--------------- QuickDiag | g3n-h@ckm@n | V5_27.02.19.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 02/07/2019 10:07:15 Updated 27/02/2019 | 11:10 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Axel&Nico (Administrator)] - [AXELNICOPCSALON] (S-1-5-21-2779967726-3164674173-1318877449-1001) System: Microsoft Windows 10 Famille - - (10.0.18362) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (1903) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\WINDOWS|\Device\Harddisk0\Partition4 Boot : Normal boot PC: K30AD_M31AD_M51AD - ASUSTeK COMPUTER INC. - IdNumber: F4PDCG000MCT - UUID: C89297DA-9667-923E-B57C-086266A207FD Processor : X64 - 3592 Mhz - Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz 0702 - en|US|iso8859-1 - American Megatrends Inc. - S/N: F4PDCG000MCT - 0702 - ASUS - 702 CoreTemp : 29.8 Celsius ----------| Quick ---------- | SoundDevice NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0051&SUBSYS_10438670&REV_1001\5&16844A10&0&0001 NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000 Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0887&SUBSYS_104385D1&REV_1003\4&758906C&0&0001 ---------- | Video NVIDIA GeForce GT 720 - Resolution: 1440x900 - Colors: 4294967296 - RefreshRate: 59 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\nvak.inf_amd64_791beb67a268df58\nvd3dumx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvak.inf_amd64_791beb67a268df58\nvwgf2umx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvak.inf_amd64_791beb67a268df58\nvwgf2umx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvak.inf_amd64_791beb67a268df58\nvwgf2umx.dll - PNPDeviceID: PCI\VEN_10DE&DEV_1288&SUBSYS_86701043&REV_A1\4&3834D97&0&0008 - AdapterCompatibility: NVIDIA - RAM: -2147483648 Inegrated Video Chipset DeviceName: NVIDIA GeForce GT 720 - DriverVersion: 21.21.13.7563 - SpecificationVersion: 1025 ---------- | Codecs C:\WINDOWS\system32\TSBYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\LAGARITH.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 148992 - Manufacturer: - Status: OK C:\WINDOWS\system32\XVIDVFW.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 311296 - Manufacturer: - Status: OK C:\WINDOWS\system32\L3CODECA.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 92672 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK C:\WINDOWS\system32\X264VFW64.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 3799552 - Manufacturer: x264vfw project - Status: OK C:\WINDOWS\system32\MSADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34808 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\MSYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27648 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\MSGSM32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42600 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\IYUV_32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\AC3ACM.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 180736 - Manufacturer: fccHandler - Status: OK C:\WINDOWS\system32\MSRLE32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\MSG711.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 26056 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\MSVIDC32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 39424 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\IMAADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 36920 - Manufacturer: Microsoft Corporation - Status: OK ---------- | CPU CPU #1 value:25 % CPU #2 value:6 % CPU #3 value:18 % CPU #4 value:0 % CPU #5 value:0 % CPU #6 value:0 % CPU #7 value:6 % CPU #8 value:0 % Total Overall CPU Usage value:7 % ---------- | Network Intel[R] Ethernet Connection I217-V : SENT:0 bytes/sec / RECVD:0 bytes/sec Realtek 8821AE Wireless LAN 802.11ac PCI-E NIC : SENT:0 bytes/sec / RECVD:0 bytes/sec Overall -> SEND Maxium:7 bytes/sec, / RECEIVE Maximum:0 bytes/sec Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 Realtek 8821AE Wireless LAN 802.11ac PCI-E NIC - Ethernet 802.3 - Realtek Semiconductor Corp. - Status: - PnPID : PCI\VEN_10EC&DEV_8821&SUBSYS_21611A3B&REV_00\4&7CACB70&0&00E1 Intel(R) Ethernet Connection I217-V - Ethernet 802.3 - Intel Corporation - Status: - PnPID : PCI\VEN_8086&DEV_153B&SUBSYS_859F1043&REV_05\3&11583659&0&C8 Microsoft Wi-Fi Direct Virtual Adapter #4 - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&30B0A900&1&11 Microsoft Wi-Fi Direct Virtual Adapter #3 - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&30B0A900&1&12 WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_SSTPMINIPORT WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_AGILEVPNMINIPORT WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_L2TPMINIPORT WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPTPMINIPORT WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPPOEMINIPORT WAN Miniport (IP) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIP WAN Miniport (IPv6) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIPV6 WAN Miniport (Network Monitor) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANBH ---------- | Memory RAM = Total (MB) : 6230 | Free (MB) : 2799 Pagefile = Total (MB) : 7934 | Free (MB) : 3798 Virtual = Total (MB) : 4194 | Free (MB) : 3910 Physical Memory 0 : Capacity: 4294967296 - ChannelA-DIMM0 - Posit.: - Manufacturer: Kingston - PartNumber: ASU16D3LU1MNG/4G - S/N: F022D40E Physical Memory 1 : Capacity: 2147483648 - ChannelB-DIMM0 - Posit.: - Manufacturer: Kingston - PartNumber: ASU16D3LFU1KBG/2G - S/N: 2A10F679 ---------- | SID Users Administrateur : [S-1-5-21-2779967726-3164674173-1318877449-500] Axel&Nico : [S-1-5-21-2779967726-3164674173-1318877449-1001] DefaultAccount : [S-1-5-21-2779967726-3164674173-1318877449-503] Invité : [S-1-5-21-2779967726-3164674173-1318877449-501] WDAGUtilityAccount : [S-1-5-21-2779967726-3164674173-1318877449-504] Administrateurs : [S-1-5-32-544] Administrateurs Hyper-V : [S-1-5-32-578] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] WinRMRemoteWMIUsers__ : [S-1-5-21-2779967726-3164674173-1318877449-1000] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [Windows] | Total : 150 Go | Free : 18.81 Go -> NTFS [SATA] D:\ -> [Fixed] | [Data] | Total : 761.69 Go | Free : 60.08 Go -> NTFS [SATA] Disk Usage Information [1 total Physical Disks] Physical Drive #0 [C:, D:] : Read:19,757,365 bytes/sec, Written:400,457 bytes/sec Max Read:19,757,365 bytes/sec, Max Write:400,457 bytes/sec Overall - Read Maximum:19,757,365 bytes/sec, Write Maximum:400,457 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 5 Part. - PnPID : SCSI\DISK&VEN_TOSHIBA&PROD_DT01ACA100\4&E937C7&0&000000 ---------- | Windows updates - Activation - License W.A.T : :) Test 1 : Windows Is NOT Activated Test 2 : Windows Is Activated Test 3 : Windows Is Activated Volume License ---------- | Browsers IE : 11.0.18362.1 (© Microsoft Corporation. Tous droits réservés.) FF : 67.0.4.7109 (©Firefox and Mozilla Developers; available under the MPL 2 license.) GC : 75.0.3770.100 (Copyright 2019 Google LLC.) Default : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "" ---------- | FlashPlayer FlashPlayer ActiveX : 32.0.0.207 FlashPlayer Plugin : 32.0.0.207 ---------- | Security AV : Windows Defender Disabled AS : G DATA TOTAL SECURITY Disabled FW : G DATA TOTAL SECURITY Enabled WMI : OK WU: Windows Update Service [Manual(3)] = stopped AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 512 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.18362.1) = C:\Windows\System32\smss.exe [19/03/2019 06:44:35] CPU Usage:0 % 760 | [Owner : Système | Parent : 648() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.18362.1) = C:\Windows\System32\csrss.exe [19/03/2019 06:44:35] CPU Usage:0 % 872 | [Owner : Système | Parent : 648() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.18362.1) = C:\Windows\System32\wininit.exe [19/03/2019 06:44:35] CPU Usage:0 % 1000 | [Owner : Système | Parent : 872(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.18362.207) = C:\Windows\System32\services.exe [01/07/2019 18:34:24] CPU Usage:0 % 1020 | [Owner : Système | Parent : 872(wininit.exe) | 15.68 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.18362.1) = C:\Windows\System32\lsass.exe [19/03/2019 06:44:36] CPU Usage:0 % 580 | [Owner : Système | Parent : 1000(services.exe) | 3.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 96 | [Owner : Système | Parent : 1000(services.exe) | 27.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 1032 | [Owner : UMFD-0 | Parent : 872(wininit.exe) | 3.09 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.18362.1) = C:\Windows\System32\fontdrvhost.exe [19/03/2019 06:44:38] CPU Usage:0 % 1136 | [Owner : SERVICE RÉSEAU | Parent : 1000(services.exe) | 14.07 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 1184 | [Owner : Système | Parent : 1000(services.exe) | 8.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 1336 | [Owner : Système | Parent : 1000(services.exe) | 12.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 1396 | [Owner : Système | Parent : 1000(services.exe) | 10.78 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 1456 | [Owner : Système | Parent : 1000(services.exe) | 15.98 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 1484 | [Owner : Système | Parent : 1000(services.exe) | 5.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 1508 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 16.18 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 1516 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 11.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 1612 | [Owner : Système | Parent : 1000(services.exe) | 11.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 1800 | [Owner : Système | Parent : 1000(services.exe) | 9.66 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 1812 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 8.03 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 1888 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 7.15 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 1980 | [Owner : SERVICE RÉSEAU | Parent : 1000(services.exe) | 12.03 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 1996 | [Owner : Système | Parent : 1000(services.exe) | 12.28 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 2008 | [Owner : SERVICE RÉSEAU | Parent : 1000(services.exe) | 8.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 2032 | [Owner : Système | Parent : 1000(services.exe) | ?????] - (.G DATA Software AG - G DATA AntiVirus Scan Server.) - (1.4.19113.1315) = C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [23/04/2019 21:55:52] CPU Usage:0 % 2124 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 8.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 2184 | [Owner : Système | Parent : 1000(services.exe) | ?????] - (.G Data Software AG - G Data Filesystem Monitor Service.) - (27.0.19114.921) = C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe [24/04/2019 15:22:00] CPU Usage:2 % 2344 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 7.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 2520 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 6.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 2576 | [Owner : Système | Parent : 1000(services.exe) | 79.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 2584 | [Owner : Système | Parent : 1000(services.exe) | 5.52 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 2656 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 7.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 2832 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 5.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 2840 | [Owner : Système | Parent : 1000(services.exe) | 8.49 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 2904 | [Owner : Système | Parent : 1000(services.exe) | 7.58 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 2924 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 9.13 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 2932 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 7.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 2992 | [Owner : Système | Parent : 1000(services.exe) | 19.66 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 3092 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 6.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 3148 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 13.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 3496 | [Owner : Système | Parent : 1000(services.exe) | 14.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 3508 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 9.59 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 3512 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 5.98 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 3632 | [Owner : SERVICE RÉSEAU | Parent : 1000(services.exe) | 12.74 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 3784 | [Owner : Système | Parent : 1000(services.exe) | 15.79 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 3912 | [Owner : Système | Parent : 1000(services.exe) | 14.25 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 3988 | [Owner : Système | Parent : 1000(services.exe) | 13.93 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.18362.1) = C:\Windows\System32\spoolsv.exe [19/03/2019 06:43:53] CPU Usage:0 % 4028 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 18.44 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 4048 | [Owner : SERVICE RÉSEAU | Parent : 1000(services.exe) | 7.51 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 4056 | [Owner : Système | Parent : 1000(services.exe) | 5.51 Mo] - (.CANON INC. - Canon IJ Scan Utility SETEVENT.) - (1.1.20.9554) = C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [25/01/2018 20:03:46] CPU Usage:0 % 4104 | [Owner : Système | Parent : 1000(services.exe) | 5.34 Mo] - (.Intel Corporation - Intel® PROSet Monitoring Service.) - (18.5.21.0) = C:\Windows\System32\IPROSetMonitor.exe [09/07/2013 07:30:24] CPU Usage:0 % 4112 | [Owner : Système | Parent : 1000(services.exe) | 6.11 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 4124 | [Owner : Système | Parent : 1000(services.exe) | 5.84 Mo] - (.Dropbox, Inc. - Dropbox Service.) - (1.0.24.0) = C:\Windows\System32\DbxSvc.exe [24/06/2019 14:12:04] CPU Usage:0 % 4132 | [Owner : Système | Parent : 1000(services.exe) | 7.52 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 4140 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 18.47 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 4176 | [Owner : Système | Parent : 1000(services.exe) | 43.65 Mo] - (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - (16.0.11727.20222) = C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [29/09/2015 20:18:07] CPU Usage:0 % 4220 | [Owner : Système | Parent : 1000(services.exe) | 14.9 Mo] - (.G DATA Software AG - G DATA Backup Service.) - (5.0.19113.1366) = C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe [23/04/2019 22:46:46] CPU Usage:0 % 4228 | [Owner : Système | Parent : 1000(services.exe) | 39.05 Mo] - (.Seagate Technology LLC - Seagate Dashboard.) - (4.3.5.0) = C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [28/06/2016 15:03:12] CPU Usage:0 % 4240 | [Owner : Système | Parent : 1000(services.exe) | 38.38 Mo] - (.Seagate Technology LLC - Seagate Dashboard.) - (4.4.10.0) = C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [28/06/2016 15:04:26] CPU Usage:0 % 4248 | [Owner : Système | Parent : 1000(services.exe) | 12.94 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 4280 | [Owner : Système | Parent : 1000(services.exe) | ?????] - (.G DATA Software AG - G DATA ANTIVIRUS Proxy Service.) - (1.5.19113.1336) = C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [23/04/2019 22:16:49] CPU Usage:0 % 4304 | [Owner : Système | Parent : 1000(services.exe) | 8.34 Mo] - (.Realtek Semiconductor Corp. - Realtek Bluetooth BTDevManager Service Application.) - (1.1.18.1) = C:\Windows\RtkBtManServ.exe [30/10/2018 00:55:32] CPU Usage:0 % 4312 | [Owner : Système | Parent : 1000(services.exe) | 7.47 Mo] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.31.8.1) = C:\Program Files\Intel\iCLS Client\HeciServer.exe [28/08/2013 00:32:14] CPU Usage:0 % 4336 | [Owner : Système | Parent : 1000(services.exe) | 11.48 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.0.0.0) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [12/12/2016 09:54:06] CPU Usage:0 % 4352 | [Owner : Système | Parent : 1000(services.exe) | 6.62 Mo] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.31.1644) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [16/12/2018 20:29:48] CPU Usage:0 % 4360 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 5.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 4368 | [Owner : Système | Parent : 1000(services.exe) | 20.61 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 4416 | [Owner : Système | Parent : 1000(services.exe) | 29.67 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 4436 | [Owner : Système | Parent : 1000(services.exe) | 5.26 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 4804 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 4.91 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 5084 | [Owner : Système | Parent : 1000(services.exe) | 8.65 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 5124 | [Owner : Système | Parent : 1000(services.exe) | 11.33 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 5252 | [Owner : SERVICE LOCAL | Parent : 4112(svchost.exe) | 14.12 Mo] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.18362.1) = C:\Windows\System32\dasHost.exe [19/03/2019 06:44:18] CPU Usage:0 % 5468 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 7.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 5628 | [Owner : SERVICE RÉSEAU | Parent : 1000(services.exe) | 6.9 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 5960 | [Owner : Système | Parent : 1000(services.exe) | ?????] - (.G Data Software AG - G Data Personal Firewall.) - (4.1.19114.916) = C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe [24/04/2019 15:16:36] CPU Usage:0 % 6056 | [Owner : Système | Parent : 1000(services.exe) | 11.78 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 3752 | [Owner : Système | Parent : 96(svchost.exe) | 9.38 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.18362.1) = C:\Windows\System32\wbem\WmiPrvSE.exe [19/03/2019 06:44:00] CPU Usage:0 % 2512 | [Owner : SERVICE RÉSEAU | Parent : 96(svchost.exe) | 17.77 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.18362.1) = C:\Windows\System32\wbem\WmiPrvSE.exe [19/03/2019 06:44:00] CPU Usage:0 % 864 | [Owner : Système | Parent : 1000(services.exe) | 5.91 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 5100 | [Owner : Système | Parent : 1000(services.exe) | 7.61 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [10/04/2015 06:05:27] CPU Usage:0 % 1580 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 17.35 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 2736 | [Owner : Système | Parent : 1000(services.exe) | 8.23 Mo] - (.WildTangent - WildTangent Games App Integration Service.) - (4.0.35.71) = C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [25/08/2014 19:57:26] CPU Usage:0 % 4580 | [Owner : Système | Parent : 888() | 4.18 Mo] - (.Dropbox, Inc. - Dropbox Update.) - (1.3.27.73) = C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [27/09/2016 16:41:53] CPU Usage:0 % 7024 | [Owner : Système | Parent : 1000(services.exe) | 47.92 Mo] - (.Intel Corporation - IAStorDataSvc.) - (12.8.0.1016) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [08/08/2013 00:24:00] CPU Usage:0 % 1916 | [Owner : Système | Parent : 1000(services.exe) | 6.1 Mo] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (9.5.12.1682) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [10/04/2015 05:56:29] CPU Usage:0 % 2980 | [Owner : Système | Parent : 1000(services.exe) | 11.43 Mo] - (.Intel Corporation - Intel(R) Local Management Service.) - (9.5.10.1628) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [10/04/2015 05:56:04] CPU Usage:0 % 5068 | [Owner : Système | Parent : 1000(services.exe) | ?????] - (.Microsoft Corporation - Service Broker du moniteur d'exécution System Guard.) - (10.0.18362.1) = C:\Windows\System32\SgrmBroker.exe [19/03/2019 06:45:32] CPU Usage:0 % 3712 | [Owner : Système | Parent : 1000(services.exe) | 14.75 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 1372 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 6900 | [Owner : Système | Parent : 1000(services.exe) | 22.3 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.18362.207) = C:\Windows\System32\SearchIndexer.exe [01/07/2019 18:34:09] CPU Usage:0 % 6540 | [Owner : Système | Parent : 1000(services.exe) | 15.15 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 7304 | [Owner : Système | Parent : 1000(services.exe) | 7.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 9540 | [Owner : Système | Parent : 1000(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.18.1901.16384) = C:\Windows\System32\SecurityHealthService.exe [19/03/2019 06:44:39] CPU Usage:0 % 10112 | [Owner : Système | Parent : 96(svchost.exe) | 10.31 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.18362.1) = C:\Windows\System32\dllhost.exe [19/03/2019 06:44:33] CPU Usage:0 % 3728 | [Owner : Système | Parent : 1000(services.exe) | 9.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 9884 | [Owner : Système | Parent : 1000(services.exe) | 5.78 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 9804 | [Owner : Système | Parent : 1000(services.exe) | 10.92 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 2204 | [Owner : Système | Parent : 96(svchost.exe) | 11.26 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.18362.1) = C:\Windows\System32\dllhost.exe [19/03/2019 06:44:33] CPU Usage:0 % 3640 | [Owner : Système | Parent : 1000(services.exe) | 8.06 Mo] - (.Microsoft Corporation - Service de cliché instantané de volumes Microsoft®.) - (10.0.18362.1) = C:\Windows\System32\VSSVC.exe [19/03/2019 06:44:21] CPU Usage:0 % 2964 | [Owner : Système | Parent : 1000(services.exe) | 7.55 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 584 | [Owner : Système | Parent : 1000(services.exe) | 22.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 2320 | [Owner : Système | Parent : 1000(services.exe) | 9.91 Mo] - (.G DATA Software - Coffre de données G DATA.) - (4.1.0.8) = C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe [07/12/2017 15:49:45] CPU Usage:0 % 2912 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 16.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 11032 | [Owner : SERVICE RÉSEAU | Parent : 1000(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 5612 | [Owner : Système | Parent : 10080() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.18362.1) = C:\Windows\System32\csrss.exe [19/03/2019 06:44:35] CPU Usage:0 % 11116 | [Owner : Système | Parent : 10080() | 10 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.18362.1) = C:\Windows\System32\winlogon.exe [19/03/2019 06:44:38] CPU Usage:0 % 7528 | [Owner : UMFD-2 | Parent : 11116(winlogon.exe) | 5.67 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.18362.1) = C:\Windows\System32\fontdrvhost.exe [19/03/2019 06:44:38] CPU Usage:0 % 2848 | [Owner : DWM-2 | Parent : 11116(winlogon.exe) | 59.07 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.18362.145) = C:\Windows\System32\dwm.exe [01/07/2019 18:34:20] CPU Usage:0 % 5116 | [Owner : Système | Parent : 4336(NVDisplay.Container.exe) | 23.02 Mo] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.7563) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [06/06/2017 23:27:38] CPU Usage:0 % 8124 | [Owner : SERVICE LOCAL | Parent : 1000(services.exe) | 5.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 8228 | [Owner : Système | Parent : 1000(services.exe) | 11.84 Mo] - (.Microsoft Corporation - Service de disque virtuel.) - (10.0.18362.1) = C:\Windows\System32\vds.exe [19/03/2019 06:43:58] CPU Usage:0 % 9632 | [Owner : Axel&Nico | Parent : 7304(svchost.exe) | 14.09 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.18362.1) = C:\Windows\System32\ctfmon.exe [19/03/2019 06:44:33] CPU Usage:0 % 9712 | [Owner : Axel&Nico | Parent : 1800(svchost.exe) | 25.78 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.18362.1) = C:\Windows\System32\sihost.exe [19/03/2019 06:44:12] CPU Usage:0 % 8844 | [Owner : Axel&Nico | Parent : 1000(services.exe) | 19.01 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 2756 | [Owner : Axel&Nico | Parent : 1000(services.exe) | 41.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 8796 | [Owner : Axel&Nico | Parent : 1456(svchost.exe) | 15.01 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.18362.1) = C:\Windows\System32\taskhostw.exe [19/03/2019 06:44:33] CPU Usage:0 % 11244 | [Owner : Axel&Nico | Parent : 1456(svchost.exe) | 3.87 Mo] - (.- SecureDeleteBackground.) - (1.0.0.0) = C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe [10/04/2015 06:06:35] CPU Usage:0 % 7224 | [Owner : Axel&Nico | Parent : 1456(svchost.exe) | 0.67 Mo] - (.ASUSTeK - Power Manager_background.) - (1.4.0.1) = C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe [10/04/2015 06:06:44] CPU Usage:0 % 2532 | [Owner : Axel&Nico | Parent : 1456(svchost.exe) | 0.61 Mo] - (.ASUSTeK Computer Inc. - Tool to handle application key.) - (2.0.0.5) = C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [10/04/2015 06:05:40] CPU Usage:0 % 7404 | [Owner : Axel&Nico | Parent : 1456(svchost.exe) | 1.6 Mo] - (.ASUSTeK Computer Inc. - SyncUp Server.) - (1.0.0.1) = C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe [10/04/2015 06:06:49] CPU Usage:0 % 1044 | [Owner : Axel&Nico | Parent : 7288() | 185.53 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.18362.207) = C:\Windows\explorer.exe [01/07/2019 18:33:58] CPU Usage:0 % 4264 | [Owner : SERVICE RÉSEAU | Parent : 1000(services.exe) | 14.85 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 7148 | [Owner : Axel&Nico | Parent : 1000(services.exe) | 20.87 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 5148 | [Owner : Axel&Nico | Parent : 96(svchost.exe) | 68.33 Mo] - (.-.) - (0.0.0.0) = C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe [19/03/2019 06:44:23] CPU Usage:0 % 4592 | [Owner : Axel&Nico | Parent : 96(svchost.exe) | 25.14 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.18362.1) = C:\Windows\System32\RuntimeBroker.exe [19/03/2019 06:44:06] CPU Usage:0 % 1260 | [Owner : Axel&Nico | Parent : 2184(AVKWCtlx64.exe) | 3.94 Mo] - (.G DATA Software AG - G DATA Security Software - Tray Application.) - (25.1.19113.1430) = C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe [23/04/2019 23:50:49] CPU Usage:0 % 8328 | [Owner : Axel&Nico | Parent : 2184(AVKWCtlx64.exe) | 13.59 Mo] - (.G DATA Software AG - G DATA Personal Firewall.) - (2.7.19113.1393) = C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe [23/04/2019 23:13:29] CPU Usage:0 % 784 | [Owner : Axel&Nico | Parent : 1260(AVKTray.exe) | 5.87 Mo] - (.G DATA Software AG - G DATA Security Software GDKBFltExe.) - (3.0.8.18045) = C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe [05/06/2018 01:05:13] CPU Usage:0 % 6036 | [Owner : Axel&Nico | Parent : 96(svchost.exe) | 17 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.18362.1) = C:\Windows\System32\RuntimeBroker.exe [19/03/2019 06:44:06] CPU Usage:0 % 10420 | [Owner : Axel&Nico | Parent : 96(svchost.exe) | 53.49 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.18362.145) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [01/07/2019 18:34:21] CPU Usage:0 % 1680 | [Owner : Axel&Nico | Parent : 96(svchost.exe) | 16.78 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.18362.1) = C:\Windows\System32\RuntimeBroker.exe [19/03/2019 06:44:06] CPU Usage:0 % 6752 | [Owner : Axel&Nico | Parent : 96(svchost.exe) | 36.98 Mo] - (.