--------------- QuickDiag | g3n-h@ckm@n | V4_31.08.18.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 22/02/2019 19:49:53 Updated 31/08/2018 | 22:20 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Philippe (Administrator)] - [DESKTOP-RTEJFFC] (S-1-5-21-3187091646-2650930121-827019622-1001) System: Microsoft Windows 10 Famille - - (10.0.17763) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (1809) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\WINDOWS|\Device\Harddisk0\Partition3 Boot : Normal boot PC: Inspiron 5759 - Dell Inc. - IdNumber: JLN2FC2 - UUID: 4C4C4544-004C-4E10-8032-CAC04F464332 Processor : X64 - 2400 Mhz - Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz 1.5.2 - en|US|iso8859-1 - Dell Inc. - S/N: JLN2FC2 - 1.5.2 - DELL - 1072009 CoreTemp : 29.8 Celsius ----------| Quick ---------- | SoundDevice Realtek Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0255&SUBSYS_102806B2&REV_1000\4&2813B8DF&0&0001 Son Intel(R) pour écrans - Status: OK - Manufacturer: Intel(R) Corporation - PNPDeviceID: HDAUDIO\FUNC_01&VEN_8086&DEV_2809&SUBSYS_80860101&REV_1000\4&2813B8DF&0&0201 ---------- | Video AMD Radeon R5 M335 - Resolution: x - Colors: - RefreshRate: - Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\c0320070.inf_amd64_836aef5d167483e2\aticfx64.dll,C:\WINDOWS\System32\DriverStore\FileRepository\c0320070.inf_amd64_836aef5d167483e2\aticfx64.dll,C:\WINDOWS\System32\DriverStore\FileRepository\c0320070.inf_amd64_836aef5d167483e2\aticfx64.dll,C:\WINDOWS\System32\DriverStore\FileRepository\c0320070.inf_amd64_836aef5d167483e2\amdxc64.dll - PNPDeviceID: PCI\VEN_1002&DEV_6660&SUBSYS_06B21028&REV_81\4&2370267D&0&00E0 - AdapterCompatibility: Advanced Micro Devices, Inc. - RAM: -1048576 Intel(R) HD Graphics 520 - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController2 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igdumdim64.dll,C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igd10iumd64.dll,C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igd10iumd64.dll,C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igd12umd64.dll - PNPDeviceID: PCI\VEN_8086&DEV_1916&SUBSYS_06B21028&REV_07\3&11583659&0&10 - AdapterCompatibility: Intel Corporation - RAM: 1073741824 Inegrated Video Chipset DeviceName: AMD Radeon R5 M335 - DriverVersion: 8.14.1.6562 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 39424 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25824 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27648 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42904 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 36680 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 92672 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34800 - Manufacturer: Microsoft Corporation - Status: OK ---------- | CPU CPU #1 value:0 % CPU #2 value:0 % CPU #3 value:12 % CPU #4 value:0 % Total Overall CPU Usage value:1 % ---------- | Network Realtek PCIe FE Family Controller : SENT:0 bytes/sec / RECVD:0 bytes/sec Intel[R] Dual Band Wireless-AC 3160 : SENT:0 bytes/sec / RECVD:0 bytes/sec Overall -> SEND Maxium:1 bytes/sec, / RECEIVE Maximum:0 bytes/sec Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 Intel(R) Dual Band Wireless-AC 3160 - Ethernet 802.3 - Intel Corporation - Status: - PnPID : PCI\VEN_8086&DEV_08B3&SUBSYS_84708086&REV_83\4&1AE2A69C&0&00E4 Realtek PCIe FE Family Controller - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8136&SUBSYS_06B21028&REV_07\4&36276BDE&0&00E5 Microsoft Wi-Fi Direct Virtual Adapter - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&12324FDB&0&11 Microsoft Wi-Fi Direct Virtual Adapter #2 - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&12324FDB&0&12 WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_SSTPMINIPORT WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_AGILEVPNMINIPORT WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_L2TPMINIPORT WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPTPMINIPORT WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPPOEMINIPORT WAN Miniport (IP) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIP WAN Miniport (IPv6) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIPV6 WAN Miniport (Network Monitor) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANBH Bluetooth Device (Personal Area Network) - - - Status: - PnPID : ---------- | Memory RAM = Total (MB) : 8278 | Free (MB) : 4434 Pagefile = Total (MB) : 9589 | Free (MB) : 4993 Virtual = Total (MB) : 4194 | Free (MB) : 3916 Physical Memory 0 : Capacity: 4294967296 - DIMM A - Posit.: 1 - Manufacturer: Kingston - PartNumber: KNWMX1-ETB - S/N: 12151215 Physical Memory 1 : Capacity: 4294967296 - DIMM B - Posit.: 2 - Manufacturer: Kingston - PartNumber: KNWMX1-ETB - S/N: 12121212 ---------- | SID Users Administrateur : [S-1-5-21-3187091646-2650930121-827019622-500] DefaultAccount : [S-1-5-21-3187091646-2650930121-827019622-503] Invité : [S-1-5-21-3187091646-2650930121-827019622-501] Philippe : [S-1-5-21-3187091646-2650930121-827019622-1001] WDAGUtilityAccount : [S-1-5-21-3187091646-2650930121-827019622-504] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Propriétaires d'appareils : [S-1-5-32-583] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [OS] | Total : 527.07 Go | Free : 485 Go -> NTFS [SATA] D:\ -> [Fixed] | [Fichiers] | Total : 390.62 Go | Free : 355.91 Go -> NTFS [SATA] Disk Usage Information [1 total Physical Disks] Physical Drive #0 [C:, D:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:0 bytes/sec, Write Maximum:0 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 5 Part. - PnPID : SCSI\DISK&VEN_TOSHIBA&PROD_MQ01ABD100\4&D14604B&0&000000 ---------- | Windows updates - Activation - License W.A.T : :) Test 1 : Windows Is Activated Volume License ---------- | Browsers IE : 11.0.17763.1 (© Microsoft Corporation. Tous droits réservés.) Default : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" ---------- | FlashPlayer FlashPlayer ActiveX : 32.0.0.144 ---------- | Security FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Manual(3)] = stopped AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 396 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.17763.292) = C:\Windows\System32\smss.exe [23/01/2019 18:33:46] CPU Usage:0 % 584 | [Owner : Système | Parent : 572() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.17763.1) = C:\Windows\System32\csrss.exe [15/09/2018 08:28:45] CPU Usage:0 % 696 | [Owner : Système | Parent : 572() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.17763.1) = C:\Windows\System32\wininit.exe [15/09/2018 08:28:45] CPU Usage:0 % 768 | [Owner : Système | Parent : 696(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.17763.1) = C:\Windows\System32\services.exe [15/09/2018 08:28:45] CPU Usage:0 % 792 | [Owner : Système | Parent : 696(wininit.exe) | 14.11 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.17763.1) = C:\Windows\System32\lsass.exe [15/09/2018 08:28:46] CPU Usage:0 % 904 | [Owner : Système | Parent : 768(services.exe) | 2.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 924 | [Owner : UMFD-0 | Parent : 696(wininit.exe) | 2.24 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.17763.1) = C:\Windows\System32\fontdrvhost.exe [15/09/2018 08:28:47] CPU Usage:0 % 72 | [Owner : Système | Parent : 768(services.exe) | 26.61 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 532 | [Owner : SERVICE RÉSEAU | Parent : 768(services.exe) | 14.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 688 | [Owner : Système | Parent : 768(services.exe) | 6.18 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1212 | [Owner : Système | Parent : 768(services.exe) | 8.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1236 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 10.18 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1336 | [Owner : Système | Parent : 768(services.exe) | 5.05 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1428 | [Owner : Système | Parent : 768(services.exe) | 9.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1444 | [Owner : Système | Parent : 768(services.exe) | 12.03 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1476 | [Owner : Système | Parent : 768(services.exe) | 3.68 Mo] - (.AMD - AMD External Events Service Module.) - (23.20.768.12) = C:\Windows\System32\DriverStore\FileRepository\c0320070.inf_amd64_836aef5d167483e2\atiesrxx.exe [09/11/2017 05:51:48] CPU Usage:0 % 1488 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 12.42 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1504 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 4.84 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1532 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 7.89 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1564 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 5.36 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1664 | [Owner : SERVICE RÉSEAU | Parent : 768(services.exe) | 6.25 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1776 | [Owner : SERVICE RÉSEAU | Parent : 768(services.exe) | 8.23 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1904 | [Owner : Système | Parent : 768(services.exe) | 3.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1912 | [Owner : Système | Parent : 768(services.exe) | 81.95 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1920 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 6.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1996 | [Owner : Système | Parent : 768(services.exe) | 6.61 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2032 | [Owner : Système | Parent : 768(services.exe) | 5.48 Mo] - (.Intel Corporation - igfxCUIService Module.) - (6.15.10.4973) = C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxCUIService.exe [22/03/2018 04:20:38] CPU Usage:0 % 1300 | [Owner : Système | Parent : 768(services.exe) | 8.18 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2064 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 6.89 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2168 | [Owner : Système | Parent : 768(services.exe) | 5.49 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2176 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 13.98 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2328 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 15.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2444 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 5.35 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2500 | [Owner : Système | Parent : 768(services.exe) | 4.7 Mo] - (.Realtek Semiconductor - Realtek Audio Service.) - (1.0.0.85) = C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [19/06/2017 03:19:02] CPU Usage:0 % 2628 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 4.13 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2636 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 9.95 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2752 | [Owner : Système | Parent : 768(services.exe) | 9.94 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2816 | [Owner : Système | Parent : 768(services.exe) | 11.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2896 | [Owner : Système | Parent : 768(services.exe) | 9.92 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.17763.1) = C:\Windows\System32\spoolsv.exe [15/09/2018 08:28:24] CPU Usage:0 % 2916 | [Owner : Système | Parent : 768(services.exe) | 13.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2956 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 11.44 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3028 | [Owner : SERVICE RÉSEAU | Parent : 768(services.exe) | 5.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2224 | [Owner : Système | Parent : 768(services.exe) | 18.33 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2272 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 34.84 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2484 | [Owner : SERVICE RÉSEAU | Parent : 768(services.exe) | 11.72 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2384 | [Owner : Système | Parent : 768(services.exe) | 4.63 Mo] - (.Intel Corporation - Intel HD Graphics Drivers for Windows(R).) - (23.20.16.4973) = C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHDCPSvc.exe [22/03/2018 04:21:20] CPU Usage:0 % 2380 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 4.23 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2348 | [Owner : Système | Parent : 768(services.exe) | 3.31 Mo] - (.Intel Corporation - Intel(R) Wireless Bluetooth(R) iBtSiva Service.) - (20.60.0.4) = C:\Windows\System32\ibtsiva.exe [15/05/2018 12:28:32] CPU Usage:0 % 1840 | [Owner : Système | Parent : 768(services.exe) | 17.11 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3100 | [Owner : SERVICE RÉSEAU | Parent : 768(services.exe) | 4.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3124 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 5.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3140 | [Owner : Système | Parent : 768(services.exe) | 3.42 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3168 | [Owner : Système | Parent : 768(services.exe) | 3.65 Mo] - (.Waves Audio Ltd. - WavesSysSvc Service Application.) - (1.1.6.0) = C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [19/08/2015 16:12:04] CPU Usage:0 % 3212 | [Owner : Système | Parent : 768(services.exe) | 17.98 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3252 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 3.74 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3260 | [Owner : Système | Parent : 768(services.exe) | 8.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3300 | [Owner : Système | Parent : 768(services.exe) | 5.98 Mo] - (.Reason Software Company Inc. - Unchecky Service.) - (1.2.0.0) = C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [13/02/2019 15:19:56] CPU Usage:0 % 3284 | [Owner : Système | Parent : 768(services.exe) | 6.02 Mo] - (.- RichVideo Module.) - (2.0.0.7413) = C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [27/05/2016 10:47:34] CPU Usage:0 % 3308 | [Owner : Système | Parent : 768(services.exe) | 5.96 Mo] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - (20.10.1.0) = C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [24/10/2017 10:07:54] CPU Usage:0 % 3316 | [Owner : Système | Parent : 768(services.exe) | 9.89 Mo] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - (20.10.1.0) = C:\Program Files\Intel\WiFi\bin\EvtEng.exe [24/10/2017 10:07:56] CPU Usage:0 % 3324 | [Owner : Système | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.18.1812.3) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe [13/02/2019 15:36:11] CPU Usage:0 % 3332 | [Owner : Système | Parent : 768(services.exe) | 13.13 Mo] - (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Service.) - (20.10.1.0) = C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [24/10/2017 10:08:00] CPU Usage:0 % 3340 | [Owner : Système | Parent : 768(services.exe) | 4.02 Mo] - (.Intel(R) Corporation - Intel(R) TPM Provisioning Service.) - (1.47.866.0) = C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [11/10/2017 17:48:06] CPU Usage:0 % 3352 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 3.29 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3588 | [Owner : Système | Parent : 768(services.exe) | 5.01 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3632 | [Owner : Système | Parent : 768(services.exe) | 6.39 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3744 | [Owner : Système | Parent : 768(services.exe) | 4.52 Mo] - (.Intel Corporation - IntelCpHeciSvc Executable.) - (9.1.1.1117) = C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHeciSvc.exe [22/03/2018 04:21:24] CPU Usage:0 % 3880 | [Owner : Système | Parent : 768(services.exe) | 9.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3932 | [Owner : Système | Parent : 2752(svchost.exe) | 10.7 Mo] - (.Microsoft Corporation - Infrastructure d’extensibilité pour les services réseau Windows sans fil 802.11.) - (10.0.17763.1) = C:\Windows\System32\wlanext.exe [15/09/2018 08:28:25] CPU Usage:0 % 3948 | [Owner : Système | Parent : 3932(wlanext.exe) | 2.87 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17763.1) = C:\Windows\System32\conhost.exe [15/09/2018 08:28:44] CPU Usage:0 % 4728 | [Owner : SERVICE RÉSEAU | Parent : 768(services.exe) | 5.31 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2588 | [Owner : Système | Parent : 72(svchost.exe) | 4.96 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (10.0.17763.1) = C:\Windows\System32\wbem\unsecapp.exe [15/09/2018 08:28:25] CPU Usage:0 % 4284 | [Owner : Système | Parent : 72(svchost.exe) | 40.38 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17763.1) = C:\Windows\System32\wbem\WmiPrvSE.exe [15/09/2018 08:28:29] CPU Usage:0 % 5328 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 16.51 Mo] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.9034) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe [11/01/2019 13:21:21] CPU Usage:0 % 5376 | [Owner : Système | Parent : 768(services.exe) | 12.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 5384 | [Owner : Système | Parent : 1444(svchost.exe) | 1.02 Mo] - (.Dropbox, Inc. - Dropbox Update.) - (1.3.27.73) = C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [27/05/2016 11:05:14] CPU Usage:0 % 5512 | [Owner : Système | Parent : 768(services.exe) | 5.45 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1692 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 15.02 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 4120 | [Owner : Système | Parent : 768(services.exe) | 6.57 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 5272 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 5.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 6480 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 17.79 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3584 | [Owner : Système | Parent : 768(services.exe) | 9.76 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 7268 | [Owner : Système | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.18.1807.16384) = C:\Windows\System32\SecurityHealthService.exe [23/01/2019 18:33:18] CPU Usage:0 % 8024 | [Owner : Système | Parent : 768(services.exe) | 30.18 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.17763.168) = C:\Windows\System32\SearchIndexer.exe [11/01/2019 13:27:07] CPU Usage:0 % 5196 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 7956 | [Owner : Système | Parent : 768(services.exe) | 7.72 Mo] - (.Dell Inc. - Dell Data Vault Rules Processor.) - (5.2.7.93) = C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [22/10/2018 14:27:36] CPU Usage:0 % 1224 | [Owner : Système | Parent : 768(services.exe) | 48.59 Mo] - (.PC-Doctor, Inc. -.) - (6.0.6992.1466) = C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\DSAPI.exe [16/02/2019 15:03:25] CPU Usage:0 % 8224 | [Owner : Système | Parent : 768(services.exe) | 36.01 Mo] - (.Dell Inc. - MDLCService.) - (2.6.1.0) = C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [15/01/2018 23:38:34] CPU Usage:0 % 8260 | [Owner : Système | Parent : 1224(DSAPI.exe) | 50.3 Mo] - (.PC-Doctor, Inc. - PC-Doctor Communications Manager.) - (6.0.6992.1466) = C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\pcdrwi.exe [16/02/2019 15:04:04] CPU Usage:0 % 8292 | [Owner : Système | Parent : 8260(pcdrwi.exe) | 3.02 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17763.1) = C:\Windows\System32\conhost.exe [15/09/2018 08:28:44] CPU Usage:0 % 8544 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 8.82 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 7556 | [Owner : Système | Parent : 768(services.exe) | 23.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 7152 | [Owner : Système | Parent : 768(services.exe) | 56.34 Mo] - (.- ServiceShell.) - (1.1.0.46) = C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [12/11/2018 13:46:40] CPU Usage:0 % 4236 | [Owner : Système | Parent : 768(services.exe) | 7.69 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.17763.1) = C:\Windows\System32\dllhost.exe [15/09/2018 08:28:45] CPU Usage:0 % 6024 | [Owner : SERVICE RÉSEAU | Parent : 768(services.exe) | 5.67 Mo] - (.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) - (2001.12.10941.16384) = C:\Windows\System32\msdtc.exe [15/09/2018 08:29:16] CPU Usage:0 % 8456 | [Owner : Système | Parent : 768(services.exe) | 29.65 Mo] - (.Dell Inc. - DCCService.) - (1.3.28.0) = C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [22/09/2015 16:20:04] CPU Usage:0 % 7072 | [Owner : Système | Parent : 768(services.exe) | 32.57 Mo] - (.Dell Products, LP. - Dell Digital Delivery Windows Service.) - (3.1.1018.0) = C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [23/06/2015 15:26:44] CPU Usage:0 % 9804 | [Owner : SERVICE RÉSEAU | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 9896 | [Owner : Système | Parent : 768(services.exe) | 8.93 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 10128 | [Owner : Système | Parent : 768(services.exe) | 37.02 Mo] - (.Intel Corporation - IAStorDataSvc.) - (14.8.9.1053) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [28/04/2016 21:48:22] CPU Usage:0 % 10196 | [Owner : Système | Parent : 768(services.exe) | 5.17 Mo] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (11.7.0.1054) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [09/11/2017 00:44:08] CPU Usage:0 % 8196 | [Owner : Système | Parent : 768(services.exe) | 9.68 Mo] - (.Intel Corporation - Intel(R) Local Management Service.) - (11.7.0.1054) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [09/11/2017 00:45:44] CPU Usage:0 % 9436 | [Owner : Système | Parent : 768(services.exe) | 17.78 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 6332 | [Owner : Système | Parent : 768(services.exe) | 45.07 Mo] - (.Dell - KickStart.WindowService.) - (3.0.127.0) = C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [06/04/2017 15:50:24] CPU Usage:0 % 8912 | [Owner : Système | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Service Broker du moniteur d'exécution System Guard.) - (10.0.17763.1) = C:\Windows\System32\SgrmBroker.exe [15/09/2018 08:29:13] CPU Usage:0 % 9344 | [Owner : Système | Parent : 768(services.exe) | 80.42 Mo] - (.Dell Inc. - Service.) - (3.1.0.142) = C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [12/12/2018 05:02:24] CPU Usage:0 % 8420 | [Owner : Système | Parent : 768(services.exe) | 16.1 Mo] - (.Dell Inc. - Dell Data Vault Data Collector Service.) - (5.2.7.93) = C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [22/10/2018 14:29:16] CPU Usage:0 % 7472 | [Owner : Système | Parent : 768(services.exe) | 4.15 Mo] - (.Dell Inc. - Dell Data Vault Data Collector Service API.) - (5.2.7.93) = C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [22/10/2018 14:29:28] CPU Usage:0 % 1172 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 6.23 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 6936 | [Owner : Système | Parent : 6448() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.17763.1) = C:\Windows\System32\csrss.exe [15/09/2018 08:28:45] CPU Usage:0 % 1008 | [Owner : Système | Parent : 6448() | 8.52 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.17763.1) = C:\Windows\System32\winlogon.exe [15/09/2018 08:28:46] CPU Usage:0 % 6964 | [Owner : DWM-3 | Parent : 1008(winlogon.exe) | 74.56 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.17763.1) = C:\Windows\System32\dwm.exe [15/09/2018 08:28:44] CPU Usage:0 % 2616 | [Owner : UMFD-3 | Parent : 1008(winlogon.exe) | 13.36 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.17763.1) = C:\Windows\System32\fontdrvhost.exe [15/09/2018 08:28:47] CPU Usage:0 % 4140 | [Owner : Système | Parent : 1476(atiesrxx.exe) | 9.39 Mo] - (.AMD - AMD External Events Client Module.) - (23.20.768.12) = C:\Windows\System32\atieclxx.exe [09/11/2017 05:51:46] CPU Usage:0 % 9148 | [Owner : Système | Parent : 2500(RtkAudioService64.exe) | 11.28 Mo] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.271) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [19/06/2017 03:18:44] CPU Usage:0 % 7984 | [Owner : Philippe | Parent : 3300(unchecky_svc.exe) | 9.28 Mo] - (.Reason Software Company Inc. - Unchecky Background Process.) - (1.2.0.0) = C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe [13/02/2019 15:19:56] CPU Usage:0 % 9456 | [Owner : Système | Parent : 2500(RtkAudioService64.exe) | 10.62 Mo] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.271) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [19/06/2017 03:18:44] CPU Usage:0 % 356 | [Owner : Philippe | Parent : 768(services.exe) | 16.65 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 4632 | [Owner : Philippe | Parent : 1300(svchost.exe) | 28.48 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.17763.1) = C:\Windows\System32\sihost.exe [15/09/2018 08:28:34] CPU Usage:0 % 6420 | [Owner : Philippe | Parent : 768(services.exe) | 35.07 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2796 | [Owner : Philippe | Parent : 1444(svchost.exe) | 17.56 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.17763.1) = C:\Windows\System32\taskhostw.exe [15/09/2018 08:28:44] CPU Usage:0 % 6184 | [Owner : Philippe | Parent : 9232() | 147.55 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.17763.107) = C:\Windows\explorer.exe [11/01/2019 13:27:00] CPU Usage:0 % 1836 | [Owner : Philippe | Parent : 2696() | 20.7 Mo] - (.Intel Corporation - igfxEM Module.) - (6.15.10.4973) = C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxEM.exe [22/03/2018 04:20:56] CPU Usage:0 % 8880 | [Owner : Philippe | Parent : 768(services.exe) | 16.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 9820 | [Owner : Philippe | Parent : 72(svchost.exe) | 99.59 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.17763.1) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [15/09/2018 08:28:58] CPU Usage:0 % 4380 | [Owner : Philippe | Parent : 72(svchost.exe) | 28.16 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 08:28:29] CPU Usage:0 % 8044 | [Owner : Philippe | Parent : 72(svchost.exe) | 33.8 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 08:28:29] CPU Usage:0 % 10012 | [Owner : Philippe | Parent : 72(svchost.exe) | 27.25 Mo] - (.-.) - (1.0.1902.14003) = C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20453.0_x64__8wekyb3d8bbwe\YourPhone.exe [22/02/2019 12:19:51] CPU Usage:0 % 6116 | [Owner : Philippe | Parent : 5512(svchost.exe) | 19.1 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.17763.1) = C:\Windows\System32\ctfmon.exe [15/09/2018 08:28:45] CPU Usage:0 % 7800 | [Owner : Philippe | Parent : 72(svchost.exe) | 8 Mo] - (.-.) - (8.39.0.222) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.222.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe [22/02/2019 12:19:52] CPU Usage:0 % 1412 | [Owner : Philippe | Parent : 72(svchost.exe) | 32.21 Mo] - (.Microsoft Corporation - SkypeApp.) - (8.39.0.222) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.222.0_x64__kzf8qxf38zg5c\SkypeApp.exe [22/02/2019 12:19:52] CPU Usage:0 % 9500 | [Owner : Philippe | Parent : 72(svchost.exe) | 42.81 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.17763.1) = C:\Windows\System32\smartscreen.exe [15/09/2018 08:28:30] CPU Usage:0 % 9768 | [Owner : Philippe | Parent : 6184(explorer.exe) | 8.05 Mo] - (.Microsoft Corporation - Windows Security notification icon.) - (10.0.17763.1) = C:\Windows\System32\SecurityHealthSystray.exe [15/09/2018 08:28:39] CPU Usage:0 % 6340 | [Owner : Philippe | Parent : 6184(explorer.exe) | 12.38 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.636.3) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [19/06/2017 03:19:06] CPU Usage:0 % 9220 | [Owner : Philippe | Parent : 6184(explorer.exe) | 12.06 Mo] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.271) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [19/06/2017 03:18:44] CPU Usage:0 % 9588 | [Owner : Philippe | Parent : 6184(explorer.exe) | 9.56 Mo] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.271) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [19/06/2017 03:18:44] CPU Usage:0 % 1540 | [Owner : Philippe | Parent : 6184(explorer.exe) | 14.2 Mo] - (.Dell Inc. - QuickSet.) - (10.17.9.3) = C:\Program Files\Dell\QuickSet\quickset.exe [21/09/2015 16:21:52] CPU Usage:0 % 9732 | [Owner : Philippe | Parent : 6184(explorer.exe) | 6.77 Mo] - (.Waves Audio Ltd. - Waves MaxxAudio Service Application.) - (1.11.0.0) = C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [21/09/2015 17:09:44] CPU Usage:0 % 6976 | [Owner : Philippe | Parent : 6184(explorer.exe) | 49.35 Mo] - (.Microsoft Corporation - Microsoft OneDrive.) - (19.2.107.8) = C:\Users\Philippe\AppData\Local\Microsoft\OneDrive\OneDrive.exe [13/02/2019 13:08:04] CPU Usage:0 % 6176 | [Owner : Philippe | Parent : 72(svchost.exe) | 10.04 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 08:28:29] CPU Usage:0 % 7996 | [Owner : Philippe | Parent : 72(svchost.exe) | 6.67 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 08:28:29] CPU Usage:0 % 10112 | [Owner : Philippe | Parent : 1444(svchost.exe) | 0.77 Mo] - (.CyberLink - CyberLink MediaLibrary Service.) - (8.0.0.2002) = C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe [27/05/2016 10:45:14] CPU Usage:0 % 9612 | [Owner : Philippe | Parent : 72(svchost.exe) | 209.2 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.17763.292) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [23/01/2019 18:33:53] CPU Usage:0 % 8100 | [Owner : Philippe | Parent : 5576() | 26.42 Mo] - (.Intel Corporation - IAStorIcon.) - (14.8.9.1053) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [28/04/2016 21:48:22] CPU Usage:0 % 3576 | [Owner : Philippe | Parent : 72(svchost.exe) | 22.02 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 08:28:29] CPU Usage:0 % 9312 | [Owner : Philippe | Parent : 768(services.exe) | 10.37 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3896 | [Owner : Philippe | Parent : 72(svchost.exe) | 32.58 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.17763.1) = C:\Windows\System32\ApplicationFrameHost.exe [15/09/2018 08:28:39] CPU Usage:0 % 9452 | [Owner : Philippe | Parent : 72(svchost.exe) | 0.75 Mo] - (.Microsoft Corporation - Store.) - (11811.1001.18.0) = C:\Program Files\WindowsApps\microsoft.windowsstore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe [30/01/2019 18:03:56] CPU Usage:0 % 2356 | [Owner : Philippe | Parent : 72(svchost.exe) | 11.04 Mo] - (.Microsoft Corporation - Microsoft Edge.) - (11.0.17763.316) = C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe [13/02/2019 11:08:56] CPU Usage:0 % 9688 | [Owner : Philippe | Parent : 72(svchost.exe) | 7.03 Mo] - (.Microsoft Corporation - Browser_Broker.) - (11.0.17763.316) = C:\Windows\System32\browser_broker.exe [13/02/2019 11:08:02] CPU Usage:0 % 6884 | [Owner : Philippe | Parent : 72(svchost.exe) | 6.88 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 08:28:29] CPU Usage:0 % 5464 | [Owner : Philippe | Parent : 72(svchost.exe) | 21.42 Mo] - (.Microsoft Corporation - Microsoft Edge Content Process.) - (11.0.17763.1) = C:\Windows\System32\MicrosoftEdgeCP.exe [15/09/2018 08:28:50] CPU Usage:0 % 7624 | [Owner : Philippe | Parent : 6884(RuntimeBroker.exe) | 10.84 Mo] - (.Microsoft Corporation - Microsoft Edge Web Platform.) - (11.0.17763.1) = C:\Windows\System32\MicrosoftEdgeSH.exe [15/09/2018 08:28:32] CPU Usage:0 % 1620 | [Owner : Philippe | Parent : 72(svchost.exe) | 12.12 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.17763.1) = C:\Windows\System32\dllhost.exe [15/09/2018 08:28:45] CPU Usage:0 % 7400 | [Owner : Philippe | Parent : 8420(DDVDataCollector.exe) | 8.92 Mo] - (.Dell Inc. - DDV ATI Graphics Worker.) - (5.2.7.93) = C:\Program Files\Dell\DellDataVault\atiw.exe [22/10/2018 14:25:40] CPU Usage:0 % 9140 | [Owner : SERVICE LOCAL | Parent : 72(svchost.exe) | 10.78 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17763.1) = C:\Windows\System32\wbem\WmiPrvSE.exe [15/09/2018 08:28:29] CPU Usage:0 % 7688 | [Owner : Philippe | Parent : 72(svchost.exe) | 16.76 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 08:28:29] CPU Usage:0 % 5292 | [Owner : Système | Parent : 768(services.exe) | 11.96 Mo] - (.Intel Corporation - Intel(R) Security Assist.) - (1.0.0.532) = C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [19/05/2015 08:11:00] CPU Usage:0 % 5396 | [Owner : Système | Parent : 768(services.exe) | 5.82 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 5932 | [Owner : Système | Parent : 768(services.exe) | ?????] - (.Malwarebytes - Malwarebytes Service.) - (3.2.0.765) = C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [13/02/2019 13:59:22] CPU Usage:0 % 6300 | [Owner : Philippe | Parent : 5932(MBAMService.exe) | 32.72 Mo] - (.Malwarebytes - Malwarebytes Tray Application.) - (3.1.0.1731) = C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [13/02/2019 13:59:18] CPU Usage:0 % 5636 | [Owner : Philippe | Parent : 72(svchost.exe) | 25.99 Mo] - (.Microsoft Corporation - System Settings Broker.) - (10.0.17763.1) = C:\Windows\System32\SystemSettingsBroker.exe [15/09/2018 08:28:25] CPU Usage:0 % 7676 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 8.53 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 428 | [Owner : Système | Parent : 768(services.exe) | 8.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 7788 | [Owner : Philippe | Parent : 72(svchost.exe) | 47.72 Mo] - (.Microsoft Corporation - WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe.) - (10.0.17763.292) = C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe [23/01/2019 18:33:42] CPU Usage:0 % 7328 | [Owner : Philippe | Parent : 72(svchost.exe) | 8.72 Mo] - (.Microsoft Corporation - Component Package Support Server.) - (10.0.17763.292) = C:\Windows\System32\CompPkgSrv.exe [23/01/2019 18:33:13] CPU Usage:0 % 1072 | [Owner : Système | Parent : 768(services.exe) | 9.89 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 5860 | [Owner : Philippe | Parent : 72(svchost.exe) | 50.87 Mo] - (.