--------------- QuickDiag | g3n-h@ckm@n | V4_31.08.18.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 02/02/2019 15:34:20 Updated 31/08/2018 | 22:20 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [lance (Administrator)] - [CHAMBRE] (S-1-5-21-1804058015-178936653-3311423861-1002) System: Microsoft Windows 10 Famille - - (10.0.17134) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (1803) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\WINDOWS|\Device\Harddisk0\Partition3 Boot : Normal boot PC: A_F_K31DA_K31DAG_K20DA - ASUSTeK COMPUTER INC. - IdNumber: H7PDCG000YYV - UUID: 38489844-1EA2-DADE-8D7D-88D7F6567A7A Processor : X64 - 1797 Mhz - AMD A4-6210 APU with AMD Radeon R3 Graphics 0901 - fr|FR|iso8859-1 - American Megatrends Inc. - S/N: H7PDCG000YYV - 0901 - ALASKA - 1072009 CoreTemp : ? Celsius ----------| Quick ---------- | SoundDevice Périphérique audio USB - Status: OK - Manufacturer: (USB Audio générique) - PNPDeviceID: USB\VID_045E&PID_0728&MI_02\7&30DD9D02&0&0002 Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0887&SUBSYS_1043867F&REV_1003\4&1DC926CE&0&0001 AMD High Definition Audio Device - Status: OK - Manufacturer: Advanced Micro Devices - PNPDeviceID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1005\4&11325F41&0&0001 ---------- | Video AMD Radeon(TM) R3 Graphics - Resolution: 1680x1050 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: aticfx64.dll,aticfx64.dll,aticfx64.dll,amdxc64.dll - PNPDeviceID: PCI\VEN_1002&DEV_9850&SUBSYS_867D1043&REV_00\3&11583659&0&08 - AdapterCompatibility: Advanced Micro Devices, Inc. - RAM: 268435456 Inegrated Video Chipset DeviceName: AMD Radeon(TM) R3 Graphics - DriverVersion: 8.14.01.6463 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42480 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 36264 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 86016 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 28160 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25408 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 39424 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34696 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 53760 - Manufacturer: Microsoft Corporation - Status: OK ---------- | CPU CPU #1 value:26 % CPU #2 value:7 % CPU #3 value:1 % CPU #4 value:1 % Total Overall CPU Usage value:9 % ---------- | Network Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_AGILEVPNMINIPORT WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_L2TPMINIPORT WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPTPMINIPORT WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPPOEMINIPORT WAN Miniport (IP) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIP WAN Miniport (IPv6) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIPV6 WAN Miniport (Network Monitor) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANBH Realtek 8821AE Wireless LAN 802.11ac PCI-E NIC - - Realtek Semiconductor Corp. - Status: - PnPID : PCI\VEN_10EC&DEV_8821&SUBSYS_21611A3B&REV_00\4&31BDB9F8&0&0013 Realtek PCIe GBE Family Controller - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8168&SUBSYS_85E11043&REV_11\4&8DCA096&0&0014 Bluetooth Device (RFCOMM Protocol TDI) - - - Status: - PnPID : Bluetooth Device (Personal Area Network) - - - Status: - PnPID : WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_SSTPMINIPORT Microsoft Wi-Fi Direct Virtual Adapter - - - Status: - PnPID : Microsoft Wi-Fi Direct Virtual Adapter - - - Status: - PnPID : AnchorFree TAP-Windows Adapter V9 - - AnchorFree TAP-Windows Provider V9 - Status: - PnPID : ROOT\NET\0000 ---------- | Memory RAM = Total (MB) : 8070 | Free (MB) : 4668 Pagefile = Total (MB) : 9315 | Free (MB) : 5654 Virtual = Total (MB) : 4194 | Free (MB) : 3909 Physical Memory 0 : Capacity: 8589934592 - DIMM 0 - Posit.: - Manufacturer: Samsung - PartNumber: M471B1G73EB0-YK0 - S/N: 18AC4D87 ---------- | SID Users Administrateur : [S-1-5-21-1804058015-178936653-3311423861-500] DefaultAccount : [S-1-5-21-1804058015-178936653-3311423861-503] defaultuser0 : [S-1-5-21-1804058015-178936653-3311423861-1001] Invité : [S-1-5-21-1804058015-178936653-3311423861-501] lance : [S-1-5-21-1804058015-178936653-3311423861-1002] WDAGUtilityAccount : [S-1-5-21-1804058015-178936653-3311423861-504] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [Windows] | Total : 150 Go | Free : 97.58 Go -> NTFS [SATA] D:\ -> [Fixed] | [Data] | Total : 2643.92 Go | Free : 2428.35 Go -> NTFS [SATA] Disk Usage Information [1 total Physical Disks] Physical Drive #0 [C:, D:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:0 bytes/sec, Write Maximum:0 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 4 Part. - PnPID : SCSI\DISK&VEN_TOSHIBA&PROD_DT01ACA300\4&471F2D4&0&000000 ---------- | Windows updates - Activation - License W.A.T : :) Test 1 : Windows Is Activated Test 2 : Windows Is Activated Volume License ---------- | Browsers IE : 11.0.17134.1 (© Microsoft Corporation. Tous droits réservés.) GC : 71.0.3578.98 (Copyright 2017 Google Inc.) Default : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" ---------- | FlashPlayer FlashPlayer ActiveX : 32.0.0.114 ---------- | Security AV : Panda Dome Disabled AS : Panda Dome Disabled FW : Panda Firewall Enabled WMI : OK WU: Windows Update Service [Manual(3)] = stopped AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 576 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.17134.1) = C:\Windows\System32\smss.exe [12/04/2018 00:34:22] CPU Usage:0 % 888 | [Owner : Système | Parent : 876() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.17134.1) = C:\Windows\System32\csrss.exe [12/04/2018 00:34:22] CPU Usage:0 % 556 | [Owner : Système | Parent : 876() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.17134.1) = C:\Windows\System32\wininit.exe [12/04/2018 00:34:22] CPU Usage:0 % 8 | [Owner : Système | Parent : 520(svchost.exe) | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.17134.1) = C:\Windows\System32\csrss.exe [12/04/2018 00:34:22] CPU Usage:0 % 1000 | [Owner : Système | Parent : 556(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.17134.191) = C:\Windows\System32\services.exe [15/08/2018 09:00:53] CPU Usage:0 % 1048 | [Owner : Système | Parent : 520(svchost.exe) | 9.9 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.17134.319) = C:\Windows\System32\winlogon.exe [09/10/2018 22:51:39] CPU Usage:0 % 1084 | [Owner : Système | Parent : 556(wininit.exe) | 18.68 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.17134.376) = C:\Windows\System32\lsass.exe [14/11/2018 09:02:10] CPU Usage:0 % 1220 | [Owner : Système | Parent : 1000(services.exe) | 3.87 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 1244 | [Owner : UMFD-1 | Parent : 1048(winlogon.exe) | 7.67 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.17134.376) = C:\Windows\System32\fontdrvhost.exe [14/11/2018 09:02:19] CPU Usage:0 % 1252 | [Owner : UMFD-0 | Parent : 556(wininit.exe) | 4.17 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.17134.376) = C:\Windows\System32\fontdrvhost.exe [14/11/2018 09:02:19] CPU Usage:0 % 1272 | [Owner : Système | Parent : 1000(services.exe) | 25.98 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 1372 | [Owner : SERVICE RÉSEAU | Parent : 1000(services.exe) | 12.18 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 1416 | [Owner : Système | Parent : 1000(services.exe) | 7.98 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 1500 | [Owner : DWM-1 | Parent : 1048(winlogon.exe) | 61.14 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.17134.1) = C:\Windows\System32\dwm.exe [12/04/2018 00:34:19] CPU Usage:0 % 1636 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 6.67 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 1640 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 18.36 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 1660 | [Owner : Système | Parent : 1000(services.exe) | 9.51 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 1752 | [Owner : Système | Parent : 1000(services.exe) | 15.18 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 1784 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 11.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 1820 | [Owner : Système | Parent : 1000(services.exe) | 10.55 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 1888 | [Owner : Système | Parent : 1000(services.exe) | 5.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 1936 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 17.91 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 2004 | [Owner : Système | Parent : 1000(services.exe) | 9.17 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 520 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 9.19 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 1488 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 7.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 2204 | [Owner : SERVICE RÉSEAU | Parent : 1000(services.exe) | 11.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 2232 | [Owner : SERVICE RÉSEAU | Parent : 1000(services.exe) | 8.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 2340 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 9.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 2436 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 7.25 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 2468 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 9.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 2596 | [Owner : Système | Parent : 1000(services.exe) | 17.98 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 2664 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 7.66 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 2776 | [Owner : Système | Parent : 1000(services.exe) | 6.49 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 2812 | [Owner : SERVICE LOCAL | Parent : 2776(svchost.exe) | 18.58 Mo] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.17134.1) = C:\Windows\System32\dasHost.exe [12/04/2018 00:34:12] CPU Usage:0 % 2852 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 6.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 2940 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 9.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 2224 | [Owner : Système | Parent : 1000(services.exe) | 5.7 Mo] - (.AMD - AMD External Events Service Module.) - (6.14.11.1199) = C:\Windows\System32\atiesrxx.exe [24/04/2017 04:50:43] CPU Usage:0 % 2268 | [Owner : Système | Parent : 1000(services.exe) | 31.83 Mo] - (.Advanced Micro Devices, Inc. - tbaseprovisioning.) - (1.0.0.0) = C:\Windows\SysWOW64\tbaseprovisioning.exe [24/04/2017 04:50:35] CPU Usage:0 % 2632 | [Owner : Système | Parent : 2224(atiesrxx.exe) | 9.84 Mo] - (.AMD - AMD External Events Client Module.) - (6.14.11.1199) = C:\Windows\System32\atieclxx.exe [24/04/2017 04:50:43] CPU Usage:0 % 3144 | [Owner : Système | Parent : 1000(services.exe) | 111.85 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 3152 | [Owner : Système | Parent : 1000(services.exe) | 5.72 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 3160 | [Owner : Système | Parent : 1000(services.exe) | 7.94 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 3240 | [Owner : Système | Parent : 1000(services.exe) | 8.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 3404 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 12.82 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 3464 | [Owner : Système | Parent : 1000(services.exe) | 13.92 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 3508 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 6.39 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 3516 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 11.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 3660 | [Owner : Système | Parent : 1000(services.exe) | 13.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 3712 | [Owner : Système | Parent : 1000(services.exe) | 11.77 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 3752 | [Owner : Système | Parent : 1000(services.exe) | 20.39 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.17134.1) = C:\Windows\System32\spoolsv.exe [12/04/2018 00:34:41] CPU Usage:0 % 3800 | [Owner : SERVICE RÉSEAU | Parent : 1000(services.exe) | 7.98 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 4000 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 9.56 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 4008 | [Owner : Système | Parent : 1000(services.exe) | 6.55 Mo] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.29.8644) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [13/08/2018 23:27:08] CPU Usage:0 % 4016 | [Owner : Système | Parent : 1000(services.exe) | 7.28 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 4024 | [Owner : Système | Parent : 1000(services.exe) | 11.74 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 4032 | [Owner : Système | Parent : 1000(services.exe) | 32.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 4040 | [Owner : SERVICE RÉSEAU | Parent : 1000(services.exe) | 16.33 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 4048 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 34.01 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 4056 | [Owner : Système | Parent : 1000(services.exe) | 7.65 Mo] - (.- Realtek Bluetooth BTDevManager Service Application.) - (1.0.56.1) = C:\Program Files (x86)\Realtek\Realtek Bluetooth Filter ONLY\BTDevMgr.exe [27/07/2017 15:32:43] CPU Usage:0 % 4064 | [Owner : Système | Parent : 1000(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 4092 | [Owner : Système | Parent : 1000(services.exe) | 56.73 Mo] - (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - (16.0.11126.20200) = C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [25/05/2017 08:39:53] CPU Usage:0 % 3396 | [Owner : Système | Parent : 1000(services.exe) | 10.88 Mo] - (.Visicom Media Inc. - Visicom Media Anti-phishing Domain Advisor (Powered by Panda Security).) - (2.0.1.8) = C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [22/11/2016 15:27:24] CPU Usage:0 % 3428 | [Owner : Système | Parent : 1000(services.exe) | 16.66 Mo] - (.Panda Security, S.L. - Agent Service.) - (1.3.8.0) = C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [19/07/2016 11:28:44] CPU Usage:0 % 3636 | [Owner : Système | Parent : 1000(services.exe) | 6.81 Mo] - (.Panda Security, S.L. - PSUAService.) - (4.0.2.1) = C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [18/10/2017 01:59:23] CPU Usage:0 % 3632 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 6.45 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 3596 | [Owner : Système | Parent : 1000(services.exe) | 6.32 Mo] - (.Realtek Semiconductor Corp. - Realtek Bluetooth BTDevManager Service Application.) - (1.1.10.1) = C:\Windows\RtkBtManServ.exe [11/12/2017 01:52:40] CPU Usage:0 % 4104 | [Owner : Système | Parent : 1000(services.exe) | 8.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 4140 | [Owner : Système | Parent : 1000(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.13.17134.191) = C:\Windows\System32\SecurityHealthService.exe [15/08/2018 09:01:08] CPU Usage:0 % 4212 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 15.39 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 4280 | [Owner : Système | Parent : 1000(services.exe) | 5.55 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 4316 | [Owner : Système | Parent : 1000(services.exe) | 19.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 4348 | [Owner : Système | Parent : 1000(services.exe) | ?????] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.13.17134.320) = C:\Program Files\Windows Defender\MsMpEng.exe [09/10/2018 22:51:24] CPU Usage:0 % 4648 | [Owner : Système | Parent : 1000(services.exe) | 17.4 Mo] - (.Panda Security, S.L. - Application Host Service.) - (4.0.3.0) = C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [08/11/2017 20:16:00] CPU Usage:0 % 4740 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 5.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 4984 | [Owner : Système | Parent : 1000(services.exe) | 11.77 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 5188 | [Owner : Système | Parent : 1000(services.exe) | 8.27 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 5632 | [Owner : Système | Parent : 1000(services.exe) | 6.61 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 6104 | [Owner : lance | Parent : 2004(svchost.exe) | 26.72 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.17134.1) = C:\Windows\System32\sihost.exe [12/04/2018 00:34:12] CPU Usage:0 % 6124 | [Owner : lance | Parent : 1000(services.exe) | 22.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 4792 | [Owner : lance | Parent : 1000(services.exe) | 32.02 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 2512 | [Owner : Système | Parent : 1000(services.exe) | 14.44 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 128 | [Owner : lance | Parent : 1752(svchost.exe) | 13.08 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.17134.1) = C:\Windows\System32\taskhostw.exe [12/04/2018 00:34:37] CPU Usage:0 % 6296 | [Owner : Système | Parent : 1000(services.exe) | 7.72 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 6400 | [Owner : lance | Parent : 6296(svchost.exe) | 14.36 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.17134.1) = C:\Windows\System32\ctfmon.exe [12/04/2018 00:34:37] CPU Usage:0 % 6540 | [Owner : lance | Parent : 6508() | 174.34 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.17134.165) = C:\Windows\explorer.exe [12/07/2018 20:33:36] CPU Usage:23 % 6828 | [Owner : Système | Parent : 1000(services.exe) | 6.84 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 7124 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 10.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 6944 | [Owner : lance | Parent : 1272(svchost.exe) | 87.46 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.17134.1) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [12/04/2018 00:33:58] CPU Usage:0 % 6076 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 16.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 7224 | [Owner : lance | Parent : 1272(svchost.exe) | 5.83 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.17134.1) = C:\Windows\System32\SettingSyncHost.exe [12/04/2018 00:34:34] CPU Usage:0 % 7408 | [Owner : Système | Parent : 1588() | 0.18 Mo] - (.Google Inc. - Google Crash Handler.) - (1.3.33.23) = C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe [19/12/2018 18:45:11] CPU Usage:0 % 7460 | [Owner : Système | Parent : 1588() | 0.14 Mo] - (.Google Inc. - Google Crash Handler.) - (1.3.33.23) = C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe [19/12/2018 18:45:11] CPU Usage:0 % 7700 | [Owner : SERVICE RÉSEAU | Parent : 1000(services.exe) | 6.87 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 7852 | [Owner : lance | Parent : 1272(svchost.exe) | 99.88 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.17134.523) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [09/01/2019 08:25:48] CPU Usage:0 % 8140 | [Owner : lance | Parent : 1272(svchost.exe) | 8.28 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 00:34:06] CPU Usage:0 % 7400 | [Owner : SERVICE RÉSEAU | Parent : 1000(services.exe) | ?????] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Service.) - (4.13.17134.1) = C:\Program Files\Windows Defender\NisSrv.exe [12/04/2018 00:33:58] CPU Usage:0 % 7564 | [Owner : lance | Parent : 1272(svchost.exe) | 27.45 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 00:34:06] CPU Usage:0 % 8432 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 12.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 9016 | [Owner : lance | Parent : 1000(services.exe) | 21.47 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 1916 | [Owner : lance | Parent : 6540(explorer.exe) | 12.88 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.485.0) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [27/07/2017 15:28:45] CPU Usage:0 % 1548 | [Owner : lance | Parent : 6540(explorer.exe) | 121.88 Mo] - (.Microsoft Corporation - Microsoft OneDrive.) - (18.240.1202.4) = C:\Users\lance\AppData\Local\Microsoft\OneDrive\OneDrive.exe [01/06/2018 23:44:22] CPU Usage:0 % 6020 | [Owner : lance | Parent : 6540(explorer.exe) | 207.29 Mo] - (.Mozilla Corporation - Thunderbird.) - (60.5.0.6961) = C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [03/06/2018 16:33:25] CPU Usage:0 % 9204 | [Owner : lance | Parent : 6540(explorer.exe) | 28.14 Mo] - (.Panasonic Corporation - AutoStartService.) - (1.0.1204.610) = C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe [09/06/2018 13:15:58] CPU Usage:0 % 8344 | [Owner : lance | Parent : 7988() | 6.05 Mo] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) - (4.5.0.0) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [07/07/2015 07:06:32] CPU Usage:0 % 8380 | [Owner : lance | Parent : 1264(WinStore.App.exe) | 9.2 Mo] - (.Panda Security, S.L. - AV Console.) - (4.0.2.1) = C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [23/11/2017 18:51:13] CPU Usage:0 % 9452 | [Owner : Système | Parent : 1000(services.exe) | 29.29 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.17134.471) = C:\Windows\System32\SearchIndexer.exe [12/12/2018 08:18:54] CPU Usage:0 % 9600 | [Owner : lance | Parent : 6540(explorer.exe) | 30.43 Mo] - (.Canon INC. - EOS Utility.) - (0.1.7.0) = C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe [21/07/2015 09:36:38] CPU Usage:0 % 9712 | [Owner : lance | Parent : 8344(MOM.exe) | 28.54 Mo] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Host application.) - (4.5.0.0) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [07/07/2015 07:06:28] CPU Usage:0 % 10136 | [Owner : lance | Parent : 10004() | 10.99 Mo] - (.Brother Industries, Ltd. - ControlCenter Main Process.) - (4.6.6.1) = C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe [29/01/2015 16:03:46] CPU Usage:0 % 6376 | [Owner : lance | Parent : 10136(BrCtrlCntr.exe) | 24.26 Mo] - (.Brother Industries, Ltd. - ControlCenter UX System.) - (4.6.11.1) = C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe [29/01/2015 16:01:00] CPU Usage:0 % 7592 | [Owner : Système | Parent : 1000(services.exe) | 14.39 Mo] - (.Brother Industries, Ltd. - BrYNCSvc.) - (1.11.1.0) = C:\Program Files (x86)\Browny02\BrYNSvc.exe [23/10/2014 13:21:10] CPU Usage:0 % 9144 | [Owner : lance | Parent : 9600(EOS Utility.exe) | 10.08 Mo] - (.CANON INC. - Canon EOS UPNP Detector.) - (1.7.0.4) = C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe [21/07/2015 09:35:48] CPU Usage:0 % 1164 | [Owner : lance | Parent : 9144(EOSUPNPSV.exe) | 8.44 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17134.1) = C:\Windows\System32\conhost.exe [12/04/2018 00:34:20] CPU Usage:0 % 2796 | [Owner : SERVICE RÉSEAU | Parent : 1000(services.exe) | 17.9 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 9836 | [Owner : Système | Parent : 1000(services.exe) | 9.48 Mo] - (.Microsoft Corporation - sedsvc.) - (10.0.17134.1005) = C:\Program Files\rempl\sedsvc.exe [11/01/2019 13:28:44] CPU Usage:0 % 5600 | [Owner : Système | Parent : 1000(services.exe) | 11.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 2112 | [Owner : Système | Parent : 1000(services.exe) | ?????] - (.Microsoft Corporation - Service Broker du moniteur d'exécution System Guard.) - (10.0.17134.1) = C:\Windows\System32\SgrmBroker.exe [12/04/2018 00:34:04] CPU Usage:0 % 2716 | [Owner : Système | Parent : 1000(services.exe) | 21.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 5052 | [Owner : SERVICE RÉSEAU | Parent : 1000(services.exe) | 6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 8880 | [Owner : SERVICE RÉSEAU | Parent : 1000(services.exe) | 5.7 Mo] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.17134.1) = C:\Program Files\Windows Media Player\wmpnetwk.exe [12/04/2018 17:19:16] CPU Usage:0 % 5928 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 11.11 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 9080 | [Owner : Système | Parent : 1000(services.exe) | 5.79 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 1308 | [Owner : Système | Parent : 1000(services.exe) | 11.27 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 2216 | [Owner : lance | Parent : 1272(svchost.exe) | 30.75 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.17134.1) = C:\Windows\System32\ApplicationFrameHost.exe [12/04/2018 00:34:18] CPU Usage:0 % 1264 | [Owner : lance | Parent : 1272(svchost.exe) | 43.23 Mo] - (.Microsoft Corporation - Store.) - (11811.1001.18.0) = C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe [30/01/2019 08:12:04] CPU Usage:0 % 5688 | [Owner : lance | Parent : 1272(svchost.exe) | 8.2 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 00:34:06] CPU Usage:0 % 7504 | [Owner : lance | Parent : 1272(svchost.exe) | 43.71 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.17134.1) = C:\Windows\System32\dllhost.exe [12/04/2018 00:34:22] CPU Usage:0 % 7596 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 13.89 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 6612 | [Owner : Système | Parent : 1752(svchost.exe) | 1.21 Mo] - (.Microsoft Corporation - sedlauncher.) - (10.0.17134.1005) = C:\Program Files\rempl\sedlauncher.exe [11/01/2019 13:28:04] CPU Usage:0 % 9352 | [Owner : lance | Parent : 1272(svchost.exe) | 46.75 Mo] - (.Microsoft Corporation - Paramètres.) - (10.0.17134.112) = C:\Windows\ImmersiveControlPanel\SystemSettings.exe [14/06/2018 07:14:19] CPU Usage:0 % 9128 | [Owner : Système | Parent : 1000(services.exe) | 9.35 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 4768 | [Owner : lance | Parent : 6540(explorer.exe) | 163.5 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [03/06/2018 10:40:13] CPU Usage:0 % 5952 | [Owner : lance | Parent : 4768(chrome.exe) | 8.2 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [03/06/2018 10:40:13] CPU Usage:0 % 1180 | [Owner : lance | Parent : 4768(chrome.exe) | 8.61 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [03/06/2018 10:40:13] CPU Usage:0 % 8220 | [Owner : lance | Parent : 4768(chrome.exe) | 91.01 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [03/06/2018 10:40:13] CPU Usage:0 % 3656 | [Owner : lance | Parent : 4768(chrome.exe) | 114.14 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [03/06/2018 10:40:13] CPU Usage:0 % 10168 | [Owner : lance | Parent : 4768(chrome.exe) | 49.28 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [03/06/2018 10:40:13] CPU Usage:0 % 5160 | [Owner : lance | Parent : 4768(chrome.exe) | 44.98 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [03/06/2018 10:40:13] CPU Usage:0 % 5244 | [Owner : lance | Parent : 4768(chrome.exe) | 119.79 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [03/06/2018 10:40:13] CPU Usage:0 % 2576 | [Owner : SERVICE LOCAL | Parent : 3404(svchost.exe) | 26.84 Mo] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.17134.471) = C:\Windows\System32\audiodg.exe [12/12/2018 08:18:48] CPU Usage:0 % 6432 | [Owner : Système | Parent : 1000(services.exe) | 5.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 1076 | [Owner : lance | Parent : 4768(chrome.exe) | 54.82 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [03/06/2018 10:40:13] CPU Usage:0 % 6580 | [Owner : lance | Parent : 4768(chrome.exe) | 45.94 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [03/06/2018 10:40:13] CPU Usage:0 % 2672 | [Owner : lance | Parent : 4768(chrome.exe) | 32.31 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [03/06/2018 10:40:13] CPU Usage:0 % 8504 | [Owner : lance | Parent : 4768(chrome.exe) | 37.92 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [03/06/2018 10:40:13] CPU Usage:0 % 1688 | [Owner : lance | Parent : 4768(chrome.exe) | 95.35 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [03/06/2018 10:40:13] CPU Usage:0 % 8788 | [Owner : lance | Parent : 4768(chrome.exe) | 21.51 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [03/06/2018 10:40:13] CPU Usage:0 % 9852 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 14.65 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 9012 | [Owner : lance | Parent : 1272(svchost.exe) | 39.53 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.17134.137) = C:\Windows\System32\smartscreen.exe [12/07/2018 20:33:35] CPU Usage:0 % 5352 | [Owner : Système | Parent : 1000(services.exe) | 5.94 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 8260 | [Owner : lance | Parent : 6540(explorer.exe) | 44.24 Mo] - (.SosVirus - QuickDiag.) - (31.8.18.1) = C:\Users\lance\Desktop\QuickDiag.exe [02/02/2019 15:32:06] CPU Usage:0 % 8296 | [Owner : lance | Parent : 1272(svchost.exe) | 20.14 Mo] - (.Microsoft Corporation - System Settings Broker.) - (10.0.17134.1) = C:\Windows\System32\SystemSettingsBroker.exe [12/04/2018 00:34:43] CPU Usage:0 % 9200 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 8.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 00:34:22] CPU Usage:0 % 2244 | [Owner : lance | Parent : 1272(svchost.exe) | 13.66 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17134.1) = C:\Windows\System32\RuntimeBroker.exe [12/04/2018 00:34:06] CPU Usage:0 % 3608 | [Owner : Système | Parent : 1272(svchost.exe) | 8.44 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17134.1) = C:\Windows\System32\wbem\WmiPrvSE.exe [12/04/2018 00:34:40] CPU Usage:0 % 6152 | [Owner : SERVICE RÉSEAU | Parent : 1272(svchost.exe) | 9.92 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17134.1) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [12/04/2018 00:34:55] CPU Usage:0 % ---------- | Locked Applications ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\Windows\System32\InputHost.dll (.AMD.-.AMD WIC JPEG Component.) - (1.1.0.0) -- C:\Program Files\Common Files\ATI Technologies\Multimedia\amf-wic-jpeg-decoder64.dll (.Khronos Group.-.OpenCL Client DLL.) - (2.0.4.0) -- C:\WINDOWS\SYSTEM32\OpenCL.dll (.Advanced Micro Devices Inc..-.AMD Accelerated Parallel Processing OpenCL 2.0 Runtime.) - (10.0.1800.7) -- C:\WINDOWS\SYSTEM32\amdocl64.dll (.Advanced Micro Devices, Inc..-.ADL.) - (7.15.20.1301) -- C:\WINDOWS\SYSTEM32\atiadlxx.DLL (.Advanced Micro Devices Inc..-.AMD COMPILER OpenCL 1.1 Compiler.) - (0.8.0.0) -- C:\WINDOWS\SYSTEM32\amdocl12cl64.dll (.Advanced Micro Devices, Inc. .-.atigktxx.dll.) - (8.14.1.6463) -- C:\WINDOWS\SYSTEM32\atig6txx.dll (.Advanced Micro Devices, Inc. .-.Radeon Video Acceleration Universal Driver.) - (8.14.10.513) -- C:\WINDOWS\SYSTEM32\atiumd6a.dll (.Advanced Micro Devices, Inc. .-.aticfx64.dll.) - (8.17.10.1401) -- C:\WINDOWS\SYSTEM32\aticfx64.dll (.Advanced Micro Devices, Inc. .-.atiuxpag.dll.) - (8.14.1.6463) -- C:\WINDOWS\SYSTEM32\atiuxp64.dll (.Advanced Micro Devices, Inc. .-.atidxx64.dll.) - (8.17.10.625) -- C:\WINDOWS\SYSTEM32\atidxx64.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellExperiences\TileControl.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellComponents\TaskFlowUI.dll (.AceBIT.-.Password Depot 11 Internet Explorer Browser Helper Object.) - (11.0.6.0) -- C:\Program Files (x86)\Panda Security\Panda Secure Vault\pdIEAddOn64.dll (.Panda Security, S.L..-.Shell extension.) - (4.0.2.1) -- C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) ---------- | svchost.exe Modules (Microsoft Files Whitelisted) ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU EOS Utility - (EOS Utility.lnk [Startup]) - User: CHAMBRE\lance OneDrive - ("C:\Users\lance\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\SOFTWARE\...\Run]) - User: CHAMBRE\lance CCleaner Smart Cleaning - ("C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\SOFTWARE\...\Run]) - User: CHAMBRE\lance ImageBrowser EX Agent - (C:\PROGRA~2\Canon\IMAGEB~1\MFMANA~1.EXE [Common Startup]) - User: Public Mozilla Thunderbird - (C:\PROGRA~2\MOZILL~1\THUNDE~1.EXE [Common Startup]) - User: Public PHOTOfunSTUDIO 8.3 PE - (C:\PROGRA~2\COMMON~1\PANASO~1\PHOTOF~1\AUTOST~1.EXE -e "C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO 8.3 PE\PHOTOfunSTUDIO.exe" [Common Startup]) - User: Public RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s [HKLM\SOFTWARE\...