-.) - (1.19061.410.0) = C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19061.410.0_x64__8wekyb3d8bbwe\YourPhone.exe [02/07/2019 00:06:11] CPU Usage:0 % 976 | [Owner : Axel&Nico | Parent : 96(svchost.exe) | 7.49 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.18362.1) = C:\Windows\System32\RuntimeBroker.exe [19/03/2019 06:44:06] CPU Usage:0 % 9740 | [Owner : Axel&Nico | Parent : 1044(explorer.exe) | 8.97 Mo] - (.Microsoft Corporation - Windows Security notification icon.) - (10.0.18362.1) = C:\Windows\System32\SecurityHealthSystray.exe [19/03/2019 06:44:23] CPU Usage:0 % 10340 | [Owner : Axel&Nico | Parent : 1044(explorer.exe) | 8.52 Mo] - (.NVIDIA Corporation - NVIDIA Backend.) - (20.16.6.0) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [10/04/2015 05:57:49] CPU Usage:0 % 9524 | [Owner : Axel&Nico | Parent : 96(svchost.exe) | 64.31 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.18362.207) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [01/07/2019 18:34:29] CPU Usage:0 % 928 | [Owner : Axel&Nico | Parent : 1044(explorer.exe) | 14.9 Mo] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.276) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [30/05/2018 17:16:14] CPU Usage:0 % 1332 | [Owner : Axel&Nico | Parent : 96(svchost.exe) | 7.09 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (10.0.18362.1) = C:\Windows\System32\wbem\unsecapp.exe [19/03/2019 06:43:54] CPU Usage:0 % 7756 | [Owner : Axel&Nico | Parent : 9896() | 7.5 Mo] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.211.12) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [01/04/2019 23:25:24] CPU Usage:0 % 11636 | [Owner : Axel&Nico | Parent : 1000(services.exe) | 15.52 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 11644 | [Owner : Système | Parent : 96(svchost.exe) | 10.4 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.18362.1) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [19/03/2019 06:45:12] CPU Usage:0 % 11848 | [Owner : Axel&Nico | Parent : 9472() | 40.68 Mo] - (.Intel Corporation - IAStorIcon.) - (12.8.0.1016) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [08/08/2013 00:24:00] CPU Usage:0 % 3768 | [Owner : Système | Parent : 1000(services.exe) | 11.18 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] CPU Usage:0 % 10044 | [Owner : Axel&Nico | Parent : 5116(nvxdsync.exe) | 10.38 Mo] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.7563) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [06/06/2017 23:27:38] CPU Usage:0 % 6420 | [Owner : SERVICE LOCAL | Parent : 3148(svchost.exe) | 17.21 Mo] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.18362.175) = C:\Windows\System32\audiodg.exe [01/07/2019 18:33:56] CPU Usage:0 % 12028 | [Owner : Axel&Nico | Parent : 96(svchost.exe) | 14.72 Mo] - (.Microsoft Corporation - Windows Security Health Host.) - (4.18.1901.16384) = C:\Windows\System32\SecurityHealthHost.exe [19/03/2019 06:44:39] CPU Usage:0 % 4000 | [Owner : Axel&Nico | Parent : 96(svchost.exe) | 22.26 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.18362.1) = C:\Windows\System32\smartscreen.exe [19/03/2019 06:44:03] CPU Usage:0 % 8264 | [Owner : Axel&Nico | Parent : 1044(explorer.exe) | 63.78 Mo] - (.SosVirus - QuickDiag.) - (27.2.19.1) = C:\Users\Axel&Nico\Desktop\QuickDiag.exe [01/07/2019 08:21:21] CPU Usage:2 % 10540 | [Owner : SERVICE RÉSEAU | Parent : 96(svchost.exe) | 10.97 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.18362.1) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [19/03/2019 06:45:12] CPU Usage:0 % ---------- | Locked Applications ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\WINDOWS\System32\UMPDC.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\VirtualMonitorManager.dll (.G DATA Software AG.-.G DATA Shredder.) - (25.1.19114.15) -- C:\Program Files (x86)\G Data\TotalProtection\Shredder\Reisswlf64.dll (.Dropbox, Inc..-.Dropbox Shell Extension.) - (1.0.27.0) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll (.ASUS Cloud Corporation..-.AsusWSShellExt64.) - (1.1.0.27) -- C:\Program Files (x86)\Common Files\AWS\2.2.4.537\ASUSWSShellExt64.dll (.NVIDIA Corporation.-.NVIDIA D3D10 Driver, Version 375.63.) - (21.21.13.7563) -- C:\WINDOWS\System32\DriverStore\FileRepository\nvak.inf_amd64_791beb67a268df58\nvwgf2umx.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellExperiences\TileControl.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellComponents\TaskFlowUI.dll (.Malwarebytes.-.Malwarebytes.) - (3.0.0.78) -- C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll (..-..) - (0.0.0.0) -- C:\Windows\PCCleanupContextMenu\x64\ContextMenuHandler.dll (.Alexander Roshal.-.WinRAR shell extension.) - (5.21.0.0) -- C:\Program Files\WinRAR\rarext.dll (.Foxit Software Inc..-.ConvertToPDFShellExtension.) - (7.0.6.1223) -- C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll (.G DATA Software AG.-.G DATA ANTIVIRUS Shell Extension.) - (25.1.19114.13) -- C:\Program Files (x86)\G Data\TotalProtection\AVK\ShellExt64.dll (.Igor Pavlov.-.7-Zip Shell Extension.) - (9.38.0.0) -- C:\Program Files\7-Zip\7-zip.dll (.NVIDIA Corporation.-.NVIDIA Shell Extensions.) - (8.17.13.7563) -- C:\WINDOWS\system32\nv3dappshext.dll (.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 375.63.) - (21.21.13.7563) -- C:\WINDOWS\system32\nvapi64.dll ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\WINDOWS\System32\UMPDC.dll ---------- | svchost.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\WINDOWS\System32\UMPDC.dll (.G DATA Software AG.-.G DATA Security Software AMSI Provider.) - (25.1.19113.1420) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDAMSIx64.dll (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.25.3.0) -- C:\WINDOWS\System32\winsqlite3.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\usocoreps.dll (..-..) - (0.0.0.0) -- C:\WINDOWS\SYSTEM32\WINBIOPLUGINS\FACEBOOTSTRAPADAPTER.DLL ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU Uploader - (C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\SOFTWARE\...\Run]) - User: AxelNicoPCsalon\Axel&Nico DAEMON Tools Lite Automount - ("C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\SOFTWARE\...\Run]) - User: AxelNicoPCsalon\Axel&Nico SecurityHealth - (%windir%\system32\SecurityHealthSystray.exe [HKLM\SOFTWARE\...\Run]) - User: Public IAStorIcon - ("C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [HKLM\SOFTWARE\...\Run]) - User: Public NvBackend - ("C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [HKLM\SOFTWARE\...\Run]) - User: Public RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s [HKLM\SOFTWARE\...\Run]) - User: Public RtHDVBg - ("C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4 [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Uploader"=C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [28/06/2016 15:06:04] "DAEMON Tools Lite Automount"="C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "Uploader"=0x0300000010A0C2BEDC40D201 "DAEMON Tools Lite Automount"=0x03000000F984B3159248D201 "CCleaner Monitoring"=0x03000000701EC872B87CD201 [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=Canon MG5700 series,winspool,Ne04: "IsMRUEstablished"=1 "LegacyDefaultPrinterMode"=0 [HKLM\Software\Microsoft\Command Processor] "DefaultColor"=0 "EnableExtensions"=1 "CompletionChar"=64 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=%windir%\system32\SecurityHealthSystray.exe "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "SecurityHealth"=0x060000000000000000000000 "RTHDVCPL"=0x060000000000000000000000 "RtHDVBg"=0x060000000000000000000000 "IAStorIcon"=0x020000000000000000000000 "ShadowPlay"=0x020000000000000000000000 "NvBackend"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "CanonQuickMenu"=0x040000000000000000000000 "StereoLinksInstall"=0x040000000000000000000000 "ASUSPRP"=0x0700000029DB5868F60BD101 "WebStorage"=0x070000008E31D16AF60BD101 "mcpltui_exe"=0x040000000000000000000000 "GDFirewallTray"=0x020000000000000000000000 "Dropbox"=0x03000000FD154670A119D201 "SunJavaUpdateSched"=0x020000000000000000000000 "DBAgent"=0x03000000886AFBBCDC40D201 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D5302AD0B21C1F [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE" "WebStorage"=C:\Program Files (x86)\ASUS\WebStorage\2.2.4.537\ASUSWSLoader.exe [12/10/2015 12:17:46] "Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup "DBAgent"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List Adobe Acrobat Update Task Adobe Flash Player NPAPI Notifier Adobe Flash Player Updater Axel&Nico DBAgent 2 0 CCleaner Update CCleanerSkipUAC DropboxUpdateTaskMachineCore DropboxUpdateTaskMachineUA GoogleUpdateTaskMachineCore GoogleUpdateTaskMachineUA klcp_update OneDrive Standalone Update Task-S-1-5-21-2779967726-3164674173-1318877449-1001 Optimize Start Menu Cache Files-S-1-5-21-2779967726-3164674173-1318877449-1001 Seagate_Install_Launch ---------- | Startings up registry ¦ Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=DeviceInstall UsoSvc gpsvc trustedinstaller "SvcHostSplitThresholdInKB"=3670016 "WaitToKillServiceTimeout"=2000 "SystemStartOptions"= NOEXECUTE=OPTIN NOVGA "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(4) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "LastBootSucceeded"=1 "LastBootShutdown"=1 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [28/09/2015 10:55:47] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "LsaPid"=1020 "ProductType"=3 "restrictanonymous"=0 "restrictanonymoussam"=1 "SecureBoot"=1 [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "GlobalFlag2"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "AutoChkSkipSystemPartition"=0 "ResourceTimeoutCount"=648000 [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=0947c061-0c68-4e14-8b2e-ef73cf2 "GlassSessionId"=2 ---------- | .LNK with Arguments ---------- | AppCertDlls ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretTimeout"=5000 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=0 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "ScreenSaveActive"=1 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "WallPaper"=C:\Users\Axel&Nico\Downloads\__original_drawn_by_mks__524c41e3e2c277d444623f36c7c19bc2.png [27/04/2018 17:23:57] "MouseMonitorEscapeSpeed"=0 "Win8DpiScaling"=0 "UserPreferencesMask"=0x9012078010000000 "AutoColorization"=0 "MaxVirtualDesktopDimension"=1440 "MaxMonitorDimension"=1440 "TranscodedImageCount"=1 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC30100E67523009006000060040000B539DAC23BDED30143003A005C00550073006500720073005C004100780065006C0026004E00690063006F005C0044006F0077006E006C006F006100640073005C005F005F006F0072006900670069006E0061006C005F0064007200610077006E005F00620079005F006D006B0073005F005F00350032003400630034003100650033006500320063003200370037006400340034003400360032003300660033003600630037006300310039006200630032002E0070006E0067000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ImageColor"=2935610738 "DpiScalingVer"=4096 "PreferredUILanguages"=fr-FR "WaitToKillAppTimeout"=2000 "ScreenSaverIsSecure"=0 "ScreenSaveTimeOut"=60 "HungAppTimeout"=2000 [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{E31EA727-12ED-4702-820C-4B6445F28E1A}"=1 "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "EdgeDesktopShortcutCreated"=1 "EnableAutoTray"=1 "ShellState"=0x240000003C28000000000000000000000000000001000000130000000000000062000000 "ExplorerStartupTraceRecorded"=1 "UserSignedIn"=1 "SlowContextMenuEntries"=0x6024B221EA3A6910A2DC08002B30309D18090000FB9A790967ADD111ABCD00C04FC30936EE02000062B06A59D2B415429F74E9109B0A81536B0300001A58CE57B60C66429CA019364C90A0B30B060000206BB9B11DDA3C4A92C17229B32F2326C4160000 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "TelemetrySalt"=6 "GlobalAssocChangedCounter"=25 "FirstRunTelemetryComplete"=1 "AppReadinessLogonComplete"=1 "PostAppInstallTasksCompleted"=1 [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "StoreAppsOnTaskbar"=1 "ServerAdminUI"=0 "Hidden"=1 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=13 "ReindexedProfile"=1 "RTStartMenuNotificationDisplayCount"=0 "EnableStartMenu"=1 "Start_TrackDocs"=0 "Start_TrackProgs"=0 "ShellViewReentered"=1 "TaskbarSizeMove"=1 "TaskbarStateLastRun"=0xBF091A5D00000000 "DontUsePowerShellOnWinX"=1 "TaskbarSmallIcons"=1 "TaskbarGlomLevel"=0 "TaskbarBadges"=1 [HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "ConsentPromptBehaviorAdmin"=2 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "EnableLinkedConnections"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "SmartScreenEnabled"=RequireAdmin [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "ConsentPromptBehaviorAdmin"=2 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "EnableLinkedConnections"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=18362 "FirstLogon"=0 "PUUActive"=0xCC727E6101000000040005009B0F00002B1700002B170000D2000000020005000615EA0249540000495400009A0600006B060000320000000000000000000000522F0000410100001900000000000000232F315F5C30D5019B0F000000000000010000009B0F0000BA470000C5140000CC6C360100000000 "DP"=0xD200E8000100000005000000CC727E6100000000000000006EB63521AB30D5016EB63521AB30D501000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000F03F805101006CBA00800A31D0200E39D62846F100C0820A8040830A834097B700004029020040294201F16E008000092009820926296C300180303E1261323E5261C13001800290244402923644E6E500C0FE324029FE32403947220080480E00105A0E10108D1F0180420184104201845086AB008004E8807404E9827CA1210000686080496860894B [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "scremoveoption"=0 "LastLogOffEndTimePerfCounter"=114221733209 "ShutdownFlags"=7 "Userinit"=C:\Windows\system32\userinit.exe,c:\program files (x86)\g data\totalprotection\avkkid\avkcks.exe, "ShutdownWithoutLogon"=0 "DisableCad"=1 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-21-2779967726-3164674173-1318877449-1001 "LastUsedUsername"=Axel&Nico [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=C:\WINDOWS\system32\userinit.exe [19/03/2019 06:44:35] ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [19/03/2019 14:01:28] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [19/03/2019 14:01:28] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Users\Axel&Nico\AppData\Roaming\Foxit Software\Addon\Foxit PhantomPDF\FoxitPhantomPDFUpdater.exe"=1 "D:\Ubisoft\Ubisoft Game Launcher\Uplay.exe"=32 "D:\Ubisoft\Ubisoft Game Launcher\upc.exe"=32 [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Users\Axel&Nico\Desktop\Téléchargements\utorrent_2.2.1.exe"=0x534143500100000000000000070000002800000078170600A5DB0600010000000000000000000106710200006A920CE5B7BAD001000000000000000002000000280000000000000000000000000000000000000000000000000000008D760200000000000100000001000000 "C:\Program Files (x86)\Free Download Manager\fdm.exe"=0x534143500100000000000000070000002800000068E05600E453570001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000343D0C02000000007800000078000000 "C:\Program Files\WinRAR\WinRAR.exe"=0x534143500100000000000000070000002800000058EE16008CAB170001000000000000000000030600010000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000009D6D7E0100000000F4070000F4070000 "C:\Program Files\7-Zip\7zFM.exe"=0x5341435001000000000000000700000028000000003E0C000000000001000000000000000000000A73200000EDA4DCB1B3BAD00100000000000000000200000028000000000000000000000000000000000000000000000000000000C3610100000000000400000004000000 "C:\Users\Axel&Nico\Desktop\Téléchargements\WebStorageSyncAgent2.2.4.537.exe"=0x5341435001000000000000000700000028000000F01BC7003105C800010000000000000000000106000100006A920CE5B7BAD0010000000000000000 "C:\Program Files (x86)\uTorrent\uTorrent.exe"=0x534143500100000000000000070000002800000078170600A5DB06000100000000000000000001067102000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000001A71A603000000009F0300009F030000 "C:\Windows\System32\notepad.exe"=0x534143500100000000000000070000002800000000480300BAF3030001000000010000000000000A73220000EDA4DCB1B3BAD0010000000000000000 "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe"=0x5341435001000000000000000700000028000000C830020092FC02000100000000000000000003067122000019B4C529E312D10100000000000000000200000028000000000000000000001000000000000000000000000000000000DF430000000000000700000007000000 "C:\Program Files (x86)\Foxit PhantomPDF\FoxitPhantomPDF.exe"=0x5341435001000000000000000700000028000000E0DA6A02161D6B0201000000000000000000010600010000BFA2139DEDD1D301000000000000000002000000280000000000000000000000040000000000000000000000000000007BAD810300000000DE060000DE060000 "C:\Program Files (x86)\Elcomsoft Password Recovery\Advanced Archive Password Recovery\ARCHPR.exe"=0x5341435001000000000000000700000028000000A82E2800795128000100000000000000000001067100000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000049E7000000000004100000041000000 "C:\Program Files\Windows NT\Accessories\wordpad.exe"=0x534143500100000000000000070000002800000000F04400851F450001000000010000000000000A7322000059193B14E312D1010000000000000000 "D:\ultrastardx-WorldParty-12.07-installer-full.exe"=0x5341435001000000000000000700000028000000E324EC01000000000100000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000063B90200000000000100000001000000 "D:\UltraStar Deluxe WorldParty\ultrastardx.exe"=0x5341435001000000000000000700000028000000001C16000000000001000000000000000000010661220000BFA2139DEDD1D301000000000000000002000000280000000000000000000000100000000000000000000000000000002CB77001000000000201000002010000 "C:\Program Files (x86)\Windows Media Player\wmplayer.exe"=0x5341435001000000000000000700000028000000008C0200DEDE020001000000010000000000000A7122000019B4C529E312D1010000000000000000 "C:\Program Files (x86)\ASUS\ASUS Manager\ASUS Manager.exe"=0x534143500100000000000000070000002800000018091D00C95C1D0001000000000000000000030680010000BFA2139DEDD1D30100000000000000000200000050000000000000000000000000000000000000000000000000000000E5031100000000001E00000002000000000000000000004000000000000000000000000000000000E9BD0500000000000200000000000000 "C:\Program Files (x86)\PS3 Media Server\pms.exe"=0x5341435001000000000000000700000028000000D4530600000000000100000000000000000001060001000033504C2B57DFD1010000000000000000020000002800000000000000000000000010000000000000000000000000000074BA7E01000000000800000008000000 "C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLED.EXE"=0x5341435001000000000000000700000028000000C862030066A8030001000000000000000000000A7122000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000703E0000000000000100000001000000 "C:\Users\Axel&Nico\Documents\audacity-win-2.1.2.exe"=0x5341435001000000000000000700000028000000F94E94010000000001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000041540200000000000100000001000000 "C:\Users\Axel&Nico\Downloads\UMS-6.5.0-Java8.exe"=0x5341435001000000000000000700000028000000F229EC04000000000100000000000000000001060001000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000089FD0700000000000100000001000000 "C:\Program Files (x86)\Universal Media Server\UMS.exe"=0x5341435001000000000000000700000028000000DA360900000000000100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000E098AC00000000000600000006000000 "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe"=0x5341435001000000000000000700000028000000C84D830192DB830101000000000000000000000A0021000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000000C6E0000000000000200000002000000 "C:\Program Files\NVIDIA Corporation\Display\nvtray.exe"=0x5341435001000000000000000700000028000000C0732500096E260001000000000000000000000A73220000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000A0801900000000000100000001000000 "C:\Program Files\MKVToolNix\mkvinfo.exe"=0x534143500100000000000000070000002800000098F62E01772E2F0101000000000000000000000673000000D5B3B31A57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000009A100000000000000500000005000000 "C:\Users\Axel&Nico\Documents\CrystalDiskInfo7_0_4\DiskInfo64.exe"=0x5341435001000000000000000700000028000000B0893C007EAA3C0001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000DC0B3700000000004300000043000000 "C:\Users\Axel&Nico\Downloads\Seagate_Dashboard_Installer.exe"=0x5341435001000000000000000700000028000000B0A3CC087819CD080100000000000000000002060001000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000664D0300000000000100000001000000 "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\7zr.exe"=0x5341435001000000000000000700000028000000182D0500A8E605000100000000000000000001067100000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000064190000000000000200000002000000 "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe"=0x534143500100000000000000070000002800000048F3010020F6010001000000000000000000000AF122000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000080670100000000000800000008000000 "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe"=0x5341435001000000000000000700000028000000281F040037BF040001000000000000000000000AF122000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000022670E00000000000600000006000000 "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe"=0x5341435001000000000000000700000028000000202F1D000DA51D0001000000000000000000000AF122000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000B11C0300000000000800000008000000 "C:\Users\Axel&Nico\Documents\file_recovery.exe"=0x534143500100000000000000070000002800000000E003000000000001000000000000000000000A6122000033504C2B57DFD10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000439A0200000000000200000002000000 "D:\Ubisoft\Ubisoft Game Launcher\UplayService.exe"=0x5341435001000000000000000700000028000000C8923B00BF8A3C0001000000000000000000000A7122000033504C2B57DFD10100000000000000000200000050000000000000000000000000000000000000000000000000000000FA49000000000000010000000100000000000000000000400000000000000000000000000000000061260400000000000300000000000000 "C:\Program Files\Internet Explorer\iexplore.exe"=0x5341435001000000000000000700000028000000C0960C005DE50C0001000000010000000000000A00210000D5B3B31A57DFD1010000000000000000 "C:\Users\Axel&Nico\Downloads\DTLiteInstaller.exe"=0x5341435001000000000000000700000028000000688F0A0077280B000100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000649A1200000000000100000001000000 "C:\Program Files\DAEMON Tools Lite\DTLauncher.exe"=0x5341435001000000000000000700000028000000C00A34004B8F340001000000000000000000000A73220000E78E163C2AA0D201000000000000000002000000280000000000000000000000000000000000000000000000000000009A890F00000000000800000008000000 "C:\Users\Axel&Nico\Downloads\DriversCloud_Win.exe"=0x534143500100000000000000070000002800000080920300854E04000100000000000000000000067100000033504C2B57DFD1010000000000000000020000002800000000000000000800400000000000000000000000000000000000980200000000000100000001000000 "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe"=0x5341435001000000000000000700000028000000C0DC010044B602000100000000000000000003067122000033504C2B57DFD10100000000000000000200000028000000000000000000001000000000000000000000000000000000AEF70000000000000200000002000000 "C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe"=0x5341435001000000000000000700000028000000388EC2004B3FC30001000000000000000000000A73220000D5B3B31A57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000036AD4C00000000000400000004000000 "C:\Program Files\DriversCloud.com\DriversCloud.exe"=0x53414350010000000000000007000000280000007082660006F8660001000000000000000000000A00210000D5B3B31A57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000034C0200000000000200000002000000 "C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"=0x534143500100000000000000020000002800000000000000000000000000000000000000000000000000000066A20100000000000100000001000000 "C:\Users\Axel&Nico\Desktop\Jeux\Save\Dragon ball Xenoverse\Save Editor\Version xenoversemods\Save-Editor\DBXV_Save_Editor_v1.1.1.0.exe"=0x534143500100000000000000070000002800000000B23C000000000001000000000000000000000AF520000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000BC4F4700000000000300000003000000 "C:\Users\Axel&Nico\Desktop\Jeux\Save\Dragon ball Xenoverse\Save Editor\version sur 360haven\Dragonball Xenoverse Editor.exe"=0x5341435001000000000000000700000028000000001E1E000000000001000000000000000000000AF122000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000D4EF0C00000000000100000001000000 "C:\Program Files\Malwarebytes\Anti-Malware\assistant.exe"=0x5341435001000000000000000700000028000000D09B05008F7B060001000000000000000000000A71220000E63F486B2AA0D2010000000000000000020000002800000000000000000000400000000000000000000000000000000040050000000000003000000030000000 "C:\Program Files (x86)\BitTorrent\bittorrent.exe"=0x534143500100000000000000070000002800000038FD0900A8FC0A0001000000000000000000010671220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000077ED310300000000220A0000220A0000 "C:\Users\Axel&Nico\Documents\AirDC_Installer_3.31.exe"=0x5341435001000000000000000700000028000000149CCB020000000001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000EADA0100000000000100000001000000 "C:\Program Files\AirDC++\AirDC.exe"=0x534143500100000000000000070000002800000000A2B8002CBEB80001000000000000000000000A73220000D5B3B31A57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000066016300000000000400000004000000 "C:\Program Files (x86)\Audacity\audacity.exe"=0x534143500100000000000000070000002800000000B88D000000000001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000C7D00800000000000200000002000000 "C:\Program Files\MediaInfo\MediaInfo.exe"=0x534143500100000000000000070000002800000078C66F007018700001000000000000000000000A71220000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000008C2B0F0000000000B7030000B7030000 "C:\Program Files\MKVToolNix\uninst.exe"=0x5341435001000000000000000700000028000000876E040060F6DB0001000000000000000000000A71200000E63F486B2AA0D201000000000000000002000000280000000000000000080040000000000000000000000000000000007B2A0000000000000100000001000000 "C:\Users\Axel&Nico\Documents\JRT.exe"=0x5341435001000000000000000700000028000000B862190060FC190001000000000000000000010671020000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000FB250900000000000800000008000000 "C:\Program Files\CCleaner\uninst.exe"=0x534143500100000000000000070000002800000020BB02006BB5030001000000000000000000000A00210000E63F486B2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000AE6D0000000000000100000001000000 "C:\Program Files\DAEMON Tools Lite\DTAgent.exe"=0x5341435001000000000000000700000028000000C0AA4B009B314C0001000000000000000000000A00210000E78E163C2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000A53D0000000000000400000004000000 "C:\Program Files\paint.net\PaintDotNet.exe"=0x534143500100000000000000070000002800000048201B0066391B0001000000000000000000000A80210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000555E0500000000005B0000005B000000 "C:\Users\Axel&Nico\AppData\Local\Discord\app-0.0.298\Discord.exe"=0x5341435001000000000000000700000028000000F8076D03C0FF6D0301000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000000E8FCD01000000001400000014000000 "C:\Users\Axel&Nico\Documents\anki-2.0.48.exe"=0x5341435001000000000000000700000028000000F346C4010000000001000000000000000000000671000000DB80FDAC2839D30100000000000000000200000028000000000000000008004000000000000000000000000000000000FFC90500000000000100000001000000 "D:\Anki\anki.exe"=0x5341435001000000000000000700000028000000E7103100BE80020001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000061E1EC02000000003400000034000000 "C:\Program