| - [12/04/2018 01:38:28] - (.-.) - [16.94 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OEMDefaultAssociations.xml [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-black.png [MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-white.png [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [44961.85 Ko] - C:\WINDOWS\System32\oobe [MD5.5C1765B680946C80B670E023AC55437C] - |A| - [17/01/2018 22:16:55] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [130.5 Ko] - (6.14.357.22) - C:\WINDOWS\System32\OpenAL32.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:54] - [3834.5 Ko] - C:\WINDOWS\System32\OpenSSH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32.5 Ko] - C:\WINDOWS\System32\or-IN [MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [12/04/2018 01:34:04] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OutdoorAudioEnvironment.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\System32\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\System32\pa-IN [MD5.B0126264FAD9BFE883A2783EC00A69CF] - |A| - [04/03/2018 17:51:20] - (.Copyright (c) by pdfforge - pdfcmon.) - [114.5 Ko] - (0.9.7.0) - C:\WINDOWS\System32\pdfcmon.dll [MD5.874B0871DA3EC061D1BF30423C1E165B] - |A| - [12/04/2018 01:34:43] - (.-.) - [48.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerceptionSimulationInput.exe [MD5.E7BCC1099403E8694065A8DAA7E0407E] - |A| - [12/04/2018 01:40:29] - (.-.) - [129.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc009.dat [MD5.3629648B76A78433991A9C5C6DA38835] - |A| - [12/04/2018 18:18:42] - (.-.) - [146.02 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc00C.dat [MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [12/04/2018 01:40:29] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd009.dat [MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [12/04/2018 18:18:42] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd00C.dat [MD5.A1AC22DE84AE149A67A0DCFC094C0DE6] - |A| - [12/04/2018 01:40:29] - (.-.) - [683.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh009.dat [MD5.8B15B5C2B30509A4E56A5BE81764B784] - |A| - [12/04/2018 18:18:42] - (.-.) - [772.49 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh00C.dat [MD5.4A143BDFB82724D395FD31BD6E83135A] - |A| - [16/05/2018 10:13:43] - (.-.) - [1725.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerfStringBackup.INI [MD5.79D34E3B62076D4C875C748F5BE71ECA] - |A| - [12/04/2018 01:34:02] - (.-.) - [2.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.contrast-white.png [MD5.4D9495349D00D9AD907F227FF51F289F] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.92 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [420 Ko] - C:\WINDOWS\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [682 Ko] - C:\WINDOWS\System32\PointOfService [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:39] - [420.74 Ko] - C:\WINDOWS\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\ProximityToast [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\System32\prs-AF [MD5.007893E8374C766471239EB291BA8C17] - |A| - [12/04/2018 01:34:40] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [422 Ko] - C:\WINDOWS\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [417.5 Ko] - C:\WINDOWS\System32\pt-PT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32.5 Ko] - C:\WINDOWS\System32\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\System32\quz-PE [MD5.55B45FEE7A438A02F4F8B6CC27F328B4] - |A| - [17/10/2017 08:00:57] - (.©2012 Dolby Laboratories. - Dolby PCEE4 ASL Analog x64.) - [131.05 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEA64A.dll [MD5.0539085EF080CA20DD4F9AA7151B81CA] - |A| - [17/10/2017 08:00:57] - (.©2012 Dolby Laboratories. - Dolby PCEE4 COM DLL x64.) - [437.23 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EED64A.dll [MD5.404CD5690F7C80253F71E42478B6902D] - |A| - [17/10/2017 08:00:57] - (.©2012 Dolby Laboratories. - Dolby PCEE4 GFX APO x64.) - [82.63 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEG64A.dll [MD5.CC0C47305E06B0501275CFF0441F7049] - |A| - [17/10/2017 08:00:57] - (.©2012 Dolby Laboratories. - Dolby PCEE4 LFX APO x64.) - [148.23 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEL64A.dll [MD5.DAB0E081FB7954C6C2CBAB66F90AD958] - |A| - [17/10/2017 08:00:57] - (.©2012 Dolby Laboratories. - Dolby PCEE4 Control Panel x64.) - [7004.8 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEP64A.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [23.75 Ko] - C:\WINDOWS\System32\ras [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\RasToast [MD5.5BBEA6A833CAE2CAB5E400D757998BBF] - |A| - [16/05/2018 00:44:17] - (.-.) - [1907.5 Ko] - (1.0.1802.7001) - C:\WINDOWS\System32\rdpnano.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [394719.03 Ko] - C:\WINDOWS\System32\Recovery [MD5.826549DF7B1333179BA8CA939B12DAD3] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.contrast-white.png [MD5.B4DEEC96F9DF6961D5DE054F11BF9C2B] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.png [MD5.93915F385A4EED6C0FBEE364EA90CE56] - |A| - [12/04/2018 01:34:43] - (.-.) - [9.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageList [MD5.39A2449AFF6ABAD80B97EA7C7CEB3F8E] - |A| - [12/04/2018 01:34:43] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageList [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-black.png [MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-white.png [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\restore [MD5.8CAF138F79802DFB5C706A635CD1886B] - |A| - [17/10/2017 07:54:27] - (.-.) - [18.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\results.xml [MD5.D7655D9340FDA6B57357FB939EA58CF8] - |A| - [17/10/2017 08:00:57] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [314.17 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DAA64.dll [MD5.32260EFF8A94E7E8FEC662F7D553130C] - |A| - [17/10/2017 08:00:57] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [314.17 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DHT64.dll [MD5.D7CFCE6811519582690065C21088E9A5] - |A| - [17/10/2017 08:01:50] - (.Copyright (C) 2014 - RtCRX.) - [82.5 Ko] - (1.11.9600.0) - C:\WINDOWS\System32\RtCRX64.dll [MD5.4C0DFD347298C13E9C4EB91FE471AC9E] - |A| - [17/10/2017 08:00:57] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [209.79 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEED64A.dll [MD5.62D32BE0719AEE69D016FE48D127C1FA] - |A| - [17/10/2017 08:00:57] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [86.27 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEG64A.dll [MD5.8038A49784B0294B7E7844E66236D760] - |A| - [17/10/2017 08:00:57] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [108.38 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEL64A.dll [MD5.61C4D0E48ABF0BD4E80F24A3712B0CD1] - |A| - [17/10/2017 08:00:57] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [378.23 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEP64A.dll [MD5.0F0CE558A9D992E8E0336E6ACB3FAF85] - |A| - [12/04/2018 01:34:04] - (.-.) - [51.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\runexehelper.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\System32\rw-RW [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [12/04/2018 01:35:22] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScavengeSpace.xml [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-black.png [MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-white.png [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\System32\sd-Arab-PK [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [12/04/2018 01:34:39] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\settings.dat [MD5.EF474B7A3B4B8C40B86192FD65004E81] - |A| - [17/10/2017 08:00:58] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFAPO.DLL.) - [86.25 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFAPO64.dll [MD5.8B42C01130BBF605A06BC1E2466845B3] - |A| - [17/10/2017 08:00:58] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFCOM.DLL.) - [88.78 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFCOM64.dll [MD5.F5CA54A81ED662A059634DE647E8CF88] - |A| - [17/10/2017 08:00:58] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFNHK.DLL.) - [226.48 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFNHK64.dll [MD5.0757600B4BF3B1F0A06F2E5879571859] - |A| - [17/10/2017 08:00:58] - (.Copyright (C) 2016 DTS, Inc. - DTS Universal APO DLL.) - [961.83 Ko] - (3.5.14.0) - C:\WINDOWS\System32\sl3apo64.dll [MD5.8A8B4BA563A7F278752E12CA91834AAD] - |A| - [17/10/2017 08:00:58] - (.Copyright (C) 2016 DTS, Inc. - DTS APO Controller DLL.) - [3330.89 Ko] - (3.5.14.0) - C:\WINDOWS\System32\slcnt64.dll [MD5.00000000000000000000000000000000] - |D| - [15/05/2018 23:48:06] - [23404.27 Ko] - C:\WINDOWS\System32\SleepStudy [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:39] - [52.14 Ko] - C:\WINDOWS\System32\slmgr [MD5.940F2A7A8B5F39B0F8F3D29208B5914F] - |A| - [17/10/2017 08:00:58] - (.TODO: (c) . - TODO: .) - [252.79 Ko] - (1.0.0.1) - C:\WINDOWS\System32\slprp64.dll [MD5.ED32C43AF9F2B05F0999C3F2867BFDE4] - |A| - [17/10/2017 08:00:58] - (.Copyright (C) 2016 DTS, Inc. - DTS APO Technology DLL.) - [3049.47 Ko] - (3.5.14.0) - C:\WINDOWS\System32\sltech64.dll [MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [12/04/2018 01:34:04] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:33] - [13385.02 Ko] - C:\WINDOWS\System32\SMI [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-black.png [MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-white.png [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.png [MD5.DE3EAAF17BC934C77C4FC0C626EEA03B] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.contrast-white.png [MD5.3308374DB8D20CFDA4D4204E2B5E559E] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.png [MD5.3C238A27DD48D63F21CBB8AE6E4210BD] - |A| - [12/04/2018 01:34:41] - (.-.) - [37 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpectrumSyncClient.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [7585.4 Ko] - C:\WINDOWS\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [12718.32 Ko] - C:\WINDOWS\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [163499.27 Ko] - C:\WINDOWS\System32\spool [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [12753.46 Ko] - C:\WINDOWS\System32\spp [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [23.61 Ko] - C:\WINDOWS\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\System32\sq-AL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\System32\sr-Cyrl-BA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\System32\sr-Cyrl-RS [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [337 Ko] - C:\WINDOWS\System32\sr-Latn-RS [MD5.5EE466CEA36221A08D9989254B8C8509] - |A| - [17/10/2017 08:00:58] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRAPO.DLL.) - [456.21 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRAPO64.dll [MD5.7E8325A957FE497119D9C81190687FB8] - |A| - [17/10/2017 08:00:58] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [333.16 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRCOM.dll [MD5.43A5B7A78E00F134E931650D14D3B111] - |A| - [17/10/2017 08:00:58] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [372.47 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRCOM64.dll [MD5.2E00E08420875FAE0B173C6A34C2A575] - |A| - [13/06/2018 18:51:11] - (.-.) - [18.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms-apr.dat [MD5.4FD560E994EDF0353835F3F9F506A62C] - |A| - [12/07/2018 20:58:56] - (.-.) - [57.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms.dat [MD5.8057B51847C9BBE19A22B00DFA93E0F6] - |A| - [17/10/2017 08:00:58] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRRPTR.DLL.) - [1401.51 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRRPTR64.dll [MD5.099B3C6101E6A306DE8C8B9B46E59399] - |A| - [17/10/2017 08:00:58] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [204.62 Ko] - (1.1.0.0) - C:\WINDOWS\System32\SRSHP64.dll [MD5.886407B08A658AABB3DD3E99CA5B4DAD] - |A| - [17/10/2017 08:00:58] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [216.77 Ko] - (1.1.4.0) - C:\WINDOWS\System32\SRSTSH64.dll [MD5.55E8B1ED3859D732330799800D0E1210] - |A| - [17/10/2017 08:00:58] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [519.9 Ko] - (3.2.0.0) - C:\WINDOWS\System32\SRSTSX64.dll [MD5.8852D4A8097509C174C4F5B58D1F698F] - |A| - [17/10/2017 08:00:58] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [162.3 Ko] - (1.1.3.0) - C:\WINDOWS\System32\SRSWOW64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [37720 Ko] - C:\WINDOWS\System32\sru [MD5.8A02EF186BDC952CA75EFA689EC4F275] - |A| - [12/04/2018 01:34:04] - (.-.) - [434 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [401.5 Ko] - C:\WINDOWS\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\System32\sw-KE [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:37] - [1402.16 Ko] - C:\WINDOWS\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [923.28 Ko] - C:\WINDOWS\System32\SystemResetPlatform [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [44.73 Ko] - C:\WINDOWS\System32\ta-in [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [10.73 Ko] - C:\WINDOWS\System32\ta-lk [MD5.9CD66B93520B6DD13C71EAEF487D7899] - |A| - [12/04/2018 01:34:16] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [49 Ko] - (3.3.2.0) - C:\WINDOWS\System32\tar.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [642.26 Ko] - C:\WINDOWS\System32\Tasks [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [580.12 Ko] - C:\WINDOWS\System32\Tasks_Migrated [MD5.3FD03A130DAF033DFB0EB93228286810] - |A| - [24/08/2018 12:01:49] - (.-.) - [1.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcbres.wim [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [12/04/2018 01:34:33] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\System32\te-IN [MD5.7453519C9ECF84B289EA22FAEA5913B7] - |A| - [17/10/2017 08:00:58] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Audio Source Filtering APO.) - [832.16 Ko] - (2.1.1.0) - C:\WINDOWS\System32\tosasfapo64.dll [MD5.2869853985A50E0A26EBE0CF388F7886] - |A| - [17/10/2017 08:00:58] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Earphone Audio Enhancement APO.) - [436.7 Ko] - (2.1.0.0) - C:\WINDOWS\System32\toseaeapo64.dll [MD5.F495509A51F727FF64BEA54ADF0FDD23] - |A| - [17/10/2017 08:00:58] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Speaker Audio Enhancement APO.) - [1306.28 Ko] - (2.1.1.0) - C:\WINDOWS\System32\tossaeapo64.dll [MD5.1D19B542DA59E33A893F7B97AB1B1C5B] - |A| - [17/10/2017 08:00:58] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Speaker Audio Enhancement Maximizer.) - [590.63 Ko] - (1.1.2.0) - C:\WINDOWS\System32\tossaemaxapo64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [392.5 Ko] - C:\WINDOWS\System32\tr-TR [MD5.B88B8D017386A00D7724519F475317A0] - |A| - [12/04/2018 01:34:44] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [12/04/2018 01:34:44] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlanCredentials.xslt [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\System32\tt-RU [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28 Ko] - C:\WINDOWS\System32\ug-CN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [334.5 Ko] - C:\WINDOWS\System32\uk-UA [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [2716.96 Ko] - C:\WINDOWS\System32\UNP [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\System32\ur-PK [MD5.5B0D59652F66ABB715DC53C312B26BD0] - |A| - [12/04/2018 01:34:14] - (.-.) - [37 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UsbPmApi.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32 Ko] - C:\WINDOWS\System32\uz-Latn-UZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [31.5 Ko] - C:\WINDOWS\System32\vi-VN [MD5.52D61488A2A692ED61CF69CAA7708001] - |A| - [04/03/2018 17:44:30] - (.Copyright (C) Visagesoft 1998,2009 - Visagesoft Printer Port Monitor.) - [26.45 Ko] - (0.3.0.0) - C:\WINDOWS\System32\vsmon1.dll [MD5.4EC0C222BEB7088B9264B5132F20CDBF] - |A| - [25/02/2017 01:23:14] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [524.28 Ko] - (1.0.42.0) - C:\WINDOWS\System32\vulkan-1-1-0-42-0.dll [MD5.5450A69087D2F6955A253CB2BF86503C] - |A| - [09/12/2017 00:24:44] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [906.8 Ko] - (1.0.65.1) - C:\WINDOWS\System32\vulkan-1-1-0-65-1.dll [MD5.5450A69087D2F6955A253CB2BF86503C] - |A| - [17/10/2017 07:53:36] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [906.8 Ko] - (1.0.65.1) - C:\WINDOWS\System32\vulkan-1.dll [MD5.CE8DFEB11053404DC17B2782176F816D] - |A| - [25/02/2017 01:23:10] - (.-.) - [248.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo-1-1-0-42-0.exe [MD5.95253BF8F996BEA19BFA974F61277E87] - |A| - [09/12/2017 00:24:32] - (.-.) - [577.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo-1-1-0-65-1.exe [MD5.95253BF8F996BEA19BFA974F61277E87] - |A| - [17/10/2017 07:53:36] - (.-.) - [577.