\Run]) - User: Public Logitech Download Assistant - (C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\lance\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background "CCleaner Smart Cleaning"="C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "OneDrive"=0x020000000000000000000000 "panda"=0x40FD4D0EC0FE4D0E3895FB0D00000000 "panda_XP"=0xCCB33A62010000000000000073000000 "Uninstall 18.065.0329.0002\amd64"=0x06000000000000000000000000000000 "Uninstall 18.065.0329.0002"=0x30003000300032000000794578570000 "Uninstall 18.091.0506.0007\amd64"=0x06000000000000000000000000000000 "Uninstall 18.091.0506.0007"=0x000000002002D60C0000000000000000 "Uninstall 18.111.0603.0006\amd64"=0x0C00000002000000310000006879D803 "Uninstall 18.111.0603.0006"=0x300031003000310000000000C879D803 "Uninstall 18.131.0701.0007\amd64"=0x30003000310031000000000000000000 "Uninstall 18.131.0701.0007"=0x06000000000000000000000000000000 "Uninstall 18.151.0729.0006\amd64"=0x00DE2F0300DE2F0300000000FFFFFFFF "Uninstall 18.151.0729.0006"=0x48DE2F0348DE2F0300000000CBBB6E00 "NetworkResetPostReboot"=0x30003100300034000000000082000000 "Uninstall 18.151.0729.0012\amd64"=0x0C000000020000003100000068D36005 "Uninstall 18.151.0729.0012"=0x06000000000000000000000058B25805 "Uninstall 18.172.0826.0010\amd64"=0x06000000000000000000000000000000 "Uninstall 18.172.0826.0010"=0x30003000300031000000000000000000 "Uninstall 18.192.0920.0015\amd64"=0x2E00700072006900000000000100401F "Uninstall 18.192.0920.0015"=0x06000000000000000000000000000000 "CCleaner Smart Cleaning"=0x0F0000000200000031000000 "Uninstall 18.212.1021.0008\amd64"=0x30003000300034000000000000000000 "Uninstall 18.212.1021.0008"=0x06000000000000000000000063000000 "Application Restart #0"=0x30003000300030000000000000000000 "WinSweep"=0xFAB30004F8B30004904BEC0372000000 "Delete Cached Update Binary"=0x300033003000300000009904B897D110 "Delete Cached Standalone Update Binary"=0x2E0069006E0069000000B40400FE3603 "Uninstall 18.222.1104.0007\amd64"=0x42007200480065006C00700000000000 "Uninstall 18.222.1104.0007"=0x2E0069006E0069000000B40400FE3603 [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=Brother DCP-J562DW Printer,winspool,Ne03: "IsMRUEstablished"=1 "LegacyDefaultPrinterMode"=1 [HKLM\Software\Microsoft\Command Processor] "DefaultColor"=0 "EnableExtensions"=1 "CompletionChar"=64 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "Logitech Download Assistant"=C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "SecurityHealth"=0x060000000000000000000000 "RTHDVCPL"=0x060000000000000000000000 "WindowsDefender"=0x040000000000000000000000 "Logitech Download Assistant"=0xFAB30004F8B30004904BEC03 "AdAwareTray"=0xFAB30004F8B30004904BEC0300000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "StartCCC"=0x060000000000000000000000 "PSUAMain"=0x1AFE4D0E18FE4D0E2E646C6C "Panda Security URL Filtering"=0x020000000000000000000000 "ControlCenter4"=0x1AFE4D0E18FE4D0E2E646C6C "BrStsMon00"=0x070000000000000000000000 "BrHelp"=0x32F3C56D68F3C56D00000000 "SDTray"=0xF807770378047703580C7703B8027703 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D3D1ED98C0F7D8 [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun "PSUAMain"="C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray "ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun "BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN "BrHelp"=C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Wininit.ini : [rename] NUL=C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List Adobe Acrobat Update Task CCleaner Update CCleanerSkipUAC GoogleUpdateTaskMachineCore GoogleUpdateTaskMachineUA OneDrive Standalone Update Task-S-1-5-21-1804058015-178936653-3311423861-1002 User_Feed_Synchronization-{24253C51-43B9-4062-8595-F321BEC551E8} ---------- | Startings up registry ? Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=UsoSvc DeviceInstall gpsvc trustedinstaller "SvcHostSplitThresholdInKB"=3670016 "WaitToKillServiceTimeout"=200 "SystemStartOptions"= NOEXECUTE=OPTIN NOVGA "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(3) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=18 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=0 "NoLmHash"=1 "Security Packages"="" [01/06/2018 23:34:29] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "LsaPid"=1084 "ProductType"=3 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 "SecureBoot"=1 [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * sdnclean64.exe "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "AutoChkSkipSystemPartition"=0 "ResourceTimeoutCount"=648000 [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=1e7178c0-c6d5-4938-8162-84af565 "GlassSessionId"=1 ---------- | .LNK with Arguments ---------- | AppCertDlls ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretTimeout"=5000 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "ScreenSaveActive"=1 "SnapSizing"=1 "TileWallpaper"=0 "WallPaper"=C:\Users\lance\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper [02/06/2018 22:03:45] "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=6 "WheelScrollChars"=3 "WheelScrollLines"=5 "WindowArrangementActive"=1 "Win8DpiScaling"=0 "DpiScalingVer"=4096 "UserPreferencesMask"=0x9E7E078012000000 "MaxVirtualDesktopDimension"=1680 "MaxMonitorDimension"=1680 "TranscodedImageCount"=2 "LastUpdated"=0 "TranscodedImageCache"=0x7AC30100B78E0300AE090000740600003371131202BAD40143003A005C00550073006500720073005C006C0061006E00630065005C0041007000700044006100740061005C004C006F00630061006C005C004D006900630072006F0073006F00660074005C00570069006E0064006F00770073005C005400680065006D00650073005C0052006F0061006D00650064005400680065006D006500460069006C00650073005C004400650073006B0074006F0070004200610063006B00670072006F0075006E0064005C0032003000300039002D00300031002D003100330020006C006500760061002000300031002E006A00700067000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "PreferredUILanguages"=fr-FR "ActiveWndTrkTimeout"=0 "TranscodedImageCache_001"=0x7AC301001B4D0500AE09000074060000054D8DC43E16D40143003A005C00550073006500720073005C006C0061006E00630065005C0041007000700044006100740061005C004C006F00630061006C005C004D006900630072006F0073006F00660074005C00570069006E0064006F00770073005C005400680065006D00650073005C0052006F0061006D00650064005400680065006D006500460069006C00650073005C004400650073006B0074006F0070004200610063006B00670072006F0075006E0064005C0032003000300039002D00300031002D0033003100200020006D0069006300680065006C00200065006D00700069006C0065002000300035002E006A0070006700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "TranscodedImageCache_000"=0x7AC30100B78E0300AE090000740600003371131202BAD40143003A005C00550073006500720073005C006C0061006E00630065005C0041007000700044006100740061005C004C006F00630061006C005C004D006900630072006F0073006F00660074005C00570069006E0064006F00770073005C005400680065006D00650073005C0052006F0061006D00650064005400680065006D006500460069006C00650073005C004400650073006B0074006F0070004200610063006B00670072006F0075006E0064005C0032003000300039002D00300031002D003100330020006C006500760061002000300031002E006A0070006700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005C005C003F005C0044004900530050004C0041005900230041004300520030003000300039002300340026003100610062006500360062006600660026003000260055004900440032003500360023007B00650036006600300037006200350066002D0065006500390037002D0034006100390030002D0062003000370036002D003300330066003500370062006600340065006100610037007D0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "LockScreenAutoLockActive"=0 "WaitToKillAppTimeout"=200 "HungAppTimeout"=200 [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Microsoft\Windows\CurrentVersion\Explorer] "ShellState"=0x240000003F28000000000000000000000000000001000000130000000000000062000000 "ExplorerStartupTraceRecorded"=1 "UserSignedIn"=1 "SlowContextMenuEntries"=0xFB9A790967ADD111ABCD00C04FC30936672300004DE6B8A97E3F324D8FC9E391DEE67D75B00F0000550F3DCB2CBC1A4C85ED23ED75B5106B40390000BD0E0C47735D584D9CEDE91E22E232824C1000000114020000000000C0000000000000460E370000 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "TelemetrySalt"=5 "GlobalAssocChangedCounter"=1175 "FirstRunTelemetryComplete"=1 "AppReadinessLogonComplete"=1 "EdgeDesktopShortcutCreated"=1 "PostAppInstallTasksCompleted"=1 "ShowRecent"=0 "ShowFrequent"=0 "link"=0x1C000000 "IconUnderline"=3 "Browse For Folder Width"=347 "Browse For Folder Height"=350 [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=1 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StoreAppsOnTaskbar"=1 "StartMenuInit"=13 "TaskbarStateLastRun"=0x64FC4D5C00000000 "ReindexedProfile"=1 "TaskbarSizeMove"=0 "DisablePreviewDesktop"=0 "TaskbarGlomLevel"=0 "LaunchTo"=1 "TaskbarAppsVisibleInTabletMode"=1 "TaskbarAutoHideInTabletMode"=0 "NavPaneExpandToCurrentFolder"=0 [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery] "MRUListEx"=0x1A000000190000001800000017000000160000001500000014000000130000001200000011000000100000000F0000000E0000000D0000000C0000000B0000000A00000009000000080000000700000006000000050000000400000003000000020000000100000000000000FFFFFFFF "0"=0x7300650072007600690063006500200063006F006D0070006F00730061006E0074000000 "1"=0x640065006D006D006100720072006100670065000000 "2"=0x640065006D006100720072006100670065000000 "3"=0x730061006C006C0065000000 "4"=0x61007200740066006900630065000000 "5"=0x61007200740069006600630065000000 "6"=0x66006500750078000000 "7"=0x720069007600720065007200610069006E000000 "8"=0x670075006900640065000000 "9"=0x66006C0061006D00620065006100750078000000 "10"=0x6400610074006500640065006D006F00640069006600690063006100740069006F006E003A00610075006A006F007500720064006800750069000000 "11"=0x6B006500760069006E000000 "12"=0x700069006E00750070000000 "13"=0x730065006E0064000000 "14"=0x730065006E006400200074006F000000 "15"=0x640065007600690073000000 "16"=0x620065006C006F00740074000000 "17"=0x620065006C006F00740065000000 "18"=0x570069006B006F000000 "19"=0x570069006B006F002E000000 "20"=0x6D0061007200690065000000 "21"=0x7400690072006100670065000000 "22"=0x6E006F006500EB006C000000 "23"=0x6E006F00EB006C000000 "24"=0x61006E006E0065000000 "25"=0x72006F00620069006C006C006100720064000000 "26"=0x7300610062006C00E9000000 [HKLM\Software\Policies\Microsoft\Windows\System] "DisableCMD"=0 [HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableTaskMgr"=0 "DisableRegistryTools"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 "NoRun"=0 "NoFolderOptions"=0 "NoControlPanel"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "SmartScreenEnabled"=RequireAdmin "GlobalAssocChangedCounter"=8 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 "HideFileExt"=0 "SuperHidden"=1 "ShowSuperHidden"=1 "Hidden"=1 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\System] "DisableCMD"=0 [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableTaskMgr"=0 "DisableRegistryTools"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 "NoRun"=0 "NoFolderOptions"=0 "NoControlPanel"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=33 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=17134 "FirstLogon"=0 "PUUActive"=0x0EFB17D001000C003701D3059017260049F0270049F02700D20000000200BA0039D5F55AA7400301BC8BC200D873190013CA1400D6C80400000000007DAB3B000E9800006E13000029E944E403BBD40190172600000000000100000090172600EE420000990A00000F7B170100000000 "DP"=0xD200E800AB020C003B0100000EFB17D000000000000000004CA4CC00FCBAD4014CA4CC00FCBAD401000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000F03F80510100320600004223010842230B0906020180240340402C03E040A4250180006980400869C241AD8200400042294000CA295248280080D4014A51DC814A51954001C0182580451A65814D352E01801825090058B5090CF1F500804716081247D608167FA000C0188800481B8802494D260100D1808140D1808548E8F20080704000147040505C "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "scremoveoption"=0 "LastLogOffEndTimePerfCounter"=930031915 "ShutdownFlags"=2147484331 "Userinit"=C:\Windows\system32\userinit.exe, "DisableCad"=1 "DisableLockWorkstation"=0 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-21-1804058015-178936653-3311423861-1002 "LastUsedUsername"=lance "AutoAdminLogon"=1 "DefaultUserName"=lance "DefaultDomainName"=CHAMBRE [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=C:\WINDOWS\system32\userinit.exe, ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [12/04/2018 17:19:11] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [12/04/2018 17:19:11] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\brcolumns\Brcolumns.exe"=0x53414350010000000000000007000000280000009F7706000000000001000000000000000000010571200000BFA2139DEDD1D30100000000000000000600000008000000000000400000000002000000500000000000000000800020000200400000000000000000000000006D61E00200000000B5010000B5010000000000000000000000000040000000000000000000000000CAC01500000000000100000000000000 "C:\Program Files (x86)\Jeux de cartes\Bel Atout\belatout.exe"=0x5341435001000000000000000700000028000000001E1F000000000001000000000000000000000A41200000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000005C10E001000000004B0100004B010000 "C:\Jeux\Simple_Tetris_1.7_net4.0.exe"=0x5341435001000000000000000700000028000000006401000000000001000000000000000000000A75220000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000003BBEB301000000001700000017000000 "C:\Program Files (x86)\XnView\xnview.exe"=0x534143500100000000000000070000002800000048B262000E15630001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000004000000000000000000000000000000D32D6F0300000000CA000000CA000000 "C:\Program Files\Windows Photo Viewer\ImagingDevices.exe"=0x534143500100000000000000070000002800000008990100C4EF010001000000010000000000000A63220000BFA2139DEDD1D3010000000000000000 "SIGN.MEDIA=5B4516 start.exe"=0x5341435001000000000000000700000028000000003E1A00A6E01A0001000000000000000000030671020000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000820D2E02000000000100000001000000 "C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe"=0x5341435001000000000000000700000028000000006229009FA1290001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000761EC901000000001B0000001B000000 "C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO 8.3 PE\PHOTOfunSTUDIO.exe"=0x5341435001000000000000000700000028000000A88E0900F1600A0001000000000000000000010671220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000100000000000000000000000000000838A0200000000000300000003000000 "C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO 8.3 PE\PFAC.exe"=0x5341435001000000000000000700000028000000985200006DD3000001000000000000000000010671220000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000003EB90000000000000100000001000000 "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe"=0x5341435001000000000000000700000028000000C8DE0400BA30050001000000000000000000010500100000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000455A0000000000000200000002000000 "C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe"=0x5341435001000000000000000700000028000000004818000000000001000000000000000000000A71200000BFA2139DEDD1D3010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000049B6E902000000000600000006000000 "C:\Program Files (x86)\PhotoFiltre Studio X\Uninst.exe"=0x5341435001000000000000000700000028000000BC9000000000000001000000000000000000000671000000BFA2139DEDD1D3010000000000000000050000001000000000000000000000000000000000080000020000002800000000000000000800400000000000000000000000000000000019280000000000000200000002000000 "C:\Program Files (x86)\PhotoFiltre Studio X\pfstudiox.exe"=0x5341435001000000000000000700000028000000001435000000000001000000000000000000000A61200000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000004DCA5502000000001B0000001B000000 "C:\Program Files (x86)\ObviousIdea\Light Image Resizer 5\Resize.exe"=0x5341435001000000000000000700000028000000781BE300E263E30001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000009E48BD01000000001B0000001B000000 "C:\Program Files (x86)\Microsoft Money 2005\MNYCoreFiles\msmoney.exe"=0x5341435001000000000000000700000028000000202B0100841D020001000000000000000000010571000000BFA2139DEDD1D30100000000000000000200000028000000000000000000001008440000000000000000000000000000F864F301000000002100000021000000 "C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE"=0x5341435001000000000000000700000028000000B0681C0003DA1C0001000000000000000000000A00210000BFA2139DEDD1D3010000009100000000 "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAConsole.exe"=0x534143500100000000000000070000002800000030D62400901E250001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000500000000000000000000000000000000000000000000000000000003D148F000000000007000000050000000000000000000040000000000000000000000000000000008F870000000000000100000000000000 "C:\Program Files (x86)\Canon\ImageBrowser EX\ImageBrowserEX.exe"=0x5341435001000000000000000700000028000000001804000000000001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000069402000000000000100000001000000 "C:\Program Files (x86)\Brother\BrLauncher\BrLauncher.exe"=0x5341435001000000000000000700000028000000000A3C000000000001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000008000000004000000000000000000000000000000EEEDF702000000000600000006000000 "C:\Program Files (x86)\Brother\ScannerUtility\BrScUtil.exe"=0x534143500100000000000000070000002800000000FC1900A24C1A0001000000000000000000030671220000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000000B2D0000000000000100000001000000 "C:\Program Files (x86)\Windows Media Player\wmplayer.exe"=0x5341435001000000000000000700000028000000008C02004C22030001000000010000000000000A61220000BFA2139DEDD1D3010000000000000000 "C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubWin32.exe"=0x5341435001000000000000000700000028000000B0D41D0064EE1D0001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000DA1A1400000000000300000003000000 "C:\Users\lance\AppData\Local\Microsoft\OneDrive\OneDrive.exe"=0x534143500100000000000000070000002800000020251900A18E190001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE"=0x5341435001000000000000000700000028000000180D0100EC2E010001000000000000000000000A71220000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000003C8D0000000000000100000001000000 "C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE"=0x534143500100000000000000070000002800000018EBC8019D8AC90101000000000000000000000A00210000BFA2139DEDD1D3010000009100000000 "C:\Program Files (x86)\Microsoft Office\root\Office16\OLCFG.EXE"=0x53414350010000000000000007000000280000004073010045A3010001000000000000000000000A71200000BFA2139DEDD1D3010000000000000000050000001000000000000000000000000000000000080000020000002800000000000000000800400000000000000000000000000000000085EA0200000000000200000002000000 "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe"=0x5341435001000000000000000700000028000000B84E0200850B030001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000E1080500000000000100000001000000 "C:\Program Files\GIMP 2\bin\gimp-2.8.exe"=0x534143500100000000000000070000002800000040DD53000A73540001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000E86F0500000000000100000001000000 "C:\Program Files\Inkscape\inkscape.exe"=0x5341435001000000000000000700000028000000000C06005F67060001000000000000000000000A63200000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000F1847402000000000400000004000000 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"=0x5341435001000000000000000700000028000000E03918001B29190001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"=0x5341435001000000000000000700000028000000182A1200CE0D130001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000D5010000000000000200000002000000 "C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"=0x5341435001000000000000000700000028000000D05D0300A636040001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000EF43EE02000000000500000005000000 "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"=0x5341435001000000000000000700000028000000F08D2600FE4E270001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000010000000000000000000000000000000000A1A3103000000002400000024000000 "C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.1.46.0_x64__8wekyb3d8bbwe\Microsoft.Notes.DesktopBridge.exe"=0x5341435001000000000000000700000028000000008802000000000001000000000000000000000A73220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000BFE90100000000000200000002000000 "C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe"=0x53414350010000000000000007000000280000003818A701A507A80101000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000F1DBE501000000000100000001000000 "C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe"=0x5341435001000000000000000700000028000000983C02002E20030001000000000000000000010600010000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000008D000000000000000100000001000000 "C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE"=0x534143500100000000000000070000002800000050001E0061751E0001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe"=0x534143500100000000000000070000002800000068C9920026F8920001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000039A50A00000000000D0000000D000000 "C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE"=0x534143500100000000000000070000002800000028159902754F990201000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Users\lance\AppData\Local\Microsoft\OneDrive\18.240.1202.0004\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000386B0400903D050001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe"=0x5341435001000000000000000700000028000000008008000000000001000000000000000000000A73200000BFA2139DEDD1D301000000000000000002000000280000000000000000000010000000000000000000000000000000005CA3E201000000000100000001000000 "C:\Users\lance\Desktop\ZHPDiag3.exe"=0x534143500100000000000000070000002800000080C13000E847310001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000004CAC7A00000000000100000001000000 "C:\Users\lance\Desktop\ccsetup552.exe"=0x534143500100000000000000070000002800000038222701189F270101000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000147F0000000000000100000001000000 "C:\Program Files\CCleaner\CCleaner64.exe"=0x534143500100000000000000070000002800000068C52B01227B2C0101000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000C8030000000000000100000001000000 "C:\Users\lance\AppData\Roaming\ZHP\ZHPDiag3.exe"=0x534143500100000000000000070000002800000080C13000E847310001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000E85D0800000000000100000001000000 "C:\Program Files\internet explorer\iexplore.exe"=0x534143500100000000000000070000002800000008910C0061C40C0001000000010000000000000A00210000BFA2139DEDD1D3010000000000000000 "C:\Users\lance\ZHPDiag3.exe"=0x534143500100000000000000070000002800000080C93000C5BE310001000000000000000000000A00210000BFA2139DEDD1D301000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000001696AB00000000000100000001000000 "C:\Users\lance\Desktop\QuickDiag.exe"=0x534143500100000000000000070000002800000098214A00D8C84A0001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf] ""=@SYS:DoesNotExist [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=131724433030801804 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "DisableAntiSpyware"=0 "ProductType"=2 "InstallLocation"=C:\Program Files\Windows Defender\ "ProductStatus"=0 "InstallTime"=0x7EE05161E206D301 "OOBEInstallTime"=0x6B68F0F9F9F9D301 "DisableAntiVirus"=0 "LastEnabledTime"=0xAF85163A1EBAD401 "ManagedDefenderProductType"=0 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) [HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001] : AF_UNIX [HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001] : AF_UNIX [HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001] : AF_UNIX [HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001] : AF_UNIX ---------- | Hosts ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [2a00:1450:4007:814::200e] avec 32 octets de donn?es?: R?ponse de 2a00:1450:4007:814::200e?: temps=29 ms R?ponse de 2a00:1450:4007:814::200e?: temps=29 ms R?ponse de 2a00:1450:4007:814::200e?: temps=29 ms R?ponse de 2a00:1450:4007:814::200e?: temps=29 ms Statistiques Ping pour 2a00:1450:4007:814::200e: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 29ms, Maximum = 29ms, Moyenne = 29ms ---------- | @ [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=%11%\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=http://google.com "Default_Page_URL"=http://asus17win10.msn.com/?pc=ASTE "DisableFirstRunCustomize"=3 "FormSuggest Passwords"=yes "FormSuggest PW Ask"=yes "Use FormSuggest"=no "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=0x010000001500000072FAFA1D058365304683DF8C20E6FE43B3D0D9A76E020000000E0000007162576C4E3541576B7534253364 "ImageStoreRandomFolder"=kszd1oj "OperationalData"=13 "CompatibilityFlags"=0 "SearchBandMigrationVersion"=1 "FullScreen"=no "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF76010000000000009005000090020000 "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0xFDFF423371FAD301 [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "CertificateRevocation"=1 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "ZonesSecurityUpgrade"=0xFDFF423371FAD301 "WarnonZoneCrossing"=0 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 [HKLM\Software\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=about:blank "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "TabProcGrowth"=Medium [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=about:blank "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw] - {472083B0-C522-11CF-8763-00608CC02F24} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [12/04/2018 00:34:24] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 "ShowDiscussionButton"=Yes [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{b60873b9-51aa-4566-b2fc-c16de2ec8bff}"=Panda Safe Web [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{b60873b9-51aa-4566-b2fc-c16de2ec8bff}"=Panda Safe Web [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] : (Lync Click to Call) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{48A61126-9A19-4C50-A214-FF08CB94995C}] : (McAfee WebAdvisor) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{48A61126-9A19-4C50-A214-FF08CB94995C}] : (McAfee WebAdvisor) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] ---------- | SearchScopes [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - () - http://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE : [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}] - (Search The Web) - http://pandasecurity.mystart.com/results.php?pr=vmn&gen=ms&id=pandasecuritytb&v=4_3&idate=2018-06-11&ent=ch_675&q={searchTerms} : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b60873b9-51aa-4566-b2fc-c16de2ec8bff}] -> (Panda Safe Web) : C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [13/02/2018 15:37:16] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CFC4FC07-1F20-4705-8629-03B15B0E2351}] -> () : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9F79B165-70F7-4C46-B1A5-8828E2FF21F9}] -> (Password Depot 11) : "C:\Program Files (x86)\Panda Security\Panda Secure Vault\pdIEAddOn32.dll" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b60873b9-51aa-4566-b2fc-c16de2ec8bff}] -> (Panda Safe Web) : C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [13/02/2018 15:37:16] ---------- | Chrome C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\extensions\fagakgcelolinfnkfgekcnedpaklfcok = : Panda Safe Web is the best tool to browse the Internet safely and quickly. It blocks malware blocks ads and tracking. - short_name: Panda Safe Web - https://clients2.google.com/service/update2/crx C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\extensions\ggojliohohbachojmcgelnjmnjmjgidn = : __MSG_pd_description__ - Password Depot Extension - https://clients2.google.com/service/update2/crx C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\extensions\giceanipjojfnkbciljjblakfkihbjdb = : Recettes.net - Vos Recettes favorites réunies au même endroit. - short_name: Recettes.net - https://clients2.google.com/service/update2/crx C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\extensions\jmfikkaogpplgnfjmbjdpalkhclendgd = : Save things you want to come back to later. - Save to Facebook - https://clients2.google.com/service/update2/crx C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx [HKLM\Software\Google\Chrome\Extensions\fagakgcelolinfnkfgekcnedpaklfcok] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\fagakgcelolinfnkfgekcnedpaklfcok] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\ggojliohohbachojmcgelnjmnjmjgidn] ---------- | Opera ---------- | Firefox [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{67096cca-edd1-462c-9d2c-049c387a2577}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{67096cca-edd1-462c-9d2c-049c387a2577}] "DhcpNameServer"=192.168.1.1 ---------- | Applications [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\SOFTWARE\Classes\Applications\thunderbird.exe] : "C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\MSOXMLED.EXE] : "C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\resize.exe] : C:\Program Files (x86)\ObviousIdea\Light Image Resizer 5\Resize.exe %L [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\Classes\Applications\xnview.exe] : "C:\Program Files (x86)\XnView\xnview.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MSOXMLED.EXE] : "C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\resize.exe] : C:\Program Files (x86)\ObviousIdea\Light Image Resizer 5\Resize.exe %L [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\xnview.exe] : "C:\Program Files (x86)\XnView\xnview.exe" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DcomLaunch DeviceInstall SystemEventsBroker "rdxgroup"=RetailDemo "wusvcs"=WaaSMedicSvc "BthAppGroup"=BluetoothUserService "BcastDVRUserService"=BcastDVRUserService "Camera"=FrameS "diagnostics"=DiagSvc "PrintWorkflow"=PrintWorkflowUserSvc "GraphicsPerfSvcGroup"=GraphicsPerfSvc "DevicesFlow"=DevicesFlowUserSvc DevicePickerUserSvc "smbsvcs"=lanmanserver browser "osrss"=osrss [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=PlugPlay DcomLaunch DeviceInstall "PrintWorkflow"=PrintWorkflowUserSvc "smbsvcs"=lanmanserver ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\2BrightSparks] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\AceBIT] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Adobe] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\AppDataLow] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\ASProtect] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\ASUS] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\ATI] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\AvastAdSDK] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Brother] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Browser Cleanup] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Canon] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Chromium] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Clients] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\CoreJpeg] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Driver] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\g3n-h@ckm@n] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Google] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\inkscape.org] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\LogiShrd] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Microsoft] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Mozilla] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\MSoft] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Netscape] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\ObviousIdea] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\ODBC] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Panasonic] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\PhotoFiltre Studio X] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Piriform] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Policies] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Realtek] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\RegisteredApplications] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Safer Networking Limited] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\SoftGold] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\SyncEngines] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\sysinternals] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Thunderbird] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Trolltech] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\WinSweeper2] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Wow6432Node] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\ZHP] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\{FC9BFD14-90D9-41BD-8CC0-FCD50DBE8A1D}] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\ƒAƒvƒŠƒP[ƒVƒ‡ƒ“ ƒEƒBƒU[ƒh‚Ő¶¬‚³‚ꂽƒ[ƒJƒ‹ ƒAƒvƒŠƒP[ƒVƒ‡ƒ“] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Microsoft\Windows\PrivacySettingsBeforeCreatorsUpdate] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Microsoft\Windows\Winlogon] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\Ada2] [HKLM\Software\adaware] [HKLM\Software\AMD] [HKLM\Software\ATI] [HKLM\Software\ATI Technologies] [HKLM\Software\Brother] [HKLM\Software\Clients] [HKLM\Software\Dolby] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\ICEpower] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Knowles] [HKLM\Software\Logishrd] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nahimic] [HKLM\Software\Nuance] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Partner] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RTLSetup] [HKLM\Software\SRS Labs] [HKLM\Software\sysinternals] [HKLM\Software\Waves Audio] [HKLM\Software\WOW6432Node] [HKLM\Software\Yamaha APO] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\Dwm] [HKLM\Software\Microsoft\Windows\DynamicManagement] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\Heat] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\PrivacySettingsBeforeCreatorsUpdate] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BcastDVRUserService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\btagservice] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BthAppGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] [HKLM\Software\WOW6432Node\2BrightSparks] [HKLM\Software\WOW6432Node\AceBIT] [HKLM\Software\WOW6432Node\Ada2] [HKLM\Software\WOW6432Node\adaware] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AMD] [HKLM\Software\WOW6432Node\ASIO] [HKLM\Software\WOW6432Node\ASUS] [HKLM\Software\WOW6432Node\ATI] [HKLM\Software\WOW6432Node\ATI Technologies] [HKLM\Software\WOW6432Node\AVAST Software] [HKLM\Software\WOW6432Node\Brother] [HKLM\Software\WOW6432Node\Canon] [HKLM\Software\WOW6432Node\Canon_Inc_IC] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\InstallShield] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\ISL] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Malwarebytes Anti-Rootkit] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\ObviousIdea] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\Panasonic] [HKLM\Software\WOW6432Node\Panda Security] [HKLM\Software\WOW6432Node\Panda Software] [HKLM\Software\WOW6432Node\pandasecuritytb] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Safer Networking Limited] [HKLM\Software\WOW6432Node\SRS Labs] [HKLM\Software\WOW6432Node\SyncIntegrationClients] [HKLM\Software\WOW6432Node\WOW6432Node] [HKLM\Software\WOW6432Node\XnView] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\Heat] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] ---------- | Drives D: ---------- | C: [16/07/2016 12:47:47] - |SHD| - [184766294] - C:\$Recycle.Bin [14/01/2019 10:46:23] - |HD| - [651914] - C:\$SysReset [MD5.79B9D2263314FB764719CF6372B1D0C5] - [16/07/2016 13:58:18] - |RASH| - (.