-.) - (2.24.1812.5004) = C:\Program Files\WindowsApps\microsoft.xboxgamingoverlay_2.24.5004.0_x64__8wekyb3d8bbwe\GameBar.exe [11/01/2019 14:47:33] CPU Usage:0 % 5928 | [Owner : SERVICE LOCAL | Parent : 2328(svchost.exe) | 16.55 Mo] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.17763.292) = C:\Windows\System32\audiodg.exe [23/01/2019 18:33:13] CPU Usage:0 % 7856 | [Owner : Philippe | Parent : 72(svchost.exe) | 12.52 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 08:28:29] CPU Usage:0 % 4352 | [Owner : Philippe | Parent : 6184(explorer.exe) | 231.02 Mo] - (.Mozilla Corporation - Firefox.) - (65.0.1.6981) = C:\Program Files\Mozilla Firefox\firefox.exe [13/02/2019 13:11:15] CPU Usage:2 % 8356 | [Owner : Philippe | Parent : 4352(firefox.exe) | 60.39 Mo] - (.Mozilla Corporation - Firefox.) - (65.0.1.6981) = C:\Program Files\Mozilla Firefox\firefox.exe [13/02/2019 13:11:15] CPU Usage:0 % 6400 | [Owner : Philippe | Parent : 4352(firefox.exe) | 325.32 Mo] - (.Mozilla Corporation - Firefox.) - (65.0.1.6981) = C:\Program Files\Mozilla Firefox\firefox.exe [13/02/2019 13:11:15] CPU Usage:20 % 3484 | [Owner : Philippe | Parent : 4352(firefox.exe) | 193.66 Mo] - (.Mozilla Corporation - Firefox.) - (65.0.1.6981) = C:\Program Files\Mozilla Firefox\firefox.exe [13/02/2019 13:11:15] CPU Usage:0 % 4864 | [Owner : Système | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 10356 | [Owner : SERVICE LOCAL | Parent : 768(services.exe) | 7.78 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 10424 | [Owner : Système | Parent : 768(services.exe) | 6.58 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 10640 | [Owner : Philippe | Parent : 72(svchost.exe) | 10.1 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.17763.1) = C:\Windows\System32\dllhost.exe [15/09/2018 08:28:45] CPU Usage:0 % 7284 | [Owner : Philippe | Parent : 72(svchost.exe) | 8.36 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.17763.1) = C:\Windows\System32\dllhost.exe [15/09/2018 08:28:45] CPU Usage:0 % 6424 | [Owner : Philippe | Parent : 4352(firefox.exe) | 69.59 Mo] - (.Mozilla Corporation - Firefox.) - (65.0.1.6981) = C:\Program Files\Mozilla Firefox\firefox.exe [13/02/2019 13:11:15] CPU Usage:0 % 9800 | [Owner : Système | Parent : 768(services.exe) | 5.74 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 6252 | [Owner : Philippe | Parent : 6184(explorer.exe) | 46.17 Mo] - (.SosVirus - QuickDiag.) - (31.8.18.1) = C:\Users\Philippe\Desktop\QuickDiag.exe [22/02/2019 19:47:37] CPU Usage:0 % 6504 | [Owner : SERVICE RÉSEAU | Parent : 72(svchost.exe) | 9.47 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17763.1) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [15/09/2018 08:29:00] CPU Usage:0 % ---------- | Locked Applications ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\Windows\System32\InputHost.dll (.Intel Corporation.-.User Mode Driver for Intel(R) Graphics Technology.) - (23.20.16.4973) -- C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igd10iumd64.dll (.Intel Corporation.-.Intel Graphics Shader Compiler for Intel(R) Graphics Accelerator.) - (23.20.16.4973) -- C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igc64.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellExperiences\TileControl.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellComponents\TaskFlowUI.dll (.Malwarebytes.-.Malwarebytes.) - (3.0.0.78) -- C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll (.Cyberlink.-.Cyberlink Shell Extension dynamic link library.) - (8.0.0.2906) -- C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) ---------- | svchost.exe Modules (Microsoft Files Whitelisted) (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.23.2.0) -- c:\windows\system32\winsqlite3.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU OneDrive - ("C:\Users\Philippe\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\SOFTWARE\...\Run]) - User: DESKTOP-RTEJFFC\Philippe SecurityHealth - (%windir%\system32\SecurityHealthSystray.exe [HKLM\SOFTWARE\...\Run]) - User: Public RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s [HKLM\SOFTWARE\...\Run]) - User: Public RtHDVBg_MAXX6 - ("C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX6 [HKLM\SOFTWARE\...\Run]) - User: Public RtHDVBg_PushButton - ("C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM [HKLM\SOFTWARE\...\Run]) - User: Public QuickSet - (c:\Program Files\Dell\QuickSet\QuickSet.exe [HKLM\SOFTWARE\...\Run]) - User: Public WavesSvc - ("C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe" [HKLM\SOFTWARE\...\Run]) - User: Public IAStorIcon - ("C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Philippe\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "OneDrive"=0x020000000000000000000000 [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU] "a"=regedit\1 "MRUList"=cab "b"=explorer\1 "c"=Explorer.exe\1 [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=Microsoft Print to PDF,winspool,Ne01: "IsMRUEstablished"=1 "LegacyDefaultPrinterMode"=0 [HKLM\Software\Microsoft\Command Processor] "DefaultColor"=0 "EnableExtensions"=1 "CompletionChar"=64 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=%windir%\system32\SecurityHealthSystray.exe "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "RtHDVBg_MAXX6"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX6 "RtHDVBg_PushButton"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM "QuickSet"=c:\Program Files\Dell\QuickSet\QuickSet.exe [21/09/2015 16:21:52] "WavesSvc"="C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "SecurityHealth"=0x060000000000000000000000 "IAStorIcon"=0x020000000000000000000000 "RTHDVCPL"=0x020000000000000000000000 "RtHDVBg_PushButton"=0x020000000000000000000000 "RtHDVBg_MAXX6"=0x020000000000000000000000 "QuickSet"=0x020000000000000000000000 "WavesSvc"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "StartCCC"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D4C38402AB6FD2 [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List CLMLSvc_P2G8 CLVDLauncher Dell SupportAssistAgent AutoUpdate DropboxOEM DropboxUpdateTaskMachineCore DropboxUpdateTaskMachineUA Intel PTT EK Recertification OneDrive Standalone Update Task-S-1-5-21-3187091646-2650930121-827019622-1001 RtHDVBg_PushButton ---------- | Startings up registry ? Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=DeviceInstall UsoSvc gpsvc trustedinstaller "SvcHostSplitThresholdInKB"=3670016 "WaitToKillServiceTimeout"=200 "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(3) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) "LastBootSucceeded"=1 "LastBootShutdown"=1 "ServicesPipeTimeout"=60000 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [13/02/2019 13:02:27] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "LsaPid"=792 "SecureBoot"=1 "ProductType"=3 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymoussam"=1 "restrictanonymous"=0 [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "GlobalFlag2"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "AutoChkSkipSystemPartition"=0 "ResourceTimeoutCount"=648000 [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=cd4f2da0-df90-470b-a552-32bb27f "GlassSessionId"=3 ---------- | .LNK with Arguments ---------- | AppCertDlls ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretTimeout"=5000 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=0 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "ScreenSaveActive"=1 "SnapSizing"=1 "TileWallpaper"=0 "WallPaper"=D:\images\Auvergne\[001117].jpg [07/06/2016 11:20:33] "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "Win8DpiScaling"=0 "DpiScalingVer"=4096 "UserPreferencesMask"=0x9E1E078012000000 "MaxVirtualDesktopDimension"=1920 "MaxMonitorDimension"=1920 "TranscodedImageCount"=1 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC30100008006000006000000040000D280EDAE1367CB0144003A005C0069006D0061006700650073005C004100750076006500720067006E0065005C005B003000300031003100310037005D002E006A0070006700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "WaitToKillAppTimeout"=200 "HungAppTimeout"=200 [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003428000000000000000000000000000001000000130000000000000062000000 "UserSignedIn"=1 "SlowContextMenuEntries"=0x238988A3D3CF6B4A89BF08E6B95716E8910F00000114020000000000C000000000000046DE3100001A58CE57B60C66429CA019364C90A0B3554D00006078A409B011A54DAFA526D86198A7806E120000320A2A3E146EAD4BAA87BBB6A75EBFF2EE0F0000 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "TelemetrySalt"=7 "GlobalAssocChangedCounter"=166 "FirstRunTelemetryComplete"=1 "EdgeDesktopShortcutCreated"=1 "AppReadinessLogonComplete"=1 "PostAppInstallTasksCompleted"=1 "Browse For Folder Width"=347 "Browse For Folder Height"=346 "EnableAutoTray"=1 "link"=0x16000000 [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=2 "ShowCompColor"=1 "HideFileExt"=1 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "StoreAppsOnTaskbar"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=13 "TaskbarStateLastRun"=0x674A6D5C00000000 "ReindexedProfile"=1 "TaskbarSizeMove"=0 "TaskbarSmallIcons"=0 "DontUsePowerShellOnWinX"=0 "TaskbarBadges"=1 "ShowTaskViewButton"=0 "DisablePreviewDesktop"=1 "TaskbarAppsVisibleInTabletMode"=1 "TaskbarGlomLevel"=0 "TaskbarAutoHideInTabletMode"=0 [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery] "MRUListEx"=0x0300000004000000010000000200000000000000FFFFFFFF "0"=0x7A00680070002E007400780074000000 "2"=0x6F00660066006900630065002E000000 "1"=0x2E00620069006E000000 "4"=0x6300680072006F006D00690075000000 "3"=0x7A00680070000000 [HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "FilterAdministratorToken"=1 "undockwithoutlogon"=1 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=4 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "FilterAdministratorToken"=1 "undockwithoutlogon"=1 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=11 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=17763 "FirstLogon"=0 "PUUActive"=0x5B98CD3F0100000029005800F20903009735030097350300D200000002000A00373524F0EB0B0C00CE820300804C0200B93402002E1D0000C7000000D96803009F100000E000000019C080BBDECAD401F20903000000000001000000F209030063450000521D0000CC80410000000000 "DP"=0xD200E80013000000290000005B98CD3F00000000000000001C5F27F9C4CAD4011C5F27F9C4CAD401000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000F03F805101001CF300C010000D1415900D55CD2400000B1042481B1C425AF2A700400101540511015545202601000A0810170E883117311B0180400CD12DC00DD33F427400C0690240206902C020A93C00405A101002DF105A2AB58D000090016A48B803EE4847EE00400076A361637EA361D26F00C0000C8658040C86588496008006C0840006C08414 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DefaultDomainName"= "DefaultUserName"=Philippe "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "scremoveoption"=0 "LastLogOffEndTimePerfCounter"=118732800543 "ShutdownFlags"=2147483815 "DisableCad"=1 "USERINIT"=C:\Windows\system32\userinit.exe, "AutoAdminLogon"=0 "DisableLockWorkstation"=0 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-21-3187091646-2650930121-827019622-1001 "LastUsedUsername"=Philippe [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=C:\WINDOWS\system32\userinit.exe [15/09/2018 08:28:45] ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=iexplore.exe [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=iexplore.exe [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Program Files\ByteFence\ByteFence.exe"=32 "C:\Users\Philippe\AppData\Roaming\PCDr\Update\Binaries\full_dsc_6875_668_64_02.exe"=1 "C:\Program Files\Dell\SupportAssist\uninstaller.exe"=1 "C:\Users\Philippe\AppData\Local\Temp\nss7D96.tmp\Setup.exe"=1 "C:\Users\Philippe\AppData\Local\Temp\_uninst_supportassist.exe"=1 [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxEM.exe"=0x5341435001000000000000000700000028000000B0A10D00F74C0E0001000000000000000000000A7322000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000C7A7E401000000002700000027000000 "C:\Users\Philippe\AppData\Local\Microsoft\OneDrive\18.143.0717.0002\FileSyncConfig.exe"=0x534143500100000000000000070000002800000038050400D61B040001000000000000000000000A0021000067077CBAC54CD4010000000100000000 "C:\Users\Philippe\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000380DB80104FEB80101000000000000000000000A0021000067077CBAC54CD4010000000100000000 "D:\Téléchargement\Internet\Firefox\Firefox Installer.exe"=0x534143500100000000000000070000002800000020C004009484050001000000000000000000000A0021000067077CBAC54CD401000000000000000002000000280000000000000000000000000000000000000000000000000000006CAF0300000000000100000001000000 "C:\Users\Philippe\AppData\Local\Microsoft\OneDrive\19.002.0107.0008\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000308104006ACC040001000000000000000000000A0021000067077CBAC54CD4010000000100000000 "C:\Program Files\Mozilla Firefox\firefox.exe"=0x5341435001000000000000000700000028000000D0070800C68A080001000000000000000000000A0021000067077CBAC54CD4010000000100000000 "D:\Téléchargement\Entretien\revosetup.exe"=0x534143500100000000000000070000002800000028D36D00F6196E0001000000000000000000000A0021000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000C8880000000000000100000001000000 "C:\Program Files\mcafee\msc\mcuihost.exe"=0x5341435001000000000000000700000028000000D8310F004CBE0F0003000000000000000000000A0021000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000F5930600000000000100000001000000 "C:\Users\Philippe\AppData\Local\Temp\{d992c12e-cab2-426f-bde3-fb8c53950b0d}\.be\VC_redist.x64.exe"=0x5341435001000000000000000700000028000000908A0C00332D0D0001000000000000000000000A0021000067077CBAC54CD40100000000000000000200000028000000000000000000004000000000000000000000000000000000A3330000000000000100000001000000 "C:\Program Files\LibreOffice\program\soffice.exe"=0x534143500100000000000000070000002800000068FA0000A640010001000000000000000000000A0021000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000B9180300000000000A0000000A000000 "D:\Téléchargement\Openoffice\Apache_OpenOffice_4.1.6_Win_x86_install_fr.exe"=0x5341435001000000000000000700000028000000F3BEEC070000000001000000000000000000000A0021000067077CBAC54CD40100000000000000000200000028000000000000000000004000000000000000000000000000000000BDA40300000000000100000001000000 "D:\Téléchargement\Audio & Image & vidéos\Photo\pf7-setup-fr-7.2.1.exe"=0x534143500100000000000000070000002800000004614F00000000000100000000000000000000067100000067077CBAC54CD401000000000000000002000000280000000000000000080040000000000000000000000000000000005E410000000000000100000001000000 "D:\Téléchargement\Audio & Image & vidéos\Photo\gimp-2.10.8-setup.exe"=0x53414350010000000000000007000000280000009852D80BFEECD80B01000000000000000000000A0021000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000213B0400000000000100000001000000 "D:\Téléchargement\Antivirus\mb3-setup-consumer-3.7.1.2839-1.0.538-1.0.9074.exe"=0x53414350010000000000000007000000280000004047D5031683D50301000000000000000000000A0021000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000A9AA0300000000000100000001000000 "C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe"=0x5341435001000000000000000700000028000000305C83000655840001000000000000000000000A7122000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000D2A00700000000000C0000000C000000 "C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe"=0x5341435001000000000000000700000028000000D02A0F00F809100001000000000000000000000A7122000067077CBAC54CD40100000000000000000200000028000000000000000000004000000000000000000000000000000000FF070000000000000100000001000000 "C:\Users\Philippe\Desktop\SyncBack_Setup.exe"=0x534143500100000000000000070000002800000050B78701FE0B880101000000000000000000000A0021000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000C4470400000000000100000001000000 "D:\Téléchargement\Divers\SyncBack_Setup.exe"=0x534143500100000000000000070000002800000050B78701FE0B880101000000000000000000000A0021000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000DA850000000000000200000002000000 "C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe"=0x5341435001000000000000000700000028000000B0D5AE01DB5FAF0101000000000000000000000A0021000067077CBAC54CD40100000000000000000200000050000000000000000000004000000000000000000000000000000000B3510800000000000500000004000000000000000000000000000000000000000000000000000000FF140000000000000200000000000000 "D:\Téléchargement\Drivers\imprimante canon 5100.exe"=0x534143500100000000000000070000002800000098EC690192F769010100000000000000000001060001000067077CBAC54CD4010000000000000000050000001000000000000000000000000000000080000000020000002800000000000000800000400000020000000000000000000000000024840000000000000200000002000000 "D:\Téléchargement\Drivers\mp navigator.exe"=0x5341435001000000000000000700000028000000502EF80284ADF8020100000000000000000001060001000067077CBAC54CD4010000000000000000020000002800000000000000800000400000000000000000000000000000000095520000000000000100000001000000 "C:\Program Files (x86)\Canon\MP Navigator EX 4.0\mpnex40.exe"=0x5341435001000000000000000700000028000000504E9100C00592000100000000000000000001060001000067077CBAC54CD401000000000000000002000000280000000000000000000000000000000000000000000000000000005B750E00000000000C0000000C000000 "D:\Téléchargement\Entretien\CrystalDiskInfo8_0_0.exe"=0x5341435001000000000000000700000028000000A0283C0067173D0001000000000000000000000A0021000067077CBAC54CD401000000000000000002000000280000000000000000000000000000000000000000000000000000008E8F0000000000000100000001000000 "D:\Téléchargement\Entretien\sumo_lite.exe"=0x5341435001000000000000000700000028000000404C260037AF260001000000000000000000000A0021000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000A4320100000000000100000001000000 "D:\Téléchargement\Internet\Windows\wlsetup-web.exe"=0x534143500100000000000000070000002800000000FC1200248C13000100000000000000000002067122000067077CBAC54CD401000000000000000002000000280000000000000000000050000000000000000000000000000000004D3D0200000000000200000002000000 "D:\Téléchargement\Audio & Image & vidéos\Vidéos\vlc-3.0.6-win64.exe"=0x534143500100000000000000070000002800000068887E028D3F7F0201000000000000000000000A0021000067077CBAC54CD401000000000000000002000000280000000000000000000040000000000000000000000000000000009DD80000000000000100000001000000 "C:\Program Files\VideoLAN\VLC\vlc.exe"=0x5341435001000000000000000700000028000000C80A0F00A5500F000100000000000000000000060001000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000FCD75000000000002000000020000000 "D:\Téléchargement\Jeux\belatout570.exe"=0x53414350010000000000000007000000280000007A4B29000000000001000000000000000000000A4120000067077CBAC54CD401000000000000000002000000280000000000000000080040000000000000000000000000000000005E410000000000000100000001000000 "D:\Téléchargement\Jeux\elysee480.exe"=0x5341435001000000000000000700000028000000483B1B000000000001000000000000000000000A4120000067077CBAC54CD40100000000000000000200000028000000000000000008004000000000000000000000000000000000F3300000000000000100000001000000 "D:\Téléchargement\Jeux\farwhist162.exe"=0x5341435001000000000000000700000028000000AF151B000000000001000000000000000000000A4120000067077CBAC54CD401000000000000000002000000280000000000000000080040000000000000000000000000000000001A350000000000000100000001000000 "D:\Téléchargement\Jeux\FtSetup541.exe"=0x5341435001000000000000000700000028000000A2F620000000000001000000000000000000000A0021000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000AB510000000000000100000001000000 "D:\Téléchargement\Jeux\tetris.exe"=0x534143500100000000000000070000002800000082A80D000000000001000000000000000000000A0021000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000184A0000000000000100000001000000 "C:\Users\Philippe\Desktop\wlsetup-all.exe"=0x5341435001000000000000000700000028000000B09C4C0856434D080100000000000000000003067102000067077CBAC54CD40100000000000000000200000028000000000000000000005000000000000000000000000000000000D9950300000000000100000001000000 "D:\Téléchargement\Audio & Image & vidéos\Vidéos\FFSetupLatest.exe"=0x5341435001000000000000000700000028000000006D1B0012651C000100000000000000000002060001000067077CBAC54CD401000000000000000002000000280000000000000000000000000000000000000000000000000000002B650500000000000100000001000000 "D:\Téléchargement\Antivirus\unchecky_setup.exe"=0x5341435001000000000000000700000028000000A0BE14002E3015000100000000000000000003060001000067077CBAC54CD401000000000000000002000000280000000000000000000000000000000000000000000000000000000F2F0000000000000100000001000000 "C:\Users\Philippe\Desktop\adwcleaner_7.2.7.0.exe"=0x5341435001000000000000000700000028000000D0A46F000FD26F0001000000000000000000000A0021000067077CBAC54CD401000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000008D420200000000000800000008000000 "D:\Téléchargement\Antivirus\Trend micro antivirus en ligne.exe"=0x534143500100000000000000070000002800000028B52400BC5525000100000000000000000001067302000067077CBAC54CD40100000000000000000200000028000000000000000000004000000000000000000000000000000000AAF81A00000000000100000001000000 "C:\Program Files (x86)\KC Softwares\SUMo\SUMo.exe"=0x5341435001000000000000000700000028000000C0861F0084D11F0001000000000000000000000A6120000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000FABB0400000000000A0000000A000000 "C:\Users\Philippe\Desktop\Thunderbird Setup 60.5.0.exe"=0x5341435001000000000000000700000028000000983EEA01188CEA0101000000000000000000000A0021000067077CBAC54CD401000000000000000002000000280000000000000000000000000000000000000000000000000000005DCF0F00000000000100000001000000 "C:\Program Files (x86)\CrystalDiskInfo\DiskInfo32.exe"=0x5341435001000000000000000700000028000000A07A2B00A8722C0001000000000000000000000A0021000067077CBAC54CD401000000000000000002000000280000000000000000000040000000000000000000000000000000003B250000000000000200000002000000 "C:\Users\Philippe\Desktop\ZHPDiag3.exe"=0x534143500100000000000000070000002800000080D130005BC2310001000000000000000000000A0021000067077CBAC54CD40100000000000000000200000028000000000000000000004000000000000000000000000000000000967B1100000000000200000002000000 "SIGN.MEDIA=4055C6E Install.exe"=0x534143500100000000000000070000002800000034A60202DB0013000100000000000000000002060021000067077CBAC54CD40100000000000000000200000028000000000000000000004000000000000000000000000000000000024E0300000000000200000002000000 "C:\Program Files (x86)\Ciel\Comptes Personnels\WCP.exe"=0x534143500100000000000000070000002800000000E01200000000000100000000000000000002067120000067077CBAC54CD401000000000000000002000000280000000000000000000000001000000000000000000000000000003D660300000000000400000004000000 "C:\Users\Philippe\Desktop\ZHPFix2.exe"=0x534143500100000000000000070000002800000080E5190097E5190001000000000000000000000A0021000067077CBAC54CD40100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000BB1F0700000000000400000004000000 "C:\Users\Philippe\AppData\Roaming\ZHP\ZHPFix2.exe"=0x534143500100000000000000070000002800000080E5190097E5190001000000000000000000000A0021000067077CBAC54CD40100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000C0FC0300000000000300000003000000 "C:\Users\Philippe\AppData\Roaming\ZHP\ZHPDiag3.exe"=0x534143500100000000000000070000002800000080D130005BC2310001000000000000000000000A0021000067077CBAC54CD4010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000093260000000000000100000001000000 "C:\Users\Philippe\Desktop\ZHPCleaner.exe"=0x534143500100000000000000070000002800000080833200322E330001000000000000000000000A0021000067077CBAC54CD40100000000000000000200000028000000000000000000004000000000000000000000000000000000C4400600000000000100000001000000 "C:\Program Files (x86)\Jeux de cartes\Bel Atout\belatout.exe"=0x534143500100000000000000070000002800000000661F000000000001000000000000000000000A4120000067077CBAC54CD4010000000000000000020000002800000000000000000000000000000000000000000000000000000019F94100000000000600000006000000 "C:\Program Files (x86)\OpenOffice 4\program\soffice.exe"=0x534143500100000000000000070000002800000000AAA8004340A90001000000000000000000000A7122000067077CBAC54CD4010000000000000000020000002800000000000000000000100000000000000000000000000000000056BD0300000000000800000008000000 "C:\Users\Philippe\Desktop\delfix_1.013.exe"=0x5341435001000000000000000700000028000000402C0C00C2D00C0001000000000000000000000A0021000067077CBAC54CD401000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000008F180200000000000200000002000000 "C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe"=0x53414350010000000000000007000000280000007088DC00A230DD0001000000000000000000000A7322000067077CBAC54CD4010000000000000000020000002800000000000000000000400000000000000000000000000000000072E80200000000000200000002000000 "C:\Program Files\VS Revo Group\Revo Uninstaller\unins000.exe"=0x5341435001000000000000000700000028000000C9C514000000000001000000000000000000000A0021000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000595C0000000000000100000001000000 "C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe"=0x5341435001000000000000000700000028000000884D88002EAD880001000000000000000000000A0021000067077CBAC54CD4010000000000000000 "D:\Captvty\Captvty.exe"=0x534143500100000000000000070000002800000000023B000000000001000000000000000000000A7122000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000D9B88500000000000600000006000000 "C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.1.30.0_x64__htrsf667h5kn2\win32\SupportAssistAppWire.exe"=0x534143500100000000000000070000002800000070DF00009E6F010001000000000000000000000A7522000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000B36D0900000000000100000001000000 "C:\Program Files\Dell\QuickSet\DPMLite.exe"=0x5341435001000000000000000700000028000000002A4F000000000001000000000000000000000A7522000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000AD410000000000000400000004000000 "C:\Program Files\Dell\Dell Help & Support\Dell Help & Support.exe"=0x534143500100000000000000070000002800000068030B00B02B0B0001000000000000000000000A7522000067077CBAC54CD4010000000000000000020000002800000000000000000000000000000000000000000000000000000064E90700000000000600000006000000 "C:\Program Files (x86)\Dell Digital Delivery\DeliveryTray.exe"=0x5341435001000000000000000700000028000000F0D00900EF350A0001000000000000000000000A7122000067077CBAC54CD4010000000000000000020000002800000000000000000000000000000000000000000000000000000063910000000000000300000003000000 "C:\Program Files (x86)\Dell\Update\DellUpdate.exe"=0x534143500100000000000000070000002800000078744E002D4A4F0001000000000000000000000A7522000067077CBAC54CD4010000000000000000020000002800000000000000000000000000000000000000000000000000000097510400000000000300000003000000 "C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Media Suite\CMSLauncher.exe"=0x5341435001000000000000000700000028000000B8C50200506C030001000000000000000000000A7122000067077CBAC54CD40100000000000000000200000028000000000000008000000000000000000000000000000000000000D25B0200000000000100000001000000 "C:\Program Files\Dell\Dell Product Registration\ProductRegistration.exe"=0x534143500100000000000000070000002800000028925500CB48560001000000000000000000000A7522000067077CBAC54CD401000000000000000002000000280000000000000000000000000000000000000000000000000000006A250000000000000100000001000000 "C:\Program Files\GIMP 2\bin\gimp-2.10.exe"=0x5341435001000000000000000700000028000000686173004F5E740001000000000000000000000A0021000067077CBAC54CD4010000000000000000020000002800000000000000000000000000000000000000000000000000000017D80200000000000300000003000000 "C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"=0x5341435001000000000000000700000028000000D05D0300E1A0030001000000000000000000000A0021000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000D3CF1700000000002800000028000000 "C:\Program Files (x86)\Jeux de cartes\Élysée\elysee.exe"=0x534143500100000000000000070000002800000000B818000000000001000000000000000000000A4120000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000B2641100000000000200000002000000 "C:\Program Files (x86)\Jeux de cartes\Far Whist\farwhist.exe"=0x534143500100000000000000070000002800000000DA19000000000001000000000000000000000A4120000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000DA940E00000000000300000003000000 "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe"=0x5341435001000000000000000700000028000000E04D0A0070170B0001000000000000000000000A7122000067077CBAC54CD401000000000000000002000000280000000000000080000040000000000000000000000000000000003A3A0000000000000100000001000000 "C:\Program Files (x86)\PhotoFiltre 7\PhotoFiltre7.exe"=0x5341435001000000000000000700000028000000001435000000000001000000000000000000000A6120000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000F8530100000000000100000001000000 "SIGN.IE=05F818 SupportAssistInstaller.exe"=0x534143500100000000000000070000002800000018F80500745406000100000000000000000003060001000067077CBAC54CD40100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000A64A0000000000000100000001000000 "C:\Program Files\Dell\QuickSet\quickset.exe"=0x5341435001000000000000000700000028000000D0617700C402780001000000000000000000000A7322000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000CB000000000000000200000002000000 "C:\Program Files (x86)\Tetris\tetris.exe"=0x534143500100000000000000070000002800000000EA1D000000000001000000000000000000000A0021000067077CBAC54CD4010000000000000000020000002800000000000000000000000000000000000000000000000000000009432000000000000200000002000000 "C:\Program Files (x86)\OpenOffice 4\program\swriter.exe"=0x534143500100000000000000070000002800000000B004001E5B050001000000000000000000000A7122000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000B7000100000000000100000001000000 "C:\Program Files (x86)\Dell Customer Connect\DCCTrayApp.exe"=0x5341435001000000000000000700000028000000F0CC1000B6BE110001000000000000000000000A7122000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000BC0D0000000000000200000002000000 "C:\Users\Philippe\Downloads\Windows-KB890830-x64-V5.69.exe"=0x534143500100000000000000070000002800000020F4A002102CA10201000000000000000000000A0021000067077CBAC54CD401000000000000000002000000280000000000000000000040000000000000000000000000000000002D160C00000000000100000001000000 "C:\Users\Philippe\Desktop\QuickDiag.exe"=0x534143500100000000000000070000002800000098214A00D8C84A0001000000000000000000000A0021000067077CBAC54CD40100000000000000000200000028000000000000000000004000000000000000000000000000000000DD3E0000000000000100000001000000 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=131945326049309098 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=windowsdefender:// "ProductType"=2 "InstallTime"=0x0BAEC82B93C3D401 "InstallLocation"=C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\ "OOBEInstallTime"=0x7D796D8594C3D401 "ManagedDefenderProductType"=0 "ProductStatus"=0 "BackupLocation"=C:\Program Files\Windows Defender "DisableAntiSpyware"=0 "DisableAntiVirus"=0 "ReportingGUID"=E148AEEF-870E-EC59-FCD5-7F81E35A050E [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) [HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001] : AF_UNIX [HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001] : AF_UNIX [HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001] : AF_UNIX [HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001] : AF_UNIX ---------- | Hosts # unchecky_begin # These rules were added by the Unchecky program in order to block advertising software modules 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com [64] More lines ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [216.58.206.238] avec 32 octets de donn?es?: R?ponse de 216.58.206.238?: octets=32 temps=29 ms TTL=55 R?ponse de 216.58.206.238?: octets=32 temps=29 ms TTL=55 R?ponse de 216.58.206.238?: octets=32 temps=29 ms TTL=55 R?ponse de 216.58.206.238?: octets=32 temps=30 ms TTL=55 Statistiques Ping pour 216.58.206.238: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 29ms, Maximum = 30ms, Moyenne = 29ms ---------- | @ [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=%11%\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Default_Page_URL"=http://dell15.msn.com/?pc=DCTE "DisableFirstRunCustomize"=3 "ImageStoreRandomFolder"=4ibpld4 "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "OperationalData"=13 "CompatibilityFlags"=0 "SearchBandMigrationVersion"=1 "FullScreen"=no "Start Page_TIMESTAMP"=0xCF565E3203CAD401 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"= "IE10RunOnceLastShown"=1 "IE10RunOnceLastShown_TIMESTAMP"=0xE1C0C03A03CAD401 "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3E0000003E000000EE040000E1020000 "DownloadWindowPlacement"=0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "CertificateRevocation"=1 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "ZonesSecurityUpgrade"=0x8049C38303B8D101 "WarnonZoneCrossing"=0 "LockDatabase"=131945331772893540 [HKLM\Software\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "TabProcGrowth"=Medium [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [15/09/2018 08:28:50] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={7315C58A-DB2D-4DFF-B8CF-E725889378DC} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={7315C58A-DB2D-4DFF-B8CF-E725889378DC} ---------- | Extensions ---------- | SearchScopes [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - https://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRDLC1&src=IE11TR&pc=DCTE : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRDLC1&src=IE11TR&pc=DCTE : ---------- | Browser Helper Objects ---------- | Chrome ---------- | Opera ---------- | Firefox [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.6] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll C:\Users\Philippe\AppData\Roaming\Mozilla\Firefox\Profiles\d51fu730.default\Prefs.js user_pref("browser.startup.homepage", "https://fr-fr.facebook.com/login/"); user_pref("browser.startup.homepage_override.buildID", "20190211233335"); user_pref("browser.startup.homepage_override.mstone", "65.0.1"); user_pref("devtools.webextensions.