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [89136.46 Ko] - C:\WINDOWS\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:39] - [0 Ko] - C:\WINDOWS\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [142607.46 Ko] - C:\WINDOWS\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [12/04/2018 01:34:19] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WdsUnattendTemplate.xml [MD5.957484C05356018083D72546EF8CDEDE] - |A| - [12/09/2017 07:50:00] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library.) - [935.46 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.dll [MD5.AA897370830C506856ADCC5D98E0A2C4] - |A| - [12/09/2017 15:25:10] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, ±¾µØ»¯/ÖÐÎÄ£¨¼òÌ壩.) - [21.5 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.lcn [MD5.97501C87CEE81AB9E937309053C1925A] - |A| - [12/09/2017 15:25:12] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, Sprachmodul/Deutsch.) - [49 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.lde [MD5.90E15B5FBA33BAC3ACB5F7121BC2198B] - |A| - [12/09/2017 15:25:12] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library.) - [48.5 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.les [MD5.FBF9C2D23A76B0EBDAFD8555EA2FF4C9] - |A| - [12/09/2017 15:25:12] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, Langue/Français.) - [47.5 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.lfr [MD5.8B3FD30AEBA7A19774B888EFCCD10446] - |A| - [12/09/2017 15:25:04] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, Localizzazione/Italiano.) - [49 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.lit [MD5.2C3717E5B8E6A6A246DCC016881C511B] - |A| - [12/09/2017 15:25:12] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, ƒ[ƒJƒ‰ƒCƒ[ƒCƒVƒ‡ƒ“/“ú–{Œê.) - [29.5 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.ljp [MD5.DA13CECBAF3CFDEEA0BFA31A2DC0A00D] - |A| - [12/09/2017 15:25:10] - (.-.) - [44 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.lru [MD5.E9F64666E96C6BE8B48F08B4B98F7F72] - |A| - [12/09/2017 07:50:00] - (.Copyright (C) 2004-2017 by WIBU-SYSTEMS AG - CodeMeter Java Calling Driver.) - [219.51 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\wibucmJNI64.dll [MD5.E3E7143A462E809F29F15FC5C6AD1CD2] - |A| - [12/09/2017 07:50:00] - (.Copyright (C) 2005-2017 by WIBU-SYSTEMS AG - WIBU AxProtector Java.) - [1344.98 Ko] - (10.0.2640.503) - C:\WINDOWS\System32\WibuXpm4J64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [1.12 Ko] - C:\WINDOWS\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [44134.66 Ko] - C:\WINDOWS\System32\WinBioPlugIns [MD5.E7DB98F5E56D795193A48C4D07EC92BD] - |A| - [24/03/2018 13:30:28] - (.Copyright © 2017 - Java(TM) Platform SE binary.) - [107.56 Ko] - (8.0.1610.12) - C:\WINDOWS\System32\WindowsAccessBridge-64.dll [MD5.9FB33FC28587B322B6563F73A8F0CBBD] - |A| - [12/04/2018 01:34:10] - (.-.) - [123 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [9741.73 Ko] - C:\WINDOWS\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [120240 Ko] - C:\WINDOWS\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [5569.42 Ko] - C:\WINDOWS\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:39] - [107.53 Ko] - C:\WINDOWS\System32\winrm [MD5.00000000000000000000000000000000] - |HD| - [17/10/2017 08:06:37] - [0.05 Ko] - C:\WINDOWS\System32\WLANProfiles [MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [12/04/2018 01:34:42] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcmon.png [MD5.A853BF78DA5ED707FC4430FBEA74CC15] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpr.config.xml [MD5.CF35457AF69AB659F75FF9089D452188] - |A| - [17/01/2018 22:16:55] - (.Copyright © 2007 - OpenAL32.) - [410 Ko] - (2.1.8.1) - C:\WINDOWS\System32\wrap_oal.dll [MD5.DE198ABE13B6E663E60E006E17CF68B1] - |A| - [12/04/2018 01:34:06] - (.-.) - [79.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\System32\xh-ZA [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [12/04/2018 01:34:49] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [12/04/2018 01:34:48] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [12/04/2018 01:34:59] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@VpnToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [12/04/2018 01:34:49] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@WirelessDisplayToast.png [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:41] - [1900.9 Ko] - C:\WINDOWS\SysWOW64\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\SysWOW64\af-ZA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [22 Ko] - C:\WINDOWS\SysWOW64\am-ET [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [326.5 Ko] - C:\WINDOWS\SysWOW64\ar-SA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\SysWOW64\as-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\SysWOW64\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\SysWOW64\be-BY [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [324 Ko] - C:\WINDOWS\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\SysWOW64\bn-BD [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\SysWOW64\bn-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\SysWOW64\bs-Latn-BA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0.1 Ko] - C:\WINDOWS\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\SysWOW64\ca-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [31 Ko] - C:\WINDOWS\SysWOW64\ca-ES-valencia [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [23 Ko] - C:\WINDOWS\SysWOW64\chr-CHER-US [MD5.EA88F93CA71EDEB959BB483998E84730] - |A| - [14/02/2018 01:13:15] - (.-.) - [12.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CNC1747D.TBL [MD5.0A294F1A46F4BCB5C4323FFEB276393D] - |A| - [14/02/2018 01:13:15] - (.Copyright CANON INC. 2010 All Rights Reserved - LLD.) - [300 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\CNC495L.dll [MD5.7B0B9146146B111E2F3EA58C0F3B5756] - |A| - [14/02/2018 01:13:15] - (.Copyright CANON INC. 2010 All Rights Reserved - Scanner Driver.) - [104 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\CNC495U.dll [MD5.D16CF34B17899F90A8FCF2A3F77B4A27] - |A| - [14/02/2018 01:13:15] - (.Copyright CANON INC. 2007-2008 All Rights Reserved - Canon Device Dependent Informations for Scanner Library.) - [15.5 Ko] - (1.4.1.1) - C:\WINDOWS\SysWOW64\CNHMCA.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [320.5 Ko] - C:\WINDOWS\SysWOW64\com [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [5.64 Ko] - C:\WINDOWS\SysWOW64\config [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [53.11 Ko] - C:\WINDOWS\SysWOW64\Configuration [MD5.831DE1258836FBCFB465E59EA10C26D6] - |A| - [24/01/2018 21:02:54] - (.Copyright (c) 1991-1998 Seagate Software, Inc. - CPEAUT DLL.) - [403.5 Ko] - (7.0.0.17) - C:\WINDOWS\SysWOW64\cpeaut32.dll [MD5.A2E5A1A2DAF532C48498414F8FFD87BB] - |A| - [24/01/2018 21:02:54] - (.Copyright (c) 1991-1998 Seagate Software, Inc. - Seagate Crystal Reports Print Engine.) - [663.5 Ko] - (7.0.0.191) - C:\WINDOWS\SysWOW64\cr2c70de.dll [MD5.771DE190EE645A909B7072B7FDC673A2] - |A| - [24/01/2018 21:02:54] - (.Copyright © 1996 Seagate Software, Inc. - Crystal Reports Text Object Support DLL.) - [179 Ko] - (5.0.0.1) - C:\WINDOWS\SysWOW64\crpaig32.dll [MD5.F3A584E79D2D61C591786C12FE664EA5] - |A| - [24/01/2018 21:02:54] - (.Copyright (c) 1991-1998 Seagate Software, Inc. - Seagate Crystal Reports Print Engine.) - [5225.5 Ko] - (7.0.0.193) - C:\WINDOWS\SysWOW64\crpe32.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [382 Ko] - C:\WINDOWS\SysWOW64\cs-CZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [31.5 Ko] - C:\WINDOWS\SysWOW64\cy-GB [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [379 Ko] - C:\WINDOWS\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [430.5 Ko] - C:\WINDOWS\SysWOW64\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [12/04/2018 01:34:46] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\DefaultAccountTile.png [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [205 Ko] - C:\WINDOWS\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [7783.23 Ko] - C:\WINDOWS\SysWOW64\Dism [MD5.FE4CA2105E03FB88B1C7EAF70DDC26FB] - |A| - [17/10/2017 07:59:39] - (.-.) - [134.56 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gms.log [MD5.1E91815C329345AD54FE08BF7A98F749] - |A| - [12/04/2018 18:19:16] - (.Copyright (C) 2017 - Gracenote SDK component.) - [4073.5 Ko] - (3.10.5.5585) - C:\WINDOWS\SysWOW64\gnsdk_fp.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\SysWOW64\gu-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\SysWOW64\ha-Latn-NG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [309.5 Ko] - C:\WINDOWS\SysWOW64\he-IL [MD5.B4242227EAA6B910E3D0B985816DB2E7] - |A| - [12/04/2018 01:34:45] - (.-.) - [218 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\SysWOW64\hi-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [314.5 Ko] - C:\WINDOWS\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [389.5 Ko] - C:\WINDOWS\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [27.5 Ko] - C:\WINDOWS\SysWOW64\hy-AM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [36.27 Ko] - C:\WINDOWS\SysWOW64\icsxml [MD5.17F5D3282D520EB2EA7C488AA6C57438] - |RA| - [12/04/2018 01:34:47] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1594 Ko] - (59.1.0.0) - C:\WINDOWS\SysWOW64\icuin.dll [MD5.A456E020684366A0DB0714ABFB1B5A2A] - |RA| - [12/04/2018 01:34:47] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1134 Ko] - (59.1.0.0) - C:\WINDOWS\SysWOW64\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\SysWOW64\id-ID [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [27 Ko] - C:\WINDOWS\SysWOW64\ig-NG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [20757.55 Ko] - C:\WINDOWS\SysWOW64\IME [MD5.0A0324A4282DF0F2C3129E5BD84077BC] - |A| - [24/01/2018 21:02:55] - (.- Implode Application.) - [18.5 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\implode.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\inetsrv [MD5.9DDE110E76DD3D7FAA7282361069528E] - |A| - [12/04/2018 01:34:47] - (.-.) - [355.66 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [215.5 Ko] - C:\WINDOWS\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [1160 Ko] - C:\WINDOWS\SysWOW64\InstallShield [MD5.8495A869A2EF58F9511AF2C4FE0814B3] - |A| - [29/08/2017 09:56:04] - (.Copyright © The Khronos Group Inc 2014 - OpenCL Client DLL.) - [113.98 Ko] - (2.1.0.0) - C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\Ipmi [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\SysWOW64\is-IS [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [410.5 Ko] - C:\WINDOWS\SysWOW64\it-IT [MD5.B3B9C8925432FDA674ACCA908FE3CFDE] - |A| - [12/04/2018 01:34:02] - (.-.) - [36.79 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\OneDrive.ico [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [685.69 Ko] - C:\WINDOWS\SysWOW64\oobe [MD5.CE0CDC5459EAA1D574AF781DDB8F2685] - |A| - [17/01/2018 22:16:55] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [108 Ko] - (6.14.357.22) - C:\WINDOWS\SysWOW64\OpenAL32.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32.5 Ko] - C:\WINDOWS\SysWOW64\or-IN [MD5.B12F1D285305F5E15DFA0E1C554FB97A] - |A| - [24/01/2018 21:02:55] - (.Copyright(c) 1991-1998 Seagate Software, Inc. - Active Data Reporting DLL for Seagate Crystal Reports..) - [167.5 Ko] - (6.0.0.46) - C:\WINDOWS\SysWOW64\P2smon.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\SysWOW64\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\SysWOW64\pa-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [397.5 Ko] - C:\WINDOWS\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:40] - [420.74 Ko] - C:\WINDOWS\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\SysWOW64\prs-AF [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [400.5 Ko] - C:\WINDOWS\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [395.5 Ko] - C:\WINDOWS\SysWOW64\pt-PT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32.5 Ko] - C:\WINDOWS\SysWOW64\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\SysWOW64\quz-PE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [23.75 Ko] - C:\WINDOWS\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\RasToast [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0.82 Ko] - C:\WINDOWS\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\restore [MD5.7E8325A957FE497119D9C81190687FB8] - |A| - [17/10/2017 08:00:58] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [333.16 Ko] - (4.0.0.59) - C:\WINDOWS\SysWOW64\SRCOM.dll [MD5.2E00E08420875FAE0B173C6A34C2A575] - |A| - [13/06/2018 18:51:11] - (.-.) - [18.28 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\srms-apr.dat [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\sru [MD5.DC2DB04CA829CAD7910CE71263F68C90] - |A| - [12/04/2018 01:34:45] - (.-.) - [321.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [381.5 Ko] - C:\WINDOWS\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\SysWOW64\sw-KE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:40] - [0 Ko] - C:\WINDOWS\SysWOW64\sysprep [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [34 Ko] - C:\WINDOWS\SysWOW64\ta-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\SysWOW64\te-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32 Ko] - C:\WINDOWS\SysWOW64\tg-Cyrl-TJ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [289.5 Ko] - C:\WINDOWS\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [22.5 Ko] - C:\WINDOWS\SysWOW64\ti-ET [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [27.5 Ko] - C:\WINDOWS\SysWOW64\tk-TM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32.5 Ko] - C:\WINDOWS\SysWOW64\tn-ZA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [372.5 Ko] - C:\WINDOWS\SysWOW64\tr-TR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\SysWOW64\tt-RU [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28 Ko] - C:\WINDOWS\SysWOW64\ug-CN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [314 Ko] - C:\WINDOWS\SysWOW64\uk-UA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\SysWOW64\ur-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32 Ko] - C:\WINDOWS\SysWOW64\uz-Latn-UZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [31.5 Ko] - C:\WINDOWS\SysWOW64\vi-VN [MD5.59377F8A6F735CB0A30C53C4DC13BC22] - |A| - [25/02/2017 01:23:24] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [513.28 Ko] - (1.0.42.0) - C:\WINDOWS\SysWOW64\vulkan-1-1-0-42-0.dll [MD5.ECAD282D3035068CFB021D159C91B514] - |A| - [09/12/2017 00:25:12] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [779.8 Ko] - (1.0.65.1) - C:\WINDOWS\SysWOW64\vulkan-1-1-0-65-1.dll [MD5.ECAD282D3035068CFB021D159C91B514] - |A| - [17/10/2017 07:53:36] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [779.8 Ko] - (1.0.65.1) - C:\WINDOWS\SysWOW64\vulkan-1.dll [MD5.382786C3F38DF50A085C4A577663F553] - |A| - [25/02/2017 01:23:20] - (.-.) - [228.28 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-42-0.exe [MD5.35065D5FFEFB6886F77AA6A7E5DF901B] - |A| - [09/12/2017 00:25:00] - (.-.) - [479.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-65-1.exe [MD5.35065D5FFEFB6886F77AA6A7E5DF901B] - |A| - [17/10/2017 07:53:36] - (.-.) - [479.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [15735.62 Ko] - C:\WINDOWS\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:40] - [0 Ko] - C:\WINDOWS\SysWOW64\WCN [MD5.9ED1A6EA6C2F35F2302B81052F7C95D3] - |A| - [12/09/2017 07:50:00] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library.) - [775.96 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.dll [MD5.A60EDBFD0EE56801814B829096D3EB11] - |A| - [12/09/2017 14:59:50] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, ±¾µØ»¯/ÖÐÎÄ£¨¼òÌ壩.) - [21 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.lcn [MD5.2CAE7B6C33302323A07B2AA158924DA2] - |A| - [12/09/2017 14:59:50] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, Sprachmodul/Deutsch.) - [48.5 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.lde [MD5.54B90C2CF8C1BDDE5423E6CE2C59341B] - |A| - [12/09/2017 14:59:52] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library.) - [48 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.les [MD5.61A557E68DD0D87F78149E77C9C7EE45] - |A| - [12/09/2017 14:59:50] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, Langue/Français.) - [47 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.lfr [MD5.0DEAE80D2135F79B503AFE8DCAF54564] - |A| - [12/09/2017 14:59:50] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, Localizzazione/Italiano.) - [48.5 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.lit [MD5.887B91915F51EE6A940C37426B465921] - |A| - [12/09/2017 14:59:52] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, ƒ[ƒJƒ‰ƒCƒ[ƒCƒVƒ‡ƒ“/“ú–{Œê.) - [29 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.ljp [MD5.09191A4950157A1CFF9BB2A5C806B744] - |A| - [12/09/2017 14:59:50] - (.