-.) - [384322] - (0.0.0.0) - C:\bootmgr [MD5.93B885ADFE0DA089CDF634904FD59F71] - [16/07/2016 13:58:19] - |ASH| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT [07/06/2018 13:10:06] - |D| - [459297] - C:\brcolumns [31/01/2019 16:59:38] - |SHD| - [0] - C:\Config.Msi [01/06/2018 22:50:19] - |SHD| - [0] - C:\Documents and Settings [MD5.D41D8CD98F00B204E9800998ECF8427E] - [02/06/2018 20:46:36] - |ASH| - (.-.) - [3305410560] - (0.0.0.0) - C:\hiberfil.sys [07/06/2018 08:57:11] - |D| - [91136] - C:\Jeux [04/06/2018 09:18:03] - |HD| - [0] - C:\OneDriveTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/07/2017 15:10:56] - |ASH| - (.-.) - [1275068416] - (0.0.0.0) - C:\pagefile.sys [12/04/2018 00:38:20] - |D| - [0] - C:\PerfLogs [27/06/2018 07:13:43] - |D| - [0] - C:\PFS8.3 PE_TMP [12/04/2018 00:38:20] - |RD| - [3853885629] - C:\Program Files [12/04/2018 00:38:20] - |RD| - [8184942706] - C:\Program Files (x86) [12/04/2018 00:38:20] - |HD| - [1559110218] - C:\ProgramData [02/02/2019 15:33:28] - |D| - [68685] - C:\QuickDiag [MD5.678DBD28484CCD2F5C7B157079357D46] - [02/02/2019 15:34:20] - |A| - (.-.) - [155990] - (0.0.0.0) - C:\QuickDiag.txt [27/07/2017 15:44:03] - |HD| - [3296236027] - C:\Recovery [MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/07/2017 15:10:56] - |ASH| - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys [27/07/2017 15:10:45] - |SHD| - [0] - C:\System Volume Information [11/04/2018 22:04:33] - |RD| - [6560692542] - C:\Users [11/04/2018 22:04:33] - |D| - [28402353448] - C:\Windows ---------- | C:\WINDOWS [12/04/2018 00:38:20] - |D| - [802] - C:\WINDOWS\addins [12/04/2018 00:38:20] - |D| - [12592358] - C:\WINDOWS\appcompat [12/04/2018 00:38:20] - |D| - [8664266] - C:\WINDOWS\apppatch [12/04/2018 00:38:20] - |D| - [0] - C:\WINDOWS\AppReadiness [MD5.D41D8CD98F00B204E9800998ECF8427E] - [25/05/2017 08:22:13] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\Ascd_err.ini [MD5.1DB9D721DB40609808FC2F5C5487AE97] - [25/05/2017 08:22:13] - |A| - (.-.) - [1761] - (0.0.0.0) - C:\WINDOWS\Ascd_HDI_log.ini [MD5.631030CCDCCBA5C2A66A95F3C82450EF] - [25/05/2017 08:22:13] - |A| - (.-.) - [2207] - (0.0.0.0) - C:\WINDOWS\Ascd_log.ini [MD5.EB013CFAC8B29FA724CEEC016B922A91] - [25/05/2017 08:22:12] - |A| - (.-.) - [2144] - (0.0.0.0) - C:\WINDOWS\Ascd_tmp.ini [12/04/2018 00:38:20] - |RD| - [1149065146] - C:\WINDOWS\assembly [MD5.D53BE258BD477984B9E850C81858E6EE] - [25/05/2017 09:18:08] - |A| - (.-.) - [10] - (0.0.0.0) - C:\WINDOWS\ASUSBuildDate.txt [MD5.F860920BE83727D0D0D5348381C2220A] - [25/05/2017 08:22:10] - |A| - (.-.) - [64897] - (0.0.0.0) - C:\WINDOWS\As_Devcon_List.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/07/2017 16:20:02] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\As_FinalImage.tag [MD5.D8FE8296E20E6B03EE849EAA09921058] - [01/06/2018 23:40:41] - |A| - (.-.) - [20] - (0.0.0.0) - C:\WINDOWS\As_Office2016.tag [MD5.81051BCC2CF1BEDF378224B0A93E2877] - [27/07/2017 16:20:02] - |A| - (.-.) - [2] - (0.0.0.0) - C:\WINDOWS\As_PassAndCDEject.tag [MD5.81051BCC2CF1BEDF378224B0A93E2877] - [27/07/2017 15:43:21] - |A| - (.-.) - [2] - (0.0.0.0) - C:\WINDOWS\As_Process_Pass.tag [MD5.E81550AA0FCBC3D0DF026425BBC8C389] - [27/07/2017 16:18:04] - |A| - (.-.) - [18] - (0.0.0.0) - C:\WINDOWS\As_Sysprep_Success.tag [MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/07/2017 15:26:10] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\ativpsrm.bin [12/04/2018 00:38:20] - |D| - [720353] - C:\WINDOWS\bcastdvr [MD5.178BA90AA13F6F834E5C060DC923FB55] - [12/04/2018 00:34:02] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [67072] - (10.0.17134.1) - C:\WINDOWS\bfsvc.exe [12/04/2018 00:38:20] - |D| - [38332106] - C:\WINDOWS\Boot [MD5.1FEAAA22317FAD49700313659C0B6861] - [02/06/2018 18:44:33] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [12/04/2018 00:38:21] - |D| - [2456664] - C:\WINDOWS\Branding [MD5.79E27DE01549FACCD22F1898D172C7DC] - [15/06/2018 13:01:08] - |A| - (.-.) - [8051] - (0.0.0.0) - C:\WINDOWS\BRRBCOM.INI [12/04/2018 00:30:02] - |D| - [0] - C:\WINDOWS\CbsTemp [MD5.A155FFABF2F04265A97274CCAB44D773] - [12/04/2018 17:23:39] - |A| - (.-.) - [35138] - (0.0.0.0) - C:\WINDOWS\Core.xml [MD5.E109AFB685DD51488EAB854EF8B871CA] - [24/05/2017 16:22:50] - |A| - (.-.) - [12] - (0.0.0.0) - C:\WINDOWS\CSUP.txt [12/04/2018 00:38:21] - |D| - [11482410] - C:\WINDOWS\Cursors [12/04/2018 00:38:21] - |D| - [8259331] - C:\WINDOWS\debug [MD5.0E359EF178B73AAAE2C6D6AC11B4FE15] - [02/06/2018 21:00:37] - |A| - (.-.) - [11433] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [12/04/2018 00:38:21] - |D| - [4878147] - C:\WINDOWS\diagnostics [MD5.0E359EF178B73AAAE2C6D6AC11B4FE15] - [02/06/2018 21:00:37] - |A| - (.-.) - [11433] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [12/04/2018 17:18:37] - |D| - [0] - C:\WINDOWS\DigitalLocker [09/06/2018 14:09:03] - |D| - [0] - C:\WINDOWS\Downloaded Installations [12/04/2018 00:38:21] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files [12/04/2018 00:38:21] - |HD| - [59976] - C:\WINDOWS\ELAMBKUP [12/04/2018 17:18:37] - |D| - [96256] - C:\WINDOWS\en-US [MD5.E4A81EDDFF8B844D85C8B45354E4144E] - [12/07/2018 20:33:36] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3932672] - (10.0.17134.165) - C:\WINDOWS\explorer.exe [12/04/2018 00:38:21] - |RSD| - [486333232] - C:\WINDOWS\Fonts [12/04/2018 17:18:37] - |D| - [109568] - C:\WINDOWS\fr-FR [12/04/2018 00:38:21] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter [12/04/2018 00:38:21] - |D| - [47796020] - C:\WINDOWS\Globalization [MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/07/2017 15:09:59] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\HDT-Exit_Pass.tag [12/04/2018 00:38:21] - |D| - [1885170] - C:\WINDOWS\Help [MD5.FFD31D96B8D4BAB8B0F83E42B7430A54] - [12/07/2018 20:33:03] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1054720] - (10.0.17134.137) - C:\WINDOWS\HelpPane.exe [MD5.A50C9DF7603E2F1AEA6B54053794A326] - [12/04/2018 00:34:25] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [17920] - (10.0.17134.1) - C:\WINDOWS\hh.exe [12/04/2018 00:38:21] - |D| - [29869] - C:\WINDOWS\IdentityCRL [12/04/2018 00:38:21] - |D| - [28829590] - C:\WINDOWS\IME [12/04/2018 00:38:21] - |RD| - [8496633] - C:\WINDOWS\ImmersiveControlPanel [12/04/2018 00:36:48] - |D| - [55849037] - C:\WINDOWS\INF [12/04/2018 00:38:21] - |D| - [1604455993] - C:\WINDOWS\InfusedApps [12/04/2018 00:38:21] - |D| - [38137502] - C:\WINDOWS\InputMethod [12/04/2018 00:38:21] - |SHD| - [1109560293] - C:\WINDOWS\Installer [12/04/2018 00:38:21] - |D| - [94163] - C:\WINDOWS\L2Schemas [12/04/2018 00:38:21] - |HD| - [0] - C:\WINDOWS\LanguageOverlayCache [MD5.718FECF22BF4BD4FC05B79AA4BEC75D0] - [27/07/2017 15:41:05] - |A| - (.-.) - [1769] - (0.0.0.0) - C:\WINDOWS\Language_trs.ini [12/04/2018 00:38:21] - |D| - [1112135846] - C:\WINDOWS\LiveKernelReports [11/04/2018 22:04:39] - |D| - [33642279] - C:\WINDOWS\Logs [MD5.88CDB960D3AF44BECAFB89AB91C9B969] - [09/06/2018 15:51:11] - |A| - (.-.) - [97510] - (0.0.0.0) - C:\WINDOWS\LoiLoDownloadLogo2.ico [MD5.81051BCC2CF1BEDF378224B0A93E2877] - [24/05/2017 18:08:51] - |A| - (.-.) - [2] - (0.0.0.0) - C:\WINDOWS\M12.tag [12/04/2018 00:38:21] - |RSD| - [20486563] - C:\WINDOWS\media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [12/04/2018 00:34:36] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [12/04/2018 00:38:20] - |RD| - [808382185] - C:\WINDOWS\Microsoft.NET [12/04/2018 00:38:21] - |D| - [3135] - C:\WINDOWS\Migration [10/06/2018 07:21:55] - |D| - [0] - C:\WINDOWS\Minidump [12/04/2018 00:38:21] - |D| - [0] - C:\WINDOWS\ModemLogs [MD5.BB9A06B8F2DD9D24C77F389D7B2B58D2] - [12/04/2018 00:34:20] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [245760] - (10.0.17134.1) - C:\WINDOWS\notepad.exe [12/04/2018 17:22:25] - |D| - [199472] - C:\WINDOWS\OCR [MD5.EAF17BDEE13161F4861C9E024C50D6E0] - [24/05/2017 16:15:59] - |A| - (.-.) - [95] - (0.0.0.0) - C:\WINDOWS\OEMVer.txt [12/04/2018 00:38:21] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [02/06/2018 12:35:33] - |DC| - [181202707] - C:\WINDOWS\Panther [12/04/2018 00:38:21] - |D| - [365346] - C:\WINDOWS\Performance [MD5.0A44B39FF9A5E68AC24821EA36521E39] - [18/01/2019 08:17:34] - |A| - (.-.) - [8646] - (0.0.0.0) - C:\WINDOWS\PFRO.log [MD5.DA5287ADCB0232DB43A1A4F4F22A2FED] - [10/12/2017 21:45:52] - |A| - (.-.) - [2856] - (0.0.0.0) - C:\WINDOWS\PidVid_List.dll [MD5.E0DD162A1535B25ECDA67A9FA7CADD8A] - [27/07/2017 15:32:43] - |A| - (.-.) - [4148] - (0.0.0.0) - C:\WINDOWS\PidVid_List.txt [12/04/2018 00:38:21] - |D| - [1283900] - C:\WINDOWS\PLA [12/04/2018 00:38:21] - |D| - [3514778] - C:\WINDOWS\PolicyDefinitions [02/06/2018 20:26:02] - |D| - [48718755] - C:\WINDOWS\Prefetch [12/04/2018 00:38:21] - |RD| - [1965014] - C:\WINDOWS\PrintDialog [MD5.09394999ADB19901C665454EE964B13C] - [02/06/2018 12:31:38] - |A| - (.-.) - [36] - (0.0.0.0) - C:\WINDOWS\progress.ini [12/04/2018 00:38:21] - |D| - [5264960] - C:\WINDOWS\Provisioning [MD5.AC91328EE5CFFBD695CE912F75F876F6] - [12/04/2018 00:34:34] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [336384] - (10.0.17134.1) - C:\WINDOWS\regedit.exe [12/04/2018 00:38:21] - |D| - [1095144] - C:\WINDOWS\registration [12/04/2018 00:38:21] - |D| - [25129888] - C:\WINDOWS\rescache [12/04/2018 00:38:21] - |D| - [3801461] - C:\WINDOWS\Resources [MD5.38BDC839A512C24C06AE1B9B1F3C702C] - [10/12/2017 21:45:52] - |A| - (.-.) - [37100] - (0.0.0.0) - C:\WINDOWS\rlt8723a_chip_bt40_fw_asic_rom_patch.dll [MD5.A9E267A2BBE5AAF03120D3541C709E70] - [11/12/2017 01:52:40] - |A| - (.Realtek All Rights Reserved - Realtek Bluetooth BTDevManager Service Application.) - [281536] - (1.1.10.1) - C:\WINDOWS\RtkBtManServ.exe [MD5.626FAEEF47E9EA3F083DAD71F2C09806] - [10/12/2017 21:45:52] - |A| - (.-.) - [51076] - (0.0.0.0) - C:\WINDOWS\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.CB479E01844F20377242D2080A39944A] - [10/12/2017 21:45:52] - |A| - (.-.) - [51024] - (0.0.0.0) - C:\WINDOWS\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new_s1.dll [MD5.92E02856B5B02E6F89FAA7B0A16BF1C2] - [10/12/2017 21:45:52] - |A| - (.-.) - [55388] - (0.0.0.0) - C:\WINDOWS\rtl8723d_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.07E4994E72FED39A602F24A18AA0E4CC] - [10/12/2017 21:45:52] - |A| - (.-.) - [74188] - (0.0.0.0) - C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192ee_new.dll [MD5.2D99BC837D361D1B8ECD0D3B65E56B35] - [10/12/2017 21:45:52] - |A| - (.-.) - [47408] - (0.0.0.0) - C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192eu_new.dll [MD5.32001EBEEAF3787B658DDBC5AC099742] - [10/12/2017 21:45:52] - |A| - (.-.) - [51432] - (0.0.0.0) - C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8812ae_new.dll [MD5.4742C6D48C0B9A5B4E6A92B68FB555F8] - [10/12/2017 21:45:52] - |A| - (.-.) - [51168] - (0.0.0.0) - C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8814ae_new.dll [MD5.1D5BA0DC09E49019E487508278FD470D] - [10/12/2017 21:45:52] - |A| - (.-.) - [64412] - (0.0.0.0) - C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.7C1D7A63CADA7523C0C4CAFF720A1D63] - [10/12/2017 21:45:52] - |A| - (.-.) - [38120] - (0.0.0.0) - C:\WINDOWS\rtl8821a_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.72115A2C49BEFA555C4E136C3004EB94] - [10/12/2017 21:45:52] - |A| - (.-.) - [42856] - (0.0.0.0) - C:\WINDOWS\rtl8821c_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.C1F0FFBB0E117EB446D740F140029CF4] - [10/12/2017 21:45:52] - |A| - (.-.) - [47152] - (0.0.0.0) - C:\WINDOWS\rtl8822b_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.429D9EEB1DA2386625DF4601CC1C875A] - [27/07/2017 15:27:12] - |A| - (.Copyright (C) 2015 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2825944] - (1.0.6.5) - C:\WINDOWS\RtlExUpd.dll [MD5.9679FDB1F780A1919484726AD0371099] - [25/05/2017 08:26:54] - |A| - (.-.) - [792] - (0.0.0.0) - C:\WINDOWS\scd.ini [12/04/2018 00:38:21] - |D| - [0] - C:\WINDOWS\SchCache [12/04/2018 00:38:21] - |D| - [122082] - C:\WINDOWS\schemas [12/04/2018 00:38:21] - |D| - [6057496] - C:\WINDOWS\security [02/06/2018 18:42:09] - |D| - [1025422641] - C:\WINDOWS\ServiceProfiles [12/04/2018 00:38:21] - |D| - [0] - C:\WINDOWS\ServiceState [11/04/2018 22:04:33] - |D| - [222009768] - C:\WINDOWS\servicing [12/04/2018 00:41:20] - |D| - [349] - C:\WINDOWS\Setup [MD5.C22CA727CD384DA018757DD86752DCFF] - [31/01/2019 17:08:38] - |A| - (.-.) - [617] - (0.0.0.0) - C:\WINDOWS\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [31/01/2019 17:08:38] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\setuperr.log [12/04/2018 00:38:21] - |D| - [6443008] - C:\WINDOWS\ShellComponents [12/04/2018 00:38:21] - |D| - [53632512] - C:\WINDOWS\ShellExperiences [12/04/2018 17:19:39] - |D| - [3070736] - C:\WINDOWS\SKB [01/06/2018 22:51:07] - |D| - [606937656] - C:\WINDOWS\SoftwareDistribution [12/04/2018 00:38:21] - |D| - [86039745] - C:\WINDOWS\Speech [12/04/2018 00:38:21] - |D| - [63476142] - C:\WINDOWS\Speech_OneCore [MD5.8D59B31FF375059E3C32B17BF31A76D5] - [12/04/2018 00:34:41] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [130560] - (10.0.17134.1) - C:\WINDOWS\splwow64.exe [12/04/2018 00:38:21] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [16/07/2016 12:47:50] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [11/04/2018 22:04:33] - |D| - [5959389923] - C:\WINDOWS\System32 [12/04/2018 00:38:21] - |D| - [226381819] - C:\WINDOWS\SystemApps [12/04/2018 00:38:21] - |D| - [27070261] - C:\WINDOWS\SystemResources [11/04/2018 22:04:41] - |D| - [1598206292] - C:\WINDOWS\SysWOW64 [12/04/2018 00:38:21] - |D| - [0] - C:\WINDOWS\TAPI [16/07/2016 12:47:48] - |D| - [220] - C:\WINDOWS\Tasks [27/07/2017 15:35:41] - |D| - [21007] - C:\WINDOWS\tbaseregistry [12/04/2018 00:38:21] - |D| - [2322422] - C:\WINDOWS\Temp [12/04/2018 00:38:21] - |D| - [13610496] - C:\WINDOWS\TextInput [12/04/2018 00:38:21] - |D| - [0] - C:\WINDOWS\tracing [12/04/2018 00:38:21] - |D| - [14433229] - C:\WINDOWS\twain_32 [MD5.076387B253E6A381090F59EDBFC5EEF6] - [12/04/2018 00:34:53] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [65536] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [02/06/2018 09:22:47] - |SD| - [0] - C:\WINDOWS\UpdateAssistantV2 [12/04/2018 00:38:21] - |D| - [12420] - C:\WINDOWS\Vss [11/04/2018 22:04:37] - |D| - [25818] - C:\WINDOWS\WaaS [12/04/2018 00:38:21] - |D| - [25558522] - C:\WINDOWS\Web [MD5.23CF8138F49416231807E6DE371FB9E6] - [16/07/2016 12:47:50] - |A| - (.-.) - [92] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [12/04/2018 00:34:36] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.2CC83D93DD1DDE691158CF5E9882420B] - [15/01/2019 00:29:42] - |A| - (.-.) - [276] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.EE1F0DE1ED3E8A5BF080B3497049969E] - [12/04/2018 00:34:52] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.17134.1) - C:\WINDOWS\winhlp32.exe [MD5.0A34066D56D57C0DA73BFFC1E4169FF2] - [31/01/2019 17:10:41] - |A| - (.-.) - [85] - (0.0.0.0) - C:\WINDOWS\wininit.ini [11/04/2018 22:04:33] - |D| - [11586345504] - C:\WINDOWS\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [12/04/2018 00:33:56] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.5266C61652051E9EF3A4D199001F6B17] - [12/04/2018 00:34:19] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.17134.1) - C:\WINDOWS\write.exe [MD5.4F2898A080E9DE4663146F18C82D6C83] - [04/06/2018 08:40:00] - |A| - (.-.) - [1409] - (0.0.0.0) - C:\WINDOWS\wwsetup.for [MD5.9004995037A27F6AD5B7F57941474A85] - [04/06/2018 08:40:00] - |A| - (.-.) - [79720] - (0.0.0.0) - C:\WINDOWS\wwsetup.ttf ---------- | C:\WINDOWS\System32\GroupPolicy [11/06/2018 12:55:45] - |D| - [0] - C:\WINDOWS\System32\GroupPolicy\Machine ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [20/09/2018 21:17:40] - C:\WINDOWS\Installer\18d5228.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/11/2018 17:14:52] - C:\WINDOWS\Installer\23ff3054.msi : (Installer for Inkscape vector graphics editor - Inkscape project) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/12/2018 18:45:08] - C:\WINDOWS\Installer\2597432.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/11/2016 05:04:32] - C:\WINDOWS\Installer\3209d.msi : (Device Setup - ASUSTek COMPUTER INC.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:43:46] - C:\WINDOWS\Installer\32966.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:50:40] - C:\WINDOWS\Installer\3296b.msi : (AMD Catalyst Install Manager Installer (64 bit) - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/08/2013 16:25:16] - C:\WINDOWS\Installer\3296f.msi : (Branding - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:38:40] - C:\WINDOWS\Installer\32973.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:38:52] - C:\WINDOWS\Installer\32977.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:39:04] - C:\WINDOWS\Installer\3297b.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:39:18] - C:\WINDOWS\Installer\3297f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:39:30] - C:\WINDOWS\Installer\32983.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:39:42] - C:\WINDOWS\Installer\32987.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:39:54] - C:\WINDOWS\Installer\3298b.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:40:06] - C:\WINDOWS\Installer\3298f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:40:20] - C:\WINDOWS\Installer\32993.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:40:30] - C:\WINDOWS\Installer\32997.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:40:42] - C:\WINDOWS\Installer\3299b.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:40:56] - C:\WINDOWS\Installer\3299f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:41:08] - C:\WINDOWS\Installer\329a3.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:41:22] - C:\WINDOWS\Installer\329a7.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:41:34] - C:\WINDOWS\Installer\329ab.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:41:48] - C:\WINDOWS\Installer\329af.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:42:04] - C:\WINDOWS\Installer\329b3.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:42:18] - C:\WINDOWS\Installer\329b7.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:42:34] - C:\WINDOWS\Installer\329bb.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:42:50] - C:\WINDOWS\Installer\329bf.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:43:04] - C:\WINDOWS\Installer\329c3.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:43:18] - C:\WINDOWS\Installer\329c7.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:43:34] - C:\WINDOWS\Installer\329cb.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:44:20] - C:\WINDOWS\Installer\329cf.msi : (Catalyst Control Center Utility 64 - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2015 08:38:24] - C:\WINDOWS\Installer\329d4.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/07/2017 15:29:54] - C:\WINDOWS\Installer\329dd.msi : (AudioWizard - ICEpower a/s) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/07/2017 15:31:13] - C:\WINDOWS\Installer\329e3.msi : (Asmedia USB Host Controller Driver - Asmedia Technology) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/06/2018 14:08:48] - C:\WINDOWS\Installer\32ba6be.msi : (SILKYPIX Developer Studio 3.1 SE - Ichikawa Soft Laboratory) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/03/2018 06:20:41] - C:\WINDOWS\Installer\6355d3.msi : (Panda Cloud Antivirus - Panda Security) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/07/2016 10:07:57] - C:\WINDOWS\Installer\6355d8.msi : (Panda Devices Agent - Panda Security) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/04/2015 06:45:21] - C:\WINDOWS\Installer\bb353f.msi : (AppLogLibSetup - Brother Industries Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/04/2015 06:45:32] - C:\WINDOWS\Installer\bb3544.msi : (Brother Printer Driver - Brother Industries Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/04/2015 06:45:24] - C:\WINDOWS\Installer\bb3549.msi : (Brother Scanner Driver - Brother Industries Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/04/2015 06:45:41] - C:\WINDOWS\Installer\bb354e.msi : (ControlCenter4 - Brother Insutries Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/04/2015 06:45:59] - C:\WINDOWS\Installer\bb3553.msi : (StatusMonitor - Brother Insutries Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/04/2015 06:45:26] - C:\WINDOWS\Installer\bb3558.msi : (BrotherHelpInstaller - Brother) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/04/2015 06:46:00] - C:\WINDOWS\Installer\bb355d.msi : (UsbRepairTool - Brother Insutries Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/04/2015 06:45:55] - C:\WINDOWS\Installer\bb3562.msi : (NetworkRepairTool - Brother Insutries Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/04/2015 06:45:24] - C:\WINDOWS\Installer\bb3567.msi : (BrLauncher - Brother Industries Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/04/2015 06:45:24] - C:\WINDOWS\Installer\bb356c.msi : (BrLogRx - Brother Industries Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/04/2015 06:45:58] - C:\WINDOWS\Installer\bb3571.msi : (ScannerUtilityInstaller - Brother) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/04/2015 06:45:55] - C:\WINDOWS\Installer\bb3576.msi : (DeviceDetect - Brother Industries Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/04/2015 06:45:33] - C:\WINDOWS\Installer\bb357b.msi : (BrSupportTools - Brother Industries Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/04/2015 06:45:55] - C:\WINDOWS\Installer\bb3580.msi : (HowToGuide - Brother Industries Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/03/2015 09:41:29] - C:\WINDOWS\Installer\beb0a.msi : ( - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [12/04/2018 00:33:56] - [3329] - C:\WINDOWS\System32\ieuinit.inf [02/06/2018 20:53:59] - [1774220] - C:\WINDOWS\System32\PerfStringBackup.INI [12/04/2018 00:34:33] - [60124] - C:\WINDOWS\System32\tcpmon.ini [12/04/2018 00:34:20] - [2404] - C:\WINDOWS\System32\WimBootCompress.ini [09/03/2015 10:17:54] - [114] - C:\WINDOWS\Syswow64\BRLMW03A.INI [12/04/2018 00:34:00] - [3329] - C:\WINDOWS\Syswow64\ieuinit.inf [07/10/2018 10:32:41] - [1795012] - C:\WINDOWS\Syswow64\PerfStringBackup.INI [09/06/2018 13:21:58] - [97] - C:\WINDOWS\Syswow64\PICSDK.ini [12/04/2018 00:34:49] - [2404] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:20] - [2.06 Ko] - C:\WINDOWS\AppPatch\Custom\Custom64 [MD5.A28F3A02106FF96A67FE5479E4CACCAA] - |A| - [31/01/2019 07:56:37] - (.-.) - [119 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190131-0756.log [MD5.12AF9401F7876AC2946699D134DFE16F] - |A| - [31/01/2019 11:20:43] - (.-.) - [3.15 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190131-1120.log [MD5.E8DCD19600A6AA76DF545D216D5D074C] - |A| - [31/01/2019 11:31:31] - (.-.) - [16.85 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190131-1131.log [MD5.C8BC3C986640B88C4072C03694434987] - |A| - [31/01/2019 11:36:29] - (.-.) - [10.25 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190131-1136.log [MD5.A64D839E1609EAB7B8214EE769BD9C71] - |A| - [31/01/2019 14:20:03] - (.-.) - [10.28 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190131-1420.log [MD5.5C35C378E424E5C5173EE915D98B13A4] - |A| - [31/01/2019 14:25:18] - (.-.) - [11.77 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190131-1425.log [MD5.89F85A0428A1B148A8831D3EC68C7CCB] - |A| - [31/01/2019 14:55:10] - (.-.) - [10.25 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190131-1455.log [MD5.CCAD1800933D6AF7F6ECBDA187C15481] - |A| - [31/01/2019 15:00:58] - (.-.) - [10.28 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190131-1500.log [MD5.23A764F74A2CCFD9A5F4EEB52557AD9B] - |A| - [31/01/2019 16:46:58] - (.-.) - [10.25 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190131-1646.log [MD5.B67791FE54C1050307602237C58F954D] - |A| - [31/01/2019 16:52:15] - (.-.) - [22.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190131-1652.log [MD5.44DEF9EB12C56C419804EC4675338904] - |A| - [31/01/2019 16:57:36] - (.-.) - [10.28 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190131-1657.log [MD5.BD0646C5A3EDA165178E6E26C46AA0EF] - |A| - [31/01/2019 17:07:33] - (.-.) - [11.34 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190131-1707.log [MD5.5371D18DBE5BE5479C911587AE36B14E] - |A| - [31/01/2019 17:25:58] - (.-.) - [10.64 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190131-1725.log [MD5.EC4AE63CC8737D63228A379C08D2B040] - |A| - [31/01/2019 18:47:55] - (.-.) - [11.33 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190131-1847.log [MD5.2B8FCE7433E6A8BF5666BC15C16A553D] - |A| - [31/01/2019 20:15:14] - (.-.) - [27.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190131-2015.log [MD5.9FE1B5EEEAE756A525E8A56EEBD94CBC] - |A| - [31/01/2019 20:20:22] - (.-.) - [11.33 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190131-2020.log [MD5.DA664CAAFB47EDD58E5D2A83FF24E43F] - |A| - [31/01/2019 20:26:41] - (.-.) - [11.83 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190131-2026.log [MD5.CC849381325D96DC1217E5FF237FC104] - |A| - [31/01/2019 20:31:57] - (.-.) - [11.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190131-2031.log [MD5.6426B91A5695E04A7D8CDB2B8E6FEA82] - |A| - [31/01/2019 21:00:37] - (.-.) - [11.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190131-2100.log [MD5.6DCAC0754337186BCB3A4A1AA19357D9] - |A| - [31/01/2019 21:05:53] - (.-.) - [11.76 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190131-2105.log [MD5.13EA41A54F86B63AEB6A02B01305DFCE] - |A| - [31/01/2019 21:36:30] - (.-.) - [11.83 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190131-2136.log [MD5.E036110A40E7802D17F90C70BD6D583E] - |A| - [01/02/2019 08:43:48] - (.-.) - [183.74 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190201-0843.log [MD5.E5F21BC141ADB4421D61473644A76375] - |A| - [01/02/2019 08:46:54] - (.-.) - [9.81 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190201-0846.log [MD5.9205641C778BCEF970C6A74E2F1603BD] - |A| - [01/02/2019 08:46:54] - (.-.) - [10.28 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190201-0846a.log [MD5.67859109A77E25E6E25704F4549E433B] - |A| - [01/02/2019 08:48:52] - (.-.) - [11.83 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190201-0848.log [MD5.F77662C8124F62067594C307870E0F57] - |A| - [01/02/2019 08:54:49] - (.-.) - [11.64 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190201-0854.log [MD5.C6B973372FE809B045957789B79D136A] - |A| - [01/02/2019 12:16:10] - (.-.) - [15.29 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190201-1216.log [MD5.C8132E35DF3D2E013DEAFE3FD6D696DE] - |A| - [01/02/2019 15:23:02] - (.-.) - [10.28 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190201-1523.log [MD5.E4E2FDE32C76AED2AC6D3377574D90C6] - |A| - [01/02/2019 15:45:27] - (.-.) - [11.81 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190201-1545.log [MD5.6C7932AD7A4B4FF399266C1AFC8D0888] - |A| - [01/02/2019 15:50:42] - (.-.) - [11.83 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190201-1550.log [MD5.8745A4F43846633C144953ADBDEA91A0] - |A| - [01/02/2019 18:45:11] - (.-.) - [11.71 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190201-1845.log [MD5.4441FDAD38A010678FE13EC08C381606] - |A| - [01/02/2019 18:49:53] - (.-.) - [11.28 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190201-1849.log [MD5.50C4F52541A15E50C7F539BE3BC3C59C] - |A| - [01/02/2019 21:19:54] - (.-.) - [11.3 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190201-2119.log [MD5.2E66697621E59164DC2149FD74FF3C8A] - |A| - [01/02/2019 21:25:09] - (.-.) - [11.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190201-2125.log [MD5.F628FC2B36CC10CE093C440824BFD927] - |A| - [02/02/2019 00:23:23] - (.-.) - [17.88 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190202-0023.log [MD5.39747AFF1A21F8DD2382904AC0EBBF9C] - |A| - [02/02/2019 00:28:29] - (.-.) - [11.89 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190202-0028.log [MD5.D7592D886E43016C9CB8CDEBC9F86197] - |A| - [02/02/2019 08:17:06] - (.-.) - [99.81 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190202-0817.log [MD5.CDE9CAFE5A7A6BCDEC8796DD35A0A2AB] - |A| - [02/02/2019 08:20:09] - (.-.) - [4.26 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190202-0820.log [MD5.ECCB3A5F470FED5D1310356DD99B9CFF] - |A| - [02/02/2019 08:20:09] - (.-.) - [10.28 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190202-0820a.log [MD5.E0C22EA14FA4EF3509E5C6D86F9B59EA] - |A| - [02/02/2019 08:22:11] - (.-.) - [12.18 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190202-0822.log [MD5.9A739DA292DE6292E2700277F11DD430] - |A| - [02/02/2019 08:29:31] - (.-.) - [10.66 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190202-0829.log [MD5.F497E2A3C2DF65A9B66C68D7CA3634AF] - |A| - [02/02/2019 08:34:47] - (.-.) - [11.83 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190202-0834.log [MD5.564100CF9062B8964EC0DD18DB01B976] - |A| - [02/02/2019 10:29:35] - (.-.) - [12.32 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190202-1029.log [MD5.32878241A6529CB180BC6C355D420EFD] - |A| - [02/02/2019 10:34:51] - (.-.) - [11.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190202-1034.log [MD5.B8310594C496157B8B3E639D4C458862] - |A| - [02/02/2019 13:45:23] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190202-1345.log [MD5.1BBC33902978B11209D9309DB51522C1] - |A| - [02/02/2019 13:50:43] - (.-.) - [16.69 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190202-1350.log [MD5.BA6E9E9F4EF294AB84691760007C04C1] - |A| - [02/02/2019 13:55:58] - (.-.) - [10.66 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190202-1355.log [MD5.6A281AA4EC5D0C3D5457C89AFECE41E2] - |A| - [02/02/2019 15:02:22] - (.-.) - [11.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190202-1502.log [MD5.C951F2F284E2D27B795F1B5937D59A58] - |A| - [02/02/2019 15:07:38] - (.-.) - [10.62 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CHAMBRE-20190202-1507.log [MD5.00000000000000000000000000000000] - |D| - [02/02/2019 14:22:12] - [0 Ko] - C:\WINDOWS\Temp\cteng_ccpd [MD5.00000000000000000000000000000000] - |D| - [02/02/2019 15:25:03] - [0 Ko] - C:\WINDOWS\Temp\DiagOutputDir [MD5.7450808C301802173379D59A3F11D7D9] - |A| - [31/01/2019 11:02:20] - (.-.) - [18.03 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\HighPerformancePlan.log [MD5.00000000000000000000000000000000] - |D| - [31/01/2019 09:02:01] - [1171.6 Ko] - C:\WINDOWS\Temp\is-EPISE.tmp [MD5.00000000000000000000000000000000] - |D| - [31/01/2019 09:02:01] - [6 Ko] - C:\WINDOWS\Temp\is-UTAU7.tmp [MD5.40F8671C555B11DF115460D6F5D9CABE] - |A| - [31/01/2019 17:15:10] - (.-.) - [26.27 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpCmdRun.log [MD5.73ACD27CC10398D17A6462CD76438213] - |A| - [02/02/2019 08:22:42] - (.-.) - [14.63 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpSigStub.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [31/01/2019 20:00:03] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\obu73B3.tmp [MD5.3C47EBB8765426B9F9EA1692A6919E94] - |A| - [31/01/2019 20:00:04] - (.-.) - [4.63 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\obu7951.tmp [MD5.51614A770DCFF55D93B80B05D3EEE74D] - |A| - [31/01/2019 20:00:04] - (.-.) - [75.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\obu7962.tmp [MD5.3393426BE4F5256BF1A2885361FD4A5D] - |A| - [31/01/2019 20:00:04] - (.-.) - [13.03 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\obu7963.