{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.enabled", true); user_pref("extensions.blocklist.lastModified", "Wed, 20 Feb 2019 17:38:08 GMT"); user_pref("extensions.blocklist.pingCountTotal", 10); user_pref("extensions.blocklist.pingCountVersion", 10); user_pref("extensions.databaseSchema", 28); user_pref("extensions.getAddons.cache.lastUpdate", 1550833881); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.lastAppBuildId", "20190211233335"); user_pref("extensions.lastAppVersion", "65.0.1"); user_pref("extensions.lastPlatformVersion", "65.0.1"); user_pref("extensions.pendingOperations", false); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"directory\":\"{78a71532-4617-4876-a9a5-ba2b04122f7d}\",\"addons\":{\"fxmonitor@mozilla.org\":{\"version\":\"2.8\"}}}"); user_pref("extensions.ui.dictionary.hidden", true); user_pref("extensions.ui.lastCategory", "addons://discover/"); user_pref("extensions.ui.locale.hidden", true); user_pref("extensions.webcompat.perform_injections", true); user_pref("extensions.webcompat.perform_ua_overrides", true); user_pref("extensions.webextensions.uuids", "{\"formautofill@mozilla.org\":\"beaf6f8a-2f7b-42a7-810e-267dfcf7ff7f\",\"screenshots@mozilla.org\":\"c540bb08-da09-49aa-a5bc-dcdb23550fc8\",\"webcompat-reporter@mozilla.org\":\"dc6f5a4b-ce71-4970-ad6a-781522f2efc9\",\"webcompat@mozilla.org\":\"229b07da-ddba-425e-a550-fe70f374ba80\",\"{1018e4d6-728f-4b20-ad56-37578a4de76b}\":\"4b412485-d448-4768-80a2-e79f522cb6f7\",\"{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}\":\"fcb4bfa1-1f80-4d7b-bf3d-e18527744a20\",\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":\"3e9aa112-2366-4ad9-8364-ce988e6c15ff\",\"fxmonitor@mozilla.org\":\"98669a03-6a9a-402c-b9f4-57fe02d8daa2\"}"); [Profile0] - Name=default -> Profiles/d51fu730.default ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{1536027a-dc8e-46be-9878-b72f0ec35f4b}] "DhcpNameServer"=192.168.1.1 192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{1536027a-dc8e-46be-9878-b72f0ec35f4b}] "DhcpNameServer"=192.168.1.1 192.168.1.1 ---------- | Applications [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\SOFTWARE\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DcomLaunch DeviceInstall SystemEventsBroker "rdxgroup"=RetailDemo "Camera"=FrameS "LocalServiceNoNetworkFirewall"=BFE mpssvc "diagnostics"=DiagSvc "PrintWorkflow"=PrintWorkflowUserSvc "wusvcs"=WaaSMedicSvc "BcastDVRUserService"=BcastDVRUserService "GraphicsPerfSvcGroup"=GraphicsPerfSvc "ClipboardSvcGroup"=cbdhsvc "BthAppGroup"=BluetoothUserService "smbsvcs"=lanmanserver browser "DevicesFlow"=ConsentUxUserSvc DevicesFlowUserSvc DevicePickerUserSvc [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=DcomLaunch DeviceInstall "PrintWorkflow"=PrintWorkflowUserSvc "smbsvcs"=lanmanserver ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\2BrightSparks] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\AMD] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\AppDataLow] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\ATI] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Canon] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Clients] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Crystal Office] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\CyberLink] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\DropboxUpdate] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\FreeTime] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Google] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Intel] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\KC Softwares] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Malwarebytes] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Microsoft] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Mozilla] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\OpenOffice] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\PhotoFiltre 7] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Policies] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Realtek] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\RegisteredApplications] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\sysinternals] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\The Document Foundation] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Unchecky] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Waves Audio] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Wow6432Node] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\ZHP] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Microsoft\Windows\AssignedAccessConfiguration] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Microsoft\Windows\Winlogon] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\AMD] [HKLM\Software\ATI] [HKLM\Software\ATI Technologies] [HKLM\Software\Canon] [HKLM\Software\Clients] [HKLM\Software\Creative Tech] [HKLM\Software\DefaultUserEnvironment] [HKLM\Software\DELL] [HKLM\Software\Dell Computer Corporation] [HKLM\Software\Dell Inc.] [HKLM\Software\Dolby] [HKLM\Software\DTS] [HKLM\Software\Fortemedia] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\LibreOffice] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\mozilla.org] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nuance] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Partner] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Setup] [HKLM\Software\SRS Labs] [HKLM\Software\sysinternals] [HKLM\Software\The Document Foundation] [HKLM\Software\VideoLAN] [HKLM\Software\Waves Audio] [HKLM\Software\WOW6432Node] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\DWM] [HKLM\Software\Microsoft\Windows\DynamicManagement] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\Heat] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\UpdateApi] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BcastDVRUserService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\btagservice] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BthAppGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ClipboardSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] [HKLM\Software\WOW6432Node\2BrightSparks] [HKLM\Software\WOW6432Node\Adobee] [HKLM\Software\WOW6432Node\ATI] [HKLM\Software\WOW6432Node\ATI Technologies] [HKLM\Software\WOW6432Node\Canon] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\Dell] [HKLM\Software\WOW6432Node\Dropbox] [HKLM\Software\WOW6432Node\DropboxUpdate] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Lake] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OpenOffice] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Sage] [HKLM\Software\WOW6432Node\Unchecky] [HKLM\Software\WOW6432Node\Waves Audio] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\Heat] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\UpdateApi] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] ---------- | Drives D: ---------- | C: [13/02/2019 11:53:47] - |SHD| - [44103221] - C:\$Recycle.Bin [13/02/2019 10:58:53] - |HD| - [89175935] - C:\$SysReset [16/02/2019 19:40:27] - |D| - [6177] - C:\AdwCleaner [13/02/2019 12:28:17] - |D| - [140792667] - C:\AMD [27/05/2016 19:52:10] - |D| - [276615613] - C:\Apps [27/05/2016 20:21:25] - |D| - [0] - C:\backup [MD5.0DBACCF6F62484244F6A48B7584019A8] - [30/10/2015 09:13:43] - |RASH| - (.-.) - [400228] - (0.0.0.0) - C:\bootmgr [13/02/2019 12:27:58] - |SHD| - [17372] - C:\Config.Msi [MD5.0F8294606179FABE12BACD86CAD16D0E] - [15/02/2019 10:41:57] - |A| - (.-.) - [290] - (0.0.0.0) - C:\DelFix.txt [06/11/2015 16:48:05] - |D| - [8357] - C:\Dell [13/02/2019 12:57:27] - |SHD| - [0] - C:\Documents and Settings [27/05/2016 19:22:09] - |D| - [7829655] - C:\Drivers [MD5.D41D8CD98F00B204E9800998ECF8427E] - [13/02/2019 12:51:53] - |ASH| - (.-.) - [3390636032] - (0.0.0.0) - C:\hiberfil.sys [13/02/2019 12:27:21] - |D| - [65979] - C:\Intel [06/11/2015 16:07:49] - |D| - [0] - C:\langpacks [08/03/2018 19:28:52] - |RHD| - [469807592] - C:\MSOCache [MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/05/2016 19:10:56] - |ASH| - (.-.) - [1342177280] - (0.0.0.0) - C:\pagefile.sys [13/02/2019 11:53:47] - |D| - [0] - C:\PerfLogs [13/02/2019 11:53:47] - |RD| - [6206063778] - C:\Program Files [13/02/2019 11:53:47] - |RD| - [3142329198] - C:\Program Files (x86) [13/02/2019 11:53:47] - |HD| - [1880201911] - C:\ProgramData [22/02/2019 19:49:23] - |D| - [68685] - C:\QuickDiag [MD5.D5B2F8ED601A638A8FAF00854E65C53B] - [22/02/2019 19:49:53] - |A| - (.-.) - [159161] - (0.0.0.0) - C:\QuickDiag.txt [27/05/2016 11:34:55] - |D| - [4336506476] - C:\Recovery [MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/05/2016 10:23:34] - |ASH| - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys [27/05/2016 10:23:32] - |SHD| - [0] - C:\System Volume Information [13/02/2019 11:37:28] - |RD| - [3104308038] - C:\Users [13/02/2019 11:37:28] - |D| - [33629641399] - C:\Windows ---------- | C:\WINDOWS [13/02/2019 11:53:47] - |D| - [802] - C:\WINDOWS\addins [13/02/2019 11:53:47] - |D| - [6865730] - C:\WINDOWS\appcompat [13/02/2019 11:53:47] - |D| - [8413418] - C:\WINDOWS\apppatch [13/02/2019 11:53:47] - |D| - [0] - C:\WINDOWS\AppReadiness [13/02/2019 11:53:47] - |RSD| - [699349603] - C:\WINDOWS\assembly [13/02/2019 11:53:47] - |D| - [740161] - C:\WINDOWS\bcastdvr [MD5.49D0AD393AE0B1EE7F3A3DD81B54BFBF] - [15/09/2018 08:28:22] - |N| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [78848] - (10.0.17763.1) - C:\WINDOWS\bfsvc.exe [13/02/2019 11:53:47] - |D| - [39062106] - C:\WINDOWS\Boot [MD5.A248981D737BD04DEA5A9A180886F277] - [13/02/2019 12:10:25] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [13/02/2019 11:53:47] - |D| - [2449912] - C:\WINDOWS\Branding [13/02/2019 11:43:59] - |D| - [0] - C:\WINDOWS\CbsTemp [MD5.CF3E29654BE0667A8750A62F8D8B7D9E] - [27/05/2016 11:35:36] - |A| - (.-.) - [6662] - (0.0.0.0) - C:\WINDOWS\comsetup.log [13/02/2019 11:53:47] - |D| - [26474456] - C:\WINDOWS\Containers [MD5.F59060E298148DE24DEBB3E8321C4407] - [30/10/2015 10:06:35] - |A| - (.-.) - [31816] - (0.0.0.0) - C:\WINDOWS\CoreSingleLanguage.xml [MD5.E0685B9AFB42DA71A73C71973522AABD] - [27/05/2016 19:24:47] - |A| - (.-.) - [12] - (0.0.0.0) - C:\WINDOWS\csup.txt [13/02/2019 11:53:47] - |D| - [11482410] - C:\WINDOWS\Cursors [13/02/2019 11:53:47] - |D| - [483472] - C:\WINDOWS\debug [30/10/2015 08:24:24] - |RD| - [0] - C:\WINDOWS\DesktopTileResources [MD5.EF82B304067EDCF3CF990A42DE93B695] - [27/05/2016 11:35:36] - |A| - (.-.) - [9510] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [13/02/2019 11:53:47] - |D| - [4241520] - C:\WINDOWS\diagnostics [MD5.EF82B304067EDCF3CF990A42DE93B695] - [27/05/2016 11:35:36] - |A| - (.-.) - [9510] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [13/02/2019 11:59:42] - |D| - [0] - C:\WINDOWS\DigitalLocker [MD5.1EB68D248F09AADB94D32CD2B606F451] - [13/02/2019 15:05:23] - |A| - (.-.) - [199] - (0.0.0.0) - C:\WINDOWS\DirectX.log [13/02/2019 11:53:47] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files [MD5.BCF119FA224C4D9AD4BF1E34CBC93BCD] - [27/05/2016 11:03:19] - |A| - (.-.) - [27296] - (0.0.0.0) - C:\WINDOWS\DPINST.LOG [MD5.7D4FF06FAE42D28B8A6FB013B123AB4E] - [13/02/2019 11:56:11] - |A| - (.-.) - [3951] - (0.0.0.0) - C:\WINDOWS\DtcInstall.log [13/02/2019 11:53:47] - |HD| - [67520] - C:\WINDOWS\ELAMBKUP [13/02/2019 11:59:42] - |D| - [0] - C:\WINDOWS\en-US [MD5.D033CC75DD4CC0856E89B2A87559C2CC] - [11/01/2019 13:27:00] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4245280] - (10.0.17763.107) - C:\WINDOWS\explorer.exe [13/02/2019 12:08:27] - |D| - [6960320] - C:\WINDOWS\Firmware [13/02/2019 11:53:47] - |RSD| - [449862372] - C:\WINDOWS\Fonts [13/02/2019 15:08:12] - |D| - [117440] - C:\WINDOWS\fr [13/02/2019 11:59:42] - |D| - [110080] - C:\WINDOWS\fr-FR [13/02/2019 11:53:47] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter [13/02/2019 11:53:47] - |D| - [53332899] - C:\WINDOWS\Globalization [13/02/2019 11:53:47] - |D| - [1265149] - C:\WINDOWS\Help [MD5.860149040BEF4711189158FE4505E6C6] - [15/09/2018 08:29:17] - |N| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1065472] - (10.0.17763.1) - C:\WINDOWS\HelpPane.exe [MD5.1CECEE8D02A8E9B19D3A1A65C7A2B249] - [15/09/2018 08:29:18] - |N| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.17763.1) - C:\WINDOWS\hh.exe [13/02/2019 11:53:47] - |D| - [29869] - C:\WINDOWS\IdentityCRL [13/02/2019 11:53:47] - |D| - [28822422] - C:\WINDOWS\IME [13/02/2019 11:53:47] - |RD| - [8775013] - C:\WINDOWS\ImmersiveControlPanel [13/02/2019 11:52:04] - |D| - [115660465] - C:\WINDOWS\INF [13/02/2019 11:53:47] - |D| - [38126462] - C:\WINDOWS\InputMethod [13/02/2019 11:53:47] - |SHD| - [1178454234] - C:\WINDOWS\Installer [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/02/2019 19:57:49] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\invcol.tmp [13/02/2019 11:53:47] - |D| - [94163] - C:\WINDOWS\L2Schemas [13/02/2019 11:53:47] - |HD| - [0] - C:\WINDOWS\LanguageOverlayCache [13/02/2019 11:53:47] - |D| - [0] - C:\WINDOWS\LiveKernelReports [13/02/2019 11:53:47] - |D| - [175225668] - C:\WINDOWS\Logs [MD5.D15DFC1FC94E5BD39CBAFF93888FB99B] - [13/02/2019 12:21:28] - |A| - (.-.) - [1378] - (0.0.0.0) - C:\WINDOWS\lsasetup.log [13/02/2019 11:53:47] - |RSD| - [20517644] - C:\WINDOWS\media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [15/09/2018 08:28:57] - |N| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [13/02/2019 11:53:47] - |RD| - [796316116] - C:\WINDOWS\Microsoft.NET [13/02/2019 11:53:47] - |D| - [3135] - C:\WINDOWS\Migration [13/02/2019 11:53:47] - |D| - [0] - C:\WINDOWS\ModemLogs [MD5.782877B30735ABD1EAE241F13145F664] - [15/09/2018 08:28:56] - |N| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [254464] - (10.0.17763.1) - C:\WINDOWS\notepad.exe [13/02/2019 12:01:04] - |D| - [199472] - C:\WINDOWS\OCR [13/02/2019 11:53:47] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [13/02/2019 11:37:22] - |D| - [131157617] - C:\WINDOWS\Panther [13/02/2019 15:07:29] - |D| - [0] - C:\WINDOWS\PCHEALTH [13/02/2019 11:53:47] - |D| - [3149] - C:\WINDOWS\Performance [MD5.F6ADE1E4BB306B4ED56005F7A3C88759] - [13/02/2019 12:51:55] - |A| - (.-.) - [42216] - (0.0.0.0) - C:\WINDOWS\PFRO.log [13/02/2019 11:53:47] - |D| - [1136442] - C:\WINDOWS\PLA [13/02/2019 11:53:47] - |D| - [2882721] - C:\WINDOWS\PolicyDefinitions [13/02/2019 11:53:47] - |D| - [24599576] - C:\WINDOWS\prefetch [13/02/2019 11:53:47] - |RD| - [1910255] - C:\WINDOWS\PrintDialog [13/02/2019 11:53:47] - |D| - [5419464] - C:\WINDOWS\Provisioning [30/10/2015 08:24:24] - |RD| - [0] - C:\WINDOWS\PurchaseDialog [MD5.A3668018735B59050AD123A5A8CDC184] - [11/01/2019 13:27:43] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [358400] - (10.0.17763.168) - C:\WINDOWS\regedit.exe [13/02/2019 11:53:47] - |D| - [1095144] - C:\WINDOWS\Registration [13/02/2019 11:53:47] - |D| - [5268720] - C:\WINDOWS\rescache [13/02/2019 11:53:47] - |D| - [3688658] - C:\WINDOWS\Resources [MD5.870E99A7A28191DDD10F3A60E85B4028] - [08/08/2016 11:22:32] - |A| - (.Copyright (C) Realtek Semiconductor Corp. - RtCRU.) - [4340744] - (1.13.0.0) - C:\WINDOWS\RtCRU64.exe [MD5.429D9EEB1DA2386625DF4601CC1C875A] - [27/05/2016 11:00:28] - |A| - (.Copyright (C) 2015 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2825944] - (1.0.6.5) - C:\WINDOWS\RtlExUpd.dll [13/02/2019 11:53:47] - |D| - [0] - C:\WINDOWS\SchCache [13/02/2019 11:53:47] - |D| - [122082] - C:\WINDOWS\schemas [13/02/2019 11:53:47] - |D| - [3651652] - C:\WINDOWS\security [13/02/2019 12:21:36] - |D| - [159192198] - C:\WINDOWS\ServiceProfiles [13/02/2019 11:53:47] - |D| - [0] - C:\WINDOWS\ServiceState [13/02/2019 11:37:28] - |D| - [267726855] - C:\WINDOWS\servicing [13/02/2019 12:01:44] - |D| - [42] - C:\WINDOWS\Setup [MD5.40638D58E6184DE2EE9EA47176B66B38] - [13/02/2019 14:07:53] - |A| - (.-.) - [1700] - (0.0.0.0) - C:\WINDOWS\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [13/02/2019 14:07:53] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\setuperr.log [13/02/2019 11:53:47] - |D| - [6752256] - C:\WINDOWS\ShellComponents [13/02/2019 11:53:47] - |D| - [52901376] - C:\WINDOWS\ShellExperiences [30/10/2015 10:05:57] - |D| - [0] - C:\WINDOWS\ShellNew [13/02/2019 11:53:47] - |D| - [3070736] - C:\WINDOWS\SKB [27/05/2016 10:32:30] - |D| - [45143498] - C:\WINDOWS\SoftwareDistribution [13/02/2019 11:53:47] - |D| - [86038209] - C:\WINDOWS\Speech [13/02/2019 11:53:47] - |D| - [63949381] - C:\WINDOWS\Speech_OneCore [MD5.A5F344522764898F2086DBE32464C334] - [15/09/2018 08:28:24] - |N| - (.© Microsoft Corporation. - Print driver host for applications.) - [132096] - (10.0.17763.1) - C:\WINDOWS\splwow64.exe [13/02/2019 11:53:47] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [30/10/2015 08:24:29] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [13/02/2019 11:37:28] - |D| - [20202648534] - C:\WINDOWS\System32 [13/02/2019 11:53:47] - |D| - [203857580] - C:\WINDOWS\SystemApps [13/02/2019 11:53:48] - |D| - [26493319] - C:\WINDOWS\SystemResources [13/02/2019 11:53:48] - |D| - [1560263608] - C:\WINDOWS\SysWOW64 [13/02/2019 11:53:48] - |D| - [0] - C:\WINDOWS\TAPI [30/10/2015 08:24:25] - |D| - [2426] - C:\WINDOWS\Tasks [13/02/2019 11:53:48] - |D| - [295401259] - C:\WINDOWS\Temp [13/02/2019 11:53:48] - |D| - [14425088] - C:\WINDOWS\TextInput [13/02/2019 11:53:48] - |D| - [0] - C:\WINDOWS\tracing [13/02/2019 11:53:48] - |D| - [14885693] - C:\WINDOWS\twain_32 [MD5.4B8ED4EF819DC87A2DC108EF60504FE9] - [15/09/2018 08:29:28] - |N| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [64512] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [13/02/2019 11:53:48] - |D| - [12420] - C:\WINDOWS\Vss [13/02/2019 11:53:48] - |D| - [28874] - C:\WINDOWS\WaaS [13/02/2019 11:53:48] - |D| - [19516569] - C:\WINDOWS\Web [MD5.23CF8138F49416231807E6DE371FB9E6] - [30/10/2015 08:24:29] - |A| - (.-.) - [92] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [15/09/2018 08:28:58] - |H| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.2CC83D93DD1DDE691158CF5E9882420B] - [13/02/2019 12:57:39] - |A| - (.-.) - [276] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.351FDCE5B7CDE5009C768FFDA64B5E57] - [15/09/2018 08:29:27] - |N| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.17763.1) - C:\WINDOWS\winhlp32.exe [13/02/2019 11:37:28] - |D| - [6721440518] - C:\WINDOWS\WinSxS [MD5.907AE50A03DEEC4CFFDC70EA3D5AD4D8] - [31/03/2014 21:34:22] - |A| - (.© 2012 Microsoft Corporation. Tous droits réservés. - Écran de veille de la Galerie de photos.) - [322248] - (16.4.3528.331) - C:\WINDOWS\WLXPGSS.SCR [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [15/09/2018 08:38:26] - |N| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.10F2BC4209233AB34BDA602967D0F798] - [15/09/2018 08:29:24] - |N| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.17763.1) - C:\WINDOWS\write.exe [13/02/2019 19:55:43] - |D| - [17127936] - C:\WINDOWS\{E9E39016-F1A4-4947-BF49-E0DACA61F95C} ---------- | C:\WINDOWS\System32\GroupPolicy ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [12/08/2015 23:10:34] - C:\WINDOWS\Installer\10d65.msi : (AMD Catalyst Install Manager Installer (64 bit) - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2015 23:08:20] - C:\WINDOWS\Installer\10d69.msi : (PX Profile Update - AMD) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/08/2013 19:26:24] - C:\WINDOWS\Installer\10d6d.msi : (Branding - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2015 23:04:02] - C:\WINDOWS\Installer\10d71.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2015 23:04:12] - C:\WINDOWS\Installer\10d75.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2015 23:04:20] - C:\WINDOWS\Installer\10d79.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2015 23:04:30] - C:\WINDOWS\Installer\10d7d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2015 23:04:40] - C:\WINDOWS\Installer\10d81.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2015 23:04:50] - C:\WINDOWS\Installer\10d85.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2015 23:04:58] - C:\WINDOWS\Installer\10d89.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2015 23:05:08] - C:\WINDOWS\Installer\10d8d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2015 23:05:16] - C:\WINDOWS\Installer\10d91.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2015 23:05:26] - C:\WINDOWS\Installer\10d95.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2015 23:05:34] - C:\WINDOWS\Installer\10d99.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2015 23:05:42] - C:\WINDOWS\Installer\10d9d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2015 23:05:52] - C:\WINDOWS\Installer\10da1.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2015 23:06:02] - C:\WINDOWS\Installer\10da5.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2015 23:06:10] - C:\WINDOWS\Installer\10da9.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2015 23:06:18] - C:\WINDOWS\Installer\10dad.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2015 23:06:30] - C:\WINDOWS\Installer\10db1.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2015 23:03:50] - C:\WINDOWS\Installer\10db6.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/06/2015 16:00:32] - C:\WINDOWS\Installer\10dbb.msi : (OEM Application Profile - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/02/2019 14:51:15] - C:\WINDOWS\Installer\11006c.msi : (Product Registration - Dell Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/02/2019 18:10:17] - C:\WINDOWS\Installer\242a4b66.msi : (Dell Help & Support - Dell Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [02/11/2017 23:08:54] - C:\WINDOWS\Installer\242a4b81.msi : (Intel® WiFi - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/10/2017 16:31:36] - C:\WINDOWS\Installer\242a4cef.msi : (Intel® WiFi - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/11/2017 10:24:56] - C:\WINDOWS\Installer\242a4cf4.msi : (Intel(R) ME UninstallLegacy - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/11/2017 00:55:12] - C:\WINDOWS\Installer\242a4d38.msi : (Intel(R) Management Engine Driver - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/11/2017 00:53:54] - C:\WINDOWS\Installer\242a4d3d.msi : (Intel(R) Management Engine Components - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/11/2017 00:54:18] - C:\WINDOWS\Installer\242a4d54.msi : (Microsoft VC++ redistributables repacked. - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/11/2017 00:54:26] - C:\WINDOWS\Installer\242a4d59.msi : (Microsoft VC++ redistributables repacked. - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/11/2017 00:54:58] - C:\WINDOWS\Installer\242a4d92.msi : (Intel(R) Management Engine Components - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/10/2017 17:53:22] - C:\WINDOWS\Installer\242a4d9e.msi : (Intel(R) Trusted Connect Service Client x64 - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/10/2017 17:50:02] - C:\WINDOWS\Installer\242a4dc3.msi : (Intel(R) Trusted Connect Service Client x86 - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/04/2016 21:49:32] - C:\WINDOWS\Installer\242a4eea.msi : (Intel(R) Rapid Storage Technology - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/08/2015 23:48:50] - C:\WINDOWS\Installer\2e869.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/08/2015 09:49:46] - C:\WINDOWS\Installer\2e86e.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/09/2015 04:51:46] - C:\WINDOWS\Installer\2e884.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/08/2015 09:31:28] - C:\WINDOWS\Installer\2e889.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/06/2015 13:44:34] - C:\WINDOWS\Installer\2e88e.msi : (Intel(R) Chipset Device Software - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/02/2019 19:55:42] - C:\WINDOWS\Installer\3c2f70.msi : ([ProductName] - Dell Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/02/2019 13:26:47] - C:\WINDOWS\Installer\49943.msi : (Dell Customer Connect Installer - Dell Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/10/2017 01:51:16] - C:\WINDOWS\Installer\4bd1b.msi : (AMD Settings - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/10/2017 01:58:40] - C:\WINDOWS\Installer\4bd20.msi : (AMD Settings - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/02/2019 13:01:41] - C:\WINDOWS\Installer\570d7.msi : (Product Registration - Dell Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/11/2018 17:05:58] - C:\WINDOWS\Installer\64398.msi : (LibreOffice 6.0 - The Document Foundation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/10/2018 04:07:56] - C:\WINDOWS\Installer\643c3.msi : (OpenOffice 4.1.6 - OpenOffice) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/02/2019 12:56:49] - C:\WINDOWS\Installer\911f23.msi : ( - Ciel) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/09/2015 02:27:00] - C:\WINDOWS\Installer\9a7d.msi : (QuickSet - Dell Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/09/2015 04:37:58] - C:\WINDOWS\Installer\9a85.msi : (Blank Project Template - Waves Audio Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/05/2015 00:25:00] - C:\WINDOWS\Installer\9a99.msi : (Intel® Security Assist - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2015 03:18:56] - C:\WINDOWS\Installer\9a9d.msi : (Intel(R) Serial IO - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/06/2015 20:20:50] - C:\WINDOWS\Installer\9abb.msi : (Intel(R) Wireless Bluetooth(R) Patch/Audio Package Installation - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/06/2015 01:27:24] - C:\WINDOWS\Installer\9ac3.msi : (Dell Digital Delivery Installer - Dell Products, LP) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/02/2019 14:58:47] - C:\WINDOWS\Installer\9ba2743.msi : (Dell SupportAssist - Dell Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/08/2017 22:54:05] - C:\WINDOWS\Installer\aff5a4.msi : (Dropbox 20 GB - Dropbox, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/02/2019 14:02:42] - C:\WINDOWS\Installer\cfedd2.msi : (Dropbox Update Helper - Dropbox, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [15/09/2018 08:29:16] - [3329] - C:\WINDOWS\System32\ieuinit.inf [27/05/2016 10:48:20] - [1773222] - C:\WINDOWS\System32\PerfStringBackup.INI [15/09/2018 08:28:56] - [60124] - C:\WINDOWS\System32\tcpmon.ini [15/09/2018 08:28:42] - [2404] - C:\WINDOWS\System32\WimBootCompress.ini [15/09/2018 08:29:28] - [3329] - C:\WINDOWS\Syswow64\ieuinit.inf [27/05/2016 11:00:35] - [1878476] - C:\WINDOWS\Syswow64\PerfStringBackup.INI [15/09/2018 08:29:07] - [2404] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.AE77714CA8F5E1E088651DA8F9915B6C] - |A| - [13/02/2019 13:01:34] - (.-.) - [16 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\30CC.tmp [MD5.FFD9CBD96A81EE63539BA2F0FAA7F0FF] - |A| - [13/02/2019 19:52:54] - (.-.) - [7.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\40b0f44d-f1f6-4b88-9bf8-ed322b01f597_Devices_inspiron-17-5759-laptop.gz [MD5.00000000000000000000000000000000] - |D| - [19/02/2019 20:12:56] - [0 Ko] - C:\WINDOWS\Temp\676402B6-9E0E-41CE-AC27-8EFF5CA3FF7A-Sigs [MD5.B3BD71D0CB2219CAF215DA9006AF0F53] - |A| - [13/02/2019 13:01:50] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\6E64.tmp [MD5.AE9BC8625660F8C64A98F42541C4F823] - |A| - [13/02/2019 19:52:55] - (.-.) - [53.5 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\a66e101c-0c39-48da-b6df-98ad2e7ddfa7_Catalog_Apps.xml [MD5.9AD212B7E19690E665D9781D718A8393] - |A| - [13/02/2019 12:36:58] - (.-.) - [0.93 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\ASPNETSetup_00000.log [MD5.9BB032CACF0B96C2D7F353329EE672FE] - |A| - [13/02/2019 12:37:00] - (.-.) - [0.94 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\ASPNETSetup_00001.log [MD5.DD04D40AE6747A677ADFFAED2EFBC7A1] - |A| - [16/02/2019 14:59:26] - (.-.) - [3.88 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AutoUpdateScheduler.xml [MD5.4D170333E618F62517BDA5577BAD09AB] - |A| - [13/02/2019 19:52:54] - (.-.) - [2.67 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\d5672fdd-bcaf-4283-9338-7198b33b9719_Drivers_inspiron-17-5759-laptop.gz [MD5.C996D7971C49252C582171D9380360F2] - |A| - [14/02/2019 19:58:13] - (.-.) - [14.49 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DBUtil_2_3.Sys [MD5.33D24CE43A0A04B134244A27D0317DAF] - |A| - [13/02/2019 12:26:29] - (.-.) - [15.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\dd_vcredist_amd64_20190213122629.log [MD5.3B33601BB08F00C37FDD91B8F97975EE] - |A| - [13/02/2019 12:26:29] - (.-.) - [176.02 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\dd_vcredist_amd64_20190213122629_000_vcRuntimeMinimum_x64.log [MD5.E6554E8FA6CF186A64EFA02223488B85] - |A| - [13/02/2019 12:26:31] - (.-.) - [193.44 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\dd_vcredist_amd64_20190213122629_001_vcRuntimeAdditional_x64.log [MD5.FD1CE52C45713A0B202F4FFF2E2CE1D5] - |A| - [13/02/2019 12:28:38] - (.-.) - [10.89 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\dd_vcredist_amd64_20190213122838.log [MD5.28455EACD361C5B5CCE7F770003C7E1A] - |A| - [13/02/2019 12:25:48] - (.-.) - [15.64 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\dd_vcredist_x86_20190213122548.log [MD5.AE848B26BF3965656B02EA79FDF76E6F] - |A| - [13/02/2019 12:26:05] - (.-.) - [174.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\dd_vcredist_x86_20190213122548_000_vcRuntimeMinimum_x86.log [MD5.1A7737968FC1CA42BD47C4AAD585960E] - |A| - [13/02/2019 12:26:27] - (.-.) - [199.15 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\dd_vcredist_x86_20190213122548_001_vcRuntimeAdditional_x86.log [MD5.16D060453E6F175D4B7BA02EAEFE3B37] - |A| - [13/02/2019 12:28:35] - (.-.) - [10.76 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\dd_vcredist_x86_20190213122835.log [MD5.2628822478D4FC67C99F416859FE002D] - |A| - [13/02/2019 12:58:44] - (.-.) - [9.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Dell Product Registration3_inspiron.xml [MD5.2628822478D4FC67C99F416859FE002D] - |A| - [13/02/2019 14:42:28] - (.-.) - [9.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Dell Product Registration4_inspiron.xml [MD5.2628822478D4FC67C99F416859FE002D] - |A| - [13/02/2019 14:53:08] - (.-.) - [9.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Dell Product Registration5_inspiron.xml [MD5.4B906E1A1EB82FEB6DD0FC7ECD9FE5B8] - |A| - [13/02/2019 13:00:44] - (.-.) - [3.88 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-RTEJFFC-20190213-1300.log [MD5.108702F7011AB722839A81E78C56FF7F] - |A| - [13/02/2019 13:00:44] - (.-.) - [5.54 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-RTEJFFC-20190213-1300a.log [MD5.DC4BF6BAB5E06F6412AD1500A611D258] - |A| - [13/02/2019 13:13:49] - (.-.) - [3.35 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-RTEJFFC-20190213-1313.log [MD5.D83BB5143022CCC3EE3BC6C06714320B] - |A| - [13/02/2019 13:19:27] - (.-.) - [3.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-RTEJFFC-20190213-1319.log [MD5.04B334B6B5E0C1A050955B1BF202E89E] - |A| - [13/02/2019 13:28:34] - (.-.) - [33.49 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-RTEJFFC-20190213-1328.log [MD5.44A14A95FA2ABDBE3F9B1084E45B3188] - |A| - [13/02/2019 13:37:38] - (.-.) - [26.26 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-RTEJFFC-20190213-1337.log [MD5.DD485679AE249B5C3DBEB02F9F042F76] - |A| - [13/02/2019 13:39:28] - (.-.) - [12.43 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-RTEJFFC-20190213-1339.log [MD5.2628822478D4FC67C99F416859FE002D] - |A| - [13/02/2019 13:11:31] - (.-.) - [9.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DFS-FW3_inspiron.xml [MD5.2628822478D4FC67C99F416859FE002D] - |A| - [13/02/2019 15:20:18] - (.-.) - [9.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DFS-FW4_inspiron.xml [MD5.E12378D6BE8A3E0665491FDAB5947AEF] - |A| - [13/02/2019 13:17:16] - (.-.) - [371.17 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DFSSetup.log [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 18:12:32] - [3.41 Ko] - C:\WINDOWS\Temp\DHS [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 13:23:24] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_alternativeTrace [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 13:23:24] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_aot [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 13:23:24] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_diag [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 13:23:24] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_miniTrace [MD5.AB1E3703A10D458C2E792682F0A06B6B] - |A| - [21/02/2019 18:10:10] - (.-.) - [2.59 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DLC_Debug_log.txt [MD5.21503E39CFE2E2A53FB23C831D53FA97] - |A| - [21/02/2019 18:10:10] - (.-.) - [1.58 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DLC_InstallationTool_Debug_log.txt [MD5.1AC28DD4FD1BFF64EB4EAC1237CD16DA] - |A| - [13/02/2019 19:52:53] - (.-.) - [3.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\ea2d1473-18fa-48e5-8ef6-92bd593a0db6_Catalog_Products.gz [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [13/02/2019 12:55:23] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\FXSAPIDebugLogFile.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [13/02/2019 12:55:22] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\FXSTIFFDebugLogFile.txt [MD5.1E09FED587F2E89C6DE01C9630FEA6BD] - |A| - [21/02/2019 18:20:13] - (.-.) - [116.5 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\IIF5C5B.tmp [MD5.64389A0395066697B2473181D0EB8EFE] - |A| - [21/02/2019 18:20:16] - (.-.) - [0.4 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\IIF6555.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 18:19:18] - [3857.71 Ko] - C:\WINDOWS\Temp\IIF8351.tmp [MD5.1E09FED587F2E89C6DE01C9630FEA6BD] - |A| - [21/02/2019 18:20:31] - (.-.) - [116.5 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\IIFA166.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 18:17:18] - [925.08 Ko] - C:\WINDOWS\Temp\IIFAEA0.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 18:17:18] - [76969.88 Ko] - C:\WINDOWS\Temp\IIFB038.tmp [MD5.E652543D52E590810477226B2BEB8395] - |A| - [21/02/2019 18:17:25] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\IIFCAE3.tmp [MD5.0C97AEA4D9FDFF0392317DFCE660B8AC] - |A| - [13/02/2019 12:27:26] - (.-.) - [5185.62 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\IIFEB43.tmp [MD5.16D87B9907DC4B82A48BBB66A3436EA8] - |A| - [13/02/2019 12:27:26] - (.-.) - [0.03 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\IIFEB45.tmp [MD5.1E09FED587F2E89C6DE01C9630FEA6BD] - |A| - [21/02/2019 18:17:34] - (.-.) - [116.5 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\IIFEC28.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 18:17:28] - [51.44 Ko] - C:\WINDOWS\Temp\Intel [MD5.90B0847473BC936CD6A71C9ED69DE309] - |A| - [21/02/2019 18:18:23] - (.-.) - [10.67 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Intel(R)_Trusted_Connect_Services_Client_20190221181823.log [MD5.67EC31731158284034C5BA4B4309014F] - |A| - [21/02/2019 18:18:45] - (.-.) - [204.86 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Intel(R)_Trusted_Connect_Services_Client_20190221181823_000_iclsClientInstaller_x64.log [MD5.F2AE314E13867C35B561B05E7C768AA7] - |A| - [21/02/2019 18:18:56] - (.-.) - [325.2 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Intel(R)_Trusted_Connect_Services_Client_20190221181823_001_iclsClientInstaller_x86.log [MD5.DE90B7A265545945DD16488F86BDD62B] - |A| - [21/02/2019 18:12:51] - (.-.) - [33.46 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Intel®_PROSet_Wireless_Software_20190221181251.log [MD5.A2B55A691C4A9034696D215F688DC20D] - |A| - [21/02/2019 18:13:22] - (.-.) - [282.67 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Intel®_PROSet_Wireless_Software_20190221181251_1_Driver.log [MD5.F456C77A1F973C20C546F2981738EBAE] - |A| - [21/02/2019 18:14:00] - (.-.) - [3506.68 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Intel®_PROSet_Wireless_Software_20190221181251_2_WiFi.log [MD5.532FF3FA2F889630ACA45B3016261FDD] - |A| - [21/02/2019 18:16:35] - (.-.) - [26.94 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Intel®_PROSet_Wireless_Software_20190221181635.log [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 18:17:00] - [3849.61 Ko] - C:\WINDOWS\Temp\iProInstLogs [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [13/02/2019 13:02:54] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\IS_6AA0.