Files (x86)\Mozilla Firefox\pingsender.exe"=0x5341435001000000000000000700000028000000D0F7000096B9010001000000000000000000000A73200000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000E2110000000000005900000059000000 "C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe"=0x5341435001000000000000000700000028000000E8492600767B260001000000000000000000000A71220000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000003020000000000000100000001000000 "C:\Program Files (x86)\Canon\IJ Scan Utility\MAINT.exe"=0x534143500100000000000000070000002800000068821C00092B1D0001000000000000000000030600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000B3470100000000000100000001000000 "C:\Program Files\CanonBJ\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series\DELDRV64.exe"=0x5341435001000000000000000700000028000000584E0B00EB060C0001000000000000000000030600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000219C0000000000000300000003000000 "C:\Program Files (x86)\Canon\IJ Manual\CANON MG5700 SERIES\uninstall.exe"=0x534143500100000000000000070000002800000058680500B0E7050001000000000000000000030600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000020000000000000000300000003000000 "C:\Program Files\Canon\MyPrinter\uninst.exe"=0x5341435001000000000000000700000028000000586C1C00BD0F1D0001000000000000000000030600210000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000007E1A0000000000000100000001000000 "SIGN.MEDIA=D9C5C MSetup4.exe"=0x5341435001000000000000000700000028000000508E0500E64F060001000000000000000000030600010000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000F72B0C00000000000300000003000000 "C:\Users\Axel&Nico\Desktop\PARIS DIDEROT - INFORMATIQUE\INFORMATIQUE\Applications\bin\addpm.exe"=0x5341435001000000000000000700000028000000DF7624002F3D250001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000032170000000000000100000001000000 "C:\Users\Axel&Nico\Desktop\PARIS DIDEROT - INFORMATIQUE\INFORMATIQUE\Applications\bin\runemacs.exe"=0x53414350010000000000000007000000280000003F0B1B0025DC1B0001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000006A071200000000004500000045000000 "SIGN.MEDIA=245D67 Setup.exe"=0x5341435001000000000000000700000028000000902E1200A425130001000000000000000000030600010000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000DD120000000000000100000001000000 "C:\Users\Axel&Nico\Documents\setuplanguagepack.x86.ja-jp_.exe"=0x534143500100000000000000070000002800000018114500F633450001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000000F950600000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe"=0x5341435001000000000000000700000028000000B0602A01DAC62A0101000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000005D040500000000000100000001000000 "C:\Users\Axel&Nico\Documents\DiscordSetup.exe"=0x5341435001000000000000000700000028000000F8517403B5F7740301000000000000000000030600010000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000007F460000000000000100000001000000 "C:\Users\Axel&Nico\Documents\Firefox Installer.exe"=0x534143500100000000000000070000002800000048C90400E18D050001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000063180800000000000100000001000000 "C:\Program Files\MKVToolNix\gMKVExtractGUI.v2.2.0\gMKVExtractGUI.exe"=0x5341435001000000000000000700000028000000006803000000000001000000000000000000000A75220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000003680300000000002F0000002F000000 "C:\Program Files\MKVToolNix\mkvextract.exe"=0x5341435001000000000000000700000028000000E8445000E2BB500001000000000000000000000A63200000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000EA000000000000000300000003000000 "SIGN.MEDIA=FA0136 LGAutoRun.exe"=0x534143500100000000000000070000002800000098C10A0013EE0A0001000000000000000000010671200000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000020200000000000000000000000000E99A0000000000000100000001000000 "C:\Users\Axel&Nico\Documents\K-Lite_Codec_Pack_1452_Mega.exe"=0x53414350010000000000000007000000280000009A9C61030000000001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000083E00200000000000400000004000000 "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe"=0x534143500100000000000000070000002800000000868900DEA3890001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000041568300000000008F0400008F040000 "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"=0x5341435001000000000000000700000028000000F0852500B48B250001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000010000000000000000000000000000000009B790200000000000100000001000000 "C:\Program Files\CCleaner\CCleaner.exe"=0x5341435001000000000000000700000028000000C054DF001C87DF0001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000700A0000000000000100000001000000 "C:\Users\Axel&Nico\Documents\TDSSKiller.exe"=0x534143500100000000000000070000002800000008684D00FEF14D0001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000400000000000000000000000000000000075800100000000000400000004000000 "C:\Users\Axel&Nico\Documents\mkvtoolnix-64-bit-32.0.0-setup.exe"=0x5341435001000000000000000700000028000000F8A7FB004330FC0001000000000000000000000A71200000BFA2139DEDD1D30100000000000000000200000028000000000000000008004000000000000000000000000000000000C5FB0000000000000100000001000000 "C:\Program Files\MKVToolNix\mkvtoolnix-gui.exe"=0x5341435001000000000000000700000028000000F858F901655CF90101000000000000000000000A63220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000C06D1000000000000500000005000000 "D:\Ubisoft\Ubisoft Game Launcher\Uplay.exe"=0x5341435001000000000000000700000028000000582F0700FE18080001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000CA882203000000000100000001000000 "C:\Users\Axel&Nico\Desktop\Inalco\L3\S6\Linguistique Japonaise\2018-2019\Praat\Praat.exe"=0x53414350010000000000000007000000280000003C53C1025D39C20201000000000000000000000A00210000BFA2139DEDD1D30100000000000000000500000010000000000000000000000000000000000000000200000050000000000000000000000000000000000000000000000000000000ECE89A0000000000100000000E0000000000000000000040000000000000000000000000000000000F220000000000000100000000000000 "C:\Users\Axel&Nico\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe"=0x5341435001000000000000000700000028000000200A0A0007510A0001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000008000000000000000000000000000000000000000B9030000000000000100000001000000 "C:\Program Files (x86)\G Data\TotalProtection\AVK\AVK.exe"=0x534143500100000000000000070000002800000028BC080086DD080001000000000000000000000A71220000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000FE020000000000001000000010000000 "C:\Users\Axel&Nico\AppData\Local\Microsoft\OneDrive\19.062.0331.0006\FileSyncConfig.exe"=0x534143500100000000000000070000002800000060BC0400AE33050001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE"=0x5341435001000000000000000700000028000000D0141D0041BF1D0001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe"=0x534143500100000000000000070000002800000010390F005A03100001000000000000000000000A71220000631F6E6F0EDED4010000000000000000020000002800000000000000000000400000000000000000000000000000000094380000000000000700000007000000 "C:\Users\Axel&Nico\Documents\ccsetup557.exe"=0x534143500100000000000000070000002800000018404501DC8F450101000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000EFB20B00000000000100000001000000 "C:\Program Files (x86)\G Data\TotalProtection\GUI\GDSC.exe"=0x534143500100000000000000070000002800000028C052000AD4520001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A42B0000000000000200000002000000 "C:\Users\Axel&Nico\AppData\Local\Microsoft\OneDrive\19.070.0410.0005\FileSyncConfig.exe"=0x534143500100000000000000070000002800000060BC04002A69050001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe"=0x5341435001000000000000000700000028000000F8ED8500A07C860001000000000000000000000A71220000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000FE076300000000000500000005000000 "C:\Users\Axel&Nico\AppData\Local\Microsoft\OneDrive\19.070.0410.0007\FileSyncConfig.exe"=0x534143500100000000000000070000002800000060BC0400100C050001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE"=0x53414350010000000000000007000000280000007829AA02A3CCAA0201000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Users\Axel&Nico\Documents\flashplayer32au_ha_install.exe"=0x5341435001000000000000000700000028000000286C12008968130001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000985B0100000000000100000001000000 "C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe"=0x5341435001000000000000000700000028000000A0A30600BC5A070001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000059E60000000000000100000001000000 "C:\Program Files\CCleaner\CCleaner64.exe"=0x534143500100000000000000070000002800000058AD58015622590101000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000003C180000000000000100000001000000 "C:\Program Files\VideoLAN\VLC\vlc.exe"=0x5341435001000000000000000700000028000000C80A0F0051C10F0001000000000000000000000600010000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000C9779C0000000000CD000000CD000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe"=0x5341435001000000000000000700000028000000F013AA00EB69AA0001000000000000000000000A00210000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000095A92600000000000D0000000D000000 "C:\Users\Axel&Nico\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"=0x534143500100000000000000070000002800000038C7F901DA35FA0101000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Users\Axel&Nico\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\FileSyncConfig.exe"=0x534143500100000000000000070000002800000038C904002188050001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE"=0x5341435001000000000000000700000028000000C83B1E00581E1F0001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"=0x534143500100000000000000070000002800000020A40800854F090001000000000000000000000A00210000631F6E6F0EDED4010000000100000000 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"=0x5341435001000000000000000700000028000000F0BD1700B2B1180001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000003F6A0100000000000200000002000000 "C:\Users\Axel&Nico\Desktop\ZHPCleaner.exe"=0x534143500100000000000000070000002800000080073000F2E2300001000000000000000000000A00210000631F6E6F0EDED4010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000094EE1100000000000600000006000000 "C:\Users\Axel&Nico\Desktop\QuickDiag.exe"=0x5341435001000000000000000200000028000000000000000000004000000000000000000000000000000000727F0D00000000000100000001000000070000002800000098F74E00B9194F0001000000000000000000000A00210000631F6E6F0EDED4010000000000000000 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=132064732994135416 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "DisableAntiSpyware"=1 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "ProductType"=2 "ManagedDefenderProductType"=0 "ProductStatus"=0 "InstallTime"=0x14EF2A694173D001 "DisableAntiVirus"=1 "InstallLocation"=C:\Program Files\Windows Defender\ "PassiveMode"=0 "LastEnabledTime"=0x6B9DF6CC89B8D301 "PreviousRunningMode"=2 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinQuic] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) ---------- | Hosts 127.0.0.1 localhost 127.0.0.1 gdpwmgrlocalhost ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [2a00:1450:4007:812::200e] avec 32 octets de donn?es?: R?ponse de 2a00:1450:4007:812::200e?: temps=24 ms R?ponse de 2a00:1450:4007:812::200e?: temps=24 ms R?ponse de 2a00:1450:4007:812::200e?: temps=24 ms R?ponse de 2a00:1450:4007:812::200e?: temps=25 ms Statistiques Ping pour 2a00:1450:4007:812::200e: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 24ms, Maximum = 25ms, Moyenne = 24ms ---------- | @ [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Cache_Update_Frequency"=Once_Per_Session "Local Page"=C:\Windows\system32\blank.htm "NoUpdateCheck"=0 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=http://asus13.msn.com/?pc=ASJB "DisableFirstRunCustomize"=3 "OperationalData"=13 "ApplicationTileImmersiveActivation"=0 "AssociationActivationMode"=2 "EdgeSwitchingOSBuildNumber"=10586.th2_release.160802-1857 "ImageStoreRandomFolder"=lqdcr3r "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2400000024000000A80300007C020000 "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0xD445F2009C04D201 "Start Page_TIMESTAMP"=0xD9B3446033C9D101 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"= [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "CertificateRevocation"=1 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "ZonesSecurityUpgrade"=0x2339B9D11830D501 "EmailName"=User@ "AutoConfigProxy"=wininet.dll "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "WarnOnPost"=0x01000000 "UseSchannelDirectly"=0x01000000 "EnableHttp1_1"=1 "UrlEncoding"=0 "WarnonZoneCrossing"=0 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "LockDatabase"=132064736149848846 [HKLM\Software\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "DisableRandomFlighting"=0 "EnableLegacyEdgeSwitching"=1 "TabProcGrowth"=Medium "DoNotTrack"=1 [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.NSR] "progid"=Potplayer.nsr ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt01] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [26/04/2019 08:21:15] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt02] - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [26/04/2019 08:21:15] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt03] - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [26/04/2019 08:21:15] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt04] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [26/04/2019 08:21:15] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt05] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [26/04/2019 08:21:15] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt06] - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [26/04/2019 08:21:15] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt07] - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [26/04/2019 08:21:15] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt08] - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [26/04/2019 08:21:15] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt09] - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [26/04/2019 08:21:15] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt10] - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [26/04/2019 08:21:15] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_B] - {6D4133E5-0742-4ADC-8A8C-9303440F7191} -- C:\Program Files (x86)\Common Files\AWS\2.2.4.537\ASUSWSShellExt64.dll [22/04/2015 15:59:34] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_O] - {64174815-8D98-4CE6-8646-4C039977D809} -- C:\Program Files (x86)\Common Files\AWS\2.2.4.537\ASUSWSShellExt64.dll [22/04/2015 15:59:34] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_U] - {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} -- C:\Program Files (x86)\Common Files\AWS\2.2.4.537\ASUSWSShellExt64.dll [22/04/2015 15:59:34] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [19/03/2019 06:44:47] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt01] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 08:21:15] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt02] - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 08:21:15] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt03] - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 08:21:15] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt04] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 08:21:15] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt05] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 08:21:15] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt06] - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 08:21:15] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt07] - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 08:21:15] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt08] - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 08:21:15] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt09] - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 08:21:15] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt10] - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 08:21:15] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "KnownProvidersUpgradeTime"=0xD445F2009C04D201 "Version"=5 "UpgradeTime"=0xD445F2009C04D201 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] : (Lync Click to Call) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] ---------- | SearchScopes [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=ASJB : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=ASJB : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> () : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] -> (Free Download Manager) : C:\Program Files (x86)\Free Download Manager\iefdm2.dll [30/09/2015 00:26:59] ---------- | Chrome C:\Users\Axel&Nico\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Axel&Nico\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\Axel&Nico\AppData\Local\Google\Chrome\User Data\Default\extensions\bhmmomiinigofkjcapegjjndpbikblnp = : Google & co - short_name: Web of Trust - http://clients2.google.com/service/update2/crx C:\Users\Axel&Nico\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\Axel&Nico\AppData\Local\Google\Chrome\User Data\Default\extensions\cfhdojbkjhnklbpkdaibdccddilifddb = : __MSG_description__ - short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstorageunlimitedStoragenotifications] - https://clients2.google.com/service/update2/crx C:\Users\Axel&Nico\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf = : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx C:\Users\Axel&Nico\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Axel&Nico\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Axel&Nico\AppData\Local\Google\Chrome\User Data\Default\extensions\iokapgenfjiafbmphhhcgmgkobiiomcp = : __MSG_extensionDescription__ - short_name: GDWP - permissions:[webRequestwebRequestBlocking\u003Call_urls>nativeMessagingtabsdownloads] - https://clients2.google.com/service/update2/crx C:\Users\Axel&Nico\AppData\Local\Google\Chrome\User Data\Default\extensions\nmahlbngglnabceabpgifacibgoogjcb = : Right-click anime images to reverse-image-search for larger versions through IQDB. - IQDB Context - https://clients2.google.com/service/update2/crx C:\Users\Axel&Nico\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Axel&Nico\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail - Google & co - [*://mail.google.com/mail] - https://clients2.google.com/service/update2/crx C:\Users\Axel&Nico\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx ---------- | Opera ---------- | Firefox [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\mozilla\Firefox\Extensions] "fdm_ffext@freedownloadmanager.org"=C:\ProgramData\Free Download Manager\Firefox\Extensions\2.1.13 [HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 32.0.0.207 Plugin) : C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_207.dll [HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.211.2] - (Java™ Deployment Toolkit) : C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.211.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.6] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.3] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.4] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.6] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 32.0.0.207 Plugin) : C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_207.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@canon.com/EPPEX] - () : [HKLM\Software\WOW6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf] - () : C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf] - () : C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp] - () : C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf] - () : C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5] - (Intel IPT WebApi plugin) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] - (This plugin updates Intel WebAPI component) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVision] - (NVIDIA stereo images plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] - (NVIDIA 3D Vision Streaming plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0] - (WildTangent Games App V2 Presence Detector Plugin) : C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll C:\Users\Axel&Nico\AppData\Roaming\Mozilla\Firefox\Profiles\zh11j63b.default-1486723579074\Prefs.js user_pref("app.normandy.startupRolloutPrefs.extensions.fxmonitor.enabled", true); user_pref("browser.startup.homepage_override.buildID", "20190619235627"); user_pref("browser.startup.homepage_override.mstone", "67.0.4"); user_pref("devtools.webextensions.https-everywhere@eff.org.enabled", true); user_pref("extensions.blocklist.lastModified", "Mon, 01 Jul 2019 13:48:34 GMT"); user_pref("extensions.blocklist.pingCountTotal", 4); user_pref("extensions.blocklist.pingCountVersion", 4); user_pref("extensions.databaseSchema", 31); user_pref("extensions.getAddons.cache.lastUpdate", 1562018545); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.incognito.migrated", true); user_pref("extensions.lastAppBuildId", "20190619235627"); user_pref("extensions.lastAppVersion", "67.0.4"); user_pref("extensions.lastPlatformVersion", "67.0.4"); user_pref("extensions.pendingOperations", false); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}"); user_pref("extensions.webcompat.perform_injections", true); user_pref("extensions.webcompat.perform_ua_overrides", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.https-everywhere@eff.org", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.screenshots@mozilla.org", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.uBlock0@raymondhill.net", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.{59812185-ea92-4cca-8ab7-cfcacee81281}", true); user_pref("extensions.webextensions.uuids", "{\"webprotection@gdata.de\":\"b322a309-ec9a-4a10-a18d-5da86ec6c223\",\"uBlock0@raymondhill.net\":\"e5977130-93e5-4c68-b630-5fe10193790a\",\"{59812185-ea92-4cca-8ab7-cfcacee81281}\":\"3bb54df9-00ab-4bf4-a5fb-90c104907bb5\",\"https-everywhere@eff.org\":\"9fd96479-538a-476f-be70-a872d1cebf42\",\"webcompat@mozilla.org\":\"1b1f7f18-cd58-4e44-b6c4-719bcfeccd43\",\"screenshots@mozilla.org\":\"cfe4c126-9a90-45d6-a974-a7af1013716f\",\"formautofill@mozilla.org\":\"38a44d09-d4f2-400e-aa2f-10e9ae09a814\",\"webcompat-reporter@mozilla.org\":\"7e3ba4f6-6fff-4a09-8ab3-0ad597358f23\",\"fxmonitor@mozilla.org\":\"83550cb3-b2b5-460e-a65a-8e29392bd684\"}"); [Profile0] - Name=default-1486723579074 -> Profiles/zh11j63b.default-1486723579074 ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.254 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{32d3cff9-19c1-4709-940b-1c6b32464698}] "DhcpNameServer"=192.168.1.254 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{32d3cff9-19c1-4709-940b-1c6b32464698}] "NameServer"=8.8.8.8,8.8.4.4 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{32d3cff9-19c1-4709-940b-1c6b32464698}] "DhcpNameServer"=192.168.1.254 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{32d3cff9-19c1-4709-940b-1c6b32464698}] "NameServer"=8.8.8.8,8.8.4.4 ---------- | Applications [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\SOFTWARE\Classes\Applications\runemacs.exe] : "C:\Users\Axel&Nico\Desktop\PARIS DIDEROT - INFORMATIQUE\INFORMATIQUE\Applications\bin\runemacs.exe" "%1" [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\SOFTWARE\Classes\Applications\uTorrent.exe] : "C:\Program Files (x86)\uTorrent\uTorrent.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\bittorrent.exe] : "C:\Program Files (x86)\BitTorrent\bittorrent.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\chrome.exe] : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\mpc-hc64.exe] : "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\MSOXMLED.EXE] : "C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\PotPlayerMini64.exe] : "C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\bittorrent.exe] : "C:\Program Files (x86)\BitTorrent\bittorrent.