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [31/01/2019 20:10:20] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\obuDDA0.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [31/01/2019 20:10:20] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\obuDE5D.tmp [MD5.B113CDC0DD4C524FA50C593A270F63F3] - |A| - [31/01/2019 20:10:25] - (.-.) - [4.64 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\obuF07E.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [02/02/2019 08:17:06] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\officeclicktorun.exe_streamserver(20190202081706FFC).log [MD5.38ECDEDFF4CEB5EB378BE3B51584C4CC] - |A| - [31/01/2019 11:02:18] - (.-.) - [0.1 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\PowerPlan.log [MD5.F2EBDC110B7EF6E27807EEDE4B74ED6E] - |A| - [31/01/2019 09:19:43] - (.-.) - [1.34 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\TEMP_CLOUD_FILE_XML_199282822 [MD5.84FF5882BDFB51E8E4A7404EFDC96992] - |A| - [31/01/2019 16:52:41] - (.-.) - [14.94 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\TmpE704.tmp [MD5.321913EE425A1401D210AA9241FD5CD6] - |A| - [31/01/2019 09:00:53] - (.-.) - [45.09 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\TSpybotUpdaterThread.log [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:18:38] - [0 Ko] - C:\WINDOWS\System32\0409 [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [12/04/2018 00:34:20] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [12/04/2018 00:34:07] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@BackgroundAccessToastIcon.png [MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [12/04/2018 00:34:25] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@bitlockertoastimage.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [12/04/2018 00:34:14] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@EnrollmentToastIcon.png [MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [12/04/2018 00:34:27] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@language_notification_icon.png [MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [12/04/2018 00:34:32] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@optionalfeatures.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [12/04/2018 00:34:33] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@VpnToastIcon.png [MD5.7AC3EA1A5175106ED6467FF0C5315541] - |A| - [12/04/2018 00:34:44] - (.-.) - [14.75 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WiFiNotificationIcon.png [MD5.79166EAF65485F1432DD72B72870026B] - |A| - [12/04/2018 00:34:04] - (.-.) - [190.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@windows-hello-V4.1.gif [MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [12/04/2018 00:34:04] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsHelloFaceToastIcon.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [12/04/2018 00:33:53] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-black.png [MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [12/04/2018 00:33:53] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-white.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [12/04/2018 00:33:53] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [12/04/2018 00:34:20] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WirelessDisplayToast.png [MD5.D0FCF781D0801ABF5F74B54E98076A5B] - |A| - [12/04/2018 00:34:12] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanNotificationIcon.png [MD5.85D91E478AF18125007C531227FF6E59] - |A| - [12/04/2018 00:34:12] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanSimLockIcon.png [MD5.F2CF417EF502555B139EDCD9FEBF9CD3] - |A| - [27/07/2017 15:28:38] - (.-.) - [107.27 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AcpiServiceVnA64.dll [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 22:04:39] - [2891.9 Ko] - C:\WINDOWS\System32\AdvancedInstallers [MD5.8330AD388F2A6A036DE0B36812B303D5] - |A| - [24/04/2017 04:50:35] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon AMD AVE Driver Component.) - [105.26 Ko] - (8.4.6.0) - C:\WINDOWS\System32\amdave64.dll [MD5.47ED16DA806EDC944F87A8BF3209FA3D] - |A| - [24/04/2017 04:50:35] - (.-.) - [163.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amde31a.dat [MD5.E3F0E6D4F450D73A5C114770C9405EA2] - |A| - [24/04/2017 04:50:35] - (.-.) - [200 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdgfxinfo64.dll [MD5.2852182EBEE311D00079F3C8E33D2DEE] - |A| - [24/04/2017 04:50:35] - (.Copyright (C) 2013 - Universal Adapter for Adobe.) - [138.47 Ko] - (1.0.0.1) - C:\WINDOWS\System32\amdhcp64.dll [MD5.D28A70F741CD6E8723D369A8DCB05552] - |A| - [24/04/2017 04:50:35] - (.-.) - [131.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdhdl64.dll [MD5.E7129DD863D220A38F5603AC3F8A501E] - |A| - [24/04/2017 04:50:35] - (.-.) - [811.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdicdxx.dat [MD5.672A020FF8D365B9571A045985F40664] - |A| - [24/04/2017 04:50:35] - (.-.) - [447.73 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdmiracast.dll [MD5.EE03567AE78F598AF39D9A0409E82C59] - |A| - [24/04/2017 04:50:35] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MMOCL Universal Driver.) - [49.5 Ko] - (1.6.0.0) - C:\WINDOWS\System32\amdmmcl6.dll [MD5.9A3B06D30A72E32646ABE116065D8540] - |A| - [24/04/2017 04:50:37] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD COMPILER OpenCL 1.1 Compiler.) - [26890.5 Ko] - (0.8.0.0) - C:\WINDOWS\System32\amdocl12cl64.dll [MD5.EFA67BC9662F389EE9A37D6212D0BC28] - |A| - [24/04/2017 04:50:37] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 2.0 Runtime.) - [46663.5 Ko] - (10.0.1800.7) - C:\WINDOWS\System32\amdocl64.dll [MD5.ECC9D68F5BEF5CD67BE2D2F758661980] - |A| - [24/04/2017 04:50:41] - (.-.) - [1159.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdocl_as64.exe [MD5.DD3E0FE46F9AB3F9A339F4DD3B2B2E4C] - |A| - [24/04/2017 04:50:41] - (.-.) - [1037.01 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdocl_ld64.exe [MD5.369A3688F28FAF74641232F73ADD75E6] - |A| - [24/04/2017 04:50:42] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [76.59 Ko] - (8.14.10.23) - C:\WINDOWS\System32\amdpcom64.dll [MD5.D4FDA6EF84B27BA99D0C6009A327CC8C] - |A| - [24/04/2017 04:50:34] - (.Copyright (c) 2013 - 2015 Advanced Micro Devices, Inc. - amdumcsp dll.) - [89.52 Ko] - (2.21.0.0) - C:\WINDOWS\System32\amdumcsp.dll [MD5.0524EE7441E0326B8A3315AAAAFDBBF5] - |A| - [24/04/2017 04:50:42] - (.Copyright (C) 2014-2015 AMD Inc. - amdxc64.dll.) - [8889 Ko] - (8.18.10.40) - C:\WINDOWS\System32\amdxc64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0 Ko] - C:\WINDOWS\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [2576.89 Ko] - C:\WINDOWS\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [345.5 Ko] - C:\WINDOWS\System32\ar-SA [MD5.B4F803BBEAFAD4DE89C6D3718E93F4F0] - |A| - [12/04/2018 00:34:15] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [602 Ko] - (3.3.2.0) - C:\WINDOWS\System32\archiveint.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30.5 Ko] - C:\WINDOWS\System32\as-IN [MD5.B1555FC60CE75FCF44C084B7930F020C] - |A| - [24/04/2017 04:50:42] - (.Copyright (C) 2008-2014 Advanced Micro Devices, Inc. - ADL.) - [1218.5 Ko] - (7.15.20.1301) - C:\WINDOWS\System32\atiadlxx.dll [MD5.D303D90C05B52F874357AD47ADFF13E1] - |A| - [24/04/2017 04:50:42] - (.-.) - [645.42 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atiapfxx.blb [MD5.C66FB1654B3D716D140B78CAE5B37F66] - |A| - [24/04/2017 04:50:42] - (.Copyright (C) 2009 Advanced Micro Devices, Inc. - atiapfxx Application.) - [358.5 Ko] - (6.14.10.1001) - C:\WINDOWS\System32\atiapfxx.exe [MD5.6E83FC0E5134245A57D2F6510FBB4A86] - |A| - [24/04/2017 04:50:42] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [54.5 Ko] - (6.14.10.1848) - C:\WINDOWS\System32\aticalcl64.dll [MD5.EB05E375FE9EA84A5044FB94959182BD] - |A| - [24/04/2017 04:50:42] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [15348.5 Ko] - (6.14.10.1848) - C:\WINDOWS\System32\aticaldd64.dll [MD5.E24A6A55D23A8F53A165B3B4DB7FAABB] - |A| - [24/04/2017 04:50:43] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [61 Ko] - (6.14.10.1848) - C:\WINDOWS\System32\aticalrt64.dll [MD5.2AD5F7384AED05194C37C4407944610C] - |A| - [24/04/2017 04:50:43] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx64.dll.) - [1408.83 Ko] - (8.17.10.1401) - C:\WINDOWS\System32\aticfx64.dll [MD5.A30F2D6A9129EB12D00FFB1444466CE5] - |A| - [24/04/2017 04:50:43] - (.2002-2012 - Graphics DEM.) - [432 Ko] - (4.5.5665.36486) - C:\WINDOWS\System32\atidemgy.dll [MD5.DAF01E05601363D7CB62D33FAD518166] - |A| - [24/04/2017 04:50:43] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx64.dll.) - [11665.13 Ko] - (8.17.10.625) - C:\WINDOWS\System32\atidxx64.dll [MD5.4975455DA8E7C4CCEE70E5407A680AB0] - |A| - [24/04/2017 04:50:43] - (.-.) - [156.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atieah64.exe [MD5.47EC0CF260FD2DF60C18A90146BE1402] - |A| - [24/04/2017 04:50:43] - (.Copyright © 2008-2009 AMD - AMD External Events Client Module.) - [656.5 Ko] - (6.14.11.1199) - C:\WINDOWS\System32\atieclxx.exe [MD5.DAAB3D59C97881214353F8B16B3AA22F] - |A| - [24/04/2017 04:50:43] - (.Copyright © 2008-2009 AMD - AMD External Events Service Module.) - [240 Ko] - (6.14.11.1199) - C:\WINDOWS\System32\atiesrxx.exe [MD5.E87658EA9D0C3349DD4E51C9D61F9340] - |A| - [24/04/2017 04:50:43] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [73.5 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\atig6pxx.dll [MD5.71BB871122409F36EEF7D8638D7B9053] - |A| - [24/04/2017 04:50:43] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [153 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\atig6txx.dll [MD5.E924E0A50514739BCB6CCD1DA3596EFB] - |A| - [24/04/2017 04:50:43] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [68 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\atiglpxx.dll [MD5.079EFFD5BECB418FE6596229B28D7324] - |A| - [24/04/2017 04:50:43] - (.-.) - [720.13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atiicdxx.dat [MD5.9ADC057BEB61492C68D2058C1F24C368] - |A| - [24/04/2017 04:50:43] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [76.59 Ko] - (8.14.10.23) - C:\WINDOWS\System32\atimpc64.dll [MD5.FA7C71D8C8EBEDD08E82682BC0B541E5] - |A| - [24/04/2017 04:50:43] - (.Copyright ? 2009 AMD - Multi-language DPPE DLL.) - [29 Ko] - (6.14.10.1002) - C:\WINDOWS\System32\atimuixx.dll [MD5.6B41D8E9AC5C55BBE5FC4ACE6A6C87A4] - |A| - [24/04/2017 04:50:43] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [30029.5 Ko] - (6.14.10.13397) - C:\WINDOWS\System32\atio6axx.dll [MD5.A6BAAA6608A9B00220E9D5C023FC53D1] - |A| - [24/04/2017 04:50:44] - (.Copyright (C) 2008 - ATIODCLI Application.) - [50 Ko] - (1.0.0.1) - C:\WINDOWS\System32\ATIODCLI.exe [MD5.463FFBD3350E3EB57F7D5746EBD233CA] - |A| - [24/04/2017 04:50:44] - (.Copyright (C) 2008 - ATIODE Application.) - [325 Ko] - (1.0.0.1) - C:\WINDOWS\System32\ATIODE.exe [MD5.33C09F02E02909C79BF726D3CF2DF46F] - |A| - [24/04/2017 04:50:44] - (.Copyright (c) 2010 Advanced Micro Devices, Inc. - Radeon spu api dll.) - [87 Ko] - (7.1.0.1) - C:\WINDOWS\System32\atisamu64.dll [MD5.B063AECF5CF3F6E8E0BF4625F2DA4C97] - |A| - [24/04/2017 04:50:44] - (.Copy Right © 2012 Advanced Micro Devices, Inc - TMM Clone Control Module.) - [186.5 Ko] - (6.14.11.25) - C:\WINDOWS\System32\atitmm64.dll [MD5.803B29AD74B6BABE914AFAC160E2B470] - |A| - [24/04/2017 04:50:44] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [117.33 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\atiu9p64.dll [MD5.3AD64A464E9D8973B080993A5AD2270F] - |A| - [24/04/2017 04:50:44] - (.Copyright (C) 1998-2011 AMD Inc. - atiumd64.dll.) - [8580.12 Ko] - (9.14.10.1128) - C:\WINDOWS\System32\atiumd64.dll [MD5.24B60C0D5544D18408FEE1445D021C8E] - |A| - [24/04/2017 04:50:44] - (.-.) - [3357.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atiumd6a.cap [MD5.79942BC2D784F9549AF682FB80D22788] - |A| - [24/04/2017 04:50:44] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [8683.73 Ko] - (8.14.10.513) - C:\WINDOWS\System32\atiumd6a.dll [MD5.0129FF6C835B244DA9D96821F010EE1C] - |A| - [24/04/2017 04:50:45] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [148.49 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\atiuxp64.dll [MD5.882F611E60B50298FBA1D01286B9EAB5] - |A| - [24/04/2017 04:50:45] - (.-.) - [98.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativce02.dat [MD5.BB61FA3E859ACCC43A1077FF83775979] - |A| - [24/04/2017 04:50:45] - (.-.) - [165.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativce03.dat [MD5.5EBC73A78E5903E7CE6F6B25E4A6BE8F] - |A| - [24/04/2017 04:50:45] - (.-.) - [228.93 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_cik.dat [MD5.C55D2CBC17AAE1FBAC9135E7C31A4D31] - |A| - [24/04/2017 04:50:45] - (.-.) - [227.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_cik_nd.dat [MD5.0770A5AB5218E6D3134A7A7239B9A216] - |A| - [24/04/2017 04:50:45] - (.-.) - [249.81 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_cz_nd.dat [MD5.A81F68A0D3387A06182EFA3880D3F0BD] - |A| - [24/04/2017 04:50:45] - (.-.) - [245 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_FJ.dat [MD5.7EE8F6853798F7A900DB15F3054A0277] - |A| - [24/04/2017 04:50:45] - (.-.) - [243.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_FJ_nd.dat [MD5.11355CAC5334C8999211C09CAAE194EF] - |A| - [24/04/2017 04:50:45] - (.-.) - [315.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_vi.dat [MD5.3544D6AF6E0C9783C2CF6FA9CE42D520] - |A| - [24/04/2017 04:50:45] - (.-.) - [313.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_vi_nd.dat [MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [24/04/2017 04:50:45] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [24/04/2017 04:50:45] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvsvl.dat [MD5.8113D6E1884940FC3F9DED886B364A1E] - |A| - [27/07/2017 15:28:38] - (.-.) - [94.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\audioLibVc.dll [MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [12/04/2018 00:34:04] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AverageRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30 Ko] - C:\WINDOWS\System32\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29.5 Ko] - C:\WINDOWS\System32\be-BY [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [345.5 Ko] - C:\WINDOWS\System32\bg-BG [MD5.705628497C0012302212A46ADD463E6E] - |A| - [12/04/2018 00:34:02] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-black.png [MD5.F63C615733A3337BF2BEA96C6EE9B568] - |A| - [12/04/2018 00:34:02] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-high.png [MD5.705628497C0012302212A46ADD463E6E] - |A| - [12/04/2018 00:34:02] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-white.png [MD5.DAF1DCB4AEE839A1965F4CC160C49A53] - |A| - [12/04/2018 00:34:02] - (.-.) - [8.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.png [MD5.28ECA83D7F9D10D69E969675D1FF6725] - |A| - [12/04/2018 00:34:02] - (.-.) - [1.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.contrast-white.png [MD5.A620186FF1CDE4EE117FC4CAD648B9CC] - |A| - [12/04/2018 00:34:02] - (.-.) - [1.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28.5 Ko] - C:\WINDOWS\System32\bn-BD [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29.5 Ko] - C:\WINDOWS\System32\bn-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [4933.06 Ko] - C:\WINDOWS\System32\Boot [MD5.0786C97816F10804015A24878E49E2C9] - |A| - [09/03/2015 00:01:00] - (.(C) 1993 - 2015 Brother Industries, Ltd. - Printer Driver CoInstaller.) - [222.5 Ko] - (1.1.0.0) - C:\WINDOWS\System32\BRCOI15C.DLL [MD5.1719A58DC4127FA80F62A94494947568] - |A| - [08/09/2011 17:36:24] - (.Copyright(C) 2008-2011 Brother Industries, Ltd. - Scanning module for Brother Scanner.) - [272.5 Ko] - (1.0.10.3) - C:\WINDOWS\System32\BrJDec.dll [MD5.BA2D361004CD72704F455588046EB2A8] - |A| - [15/06/2018 13:01:20] - (.Copyright (C) 2002-2013 Brother Industries, Ltd. - Brother Network Sti Interface DLL(for 64Bit).) - [85 Ko] - (2.0.17.1) - C:\WINDOWS\System32\BrNetSti.dll [MD5.9FEBD6175D30D7BD39955C40A04B6CC7] - |A| - [15/06/2018 13:01:20] - (.Copyright (C) 2003-2013 Brother Industries,Ltd - Language DLL for Brother Network Scanner.) - [63.5 Ko] - (1.23.2.2) - C:\WINDOWS\System32\Brnsplg.dll [MD5.E3370E3143ED1FB77D356F688F2EBB2A] - |A| - [15/06/2018 13:01:20] - (.-.) - [140 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BrSNMP64.dll [MD5.8AB94FEF1080DF788A309A9DAFCBECDF] - |A| - [24/02/2014 11:34:54] - (.Copyright (C) Brother Industries. 1996-2014 - Brother MFC WIA minidriver(for 64Bit).) - [1409 Ko] - (3.20.4.4) - C:\WINDOWS\System32\BrWi213b.dll [MD5.71A9203B7A92A7EABE497CA58A9CDA78] - |A| - [15/06/2018 13:01:20] - (.Copyright (C) 2002-2013 Brother Industries,Ltd. - Brother Network Scanner Property UI DLL(for 64Bit).) - [58.5 Ko] - (1.17.1.1) - C:\WINDOWS\System32\BrWiaNCp.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28.5 Ko] - C:\WINDOWS\System32\bs-Latn-BA [MD5.06DB0A736F8A78151518276F232669FC] - |A| - [12/04/2018 00:34:19] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [181 Ko] - (1.0.0.1) - C:\WINDOWS\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0.1 Ko] - C:\WINDOWS\System32\Bthprops [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30.5 Ko] - C:\WINDOWS\System32\ca-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [31 Ko] - C:\WINDOWS\System32\ca-ES-valencia [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 22:04:33] - [107844.26 Ko] - C:\WINDOWS\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [120228.06 Ko] - C:\WINDOWS\System32\catroot2 [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [23 Ko] - C:\WINDOWS\System32\chr-CHER-US [MD5.FD190EE8FA9786C09AAA4B459A7B79EA] - |A| - [24/04/2017 04:50:45] - (.-.) - [229.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\clinfo.exe [MD5.E9B37F74FF5AB362BEFD3B8FCE6752D0] - |A| - [07/06/2018 14:39:27] - (.-.) - [275 Ko] - (2.2.0.94) - C:\WINDOWS\System32\cncs232.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [3700.9 Ko] - C:\WINDOWS\System32\CodeIntegrity [MD5.4A794C8BAA0D43B22EAFE9AEE4963E02] - |A| - [24/04/2017 04:50:45] - (.AMD. - CoInstaller DLL.) - [845.5 Ko] - (1.0.5.9) - C:\WINDOWS\System32\coinst_15.20.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [373 Ko] - C:\WINDOWS\System32\com [MD5.535884123FABC2C15AA7DEC9834B55D4] - |A| - [12/04/2018 00:34:02] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.contrast-white.png [MD5.89F92266DFC6F93961DFFBB2D6C61A15] - |A| - [12/04/2018 00:34:02] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.png [MD5.6E14F444A2506049EEC25CB5EDFE0905] - |A| - [27/07/2017 15:28:38] - (.2013 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [110.91 Ko] - (1.0.0.4) - C:\WINDOWS\System32\CONEQMSAPOGUILibrary.dll [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 22:04:33] - [337138.24 Ko] - C:\WINDOWS\System32\config [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 00:38:21] - [86.84 Ko] - C:\WINDOWS\System32\Configuration [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [403.5 Ko] - C:\WINDOWS\System32\cs-CZ [MD5.BDEBD2FC4927DA00EEA263AF9CF8F7ED] - |A| - [12/04/2018 00:34:15] - (.© 1996 - 2017 Daniel Stenberg, . - The curl executable.) - [414.5 Ko] - (7.55.1.0) - C:\WINDOWS\System32\curl.exe [MD5.66E6010C31A70C8C5C2853AF597D853E] - |A| - [27/07/2017 15:28:38] - (.©Conexant Systems Inc. - Conexant APO.) - [1540.02 Ko] - (1.28.0.0) - C:\WINDOWS\System32\CX64APO.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [31.5 Ko] - C:\WINDOWS\System32\cy-GB [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [399 Ko] - C:\WINDOWS\System32\da-DK [MD5.48E51DAA9278C41213957795D439A274] - |A| - [14/11/2018 09:02:04] - (.-.) - [138 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DataStoreCacheDumpTool.exe [MD5.00000000000000000000000000000000] - |D| - [27/07/2017 15:29:33] - [4155.34 Ko] - C:\WINDOWS\System32\DAX2 [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [217.6 Ko] - C:\WINDOWS\System32\DDFs [MD5.CAC823DDBB6E785DB76906BFCCFE55AF] - |A| - [27/07/2017 15:28:39] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [255.34 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPA64.dll [MD5.AEE27C741500BF38E93052DF736F5FAD] - |A| - [27/07/2017 15:28:39] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [291.77 Ko] - (7.6.7.2) - C:\WINDOWS\System32\DDPA64F3.dll [MD5.018EFD4A9BF6FDA0F1AA3A6DE5712CD9] - |A| - [27/07/2017 15:28:39] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1894.34 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPD64A.dll [MD5.F03945762D4F7DF6195095B538E5C6A2] - |A| - [27/07/2017 15:28:39] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1888.27 Ko] - (7.6.7.2) - C:\WINDOWS\System32\DDPD64AF3.dll [MD5.DE67ADEAC731C1ED3BD76527AB530BA5] - |A| - [27/07/2017 15:28:39] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [308.34 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPO64A.dll [MD5.863B03900C286CDEB6B329CD6D0BB395] - |A| - [27/07/2017 15:28:39] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [341.77 Ko] - (7.6.7.2) - C:\WINDOWS\System32\DDPO64AF3.dll [MD5.C71D1DAFA22B5D3B71853783E5AA09D2] - |A| - [27/07/2017 15:28:39] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6921.34 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPP64A.dll [MD5.FB1F9765499981384AA360E9D3B2A2AA] - |A| - [27/07/2017 15:28:39] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6109.27 Ko] - (7.6.7.2) - C:\WINDOWS\System32\DDPP64AF3.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [453 Ko] - C:\WINDOWS\System32\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [12/04/2018 00:34:06] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultAccountTile.png [MD5.618BA9E529EAB7E11DBA43469481835F] - |A| - [12/04/2018 00:34:04] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [12/04/2018 00:38:27] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultQuestions.json [MD5.15202EC29E4DFDBD0A8A75E45A8C4C78] - |A| - [24/04/2017 04:50:51] - (.Advanced Micro Devices. - TODO: .) - [101 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DelayAPO.dll [MD5.851A9305E14B348CA0D9C7FB75391FDB] - |A| - [14/11/2018 09:02:57] - (.-.) - [272.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DesktopKeepOnToastImg.gif [MD5.4A6FA3C0EFD237F104E09A22883D9388] - |A| - [12/04/2018 00:34:17] - (.-.) - [3.85 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DetailedReading-Default.xml [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 00:38:21] - [928 Ko] - C:\WINDOWS\System32\DiagSvcs [MD5.12ACC91FA93C8BF82D4EF3FB779ECEF8] - |A| - [12/04/2018 00:34:24] - (.-.) - [80.27 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 22:04:37] - [10050.77 Ko] - C:\WINDOWS\System32\Dism [MD5.6AB2B935BF38EB13CFCB9506223FD6E7] - |A| - [12/04/2018 00:34:02] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.contrast-white.png [MD5.FF004E0B30E5E4EC747B3D8EF6E3B89E] - |A| - [12/04/2018 00:34:02] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.png [MD5.1689D0E01CDD0DFF021ECF9D67CDD895] - |A| - [27/07/2017 15:28:39] - (.© 2015 Dolby Laboratories, Inc. - Dolby DAX2 APO Property Page.) - [922.84 Ko] - (0.4.0.19) - C:\WINDOWS\System32\DolbyDAX2APOProp.dll [MD5.E018154C2CD09511D39D65337A48A6FC] - |A| - [27/07/2017 15:28:39] - (.© 2015 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [2337.34 Ko] - (0.4.0.19) - C:\WINDOWS\System32\DolbyDAX2APOv201.dll [MD5.2D6527EA6B43700FFE4D5E869D0217CA] - |A| - [27/07/2017 15:28:39] - (.© 2015 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [2403.84 Ko] - (0.4.0.19) - C:\WINDOWS\System32\DolbyDAX2APOv211.dll [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 22:04:37] - [2404.09 Ko] - C:\WINDOWS\System32\downlevel [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:37:59] - [133999.08 Ko] - C:\WINDOWS\System32\drivers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0 Ko] - C:\WINDOWS\System32\DriverState [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 22:04:33] - [1113655.02 Ko] - C:\WINDOWS\System32\DriverStore [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 00:38:21] - [214.5 Ko] - C:\WINDOWS\System32\dsc [MD5.8B5A737AD11EF45D9B1AEB4ED6884968] - |A| - [27/07/2017 15:28:39] - (.(c) DTS. - DTS Bass Enhancement COM DLL.) - [711.6 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSBassEnhancementDLL64.dll [MD5.21B38D4D86A87909491F690883AE6D1E] - |A| - [27/07/2017 15:28:39] - (.(c) DTS. - DTS Boost COM DLL.) - [1452.1 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSBoostDLL64.dll [MD5.FF31A2F57AAAB58DB78FCC961A58B206] - |A| - [27/07/2017 15:28:39] - (.(c) DTS. - DTS Gain Compensator COM DLL.) - [418.6 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSGainCompensatorDLL64.dll [MD5.BC0474E5476E5EA0D0E1AA5AC41E2061] - |A| - [27/07/2017 15:28:39] - (.(c) DTS. - DTS GFX APO.) - [237.1 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSGFXAPO64.dll [MD5.3B8FB5376F5431C0101747D5138BCB9B] - |A| - [27/07/2017 15:28:39] - (.(c) DTS. - DTS GFX APO.) - [236.1 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSGFXAPONS64.dll [MD5.B3977C8BA77559F4F8752AE8EB724C87] - |A| - [27/07/2017 15:28:39] - (.(c) DTS. - DTS LFX APO.) - [237.1 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSLFXAPO64.dll [MD5.192A03A21636D3775CEE4C049C3BEB2A] - |A| - [27/07/2017 15:28:40] - (.(c) DTS. - DTS Limiter COM DLL.) - [422.6 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSLimiterDLL64.dll [MD5.2EF5442E8E7ED20F7634EEFB09640C8F] - |A| - [27/07/2017 15:28:40] - (.(c) DTS. - DTS NEO:PC COM DLL.) - [479.6 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSNeoPCDLL64.dll [MD5.F7C357462077156DC211AC2112FC8C53] - |A| - [27/07/2017 15:28:40] - (.(c) DTS. - DTS Surround Sensation Headphone COM DLL.) - [1531.6 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSS2HeadphoneDLL64.dll [MD5.F132C08BD8C58579B400DFAA71F34CFB] - |A| - [27/07/2017 15:28:40] - (.(c) DTS. - DTS Surround Sensation Speaker COM DLL.) - [1715.1 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSS2SpeakerDLL64.dll [MD5.9948969B2C1987B1D64789EFEB284A84] - |A| - [27/07/2017 15:28:40] - (.(c) DTS. - DTS Symmetry COM DLL.) - [695.6 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSSymmetryDLL64.dll [MD5.37B8A8089ECED77F6CEAF74917C5D12B] - |A| - [27/07/2017 15:28:40] - (.(c) DTS. - DTS GFX APO.) - [475.94 Ko] - (2.1.1.0) - C:\WINDOWS\System32\DTSU2PGFX64.dll [MD5.8AE860D92752CFA136979B1FF797FFDC] - |A| - [27/07/2017 15:28:40] - (.(c) DTS. - DTS LFX APO.) - [489.44 Ko] - (2.1.1.0) - C:\WINDOWS\System32\DTSU2PLFX64.dll [MD5.A9B98F96FBE514ADEABD20B2BD132172] - |A| - [27/07/2017 15:28:40] - (.(c) DTS. - DTS LFX APO.) - [405.94 Ko] - (2.1.1.0) - C:\WINDOWS\System32\DTSU2PREC64.dll [MD5.DE32448E6B40141C80DAABFF6FBE1744] - |A| - [27/07/2017 15:28:40] - (.(c) DTS. - DTS Voice Clarity COM DLL.) - [677.1 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSVoiceClarityDLL64.dll [MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [12/04/2018 00:34:04] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicLong.bin [MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [12/04/2018 00:34:04] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicMedium.bin [MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [12/04/2018 00:34:04] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicShort.bin [MD5.08C33E4AB904EC0960B0781ED26AE039] - |A| - [12/04/2018 00:33:52] - (.-.) - [2.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\edgehtmlpluginpolicy.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [451.5 Ko] - C:\WINDOWS\System32\el-GR [MD5.904F56E6F53E05A6A3CB216FB99CAEAC] - |A| - [02/06/2018 20:53:09] - (.-.) - [22.57 Ko] - (0.0.0.0) - C:\WINDOWS\System32\emptyregdb.dat [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:18:38] - [3369 Ko] - C:\WINDOWS\System32\en [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [324 Ko] - C:\WINDOWS\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [41563.68 Ko] - C:\WINDOWS\System32\en-US [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [433.5 Ko] - C:\WINDOWS\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [358.5 Ko] - C:\WINDOWS\System32\es-MX [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [318.5 Ko] - C:\WINDOWS\System32\et-EE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29 Ko] - C:\WINDOWS\System32\eu-ES [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 00:38:21] - [17213.14 Ko] - C:\WINDOWS\System32\F12 [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28.5 Ko] - C:\WINDOWS\System32\fa-IR [MD5.4DBB768C8F7E49566670FF10A61726A3] - |A| - [12/07/2018 20:33:26] - (.-.) - [1278 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FaceProcessor.dll [MD5.F5A3997555DA1A4F7036D4E8B2FCB386] - |A| - [12/07/2018 20:32:58] - (.-.) - [530.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FaceProcessorCore.dll [MD5.BB0137476B1EC8B10CE944BF023C91F6] - |A| - [12/04/2018 00:34:04] - (.-.) - [1317.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FaceTrackerInternal.dll [MD5.4DED57BD7ACB9B0EBBE82034EC44645A] - |A| - [12/04/2018 00:34:41] - (.-.) - [43.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastBulldogImg.png [MD5.E65D2A37B6D4445D0CD9234BA933475B] - |A| - [12/04/2018 00:33:53] - (.-.) - [72.96 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastHeroImg.jpg [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [404.5 Ko] - C:\WINDOWS\System32\fi-FI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [32.5 Ko] - C:\WINDOWS\System32\fil-PH [MD5.D2AB30D987AFEAF0BDFD65ABBE018608] - |A| - [02/06/2018 20:24:14] - (.-.) - [495.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:18:38] - [3403 Ko] - C:\WINDOWS\System32\fr [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [369 Ko] - C:\WINDOWS\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [45668 Ko] - C:\WINDOWS\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0 Ko] - C:\WINDOWS\System32\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [32.5 Ko] - C:\WINDOWS\System32\ga-IE [MD5.41FD64AE28A0C932CA7B2A250993D675] - |A| - [12/04/2018 00:34:02] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.contrast-white.png [MD5.6DC77FD8B062264AF1C6DA325ABB7010] - |A| - [12/04/2018 00:34:02] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.png [MD5.2E6AF4D5BF6E31E728F409984C3045D4] - |A| - [12/04/2018 00:34:39] - (.-.) - [86.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\gatherNetworkInfo.vbs [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [34 Ko] - C:\WINDOWS\System32\gd-GB [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [31 Ko] - C:\WINDOWS\System32\gl-ES [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\System32\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29 Ko] - C:\WINDOWS\System32\gu-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29 Ko] - C:\WINDOWS\System32\ha-Latn-NG [MD5.EA99A87E98D995DE6E280CF85CEAD413] - |A| - [12/04/2018 00:34:02] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.contrast-white.png [MD5.B8E586ED92DB703FFA480E254996160E] - |A| - [12/04/2018 00:34:02] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [327.5 Ko] - C:\WINDOWS\System32\he-IL [MD5.6E9E9D56B192B2995493E529CFF2BBFE] - |A| - [12/04/2018 00:34:02] - (.-.) - [1.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.contrast-white.png [MD5.7F1E9502267F778F3A8139C35A352190] - |A| - [12/04/2018 00:34:02] - (.-.) - [1.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.png [MD5.202A07E4526B050E22624328E64E0470] - |A| - [12/04/2018 00:34:02] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.contrast-white.png [MD5.1892ACC10CAC009BCAC146AD650ABA58] - |A| - [12/04/2018 00:34:02] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.png [MD5.031713BFD5F30E63336D3CA5D2767BE9] - |A| - [12/04/2018 00:34:02] - (.-.) - [1.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.contrast-white.png [MD5.C1BD7976C99830E33A713D02374054EC] - |A| - [12/04/2018 00:34:02] - (.-.) - [1.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.png [MD5.D6906D226393F94E7D8B3B2AC1E41D94] - |A| - [12/04/2018 00:34:10] - (.-.) - [247.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29 Ko] - C:\WINDOWS\System32\hi-IN [MD5.7343F1A3B7BAC94625F2AD26887D80D2] - |A| - [27/07/2017 15:28:41] - (.© 2015 Dolby Laboratories, Inc. - Dolby DAX2 HiFi API.) - [341.34 Ko] - (0.4.0.21) - C:\WINDOWS\System32\HiFiDAX2API.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [335 Ko] - C:\WINDOWS\System32\hr-HR [MD5.14352F6468E9B5DA4A27281B8B7AB3C4] - |A| - [24/04/2017 04:50:45] - (.-.) - [100.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\hsa-thunk64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [411 Ko] - C:\WINDOWS\System32\hu-HU [MD5.E1712E7E7F912EC72EEDA318C3B25E25] - |A| - [12/04/2018 00:33:54] - (.-.) - [31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HvSocket.