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [13/02/2019 14:40:42] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\IS_8F39.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [13/02/2019 13:42:06] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\IS_9F5D.tmp [MD5.1C66CF8F477D5022D6C3C2613558A0EC] - |A| - [13/02/2019 14:51:31] - (.-.) - [32.46 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\KSSetu2.log [MD5.2CBBA8D2BA125528143D767F1D045B8D] - |A| - [13/02/2019 13:01:49] - (.-.) - [1092.83 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\KSSetup.log [MD5.B0CFCFC51F09FD296F2B14901FBF15EF] - |A| - [13/02/2019 13:01:35] - (.-.) - [2.51 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\KS_Debug_log.txt [MD5.2740F3E635BFAD3E237057EDD3816FA4] - |A| - [13/02/2019 14:51:10] - (.-.) - [0.01 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\KS_InstallationLanguage.txt [MD5.6F2A0C273BB2EF6969AB524C72681C89] - |A| - [13/02/2019 13:01:36] - (.-.) - [2.09 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\KS_Installer_Debug_log.txt [MD5.2628822478D4FC67C99F416859FE002D] - |A| - [16/02/2019 17:43:46] - (.-.) - [9.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MDLC3_inspiron.xml [MD5.FDE7CCCDD8D9DC015E159DFEF1651E32] - |A| - [21/02/2019 18:11:22] - (.-.) - [32.81 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MDLCSetu2.log [MD5.8E9B4AB365B2054457C068F30C7DE52E] - |A| - [21/02/2019 18:10:24] - (.-.) - [4546.68 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MDLCSetup.log [MD5.8EBF23C1BDB7E609FDF42125D7B91A52] - |A| - [13/02/2019 13:11:39] - (.-.) - [86.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpCmdRun.log [MD5.11E14C9AD9E155DE51607C1CB060CB14] - |A| - [13/02/2019 13:16:47] - (.-.) - [174.7 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpSigStub.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [13/02/2019 13:36:48] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\ood_stream.x86.fr-fr.dat [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [13/02/2019 13:36:48] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\ood_stream.x86.x-none.dat [MD5.F127D1BECA3E8B0B3CC5126CE5505C98] - |A| - [21/02/2019 18:14:56] - (.-.) - [0.63 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\PanDhcpDnsInstall.txt [MD5.B321EFC0192A86BDF9DA4F098DA1B573] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.00D57B0F-01FA-B79F-08D6-878ED20C4C9B_5__.Public.AppUpdate.dat [MD5.1D913C0D7050AD18EEB8436B3D58AB70] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.0116DC02-781B-D1D1-FC1C-C80195511E17_5__.Public.AppUpdate.dat [MD5.8BE68D5D35B14C0D8006B2B9D603BB65] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.0251D65D-E887-28BD-A226-3ECD72FB59C6_5__.Public.AppUpdate.dat [MD5.08EDB1C093B905E88857AF24454B2FB4] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.0C8CF327-9D17-CCDE-18AF-DFF4F20070E5_5__.Public.AppUpdate.dat [MD5.88F7575A81CC694372BF425A5C0D1B70] - |A| - [13/02/2019 13:24:46] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.18DDC675-D472-0DB4-9563-7DF7C34F512C_5__.Public.AppUpdate.dat [MD5.01A655D7EF3F0B453B5CCA6760908A3B] - |A| - [13/02/2019 13:24:46] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.1FE89C0B-9BED-CC5D-7426-9E4025D6BDD9_5__.Public.AppUpdate.dat [MD5.686AC0B95CE067631269C3875AB5EA18] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.3BFD26C9-8DA9-B940-F638-55890012AAB4_5__.Public.AppUpdate.dat [MD5.8CECE6C79003FE0DC3C1561A1A417B7C] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.42493DE9-7734-949C-AD90-1D11F59F45CB_5__.Public.AppUpdate.dat [MD5.FB723D12B9D67471623CEA4467CBEA36] - |A| - [16/02/2019 17:19:41] - (.-.) - [0.81 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.464A5E92-41CB-03C3-2BF1-DED4D25308A3_5__.Public.AppUpdate.dat [MD5.68CD8CD20F25F3A6B7B4565345C5585F] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.49F33C48-B2DE-F82A-56F2-64425F298B84_5__.Public.AppUpdate.dat [MD5.DFC6E5D0F3F279CB75CDE165C768D439] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.4AF301E9-F5E0-C8BF-6B7C-938BDDDF84D5_5__.Public.AppUpdate.dat [MD5.0D94E6879FCA836CB2E70ECC659404B9] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.50611331-FE19-D366-B049-694B8AC9D758_5__.Public.AppUpdate.dat [MD5.7E299D53108F107361FF636F3178AC6E] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.557EA3BB-623E-ADD9-4DFB-629A8648A038_5__.Public.AppUpdate.dat [MD5.123113BDC6BF18FA9CD1A760B2C5E30E] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.558F5D32-0827-EB7B-6AD6-D5DB4138B3AA_5__.Public.AppUpdate.dat [MD5.2E1C9D4977A5B367A0377FFA34403235] - |A| - [13/02/2019 13:24:46] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.62B49C0A-499E-A02D-EBCB-EB168E148E52_5__.Public.AppUpdate.dat [MD5.AD62717DDA29041EBA8DCD4CE3E3CF12] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.664AA17A-2D25-0823-3315-3708FE16147A_5__.Public.AppUpdate.dat [MD5.3BF6242EB24F4A7F9502678B8B0217CD] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.674C4C14-7BAA-F782-E214-956DC3BEDF39_5__.Public.AppUpdate.dat [MD5.69C64CE75A9E89421D9E772F0531B2B5] - |A| - [13/02/2019 13:24:46] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.68BC3251-2D8B-A604-92BA-893638CA72EA_5__.Public.AppUpdate.dat [MD5.DEA94DFF43B5A64CFA75B853E3D641FF] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.68E019EB-0B92-5E08-5D86-9BFE6DBA8517_5__.Public.AppUpdate.dat [MD5.18000F5D17CBDD88DF7E0EA0743F16AD] - |A| - [13/02/2019 13:24:48] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.69F3BCAB-8975-C526-30F5-39FA70C77AD9_5__.Public.AppUpdate.dat [MD5.712DB93E76B2EEE4932FE169156891AC] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.6D151227-6BD9-726D-B30E-A8A018DCC82B_5__.Public.AppUpdate.dat [MD5.FE569B95CD7137C4A723B8C35BAFAB8C] - |A| - [13/02/2019 13:24:46] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.6DA3D5C0-A460-4E4E-3B2A-8530BC7CAFDA_5__.Public.AppUpdate.dat [MD5.ED9E71D6D0B941B6D65B6A60C9D5B239] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.81 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.6EA6FC2E-9305-586B-3411-02826D151533_5__.Public.AppUpdate.dat [MD5.D3046EF1CB7C7216C70EFA64A5B6E861] - |A| - [13/02/2019 13:24:46] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.70BC17F8-0AA7-CB35-CEE0-EF1B47A0FD3E_5__.Public.AppUpdate.dat [MD5.7FE9392CC2729699B61D7D817F6BFFAF] - |A| - [13/02/2019 13:24:46] - (.-.) - [0.73 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.754078EB-3A78-B444-5FC2-70DFE84EC4E5_5__.Public.AppUpdate.dat [MD5.F7EB1572E4030D16035F95ED3F343732] - |A| - [13/02/2019 13:24:46] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.7583E141-6210-5A36-BB89-80D0397C4721_5__.Public.AppUpdate.dat [MD5.4B87DC70501251926CDE9961AD0E71F0] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.97612282-D1E8-1D6A-9E92-C271E7F177EF_5__.Public.AppUpdate.dat [MD5.DB1F0C9FB2A1C868A6633E265AEFD8C1] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.75 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.9D4DED89-CABC-F4FB-8133-BC5EDB1C7EDA_5__.Public.AppUpdate.dat [MD5.4A38FA66AF3F8D12BD0D6516439131CD] - |A| - [13/02/2019 15:20:07] - (.-.) - [124.44 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.9N0866FS04W8_0__.Public.InstallAgent.dat [MD5.7B5996C5108849E4B1F823F90DD05E73] - |A| - [13/02/2019 15:20:15] - (.-.) - [131.81 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.9NBLGGH18846_0__.Public.InstallAgent.dat [MD5.66CB1939DE7839C77E5128EDDCEC128E] - |A| - [16/02/2019 20:26:36] - (.-.) - [51.88 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.9NHMG4BJKMDG_0__.Public.InstallAgent.dat [MD5.BC2CF7281B1FD0D7E5B1D635C1E70A31] - |A| - [13/02/2019 15:20:10] - (.-.) - [55.74 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.9NX2D8G1X4VK_0__.Public.InstallAgent.dat [MD5.D3921FA65F1F24B84E2D0DC1D76AD6BA] - |A| - [16/02/2019 17:49:44] - (.-.) - [72.5 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.9PL3B0VQLQQ8_0__.Public.InstallAgent.dat [MD5.724021118819056A73310040593B9982] - |A| - [13/02/2019 15:20:14] - (.-.) - [63.08 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.9WZDNCRCWFTB_0__.Public.InstallAgent.dat [MD5.1DEE0B6D071C67D1B89AF2DF3366207C] - |A| - [13/02/2019 15:20:12] - (.-.) - [98.19 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.9WZDNCRFHVFW_0__.Public.InstallAgent.dat [MD5.9585EE6E62D329860B19E68CB89D8708] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.A0D50492-A769-FCE9-8C5B-6DC60312B8E4_5__.Public.AppUpdate.dat [MD5.73F73D5B06CE9D43E452E68DDF0783A1] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.A715D489-C343-F20B-B22E-F8D749061B0C_5__.Public.AppUpdate.dat [MD5.A8D8686E95977E5175BD09ED8B11665F] - |A| - [13/02/2019 13:24:46] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.A8EA082C-1D8D-8EB4-4FB0-5516ED51695C_5__.Public.AppUpdate.dat [MD5.F6A06B7E355B50D3F21270B806A4006D] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.72 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.A90B8400-D36D-8235-8BF2-A21A53D3FB65_5__.Public.AppUpdate.dat [MD5.EFB55A0921E2A5EB0B306143332DBA9E] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.ADA26212-6E65-2F41-08F6-8A8E88987557_5__.Public.AppUpdate.dat [MD5.3D51B6539F12ECBB2C7485A74FAFC515] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.BAA0F9E7-E2C2-C973-EABD-02BBF7402934_5__.Public.AppUpdate.dat [MD5.1D4500A53F6811BF2E350BE49BC04969] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.75 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.BBFD7549-71AE-D8FD-9F58-2EF4C874B21C_5__.Public.AppUpdate.dat [MD5.802E5F84184EF2266F08F4A309496FC8] - |A| - [13/02/2019 13:24:48] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.DFBE09D0-1F22-A9C0-2D3D-3F4C6351E58F_5__.Public.AppUpdate.dat [MD5.D3A8C9D9D308379CE86B308BE4CDB93C] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.E336BB8F-16ED-7CBE-AFEE-971DD3041585_5__.Public.AppUpdate.dat [MD5.37A36238B1A78D174B3FC7680FA2F21B] - |A| - [13/02/2019 13:24:46] - (.-.) - [0.72 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.E6658C19-4221-2EBE-763A-F0493FBA2BB0_5__.Public.AppUpdate.dat [MD5.E12B200050058219FB0098A54DE91D08] - |A| - [13/02/2019 13:24:46] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.E6D3B497-80AF-7F14-F9E6-9606EE369FC3_5__.Public.AppUpdate.dat [MD5.E32CE48AEF8896F9A1D497D38731467E] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.EEE53744-2BB9-BCA2-A50A-C6A1C5B0A0ED_5__.Public.AppUpdate.dat [MD5.2B36D91D76F5742CFBAAC0010B575F29] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.FACF9DDE-1FF1-B57D-4D1D-CE479FDD42AF_5__.Public.AppUpdate.dat [MD5.AD27CD1B91148D140BD5249B942F1327] - |A| - [13/02/2019 13:24:47] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.FB06EF95-BC48-1A6A-26FB-4450CE9A5906_5__.Public.AppUpdate.dat [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [21/02/2019 18:12:47] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\SE_Setup.log [MD5.00000000000000000000000000000000] - |D| - [16/02/2019 14:58:38] - [2531.12 Ko] - C:\WINDOWS\Temp\SupportAssistAgent [MD5.3A696DBD1A68A556870C204865719787] - |A| - [16/02/2019 15:05:15] - (.-.) - [0.03 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tem110A.tmp [MD5.3A696DBD1A68A556870C204865719787] - |A| - [16/02/2019 15:04:27] - (.-.) - [0.03 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tem5367.tmp [MD5.25C915542CA8694B7AC03DA977B097C1] - |A| - [13/02/2019 12:49:46] - (.-.) - [0.17 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tem5B9E.tmp [MD5.3A696DBD1A68A556870C204865719787] - |A| - [16/02/2019 15:04:44] - (.-.) - [0.03 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tem9775.tmp [MD5.3A696DBD1A68A556870C204865719787] - |A| - [13/02/2019 13:23:55] - (.-.) - [0.03 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\temA81A.tmp [MD5.B13AF738AA8BE55154B2752979D76827] - |A| - [13/02/2019 12:22:55] - (.-.) - [0.2 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\temC57D.tmp [MD5.3A696DBD1A68A556870C204865719787] - |A| - [16/02/2019 15:05:08] - (.-.) - [0.03 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\temF555.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 12:00:00] - [0 Ko] - C:\WINDOWS\Temp\tw-2178-286c-22d642dd.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 12:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-2178-286c-22d64468.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 12:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-2178-286c-22d644c8.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 12:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-2178-286c-22d644d9.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 12:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-2178-286c-22d644fb.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 12:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-2178-286c-22d6451c.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 12:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-2178-286c-22d6452d.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 12:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-2178-286c-22d6453f.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 12:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-2178-286c-22d64560.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 12:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-2178-286c-22d64572.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 12:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-2178-286c-22d64593.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 12:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-2178-286c-22d645a5.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 12:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-2178-286c-22d645c6.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 12:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-2178-286c-22d645d8.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 12:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-2178-286c-22d645f9.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 12:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-2178-286c-22d6460b.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 12:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-2178-286c-22d6462c.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 12:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-2178-286c-22d6463d.tmp [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 12:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-2178-286c-22d6465f.tmp [MD5.00000000000000000000000000000000] - |D| - [20/02/2019 11:59:27] - [0 Ko] - C:\WINDOWS\Temp\tw-2950-2da8-1daf6598.tmp [MD5.00000000000000000000000000000000] - |D| - [20/02/2019 11:59:28] - [0 Ko] - C:\WINDOWS\Temp\tw-2950-2da8-1daf66e4.tmp [MD5.00000000000000000000000000000000] - |D| - [20/02/2019 11:59:28] - [0 Ko] - C:\WINDOWS\Temp\tw-2950-2da8-1daf6705.tmp [MD5.00000000000000000000000000000000] - |D| - [20/02/2019 11:59:28] - [0 Ko] - C:\WINDOWS\Temp\tw-2950-2da8-1daf6717.tmp [MD5.00000000000000000000000000000000] - |D| - [20/02/2019 11:59:28] - [0 Ko] - C:\WINDOWS\Temp\tw-2950-2da8-1daf6728.tmp [MD5.00000000000000000000000000000000] - |D| - [20/02/2019 11:59:28] - [0 Ko] - C:\WINDOWS\Temp\tw-2950-2da8-1daf673a.tmp [MD5.00000000000000000000000000000000] - |D| - [20/02/2019 11:59:28] - [0 Ko] - C:\WINDOWS\Temp\tw-2950-2da8-1daf674b.tmp [MD5.00000000000000000000000000000000] - |D| - [20/02/2019 11:59:28] - [0 Ko] - C:\WINDOWS\Temp\tw-2950-2da8-1daf675d.tmp [MD5.00000000000000000000000000000000] - |D| - [20/02/2019 11:59:28] - [0 Ko] - C:\WINDOWS\Temp\tw-2950-2da8-1daf67ad.tmp [MD5.00000000000000000000000000000000] - |D| - [20/02/2019 11:59:28] - [0 Ko] - C:\WINDOWS\Temp\tw-2950-2da8-1daf67bf.tmp [MD5.00000000000000000000000000000000] - |D| - [20/02/2019 11:59:28] - [0 Ko] - C:\WINDOWS\Temp\tw-2950-2da8-1daf67d0.tmp [MD5.00000000000000000000000000000000] - |D| - [20/02/2019 11:59:28] - [0 Ko] - C:\WINDOWS\Temp\tw-2950-2da8-1daf67e2.tmp [MD5.00000000000000000000000000000000] - |D| - [20/02/2019 11:59:28] - [0 Ko] - C:\WINDOWS\Temp\tw-2950-2da8-1daf67f4.tmp [MD5.00000000000000000000000000000000] - |D| - [20/02/2019 11:59:28] - [0 Ko] - C:\WINDOWS\Temp\tw-2950-2da8-1daf6805.tmp [MD5.00000000000000000000000000000000] - |D| - [20/02/2019 11:59:28] - [0 Ko] - C:\WINDOWS\Temp\tw-2950-2da8-1daf6817.tmp [MD5.00000000000000000000000000000000] - |D| - [20/02/2019 11:59:28] - [0 Ko] - C:\WINDOWS\Temp\tw-2950-2da8-1daf6829.tmp [MD5.00000000000000000000000000000000] - |D| - [20/02/2019 11:59:28] - [0 Ko] - C:\WINDOWS\Temp\tw-2950-2da8-1daf683a.tmp [MD5.00000000000000000000000000000000] - |D| - [20/02/2019 11:59:28] - [0 Ko] - C:\WINDOWS\Temp\tw-2950-2da8-1daf684c.tmp [MD5.00000000000000000000000000000000] - |D| - [20/02/2019 11:59:28] - [0 Ko] - C:\WINDOWS\Temp\tw-2950-2da8-1daf685d.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 19:07:56] - [0 Ko] - C:\WINDOWS\Temp\tw-88c-19e8-13c506a.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 19:07:56] - [0 Ko] - C:\WINDOWS\Temp\tw-88c-19e8-13c5233.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 19:07:56] - [0 Ko] - C:\WINDOWS\Temp\tw-88c-19e8-13c5264.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 19:07:56] - [0 Ko] - C:\WINDOWS\Temp\tw-88c-19e8-13c5285.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 19:07:56] - [0 Ko] - C:\WINDOWS\Temp\tw-88c-19e8-13c5297.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 19:07:56] - [0 Ko] - C:\WINDOWS\Temp\tw-88c-19e8-13c52c8.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 19:07:56] - [0 Ko] - C:\WINDOWS\Temp\tw-88c-19e8-13c52e9.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 19:07:56] - [0 Ko] - C:\WINDOWS\Temp\tw-88c-19e8-13c52fb.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 19:07:56] - [0 Ko] - C:\WINDOWS\Temp\tw-88c-19e8-13c52fd.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 19:07:56] - [0 Ko] - C:\WINDOWS\Temp\tw-88c-19e8-13c530e.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 19:07:56] - [0 Ko] - C:\WINDOWS\Temp\tw-88c-19e8-13c5320.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 19:07:56] - [0 Ko] - C:\WINDOWS\Temp\tw-88c-19e8-13c5332.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 19:07:56] - [0 Ko] - C:\WINDOWS\Temp\tw-88c-19e8-13c5343.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 19:07:56] - [0 Ko] - C:\WINDOWS\Temp\tw-88c-19e8-13c5355.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 19:07:56] - [0 Ko] - C:\WINDOWS\Temp\tw-88c-19e8-13c5367.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 19:07:56] - [0 Ko] - C:\WINDOWS\Temp\tw-88c-19e8-13c5369.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 19:07:56] - [0 Ko] - C:\WINDOWS\Temp\tw-88c-19e8-13c537a.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 19:07:56] - [0 Ko] - C:\WINDOWS\Temp\tw-88c-19e8-13c538c.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 19:07:56] - [0 Ko] - C:\WINDOWS\Temp\tw-88c-19e8-13c539d.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 11:23:53] - [0 Ko] - C:\WINDOWS\Temp\tw-fa4-20a0-27db8c21.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 11:23:53] - [0 Ko] - C:\WINDOWS\Temp\tw-fa4-20a0-27db8dbb.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 11:23:53] - [0 Ko] - C:\WINDOWS\Temp\tw-fa4-20a0-27db8dfc.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 11:23:53] - [0 Ko] - C:\WINDOWS\Temp\tw-fa4-20a0-27db8e1d.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 11:23:53] - [0 Ko] - C:\WINDOWS\Temp\tw-fa4-20a0-27db8e3e.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 11:23:53] - [0 Ko] - C:\WINDOWS\Temp\tw-fa4-20a0-27db8e6f.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 11:23:53] - [0 Ko] - C:\WINDOWS\Temp\tw-fa4-20a0-27db8ea0.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 11:23:53] - [0 Ko] - C:\WINDOWS\Temp\tw-fa4-20a0-27db8eb2.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 11:23:53] - [0 Ko] - C:\WINDOWS\Temp\tw-fa4-20a0-27db8ee2.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 11:23:54] - [0 Ko] - C:\WINDOWS\Temp\tw-fa4-20a0-27db8f13.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 11:23:54] - [0 Ko] - C:\WINDOWS\Temp\tw-fa4-20a0-27db8f25.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 11:23:54] - [0 Ko] - C:\WINDOWS\Temp\tw-fa4-20a0-27db8f37.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 11:23:54] - [0 Ko] - C:\WINDOWS\Temp\tw-fa4-20a0-27db8f48.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 11:23:54] - [0 Ko] - C:\WINDOWS\Temp\tw-fa4-20a0-27db8f79.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 11:23:54] - [0 Ko] - C:\WINDOWS\Temp\tw-fa4-20a0-27db8f9a.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 11:23:54] - [0 Ko] - C:\WINDOWS\Temp\tw-fa4-20a0-27db8fac.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 11:23:54] - [0 Ko] - C:\WINDOWS\Temp\tw-fa4-20a0-27db8fdd.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 11:23:54] - [0 Ko] - C:\WINDOWS\Temp\tw-fa4-20a0-27db8fee.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2019 11:23:54] - [0 Ko] - C:\WINDOWS\Temp\tw-fa4-20a0-27db9000.tmp [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 12:27:27] - [28.71 Ko] - C:\WINDOWS\Temp\VulkanRT [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 14:51:30] - [5909.13 Ko] - C:\WINDOWS\Temp\{05CCA552-5F1B-4C57-B78C-B6B3A11BD8F5} [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 18:11:20] - [3826.29 Ko] - C:\WINDOWS\Temp\{0C2F150E-0CFD-4D70-8F07-0818D26F0437} [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 13:01:37] - [31797.81 Ko] - C:\WINDOWS\Temp\{1F7511A6-46E1-4E15-9C89-D6858E241124} [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 13:01:21] - [69514.61 Ko] - C:\WINDOWS\Temp\{294A95B5-1964-4CEC-B6E4-06BC31BE6780} [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 14:40:41] - [1166.97 Ko] - C:\WINDOWS\Temp\{3CDB18FB-D5BD-4500-9A5D-FA5735531766} [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 13:02:54] - [1166.97 Ko] - C:\WINDOWS\Temp\{48356335-8FBE-4D5F-95B9-BC59F5827D80} [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 13:42:06] - [1166.97 Ko] - C:\WINDOWS\Temp\{68AB2109-6073-41A6-9EBB-794F3C5A06D6} [MD5.00000000000000000000000000000000] - |D| - [21/02/2019 18:09:59] - [0 Ko] - C:\WINDOWS\Temp\{7CFCFB75-49DB-4DF1-A1D7-CF03D5866294} [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 13:01:30] - [65566.71 Ko] - C:\WINDOWS\Temp\{AF196660-B5CE-42D2-B1DF-D6B2ECFBD734} [MD5.D41D8CD98F00B204E9800998ECF8427E] - |AT| - [13/02/2019 13:02:56] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\~DF3DB80487113420FD.TMP [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 15:21:00] - [1331.54 Ko] - C:\WINDOWS\Temp\~un0c451a09 [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:59:47] - [0 Ko] - C:\WINDOWS\System32\0409 [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |N| - [15/09/2018 08:28:43] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |N| - [15/09/2018 08:28:42] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |N| - [15/09/2018 08:28:30] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@BackgroundAccessToastIcon.png [MD5.3937359E324E15F6A7A7092D4DAEBD64] - |N| - [15/09/2018 08:28:50] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@bitlockertoastimage.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |N| - [15/09/2018 08:28:51] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@EnrollmentToastIcon.png [MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |N| - [15/09/2018 08:28:53] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@language_notification_icon.png [MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |N| - [15/09/2018 08:29:21] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@optionalfeatures.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |N| - [15/09/2018 08:28:56] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@VpnToastIcon.png [MD5.7AC3EA1A5175106ED6467FF0C5315541] - |N| - [15/09/2018 08:28:26] - (.-.) - [14.75 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WiFiNotificationIcon.png [MD5.79166EAF65485F1432DD72B72870026B] - |N| - [15/09/2018 08:29:13] - (.-.) - [190.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@windows-hello-V4.1.gif [MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |N| - [15/09/2018 08:29:13] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsHelloFaceToastIcon.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |N| - [15/09/2018 08:28:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-black.png [MD5.DAD405CBDE259DE527EBF71BCC28099C] - |N| - [15/09/2018 08:28:39] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-white.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |N| - [15/09/2018 08:28:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |N| - [15/09/2018 08:29:14] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WirelessDisplayToast.png [MD5.D0FCF781D0801ABF5F74B54E98076A5B] - |N| - [15/09/2018 08:28:36] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanNotificationIcon.png [MD5.85D91E478AF18125007C531227FF6E59] - |N| - [15/09/2018 08:28:36] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanSimLockIcon.png [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [2819.03 Ko] - C:\WINDOWS\System32\AdvancedInstallers [MD5.2865FAF366DE0D8023CA0B0BC8ADF30C] - |A| - [09/11/2017 05:19:40] - (.-.) - [0.14 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amd-vulkan64.json [MD5.89C43875B09B25089F13D4C7394810AB] - |A| - [09/11/2017 05:35:32] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon AMD AVE Driver Component.) - [137.34 Ko] - (23.20.768.12) - C:\WINDOWS\System32\amdave64.dll [MD5.4B10D8998C824DD84AD597F9E058F6F0] - |A| - [27/05/2016 19:47:00] - (.-.) - [171.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amde31a.dat [MD5.E3122ED87591AFB950C354D1422B2B46] - |A| - [09/11/2017 05:40:00] - (.-.) - [443.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdgfxinfo64.dll [MD5.B6D584A98B3A9B8B8DAD3E40FC5558FF] - |A| - [09/11/2017 05:36:02] - (.Copyright (C) 2013 - Universal Adapter for Adobe.) - [191.65 Ko] - (23.20.768.12) - C:\WINDOWS\System32\amdhcp64.dll [MD5.654F62BF3E74256B5DD81009DE539C93] - |A| - [27/05/2016 19:47:00] - (.-.) - [140.02 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdhdl64.dll [MD5.DDEB20626133878B0CE79CCE29B031B9] - |A| - [27/05/2016 19:47:00] - (.-.) - [814.26 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdicdxx.dat [MD5.E80CD58AC07AD5BE76B54DC35F44E2A6] - |A| - [09/11/2017 05:19:40] - (.-.) - [33.69 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AMDKernelEvents.man [MD5.22881E0348CD7F2CBDCC85FC304D9B80] - |A| - [09/11/2017 05:40:28] - (.Advanced Micro Devices, Inc. Copyright (C) 2015 - LiquidVR SDK 1.0.) - [862.91 Ko] - (1.0.12.0) - C:\WINDOWS\System32\amdlvr64.dll [MD5.640BB9DEED31ADF9142167D4FFF54864] - |A| - [09/11/2017 05:40:40] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MCL Universal Driver.) - [547.91 Ko] - (1.6.0.0) - C:\WINDOWS\System32\amdmcl64.dll [MD5.228F21F4E7FA3F458F4C5B51D73BE721] - |A| - [09/11/2017 05:36:02] - (.-.) - [548.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdmiracast.dll [MD5.7311A34A6730EF7F73580AE9E722CED5] - |A| - [27/05/2016 19:47:01] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MMOCL Universal Driver.) - [58.02 Ko] - (1.6.0.0) - C:\WINDOWS\System32\amdmmcl6.dll [MD5.FF86711771D6A2AA0943D08F76A5B66D] - |A| - [27/05/2016 19:47:05] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD COMPILER OpenCL 1.1 Compiler.) - [26900.51 Ko] - (0.8.0.0) - C:\WINDOWS\System32\amdocl12cl64.dll [MD5.28D20A1B19D84463488FA37E3DCBED32] - |A| - [27/05/2016 19:47:07] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 2.0 Runtime.) - [46674.02 Ko] - (10.0.1800.11) - C:\WINDOWS\System32\amdocl64.dll [MD5.36DE0768E4F01FA09C09DA89A6C4C81A] - |A| - [27/05/2016 19:47:10] - (.-.) - [1168.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdocl_as64.exe [MD5.64C0159EBC055ACF864D5EEA83894166] - |A| - [27/05/2016 19:47:10] - (.-.) - [1045.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdocl_ld64.exe [MD5.64B9A7543D330556A90672EBA0F0CCDD] - |A| - [09/11/2017 05:36:18] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [128.24 Ko] - (23.20.768.12) - C:\WINDOWS\System32\amdpcom64.dll [MD5.03BD752A7C80444CEF9EC45AABDBB6CE] - |A| - [09/11/2017 05:41:42] - (.Copyright (C) 2015 AMD Inc. - Vulkan driver, support for SI family and above.) - [13227.91 Ko] - (1.0.54.0) - C:\WINDOWS\System32\amdvlk64.dll [MD5.AB2730A89422174F816BD61AB9D1AB4D] - |A| - [09/11/2017 05:41:50] - (.Copyright (C) 2014-2017 AMD Inc. - amdxcstub64.dll.) - [119.41 Ko] - (8.18.10.209) - C:\WINDOWS\System32\amdxc64.dll [MD5.ED3A94580BBE89F1C3ADEB789E6C9D5E] - |A| - [09/11/2017 05:46:40] - (.Advanced Micro Devices, Inc. Copyright (C) 2017 - Advanced Media Framework.) - [2863.91 Ko] - (1.4.6.0) - C:\WINDOWS\System32\amfrt64.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [0 Ko] - C:\WINDOWS\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [2602.38 Ko] - C:\WINDOWS\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [354.5 Ko] - C:\WINDOWS\System32\ar-SA [MD5.FE6D792232F609743EABF2C089033651] - |N| - [15/09/2018 08:29:14] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [607.5 Ko] - (3.3.2.0) - C:\WINDOWS\System32\archiveint.dll [MD5.8D6A4C6E24D38EB1E63E489E488C37E0] - |A| - [09/11/2017 05:51:04] - (.© 2004 Advanced Micro Devices, Inc. - eRecord Message Resource File.) - [75.91 Ko] - (23.20.768.12) - C:\WINDOWS\System32\ati2erec.dll [MD5.E72767B15BF43E16EC5E687901FCA279] - |A| - [09/11/2017 05:51:04] - (.Copyright (C) 2008-2016 Advanced Micro Devices, Inc. - ADL.) - [1437.91 Ko] - (23.20.768.12) - C:\WINDOWS\System32\atiadlxx.dll [MD5.F2ED8ADB06637AC92B90C59183906BE5] - |A| - [09/11/2017 05:19:44] - (.-.) - [815.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atiapfxx.blb [MD5.D1F4A1C09E9FE029A8502B77D60C1758] - |A| - [27/05/2016 19:47:12] - (.Copyright (C) 2009 Advanced Micro Devices, Inc. - atiapfxx Application.) - [367.02 Ko] - (6.14.10.1001) - C:\WINDOWS\System32\atiapfxx.exe [MD5.598FA1EDE1113A539B1E0897A6122A81] - |A| - [27/05/2016 19:47:13] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [64.5 Ko] - (6.14.10.1848) - C:\WINDOWS\System32\aticalcl64.dll [MD5.EBCA63105E66646B60BE61882577207B] - |A| - [27/05/2016 19:47:14] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [15358.5 Ko] - (6.14.10.1848) - C:\WINDOWS\System32\aticaldd64.dll [MD5.FA822E6356EF126D4E6DA8F96634D0AE] - |A| - [27/05/2016 19:47:15] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [71.01 Ko] - (6.14.10.1848) - C:\WINDOWS\System32\aticalrt64.dll [MD5.BE3B381378E247F170EB22C2F5DD5E68] - |A| - [09/11/2017 05:51:26] - (.Copyright (C) 1998-2012 AMD Inc. - aticfxstub64.dll.) - [162.06 Ko] - (8.17.10.1573) - C:\WINDOWS\System32\aticfx64.dll [MD5.F85EE52FE2619BC9AFB7B2C464F4E63E] - |A| - [09/11/2017 05:51:30] - (.2002-2012 - Graphics DEM.) - [464.91 Ko] - (4.5.6508.34006) - C:\WINDOWS\System32\atidemgy.dll [MD5.D3EB18077F7D276704571DB909CFDC30] - |A| - [09/11/2017 05:51:36] - (.-.) - [122.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atidxx64.dll [MD5.20B444E362B35F168E2B8C58EB335027] - |A| - [09/11/2017 05:51:46] - (.-.) - [412.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atieah64.exe [MD5.623075AD82B2A11FBD58BB9035513D6A] - |A| - [09/11/2017 05:51:46] - (.Copyright © 2008-2009 AMD - AMD External Events Client Module.) - [699.41 Ko] - (23.20.768.12) - C:\WINDOWS\System32\atieclxx.exe [MD5.1E108A1759AAFA8624A85A663F529965] - |A| - [27/05/2016 19:47:16] - (.Copyright © 2008-2009 AMD - AMD External Events Service Module.) - [249.52 Ko] - (6.14.11.1199) - C:\WINDOWS\System32\atiesrxx.exe [MD5.3B6076EB6415F0CE4588119F5952AA26] - |A| - [27/05/2016 19:47:16] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [82.02 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\atig6pxx.dll [MD5.D6FACA331DB4C9CB4DE179D7D1E861BE] - |A| - [09/11/2017 05:51:56] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [234.91 Ko] - (23.20.768.12) - C:\WINDOWS\System32\atig6txx.dll [MD5.657752B7A114EC04548ED6C7139CB4A5] - |A| - [27/05/2016 19:47:16] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [78.01 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\atiglpxx.dll [MD5.079EFFD5BECB418FE6596229B28D7324] - |A| - [27/05/2016 19:47:16] - (.-.) - [720.13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atiicdxx.dat [MD5.CDDAF1AC0C9F5E015E2A1675E4B8E376] - |A| - [09/11/2017 05:36:44] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [128.24 Ko] - (23.20.768.12) - C:\WINDOWS\System32\atimpc64.dll [MD5.25F823D20213159CFBE342A7B2355274] - |A| - [09/11/2017 05:52:16] - (.Copyright ? 2009 AMD - Multi-language DPPE DLL.) - [129.91 Ko] - (23.20.768.12) - C:\WINDOWS\System32\atimuixx.dll [MD5.C788066E3885376CD4DC9FE28124FEA3] - |A| - [27/05/2016 19:47:18] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [30053.52 Ko] - (6.14.10.13399) - C:\WINDOWS\System32\atio6axx.dll [MD5.AB530E5AEB1439E6056318431242E553] - |A| - [27/05/2016 19:47:20] - (.Copyright (C) 2008 - ATIODCLI Application.) - [60.01 Ko] - (1.0.0.1) - C:\WINDOWS\System32\ATIODCLI.exe [MD5.AFAD4E6C588FCEC012DBBC354FF56105] - |A| - [27/05/2016 19:47:20] - (.Copyright (C) 2008 - ATIODE Application.) - [335.01 Ko] - (1.0.0.1) - C:\WINDOWS\System32\ATIODE.exe [MD5.2B82F0A31B9C1946756768A589E8C2EB] - |A| - [09/11/2017 05:52:40] - (.Copyright (c) 2010 Advanced Micro Devices, Inc. - Radeon spu api dll.) - [161.91 Ko] - (23.20.768.12) - C:\WINDOWS\System32\atisamu64.dll [MD5.872FB95FAE7F4CEA2C13427EF376F008] - |A| - [27/05/2016 19:47:22] - (.Copy Right © 2012 Advanced Micro Devices, Inc - TMM Clone Control Module.) - [195.02 Ko] - (6.14.11.25) - C:\WINDOWS\System32\atitmm64.dll [MD5.C41BDF260553C3E6C3DE7BF5C96E4F3F] - |A| - [27/05/2016 19:47:22] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [127.05 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\atiu9p64.dll [MD5.7266C4B811B19E2C27FCF7180C71E11E] - |A| - [27/05/2016 19:47:22] - (.Copyright (C) 1998-2011 AMD Inc. - atiumd64.dll.) - [8658.67 Ko] - (9.14.10.1128) - C:\WINDOWS\System32\atiumd64.dll [MD5.217343C00DF138E89183929EB727430B] - |A| - [09/11/2017 05:19:46] - (.-.) - [3357.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atiumd6a.cap [MD5.86FF358B3897557C88F0BCA1EB713D09] - |A| - [27/05/2016 19:47:23] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [8771.95 Ko] - (8.14.10.513) - C:\WINDOWS\System32\atiumd6a.dll [MD5.3D7B828EAA8794D745A85C9046203C9B] - |A| - [27/05/2016 19:47:26] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [159.95 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\atiuxp64.dll [MD5.EFA5E3D55F1CC185BC690B7D79D015A9] - |A| - [27/05/2016 19:47:26] - (.