-.) - [43.5 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.lru [MD5.9853B752EA37B7B70FF476B39901A871] - |A| - [12/09/2017 07:50:00] - (.Copyright (C) 2004-2017 by WIBU-SYSTEMS AG - CodeMeter Java Calling Driver.) - [183.51 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\wibucmJNI.dll [MD5.E5985524EAE97B96C023264E9054B248] - |A| - [12/09/2017 07:50:00] - (.Copyright (C) 2005-2017 by WIBU-SYSTEMS AG - WIBU AxProtector Java.) - [1072.48 Ko] - (10.0.2640.503) - C:\WINDOWS\SysWOW64\WibuXpm4J32.dll [MD5.E7DB98F5E56D795193A48C4D07EC92BD] - |A| - [24/03/2018 13:32:22] - (.Copyright © 2017 - Java(TM) Platform SE binary.) - [107.56 Ko] - (8.0.1610.12) - C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll [MD5.F8A04B2ADF9693ADF0D70B966CA4498E] - |A| - [12/04/2018 01:34:45] - (.-.) - [109 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [8907.44 Ko] - C:\WINDOWS\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [5569.41 Ko] - C:\WINDOWS\SysWOW64\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:40] - [107.53 Ko] - C:\WINDOWS\SysWOW64\winrm [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [27.5 Ko] - C:\WINDOWS\SysWOW64\wo-SN [MD5.9C24ED831DDFA8319382B2BFD9691AA9] - |A| - [17/01/2018 22:16:55] - (.Copyright © 2007 - OpenAL32.) - [404 Ko] - (2.1.8.1) - C:\WINDOWS\SysWOW64\wrap_oal.dll [MD5.62236256C14EBAB96F24E4F1D7049CA8] - |A| - [12/04/2018 01:34:45] - (.-.) - [54.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\SysWOW64\xh-ZA [MD5.00000000000000000000000000000000] - |D| - [16/05/2018 00:42:46] - [10.16 Ko] - C:\WINDOWS\SysWOW64\XPSViewer [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\SysWOW64\yo-NG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [245.5 Ko] - C:\WINDOWS\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [240.5 Ko] - C:\WINDOWS\SysWOW64\zh-TW [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\SysWOW64\zu-ZA ---------- | Shell Folders [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "!Do not use this registry key"=Use the SHGetFolderPath or SHGetKnownFolderPath function instead "AppData"=C:\Users\colis\AppData\Roaming [16/05/2018 10:06:11] "Local AppData"=C:\Users\colis\AppData\Local [16/05/2018 10:06:11] "CD Burning"=C:\Users\colis\AppData\Local\Microsoft\Windows\Burn\Burn [16/05/2018 10:13:15] "{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Libraries [10/01/2018 22:33:54] "My Video"=C:\Users\colis\Videos [10/01/2018 22:31:01] "My Pictures"=C:\Users\colis\Pictures [10/01/2018 22:31:01] "Desktop"=C:\Users\colis\Desktop [10/01/2018 22:31:01] "History"=C:\Users\colis\AppData\Local\Microsoft\Windows\History [10/01/2018 22:31:01] "NetHood"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Network Shortcuts [16/05/2018 10:06:11] "{56784854-C6CB-462B-8169-88E350ACB882}"=C:\Users\colis\Contacts [10/01/2018 22:33:54] "{00BCFC5A-ED94-4E48-96A1-3F6217F21990}"=C:\Users\colis\AppData\Local\Microsoft\Windows\RoamingTiles [10/01/2018 22:33:54] "Cookies"=C:\Users\colis\AppData\Local\Microsoft\Windows\INetCookies [10/01/2018 22:31:01] "Favorites"=C:\Users\colis\Favorites [10/01/2018 22:31:01] "SendTo"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\SendTo [10/01/2018 22:31:01] "Start Menu"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu [10/01/2018 22:31:01] "My Music"=C:\Users\colis\Music [10/01/2018 22:31:01] "Programs"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [10/01/2018 22:31:01] "Recent"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Recent [10/01/2018 22:31:01] "PrintHood"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Printer Shortcuts [16/05/2018 10:06:11] "{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"=C:\Users\colis\Searches [10/01/2018 22:33:54] "{374DE290-123F-4565-9164-39C4925E467B}"=C:\Users\colis\Downloads [10/01/2018 22:31:01] "{A520A1A4-1780-4FF6-BD18-167343C5AF16}"=C:\Users\colis\AppData\LocalLow [10/01/2018 22:31:01] "Startup"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [10/01/2018 22:33:54] "Administrative Tools"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [10/01/2018 22:33:54] "Personal"=C:\Users\colis\Documents [10/01/2018 22:31:01] "{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"=C:\Users\colis\Links [10/01/2018 22:31:01] "Cache"=C:\Users\colis\AppData\Local\Microsoft\Windows\INetCache [16/05/2018 10:06:11] "Templates"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Templates [16/05/2018 10:06:11] "{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"=C:\Users\colis\Saved Games [10/01/2018 22:31:01] "Fonts"=C:\WINDOWS\Fonts [12/04/2018 01:38:21] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "AppData"=%USERPROFILE%\AppData\Roaming "Cache"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCache "Cookies"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCookies "Desktop"=%USERPROFILE%\Desktop "Favorites"=%USERPROFILE%\Favorites "History"=%USERPROFILE%\AppData\Local\Microsoft\Windows\History "Local AppData"=%USERPROFILE%\AppData\Local "My Music"=%USERPROFILE%\Music "My Pictures"=%USERPROFILE%\Pictures "My Video"=%USERPROFILE%\Videos "NetHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts "Personal"=%USERPROFILE%\Documents "PrintHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts "Programs"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs "Recent"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent "SendTo"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo "Start Menu"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu "Startup"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup "Templates"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates "{374DE290-123F-4565-9164-39C4925E467B}"=%USERPROFILE%\Downloads "{C3F2459E-80D6-45DC-BFEF-1F769F2BE730}"=C:\Users\colis\OneDrive\Musique [29/06/2018 10:36:13] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [12/04/2018 01:38:20] "Common AppData"=C:\ProgramData [12/04/2018 01:38:20] "Common Desktop"=C:\Users\Public\Desktop [18/03/2017 23:03:29] "Common Documents"=C:\Users\Public\Documents [18/03/2017 23:03:29] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [12/04/2018 01:38:20] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [12/04/2018 01:38:20] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [12/04/2018 01:38:20] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [18/03/2017 23:03:29] "CommonMusic"=C:\Users\Public\Music [18/03/2017 23:03:29] "CommonPictures"=C:\Users\Public\Pictures [18/03/2017 23:03:29] "CommonVideo"=C:\Users\Public\Videos [18/03/2017 23:03:29] "OEM Links"=C:\ProgramData\OEM\Links [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [12/04/2018 01:38:20] "Common AppData"=C:\ProgramData [12/04/2018 01:38:20] "Common Desktop"=C:\Users\Public\Desktop [18/03/2017 23:03:29] "Common Documents"=C:\Users\Public\Documents [18/03/2017 23:03:29] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [12/04/2018 01:38:20] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [12/04/2018 01:38:20] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [12/04/2018 01:38:20] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [18/03/2017 23:03:29] "CommonMusic"=C:\Users\Public\Music [18/03/2017 23:03:29] "CommonPictures"=C:\Users\Public\Pictures [18/03/2017 23:03:29] "CommonVideo"=C:\Users\Public\Videos [18/03/2017 23:03:29] "OEM Links"=C:\ProgramData\OEM\Links [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads ---------- | [colis] [26/08/2018 21:56:12] - |D| - [110] - C:\Users\colis\.config [26/08/2018 21:57:43] - |D| - [50704269] - C:\Users\colis\.electron [08/06/2018 13:24:41] - |D| - [4180] - C:\Users\colis\.solibri [14/02/2018 01:34:54] - |RD| - [298] - C:\Users\colis\3D Objects [14/01/2018 23:36:48] - |D| - [0] - C:\Users\colis\ansel [16/05/2018 10:06:11] - |HD| - [10586689492] - C:\Users\colis\AppData [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\Application Data [10/01/2018 22:33:54] - |RD| - [412] - C:\Users\colis\Contacts [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\Cookies [10/01/2018 22:31:01] - |RD| - [11579396898] - C:\Users\colis\Desktop [10/01/2018 22:31:01] - |RD| - [240542740] - C:\Users\colis\Documents [10/01/2018 22:31:01] - |RD| - [282] - C:\Users\colis\Downloads [10/01/2018 22:31:01] - |RD| - [914] - C:\Users\colis\Favorites [10/01/2018 22:33:53] - |SHD| - [25308] - C:\Users\colis\IntelGraphicsProfiles [10/01/2018 22:31:01] - |RD| - [1953] - C:\Users\colis\Links [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\Local Settings [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\Menu Démarrer [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\Mes documents [14/02/2018 01:35:12] - |HD| - [2663617] - C:\Users\colis\MicrosoftEdgeBackups [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\Modèles [10/01/2018 22:31:01] - |RD| - [26501092771] - C:\Users\colis\Music [16/05/2018 10:06:11] - |AH| - [7602176] - C:\Users\colis\NTUSER.DAT [16/05/2018 10:06:11] - |ASH| - [1835008] - C:\Users\colis\ntuser.dat.LOG1 [16/05/2018 10:06:11] - |ASH| - [1703936] - C:\Users\colis\ntuser.dat.LOG2 [16/05/2018 10:06:11] - |ASH| - [65536] - C:\Users\colis\NTUSER.DAT{04474bf2-5892-11e8-abfb-b06ebf4f9d0c}.TM.blf [16/05/2018 10:06:11] - |ASH| - [524288] - C:\Users\colis\NTUSER.DAT{04474bf2-5892-11e8-abfb-b06ebf4f9d0c}.TMContainer00000000000000000001.regtrans-ms [16/05/2018 10:06:11] - |ASH| - [524288] - C:\Users\colis\NTUSER.DAT{04474bf2-5892-11e8-abfb-b06ebf4f9d0c}.TMContainer00000000000000000002.regtrans-ms [16/05/2018 10:10:06] - |SH| - [20] - C:\Users\colis\ntuser.ini [10/01/2018 22:35:53] - |RAD| - [1067535] - C:\Users\colis\OneDrive [10/01/2018 22:31:01] - |RD| - [884] - C:\Users\colis\Pictures [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\Recent [16/05/2018 10:06:11] - |D| - [0] - C:\Users\colis\Roaming [10/01/2018 22:31:01] - |RD| - [282] - C:\Users\colis\Saved Games [10/01/2018 22:33:54] - |RD| - [1872] - C:\Users\colis\Searches [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\SendTo [08/06/2018 13:25:16] - |D| - [4840] - C:\Users\colis\Solibri [10/01/2018 22:31:01] - |RD| - [694] - C:\Users\colis\Videos [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\Voisinage d'impression [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\Voisinage réseau [16/05/2018 10:06:11] - |D| - [5916388741] - C:\Users\colis\AppData\Local [10/01/2018 22:31:01] - |D| - [100429184] - C:\Users\colis\AppData\LocalLow [16/05/2018 10:06:11] - |D| - [4569871567] - C:\Users\colis\AppData\Roaming [16/04/2018 18:35:02] - |D| - [1162] - C:\Users\colis\AppData\Local\A [31/05/2018 22:27:42] - |D| - [1865605] - C:\Users\colis\AppData\Local\Adobe [24/01/2018 22:31:39] - |D| - [1572] - C:\Users\colis\AppData\Local\Allplan [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\AppData\Local\Application Data [10/01/2018 23:18:06] - |D| - [2097208] - C:\Users\colis\AppData\Local\CEF [10/01/2018 22:35:52] - |D| - [28537371] - C:\Users\colis\AppData\Local\Comms [10/01/2018 22:33:52] - |D| - [1588563] - C:\Users\colis\AppData\Local\ConnectedDevicesPlatform [15/01/2018 21:59:47] - |D| - [6568122] - C:\Users\colis\AppData\Local\CrashDumps [03/08/2018 17:16:57] - |D| - [0] - C:\Users\colis\AppData\Local\CrashRpt [23/05/2018 21:35:43] - |D| - [137032] - C:\Users\colis\AppData\Local\D3DSCache [15/01/2018 21:59:27] - |D| - [0] - C:\Users\colis\AppData\Local\DBG [11/01/2018 22:33:12] - |D| - [2506] - C:\Users\colis\AppData\Local\Disc_Soft_Ltd [15/05/2018 21:30:45] - |D| - [20397568] - C:\Users\colis\AppData\Local\Downloaded Installations [26/08/2018 21:58:29] - |D| - [50698934] - C:\Users\colis\AppData\Local\electron [26/08/2018 21:58:52] - |D| - [32433237] - C:\Users\colis\AppData\Local\electron-builder [13/04/2018 18:22:32] - |D| - [0] - C:\Users\colis\AppData\Local\ElevatedDiagnostics [21/01/2018 21:05:36] - |D| - [17491737] - C:\Users\colis\AppData\Local\EpicGamesLauncher [15/01/2018 21:32:55] - |D| - [189970] - C:\Users\colis\AppData\Local\Forager [31/01/2018 20:49:03] - |D| - [613329] - C:\Users\colis\AppData\Local\FortniteGame [08/03/2018 23:28:46] - |A| - [92008] - C:\Users\colis\AppData\Local\GDIPFONTCACHEV1.DAT [20/05/2018 15:56:45] - |D| - [2311] - C:\Users\colis\AppData\Local\GOG.com [10/01/2018 22:41:07] - |D| - [1679127084] - C:\Users\colis\AppData\Local\Google [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\AppData\Local\Historique [17/05/2018 22:01:48] - |AH| - [191425] - C:\Users\colis\AppData\Local\IconCache.db [02/06/2018 15:40:45] - |D| - [20654277] - C:\Users\colis\AppData\Local\influence [27/08/2018 21:11:46] - |D| - [0] - C:\Users\colis\AppData\Local\mbam [16/05/2018 10:06:11] - |D| - [463009961] - C:\Users\colis\AppData\Local\Microsoft [27/02/2018 22:02:33] - |D| - [0] - C:\Users\colis\AppData\Local\Microsoft Help [10/01/2018 22:35:54] - |D| - [75524] - C:\Users\colis\AppData\Local\MicrosoftEdge [04/08/2018 17:53:24] - |D| - [9628] - C:\Users\colis\AppData\Local\Microsoft_Corporation [04/04/2018 16:57:09] - |D| - [304076] - C:\Users\colis\AppData\Local\minit [24/01/2018 22:31:39] - |D| - [1020583] - C:\Users\colis\AppData\Local\Nemetschek [14/01/2018 13:43:06] - |D| - [33343] - C:\Users\colis\AppData\Local\nuclearthrone [18/03/2018 18:42:55] - |D| - [170518273] - C:\Users\colis\AppData\Local\NVIDIA [10/01/2018 22:35:53] - |D| - [30890015] - C:\Users\colis\AppData\Local\NVIDIA Corporation [04/08/2018 17:54:09] - |D| - [174256] - C:\Users\colis\AppData\Local\PackageManagement [14/02/2018 01:23:41] - |D| - [2960580198] - C:\Users\colis\AppData\Local\Packages [19/01/2018 11:04:45] - |D| - [145471] - C:\Users\colis\AppData\Local\PAYDAY 2 [04/03/2018 17:51:21] - |D| - [3152] - C:\Users\colis\AppData\Local\PDFCreator [11/03/2018 21:06:15] - |D| - [0] - C:\Users\colis\AppData\Local\PlaceholderTileLogoFolder [11/01/2018 22:36:23] - |D| - [0] - C:\Users\colis\AppData\Local\Programs [10/01/2018 22:33:56] - |D| - [679199] - C:\Users\colis\AppData\Local\Publishers [13/04/2018 15:05:04] - |D| - [2299] - C:\Users\colis\AppData\Local\SMLoader [10/02/2018 10:48:35] - |D| - [11275] - C:\Users\colis\AppData\Local\SnakeSimulator [16/04/2018 12:07:40] - |D| - [1880] - C:\Users\colis\AppData\Local\speech [03/08/2018 17:17:09] - |D| - [1532893] - C:\Users\colis\AppData\Local\StarTradersFrontiers [10/01/2018 23:18:06] - |D| - [319077720] - C:\Users\colis\AppData\Local\Steam [16/05/2018 10:06:11] - |D| - [93187218] - C:\Users\colis\AppData\Local\Temp [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\AppData\Local\Temporary Internet Files [10/01/2018 22:33:52] - |D| - [12058339] - C:\Users\colis\AppData\Local\TileDataLayer [12/02/2018 14:27:47] - |D| - [491022] - C:\Users\colis\AppData\Local\TurmoilSteam [21/01/2018 21:05:36] - |D| - [81] - C:\Users\colis\AppData\Local\UnrealEngine [21/01/2018 21:05:38] - |D| - [0] - C:\Users\colis\AppData\Local\UnrealEngineLauncher [10/01/2018 22:33:53] - |D| - [0] - C:\Users\colis\AppData\Local\VirtualStore [09/06/2018 12:39:23] - |D| - [1498] - C:\Users\colis\AppData\LocalLow\8floor [31/05/2018 22:31:40] - |D| - [514333] - C:\Users\colis\AppData\LocalLow\Adobe [08/05/2018 12:50:46] - |D| - [0] - C:\Users\colis\AppData\LocalLow\AMPLITUDE Studios [20/05/2018 15:57:16] - |D| - [976308] - C:\Users\colis\AppData\LocalLow\Appnormals [16/06/2018 13:10:25] - |D| - [2583036] - C:\Users\colis\AppData\LocalLow\Clarus Victoria [31/01/2018 21:24:54] - |D| - [189104] - C:\Users\colis\AppData\LocalLow\Clever Endeavour Games [20/05/2018 22:58:27] - |D| - [28563] - C:\Users\colis\AppData\LocalLow\Contingent99 [15/02/2018 13:57:00] - |D| - [32187] - C:\Users\colis\AppData\LocalLow\GUTS Department [28/05/2018 15:14:41] - |D| - [24764610] - C:\Users\colis\AppData\LocalLow\Lazy Bear Games [06/02/2018 22:33:32] - |D| - [66727671] - C:\Users\colis\AppData\LocalLow\Ludeon Studios [15/02/2018 13:13:32] - |D| - [268213] - C:\Users\colis\AppData\LocalLow\Meta Interaction [10/01/2018 22:33:55] - |SD| - [498183] - C:\Users\colis\AppData\LocalLow\Microsoft [07/07/2018 16:11:27] - |D| - [1453435] - C:\Users\colis\AppData\LocalLow\Monomi Park [11/01/2018 22:57:44] - |D| - [246444] - C:\Users\colis\AppData\LocalLow\Sun [18/07/2018 20:48:10] - |D| - [183544] - C:\Users\colis\AppData\LocalLow\Toge Productions [03/06/2018 20:28:50] - |D| - [1948559] - C:\Users\colis\AppData\LocalLow\Weather Factory [18/05/2018 17:57:47] - |D| - [13496] - C:\Users\colis\AppData\LocalLow\Wild Factor [08/06/2018 13:25:15] - |D| - [80] - C:\Users\colis\AppData\Roaming\.hO8SJqaX [11/01/2018 22:50:50] - |D| - [3734207005] - C:\Users\colis\AppData\Roaming\.minecraft [28/05/2018 15:14:43] - |D| - [0] - C:\Users\colis\AppData\Roaming\.mono [08/06/2018 13:24:41] - |D| - [0] - C:\Users\colis\AppData\Roaming\.zwebernative [29/04/2018 19:20:12] - |D| - [338] - C:\Users\colis\AppData\Roaming\11bitstudios [10/01/2018 22:33:53] - |D| - [15654] - C:\Users\colis\AppData\Roaming\Adobe [05/07/2018 16:57:38] - |D| - [15084] - C:\Users\colis\AppData\Roaming\Arrowhead [02/06/2018 