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [27.5 Ko] - C:\WINDOWS\System32\hy-AM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:23:20] - [160.64 Ko] - C:\WINDOWS\System32\hydrogen [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [5.36 Ko] - C:\WINDOWS\System32\ias [MD5.B9178219A1B69431A12ED114B409E8C9] - |A| - [27/07/2017 15:28:41] - (.Copyright (c) 2015, ICEpower a/s - ICEpower ICEsound audio effects.) - [321.11 Ko] - (1.0.0.15) - C:\WINDOWS\System32\ICEsoundAPO64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [36.27 Ko] - C:\WINDOWS\System32\icsxml [MD5.CD591279F103D5E02F84ABD7ED450E57] - |RA| - [12/04/2018 00:34:12] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1848 Ko] - (59.1.0.0) - C:\WINDOWS\System32\icuin.dll [MD5.4185EE055F39FD2D726A91E6A8A1A093] - |RA| - [12/04/2018 00:34:12] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1311.5 Ko] - (59.1.0.0) - C:\WINDOWS\System32\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28.5 Ko] - C:\WINDOWS\System32\id-ID [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [27 Ko] - C:\WINDOWS\System32\ig-NG [MD5.67B646C256190F118619C9D10AAE4B5C] - |A| - [12/04/2018 00:34:04] - (.-.) - [168 Ko] - (0.0.0.0) - C:\WINDOWS\System32\IHDS.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [25220 Ko] - C:\WINDOWS\System32\IME [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0 Ko] - C:\WINDOWS\System32\inetsrv [MD5.BB1480586B5C174900A1051CEB2B462F] - |A| - [12/04/2018 00:34:12] - (.-.) - [480.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [6671.5 Ko] - C:\WINDOWS\System32\InputMethod [MD5.8DE9AE82152650C178BF1E24014E8503] - |A| - [12/04/2018 00:34:02] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.contrast-white.png [MD5.0B9FBD6F3ED617CD36D042D3422F1C2B] - |A| - [12/04/2018 00:34:02] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.png [MD5.6F7D1601DA55BBE5C7A79E01E236D7B9] - |A| - [27/07/2017 15:28:41] - (.© Knowles Electronics. - Knowles HD Audio APO.) - [589.83 Ko] - (4.1105.6000.53) - C:\WINDOWS\System32\KAAPORT64.dll [MD5.FC4555CE754EA1BF4D3A7B9B09FF6378] - |A| - [24/04/2017 04:50:45] - (.-.) - [46.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\kapp_ci.sbin [MD5.AC174CB728E8C766670FDF606144D73A] - |A| - [24/04/2017 04:50:45] - (.-.) - [42.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\kapp_si.sbin [MD5.23AC7515B6D8A794BCC01B582F044078] - |A| - [12/04/2018 00:34:02] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.contrast-white.png [MD5.3DF873E16CCEA9B42857FB5FA085CB00] - |A| - [12/04/2018 00:34:02] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28.5 Ko] - C:\WINDOWS\System32\kk-KZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28 Ko] - C:\WINDOWS\System32\km-KH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [31.5 Ko] - C:\WINDOWS\System32\kn-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [297 Ko] - C:\WINDOWS\System32\ko-KR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29 Ko] - C:\WINDOWS\System32\kok-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29.5 Ko] - C:\WINDOWS\System32\ku-Arab-IQ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30 Ko] - C:\WINDOWS\System32\ky-KG [MD5.9451D4436E2EA67EB33FCC764E4AABED] - |A| - [14/11/2018 09:03:26] - (.-.) - [186.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LaptopPlugInToastImg.gif [MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [12/04/2018 00:34:04] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LargeRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [33 Ko] - C:\WINDOWS\System32\lb-LU [MD5.C15D2C94E3C94CEFE8DE6A9D36C35FD1] - |A| - [13/10/2016 21:55:18] - (.(C) 1991-2012 Logitech. - LDA Component Extensions (UNICODE).) - [2410.45 Ko] - (1.10.77.0) - C:\WINDOWS\System32\LdaCx2.dll [MD5.4F5120E44845A78D5920D2F0BDE0340F] - |A| - [12/04/2018 17:22:53] - (.-.) - [1953 Ko] - (2.6.4.0) - C:\WINDOWS\System32\libcrypto.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [559.86 Ko] - C:\WINDOWS\System32\Licenses [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [27 Ko] - C:\WINDOWS\System32\lo-LA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [2580.46 Ko] - C:\WINDOWS\System32\LogFiles [MD5.1F1E9FBB7FE7A39A84A061F6EF7003B4] - |A| - [13/10/2016 21:55:24] - (.Copyright © 2010-2012 Logitech. All Rights Reserved - Logitech Download Assistant.) - [3850.45 Ko] - (1.10.77.0) - C:\WINDOWS\System32\LogiLDA.DLL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [333 Ko] - C:\WINDOWS\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [331.5 Ko] - C:\WINDOWS\System32\lv-LV [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [30075.56 Ko] - C:\WINDOWS\System32\Macromed [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [32.68 Ko] - C:\WINDOWS\System32\MailContactsCalendarSync [MD5.75616F8DB5C092A8A50AFEC273859DD7] - |A| - [27/07/2017 15:28:41] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [311.34 Ko] - (2.2.9.0) - C:\WINDOWS\System32\MaxxAudioAPO20.dll [MD5.06080807E61471A18AD99F3E6FF3C9B5] - |A| - [27/07/2017 15:28:41] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [647.75 Ko] - (3.6.0.0) - C:\WINDOWS\System32\MaxxAudioAPO30.dll [MD5.A0DEEB5F93530A3C67E913F2EAE7AF7C] - |A| - [27/07/2017 15:28:41] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1118.42 Ko] - (4.5.8.0) - C:\WINDOWS\System32\MaxxAudioAPO4064.dll [MD5.7C0186E421B1B5FC5824837D5078B4C1] - |A| - [27/07/2017 15:28:41] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1164.42 Ko] - (5.6.5.0) - C:\WINDOWS\System32\MaxxAudioAPO5064.dll [MD5.06059CB3AACCBDA5865EFD9922832F82] - |A| - [27/07/2017 15:28:42] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1342.42 Ko] - (6.1.12.0) - C:\WINDOWS\System32\MaxxAudioAPO6064.dll [MD5.CD2A9C650A6441544E4E4EB0B6F7C16E] - |A| - [27/07/2017 15:28:42] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [2724.42 Ko] - (7.0.10.0) - C:\WINDOWS\System32\MaxxAudioAPO7064.dll [MD5.71947A1775D4CBD9CBE580C6E97FF78E] - |A| - [27/07/2017 15:28:42] - (.Copyright (C) 2010-2013 - MaxxAudio APO Shell.) - [901.25 Ko] - (4.10.8.0) - C:\WINDOWS\System32\MaxxAudioAPOShell64.dll [MD5.E93ADE8C38CA41442FE60E844DED92AC] - |A| - [27/07/2017 15:28:42] - (.Copyright © 1996-2014 -.) - [1993.59 Ko] - (4.1.1.0) - C:\WINDOWS\System32\MaxxAudioEQ64.dll [MD5.CB56F27AFF28FB9576C6FC79E6D14036] - |A| - [27/07/2017 15:28:42] - (.Copyright © 1996-2013 -.) - [13719.25 Ko] - (4.4.10.0) - C:\WINDOWS\System32\MaxxAudioRealtek64.dll [MD5.581778867AEB80C4366057B3DE1DC4D0] - |A| - [27/07/2017 15:28:42] - (.© Waves Audio Ltd. - MaxxSpeech APO.) - [1283.11 Ko] - (1.1.4.0) - C:\WINDOWS\System32\MaxxSpeechAPO64.dll [MD5.4209912F4FC493FCB0816771448F9E8E] - |A| - [27/07/2017 15:28:42] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [957.42 Ko] - (2.6.2.0) - C:\WINDOWS\System32\MaxxVoiceAPO2064.dll [MD5.DF3632EDBC612F4112F6FEDB024F6118] - |A| - [27/07/2017 15:28:42] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [12691.92 Ko] - (3.1.13.0) - C:\WINDOWS\System32\MaxxVoiceAPO3064.dll [MD5.6C100BAE708BD61F65932087D9A69ECA] - |A| - [27/07/2017 15:28:42] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [12533.92 Ko] - (4.0.8.0) - C:\WINDOWS\System32\MaxxVoiceAPO4064.dll [MD5.587A8CF457604D84266FF858CEB60223] - |A| - [27/07/2017 15:28:43] - (.© Waves Audio Ltd. - MaxxVolumeSD APO.) - [647.25 Ko] - (3.6.0.0) - C:\WINDOWS\System32\MaxxVolumeSDAPO.dll [MD5.9F46840758431946CA096F8096B016B4] - |A| - [14/06/2018 07:14:18] - (.-.) - [790 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MBR2GPT.EXE [MD5.F23EB28468FC8B62AF941308EC30387F] - |A| - [12/04/2018 00:34:02] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.contrast-white.png [MD5.6E27512E38D598E0A60F8E5ADCF032CD] - |A| - [12/04/2018 00:34:02] - (.-.) - [0.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.png [MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [12/04/2018 00:34:04] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediumRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29 Ko] - C:\WINDOWS\System32\mi-NZ [MD5.00000000000000000000000000000000] - |D| - [02/06/2018 18:42:09] - [1109.53 Ko] - C:\WINDOWS\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [5577.99 Ko] - C:\WINDOWS\System32\migration [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [47370.49 Ko] - C:\WINDOWS\System32\migwiz [MD5.D225B2044789A6059344503C1AE33347] - |A| - [12/04/2018 00:34:29] - (.-.) - [3.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\mmc.exe.config [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30.5 Ko] - C:\WINDOWS\System32\mn-MN [MD5.B43E43FFFDD0F06A6925C7C89594042B] - |A| - [12/04/2018 00:34:02] - (.-.) - [1.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.contrast-white.png [MD5.5D2F0D3E50BF1129D260AC1405FF2A18] - |A| - [12/04/2018 00:34:02] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29.5 Ko] - C:\WINDOWS\System32\mr-IN [MD5.00000000000000000000000000000000] - |D| - [02/06/2018 09:23:16] - [0 Ko] - C:\WINDOWS\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30 Ko] - C:\WINDOWS\System32\ms-MY [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [45.5 Ko] - C:\WINDOWS\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [4180.28 Ko] - C:\WINDOWS\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [31 Ko] - C:\WINDOWS\System32\mt-MT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [19.15 Ko] - C:\WINDOWS\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [34.35 Ko] - C:\WINDOWS\System32\my-mm [MD5.52D09193B954697371DFA7BE9E520D05] - |A| - [27/07/2017 15:28:43] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [5112.26 Ko] - (6.3.9600.17231) - C:\WINDOWS\System32\NAHIMICAPOlfx.dll [MD5.4E5442D9B14EF9EF679CD8D65CD50A51] - |A| - [27/07/2017 15:28:43] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO Settings Communication Dll.) - [971.8 Ko] - (1.0.0.14866) - C:\WINDOWS\System32\NahimicAPONSControl.dll [MD5.BE01A0E01C03156B908EDDB4406EC972] - |A| - [27/07/2017 15:28:43] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [5574.94 Ko] - (6.3.9600.16384) - C:\WINDOWS\System32\NAHIMICV2apo.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [393.5 Ko] - C:\WINDOWS\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [768 Ko] - C:\WINDOWS\System32\NDF [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [31.5 Ko] - C:\WINDOWS\System32\ne-NP [MD5.DFD5F0C0957B7E5F4565B825D9B66A5A] - |A| - [02/06/2018 20:24:19] - (.-.) - [34.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetSetupMig.log [MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [12/04/2018 00:34:39] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [51 Ko] - C:\WINDOWS\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [422.5 Ko] - C:\WINDOWS\System32\nl-NL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28.5 Ko] - C:\WINDOWS\System32\nn-NO [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30.5 Ko] - C:\WINDOWS\System32\nso-ZA [MD5.90950C42E52E47D26D4CDDFA4EA530D3] - |A| - [15/06/2018 13:01:20] - (.Copyright(c) 2006-2014 Brother Industries,Ltd. - NSSearch.) - [245.5 Ko] - (1.1.0.13) - C:\WINDOWS\System32\NSSRH64.dll [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 00:38:21] - [3781.5 Ko] - C:\WINDOWS\System32\Nui [MD5.00000000000000000000000000000000] - |AD| - [29/07/2016 15:27:04] - [178.97 Ko] - C:\WINDOWS\System32\OEM [MD5.1F8E72D18D9DF680D0E0E5AA10ECA760] - |A| - [12/04/2018 00:38:28] - (.-.) - [16.94 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OEMDefaultAssociations.xml [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [12/04/2018 00:33:53] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-black.png [MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [12/04/2018 00:33:53] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-white.png [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [12/04/2018 00:33:53] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [20316.71 Ko] - C:\WINDOWS\System32\oobe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:54] - [3834.5 Ko] - C:\WINDOWS\System32\OpenSSH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [32.5 Ko] - C:\WINDOWS\System32\or-IN [MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [12/04/2018 00:34:04] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OutdoorAudioEnvironment.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28.5 Ko] - C:\WINDOWS\System32\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30 Ko] - C:\WINDOWS\System32\pa-IN [MD5.874B0871DA3EC061D1BF30423C1E165B] - |A| - [12/04/2018 00:34:43] - (.-.) - [48.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerceptionSimulationInput.exe [MD5.D1D8C9C22F34AA31C45F3C70DA0187B2] - |A| - [12/04/2018 00:40:29] - (.-.) - [130.42 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc009.dat [MD5.AED8BC6639205301914BF9BF8AB083B1] - |A| - [12/04/2018 17:18:42] - (.-.) - [146.78 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc00C.dat [MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [12/04/2018 00:40:29] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd009.dat [MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [12/04/2018 17:18:42] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd00C.dat [MD5.5986D205D6D20B5629F10EA84C461601] - |A| - [12/04/2018 00:40:29] - (.-.) - [686.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh009.dat [MD5.8DCF0EB1C9933AB2D58E90235ECE8F2A] - |A| - [12/04/2018 17:18:42] - (.-.) - [773.96 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh00C.dat [MD5.A141A23DBF0BA054B68105311BDE45A9] - |A| - [02/06/2018 20:53:59] - (.-.) - [1732.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerfStringBackup.INI [MD5.79D34E3B62076D4C875C748F5BE71ECA] - |A| - [12/04/2018 00:34:02] - (.-.) - [2.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.contrast-white.png [MD5.4D9495349D00D9AD907F227FF51F289F] - |A| - [12/04/2018 00:34:02] - (.-.) - [1.92 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [420 Ko] - C:\WINDOWS\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [693.5 Ko] - C:\WINDOWS\System32\PointOfService [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:18:39] - [973.77 Ko] - C:\WINDOWS\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0 Ko] - C:\WINDOWS\System32\ProximityToast [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30.5 Ko] - C:\WINDOWS\System32\prs-AF [MD5.007893E8374C766471239EB291BA8C17] - |A| - [12/04/2018 00:34:40] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\psmodulediscoveryprovider.mof [MD5.775AC121468F9F91F46C38B3F11B2F2D] - |A| - [24/04/2017 04:50:34] - (.AMD. - CoInstaller DLL.) - [104.02 Ko] - (1.0.5.9) - C:\WINDOWS\System32\pspcoins.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [422 Ko] - C:\WINDOWS\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [417.5 Ko] - C:\WINDOWS\System32\pt-PT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [32.5 Ko] - C:\WINDOWS\System32\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30.5 Ko] - C:\WINDOWS\System32\quz-PE [MD5.8882AD10853E45402CABD3BAF48A7EFC] - |A| - [27/07/2017 15:28:43] - (.©2012 Dolby Laboratories. - Dolby PCEE4 ASL Analog x64.) - [121.27 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEA64A.dll [MD5.0B5EF50E26CFD1E7BF01E32E053532B2] - |A| - [27/07/2017 15:28:43] - (.©2012 Dolby Laboratories. - Dolby PCEE4 COM DLL x64.) - [424.77 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EED64A.dll [MD5.01096663377134C41D618AF0E53A953E] - |A| - [27/07/2017 15:28:43] - (.©2012 Dolby Laboratories. - Dolby PCEE4 GFX APO x64.) - [73.27 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEG64A.dll [MD5.D0EB28022A91A5C084E8A7DEBB08D8D2] - |A| - [27/07/2017 15:28:43] - (.©2012 Dolby Laboratories. - Dolby PCEE4 LFX APO x64.) - [138.27 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEL64A.dll [MD5.03625A179B27362D3A90E3331AEBE95E] - |A| - [27/07/2017 15:28:43] - (.©2012 Dolby Laboratories. - Dolby PCEE4 Control Panel x64.) - [6996.27 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEP64A.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [23.75 Ko] - C:\WINDOWS\System32\ras [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0 Ko] - C:\WINDOWS\System32\RasToast [MD5.5BBEA6A833CAE2CAB5E400D757998BBF] - |A| - [02/06/2018 18:32:24] - (.-.) - [1907.5 Ko] - (1.0.1802.7001) - C:\WINDOWS\System32\rdpnano.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [388190.06 Ko] - C:\WINDOWS\System32\Recovery [MD5.826549DF7B1333179BA8CA939B12DAD3] - |A| - [12/04/2018 00:34:02] - (.-.) - [1.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.contrast-white.png [MD5.B4DEEC96F9DF6961D5DE054F11BF9C2B] - |A| - [12/04/2018 00:34:02] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.png [MD5.93915F385A4EED6C0FBEE364EA90CE56] - |A| - [12/04/2018 00:34:43] - (.-.) - [9.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageList [MD5.39A2449AFF6ABAD80B97EA7C7CEB3F8E] - |A| - [12/04/2018 00:34:43] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageList [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [12/04/2018 00:33:53] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-black.png [MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [12/04/2018 00:33:53] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-white.png [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [12/04/2018 00:33:53] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0.07 Ko] - C:\WINDOWS\System32\restore [MD5.E9D4A333DF15D06C68AC4BFB9B6581CB] - |A| - [27/07/2017 15:28:45] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DAA64.dll [MD5.B6FE01558CC03F3866C9AD0ED19261D8] - |A| - [27/07/2017 15:28:45] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DHT64.dll [MD5.A6286A6C7A1BBFCBA17AA54384A21D1C] - |A| - [27/07/2017 15:28:45] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [199.34 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEED64A.dll [MD5.6F4CD493196100EEF349D7132CECAFD9] - |A| - [27/07/2017 15:28:45] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [76.84 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEG64A.dll [MD5.ECAEC5FBBBEF8612AF0A866AFA5F7EF2] - |A| - [27/07/2017 15:28:45] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [98.84 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEL64A.dll [MD5.D0D0D82B7366E691275E433CD34F89B2] - |A| - [27/07/2017 15:28:45] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [366.34 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEP64A.dll [MD5.BA34CA469FE48B13922CD7A07A4A904A] - |A| - [09/10/2018 22:51:15] - (.-.) - [51.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\runexehelper.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29.5 Ko] - C:\WINDOWS\System32\rw-RW [MD5.534611F1C8EAA4FF960EB0043EA03B04] - |A| - [24/04/2017 04:50:45] - (.-.) - [136.95 Ko] - (0.0.0.0) - C:\WINDOWS\System32\samu_krnl_ci.sbin [MD5.A769B352B827590EA4CCAC16E6269E33] - |A| - [24/04/2017 04:50:45] - (.-.) - [135.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\samu_krnl_isv_ci.sbin [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [12/04/2018 00:35:22] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScavengeSpace.xml [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [12/04/2018 00:33:53] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-black.png [MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [12/04/2018 00:33:53] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-white.png [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [12/04/2018 00:33:53] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30 Ko] - C:\WINDOWS\System32\sd-Arab-PK [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [12/04/2018 00:34:39] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\settings.dat [MD5.17ABCAD44A75C635583A238ED6333357] - |A| - [27/07/2017 15:28:46] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFAPO.DLL.) - [76.84 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFAPO64.dll [MD5.2C25AF115BDDC05D9A84D26227A08E63] - |A| - [27/07/2017 15:28:46] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFCOM.DLL.) - [79.34 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFCOM64.dll [MD5.7B3E9344FB43D799C6462227A0E65877] - |A| - [27/07/2017 15:28:46] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFNHK.DLL.) - [215.84 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFNHK64.dll [MD5.DBB99601D716F92CDD97CE4E60865319] - |A| - [27/07/2017 15:28:46] - (.Copyright (C) 2013 DTS, Inc. - DTS Studio Sound.) - [921.66 Ko] - (3.1.38.0) - C:\WINDOWS\System32\sl3apo64.dll [MD5.6F8B108E8B57AC88F90D6EA13B2A1755] - |A| - [27/07/2017 15:28:46] - (.Copyright (C) 2011 SRS Labs, Inc. - SRS Labs.) - [1078.16 Ko] - (3.1.38.0) - C:\WINDOWS\System32\slcnt64.dll [MD5.00000000000000000000000000000000] - |D| - [02/06/2018 20:24:17] - [212465.07 Ko] - C:\WINDOWS\System32\SleepStudy [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:18:39] - [98.06 Ko] - C:\WINDOWS\System32\slmgr [MD5.2E4C258CB2FF3D249FD0ABBCABC664A1] - |A| - [27/07/2017 15:28:46] - (.TODO: (c) . - TODO: .) - [244.66 Ko] - (1.0.0.1) - C:\WINDOWS\System32\slprp64.dll [MD5.EC05C33DF2CF20D839FE3650505ED6ED] - |A| - [27/07/2017 15:28:46] - (.Copyright (C) 2013 DTS, Inc. - DTS Studio Sound.) - [717.16 Ko] - (3.1.38.0) - C:\WINDOWS\System32\sltech64.dll [MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [12/04/2018 00:34:04] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 22:04:33] - [13513.02 Ko] - C:\WINDOWS\System32\SMI [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [12/04/2018 00:33:53] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-black.png [MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [12/04/2018 00:33:53] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-white.png [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [12/04/2018 00:33:53] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.png [MD5.DE3EAAF17BC934C77C4FC0C626EEA03B] - |A| - [12/04/2018 00:34:02] - (.-.) - [1.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.contrast-white.png [MD5.3308374DB8D20CFDA4D4204E2B5E559E] - |A| - [12/04/2018 00:34:02] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.png [MD5.3C238A27DD48D63F21CBB8AE6E4210BD] - |A| - [12/04/2018 00:34:41] - (.-.) - [37 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpectrumSyncClient.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [7627.9 Ko] - C:\WINDOWS\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [12220.67 Ko] - C:\WINDOWS\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [96534.39 Ko] - C:\WINDOWS\System32\spool [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [13015.3 Ko] - C:\WINDOWS\System32\spp [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [23.61 Ko] - C:\WINDOWS\System32\sppui [MD5.81FC50540F5259962EDC53CC46443565] - |A| - [27/07/2017 15:26:07] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\spu_storage.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30.5 Ko] - C:\WINDOWS\System32\sq-AL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29.5 Ko] - C:\WINDOWS\System32\sr-Cyrl-BA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29.5 Ko] - C:\WINDOWS\System32\sr-Cyrl-RS [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\System32\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [337 Ko] - C:\WINDOWS\System32\sr-Latn-RS [MD5.A5F6491F71A0DAF25140CA915600AB37] - |A| - [27/07/2017 15:28:46] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRAPO.DLL.) - [443.64 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRAPO64.dll [MD5.48435D12B45AB1F954CB579D1EA15D52] - |A| - [27/07/2017 15:28:46] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [321.64 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRCOM.dll [MD5.18F4327F7A659F4B1017C0E4C03EB50B] - |A| - [27/07/2017 15:28:46] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [360.64 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRCOM64.dll [MD5.2E00E08420875FAE0B173C6A34C2A575] - |A| - [02/06/2018 18:32:33] - (.-.) - [18.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms-apr.dat [MD5.4FD560E994EDF0353835F3F9F506A62C] - |A| - [12/07/2018 20:32:49] - (.-.) - [57.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms.dat [MD5.D47D28D2AD44318805CF5EF15665D570] - |A| - [27/07/2017 15:28:46] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRRPTR.DLL.) - [1380.64 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRRPTR64.dll [MD5.A88BE9A6C4E646A2B2A1BD3A7F4B58E7] - |A| - [27/07/2017 15:28:46] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [194.23 Ko] - (1.1.0.0) - C:\WINDOWS\System32\SRSHP64.dll [MD5.A028717B791416182959B325D5B40679] - |A| - [27/07/2017 15:28:46] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [206.23 Ko] - (1.1.4.0) - C:\WINDOWS\System32\SRSTSH64.dll [MD5.018D3D2478754AA411DE6DA6DE5F8F21] - |A| - [27/07/2017 15:28:46] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [506.73 Ko] - (3.2.0.0) - C:\WINDOWS\System32\SRSTSX64.dll [MD5.2FCADCC14F8E540F6ADE4BF92BD8AEDD] - |A| - [27/07/2017 15:28:46] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [152.23 Ko] - (1.1.3.0) - C:\WINDOWS\System32\SRSWOW64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [59032 Ko] - C:\WINDOWS\System32\sru [MD5.8A02EF186BDC952CA75EFA689EC4F275] - |A| - [12/04/2018 00:34:04] - (.-.) - [434 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [401.5 Ko] - C:\WINDOWS\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29 Ko] - C:\WINDOWS\System32\sw-KE [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 22:04:37] - [1411.24 Ko] - C:\WINDOWS\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [930.78 Ko] - C:\WINDOWS\System32\SystemResetPlatform [MD5.314FF976D74D682F8034D34D68178CCC] - |A| - [07/11/2017 21:51:38] - (.Copyright (c) 2013 - 2017 Advanced Micro Devices, Inc. - t-base_client_api dll.) - [25.51 Ko] - (4.5.0.0) - C:\WINDOWS\System32\t-base_client_api.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [44.73 Ko] - C:\WINDOWS\System32\ta-in [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [10.73 Ko] - C:\WINDOWS\System32\ta-lk [MD5.9CD66B93520B6DD13C71EAEF487D7899] - |A| - [12/04/2018 00:34:16] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [49 Ko] - (3.3.2.0) - C:\WINDOWS\System32\tar.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [639.51 Ko] - C:\WINDOWS\System32\Tasks [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [513.78 Ko] - C:\WINDOWS\System32\Tasks_Migrated [MD5.C4996D68F6E8F989403C5862701DDB4D] - |A| - [07/11/2017 21:51:52] - (.Copyright (c) 2013 - 2017 Advanced Micro Devices, Inc. - tbaseregistry dll.) - [126.01 Ko] - (4.5.0.0) - C:\WINDOWS\System32\tbaseregistry64.dll [MD5.6B41F588865C5FEDD1B378F2A5BAF27A] - |A| - [09/01/2019 08:25:19] - (.-.) - [1.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcbres.wim [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [12/04/2018 00:34:33] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30 Ko] - C:\WINDOWS\System32\te-IN [MD5.B88B8D017386A00D7724519F475317A0] - |A| - [12/04/2018 00:34:44] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [12/04/2018 00:34:44] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlanCredentials.xslt [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28.5 Ko] - C:\WINDOWS\System32\tt-RU [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28 Ko] - C:\WINDOWS\System32\ug-CN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [334.5 Ko] - C:\WINDOWS\System32\uk-UA [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 00:38:21] - [2716.96 Ko] - C:\WINDOWS\System32\UNP [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29.5 Ko] - C:\WINDOWS\System32\ur-PK [MD5.5B0D59652F66ABB715DC53C312B26BD0] - |A| - [12/04/2018 00:34:14] - (.-.) - [37 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UsbPmApi.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [32 Ko] - C:\WINDOWS\System32\uz-Latn-UZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [31.5 Ko] - C:\WINDOWS\System32\vi-VN [MD5.D5DBBF94106B931112FBFB19A1351506] - |A| - [27/07/2017 15:28:46] - (.Copyright © 1996-2012 - General Library for Plug-Ins.) - [2052.59 Ko] - (4.4.5.0) - C:\WINDOWS\System32\WavesGUILib64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [178254.31 Ko] - C:\WINDOWS\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:18:39] - [0 Ko] - C:\WINDOWS\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [59096.33 Ko] - C:\WINDOWS\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [12/04/2018 00:34:19] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [1.12 Ko] - C:\WINDOWS\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [44134.66 Ko] - C:\WINDOWS\System32\WinBioPlugIns [MD5.9FB33FC28587B322B6563F73A8F0CBBD] - |A| - [12/04/2018 00:34:10] - (.-.) - [123 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [10068.64 Ko] - C:\WINDOWS\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [224596 Ko] - C:\WINDOWS\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [5569.42 Ko] - C:\WINDOWS\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:18:39] - [207.64 Ko] - C:\WINDOWS\System32\winrm [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [27.5 Ko] - C:\WINDOWS\System32\wo-SN [MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [12/04/2018 00:34:42] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcmon.png [MD5.A853BF78DA5ED707FC4430FBEA74CC15] - |A| - [12/04/2018 00:34:02] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpr.config.xml [MD5.DE198ABE13B6E663E60E006E17CF68B1] - |A| - [12/04/2018 00:34:06] - (.-.) - [79.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30 Ko] - C:\WINDOWS\System32\xh-ZA [MD5.962466D810C66342C8B7CCF2CDE4CA78] - |A| - [24/04/2017 04:50:34] - (.-.) - [20.51 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\07010000000000000000000000000000.tlbin [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [12/04/2018 00:34:49] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [12/04/2018 00:34:48] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [12/04/2018 00:34:59] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@VpnToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [12/04/2018 00:34:49] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@WirelessDisplayToast.png [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 22:04:41] - [1900.9 Ko] - C:\WINDOWS\SysWOW64\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29.5 Ko] - C:\WINDOWS\SysWOW64\af-ZA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [22 Ko] - C:\WINDOWS\SysWOW64\am-ET [MD5.C79CA499BA8BB55E54F9705DCE52E6D1] - |A| - [24/04/2017 04:50:35] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon AMD AVE Driver Component.) - [98.21 Ko] - (8.4.6.0) - C:\WINDOWS\SysWOW64\amdave32.dll [MD5.DCCD6D33C90518A03FA62B98F0CB23DF] - |A| - [24/04/2017 04:50:35] - (.-.) - [185.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\amdgfxinfo32.dll [MD5.4A694F8A071A36F77A3656CA1F59734F] - |A| - [24/04/2017 04:50:35] - (.Copyright (C) 2013 - Universal Adapter for Adobe.) - [125.38 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\amdhcp32.dll [MD5.633CC38EB5E55E042D7811A13685C8D1] - |A| - [24/04/2017 04:50:35] - (.-.) - [120.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\amdhdl32.dll [MD5.B3CC6BA5BC2B0464CECC14E85C88E762] - |A| - [24/04/2017 04:50:35] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MMOCL Universal Driver.) - [38.5 Ko] - (1.6.0.0) - C:\WINDOWS\SysWOW64\amdmmcl.dll [MD5.4BE0774C7786FBAE55E2F5D2664C59B6] - |A| - [24/04/2017 04:50:35] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 2.0 Runtime.) - [38784.5 Ko] - (10.0.1800.7) - C:\WINDOWS\SysWOW64\amdocl.dll [MD5.9AC551C37A477239553F571FBA05C33F] - |A| - [24/04/2017 04:50:36] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD COMPILER OpenCL 1.1 Compiler.) - [21795.5 Ko] - (0.8.0.0) - C:\WINDOWS\SysWOW64\amdocl12cl.dll [MD5.56B986D13C74903FE27B71BA85C76037] - |A| - [24/04/2017 04:50:40] - (.-.) - [972.01 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\amdocl_as32.exe [MD5.28F4F5BAC73505F71B8AEC95B7FBE1DD] - |A| - [24/04/2017 04:50:41] - (.-.) - [780.01 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\amdocl_ld32.exe [MD5.48C45AF9BFE39217A50E3AB721A86039] - |A| - [24/04/2017 04:50:42] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [70.02 Ko] - (8.14.10.23) - C:\WINDOWS\SysWOW64\amdpcom32.dll [MD5.F12ED717E6454D7DBB16A36D6A24FDA4] - |A| - [24/04/2017 04:50:34] - (.Copyright (c) 2013 - 2015 Advanced Micro Devices, Inc. - amdumcsp dll.) - [69.52 Ko] - (2.21.0.0) - C:\WINDOWS\SysWOW64\amdumcsp.dll [MD5.B2FE8305EE071E01A713F079609FD75B] - |A| - [24/04/2017 04:50:42] - (.Copyright (C) 2014-2015 AMD Inc. - amdxc32.dll.) - [7325 Ko] - (8.18.10.40) - C:\WINDOWS\SysWOW64\amdxc32.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [326.5 Ko] - C:\WINDOWS\SysWOW64\ar-SA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30.5 Ko] - C:\WINDOWS\SysWOW64\as-IN [MD5.8128B54EAA48F9C06B19A86C87752996] - |A| - [25/05/2017 08:22:12] - (.Copyright (C) 2010 - AsIO DLL.) - [28 Ko] - (1.0.0.4) - C:\WINDOWS\SysWOW64\AsIO.dll [MD5.9AE83C567468C5373831520B148B544B] - |A| - [24/04/2017 04:50:42] - (.Copyright (C) 2008-2014 Advanced Micro Devices, Inc. - ADL.) - [905 Ko] - (7.15.20.1301) - C:\WINDOWS\SysWOW64\atiadlxx.dll [MD5.9AE83C567468C5373831520B148B544B] - |A| - [24/04/2017 04:50:42] - (.Copyright (C) 2008-2014 Advanced Micro Devices, Inc. - ADL.) - [905 Ko] - (7.15.20.1301) - C:\WINDOWS\SysWOW64\atiadlxy.dll [MD5.D303D90C05B52F874357AD47ADFF13E1] - |A| - [24/04/2017 04:50:42] - (.