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\chrome.exe] : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\mpc-hc64.exe] : "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MSOXMLED.EXE] : "C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\PotPlayerMini64.exe] : "C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DcomLaunch SystemEventsBroker DeviceInstall "rdxgroup"=RetailDemo "Camera"=FrameS "LocalServiceNoNetworkFirewall"=BFE mpssvc "diagnostics"=DiagSvc "AarSvcGroup"=AarSvc "PrintWorkflow"=PrintWorkflowUserSvc "wusvcs"=WaaSMedicSvc "BcastDVRUserService"=BcastDVRUserService "GraphicsPerfSvcGroup"=GraphicsPerfSvc "autoTimeSvc"=autoTimeSvc "ClipboardSvcGroup"=cbdhsvc "BthAppGroup"=BluetoothUserService "smbsvcs"=lanmanserver "DevicesFlow"=DeviceAssociationBrokerSvc DevicesFlowUserSvc DevicePickerUserSvc ConsentUxUserSvc [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=DcomLaunch DeviceInstall "PrintWorkflow"=PrintWorkflowUserSvc "DevicesFlow"=DeviceAssociationBrokerSvc "smbsvcs"=lanmanserver ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\7-Zip] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Adobe] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Apowersoft] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\AppDataLow] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\ASUS] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\AvastAdSDK] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\BitTorrent] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\bunkus.org] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Canon] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\CanonBJ] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Chromium] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Clients] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\DAUM] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Disc Soft] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Dropbox] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\DropboxUpdate] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\ECAREME] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\ElcomSoft] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\FileHippo.com] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Foxit Software] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\FreeDownloadManager.ORG] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\G Data] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\GNU] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Google] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Icaros] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\JavaSoft] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Macromedia] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\madshi] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Magix] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Malwarebytes] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Microsoft] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Mozilla] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\MozillaPlugins] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\MPC-HC] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Netscape] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\NVIDIA Corporation] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\ODBC] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\paint.net] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Piriform] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Policies] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\PS3 Media Server] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\QtProject] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\RealNetworks] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Realtek] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\RegisteredApplications] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Seagate] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\sysinternals] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Trolltech] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Ubisoft] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Universal Media Server] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\WinRAR] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\WinRAR SFX] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Wintertree] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Wow6432Node] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\ZHP] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\SOFTWARE\AppDataLow\Software\JavaSoft] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Microsoft\Windows\AssignedAccessConfiguration] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Microsoft\Windows\PrivacySettingsBeforeCreatorsUpdate] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Microsoft\Windows\Winlogon] [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\7-Zip] [HKLM\Software\AGEIA Technologies] [HKLM\Software\Canon] [HKLM\Software\Clients] [HKLM\Software\CVSM] [HKLM\Software\cybelsoft] [HKLM\Software\DAUM] [HKLM\Software\DefaultUserEnvironment] [HKLM\Software\Dell] [HKLM\Software\Disc Soft] [HKLM\Software\Dolby] [HKLM\Software\DTS] [HKLM\Software\ECAREME] [HKLM\Software\Fortemedia] [HKLM\Software\G Data] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\GNU] [HKLM\Software\Google] [HKLM\Software\HaaliMkx] [HKLM\Software\HookCentre] [HKLM\Software\Icaros] [HKLM\Software\IM Providers] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\Knowles] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\mozilla.org] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nahimic] [HKLM\Software\Network Associates] [HKLM\Software\Nuance] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Oracle] [HKLM\Software\paint.net] [HKLM\Software\Partner] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SonicFocus] [HKLM\Software\SRS Labs] [HKLM\Software\sysinternals] [HKLM\Software\VideoLAN] [HKLM\Software\Waves Audio] [HKLM\Software\Windows] [HKLM\Software\WinRAR] [HKLM\Software\WOW6432Node] [HKLM\Software\Microsoft\Windows\Autopilot] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\Dwm] [HKLM\Software\Microsoft\Windows\DynamicManagement] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\Heat] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\Notepad] [HKLM\Software\Microsoft\Windows\PrivacySettingsBeforeCreatorsUpdate] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\UpdateApi] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AarSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\autotimesvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BcastDVRUserService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\btagservice] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BthAppGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ClipboardSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\AirDC++] [HKLM\Software\WOW6432Node\Anki] [HKLM\Software\WOW6432Node\ASUS] [HKLM\Software\WOW6432Node\AviSynth] [HKLM\Software\WOW6432Node\Canon] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\Dropbox] [HKLM\Software\WOW6432Node\DropboxUpdate] [HKLM\Software\WOW6432Node\ECAREME] [HKLM\Software\WOW6432Node\ElcomSoft] [HKLM\Software\WOW6432Node\Foxit Software] [HKLM\Software\WOW6432Node\FreeDownloadManager.ORG] [HKLM\Software\WOW6432Node\G Data] [HKLM\Software\WOW6432Node\G DATA Software] [HKLM\Software\WOW6432Node\GNU] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\HaaliMkx] [HKLM\Software\WOW6432Node\Icaros] [HKLM\Software\WOW6432Node\IM Providers] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\KLCodecPack] [HKLM\Software\WOW6432Node\LAV] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\MAGIX] [HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Nero] [HKLM\Software\WOW6432Node\Network Associates] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\Oracle] [HKLM\Software\WOW6432Node\RealNetworks] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\RtWLan] [HKLM\Software\WOW6432Node\Skype] [HKLM\Software\WOW6432Node\SyncIntegrationClients] [HKLM\Software\WOW6432Node\Ubisoft] [HKLM\Software\WOW6432Node\WildTangent] [HKLM\Software\WOW6432Node\WOW6432Node] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\Heat] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\UpdateApi] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] ---------- | Drives D: [29/12/2016 00:10:10] - |A| - (.-.) - [883] - (0.0.0.0) - D:\A TRANSFERER DANS DDE - Raccourci.lnk [07/03/2016 17:12:53] - |A| - (.-.) - [23229917] - (0.0.0.0) - D:\anki-2.0.33.exe [28/02/2016 20:54:01] - |A| - (.-.) - [32253155] - (0.0.0.0) - D:\ultrastardx-WorldParty-12.07-installer-full.exe ---------- | C: [04/10/2015 12:10:26] - |SHD| - [3696856] - C:\#GDATA.Recovery.Data# [22/08/2013 17:36:31] - |SHD| - [387] - C:\$Recycle.Bin [10/02/2017 15:59:15] - |D| - [12781105] - C:\AdwCleaner [10/04/2015 06:06:50] - |D| - [0] - C:\ASUS SyncUp [MD5.0B17239B2E03F5AEA96929003CA22337] - [22/08/2013 17:44:03] - |RASH| - (.-.) - [404250] - (0.0.0.0) - C:\bootmgr [MD5.93B885ADFE0DA089CDF634904FD59F71] - [22/08/2013 17:44:04] - |ASH| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT [MD5.CD706B2CEFB6F0BFED41A0C00217C95A] - [07/07/2018 16:53:53] - |SH| - (.-.) - [80] - (0.0.0.0) - C:\bootTel.dat [25/05/2017 09:54:21] - |SHD| - [721040] - C:\Config.Msi [30/07/2015 23:51:49] - |SHD| - [0] - C:\Documents and Settings [MD5.D41D8CD98F00B204E9800998ECF8427E] - [01/07/2019 18:21:48] - |ASH| - (.-.) - [2551685120] - (0.0.0.0) - C:\hiberfil.sys [14/01/2015 18:36:56] - |D| - [1005880] - C:\Intel [10/09/2015 07:53:54] - |D| - [13201408] - C:\Logs [MD5.D41D8CD98F00B204E9800998ECF8427E] - [01/07/2019 18:06:08] - |ASH| - (.-.) - [1744830464] - (0.0.0.0) - C:\pagefile.sys [19/03/2019 06:52:43] - |D| - [0] - C:\PerfLogs [19/03/2019 06:52:43] - |RD| - [7509894034] - C:\Program Files [19/03/2019 06:52:44] - |RD| - [8762667349] - C:\Program Files (x86) [19/03/2019 06:52:44] - |HD| - [2474976442] - C:\ProgramData [01/07/2019 08:27:49] - |D| - [544726] - C:\QuickDiag [MD5.BB8CA91541B2C885E79746A9C06ECED7] - [02/07/2019 10:07:16] - |A| - (.-.) - [184897] - (0.0.0.0) - C:\QuickDiag.txt [MD5.91C0A7E84981CD5F4217D4BD6A676177] - [01/07/2019 08:41:39] - |RAST| - (.-.) - [464447] - (0.0.0.0) - C:\QuickDiag_01_07_2019_08_41_39.txt [01/12/2017 17:55:27] - |SHD| - [0] - C:\Recovery [MD5.D41D8CD98F00B204E9800998ECF8427E] - [01/07/2019 18:06:08] - |ASH| - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys [10/04/2015 05:49:22] - |SHD| - [0] - C:\System Volume Information [MD5.D73C3EEF418A969B5C4D2F49A5D69092] - [10/02/2017 16:55:00] - |A| - (.-.) - [91792] - (0.0.0.0) - C:\TDSSKiller.3.1.0.12_10.02.2017_15.55.00_log.txt [MD5.B05683BD08A12ADB4A930F183B03CA97] - [10/02/2017 17:03:08] - |A| - (.-.) - [7242] - (0.0.0.0) - C:\TDSSKiller.3.1.0.12_10.02.2017_16.03.08_log.txt [MD5.F254D346BB87E56E8365DCD91B885183] - [14/10/2018 14:27:59] - |A| - (.-.) - [436] - (0.0.0.0) - C:\TDSSKiller.3.1.0.12_14.10.2018_14.27.59_log.txt [MD5.1882F162477BC1B603331E13B6CD7ED3] - [23/08/2017 11:31:44] - |A| - (.-.) - [91584] - (0.0.0.0) - C:\TDSSKiller.3.1.0.12_23.08.2017_11.31.44_log.txt [MD5.9C186BEB178DB5FB901B48A6DA58A12A] - [23/09/2017 10:33:53] - |A| - (.-.) - [91170] - (0.0.0.0) - C:\TDSSKiller.3.1.0.12_23.09.2017_10.33.53_log.txt [MD5.3D136168328D673ED2F15A8B48863043] - [23/09/2017 11:16:41] - |A| - (.-.) - [91600] - (0.0.0.0) - C:\TDSSKiller.3.1.0.12_23.09.2017_11.16.41_log.txt [MD5.090DB38AA4E91DFD9B1E538C86A51AA5] - [29/08/2017 17:15:55] - |A| - (.-.) - [8200] - (0.0.0.0) - C:\TDSSKiller.3.1.0.12_29.08.2017_17.15.55_log.txt [MD5.90CD34AD2C78399040F51DF15D43CF01] - [29/09/2017 18:11:01] - |A| - (.-.) - [91600] - (0.0.0.0) - C:\TDSSKiller.3.1.0.12_29.09.2017_18.11.01_log.txt [MD5.3ADE729D3B635123C19AD2397BBC9D2D] - [03/02/2019 22:06:54] - |A| - (.-.) - [436] - (0.0.0.0) - C:\TDSSKiller.3.1.0.17_03.02.2019_21.06.54_log.txt [MD5.A5A3E1CDFCD39D1198810D4E272A6294] - [08/02/2019 08:52:33] - |A| - (.-.) - [7114] - (0.0.0.0) - C:\TDSSKiller.3.1.0.17_08.02.2019_07.52.33_log.txt [MD5.D1558943C16B8C22D269A3C6B9BF23C3] - [11/11/2018 23:52:08] - |A| - (.-.) - [166564] - (0.0.0.0) - C:\TDSSKiller.3.1.0.17_11.11.2018_22.52.08_log.txt [MD5.E619B1F09C51628C16AECD431101EDF5] - [14/10/2018 14:30:17] - |A| - (.-.) - [166994] - (0.0.0.0) - C:\TDSSKiller.3.1.0.17_14.10.2018_14.30.17_log.txt [MD5.A2B113891937A898D413E93B37683FD0] - [08/02/2019 08:54:22] - |A| - (.-.) - [26344] - (0.0.0.0) - C:\TDSSKiller.3.1.0.26_08.02.2019_07.54.22_log.txt [MD5.49783C6C8B73EC13305B0E02A95080FB] - [08/02/2019 08:55:53] - |A| - (.-.) - [8918] - (0.0.0.0) - C:\TDSSKiller.3.1.0.26_08.02.2019_07.55.53_log.txt [MD5.EF51263F97C303994C58FE27CE78FF7B] - [10/02/2019 11:42:04] - |A| - (.-.) - [162714] - (0.0.0.0) - C:\TDSSKiller.3.1.0.26_10.02.2019_10.42.04_log.txt [MD5.C8E681B388881B97809A07ECE65868F9] - [30/06/2019 17:41:51] - |A| - (.-.) - [436] - (0.0.0.0) - C:\TDSSKiller.3.1.0.26_30.06.2019_17.41.51_log.txt [10/02/2017 17:00:02] - |D| - [72118] - C:\TDSSKiller_Quarantine [19/03/2019 06:37:22] - |RD| - [93059081104] - C:\Users [19/03/2019 06:37:22] - |D| - [22959007551] - C:\Windows [01/07/2019 19:04:08] - |D| - [27740824954] - C:\Windows.old ---------- | C:\WINDOWS [19/03/2019 06:52:44] - |D| - [802] - C:\WINDOWS\addins [19/03/2019 06:52:44] - |D| - [14548475] - C:\WINDOWS\appcompat [19/03/2019 06:52:44] - |D| - [9003536] - C:\WINDOWS\apppatch [19/03/2019 06:52:44] - |D| - [0] - C:\WINDOWS\AppReadiness [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/01/2015 18:36:39] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\Ascd_err.ini [MD5.F06506565B71807BF46CC6924BB6755D] - [14/01/2015 18:36:39] - |A| - (.-.) - [2974] - (0.0.0.0) - C:\WINDOWS\Ascd_HDI_log.ini [MD5.5C621F37FF1CAC63CCAB2C6A967FD8C8] - [14/01/2015 18:36:39] - |A| - (.-.) - [3174] - (0.0.0.0) - C:\WINDOWS\Ascd_log.ini [MD5.48671C2787B22143DB0C56131E9603A8] - [14/01/2015 18:36:04] - |A| - (.-.) - [3111] - (0.0.0.0) - C:\WINDOWS\Ascd_tmp.ini [19/03/2019 06:52:43] - |RD| - [816455059] - C:\WINDOWS\assembly [MD5.A09EE81373B7B6E378AD32A1CFABB831] - [14/01/2015 19:31:26] - |A| - (.-.) - [10] - (0.0.0.0) - C:\WINDOWS\ASUSBuildDate.txt [MD5.81051BCC2CF1BEDF378224B0A93E2877] - [10/04/2015 06:36:23] - |A| - (.-.) - [2] - (0.0.0.0) - C:\WINDOWS\As_FinalImage.tag [MD5.81051BCC2CF1BEDF378224B0A93E2877] - [10/04/2015 06:16:38] - |A| - (.-.) - [2] - (0.0.0.0) - C:\WINDOWS\As_Process_Pass.tag [MD5.E81550AA0FCBC3D0DF026425BBC8C389] - [10/04/2015 06:18:47] - |A| - (.-.) - [18] - (0.0.0.0) - C:\WINDOWS\As_Sysprep_Success.tag [19/03/2019 06:52:44] - |D| - [785153] - C:\WINDOWS\bcastdvr [MD5.B75D52E7DBEEF44A2C3324A2CE0272C9] - [19/03/2019 06:43:47] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [73216] - (10.0.18362.1) - C:\WINDOWS\bfsvc.exe [19/03/2019 06:52:44] - |D| - [39561015] - C:\WINDOWS\Boot [MD5.7F5B17DE51258B7CDB325A8F0E970100] - [01/07/2019 18:43:27] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [19/03/2019 06:52:44] - |D| - [2467832] - C:\WINDOWS\Branding [19/03/2019 06:37:22] - |D| - [0] - C:\WINDOWS\CbsTemp [MD5.7EE892B2E367DF8ADD5F13805551DF3E] - [01/07/2019 18:25:46] - |A| - (.-.) - [7655] - (0.0.0.0) - C:\WINDOWS\comsetup.log [19/03/2019 06:52:44] - |D| - [31885505] - C:\WINDOWS\Containers [MD5.1F334AC7713E228137147CBFBB7BC9AA] - [19/03/2019 14:03:26] - |A| - (.-.) - [33951] - (0.0.0.0) - C:\WINDOWS\Core.xml [MD5.FCE2849896E0A0E9B47812322A3C38C3] - [14/01/2015 18:26:00] - |A| - (.-.) - [13] - (0.0.0.0) - C:\WINDOWS\CSUP.txt [19/03/2019 06:52:44] - |D| - [11501377] - C:\WINDOWS\Cursors [14/01/2015 19:36:45] - |D| - [117448] - C:\WINDOWS\da [14/01/2015 19:36:49] - |D| - [117952] - C:\WINDOWS\de [19/03/2019 06:52:44] - |D| - [0] - C:\WINDOWS\debug [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [01/07/2019 18:46:25] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [19/03/2019 06:52:44] - |D| - [4773599] - C:\WINDOWS\diagnostics [19/03/2019 06:52:44] - |D| - [2074128] - C:\WINDOWS\DiagTrack [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [01/07/2019 18:46:25] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [19/03/2019 14:00:40] - |D| - [0] - C:\WINDOWS\DigitalLocker [19/03/2019 06:52:44] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files [MD5.9BA3629DA25EA41969AEBBD9B8E54655] - [19/03/2019 06:55:49] - |A| - (.-.) - [776] - (0.0.0.0) - C:\WINDOWS\DtcInstall.log [14/01/2015 19:36:53] - |D| - [117952] - C:\WINDOWS\el [19/03/2019 06:52:44] - |HD| - [46472] - C:\WINDOWS\ELAMBKUP [MD5.DAD0209252887D1AE2B728F15946E246] - [14/01/2015 19:13:37] - |A| - (.-.) - [432254] - (0.0.0.0) - C:\WINDOWS\eManual.ico [14/01/2015 19:36:36] - |D| - [116936] - C:\WINDOWS\en [28/09/2015 16:46:48] - |D| - [116936] - C:\WINDOWS\en-GB [19/03/2019 14:00:40] - |D| - [97792] - C:\WINDOWS\en-US [14/01/2015 19:36:57] - |D| - [117448] - C:\WINDOWS\es [MD5.9C111E2764F4F0C03EBE0A0BD5EDA46D] - [01/07/2019 18:33:58] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4552336] - (10.0.18362.207) - C:\WINDOWS\explorer.exe [MD5.E1FD9DE48AF5D7652AA31BBE914F54B8] - [26/02/2009 08:50:32] - |A| - (.-.) - [176] - (0.0.0.0) - C:\WINDOWS\explorer.exe.config [MD5.2B97764F76F21170C5673B3AB798881A] - [10/04/2015 06:06:57] - |A| - (.TODO: (c) . - TODO: .) - [1886208] - (1.0.0.1) - C:\WINDOWS\FbkGo.dll [14/01/2015 19:37:01] - |D| - [116928] - C:\WINDOWS\fi [06/06/2017 23:26:56] - |D| - [6291456] - C:\WINDOWS\Firmware [19/03/2019 06:52:44] - |RSD| - [521392102] - C:\WINDOWS\Fonts [14/01/2015 19:37:05] - |D| - [117440] - C:\WINDOWS\fr [19/03/2019 14:00:40] - |D| - [110592] - C:\WINDOWS\fr-FR [19/03/2019 06:52:44] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter [19/03/2019 06:52:44] - |D| - [71134286] - C:\WINDOWS\Globalization [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/04/2015 05:48:45] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\HDT-Exit_Pass.tag [19/03/2019 06:52:44] - |D| - [72635255] - C:\WINDOWS\Help [MD5.BB596F99CCBE983F4E6D3D4A92CE9B8E] - [19/03/2019 06:45:38] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1054208] - (10.0.18362.1) - C:\WINDOWS\HelpPane.exe [MD5.DF73D52FDCE65F90A2E49EFB5248C77C] - [19/03/2019 06:45:38] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.18362.1) - C:\WINDOWS\hh.exe [19/03/2019 06:52:44] - |D| - [29869] - C:\WINDOWS\IdentityCRL [19/03/2019 06:52:44] - |D| - [92648214] - C:\WINDOWS\IME [19/03/2019 06:52:44] - |RD| - [9265136] - C:\WINDOWS\ImmersiveControlPanel [19/03/2019 06:50:07] - |D| - [66728329] - C:\WINDOWS\INF [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\InfusedApps [19/03/2019 06:52:44] - |D| - [38126462] - C:\WINDOWS\InputMethod [19/03/2019 06:52:44] - |SHDC| - [1396297564] - C:\WINDOWS\Installer [MD5.6B478A7986F158BEA855EE92CF39B3D2] - [14/01/2015 19:19:46] - |A| - (.-.) - [408142] - (0.0.0.0) - C:\WINDOWS\InstantOn.ico [14/01/2015 19:37:10] - |D| - [116928] - C:\WINDOWS\it [01/07/2019 18:26:25] - |D| - [78848] - C:\WINDOWS\ja-JP [19/03/2019 06:52:44] - |D| - [94304] - C:\WINDOWS\L2Schemas [19/03/2019 06:52:44] - |HD| - [0] - C:\WINDOWS\LanguageOverlayCache [MD5.718FECF22BF4BD4FC05B79AA4BEC75D0] - [14/01/2015 18:36:10] - |A| - (.-.) - [1769] - (0.0.0.0) - C:\WINDOWS\Language_trs.ini [19/03/2019 06:52:44] - |D| - [0] - C:\WINDOWS\LiveKernelReports [19/03/2019 06:52:44] - |D| - [5439799] - C:\WINDOWS\Logs [19/03/2019 06:52:44] - |RSD| - [20094600] - C:\WINDOWS\Media [22/08/2013 17:36:31] - |D| - [1636864] - C:\WINDOWS\MediaViewer [MD5.23AF90D2355D8C83AA4567EF1763B467] - [19/03/2019 06:44:30] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [19/03/2019 06:52:43] - |RD| - [936456334] - C:\WINDOWS\Microsoft.NET [19/03/2019 06:52:44] - |D| - [3323] - C:\WINDOWS\Migration [19/03/2019 06:52:44] - |D| - [0] - C:\WINDOWS\ModemLogs [14/01/2015 19:37:15] - |D| - [117440] - C:\WINDOWS\nl [MD5.F1139811BBF61362915958806AD30211] - [19/03/2019 06:45:00] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [181248] - (10.0.18362.1) - C:\WINDOWS\notepad.exe [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [12/12/2016 09:54:06] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\WINDOWS\NvContainerRecovery.bat [19/03/2019 14:02:18] - |D| - [1884854] - C:\WINDOWS\OCR [MD5.7F9A675959905E760B289F2F498EC123] - [14/01/2015 18:22:03] - |A| - (.-.) - [73] - (0.0.0.0) - C:\WINDOWS\OEMVer.txt [19/03/2019 06:52:44] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [01/07/2019 15:09:50] - |DC| - [429916117] - C:\WINDOWS\Panther [10/04/2015 06:06:36] - |D| - [3224576] - C:\WINDOWS\PCCleanupContextMenu [19/03/2019 06:52:44] - |D| - [513730] - C:\WINDOWS\Performance [MD5.6385741DE4006A3511FEDAA6CBFFF749] - [17/09/2017 10:07:50] - |A| - (.-.) - [273190] - (0.0.0.0) - C:\WINDOWS\PFRO.log [MD5.B5E0716AA3EC560C4AD361B9BFA6B574] - [30/10/2018 00:47:56] - |A| - (.-.) - [2584] - (0.0.0.0) - C:\WINDOWS\PidVid_List.dll [MD5.813D33D6F551AFDD23168FBA02445431] - [10/04/2015 06:02:30] - |A| - (.-.) - [2380] - (0.0.0.0) - C:\WINDOWS\PidVid_List.txt [19/03/2019 06:52:44] - |D| - [1453676] - C:\WINDOWS\PLA [19/03/2019 06:52:44] - |D| - [4659139] - C:\WINDOWS\PolicyDefinitions [01/07/2019 18:06:03] - |D| - [14342088] - C:\WINDOWS\Prefetch [19/03/2019 06:52:44] - |RD| - [1997091] - C:\WINDOWS\PrintDialog [19/03/2019 06:52:44] - |D| - [5894931] - C:\WINDOWS\Provisioning [28/09/2015 16:18:30] - |D| - [117952] - C:\WINDOWS\pt-PT [MD5.29409008DF22243BB320333F9FD5C060] - [19/03/2019 06:45:47] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [358400] - (10.0.18362.1) - C:\WINDOWS\regedit.exe [19/03/2019 06:52:44] - |D| - [1117876] - C:\WINDOWS\Registration [19/03/2019 06:52:44] - |D| - [3021744] - C:\WINDOWS\rescache [19/03/2019 06:52:44] - |D| - [3977603] - C:\WINDOWS\Resources [MD5.38BDC839A512C24C06AE1B9B1F3C702C] - [30/10/2018 00:47:56] - |A| - (.-.) - [37100] - (0.0.0.0) - C:\WINDOWS\rlt8723a_chip_bt40_fw_asic_rom_patch.dll [MD5.C775E284F00D8F727BA4B5FC3A6B4036] - [30/10/2018 00:55:32] - |A| - (.Realtek All Rights Reserved - Realtek Bluetooth BTDevManager Service Application.) - [324168] - (1.1.18.1) - C:\WINDOWS\RtkBtManServ.exe [MD5.DFD74F79257C8B758B5833F5E5B68B2D] - [30/10/2018 00:47:56] - |A| - (.-.) - [51068] - (0.0.0.0) - C:\WINDOWS\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.B9C1CBC637769B07D08B61772E90ABA3] - [30/10/2018 00:47:56] - |A| - (.-.) - [51016] - (0.0.0.0) - C:\WINDOWS\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new_s1.dll [MD5.92E02856B5B02E6F89FAA7B0A16BF1C2] - [10/12/2017 22:45:52] - |A| - (.-.) - [55388] - (0.0.0.0) - C:\WINDOWS\rtl8723d_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.8A26FCB1DE92610B6FA3B6A4BAAFEA38] - [30/10/2018 00:47:58] - |A| - (.-.) - [70644] - (0.0.0.0) - C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192ee_new.dll [MD5.8E971E13156E0ADAD89936FB3EBDCE76] - [30/10/2018 00:47:58] - |A| - (.-.) - [67324] - (0.0.0.0) - C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192eu_new.dll [MD5.66DF405CE587479535A62221E2BC10DD] - [30/10/2018 00:47:58] - |A| - (.-.) - [51272] - (0.0.0.0) - C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8812ae_new.dll [MD5.D1D6120453CB9751A4A9C1FFAEA6F277] - [30/10/2018 00:47:58] - |A| - (.-.) - [73232] - (0.0.0.0) - C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8814ae_new.dll [MD5.AD9E7B9CCA7ADF526FE74429A1C26571] - [30/10/2018 00:47:58] - |A| - (.-.) - [64048] - (0.0.0.0) - C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.0D8E3222C703062382CF19DDCF808771] - [30/10/2018 00:47:58] - |A| - (.-.) - [38012] - (0.0.0.0) - C:\WINDOWS\rtl8821a_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.72115A2C49BEFA555C4E136C3004EB94] - [10/12/2017 22:45:52] - |A| - (.-.) - [42856] - (0.0.0.0) - C:\WINDOWS\rtl8821c_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.C1F0FFBB0E117EB446D740F140029CF4] - [10/12/2017 22:45:52] - |A| - (.-.) - [47152] - (0.0.0.0) - C:\WINDOWS\rtl8822b_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.A095B3E67C8EB8F2137EAC63687F2F5B] - [30/05/2018 17:12:32] - |A| - (.Copyright (C) 2016 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2839520] - (1.0.7.0) - C:\WINDOWS\RtlExUpd.dll [MD5.88F41DCFADB1448D564953D1D2C689BD] - [10/04/2015 05:58:17] - |A| - (.Copyright (C) 2012-2014 -.) - [36864] - (1.1005.415.2014) - C:\WINDOWS\runSW.exe [MD5.3A670A2D887D1F86A2908F31104AAA8B] - [14/01/2015 18:36:39] - |A| - (.-.) - [2174] - (0.0.0.0) - C:\WINDOWS\scd.ini [19/03/2019 06:52:44] - |D| - [0] - C:\WINDOWS\SchCache [19/03/2019 06:52:44] - |D| - [122082] - C:\WINDOWS\schemas [19/03/2019 06:52:44] - |D| - [11097886] - C:\WINDOWS\security [01/07/2019 18:42:43] - |D| - [157067256] - C:\WINDOWS\ServiceProfiles [19/03/2019 06:52:44] - |D| - [4096] - C:\WINDOWS\ServiceState [19/03/2019 06:37:22] - |D| - [84532301] - C:\WINDOWS\servicing [19/03/2019 06:56:38] - |D| - [57095] - C:\WINDOWS\Setup [MD5.93B89FAA44D8067CF46925922C929F29] - [14/01/2015 19:19:43] - |A| - (.-.) - [504] - (0.0.0.0) - C:\WINDOWS\setup.iss [MD5.5DD9F59094CAD8529A607933593BB60B] - [01/07/2019 18:10:35] - |A| - (.-.) - [19393] - (0.0.0.0) - C:\WINDOWS\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [01/07/2019 18:10:35] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\setuperr.log [19/03/2019 06:52:44] - |D| - [7052288] - C:\WINDOWS\ShellComponents [19/03/2019 06:52:44] - |D| - [55485952] - C:\WINDOWS\ShellExperiences [30/10/2015 21:03:03] - |D| - [0] - C:\WINDOWS\ShellNew [19/03/2019 06:52:44] - |D| - [6828144] - C:\WINDOWS\SKB [10/04/2015 05:56:47] - |D| - [146828176] - C:\WINDOWS\SoftwareDistribution [19/03/2019 06:52:44] - |D| - [230328467] - C:\WINDOWS\Speech [19/03/2019 06:52:44] - |D| - [179123781] - C:\WINDOWS\Speech_OneCore [MD5.D9B33378D64EDA8D4D3860044C2A9C70] - [19/03/2019 06:43:53] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [132096] - (10.0.18362.1) - C:\WINDOWS\splwow64.exe [MD5.2664EEEE55F34BC4FAAA8EE41393D2CD] - [31/07/2015 00:25:21] - |A| - (.-.) - [31856] - (0.0.0.0) - C:\WINDOWS\Starter.xml [14/01/2015 19:37:20] - |D| - [116928] - C:\WINDOWS\sv [MD5.C5A066FBA7232A682886F17F0F574749] - [10/04/2015 05:58:17] - |A| - (.2012: (c) Realtek. By Karl - Switch USB2.0/USB3.0 for WinXP SP2+ ~ Win8.1.) - [450264] - (500.1026.1028.2014) - C:\WINDOWS\SwUSB.exe [19/03/2019 06:52:44] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [22/08/2013 15:25:43] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [19/03/2019 06:37:22] - |D| - [5673306384] - C:\WINDOWS\System32 [19/03/2019 06:52:45] - |D| - [210230560] - C:\WINDOWS\SystemApps [19/03/2019 06:52:46] - |D| - [190881621] - C:\WINDOWS\SystemResources [19/03/2019 06:52:46] - |D| - [1390534077] - C:\WINDOWS\SysWOW64 [19/03/2019 06:52:46] - |D| - [0] - C:\WINDOWS\TAPI [22/08/2013 17:36:30] - |D| - [2450] - C:\WINDOWS\Tasks [19/03/2019 06:52:46] - |D| - [4577511] - C:\WINDOWS\Temp [19/03/2019 06:52:46] - |D| - [13780992] - C:\WINDOWS\TextInput [22/08/2013 17:36:30] - |RD| - [0] - C:\WINDOWS\ToastData [14/01/2015 19:37:24] - |D| - [116928] - C:\WINDOWS\tr [19/03/2019 06:52:46] - |D| - [0] - C:\WINDOWS\tracing [19/03/2019 06:52:46] - |D| - [31372380] - C:\WINDOWS\twain_32 [MD5.BC67755EBD59B2523C943F0D1A9982EF] - [19/03/2019 06:46:01] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [64512] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [MD5.D9007C6B4415261AB45C22B011C1FE83] - [14/01/2015 19:19:46] - |A| - (.ASUSTeK Computer Inc. - InstallShield Helper.) - [196608] - (1.0.1.7) - C:\WINDOWS\UpdateHelper.dll [22/08/2013 17:36:30] - |D| - [0] - C:\WINDOWS\vpnplugins [19/03/2019 06:52:46] - |D| - [12420] - C:\WINDOWS\Vss [19/03/2019 06:52:46] - |D| - [33138] - C:\WINDOWS\WaaS [19/03/2019 06:52:46] - |D| - [23776905] - C:\WINDOWS\Web [MD5.60CDAF0811BF825164C0E246F4F5620D] - [22/08/2013 15:25:43] - |A| - (.-.) - [124] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [19/03/2019 06:44:30] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.2CC83D93DD1DDE691158CF5E9882420B] - [12/06/2019 19:18:55] - |A| - (.-.) - [276] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.CAA192BFDFB5F2A131EBD649B7062DE3] - [19/03/2019 06:46:01] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.18362.1) - C:\WINDOWS\winhlp32.exe [19/03/2019 06:37:22] - |D| - [9881728491] - C:\WINDOWS\WinSxS [MD5.907AE50A03DEEC4CFFDC70EA3D5AD4D8] - [01/04/2014 07:34:22] - |A| - (.© 2012 Microsoft Corporation. Tous droits réservés. - Écran de veille de la Galerie de photos.) - [322248] - (16.4.3528.331) - C:\WINDOWS\WLXPGSS.SCR [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [19/03/2019 06:58:10] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.1D27F61CC5D659247D2E0C111C5386DE] - [19/03/2019 06:45:54] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.18362.1) - C:\WINDOWS\write.exe [28/09/2015 15:31:19] - |D| - [114880] - C:\WINDOWS\zh-CN [06/09/2014 22:51:23] - |D| - [114880] - C:\WINDOWS\zh-TW ---------- | C:\WINDOWS\System32\GroupPolicy ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [01/11/2016 09:56:56] - C:\WINDOWS\Installer\14501ddf.msi : (EAX4 Unified Redist - Creative Labs) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/08/2013 00:26:32] - C:\WINDOWS\Installer\14d63.msi : (Intel(R) Rapid Storage Technology - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/07/2017 03:05:18] - C:\WINDOWS\Installer\15da8887.msi : ( - dotPDN LLC) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/02/2019 18:18:16] - C:\WINDOWS\Installer\16b33e81.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2013 22:17:36] - C:\WINDOWS\Installer\1e51f.msi : (Intel(R) Trusted Connect Service Client - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/12/2014 04:54:16] - C:\WINDOWS\Installer\1e529.msi : ( - Cisco Systems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/11/2012 10:39:00] - C:\WINDOWS\Installer\1e52e.msi : ( - Cisco Systems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/12/2014 04:54:16] - C:\WINDOWS\Installer\1e533.msi : ( - Cisco Systems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/01/2015 19:26:16] - C:\WINDOWS\Installer\1f7ed.msi : (Skype - Skype Technologies S.A.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/05/2019 06:47:33] - C:\WINDOWS\Installer\23584d.msi : (Google Update Helper - Google LLC) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/08/2012 10:52:38] - C:\WINDOWS\Installer\274780.msi : ( - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2013 09:12:43] - C:\WINDOWS\Installer\274786.msi : (Intel(R) Network Connections - Intel) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/07/2014 09:33:14] - C:\WINDOWS\Installer\2a30b.