15:40:46] - |D| - [3139] - C:\Users\colis\AppData\Roaming\asylamba [25/07/2018 13:46:17] - |D| - [5754] - C:\Users\colis\AppData\Roaming\Canon [12/04/2018 21:14:54] - |D| - [74] - C:\Users\colis\AppData\Roaming\com.retrogamecrunch.Launcher [12/04/2018 21:15:28] - |D| - [4405] - C:\Users\colis\AppData\Roaming\com.retrogamecrunch.SuperClewLand [19/07/2018 16:09:25] - |D| - [1694] - C:\Users\colis\AppData\Roaming\com.togeproductions.survivors [10/01/2018 23:12:42] - |D| - [4371] - C:\Users\colis\AppData\Roaming\DAEMON Tools Lite [08/07/2018 11:32:49] - |D| - [4194620] - C:\Users\colis\AppData\Roaming\DeathSkidMarks [04/08/2018 18:52:13] - |D| - [1006] - C:\Users\colis\AppData\Roaming\DeezerDownloader [14/02/2018 16:36:36] - |D| - [88332023] - C:\Users\colis\AppData\Roaming\Deezloader [04/08/2018 18:27:55] - |D| - [94022530] - C:\Users\colis\AppData\Roaming\DeezLoader Remaster [04/08/2018 18:44:20] - |D| - [44159744] - C:\Users\colis\AppData\Roaming\Deezloader Remix [14/02/2018 16:26:27] - |D| - [14824840] - C:\Users\colis\AppData\Roaming\Digiarty [26/08/2018 22:01:49] - |D| - [0] - C:\Users\colis\AppData\Roaming\Electron [04/03/2018 17:43:53] - |D| - [0] - C:\Users\colis\AppData\Roaming\Expert PDF 9 [16/04/2018 18:35:08] - |D| - [5482] - C:\Users\colis\AppData\Roaming\Free Audio Converter 4dots [10/07/2018 15:28:25] - |D| - [266987] - C:\Users\colis\AppData\Roaming\Game [10/01/2018 22:46:12] - |D| - [0] - C:\Users\colis\AppData\Roaming\Google [11/01/2018 00:02:38] - |D| - [118785] - C:\Users\colis\AppData\Roaming\GT200Driver [10/01/2018 22:33:52] - |D| - [1164] - C:\Users\colis\AppData\Roaming\Intel [11/01/2018 23:00:14] - |D| - [0] - C:\Users\colis\AppData\Roaming\java [17/04/2018 00:01:33] - |D| - [485132] - C:\Users\colis\AppData\Roaming\KastorFreeAudioConverter [15/01/2018 21:56:51] - |D| - [69321] - C:\Users\colis\AppData\Roaming\LOVE [10/01/2018 22:35:49] - |D| - [717] - C:\Users\colis\AppData\Roaming\Macromedia [16/05/2018 10:06:11] - |SD| - [36460170] - C:\Users\colis\AppData\Roaming\Microsoft [22/01/2018 00:09:30] - |D| - [187] - C:\Users\colis\AppData\Roaming\Nemetschek [26/08/2018 21:54:36] - |D| - [0] - C:\Users\colis\AppData\Roaming\npm [26/08/2018 21:56:13] - |D| - [43959820] - C:\Users\colis\AppData\Roaming\npm-cache [04/08/2018 17:54:45] - |D| - [97] - C:\Users\colis\AppData\Roaming\NuGet [15/01/2018 23:01:34] - |D| - [0] - C:\Users\colis\AppData\Roaming\NVIDIA [04/03/2018 17:48:36] - |D| - [2383] - C:\Users\colis\AppData\Roaming\PDF Pro 10 9 [10/02/2018 09:46:39] - |D| - [699] - C:\Users\colis\AppData\Roaming\Rogue Legacy [23/05/2018 22:05:02] - |D| - [77] - C:\Users\colis\AppData\Roaming\Skype [03/08/2018 17:17:07] - |D| - [38] - C:\Users\colis\AppData\Roaming\SmartSteamEmu [10/01/2018 22:34:53] - |A| - [219] - C:\Users\colis\AppData\Roaming\sp_data.sys [11/01/2018 22:57:40] - |D| - [0] - C:\Users\colis\AppData\Roaming\Sun [27/03/2018 13:33:37] - |D| - [496705118] - C:\Users\colis\AppData\Roaming\Surviving Mars [14/01/2018 23:37:13] - |D| - [802257] - C:\Users\colis\AppData\Roaming\The Witness [21/01/2018 01:49:05] - |D| - [54300] - C:\Users\colis\AppData\Roaming\ToothAndTail [18/03/2018 13:04:22] - |D| - [11145865] - C:\Users\colis\AppData\Roaming\uTorrent [10/01/2018 23:15:50] - |D| - [388] - C:\Users\colis\AppData\Roaming\WinRAR [10/01/2018 22:33:54] - |SH| - [174] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [10/01/2018 22:31:01] - |RD| - [31613] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [18/03/2018 13:04:22] - |A| - [878] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk [16/05/2018 10:06:11] - |RD| - [3888] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [16/05/2018 10:06:11] - |RD| - [2927] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [10/01/2018 22:33:54] - |RD| - [174] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [04/08/2018 18:37:17] - |D| - [2853] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome [04/08/2018 18:44:21] - |A| - [981] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Deezloader Remix.lnk [16/05/2018 10:06:11] - |SH| - [264] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [11/01/2018 00:17:47] - |A| - [1049] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fonctionnalités optionnelles.lnk [16/05/2018 10:06:11] - |D| - [170] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [16/05/2018 10:06:11] - |A| - [2409] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [05/02/2018 22:18:14] - |A| - [969] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SlayTheSpire.lnk [10/01/2018 22:33:54] - |RD| - [174] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [16/05/2018 10:06:11] - |RD| - [3496] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [16/05/2018 10:06:11] - |RD| - [7754] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [10/01/2018 23:09:42] - |D| - [4505] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [10/01/2018 22:33:54] - |SH| - [174] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] [17/10/2017 07:48:59] - |RHD| - [196] - C:\Users\Public\AccountPictures [31/01/2018 20:52:40] - |AHD| - [0] - C:\Users\Public\AppData [18/03/2017 23:03:29] - |RHD| - [22096] - C:\Users\Public\Desktop [12/04/2018 01:38:24] - |ASH| - [174] - C:\Users\Public\desktop.ini [18/03/2017 23:03:29] - |RD| - [119080548] - C:\Users\Public\Documents [18/03/2017 23:03:29] - |RD| - [174] - C:\Users\Public\Downloads [12/04/2018 01:38:20] - |RHD| - [1135] - C:\Users\Public\Libraries [31/01/2018 20:52:39] - |A| - [235] - C:\Users\Public\Libraries.ini [18/03/2017 23:03:29] - |RD| - [380] - C:\Users\Public\Music [18/03/2017 23:03:29] - |RD| - [1263209] - C:\Users\Public\Pictures [17/10/2017 08:06:19] - |D| - [0] - C:\Users\Public\Roaming [08/06/2018 13:23:57] - |D| - [49106191] - C:\Users\Public\Solibri [18/03/2017 23:03:29] - |RD| - [380] - C:\Users\Public\Videos ---------- | C:\ProgramData [31/05/2018 22:28:33] - |D| - [285858340] - C:\ProgramData\Adobe [16/05/2018 10:09:54] - |SHD| - [0] - C:\ProgramData\Application Data [17/10/2017 08:22:20] - |D| - [782093] - C:\ProgramData\ASUS [04/03/2018 17:43:52] - |D| - [2405] - C:\ProgramData\Avanquest [14/02/2018 01:27:57] - |SHD| - [0] - C:\ProgramData\Bureau [20/01/2018 18:18:33] - |HD| - [22157668] - C:\ProgramData\CanonBJ [25/07/2018 13:39:17] - |D| - [83731] - C:\ProgramData\CanonIJWSpt [24/08/2018 20:11:54] - |AH| - [4] - C:\ProgramData\cm-lock [17/01/2018 22:16:59] - |D| - [4096] - C:\ProgramData\Codemasters [22/01/2018 00:02:43] - |D| - [9549781] - C:\ProgramData\CodeMeter [10/01/2018 23:10:17] - |D| - [3494] - C:\ProgramData\DAEMON Tools Lite [16/05/2018 10:09:54] - |SHD| - [0] - C:\ProgramData\Documents [17/10/2017 08:01:14] - |A| - [0] - C:\ProgramData\DP45977C.lfl [21/01/2018 21:05:27] - |D| - [53243300] - C:\ProgramData\Epic [04/03/2018 17:43:52] - |D| - [0] - C:\ProgramData\Expert PDF 9 [04/03/2018 17:43:52] - |D| - [0] - C:\ProgramData\Expert PDF Jobs [26/08/2018 21:42:59] - |D| - [178] - C:\ProgramData\Git [21/01/2018 01:38:59] - |D| - [305776835] - C:\ProgramData\GOG.com [17/10/2017 07:58:08] - |D| - [78321248] - C:\ProgramData\Intel [27/08/2018 21:11:15] - |D| - [107134582] - C:\ProgramData\Malwarebytes [17/10/2017 08:13:31] - |D| - [2824] - C:\ProgramData\McAfee [14/02/2018 01:27:57] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [12/04/2018 01:38:20] - |SD| - [3059034635] - C:\ProgramData\Microsoft [27/02/2018 22:02:32] - |D| - [65254] - C:\ProgramData\Microsoft Help [16/05/2018 10:13:31] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [14/02/2018 01:27:57] - |SHD| - [0] - C:\ProgramData\Modèles [24/01/2018 20:30:48] - |D| - [1087140251] - C:\ProgramData\Nemetschek [17/10/2017 07:56:16] - |D| - [4511866] - C:\ProgramData\NVIDIA [17/10/2017 07:56:06] - |D| - [965137566] - C:\ProgramData\NVIDIA Corporation [11/01/2018 22:57:28] - |D| - [84062991] - C:\ProgramData\Oracle [17/10/2017 07:52:03] - |D| - [178957724] - C:\ProgramData\Package Cache [13/06/2018 20:02:36] - |D| - [378880] - C:\ProgramData\Packages [12/04/2018 01:38:20] - |D| - [4218] - C:\ProgramData\regid.1991-06.com.microsoft [12/01/2018 22:04:05] - |D| - [39] - C:\ProgramData\Riot Games [17/10/2017 08:06:19] - |D| - [0] - C:\ProgramData\Roaming [12/04/2018 01:38:20] - |D| - [0] - C:\ProgramData\SoftwareDistribution [17/10/2017 08:13:20] - |D| - [0] - C:\ProgramData\SplitMediaLabs [17/10/2017 08:33:07] - |D| - [228514] - C:\ProgramData\SS3 [15/02/2018 13:57:03] - |D| - [5116] - C:\ProgramData\Steam [12/04/2018 01:38:20] - |D| - [12556] - C:\ProgramData\USOPrivate [15/05/2018 23:51:02] - |D| - [3067904] - C:\ProgramData\USOShared [12/04/2018 18:23:20] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [12/04/2018 01:38:24] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [14/02/2018 01:27:57] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [12/04/2018 01:38:20] - |RD| - [178930] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [23/05/2018 22:04:38] - |A| - [2474] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk [12/04/2018 01:38:20] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [12/04/2018 01:38:20] - |RD| - [14299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [31/05/2018 22:28:57] - |A| - [2457] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [12/04/2018 01:38:20] - |RD| - [21770] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [24/01/2018 22:32:38] - |D| - [2116] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allplan [17/10/2017 08:10:04] - |D| - [6602] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS [11/01/2018 00:02:32] - |D| - [3650] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asus Espada Gaming Mouse [20/01/2018 18:19:54] - |D| - [2966] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP495 series [25/07/2018 13:39:19] - |D| - [2120] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [15/05/2018 21:31:47] - |D| - [1681] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CASIO [22/01/2018 00:02:43] - |D| - [10497] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter [10/07/2018 15:21:31] - |D| - [1747] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crash Bandicoot N Sane Trilogy [10/01/2018 23:12:42] - |D| - [946] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [12/04/2018 01:38:24] - |ASH| - [530] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [14/02/2018 16:26:30] - |D| - [1452] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty [21/01/2018 21:05:31] - |A| - [789] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk [23/05/2018 22:04:38] - |A| - [2447] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk [29/04/2018 18:56:16] - |D| - [1424] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frostpunk [06/03/2018 22:18:55] - |D| - [1794] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FTL - Advanced Edition [GOG.com] [17/01/2018 19:53:00] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [26/08/2018 21:42:59] - |D| - [5344] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git [20/05/2018 15:56:44] - |D| - [1136] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com [10/01/2018 22:41:41] - |A| - [2301] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [12/04/2018 01:35:21] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [28/02/2018 18:25:58] - |D| - [1553] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Into the Breach [GOG.com] [11/01/2018 22:57:38] - |D| - [6427] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [17/04/2018 00:01:33] - |D| - [2657] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kastor Free Mp3 M4a Wma Converter [12/01/2018 22:03:59] - |D| - [1846] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends [18/05/2018 17:57:42] - |D| - [1552] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MachiaVillain [GOG.com] [12/04/2018 01:38:20] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [27/08/2018 21:11:22] - |D| - [3900] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes [30/01/2018 20:43:21] - |D| - [2116] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nemetschek [26/08/2018 21:54:36] - |D| - [3090] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js [17/10/2017 07:57:07] - |D| - [1501] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [23/05/2018 22:04:38] - |A| - [2447] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk [17/04/2018 20:49:55] - |D| - [5369] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open Video Capture [24/08/2018 11:59:17] - |D| - [5103] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office [23/05/2018 22:04:38] - |A| - [2435] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk [04/03/2018 17:44:29] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Pro 10 [04/03/2018 17:51:18] - |D| - [5672] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator [23/05/2018 22:04:38] - |A| - [2474] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk [23/05/2018 22:04:38] - |A| - [2397] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk [17/10/2017 08:01:18] - |D| - [1959] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek [10/02/2018 09:45:43] - |D| - [2075] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rogue Legacy [GOG.com] [06/07/2018 11:34:17] - |D| - [1763] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Slime Rancher The Little Big Storage [10/02/2018 10:45:04] - |D| - [1414] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snake Pass [08/06/2018 13:24:06] - |D| - [2031] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solibri [17/10/2017 08:26:38] - |A| - [2453] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonic Radar 3.lnk [17/10/2017 08:33:14] - |A| - [2465] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonic Studio 3.lnk [12/04/2018 01:38:20] - |RD| - [2460] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [10/01/2018 23:11:52] - |D| - [1110] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [24/03/2018 14:26:40] - |D| - [1441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Surviving Mars [12/04/2018 01:38:20] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [21/01/2018 01:38:59] - |D| - [1692] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tooth and Tail [GOG.com] [16/05/2018 10:06:51] - |A| - [1576] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [10/01/2018 23:09:42] - |D| - [4433] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [20/05/2018 15:56:41] - |D| - [1732] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wizard of Legend [GOG.com] [23/05/2018 22:04:38] - |A| - [2457] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk [17/10/2017 08:13:20] - |D| - [1197] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [22/01/2018 00:02:45] - |A| - [2286] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [12/04/2018 01:38:24] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [31/05/2018 22:28:48] - |D| - [283906799] - C:\Program Files (x86)\Adobe [19/01/2018 11:04:42] - |D| - [0] - C:\Program Files (x86)\AGEIA Technologies [31/05/2017 03:52:47] - |D| - [51284284] - C:\Program Files (x86)\ASUS [11/01/2018 00:02:30] - |AD| - [23879229] - C:\Program Files (x86)\Asus Espada Gaming Mouse [17/10/2017 08:22:19] - |D| - [37557850] - C:\Program Files (x86)\ASUSTeK COMPUTER INC [25/07/2018 13:39:16] - |D| - [20080606] - C:\Program Files (x86)\Canon [22/01/2018 00:02:43] - |AD| - [41727351] - C:\Program Files (x86)\CodeMeter [12/04/2018 01:38:20] - |D| - [205362467] - C:\Program Files (x86)\Common Files [12/04/2018 01:38:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [20/05/2018 15:55:27] - |D| - [152382622] - C:\Program Files (x86)\GOG Galaxy [10/01/2018 22:41:10] - |D| - [418177277] - C:\Program Files (x86)\Google [17/10/2017 08:00:56] - |HD| - [127778849] - C:\Program Files (x86)\InstallShield Installation Information [17/10/2017 07:53:36] - |D| - [43237102] - C:\Program Files (x86)\Intel [12/04/2018 01:38:20] - |D| - [2007595] - C:\Program Files (x86)\Internet Explorer [17/04/2018 00:01:33] - |D| - [7670189] - C:\Program Files (x86)\Kastor Free Mp3 M4a Wma Converter [22/01/2018 00:08:15] - |D| - [1568369] - C:\Program Files (x86)\Microsoft SDKs [22/01/2018 00:08:15] - |D| - [384000] - C:\Program Files (x86)\Microsoft SQL Server [17/10/2017 08:20:32] - |AD| - [3242367] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [17/10/2017 08:20:33] - |D| - [343335] - C:\Program Files (x86)\Microsoft Synchronization Services [10/02/2018 09:45:45] - |D| - [6076507] - C:\Program Files (x86)\Microsoft XNA [12/04/2018 01:38:20] - |D| - [8175999] - C:\Program Files (x86)\Microsoft.NET [16/05/2018 00:42:46] - |D| - [25757] - C:\Program Files (x86)\MSBuild [11/01/2018 22:36:32] - |AD| - [14544896] - C:\Program Files (x86)\Need for Speed Most Wanted 2012 [17/10/2017 07:56:16] - |D| - [460650225] - C:\Program Files (x86)\NVIDIA Corporation [17/01/2018 22:16:55] - |D| - [782336] - C:\Program Files (x86)\OpenAL [17/04/2018 20:49:55] - |D| - [1416175] - C:\Program