-.) - [645.42 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atiapfxx.blb [MD5.9F81225B4179F88ABDCAB9F395B3B1FB] - |A| - [24/04/2017 04:50:42] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [48 Ko] - (6.14.10.1848) - C:\WINDOWS\SysWOW64\aticalcl.dll [MD5.00E0C2B4BD65687F68B3DBC1EDCB4B9D] - |A| - [24/04/2017 04:50:42] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [13967 Ko] - (6.14.10.1848) - C:\WINDOWS\SysWOW64\aticaldd.dll [MD5.BA1C4D058C70050852F3C3264EEFE6DD] - |A| - [24/04/2017 04:50:43] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [51 Ko] - (6.14.10.1848) - C:\WINDOWS\SysWOW64\aticalrt.dll [MD5.D012F8B9F4718112A7E3E0A7A3030A1D] - |A| - [24/04/2017 04:50:43] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx32.dll.) - [1164.4 Ko] - (8.17.10.1401) - C:\WINDOWS\SysWOW64\aticfx32.dll [MD5.2D4E22A4E2B8D678E92B20C8E3AD7704] - |A| - [24/04/2017 04:50:43] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx32.dll.) - [9854.57 Ko] - (8.17.10.625) - C:\WINDOWS\SysWOW64\atidxx32.dll [MD5.FCC23CB40DC5CBF271CCDE2759666D39] - |A| - [24/04/2017 04:50:43] - (.-.) - [140.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atieah32.exe [MD5.2ACBE8E1575809EEC600C5AB0D979241] - |A| - [24/04/2017 04:50:43] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [138.5 Ko] - (8.14.1.6463) - C:\WINDOWS\SysWOW64\atigktxx.dll [MD5.E924E0A50514739BCB6CCD1DA3596EFB] - |A| - [24/04/2017 04:50:43] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [68 Ko] - (8.14.1.6463) - C:\WINDOWS\SysWOW64\atiglpxx.dll [MD5.00AF8195D4EDBA34E531B7F1E907E277] - |A| - [24/04/2017 04:50:43] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [70.02 Ko] - (8.14.10.23) - C:\WINDOWS\SysWOW64\atimpc32.dll [MD5.E8668E782335A2F0F26B9BB1BC99FF70] - |A| - [24/04/2017 04:50:44] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [24705 Ko] - (6.14.10.13397) - C:\WINDOWS\SysWOW64\atioglxx.dll [MD5.C9B88EF2CF9796049B50D460B0EE1E2F] - |A| - [24/04/2017 04:50:44] - (.Copyright (c) 2010 Advanced Micro Devices, Inc. - Radeon spu api dll.) - [79 Ko] - (7.1.0.1) - C:\WINDOWS\SysWOW64\atisamu32.dll [MD5.EBF56F86EBF4F332B5A6F8A0C94D6A28] - |A| - [24/04/2017 04:50:44] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [100.21 Ko] - (8.14.1.6463) - C:\WINDOWS\SysWOW64\atiu9pag.dll [MD5.BD5ECF6041B582DF0215B0F813A65EBF] - |A| - [24/04/2017 04:50:44] - (.Copyright (C) 1998-2011 AMD Inc. - atiumdag.dll.) - [7235.29 Ko] - (9.14.10.1128) - C:\WINDOWS\SysWOW64\atiumdag.dll [MD5.D7F122E9016BC22AF70558628453B8EF] - |A| - [24/04/2017 04:50:44] - (.-.) - [3390.02 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atiumdva.cap [MD5.241252DB505AE41BEA0B7D2A2A9477FB] - |A| - [24/04/2017 04:50:44] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [7742.77 Ko] - (8.14.10.513) - C:\WINDOWS\SysWOW64\atiumdva.dll [MD5.F83C267C8F2000A95D7FA6C601AFEC40] - |A| - [24/04/2017 04:50:45] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [129.9 Ko] - (8.14.1.6463) - C:\WINDOWS\SysWOW64\atiuxpag.dll [MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [24/04/2017 04:50:45] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [24/04/2017 04:50:45] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ativvsvl.dat [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30 Ko] - C:\WINDOWS\SysWOW64\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29.5 Ko] - C:\WINDOWS\SysWOW64\be-BY [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [324 Ko] - C:\WINDOWS\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28.5 Ko] - C:\WINDOWS\SysWOW64\bn-BD [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29.5 Ko] - C:\WINDOWS\SysWOW64\bn-IN [MD5.5790DD6C789EFD358CB8E904E22E5105] - |A| - [15/03/2010 18:45:10] - (.Copyright (C) Brother Industries Ltd., 2010 - Brother Device Check Tool.) - [72 Ko] - (1.0.0.2) - C:\WINDOWS\SysWOW64\BrDctF2.dll [MD5.FC31C90732CE97E3850F1DCAC5F6BA1C] - |A| - [15/02/2012 13:22:28] - (.Copyright (C) Brother Industries Ltd., 2007 - Brother Device Check Tool L.) - [5 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\BrDctF2L.dll [MD5.5F8790D3C5042D5569FCB0D4F4197D76] - |A| - [13/03/2015 14:14:12] - (.Copyright (C) Brother Industries Ltd., 2014 - Brother Device Check Tool S.) - [2.5 Ko] - (1.0.14.14) - C:\WINDOWS\SysWOW64\BrDctF2S.dll [MD5.114E9DE7781BEE1FF4738658C12C013A] - |A| - [09/03/2015 10:17:54] - (.Copyright Brother Industries, Ltd 2004 - brlm03a.) - [24.71 Ko] - (1.0.6.4) - C:\WINDOWS\SysWOW64\BRLM03A.DLL [MD5.822B31A9FC679366560BC4D416BBBB0E] - |A| - [09/03/2015 10:17:54] - (.Copyright (C) 2003,2004 Brother Industries, Ltd. - Wraper DLL for brlm03a(NT/2K/XP) / brif03a(9x).) - [76 Ko] - (1.0.0.182) - C:\WINDOWS\SysWOW64\BRLMW03A.DLL [MD5.C0497C30E6976143CB46C016E8333707] - |A| - [09/03/2015 10:17:54] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\BRLMW03A.INI [MD5.38E5E24BEDE6F59AFC648CB7EF897D69] - |A| - [09/03/2015 10:17:54] - (.Copyright (C) 1999-2008 Brother Industries, Ltd. - BrMuSNMP.) - [176 Ko] - (1.0.2.0) - C:\WINDOWS\SysWOW64\BROSNMP.DLL [MD5.6F25A4E12EF09A37C3EAC2ACD9BE8FF2] - |A| - [09/03/2015 10:17:54] - (.Copyright (C) 2008-2012 Brother Industries, Ltd. - Brother Printer Driver Setting Controller.) - [49.5 Ko] - (2.0.0.0) - C:\WINDOWS\SysWOW64\BRPRTINK.DLL [MD5.954388D98B5CBFA1D32C5D43D5FA5275] - |A| - [09/03/2015 10:17:54] - (.-.) - [44 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\BRTCPCON.DLL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28.5 Ko] - C:\WINDOWS\SysWOW64\bs-Latn-BA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0.1 Ko] - C:\WINDOWS\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30.5 Ko] - C:\WINDOWS\SysWOW64\ca-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [31 Ko] - C:\WINDOWS\SysWOW64\ca-ES-valencia [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [23 Ko] - C:\WINDOWS\SysWOW64\chr-CHER-US [MD5.75923B1A141129E98348FCAE5F145EE1] - |A| - [11/07/2002 12:57:10] - (.-.) - [279 Ko] - (2.5.109.0) - C:\WINDOWS\SysWOW64\cncs232.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [325.5 Ko] - C:\WINDOWS\SysWOW64\com [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [107185.79 Ko] - C:\WINDOWS\SysWOW64\config [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 00:38:21] - [86.84 Ko] - C:\WINDOWS\SysWOW64\Configuration [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [382 Ko] - C:\WINDOWS\SysWOW64\cs-CZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [31.5 Ko] - C:\WINDOWS\SysWOW64\cy-GB [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [379 Ko] - C:\WINDOWS\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [430.5 Ko] - C:\WINDOWS\SysWOW64\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [12/04/2018 00:34:46] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\DefaultAccountTile.png [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 00:38:21] - [205 Ko] - C:\WINDOWS\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [8060.63 Ko] - C:\WINDOWS\SysWOW64\Dism [MD5.8C5D98825C4A3F840290D3000BCBD751] - |A| - [09/06/2018 13:21:58] - (.-.) - [6.2 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICLocal_BP.cfg [MD5.4522750EA97E574F092B463A5072F5D3] - |A| - [09/06/2018 13:21:58] - (.-.) - [6.05 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICLocal_CF.cfg [MD5.3B085599D53A8E49A02B42316167791D] - |A| - [09/06/2018 13:21:58] - (.-.) - [5.98 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICLocal_DU.cfg [MD5.87CC3262E60487AC2A7DF54E7A94405E] - |A| - [09/06/2018 13:21:58] - (.-.) - [13.41 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICLocal_EN.cfg [MD5.D74F30976FC27C4134AC650747E141F6] - |A| - [09/06/2018 13:21:58] - (.-.) - [5.96 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICLocal_ES.cfg [MD5.4522750EA97E574F092B463A5072F5D3] - |A| - [09/06/2018 13:21:58] - (.-.) - [6.05 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICLocal_FR.cfg [MD5.5AF012AA8CF511EBA96E1FB620800406] - |A| - [09/06/2018 13:21:58] - (.-.) - [6.19 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICLocal_GE.cfg [MD5.C97F01641F82529F811750CC8BA8F6BE] - |A| - [09/06/2018 13:21:58] - (.-.) - [6.29 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICLocal_IT.cfg [MD5.EFBB67A52E13B74D9504C72A7FFBAC66] - |A| - [09/06/2018 13:21:58] - (.-.) - [5.68 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICLocal_KO.cfg [MD5.8C5D98825C4A3F840290D3000BCBD751] - |A| - [09/06/2018 13:21:58] - (.-.) - [6.2 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICLocal_PT.cfg [MD5.3310F4A726ABF152C54C6AEF9FF6A73C] - |A| - [09/06/2018 13:21:58] - (.-.) - [2.82 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICLocal_RU.cfg [MD5.6CD8BBC5EFB7F458A8FE3AC3F566D48E] - |A| - [09/06/2018 13:21:58] - (.-.) - [5.31 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICLocal_SC.cfg [MD5.01BDBCEABF472323F62D879A7A2AACF9] - |A| - [09/06/2018 13:21:58] - (.-.) - [2.37 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICLocal_TC.cfg [MD5.8C1013EAF95FF2CEC2391EB0E8B04B31] - |A| - [09/06/2018 13:21:58] - (.Copyright (C) SEIKO EPSON CORPORATION 2001-2006, - EPSON PIC SDK 1.10.) - [70.16 Ko] - (1.1.0.1) - C:\WINDOWS\SysWOW64\EPPicMgr.dll [MD5.11CEF97EC383B4A9268CEBCAFDA1C0BF] - |A| - [09/06/2018 13:21:58] - (.-.) - [25.54 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICPattern1.dat [MD5.99B39A991604A09125A63D1F83A1668F] - |A| - [09/06/2018 13:21:58] - (.-.) - [26.77 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICPattern121.dat [MD5.C35D83EF6773F875E85A37CD389FC98A] - |A| - [09/06/2018 13:21:58] - (.-.) - [30.33 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICPattern131.dat [MD5.AED88E22D1F234668E0FF2F1C6D80AD1] - |A| - [09/06/2018 13:21:58] - (.-.) - [19.68 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICPattern2.dat [MD5.EA23048F088AAC681C4FE4EC051A8663] - |A| - [09/06/2018 13:21:58] - (.-.) - [24.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICPattern3.dat [MD5.DAEF4897E14EFB7050F7E0FC6887379F] - |A| - [09/06/2018 13:21:58] - (.-.) - [11.53 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICPattern4.dat [MD5.7124C6AA586A840A5AE1F2972D4F6E12] - |A| - [09/06/2018 13:21:58] - (.-.) - [20.89 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICPattern5.dat [MD5.E000BC718432CBB8F8AF9A2DD4EBCC59] - |A| - [09/06/2018 13:21:58] - (.-.) - [4.83 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICPattern6.dat [MD5.17252792B6016C58F15C9A04AC834147] - |A| - [09/06/2018 13:21:58] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICPresetData_BP.dat [MD5.EC10E010C637383D566C95CEA4307737] - |A| - [09/06/2018 13:21:58] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICPresetData_CF.dat [MD5.7C52CC8596D832C902FD194EBBB2CB2E] - |A| - [09/06/2018 13:21:58] - (.-.) - [1.12 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICPresetData_DU.dat [MD5.4843A0BA0A20A81373086ACCAD81725B] - |A| - [09/06/2018 13:21:58] - (.-.) - [1.08 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICPresetData_EN.dat [MD5.A40E9AED5BB4DF99EEC5C973DA0C0B42] - |A| - [09/06/2018 13:21:58] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICPresetData_ES.dat [MD5.EC10E010C637383D566C95CEA4307737] - |A| - [09/06/2018 13:21:58] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICPresetData_FR.dat [MD5.968070015D107F9353471E2CCA8F432E] - |A| - [09/06/2018 13:21:58] - (.-.) - [1.08 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICPresetData_GE.dat [MD5.1E58B11A525A5C324F4BCF86E62E1826] - |A| - [09/06/2018 13:21:58] - (.-.) - [1.09 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICPresetData_IT.dat [MD5.17252792B6016C58F15C9A04AC834147] - |A| - [09/06/2018 13:21:58] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICPresetData_PT.dat [MD5.7AA6FCF74FEA8DE3F1E71CF579E9BCB9] - |A| - [09/06/2018 13:21:58] - (.-.) - [109.31 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EPPICPrinterDB.dat [MD5.2E409416D32024870A2D841B157A8E19] - |A| - [09/06/2018 13:21:58] - (.Copyright (C) SEIKO EPSON CORPORATION 2001-2006, - EPSON PIC SDK 1.10.) - [118.16 Ko] - (1.1.0.1) - C:\WINDOWS\SysWOW64\EpPicPrt.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [411.5 Ko] - C:\WINDOWS\SysWOW64\es-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [336.5 Ko] - C:\WINDOWS\SysWOW64\es-MX [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [299.5 Ko] - C:\WINDOWS\SysWOW64\et-EE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29 Ko] - C:\WINDOWS\SysWOW64\eu-ES [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 00:38:21] - [13099.15 Ko] - C:\WINDOWS\SysWOW64\F12 [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28.5 Ko] - C:\WINDOWS\SysWOW64\fa-IR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [383 Ko] - C:\WINDOWS\SysWOW64\fi-FI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [32.5 Ko] - C:\WINDOWS\SysWOW64\fil-PH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:18:40] - [3149.5 Ko] - C:\WINDOWS\SysWOW64\fr [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [346 Ko] - C:\WINDOWS\SysWOW64\fr-CA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [37139.65 Ko] - C:\WINDOWS\SysWOW64\fr-FR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [32.5 Ko] - C:\WINDOWS\SysWOW64\ga-IE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [34 Ko] - C:\WINDOWS\SysWOW64\gd-GB [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [31 Ko] - C:\WINDOWS\SysWOW64\gl-ES [MD5.1E91815C329345AD54FE08BF7A98F749] - |A| - [12/04/2018 17:19:16] - (.Copyright (C) 2017 - Gracenote SDK component.) - [4073.5 Ko] - (3.10.5.5585) - C:\WINDOWS\SysWOW64\gnsdk_fp.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29 Ko] - C:\WINDOWS\SysWOW64\gu-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29 Ko] - C:\WINDOWS\SysWOW64\ha-Latn-NG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [309.5 Ko] - C:\WINDOWS\SysWOW64\he-IL [MD5.B4242227EAA6B910E3D0B985816DB2E7] - |A| - [12/04/2018 00:34:45] - (.-.) - [218 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29 Ko] - C:\WINDOWS\SysWOW64\hi-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [314.5 Ko] - C:\WINDOWS\SysWOW64\hr-HR [MD5.EF526D5DE6BEA3EF9D66177422346CF8] - |A| - [24/04/2017 04:50:45] - (.-.) - [100 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\hsa-thunk.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [389.5 Ko] - C:\WINDOWS\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [27.5 Ko] - C:\WINDOWS\SysWOW64\hy-AM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [36.27 Ko] - C:\WINDOWS\SysWOW64\icsxml [MD5.17F5D3282D520EB2EA7C488AA6C57438] - |RA| - [12/04/2018 00:34:47] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1594 Ko] - (59.1.0.0) - C:\WINDOWS\SysWOW64\icuin.dll [MD5.A456E020684366A0DB0714ABFB1B5A2A] - |RA| - [12/04/2018 00:34:47] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1134 Ko] - (59.1.0.0) - C:\WINDOWS\SysWOW64\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28.5 Ko] - C:\WINDOWS\SysWOW64\id-ID [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [27 Ko] - C:\WINDOWS\SysWOW64\ig-NG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [20757.55 Ko] - C:\WINDOWS\SysWOW64\IME [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\inetsrv [MD5.9DDE110E76DD3D7FAA7282361069528E] - |A| - [12/04/2018 00:34:47] - (.-.) - [355.66 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [215.5 Ko] - C:\WINDOWS\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [1160 Ko] - C:\WINDOWS\SysWOW64\InstallShield [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\Ipmi [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29 Ko] - C:\WINDOWS\SysWOW64\is-IS [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [410.5 Ko] - C:\WINDOWS\SysWOW64\it-IT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [288 Ko] - C:\WINDOWS\SysWOW64\ja-JP [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28.5 Ko] - C:\WINDOWS\SysWOW64\ka-GE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28.5 Ko] - C:\WINDOWS\SysWOW64\kk-KZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28 Ko] - C:\WINDOWS\SysWOW64\km-KH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [31.5 Ko] - C:\WINDOWS\SysWOW64\kn-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [283.5 Ko] - C:\WINDOWS\SysWOW64\ko-KR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29 Ko] - C:\WINDOWS\SysWOW64\kok-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29.5 Ko] - C:\WINDOWS\SysWOW64\ku-Arab-IQ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30 Ko] - C:\WINDOWS\SysWOW64\ky-KG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [33 Ko] - C:\WINDOWS\SysWOW64\lb-LU [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [559.86 Ko] - C:\WINDOWS\SysWOW64\Licenses [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [27 Ko] - C:\WINDOWS\SysWOW64\lo-LA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\LogFiles [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [313 Ko] - C:\WINDOWS\SysWOW64\lt-LT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [311.5 Ko] - C:\WINDOWS\SysWOW64\lv-LV [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [24607.81 Ko] - C:\WINDOWS\SysWOW64\Macromed [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [32.68 Ko] - C:\WINDOWS\SysWOW64\MailContactsCalendarSync [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29 Ko] - C:\WINDOWS\SysWOW64\mi-NZ [MD5.00000000000000000000000000000000] - |SD| - [02/01/2019 08:09:10] - [0 Ko] - C:\WINDOWS\SysWOW64\Microsoft [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [2991.42 Ko] - C:\WINDOWS\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [827.4 Ko] - C:\WINDOWS\SysWOW64\migwiz [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30 Ko] - C:\WINDOWS\SysWOW64\mk-MK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [32.5 Ko] - C:\WINDOWS\SysWOW64\ml-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30.5 Ko] - C:\WINDOWS\SysWOW64\mn-MN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29.5 Ko] - C:\WINDOWS\SysWOW64\mr-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30 Ko] - C:\WINDOWS\SysWOW64\ms-MY [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [45.5 Ko] - C:\WINDOWS\SysWOW64\MSDRM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [52.28 Ko] - C:\WINDOWS\SysWOW64\Msdtc [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [31 Ko] - C:\WINDOWS\SysWOW64\mt-MT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [19.15 Ko] - C:\WINDOWS\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [374 Ko] - C:\WINDOWS\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [31.5 Ko] - C:\WINDOWS\SysWOW64\ne-NP [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [51 Ko] - C:\WINDOWS\SysWOW64\networklist [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [400.5 Ko] - C:\WINDOWS\SysWOW64\nl-NL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28.5 Ko] - C:\WINDOWS\SysWOW64\nn-NO [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30.5 Ko] - C:\WINDOWS\SysWOW64\nso-ZA [MD5.5142D792080F0B8D1CACACCE004DE07A] - |A| - [17/06/2008 14:33:14] - (.Copyright(c) 2008 Brother Industries,Ltd. - NSSearch.) - [164 Ko] - (1.0.13.0) - C:\WINDOWS\SysWOW64\NSSearch.dll [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 00:38:21] - [3781.5 Ko] - C:\WINDOWS\SysWOW64\Nui [MD5.00000000000000000000000000000000] - |AD| - [24/05/2017 16:15:59] - [0 Ko] - C:\WINDOWS\SysWOW64\OEM [MD5.B3B9C8925432FDA674ACCA908FE3CFDE] - |A| - [12/04/2018 00:34:02] - (.-.) - [36.79 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\OneDrive.ico [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [688.69 Ko] - C:\WINDOWS\SysWOW64\oobe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [32.5 Ko] - C:\WINDOWS\SysWOW64\or-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28.5 Ko] - C:\WINDOWS\SysWOW64\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30 Ko] - C:\WINDOWS\SysWOW64\pa-IN [MD5.7280CC0843BAB9B4E3010DAAC1BB1F2D] - |A| - [07/10/2018 10:32:41] - (.-.) - [1752.94 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PerfStringBackup.INI [MD5.68D2DE06776BEC0409AF80D26C2FD42E] - |A| - [09/06/2018 13:21:58] - (.Copyright (C) SEIKO EPSON CORPORATION 2001-2006, - EPSON PIC SDK 3.0.) - [106.16 Ko] - (3.0.0.2) - C:\WINDOWS\SysWOW64\PICEntry.dll [MD5.93C3E9EE30280A8ED2D56DCEDA0FAF3F] - |A| - [09/06/2018 13:21:58] - (.Copyright (C) SEIKO EPSON CORPORATION 2001-2006, - EPSON PIC SDK 3.0.) - [78.15 Ko] - (3.0.0.1) - C:\WINDOWS\SysWOW64\PICSDK.dll [MD5.E6045091F9CE5E5FC87A7D9E6C25AADE] - |A| - [09/06/2018 13:21:58] - (.-.) - [0.09 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PICSDK.ini [MD5.7D87F300AAFC1D83FA361A3C22154383] - |A| - [09/06/2018 13:21:58] - (.Copyright (C) SEIKO EPSON CORPORATION 2001-2007, - EPSON PIC SDK 3.0.) - [490.15 Ko] - (3.0.1.4) - C:\WINDOWS\SysWOW64\PICSDK2.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [397.5 Ko] - C:\WINDOWS\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:18:40] - [973.95 Ko] - C:\WINDOWS\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30.5 Ko] - C:\WINDOWS\SysWOW64\prs-AF [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [400.5 Ko] - C:\WINDOWS\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [395.5 Ko] - C:\WINDOWS\SysWOW64\pt-PT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [32.5 Ko] - C:\WINDOWS\SysWOW64\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30.5 Ko] - C:\WINDOWS\SysWOW64\quz-PE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [23.75 Ko] - C:\WINDOWS\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\RasToast [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0.82 Ko] - C:\WINDOWS\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\restore [MD5.93AE9EDBD661741B50D30B56F3978653] - |A| - [27/07/2017 15:35:42] - (.-.) - [6062.94 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\rootpa.e2e [MD5.50EE1B3DFF7D0857857C0D73F2224BA0] - |A| - [24/04/2017 04:50:35] - (.Copyright (c) 2013 - 2014 Advanced Micro Devices, Inc. - rootpacommon dll.) - [2906.02 Ko] - (1.22.0.0) - C:\WINDOWS\SysWOW64\rootpacommon.dll [MD5.00000000000000000000000000000000] - |D| - [27/07/2017 15:29:23] - [6810.78 Ko] - C:\WINDOWS\SysWOW64\RTCOM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [391 Ko] - C:\WINDOWS\SysWOW64\ru-RU [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29.5 Ko] - C:\WINDOWS\SysWOW64\rw-RW [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30 Ko] - C:\WINDOWS\SysWOW64\sd-Arab-PK [MD5.48435D12B45AB1F954CB579D1EA15D52] - |A| - [27/07/2017 15:28:46] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [321.64 Ko] - (4.0.0.59) - C:\WINDOWS\SysWOW64\SRCOM.dll [MD5.2E00E08420875FAE0B173C6A34C2A575] - |A| - [02/06/2018 18:32:41] - (.-.) - [18.28 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\srms-apr.dat [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\sru [MD5.DC2DB04CA829CAD7910CE71263F68C90] - |A| - [12/04/2018 00:34:45] - (.-.) - [321.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [381.5 Ko] - C:\WINDOWS\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29 Ko] - C:\WINDOWS\SysWOW64\sw-KE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:18:40] - [0 Ko] - C:\WINDOWS\SysWOW64\sysprep [MD5.9162DF7D8B93B3F94B054FA532BCFFB1] - |A| - [07/11/2017 21:51:34] - (.Copyright (c) 2013 - 2017 Advanced Micro Devices, Inc. - t-base_client_api dll.) - [21.51 Ko] - (4.5.0.0) - C:\WINDOWS\SysWOW64\t-base_client_api.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [34 Ko] - C:\WINDOWS\SysWOW64\ta-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\Tasks [MD5.B4CB306845507AB3D494EEAAD38EC5E4] - |A| - [24/04/2017 04:50:35] - (.Copyright © 2013 - 2014 Advanced Micro Devices, Inc. - tbaseprovisioning.) - [59.02 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [MD5.813A2EC812AB37D8EDF5116AD488A980] - |A| - [24/04/2017 04:50:35] - (.-.) - [2.42 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\tbaseprovisioning.exe.config [MD5.7376F49F20177860CBB9B6119E6C1D11] - |A| - [07/11/2017 21:51:44] - (.Copyright (c) 2013 - 2017 Advanced Micro Devices, Inc. - tbaseregistry dll.) - [106.01 Ko] - (4.5.0.0) - C:\WINDOWS\SysWOW64\tbaseregistry32.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30 Ko] - C:\WINDOWS\SysWOW64\te-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [32 Ko] - C:\WINDOWS\SysWOW64\tg-Cyrl-TJ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [289.5 Ko] - C:\WINDOWS\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [22.5 Ko] - C:\WINDOWS\SysWOW64\ti-ET [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [27.5 Ko] - C:\WINDOWS\SysWOW64\tk-TM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [32.5 Ko] - C:\WINDOWS\SysWOW64\tn-ZA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [372.5 Ko] - C:\WINDOWS\SysWOW64\tr-TR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28.5 Ko] - C:\WINDOWS\SysWOW64\tt-RU [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28 Ko] - C:\WINDOWS\SysWOW64\ug-CN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [314 Ko] - C:\WINDOWS\SysWOW64\uk-UA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29.5 Ko] - C:\WINDOWS\SysWOW64\ur-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [32 Ko] - C:\WINDOWS\SysWOW64\uz-Latn-UZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [31.5 Ko] - C:\WINDOWS\SysWOW64\vi-VN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [18805.88 Ko] - C:\WINDOWS\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:18:40] - [0 Ko] - C:\WINDOWS\SysWOW64\WCN [MD5.F8A04B2ADF9693ADF0D70B966CA4498E] - |A| - [12/04/2018 00:34:45] - (.-.) - [109 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [9205.74 Ko] - C:\WINDOWS\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [5569.41 Ko] - C:\WINDOWS\SysWOW64\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:18:40] - [207.64 Ko] - C:\WINDOWS\SysWOW64\winrm [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [27.5 Ko] - C:\WINDOWS\SysWOW64\wo-SN [MD5.B11FB75837995F61B484B7CED2C79F78] - |A| - [31/01/2019 08:09:58] - (.Copyright 2002-2017 WeOnlyDo - wodKeys Component.) - [1098.73 Ko] - (1.5.0.35) - C:\WINDOWS\SysWOW64\wodKeys.dll [MD5.89D2779BEEC338DA0D0983C9062A0390] - |A| - [31/01/2019 08:09:58] - (.Copyright 2002-2017 WeOnlyDo! - wodSFTP Component.) - [1359.78 Ko] - (3.8.4.212) - C:\WINDOWS\SysWOW64\wodSFTP.dll [MD5.62236256C14EBAB96F24E4F1D7049CA8] - |A| - [12/04/2018 00:34:45] - (.-.) - [54.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30 Ko] - C:\WINDOWS\SysWOW64\xh-ZA [MD5.00000000000000000000000000000000] - |D| - [02/06/2018 14:34:47] - [10.16 Ko] - C:\WINDOWS\SysWOW64\XPSViewer [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [29 Ko] - C:\WINDOWS\SysWOW64\yo-NG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [245.5 Ko] - C:\WINDOWS\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\zh-HK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [240.5 Ko] - C:\WINDOWS\SysWOW64\zh-TW [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [30 Ko] - C:\WINDOWS\SysWOW64\zu-ZA ---------- | Shell Folders [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "!Do not use this registry key"=Use the SHGetFolderPath or SHGetKnownFolderPath function instead "AppData"=C:\Users\lance\AppData\Roaming [02/06/2018 20:34:06] "Local AppData"=C:\Users\lance\AppData\Local [02/06/2018 20:34:06] "CD Burning"=C:\Users\lance\AppData\Local\Microsoft\Windows\Burn\Burn [02/06/2018 22:06:24] "{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"=C:\Users\lance\AppData\Roaming\Microsoft\Windows\Libraries [01/06/2018 23:40:46] "My Video"=C:\Users\lance\Videos [01/06/2018 23:34:29] "My Pictures"=C:\Users\lance\Pictures [01/06/2018 23:34:29] "Desktop"=C:\Users\lance\Desktop [01/06/2018 23:34:29] "History"=C:\Users\lance\AppData\Local\Microsoft\Windows\History [01/06/2018 23:34:29] "NetHood"=C:\Users\lance\AppData\Roaming\Microsoft\Windows\Network Shortcuts [02/06/2018 20:34:06] "{56784854-C6CB-462B-8169-88E350ACB882}"=C:\Users\lance\Contacts [01/06/2018 23:40:46] "{00BCFC5A-ED94-4E48-96A1-3F6217F21990}"=C:\Users\lance\AppData\Local\Microsoft\Windows\RoamingTiles "Cookies"=C:\Users\lance\AppData\Local\Microsoft\Windows\INetCookies [01/06/2018 23:34:29] "Favorites"=C:\Users\lance\Favorites [01/06/2018 23:34:29] "SendTo"=C:\Users\lance\AppData\Roaming\Microsoft\Windows\SendTo [01/06/2018 23:34:29] "Start Menu"=C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu [01/06/2018 23:34:29] "My Music"=C:\Users\lance\Music [01/06/2018 23:34:29] "Programs"=C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [01/06/2018 23:34:29] "Recent"=C:\Users\lance\AppData\Roaming\Microsoft\Windows\Recent [01/06/2018 23:34:29] "PrintHood"=C:\Users\lance\AppData\Roaming\Microsoft\Windows\Printer Shortcuts [02/06/2018 20:34:06] "{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"=C:\Users\lance\Searches [01/06/2018 23:40:47] "{374DE290-123F-4565-9164-39C4925E467B}"=C:\Users\lance\Downloads [01/06/2018 23:34:29] "{A520A1A4-1780-4FF6-BD18-167343C5AF16}"=C:\Users\lance\AppData\LocalLow [01/06/2018 23:34:29] "Startup"=C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [01/06/2018 23:40:47] "Administrative Tools"=C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [01/06/2018 23:40:47] "Personal"=C:\Users\lance\Documents [01/06/2018 23:34:29] "{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"=C:\Users\lance\Links [01/06/2018 23:34:29] "Cache"=C:\Users\lance\AppData\Local\Microsoft\Windows\INetCache [02/06/2018 20:34:06] "Templates"=C:\Users\lance\AppData\Roaming\Microsoft\Windows\Templates [02/06/2018 20:34:06] "{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"=C:\Users\lance\Saved Games [01/06/2018 23:34:29] "Fonts"=C:\WINDOWS\Fonts [12/04/2018 00:38:21] [HKU\S-1-5-21-1804058015-178936653-3311423861-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "AppData"=%USERPROFILE%\AppData\Roaming "Cache"=C:\Users\lance\AppData\Local\Microsoft\Windows\INetCache [02/06/2018 20:34:06] "Cookies"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCookies "Desktop"=%USERPROFILE%\Desktop "Favorites"=%USERPROFILE%\Favorites "History"=%USERPROFILE%\AppData\Local\Microsoft\Windows\History "Local AppData"=%USERPROFILE%\AppData\Local "My Music"=%USERPROFILE%\Music "My Pictures"=%USERPROFILE%\Pictures "My Video"=%USERPROFILE%\Videos "NetHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts "Personal"=%USERPROFILE%\Documents "PrintHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts "Programs"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs "Recent"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent "SendTo"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo "Start Menu"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu "Startup"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup "Templates"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates "{374DE290-123F-4565-9164-39C4925E467B}"=%USERPROFILE%\Downloads "{24D89E24-2F19-4534-9DDE-6A6671FBB8FE}"=D:\OneDrive\Commune\scribus\Documents [04/06/2018 10:37:16] "{339719B5-8C47-4894-94C2-D8F77ADD44A6}"=D:\OneDrive\Images [04/06/2018 10:34:23] "{767E6811-49CB-4273-87C2-20F355E1085B}"=D:\OneDrive\Images\Pellicule [04/06/2018 10:34:52] "{A52BBA46-E9E1-435F-B3D9-28DAA648C0F6}"=D:\OneDrive [01/06/2018 23:44:23] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [12/04/2018 00:38:20] "Common AppData"=C:\ProgramData [12/04/2018 00:38:20] "Common Desktop"=C:\Users\Public\Desktop [16/07/2016 12:47:48] "Common Documents"=C:\Users\Public\Documents [16/07/2016 12:47:48] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [12/04/2018 00:38:20] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [12/04/2018 00:38:20] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [12/04/2018 00:38:20] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [16/07/2016 12:47:48] "CommonMusic"=C:\Users\Public\Music [16/07/2016 12:47:48] "CommonPictures"=C:\Users\Public\Pictures [16/07/2016 12:47:48] "CommonVideo"=C:\Users\Public\Videos [16/07/2016 12:47:48] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [12/04/2018 00:38:20] "Common AppData"=C:\ProgramData [12/04/2018 00:38:20] "Common Desktop"=C:\Users\Public\Desktop [16/07/2016 12:47:48] "Common Documents"=C:\Users\Public\Documents [16/07/2016 12:47:48] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [12/04/2018 00:38:20] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [12/04/2018 00:38:20] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [12/04/2018 00:38:20] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [16/07/2016 12:47:48] "CommonMusic"=C:\Users\Public\Music [16/07/2016 12:47:48] "CommonPictures"=C:\Users\Public\Pictures [16/07/2016 12:47:48] "CommonVideo"=C:\Users\Public\Videos [16/07/2016 12:47:48] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads ---------- | [lance] [09/06/2018 22:49:03] - |D| - [316] - C:\Users\lance\.cache [09/06/2018 22:48:44] - |D| - [406778] - C:\Users\lance\.gimp-2.8 [04/06/2018 09:48:54] - |D| - [73] - C:\Users\lance\.oracle_jre_usage [21/11/2018 17:11:03] - |D| - [0] - C:\Users\lance\.thumbnails [02/06/2018 22:03:19] - |RD| - [298] - C:\Users\lance\3D Objects [02/06/2018 20:34:06] - |HD| - [4865319954] - C:\Users\lance\AppData [02/06/2018 20:34:07] - |SHD| - [0] - C:\Users\lance\Application Data [01/06/2018 23:40:46] - |RD| - [412] - C:\Users\lance\Contacts [02/06/2018 20:34:07] - |SHD| - [0] - C:\Users\lance\Cookies [01/06/2018 23:34:29] - |RD| - [27647875] - C:\Users\lance\Desktop [01/06/2018 23:34:29] - |RD| - [11337485] - C:\Users\lance\Documents [01/06/2018 23:34:29] - |RD| - [52459119] - C:\Users\lance\Downloads [01/06/2018 