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/02/2019 09:40:16] - C:\WINDOWS\Installer\2b6c9.msi : (Dropbox Update Helper - Dropbox, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/12/2015 14:29:58] - C:\WINDOWS\Installer\2fa634.msi : (Foxit PhantomPDF - Foxit Software Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/10/2016 14:37:48] - C:\WINDOWS\Installer\43e7af.msi : (Hardware Detection DriversCloud.com - Cybelsoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/09/2015 20:07:20] - C:\WINDOWS\Installer\441d29.msi : (7-Zip (x64 edition) Package - Igor Pavlov) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/11/2016 16:01:59] - C:\WINDOWS\Installer\84926f.msi : (Seagate Dashboard - Seagate) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/04/2019 08:37:19] - C:\WINDOWS\Installer\995c0.msi : (Java SE Runtime Environment 8 Update 211 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/04/2019 08:37:19] - C:\WINDOWS\Installer\995cb.msi : (Java Auto Updater - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/03/2015 10:41:29] - C:\WINDOWS\Installer\c55f46a.msi : ( - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/01/2016 16:22:16] - C:\WINDOWS\Installer\d3343f.msi : (Unlock password-protected ZIP, RAR, ACE and ARJ archives quickly and efficiently - Elcomsoft Co. Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/02/2019 14:28:20] - [1986560] - (.().-. - ()) - C:\WINDOWS\Installer\1327399e.msp [29/06/2011 07:27:28] - [4028928] - (.().-. - ()) - C:\WINDOWS\Installer\14d6c.msp [12/05/2018 08:05:37] - [7094272] - (.().-. - ()) - C:\WINDOWS\Installer\16056af4.msp [11/02/2019 08:36:53] - [8757248] - (.().-. - ()) - C:\WINDOWS\Installer\16b33f0c.msp [18/09/2018 10:10:59] - [4706304] - (.().-. - ()) - C:\WINDOWS\Installer\1928f172.msp [29/06/2011 07:21:32] - [4637184] - (.().-. - ()) - C:\WINDOWS\Installer\1d7a6.msp [23/02/2018 15:25:19] - [1343488] - (.().-. - ()) - C:\WINDOWS\Installer\1e3c36d4.msp [13/08/2018 08:19:45] - [1441792] - (.().-. - ()) - C:\WINDOWS\Installer\1fc11f06.msp [29/11/2017 12:42:28] - [1355776] - (.().-. - ()) - C:\WINDOWS\Installer\3bb701e.msp [13/11/2018 06:24:12] - [3485696] - (.().-. - ()) - C:\WINDOWS\Installer\4f9a5.msp [11/07/2017 06:57:12] - [1732608] - (.().-. - ()) - C:\WINDOWS\Installer\517fcc5.msp [03/01/2019 11:17:04] - [1720320] - (.().-. - ()) - C:\WINDOWS\Installer\56486e5.msp [13/06/2019 14:38:00] - [2260992] - (.().-. - ()) - C:\WINDOWS\Installer\56c751d.msp [28/08/2017 18:40:46] - [2424832] - (.().-. - ()) - C:\WINDOWS\Installer\56f4cc5.msp [10/12/2018 08:52:51] - [44044288] - (.().-. - ()) - C:\WINDOWS\Installer\5d6aefe.msp [08/04/2019 08:22:42] - [7155712] - (.().-. - ()) - C:\WINDOWS\Installer\6317576.msp [13/11/2017 06:26:16] - [23506944] - (.().-. - ()) - C:\WINDOWS\Installer\6f4a7.msp [09/07/2018 07:47:48] - [27000832] - (.().-. - ()) - C:\WINDOWS\Installer\806c40a.msp [07/08/2017 10:20:05] - [70610944] - (.().-. - ()) - C:\WINDOWS\Installer\80da08a.msp [11/08/2017 12:04:59] - [2031616] - (.().-. - ()) - C:\WINDOWS\Installer\a3786ea.msp [05/04/2017 04:14:24] - [92508160] - (.().-. - ()) - C:\WINDOWS\Installer\c55f46b.msp [08/10/2018 13:11:44] - [2174976] - (.().-. - ()) - C:\WINDOWS\Installer\e7a97.msp [13/05/2019 08:57:34] - [59400192] - (.().-. - ()) - C:\WINDOWS\Installer\e84cead.msp [22/10/2018 15:33:19] - [2584576] - (.().-. - ()) - C:\WINDOWS\Installer\fa8e8e3.msp ---------- | %System%\*.in* [19/03/2019 06:45:40] - [3329] - C:\WINDOWS\System32\ieuinit.inf [01/07/2019 18:28:37] - [2385782] - C:\WINDOWS\System32\PerfStringBackup.INI [19/03/2019 06:45:00] - [60124] - C:\WINDOWS\System32\tcpmon.ini [19/03/2019 06:44:30] - [2404] - C:\WINDOWS\System32\WimBootCompress.ini [19/03/2019 06:46:01] - [3329] - C:\WINDOWS\Syswow64\ieuinit.inf [10/04/2015 05:56:00] - [2412526] - C:\WINDOWS\Syswow64\PerfStringBackup.INI [19/03/2019 06:45:19] - [2404] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.A5350BC9CC2488990F58F4BDECCC85FE] - |A| - [01/07/2019 18:23:09] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\.ses [MD5.65FAFCA4C37BFDD96886CC44315832AE] - |A| - [01/07/2019 18:15:03] - (.-.) - [0.93 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\ASPNETSetup_00000.log [MD5.FFB28CB16C8183E3BCC5B7276ACFA954] - |A| - [01/07/2019 18:16:10] - (.-.) - [0.94 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\ASPNETSetup_00001.log [MD5.9B00E9BDEB059743798DCE894B8913D8] - |A| - [01/07/2019 18:23:05] - (.-.) - [145.03 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AXELNICOPCSALON-20190701-1823.log [MD5.0A1CE40E0F368F17B7E277C3B6A42D23] - |A| - [01/07/2019 18:55:28] - (.-.) - [18.47 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AXELNICOPCSALON-20190701-1855.log [MD5.DD7D5263CFD7FD2534A716209698BB9C] - |A| - [01/07/2019 18:56:52] - (.-.) - [3338.64 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AXELNICOPCSALON-20190701-1856.log [MD5.C4ECFF60D9C6BA619E70F100D5C5D8EC] - |A| - [01/07/2019 19:03:09] - (.-.) - [12.55 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AXELNICOPCSALON-20190701-1903.log [MD5.E096C63E6F9B59A373CCAA7C18F3AB3F] - |A| - [01/07/2019 19:12:48] - (.-.) - [178.6 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AXELNICOPCSALON-20190701-1912.log [MD5.7FA126AF34EAFAE78B9E362DA315594A] - |A| - [01/07/2019 19:13:03] - (.-.) - [15.26 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AXELNICOPCSALON-20190701-1913.log [MD5.C79B97EC31991F939ABE75FB7385A9BB] - |A| - [01/07/2019 19:13:17] - (.-.) - [37.26 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AXELNICOPCSALON-20190701-1913a.log [MD5.1D337CDC05BFC2A151F64340A9291CBB] - |A| - [01/07/2019 19:28:43] - (.-.) - [12.88 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AXELNICOPCSALON-20190701-1928.log [MD5.0ED29CB8E39DE14DCE36BE98EA8E4E39] - |A| - [01/07/2019 19:46:40] - (.-.) - [31.53 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AXELNICOPCSALON-20190701-1946.log [MD5.457C16036FF09C2BB451ACD8918064C4] - |A| - [01/07/2019 19:53:13] - (.-.) - [12.18 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AXELNICOPCSALON-20190701-1953.log [MD5.E69A70DEC594D52B6BD8D4F34682368E] - |A| - [01/07/2019 20:08:03] - (.-.) - [9.86 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AXELNICOPCSALON-20190701-2008.log [MD5.F535803D2610A06B7AE6D0922A0613A8] - |A| - [01/07/2019 20:21:11] - (.-.) - [11.81 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AXELNICOPCSALON-20190701-2021.log [MD5.0C02439A908C81E8533FBE3EDFBECD1D] - |A| - [01/07/2019 20:34:26] - (.-.) - [29.34 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AXELNICOPCSALON-20190701-2034.log [MD5.7756F34EF9644ED84676FB8319A0BB0C] - |A| - [01/07/2019 20:39:35] - (.-.) - [13.24 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AXELNICOPCSALON-20190701-2039.log [MD5.D6EE842851398792773B193C19D9551A] - |A| - [01/07/2019 21:02:23] - (.-.) - [12.82 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AXELNICOPCSALON-20190701-2102.log [MD5.AC55AC1C203283A14F015411816F1CAD] - |A| - [01/07/2019 21:19:29] - (.-.) - [54.16 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AXELNICOPCSALON-20190701-2119.log [MD5.251EF775299F449C046F25067247D863] - |A| - [01/07/2019 21:29:05] - (.-.) - [13.24 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AXELNICOPCSALON-20190701-2129.log [MD5.B623FF5DDB28A9766E1B420047061E25] - |A| - [02/07/2019 09:54:08] - (.-.) - [11.41 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AXELNICOPCSALON-20190702-0954.log [MD5.8FF5EB48112AF87EB173A9F920E739D5] - |A| - [02/07/2019 09:54:56] - (.-.) - [3.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AXELNICOPCSALON-20190702-0954a.log [MD5.D495350FA4F62615165CE0F70EE81AD2] - |A| - [02/07/2019 09:57:26] - (.-.) - [12.12 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AXELNICOPCSALON-20190702-0957.log [MD5.4FB6A1C357A9394FD5B053497928706B] - |A| - [01/07/2019 18:25:50] - (.-.) - [2.5 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\chrome_installer.log [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:25:50] - [0.04 Ko] - C:\WINDOWS\Temp\Crashpad [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:19:23] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_alternativeTrace [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:19:23] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_aot [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:19:23] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_diag [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:19:23] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_miniTrace [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2019 18:50:13] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\FXSAPIDebugLogFile.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2019 18:50:10] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\FXSTIFFDebugLogFile.txt [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:24:28] - [0 Ko] - C:\WINDOWS\Temp\GDATA_Online_Update [MD5.D41D8CD98F00B204E9800998ECF8427E] - |AT| - [01/07/2019 21:19:23] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JETA21C.tmp [MD5.C3F83BD2FE9E7FA8C3CD2C5C40C5049A] - |A| - [01/07/2019 18:49:30] - (.-.) - [6.81 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20190701-184930-0.log [MD5.ED4FFAF51A363E6EC6BA2D8DC6603213] - |A| - [01/07/2019 19:48:12] - (.-.) - [6.81 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20190701-194812-0.log [MD5.6C5375E2E4E80461F09A3309B929A21E] - |A| - [01/07/2019 20:33:58] - (.-.) - [6.81 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20190701-203358-0.log [MD5.95E6582B431C3AFF931F18305AC6891F] - |A| - [01/07/2019 21:20:22] - (.-.) - [6.81 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20190701-212022-0.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2019 19:28:48] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-10532.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2019 18:56:53] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-10748.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2019 20:21:16] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-10992.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [02/07/2019 09:54:52] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-12148.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2019 19:12:48] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-12608.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2019 18:55:34] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-12668.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2019 19:13:08] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-13120.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2019 19:03:09] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-1900.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2019 21:02:29] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-2516.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [02/07/2019 09:57:31] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-2692.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [02/07/2019 09:54:08] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-3008.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2019 18:23:06] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-3876.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2019 21:19:34] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-4176.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2019 19:46:45] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-4640.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2019 20:34:32] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-4752.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2019 19:13:22] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-6604.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2019 19:53:18] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-7296.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2019 20:39:41] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-7840.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2019 20:08:08] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-8580.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2019 21:29:10] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-9908.log [MD5.1051EEF01FC18E4C2267E76AC203A036] - |A| - [01/07/2019 18:48:16] - (.-.) - [1.03 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpCmdRun.log [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:49:46] - [60 Ko] - C:\WINDOWS\Temp\NVIDIA Corporation [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2019 21:19:25] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\officeclicktorun.exe_streamserver(201907012119251050).log [MD5.B13AF738AA8BE55154B2752979D76827] - |A| - [01/07/2019 18:07:27] - (.-.) - [0.2 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tem7598.tmp [MD5.00000000000000000000000000000000] - |D| - [02/07/2019 09:57:28] - [0 Ko] - C:\WINDOWS\Temp\tmp000009ef [MD5.809ED80145F1B754BFAA44555E83311C] - |A| - [01/07/2019 18:13:29] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\TS_F8FA.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 19:03:04] - [0 Ko] - C:\WINDOWS\Temp\tw-1ea0-1a04-26016c.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 19:03:04] - [0 Ko] - C:\WINDOWS\Temp\tw-1ea0-1a04-26016e.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 19:03:04] - [0 Ko] - C:\WINDOWS\Temp\tw-1ea0-1a04-26017f.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 19:03:04] - [0 Ko] - C:\WINDOWS\Temp\tw-1ea0-1a04-260181.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 19:03:04] - [0 Ko] - C:\WINDOWS\Temp\tw-1ea0-1a04-260183.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 19:03:04] - [0 Ko] - C:\WINDOWS\Temp\tw-1ea0-1a04-260185.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 19:03:05] - [0 Ko] - C:\WINDOWS\Temp\tw-1ea0-1a04-260187.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 19:03:05] - [0 Ko] - C:\WINDOWS\Temp\tw-1ea0-1a04-2601e7.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 19:03:05] - [0 Ko] - C:\WINDOWS\Temp\tw-1ea0-1a04-2601f9.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 19:03:05] - [0 Ko] - C:\WINDOWS\Temp\tw-1ea0-1a04-26020a.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 19:03:05] - [0 Ko] - C:\WINDOWS\Temp\tw-1ea0-1a04-26020c.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 19:03:05] - [0 Ko] - C:\WINDOWS\Temp\tw-1ea0-1a04-26020e.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 19:03:05] - [0 Ko] - C:\WINDOWS\Temp\tw-1ea0-1a04-260220.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 19:03:05] - [0 Ko] - C:\WINDOWS\Temp\tw-1ea0-1a04-260222.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 19:03:05] - [0 Ko] - C:\WINDOWS\Temp\tw-1ea0-1a04-260234.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 19:03:05] - [0 Ko] - C:\WINDOWS\Temp\tw-1ea0-1a04-260274.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 19:03:05] - [0 Ko] - C:\WINDOWS\Temp\tw-1ea0-1a04-260276.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 19:03:05] - [0 Ko] - C:\WINDOWS\Temp\tw-1ea0-1a04-260288.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 19:03:05] - [0 Ko] - C:\WINDOWS\Temp\tw-1ea0-1a04-26028a.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 20:08:28] - [0 Ko] - C:\WINDOWS\Temp\tw-278c-bf0-14eec1.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 20:08:28] - [0 Ko] - C:\WINDOWS\Temp\tw-278c-bf0-14ef31.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 20:08:29] - [0 Ko] - C:\WINDOWS\Temp\tw-278c-bf0-14f4d0.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 20:08:29] - [0 Ko] - C:\WINDOWS\Temp\tw-278c-bf0-14f520.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 20:08:29] - [0 Ko] - C:\WINDOWS\Temp\tw-278c-bf0-14f570.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 20:08:29] - [0 Ko] - C:\WINDOWS\Temp\tw-278c-bf0-14f5a1.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 20:08:29] - [0 Ko] - C:\WINDOWS\Temp\tw-278c-bf0-14f5b3.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 20:08:29] - [0 Ko] - C:\WINDOWS\Temp\tw-278c-bf0-14f603.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 20:08:29] - [0 Ko] - C:\WINDOWS\Temp\tw-278c-bf0-14f605.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 20:08:29] - [0 Ko] - C:\WINDOWS\Temp\tw-278c-bf0-14f617.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 20:08:29] - [0 Ko] - C:\WINDOWS\Temp\tw-278c-bf0-14f619.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 20:08:29] - [0 Ko] - C:\WINDOWS\Temp\tw-278c-bf0-14f61b.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 20:08:29] - [0 Ko] - C:\WINDOWS\Temp\tw-278c-bf0-14f62c.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 20:08:30] - [0 Ko] - C:\WINDOWS\Temp\tw-278c-bf0-14f6da.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 20:08:30] - [0 Ko] - C:\WINDOWS\Temp\tw-278c-bf0-14f6dc.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 20:08:30] - [0 Ko] - C:\WINDOWS\Temp\tw-278c-bf0-14f6de.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 20:08:30] - [0 Ko] - C:\WINDOWS\Temp\tw-278c-bf0-14f6e0.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 20:08:30] - [0 Ko] - C:\WINDOWS\Temp\tw-278c-bf0-14f83a.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 20:08:30] - [0 Ko] - C:\WINDOWS\Temp\tw-278c-bf0-14f984.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:45:46] - [0 Ko] - C:\WINDOWS\Temp\tw-5d8-5dc-1629c2.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:45:46] - [0 Ko] - C:\WINDOWS\Temp\tw-5d8-5dc-1629e3.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:45:46] - [0 Ko] - C:\WINDOWS\Temp\tw-5d8-5dc-1629e5.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:45:46] - [0 Ko] - C:\WINDOWS\Temp\tw-5d8-5dc-1629e7.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:45:46] - [0 Ko] - C:\WINDOWS\Temp\tw-5d8-5dc-1629f9.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:45:46] - [0 Ko] - C:\WINDOWS\Temp\tw-5d8-5dc-1629fb.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:45:46] - [0 Ko] - C:\WINDOWS\Temp\tw-5d8-5dc-1629fd.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:45:46] - [0 Ko] - C:\WINDOWS\Temp\tw-5d8-5dc-1629ff.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:45:46] - [0 Ko] - C:\WINDOWS\Temp\tw-5d8-5dc-162a01.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:45:46] - [0 Ko] - C:\WINDOWS\Temp\tw-5d8-5dc-162a12.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:45:46] - [0 Ko] - C:\WINDOWS\Temp\tw-5d8-5dc-162a14.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:45:46] - [0 Ko] - C:\WINDOWS\Temp\tw-5d8-5dc-162a26.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:45:46] - [0 Ko] - C:\WINDOWS\Temp\tw-5d8-5dc-162a38.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:45:46] - [0 Ko] - C:\WINDOWS\Temp\tw-5d8-5dc-162a3a.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:45:46] - [0 Ko] - C:\WINDOWS\Temp\tw-5d8-5dc-162a3c.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:45:46] - [0 Ko] - C:\WINDOWS\Temp\tw-5d8-5dc-162a4d.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:45:46] - [0 Ko] - C:\WINDOWS\Temp\tw-5d8-5dc-162a4f.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:45:46] - [0 Ko] - C:\WINDOWS\Temp\tw-5d8-5dc-162a61.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:45:46] - [0 Ko] - C:\WINDOWS\Temp\tw-5d8-5dc-162a63.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:05:32] - [0 Ko] - C:\WINDOWS\Temp\tw-7e8-1140-1d6aef.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:05:33] - [0 Ko] - C:\WINDOWS\Temp\tw-7e8-1140-1d6f85.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:05:33] - [0 Ko] - C:\WINDOWS\Temp\tw-7e8-1140-1d6fe5.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:05:33] - [0 Ko] - C:\WINDOWS\Temp\tw-7e8-1140-1d7054.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:05:34] - [0 Ko] - C:\WINDOWS\Temp\tw-7e8-1140-1d74fa.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:05:34] - [0 Ko] - C:\WINDOWS\Temp\tw-7e8-1140-1d752b.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:05:34] - [0 Ko] - C:\WINDOWS\Temp\tw-7e8-1140-1d755c.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:05:35] - [0 Ko] - C:\WINDOWS\Temp\tw-7e8-1140-1d7686.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:05:35] - [0 Ko] - C:\WINDOWS\Temp\tw-7e8-1140-1d7928.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:05:35] - [0 Ko] - C:\WINDOWS\Temp\tw-7e8-1140-1d7978.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:05:35] - [0 Ko] - C:\WINDOWS\Temp\tw-7e8-1140-1d79a9.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:05:36] - [0 Ko] - C:\WINDOWS\Temp\tw-7e8-1140-1d7a28.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:05:36] - [0 Ko] - C:\WINDOWS\Temp\tw-7e8-1140-1d7ae6.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:05:36] - [0 Ko] - C:\WINDOWS\Temp\tw-7e8-1140-1d7b17.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:05:36] - [0 Ko] - C:\WINDOWS\Temp\tw-7e8-1140-1d7c51.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:05:36] - [0 Ko] - C:\WINDOWS\Temp\tw-7e8-1140-1d7ca1.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:05:36] - [0 Ko] - C:\WINDOWS\Temp\tw-7e8-1140-1d7d4f.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:05:37] - [0 Ko] - C:\WINDOWS\Temp\tw-7e8-1140-1d7e1c.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 21:05:37] - [0 Ko] - C:\WINDOWS\Temp\tw-7e8-1140-1d7e7c.tmp [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:12:46] - [8.55 Ko] - C:\WINDOWS\Temp\VulkanRT [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:12:49] - [0 Ko] - C:\WINDOWS\Temp\{172DE752-5903-4638-852E-D00CF4352A40} [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:00:40] - [0 Ko] - C:\WINDOWS\System32\0409 [MD5.C652A5EA6545C98CE71684018E0640E7] - |A| - [19/03/2019 06:44:33] - (.-.) - [3.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AdvancedKeySettingsNotification.png [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [19/03/2019 06:44:28] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [19/03/2019 06:44:28] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [19/03/2019 06:44:03] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@BackgroundAccessToastIcon.png [MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [19/03/2019 06:44:47] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@bitlockertoastimage.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [19/03/2019 06:44:47] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@EnrollmentToastIcon.png [MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [19/03/2019 06:44:52] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@language_notification_icon.png [MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [19/03/2019 06:45:47] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@optionalfeatures.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [19/03/2019 06:45:02] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@VpnToastIcon.png [MD5.79166EAF65485F1432DD72B72870026B] - |A| - [19/03/2019 06:45:32] - (.-.) - [190.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@windows-hello-V4.1.gif [MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsHelloFaceToastIcon.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-black.png [MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-white.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [19/03/2019 06:44:01] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WirelessDisplayToast.png [MD5.D0FCF781D0801ABF5F74B54E98076A5B] - |A| - [19/03/2019 06:44:12] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanNotificationIcon.png [MD5.85D91E478AF18125007C531227FF6E59] - |A| - [19/03/2019 06:44:12] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanSimLockIcon.png [MD5.F99FFEB543186BDD81DC090CCCE60EA0] - |A| - [15/12/2016 11:49:53] - (.Copyright © 2003-2012 by fccHandler - AC-3 ACM Codec.) - [176.5 Ko] - (2.2.0.0) - C:\WINDOWS\System32\ac3acm.acm [MD5.31A16C523B62500F83C82217F056A538] - |A| - [19/03/2019 06:44:21] - (.-.) - [8.13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ActiveHours.png [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [2751.51 Ko] - C:\WINDOWS\System32\AdvancedInstallers [MD5.0724FA8BCAF2725746F9BB4264989D96] - |A| - [19/03/2019 06:43:47] - (.-.) - [13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\agentactivationruntimestarter.exe [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [5.97 Ko] - C:\WINDOWS\System32\am-et [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0 Ko] - C:\WINDOWS\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [2710.82 Ko] - C:\WINDOWS\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [355.5 Ko] - C:\WINDOWS\System32\ar-SA [MD5.A3FA2DD7B000AE0964395512E9C37E41] - |A| - [19/03/2019 06:45:35] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [607 Ko] - (3.3.2.0) - C:\WINDOWS\System32\archiveint.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\as-IN [MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [19/03/2019 06:43:47] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AverageRoom.bin [MD5.3990D6FD4EEC3A22133D37CD1CC93F21] - |A| - [10/04/2015 06:16:57] - (.-.) - [256 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AxeLog-000.etl [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\be-BY [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [348 Ko] - C:\WINDOWS\System32\bg-BG [MD5.705628497C0012302212A46ADD463E6E] - |A| - [19/03/2019 06:43:45] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-black.png [MD5.F63C615733A3337BF2BEA96C6EE9B568] - |A| - [19/03/2019 06:43:45] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-high.png [MD5.705628497C0012302212A46ADD463E6E] - |A| - [19/03/2019 06:43:45] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-white.png [MD5.DAF1DCB4AEE839A1965F4CC160C49A53] - |A| - [19/03/2019 06:43:45] - (.-.) - [8.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.png [MD5.28ECA83D7F9D10D69E969675D1FF6725] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.contrast-white.png [MD5.A620186FF1CDE4EE117FC4CAD648B9CC] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\bn-BD [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\bn-IN [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [5979.14 Ko] - C:\WINDOWS\System32\Boot [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\bs-Latn-BA [MD5.6CC5FAF5A7B51609D0D2A90AC1202918] - |A| - [19/03/2019 06:44:29] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [182 Ko] - (1.0.0.1) - C:\WINDOWS\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0.1 Ko] - C:\WINDOWS\System32\Bthprops [MD5.6A33F3047345CC67D036DD0E6AA9C4BC] - |A| - [10/04/2015 06:02:30] - (.-.) - [3.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\bt_only_chip_bt40_fw_asic_rom_patch.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\ca-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\ca-ES-valencia [MD5.00000000000000000000000000000000] - |HD| - [29/09/2015 21:28:08] - [3214.35 Ko] - C:\WINDOWS\System32\CanonIJ Uninstaller Information [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:37:22] - [73263.26 Ko] - C:\WINDOWS\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [56360.12 Ko] - C:\WINDOWS\System32\catroot2 [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\chr-CHER-US [MD5.7A0EDF100791FA09D6A9D9A036F130DF] - |A| - [29/09/2015 21:26:54] - (.