-.) - [98.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativce02.dat [MD5.B974290EEE645249EE212FF62DD0824A] - |A| - [27/05/2016 19:47:26] - (.-.) - [173.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativce03.dat [MD5.5EBC73A78E5903E7CE6F6B25E4A6BE8F] - |A| - [27/05/2016 19:47:26] - (.-.) - [228.93 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_cik.dat [MD5.C55D2CBC17AAE1FBAC9135E7C31A4D31] - |A| - [27/05/2016 19:47:26] - (.-.) - [227.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_cik_nd.dat [MD5.0770A5AB5218E6D3134A7A7239B9A216] - |A| - [27/05/2016 19:47:26] - (.-.) - [249.81 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_cz_nd.dat [MD5.A81F68A0D3387A06182EFA3880D3F0BD] - |A| - [27/05/2016 19:47:26] - (.-.) - [245 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_FJ.dat [MD5.7EE8F6853798F7A900DB15F3054A0277] - |A| - [27/05/2016 19:47:26] - (.-.) - [243.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_FJ_nd.dat [MD5.11355CAC5334C8999211C09CAAE194EF] - |A| - [27/05/2016 19:47:26] - (.-.) - [315.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_vi.dat [MD5.3544D6AF6E0C9783C2CF6FA9CE42D520] - |A| - [27/05/2016 19:47:26] - (.-.) - [313.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_vi_nd.dat [MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [09/11/2017 05:19:46] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [09/11/2017 05:19:46] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvsvl.dat [MD5.C03F0062C0749CDB59A4D60862C3E83E] - |N| - [15/09/2018 08:28:22] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AverageRoom.bin [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [347.5 Ko] - C:\WINDOWS\System32\bg-BG [MD5.705628497C0012302212A46ADD463E6E] - |N| - [15/09/2018 08:28:22] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-black.png [MD5.F63C615733A3337BF2BEA96C6EE9B568] - |N| - [15/09/2018 08:28:22] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-high.png [MD5.705628497C0012302212A46ADD463E6E] - |N| - [15/09/2018 08:28:22] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-white.png [MD5.DAF1DCB4AEE839A1965F4CC160C49A53] - |N| - [15/09/2018 08:28:22] - (.-.) - [8.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.png [MD5.28ECA83D7F9D10D69E969675D1FF6725] - |N| - [15/09/2018 08:28:22] - (.-.) - [1.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.contrast-white.png [MD5.A620186FF1CDE4EE117FC4CAD648B9CC] - |N| - [15/09/2018 08:28:22] - (.-.) - [1.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [5658.02 Ko] - C:\WINDOWS\System32\Boot [MD5.FF8455531929A7067F8A6267B34D2DB8] - |N| - [15/09/2018 08:28:42] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [181.5 Ko] - (1.0.0.1) - C:\WINDOWS\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [0.1 Ko] - C:\WINDOWS\System32\Bthprops [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:37:28] - [62172.83 Ko] - C:\WINDOWS\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [34402.79 Ko] - C:\WINDOWS\System32\catroot2 [MD5.A9A2E1953DC564525BB5F1F55FBC9CAD] - |A| - [09/11/2017 05:52:50] - (.-.) - [351.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\clinfo.exe [MD5.A20606552699E2EBAB380618CADAC024] - |A| - [06/06/2016 18:45:10] - (.-.) - [12.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\CNC1748D.TBL [MD5.022E082550DB4ABA33AAF06DD1C9048D] - |A| - [06/06/2016 18:45:10] - (.Copyright CANON INC. 2010 All Rights Reserved - WIA Scanner Driver 64-bit Edition.) - [1322.5 Ko] - (1.0.0.0) - C:\WINDOWS\System32\CNC5100C.dll [MD5.8E29A4B8746BB7146F420DDB3192F20C] - |A| - [06/06/2016 18:45:10] - (.Copyright CANON INC. 2010 All Rights Reserved - WIA Scanner Driver Image Enhancement dll 64-bit Edition.) - [109.5 Ko] - (1.0.0.0) - C:\WINDOWS\System32\CNC5100I.dll [MD5.2DC005681DEA0EB6E710940035DE9DE7] - |A| - [06/06/2016 18:45:10] - (.Copyright CANON INC. 2010 All Rights Reserved - LLD.) - [340.5 Ko] - (1.0.0.0) - C:\WINDOWS\System32\CNC5100L.dll [MD5.C219456E347CB66CA7A5B1E2ECE9A110] - |A| - [06/06/2016 18:45:00] - (.Copyright CANON INC. 2010 All Rights Reserved - Canon WIA scanner co-installer 64bit Edition.) - [101 Ko] - (3.1.1.50) - C:\WINDOWS\System32\CNC5100O.dll [MD5.493574E218AA18161D14EECFD572A0E8] - |A| - [06/06/2016 18:45:10] - (.Copyright CANON INC. 2007-2008 All Rights Reserved - Canon Device Dependent Informations for Scanner Library.) - [17.5 Ko] - (1.4.1.1) - C:\WINDOWS\System32\CNHMCA6.dll [MD5.CADD2A28BAE455036E9B85E2920F472D] - |A| - [06/06/2016 19:03:10] - (.Copyright CANON INC. 2007-2011 All Rights Reserved - IJ Language Monitor.) - [376 Ko] - (0.3.0.1) - C:\WINDOWS\System32\CNMXLMAD.DLL [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [1470.15 Ko] - C:\WINDOWS\System32\CodeIntegrity [MD5.3624F457E58B03FDEA782A471860DA73] - |A| - [27/05/2016 19:47:26] - (.AMD. - CoInstaller DLL.) - [855.51 Ko] - (1.0.5.9) - C:\WINDOWS\System32\coinst_15.20.dll [MD5.1071D139670D43DF313ACF7134FA055A] - |A| - [09/11/2017 05:52:54] - (.AMD. - CoInstaller DLL.) - [1220.41 Ko] - (1.0.5.9) - C:\WINDOWS\System32\coinst_17.40.dll [MD5.64430E214B5B229D426D2D35538C402D] - |A| - [27/05/2016 19:45:46] - (.-.) - [366.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ColorImageEnhancement.wmv [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [369.5 Ko] - C:\WINDOWS\System32\com [MD5.535884123FABC2C15AA7DEC9834B55D4] - |N| - [15/09/2018 08:28:22] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.contrast-white.png [MD5.89F92266DFC6F93961DFFBB2D6C61A15] - |N| - [15/09/2018 08:28:22] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.png [MD5.D411DB91FA3585456B25A18B9B3A3951] - |A| - [19/06/2017 03:18:20] - (.2013 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [127.94 Ko] - (1.0.0.4) - C:\WINDOWS\System32\CONEQMSAPOGUILibrary.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:37:28] - [291362.13 Ko] - C:\WINDOWS\System32\config [MD5.00000000000000000000000000000000] - |SD| - [13/02/2019 11:53:47] - [53.11 Ko] - C:\WINDOWS\System32\Configuration [MD5.B7D618A243BB6835F0CC131FFCBD39F7] - |A| - [22/03/2018 01:03:22] - (.-.) - [739.68 Ko] - (0.0.0.0) - C:\WINDOWS\System32\cp_resources.bin [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [405 Ko] - C:\WINDOWS\System32\cs-CZ [MD5.BDEBD2FC4927DA00EEA263AF9CF8F7ED] - |N| - [15/09/2018 08:29:14] - (.© 1996 - 2017 Daniel Stenberg, . - The curl executable.) - [414.5 Ko] - (7.55.1.0) - C:\WINDOWS\System32\curl.exe [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [400.5 Ko] - C:\WINDOWS\System32\da-DK [MD5.44C688E0013097CF8594C9145BF37631] - |A| - [23/01/2019 18:33:16] - (.-.) - [145 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DataStoreCacheDumpTool.exe [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [240.31 Ko] - C:\WINDOWS\System32\DDFs [MD5.30163CF43253A3D517705E521D510F61] - |A| - [19/06/2017 03:18:18] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [277.25 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPA64.dll [MD5.EBD59EC46FD2D18667D0519B27BC62A0] - |A| - [19/06/2017 03:18:22] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1945.09 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPD64A.dll [MD5.7C174F002E636EBFF42E58BF6E2237FE] - |A| - [19/06/2017 03:18:24] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [331.16 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPO64A.dll [MD5.CE65097EC9568016DEC4805F9AA48F20] - |A| - [19/06/2017 03:18:24] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6938.35 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPP64A.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [455.5 Ko] - C:\WINDOWS\System32\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |N| - [15/09/2018 08:28:30] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultAccountTile.png [MD5.618BA9E529EAB7E11DBA43469481835F] - |N| - [15/09/2018 08:28:22] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [13/02/2019 11:53:57] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultQuestions.json [MD5.851A9305E14B348CA0D9C7FB75391FDB] - |A| - [15/09/2018 08:28:39] - (.-.) - [272.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DesktopKeepOnToastImg.gif [MD5.4A6FA3C0EFD237F104E09A22883D9388] - |N| - [15/09/2018 08:28:44] - (.-.) - [3.85 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DetailedReading-Default.xml [MD5.C2B614B7B959EC55949F25C12D676070] - |A| - [09/11/2017 05:53:08] - (.-.) - [476.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\dgtrayicon.exe [MD5.00000000000000000000000000000000] - |SD| - [13/02/2019 11:53:47] - [925.5 Ko] - C:\WINDOWS\System32\DiagSvcs [MD5.BE6BCD1A0D8F8F8072996900200D4CF8] - |N| - [15/09/2018 08:28:38] - (.-.) - [82.01 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [9542.33 Ko] - C:\WINDOWS\System32\Dism [MD5.05790B699CB87A25816132090F5BB494] - |A| - [27/05/2016 11:32:17] - (.-.) - [36.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DISMLog.log [MD5.CACA5650C4B82C31136C22049F59F0C2] - |A| - [27/05/2016 19:45:50] - (.-.) - [823.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplayAudiox64.cab [MD5.6AB2B935BF38EB13CFCB9506223FD6E7] - |N| - [15/09/2018 08:28:22] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.contrast-white.png [MD5.FF004E0B30E5E4EC747B3D8EF6E3B89E] - |N| - [15/09/2018 08:28:22] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.png [MD5.60E6C68CB0B797EDD0386A68526935A4] - |A| - [27/05/2016 19:45:50] - (.-.) - [0.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DPTopologyApp.exe.config [MD5.899E708E589C09700BFF1C73CB7D7002] - |A| - [27/05/2016 19:45:50] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DPTopologyAppv2_0.exe.config [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:15] - [150423.81 Ko] - C:\WINDOWS\System32\drivers [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [0 Ko] - C:\WINDOWS\System32\DriverState [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:37:28] - [15802188.17 Ko] - C:\WINDOWS\System32\DriverStore [MD5.7DC2C9F560D59A51AF878E474A504493] - |A| - [13/02/2019 11:08:01] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth1.bin [MD5.95D4185ABB5BF1AF231A8012B1356623] - |A| - [13/02/2019 11:08:01] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth2.bin [MD5.205D231523C75763CA92905920AE3809] - |A| - [13/02/2019 11:08:01] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth3.bin [MD5.09018D6EF713769AB69BAFB85462E061] - |A| - [13/02/2019 11:08:01] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth4.bin [MD5.731FE7763018458DB4575E2A3CB541A3] - |A| - [13/02/2019 11:08:01] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth5.bin [MD5.E14B3BB7C6885D921518E4C374C180CD] - |A| - [13/02/2019 11:08:01] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth6.bin [MD5.13928E2C86AB65B403D997CFC41E72CF] - |A| - [13/02/2019 11:08:01] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth7.bin [MD5.BD3BED34633B920FAFC62643D054839E] - |A| - [13/02/2019 11:08:01] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth8.bin [MD5.00000000000000000000000000000000] - |DC| - [27/05/2016 10:45:35] - [101.77 Ko] - C:\WINDOWS\System32\DRVSTORE [MD5.00000000000000000000000000000000] - |SD| - [13/02/2019 11:53:47] - [161.5 Ko] - C:\WINDOWS\System32\dsc [MD5.2FF6B015990CFC9DF0F9CBAD7298EB5C] - |A| - [19/06/2017 03:18:26] - (.(c) DTS. - DTS Bass Enhancement COM DLL.) - [741.4 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSBassEnhancementDLL64.dll [MD5.F8880F969241C8E645D3B21AFEFB935D] - |A| - [19/06/2017 03:18:28] - (.(c) DTS. - DTS Boost COM DLL.) - [1494.97 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSBoostDLL64.dll [MD5.3891335F4E7714C15FEC8B7FC62B022D] - |A| - [19/06/2017 03:18:30] - (.(c) DTS. - DTS Gain Compensator COM DLL.) - [443.19 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSGainCompensatorDLL64.dll [MD5.8A6C394BEEAE1D9A734CA20FB84C3869] - |A| - [19/06/2017 03:18:32] - (.(c) DTS. - DTS GFX APO.) - [258.74 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSGFXAPO64.dll [MD5.15116808527714CC05634C1EDBBB4BA4] - |A| - [19/06/2017 03:18:32] - (.(c) DTS. - DTS GFX APO.) - [257.74 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSGFXAPONS64.dll [MD5.A0EF433D18289CEF704DE552DB1E0C0C] - |A| - [19/06/2017 03:18:34] - (.(c) DTS. - DTS LFX APO.) - [258.67 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSLFXAPO64.dll [MD5.EF26660CEE297A69D2F3223F009E2E98] - |A| - [19/06/2017 03:18:34] - (.(c) DTS. - DTS Limiter COM DLL.) - [447.26 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSLimiterDLL64.dll [MD5.7C7A1A9ABBC0BC406015BAA7E26DC173] - |A| - [19/06/2017 03:18:34] - (.(c) DTS. - DTS NEO:PC COM DLL.) - [505.32 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSNeoPCDLL64.dll [MD5.CF2EEE79EC51AE89AE025F627EA9D08B] - |A| - [19/06/2017 03:18:34] - (.(c) DTS. - DTS Surround Sensation Headphone COM DLL.) - [1575.88 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSS2HeadphoneDLL64.dll [MD5.AD739BC45B0E488C37E2A90EED6245BF] - |A| - [19/06/2017 03:18:34] - (.(c) DTS. - DTS Surround Sensation Speaker COM DLL.) - [1762.62 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSS2SpeakerDLL64.dll [MD5.ACCE295C8E27EA19B33719B6F0913D4E] - |A| - [19/06/2017 03:18:36] - (.(c) DTS. - DTS Symmetry COM DLL.) - [725.11 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSSymmetryDLL64.dll [MD5.82751F8D50F911C0BC355F75F9FDD697] - |A| - [19/06/2017 03:18:36] - (.(c) DTS. - DTS Voice Clarity COM DLL.) - [706.26 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSVoiceClarityDLL64.dll [MD5.DF84EB7B44D1414284BA384F0061D1DC] - |N| - [15/09/2018 08:28:22] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicLong.bin [MD5.346870077DFD18867A9693C7A59AA3E6] - |N| - [15/09/2018 08:28:22] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicMedium.bin [MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |N| - [15/09/2018 08:28:22] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicShort.bin [MD5.10C38E1CA0D664F58E8B9F3645885E1D] - |A| - [13/02/2019 11:07:56] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\WINDOWS\System32\edgehtmlpluginpolicy.bin [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [460 Ko] - C:\WINDOWS\System32\el-GR [MD5.A9F083D6168A0E96D94FF215310609FB] - |A| - [13/02/2019 12:56:10] - (.-.) - [22.57 Ko] - (0.0.0.0) - C:\WINDOWS\System32\emptyregdb.dat [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:59:47] - [0 Ko] - C:\WINDOWS\System32\en [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [325.5 Ko] - C:\WINDOWS\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [1647.03 Ko] - C:\WINDOWS\System32\en-US [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [435 Ko] - C:\WINDOWS\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [360.5 Ko] - C:\WINDOWS\System32\es-MX [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [319.5 Ko] - C:\WINDOWS\System32\et-EE [MD5.00000000000000000000000000000000] - |SD| - [13/02/2019 11:53:47] - [16905.14 Ko] - C:\WINDOWS\System32\F12 [MD5.4DED57BD7ACB9B0EBBE82034EC44645A] - |A| - [15/09/2018 08:28:26] - (.-.) - [43.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastBulldogImg.png [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [405.5 Ko] - C:\WINDOWS\System32\fi-FI [MD5.A08B87CC51FB774ED45FDF4284B1974F] - |A| - [27/05/2016 19:45:50] - (.-.) - [626.49 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FilmModeDetection.wmv [MD5.1E536E8B0E1556AEA55366D515A498D0] - |A| - [13/02/2019 12:21:25] - (.-.) - [626.27 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:59:47] - [3403.5 Ko] - C:\WINDOWS\System32\fr [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [370.5 Ko] - C:\WINDOWS\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [46536.1 Ko] - C:\WINDOWS\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [0 Ko] - C:\WINDOWS\System32\FxsTmp [MD5.8CB20A912223D731564380EB3A9B2D80] - |A| - [09/11/2017 05:53:24] - (.-.) - [455.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameManager64.dll [MD5.41FD64AE28A0C932CA7B2A250993D675] - |N| - [15/09/2018 08:28:22] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.contrast-white.png [MD5.6DC77FD8B062264AF1C6DA325ABB7010] - |N| - [15/09/2018 08:28:22] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.png [MD5.2E6AF4D5BF6E31E728F409984C3045D4] - |N| - [15/09/2018 08:29:23] - (.-.) - [86.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\gatherNetworkInfo.vbs [MD5.899E708E589C09700BFF1C73CB7D7002] - |A| - [27/05/2016 19:45:51] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Gfxv2_0.exe.config [MD5.60E6C68CB0B797EDD0386A68526935A4] - |A| - [27/05/2016 19:45:52] - (.-.) - [0.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Gfxv4_0.exe.config [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [13/02/2019 12:27:22] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GfxValDisplayLog.bin [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [0 Ko] - C:\WINDOWS\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [0 Ko] - C:\WINDOWS\System32\GroupPolicyUsers [MD5.EA99A87E98D995DE6E280CF85CEAD413] - |N| - [15/09/2018 08:28:22] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.contrast-white.png [MD5.B8E586ED92DB703FFA480E254996160E] - |N| - [15/09/2018 08:28:22] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [329 Ko] - C:\WINDOWS\System32\he-IL [MD5.6E9E9D56B192B2995493E529CFF2BBFE] - |N| - [15/09/2018 08:28:22] - (.-.) - [1.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.contrast-white.png [MD5.7F1E9502267F778F3A8139C35A352190] - |N| - [15/09/2018 08:28:22] - (.-.) - [1.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.png [MD5.202A07E4526B050E22624328E64E0470] - |N| - [15/09/2018 08:28:22] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.contrast-white.png [MD5.1892ACC10CAC009BCAC146AD650ABA58] - |N| - [15/09/2018 08:28:22] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.png [MD5.031713BFD5F30E63336D3CA5D2767BE9] - |N| - [15/09/2018 08:28:22] - (.-.) - [1.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.contrast-white.png [MD5.C1BD7976C99830E33A713D02374054EC] - |N| - [15/09/2018 08:28:22] - (.-.) - [1.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.png [MD5.9270BD94661CE72F98F5B0BB9D184D15] - |N| - [15/09/2018 08:28:34] - (.-.) - [256.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [336.5 Ko] - C:\WINDOWS\System32\hr-HR [MD5.1AD2BA5B34C27AE3C30C320F82727D09] - |A| - [09/11/2017 05:53:26] - (.-.) - [278.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\hsa-thunk64.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [412.5 Ko] - C:\WINDOWS\System32\hu-HU [MD5.E092D70A1D2D6E2CE75071A0A12EC06C] - |N| - [15/09/2018 08:29:24] - (.-.) - [37.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HvSocket.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [160.64 Ko] - C:\WINDOWS\System32\hydrogen [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [5.36 Ko] - C:\WINDOWS\System32\ias [MD5.4E8DC385E4272D240107F7FAAA5AFB6D] - |N| - [15/09/2018 08:28:36] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1812.5 Ko] - (61.1.0.0) - C:\WINDOWS\System32\icuin.dll [MD5.18FDD8D8C5BFA9B1767C2BFE97E74090] - |N| - [15/09/2018 08:28:36] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1315.5 Ko] - (61.1.0.0) - C:\WINDOWS\System32\icuuc.dll [MD5.AB2D50B6F3C665B55C8E5A049D59E7CC] - |A| - [27/05/2016 19:46:03] - (.-.) - [5663.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igdclbif.bin [MD5.D68CFBF223EB2B0CC7EAF61940C25BDC] - |A| - [27/05/2016 19:46:12] - (.Copyright (C) 2012-2015 - MDF(CM) Runtime DX11 Dynamic Link Library.) - [400.37 Ko] - (5.0.0.1133) - C:\WINDOWS\System32\igfx11cmrt64.dll [MD5.E8F98FDC766AEFB0EAC4EC490694EA77] - |A| - [27/05/2016 19:46:12] - (.Copyright (C) 2010 - 2015 - MDF(CM) JIT Dynamic Link Library.) - [1523 Ko] - (5.0.0.1133) - C:\WINDOWS\System32\igfxcmjit64.dll [MD5.A3DD07E4C4BEE6CFC2369245D0144ED2] - |A| - [27/05/2016 19:46:12] - (.Copyright (C) 2010 - 2015 - MDF(CM) Runtime Dynamic Link Library.) - [399.34 Ko] - (5.0.0.1133) - C:\WINDOWS\System32\igfxcmrt64.dll [MD5.EC73079A5841A0759E59E27E79EDA339] - |A| - [22/03/2018 04:20:36] - (.-.) - [271.94 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igfxCPL.cpl [MD5.EFB3D1794B1FFFA63537CB3963EBF14B] - |A| - [27/05/2016 19:46:12] - (.-.) - [84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igfxCUIServicePS.dll [MD5.FAB58BEE3FBFA441225713FCCB9A542C] - |A| - [27/05/2016 19:46:12] - (.-.) - [65.5 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxDHLib.dll [MD5.0B68AC3751C6B4EED96801F80486F15B] - |A| - [27/05/2016 19:46:12] - (.-.) - [76 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxDHLibv2_0.dll [MD5.4177A8BEA111073C13897035D21122F1] - |A| - [27/05/2016 19:46:12] - (.-.) - [11.5 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxDILib.dll [MD5.37625E5992267F9BA8AD7AB18B1E5FEC] - |A| - [27/05/2016 19:46:12] - (.-.) - [11.5 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxDILibv2_0.dll [MD5.755D3887182312712D5AA11300B1AE41] - |A| - [27/05/2016 19:46:12] - (.-.) - [10 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxEMLib.dll [MD5.63A5D1D245D22B74B8583B82C027E91F] - |A| - [27/05/2016 19:46:12] - (.-.) - [10 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxEMLibv2_0.dll [MD5.777FE200DE717B8C02051D57D4767DEE] - |A| - [27/05/2016 19:46:13] - (.-.) - [5 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxLHMLib.dll [MD5.4EFD48F4BDB78A8EB9EDE5BC9F4CB375] - |A| - [27/05/2016 19:46:13] - (.-.) - [5 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxLHMLibv2_0.dll [MD5.35E326B5FED6F1CC34376935ECCFA758] - |A| - [27/05/2016 19:46:13] - (.-.) - [984.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igfxSDK.exe [MD5.D82803AD99C57E884B97416773ACCEF7] - |A| - [27/05/2016 19:46:13] - (.-.) - [81.5 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxSDKLib.dll [MD5.B5290A06D7CFE8D25BBDF7F060FE9132] - |A| - [27/05/2016 19:46:13] - (.-.) - [92 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxSDKLibv2_0.dll [MD5.8D70B702BBDE99B7256D3808835A2F45] - |A| - [27/05/2016 19:46:13] - (.-.) - [375.12 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igfxTray.exe [MD5.6C0F36ABFE80433B352FA7748ED887BF] - |A| - [27/05/2016 19:46:13] - (.-.) - [2748 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxa64.cpa [MD5.0D3AF85E1F169395885151038ADE9317] - |A| - [27/05/2016 19:46:14] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxa64.vp [MD5.A0D0A10C8DA1B00A2EE378357F72BA90] - |A| - [27/05/2016 19:46:14] - (.-.) - [39.37 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxc64.vp [MD5.7B929507BB2C2A3FBD2956EC3515364C] - |A| - [27/05/2016 19:46:14] - (.-.) - [40.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxc64_dev.vp [MD5.1A8302994182D4FC003A71DC6D23EE81] - |A| - [27/05/2016 19:46:14] - (.-.) - [38.73 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxg64.vp [MD5.38FA402460982FE9A071BEC11C58B0D3] - |A| - [27/05/2016 19:46:14] - (.-.) - [38.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxg64_dev.vp [MD5.26526A63D35D8E4E19C46F920AAF48F2] - |A| - [27/05/2016 19:46:14] - (.-.) - [39.4 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxo64.vp [MD5.9CD97189D5A5E409BBEC1B28A8AFD428] - |A| - [27/05/2016 19:46:14] - (.-.) - [39.97 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxo64_dev.vp [MD5.F9C495A0E5A582993199A0209081568B] - |A| - [27/05/2016 19:46:14] - (.-.) - [4.72 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxs64.vp [MD5.4CB30F1CE7D751968AC16E1B33DCCF0B] - |A| - [27/05/2016 19:46:15] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igvk64.json [MD5.5C75F3B35EB158BF27B87A5920B77A3E] - |N| - [15/09/2018 08:28:22] - (.-.) - [195 Ko] - (0.0.0.0) - C:\WINDOWS\System32\IHDS.dll [MD5.3ED204C864E5CC3C78D3DBB707D102D1] - |A| - [27/05/2016 19:46:15] - (.-.) - [394.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ImageStabilization.wmv [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [25900.42 Ko] - C:\WINDOWS\System32\IME [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [0 Ko] - C:\WINDOWS\System32\inetsrv [MD5.437B8732902A8DF6E14101AA963A5D4F] - |N| - [15/09/2018 08:28:36] - (.-.) - [814.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [6841.5 Ko] - C:\WINDOWS\System32\InputMethod [MD5.8DE9AE82152650C178BF1E24014E8503] - |N| - [15/09/2018 08:28:22] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.contrast-white.png [MD5.0B9FBD6F3ED617CD36D042D3422F1C2B] - |N| - [15/09/2018 08:28:22] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.png [MD5.87A09F17B48338AD1DFF070AA931620B] - |A| - [27/05/2016 19:46:15] - (.Copyright (C) 2015 - IntelCpHDCPSvc Executable.) - [589.11 Ko] - (1.0.0.1) - C:\WINDOWS\System32\IntelCpHDCPSvc.exe [MD5.DF2B8D52DFBA92AEB82F03A0D28B8EAD] - |A| - [22/03/2018 04:21:34] - (.Copyright © The Khronos Group Inc 2016 - OpenCL Client DLL.) - [141.44 Ko] - (2.1.1.0) - C:\WINDOWS\System32\Intel_OpenCL_ICD64.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [0 Ko] - C:\WINDOWS\System32\Ipmi [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [434 Ko] - C:\WINDOWS\System32\it-IT [MD5.CDFD93EE63CBA8A00AF9993E9B757FD8] - |A| - [09/11/2017 05:19:48] - (.-.) - [118.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\kapp_ci.sbin [MD5.DA921F39CCD51EA50E74C53426A3D674] - |A| - [09/11/2017 05:19:48] - (.-.) - [112.02 Ko] - (0.0.0.0) - C:\WINDOWS\System32\kapp_si.sbin [MD5.23AC7515B6D8A794BCC01B582F044078] - |N| - [15/09/2018 08:28:22] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.contrast-white.png [MD5.3DF873E16CCEA9B42857FB5FA085CB00] - |N| - [15/09/2018 08:28:22] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [297.5 Ko] - C:\WINDOWS\System32\ko-KR [MD5.9451D4436E2EA67EB33FCC764E4AABED] - |A| - [15/09/2018 08:28:39] - (.-.) - [186.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LaptopPlugInToastImg.gif [MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |N| - [15/09/2018 08:28:22] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LargeRoom.bin [MD5.157FB82D7141B18624FF2D42190C97E1] - |N| - [15/09/2018 17:39:53] - (.-.) - [1572 Ko] - (2.6.5.1) - C:\WINDOWS\System32\libcrypto.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [625.17 Ko] - C:\WINDOWS\System32\Licenses [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [11088.87 Ko] - C:\WINDOWS\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [334.5 Ko] - C:\WINDOWS\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [333 Ko] - C:\WINDOWS\System32\lv-LV [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [30076.84 Ko] - C:\WINDOWS\System32\Macromed [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 12:01:04] - [32.68 Ko] - C:\WINDOWS\System32\MailContactsCalendarSync [MD5.CD64900AF63979E1CA72DFFB4E9F5916] - |A| - [09/11/2017 05:53:32] - (.Copyright (C) 2013 AMD Inc. - Mantle loader.) - [183.91 Ko] - (23.20.768.12) - C:\WINDOWS\System32\mantle64.dll [MD5.E7DC7064E311BE72145D41D56D596B11] - |A| - [09/11/2017 05:53:40] - (.Copyright (C) 2013 AMD Inc. - Mantle extension library.) - [163.41 Ko] - (23.20.768.12) - C:\WINDOWS\System32\mantleaxl64.dll [MD5.478474414C7C292108FE33FE7E03FA1B] - |A| - [19/06/2017 03:18:38] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [334.24 Ko] - (2.2.9.0) - C:\WINDOWS\System32\MaxxAudioAPO20.dll [MD5.A9212B8528D204FEAD55B59B1C53F28E] - |A| - [19/06/2017 03:18:40] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [676.77 Ko] - (3.6.0.0) - C:\WINDOWS\System32\MaxxAudioAPO30.dll [MD5.A6C4409A3F7E8237F16B81DB0200A65B] - |A| - [19/06/2017 03:18:40] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1157.39 Ko] - (4.5.8.0) - C:\WINDOWS\System32\MaxxAudioAPO4064.dll [MD5.4C3F1A4871E558C540243039BE859867] - |A| - [19/06/2017 03:18:42] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1204.16 Ko] - (5.6.5.0) - C:\WINDOWS\System32\MaxxAudioAPO5064.dll [MD5.20249015757020D961CB7AD9CECACB11] - |A| - [19/06/2017 03:18:46] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1410.38 Ko] - (6.1.17.0) - C:\WINDOWS\System32\MaxxAudioAPO6064.dll [MD5.F659C6A7597EFFBB899C275DEB343E42] - |A| - [19/06/2017 03:18:48] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [2265.73 Ko] - (7.0.24.0) - C:\WINDOWS\System32\MaxxAudioAPO7064.dll [MD5.D38C3E5492390F236A90194E17231814] - |A| - [21/09/2015 16:02:20] - (.© Waves Audio Ltd. All rights reserved - MaxxAudio APO Shell.) - [919.92 Ko] - (4.21.6.0) - C:\WINDOWS\System32\MaxxAudioAPOShell.dll [MD5.11A8ADCA0A43565C7DE46DCA3C2927CE] - |A| - [21/09/2015 16:02:48] - (.© Waves Audio Ltd. All rights reserved - MaxxAudio APO Shell.) - [1087.42 Ko] - (4.21.6.0) - C:\WINDOWS\System32\MaxxAudioAPOShell64.dll [MD5.9B034AA52A0B3BE38851423ED02B890E] - |A| - [23/08/2015 08:07:04] - (.© Waves Audio Ltd. - MaxxAudioIntelHaswell.) - [451.42 Ko] - (1.2.1.0) - C:\WINDOWS\System32\MaxxAudioCHT64.dll [MD5.3D9FC64A28A275EF3A160077DB19FA62] - |A| - [19/06/2017 03:18:34] - (.Copyright © 1996-2014 -.) - [2010.61 Ko] - (4.1.1.0) - C:\WINDOWS\System32\MaxxAudioEQ64.dll [MD5.B6536C2B38F9534A28F8F22FAAD39E82] - |A| - [19/08/2015 16:12:10] - (.© Waves Audio Ltd. -.) - [33960.42 Ko] - (6.3.3.0) - C:\WINDOWS\System32\MaxxAudioGUI64.dll [MD5.1919BEE7DFA350B198794341F586CA83] - |A| - [19/08/2015 16:12:10] - (.Copyright (C) 2013 - MaxxAudioIntelHaswell.) - [433.42 Ko] - (1.2.0.0) - C:\WINDOWS\System32\MaxxAudioIntelHaswell64.dll [MD5.376CC8935650C93C151DEB7A7D6BF9C8] - |A| - [19/08/2015 16:12:10] - (.© Waves Audio Ltd. All rights reserved - MaxxAudioIntelSkylake.) - [531.42 Ko] - (1.0.6.0) - C:\WINDOWS\System32\MaxxAudioIntelSkylake64.dll [MD5.E5C77A00273A1C8AD094E2CDC114422D] - |A| - [19/06/2017 03:18:36] - (.(c) Waves Audio Ltd. -.) - [3706.45 Ko] - (4.1.8.0) - C:\WINDOWS\System32\MaxxAudioMeters64.exe [MD5.2AC35060DFB4FFE8BA0FA21EDE91FB54] - |A| - [21/09/2015 16:02:52] - (.- Waves Realtek App.) - [1915.92 Ko] - (5.3.11.0) - C:\WINDOWS\System32\MaxxAudioRealtek264.dll [MD5.7EA8AB1DC458617EBAF56528BCA4A927] - |A| - [21/09/2015 16:02:54] - (.- Waves Realtek App.) - [1891.42 Ko] - (1.8.4.0) - C:\WINDOWS\System32\MaxxAudioRealtek364.dll [MD5.0C01DC97F7A9E32577AAC361B6559CDA] - |A| - [19/08/2015 16:12:12] - (.Copyright © 1996-2014 -.) - [14566.42 Ko] - (4.5.13.0) - C:\WINDOWS\System32\MaxxAudioRealtek64.dll [MD5.714C01BB4B7B177CD3EE461129C1B515] - |A| - [19/06/2017 03:18:40] - (.Copyright (C) 2013 - MaxxAudioVienna2.) - [207.27 Ko] - (1.0.7.0) - C:\WINDOWS\System32\MaxxAudioVienna264.dll [MD5.90082F1405901EE7743AE34F4645D6B1] - |A| - [19/08/2015 16:12:12] - (.© Waves Audio Ltd. -.) - [27726.42 Ko] - (1.7.24.0) - C:\WINDOWS\System32\MaxxAudioVnA64.dll [MD5.B912601F8A646B1A7C9C191B53F3E4CA] - |A| - [21/09/2015 17:09:44] - (.© Waves Audio Ltd. - Waves Realtek App.) - [1926.92 Ko] - (1.9.6.0) - C:\WINDOWS\System32\MaxxAudioVnD64.dll [MD5.DB638FAE93E349103A74083C2FF9249E] - |A| - [19/08/2015 16:12:14] - (.© Waves Audio Ltd. -.) - [4198.92 Ko] - (1.0.5.0) - C:\WINDOWS\System32\MaxxAudioVnF64.dll [MD5.39644189F5D3ED12E42DD6C0A799EC7E] - |A| - [19/08/2015 16:12:14] - (.© Waves Audio Ltd. -.) - [21951.92 Ko] - (1.2.9.0) - C:\WINDOWS\System32\MaxxAudioVnL64.dll [MD5.AD232BE1BF3366DC2DB7755BFA821635] - |A| - [19/08/2015 16:12:16] - (.Copyright © 1996-2014 -.) - [3913.42 Ko] - (1.4.11.0) - C:\WINDOWS\System32\MaxxAudioVnN64.dll [MD5.C1762A25562F0BD204A47DBA0004279D] - |A| - [19/06/2017 03:18:50] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [993.58 Ko] - (2.6.2.0) - C:\WINDOWS\System32\MaxxVoiceAPO2064.dll [MD5.24005BCD80306BF0E1BC4CAF16C71A27] - |A| - [19/06/2017 03:18:56] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [12935.27 Ko] - (3.1.14.0) - C:\WINDOWS\System32\MaxxVoiceAPO3064.dll [MD5.B860641FD05A148696F93E204E530AC0] - |A| - [19/06/2017 03:18:58] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [12803.09 Ko] - (4.0.19.0) - C:\WINDOWS\System32\MaxxVoiceAPO4064.dll [MD5.A4793092DE38D12BF661408A724A672F] - |A| - [19/06/2017 03:19:00] - (.© Waves Audio Ltd. - MaxxVolumeSD APO.) - [676.27 Ko] - (3.6.0.0) - C:\WINDOWS\System32\MaxxVolumeSDAPO.dll [MD5.F02D68D1BE7968CEF56ED2342691F6C3] - |A| - [27/05/2016 11:00:49] - (.Copyright (c) 2006-2013 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [1930.23 Ko] - (1.2.16.95) - C:\WINDOWS\System32\MBAPO264.dll [MD5.6C2209E460117D464443F4020C9463F0] - |A| - [27/05/2016 11:00:49] - (.Copyright (c) 2006-2011 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [892.6 Ko] - (1.0.62.0) - C:\WINDOWS\System32\MBAPO64.dll [MD5.D21A7F278B058ABC026A8E8D57EA1678] - |A| - [27/05/2016 11:00:49] - (.Copyright (c) 2006-2008 Creative Technology Ltd. - Creative Chaining Property Page Loader Module.) - [68.29 Ko] - (1.0.0.110) - C:\WINDOWS\System32\MBPPCn64.dll [MD5.7FB03C8A4E8A92CDD371EB3361AC6EA0] - |A| - [27/05/2016 11:00:50] - (.Copyright (c) 2006-2011 Creative Technology Ltd. - Creative Property Page Loader Module.) - [72.86 Ko] - (1.0.58.0) - C:\WINDOWS\System32\MBppld64.dll [MD5.162681E1AABA50C46DDAF4FD9C5EC50B] - |N| - [15/09/2018 08:28:57] - (.-.) - [839 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MBR2GPT.EXE [MD5.541E9E15E5EFF7DFE5308A7B714AE9EF] - |A| - [27/05/2016 11:00:50] - (.Copyright (c) 2006-2011 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [627.86 Ko] - (1.0.15.175) - C:\WINDOWS\System32\MBTHX64.dll [MD5.0B2A8180D524EDF208D2B2C0CD096EF5] - |A| - [27/05/2016 11:00:50] - (.Copyright (c) 2006-2010 Creative Technology Ltd. - Audio Processing Object Chaining Module.) - [400.42 Ko] - (1.0.0.270) - C:\WINDOWS\System32\MBWrp64.dll [MD5.F23EB28468FC8B62AF941308EC30387F] - |N| - [15/09/2018 08:28:22] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.contrast-white.png [MD5.6E27512E38D598E0A60F8E5ADCF032CD] - |N| - [15/09/2018 08:28:22] - (.-.) - [0.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.png [MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |N| - [15/09/2018 08:28:22] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediumRoom.bin [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [13/02/2019 11:53:58] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\mmc.exe.config [MD5.B43E43FFFDD0F06A6925C7C89594042B] - |N| - [15/09/2018 08:28:22] - (.-.) - [1.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.contrast-white.png [MD5.5D2F0D3E50BF1129D260AC1405FF2A18] - |N| - [15/09/2018 08:28:22] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 15:50:44] - [0 Ko] - C:\WINDOWS\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [45.5 Ko] - C:\WINDOWS\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [4324.28 Ko] - C:\WINDOWS\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [20.55 Ko] - C:\WINDOWS\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [34.35 Ko] - C:\WINDOWS\System32\my-mm [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [396 Ko] - C:\WINDOWS\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [0 Ko] - C:\WINDOWS\System32\NDF [MD5.A6D61E575D55EE7E9CB8F16225E0F129] - |A| - [13/02/2019 12:21:46] - (.