23:34:29] - |RD| - [236978] - C:\Users\lance\Favorites [01/06/2018 23:34:29] - |RD| - [2039] - C:\Users\lance\Links [02/06/2018 20:34:07] - |SHD| - [0] - C:\Users\lance\Local Settings [02/06/2018 20:34:07] - |SHD| - [0] - C:\Users\lance\Menu Démarrer [02/06/2018 20:34:07] - |SHD| - [0] - C:\Users\lance\Mes documents [02/06/2018 22:04:24] - |HD| - [7881216] - C:\Users\lance\MicrosoftEdgeBackups [02/06/2018 20:34:07] - |SHD| - [0] - C:\Users\lance\Modèles [01/06/2018 23:34:29] - |RD| - [504] - C:\Users\lance\Music [02/06/2018 20:34:06] - |AH| - [8388608] - C:\Users\lance\NTUSER.DAT [02/06/2018 20:34:07] - |ASH| - [1835008] - C:\Users\lance\ntuser.dat.LOG1 [02/06/2018 20:34:07] - |ASH| - [2118656] - C:\Users\lance\ntuser.dat.LOG2 [02/06/2018 20:34:07] - |ASH| - [65536] - C:\Users\lance\NTUSER.DAT{7d210525-669a-11e8-a437-88d7f6567a7a}.TM.blf [02/06/2018 20:34:07] - |ASH| - [524288] - C:\Users\lance\NTUSER.DAT{7d210525-669a-11e8-a437-88d7f6567a7a}.TMContainer00000000000000000001.regtrans-ms [02/06/2018 20:34:07] - |ASH| - [524288] - C:\Users\lance\NTUSER.DAT{7d210525-669a-11e8-a437-88d7f6567a7a}.TMContainer00000000000000000002.regtrans-ms [02/06/2018 22:02:58] - |SH| - [20] - C:\Users\lance\ntuser.ini [04/06/2018 10:33:20] - |RAD| - [1547326] - C:\Users\lance\OneDrive [01/06/2018 23:34:29] - |RD| - [14276141] - C:\Users\lance\Pictures [02/06/2018 20:34:07] - |SHD| - [0] - C:\Users\lance\Recent [01/06/2018 23:34:29] - |RD| - [282] - C:\Users\lance\Saved Games [01/06/2018 23:40:47] - |RD| - [1875] - C:\Users\lance\Searches [02/06/2018 20:34:07] - |SHD| - [0] - C:\Users\lance\SendTo [21/06/2018 09:36:44] - |A| - [0] - C:\Users\lance\Sti_Trace.log [01/06/2018 23:34:29] - |RD| - [1509] - C:\Users\lance\Videos [02/06/2018 20:34:07] - |SHD| - [0] - C:\Users\lance\Voisinage d'impression [02/06/2018 20:34:07] - |SHD| - [0] - C:\Users\lance\Voisinage réseau [01/02/2019 11:48:22] - |A| - [3197312] - C:\Users\lance\ZHPDiag3.exe [02/06/2018 20:34:06] - |D| - [2947171876] - C:\Users\lance\AppData\Local [01/06/2018 23:34:29] - |D| - [13446334] - C:\Users\lance\AppData\LocalLow [02/06/2018 20:34:06] - |D| - [1904701744] - C:\Users\lance\AppData\Roaming [29/11/2018 09:46:17] - |D| - [67910] - C:\Users\lance\AppData\Local\2BrightSparks [31/01/2019 09:16:56] - |D| - [131072] - C:\Users\lance\AppData\Local\AdAwareDesktop [31/01/2019 09:11:36] - |D| - [131072] - C:\Users\lance\AppData\Local\AdAwareUpdater [05/06/2018 07:12:19] - |D| - [1649588] - C:\Users\lance\AppData\Local\Adobe [02/06/2018 20:34:07] - |SHD| - [0] - C:\Users\lance\AppData\Local\Application Data [01/07/2018 22:54:23] - |D| - [70139] - C:\Users\lance\AppData\Local\ATI [24/09/2018 15:54:26] - |D| - [864] - C:\Users\lance\AppData\Local\Brother_Industries,_Ltd [02/07/2018 22:56:12] - |D| - [8559] - C:\Users\lance\AppData\Local\Canon_INC [05/06/2018 07:19:02] - |D| - [0] - C:\Users\lance\AppData\Local\CEF [01/06/2018 23:42:42] - |D| - [40096988] - C:\Users\lance\AppData\Local\Comms [01/06/2018 23:40:36] - |D| - [7606132] - C:\Users\lance\AppData\Local\ConnectedDevicesPlatform [14/01/2019 07:55:12] - |D| - [15316696] - C:\Users\lance\AppData\Local\CrashDumps [04/06/2018 10:26:44] - |D| - [68516] - C:\Users\lance\AppData\Local\D3DSCache [03/06/2018 08:47:38] - |D| - [0] - C:\Users\lance\AppData\Local\DBG [07/06/2018 14:44:17] - |D| - [1969738] - C:\Users\lance\AppData\Local\Diagnostics [15/06/2018 09:29:35] - |D| - [0] - C:\Users\lance\AppData\Local\ElevatedDiagnostics [09/06/2018 22:49:03] - |D| - [5316548] - C:\Users\lance\AppData\Local\fontconfig [09/06/2018 22:48:42] - |D| - [660] - C:\Users\lance\AppData\Local\gegl-0.2 [03/06/2018 10:39:09] - |D| - [682895244] - C:\Users\lance\AppData\Local\Google [21/11/2018 17:11:05] - |D| - [198] - C:\Users\lance\AppData\Local\gtk-2.0 [02/06/2018 20:34:07] - |SHD| - [0] - C:\Users\lance\AppData\Local\Historique [03/01/2019 23:41:20] - |AH| - [38302] - C:\Users\lance\AppData\Local\IconCache.db [02/06/2018 20:34:06] - |D| - [1692973216] - C:\Users\lance\AppData\Local\Microsoft [01/06/2018 23:49:42] - |D| - [73646] - C:\Users\lance\AppData\Local\MicrosoftEdge [21/06/2018 10:28:01] - |D| - [3011] - C:\Users\lance\AppData\Local\Microsoft_Corporation [02/06/2018 03:06:41] - |D| - [0] - C:\Users\lance\AppData\Local\NetworkTiles [31/01/2019 20:02:57] - |D| - [3348992] - C:\Users\lance\AppData\Local\NPE [26/09/2018 07:37:34] - |D| - [0] - C:\Users\lance\AppData\Local\OneDrive [01/06/2018 23:40:40] - |D| - [142577665] - C:\Users\lance\AppData\Local\Packages [01/06/2018 23:58:56] - |D| - [0] - C:\Users\lance\AppData\Local\PackageStaging [09/06/2018 13:22:12] - |D| - [4048235] - C:\Users\lance\AppData\Local\Panasonic [02/06/2018 22:07:28] - |D| - [58920] - C:\Users\lance\AppData\Local\PlaceholderTileLogoFolder [04/06/2018 07:08:53] - |D| - [0] - C:\Users\lance\AppData\Local\Programs [01/06/2018 23:42:00] - |D| - [0] - C:\Users\lance\AppData\Local\Publishers [22/11/2018 22:48:23] - |A| - [2111] - C:\Users\lance\AppData\Local\recently-used.xbel [16/08/2018 10:27:05] - |A| - [7605] - C:\Users\lance\AppData\Local\resmon.resmoncfg [02/06/2018 20:34:06] - |D| - [57411453] - C:\Users\lance\AppData\Local\Temp [02/06/2018 20:34:07] - |SHD| - [0] - C:\Users\lance\AppData\Local\Temporary Internet Files [03/06/2018 16:36:09] - |D| - [266613689] - C:\Users\lance\AppData\Local\Thunderbird [01/06/2018 23:40:38] - |D| - [13656064] - C:\Users\lance\AppData\Local\TileDataLayer [01/06/2018 23:40:44] - |D| - [10902721] - C:\Users\lance\AppData\Local\VirtualStore [14/01/2019 23:59:52] - |D| - [0] - C:\Users\lance\AppData\Local\WinSweeper [31/01/2019 21:27:09] - |D| - [126322] - C:\Users\lance\AppData\Local\ZHP [05/06/2018 07:18:50] - |D| - [12969435] - C:\Users\lance\AppData\LocalLow\Adobe [27/06/2018 16:17:30] - |D| - [0] - C:\Users\lance\AppData\LocalLow\Brother [01/06/2018 23:40:53] - |SD| - [476517] - C:\Users\lance\AppData\LocalLow\Microsoft [03/06/2018 16:36:13] - |D| - [0] - C:\Users\lance\AppData\LocalLow\Mozilla [11/06/2018 12:56:09] - |D| - [382] - C:\Users\lance\AppData\LocalLow\pandasecuritytb [20/09/2018 07:10:44] - |D| - [0] - C:\Users\lance\AppData\LocalLow\Temp [29/11/2018 09:46:17] - |D| - [0] - C:\Users\lance\AppData\Roaming\2BrightSparks [31/01/2019 08:10:18] - |D| - [8880] - C:\Users\lance\AppData\Roaming\AceBIT [01/06/2018 23:40:42] - |D| - [84966] - C:\Users\lance\AppData\Roaming\Adobe [01/07/2018 22:54:23] - |D| - [0] - C:\Users\lance\AppData\Roaming\ATI [27/06/2018 16:17:30] - |RD| - [83] - C:\Users\lance\AppData\Roaming\Brother [04/06/2018 09:53:13] - |D| - [4] - C:\Users\lance\AppData\Roaming\canon [06/09/2018 10:00:36] - |D| - [55504] - C:\Users\lance\AppData\Roaming\CANON INC [04/06/2018 09:56:26] - |D| - [1090861] - C:\Users\lance\AppData\Roaming\Canon_Inc_IC [16/06/2018 07:26:39] - |D| - [53750] - C:\Users\lance\AppData\Roaming\ControlCenter4 [21/06/2018 10:28:05] - |D| - [0] - C:\Users\lance\AppData\Roaming\DataRecommendations [04/06/2018 09:23:46] - |D| - [0] - C:\Users\lance\AppData\Roaming\Google [08/06/2018 09:09:01] - |D| - [29490] - C:\Users\lance\AppData\Roaming\IcoFX [21/11/2018 23:45:11] - |D| - [26734] - C:\Users\lance\AppData\Roaming\inkscape [09/06/2018 13:21:52] - |D| - [0] - C:\Users\lance\AppData\Roaming\InstallShield [01/06/2018 23:46:54] - |D| - [2148] - C:\Users\lance\AppData\Roaming\Macromedia [02/06/2018 20:34:06] - |SD| - [89181217] - C:\Users\lance\AppData\Roaming\Microsoft [03/06/2018 16:36:10] - |D| - [0] - C:\Users\lance\AppData\Roaming\Mozilla [02/07/2018 08:29:05] - |D| - [211397] - C:\Users\lance\AppData\Roaming\ObviousIdea [11/06/2018 12:55:22] - |D| - [611] - C:\Users\lance\AppData\Roaming\Panda Security [03/07/2018 08:53:22] - |D| - [3563] - C:\Users\lance\AppData\Roaming\PhotoFiltre Studio X [11/06/2018 12:56:15] - |D| - [1150] - C:\Users\lance\AppData\Roaming\Search The Web [03/06/2018 13:35:59] - |D| - [76] - C:\Users\lance\AppData\Roaming\Skype [03/06/2018 16:36:09] - |D| - [1246264593] - C:\Users\lance\AppData\Roaming\Thunderbird [07/10/2018 14:06:02] - |A| - [28347] - C:\Users\lance\AppData\Roaming\Valeurs séparées par une virgule.ADR [07/10/2018 11:18:20] - |A| - [12454] - C:\Users\lance\AppData\Roaming\Valeurs séparées par une virgule.EML [14/01/2019 23:30:30] - |D| - [423993022] - C:\Users\lance\AppData\Roaming\WinThruster [08/06/2018 09:19:55] - |D| - [140361414] - C:\Users\lance\AppData\Roaming\XnView [31/01/2019 21:27:09] - |D| - [3916556] - C:\Users\lance\AppData\Roaming\ZHP [01/06/2018 23:40:46] - |SH| - [174] - C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [02/06/2018 20:34:07] - |SHD| - [0] - C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [01/06/2018 23:34:29] - |RD| - [28833] - C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [02/06/2018 20:34:06] - |RD| - [1674] - C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [02/06/2018 20:34:06] - |RD| - [2932] - C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [01/06/2018 23:40:47] - |RD| - [174] - C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [22/09/2018 23:32:04] - |A| - [1385] - C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrCcBoot.lnk [07/06/2018 21:51:02] - |D| - [2089] - C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BRCOLUMNS [02/06/2018 20:34:06] - |SH| - [264] - C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [02/06/2018 20:34:06] - |D| - [170] - C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [02/06/2018 20:34:06] - |A| - [2446] - C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [03/07/2018 08:53:18] - |D| - [4998] - C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X [01/06/2018 23:40:47] - |RD| - [1451] - C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [02/06/2018 20:34:06] - |RD| - [3496] - C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [02/06/2018 20:34:06] - |RD| - [7754] - C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [01/06/2018 23:40:47] - |SH| - [174] - C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [02/07/2018 09:21:43] - |A| - [1277] - C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk ---------- | [Public] [25/05/2017 09:19:10] - |RHD| - [47395] - C:\Users\Public\AccountPictures [16/07/2016 12:47:48] - |RHD| - [1076] - C:\Users\Public\Desktop [12/04/2018 00:38:24] - |ASH| - [174] - C:\Users\Public\desktop.ini [16/07/2016 12:47:48] - |RD| - [278] - C:\Users\Public\Documents [16/07/2016 12:47:48] - |RD| - [174] - C:\Users\Public\Downloads [12/04/2018 00:38:20] - |RHD| - [1135] - C:\Users\Public\Libraries [16/07/2016 12:47:48] - |RD| - [380] - C:\Users\Public\Music [31/01/2019 20:09:49] - |A| - [8192] - C:\Users\Public\ntuser.dat [31/01/2019 20:09:49] - |ASH| - [8192] - C:\Users\Public\ntuser.dat.LOG1 [31/01/2019 20:09:49] - |ASH| - [0] - C:\Users\Public\ntuser.dat.LOG2 [31/01/2019 20:09:49] - |ASH| - [65536] - C:\Users\Public\ntuser.dat{1ad01634-2570-11e9-a0de-88d7f6567a7a}.TM.blf [31/01/2019 20:09:49] - |ASH| - [524288] - C:\Users\Public\ntuser.dat{1ad01634-2570-11e9-a0de-88d7f6567a7a}.TMContainer00000000000000000001.regtrans-ms [31/01/2019 20:09:49] - |ASH| - [524288] - C:\Users\Public\ntuser.dat{1ad01634-2570-11e9-a0de-88d7f6567a7a}.TMContainer00000000000000000002.regtrans-ms [16/07/2016 12:47:48] - |RD| - [380] - C:\Users\Public\Pictures [16/07/2016 12:47:48] - |RD| - [380] - C:\Users\Public\Videos ---------- | C:\ProgramData [05/06/2018 07:14:34] - |D| - [416862524] - C:\ProgramData\Adobe [02/06/2018 21:02:05] - |SHD| - [0] - C:\ProgramData\Application Data [01/07/2018 22:54:23] - |D| - [186] - C:\ProgramData\ATI [13/12/2018 17:33:43] - |D| - [882] - C:\ProgramData\AVAST Software [15/06/2018 13:00:30] - |D| - [75245] - C:\ProgramData\Brother [02/06/2018 21:02:05] - |SHD| - [0] - C:\ProgramData\Bureau [04/06/2018 09:53:01] - |D| - [815391] - C:\ProgramData\Canon_Inc_IC [16/07/2016 12:47:48] - |D| - [0] - C:\ProgramData\Comms [15/06/2018 13:01:49] - |D| - [7981] - C:\ProgramData\ControlCenter4 [02/06/2018 21:02:05] - |SHD| - [0] - C:\ProgramData\Documents [27/07/2017 15:29:40] - |A| - [0] - C:\ProgramData\DP45977C.lfl [02/01/2019 08:02:34] - |D| - [10214] - C:\ProgramData\F-Secure [31/01/2019 17:12:10] - |D| - [0] - C:\ProgramData\Kaspersky Lab Setup Files [31/01/2019 09:09:27] - |D| - [9557] - C:\ProgramData\Lavasoft [31/01/2019 16:23:58] - |D| - [9959327] - C:\ProgramData\Malwarebytes [31/01/2019 16:23:22] - |D| - [0] - C:\ProgramData\Malwarebytes' Anti-Malware (portable) [02/01/2019 08:26:57] - |D| - [524288] - C:\ProgramData\McAfee [02/06/2018 21:02:05] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [12/04/2018 00:38:20] - |SD| - [955167704] - C:\ProgramData\Microsoft [02/06/2018 22:06:39] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [02/06/2018 21:02:05] - |SHD| - [0] - C:\ProgramData\Modèles [31/01/2019 20:02:57] - |D| - [6314] - C:\ProgramData\Norton [31/01/2019 20:09:49] - |A| - [8192] - C:\ProgramData\ntuser.dat [31/01/2019 20:09:49] - |ASH| - [8192] - C:\ProgramData\ntuser.dat.LOG1 [31/01/2019 20:09:49] - |ASH| - [0] - C:\ProgramData\ntuser.dat.LOG2 [31/01/2019 20:09:49] - |ASH| - [65536] - C:\ProgramData\ntuser.dat{1ad0162d-2570-11e9-a0de-88d7f6567a7a}.TM.blf [31/01/2019 20:09:49] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{1ad0162d-2570-11e9-a0de-88d7f6567a7a}.TMContainer00000000000000000001.regtrans-ms [31/01/2019 20:09:49] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{1ad0162d-2570-11e9-a0de-88d7f6567a7a}.TMContainer00000000000000000002.regtrans-ms [27/07/2017 15:23:46] - |D| - [14060501] - C:\ProgramData\Package Cache [11/07/2018 09:09:20] - |D| - [4440064] - C:\ProgramData\Packages [09/06/2018 22:48:24] - |D| - [3840128] - C:\ProgramData\Panasonic [11/06/2018 12:31:41] - |D| - [144950364] - C:\ProgramData\Panda Security [11/06/2018 12:56:40] - |D| - [215610] - C:\ProgramData\panda_url_filtering [27/07/2017 15:32:36] - |D| - [1754486] - C:\ProgramData\Realtek [12/04/2018 00:38:20] - |D| - [5314] - C:\ProgramData\regid.1991-06.com.microsoft [12/04/2018 00:38:20] - |D| - [0] - C:\ProgramData\SoftwareDistribution [31/01/2019 08:59:10] - |D| - [89588] - C:\ProgramData\Spybot - Search & Destroy [12/04/2018 00:38:20] - |D| - [14915] - C:\ProgramData\USOPrivate [02/06/2018 20:28:22] - |D| - [5222400] - C:\ProgramData\USOShared [12/04/2018 17:23:20] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [12/04/2018 00:38:24] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [02/06/2018 21:02:05] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [12/04/2018 00:38:20] - |D| - [151890] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [29/11/2018 09:46:01] - |D| - [2694] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks [18/01/2019 08:05:01] - |A| - [2553] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk [12/04/2018 00:38:20] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [12/04/2018 00:38:20] - |RD| - [14299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [05/06/2018 07:15:36] - |A| - [2457] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [12/04/2018 00:38:20] - |RD| - [21770] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [27/07/2017 15:26:47] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center [02/06/2018 07:33:36] - |A| - [738] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistant Mise à jour de Windows 10.lnk [15/06/2018 13:02:11] - |D| - [1710] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother [04/06/2018 09:54:16] - |D| - [21836] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [13/12/2018 17:33:33] - |D| - [1002] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [12/04/2018 00:38:24] - |ASH| - [530] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [18/01/2019 08:05:01] - |A| - [2526] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk [09/06/2018 22:35:29] - |A| - [946] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk [03/06/2018 10:40:14] - |A| - [2338] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [27/07/2017 15:29:56] - |D| - [2685] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower [08/06/2018 09:08:57] - |D| - [2864] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IcoFX 1.6 [12/04/2018 00:35:21] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [21/11/2018 17:23:45] - |D| - [1259] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape 0.92.3 [07/06/2018 08:08:54] - |D| - [1189] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jeux de cartes [12/04/2018 00:38:20] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [05/06/2018 07:00:36] - |A| - [1419] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Money.lnk [05/06/2018 07:10:02] - |D| - [2377] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [03/06/2018 16:33:36] - |A| - [1285] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [02/07/2018 08:28:49] - |D| - [5363] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ObviousIdea [18/01/2019 08:05:01] - |A| - [2526] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk [18/01/2019 08:05:01] - |D| - [5273] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office [18/01/2019 08:05:01] - |A| - [2514] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk [09/06/2018 11:06:48] - |D| - [7480] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panasonic [11/06/2018 12:53:18] - |D| - [9273] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome [11/06/2018 12:53:19] - |A| - [2305] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome.lnk [31/01/2019 08:10:01] - |D| - [4188] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security [18/01/2019 08:05:01] - |A| - [2553] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk [18/01/2019 08:05:01] - |A| - [2476] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk [09/06/2018 14:27:35] - |D| - [2230] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SILKYPIX Developer Studio 3.1 SE [12/04/2018 00:38:20] - |RD| - [5254] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [12/04/2018 00:38:20] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [02/06/2018 20:45:37] - |A| - [1576] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [18/01/2019 08:05:01] - |A| - [2536] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk [04/06/2018 07:09:35] - |D| - [2275] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [12/04/2018 00:38:24] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [04/06/2018 10:04:38] - |A| - [1235] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [12/06/2018 08:18:12] - |A| - [1285] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk [09/06/2018 13:21:37] - |A| - [2560] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 8.3 PE.lnk ---------- | C:\Program Files (x86) [29/11/2018 09:45:50] - |D| - [81615352] - C:\Program Files (x86)\2BrightSparks [05/06/2018 07:15:16] - |D| - [335219402] - C:\Program Files (x86)\Adobe [27/07/2017 15:31:15] - |D| - [2652213] - C:\Program Files (x86)\ASM104xUSB3 [25/05/2017 08:22:12] - |D| - [3704278] - C:\Program Files (x86)\ASUS [27/07/2017 15:25:23] - |D| - [106392774] - C:\Program Files (x86)\ATI Technologies [15/06/2018 12:58:56] - |D| - [52550875] - C:\Program Files (x86)\Brother [15/06/2018 13:01:57] - |D| - [21816677] - C:\Program Files (x86)\Browny02 [04/06/2018 09:54:06] - |D| - [444586811] - C:\Program Files (x86)\Canon [12/04/2018 00:38:20] - |D| - [64822296] - C:\Program Files (x86)\Common Files [15/06/2018 13:01:48] - |D| - [104129671] - C:\Program Files (x86)\ControlCenter4 [12/04/2018 00:38:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [03/06/2018 10:39:16] - |D| - [462256151] - C:\Program Files (x86)\Google [27/07/2017 15:29:55] - |D| - [7531696] - C:\Program Files (x86)\ICEpower [08/06/2018 09:08:56] - |D| - [3839744] - C:\Program Files (x86)\IcoFX 1.6 [27/07/2017 15:28:35] - |HD| - [95912485] - C:\Program Files (x86)\InstallShield Installation Information [12/04/2018 00:38:20] - |D| - [2004559] - C:\Program Files (x86)\Internet Explorer [09/06/2018 14:27:14] - |D| - [47422649] - C:\Program Files (x86)\ISL [07/06/2018 08:08:52] - |D| - [9749028] - C:\Program Files (x86)\Jeux de cartes [04/06/2018 08:39:55] - |D| - [0] - C:\Program Files (x86)\Microsoft Money [05/06/2018 07:00:30] - |D| - [74424113] - C:\Program Files (x86)\Microsoft Money 2005 [25/05/2017 08:40:07] - |D| - [5312416338] - C:\Program Files (x86)\Microsoft Office [05/06/2018 07:08:03] - |D| - [42894550] - C:\Program Files (x86)\Microsoft Silverlight [09/06/2018 13:15:38] - |D| - [3242367] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [09/06/2018 13:15:38] - |D| - [343335] - C:\Program Files (x86)\Microsoft Synchronization Services [12/04/2018 00:38:20] - |D| - [8175999] - C:\Program Files (x86)\Microsoft.NET [03/06/2018 16:33:34] - |D| - [310618] - C:\Program Files (x86)\Mozilla Maintenance Service [03/06/2018 16:33:21] - |D| - [132182442] - C:\Program Files (x86)\Mozilla Thunderbird [02/06/2018 14:34:41] - |D| - [25757] - C:\Program Files (x86)\MSBuild [04/06/2018 09:36:45] - |D| - [0] - C:\Program Files (x86)\MSoft informatique [02/07/2018 08:28:41] - |D| - [34532048] - C:\Program Files (x86)\ObviousIdea [09/06/2018 11:06:48] - |D| - [252143875] - C:\Program Files (x86)\Panasonic [11/06/2018 12:52:13] - |D| - [163969478] - C:\Program Files (x86)\Panda Security [11/06/2018 12:55:52] - |D| - [9082960] - C:\Program Files (x86)\pandasecuritytb [03/07/2018 08:53:16] - |D| - [14895549] - C:\Program Files (x86)\PhotoFiltre Studio X [27/07/2017 15:28:36] - |D| - [162066571] - C:\Program Files (x86)\Realtek [02/06/2018 14:34:41] - |D| - [38458625] - C:\Program Files (x86)\Reference Assemblies [31/01/2019 08:58:49] - |D| - [11058894] - C:\Program Files (x86)\Spybot - Search & Destroy 2 [27/07/2017 15:27:12] - |HD| - [0] - C:\Program Files (x86)\Temp [12/04/2018 00:38:20] - |D| - [1831696] - C:\Program Files (x86)\Windows Defender [12/04/2018 00:38:20] - |D| - [625664] - C:\Program Files (x86)\Windows Mail [12/04/2018 17:19:21] - |D| - [3329991] - C:\Program Files (x86)\Windows Media Player [12/04/2018 00:38:20] - |D| - [40328] - C:\Program Files (x86)\Windows Multimedia Platform [12/04/2018 00:38:20] - |D| - [7607128] - C:\Program Files (x86)\windows nt [12/04/2018 00:38:20] - |D| - [5414152] - C:\Program Files (x86)\Windows Photo Viewer [12/04/2018 00:38:20] - |D| - [40328] - C:\Program Files (x86)\Windows Portable Devices [12/04/2018 00:38:20] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [12/04/2018 00:38:20] - |D| - [2373613] - C:\Program Files (x86)\WindowsPowerShell [04/06/2018 07:09:27] - |D| - [57249452] - C:\Program Files (x86)\XnView ---------- | C:\Program Files [27/07/2017 15:25:25] - |D| - [35313795] - C:\Program Files\AMD [13/12/2018 17:33:29] - |D| - [41120200] - C:\Program Files\CCleaner [12/04/2018 00:38:20] - |D| - [190680395] - C:\Program Files\Common Files [12/04/2018 00:38:23] - |ASH| - [174] - C:\Program Files\desktop.ini [02/06/2018 21:02:05] - |SHD| - [0] - C:\Program Files\Fichiers communs [09/06/2018 22:34:39] - |D| - [302022135] - C:\Program Files\GIMP 2 [21/11/2018 17:23:45] - |D| - [381100570] - C:\Program Files\Inkscape [12/04/2018 00:38:20] - |D| - [2636378] - C:\Program Files\internet explorer [25/05/2017 08:40:03] - |D| - [8663488] - C:\Program Files\Microsoft Office 15 [05/06/2018 07:08:03] - |D| - [55728894] - C:\Program Files\Microsoft Silverlight [09/06/2018 13:15:45] - |D| - [4421503] - C:\Program Files\Microsoft SQL Server Compact Edition [09/06/2018 13:15:45] - |D| - [343335] - C:\Program Files\Microsoft Synchronization Services [02/06/2018 14:34:41] - |D| - [25757] - C:\Program Files\MSBuild [11/06/2018 12:56:38] - |D| - [1058096] - C:\Program Files\Panda Security URL Filtering [27/07/2017 15:29:23] - |D| - [42772048] - C:\Program Files\Realtek [02/06/2018 14:34:41] - |D| - [36859049] - C:\Program Files\Reference Assemblies [02/06/2018 09:26:05] - |D| - [52032750] - C:\Program Files\rempl [25/05/2017 06:26:34] - |HD| - [0] - C:\Program Files\Uninstall Information [12/04/2018 00:38:20] - |RD| - [19664791] - C:\Program Files\Windows Defender [12/04/2018 00:38:20] - |D| - [635392] - C:\Program Files\Windows Mail [12/04/2018 17:19:21] - |D| - [4901867] - C:\Program Files\Windows Media Player [12/04/2018 00:38:20] - |D| - [46576] - C:\Program Files\Windows Multimedia Platform [12/04/2018 00:38:20] - |D| - [7873880] - C:\Program Files\windows nt [12/04/2018 00:38:20] - |D| - [6214408] - C:\Program Files\Windows Photo Viewer [12/04/2018 00:38:20] - |D| - [46576] - C:\Program Files\Windows Portable Devices [12/04/2018 00:38:20] - |D| - [106165] - C:\Program Files\Windows Security [12/04/2018 00:38:20] - |SHD| - [0] - C:\Program Files\Windows Sidebar [12/04/2018 00:38:20] - |HD| - [2656963304] - C:\Program Files\WindowsApps [12/04/2018 00:38:20] - |D| - [2654103] - C:\Program Files\WindowsPowerShell ---------- | C:\Program Files (x86)\Common Files [05/06/2018 07:15:16] - |D| - [23543988] - C:\Program Files (x86)\Common Files\Adobe [04/06/2018 09:54:05] - |D| - [5366401] - C:\Program Files (x86)\Common Files\Canon_Inc_IC [20/10/2018 18:03:45] - |D| - [23320] - C:\Program Files (x86)\Common Files\DESIGNER [09/06/2018 13:22:44] - |D| - [4056703] - C:\Program Files (x86)\Common Files\InstallShield [12/04/2018 00:38:20] - |D| - [21287667] - C:\Program Files (x86)\Common Files\microsoft shared [09/06/2018 13:15:58] - |D| - [708160] - C:\Program Files (x86)\Common Files\Panasonic [12/04/2018 00:38:20] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [12/04/2018 00:38:20] - |D| - [9833355] - C:\Program Files (x86)\Common Files\system ---------- | C:\Program Files\Common files [27/07/2017 15:26:05] - |D| - [5788448] - C:\Program Files\Common files\ATI Technologies [31/01/2019 17:18:39] - |D| - [791232] - C:\Program Files\Common files\AV [13/12/2018 17:35:52] - |D| - [0] - C:\Program Files\Common files\AVAST Software [12/04/2018 00:38:20] - |D| - [173559634] - C:\Program Files\Common files\microsoft shared [12/04/2018 00:38:20] - |D| - [2702] - C:\Program Files\Common files\Services [12/04/2018 00:38:20] - |D| - [10538379] - C:\Program Files\Common files\system ---------- | Tasks [MD5.8B7F6234F7511BB3D8CA5CA5A7949CEF] - [03/01/2019 11:17:17] - |A| - [214] - C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [02/06/2018 21:01:42] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.00000000000000000000000000000000] - [29/11/2018 09:46:18] - |D| - [4196] - C:\WINDOWS\System32\Tasks\2BrightSparks [MD5.2E7D60730337ED1CBFB7A1AC722B2786] - [05/06/2018 07:15:55] - |A| - [4562] - C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.00000000000000000000000000000000] - [02/06/2018 21:01:41] - |D| - [2472] - C:\WINDOWS\System32\Tasks\ASUS [MD5.00000000000000000000000000000000] - [13/12/2018 17:37:48] - |D| - [3996] - C:\WINDOWS\System32\Tasks\Avast Software [MD5.B6204ED70ED48ED1A528A07C5B5CE508] - [13/12/2018 17:33:34] - |A| - [3936] - C:\WINDOWS\System32\Tasks\CCleaner Update : C:\Program Files\CCleaner\CCUpdate.exe [MD5.E386A3E2CD15BB9A05321D229DCECC84] - [13/12/2018 17:33:35] - |A| - [2872] - C:\WINDOWS\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.DC1E987816A027CAA620716B32D2366B] - [03/06/2018 10:39:17] - |A| - [3464] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.2ED913F3DB42FA8DDE35219D14BD566D] - [03/06/2018 10:39:18] - |A| - [3588] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [02/06/2018 21:01:41] - |D| - [4248] - C:\WINDOWS\System32\Tasks\McAfee [MD5.00000000000000000000000000000000] - [12/04/2018 00:38:21] - |D| - [610644] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.9717C1E7A2BF029E611458C4073C36B2] - [02/06/2018 21:01:42] - |A| - [3360] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1804058015-178936653-3311423861-1002 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.00000000000000000000000000000000] - [17/10/2018 14:44:32] - |D| - [3364] - C:\WINDOWS\System32\Tasks\S-1-5-21-1804058015-178936653-3311423861-1002 [MD5.00000000000000000000000000000000] - [31/01/2019 08:59:47] - |D| - [0] - C:\WINDOWS\System32\Tasks\Safer-Networking [MD5.1A2AE2717D42A24CFE7F29105ECB9E87] - [07/10/2018 10:08:48] - |A| - [4160] - C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{24253C51-43B9-4062-8595-F321BEC551E8} : C:\WINDOWS\system32\msfeedssync.exe [MD5.00000000000000000000000000000000] - [12/04/2018 00:38:21] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "WiFiDirect-KM-Driver-In-TCP"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-TCP"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-UDP"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-UDP"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "DeliveryOptimization-TCP-In"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "Netlogon-NamedPipe-In"=v2.28|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.28|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Infra-In-TCP"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "{8D03D000-816E-45FB-A280-2C6B38729ED3}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=ASUS PhotoDirector|Desc=ASUS PhotoDirector|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-1622382386-1157337421-3421106091-1332257571-1628388172-863848982-2581186994|EmbedCtxt=ASUS PhotoDirector|Platform=2:6:2|Platform2=GTEQ| "{B2EAA58C-DC15-49B5-BE04-9B6638C4F8C3}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-1804058015-178936653-3311423861-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{9ECB0F17-F694-4A8B-873E-76843831A9F9}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{5AE1C809-01BE-4764-ADF8-71AECBFD6FD3}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Shell Input Application|Desc=Shell Input Application|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-3945102849-3632965805-3846928828-240845225-3300287824-62672950-817265009|EmbedCtxt=Shell Input Application|Platform=2:6:2|Platform2=GTEQ| "{2CEF29CD-8BD3-4B63-917E-F0A54354905E}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Win32WebViewHost|Desc=Win32WebViewHost|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-1310292540-1029022339-4008023048-2190398717-53961996-4257829345-603366646|EmbedCtxt=Win32WebViewHost|Platform=2:6:2|Platform2=GTEQ| "{351D4E67-E813-4EE3-9ED3-ABAE17924D42}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Win32WebViewHost|Desc=Win32WebViewHost|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-1310292540-1029022339-4008023048-2190398717-53961996-4257829345-603366646|EmbedCtxt=Win32WebViewHost|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{F7B5A2B9-5470-4263-A8D6-A851FF4AE9C6}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Pay|Desc=Microsoft Pay|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Microsoft Pay|Platform=2:6:2|Platform2=GTEQ| "{03879D17-5E01-454B-A829-D276B510ADBC}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{25870KingGameClub.BlockPuzzleJewels_1.1.0.0_x86__kjn7k3as4k13c?ms-resource://25870KingGameClub.BlockPuzzleJewels/Resources/AppName}|Desc=@{25870KingGameClub.BlockPuzzleJewels_1.1.0.0_x86__kjn7k3as4k13c?ms-resource://25870KingGameClub.BlockPuzzleJewels/Resources/AppName}|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-2073988120-165056252-2101785000-3946590733-1967508957-2516876111-3357317816|EmbedCtxt=@{25870KingGameClub.BlockPuzzleJewels_1.1.0.0_x86__kjn7k3as4k13c?ms-resource://25870KingGameClub.BlockPuzzleJewels/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{839C5FF7-8FA2-40A9-9E21-3A1B18DC7EF1}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=ASUS Five in A Row|Desc=ASUS Five in A Row|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-442321797-529175650-3627004810-1195674849-613710278-2351517745-1617128137|EmbedCtxt=ASUS Five in A Row|Platform=2:6:2|Platform2=GTEQ| "{EA46CA3C-2C83-4A17-9015-D24B2BDFC84D}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=ASUS Five in A Row|Desc=ASUS Five in A Row|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-442321797-529175650-3627004810-1195674849-613710278-2351517745-1617128137|EmbedCtxt=ASUS Five in A Row|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|TTK=Proximity| "{FB7CCB34-F9F6-45C0-A58B-B18EC19CE000}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Public|IFType=Wireless|Name=ASUS Five in A Row|Desc=ASUS Five in A Row|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-442321797-529175650-3627004810-1195674849-613710278-2351517745-1617128137|EmbedCtxt=ASUS Five in A Row|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|TTK2_22=WFDDevices| "{95E922B8-3B26-4606-9F64-809D1005780F}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Name=ASUS Five in A Row|Desc=ASUS Five in A Row|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-442321797-529175650-3627004810-1195674849-613710278-2351517745-1617128137|EmbedCtxt=ASUS Five in A Row|Platform=2:6:2|Platform2=GTEQ|TTK=Proximity| "{6ED38B1E-B7BF-4EF0-A2AE-228A1C81A2E2}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Public|IFType=Wireless|Name=ASUS Five in A Row|Desc=ASUS Five in A Row|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-442321797-529175650-3627004810-1195674849-613710278-2351517745-1617128137|EmbedCtxt=ASUS Five in A Row|Platform=2:6:2|Platform2=GTEQ|TTK2_22=WFDDevices| "{6018E7DF-CEEE-439B-92DC-2C46C470258D}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=ASUS PowerDirector|Desc=ASUS