Files (x86)\OpenVideoCapture [17/10/2017 08:00:56] - |D| - [24119970] - C:\Program Files (x86)\Realtek [16/05/2018 00:42:46] - |D| - [38454529] - C:\Program Files (x86)\Reference Assemblies [17/10/2017 08:13:20] - |D| - [227064281] - C:\Program Files (x86)\SplitmediaLabs [10/01/2018 23:11:52] - |D| - [778088773] - C:\Program Files (x86)\Steam [17/10/2017 08:00:56] - |HD| - [0] - C:\Program Files (x86)\Temp [14/02/2018 01:22:35] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [27/08/2018 20:47:25] - |D| - [17544869] - C:\Program Files (x86)\UsbFix [17/10/2017 07:53:36] - |D| - [3247500] - C:\Program Files (x86)\VulkanRT [12/04/2018 01:38:20] - |D| - [1780768] - C:\Program Files (x86)\Windows Defender [12/04/2018 01:38:20] - |D| - [625664] - C:\Program Files (x86)\Windows Mail [12/04/2018 18:19:21] - |D| - [3254215] - C:\Program Files (x86)\Windows Media Player [12/04/2018 01:38:20] - |D| - [40328] - C:\Program Files (x86)\Windows Multimedia Platform [12/04/2018 01:38:20] - |D| - [7556440] - C:\Program Files (x86)\windows nt [12/04/2018 01:38:20] - |D| - [5370120] - C:\Program Files (x86)\Windows Photo Viewer [12/04/2018 01:38:20] - |D| - [40328] - C:\Program Files (x86)\Windows Portable Devices [12/04/2018 01:38:20] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [12/04/2018 01:38:20] - |D| - [2251159] - C:\Program Files (x86)\WindowsPowerShell [10/01/2018 23:09:31] - |AD| - [5187948] - C:\Program Files (x86)\WinRAR ---------- | C:\Program Files [24/01/2018 22:31:39] - |D| - [24219] - C:\Program Files\Allplan [17/10/2017 08:21:48] - |D| - [92389] - C:\Program Files\ASUS [17/10/2017 08:25:34] - |D| - [41041291] - C:\Program Files\ASUSTeKcomputer.Inc [25/07/2018 13:37:11] - |HD| - [13417634] - C:\Program Files\CanonBJ [22/01/2018 00:02:43] - |D| - [4259816] - C:\Program Files\CodeMeter [12/04/2018 01:38:20] - |D| - [156184372] - C:\Program Files\Common Files [10/01/2018 23:12:39] - |D| - [52204959] - C:\Program Files\DAEMON Tools Lite [12/04/2018 01:38:23] - |ASH| - [174] - C:\Program Files\desktop.ini [17/10/2017 08:02:35] - |D| - [1049560] - C:\Program Files\DIFX [14/02/2018 01:27:57] - |SHD| - [0] - C:\Program Files\Fichiers communs [26/08/2018 21:42:38] - |D| - [552519643] - C:\Program Files\Git [17/10/2017 07:52:05] - |AD| - [361816600] - C:\Program Files\Intel [12/04/2018 01:38:20] - |D| - [2639926] - C:\Program Files\internet explorer [24/03/2018 13:29:48] - |D| - [198484658] - C:\Program Files\Java [27/08/2018 21:11:15] - |D| - [168941580] - C:\Program Files\Malwarebytes [17/10/2017 08:14:03] - |D| - [2824] - C:\Program Files\mcafee [17/10/2017 08:38:08] - |AD| - [3095261421] - C:\Program Files\Microsoft Office [23/05/2018 21:44:18] - |D| - [8963008] - C:\Program Files\Microsoft Office 15 [22/01/2018 00:08:15] - |AD| - [169056] - C:\Program Files\Microsoft SQL Server [17/10/2017 08:20:41] - |AD| - [4421503] - C:\Program Files\Microsoft SQL Server Compact Edition [17/10/2017 08:20:41] - |D| - [343335] - C:\Program Files\Microsoft Synchronization Services [16/05/2018 00:42:46] - |D| - [25757] - C:\Program Files\MSBuild [30/01/2018 20:42:04] - |D| - [24749] - C:\Program Files\Nemetschek [26/08/2018 21:54:36] - |D| - [44463341] - C:\Program Files\nodejs [17/10/2017 07:54:40] - |D| - [1353929283] - C:\Program Files\NVIDIA Corporation [04/03/2018 17:51:15] - |D| - [45385822] - C:\Program Files\PDFCreator [17/10/2017 08:01:09] - |D| - [55094760] - C:\Program Files\Realtek [16/05/2018 00:42:46] - |D| - [36854953] - C:\Program Files\Reference Assemblies [12/01/2018 21:39:10] - |AD| - [7133818] - C:\Program Files\rempl [31/05/2017 03:44:09] - |HD| - [0] - C:\Program Files\Uninstall Information [22/01/2018 00:02:45] - |D| - [2942209] - C:\Program Files\WIBU-SYSTEMS [12/04/2018 01:38:20] - |RD| - [19336699] - C:\Program Files\Windows Defender [12/04/2018 01:38:20] - |D| - [635392] - C:\Program Files\Windows Mail [12/04/2018 18:19:21] - |D| - [4783083] - C:\Program Files\Windows Media Player [12/04/2018 01:38:20] - |D| - [46576] - C:\Program Files\Windows Multimedia Platform [12/04/2018 01:38:20] - |D| - [7823192] - C:\Program Files\windows nt [12/04/2018 01:38:20] - |D| - [6170376] - C:\Program Files\Windows Photo Viewer [12/04/2018 01:38:20] - |D| - [46576] - C:\Program Files\Windows Portable Devices [12/04/2018 01:38:20] - |D| - [106165] - C:\Program Files\Windows Security [12/04/2018 01:38:20] - |SHD| - [0] - C:\Program Files\Windows Sidebar [12/04/2018 01:38:20] - |HD| - [2983283780] - C:\Program Files\WindowsApps [12/04/2018 01:38:20] - |D| - [2501953] - C:\Program Files\WindowsPowerShell ---------- | C:\Program Files (x86)\Common Files [31/05/2018 22:28:48] - |D| - [9436443] - C:\Program Files (x86)\Common Files\Adobe [31/01/2018 20:48:48] - |D| - [13942800] - C:\Program Files (x86)\Common Files\BattlEye [17/10/2017 07:53:32] - |D| - [117569564] - C:\Program Files (x86)\Common Files\Intel [24/03/2018 13:32:56] - |D| - [1946184] - C:\Program Files (x86)\Common Files\Java [12/04/2018 01:38:20] - |D| - [39767819] - C:\Program Files (x86)\Common Files\microsoft shared [24/01/2018 22:28:57] - |D| - [940228] - C:\Program Files (x86)\Common Files\Nemetschek [17/10/2017 07:59:38] - |D| - [205532] - C:\Program Files (x86)\Common Files\PostureAgent [12/04/2018 01:38:20] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [10/01/2018 23:11:53] - |D| - [5671264] - C:\Program Files (x86)\Common Files\Steam [12/04/2018 01:38:20] - |D| - [15879931] - C:\Program Files (x86)\Common Files\system ---------- | C:\Program Files\Common files [24/08/2018 11:59:36] - |D| - [24216] - C:\Program Files\Common files\DESIGNER [18/03/2018 18:32:45] - |HD| - [992182] - C:\Program Files\Common files\EAInstaller [17/10/2017 08:06:12] - |D| - [2303008] - C:\Program Files\Common files\Intel [12/04/2018 01:38:20] - |D| - [142597293] - C:\Program Files\Common files\microsoft shared [12/04/2018 01:38:20] - |D| - [2702] - C:\Program Files\Common files\Services [12/04/2018 01:38:20] - |D| - [10264971] - C:\Program Files\Common files\system ---------- | Tasks [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [16/05/2018 10:09:52] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.2E7D60730337ED1CBFB7A1AC722B2786] - [31/05/2018 22:29:05] - |A| - [4562] - C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.00000000000000000000000000000000] - [16/05/2018 10:09:52] - |D| - [2472] - C:\WINDOWS\System32\Tasks\ASUS [MD5.BC00670BD77E94CFC4413A5D6DFB381C] - [16/05/2018 10:09:52] - |A| - [3554] - C:\WINDOWS\System32\Tasks\ASUS Live Update1 : "C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe" [MD5.A43E72D30047BA4C1D4CF361E916D154] - [16/05/2018 10:09:52] - |A| - [3544] - C:\WINDOWS\System32\Tasks\ASUS Live Update2 : "C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe" [MD5.9A20A7869600CE9181547D8463C6AF0C] - [16/05/2018 10:09:52] - |A| - [2302] - C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON : C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [MD5.AEDC8E22D7F58845F9132CC2B36C1E1A] - [16/05/2018 10:09:52] - |A| - [2924] - C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3 : "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe" [MD5.A4C90D430197DE626B28A0D0B60C8981] - [16/05/2018 10:09:52] - |A| - [2214] - C:\WINDOWS\System32\Tasks\ATK Package A22126881260 : "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe" [MD5.B1D0D8E08DBEDF357B4142983F1FD85D] - [16/05/2018 10:09:52] - |A| - [2934] - C:\WINDOWS\System32\Tasks\AutoUpdate Allplan 2016 : D:\Allplan\Prg\NemDownloadHandler.exe [MD5.9334F2F7DCDFC25F60A3B626059F7781] - [16/05/2018 10:09:52] - |A| - [2934] - C:\WINDOWS\System32\Tasks\AutoUpdate Allplan 2018 : D:\Allplan\Prg\NemDownloadHandler.exe [MD5.5912F7F5C338E3B022C22F2A320EE371] - [16/05/2018 10:09:52] - |A| - [3464] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.B8E2400432D8407FF916E23908590E7C] - [16/05/2018 10:09:52] - |A| - [3588] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [16/05/2018 10:09:52] - |D| - [0] - C:\WINDOWS\System32\Tasks\Intel [MD5.09650088CE3965E8EB34EB949C199736] - [16/05/2018 10:09:52] - |A| - [3118] - C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification : "C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe" [MD5.00000000000000000000000000000000] - [12/04/2018 01:38:21] - |D| - [564090] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.B8829EC3A8CBF26A2D943B2E73CDB5ED] - [16/05/2018 10:09:52] - |A| - [3398] - C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [MD5.D271B57C704ED9FE8F7BDF6C46E504F6] - [16/05/2018 10:09:52] - |A| - [3176] - C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe" [MD5.B8FC6CCCF9BB0C866D8776CB00C01F1C] - [16/05/2018 10:09:52] - |A| - [2968] - C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [MD5.6A92F775294AA925AE9716569E86EC50] - [16/05/2018 10:09:52] - |A| - [2984] - C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.A416713998B405C15DF29DC980393AF6] - [16/05/2018 10:09:52] - |A| - [2744] - C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.1A919F03C70ACB361EBE07E705BA7845] - [16/05/2018 10:09:52] - |A| - [2838] - C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [MD5.9173F2CE9E5535610FEDA93AA2FBA706] - [16/05/2018 10:09:52] - |A| - [2786] - C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [MD5.EE8DBEA1DB853C947F2E0FAA4155E164] - [16/05/2018 10:09:52] - |A| - [2956] - C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [MD5.205DB51267512C525EFE500A7581C657] - [16/05/2018 10:09:52] - |A| - [2766] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.2D7246852C5055F024D464039278D6D5] - [16/05/2018 10:09:52] - |A| - [3370] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1812020250-49885185-2009104261-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.7CFACCA3D40F1CFA014EC6F3FD638D10] - [16/05/2018 10:09:52] - |A| - [3268] - C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1812020250-49885185-2009104261-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.7C857680AB2806B7D3BBA67F1C97AF29] - [16/05/2018 10:09:52] - |A| - [2552] - C:\WINDOWS\System32\Tasks\ROG Gaming Center : "C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingKey.exe" [MD5.C4DEFE179456697578CC4A86444DE4F5] - [16/05/2018 10:09:52] - |A| - [2346] - C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice : "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" [MD5.4C6CC4303327A6B6000033C426FAA5C8] - [16/05/2018 10:09:52] - |A| - [2282] - C:\WINDOWS\System32\Tasks\RTKCPL : "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" [MD5.BEA7EFA37918AC9407E44CF069C942A6] - [27/08/2018 21:30:53] - |A| - [3590] - C:\WINDOWS\System32\Tasks\Skype : C:\Users\colis\AppData\Local\avertissement_de_bannissement.js [MD5.9DA212F7D7C3042F0A5CB84FD9E047BA] - [16/05/2018 10:09:52] - |A| - [2398] - C:\WINDOWS\System32\Tasks\SS3svc32Run : "C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe" [MD5.AA7FBB93EB228B06AF5147CB3A6A413F] - [16/05/2018 10:09:52] - |A| - [2406] - C:\WINDOWS\System32\Tasks\SS3svc64Run : "C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3svc64.exe" [MD5.7CAA1271FFD5EEE7EF486DFE13C5A125] - [16/05/2018 10:09:52] - |A| - [2972] - C:\WINDOWS\System32\Tasks\Update Checker : "C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe" [MD5.374EAB7E64680DFA205DBA010020DBB4] - [16/05/2018 10:09:52] - |A| - [4170] - C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B9D83AF0-CEDC-427C-A03A-4B0134D827F4} : C:\Windows\system32\msfeedssync.exe [MD5.00000000000000000000000000000000] - [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "WiFiDirect-KM-Driver-In-TCP"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-TCP"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-UDP"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-UDP"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "DeliveryOptimization-TCP-In"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "Netlogon-NamedPipe-In"=v2.28|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.28|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Infra-In-TCP"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "{68636300-E84B-4E96-875E-2881F14E61FE}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Autodesk SketchBook|Desc=Autodesk SketchBook|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1047515161-358678321-1182485124-675918906-21415711-1529155774-789380781|EmbedCtxt=Autodesk SketchBook|Platform=2:6:2|Platform2=GTEQ| "{4886034A-F43E-481E-9CB1-1DC21589A480}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Autodesk SketchBook|Desc=Autodesk SketchBook|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1047515161-358678321-1182485124-675918906-21415711-1529155774-789380781|EmbedCtxt=Autodesk SketchBook|Platform=2:6:2|Platform2=GTEQ| "UDP Query User{6520CBDB-5D28-456D-A3D6-03B802ED1E98}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe|Name=League of Legends|Desc=League of Legends|Defer=User| "TCP Query User{9C88E2A7-C102-4C86-B269-EF2A789A910A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe|Name=League of Legends|Desc=League of Legends|Defer=User| "{C7F6E2D4-32BD-415B-8A85-C1D31B1052CD}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=3D Builder|Desc=3D Builder|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3995430443-3719053022-3339397951-2895237338-2437516106-1575886070-2755610054|EmbedCtxt=3D Builder|Platform=2:6:2|Platform2=GTEQ| "{4AF30BF9-0F93-430D-B437-E528B8160EEA}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{94A84538-5FC8-4AA6-A96C-7A30DF490714}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{4263F197-B5F0-4E5C-9615-D8973B25336F}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Users\colis\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (UDP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| "{FB9D9381-822D-4994-B03D-A8F876B99DDA}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Users\colis\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (TCP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| "{B5D6EDCD-5652-4036-BECE-9CBD9CED5A72}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{26720RandomSaladGamesLLC.CheckersDeluxe_3.1.10.0_x64__kx24dqmazqk8j?ms-resource://26720RandomSaladGamesLLC.CheckersDeluxe/Resources/ApplicationTitle}|Desc=@{26720RandomSaladGamesLLC.CheckersDeluxe_3.1.10.0_x64__kx24dqmazqk8j?ms-resource://26720RandomSaladGamesLLC.CheckersDeluxe/Resources/ApplicationTitle}|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3683675459-3773291521-1484585779-411256776-3272641875-4180025570-632422423|EmbedCtxt=@{26720RandomSaladGamesLLC.CheckersDeluxe_3.1.10.0_x64__kx24dqmazqk8j?ms-resource://26720RandomSaladGamesLLC.CheckersDeluxe/Resources/ApplicationTitle}|Platform=2:6:2|Platform2=GTEQ| "{E96BBE56-92DA-4B49-B7DB-C6871AC08C97}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=@{26720RandomSaladGamesLLC.CheckersDeluxe_3.1.10.0_x64__kx24dqmazqk8j?ms-resource://26720RandomSaladGamesLLC.CheckersDeluxe/Resources/ApplicationTitle}|Desc=@{26720RandomSaladGamesLLC.CheckersDeluxe_3.1.10.0_x64__kx24dqmazqk8j?ms-resource://26720RandomSaladGamesLLC.CheckersDeluxe/Resources/ApplicationTitle}|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3683675459-3773291521-1484585779-411256776-3272641875-4180025570-632422423|EmbedCtxt=@{26720RandomSaladGamesLLC.CheckersDeluxe_3.1.10.0_x64__kx24dqmazqk8j?ms-resource://26720RandomSaladGamesLLC.CheckersDeluxe/Resources/ApplicationTitle}|Platform=2:6:2|Platform2=GTEQ| "{412A0A3F-68C0-46D6-94B1-97A7B1F2A944}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Démineur|Desc=Démineur|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-4069314316-2345327562-3386779030-140461310-710259185-931951545-1379755714|EmbedCtxt=Démineur|Platform=2:6:2|Platform2=GTEQ| "{900DA586-A009-4FDC-A24C-9A68C1B3DC6E}"=v2.27|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\prog\deezloader x64\deezloader.exe|Name=DeezLoader|Desc=DeezLoader| "{B58EEF18-816C-406D-8072-DD6C253128A3}"=v2.27|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\prog\deezloader x64\deezloader.exe|Name=DeezLoader|Desc=DeezLoader| "UDP Query User{3576479C-42E5-4FF4-8197-216D24C3850E}D:\prog\deezloader x64\deezloader.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\prog\deezloader x64\deezloader.exe|Name=DeezLoader|Desc=DeezLoader|Defer=User| "TCP Query User{BEA58634-5D59-4E33-80E8-718972551225}D:\prog\deezloader x64\deezloader.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\prog\deezloader x64\deezloader.exe|Name=DeezLoader|Desc=DeezLoader|Defer=User| "UDP Query User{43DFBD79-8849-4445-8739-24101C7D2593}D:\jeu\into the breach\breach.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeu\into the breach\breach.exe|Name=breach|Desc=breach| "TCP Query User{3AE06EE3-C0B6-41E7-9D90-2ADF0FC46372}D:\jeu\into the breach\breach.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeu\into the breach\breach.exe|Name=breach|Desc=breach| "UDP Query User{B2F2D89B-EB00-416C-A3E3-1AAF1D423E91}D:\deezloader-win32-x64\deezloader.