-.) - [12.75 Ko] - (0.0.0.0) - C:\WINDOWS\System32\CNC1749D.TBL [MD5.022E082550DB4ABA33AAF06DD1C9048D] - |A| - [29/09/2015 21:26:54] - (.Copyright CANON INC. 2010 All Rights Reserved - WIA Scanner Driver 64-bit Edition.) - [1322.5 Ko] - (1.0.0.0) - C:\WINDOWS\System32\CNC5200C.dll [MD5.8E29A4B8746BB7146F420DDB3192F20C] - |A| - [29/09/2015 21:26:54] - (.Copyright CANON INC. 2010 All Rights Reserved - WIA Scanner Driver Image Enhancement dll 64-bit Edition.) - [109.5 Ko] - (1.0.0.0) - C:\WINDOWS\System32\CNC5200I.dll [MD5.2DC005681DEA0EB6E710940035DE9DE7] - |A| - [29/09/2015 21:26:54] - (.Copyright CANON INC. 2010 All Rights Reserved - LLD.) - [340.5 Ko] - (1.0.0.0) - C:\WINDOWS\System32\CNC5200L.dll [MD5.832AC9632BC028DE0FC6F405D991E406] - |A| - [29/09/2015 21:26:53] - (.Copyright CANON INC. 2010 All Rights Reserved - Canon WIA scanner co-installer 64bit Edition.) - [101 Ko] - (3.1.2.60) - C:\WINDOWS\System32\CNC5200O.dll [MD5.09F6C9BF8B22D230CA73CBF17C5F9700] - |A| - [29/09/2015 21:27:01] - (.Copyright CANON INC. 2006-2010 All Rights Reserved - Canon IJ Driver Installer.) - [242.5 Ko] - (1.8.0.70) - C:\WINDOWS\System32\CNMIUAE.DLL [MD5.488256C0AFA4D9C1CB3084C2956288DF] - |A| - [29/09/2015 21:27:01] - (.Copyright CANON INC. 2000-2010 All Rights Reserved - IJ Language Monitor.) - [353 Ko] - (0.3.0.1) - C:\WINDOWS\System32\CNMLMAE.DLL [MD5.D24710DFBCE3925C5D9FE13AA52DD537] - |A| - [08/07/2017 11:14:38] - (.Copyright CANON INC. 2007-2015 - IJ Language Monitor.) - [399.5 Ko] - (0.3.0.1) - C:\WINDOWS\System32\CNMXLMCS.DLL [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [11.19 Ko] - C:\WINDOWS\System32\CodeIntegrity [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [380 Ko] - C:\WINDOWS\System32\Com [MD5.535884123FABC2C15AA7DEC9834B55D4] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.contrast-white.png [MD5.89F92266DFC6F93961DFFBB2D6C61A15] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.png [MD5.755BFC56892C3ECCA0F02AAC5E0BD3B1] - |A| - [30/05/2018 17:15:41] - (.2013 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [119.45 Ko] - (1.0.0.4) - C:\WINDOWS\System32\CONEQMSAPOGUILibrary.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:37:22] - [323954.52 Ko] - C:\WINDOWS\System32\config [MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:45] - [113.25 Ko] - C:\WINDOWS\System32\Configuration [MD5.5C77E079B337BCF6235F39183D7C7026] - |A| - [19/03/2019 06:44:16] - (.-.) - [223.02 Ko] - (0.0.0.0) - C:\WINDOWS\System32\containerdevicemanagement.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [405.5 Ko] - C:\WINDOWS\System32\cs-CZ [MD5.BDEBD2FC4927DA00EEA263AF9CF8F7ED] - |A| - [19/03/2019 06:45:35] - (.© 1996 - 2017 Daniel Stenberg, . - The curl executable.) - [414.5 Ko] - (7.55.1.0) - C:\WINDOWS\System32\curl.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\cy-GB [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [409 Ko] - C:\WINDOWS\System32\da-DK [MD5.7155B124089FAC5F304084116669F6DF] - |A| - [19/03/2019 06:43:57] - (.-.) - [146 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DataStoreCacheDumpTool.exe [MD5.79E1E1C42BFCF22BC50B9DFBF8177A1C] - |A| - [24/06/2019 14:12:04] - (.Dropbox, Inc. - Dropbox Service.) - [49.83 Ko] - (1.0.24.0) - C:\WINDOWS\System32\DbxSvc.exe [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [277.94 Ko] - C:\WINDOWS\System32\DDFs [MD5.526525479C2067A0DB7977621CB81BD7] - |A| - [30/05/2018 17:15:42] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [266.32 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPA64.dll [MD5.95FAE6EFF9C33FB1CFEDE2092C9A4DC0] - |A| - [30/05/2018 17:15:42] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1919.73 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPD64A.dll [MD5.C53816D19E425CA42401D7D5FC7D3B53] - |A| - [30/05/2018 17:15:42] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [319.77 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPO64A.dll [MD5.5CDE868D75C55F02896641E9162BF097] - |A| - [30/05/2018 17:15:42] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6929.87 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPP64A.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [464 Ko] - C:\WINDOWS\System32\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [19/03/2019 06:44:03] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultAccountTile.png [MD5.618BA9E529EAB7E11DBA43469481835F] - |A| - [19/03/2019 06:43:47] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [19/03/2019 06:49:38] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultQuestions.json [MD5.6C22EC440786D5E1EA69E0D53C4F3B4B] - |A| - [19/03/2019 06:44:45] - (.-.) - [35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\deploymentcsphelper.exe [MD5.46BBA24DEED94A68F244D5DBA4161948] - |A| - [30/07/2015 23:55:12] - (.-.) - [15.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DESKTOP-VRKVT78_Administrator_HistoryPrediction.bin [MD5.851A9305E14B348CA0D9C7FB75391FDB] - |A| - [19/03/2019 06:44:21] - (.-.) - [272.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DesktopKeepOnToastImg.gif [MD5.4A6FA3C0EFD237F104E09A22883D9388] - |A| - [19/03/2019 06:44:25] - (.-.) - [3.85 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DetailedReading-Default.xml [MD5.DCF2510E0745720E543E84F5E921FCC0] - |A| - [18/03/2014 12:13:59] - (.-.) - [256.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\dfpinc.dat [MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:45] - [919.5 Ko] - C:\WINDOWS\System32\DiagSvcs [MD5.173D1EB779621B66784DCABEDF9AFB4F] - |A| - [19/03/2019 06:44:18] - (.-.) - [82.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [9911.81 Ko] - C:\WINDOWS\System32\Dism [MD5.6AB2B935BF38EB13CFCB9506223FD6E7] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.contrast-white.png [MD5.FF004E0B30E5E4EC747B3D8EF6E3B89E] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.png [MD5.8D220B2451DFE2E17A95212D8E0C7B2E] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth1.bin [MD5.13318050805A1AC2D4A4C534887AB007] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth10.bin [MD5.54A4D2752B62FFE8A98E588DB906E799] - |A| - [19/03/2019 06:45:34] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth11.bin [MD5.FA7D32EB423DAC57B0AE079CCA87DE7A] - |A| - [19/03/2019 06:45:34] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth12.bin [MD5.3570691E603B87CC41363341E8348904] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth2.bin [MD5.DF7C0D8374183AB5CA91C1204CA91A0B] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth3.bin [MD5.46F4C31CFE6F93F9CA045DF5C1E23752] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth4.bin [MD5.A88FC6AF11F7E33395C51F9D979FFDFB] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth5.bin [MD5.91B60C6DB00407A19FB7B16C15C3B07E] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth6.bin [MD5.8F40E6DF99054EF4DF58281867B404B3] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth7.bin [MD5.681F63EA513534AFC3A881CF81D65DEF] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth8.bin [MD5.F0259D2CCAC0734A7E83CD875179A6A8] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth9.bin [MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:45] - [252 Ko] - C:\WINDOWS\System32\dsc [MD5.A36AAA3325FA3B4A08053B8E6FB3E45B] - |A| - [30/05/2018 17:15:44] - (.(c) DTS. - DTS Bass Enhancement COM DLL.) - [726.52 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSBassEnhancementDLL64.dll [MD5.4E610EB60940886825AAB3F7DA7C9D9A] - |A| - [30/05/2018 17:15:44] - (.(c) DTS. - DTS Boost COM DLL.) - [1473.56 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSBoostDLL64.dll [MD5.754C35EA52199530DB9485E815C9B3D6] - |A| - [30/05/2018 17:15:44] - (.(c) DTS. - DTS Gain Compensator COM DLL.) - [430.92 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSGainCompensatorDLL64.dll [MD5.A3325218C8899607B5D3351286B4B471] - |A| - [30/05/2018 17:15:44] - (.(c) DTS. - DTS GFX APO.) - [247.95 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSGFXAPO64.dll [MD5.4342C6A1C77DBB341E1F99F8D2B9FC3B] - |A| - [30/05/2018 17:15:44] - (.(c) DTS. - DTS GFX APO.) - [246.95 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSGFXAPONS64.dll [MD5.091DFDF1332B8C2ECB5CC0761985B956] - |A| - [30/05/2018 17:15:44] - (.(c) DTS. - DTS LFX APO.) - [247.91 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSLFXAPO64.dll [MD5.9589B136B601D2F9BC5D2DE3FE5B0EBE] - |A| - [30/05/2018 17:15:44] - (.(c) DTS. - DTS Limiter COM DLL.) - [434.95 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSLimiterDLL64.dll [MD5.8B202E32B31BF1D4F3651C63903C5DC3] - |A| - [30/05/2018 17:15:44] - (.(c) DTS. - DTS NEO:PC COM DLL.) - [492.48 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSNeoPCDLL64.dll [MD5.07AF75397E44A7CDBF07C32CD9DAF6E5] - |A| - [30/05/2018 17:15:44] - (.(c) DTS. - DTS Surround Sensation Headphone COM DLL.) - [1553.77 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSS2HeadphoneDLL64.dll [MD5.99028F53A66576A21563B7B899CA0D6B] - |A| - [30/05/2018 17:15:44] - (.(c) DTS. - DTS Surround Sensation Speaker COM DLL.) - [1738.88 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSS2SpeakerDLL64.dll [MD5.6618E4A4FE4E285478FADF5197F7FEBF] - |A| - [30/05/2018 17:15:45] - (.(c) DTS. - DTS Symmetry COM DLL.) - [710.38 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSSymmetryDLL64.dll [MD5.B692F28F37DEFAA40086C2F347207BEE] - |A| - [30/05/2018 17:15:45] - (.(c) DTS. - DTS GFX APO.) - [488.82 Ko] - (2.1.1.0) - C:\WINDOWS\System32\DTSU2PGFX64.dll [MD5.7505A31B570656C12AE138B3B015BF20] - |A| - [30/05/2018 17:15:45] - (.(c) DTS. - DTS LFX APO.) - [502.46 Ko] - (2.1.1.0) - C:\WINDOWS\System32\DTSU2PLFX64.dll [MD5.A0C71F41AF8714B176E1B671A0451EAE] - |A| - [30/05/2018 17:15:45] - (.(c) DTS. - DTS LFX APO.) - [418.19 Ko] - (2.1.1.0) - C:\WINDOWS\System32\DTSU2PREC64.dll [MD5.5A46D7F2E8FA660F46C2EDB2F21FE4C2] - |A| - [30/05/2018 17:15:45] - (.(c) DTS. - DTS Voice Clarity COM DLL.) - [691.71 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSVoiceClarityDLL64.dll [MD5.2AC58918336D59AAAB91DBDB97FB3182] - |A| - [19/03/2019 06:44:30] - (.-.) - [2529.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\dwmscene.dll [MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [19/03/2019 06:43:47] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicLong.bin [MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [19/03/2019 06:43:47] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicMedium.bin [MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [19/03/2019 06:43:47] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicShort.bin [MD5.10C38E1CA0D664F58E8B9F3645885E1D] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\WINDOWS\System32\edgehtmlpluginpolicy.bin [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [469 Ko] - C:\WINDOWS\System32\el-GR [MD5.431E844215434021F89EB9C8E1634BEF] - |A| - [28/09/2015 18:55:33] - (.-.) - [22.66 Ko] - (0.0.0.0) - C:\WINDOWS\System32\emptyregdb.dat [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:00:40] - [3369 Ko] - C:\WINDOWS\System32\en [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [326 Ko] - C:\WINDOWS\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [42286.92 Ko] - C:\WINDOWS\System32\en-US [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [444 Ko] - C:\WINDOWS\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [361.5 Ko] - C:\WINDOWS\System32\es-MX [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [320 Ko] - C:\WINDOWS\System32\et-EE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\eu-ES [MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:45] - [17057.64 Ko] - C:\WINDOWS\System32\F12 [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\fa-IR [MD5.4DED57BD7ACB9B0EBBE82034EC44645A] - |A| - [19/03/2019 06:44:39] - (.-.) - [43.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastBulldogImg.png [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [7.11 Ko] - C:\WINDOWS\System32\ff-Adlm-SN [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [414 Ko] - C:\WINDOWS\System32\fi-FI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\fil-PH [MD5.296D55827D8BDE1FCB41291CD2CC61B7] - |A| - [01/07/2019 18:06:11] - (.-.) - [571.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:00:40] - [3403.5 Ko] - C:\WINDOWS\System32\fr [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [371.5 Ko] - C:\WINDOWS\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [46597.91 Ko] - C:\WINDOWS\System32\fr-FR [MD5.3C402FA88BB488B77A73428623B7825B] - |A| - [19/03/2019 06:45:49] - (.-.) - [167 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FsNVSDeviceSource.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0 Ko] - C:\WINDOWS\System32\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\ga-IE [MD5.41FD64AE28A0C932CA7B2A250993D675] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.contrast-white.png [MD5.6DC77FD8B062264AF1C6DA325ABB7010] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.png [MD5.2E6AF4D5BF6E31E728F409984C3045D4] - |A| - [19/03/2019 06:45:50] - (.-.) - [86.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\gatherNetworkInfo.vbs [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\gd-GB [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\gl-ES [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\WINDOWS\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\WINDOWS\System32\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\gu-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\ha-Latn-NG [MD5.EA99A87E98D995DE6E280CF85CEAD413] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.contrast-white.png [MD5.B8E586ED92DB703FFA480E254996160E] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [329.5 Ko] - C:\WINDOWS\System32\he-IL [MD5.6E9E9D56B192B2995493E529CFF2BBFE] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.contrast-white.png [MD5.7F1E9502267F778F3A8139C35A352190] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.png [MD5.202A07E4526B050E22624328E64E0470] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.contrast-white.png [MD5.1892ACC10CAC009BCAC146AD650ABA58] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.png [MD5.031713BFD5F30E63336D3CA5D2767BE9] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.contrast-white.png [MD5.C1BD7976C99830E33A713D02374054EC] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.png [MD5.D6F7FB7B9386E0A029DCCD11DD84B15A] - |A| - [19/03/2019 06:44:11] - (.-.) - [260 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\hi-IN [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [337 Ko] - C:\WINDOWS\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [413.5 Ko] - C:\WINDOWS\System32\hu-HU [MD5.B4DE48A0333CD63B62CDC63B516D9902] - |A| - [19/03/2019 06:45:54] - (.-.) - [37.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HvSocket.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\hy-AM [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:02:58] - [158.57 Ko] - C:\WINDOWS\System32\Hydrogen [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [5.36 Ko] - C:\WINDOWS\System32\ias [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [36.27 Ko] - C:\WINDOWS\System32\icsxml [MD5.2E977573411A099BD0213832B7442F0E] - |A| - [01/07/2019 18:34:11] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Combined Library.) - [2267 Ko] - (63.1.0.0) - C:\WINDOWS\System32\icu.dll [MD5.D2A4919E61E99157AD2DE994795C0F83] - |RA| - [19/03/2019 06:44:15] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [24.5 Ko] - (63.1.0.0) - C:\WINDOWS\System32\icuin.dll [MD5.003EEDD728E2952E23DB9F6516B9194A] - |RA| - [19/03/2019 06:44:15] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [29 Ko] - (63.1.0.0) - C:\WINDOWS\System32\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\id-ID [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\ig-NG [MD5.8CE43FCE353B86A81F67014B6EEE5143] - |A| - [19/03/2019 06:43:45] - (.-.) - [195.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\IHDS.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [25975.79 Ko] - C:\WINDOWS\System32\IME [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0 Ko] - C:\WINDOWS\System32\inetsrv [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [6868.5 Ko] - C:\WINDOWS\System32\InputMethod [MD5.8DE9AE82152650C178BF1E24014E8503] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.contrast-white.png [MD5.0B9FBD6F3ED617CD36D042D3422F1C2B] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0 Ko] - C:\WINDOWS\System32\Ipmi [MD5.4B50A976673054965C8D75832DD01FB6] - |A| - [30/05/2018 17:15:51] - (.© Knowles Electronics. - Knowles HD Audio APO.) - [603.7 Ko] - (4.1105.6000.53) - C:\WINDOWS\System32\KAAPORT64.dll [MD5.23AC7515B6D8A794BCC01B582F044078] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.contrast-white.png [MD5.3DF873E16CCEA9B42857FB5FA085CB00] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [532.61 Ko] - C:\WINDOWS\System32\Keywords [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\kk-KZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\km-KH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\kn-IN [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [298 Ko] - C:\WINDOWS\System32\ko-KR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\kok-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\ku-Arab-IQ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\ky-KG [MD5.EE6407670B4CA47CCC9AF5ED41A19150] - |A| - [15/12/2016 11:49:53] - (.Copyright © 2011 - Lagarith.) - [145.5 Ko] - (1.3.27.0) - C:\WINDOWS\System32\lagarith.dll [MD5.9451D4436E2EA67EB33FCC764E4AABED] - |A| - [19/03/2019 06:44:21] - (.-.) - [186.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LaptopPlugInToastImg.gif [MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [19/03/2019 06:43:47] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LargeRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\lb-LU [MD5.157FB82D7141B18624FF2D42190C97E1] - |A| - [19/03/2019 14:01:40] - (.-.) - [1572 Ko] - (2.6.5.1) - C:\WINDOWS\System32\libcrypto.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [625.17 Ko] - C:\WINDOWS\System32\Licenses [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\lo-LA [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [36332 Ko] - C:\WINDOWS\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [335.5 Ko] - C:\WINDOWS\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [333.5 Ko] - C:\WINDOWS\System32\lv-LV [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [58305.61 Ko] - C:\WINDOWS\System32\Macromed [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:02:25] - [32.68 Ko] - C:\WINDOWS\System32\MailContactsCalendarSync [MD5.6C3157FD2E850739EDEA659D40D0977D] - |A| - [30/05/2018 17:15:51] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [322.8 Ko] - (2.2.9.0) - C:\WINDOWS\System32\MaxxAudioAPO20.dll [MD5.84E57F29ADF92B001C5EB4DB2AB2F7B1] - |A| - [30/05/2018 17:15:51] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [662.28 Ko] - (3.6.0.0) - C:\WINDOWS\System32\MaxxAudioAPO30.dll [MD5.963A8F89B0CC40B14F27FCAD30BE8CA3] - |A| - [30/05/2018 17:15:51] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1138.82 Ko] - (4.5.8.0) - C:\WINDOWS\System32\MaxxAudioAPO4064.dll [MD5.82244FEFCFEB8B4D7CBC8212A614AB5A] - |A| - [30/05/2018 17:15:56] - (.Copyright © 1996-2014 -.) - [2002.13 Ko] - (4.1.1.0) - C:\WINDOWS\System32\MaxxAudioEQ64.dll [MD5.ADFBDA58D830421CBF456CAAED17BBAD] - |A| - [30/05/2018 17:16:13] - (.© Waves Audio Ltd. - MaxxVolumeSD APO.) - [661.78 Ko] - (3.6.0.0) - C:\WINDOWS\System32\MaxxVolumeSDAPO.dll [MD5.F53CAB05B340E9C28028764995BC1071] - |A| - [19/03/2019 06:45:05] - (.-.) - [836.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MBR2GPT.EXE [MD5.F23EB28468FC8B62AF941308EC30387F] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.contrast-white.png [MD5.6E27512E38D598E0A60F8E5ADCF032CD] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.png [MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [19/03/2019 06:43:47] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediumRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\mi-NZ [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:42:44] - [18.81 Ko] - C:\WINDOWS\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [5325.17 Ko] - C:\WINDOWS\System32\migration [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [46640.32 Ko] - C:\WINDOWS\System32\migwiz [MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [19/03/2019 06:46:18] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MixedRealityRuntime.json [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\mk-MK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\ml-IN [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [19/03/2019 06:49:39] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\mmc.exe.config [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\mn-MN [MD5.B43E43FFFDD0F06A6925C7C89594042B] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.contrast-white.png [MD5.5D2F0D3E50BF1129D260AC1405FF2A18] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\mr-IN [MD5.00000000000000000000000000000000] - |D| - [28/09/2015 20:47:50] - [0 Ko] - C:\WINDOWS\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\ms-MY [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [45.5 Ko] - C:\WINDOWS\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [4356.28 Ko] - C:\WINDOWS\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\mt-MT [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [30.3 Ko] - C:\WINDOWS\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [45.64 Ko] - C:\WINDOWS\System32\my-mm [MD5.6B1E196C4E5CB30D6FF99CFA8F1F071D] - |A| - [19/03/2019 06:44:28] - (.-.) - [28.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NarratorControlTemplates.xml [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [403.5 Ko] - C:\WINDOWS\System32\nb-NO [MD5.00FE6C7D265D55E1072371686C3CF1EC] - |A| - [06/06/2017 23:21:02] - (.-.) - [162.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetSetupMig.log [MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [19/03/2019 06:45:50] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [51 Ko] - C:\WINDOWS\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [439.5 Ko] - C:\WINDOWS\System32\nl-NL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\nn-NO [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\nso-ZA [MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:45] - [3781.5 Ko] - C:\WINDOWS\System32\Nui [MD5.B71AD74A91E472CC8B283B8A7D2C9677] - |A| - [11/11/2016 03:30:56] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nv-vk64.json [MD5.A0A0232C538FA0EEA3FAACF9EA481478] - |A| - [06/06/2017 23:27:38] - (.-.) - [7324.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvcoproc.bin [MD5.EB0E681F99AC7338842D2F8B6EEED81E] - |A| - [11/11/2016 03:31:00] - (.-.) - [41.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvinfo.pb [MD5.DC55B5C2A8A45395DB884591324D359B] - |A| - [19/03/2019 14:02:58] - (.-.) - [18.02 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OEMDefaultAssociations.xml [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-black.png [MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-white.png [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.png [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [18818.97 Ko] - C:\WINDOWS\System32\oobe [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:40] - [3554.5 Ko] - C:\WINDOWS\System32\OpenSSH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\or-IN [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [3.81 Ko] - C:\WINDOWS\System32\osa-Osge-001 [MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [19/03/2019 06:43:47] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OutdoorAudioEnvironment.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\pa-IN [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [1765.72 Ko] - C:\WINDOWS\System32\PerceptionSimulation [MD5.F387EE8464A303C4A8E75E79689EB6C6] - |A| - [19/03/2019 06:55:38] - (.-.) - [130.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc009.dat [MD5.BDE9FE9300F48BAAFE143C21F8D3CAD7] - |A| - [19/03/2019 14:00:42] - (.-.) - [146.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc00C.dat [MD5.06BE91E88AFAE28B47F7EE1095937ADA] - |A| - [01/07/2019 18:26:34] - (.-.) - [130 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc011.dat [MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [19/03/2019 06:55:38] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd009.dat [MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [19/03/2019 14:00:42] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd00C.dat [MD5.50681B748A019D0096B5DF4EBE1EAB74] - |A| - [01/07/2019 18:26:34] - (.-.) - [32.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd011.dat [MD5.BC17215E3F0A6074A15C42B4CD2F54EB] - |A| - [19/03/2019 06:55:38] - (.-.) - [685.98 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh009.dat [MD5.8315FAEB2C030452FF4F540E9FD35B67] - |A| - [19/03/2019 14:00:42] - (.-.) - [773.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh00C.dat [MD5.03928B0932B0B3A3016547AD0DEAA734] - |A| - [01/07/2019 18:26:34] - (.-.) - [467.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh011.dat [MD5.8B425A158D543A125CE621BB1F63E9E1] - |A| - [01/07/2019 18:28:37] - (.-.) - [2329.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerfStringBackup.INI [MD5.79D34E3B62076D4C875C748F5BE71ECA] - |A| - [19/03/2019 06:43:45] - (.-.) - [2.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.contrast-white.png [MD5.4D9495349D00D9AD907F227FF51F289F] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.92 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [429.5 Ko] - C:\WINDOWS\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [464 Ko] - C:\WINDOWS\System32\PointOfService [MD5.77D96999819206E9208DF12819E5DBA7] - |A| - [19/03/2019 06:44:12] - (.-.) - [42.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\pospaymentsworker.exe [MD5.3B7F14A49F1CD8CEC2A157D3E6D8302C] - |A| - [06/09/2014 22:52:12] - (.-.) - [132.68 Ko] - (0.0.0.0) - C:\WINDOWS\System32\prfc0404.dat [MD5.32BC2E0CC95E2DCEE25B15BFB82D07B8] - |A| - [06/09/2014 22:52:12] - (.-.) - [32.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\prfd0404.dat [MD5.E04C870D683BB5996F0F0DB9C72E3070] - |A| - [06/09/2014 22:52:12] - (.-.) - [440.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\prfh0404.dat [MD5.5DDC3C338F6130DCBAB768595F9F6BA5] - |A| - [06/09/2014 22:52:12] - (.-.) - [116.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\prfi0404.dat [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:00:41] - [1380.13 Ko] - C:\WINDOWS\System32\Printing_Admin_Scripts [MD5.007893E8374C766471239EB291BA8C17] - |A| - [19/03/2019 06:44:00] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [424 Ko] - C:\WINDOWS\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [434.5 Ko] - C:\WINDOWS\System32\pt-PT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\quz-PE [MD5.59F0C73AE88A5D08E0A6CCA3FCF08729] - |A| - [30/05/2018 17:16:14] - (.©2012 Dolby Laboratories. - Dolby PCEE4 ASL Analog x64.) - [131.05 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEA64A.dll [MD5.AB1AFE42BF151B1FC53AED21B7DDDB17] - |A| - [30/05/2018 17:16:14] - (.©2012 Dolby Laboratories. - Dolby PCEE4 COM DLL x64.) - [437.22 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EED64A.dll [MD5.722C6D13A588E834600081CF688021DB] - |A| - [30/05/2018 17:16:14] - (.©2012 Dolby Laboratories. - Dolby PCEE4 GFX APO x64.) - [82.63 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEG64A.dll [MD5.90DC19A7075B3653C432D922A284352F] - |A| - [30/05/2018 17:16:14] - (.©2012 Dolby Laboratories. - Dolby PCEE4 LFX APO x64.) - [148.23 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEL64A.dll [MD5.603A80AA2463F995C2C3805AC3B536B7] - |A| - [30/05/2018 17:16:14] - (.©2012 Dolby Laboratories. - Dolby PCEE4 Control Panel x64.) - [7004.8 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEP64A.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [23.75 Ko] - C:\WINDOWS\System32\ras [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0 Ko] - C:\WINDOWS\System32\RasToast [MD5.C7C018F59C8D03A723A6CE7315657659] - |A| - [19/03/2019 06:45:47] - (.-.) - [1970.5 Ko] - (1.0.1901.7002) - C:\WINDOWS\System32\rdpnano.dll [MD5.D8D02FD6073373A537FC0C1024E7C6DA] - |A| - [19/03/2019 06:43:47] - (.-.) - [60.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rdsxvmaudio.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [2.25 Ko] - C:\WINDOWS\System32\Recovery [MD5.826549DF7B1333179BA8CA939B12DAD3] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.contrast-white.png [MD5.B4DEEC96F9DF6961D5DE054F11BF9C2B] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.png [MD5.1BD059A6D1219C35098AC3BD4C02FDC2] - |A| - [19/03/2019 06:45:32] - (.