PowerDirector|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-778961134-1301585269-2123145982-3371764608-515148324-3902264362-3432744609|EmbedCtxt=ASUS PowerDirector|Platform=2:6:2|Platform2=GTEQ| "{D1053B52-6C52-47F9-8AD4-53ADE6EFC83F}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\pandasecuritytb\cleanupie.exe|Name=Panda Safe Web IE Cleaner| "{87D2415C-5672-424A-A2A0-3EE02A55AC60}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\pandasecuritytb\cleanupie.exe|Name=Panda Safe Web IE Cleaner| "{2E879663-C0B6-40CC-8012-517544A0FE4F}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe|Name=ToolbarCleaner| "{8214054A-86DA-4EAE-AF75-428A8B8CB7F5}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe|Name=ToolbarCleaner| "{C25F3DAC-36C4-4AD9-8ABA-2EA764897042}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=54925|Name=Brother| "{6CFE7BE9-6430-44D8-84A3-90DBA9454DCC}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe|Name=Canon EOS UPNP Detector| "{335872C8-42DC-4F36-BD1B-153AB8EBA9ED}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe|Name=Canon EOS UPNP Detector| "{C58059B6-B184-4E19-BD29-117E8945A021}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{ACC5D99F-C245-47B3-B34C-1580B9C6830A}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{23129178-4CFA-48BE-8F88-A3B56CE8A27B}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=3D Builder|Desc=3D Builder|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-3995430443-3719053022-3339397951-2895237338-2437516106-1575886070-2755610054|EmbedCtxt=3D Builder|Platform=2:6:2|Platform2=GTEQ| "{8E5082A8-83BA-473B-9F82-05C6EA8B15D3}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{7DC25647-D2D2-4DD5-A77E-9C5FDFEAF588}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{3F88BDE9-2A38-4423-9095-B6F16400F3DB}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox gaming overlay|Desc=Xbox gaming overlay|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-1714399563-1326177402-2048222277-143663168-2151391019-765408921-4098702777|EmbedCtxt=Xbox gaming overlay|Platform=2:6:2|Platform2=GTEQ| "{B28E43E4-D6ED-472E-A916-0DE690A7A338}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{D5DC393E-AB1A-482E-9B64-5726C3738A98}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{07EBFB5C-33DD-43CE-B5B8-574492D11DA6}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{A278AB0D.MarchofEmpires_3.7.0.7_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|Desc=@{A278AB0D.MarchofEmpires_3.7.0.7_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-792116756-2163651165-1029707900-2144380252-3717869303-3061844081-355238664|EmbedCtxt=@{A278AB0D.MarchofEmpires_3.7.0.7_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|Platform=2:6:2|Platform2=GTEQ| "{FACE277A-796F-4EFF-B8F0-789BD1012762}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{A278AB0D.MarchofEmpires_3.7.0.7_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|Desc=@{A278AB0D.MarchofEmpires_3.7.0.7_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-792116756-2163651165-1029707900-2144380252-3717869303-3061844081-355238664|EmbedCtxt=@{A278AB0D.MarchofEmpires_3.7.0.7_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|Platform=2:6:2|Platform2=GTEQ| "{D18AEF0F-98C0-494A-9F06-F5C6E5A95D6F}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{1B4ECF50-2E84-44BB-8B91-F9C9434C03E1}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{1D01F5A7-883B-47FC-9594-B4B8EDCCB2D6}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ| "{FE6D024D-DBB3-42AF-9A6A-611F8337EC5A}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "{CD965ADC-F65A-485C-9EBA-A9294DB0FE21}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Mahjong Deluxe Free|Desc=Mahjong Deluxe Free|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-4187263426-906180680-2521870860-4075106287-521558916-3048430258-1194115164|EmbedCtxt=Mahjong Deluxe Free|Platform=2:6:2|Platform2=GTEQ| "{D201D953-B888-4F2F-9907-60ED04509387}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Panda Security\Panda Secure Vault\PasswordDepot.exe|Name=Password Depot 11| "{EA6A5E28-5C6F-435B-8CFA-4007F0688EA6}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Panda Security\Panda Secure Vault\PasswordDepot.exe|Name=Password Depot 11| "{F5C94DCF-095D-4DB6-BFCC-982AD21B5538}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Panda Security\Panda Secure Vault\pdUpdater.exe|Name=Password Depot 11 Updates| "{8653E96C-55CF-4CEF-92F1-FE3A36930839}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Panda Security\Panda Secure Vault\pdUpdater.exe|Name=Password Depot 11 Updates| "{5BEC82A8-E3B8-4820-9D1A-3D58DC991BC6}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\CCleaner\CCUpdate.exe|Name=CCleaner Update| "{2B45EB8C-1458-4679-AF2C-19128A2481FC}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\CCleaner\CCUpdate.exe|Name=CCleaner Update| "{1C6B35D6-460F-4C2D-8708-EAAF3D7576FD}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game bar|Desc=Xbox Game bar|LUOwn=S-1-5-21-1804058015-178936653-3311423861-1002|AppPkgId=S-1-15-2-1823635404-1364722122-2170562666-1762391777-2399050872-3465541734-3732476201|EmbedCtxt=Xbox Game bar|Platform=2:6:2|Platform2=GTEQ| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1E1EDBFB-642E-48AF-A602-8EE25DB9D1FC}] : (PSINFile) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{74132997-900D-482A-9F2C-68C4E4F68132}] : (PSINProt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{78A1C341-4539-11D3-B88D-00C04FAD5171}] : (mfesapsn) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b2728d24-ac56-42db-9e02-8edaf5db652f}] : (RDCamera) [] -> @rdcameradriver.inf,%ClassName%;Remote Desktop Camera devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{BC4A8197-8B77-4253-8670-1526DCB2CA08}] : (PSINReg) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D6CD03D8-AC95-4EE2-ABA5-DBC70B014E75}] : (PSINProc) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D7FDC164-2F5B-4D33-931D-7CF4B9500039}] : (PSINAflt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E004269C-D387-4461-B955-25A64CFE23CE}] : (amdkmdag) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e6f1aa1c-7f3b-4473-b2e8-c97d8ac71d53}] : (UCM) [] -> @c_ucm.inf,%ClassDesc%;USB Connector Managers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [26/09/2017 06:51:04] - (6.0.0.68) - (Panda Security, S.L. - Network Activity Hook Server LWF) - C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [30/01/2018 14:19:46] - (4.0.3.3) - (Panda Security, S.L. - PSINKNC Kernel Controller for WLH64) - C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [06/11/2017 07:07:22] - (1.5.0.264) - (Panda Security, S.L. - Transport Layer Session Colorizer) - C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [06/11/2017 07:07:08] - (1.9.0.281) - (Panda Security, S.L. - Streamer) - C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [06/11/2017 07:06:58] - (1.4.0.174) - (Panda Security, S.L. - Smtp Parser) - C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [06/11/2017 07:06:52] - (5.0.0.274) - (Panda Security, S.L. - Network Provider) - C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [06/11/2017 07:06:48] - (5.3.0.265) - (Panda Security, S.L. - Network Protector) - C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [06/11/2017 07:06:40] - (1.6.0.244) - (Panda Security, S.L. - Pop3 Parser) - C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [06/11/2017 07:02:16] - (1.3.0.134) - (Panda Security, S.L. - Process Info Hook Server WFP) - C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [06/11/2017 07:02:08] - (1.3.0.257) - (Panda Security, S.L. - Process Info Colorizer Client) - C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [06/11/2017 07:01:58] - (1.4.0.260) - (Panda Security, S.L. - Intrusion Detection System) - C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [06/11/2017 07:01:54] - (1.7.0.109) - (Panda Security, S.L. - Https Parser) - C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [06/11/2017 07:01:24] - (1.7.0.270) - (Panda Security, S.L. - Http Parser) - C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [06/11/2017 07:01:10] - (1.3.0.261) - (Panda Security, S.L. - Application Layer Protocol Colorizer) - C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [25/05/2017 08:22:12] - (0.0.0.0) - ( -) - C:\WINDOWS\SysWow64\drivers\AsIO.sys [05/06/2015 23:13:28] - (1.16.26.1) - (ASMedia Technology Inc - ASMEDIA XHCI Host Controller Driver) - C:\WINDOWS\System32\drivers\asmtxhci.sys [05/06/2015 23:13:28] - (1.16.26.1) - (ASMedia Technology Inc - ASMedia USB3 Hub Driver) - C:\WINDOWS\System32\drivers\asmthub3.sys [08/11/2017 23:43:06] - (4.0.3.3) - (Panda Security, S.L. - PSINAflt Filter Driver for WLH64) - C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [17/10/2017 02:31:30] - (4.0.3.2) - (Panda Security, S.L. - PSINProt for WLH64) - C:\WINDOWS\system32\DRIVERS\PSINProt.sys [23/01/2018 01:59:12] - (4.0.3.4) - (Panda Security, S.L. - PSINFile Filter Driver for W764) - C:\WINDOWS\system32\DRIVERS\PSINFile.sys [17/10/2017 02:31:24] - (4.0.3.0) - (Panda Security, S.L. - PSINProc Filter Driver for WLH64) - C:\WINDOWS\system32\DRIVERS\PSINProc.sys [17/10/2017 02:31:36] - (4.0.3.0) - (Panda Security, S.L. - PSINFile Filter Driver for WLH64) - C:\WINDOWS\system32\DRIVERS\PSINReg.sys [19/03/2014 21:42:54] - (2.1.0.1) - (Visicom Media Inc. - Visicom Media Anti-phishing Domain Advisor (Powered by Panda Security)) - C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [11/06/2018 12:55:50] - (1.0.0.19) - (Panda Security, S.L. - Panda Kernel Memory Access Driver (x64)) - C:\WINDOWS\System32\DRIVERS\PSKMAD.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - amdkmpfd (@oem8.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter) -> System32\drivers\amdkmpfd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - amdpsp (@oem39.inf,%amdpsp.SVCDESC%;AMD PSP Service) -> system32\DRIVERS\amdpsp.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - bttflt (@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter) -> System32\drivers\bttflt.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - cht4iscsi () -> System32\drivers\cht4sx64.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorAVC (@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller) -> System32\drivers\iaStorAVC.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-101) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - ItSas35i () -> System32\drivers\ItSas35i.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas35i () -> System32\drivers\megasas35i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;Pilote de bus PCI) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> system32\DRIVERS\ramdisk.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - SgrmAgent (@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001) -> system32\drivers\SgrmAgent.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> system32\drivers\WdBoot.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> system32\drivers\WdFilter.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - afunix (afunix) -> \SystemRoot\system32\drivers\afunix.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - bam (@%SystemRoot%\system32\drivers\bam.sys,-100) -> system32\drivers\bam.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NNSALPC (NNSALPC) -> \SystemRoot\system32\DRIVERS\NNSALPC.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NNSHTTP (NNSHTTP) -> \SystemRoot\system32\DRIVERS\NNSHTTP.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NNSHTTPS (NNSHTTPS) -> \SystemRoot\system32\DRIVERS\NNSHTTPS.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NNSIDS (NNSIDS) -> \SystemRoot\system32\DRIVERS\NNSIDS.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NNSNAHSL (NNSNAHSL) -> \SystemRoot\system32\DRIVERS\NNSNAHSL.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NNSPICC (NNSPICC) -> \SystemRoot\system32\DRIVERS\NNSPICC.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NNSPIHSW (NNSPIHSW) -> \SystemRoot\system32\DRIVERS\NNSPIHSW.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NNSPOP3 (NNSPOP3) -> \SystemRoot\system32\DRIVERS\NNSPOP3.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NNSPROT (NNSPROT) -> \SystemRoot\system32\DRIVERS\NNSPROT.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NNSPRV (NNSPRV) -> \SystemRoot\system32\DRIVERS\NNSPRV.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NNSSMTP (NNSSMTP) -> \SystemRoot\system32\DRIVERS\NNSSMTP.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NNSSTRM (NNSSTRM) -> \SystemRoot\system32\DRIVERS\NNSSTRM.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NNSTLSC (NNSTLSC) -> \SystemRoot\system32\DRIVERS\NNSTLSC.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - PSINKNC (PSINKNC) -> \SystemRoot\system32\DRIVERS\PSINKNC.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> system32\drivers\cldflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PSINAflt (PSINAflt) -> \SystemRoot\system32\DRIVERS\PSINAflt.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - PSINFile (PSINFile) -> system32\DRIVERS\PSINFile.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - PSINProc (PSINProc) -> system32\DRIVERS\PSINProc.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PSINProt (PSINProt) -> \SystemRoot\system32\DRIVERS\PSINProt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PSINReg (PSINReg) -> \SystemRoot\system32\DRIVERS\PSINReg.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\GIMP-2_is1] : (GIMP 2.8.22.-.The GIMP Team) -> "C:\Program Files\GIMP 2\uninst\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{04AA7B01-001C-D226-81E4-CD691FE95BDF}] : (AMD Catalyst Install Manager.-.Advanced Micro Devices, Inc.) -> msiexec /q/x{04AA7B01-001C-D226-81E4-CD691FE95BDF} REBOOT=ReallySuppress ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{164FCE8D-F002-E654-1059-51C27A7E2159}] : (ccc-utility64.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2D17A736-B95E-411E-9397-6C5F16EA26BE}] : (Panda Dome.-.Panda Security) -> MsiExec.exe /X{2D17A736-B95E-411E-9397-6C5F16EA26BE} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{81922150-317E-4BB0-A31D-FF1C14F707C5}] : (Inkscape 0.92.3.-.Inkscape project) -> MsiExec.exe /I{81922150-317E-4BB0-A31D-FF1C14F707C5} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\BRcolumns] : (BRcolumns.-.) -> "c:\brcolumns\Uninstal.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Panda Devices Agent] : (Panda Devices Agent.-.Panda Security) -> MsiExec.exe /X{3F9548B2-0B34-4453-A92E-35056B053F19} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\pandasecuritytb] : (Panda Safe Web.-.Panda Security and Visicom Media Inc.) -> C:\Program Files (x86)\pandasecuritytb\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{05010BC9-C408-9C96-82A1-5E06DB0E9103}] : (CCC Help Japanese.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{075C507A-D538-82EF-8330-D731844CAE73}] : (Catalyst Control Center InstallProxy.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{07D381EA-B326-AD96-EA86-46661C6D7F47}] : (CCC Help Polish.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0A04086B-0B71-43C3-95EF-FDFC4C18D161}] : (SILKYPIX Developer Studio 3.1 SE.-.Ichikawa Soft Laboratory) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0B226409-96A6-47F0-84D8-89223B6F9479}] : (DeviceDetect.-.Brother Industries Ltd.) -> MsiExec.exe /I{0B226409-96A6-47F0-84D8-89223B6F9479} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1E416E49-F8A0-B74B-270B-3BE771C56476}] : (CCC Help Thai.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{30DB8E4D-77F8-B1A5-E930-5DD2DFD108CD}] : (CCC Help Dutch.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}] : (HowToGuide.-.Brother Industries Ltd.) -> MsiExec.exe /I{36580EEB-4EDF-4880-BBD4-097E2C645ECD} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3992DE9F-0871-35A6-FB71-4CB81C9ED925}] : (CCC Help Norwegian.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3F9548B2-0B34-4453-A92E-35056B053F19}] : (Panda Devices Agent.-.Panda Security) -> MsiExec.exe /X{3F9548B2-0B34-4453-A92E-35056B053F19} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3FF05736-5C80-82A9-12BF-DBAEBD79C224}] : (CCC Help Chinese Traditional.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{43FF12DE-F794-6E97-5D01-BA61DAF5DFBA}] : (CCC Help Greek.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4694AD3E-D4A2-4D98-9848-662A0475E872}] : (NetworkRepairTool.-.Brother Insutries Ltd.) -> MsiExec.exe /X{4694AD3E-D4A2-4D98-9848-662A0475E872} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4E461C2A-EC1C-46D1-AF5B-7FEFD0054AF8}] : (BrotherHelpInstaller.-.Brother) -> MsiExec.exe /I{4E461C2A-EC1C-46D1-AF5B-7FEFD0054AF8} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{523276A4-5779-4105-9163-CA1CF94EC533}] : (UsbRepairTool.-.Brother Insutries Ltd.) -> MsiExec.exe /X{523276A4-5779-4105-9163-CA1CF94EC533} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}] : (AudioWizard.-.ICEpower a/s) -> MsiExec.exe /X{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5A2F0B66-CDA7-B139-FB3E-FF2CE1504569}] : (CCC Help Turkish.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}] : (ScannerUtilityInstaller.-.Brother) -> MsiExec.exe /I{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{63F05A8B-3183-735A-1081-4AEA964C2AA9}] : (AMD Catalyst Control Center.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6D094EE2-4323-BEA9-346D-E0DE214079EA}] : (CCC Help Korean.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{73A5C02A-480B-255B-21C8-B3223EBB71FA}] : (CCC Help Russian.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7C40ADB8-AD6E-4CDF-94A1-06ACDC99F90F}] : (AppLogLibSetup.-.Brother Industries Ltd.) -> MsiExec.exe /X{7C40ADB8-AD6E-4CDF-94A1-06ACDC99F90F} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{809F31FF-7ED2-4E11-9BE2-10A6A4FC7242}] : (Catalyst Control Center - Branding.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /I{809F31FF-7ED2-4E11-9BE2-10A6A4FC7242} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8281F578-2B02-4E98-956F-64E5D60D761B}] : (Brother Printer Driver.-.Brother Industries Ltd.) -> MsiExec.exe /I{8281F578-2B02-4E98-956F-64E5D60D761B} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{86D16055-3C14-44C6-BCD7-5514B83BAD34}] : (StatusMonitor.-.Brother Insutries Ltd.) -> MsiExec.exe /I{86D16055-3C14-44C6-BCD7-5514B83BAD34} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8C7D9F56-D708-47BC-A7D0-E7DD8DE068A9}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8D6B05E0-F457-408C-9D13-549334D8FAE1}] : (Device Setup.-.ASUSTek COMPUTER INC.) -> MsiExec.exe /I{8D6B05E0-F457-408C-9D13-549334D8FAE1} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9483AB22-92AA-4161-9E79-DE77B71949DA}] : (BrLauncher.-.Brother Industries Ltd.) -> MsiExec.exe /I{9483AB22-92AA-4161-9E79-DE77B71949DA} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9ADB625A-7F6D-4C48-9058-4767A55D5424}] : (ControlCenter4.-.Brother Insutries Ltd.) -> MsiExec.exe /X{9ADB625A-7F6D-4C48-9058-4767A55D5424} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A46EC459-7EC3-0F7B-9D96-6E2FD6382EA9}] : (CCC Help German.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A9DEC7FC-B768-835D-2BAD-D10DCC7DB9C7}] : (CCC Help Portuguese.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824298644}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824298644} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}] : (Adobe Acrobat Reader DC - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AC0F074E4100} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AD93E54A-6E03-66F0-B626-235AB8112332}] : (CCC Help Italian.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}] : (OEM Application Profile.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B761D3BC-FC2F-9D55-5648-4F41DAFD52E8}] : (CCC Help Finnish.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BD232308-D4E5-CE52-7F90-25015D3F989C}] : (CCC Help Danish.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CF02572C-1D7D-85CB-7CE9-68ABEFFC4292}] : (CCC Help Swedish.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CFE62A06-53DA-13A6-3B4A-766E7F717759}] : (CCC Help Hungarian.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D0FD12A1-8CAF-BEB0-E925-2F35B5CD7659}] : (Catalyst Control Center Localization All.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D4C08A8D-F0D7-E850-2700-1F1D9072DD37}] : (CCC Help Spanish.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D717FB62-6082-DAED-E681-4BC2B93A1247}] : (CCC Help Czech.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DF475014-74EA-9B47-4355-F648468D4C7C}] : (CCC Help Chinese Standard.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}] : (Asmedia USB Host Controller Driver.-.Asmedia Technology) -> MsiExec.exe /X{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E9A086F3-E0CB-4E91-AABE-586D99788BC3}] : (BrLogRx.-.Brother Industries Ltd.) -> MsiExec.exe /I{E9A086F3-E0CB-4E91-AABE-586D99788BC3} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F65ADB61-2DD6-ACB8-3F05-242C7B733467}] : (CCC Help French.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F8F9EB58-33BA-4FF8-80E7-66D87D2E0C3C}] : (BrSupportTools.-.Brother Industries Ltd.) -> MsiExec.exe /I{F8F9EB58-33BA-4FF8-80E7-66D87D2E0C3C} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F98C83EC-0334-4F4E-8AC0-211DAC81ED35}] : (Brother Scanner Driver.-.Brother Industries Ltd.) -> MsiExec.exe /I{F98C83EC-0334-4F4E-8AC0-211DAC81ED35} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FDB15CD6-7D46-ACFA-8BB5-85980C1492C9}] : (CCC Help English.-.Advanced Micro Devices, Inc.) -> ---------- | Ports ---------- | Installer [HKCR\Installer\Products\00006109C80000000000000000F01FEC] : Office 16 Click-to-Run Extensibility Component [HKCR\Installer\Products\00006109C80001400000000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109C80031400000000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109C80040400000000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109C80040800000000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109C80041400000000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109C80060400000000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109C80061800000000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109C80070400000000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109C80080400000000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109C80090400000000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109C800A0C00000000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109C800B0400000000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109C800C0400000000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109C800D1400000000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109C800F1400000000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109DD0000000100000000F01FEC] : Office 16 Click-to-Run Extensibility Component 64-bit Registration [HKCR\Installer\Products\00006109F80000000100000000F01FEC] : Office 16 Click-to-Run Licensing Component [HKCR\Installer\Products\05122918E7130BB43AD1FFC1417F705C] : Inkscape 0.92.3 -> C:\WINDOWS\Installer\{81922150-317E-4BB0-A31D-FF1C14F707C5}\inkscape.ico [HKCR\Installer\Products\0E50B6D8754FC804D9314539438DAF1E] : Device Setup -> C:\Windows\Installer\{8D6B05E0-F457-408C-9D13-549334D8FAE1}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\10B7AA40C100622D184EDC96F19EB5FD] : AMD Catalyst Install Manager -> C:\Windows\Installer\{04AA7B01-001C-D226-81E4-CD691FE95BDF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\16BDA56F6DD28BCAF35042C2B7374376] : CCC Help French -> C:\Windows\Installer\{F65ADB61-2DD6-ACB8-3F05-242C7B733467}\ARPPRODUCTICON.exe [HKCR\Installer\Products\1A21DF0DFAC80BEB9E52F2535BDC6795] : Catalyst Control Center Localization All -> C:\Windows\Installer\{D0FD12A1-8CAF-BEB0-E925-2F35B5CD7659}\ARPPRODUCTICON.exe [HKCR\Installer\Products\22BA3849AA291614E997ED777B9194AD] : BrLauncher [HKCR\Installer\Products\26BF717D2806DEAD6E18B42C9BA32174] : CCC Help Czech -> C:\Windows\Installer\{D717FB62-6082-DAED-E681-4BC2B93A1247}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2A077E75FAB2AAC4AB3ADB98E622453D] : AudioWizard -> C:\Windows\Installer\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2B8459F343B035449AE25350B650F391] : Panda Devices Agent -> C:\WINDOWS\Installer\{3F9548B2-0B34-4453-A92E-35056B053F19}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2EE490D632349AEB43D60EED120497AE] : CCC Help Korean -> C:\Windows\Installer\{6D094EE2-4323-BEA9-346D-E0DE214079EA}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2EF546B59E9151B45B2BD378666FAF72] : ScannerUtilityInstaller [HKCR\Installer\Products\3F680A9EBC0E19E4AAEB85D69987B83C] : BrLogRx [HKCR\Installer\Products\410574FDAE4774B934556F8464D8C4C7] : CCC Help Chinese Standard -> C:\Windows\Installer\{DF475014-74EA-9B47-4355-F648468D4C7C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\490D418FF7918C3478AF2301BB874068] : Update for Windows 10 for x64-based Systems (KB4023057) [HKCR\Installer\Products\4A672325977550141936ACC19FE45C33] : UsbRepairTool [HKCR\Installer\Products\55061D6841C36C44CB7D55418BB3DA43] : StatusMonitor [HKCR\Installer\Products\60A26EFCAD356A31B3A467E6F7177795] : CCC Help Hungarian -> C:\Windows\Installer\{CFE62A06-53DA-13A6-3B4A-766E7F717759}\ARPPRODUCTICON.exe [HKCR\Installer\Products\63750FF308C59A2821FBBDEADB972C42] : CCC Help Chinese Traditional -> C:\Windows\Installer\{3FF05736-5C80-82A9-12BF-DBAEBD79C224}\ARPPRODUCTICON.exe [HKCR\Installer\Products\637A71D2E59BE1143979C6F561AE62EB] : Panda Dome [HKCR\Installer\Products\66B0F2A57ADC931BBFE3FFC21E055496] : CCC Help Turkish -> C:\Windows\Installer\{5A2F0B66-CDA7-B139-FB3E-FF2CE1504569}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA408033019195008142926844] : Adobe Refresh Manager -> C:\WINDOWS\Installer\{AC76BA86-0804-1033-1959-001824298644}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA76301B744CAF070E41400] : Adobe Acrobat Reader DC - Français -> C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico [HKCR\Installer\Products\6DC51BDF64D7AFCAB85B5889C041299C] : CCC Help English -> C:\Windows\Installer\{FDB15CD6-7D46-ACFA-8BB5-85980C1492C9}\ARPPRODUCTICON.exe [HKCR\Installer\Products\803232DB5E4D25ECF7095210D5F389C9] : CCC Help Danish -> C:\Windows\Installer\{BD232308-D4E5-CE52-7F90-25015D3F989C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\85BE9F8FAB338FF4087E668DD7E2C0C3] : BrSupportTools [HKCR\Installer\Products\875F182820B289E459F6465E6DD067B1] : Brother Printer Driver [HKCR\Installer\Products\8BDA04C7E6DAFDC4491A60CACD999FF0] : AppLogLibSetup [HKCR\Installer\Products\904622B06A690F74488D9822B3F64997] : DeviceDetect [HKCR\Installer\Products\93B0BF4E199C7EE459DDA1A187753DD3] : Asmedia USB Host Controller Driver -> C:\Windows\Installer\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\94E614E10A8FB47B72B0B37E175C4667] : CCC Help Thai -> C:\Windows\Installer\{1E416E49-F8A0-B74B-270B-3BE771C56476}\ARPPRODUCTICON.exe [HKCR\Installer\Products\954CE64A3CE7B7F0D969E6F26D83E29A] : CCC Help German -> C:\Windows\Installer\{A46EC459-7EC3-0F7B-9D96-6E2FD6382EA9}\ARPPRODUCTICON.exe [HKCR\Installer\Products\99E80CA9B0328e74791254777B1F42AE] : [HKCR\Installer\Products\9CB01050804C69C9281AE560BDE01930] : CCC Help Japanese -> C:\Windows\Installer\{05010BC9-C408-9C96-82A1-5E06DB0E9103}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A20C5A37B084B552128C3B22E3BB17AF] : CCC Help Russian -> C:\Windows\Installer\{73A5C02A-480B-255B-21C8-B3223EBB71FA}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A2C164E4C1CE1D64FAB5F7FE0D50A48F] : BrotherHelpInstaller [HKCR\Installer\Products\A45E39DA30E60F666B6232A58B113223] : CCC Help Italian -> C:\Windows\Installer\{AD93E54A-6E03-66F0-B626-235AB8112332}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A526BDA9D6F784C4098574765AD54542] : ControlCenter4 [HKCR\Installer\Products\A705C570835DFE2838037D1348C4EA37] : Catalyst Control Center InstallProxy -> C:\Windows\Installer\{075C507A-D538-82EF-8330-D731844CAE73}\ARPPRODUCTICON.exe [HKCR\Installer\Products\AE183D70623B69DAAE686466C1D6F774] : CCC Help Polish -> C:\Windows\Installer\{07D381EA-B326-AD96-EA86-46661C6D7F47}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B68040A017B03C3459FEDFCFC4811D16] : SILKYPIX Developer Studio 3.1 SE -> C:\WINDOWS\Installer\{0A04086B-0B71-43C3-95EF-FDFC4C18D161}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B8A50F363813A5370118A4AE69C4A29A] : AMD Catalyst Control Center -> C:\Windows\Installer\{63F05A8B-3183-735A-1081-4AEA964C2AA9}\ARPPRODUCTICON.exe [HKCR\Installer\Products\BEE08563FDE40884BB4D90E7C246E5DC] : HowToGuide [HKCR\Installer\Products\C27520FCD7D1BC58C79E86BAFECF2429] : CCC Help Swedish -> C:\Windows\Installer\{CF02572C-1D7D-85CB-7CE9-68ABEFFC4292}\ARPPRODUCTICON.exe [HKCR\Installer\Products\CB3D167BF2CF55D96584F414ADDF258E] : CCC Help Finnish -> C:\Windows\Installer\{B761D3BC-FC2F-9D55-5648-4F41DAFD52E8}\ARPPRODUCTICON.exe [HKCR\Installer\Products\CE38C89F4330E4F4A80C12D1CA18DE53] : Brother Scanner Driver [HKCR\Installer\Products\CF7CED9A867BD538B2DA1DD0CCD79B7C] : CCC Help Portuguese -> C:\Windows\Installer\{A9DEC7FC-B768-835D-2BAD-D10DCC7DB9C7}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D4E8BD038F775A1B9E03D52DFD1D80DC] : CCC Help Dutch -> C:\Windows\Installer\{30DB8E4D-77F8-B1A5-E930-5DD2DFD108CD}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D8A80C4D7D0F058E7200F1D10927DD73] : CCC Help Spanish -> C:\Windows\Installer\{D4C08A8D-F0D7-E850-2700-1F1D9072DD37}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D8ECF461200F456E0195152CA7E71295] : ccc-utility64 -> C:\Windows\Installer\{164FCE8D-F002-E654-1059-51C27A7E2159}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E3DA49642A4D89D4898466A240578E27] : NetworkRepairTool [HKCR\Installer\Products\ED21FF34497F79E6D510AB16AD5FFDAB] : CCC Help Greek -> C:\Windows\Installer\{43FF12DE-F794-6E97-5D01-BA61DAF5DFBA}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F9ED299317806A53BF17C48BC1E99D52] : CCC Help Norwegian -> C:\Windows\Installer\{3992DE9F-0871-35A6-FB71-4CB81C9ED925}\ARPPRODUCTICON.exe [HKCR\Installer\Products\FF13F9082DE711E4B92E016A4ACF2724] : Catalyst Control Center - Branding -> C:\Windows\Installer\{809F31FF-7ED2-4E11-9BE2-10A6A4FC7242}\ARPPRODUCTICON.exe ---------- | ADS ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Nom de l’application défaillante PeopleExperienceHost.exe, version : 10.0.17134.112, horodatage : 0x5b1acea3 Nom du module défaillant : PeopleBarFlyout.dll, version : 0.0.0.0, horodatage : 0x5ace10ed Code d’exception : 0xc0000409 Décalage d’erreur : 0x0000000000017d98 ID du processus défaillant : 0xef8 Heure de début de l’application défaillante : 0x01d4bb0503becc68 Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe Chemin d’accès du module défaillant: C:\Windows\ShellExperiences\PeopleBarFlyout.dll ID de rapport : 5bc8c0e8-6a19-48d7-af71-86086b5aced4 Nom complet du package défaillant : Microsoft.Windows.PeopleExperienceHost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ ------------ ATI EEU PnP start/stop failed ------------ ATI EEU PnP start/stop failed ------------ ATI EEU PnP start/stop failed ------------ ATI EEU PnP start/stop failed ------------ Échec de la sauvegarde. Raison : une erreur d'écriture s'est produite à l'emplacement de sauvegarde (F:\). Erreur : Emplacement de sauvegarde introuvable ou non valide. Vérifiez-le en passant en revue vos paramètres de sauvegarde. (0x81000006). ------------ ------------ ATI EEU PnP start/stop failed ------------ ATI EEU PnP start/stop failed ------------ Échec de la sauvegarde. Raison : une erreur d'écriture s'est produite à l'emplacement de sauvegarde (F:\). Erreur : Emplacement de sauvegarde introuvable ou non valide. Vérifiez-le en passant en revue vos paramètres de sauvegarde. (0x81000006). ------------ ATI EEU PnP start/stop failed ------------ ATI EEU PnP start/stop failed ------------ Le programme SkypeBridge.exe version 8.38.0.138 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance. ID de processus : 2f7c Heure de début : 01d4b97d8e978c71 Heure de fin : 4294967295 Chemin d'accès de l'application : C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe ID de rapport : 4f5d09e6-af00-48b8-b3d6-0811c93a720b Nom complet du package défaillant : Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c ID de l'application relative au package défaillant : App ------------ Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_OFF. ------------ Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_OFF. ------------ Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_OFF. ------------ Nom de l’application défaillante PSANHost.exe, version : 4.0.3.0, horodatage : 0x5a0357d9 Nom du module défaillant : ntdll.dll, version : 10.0.17134.471, horodatage : 0xfe852bc4 Code d’exception : 0xc0000374 Décalage d’erreur : 0x000d8499 ID du processus défaillant : 0x1218 Heure de début de l’application défaillante : 0x01d4b97cf03164b4 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : 52681d9b-3b39-4caf-a5a3-7da94f9bc252 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ ATI EEU PnP start/stop failed ------------ ----------( EOF)---------- - 4377 | 15:47:42