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=D:\deezloader-win32-x64\deezloader.exe|Name=Electron|Desc=Electron|Defer=User| "TCP Query User{070DF23B-BBDC-42C9-AA57-492AA81B629C}D:\deezloader-win32-x64\deezloader.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=D:\deezloader-win32-x64\deezloader.exe|Name=Electron|Desc=Electron|Defer=User| "{7B15BB70-6838-41CE-AE52-806D037735BE}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-1812020250-49885185-2009104261-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{E0809A8D-152D-446D-9544-8F3C123FF905}"=v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe|Name=Wireless PAN DHCP Server|EmbedCtxt=MyWiFiDHCPDNS| "{7F06F2C9-E66C-4906-9658-CC8BB933DEE8}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe|Name=XSplit Gamecaster| "{4DAE71CA-FB4F-47B0-901A-5424149F80CA}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe|Name=XSplit Gamecaster| "{71A865DE-C0C2-4BE0-9B3C-E7A0005F848D}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe|Name=XSplit Helper Process| "{7DAC8318-D578-4095-8498-FC1248184093}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe|Name=XSplit Helper Process| "{3C1D665B-EB0C-4BDE-BFA7-234C0B4F74BC}"=v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGCAndroidService.exe|Name=ROG Gaming Center|Desc=ROG Gaming Center| "{5CDB7114-09D5-4219-A95C-825137795926}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Plex|Desc=Plex|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-663319984-3691977918-1341348298-2599563705-1202581887-3444832810-199907587|EmbedCtxt=Plex|Platform=2:6:2|Platform2=GTEQ| "{E2987319-6DC8-465D-92C3-DB798F0E674C}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Name=Plex|Desc=Plex|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-663319984-3691977918-1341348298-2599563705-1202581887-3444832810-199907587|EmbedCtxt=Plex|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{28FD410C-589E-45C0-BAA7-B8A03E3A84A9}"=v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe|Name=DAEMON Tools Lite Service|Desc=The DAEMON Tools Lite mandatory service is responsible for remote devices.| "TCP Query User{61040785-A896-49EA-BFF7-26F09216A2CD}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "UDP Query User{B65F812B-8BE5-4434-B604-21EFDC4E379C}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "TCP Query User{FBB6749A-8BFA-4790-8D08-883823B3C22F}D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "UDP Query User{C35F683E-9F07-49D8-8327-CC2BFCE56536}D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "TCP Query User{8E3CE4E8-781F-4BCC-8B64-E00593BFD10C}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "UDP Query User{0932908F-8D6F-4DAE-B7A0-F1EFF208B451}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "{E46279FF-9C1E-4D07-B331-F585BD241F81}"=v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe|Name=CodeMeterFWEx1|Edge=TRUE| "{2B1ADD13-317E-4507-85BE-0E0D0ADE0C61}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe|Name=CodeMeter Runtime Server| "{8A01F12A-1FD0-4A6B-882E-E423D87D0600}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe|Name=CodeMeter Runtime Server| "TCP Query User{D2B46B21-551D-4735-8370-46A03AA154AF}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe|Name=Fortnite|Desc=Fortnite|Defer=User| "UDP Query User{DA2E058E-7CD9-4F7F-8D76-7D631C97FBC0}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe|Name=Fortnite|Desc=Fortnite|Defer=User| "{A3D95388-5D70-479C-AB4D-EC91F8322213}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{CC799755-18CB-4978-8965-37E29280ED0D}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Pay|Desc=Microsoft Pay|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Microsoft Pay|Platform=2:6:2|Platform2=GTEQ| "{5AAABC09-E16A-4C67-AA06-86E240F90E74}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Win32WebViewHost|Desc=Win32WebViewHost|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1310292540-1029022339-4008023048-2190398717-53961996-4257829345-603366646|EmbedCtxt=Win32WebViewHost|Platform=2:6:2|Platform2=GTEQ| "{6A091DD4-A342-457D-B3E6-4C15244BCA3E}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Win32WebViewHost|Desc=Win32WebViewHost|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1310292540-1029022339-4008023048-2190398717-53961996-4257829345-603366646|EmbedCtxt=Win32WebViewHost|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{1789EC34-352D-4F8B-A6B6-92B2F951073E}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Shell Input Application|Desc=Shell Input Application|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3945102849-3632965805-3846928828-240845225-3300287824-62672950-817265009|EmbedCtxt=Shell Input Application|Platform=2:6:2|Platform2=GTEQ| "{CA38AC2A-76FC-4876-854D-A52D3E69E82C}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Forza Horizon 3|Desc=Forza Horizon 3|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1493781645-1295257613-1020008276-2987759984-4279079501-2993282854-2167006054|EmbedCtxt=Forza Horizon 3|Platform=2:6:2|Platform2=GTEQ| "{09322C75-EC0F-4979-BD92-A8D87073F10A}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Forza Horizon 3|Desc=Forza Horizon 3|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1493781645-1295257613-1020008276-2987759984-4279079501-2993282854-2167006054|EmbedCtxt=Forza Horizon 3|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{21A624C1-A61C-4043-8BA8-58A95C01FFED}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{18B21336-92EB-4510-8E22-008B01D64A21}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe|Name=crashbandicootnsanetrilogy|Desc=crashbandicootnsanetrilogy| "UDP Query User{BB7E1B08-723B-4250-91B7-7C4D14A7E5C1}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe|Name=crashbandicootnsanetrilogy|Desc=crashbandicootnsanetrilogy| "{5170C638-862F-4533-9EBA-F80157C29F70}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4371-4379|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{7AE91DEA-6E4D-4BEA-8509-FE94056C1E8A}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4381-4389|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{DC659083-80F4-4F04-89F1-304856674916}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{2D295717-9335-4FC5-8641-43211B969F71}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{0E0D2E18-2391-4A2A-BACC-350E09067B60}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=57621|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{BA4EC6A3-20F5-45B6-A3BC-A6B4A371EA3B}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=57621-57631|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{CA14C6B8-197F-4F01-803F-FA06870F61F5}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{F9EF3BC2-7A7E-4AED-886C-04FDB2936A2F}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{C28D1ADA-DA18-4FE6-9CDF-337CB7124F13}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=4370|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{ABFF0A04-43C6-4123-8030-45614CB37EA4}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=4380|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{D7C482EC-8333-491E-826A-1A04A7E309DD}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4371-4379|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{12C25D28-860B-4226-8A6F-30A18751A521}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4381-4389|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{EF756E4A-9DD1-4844-B02B-81EBBB5694CD}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{23B333E8-CF34-4E26-8BAB-79BB6C759BFC}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{D2917D37-DAE0-4BE3-8755-FC078BF45CD6}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=57621|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{D9952207-D912-4EA1-BB83-8B772C7C6A53}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=57621-57631|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{49532257-B7BA-456A-BC9F-4A776EFF9891}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{5D360568-CAF1-4ED0-AC0E-9DD04AA6BE57}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{40489335-1846-4391-9F6B-89DC04F3B279}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=4370|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{7C638194-8501-4A9C-8B0E-1D1353F2CADE}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=4380|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{B9B4DB66-FBDA-467A-9DA3-A04D75DEE51B}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4371-4379|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{9446202F-6EC8-4F96-BEE0-6E773B8C7C90}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4381-4389|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{BAF16D55-BDB2-46E7-964C-5AE0BA629E58}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{12806CC3-61D8-4CBF-89F1-F9E8D4128717}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{B6B309F3-30BD-47DA-98C1-A9AE5BFD543A}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=57621|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{3AA8BEE1-61C7-4C68-A657-BAFCE50A4AD1}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=57621-57631|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{818A99D1-2178-4924-95B3-4A1E0464218B}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{0A1F0067-6D68-453B-9D1A-372CCCAD1292}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{3CB1E63C-AF0C-4C8F-8BA5-257AA6712AC2}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=4370|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{C995E955-1AB3-4D9A-B4F8-04953297C8BC}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=4380|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{13C0E017-B92E-437B-81E2-21A90403E58E}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{A278AB0D.MarchofEmpires_3.4.0.7_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|Desc=@{A278AB0D.MarchofEmpires_3.4.0.7_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-792116756-2163651165-1029707900-2144380252-3717869303-3061844081-355238664|EmbedCtxt=@{A278AB0D.MarchofEmpires_3.4.0.7_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|Platform=2:6:2|Platform2=GTEQ| "{A17E570E-402D-4543-A489-A0C12DA56F9F}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{A278AB0D.MarchofEmpires_3.4.0.7_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|Desc=@{A278AB0D.MarchofEmpires_3.4.0.7_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-792116756-2163651165-1029707900-2144380252-3717869303-3061844081-355238664|EmbedCtxt=@{A278AB0D.MarchofEmpires_3.4.0.7_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{DFC3E5C6-40BE-4079-9507-9E01BE7836E0}D:\jeu\star traders frontiers\startradersfrontiers.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\jeu\star traders frontiers\startradersfrontiers.exe|Name=startradersfrontiers|Desc=startradersfrontiers|Defer=User| "UDP Query User{D3155A38-DEB1-4AE0-B735-EC37889096E9}D:\jeu\star traders frontiers\startradersfrontiers.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\jeu\star traders frontiers\startradersfrontiers.exe|Name=startradersfrontiers|Desc=startradersfrontiers|Defer=User| "{952C963A-4168-4909-8FF6-025B6F551D62}"=v2.28|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeu\star traders frontiers\startradersfrontiers.exe|Name=startradersfrontiers|Desc=startradersfrontiers| "{2C4886D6-B2EE-404C-8575-ED02BD998ED5}"=v2.28|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeu\star traders frontiers\startradersfrontiers.exe|Name=startradersfrontiers|Desc=startradersfrontiers| "TCP Query User{E9A96DF8-98C9-4C06-AACF-4CD66F5CDAC9}C:\users\colis\appdata\local\programs\deezloader\deezloader.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\colis\appdata\local\programs\deezloader\deezloader.exe|Name=deezloader.exe|Desc=deezloader.exe|Defer=User| "UDP Query User{4D79E8B3-00C5-40BC-B2D2-DCDEDE171C66}C:\users\colis\appdata\local\programs\deezloader\deezloader.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\colis\appdata\local\programs\deezloader\deezloader.exe|Name=deezloader.exe|Desc=deezloader.exe|Defer=User| "TCP Query User{D86E7C9B-846D-4B2F-91B8-09F037357E18}C:\users\colis\appdata\local\programs\deezloader remix\deezloader remix.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\colis\appdata\local\programs\deezloader remix\deezloader remix.exe|Name=deezloader remix.exe|Desc=deezloader remix.exe|Defer=User| "UDP Query User{86813A21-4EE6-4ACE-879F-648B109BAC11}C:\users\colis\appdata\local\programs\deezloader remix\deezloader remix.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\colis\appdata\local\programs\deezloader remix\deezloader remix.exe|Name=deezloader remix.exe|Desc=deezloader remix.exe|Defer=User| "{8E6E59CA-37E6-4594-8B3A-48E46920BA6D}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "{2D407C5A-82DF-4A03-83B8-0541E0090484}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{5BB8E3EE-E291-41D2-85C1-A443A558E687}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{50284AA3-9639-4B28-97AD-0F0B8FA362ED}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4371-4379|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{CCAFD30A-96A0-4807-90FD-0E188D35B003}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4381-4389|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{C8A430B5-8BA7-4733-82AD-1FF87CFE4634}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{A0F2221D-B27D-4544-8D45-CF40182D60B3}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{245B3085-614E-4C46-9357-F1EDB40B80BB}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=57621|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{46C087D0-F6C7-48BD-BFE4-4FE00463E2C7}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=57621-57631|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{393941AC-71DB-49F0-9E11-E00F7BEB61C9}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{399CA386-D0D0-40D8-9491-98DC4F01B3D0}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{C45D738A-9DA9-4829-A506-43433CB8FD31}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Spotify Music|Desc=Spotify Music|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-557819504-3144503769-3460048582-2468406004-2969798954-3397036932-4166026031|EmbedCtxt=Spotify Music|Platform=2:6:2|Platform2=GTEQ| "{A70F78C4-B4AB-429B-85C3-287A84791117}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{101FAF8F-0655-4E54-86B6-70E5E806DE26}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{8470F6C5-0109-4959-B190-F38FC7041F4F}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{0F812918-7A3F-4357-9437-A2A4652F39A0}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{6750B161-60D6-4B35-9D40-10BC32A05071}C:\program files\java\jre1.8.0_161\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\java\jre1.8.0_161\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "UDP Query User{FF3605C3-382C-42FD-B4B8-5A51530C5E9E}C:\program files\java\jre1.8.0_161\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\java\jre1.8.0_161\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "TCP Query User{DB919BB6-EA3C-414D-BA74-EE5BB121CDF0}D:\prog\deezloader remix\deezloader remix.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=D:\prog\deezloader remix\deezloader remix.exe|Name=Deezloader Remix|Desc=Deezloader Remix|Defer=User| "UDP Query User{E247D99A-88EC-4E53-82A9-DE72ADF7AA32}D:\prog\deezloader remix\deezloader remix.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=D:\prog\deezloader remix\deezloader remix.exe|Name=Deezloader Remix|Desc=Deezloader Remix|Defer=User| "TCP Query User{3ACC1CC6-F073-4F53-A7CA-74FADAE9042C}C:\users\colis\desktop\deezloaderremix\node_modules\electron\dist\electron.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\colis\desktop\deezloaderremix\node_modules\electron\dist\electron.exe|Name=electron.exe|Desc=electron.exe|Defer=User| "UDP Query User{D296FF68-D40D-4857-88F7-DE685D552200}C:\users\colis\desktop\deezloaderremix\node_modules\electron\dist\electron.