-.) - [107.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResBParser.dll [MD5.1FB4B6A26FEEF4A99B7D0ECD2ADDF075] - |A| - [19/03/2019 06:45:56] - (.-.) - [9.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageList [MD5.93915F385A4EED6C0FBEE364EA90CE56] - |A| - [19/03/2019 06:45:56] - (.-.) - [9.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageListLowCost [MD5.39BB5D2A5EC1CBDD722CAB7BDCEC41F5] - |A| - [19/03/2019 06:45:56] - (.-.) - [8.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageList [MD5.39A2449AFF6ABAD80B97EA7C7CEB3F8E] - |A| - [19/03/2019 06:45:56] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageListLowCost [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-black.png [MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-white.png [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.png [MD5.AE9FE55FED83149715734CB83339055A] - |A| - [19/03/2019 06:44:21] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartTonight_80.png [MD5.AE9FE55FED83149715734CB83339055A] - |A| - [19/03/2019 06:44:21] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartTonight_80_contrast-black.png [MD5.891AD355AB777A95695FC8A8A623A614] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.98 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartTonight_80_contrast-white.png [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0.07 Ko] - C:\WINDOWS\System32\restore [MD5.A0A45C8542B975EB513031315C90444C] - |A| - [10/04/2015 06:02:30] - (.-.) - [34.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rlt8723a_chip_bt40_fw_asic_rom_patch.dll [MD5.D518E801551E975B26ECA37E7E1D3086] - |A| - [30/05/2018 17:16:55] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [314.17 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DAA64.dll [MD5.23212C53F5D8DE747F86463B3B5A183F] - |A| - [30/05/2018 17:16:55] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [314.17 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DHT64.dll [MD5.AC1AA9F3B1D8FDF8882DC6AB8A10D64A] - |A| - [30/05/2018 17:17:01] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [209.8 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEED64A.dll [MD5.FFE5A1AD38CFF13815D962F228C237C8] - |A| - [30/05/2018 17:17:01] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [86.27 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEG64A.dll [MD5.A75237F8A8BA4F19A7A8712FEE428A84] - |A| - [30/05/2018 17:17:01] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [108.38 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEL64A.dll [MD5.44BAE5798495ADF0E3006DFCFD35373F] - |A| - [30/05/2018 17:17:01] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [378.23 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEP64A.dll [MD5.4C37BCCBC1CB33F53A6F58FD6D0336E9] - |A| - [10/04/2015 06:02:30] - (.-.) - [6.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rtl8723b_chip_bt40_fw_asic_rom_patch.dll [MD5.C2604F15D5FC0392F94373BF292AB165] - |A| - [10/04/2015 06:02:30] - (.-.) - [37.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.1908F6DBD56F3C6DC4D6FBC00B28E6E3] - |A| - [10/04/2015 06:02:30] - (.-.) - [48.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rtl8761a_bcut_bt40_fw_asic_rom_patch_new.dll [MD5.1908F6DBD56F3C6DC4D6FBC00B28E6E3] - |A| - [10/04/2015 06:02:30] - (.-.) - [48.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192ee_new.dll [MD5.4167580869186D1D5C92B82F42F30003] - |A| - [10/04/2015 06:02:30] - (.-.) - [46.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192eu_new.dll [MD5.1E007BD8989D21F5E60F82EBD0C784FD] - |A| - [10/04/2015 06:02:30] - (.-.) - [48.23 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8812ae_new.dll [MD5.54B58DFDAFAA9C1E56E6271F4D411E2C] - |A| - [10/04/2015 06:02:30] - (.-.) - [46.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.F93F1B751899C2F0B4C312ED85F95023] - |A| - [10/04/2015 06:02:30] - (.-.) - [27.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rtl8821a_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.AA694008D3068ED546D9DF920BF5300D] - |A| - [19/03/2019 06:44:35] - (.-.) - [57.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\runexehelper.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\rw-RW [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [19/03/2019 06:46:39] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScavengeSpace.xml [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-black.png [MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-white.png [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\sd-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [6.92 Ko] - C:\WINDOWS\System32\SecureBootUpdates [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [19/03/2019 06:44:01] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\settings.dat [MD5.8C3D0C73A0850A0EE62DF9EC36DBDE80] - |A| - [14/01/2015 19:13:07] - (.-.) - [1.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SetupBD.din [MD5.7A28F829585136B3572BC6F749461070] - |A| - [30/05/2018 17:17:04] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFAPO.DLL.) - [86.24 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFAPO64.dll [MD5.0976675DADFFFF05707F841B72418975] - |A| - [30/05/2018 17:17:04] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFCOM.DLL.) - [88.78 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFCOM64.dll [MD5.57DBB8DDDDABBDF1E66F3707E1264E2D] - |A| - [30/05/2018 17:17:04] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFNHK.DLL.) - [226.48 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFNHK64.dll [MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [19/03/2019 06:43:47] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:37:22] - [15749.02 Ko] - C:\WINDOWS\System32\SMI [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-black.png [MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-white.png [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.png [MD5.DE3EAAF17BC934C77C4FC0C626EEA03B] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.contrast-white.png [MD5.3308374DB8D20CFDA4D4204E2B5E559E] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.png [MD5.CEDAB194F8B9DADA895371B4560B97F0] - |A| - [19/03/2019 06:45:54] - (.-.) - [38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpectrumSyncClient.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [7977.8 Ko] - C:\WINDOWS\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [14652.11 Ko] - C:\WINDOWS\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [186763.2 Ko] - C:\WINDOWS\System32\spool [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [10744.22 Ko] - C:\WINDOWS\System32\spp [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [23.61 Ko] - C:\WINDOWS\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\sq-AL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\sr-Cyrl-BA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\sr-Cyrl-RS [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 13:47:48] - [0 Ko] - C:\WINDOWS\System32\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [454.73 Ko] - C:\WINDOWS\System32\sr-Latn-RS [MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [19/03/2019 06:45:56] - (.-.) - [19.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms-apr.dat [MD5.763BCEE61F573235E1C60E80438AC301] - |A| - [01/07/2019 18:35:01] - (.-.) - [57.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms.dat [MD5.D5CBFC2DCAB04A9B3D0CDE38D65A3F9B] - |A| - [30/05/2018 17:17:05] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [204.62 Ko] - (1.1.0.0) - C:\WINDOWS\System32\SRSHP64.dll [MD5.E219852B87D0634EDE3B3B61C520B450] - |A| - [30/05/2018 17:17:05] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [216.76 Ko] - (1.1.4.0) - C:\WINDOWS\System32\SRSTSH64.dll [MD5.0F4A688E07D9905E0EF9A3BB0D1E9A60] - |A| - [30/05/2018 17:17:05] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [519.9 Ko] - (3.2.0.0) - C:\WINDOWS\System32\SRSTSX64.dll [MD5.4F443A11503A87786D1B0FA818F70D07] - |A| - [30/05/2018 17:17:05] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [162.3 Ko] - (1.1.3.0) - C:\WINDOWS\System32\SRSWOW64.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [3928 Ko] - C:\WINDOWS\System32\sru [MD5.EBF15D23B92DE845AC8C952AE9153492] - |A| - [19/03/2019 06:43:47] - (.-.) - [443 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [410.5 Ko] - C:\WINDOWS\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\sw-KE [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:43] - [1405.46 Ko] - C:\WINDOWS\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [955.28 Ko] - C:\WINDOWS\System32\SystemResetPlatform [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [10.73 Ko] - C:\WINDOWS\System32\ta-in [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [10.73 Ko] - C:\WINDOWS\System32\ta-lk [MD5.5F6B04A0EC5FE46FEEEC887406F63E57] - |A| - [19/03/2019 06:45:35] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [49.5 Ko] - (3.3.2.0) - C:\WINDOWS\System32\tar.exe [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [724.79 Ko] - C:\WINDOWS\System32\Tasks [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [688.3 Ko] - C:\WINDOWS\System32\Tasks_Migrated [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [19/03/2019 06:45:00] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\te-IN [MD5.364B8B76EBB95762632341E49F26144D] - |A| - [01/07/2019 18:34:09] - (.-.) - [1798 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TextInputMethodFormatter.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\tg-Cyrl-TJ [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [310.5 Ko] - C:\WINDOWS\System32\th-TH [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [5.97 Ko] - C:\WINDOWS\System32\ti-et [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\tk-TM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\tn-ZA [MD5.B88B8D017386A00D7724519F475317A0] - |A| - [19/03/2019 06:43:54] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [19/03/2019 06:43:54] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlanCredentials.xslt [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\tt-RU [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\ug-CN [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [337 Ko] - C:\WINDOWS\System32\uk-UA [MD5.B9A75ED4500DD953DF172FE6F63578E8] - |A| - [19/03/2019 06:43:49] - (.-.) - [53.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\umpdc.dll [MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:45] - [1917.6 Ko] - C:\WINDOWS\System32\UNP [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\ur-PK [MD5.21B9D3543310B811B3F0DBE3838EEF12] - |A| - [19/03/2019 06:44:18] - (.-.) - [44.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UsbPmApi.dll [MD5.BAB4BA3C107F89955FABD06688B232F0] - |A| - [01/07/2019 18:34:14] - (.-.) - [37 Ko] - (0.0.0.0) - C:\WINDOWS\System32\usocoreps.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\uz-Latn-UZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\vi-VN [MD5.E9A66CB07CCDB9B99F084315E04FCBC7] - |A| - [19/03/2019 06:59:03] - (.-.) - [92.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\VirtualMonitorManager.dll [MD5.8140DA331F52518CC5FF25E69093BC5C] - |A| - [09/09/2016 20:25:10] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [255.78 Ko] - (1.0.26.0) - C:\WINDOWS\System32\vulkan-1-1-0-26-0.dll [MD5.B0ECA1A7A27554613D52FF60328D75DA] - |A| - [14/02/2016 03:46:26] - (.-.) - [123.27 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkan-1-1-0-3-0.dll [MD5.8140DA331F52518CC5FF25E69093BC5C] - |A| - [11/12/2016 13:27:43] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [255.78 Ko] - (1.0.26.0) - C:\WINDOWS\System32\vulkan-1.dll [MD5.61DA784EB8C8E133EB3BB4AFBDD66758] - |A| - [09/09/2016 20:24:38] - (.-.) - [122.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo-1-1-0-26-0.exe [MD5.8B3FD814D7DD1D35540C8C8883E83FF2] - |A| - [14/02/2016 03:45:26] - (.-.) - [44.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo-1-1-0-3-0.exe [MD5.61DA784EB8C8E133EB3BB4AFBDD66758] - |A| - [11/12/2016 13:27:43] - (.-.) - [122.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [382772.09 Ko] - C:\WINDOWS\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:00:41] - [0 Ko] - C:\WINDOWS\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [32867.09 Ko] - C:\WINDOWS\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [19/03/2019 06:44:30] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [31/07/2015 00:42:06] - [0 Ko] - C:\WINDOWS\System32\wfp [MD5.39B36FC36B577FDD2CDCDDD1C6D1D422] - |A| - [10/09/2015 07:57:04] - (.-.) - [15.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WIN-TVAQ5U78ATO_Administrator_HistoryPrediction.bin [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [1.12 Ko] - C:\WINDOWS\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [49316.93 Ko] - C:\WINDOWS\System32\WinBioPlugIns [MD5.E30AD4BFF3700940585102E79813639C] - |A| - [13/09/2016 12:53:45] - (.Copyright © 2019 - Java(TM) Platform SE binary.) - [108.37 Ko] - (8.0.2110.12) - C:\WINDOWS\System32\WindowsAccessBridge-64.dll [MD5.8B956E4F6378335CC19BE3296A6C9B7E] - |A| - [19/03/2019 06:44:11] - (.-.) - [122 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [14.53 Ko] - C:\WINDOWS\System32\WindowsInternal.Inbox.Media.Shared [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [27.59 Ko] - C:\WINDOWS\System32\WindowsInternal.Inbox.Shared [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [10796.58 Ko] - C:\WINDOWS\System32\WindowsPowerShell [MD5.28E98ED0B6B08B7F1D163FFD184B28AF] - |A| - [19/03/2019 06:44:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsSecurityIcon.png [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [41680 Ko] - C:\WINDOWS\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [6161.92 Ko] - C:\WINDOWS\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:00:41] - [293.35 Ko] - C:\WINDOWS\System32\winrm [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\wo-SN [MD5.1B46E2E85D401A629966A8F62D9B0775] - |A| - [19/03/2019 06:43:52] - (.-.) - [9.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcatltoast.png [MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [19/03/2019 06:43:52] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcmon.png [MD5.69FEC1494F4C454E994D27CA6750832B] - |A| - [19/03/2019 06:44:35] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpr.config.xml [MD5.BC1F19DFEF56D14AE742CE46951F83A2] - |A| - [15/12/2016 11:49:52] - (.Copyright (C) 2003-2017 x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) - [3710.5 Ko] - (44.2851.44825.0) - C:\WINDOWS\System32\x264vfw64.dll [MD5.2DE2D263D2C5739AB4A37C5616ABA671] - |A| - [19/03/2019 06:44:03] - (.-.) - [97 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\xh-ZA [MD5.626DEF07AFDE0B8AC07C33969A922E41] - |A| - [25/04/2018 15:55:54] - (.-.) - [775.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xvidcore.dll [MD5.D14A9124281B163A8953B91B053B3A19] - |A| - [25/04/2018 15:55:54] - (.-.) - [304 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xvidvfw.dll [MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.61 Ko] - (0.0.0.0) - C:\WINDOWS\System32\X_80.contrast-black.png [MD5.6FF92221AF9D6CDF0966C4E44C367975] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.57 Ko] - (0.0.0.0) - C:\WINDOWS\System32\X_80.contrast-white.png [MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.61 Ko] - (0.0.0.0) - C:\WINDOWS\System32\X_80.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\yo-NG [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [293.49 Ko] - C:\WINDOWS\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [06/09/2014 22:51:23] - [0 Ko] - C:\WINDOWS\System32\zh-HANT [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 13:47:48] - [3 Ko] - C:\WINDOWS\System32\zh-HK [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [280.5 Ko] - C:\WINDOWS\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\System32\zu-ZA [MD5.F25C0DD605E37BA04BB9A7519B1D8270] - |A| - [11/09/2016 12:00:01] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\$%% [MD5.B10F1FACC9A598016A9D283258D06D9E] - |A| - [11/09/2016 12:00:01] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\$%%.LOG1 [MD5.383CF6223D0D8AB16372120B0D8204F3] - |A| - [11/09/2016 12:00:01] - (.-.) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\$%%.LOG2 [MD5.4E34F985E9787FBD28E605DF68E47DCF] - |A| - [11/09/2016 12:00:01] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\$%%{385334ea-769b-11e6-acb3-dc85decbcf02}.TM.blf [MD5.A996F5D3DE7BDE24170CFDE0313D1AB6] - |A| - [11/09/2016 12:00:01] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\$%%{385334ea-769b-11e6-acb3-dc85decbcf02}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - |A| - [11/09/2016 12:00:01] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\$%%{385334ea-769b-11e6-acb3-dc85decbcf02}.TMContainer00000000000000000002.regtrans-ms [MD5.A1DAF07568D9CF9858D9D080C9E5FC34] - |A| - [13/03/2016 13:00:00] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\' [MD5.066E8F93C99AB52E313D884FECB5707B] - |A| - [28/02/2016 14:08:44] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\' ?ø?ø?ÿ?ÿd [MD5.C50A44850EA3F2CD74AA0294EDB6467E] - |A| - [28/02/2016 14:08:44] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\' ?ø?ø?ÿ?ÿd.LOG1 [MD5.E9B0141B6A5E0D5A06E1C226AFAFD2E2] - |A| - [28/02/2016 14:08:44] - (.-.) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\' ?ø?ø?ÿ?ÿd.LOG2 [MD5.8667259CB67EA95EEB5A094F27E11BB6] - |A| - [28/02/2016 14:08:44] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\' ?ø?ø?ÿ?ÿd{b42b02a6-da47-11e5-8de4-dc85decbcf02}.TM.blf [MD5.619668308DCC28B24808CA01BDF3CBDF] - |A| - [28/02/2016 14:08:44] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\' ?ø?ø?ÿ?ÿd{b42b02a6-da47-11e5-8de4-dc85decbcf02}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - |A| - [28/02/2016 14:08:44] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\' ?ø?ø?ÿ?ÿd{b42b02a6-da47-11e5-8de4-dc85decbcf02}.TMContainer00000000000000000002.regtrans-ms [MD5.50A7D1FEEC8FC033B51557E9373F7E49] - |A| - [31/01/2016 13:00:01] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\' ????????d [MD5.B2AC354CF8F0D338C6EEA63FF079C526] - |A| - [31/01/2016 13:00:01] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\' ????????d.LOG1 [MD5.CB6C921C9A110B13825D4D79FECC01ED] - |A| - [31/01/2016 13:00:01] - (.-.) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\' ????????d.LOG2 [MD5.86A99DEF385E77CDD2FD44BED60D8972] - |A| - [31/01/2016 13:00:01] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\' ????????d{7c97849b-c6e1-11e5-8dd4-9aa18e3d3fc4}.TM.blf [MD5.71087F8E3C0350EE29435E64389E6F2F] - |A| - [31/01/2016 13:00:01] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\' ????????d{7c97849b-c6e1-11e5-8dd4-9aa18e3d3fc4}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - |A| - [31/01/2016 13:00:01] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\' ????????d{7c97849b-c6e1-11e5-8dd4-9aa18e3d3fc4}.TMContainer00000000000000000002.regtrans-ms [MD5.7CF8676AB0A132DE6003EF7816EC9545] - |A| - [06/03/2016 15:25:36] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\')?????d [MD5.CE7E9451793F2835BE9E94988B4B849B] - |A| - [06/03/2016 15:25:36] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\')?????d.LOG1 [MD5.7175C39774D241249ECA44D3782E7087] - |A| - [06/03/2016 15:25:36] - (.-.) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\')?????d.LOG2 [MD5.28095F66A6862B70ABCA87DE893A5B6B] - |A| - [06/03/2016 15:25:36] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\')?????d{353b8354-e2af-11e5-8dec-dc85decbcf02}.TM.blf [MD5.1D092C7EB8393A221D96F99D54273B86] - |A| - [06/03/2016 15:25:36] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\')?????d{353b8354-e2af-11e5-8dec-dc85decbcf02}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - |A| - [06/03/2016 15:25:36] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\')?????d{353b8354-e2af-11e5-8dec-dc85decbcf02}.TMContainer00000000000000000002.regtrans-ms [MD5.4F2F4A18F9DA8F009C25CC918E1D3190] - |A| - [13/03/2016 13:00:00] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\'.LOG1 [MD5.09766BD1B7F6FE3ED352D83208891705] - |A| - [13/03/2016 13:00:00] - (.-.) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\'.LOG2 [MD5.C0363C21C1C95ED1A198BCB1FE0830AA] - |A| - [13/03/2016 13:00:00] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\'{b73a23f8-e82c-11e5-8df3-dc85decbcf02}.TM.blf [MD5.98FE2E91559641E96435AB7F4167D98C] - |A| - [13/03/2016 13:00:00] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\'{b73a23f8-e82c-11e5-8df3-dc85decbcf02}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - |A| - [13/03/2016 13:00:00] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\'{b73a23f8-e82c-11e5-8df3-dc85decbcf02}.TMContainer00000000000000000002.regtrans-ms [MD5.A869C56B2A2CC47A9F5B1FA9ACA638B9] - |A| - [14/08/2016 12:00:01] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\.$?]?X?^?^d [MD5.A06AFF170B77A3FB02A2C91DA597C9ED] - |A| - [14/08/2016 12:00:01] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\.$?]?X?^?^d.LOG1 [MD5.2FD50D771D9F570C2448C4B579FF4601] - |A| - [14/08/2016 12:00:01] - (.-.) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\.$?]?X?^?^d.LOG2 [MD5.9EF24CEE4E48192D8E1418B3CFCFA33F] - |A| - [14/08/2016 12:00:01] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\.$?]?X?^?^d{19da862c-61f8-11e6-8e3b-dc85decbcf02}.TM.blf [MD5.48C059BEE9D055B6BB11B9F9B827F506] - |A| - [14/08/2016 12:00:01] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\.$?]?X?^?^d{19da862c-61f8-11e6-8e3b-dc85decbcf02}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - |A| - [14/08/2016 12:00:01] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\.$?]?X?^?^d{19da862c-61f8-11e6-8e3b-dc85decbcf02}.TMContainer00000000000000000002.regtrans-ms [MD5.67E73E1ED25E5E7F185CA685C08CA590] - |A| - [29/05/2016 12:00:01] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\.%?v?t?u?ud [MD5.70EB47CA5139BA0DB4BC0CEFA4503423] - |A| - [29/05/2016 12:00:01] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\.%?v?t?u?ud.LOG1 [MD5.1C2005DF5807C64C30483821CA359D52] - |A| - [29/05/2016 12:00:01] - (.-.) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\.%?v?t?u?ud.LOG2 [MD5.6CEE1EDDD2A5FD1EB042DB76AE34D376] - |A| - [29/05/2016 12:00:01] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\.%?v?t?u?ud{0fc7a8d8-223b-11e6-8e19-dc85decbcf02}.TM.blf [MD5.AB9D570DB064CD52DACD37C5E0C922D9] - |A| - [29/05/2016 12:00:01] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\.%?v?t?u?ud{0fc7a8d8-223b-11e6-8e19-dc85decbcf02}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - |A| - [29/05/2016 12:00:01] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\.%?v?t?u?ud{0fc7a8d8-223b-11e6-8e19-dc85decbcf02}.TMContainer00000000000000000002.regtrans-ms [MD5.D79038ACC5ECA8F45867C0CF549B8134] - |A| - [05/06/2016 16:52:01] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\..???¥?¦?¦d [MD5.8F7CCFE351BCE5FD9223FB97D4BA9D44] - |A| - [05/06/2016 16:52:01] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\..???¥?¦?¦d.LOG1 [MD5.D1268A21DA69DCEAD34B849630789C78] - |A| - [05/06/2016 16:52:01] - (.-.) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\..???¥?¦?¦d.LOG2 [MD5.9B82163A828DC6837550750D6627F711] - |A| - [05/06/2016 16:52:01] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\..???¥?¦?¦d{4aef480b-29a5-11e6-8e1d-dc85decbcf02}.TM.blf [MD5.033CE1F336B0F65302327421C56B5868] - |A| - [05/06/2016 16:52:01] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\..???¥?¦?¦d{4aef480b-29a5-11e6-8e1d-dc85decbcf02}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - |A| - [05/06/2016 16:52:01] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\..???¥?¦?¦d{4aef480b-29a5-11e6-8e1d-dc85decbcf02}.TMContainer00000000000000000002.regtrans-ms [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:00:41] - [0 Ko] - C:\WINDOWS\SysWOW64\0409 [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [19/03/2019 06:45:19] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [19/03/2019 06:45:19] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [19/03/2019 06:45:22] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [19/03/2019 06:45:30] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@VpnToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [19/03/2019 06:45:13] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@WirelessDisplayToast.png [MD5.FC726DD94F4DD4028A976FCC4DBF0C43] - |A| - [15/12/2016 11:49:53] - (.Copyright © 2003-2012 by fccHandler - AC-3 ACM Codec.) - [120 Ko] - (2.2.0.0) - C:\WINDOWS\SysWOW64\ac3acm.acm [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [1856.8 Ko] - C:\WINDOWS\SysWOW64\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\af-ZA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\am-ET [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [174 Ko] - C:\WINDOWS\SysWOW64\ar-SA [MD5.7230E04E6BD86FFE4E1034D9B3B893A3] - |A| - [19/03/2019 06:45:59] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [520 Ko] - (3.3.2.0) - C:\WINDOWS\SysWOW64\archiveint.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\as-IN [MD5.8128B54EAA48F9C06B19A86C87752996] - |A| - [10/04/2015 06:05:27] - (.Copyright (C) 2010 - AsIO DLL.) - [28 Ko] - (1.0.0.4) - C:\WINDOWS\SysWOW64\AsIO.dll [MD5.A59FF80A5B67703026399E61C379BC53] - |A| - [16/05/2012 01:35:18] - (.© 2000-2011 Ben Rudiak-Gould and others - Avisynth video processing scripting language.) - [1694 Ko] - (2.6.0.3) - C:\WINDOWS\SysWOW64\avisynth.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\be-BY [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [147.5 Ko] - C:\WINDOWS\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\bn-BD [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\bn-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\bs-Latn-BA [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0.1 Ko] - C:\WINDOWS\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ca-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ca-ES-valencia [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\chr-CHER-US [MD5.7A0EDF100791FA09D6A9D9A036F130DF] - |A| - [29/09/2015 21:26:54] - (.-.) - [12.75 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CNC1749D.TBL [MD5.14DE41C80F0A31BFF200F73C6A5CBF2D] - |A| - [25/01/2018 20:02:20] - (.-.) - [94 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CNC178ED.TBL [MD5.0A294F1A46F4BCB5C4323FFEB276393D] - |A| - [29/09/2015 21:26:54] - (.Copyright CANON INC. 2010 All Rights Reserved - LLD.) - [300 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\CNC5200L.dll [MD5.7B0B9146146B111E2F3EA58C0F3B5756] - |A| - [29/09/2015 21:26:54] - (.Copyright CANON INC. 2010 All Rights Reserved - Scanner Driver.) - [104 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\CNC5200U.dll [MD5.BDB23D5C5B7640F6DA0FDD8D68E0064A] - |A| - [25/01/2018 20:02:20] - (.Copyright CANON INC. 2014 - LLD.) - [345.5 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\CNC_CSL.dll [MD5.D16CF34B17899F90A8FCF2A3F77B4A27] - |A| - [25/01/2018 20:02:20] - (.Copyright CANON INC. 2007-2008 All Rights Reserved - Canon Device Dependent Informations for Scanner Library.) - [15.5 Ko] - (1.4.1.1) - C:\WINDOWS\SysWOW64\CNHMCA.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [327 Ko] - C:\WINDOWS\SysWOW64\Com [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [149.61 Ko] - C:\WINDOWS\SysWOW64\config [MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:46] - [113.25 Ko] - C:\WINDOWS\SysWOW64\Configuration [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [206 Ko] - C:\WINDOWS\SysWOW64\cs-CZ [MD5.FDEF330575C8C8EAD815F58BB7A93ED3] - |A| - [14/01/2015 18:37:13] - (.Copyright 2011 - CSVer.) - [52 Ko] - (9.4.0.1026) - C:\WINDOWS\SysWOW64\CSVer.dll [MD5.A13ED3466516D2B60AC4EE4373ECE977] - |A| - [19/03/2019 06:45:59] - (.