-.) - [33.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetSetupMig.log [MD5.C146E873B22C3B300B21A859FE66C27A] - |N| - [15/09/2018 08:29:23] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [51 Ko] - C:\WINDOWS\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [431 Ko] - C:\WINDOWS\System32\nl-NL [MD5.00000000000000000000000000000000] - |SD| - [13/02/2019 11:53:47] - [3781.5 Ko] - C:\WINDOWS\System32\Nui [MD5.00000000000000000000000000000000] - |D| - [27/05/2016 19:22:09] - [212.92 Ko] - C:\WINDOWS\System32\oem [MD5.7F3D6C958422727C4EA7C247E4743C8F] - |A| - [13/02/2019 11:53:58] - (.-.) - [17.14 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OEMDefaultAssociations.xml [MD5.F3B12BAB4557BDBE0032419BB9D090CE] - |A| - [27/05/2016 19:22:09] - (.-.) - [3.61 Ko] - (0.0.0.0) - C:\WINDOWS\System32\oemDELL.sdr [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |N| - [15/09/2018 08:28:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-black.png [MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |N| - [15/09/2018 08:28:39] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-white.png [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |N| - [15/09/2018 08:28:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.png [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [16356.64 Ko] - C:\WINDOWS\System32\oobe [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 12:01:04] - [3554.5 Ko] - C:\WINDOWS\System32\OpenSSH [MD5.459FB33AA2114A28C5932FEAA115B072] - |N| - [15/09/2018 08:28:22] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OutdoorAudioEnvironment.bin [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [1123.97 Ko] - C:\WINDOWS\System32\PerceptionSimulation [MD5.3C3F800592C9CF77597EB11F6CC4F225] - |A| - [13/02/2019 11:55:58] - (.-.) - [130.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc009.dat [MD5.AF03ABC13939177C4DE28A2072CCA837] - |A| - [13/02/2019 11:59:59] - (.-.) - [146.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc00C.dat [MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [13/02/2019 11:55:58] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd009.dat [MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [13/02/2019 11:59:59] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd00C.dat [MD5.8EE243FEAC9E9C1F6713CB20D9F46278] - |A| - [13/02/2019 11:55:58] - (.-.) - [686.17 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh009.dat [MD5.7AE7DCA87A5B66174A1D797CEF53C115] - |A| - [13/02/2019 11:59:59] - (.-.) - [774.42 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh00C.dat [MD5.AADD287D7E91A4C4FFA0D8C7AD8D0894] - |A| - [27/05/2016 10:48:20] - (.-.) - [1731.66 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerfStringBackup.INI [MD5.79D34E3B62076D4C875C748F5BE71ECA] - |N| - [15/09/2018 08:28:22] - (.-.) - [2.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.contrast-white.png [MD5.4D9495349D00D9AD907F227FF51F289F] - |N| - [15/09/2018 08:28:22] - (.-.) - [1.92 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [428.5 Ko] - C:\WINDOWS\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [437 Ko] - C:\WINDOWS\System32\PointOfService [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:59:48] - [420.74 Ko] - C:\WINDOWS\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [0 Ko] - C:\WINDOWS\System32\ProximityToast [MD5.007893E8374C766471239EB291BA8C17] - |N| - [15/09/2018 08:28:29] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [423.5 Ko] - C:\WINDOWS\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [426 Ko] - C:\WINDOWS\System32\pt-PT [MD5.5A998CBB9D09B5CCD7257850482701C4] - |A| - [19/06/2017 03:19:02] - (.©2012 Dolby Laboratories. - Dolby PCEE4 ASL Analog x64.) - [140.79 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEA64A.dll [MD5.630AF3AF5DDA4173A7B3433148376BF2] - |A| - [19/06/2017 03:19:04] - (.©2012 Dolby Laboratories. - Dolby PCEE4 COM DLL x64.) - [449.63 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EED64A.dll [MD5.4877FAA6BE51CD2BAA724A4856B7EDFD] - |A| - [19/06/2017 03:19:06] - (.©2012 Dolby Laboratories. - Dolby PCEE4 GFX APO x64.) - [91.95 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEG64A.dll [MD5.134243A1543765068B52A492F324BB97] - |A| - [19/06/2017 03:19:08] - (.©2012 Dolby Laboratories. - Dolby PCEE4 LFX APO x64.) - [158.13 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEL64A.dll [MD5.4910567E79F427B3B9C58B1EBADCB76D] - |A| - [19/06/2017 03:18:42] - (.©2012 Dolby Laboratories. - Dolby PCEE4 Control Panel x64.) - [7013.27 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEP64A.dll [MD5.6DB6D3B2B7825EC9C6AE70525BA16810] - |A| - [09/11/2017 05:53:52] - (.(c) Advanced Micro Devices, Inc. - AMD RapidFire.) - [551.41 Ko] - (1.1.0.27) - C:\WINDOWS\System32\Rapidfire64.dll [MD5.0CBE3301A5DF47D00758E27A51B1A2B7] - |A| - [09/11/2017 05:53:58] - (.(c) Advanced Micro Devices, Inc. - AMD Rapid Fire Server.) - [52.41 Ko] - (1.1.0.19) - C:\WINDOWS\System32\RapidFireServer64.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [23.75 Ko] - C:\WINDOWS\System32\ras [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [0 Ko] - C:\WINDOWS\System32\RasToast [MD5.B855C50767A4959A128D7171E0FCD107] - |N| - [15/09/2018 08:29:21] - (.-.) - [1955 Ko] - (1.0.1808.22001) - C:\WINDOWS\System32\rdpnano.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [7.26 Ko] - C:\WINDOWS\System32\Recovery [MD5.826549DF7B1333179BA8CA939B12DAD3] - |N| - [15/09/2018 08:28:22] - (.-.) - [1.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.contrast-white.png [MD5.B4DEEC96F9DF6961D5DE054F11BF9C2B] - |N| - [15/09/2018 08:28:22] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.png [MD5.93915F385A4EED6C0FBEE364EA90CE56] - |N| - [15/09/2018 08:29:25] - (.-.) - [9.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageList [MD5.93915F385A4EED6C0FBEE364EA90CE56] - |N| - [15/09/2018 08:29:25] - (.-.) - [9.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageListLowCost [MD5.39A2449AFF6ABAD80B97EA7C7CEB3F8E] - |N| - [15/09/2018 08:29:25] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageList [MD5.39A2449AFF6ABAD80B97EA7C7CEB3F8E] - |N| - [15/09/2018 08:29:25] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageListLowCost [MD5.831C579709F4761E4AB7053FCF4176EC] - |N| - [15/09/2018 08:28:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-black.png [MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |N| - [15/09/2018 08:28:39] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-white.png [MD5.831C579709F4761E4AB7053FCF4176EC] - |N| - [15/09/2018 08:28:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.png [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [0.07 Ko] - C:\WINDOWS\System32\restore [MD5.000C95245021299B83928F5CBC33D901] - |A| - [27/05/2016 10:55:09] - (.-.) - [16.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\results.xml [MD5.B81D1218A30C54B2C3E5794D33BF725B] - |A| - [19/06/2017 03:19:12] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [325.46 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DAA64.dll [MD5.6B601A011CBA0B8651939B0587076B61] - |A| - [19/06/2017 03:19:16] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [325.46 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DHT64.dll [MD5.E900A86CB03F4C48047ADC34CAC9917B] - |A| - [08/08/2016 11:22:34] - (.Copyright (C) 2014 - RtCRX.) - [91.01 Ko] - (1.11.9600.0) - C:\WINDOWS\System32\RtCRX64.dll [MD5.79CBBF65EA39A56DF6DC133714022B52] - |A| - [19/06/2017 03:19:26] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [220.2 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEED64A.dll [MD5.E0BD8E44AC50E0A618DF187E7EF8558B] - |A| - [19/06/2017 03:19:28] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [95.66 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEG64A.dll [MD5.52F0CB95C2C092FC46CBECFD4A6F6583] - |A| - [19/06/2017 03:19:30] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [117.87 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEL64A.dll [MD5.2BCA504C1122BEE448896240F2F0435E] - |A| - [19/06/2017 03:19:32] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [390.09 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEP64A.dll [MD5.8AA05F502FCF586AFEA8E5C4AFB19AEB] - |A| - [15/09/2018 08:28:46] - (.-.) - [56.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\runexehelper.exe [MD5.56B23318DE09559AE0A7EA51F068AC3B] - |A| - [09/11/2017 05:19:48] - (.-.) - [150.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\samu_krnl_ci.sbin [MD5.A769B352B827590EA4CCAC16E6269E33] - |A| - [09/11/2017 05:19:48] - (.-.) - [135.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\samu_krnl_isv_ci.sbin [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |N| - [15/09/2018 08:29:46] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScavengeSpace.xml [MD5.2F24BC74DCB28FE032C1596755385917] - |N| - [15/09/2018 08:28:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-black.png [MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |N| - [15/09/2018 08:28:39] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-white.png [MD5.2F24BC74DCB28FE032C1596755385917] - |N| - [15/09/2018 08:28:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.png [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [6.92 Ko] - C:\WINDOWS\System32\SecureBootUpdates [MD5.1071D139670D43DF313ACF7134FA055A] - |A| - [09/11/2017 05:52:54] - (.AMD. - CoInstaller DLL.) - [1220.41 Ko] - (1.0.5.9) - C:\WINDOWS\System32\SET96E3.tmp [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [15/09/2018 08:28:26] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\settings.dat [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [68.05 Ko] - C:\WINDOWS\System32\Sgrm [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [2304 Ko] - C:\WINDOWS\System32\ShellExperiences [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [23.7 Ko] - C:\WINDOWS\System32\si-lk [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [340 Ko] - C:\WINDOWS\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [336.5 Ko] - C:\WINDOWS\System32\sl-SI [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 12:21:36] - [9899.43 Ko] - C:\WINDOWS\System32\SleepStudy [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:59:48] - [52.14 Ko] - C:\WINDOWS\System32\slmgr [MD5.DAC275ABAAD2B689D7BB3685E4032072] - |N| - [15/09/2018 08:28:22] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:37:28] - [13393.02 Ko] - C:\WINDOWS\System32\SMI [MD5.55121989BE7B289813D419BA0FDEE8B7] - |N| - [15/09/2018 08:28:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-black.png [MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |N| - [15/09/2018 08:28:39] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-white.png [MD5.55121989BE7B289813D419BA0FDEE8B7] - |N| - [15/09/2018 08:28:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.png [MD5.DE3EAAF17BC934C77C4FC0C626EEA03B] - |N| - [15/09/2018 08:28:22] - (.-.) - [1.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.contrast-white.png [MD5.3308374DB8D20CFDA4D4204E2B5E559E] - |N| - [15/09/2018 08:28:22] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.png [MD5.D7C806511EE5CD3E3F9FB0D26957EBED] - |N| - [15/09/2018 08:29:24] - (.-.) - [37.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpectrumSyncClient.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [7564.02 Ko] - C:\WINDOWS\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [12344.23 Ko] - C:\WINDOWS\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [109765.34 Ko] - C:\WINDOWS\System32\spool [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [9881.29 Ko] - C:\WINDOWS\System32\spp [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [23.61 Ko] - C:\WINDOWS\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [30/10/2015 08:24:25] - [0 Ko] - C:\WINDOWS\System32\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [338.5 Ko] - C:\WINDOWS\System32\sr-Latn-RS [MD5.2E00E08420875FAE0B173C6A34C2A575] - |N| - [15/09/2018 08:29:25] - (.-.) - [18.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms-apr.dat [MD5.4FD560E994EDF0353835F3F9F506A62C] - |A| - [15/09/2018 08:29:22] - (.-.) - [57.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms.dat [MD5.33EB67C9A1D71DDAB003C970380DE641] - |A| - [19/06/2017 03:19:44] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [214.96 Ko] - (1.1.0.0) - C:\WINDOWS\System32\SRSHP64.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 12:25:58] - [2378.36 Ko] - C:\WINDOWS\System32\SRSLabs [MD5.F6450849D1686F3B7F80DE342B09A41A] - |A| - [19/06/2017 03:19:44] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [227.24 Ko] - (1.1.4.0) - C:\WINDOWS\System32\SRSTSH64.dll [MD5.9903D33AE48AF1D2B83B091D2FB97AC2] - |A| - [19/06/2017 03:19:46] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [533.02 Ko] - (3.2.0.0) - C:\WINDOWS\System32\SRSTSX64.dll [MD5.1E5A486EF464C76A689171BE0F691471] - |A| - [19/06/2017 03:19:46] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [172.32 Ko] - (1.1.3.0) - C:\WINDOWS\System32\SRSWOW64.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [23768 Ko] - C:\WINDOWS\System32\sru [MD5.DE63BBC4AF740A7D0C379A9D758FBCE9] - |N| - [15/09/2018 08:28:22] - (.-.) - [439 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [403 Ko] - C:\WINDOWS\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [1389.19 Ko] - C:\WINDOWS\System32\Sysprep [MD5.740710F257A69CD05ADBEACF8843CD36] - |A| - [13/07/2015 02:51:10] - (.Copyright c 2009-2013 - SystemInfo.) - [113 Ko] - (1.0.0.12) - C:\WINDOWS\System32\SystemInfo.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [955.28 Ko] - C:\WINDOWS\System32\SystemResetPlatform [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [10.73 Ko] - C:\WINDOWS\System32\ta-in [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [10.73 Ko] - C:\WINDOWS\System32\ta-lk [MD5.0B8821B257EEE9C01CD29C62AE9D3EF9] - |N| - [15/09/2018 08:29:16] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [49.5 Ko] - (3.3.2.0) - C:\WINDOWS\System32\tar.exe [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [594.29 Ko] - C:\WINDOWS\System32\Tasks [MD5.00000000000000000000000000000000] - |D| - [30/10/2015 08:24:25] - [469.42 Ko] - C:\WINDOWS\System32\Tasks_Migrated [MD5.D602CA245CC6774A0981B607F0675609] - |N| - [15/09/2018 08:28:56] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [310 Ko] - C:\WINDOWS\System32\th-TH [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [5.97 Ko] - C:\WINDOWS\System32\ti-et [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [393.5 Ko] - C:\WINDOWS\System32\tr-TR [MD5.B88B8D017386A00D7724519F475317A0] - |N| - [15/09/2018 08:28:26] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |N| - [15/09/2018 08:28:26] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlanCredentials.xslt [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [336.5 Ko] - C:\WINDOWS\System32\uk-UA [MD5.00000000000000000000000000000000] - |SD| - [13/02/2019 11:53:47] - [1930.5 Ko] - C:\WINDOWS\System32\UNP [MD5.F729741D514ED13EF6AFCB1B568987A9] - |N| - [15/09/2018 08:28:38] - (.-.) - [44.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UsbPmApi.dll [MD5.52808CC03CE3AB53187EFAE813CA0FEE] - |A| - [16/02/2016 00:26:22] - (.-.) - [123.27 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkan-1-1-0-3-1.dll [MD5.5450A69087D2F6955A253CB2BF86503C] - |A| - [08/12/2017 23:24:44] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [906.8 Ko] - (1.0.65.1) - C:\WINDOWS\System32\vulkan-1-1-0-65-1.dll [MD5.5450A69087D2F6955A253CB2BF86503C] - |A| - [13/02/2019 12:27:28] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [906.8 Ko] - (1.0.65.1) - C:\WINDOWS\System32\vulkan-1.dll [MD5.B14FF3A750CDBA33378C4A549B585DFD] - |A| - [16/02/2016 00:25:20] - (.-.) - [44.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo-1-1-0-3-1.exe [MD5.95253BF8F996BEA19BFA974F61277E87] - |A| - [08/12/2017 23:24:32] - (.-.) - [577.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo-1-1-0-65-1.exe [MD5.95253BF8F996BEA19BFA974F61277E87] - |A| - [13/02/2019 12:27:28] - (.-.) - [577.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo.exe [MD5.731BC5A8C0CFC5D84C93522EC9534253] - |A| - [19/08/2015 16:12:22] - (.Copyright © 1996-2012 - General Library for Plug-Ins.) - [2054.92 Ko] - (4.4.5.0) - C:\WINDOWS\System32\WavesGUILib64.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [86926.34 Ko] - C:\WINDOWS\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:59:48] - [0 Ko] - C:\WINDOWS\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [107990.04 Ko] - C:\WINDOWS\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |N| - [15/09/2018 08:28:44] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [1.12 Ko] - C:\WINDOWS\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [48376.75 Ko] - C:\WINDOWS\System32\WinBioPlugIns [MD5.89539DF69CB40A7D214B9EC799EF5CAA] - |N| - [15/09/2018 08:28:34] - (.-.) - [122.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [10216.28 Ko] - C:\WINDOWS\System32\WindowsPowerShell [MD5.28E98ED0B6B08B7F1D163FFD184B28AF] - |N| - [15/09/2018 08:28:26] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsSecurityIcon.png [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [98376 Ko] - C:\WINDOWS\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [6006.72 Ko] - C:\WINDOWS\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:59:48] - [107.53 Ko] - C:\WINDOWS\System32\winrm [MD5.00000000000000000000000000000000] - |HD| - [27/05/2016 11:04:25] - [0.05 Ko] - C:\WINDOWS\System32\WLANProfiles [MD5.C30C621748C66CE751B19B2788559A3E] - |N| - [15/09/2018 08:28:24] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcmon.png [MD5.69FEC1494F4C454E994D27CA6750832B] - |N| - [15/09/2018 08:28:46] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpr.config.xml [MD5.CD70FD75FDAF5B66A3F0FD38513DA636] - |N| - [15/09/2018 08:28:30] - (.-.) - [95 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [287.49 Ko] - C:\WINDOWS\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [30/10/2015 08:24:25] - [0 Ko] - C:\WINDOWS\System32\zh-HK [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:47] - [252 Ko] - C:\WINDOWS\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:59:48] - [0 Ko] - C:\WINDOWS\SysWOW64\0409 [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |N| - [15/09/2018 08:29:07] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |N| - [15/09/2018 08:29:07] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |N| - [15/09/2018 08:29:08] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |N| - [15/09/2018 08:29:12] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@VpnToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |N| - [15/09/2018 08:29:27] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@WirelessDisplayToast.png [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [1963.8 Ko] - C:\WINDOWS\SysWOW64\AdvancedInstallers [MD5.53B64D943BE6F41811BF9069CFBD7458] - |A| - [09/11/2017 05:19:40] - (.-.) - [0.14 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\amd-vulkan32.json [MD5.305175D4084FC50F84152BCECA902DA1] - |A| - [09/11/2017 05:35:28] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon AMD AVE Driver Component.) - [122.46 Ko] - (23.20.768.12) - C:\WINDOWS\SysWOW64\amdave32.dll [MD5.B2A9C3AB24E1EF24BB83774A0CB52F1A] - |A| - [09/11/2017 05:39:58] - (.-.) - [360.91 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\amdgfxinfo32.dll [MD5.F2BECB54B6296FA9ED83969DDFD49E62] - |A| - [09/11/2017 05:35:58] - (.Copyright (C) 2013 - Universal Adapter for Adobe.) - [170.09 Ko] - (23.20.768.12) - C:\WINDOWS\SysWOW64\amdhcp32.dll [MD5.030DA19BD2D0072F7B3DE99B1DF779C9] - |A| - [27/05/2016 19:47:00] - (.-.) - [129.02 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\amdhdl32.dll [MD5.EF54682C4ADDE9F1EB88F55C60B67EBB] - |A| - [09/11/2017 05:40:28] - (.Advanced Micro Devices, Inc. Copyright (C) 2015 - LiquidVR SDK 1.0.) - [695.41 Ko] - (1.0.12.0) - C:\WINDOWS\SysWOW64\amdlvr32.dll [MD5.9549998F0EFF0E08F7A6613CF14AEA47] - |A| - [09/11/2017 05:40:38] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MCL Universal Driver.) - [381.91 Ko] - (1.6.0.0) - C:\WINDOWS\SysWOW64\amdmcl32.dll [MD5.8D4443BD96A19EF22FD69FCAC213FEA9] - |A| - [27/05/2016 19:47:01] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MMOCL Universal Driver.) - [47.02 Ko] - (1.6.0.0) - C:\WINDOWS\SysWOW64\amdmmcl.dll [MD5.1CD38EBF3D3B9F9A728415BD8DCC1468] - |A| - [27/05/2016 19:47:01] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 2.0 Runtime.) - [38790.52 Ko] - (10.0.1800.11) - C:\WINDOWS\SysWOW64\amdocl.dll [MD5.B1309A4D4F269989F37E0ECD0D3DA23C] - |A| - [27/05/2016 19:47:04] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD COMPILER OpenCL 1.1 Compiler.) - [21804.02 Ko] - (0.8.0.0) - C:\WINDOWS\SysWOW64\amdocl12cl.dll [MD5.2684A14B41C4256FD345D5F439E50532] - |A| - [27/05/2016 19:47:10] - (.-.) - [982.02 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\amdocl_as32.exe [MD5.D40D4AFB34C234F1B7C05DE45A79F7F7] - |A| - [27/05/2016 19:47:10] - (.-.) - [788.54 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\amdocl_ld32.exe [MD5.57874B47BFD94ADD88CDE9E3F6EDEB29] - |A| - [09/11/2017 05:36:08] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [109.09 Ko] - (23.20.768.12) - C:\WINDOWS\SysWOW64\amdpcom32.dll [MD5.11A83077FA904E9662400E281C90F0B8] - |A| - [09/11/2017 05:41:40] - (.Copyright (C) 2015 AMD Inc. - Vulkan driver, support for SI family and above.) - [10847.91 Ko] - (1.0.54.0) - C:\WINDOWS\SysWOW64\amdvlk32.dll [MD5.E5502C6F3CD5A58F73132C232A41CA58] - |A| - [09/11/2017 05:41:46] - (.Copyright (C) 2014-2017 AMD Inc. - amdxcstub32.dll.) - [104.91 Ko] - (8.18.10.209) - C:\WINDOWS\SysWOW64\amdxc32.dll [MD5.06FEF61E29F4D2FE9BD45077ABE843B9] - |A| - [09/11/2017 05:46:36] - (.Advanced Micro Devices, Inc. Copyright (C) 2017 - Advanced Media Framework.) - [2490.91 Ko] - (1.4.6.0) - C:\WINDOWS\SysWOW64\amfrt32.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [0 Ko] - C:\WINDOWS\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [228.5 Ko] - C:\WINDOWS\SysWOW64\ar-SA [MD5.30196C11BFB7FC2F4DD2A289AFFD8A84] - |N| - [15/09/2018 08:29:27] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [521 Ko] - (3.3.2.0) - C:\WINDOWS\SysWOW64\archiveint.dll [MD5.1E067333A7033999225405F1C0B56D46] - |A| - [09/11/2017 05:51:08] - (.Copyright (C) 2008-2016 Advanced Micro Devices, Inc. - ADL.) - [1044.41 Ko] - (23.20.768.12) - C:\WINDOWS\SysWOW64\atiadlxx.dll [MD5.1E067333A7033999225405F1C0B56D46] - |A| - [09/11/2017 05:51:08] - (.Copyright (C) 2008-2016 Advanced Micro Devices, Inc. - ADL.) - [1044.41 Ko] - (23.20.768.12) - C:\WINDOWS\SysWOW64\atiadlxy.dll [MD5.F2ED8ADB06637AC92B90C59183906BE5] - |A| - [09/11/2017 05:19:44] - (.-.) - [815.86 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atiapfxx.blb [MD5.70299F8056407E80BA06C22F7F1FA41D] - |A| - [27/05/2016 19:47:13] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [58.01 Ko] - (6.14.10.1848) - C:\WINDOWS\SysWOW64\aticalcl.dll [MD5.A2754CD13D2A47D582958119C3CF2281] - |A| - [27/05/2016 19:47:13] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [13977.01 Ko] - (6.14.10.1848) - C:\WINDOWS\SysWOW64\aticaldd.dll [MD5.6EA0599A9608EF08321C4A7CFEF1966A] - |A| - [27/05/2016 19:47:15] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [61 Ko] - (6.14.10.1848) - C:\WINDOWS\SysWOW64\aticalrt.dll [MD5.27836556839E90C84F128954892166C1] - |A| - [09/11/2017 05:51:22] - (.Copyright (C) 1998-2012 AMD Inc. - aticfxstub32.dll.) - [153.98 Ko] - (8.17.10.1573) - C:\WINDOWS\SysWOW64\aticfx32.dll [MD5.B26B8350BC3971A14127D31C7427258C] - |A| - [09/11/2017 05:51:36] - (.-.) - [107.41 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atidxx32.dll [MD5.D601E248756F5BA42BE64F10D049A5C0] - |A| - [09/11/2017 05:51:42] - (.-.) - [334.91 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atieah32.exe [MD5.CEE4B0640108D57A0EC2B34D8191126A] - |A| - [09/11/2017 05:52:02] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [206.91 Ko] - (23.20.768.12) - C:\WINDOWS\SysWOW64\atigktxx.dll [MD5.657752B7A114EC04548ED6C7139CB4A5] - |A| - [27/05/2016 19:47:16] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [78.01 Ko] - (8.14.1.6463) - C:\WINDOWS\SysWOW64\atiglpxx.dll [MD5.4C4AC361F4D009187EEEF4E3E6068828] - |A| - [09/11/2017 05:36:40] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [109.09 Ko] - (23.20.768.12) - C:\WINDOWS\SysWOW64\atimpc32.dll [MD5.05D85ECA8BB694952953D9E345460281] - |A| - [27/05/2016 19:47:20] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [24727.51 Ko] - (6.14.10.13399) - C:\WINDOWS\SysWOW64\atioglxx.dll [MD5.64A0869F18560CD529120ADE00155C3E] - |A| - [27/05/2016 10:57:48] - (.-.) - [3.83 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atipblup.dat [MD5.27075156E9DC46A631C99FA945A87E90] - |A| - [09/11/2017 05:52:40] - (.Copyright (c) 2010 Advanced Micro Devices, Inc. - Radeon spu api dll.) - [138.41 Ko] - (23.20.768.12) - C:\WINDOWS\SysWOW64\atisamu32.dll [MD5.02CAF73E38F1993CEF20F4F19E041BC9] - |A| - [27/05/2016 19:47:22] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [109.77 Ko] - (8.14.1.6463) - C:\WINDOWS\SysWOW64\atiu9pag.dll [MD5.A16D590BA47AF1F4FD408EA47B5E665E] - |A| - [27/05/2016 19:47:24] - (.Copyright (C) 1998-2011 AMD Inc. - atiumdag.dll.) - [7308.2 Ko] - (9.14.10.1128) - C:\WINDOWS\SysWOW64\atiumdag.dll [MD5.D45CC6440B1EF6E4C95E2CC6A0EE3D35] - |A| - [09/11/2017 05:19:46] - (.-.) - [3390.02 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atiumdva.cap [MD5.EBDA7CB1866DB4A5C91666C8052B02BC] - |A| - [27/05/2016 19:47:25] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [7823.16 Ko] - (8.14.10.513) - C:\WINDOWS\SysWOW64\atiumdva.dll [MD5.723EE704DA890CD8BDE5B3ABBEBA32A7] - |A| - [27/05/2016 19:47:26] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [141.22 Ko] - (8.14.1.6463) - C:\WINDOWS\SysWOW64\atiuxpag.dll [MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [09/11/2017 05:19:46] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [09/11/2017 05:19:46] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ativvsvl.dat [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [206.5 Ko] - C:\WINDOWS\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [0.1 Ko] - C:\WINDOWS\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot [MD5.9B9DD0A5AAEDD13834ECD388C13CD7F9] - |A| - [27/05/2016 10:58:26] - (.-.) - [49.67 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CCCInstall_201605271158269568.log [MD5.A20606552699E2EBAB380618CADAC024] - |A| - [06/06/2016 18:45:10] - (.-.) - [12.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CNC1748D.TBL [MD5.0A294F1A46F4BCB5C4323FFEB276393D] - |A| - [06/06/2016 18:45:10] - (.Copyright CANON INC. 2010 All Rights Reserved - LLD.) - [300 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\CNC5100L.dll [MD5.7B0B9146146B111E2F3EA58C0F3B5756] - |A| - [06/06/2016 18:45:10] - (.Copyright CANON INC. 2010 All Rights Reserved - Scanner Driver.) - [104 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\CNC5100U.dll [MD5.D16CF34B17899F90A8FCF2A3F77B4A27] - |A| - [06/06/2016 18:45:10] - (.Copyright CANON INC. 2007-2008 All Rights Reserved - Canon Device Dependent Informations for Scanner Library.) - [15.5 Ko] - (1.4.1.1) - C:\WINDOWS\SysWOW64\CNHMCA.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [317.5 Ko] - C:\WINDOWS\SysWOW64\com [MD5.A13ED3466516D2B60AC4EE4373ECE977] - |N| - [15/09/2018 08:29:27] - (.© 1996 - 2017 Daniel Stenberg, . - The curl executable.) - [377.5 Ko] - (7.55.1.0) - C:\WINDOWS\SysWOW64\curl.exe [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [263.5 Ko] - C:\WINDOWS\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [290.5 Ko] - C:\WINDOWS\SysWOW64\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |N| - [15/09/2018 08:29:03] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\DefaultAccountTile.png [MD5.00000000000000000000000000000000] - |SD| - [13/02/2019 11:53:48] - [202.5 Ko] - C:\WINDOWS\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [7548.7 Ko] - C:\WINDOWS\SysWOW64\Dism [MD5.1F4147F7C1D41478E568010CB51B3B53] - |A| - [21/02/2019 18:12:16] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\DLC_Debug_log.txt [MD5.791DC871EF3550C85CA385325BD664A3] - |A| - [09/11/2017 05:53:20] - (.-.) - [365.91 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\GameManager32.dll [MD5.1C6229A2F4C50A4748BA2458BE388C4E] - |A| - [27/05/2016 11:21:08] - (.-.) - [21.44 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gms.log [MD5.1E91815C329345AD54FE08BF7A98F749] - |A| - [15/09/2018 17:39:50] - (.Copyright (C) 2017 - Gracenote SDK component.) - [4073.5 Ko] - (3.10.5.5585) - C:\WINDOWS\SysWOW64\gnsdk_fp.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [217.5 Ko] - C:\WINDOWS\SysWOW64\he-IL [MD5.2E2FE36B09077A3EEBF713F3257514FC] - |N| - [15/09/2018 08:29:03] - (.-.) - [200.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [200.5 Ko] - C:\WINDOWS\SysWOW64\hr-HR [MD5.3656C4C3A2F5E9A6E8D856BEBF4434E1] - |A| - [09/11/2017 05:53:26] - (.-.) - [244.91 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\hsa-thunk.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [270.5 Ko] - C:\WINDOWS\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [36.27 Ko] - C:\WINDOWS\SysWOW64\icsxml [MD5.141C1ED35D36A4294BED57F1F3830B6F] - |N| - [15/09/2018 08:29:03] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1578 Ko] - (61.1.0.0) - C:\WINDOWS\SysWOW64\icuin.dll [MD5.178E3B2D395F3ADA56B7CED48C9BD6D4] - |N| - [15/09/2018 08:29:03] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1128 Ko] - (61.1.0.0) - C:\WINDOWS\SysWOW64\icuuc.dll [MD5.52CB7113174ECB1964B8638946C84388] - |A| - [27/05/2016 19:46:14] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\igvk32.json [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [21854.52 Ko] - C:\WINDOWS\SysWOW64\IME [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [0 Ko] - C:\WINDOWS\SysWOW64\inetsrv [MD5.1E07A331F632AB18AC1598B45D74DEB7] - |N| - [15/09/2018 08:29:05] - (.-.) - [577.97 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [219 Ko] - C:\WINDOWS\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [1160 Ko] - C:\WINDOWS\SysWOW64\InstallShield [MD5.BAD76ACA793B560FEF3E8827B010C072] - |A| - [22/03/2018 04:21:32] - (.Copyright © The Khronos Group Inc 2016 - OpenCL Client DLL.) - [116.94 Ko] - (2.1.1.0) - C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [0 Ko] - C:\WINDOWS\SysWOW64\Ipmi [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [275.5 Ko] - C:\WINDOWS\SysWOW64\it-IT [MD5.31BD06E29587EB81C3E52FDE65D3D9EB] - |A| - [09/11/2017 05:53:28] - (.Copyright (C) 2013 AMD Inc. - Mantle loader.) - [155.41 Ko] - (23.20.768.12) - C:\WINDOWS\SysWOW64\mantle32.dll [MD5.4B5173613FB0C58168A407B53448CCF1] - |A| - [09/11/2017 05:53:36] - (.Copyright (C) 2013 AMD Inc. - Mantle extension library.) - [140.41 Ko] - (23.20.768.12) - C:\WINDOWS\SysWOW64\mantleaxl32.dll [MD5.474B1B0ABCE1767DB628ED9E010237F9] - |A| - [19/06/2017 03:18:52] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [11845.49 Ko] - (3.1.14.0) - C:\WINDOWS\SysWOW64\MaxxVoiceAPO30.dll [MD5.95C5CCA2AD8EFF290523862B64DF73A7] - |A| - [27/05/2016 11:00:49] - (.Copyright (c) 2006-2013 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [1702.23 Ko] - (1.2.16.95) - C:\WINDOWS\SysWOW64\MBAPO232.dll [MD5.4E98E11C334A82AE0AF23FA12A6D9A87] - |A| - [27/05/2016 11:00:49] - (.Copyright (c) 2006-2011 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [750.8 Ko] - (1.0.62.0) - C:\WINDOWS\SysWOW64\MBAPO32.dll [MD5.DEF98E3067241E87E53C99E786D4225E] - |A| - [27/05/2016 11:00:50] - (.Copyright (c) 2006-2011 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [564.3 Ko] - (1.0.15.175) - C:\WINDOWS\SysWOW64\MBTHX32.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [2859.85 Ko] - C:\WINDOWS\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [815.3 Ko] - C:\WINDOWS\SysWOW64\migwiz [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [13/02/2019 11:54:20] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\mmc.exe.config [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [45.5 Ko] - C:\WINDOWS\SysWOW64\MSDRM [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [52.28 Ko] - C:\WINDOWS\SysWOW64\Msdtc [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [20.55 Ko] - C:\WINDOWS\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [262 Ko] - C:\WINDOWS\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [0 Ko] - C:\WINDOWS\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [51 Ko] - C:\WINDOWS\SysWOW64\networklist [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [275.5 Ko] - C:\WINDOWS\SysWOW64\nl-NL [MD5.00000000000000000000000000000000] - |SD| - [13/02/2019 11:53:48] - [3781.5 Ko] - C:\WINDOWS\SysWOW64\Nui [MD5.B3B9C8925432FDA674ACCA908FE3CFDE] - |N| - [15/09/2018 08:40:49] - (.-.) - [36.79 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\OneDrive.ico [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [685.91 Ko] - C:\WINDOWS\SysWOW64\oobe [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [68 Ko] - C:\WINDOWS\SysWOW64\PerceptionSimulation [MD5.F3423D29BB9F33A3A98794689B446EB7] - |A| - [27/05/2016 11:00:35] - (.-.) - [1834.45 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [275 Ko] - C:\WINDOWS\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:59:49] - [420.74 Ko] - C:\WINDOWS\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [273 Ko] - C:\WINDOWS\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [275.5 Ko] - C:\WINDOWS\SysWOW64\pt-PT [MD5.BAC641EBC0F9A97702C8F95B7C8332A7] - |A| - [09/11/2017 05:53:46] - (.(c) Advanced Micro Devices, Inc. - AMD RapidFire.) - [467.41 Ko] - (1.1.0.27) - C:\WINDOWS\SysWOW64\Rapidfire.dll [MD5.A81A00E4F1F790ED7353A458ADD1CBBB] - |A| - [09/11/2017 05:53:56] - (.(c) Advanced Micro Devices, Inc. - AMD Rapid Fire Server.) - [49.41 Ko] - (1.1.0.19) - C:\WINDOWS\SysWOW64\RapidFireServer.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [23.75 Ko] - C:\WINDOWS\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [0 Ko] - C:\WINDOWS\SysWOW64\RasToast [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [0.82 Ko] - C:\WINDOWS\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [0 Ko] - C:\WINDOWS\SysWOW64\restore [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [207 Ko] - C:\WINDOWS\SysWOW64\ro-RO [MD5.2E00E08420875FAE0B173C6A34C2A575] - |N| - [15/09/2018 08:29:33] - (.-.) - [18.28 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\srms-apr.dat [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [0 Ko] - C:\WINDOWS\SysWOW64\sru [MD5.2A9EB39951763761E55D46BFEB595AEB] - |N| - [15/09/2018 08:29:00] - (.-.) - [319.