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\colis\desktop\deezloaderremix\node_modules\electron\dist\electron.exe|Name=electron.exe|Desc=electron.exe|Defer=User| "{9F4BA847-8C11-4F89-B53C-6FC2161418AC}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{6FB172AD-E68C-4C9E-9F17-BC6549DFFA49}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{4473785B-509A-4191-9F36-76D1865905CD}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox gaming overlay|Desc=Xbox gaming overlay|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1714399563-1326177402-2048222277-143663168-2151391019-765408921-4098702777|EmbedCtxt=Xbox gaming overlay|Platform=2:6:2|Platform2=GTEQ| "{F30D72C3-6975-48CD-AF26-75DEAD608AA9}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game bar|Desc=Xbox Game bar|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1823635404-1364722122-2170562666-1762391777-2399050872-3465541734-3732476201|EmbedCtxt=Xbox Game bar|Platform=2:6:2|Platform2=GTEQ| "{C5337B05-8B68-425A-882E-C8E233DBD552}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ| "{C1BF56D6-14F2-42D0-8B50-4F87406967F1}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\domainprofile\authorizedapplications\list] "C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ee986ed-9d81-43b3-b9ea-30686e6f4219}] : (PSM) [] -> @oem6.inf,%ClassName%;Intel® Power Sharing Manager [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3f966bd9-fa04-4ec5-991c-d326973b5128}] : (AndroidUsbDeviceClass) [] -> @oem56.inf,%ClassName%;SAMSUNG Android Phone [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b2728d24-ac56-42db-9e02-8edaf5db652f}] : (RDCamera) [] -> @rdcameradriver.inf,%ClassName%;Remote Desktop Camera devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e6f1aa1c-7f3b-4473-b2e8-c97d8ac71d53}] : (UCM) [] -> @c_ucm.inf,%ClassDesc%;USB Connector Managers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f72fe0d4-cbcb-407d-8814-9ed673d0dd6b}] : (USB) [] -> @oem58.inf,%ClassName%;ADB Interface [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [08/05/2015 11:07:06] - (1.0.6.1) - (ASUSTek Computer Inc. - ATK WMIACPI Utility) - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [18/03/2018 18:59:15] - (23.21.13.9101) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 391.01) - C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_40f9e134b62f4f99\nvlddmkm.sys [29/08/2017 09:59:46] - (1.0.0.7) - (ASUS - HID minidriver for ASUS Wireless Radio Control) - C:\WINDOWS\System32\drivers\AsRadioControl.sys [17/10/2017 07:54:59] - (3.90.1.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\WINDOWS\system32\drivers\nvvad64v.sys [18/03/2018 18:59:15] - (202.0.0.0) - (NVIDIA Corporation - Virtual USB Host Controller driver) - C:\WINDOWS\System32\drivers\nvvhci.sys [10/01/2018 23:13:08] - (3.4.0.0) - (Disc Soft Ltd - DAEMON Tools Lite Virtual USB Bus Driver) - C:\WINDOWS\System32\drivers\dtliteusbbus.sys [10/01/2018 23:12:46] - (5.28.0.0) - (Disc Soft Ltd - DAEMON Tools Lite Virtual SCSI Bus Driver) - C:\WINDOWS\System32\drivers\dtlitescsibus.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - bttflt (@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter) -> System32\drivers\bttflt.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - cht4iscsi () -> System32\drivers\cht4sx64.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - iaStorA (@oem37.inf,%iaStorA.DeviceDesc%;Intel Chipset SATA RAID Controller) -> System32\drivers\iaStorA.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - iaStorAVC (@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller) -> System32\drivers\iaStorAVC.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-101) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - ItSas35i () -> System32\drivers\ItSas35i.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas35i () -> System32\drivers\megasas35i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;Pilote de bus PCI) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> system32\DRIVERS\ramdisk.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - SgrmAgent (@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001) -> system32\drivers\SgrmAgent.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> system32\drivers\wd\WdBoot.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> system32\drivers\wd\WdFilter.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - afunix (afunix) -> \SystemRoot\system32\drivers\afunix.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ATKWMIACPIIO (ATKWMIACPI Driver) -> \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - bam (@%SystemRoot%\system32\drivers\bam.sys,-100) -> system32\drivers\bam.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ESProtectionDriver (Malwarebytes Anti-Exploit) -> \??\C:\WINDOWS\system32\drivers\mbae64.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> system32\drivers\cldflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - iocbios2 (iocbios2) -> \??\C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - MBAMChameleon (MBAMChameleon) -> \SystemRoot\System32\Drivers\MbamChameleon.sys - AcceptPause: False - AcceptStop: True ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\5315-4114-3937-2165] : (Solibri Model Checker v9.8.-.Solibri Inc) -> "D:\Prog\Solibri\SMCv9.8\uninstall Solibri Model Checker v9.8.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Free Convert FLAC To MP3] : (Free Convert FLAC To MP3 (remove only).-.4dots Software) -> C:\Program Files (x86)\4dots Software\Free Convert FLAC To MP3\Uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Git_is1] : (Git version 2.18.0.-.The Git Development Community) -> "C:\Program Files\Git\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Intel Security Software Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{04C5CE55-7F32-4D2D-AEA2-FDC03E8F65CC}] : (AudioCaptureNotificationConfigurator.-.ASUSTeKcomputer.Inc) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0C21BBE5-F4B4-42E2-AE4B-BE210BB1B8AB}] : (Intel(R) Serial IO.-.Intel Corporation) -> MsiExec.exe /I{0C21BBE5-F4B4-42E2-AE4B-BE210BB1B8AB} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1B31F1CC-7C8B-4760-91B1-3DF6873EDC2D}] : (ProfileSwitcherCleanup.-.ASUSTeKcomputer.Inc) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2159D6A2-CFFE-51F3-0017-A53F85A727E3}] : (General Runtime Files for Allplan 2016-1-7 x64.-.Nemetschek Allplan Systems GmbH) -> MsiExec.exe /I{2159D6A2-CFFE-51F3-0017-A53F85A727E3} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F64180161F0}] : (Java 8 Update 161 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180161F0} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{36606417-B1C4-42C2-B5C1-67972DA63DAB}] : (ProductDaemonSetup.-.ASUSTeKcomputer.Inc) -> MsiExec.exe /I{36606417-B1C4-42C2-B5C1-67972DA63DAB} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3CF43809-BA72-4BC7-B936-1308CE57C6E6}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{3CF43809-BA72-4BC7-B936-1308CE57C6E6} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4FEB3307-A0EF-4385-9C8F-4B4C1503311C}] : (ApoDispatchConfigurator.-.ASUSTeKcomputer.Inc) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{60130678-813A-4D4B-97E7-284F27516561}] : (Intel® PROSet/Wireless WiFi Software.-.Intel Corporation) -> MsiExec.exe /I{60130678-813A-4D4B-97E7-284F27516561} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{66C5838F-B854-4A55-89E6-A6138747A4DF}] : (Epic Games Launcher Prerequisites (x64).-.Epic Games, Inc.) -> MsiExec.exe /X{66C5838F-B854-4A55-89E6-A6138747A4DF} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{67133B16-3310-4E5A-91DC-F4E8527A2A9C}] : (SonicMapperConfigurator.-.ASUSTeKcomputer.Inc) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7c6a2125-4d2d-4244-916f-0ea498b7c952}] : (Intel(R) PRO/Wireless Driver.-.Intel Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{81FDC114-BADF-47AA-8A08-B03661FB4991}] : (Node.js.-.Node.js Foundation) -> MsiExec.exe /I{81FDC114-BADF-47AA-8A08-B03661FB4991} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{88001CF1-7D5B-4BCC-9AF1-F7F4AD2BC488}] : (SonicRadar3Setup.-.ASUSTeKcomputer.Inc) -> MsiExec.exe /I{88001CF1-7D5B-4BCC-9AF1-F7F4AD2BC488} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}] : (Intel(R) Chipset Device Software.-.Intel Corporation) -> MsiExec.exe /I{94E05108-3E4E-4F2E-AC5F-33A1B22B779C} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9B8ADE33-5DE8-4EE2-9EF4-E1EA65A37F32}] : (Microsoft VC++ redistributables repacked..-.Intel Corporation) -> MsiExec.exe /I{9B8ADE33-5DE8-4EE2-9EF4-E1EA65A37F32} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{ABDC630D-DC10-4991-9965-D683C8F4885D}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> MsiExec.exe /I{ABDC630D-DC10-4991-9965-D683C8F4885D} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AC306567-A1B7-4208-8FED-97CF535050BC}] : (DeviceRoutingConfigurator.-.ASUSTeKcomputer.Inc) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel] : (NVIDIA Ansel.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 391.01.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus] : (NVIDIA Optimus Update 27.1.0.0.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (NVIDIA Update 27.1.0.0.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer] : (DisplayDriverAnalyzer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (NVIDIA SHIELD Streaming.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend] : (NVIDIA Backend.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer] : (NVIDIA Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem] : (NVIDIA LocalSystem Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus] : (NVIDIA Message Bus for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService] : (NVIDIA NetworkService Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session] : (NVIDIA Session Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User] : (NVIDIA User Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer] : (NVIDIA Display Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS] : (NVIDIA Display Container LS.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog] : (NVIDIA Display Watchdog Plugin.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer] : (NVIDIA Display Session Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs] : (NVIDIA NodeJS.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog] : (NVIDIA Watchdog Plugin for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry] : (NVIDIA Telemetry Client.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer] : (NVIDIA Telemetry Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci] : (NVIDIA Virtual Host Controller.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC] : (Nvidia Share.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 3.8.0.89.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (NVIDIA SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 3.90.1.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C1520A55-D4B2-43D4-8520-3C5683C94DC8}] : (NahimicSettingsConfigurator.-.ASUSTeKcomputer.Inc) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D894441F-8A5E-48A0-8894-7FA739C1A33A}] : (SonicStudio3Setup.-.ASUSTeKcomputer.Inc) -> MsiExec.exe /I{D894441F-8A5E-48A0-8894-7FA739C1A33A} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E0E25843-D0D2-4947-A2C2-CFBABB4FCBDE}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{E0E25843-D0D2-4947-A2C2-CFBABB4FCBDE} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}] : (Intel(R) ME UninstallLegacy.-.Intel Corporation) -> MsiExec.exe /I{E9B9A1A5-6398-4C99-8FDE-10794F6505C5} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F6AA7E43-41A4-4304-BA96-A495C5788231}] : (Intel(R) Trusted Connect Service Client.-.Intel Corporation) -> MsiExec.exe /I{F6AA7E43-41A4-4304-BA96-A495C5788231} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F97C940B-7821-4DF7-917C-3EEA95D6091F}] : (CodeMeter Runtime Kit v6.50c.-.WIBU-SYSTEMS AG) -> MsiExec.exe /I{F97C940B-7821-4DF7-917C-3EEA95D6091F} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F9E85A10-B115-B8CC-553E-36C7FF42B05B}] : (General Runtime Files for Allplan 2018-0-2 x64.-.Nemetschek Allplan Systems GmbH) -> MsiExec.exe /I{F9E85A10-B115-B8CC-553E-36C7FF42B05B} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\1207659102_is1] : (FTL: Advanced Edition.-.GOG.com) -> "D:\Jeu\FTL - Advanced Edition\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\1455998221_is1] : (MachiaVillain.-.GOG.com) -> "D:\Jeu\MachiaVillain\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\1620157881_is1] : (Tooth and Tail.-.GOG.com) -> "D:\Jeu\Tooth and Tail\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\2004253604_is1] : (Into the Breach.-.GOG.com) -> "D:\Jeu\Into the Breach\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\2061814323_is1] : (Wizard of Legend.-.GOG.com) -> "D:\Jeu\Wizard of Legend\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Crash Bandicoot N Sane Trilogy_is1] : (Crash Bandicoot N Sane Trilogy.-.) -> "D:\Games\Crash Bandicoot N Sane Trilogy\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Free Mp3 M4a Wma Converter_is1] : (Free Mp3 M4a Wma Converter V 1.6.-.KastorSoft) -> "C:\Program Files (x86)\Kastor Free Mp3 M4a Wma Converter\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Frostpunk_is1] : (Frostpunk.-.) -> "D:\Games\Frostpunk\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\GOGPACKROGUELEGACY_is1] : (Rogue Legacy.-.GOG.com) -> "D:\Jeu\Rogue Legacy\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Open Video Capture_is1] : (Open Video Capture version 1.1.-.) -> "C:\Program Files (x86)\OpenVideoCapture\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Snake Pass_is1] : (Snake Pass.-.) -> "D:\Jeu\Snake Pass\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Surviving Mars_is1] : (Surviving Mars.-.) -> "D:\Games\Surviving Mars\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WinX YouTube Downloader_is1] : (WinX YouTube Downloader 4.0.9.-.Digiarty Software, Inc.) -> "D:\WinX_YouTube_Downloader\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}] : (ASUS Splendid Video Enhancement Technology.-.ASUS) -> MsiExec.exe /X{0969AF05-4FF6-4C00-9406-43599238DE0D} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{559FA847-377D-4926-80A3-ED9E014D363A}] : (Intel(R) Wireless Bluetooth(R).-.Intel Corporation) -> MsiExec.exe /I{559FA847-377D-4926-80A3-ED9E014D363A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{582876EC-A178-44D4-9823-C10D6C62EAFF}] : (.-.) -> MsiExec /X{8B922CF8-8A6C-41CE-A858-F1755D7F5D29} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}] : (Realtek Card Reader.-.Realtek Semiconductor Corp.) -> C:\WINDOWS\RtCRU64.exe /u ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6599C1AB-394E-4CB0-ADCE-53A0E5E8873E}] : (Microsoft VC++ redistributables repacked..-.Intel Corporation) -> MsiExec.exe /I{6599C1AB-394E-4CB0-ADCE-53A0E5E8873E} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7535C402-1670-31E0-F0D0-52DC6D50AB76}] : (General Runtime Files for Allplan 2018-0-2.-.Nemetschek Allplan Systems GmbH) -> MsiExec.exe /I{7535C402-1670-31E0-F0D0-52DC6D50AB76} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}] : (ASUS PTP Driver.-.ASUS) -> MsiExec.exe /I{7618E419-9124-4E6C-9AF4-487A6DDEC1C5} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}] : (NVIDIA PhysX.-.NVIDIA Corporation) -> MsiExec.exe /I{8B922CF8-8A6C-41CE-A858-F1755D7F5D29} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8D6B05E0-F457-408C-9D13-549334D8FAE1}] : (Device Setup.-.ASUSTek COMPUTER INC.) -> MsiExec.exe /I{8D6B05E0-F457-408C-9D13-549334D8FAE1} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8F21291E-0444-4B1D-B9F9-4370A73E346D}] : (WinFlash.-.ASUSTeK COMPUTER INC.) -> MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A39B5969-9683-49F9-AA69-F40EF0D91441}] : (XSplit Gamecaster.-.SplitmediaLabs) -> MsiExec.exe /X{A39B5969-9683-49F9-AA69-F40EF0D91441} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AA67D612-0BE5-44D6-9A91-592958F754A1}] : (Intel(R) C++ Redistributables on Intel(R) 64.-.Intel Corporation) -> MsiExec.exe /X{AA67D612-0BE5-44D6-9A91-592958F754A1} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}] : (ATK Package (ASUS Keyboard Hotkeys).-.ASUSTeK COMPUTER INC.) -> MsiExec.exe /X{AB5C933E-5C7D-4D30-B314-9C83A49B94BE} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824272646}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824272646} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}] : (Adobe Acrobat Reader DC - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AC0F074E4100} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ACF41228-28D2-497C-AD8F-19005413E49D}] : (Epic Games Launcher.-.Epic Games, Inc.) -> MsiExec.exe /X{ACF41228-28D2-497C-AD8F-19005413E49D} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EEB4B0A5-E468-3D72-FE16-C1C202B3E314}] : (General Runtime Files for Allplan 2016-1-7.-.Nemetschek Allplan Systems GmbH) -> MsiExec.exe /I{EEB4B0A5-E468-3D72-FE16-C1C202B3E314} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}] : (ASUS Live Update.-.ASUS) -> MsiExec.exe /X{FA540E67-095C-4A1B-97BA-4D547DEC9AF4} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FB47E710-6249-4EFA-BE36-E922B0612AF4}] : (CASIO FA-124.