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [264.5 Ko] - C:\WINDOWS\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:59:49] - [0 Ko] - C:\WINDOWS\SysWOW64\sysprep [MD5.8E49D76E21295D010FF0803D65928F5A] - |N| - [15/09/2018 08:29:28] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [42.5 Ko] - (3.3.2.0) - C:\WINDOWS\SysWOW64\tar.exe [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [0 Ko] - C:\WINDOWS\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [185 Ko] - C:\WINDOWS\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [257.5 Ko] - C:\WINDOWS\SysWOW64\tr-TR [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [202.5 Ko] - C:\WINDOWS\SysWOW64\uk-UA [MD5.E5E98894277C85C600CE391B71F0C084] - |A| - [16/02/2016 00:27:00] - (.-.) - [122.77 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkan-1-1-0-3-1.dll [MD5.ECAD282D3035068CFB021D159C91B514] - |A| - [08/12/2017 23:25:12] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [779.8 Ko] - (1.0.65.1) - C:\WINDOWS\SysWOW64\vulkan-1-1-0-65-1.dll [MD5.ECAD282D3035068CFB021D159C91B514] - |A| - [13/02/2019 12:27:28] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [779.8 Ko] - (1.0.65.1) - C:\WINDOWS\SysWOW64\vulkan-1.dll [MD5.710EE686DFE995825D39B6466A6AA356] - |A| - [16/02/2016 00:25:40] - (.-.) - [41.27 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-3-1.exe [MD5.35065D5FFEFB6886F77AA6A7E5DF901B] - |A| - [08/12/2017 23:25:00] - (.-.) - [479.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-65-1.exe [MD5.35065D5FFEFB6886F77AA6A7E5DF901B] - |A| - [13/02/2019 12:27:28] - (.-.) - [479.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo.exe [MD5.17781A66FBD5B9D90EC11164F4BE1D64] - |A| - [27/05/2016 19:46:23] - (.-.) - [1.98 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\VulkanRT-EULA.rtf [MD5.899504D5158B09E3D5F809AAE26DB3F5] - |A| - [27/05/2016 19:46:23] - (.Copyright (c) 2015-2016 LunarG, Inc. - Vulkan Runtime Installer.) - [13677.07 Ko] - (1.0.3.1) - C:\WINDOWS\SysWOW64\VulkanRT-Installer.exe [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [15713.44 Ko] - C:\WINDOWS\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:59:49] - [0 Ko] - C:\WINDOWS\SysWOW64\WCN [MD5.F884B2B3047C6A61B21540CEAACC53BC] - |N| - [15/09/2018 08:29:03] - (.-.) - [104.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [9099.86 Ko] - C:\WINDOWS\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [6004.44 Ko] - C:\WINDOWS\SysWOW64\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:59:49] - [107.53 Ko] - C:\WINDOWS\SysWOW64\winrm [MD5.4CC6C2D85CE89C54905BAEFCA1A0AA95] - |N| - [15/09/2018 08:29:03] - (.-.) - [62 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 12:01:04] - [10.14 Ko] - C:\WINDOWS\SysWOW64\XPSViewer [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [179 Ko] - C:\WINDOWS\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [30/10/2015 08:24:25] - [0 Ko] - C:\WINDOWS\SysWOW64\zh-HK [MD5.00000000000000000000000000000000] - |D| - [13/02/2019 11:53:48] - [180 Ko] - C:\WINDOWS\SysWOW64\zh-TW ---------- | Shell Folders [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "!Do not use this registry key"=Use the SHGetFolderPath or SHGetKnownFolderPath function instead "AppData"=C:\Users\Philippe\AppData\Roaming [13/02/2019 13:02:27] "Local AppData"=C:\Users\Philippe\AppData\Local [13/02/2019 13:02:27] "CD Burning"=C:\Users\Philippe\AppData\Local\Microsoft\Windows\Burn\Burn [13/02/2019 13:06:17] "{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"=C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Libraries [13/02/2019 13:04:32] "My Video"=C:\Users\Philippe\Videos [13/02/2019 13:02:27] "My Pictures"=C:\Users\Philippe\Pictures [13/02/2019 13:02:27] "Desktop"=C:\Users\Philippe\Desktop [13/02/2019 13:02:27] "History"=C:\Users\Philippe\AppData\Local\Microsoft\Windows\History [13/02/2019 13:02:27] "NetHood"=C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Network Shortcuts [13/02/2019 13:02:27] "{56784854-C6CB-462B-8169-88E350ACB882}"=C:\Users\Philippe\Contacts [13/02/2019 13:04:32] "{00BCFC5A-ED94-4E48-96A1-3F6217F21990}"=C:\Users\Philippe\AppData\Local\Microsoft\Windows\RoamingTiles [13/02/2019 13:04:32] "Cookies"=C:\Users\Philippe\AppData\Local\Microsoft\Windows\INetCookies [13/02/2019 13:02:27] "Favorites"=C:\Users\Philippe\Favorites [13/02/2019 13:02:27] "SendTo"=C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\SendTo [13/02/2019 13:02:27] "Start Menu"=C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu [13/02/2019 13:02:27] "My Music"=C:\Users\Philippe\Music [13/02/2019 13:02:27] "Programs"=C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [13/02/2019 13:02:27] "Recent"=C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Recent [13/02/2019 13:02:27] "PrintHood"=C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Printer Shortcuts [13/02/2019 13:02:27] "{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"=C:\Users\Philippe\Searches [13/02/2019 13:04:32] "{374DE290-123F-4565-9164-39C4925E467B}"=C:\Users\Philippe\Downloads [13/02/2019 13:02:27] "{A520A1A4-1780-4FF6-BD18-167343C5AF16}"=C:\Users\Philippe\AppData\LocalLow [13/02/2019 13:02:30] "Startup"=C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [13/02/2019 13:04:32] "Administrative Tools"=C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [13/02/2019 13:04:32] "Personal"=C:\Users\Philippe\Documents [13/02/2019 13:02:27] "{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"=C:\Users\Philippe\Links [13/02/2019 13:02:27] "Cache"=C:\Users\Philippe\AppData\Local\Microsoft\Windows\INetCache [13/02/2019 13:02:27] "Templates"=C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Templates [13/02/2019 13:02:27] "{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"=C:\Users\Philippe\Saved Games [13/02/2019 13:02:27] "Fonts"=C:\WINDOWS\Fonts [13/02/2019 11:53:47] [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "AppData"=%USERPROFILE%\AppData\Roaming "Cache"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCache "Cookies"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCookies "Desktop"=%USERPROFILE%\Desktop "Favorites"=%USERPROFILE%\Favorites "History"=%USERPROFILE%\AppData\Local\Microsoft\Windows\History "Local AppData"=%USERPROFILE%\AppData\Local "My Music"=%USERPROFILE%\Music "My Pictures"=%USERPROFILE%\Pictures "My Video"=%USERPROFILE%\Videos "NetHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts "Personal"=%USERPROFILE%\Documents "PrintHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts "Programs"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs "Recent"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent "SendTo"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo "Start Menu"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu "Startup"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup "Templates"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates "{374DE290-123F-4565-9164-39C4925E467B}"=%USERPROFILE%\Downloads [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [13/02/2019 11:53:47] "Common AppData"=C:\ProgramData [13/02/2019 11:53:47] "Common Desktop"=C:\Users\Public\Desktop [30/10/2015 08:24:24] "Common Documents"=C:\Users\Public\Documents [30/10/2015 08:24:24] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [13/02/2019 11:53:47] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [13/02/2019 11:53:47] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [13/02/2019 11:53:47] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [30/10/2015 08:24:24] "CommonMusic"=C:\Users\Public\Music [30/10/2015 08:24:24] "CommonPictures"=C:\Users\Public\Pictures [30/10/2015 08:24:24] "CommonVideo"=C:\Users\Public\Videos [30/10/2015 08:24:24] "OEM Links"=C:\ProgramData\OEM\Links [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [13/02/2019 11:53:47] "Common AppData"=C:\ProgramData [13/02/2019 11:53:47] "Common Desktop"=C:\Users\Public\Desktop [30/10/2015 08:24:24] "Common Documents"=C:\Users\Public\Documents [30/10/2015 08:24:24] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [13/02/2019 11:53:47] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [13/02/2019 11:53:47] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [13/02/2019 11:53:47] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [30/10/2015 08:24:24] "CommonMusic"=C:\Users\Public\Music [30/10/2015 08:24:24] "CommonPictures"=C:\Users\Public\Pictures [30/10/2015 08:24:24] "CommonVideo"=C:\Users\Public\Videos [30/10/2015 08:24:24] "OEM Links"=C:\ProgramData\OEM\Links [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads ---------- | [Philippe] [16/02/2019 19:53:57] - |D| - [2253548] - C:\Users\Philippe\.cache [13/02/2019 13:04:32] - |RD| - [298] - C:\Users\Philippe\3D Objects [13/02/2019 13:02:27] - |HD| - [1199094412] - C:\Users\Philippe\AppData [13/02/2019 13:02:30] - |SHD| - [0] - C:\Users\Philippe\Application Data [13/02/2019 13:04:32] - |RD| - [412] - C:\Users\Philippe\Contacts [13/02/2019 13:02:30] - |SHD| - [0] - C:\Users\Philippe\Cookies [13/02/2019 13:02:27] - |RD| - [12184159] - C:\Users\Philippe\Desktop [13/02/2019 13:02:27] - |RD| - [2751690] - C:\Users\Philippe\Documents [13/02/2019 13:02:27] - |RD| - [282] - C:\Users\Philippe\Downloads [13/02/2019 13:02:27] - |RD| - [962] - C:\Users\Philippe\Favorites [13/02/2019 13:04:25] - |SHD| - [25308] - C:\Users\Philippe\IntelGraphicsProfiles [13/02/2019 13:02:27] - |RD| - [1971] - C:\Users\Philippe\Links [13/02/2019 13:02:30] - |SHD| - [0] - C:\Users\Philippe\Local Settings [13/02/2019 13:02:30] - |SHD| - [0] - C:\Users\Philippe\Menu Démarrer [13/02/2019 13:02:30] - |SHD| - [0] - C:\Users\Philippe\Mes documents [13/02/2019 13:05:17] - |HD| - [2632809] - C:\Users\Philippe\MicrosoftEdgeBackups [13/02/2019 13:02:30] - |SHD| - [0] - C:\Users\Philippe\Modèles [13/02/2019 13:02:27] - |RD| - [504] - C:\Users\Philippe\Music [13/02/2019 13:02:27] - |AH| - [1835008] - C:\Users\Philippe\NTUSER.DAT [13/02/2019 13:02:29] - |ASH| - [581632] - C:\Users\Philippe\ntuser.dat.LOG1 [13/02/2019 13:02:29] - |ASH| - [425984] - C:\Users\Philippe\ntuser.dat.LOG2 [13/02/2019 13:02:29] - |ASH| - [65536] - C:\Users\Philippe\NTUSER.DAT{706d2da8-2f81-11e9-8bbc-847beb487409}.TM.blf [13/02/2019 13:02:29] - |ASH| - [524288] - C:\Users\Philippe\NTUSER.DAT{706d2da8-2f81-11e9-8bbc-847beb487409}.TMContainer00000000000000000001.regtrans-ms [13/02/2019 13:02:29] - |ASH| - [524288] - C:\Users\Philippe\NTUSER.DAT{706d2da8-2f81-11e9-8bbc-847beb487409}.TMContainer00000000000000000002.regtrans-ms [13/02/2019 13:02:30] - |SH| - [20] - C:\Users\Philippe\ntuser.ini [13/02/2019 13:08:04] - |RD| - [99] - C:\Users\Philippe\OneDrive [13/02/2019 13:02:27] - |RD| - [884] - C:\Users\Philippe\Pictures [13/02/2019 13:02:30] - |SHD| - [0] - C:\Users\Philippe\Recent [13/02/2019 13:02:27] - |D| - [0] - C:\Users\Philippe\Roaming [13/02/2019 13:02:27] - |RD| - [282] - C:\Users\Philippe\Saved Games [13/02/2019 13:04:32] - |RD| - [1875] - C:\Users\Philippe\Searches [13/02/2019 13:02:30] - |SHD| - [0] - C:\Users\Philippe\SendTo [13/02/2019 14:42:28] - |A| - [0] - C:\Users\Philippe\Sti_Trace.log [13/02/2019 13:02:27] - |RD| - [694] - C:\Users\Philippe\Videos [13/02/2019 13:02:30] - |SHD| - [0] - C:\Users\Philippe\Voisinage d'impression [13/02/2019 13:02:30] - |SHD| - [0] - C:\Users\Philippe\Voisinage réseau [13/02/2019 13:02:27] - |D| - [915898922] - C:\Users\Philippe\AppData\Local [13/02/2019 13:02:30] - |D| - [212888] - C:\Users\Philippe\AppData\LocalLow [13/02/2019 13:02:27] - |D| - [282982602] - C:\Users\Philippe\AppData\Roaming [13/02/2019 15:18:51] - |D| - [1227] - C:\Users\Philippe\AppData\Local\17b98673df1d076b60876890c4483cab [13/02/2019 14:05:12] - |D| - [251488] - C:\Users\Philippe\AppData\Local\2BrightSparks [15/02/2019 19:18:50] - |D| - [65688] - C:\Users\Philippe\AppData\Local\AMD [13/02/2019 13:02:30] - |SHD| - [0] - C:\Users\Philippe\AppData\Local\Application Data [13/02/2019 20:03:27] - |A| - [123569] - C:\Users\Philippe\AppData\Local\ars.cache [13/02/2019 13:06:36] - |D| - [18627] - C:\Users\Philippe\AppData\Local\ATI [16/02/2019 19:53:11] - |D| - [7790] - C:\Users\Philippe\AppData\Local\babl-0.1 [13/02/2019 20:03:39] - |A| - [371143] - C:\Users\Philippe\AppData\Local\census.cache [13/02/2019 13:22:16] - |D| - [18374660] - C:\Users\Philippe\AppData\Local\Comms [13/02/2019 13:04:24] - |D| - [1562308] - C:\Users\Philippe\AppData\Local\ConnectedDevicesPlatform [15/02/2019 11:57:59] - |D| - [0] - C:\Users\Philippe\AppData\Local\D3DSCache [14/02/2019 12:26:42] - |D| - [0] - C:\Users\Philippe\AppData\Local\DBG [16/02/2019 14:58:54] - |D| - [2226760] - C:\Users\Philippe\AppData\Local\Dell Inc [13/02/2019 13:06:22] - |D| - [4671] - C:\Users\Philippe\AppData\Local\DropboxOEM [13/02/2019 15:15:38] - |D| - [1902092] - C:\Users\Philippe\AppData\Local\fontconfig [16/02/2019 19:53:11] - |D| - [0] - C:\Users\Philippe\AppData\Local\gegl-0.4 [16/02/2019 19:53:17] - |D| - [0] - C:\Users\Philippe\AppData\Local\GIMP [16/02/2019 19:55:45] - |D| - [202] - C:\Users\Philippe\AppData\Local\gtk-2.0 [13/02/2019 13:02:30] - |SHD| - [0] - C:\Users\Philippe\AppData\Local\Historique [13/02/2019 19:35:59] - |A| - [36] - C:\Users\Philippe\AppData\Local\housecall.guid.cache [13/02/2019 13:26:33] - |AH| - [140771] - C:\Users\Philippe\AppData\Local\IconCache.db [13/02/2019 13:04:25] - |D| - [704013] - C:\Users\Philippe\AppData\Local\Intel [13/02/2019 13:59:55] - |D| - [776360] - C:\Users\Philippe\AppData\Local\mbam [13/02/2019 13:59:52] - |D| - [235676] - C:\Users\Philippe\AppData\Local\mbamtray [13/02/2019 13:02:27] - |D| - [272130938] - C:\Users\Philippe\AppData\Local\Microsoft [13/02/2019 13:05:05] - |D| - [72267] - C:\Users\Philippe\AppData\Local\MicrosoftEdge [13/02/2019 13:11:22] - |D| - [26428877] - C:\Users\Philippe\AppData\Local\Mozilla [15/02/2019 12:49:37] - |D| - [0] - C:\Users\Philippe\AppData\Local\OneDrive [13/02/2019 13:04:27] - |D| - [152534787] - C:\Users\Philippe\AppData\Local\Packages [13/02/2019 13:08:15] - |D| - [85816] - C:\Users\Philippe\AppData\Local\PlaceholderTileLogoFolder [13/02/2019 13:06:30] - |D| - [40960] - C:\Users\Philippe\AppData\Local\Power2Go8 [13/02/2019 13:17:55] - |D| - [0] - C:\Users\Philippe\AppData\Local\Programs [13/02/2019 13:04:54] - |D| - [11] - C:\Users\Philippe\AppData\Local\Publishers [16/02/2019 19:59:07] - |A| - [1772] - C:\Users\Philippe\AppData\Local\recently-used.xbel [13/02/2019 13:02:27] - |D| - [393830954] - C:\Users\Philippe\AppData\Local\Temp [13/02/2019 13:02:30] - |SHD| - [0] - C:\Users\Philippe\AppData\Local\Temporary Internet Files [14/02/2019 09:45:57] - |D| - [43103887] - C:\Users\Philippe\AppData\Local\Thunderbird [13/02/2019 13:04:28] - |D| - [464682] - C:\Users\Philippe\AppData\Local\VirtualStore [13/02/2019 15:05:08] - |D| - [0] - C:\Users\Philippe\AppData\Local\Windows Live [14/02/2019 12:31:08] - |D| - [436890] - C:\Users\Philippe\AppData\Local\ZHP [13/02/2019 13:04:27] - |SD| - [212888] - C:\Users\Philippe\AppData\LocalLow\Microsoft [13/02/2019 13:11:25] - |D| - [0] - C:\Users\Philippe\AppData\LocalLow\Mozilla [17/02/2019 17:59:39] - |D| - [0] - C:\Users\Philippe\AppData\LocalLow\Temp [13/02/2019 14:05:12] - |D| - [0] - C:\Users\Philippe\AppData\Roaming\2BrightSparks [13/02/2019 13:04:29] - |D| - [0] - C:\Users\Philippe\AppData\Roaming\Adobe [13/02/2019 13:06:36] - |D| - [0] - C:\Users\Philippe\AppData\Roaming\ATI [13/02/2019 14:39:45] - |D| - [2842] - C:\Users\Philippe\AppData\Roaming\Canon [16/02/2019 17:50:17] - |D| - [0] - C:\Users\Philippe\AppData\Roaming\CyberLink [13/02/2019 13:06:50] - |D| - [103976401] - C:\Users\Philippe\AppData\Roaming\DropboxOEM [16/02/2019 19:53:17] - |D| - [466079] - C:\Users\Philippe\AppData\Roaming\GIMP [13/02/2019 13:04:23] - |D| - [1164] - C:\Users\Philippe\AppData\Roaming\Intel [13/02/2019 13:07:32] - |D| - [0] - C:\Users\Philippe\AppData\Roaming\Intel Corporation [13/02/2019 14:45:25] - |D| - [20586] - C:\Users\Philippe\AppData\Roaming\KC Softwares [13/02/2019 13:45:59] - |D| - [44113823] - C:\Users\Philippe\AppData\Roaming\LibreOffice [21/02/2019 17:33:36] - |D| - [510] - C:\Users\Philippe\AppData\Roaming\Macromedia [13/02/2019 13:02:27] - |SD| - [1435907] - C:\Users\Philippe\AppData\Roaming\Microsoft [13/02/2019 13:11:24] - |D| - [43083059] - C:\Users\Philippe\AppData\Roaming\Mozilla [14/02/2019 18:51:41] - |D| - [12420079] - C:\Users\Philippe\AppData\Roaming\OpenOffice [21/02/2019 17:26:29] - |D| - [1624] - C:\Users\Philippe\AppData\Roaming\PhotoFiltre 7 [14/02/2019 09:45:57] - |D| - [25129664] - C:\Users\Philippe\AppData\Roaming\Thunderbird [22/02/2019 17:19:05] - |A| - [267245] - C:\Users\Philippe\AppData\Roaming\Tofapug [13/02/2019 14:53:42] - |D| - [102695] - C:\Users\Philippe\AppData\Roaming\vlc [14/02/2019 09:19:05] - |A| - [379] - C:\Users\Philippe\AppData\Roaming\WB.CFG [14/02/2019 12:31:08] - |D| - [51960545] - C:\Users\Philippe\AppData\Roaming\ZHP [13/02/2019 13:04:32] - |SH| - [174] - C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [13/02/2019 13:02:30] - |SHD| - [0] - C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [13/02/2019 13:02:27] - |RD| - [27360] - C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [13/02/2019 13:02:27] - |RD| - [3888] - C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [13/02/2019 13:02:27] - |RD| - [2927] - C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [13/02/2019 13:04:32] - |RD| - [174] - C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [13/02/2019 13:02:28] - |SH| - [264] - C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [13/02/2019 13:02:27] - |D| - [170] - C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [13/02/2019 13:02:28] - |A| - [2412] - C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [13/02/2019 13:52:56] - |D| - [4684] - C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7 [13/02/2019 13:04:32] - |RD| - [174] - C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [13/02/2019 13:02:27] - |RD| - [4913] - C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [13/02/2019 13:02:27] - |RD| - [7754] - C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [13/02/2019 13:04:32] - |SH| - [174] - C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] [27/05/2016 11:30:37] - |RHD| - [196] - C:\Users\Public\AccountPictures [27/05/2016 10:49:15] - |D| - [0] - C:\Users\Public\CyberLink [30/10/2015 08:24:24] - |RHD| - [3178] - C:\Users\Public\Desktop [13/02/2019 11:53:50] - |ASH| - [174] - C:\Users\Public\desktop.ini [30/10/2015 08:24:24] - |RD| - [278] - C:\Users\Public\Documents [30/10/2015 08:24:24] - |RD| - [174] - C:\Users\Public\Downloads [13/02/2019 11:53:47] - |RHD| - [1135] - C:\Users\Public\Libraries [30/10/2015 08:24:24] - |RD| - [380] - C:\Users\Public\Music [30/10/2015 08:24:24] - |RD| - [380] - C:\Users\Public\Pictures [27/05/2016 11:04:01] - |D| - [0] - C:\Users\Public\Roaming [30/10/2015 08:24:24] - |RD| - [380] - C:\Users\Public\Videos ---------- | C:\ProgramData [13/02/2019 12:57:27] - |SHD| - [0] - C:\ProgramData\Application Data [13/02/2019 13:06:36] - |D| - [0] - C:\ProgramData\ATI [13/02/2019 12:57:27] - |SHD| - [0] - C:\ProgramData\Bureau [13/02/2019 14:33:56] - |HD| - [24874338] - C:\ProgramData\CanonBJ [13/02/2019 14:42:28] - |HD| - [2531] - C:\ProgramData\CanonIJScan [14/02/2019 12:58:53] - |D| - [40311951] - C:\ProgramData\Ciel [27/05/2016 10:43:52] - |D| - [697] - C:\ProgramData\CLSK [30/10/2015 08:24:24] - |D| - [0] - C:\ProgramData\Comms [27/05/2016 10:43:48] - |D| - [1569651] - C:\ProgramData\CyberLink [27/05/2016 19:44:36] - |D| - [795264857] - C:\ProgramData\Dell [13/02/2019 12:57:27] - |SHD| - [0] - C:\ProgramData\Documents [13/02/2019 12:26:12] - |AH| - [0] - C:\ProgramData\DP45977C.lfl [27/05/2016 11:05:13] - |D| - [704362] - C:\ProgramData\Dropbox [27/05/2016 10:44:07] - |D| - [725763] - C:\ProgramData\install_clap [13/02/2019 12:27:24] - |D| - [141050630] - C:\ProgramData\Intel [27/05/2016 11:03:42] - |D| - [51736683] - C:\ProgramData\Intel.sav [13/02/2019 13:59:17] - |D| - [20417062] - C:\ProgramData\Malwarebytes [13/02/2019 12:57:27] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [13/02/2019 11:53:47] - |SD| - [586424193] - C:\ProgramData\Microsoft [27/05/2016 11:27:26] - |D| - [25] - C:\ProgramData\Microsoft OneDrive [13/02/2019 12:57:27] - |SHD| - [0] - C:\ProgramData\Modèles [13/02/2019 13:11:17] - |D| - [24] - C:\ProgramData\Mozilla [13/02/2019 12:26:02] - |D| - [138029903] - C:\ProgramData\Package Cache [13/02/2019 13:04:48] - |D| - [65536] - C:\ProgramData\Packages [27/05/2016 11:04:57] - |D| - [24167847] - C:\ProgramData\PCDr [13/02/2019 11:53:47] - |D| - [995] - C:\ProgramData\regid.1991-06.com.microsoft [27/05/2016 11:04:01] - |D| - [0] - C:\ProgramData\Roaming [13/02/2019 11:53:47] - |D| - [0] - C:\ProgramData\SoftwareDistribution [16/02/2019 14:58:51] - |D| - [49654882] - C:\ProgramData\SupportAssist [27/05/2016 10:43:44] - |D| - [1806000] - C:\ProgramData\Temp [13/02/2019 15:19:56] - |D| - [2103] - C:\ProgramData\Unchecky [13/02/2019 11:53:47] - |D| - [13562] - C:\ProgramData\USOPrivate [13/02/2019 12:24:49] - |D| - [3379200] - C:\ProgramData\USOShared [13/02/2019 11:53:47] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices [27/05/2016 10:49:27] - |A| - [121] - C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log [27/05/2016 10:44:26] - |A| - [106] - C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log [27/05/2016 10:47:43] - |A| - [108] - C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log [27/05/2016 10:45:47] - |A| - [113] - C:\ProgramData\{E1646825-D391-42A0-93AA-27FA810DA093}.log ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [13/02/2019 11:53:50] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [13/02/2019 12:57:27] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [13/02/2019 11:53:47] - |RD| - [131207] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [13/02/2019 14:04:58] - |D| - [2620] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks [13/02/2019 11:53:47] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [13/02/2019 11:53:47] - |RD| - [14299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [13/02/2019 11:53:47] - |RD| - [22954] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [27/05/2016 10:58:15] - |D| - [4373] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center [13/02/2019 12:28:53] - |D| - [2090] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings [13/02/2019 14:34:09] - |D| - [1294] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5100 series [13/02/2019 14:30:03] - |D| - [6655] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [14/02/2019 12:59:10] - |D| - [2086] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ciel [13/02/2019 14:44:25] - |D| - [1289] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo [27/05/2016 10:49:34] - |A| - [1850] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite Essentials.lnk [27/05/2016 10:59:58] - |D| - [11143] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell [27/05/2016 11:02:04] - |D| - [1959] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Audio [13/02/2019 11:53:50] - |SH| - [672] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [13/02/2019 18:37:30] - |A| - [2138] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 20 GB.lnk [13/02/2019 13:11:17] - |A| - [1007] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk [13/02/2019 14:55:55] - |D| - [1154] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FoxTarot [13/02/2019 13:58:19] - |A| - [946] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.8.lnk [15/09/2018 08:29:46] - |AS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [21/02/2019 18:20:33] - |RD| - [2473] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [27/05/2016 10:53:02] - |A| - [724] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk [13/02/2019 14:54:41] - |D| - [3523] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jeux de cartes [13/02/2019 14:45:15] - |D| - [2685] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KC Softwares [13/02/2019 13:44:22] - |D| - [9054] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.0 [13/02/2019 11:53:47] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [13/02/2019 13:59:29] - |D| - [4054] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes [13/02/2019 15:08:04] - |A| - [1380] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk [14/02/2019 09:45:48] - |A| - [1280] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [13/02/2019 13:51:49] - |SD| - [7392] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.6 [13/02/2019 15:07:59] - |A| - [1449] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk [13/02/2019 11:53:47] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [13/02/2019 11:53:47] - |RD| - [2832] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [30/10/2015 10:05:57] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [13/02/2019 14:56:19] - |A| - [1138] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tetris.lnk [13/02/2019 15:19:56] - |D| - [2183] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky [13/02/2019 14:53:31] - |D| - [5862] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [27/05/2016 10:53:00] - |D| - [2342] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1 ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [13/02/2019 11:53:50] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [13/02/2019 14:04:52] - |D| - [82713257] - C:\Program Files (x86)\2BrightSparks [13/02/2019 12:28:40] - |D| - [56105642] - C:\Program Files (x86)\AMD [27/05/2016 10:57:46] - |D| - [103081897] - C:\Program Files (x86)\ATI Technologies [13/02/2019 14:30:02] - |D| - [79118302] - C:\Program Files (x86)\Canon [14/02/2019 12:58:53] - |D| - [74354149] - C:\Program Files (x86)\Ciel [21/02/2019 18:15:12] - |D| - [7114563] - C:\Program Files (x86)\Cisco [13/02/2019 11:53:47] - |D| - [245794606] - C:\Program Files (x86)\Common Files [13/02/2019 14:44:21] - |D| - [10870900] - C:\Program Files (x86)\CrystalDiskInfo [27/05/2016 10:45:02] - |D| - [1432742189] - C:\Program Files (x86)\CyberLink [13/02/2019 19:56:15] - |D| - [24698548] - C:\Program Files (x86)\Dell [22/02/2019 13:27:53] - |D| - [5912711] - C:\Program Files (x86)\Dell Customer Connect [27/05/2016 11:05:08] - |D| - [3652440] - C:\Program Files (x86)\Dell Digital Delivery [13/02/2019 11:53:50] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [27/05/2016 11:05:11] - |D| - [10102764] - C:\Program Files (x86)\Dropbox [13/02/2019 14:55:55] - |D| - [5778849] - C:\Program Files (x86)\FoxTarot5 [27/05/2016 10:43:50] - |HD| - [155936922] - C:\Program Files (x86)\InstallShield Installation Information [27/05/2016 10:52:59] - |D| - [34638529] - C:\Program Files (x86)\Intel [13/02/2019 11:53:47] - |D| - [1983859] - C:\Program Files (x86)\Internet Explorer [13/02/2019 14:54:40] - |D| - [22766490] - C:\Program Files (x86)\Jeux de cartes [13/02/2019 14:45:14] - |D| - [6081157] - C:\Program Files (x86)\KC Softwares [13/02/2019 15:07:51] - |D| - [1829877] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [13/02/2019 11:53:47] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [13/02/2019 13:11:17] - |D| - [333711] - C:\Program Files (x86)\Mozilla Maintenance Service [14/02/2019 09:45:30] - |D| - [132155539] - C:\Program Files (x86)\Mozilla Thunderbird [13/02/2019 12:01:02] - |D| - [25757] - C:\Program Files (x86)\MSBuild [13/02/2019 13:51:09] - |D| - [331074823] - C:\Program Files (x86)\OpenOffice 4 [13/02/2019 13:52:54] - |D| - [8331623] - C:\Program Files (x86)\PhotoFiltre 7 [27/05/2016 11:00:32] - |D| - [150417339] - C:\Program Files (x86)\Realtek [13/02/2019 12:01:02] - |D| - [38462721] - C:\Program Files (x86)\Reference Assemblies [27/05/2016 11:00:29] - |HD| - [0] - C:\Program Files (x86)\Temp [13/02/2019 14:56:18] - |D| - [2707187] - C:\Program Files (x86)\Tetris [13/02/2019 15:19:56] - |D| - [5239468] - C:\Program Files (x86)\Unchecky [13/02/2019 12:27:27] - |D| - [2283495] - C:\Program Files (x86)\VulkanRT [13/02/2019 11:53:47] - |D| - [1719928] - C:\Program Files (x86)\Windows Defender [13/02/2019 15:06:10] - |D| - [85195019] - C:\Program Files (x86)\Windows Live [13/02/2019 11:53:47] - |D| - [625152] - C:\Program Files (x86)\Windows Mail [13/02/2019 12:01:02] - |D| - [3241325] - C:\Program Files (x86)\Windows Media Player [13/02/2019 11:53:47] - |D| - [40432] - C:\Program Files (x86)\Windows Multimedia Platform [13/02/2019 11:53:47] - |D| - [7557464] - C:\Program Files (x86)\windows nt [13/02/2019 11:53:47] - |D| - [5325328] - C:\Program Files (x86)\Windows Photo Viewer [13/02/2019 11:53:47] - |D| - [40432] - C:\Program Files (x86)\Windows Portable Devices [13/02/2019 11:53:47] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [13/02/2019 11:53:47] - |D| - [2250695] - C:\Program Files (x86)\WindowsPowerShell ---------- | C:\Program Files [13/02/2019 12:25:06] - |D| - [337688791] - C:\Program Files\AMD [13/02/2019 11:53:47] - |D| - [80615089] - C:\Program Files\Common Files [27/05/2016 10:59:56] - |D| - [557211685] - C:\Program Files\Dell [13/02/2019 11:53:49] - |ASH| - [174] - C:\Program Files\desktop.ini [13/02/2019 12:57:27] - |SHD| - [0] - C:\Program Files\Fichiers communs [13/02/2019 13:54:01] - |D| - [1032018729] - C:\Program Files\GIMP 2 [13/02/2019 12:27:16] - |D| - [299149794] - C:\Program Files\Intel [13/02/2019 11:53:47] - |D| - [2638022] - C:\Program Files\internet explorer [13/02/2019 13:42:59] - |D| - [551815205] - C:\Program Files\LibreOffice [13/02/2019 13:59:17] - |D| - [169430641] - C:\Program Files\Malwarebytes [13/02/2019 13:11:14] - |D| - [184050722] - C:\Program Files\Mozilla Firefox [13/02/2019 12:01:02] - |D| - [25757] - C:\Program Files\MSBuild [13/02/2019 12:25:38] - |D| - [54560656] - C:\Program Files\Realtek [13/02/2019 12:01:02] - |D| - [36867241] - C:\Program Files\Reference Assemblies [13/02/2019 12:27:31] - |HD| - [0] - C:\Program Files\Uninstall Information [13/02/2019 14:52:51] - |D| - [174855255] - C:\Program Files\VideoLAN [27/05/2016 11:01:52] - |D| - [5085456] - C:\Program Files\Waves [13/02/2019 11:53:47] - |RD| - [15109582] - C:\Program Files\Windows Defender [30/10/2015 10:05:57] - |D| - [0] - C:\Program Files\Windows Journal [13/02/2019 11:53:47] - |D| - [636416] - C:\Program Files\Windows Mail [13/02/2019 12:01:02] - |D| - [4716945] - C:\Program Files\Windows Media Player [13/02/2019 11:53:47] - |D| - [47512] - C:\Program Files\Windows Multimedia Platform [13/02/2019 11:53:47] - |D| - [7888728] - C:\Program Files\windows nt [13/02/2019 11:53:47] - |D| - [6135112] - C:\Program Files\Windows Photo Viewer [13/02/2019 11:53:47] - |D| - [47512] - C:\Program Files\Windows Portable Devices [13/02/2019 11:53:47] - |D| - [110373] - C:\Program Files\Windows Security [13/02/2019 11:53:47] - |SHD| - [0] - C:\Program Files\Windows Sidebar [13/02/2019 11:53:47] - |HD| - [2682686548] - C:\Program Files\WindowsApps [13/02/2019 11:53:47] - |D| - [2717396] - C:\Program Files\WindowsPowerShell ---------- | C:\Program Files (x86)\Common Files [14/02/2019 12:59:01] - |D| - [27096] - C:\Program Files (x86)\Common Files\Ciel [27/05/2016 10:45:31] - |D| - [96216] - C:\Program Files (x86)\Common Files\CyberLink [13/02/2019 12:27:10] - |D| - [105970465] - C:\Program Files (x86)\Common Files\Intel [27/05/2016 11:00:41] - |D| - [244743] - C:\Program Files (x86)\Common Files\Intel Corporation [13/02/2019 11:53:47] - |D| - [15552339] - C:\Program Files (x86)\Common Files\microsoft shared [14/02/2019 12:59:05] - |D| - [651776] - C:\Program Files (x86)\Common Files\MSSoap [21/02/2019 18:18:11] - |D| - [204508] - C:\Program Files (x86)\Common Files\PostureAgent [13/02/2019 11:53:47] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [13/02/2019 11:53:47] - |D| - [9448843] - C:\Program Files (x86)\Common Files\system [13/02/2019 14:49:33] - |D| - [113595918] - C:\Program Files (x86)\Common Files\Windows Live ---------- | C:\Program Files\Common files [13/02/2019 12:25:05] - |D| - [31209280] - C:\Program Files\Common files\ATI Technologies [21/02/2019 18:15:14] - |D| - [2386760] - C:\Program Files\Common files\Intel [13/02/2019 11:53:47] - |D| - [36720656] - C:\Program Files\Common files\microsoft shared [13/02/2019 11:53:47] - |D| - [2702] - C:\Program Files\Common files\Services [13/02/2019 11:53:47] - |D| - [10295691] - C:\Program Files\Common files\system ---------- | Tasks [MD5.2A04B20E835F05F55D326B50B65C3E49] - [27/05/2016 11:05:15] - |A| - [1208] - C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job [MD5.F1CA7451E71A2EBCBCB70B5A19D2E405] - [27/05/2016 11:05:15] - |A| - [1212] - C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [13/02/2019 12:56:42] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.00000000000000000000000000000000] - [13/02/2019 14:05:12] - |D| - [0] - C:\WINDOWS\System32\Tasks\2BrightSparks [MD5.52F808CB39F99D0E37E692C4243B750E] - [13/02/2019 12:56:42] - |A| - [2528] - C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8 : C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe [MD5.678663EB169CFF52AE0297B86F909969] - [13/02/2019 12:56:42] - |A| - [2528] - C:\WINDOWS\System32\Tasks\CLVDLauncher : C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLVDLauncher.exe [MD5.CE35AA759FD51F102726A552A73F52F0] - [16/02/2019 14:59:26] - |A| - [3912] - C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate : C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [MD5.9666488A6391D08EEB5BDAF1CFD180A0] - [13/02/2019 12:56:42] - |A| - [3186] - C:\WINDOWS\System32\Tasks\DropboxOEM : "%ProgramFiles(x86)%\Dropbox\DropboxOEM\DropboxOEM.exe" [MD5.AD92A5DA1638CBE0F6AF47BDCF076863] - [13/02/2019 12:56:42] - |A| - [4040] - C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore : C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [MD5.126AC90CFCD75F73FAE3A40B4B27C65A] - [13/02/2019 12:56:42] - |A| - [4272] - C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA : C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [MD5.FA8EF947AB53251CC4E3C325F5CA33AC] - [21/02/2019 18:18:49] - |A| - [3738] - C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification : "C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe" [MD5.00000000000000000000000000000000] - [13/02/2019 12:56:42] - |D| - [0] - C:\WINDOWS\System32\Tasks\McAfee [MD5.00000000000000000000000000000000] - [13/02/2019 11:53:47] - |D| - [578664] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.0F2618610B15FCBBE3F8FBCC9BB0A59D] - [13/02/2019 13:08:04] - |A| - [3382] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3187091646-2650930121-827019622-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.A827D17820B0252E84FEB6EA9592F50F] - [13/02/2019 12:56:42] - |A| - [2304] - C:\WINDOWS\System32\Tasks\RtHDVBg_PushButton : "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" [MD5.00000000000000000000000000000000] - [13/02/2019 15:19:03] - |D| - [0] - C:\WINDOWS\System32\Tasks\{17B98673-DF1D-076B-6087-6890C4483CAB} [MD5.00000000000000000000000000000000] - [13/02/2019 