-.CASIO COMPUTER CO., LTD.) -> MsiExec.exe /X{FB47E710-6249-4EFA-BE36-E922B0612AF4} ---------- | Ports ---------- | Installer [HKCR\Installer\Products\00006109C80000000100000000F01FEC] : Office 16 Click-to-Run Extensibility Component [HKCR\Installer\Products\00006109C800C0400100000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109E70000000100000000F01FEC] : Office 16 Click-to-Run Licensing Component [HKCR\Installer\Products\017E74BF9426AFE4EB639E220B16A24F] : CASIO FA-124 -> C:\WINDOWS\Installer\{FB47E710-6249-4EFA-BE36-E922B0612AF4}\ARPPRODUCTICON.exe [HKCR\Installer\Products\01A58E9F511BCC8B55E3637CFF240BB5] : General Runtime Files for Allplan 2018-0-2 x64 [HKCR\Installer\Products\0E50B6D8754FC804D9314539438DAF1E] : Device Setup -> C:\Windows\Installer\{8D6B05E0-F457-408C-9D13-549334D8FAE1}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\1FC10088B5D7CCB4A91F7F4FDAB24C88] : SonicRadar3Setup [HKCR\Installer\Products\204C535707610E130F0D25CDD605BA67] : General Runtime Files for Allplan 2018-0-2 [HKCR\Installer\Products\216D76AA5EB06D44A9199592857F451A] : Intel(R) C++ Redistributables on Intel(R) 64 [HKCR\Installer\Products\2A6D9512EFFC3F1500715AF3587A723E] : General Runtime Files for Allplan 2016-1-7 x64 [HKCR\Installer\Products\34852E0E2D0D74942A2CFCABBBF4BCED] : Intel(R) Management Engine Components [HKCR\Installer\Products\34E7AA6F4A144034AB694A595C872813] : Intel(R) Trusted Connect Service Client [HKCR\Installer\Products\411CDF18FDABAA74A8800B6316BF9419] : Node.js -> C:\WINDOWS\Installer\{81FDC114-BADF-47AA-8A08-B03661FB4991}\NodeIcon [HKCR\Installer\Products\4EA42A62D9304AC4784BF2468110160F] : Java 8 Update 161 (64-bit) -> C:\Program Files\Java\jre1.8.0_161\\bin\javaws.exe [HKCR\Installer\Products\4FA3F4C98D12DB346AC915B79B0621FC] : Update for Windows 10 for x64-based Systems (KB4023057) [HKCR\Installer\Products\50FA96906FF400C4496034952983EDD0] : ASUS Splendid Video Enhancement Technology -> C:\Windows\Installer\{0969AF05-4FF6-4C00-9406-43599238DE0D}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\5212A6C7D2D4442419F6E04A897B9C25] : Intel(R) PRO/Wireless Driver -> C:\Windows\Installer\{7C6A2125-4D2D-4244-916F-0EA498B7C952}\ARPPRODUCTICON.exe [HKCR\Installer\Products\55A0251C2B4D4D345802C365389CD48C] : NahimicSettingsConfigurator [HKCR\Installer\Products\55EC5C4023F7D2D4EA2ADF0CE3F856CC] : AudioCaptureNotificationConfigurator [HKCR\Installer\Products\5A0B4BEE864E27D3EF611C2C203B3E41] : General Runtime Files for Allplan 2016-1-7 [HKCR\Installer\Products\5A1A9B9E893699C4F8ED0197F456505C] : Intel(R) ME UninstallLegacy [HKCR\Installer\Products\5EBB12C04B4F2E24EAB4EB12B01B8BBA] : Intel(R) Serial IO [HKCR\Installer\Products\61B331760133A5E419CD4F8E25A7A2C9] : SonicMapperConfigurator [HKCR\Installer\Products\68AB67CA408033019195008142726264] : Adobe Refresh Manager -> C:\WINDOWS\Installer\{AC76BA86-0804-1033-1959-001824272646}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA76301B744CAF070E41400] : Adobe Acrobat Reader DC - Français -> C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico [HKCR\Installer\Products\7033BEF4FE0A5834C9F8B4C4513013C1] : ApoDispatchConfigurator [HKCR\Installer\Products\714606634C1B2C245B1C7679D26AD3BA] : ProductDaemonSetup [HKCR\Installer\Products\748AF955D7736294083ADEE910D463A3] : Intel(R) Wireless Bluetooth(R) -> C:\Windows\Installer\{559FA847-377D-4926-80A3-ED9E014D363A}\IntelBluetooth.ico [HKCR\Installer\Products\765603CA7B1A8024F8DE79FC350505CB] : DeviceRoutingConfigurator [HKCR\Installer\Products\76E045AFC590B1A479ABD445D7CEA94F] : ASUS Live Update -> C:\Windows\Installer\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}\MyIcon2 [HKCR\Installer\Products\80150E49E4E3E2F4CAF5331A2BB277C9] : Intel(R) Chipset Device Software [HKCR\Installer\Products\82214FCA2D82C794DAF8910045314ED9] : Epic Games Launcher -> C:\Windows\Installer\{ACF41228-28D2-497C-AD8F-19005413E49D}\Installer.ico [HKCR\Installer\Products\87603106A318B4D4797E82F472155616] : Intel® PROSet/Wireless WiFi Software -> C:\Windows\Installer\{60130678-813A-4D4B-97E7-284F27516561}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8FC229B8C6A8EC148A851F57D5F7D592] : NVIDIA PhysX -> C:\Windows\Installer\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}\icon.ico [HKCR\Installer\Products\90834FC327AB7CB49B633180EC756C6E] : Intel(R) Management Engine Components [HKCR\Installer\Products\914E81674219C6E4A94F84A7D6ED1C5C] : ASUS PTP Driver -> C:\Windows\Installer\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\9695B93A38699F94AA964FE00F9D4114] : XSplit Gamecaster -> C:\Windows\Installer\{A39B5969-9683-49F9-AA69-F40EF0D91441}\XSplit.Gamecaster.exe [HKCR\Installer\Products\99E80CA9B0328e74791254777B1F42AE] : [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\B049C79F12877FD419C7E3AE596D90F1] : CodeMeter Runtime Kit v6.50c -> C:\Windows\Installer\{F97C940B-7821-4DF7-917C-3EEA95D6091F}\CodeMeter.ico [HKCR\Installer\Products\BD683D90B42318E4D812A51F34E36D00] : ROG Gaming Center Core [HKCR\Installer\Products\CC1F13B1B8C70674191BD36F78E3CDD2] : ProfileSwitcherCleanup [HKCR\Installer\Products\D036CDBA01CD199499566D388C4F88D5] : Intel(R) Rapid Storage Technology [HKCR\Installer\Products\E19212F84440D1B49B9F34077AE343D6] : WinFlash -> C:\Windows\Installer\{8F21291E-0444-4B1D-B9F9-4370A73E346D}\MyIcon [HKCR\Installer\Products\E339C5BAD7C503D43B41C9384AB949EB] : ATK Package (ASUS Keyboard Hotkeys) -> C:\Windows\Installer\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\F144498DE5A80A848849F77A931C3AA3] : SonicStudio3Setup [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\F8385C66458B55A4986E6A3178744AFD] : Epic Games Launcher Prerequisites (x64) -> C:\Windows\Installer\{66C5838F-B854-4A55-89E6-A6138747A4DF}\UnrealEngineLauncher.ico [HKCR\Installer\Products\FBD281CC76CF97F49903A662286EB0DD] : ROG Gaming Center -> C:\Windows\Installer\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}\_853F67D554F05449430E7E.exe ---------- | ADS ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Nom de l’application défaillante isaac-ng.exe, version : 0.0.0.0, horodatage : 0x5ae7849c Nom du module défaillant : ntdll.dll, version : 10.0.17134.228, horodatage : 0x2c71c7b8 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00043a8b ID du processus défaillant : 0x413c Heure de début de l’application défaillante : 0x01d43eff0da33ee3 Chemin d’accès de l’application défaillante : D:\Jeu\The.Binding.of.Isaac.Afterbirth.Plus.Update.22\isaac-ng.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : e7756cac-c196-4659-aa2b-b6b49360eebc Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante isaac-ng.exe, version : 0.0.0.0, horodatage : 0x5ae7849c Nom du module défaillant : ntdll.dll, version : 10.0.17134.228, horodatage : 0x2c71c7b8 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0004285c ID du processus défaillant : 0x413c Heure de début de l’application défaillante : 0x01d43eff0da33ee3 Chemin d’accès de l’application défaillante : D:\Jeu\The.Binding.of.Isaac.Afterbirth.Plus.Update.22\isaac-ng.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : 06d12c8c-e422-425f-99d0-ded2c18f2801 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante isaac-ng.exe, version : 0.0.0.0, horodatage : 0x5ae7849c Nom du module défaillant : ntdll.dll, version : 10.0.17134.228, horodatage : 0x2c71c7b8 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00043a8b ID du processus défaillant : 0x2f0c Heure de début de l’application défaillante : 0x01d43eeca959193c Chemin d’accès de l’application défaillante : D:\Jeu\The.Binding.of.Isaac.Afterbirth.Plus.Update.22\isaac-ng.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : 642e0c8b-054e-43d7-997b-776ed7fb37f4 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante isaac-ng.exe, version : 0.0.0.0, horodatage : 0x5ae7849c Nom du module défaillant : ntdll.dll, version : 10.0.17134.228, horodatage : 0x2c71c7b8 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0004285c ID du processus défaillant : 0x2f0c Heure de début de l’application défaillante : 0x01d43eeca959193c Chemin d’accès de l’application défaillante : D:\Jeu\The.Binding.of.Isaac.Afterbirth.Plus.Update.22\isaac-ng.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : 9a46b26d-5259-4735-84e5-19400fc8e6c1 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante isaac-ng.exe, version : 0.0.0.0, horodatage : 0x5ae7849c Nom du module défaillant : ntdll.dll, version : 10.0.17134.228, horodatage : 0x2c71c7b8 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00043a8b ID du processus défaillant : 0x2664 Heure de début de l’application défaillante : 0x01d43eebb3072192 Chemin d’accès de l’application défaillante : D:\Jeu\The.Binding.of.Isaac.Afterbirth.Plus.Update.22\isaac-ng.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : 1996c5c0-b134-427e-ba0b-f02d15d8b71e Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante isaac-ng.exe, version : 0.0.0.0, horodatage : 0x5ae7849c Nom du module défaillant : ntdll.dll, version : 10.0.17134.228, horodatage : 0x2c71c7b8 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0004285c ID du processus défaillant : 0x2664 Heure de début de l’application défaillante : 0x01d43eebb3072192 Chemin d’accès de l’application défaillante : D:\Jeu\The.Binding.of.Isaac.Afterbirth.Plus.Update.22\isaac-ng.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : ea1f128c-3e6a-42b0-b0da-1105c7e93b3e Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante AUDIODG.EXE, version : 10.0.17134.137, horodatage : 0xecd85e98 Nom du module défaillant : NAHIMICV3apo.dll, version : 10.0.10011.16384, horodatage : 0x595e4369 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000379f91 ID du processus défaillant : 0x2614 Heure de début de l’application défaillante : 0x01d43eeafd2a3875 Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\AUDIODG.EXE Chemin d’accès du module défaillant: C:\WINDOWS\system32\NAHIMICV3apo.dll ID de rapport : af0eefdc-ca52-44e8-8da1-e4e1547db339 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante isaac-ng.exe, version : 0.0.0.0, horodatage : 0x5ae7849c Nom du module défaillant : ntdll.dll, version : 10.0.17134.228, horodatage : 0x2c71c7b8 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00043a8b ID du processus défaillant : 0x4a58 Heure de début de l’application défaillante : 0x01d43ec779efaf87 Chemin d’accès de l’application défaillante : D:\Jeu\The.Binding.of.Isaac.Afterbirth.Plus.Update.22\isaac-ng.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : 9310331f-a490-42d1-8985-181082c9ca66 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante isaac-ng.exe, version : 0.0.0.0, horodatage : 0x5ae7849c Nom du module défaillant : ntdll.dll, version : 10.0.17134.228, horodatage : 0x2c71c7b8 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0004285c ID du processus défaillant : 0x4a58 Heure de début de l’application défaillante : 0x01d43ec779efaf87 Chemin d’accès de l’application défaillante : D:\Jeu\The.Binding.of.Isaac.Afterbirth.Plus.Update.22\isaac-ng.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : 241ec831-12a5-490c-a6f5-e081e7b495ad Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante isaac-ng.exe, version : 0.0.0.0, horodatage : 0x5ae7849c Nom du module défaillant : isaac-ng.exe, version : 0.0.0.0, horodatage : 0x5ae7849c Code d’exception : 0xc0000005 Décalage d’erreur : 0x001b8fbb ID du processus défaillant : 0x180 Heure de début de l’application défaillante : 0x01d43ec76d9dbcab Chemin d’accès de l’application défaillante : D:\Jeu\The.Binding.of.Isaac.Afterbirth.Plus.Update.22\isaac-ng.exe Chemin d’accès du module défaillant: D:\Jeu\The.Binding.of.Isaac.Afterbirth.Plus.Update.22\isaac-ng.exe ID de rapport : 3d4a26b1-6cbf-4d69-b067-a3f8a57a4cf9 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante isaac-ng.exe, version : 0.0.0.0, horodatage : 0x5ae7849c Nom du module défaillant : isaac-ng.exe, version : 0.0.0.0, horodatage : 0x5ae7849c Code d’exception : 0xc0000005 Décalage d’erreur : 0x001b8fbb ID du processus défaillant : 0x4a74 Heure de début de l’application défaillante : 0x01d43ebe68f6a69b Chemin d’accès de l’application défaillante : D:\Jeu\The.Binding.of.Isaac.Afterbirth.Plus.Update.22\isaac-ng.exe Chemin d’accès du module défaillant: D:\Jeu\The.Binding.of.Isaac.Afterbirth.Plus.Update.22\isaac-ng.exe ID de rapport : cca2b69c-056f-4ceb-b923-fa0f74022cde Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante isaac-ng.exe, version : 0.0.0.0, horodatage : 0x5ae7849c Nom du module défaillant : isaac-ng.exe, version : 0.0.0.0, horodatage : 0x5ae7849c Code d’exception : 0xc0000005 Décalage d’erreur : 0x00336c35 ID du processus défaillant : 0x4554 Heure de début de l’application défaillante : 0x01d43eb3e5dc897d Chemin d’accès de l’application défaillante : D:\Jeu\The.Binding.of.Isaac.Afterbirth.Plus.Update.22\isaac-ng.exe Chemin d’accès du module défaillant: D:\Jeu\The.Binding.of.Isaac.Afterbirth.Plus.Update.22\isaac-ng.exe ID de rapport : 7c38bbb9-5d44-4615-b7a3-9dadf9e00f77 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante AUDIODG.EXE, version : 10.0.17134.137, horodatage : 0xecd85e98 Nom du module défaillant : NAHIMICV3apo.dll, version : 10.0.10011.16384, horodatage : 0x595e4369 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000379f91 ID du processus défaillant : 0x3748 Heure de début de l’application défaillante : 0x01d43c7bc9467a37 Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\AUDIODG.EXE Chemin d’accès du module défaillant: C:\WINDOWS\system32\NAHIMICV3apo.dll ID de rapport : a07232bb-85b3-4070-87ec-e6924e9433ab Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante ZeroConfigService.exe, version : 19.60.0.0, horodatage : 0x58d16fa6 Nom du module défaillant : ZeroConfigService.exe, version : 19.60.0.0, horodatage : 0x58d16fa6 Code d’exception : 0xc0000409 Décalage d’erreur : 0x000000000022af80 ID du processus défaillant : 0xf30 Heure de début de l’application défaillante : 0x01d42a685b9493c6 Chemin d’accès de l’application défaillante : C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Chemin d’accès du module défaillant: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ID de rapport : ce89b0be-deb1-49df-a8a8-64422737f9ef Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante ZeroConfigService.exe, version : 19.60.0.0, horodatage : 0x58d16fa6 Nom du module défaillant : ZeroConfigService.exe, version : 19.60.0.0, horodatage : 0x58d16fa6 Code d’exception : 0xc0000409 Décalage d’erreur : 0x000000000022af80 ID du processus défaillant : 0xe40 Heure de début de l’application défaillante : 0x01d41a2c6ca221f2 Chemin d’accès de l’application défaillante : C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Chemin d’accès du module défaillant: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ID de rapport : 52ff5699-28b4-4d75-ab8e-8079263b7bd2 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante svchost.exe_stisvc, version : 10.0.17134.1, horodatage : 0xa38b9ab2 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000000000 ID du processus défaillant : 0x21b8 Heure de début de l’application défaillante : 0x01d4240c17279744 Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\svchost.exe Chemin d’accès du module défaillant: unknown ID de rapport : a70c37f0-f9cd-42b2-951a-aeaab7748647 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante ZeroConfigService.exe, version : 19.60.0.0, horodatage : 0x58d16fa6 Nom du module défaillant : ZeroConfigService.exe, version : 19.60.0.0, horodatage : 0x58d16fa6 Code d’exception : 0xc0000409 Décalage d’erreur : 0x000000000022af80 ID du processus défaillant : 0xfa0 Heure de début de l’application défaillante : 0x01d418680e96b0c4 Chemin d’accès de l’application défaillante : C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Chemin d’accès du module défaillant: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ID de rapport : 47375afb-36c4-4e82-bedd-660bb101a157 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante ZeroConfigService.exe, version : 19.60.0.0, horodatage : 0x58d16fa6 Nom du module défaillant : ZeroConfigService.exe, version : 19.60.0.0, horodatage : 0x58d16fa6 Code d’exception : 0xc0000409 Décalage d’erreur : 0x000000000022af80 ID du processus défaillant : 0xe44 Heure de début de l’application défaillante : 0x01d403408de650b4 Chemin d’accès de l’application défaillante : C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Chemin d’accès du module défaillant: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ID de rapport : b65509fe-0582-45e4-9d9d-5e7bd7b22e03 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante forza_x64_release_final.exe, version : 0.0.0.0, horodatage : 0x5a9ee1ff Nom du module défaillant : combase.dll, version : 10.0.17134.112, horodatage : 0xfad18dc5 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000b7f6e ID du processus défaillant : 0x5048 Heure de début de l’application défaillante : 0x01d41790363c8b40 Chemin d’accès de l’application défaillante : D:\Jeu\Forza Horizon 3\Forza Horizon 3\AppFiles\forza_x64_release_final.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\combase.dll ID de rapport : bd605e42-3934-4bae-9878-7fed770ecc56 Nom complet du package défaillant : Microsoft.OpusPG.1786c10f8d_1.0.119.1002_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : OpusReleaseFinal ------------ ----------( EOF)---------- - 4782 | 21:46:54