11:53:48] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "WiFiDirect-KM-Driver-In-TCP"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-TCP"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-UDP"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-UDP"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "DeliveryOptimization-TCP-In"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "Netlogon-NamedPipe-In"=v2.29|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.29|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Infra-In-TCP"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "{D7D69CB0-1D55-49FA-B0F9-38AB9A4EB2D9}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe|Name=CyberLink PowerDVD 12.0|Desc=CyberLink PowerDVD 12.0| "{AEF8A25A-4B0E-46E8-87E0-C9ADA74DD815}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDirector12\PDR10.EXE|Name=CyberLink PowerDirector|Desc=CyberLink PowerDirector| "{EDC791F2-8479-4DAC-9005-35C4A5245998}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{5D267EE1-8B1A-4CB0-A1A4-A1B4F6705C90}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Shell Input Application|Desc=Shell Input Application|LUOwn=S-1-5-21-3187091646-2650930121-827019622-1001|AppPkgId=S-1-15-2-3945102849-3632965805-3846928828-240845225-3300287824-62672950-817265009|EmbedCtxt=Shell Input Application|Platform=2:6:2|Platform2=GTEQ| "{B5F3A3E9-1F36-41DF-B14A-22CAD2685415}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-3187091646-2650930121-827019622-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{09B66376-58FE-4C0E-9357-2C14F8E59753}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-3187091646-2650930121-827019622-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{375806DA-F2E5-4291-8A14-83174571AB25}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-3187091646-2650930121-827019622-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{ADE90AD2-A12C-4C7D-9D1A-90C6B1F51946}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-3187091646-2650930121-827019622-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{5159F7C7-DC4B-4F1F-9F8C-2850B2D7FF79}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-3187091646-2650930121-827019622-1001|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ| "{06001BE3-6117-4707-ADA7-7D1EB817DFBE}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Pay|Desc=Microsoft Pay|LUOwn=S-1-5-21-3187091646-2650930121-827019622-1001|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Microsoft Pay|Platform=2:6:2|Platform2=GTEQ| "{14E7500B-0D4C-4D44-AC62-0D89223CD8DD}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-3187091646-2650930121-827019622-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{EF87D057-D4BA-45CA-AF3A-EC3E24B6E43F}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-3187091646-2650930121-827019622-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{08FA421D-B2C4-4758-855E-AA2D48EEA2AD}"=v2.29|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe|Name=Windows Live Communications Platform|Edge=TRUE| "{B2C4926C-45EC-485F-A7FD-CC8B449F57AD}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (UPnP)| "{FD70AF63-4200-4B99-A1E8-9F786CD3E55C}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (SSDP)| "{04877B17-5CE1-4A84-8A21-8278E2130443}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Dolby Access|Desc=Dolby Access|LUOwn=S-1-5-21-3187091646-2650930121-827019622-1001|AppPkgId=S-1-15-2-864892550-682355956-3667821578-694357232-3878941086-3291980491-2900429266|EmbedCtxt=Dolby Access|Platform=2:6:2|Platform2=GTEQ| "{97C9B1B5-3CF0-4E12-AFF6-177841D05E45}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Dolby Access|Desc=Dolby Access|LUOwn=S-1-5-21-3187091646-2650930121-827019622-1001|AppPkgId=S-1-15-2-864892550-682355956-3667821578-694357232-3878941086-3291980491-2900429266|EmbedCtxt=Dolby Access|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{34C4A157-189F-4386-874E-88A92871AFFE}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Fitbit Coach|Desc=Fitbit Coach|LUOwn=S-1-5-21-3187091646-2650930121-827019622-1001|AppPkgId=S-1-15-2-2529986682-1402584740-3005359367-4137886740-2476183567-2531476767-3437465235|EmbedCtxt=Fitbit Coach|Platform=2:6:2|Platform2=GTEQ| "{ACF6206E-729B-43DD-A654-EC1385A22BCD}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Fitbit Coach|Desc=Fitbit Coach|LUOwn=S-1-5-21-3187091646-2650930121-827019622-1001|AppPkgId=S-1-15-2-2529986682-1402584740-3005359367-4137886740-2476183567-2531476767-3437465235|EmbedCtxt=Fitbit Coach|Platform=2:6:2|Platform2=GTEQ| "{12562BFA-5E82-42A6-8E46-4F35D53A42A7}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-3187091646-2650930121-827019622-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{9BFD3B71-57CD-4A64-A785-212FFC04D36E}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-3187091646-2650930121-827019622-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{75F5EB1C-EAB4-4F01-B4C9-6290F2E94E51}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Dell SupportAssist for PCs|Desc=Dell SupportAssist for PCs|LUOwn=S-1-5-21-3187091646-2650930121-827019622-1001|AppPkgId=S-1-15-2-3971759008-1428112976-277385281-1417411725-1693336791-4246814374-3695824175|EmbedCtxt=Dell SupportAssist for PCs|Platform=2:6:2|Platform2=GTEQ| "{74D99C17-4BD2-4E12-A581-0D5CC09DBEF2}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Dell SupportAssist for PCs|Desc=Dell SupportAssist for PCs|LUOwn=S-1-5-21-3187091646-2650930121-827019622-1001|AppPkgId=S-1-15-2-3971759008-1428112976-277385281-1417411725-1693336791-4246814374-3695824175|EmbedCtxt=Dell SupportAssist for PCs|Platform=2:6:2|Platform2=GTEQ| "{B090242E-228C-4D92-9475-D452BCE8D27B}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-3187091646-2650930121-827019622-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{E7129ADB-F908-4849-BB82-BEF6791EF735}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-3187091646-2650930121-827019622-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{E3C27578-A841-4FED-AD77-B639B5EFAA02}"=v2.29|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe|Name=Wireless PAN DHCP Server|EmbedCtxt=MyWiFiDHCPDNS| "{ED903A5B-83B1-4C81-A115-3AC3FC16EF80}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game bar|Desc=Xbox Game bar|LUOwn=S-1-5-21-3187091646-2650930121-827019622-1001|AppPkgId=S-1-15-2-1823635404-1364722122-2170562666-1762391777-2399050872-3465541734-3732476201|EmbedCtxt=Xbox Game bar|Platform=2:6:2|Platform2=GTEQ| "{6EA71CB1-AD26-4B6B-B268-1A202E5C7B70}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Candy Crush Saga|Desc=Candy Crush Saga|LUOwn=S-1-5-21-3187091646-2650930121-827019622-1001|AppPkgId=S-1-15-2-2599857031-3789198952-3515498744-3120614410-3826243417-3816649221-455961092|EmbedCtxt=Candy Crush Saga|Platform=2:6:2|Platform2=GTEQ| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ee986ed-9d81-43b3-b9ea-30686e6f4219}] : (PSM) [] -> @oem17.inf,%ClassName%;Intel® Power Sharing Manager [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3f966bd9-fa04-4ec5-991c-d326973b5128}] : (AndroidUsbDeviceClass) [] -> @oem6.inf,%ClassName%;Android Phone [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{502EB68B-57B4-4FEE-9890-18F2D8AD1E3E}] : (mfencbdc) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b2728d24-ac56-42db-9e02-8edaf5db652f}] : (RDCamera) [] -> @rdcameradriver.inf,%ClassName%;Remote Desktop Camera devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b83400f8-b7b2-4bb7-8fe3-d179eddb8e8b}] : (NALDevice) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e6f1aa1c-7f3b-4473-b2e8-c97d8ac71d53}] : (UCM) [] -> @c_ucm.inf,%ClassDesc%;USB Connector Managers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [27/05/2016 10:45:35] - (1.0.0.3512) - (CyberLink - It is a virtual device driver which could create multiple virtual devices and mount image files.) - C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [27/10/2016 04:52:46] - (1.0.0.0) - (OSR Open Systems Resources, Inc. - Airplane Mode Switch Driver) - C:\WINDOWS\System32\drivers\DellRbtn.sys [20/10/2018 16:34:22] - (2.0.1.0) - (Dell Inc. - DDDriver.sys) - C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [08/08/2016 11:22:36] - (10.0.10586.31225) - (Realsil Semiconductor Corporation - RTS USB READER Driver) - C:\WINDOWS\system32\Drivers\RtsUer.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdkmafd (@oem93.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter) -> System32\drivers\amdkmafd.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - bttflt (@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter) -> System32\drivers\bttflt.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - cht4iscsi () -> System32\drivers\cht4sx64.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - iaStorA () -> System32\drivers\iaStorA.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - iaStorAVC (@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller) -> System32\drivers\iaStorAVC.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-101) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - ItSas35i () -> System32\drivers\ItSas35i.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - MbamElam (MbamElam) -> system32\DRIVERS\MbamElam.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas35i () -> System32\drivers\megasas35i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;Pilote de bus PCI) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> system32\DRIVERS\ramdisk.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - SgrmAgent (@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001) -> system32\drivers\SgrmAgent.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SmartSAMD () -> System32\drivers\SmartSAMD.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> system32\drivers\wd\WdBoot.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> system32\drivers\wd\WdFilter.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - afunix (afunix) -> \SystemRoot\system32\drivers\afunix.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - bam (@%SystemRoot%\system32\drivers\bam.sys,-100) -> system32\drivers\bam.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - CLVirtualDrive (CLVirtualDrive) -> \SystemRoot\system32\DRIVERS\CLVirtualDrive.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> system32\drivers\cldflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) [HKU\S-1-5-21-3187091646-2650930121-827019622-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\447bdf313b7629aa801440c97fa7e38c] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\GIMP-2_is1] : (GIMP 2.10.8.-.The GIMP Team) -> "C:\Program Files\GIMP 2\uninst\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26646404-C149-4246-B7CD-228CF88F6138}] : (LibreOffice 6.0 Help Pack (French).-.The Document Foundation) -> MsiExec.exe /I{26646404-C149-4246-B7CD-228CF88F6138} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{27833D55-FD60-4C16-9794-8715028E1783}] : (Intel® PROSet/Wireless WiFi Software.-.Intel Corporation) -> MsiExec.exe /I{27833D55-FD60-4C16-9794-8715028E1783} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{307032B2-6AF2-46D7-B933-62438DEB2B9A}] : (Maxx Audio Installer (x64).-.Waves Audio Ltd.) -> MsiExec.exe /X{307032B2-6AF2-46D7-B933-62438DEB2B9A} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{48114909-3C3B-43E6-BF98-AE9C396500A3}] : (Enregistrement du produit.-.Dell Inc.) -> MsiExec.exe /X{48114909-3C3B-43E6-BF98-AE9C396500A3} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{51788BA4-D93F-4E7B-BA13-ACC88E7803DB}] : (Intel(R) Serial IO.-.Intel Corporation) -> MsiExec.exe /I{51788BA4-D93F-4E7B-BA13-ACC88E7803DB} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{54B10C43-7DD3-4C32-B0D1-9F90C9FBB6E3}] : (LibreOffice 6.0.7.3.-.The Document Foundation) -> MsiExec.exe /I{54B10C43-7DD3-4C32-B0D1-9F90C9FBB6E3} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5C551173-E64C-B8A8-C016-30FACB12CFED}] : (AMD Settings.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6D0ADF03-B505-F836-3317-521C40DDB44C}] : (AMD Catalyst Install Manager.-.Advanced Micro Devices, Inc.) -> msiexec /q/x{6D0ADF03-B505-F836-3317-521C40DDB44C} REBOOT=ReallySuppress ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7B3B60EB-197B-4B06-ADFF-D0B50E755D4F}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{7B3B60EB-197B-4B06-ADFF-D0B50E755D4F} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{87CF757E-C1F1-4D22-865C-00C6950B5258}] : (Quickset64.-.Dell Inc.) -> MsiExec.exe /I{87CF757E-C1F1-4D22-865C-00C6950B5258} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8917AEA5-01A5-476F-AA27-A52EA6C94212}] : (Aide et support Dell.-.Dell Inc.) -> MsiExec.exe /X{8917AEA5-01A5-476F-AA27-A52EA6C94212} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8C91A5EB-2C62-4A6D-8802-CC79FD2ED390}] : (Intel(R) Chipset Device Software.-.Intel Corporation) -> MsiExec.exe /I{8C91A5EB-2C62-4A6D-8802-CC79FD2ED390} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C9552825-7BF2-4344-BA91-D3CD46F4C442}] : (Intel(R) Trusted Connect Service Client x64.-.Intel Corporation) -> MsiExec.exe /I{C9552825-7BF2-4344-BA91-D3CD46F4C442} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CF2FF2E6-27D1-44D2-B532-1B31B731244C}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> MsiExec.exe /I{CF2FF2E6-27D1-44D2-B532-1B31B731244C} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D3531D7A-B6FA-44A5-A024-E2A14F325F90}] : (Microsoft VC++ redistributables repacked..-.Intel Corporation) -> MsiExec.exe /I{D3531D7A-B6FA-44A5-A024-E2A14F325F90} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{deb9bba6-d980-43e2-82ea-ae8fe1c51461}] : (Intel(R) PRO/Wireless Driver.-.Intel Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E5B5A486-C7F5-429C-9324-13835620F2FD}] : (Intel(R) Management Engine Driver.-.Intel Corporation) -> MsiExec.exe /I{E5B5A486-C7F5-429C-9324-13835620F2FD} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E98E94E2-12D1-48E5-AC69-2C312F466136}] : (Dell SupportAssist.-.Dell Inc.) -> MsiExec.exe /X{E98E94E2-12D1-48E5-AC69-2C312F466136} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}] : (Intel(R) ME UninstallLegacy.-.Intel Corporation) -> MsiExec.exe /I{E9B9A1A5-6398-4C99-8FDE-10794F6505C5} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{EC465D35-92DC-4DAE-9EA8-01215688F709}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{EC465D35-92DC-4DAE-9EA8-01215688F709} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0867A88D-764F-366E-9E21-130DA8B472C3}] : (Dropbox 20 GB.-.Dropbox, Inc.) -> MsiExec.exe /I{0867A88D-764F-366E-9E21-130DA8B472C3} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{099218A5-A723-43DC-8DB5-6173656A1E94}] : (Dropbox Update Helper.-.Dropbox, Inc.) -> MsiExec.exe /I{099218A5-A723-43DC-8DB5-6173656A1E94} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0D06C02F-88E8-355D-1862-208A99E890FD}] : (CCC Help Japanese.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0D5E5C9A-84C2-D3E9-30EE-1836BA479E0E}] : (PX Profile Update.-.AMD) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{11978AFE-A3B3-EE91-3E12-CBD2563A5B86}] : (AMD Catalyst Control Center.-.Nom de votre société) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1242DC4C-E823-BC8F-3D1E-691933FC1074}] : (CCC Help Italian.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}] : (Dell Customer Connect.-.Dell Inc.) -> MsiExec.exe /I{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2A942570-A22A-9697-54B0-6BCDA08C265F}] : (CCC Help Swedish.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2DEEAF48-EA3B-5606-FDCA-C75C2D390F35}] : (CCC Help Chinese Standard.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4B230374-6475-4A73-BA6E-41015E9C5013}] : (Intel® Security Assist.-.Intel Corporation) -> MsiExec.exe /I{4B230374-6475-4A73-BA6E-41015E9C5013} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{50D70A8D-0503-4AA6-97EF-09849E9FB520}] : (OpenOffice 4.1.6.-.Apache Software Foundation) -> MsiExec.exe /I{50D70A8D-0503-4AA6-97EF-09849E9FB520} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5A1B39A8-DFFA-49E4-80C3-DFCD7CE8A8B3}] : (Intel(R) Wireless Bluetooth(R).-.Intel Corporation) -> MsiExec.exe /I{5A1B39A8-DFFA-49E4-80C3-DFCD7CE8A8B3} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}] : (Realtek Card Reader.-.Realtek Semiconductor Corp.) -> C:\WINDOWS\RtCRU64.exe /u [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5EBBC1DA-975F-44A0-B438-F325BCD45577}] : (Dell Update.-.Dell Inc.) -> MsiExec.exe /X{5EBBC1DA-975F-44A0-B438-F325BCD45577} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{629FB24D-9D32-CBD1-C411-5B225CFEADB6}] : (AMD Settings.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{69CAF5AA-13AD-45FA-8DAE-8E8FE2C9C3C3}] : (Ciel Comptes personnels 12.0.-.Ciel) -> MsiExec.exe /I{69CAF5AA-13AD-45FA-8DAE-8E8FE2C9C3C3} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7AE6899D-E673-9564-431E-B89F6B43DE30}] : (CCC Help Portuguese.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{837C5DD8-5886-40A7-A9C7-99500BE1D5DE}] : (CCC Help Norwegian.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{95E0E6DC-C308-4C96-BEDB-68C75A32FAF8}_is1] : (Tetris.-.Crystal Office Systems) -> "C:\Program Files (x86)\Tetris\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{969FE15C-DA80-92D4-4B0A-BB1866A36AD4}] : (CCC Help Spanish.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{985F7F32-5BE4-4CDA-9582-F7AEA40D1974}] : (Microsoft VC++ redistributables repacked..-.Intel Corporation) -> MsiExec.exe /I{985F7F32-5BE4-4CDA-9582-F7AEA40D1974} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AAD6F3A7-C603-3886-A878-C795A6E42D53}] : (CCC Help Dutch.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}] : (Dell Digital Delivery.-.Dell Products, LP) -> MsiExec.exe /I{AB7F2792-2ED1-4C5C-9F28-680E5110BF72} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B0814BAF-F16A-FE88-7C9C-5239577003C9}] : (CCC Help Russian.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}] : (OEM Application Profile.-.Nom de votre société) -> MsiExec.exe /X{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C7E6047A-700C-7CED-FF2A-B1980DB46F97}] : (CCC Help English.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C9552825-7BF2-4344-BA91-D3CD46F4C441}] : (Intel(R) Trusted Connect Service Client x86.-.Intel Corporation) -> MsiExec.exe /I{C9552825-7BF2-4344-BA91-D3CD46F4C441} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D7FE6004-9226-2860-E56E-2FA75A092BA8}] : (CCC Help Chinese Traditional.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DBB3CEF3-D9AB-2D05-CBFB-F0A98EBA4E8F}] : (CCC Help German.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DF3DD8E3-BD6C-4D57-B20D-3FED6D36716F}_is1] : (FoxTarot version 5.4.1.-.Fabrice RENARD) -> "C:\Program Files (x86)\FoxTarot5\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EB0AC9FE-B1FB-1CA2-1CEE-9EACABDE5FA5}] : (CCC Help Finnish.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F0247519-F35C-D868-C7F0-C47B1292C20E}] : (Catalyst Control Center Localization All.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F7FB4C78-9A52-EA31-CE8D-5662109A9AD5}] : (CCC Help Korean.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FB194BEF-F465-8E0D-8F44-7653A111B2AE}] : (CCC Help Danish.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FD286527-7076-4988-A436-BEE53EA1B900}] : (Catalyst Control Center - Branding.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /I{FD286527-7076-4988-A436-BEE53EA1B900} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FE12BF1C-B6AA-AE90-6C38-A0CF26B8FF92}] : (CCC Help French.-.Advanced Micro Devices, Inc.) -> ---------- | Ports ---------- | Installer [HKCR\Installer\Products\075249A2A22A7969450BB6DC0AC862F5] : CCC Help Swedish -> c:\Windows\Installer\{2A942570-A22A-9697-54B0-6BCDA08C265F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2972F7BA1DE2C5C4F98286E01501FB27] : Dell Digital Delivery -> c:\Windows\Installer\{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}\cloud.ico [HKCR\Installer\Products\2B2307032FA67D649B332634D8BEB2A9] : Maxx Audio Installer (x64) -> C:\Windows\Installer\{307032B2-6AF2-46D7-B933-62438DEB2B9A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2E49E89E1D215E84CA96C213F2641663] : Dell SupportAssist -> C:\WINDOWS\Installer\{E98E94E2-12D1-48E5-AC69-2C312F466136}\ARPPRODUCTICON.exe [HKCR\Installer\Products\30FDA0D6505B638F337125C104DD4BC4] : AMD Catalyst Install Manager -> c:\Windows\Installer\{6D0ADF03-B505-F836-3317-521C40DDB44C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\34C01B453DD723C40B1DF9099CBF6B3E] : LibreOffice 6.0.7.3 -> C:\WINDOWS\Installer\{54B10C43-7DD3-4C32-B0D1-9F90C9FBB6E3}\soffice.ico [HKCR\Installer\Products\371155C5C46E8A8B0C6103AFBC21FCDE] : AMD Settings -> C:\WINDOWS\Installer\{5C551173-E64C-B8A8-C016-30FACB12CFED}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3FEC3BBDBA9D50D2BCBF0F9AE8ABE4F8] : CCC Help German -> c:\Windows\Installer\{DBB3CEF3-D9AB-2D05-CBFB-F0A98EBA4E8F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4006EF7D622906825EE6F27AA590B28A] : CCC Help Chinese Traditional -> c:\Windows\Installer\{D7FE6004-9226-2860-E56E-2FA75A092BA8}\ARPPRODUCTICON.exe [HKCR\Installer\Products\40464662941C64247BDC22C88FF81683] : LibreOffice 6.0 Help Pack (French) -> C:\WINDOWS\Installer\{26646404-C149-4246-B7CD-228CF88F6138}\soffice.ico [HKCR\Installer\Products\42C6FBF1Df1C10144AB2C065F4E9E897] : Media Suite -> C:\Windows\Installer\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\ARPPRODUCTICON.exe [HKCR\Installer\Products\473032B4574637A4ABE61410E5C90531] : Intel® Security Assist -> C:\Windows\Installer\{4B230374-6475-4A73-BA6E-41015E9C5013}\isa.ico [HKCR\Installer\Products\4AB88715F39DB7E4AB31CA8CE88730BD] : Intel(R) Serial IO [HKCR\Installer\Products\5282559C2FB74434AB193DDC644F4C14] : Intel(R) Trusted Connect Service Client x86 [HKCR\Installer\Products\5282559C2FB74434AB193DDC644F4C24] : Intel(R) Trusted Connect Service Client x64 [HKCR\Installer\Products\5286461E193D0A2439AA72AF18D00A39] : PowerDirector -> C:\Windows\Installer\{E1646825-D391-42A0-93AA-27FA810DA093}\ARPPRODUCTICON.exe [HKCR\Installer\Products\53D564CECD29EAD4E98A101265887F90] : Intel(R) Management Engine Components [HKCR\Installer\Products\55D3387206DF61C47949785120E87138] : Intel® PROSet/Wireless WiFi Software -> C:\WINDOWS\Installer\{27833D55-FD60-4C16-9794-8715028E1783}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5A1A9B9E893699C4F8ED0197F456505C] : Intel(R) ME UninstallLegacy [HKCR\Installer\Products\5A812990327ACD34D85B163756A6E149] : Dropbox Update Helper [HKCR\Installer\Products\5AEA71985A10F674AA725AE26A9C2421] : Aide et support Dell -> C:\WINDOWS\Installer\{8917AEA5-01A5-476F-AA27-A52EA6C94212}\ARPPRODUCTICON.exe [HKCR\Installer\Products\63AEB64B17B0E4A4EA1478426134AFA0] : Power Media Player -> C:\Windows\Installer\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\684A5B5E5F7CC9243942313865022FDF] : Intel(R) Management Engine Driver [HKCR\Installer\Products\69A46712847638B4987EA70536FB51C6] : Movie Maker [HKCR\Installer\Products\6ABB9BED089D2E3428AEEAF81E5C4116] : Intel(R) PRO/Wireless Driver -> C:\WINDOWS\Installer\{DEB9BBA6-D980-43E2-82EA-AE8FE1C51461}\ARPPRODUCTICON.exe [HKCR\Installer\Products\6E2FF2FC1D722D445B23B1137B1342C4] : Intel(R) Rapid Storage Technology [HKCR\Installer\Products\725682DF670788944A63EB5EE31A9B00] : Catalyst Control Center - Branding -> c:\Windows\Installer\{FD286527-7076-4988-A436-BEE53EA1B900}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7A3F6DAA306C68838A877C596A4ED235] : CCC Help Dutch -> c:\Windows\Installer\{AAD6F3A7-C603-3886-A878-C795A6E42D53}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7BD4C90EC03660F46A13E87A329932FA] : D3DX10 [HKCR\Installer\Products\84FAEED2B3AE6065DFAC7CC5D293F053] : CCC Help Chinese Standard -> c:\Windows\Installer\{2DEEAF48-EA3B-5606-FDCA-C75C2D390F35}\ARPPRODUCTICON.exe [HKCR\Installer\Products\87C4BF7F25A913AEECD8652601A9A95D] : CCC Help Korean -> c:\Windows\Installer\{F7FB4C78-9A52-EA31-CE8D-5662109A9AD5}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8A93B1A5AFFD4E94083CFDDCC78E8A3B] : Intel(R) Wireless Bluetooth(R) -> C:\Windows\Installer\{5A1B39A8-DFFA-49E4-80C3-DFCD7CE8A8B3}\IntelBluetooth.ico [HKCR\Installer\Products\8CDD41E806AE81E43B3E917301D4B5AD] : MSVCRT110 [HKCR\Installer\Products\8DD5C73868857A049A7C9905B01E5DED] : CCC Help Norwegian -> c:\Windows\Installer\{837C5DD8-5886-40A7-A9C7-99500BE1D5DE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\90941184B3C36E34FB89EAC99356003A] : Enregistrement du produit -> C:\WINDOWS\Installer\{48114909-3C3B-43E6-BF98-AE9C396500A3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9157420FC53F868D7C0F4CB721292CE0] : Catalyst Control Center Localization All -> c:\Windows\Installer\{F0247519-F35C-D868-C7F0-C47B1292C20E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A6C64DD86500CEF47BA082BB611A1FF1] : MSVCRT [HKCR\Installer\Products\A7406E7CC007DEC7FFA21B89D04BF679] : CCC Help English -> c:\Windows\Installer\{C7E6047A-700C-7CED-FF2A-B1980DB46F97}\ARPPRODUCTICON.exe [HKCR\Installer\Products\AA5FAC96DA31AF54D8EAE8F82E9C3C3C] : Ciel Comptes personnels 12.0 -> C:\WINDOWS\Installer\{69CAF5AA-13AD-45FA-8DAE-8E8FE2C9C3C3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\AD1CBBE5F5790A444B833F52CB4D5577] : Dell Update -> C:\WINDOWS\Installer\{5EBBC1DA-975F-44A0-B438-F325BCD45577}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B4EB76DD26E75124FA3A1F328A003A98] : Movie Maker [HKCR\Installer\Products\B9FB157332F56794AA26B14F7D19CDEF] : Photo Common [HKCR\Installer\Products\BE06B3B7B79160B4DAFF0D5BE057D5F4] : Intel(R) Management Engine Components [HKCR\Installer\Products\BE5A19C826C2D6A48820CC97DFE23D09] : Intel(R) Chipset Device Software [HKCR\Installer\Products\C08ED421EFB940D48A9D965C10D9EEFB] : Dell Customer Connect -> C:\WINDOWS\Installer\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}\dnd.ico [HKCR\Installer\Products\C1FB21EFAA6B09EAC6830AFC628BFF29] : CCC Help French -> c:\Windows\Installer\{FE12BF1C-B6AA-AE90-6C38-A0CF26B8FF92}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C4CD2421328EF8CBD3E1969133CF0147] : CCC Help Italian -> c:\Windows\Installer\{1242DC4C-E823-BC8F-3D1E-691933FC1074}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C51EF96908AD4D29B4A0BB81663AA64D] : CCC Help Spanish -> c:\Windows\Installer\{969FE15C-DA80-92D4-4B0A-BB1866A36AD4}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D42BF92623D91DBC4C11B522C5EFDA6B] : AMD Settings -> C:\WINDOWS\Installer\{629FB24D-9D32-CBD1-C411-5B225CFEADB6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D84D78A2FDF3df1479DC1A3E07FEFF2E] : Power2Go -> C:\Windows\Installer\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D88A7680F467E663E91231D08A4B273C] : Dropbox 20 GB -> C:\WINDOWS\Installer\{0867A88D-764F-366E-9E21-130DA8B472C3}\DropboxOEM.exe [HKCR\Installer\Products\D8A07D0530506AA479FE9048E9F95B02] : OpenOffice 4.1.6 -> C:\WINDOWS\Installer\{50D70A8D-0503-4AA6-97EF-09849E9FB520}\soffice.ico [HKCR\Installer\Products\D9986EA7376E465934E18BF9B634ED03] : CCC Help Portuguese -> c:\Windows\Installer\{7AE6899D-E673-9564-431E-B89F6B43DE30}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E66BAA708174D2242981A4BFC329A217] : Photo Gallery [HKCR\Installer\Products\E757FC781F1C22D468C5006C59B02585] : Quickset64 -> c:\Windows\Installer\{87CF757E-C1F1-4D22-865C-00C6950B5258}\ARPPRODUCTICON.exe [HKCR\Installer\Products\EF9CA0BEBF1B2AC1C1EEE9CABAEDF55A] : CCC Help Finnish -> c:\Windows\Installer\{EB0AC9FE-B1FB-1CA2-1CEE-9EACABDE5FA5}\ARPPRODUCTICON.exe [HKCR\Installer\Products\EFA879113B3A19EEE321BC2D65A3B568] : AMD Catalyst Control Center -> c:\Windows\Installer\{11978AFE-A3B3-EE91-3E12-CBD2563A5B86}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F187AF9E08E3993428A5DAE3112CC877] : MSVCRT110_amd64 [HKCR\Installer\Products\F20C60D08E88D553812602A8998E09DF] : CCC Help Japanese -> c:\Windows\Installer\{0D06C02F-88E8-355D-1862-208A99E890FD}\ARPPRODUCTICON.exe [HKCR\Installer\Products\FAB4180BA61F88EFC7C925937507309C] : CCC Help Russian -> c:\Windows\Installer\{B0814BAF-F16A-FE88-7C9C-5239577003C9}\ARPPRODUCTICON.exe [HKCR\Installer\Products\FEB491BF564FD0E8F84467351A112BEA] : CCC Help Danish -> c:\Windows\Installer\{FB194BEF-F465-8E0D-8F44-7653A111B2AE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\FF43B934E47F70845B2EB4575815ADB6] : Galerie de photos ---------- | ADS ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Le programme SearchUI.exe version 10.0.17763.292 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 19d0 Heure de début : 01d4cac4f4758ab6 Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe ID de rapport : 2ff1b9ef-5186-4e70-a90d-3d6953223178 Nom complet du package défectueux : Microsoft.Windows.Cortana_1.11.5.17763_neutral_neutral_cw5n1h2txyewy ID de l'application relative à un package défectueux : CortanaUI Type de blocage : Quiesce ------------ Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide . Opération : Opération asynchrone en cours d’exécution Contexte : État actuel: DoSnapshotSet ------------ Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide . Opération : Opération asynchrone en cours d’exécution Contexte : État actuel: DoSnapshotSet ------------ Le filtre d’événement avec la requête « //./ROOT/default » n’a pas pu être réactivé dans l’espace de noms « "select * from CIntelWLANEvent » à cause de l’erreur 0x80041010. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème n’est pas corrigé. ------------ Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide . Opération : Opération asynchrone en cours d’exécution Contexte : État actuel: DoSnapshotSet ------------ Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide . Opération : Opération asynchrone en cours d’exécution Contexte : État actuel: DoSnapshotSet ------------ Nom de l’application défaillante ServiceShell.exe, version : 1.1.0.46, horodatage : 0x5be9f49a Nom du module défaillant : KERNELBASE.dll, version : 10.0.17763.292, horodatage : 0xb51bba8e Code d’exception : 0xe0434352 Décalage d’erreur : 0x0000000000055549 ID du processus défaillant : 0x3128 Heure de début de l’application défaillante : 0x01d4ca06704b75a7 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 3ed3505b-f78d-4aa8-bdda-86faebfa915a Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Application : ServiceShell.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.MissingMemberException à Dell.Asimov.UpdateTelemetry.Platinum.PlatinumProvider+d__10.MoveNext() à System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() à System.Threading.ThreadPoolWorkQueue.Dispatch() ------------ Nom de l’application défaillante ServiceShell.exe, version : 1.1.0.46, horodatage : 0x5be9f49a Nom du module défaillant : KERNELBASE.dll, version : 10.0.17763.292, horodatage : 0xb51bba8e Code d’exception : 0xe0434352 Décalage d’erreur : 0x0000000000055549 ID du processus défaillant : 0x2088 Heure de début de l’application défaillante : 0x01d4ca05ea3625c5 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : a0287f85-80a3-4281-9457-88cd4cb54dd2 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Application : ServiceShell.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.MissingMemberException à Dell.Asimov.UpdateTelemetry.Platinum.PlatinumProvider+d__10.MoveNext() à System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() à System.Threading.ThreadPoolWorkQueue.Dispatch() ------------ Product: Dell Update -- A newer version of Dell Update is already installed. ------------ Le programme SearchUI.exe version 10.0.17763.292 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 15cc Heure de début : 01d4c9259f64b7c0 Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe ID de rapport : 4247d4a2-edec-49a0-94c2-5745c4a60fc6 Nom complet du package défectueux : Microsoft.Windows.Cortana_1.11.5.17763_neutral_neutral_cw5n1h2txyewy ID de l'application relative à un package défectueux : CortanaUI Type de blocage : Quiesce ------------ Nom de l’application défaillante ServiceShell.exe, version : 1.1.0.46, horodatage : 0x5be9f49a Nom du module défaillant : KERNELBASE.dll, version : 10.0.17763.292, horodatage : 0xb51bba8e Code d’exception : 0xe0434352 Décalage d’erreur : 0x0000000000055549 ID du processus défaillant : 0x228c Heure de début de l’application défaillante : 0x01d4c48453ee4a0d Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : a1db9af0-b5fe-49b6-9fe1-caa28a034e01 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Application : ServiceShell.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.MissingMemberException à Dell.Asimov.UpdateTelemetry.Platinum.PlatinumProvider+d__10.MoveNext() à System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() à System.Threading.ThreadPoolWorkQueue.Dispatch() ------------ Nom de l’application défaillante SpatialAudioLicenseSrv.exe, version : 10.0.17763.1, horodatage : 0xa3f85ffe Nom du module défaillant : ntdll.dll, version : 10.0.17763.292, horodatage : 0x7ded7809 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000004df23 ID du processus défaillant : 0x2ac4 Heure de début de l’application défaillante : 0x01d4c6009c76b5b0 Chemin d’accès de l’application défaillante : C:\Windows\System32\SpatialAudioLicenseSrv.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : 32a959b2-b096-47a9-a0c4-8f7d3ae6f857 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide . Opération : Opération asynchrone en cours d’exécution Contexte : État actuel: DoSnapshotSet ------------ Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide . Opération : Opération asynchrone en cours d’exécution Contexte : État actuel: DoSnapshotSet ------------ Nom de l’application défaillante IAStorDataMgrSvc.exe, version : 14.8.1.1043, horodatage : 0x564b505a Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x07ada015 ID du processus défaillant : 0x64c Heure de début de l’application défaillante : 0x01d4c484776da0b5 Chemin d’accès de l’application défaillante : C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe Chemin d’accès du module défaillant: unknown ID de rapport : a1514969-a444-4ac5-b772-f7def8b66da5 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Application : IAStorDataMgrSvc.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.NullReferenceException à IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges() à IAStorUtil.SystemDataModelListener.LoadSavedSystemState() à IAStorDataMgr.EventRelay.b__0(System.Object) à System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object) à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() à System.Threading.ThreadPoolWorkQueue.Dispatch() à System.Threading._ThreadPoolWaitCallback.PerformWaitCallback() ------------ ----------( EOF)---------- - 4397 | 19:56:56