© 1996 - 2017 Daniel Stenberg, . - The curl executable.) - [377.5 Ko] - (7.55.1.0) - C:\WINDOWS\SysWOW64\curl.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\cy-GB [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [209.5 Ko] - C:\WINDOWS\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [231.5 Ko] - C:\WINDOWS\SysWOW64\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [19/03/2019 06:45:13] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\DefaultAccountTile.png [MD5.D27959321703B70120025A9356E89A7D] - |A| - [22/02/2004 17:11:00] - (.Copyright © 2000-2002 - DevIL: A portable image library in development.) - [703 Ko] - (0.1.6.5) - C:\WINDOWS\SysWOW64\devil.dll [MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:46] - [186 Ko] - C:\WINDOWS\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [7884.23 Ko] - C:\WINDOWS\SysWOW64\Dism [MD5.5F0291F743A717E5E90D5FCAA65F323B] - |A| - [10/07/2012 11:43:08] - (.© PoINT Software & Systems GmbH 1994-2012 - API of PoINT CD/DVD Audio/Video SDK.) - [741.38 Ko] - (11.0.0.226) - C:\WINDOWS\SysWOW64\DLLAV32.dll [MD5.B28BCDE12EF536157B0836F0E35BF0EE] - |A| - [10/07/2012 11:43:08] - (.© PoINT Software & Systems GmbH 1994-2012 - PoINT Shared DLL.) - [153.38 Ko] - (4.0.0.167) - C:\WINDOWS\SysWOW64\DLLCPY32.dll [MD5.46805CB8BCBB94C6AF09F2EB63D2F4E4] - |A| - [10/07/2012 11:43:08] - (.© PoINT Software & Systems GmbH 1994-2012 - PoINT Shared DLL.) - [221.38 Ko] - (4.0.0.306) - C:\WINDOWS\SysWOW64\DLLDEV32.dll [MD5.019B48C6A17FA8A329BC5DC10C82956E] - |A| - [27/04/2007 10:43:58] - (.-.) - [117.38 Ko] - (3.7.0.12) - C:\WINDOWS\SysWOW64\DLLDEV32i.dll [MD5.2E7B44A102611318AC9A6627A4A2FBF4] - |A| - [10/07/2012 11:43:06] - (.© PoINT Software & Systems GmbH 1994-2012 - PoINT Shared DLL.) - [213.38 Ko] - (4.0.0.393) - C:\WINDOWS\SysWOW64\DLLDRV32.dll [MD5.75D9D1AF69F397737150089723EDFA7A] - |A| - [10/07/2012 11:43:06] - (.© PoINT Software & Systems GmbH 1994-2012 - PoINT Shared DLL.) - [97.38 Ko] - (3.1.0.109) - C:\WINDOWS\SysWOW64\DLLIO32.dll [MD5.D621B9F4C9F0647BFBCE84D7C0F68E27] - |A| - [10/07/2012 11:43:06] - (.Copyright © PoINT Software & Systems GmbH 1994-2012 - PoINT Shared DLL.) - [81.38 Ko] - (3.3.0.59) - C:\WINDOWS\SysWOW64\DLLPNT32.dll [MD5.FAC8907FE85FB1C43E6E81D45D507278] - |A| - [10/07/2012 11:43:06] - (.© PoINT Software & Systems GmbH 1994-2010 - PoINT Shared DLL.) - [93.38 Ko] - (3.1.0.40) - C:\WINDOWS\SysWOW64\DLLPRF32.dll [MD5.C77A763D688D9D4C25D4D899F5491CBD] - |A| - [10/07/2012 11:43:04] - (.PoINT Software & Systems GmbH 1994-2012 - PoINT Shared DLL.) - [297.38 Ko] - (3.3.0.217) - C:\WINDOWS\SysWOW64\DLLRES32.dll [MD5.309D860FC8137E5FE9E7056C33B4B8BE] - |A| - [06/01/2004 11:43:26] - (.Copyright © 2001 - EAX Unified.) - [184 Ko] - (4.0.0.1) - C:\WINDOWS\SysWOW64\eax.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [234 Ko] - C:\WINDOWS\SysWOW64\el-GR [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:00:41] - [3118 Ko] - C:\WINDOWS\SysWOW64\en [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [135.5 Ko] - C:\WINDOWS\SysWOW64\en-GB [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [8136.23 Ko] - C:\WINDOWS\SysWOW64\en-US [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [221.5 Ko] - C:\WINDOWS\SysWOW64\es-ES [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [149.5 Ko] - C:\WINDOWS\SysWOW64\es-MX [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [135.5 Ko] - C:\WINDOWS\SysWOW64\et-EE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\eu-ES [MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:46] - [13122.15 Ko] - C:\WINDOWS\SysWOW64\F12 [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\fa-IR [MD5.0554D656B9DCAE7E3DA72659DFACB67A] - |A| - [15/12/2016 11:49:50] - (.Copyright © 2002-2013 - ffdshow VFW.) - [109.5 Ko] - (1.3.4533.0) - C:\WINDOWS\SysWOW64\ff_vfw.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [210.5 Ko] - C:\WINDOWS\SysWOW64\fi-FI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\fil-PH [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:00:41] - [3150 Ko] - C:\WINDOWS\SysWOW64\fr [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [153.5 Ko] - C:\WINDOWS\SysWOW64\fr-CA [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [8888.02 Ko] - C:\WINDOWS\SysWOW64\fr-FR [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ga-IE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\gd-GB [MD5.0E99E41940A81647285712AE3CF5C978] - |A| - [24/04/2019 15:40:46] - (.© G DATA Software AG. Tous droits réservés. - G DATA Device Control Message Resources.) - [16.42 Ko] - (2.0.19113.1300) - C:\WINDOWS\SysWOW64\gddcres.dll [MD5.2AF41ADE4AAF8ABEBC23565A21DDE9AB] - |A| - [24/04/2019 15:45:11] - (.© G DATA Software AG. Tous droits réservés. - Pack linguistique de l’économiseur d’écran G DATA Logiciel de sécurité.) - [15.92 Ko] - (25.1.19114.17) - C:\WINDOWS\SysWOW64\GDScrSv.fr.dll [MD5.83C1E41A7DCF0BC9DC779DB13B3D8B64] - |A| - [24/04/2019 00:17:45] - (.© G DATA Software AG. - G DATA Screensaver.) - [3813 Ko] - (25.1.19114.17) - C:\WINDOWS\SysWOW64\GdScrSv.scr [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\gl-ES [MD5.1E91815C329345AD54FE08BF7A98F749] - |A| - [19/03/2019 14:01:34] - (.Copyright (C) 2017 - Gracenote SDK component.) - [4073.5 Ko] - (3.10.5.5585) - C:\WINDOWS\SysWOW64\gnsdk_fp.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\gu-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ha-Latn-NG [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [166 Ko] - C:\WINDOWS\SysWOW64\he-IL [MD5.791F8E1C60E6466F93D792D375D8F1B5] - |A| - [19/03/2019 06:45:13] - (.-.) - [203.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\hi-IN [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [142.5 Ko] - C:\WINDOWS\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [212.5 Ko] - C:\WINDOWS\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\hy-AM [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [36.27 Ko] - C:\WINDOWS\SysWOW64\icsxml [MD5.659B216490380FBE2DC77DECC203E5ED] - |A| - [01/07/2019 18:34:44] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Combined Library.) - [1849.5 Ko] - (63.1.0.0) - C:\WINDOWS\SysWOW64\icu.dll [MD5.1EAD0C642EF0B2692D44A206CAD63C74] - |RA| - [19/03/2019 06:45:16] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [24 Ko] - (63.1.0.0) - C:\WINDOWS\SysWOW64\icuin.dll [MD5.9D459E0C31117F3A841D2EA00F7BC99C] - |RA| - [19/03/2019 06:45:16] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [28.5 Ko] - (63.1.0.0) - C:\WINDOWS\SysWOW64\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\id-ID [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ig-NG [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [21338.75 Ko] - C:\WINDOWS\SysWOW64\IME [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\inetsrv [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [213 Ko] - C:\WINDOWS\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [1160 Ko] - C:\WINDOWS\SysWOW64\InstallShield [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\Ipmi [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\is-IS [MD5.EDD400CC92C6D43F98D3D3AFC97C2559] - |A| - [10/04/2015 05:58:17] - (.-.) - [440.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ISSRemoveSP.exe [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [219 Ko] - C:\WINDOWS\SysWOW64\it-IT [MD5.FA2E1F09ED6C4C221E4513A7E815E13D] - |A| - [28/08/2013 00:00:08] - (.-.) - [1.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\IusEventLog.dll [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:26:26] - [3142 Ko] - C:\WINDOWS\SysWOW64\ja [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [6826.58 Ko] - C:\WINDOWS\SysWOW64\ja-JP [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ka-GE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\kk-KZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\km-KH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\kn-IN [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [154.5 Ko] - C:\WINDOWS\SysWOW64\ko-KR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\kok-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ku-Arab-IQ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ky-KG [MD5.FA425C74CE2EB719B2A77A7A2ADDAE32] - |A| - [15/12/2016 11:49:53] - (.Copyright © 2011 - Lagarith.) - [211 Ko] - (1.3.27.0) - C:\WINDOWS\SysWOW64\lagarith.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\lb-LU [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [625.17 Ko] - C:\WINDOWS\SysWOW64\Licenses [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\lo-LA [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\LogFiles [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [145.5 Ko] - C:\WINDOWS\SysWOW64\lt-LT [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [142 Ko] - C:\WINDOWS\SysWOW64\lv-LV [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [50509.45 Ko] - C:\WINDOWS\SysWOW64\Macromed [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:02:25] - [32.68 Ko] - C:\WINDOWS\SysWOW64\MailContactsCalendarSync [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\mi-NZ [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [2852.59 Ko] - C:\WINDOWS\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [812.8 Ko] - C:\WINDOWS\SysWOW64\migwiz [MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [19/03/2019 06:46:21] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\MixedRealityRuntime.json [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\mk-MK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ml-IN [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [19/03/2019 06:49:45] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\mmc.exe.config [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\mn-MN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\mr-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ms-MY [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [45.5 Ko] - C:\WINDOWS\SysWOW64\MSDRM [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [52.28 Ko] - C:\WINDOWS\SysWOW64\Msdtc [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\mt-MT [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [30.3 Ko] - C:\WINDOWS\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [207.5 Ko] - C:\WINDOWS\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ne-NP [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [51 Ko] - C:\WINDOWS\SysWOW64\networklist [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [218 Ko] - C:\WINDOWS\SysWOW64\nl-NL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\nn-NO [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\nso-ZA [MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:46] - [3781.5 Ko] - C:\WINDOWS\SysWOW64\Nui [MD5.9EA3CD2CB18622637DD032743D7750C9] - |A| - [11/11/2016 03:30:56] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\nv-vk32.json [MD5.B3B9C8925432FDA674ACCA908FE3CFDE] - |A| - [19/03/2019 07:00:31] - (.-.) - [36.79 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\OneDrive.ico [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [757.8 Ko] - C:\WINDOWS\SysWOW64\oobe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\or-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\pa-IN [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [79 Ko] - C:\WINDOWS\SysWOW64\PerceptionSimulation [MD5.6D0FFC73E13301EDCAE7D26DFCC9DE01] - |A| - [10/04/2015 05:56:00] - (.-.) - [2355.98 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [216.5 Ko] - C:\WINDOWS\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:00:41] - [1375.31 Ko] - C:\WINDOWS\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\prs-AF [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [214.5 Ko] - C:\WINDOWS\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [218 Ko] - C:\WINDOWS\SysWOW64\pt-PT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\quz-PE [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [23.75 Ko] - C:\WINDOWS\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\RasToast [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0.82 Ko] - C:\WINDOWS\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\restore [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [147.5 Ko] - C:\WINDOWS\SysWOW64\ro-RO [MD5.00000000000000000000000000000000] - |D| - [06/06/2017 23:27:03] - [4551.38 Ko] - C:\WINDOWS\SysWOW64\RTCOM [MD5.73B0CE289F75A103DFA3F5CDC9513970] - |A| - [10/04/2015 06:06:56] - (.-.) - [0.09 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\setup.log [MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [19/03/2019 06:46:09] - (.-.) - [19.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\srms-apr.dat [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\sru [MD5.EC1C75518F1AFF370C27B0EB8B09E932] - |A| - [19/03/2019 06:45:07] - (.-.) - [323 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ssdm.dll [MD5.D89190BEDE191ACEFA833CC0FA0DA3C5] - |A| - [10/07/2012 11:43:04] - (.© PoINT Software & Systems GmbH 1994-2012 - PoINT Shared DLL.) - [69.38 Ko] - (3.0.0.24) - C:\WINDOWS\SysWOW64\STRING32.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [209.5 Ko] - C:\WINDOWS\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\sw-KE [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:00:41] - [0 Ko] - C:\WINDOWS\SysWOW64\sysprep [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ta-IN [MD5.A3487FD8447683A4F74645C99E7CB255] - |A| - [19/03/2019 06:45:59] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [42.5 Ko] - (3.3.2.0) - C:\WINDOWS\SysWOW64\tar.exe [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\te-IN [MD5.21C60C44D0511D809DD8A381C4CE4E4D] - |A| - [01/07/2019 18:34:43] - (.-.) - [1075.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\tg-Cyrl-TJ [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [129 Ko] - C:\WINDOWS\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ti-ET [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\tk-TM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\tn-ZA [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [203.5 Ko] - C:\WINDOWS\SysWOW64\tr-TR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\tt-RU [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ug-CN [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [145 Ko] - C:\WINDOWS\SysWOW64\uk-UA [MD5.6C0B99BB629982510C1DA46E47AE6F6D] - |A| - [19/03/2019 06:45:16] - (.-.) - [45.56 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\umpdc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ur-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\uz-Latn-UZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\vi-VN [MD5.2F28B023406F83D17ACE4294E2510F44] - |A| - [09/09/2016 20:25:58] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [263.28 Ko] - (1.0.26.0) - C:\WINDOWS\SysWOW64\vulkan-1-1-0-26-0.dll [MD5.7B3AAC6D2DB9AAB0D1BD0CB753E4AF4D] - |A| - [14/02/2016 03:47:02] - (.-.) - [122.77 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkan-1-1-0-3-0.dll [MD5.2F28B023406F83D17ACE4294E2510F44] - |A| - [11/12/2016 13:27:43] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [263.28 Ko] - (1.0.26.0) - C:\WINDOWS\SysWOW64\vulkan-1.dll [MD5.6448CF3F64B96B8C72A9D5905F7C07B0] - |A| - [09/09/2016 20:25:28] - (.-.) - [108.28 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-26-0.exe [MD5.9D33E598C94B522D780B8023F9F5A207] - |A| - [14/02/2016 03:45:46] - (.-.) - [41.27 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-3-0.exe [MD5.6448CF3F64B96B8C72A9D5905F7C07B0] - |A| - [11/12/2016 13:27:43] - (.-.) - [108.28 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [21655.54 Ko] - C:\WINDOWS\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:00:41] - [0 Ko] - C:\WINDOWS\SysWOW64\WCN [MD5.69E4DB68C3968DF92346FDF8477A3D1B] - |A| - [19/03/2019 06:45:13] - (.-.) - [104.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [9709.65 Ko] - C:\WINDOWS\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:00:41] - [293.35 Ko] - C:\WINDOWS\SysWOW64\winrm [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\wo-SN [MD5.EEBA34D386EABA21DD998FEDC1A81D73] - |A| - [15/12/2016 11:49:52] - (.Copyright (C) 2003-2017 x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) - [3760 Ko] - (44.2851.44825.0) - C:\WINDOWS\SysWOW64\x264vfw.dll [MD5.246C62BF8A69AF9A9D1783F4548652BF] - |A| - [19/03/2019 06:45:13] - (.-.) - [62.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\xh-ZA [MD5.00000000000000000000000000000000] - |D| - [01/07/2019 18:05:26] - [19.8 Ko] - C:\WINDOWS\SysWOW64\XPSViewer [MD5.089182699CD0612DA4D0C6C74B3DA5FD] - |A| - [15/12/2016 11:49:52] - (.-.) - [678.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xvidcore.dll [MD5.C88705A1C8219902BE1D980505C44424] - |A| - [15/12/2016 11:49:52] - (.-.) - [278 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xvidvfw.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\yo-NG [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [137.5 Ko] - C:\WINDOWS\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [06/09/2014 22:51:24] - [0 Ko] - C:\WINDOWS\SysWOW64\zh-HANT [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 13:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\zh-HK [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [189 Ko] - C:\WINDOWS\SysWOW64\zh-TW [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\zu-ZA [MD5.B0F55FBC16DDF2E38ECFCF7A2B6C7A01] - |A| - [26/03/2017 12:00:02] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\¨ª?« [MD5.EB30F4E1DB61D3D3EBADE91066CF3B72] - |A| - [26/03/2017 12:00:02] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\¨ª?«.LOG1 [MD5.A223A13AAB2C3C0C479F15E2F6AC70A8] - |A| - [26/03/2017 12:00:02] - (.-.) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\¨ª?«.LOG2 [MD5.D9249B3FA973FAA4CDC593B92FD85DAD] - |A| - [26/03/2017 12:00:02] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\¨ª?«{013b8bb8-0f95-11e7-8e7f-dc85decbcf03}.TM.blf [MD5.54E683498FD4854DEB965EB12362B79B] - |A| - [26/03/2017 12:00:02] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\¨ª?«{013b8bb8-0f95-11e7-8e7f-dc85decbcf03}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - |A| - [26/03/2017 12:00:02] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\¨ª?«{013b8bb8-0f95-11e7-8e7f-dc85decbcf03}.TMContainer00000000000000000002.regtrans-ms [MD5.04E58AAC3D788D30BBF7972A352F259F] - |A| - [02/07/2017 12:00:02] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\p$?% [MD5.61D875D1A9CAC75C3EE86E5A36B7D8B5] - |A| - [02/07/2017 12:00:02] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\p$?%.LOG1 [MD5.22FBBCA23F83313BD5F7DDBB4F1D89EF] - |A| - [02/07/2017 12:00:02] - (.-.) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\p$?%.LOG2 [MD5.7BC7BA50C284D15BA118BA0D795F968D] - |A| - [02/07/2017 12:00:02] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\p$?%{a0a015cc-5d5b-11e7-8e8f-dc85decbcf03}.TM.blf [MD5.F1DDED7044BD8CFC1C35B9552F4F5E12] - |A| - [02/07/2017 12:00:02] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\p$?%{a0a015cc-5d5b-11e7-8e8f-dc85decbcf03}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - |A| - [02/07/2017 12:00:02] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\p$?%{a0a015cc-5d5b-11e7-8e8f-dc85decbcf03}.TMContainer00000000000000000002.regtrans-ms [MD5.9E626332060FB5DADBEFDCE7308F82B4] - |A| - [30/07/2017 16:07:16] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\???? [MD5.38C9C3055250CCC7EFB6E141F80EFE29] - |A| - [30/07/2017 16:07:16] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????.LOG1 [MD5.188AF9A149C65C853932C2D5DF9FC579] - |A| - [30/07/2017 16:07:16] - (.-.) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????.LOG2 [MD5.DC06ED1B0FC195DD2251E1E5EFEF53E9] - |A| - [30/07/2017 16:07:16] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????{576c3246-720e-11e7-8e92-dc85decbcf03}.TM.blf [MD5.17F7BDA89FEABD675318F0069B6ED573] - |A| - [30/07/2017 16:07:16] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????{576c3246-720e-11e7-8e92-dc85decbcf03}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - |A| - [30/07/2017 16:07:16] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????{576c3246-720e-11e7-8e92-dc85decbcf03}.TMContainer00000000000000000002.regtrans-ms [MD5.7FC723880EA83D3DD297B91956A8FC10] - |A| - [20/08/2017 13:28:18] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\???? [MD5.C72D671357267C470C3195B4631A949A] - |A| - [20/08/2017 13:28:18] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????.LOG1 [MD5.F937146CF6DB0017E0EA1155B77EE2FE] - |A| - [20/08/2017 13:28:18] - (.-.) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????.LOG2 [MD5.C8E61CA6FD7E81FE8D31D3CDD105D6AB] - |A| - [20/08/2017 13:28:18] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????{fb75c88e-843a-11e7-8e98-dc85decbcf03}.TM.blf [MD5.EDEAF566F3AE02BB601DAD6379381298] - |A| - [20/08/2017 13:28:18] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????{fb75c88e-843a-11e7-8e98-dc85decbcf03}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - |A| - [20/08/2017 13:28:18] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????{fb75c88e-843a-11e7-8e98-dc85decbcf03}.TMContainer00000000000000000002.regtrans-ms [MD5.0E2A216CF1D47A0B3DF09B3950D6775A] - |A| - [26/02/2017 17:34:31] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????! [MD5.9E6E027E49EAD3B3420CA80694343A92] - |A| - [26/02/2017 17:34:31] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????!.LOG1 [MD5.6CCDF18456A2E97CCDD0A983AF846BB9] - |A| - [26/02/2017 17:34:31] - (.-.) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????!.LOG2 [MD5.9D9E52FFFDBABF5D940B5380DDD95EF1] - |A| - [26/02/2017 17:34:31] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????!{9b16a5b7-fa68-11e6-8e7e-dc85decbcf03}.TM.blf [MD5.F2DCACCA7DE166A9F8F1B38083C654E5] - |A| - [26/02/2017 17:34:31] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????!{9b16a5b7-fa68-11e6-8e7e-dc85decbcf03}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - |A| - [26/02/2017 17:34:31] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????!{9b16a5b7-fa68-11e6-8e7e-dc85decbcf03}.TMContainer00000000000000000002.regtrans-ms [MD5.CBD5A15B0B5ED3569A8A2741036B5CCE] - |A| - [23/07/2017 12:00:03] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?f?g [MD5.21400295E51EB7807A6842A73D788D1C] - |A| - [23/07/2017 12:00:03] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?f?g.LOG1 [MD5.8D08A8679E5058B7F5EA77B370019D50] - |A| - [23/07/2017 12:00:03] - (.-.) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?f?g.LOG2 [MD5.5BBFF4DCC3F256999ACFE0825C00A3F0] - |A| - [23/07/2017 12:00:03] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?f?g{90975cd8-6e04-11e7-8e92-dc85decbcf03}.TM.blf [MD5.7B333DD37D4FCE5FA3EB9B10EABD383B] - |A| - [23/07/2017 12:00:03] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?f?g{90975cd8-6e04-11e7-8e92-dc85decbcf03}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - |A| - [23/07/2017 12:00:03] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?f?g{90975cd8-6e04-11e7-8e92-dc85decbcf03}.TMContainer00000000000000000002.regtrans-ms [MD5.33C0A703454098DCF6D2A5CEE085E50C] - |A| - [08/01/2017 13:00:02] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?Í?Î [MD5.207703E6728878114D9CB5A3163ED7A7] - |A| - [08/01/2017 13:00:02] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?Í?Î.LOG1 [MD5.4F9C52F75983BC7230916973C19763E0] - |A| - [08/01/2017 13:00:02] - (.-.) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?Í?Î.LOG2 [MD5.75E7E409765E9A5E9AC5CF18299AC587] - |A| - [08/01/2017 13:00:02] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?Í?Î{e248e1f9-d4f4-11e6-8e72-dc85decbcf02}.TM.blf [MD5.B94C90804BCF199BDA820AC5E98C32A0] - |A| - [08/01/2017 13:00:02] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?Í?Î{e248e1f9-d4f4-11e6-8e72-dc85decbcf02}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - |A| - [08/01/2017 13:00:02] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?Í?Î{e248e1f9-d4f4-11e6-8e72-dc85decbcf02}.TMContainer00000000000000000002.regtrans-ms [MD5.5A2D23907EC059E6A9A6B893F5D5A39F] - |A| - [27/08/2017 12:00:01] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?È?É [MD5.A75C4E1A4D1FB8FAF5B53B8034A47E8D] - |A| - [27/08/2017 12:00:01] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?È?É.LOG1 [MD5.0052420E3E9C1AC27202ADDEFF4BAC72] - |A| - [27/08/2017 12:00:01] - (.-.) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?È?É.LOG2 [MD5.4F78CA9D2E2106F48D41E8F4A82313E3] - |A| - [27/08/2017 12:00:01] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?È?É{73908abd-8a6e-11e7-8e98-dc85decbcf03}.TM.blf [MD5.6688798420CCA10B8C938F5D26BB5FD7] - |A| - [27/08/2017 12:00:01] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?È?É{73908abd-8a6e-11e7-8e98-dc85decbcf03}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - |A| - [27/08/2017 12:00:01] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?È?É{73908abd-8a6e-11e7-8e98-dc85decbcf03}.TMContainer00000000000000000002.regtrans-ms [MD5.DEA1DFF257B015EDA31C120F088BA520] - |A| - [18/06/2017 12:00:02] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?±?² [MD5.D87EA989FE5E510B7FDA877CA88C74FF] - |A| - [18/06/2017 12:00:02] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?±?².LOG1 [MD5.A4EB1B52E752DDF35AF25C74E71A1434] - |A| - [18/06/2017 12:00:02] - (.-.) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?±?².LOG2 [MD5.A947640B4D075F862574299CCCAB6DFA] - |A| - [18/06/2017 12:00:02] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?±?²{94911756-5407-11e7-8e8d-dc85decbcf03}.TM.blf [MD5.483C379040CE9B6E40AD02B525DBD720] - |A| - [18/06/2017 12:00:02] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?±?²{94911756-5407-11e7-8e8d-dc85decbcf03}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - |A| - [18/06/2017 12:00:02] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?±?²{94911756-5407-11e7-8e8d-dc85decbcf03}.TMContainer00000000000000000002.regtrans-ms [MD5.90FE948F2BEE64C2423DF88D50550106] - |A| - [06/08/2017 12:00:03] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\???? [MD5.3A467FE729DBACEDBDF961F7EC6BC387] - |A| - [06/08/2017 12:00:03] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????.LOG1 [MD5.23F8DB1949E95FBB14265D21EB6D2A2A] - |A| - [06/08/2017 12:00:03] - (.-.) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????.LOG2 [MD5.F790B79E76F12ACB2D27F652F5BA08B3] - |A| - [06/08/2017 12:00:03] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????{299f8b77-79b8-11e7-8e93-dc85decbcf03}.TM.blf [MD5.C2F6F5B44492EB702A6FCB3D9DFFA99E] - |A| - [06/08/2017 12:00:03] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????{299f8b77-79b8-11e7-8e93-dc85decbcf03}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - |A| - [06/08/2017 12:00:03] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????{299f8b77-79b8-11e7-8e93-dc85decbcf03}.TMContainer00000000000000000002.regtrans-ms [MD5.AC42EFFDE877FBFCFE8B94F8C98F24FD] - |A| - [09/07/2017 12:00:04] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?j?r [MD5.526A1F78B57E5030150EF935DE7E820C] - |A| - [09/07/2017 12:00:04] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?j?r.LOG1 [MD5.9615AA432C063E37866E5EEDF129017B] - |A| - [09/07/2017 12:00:04] - (.-.) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?j?r.LOG2 [MD5.860CD83295B064A2F2A34CB66F11C708] - |A| - [09/07/2017 12:00:04] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?j?r{02fdfa6b-628a-11e7-8e8f-dc85decbcf03}.TM.blf [MD5.2C547134C5ED0622E01B1C6F6735D37D] - |A| - [09/07/2017 12:00:04] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?j?r{02fdfa6b-628a-11e7-8e8f-dc85decbcf03}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - |A| - [09/07/2017 12:00:04] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?j?r{02fdfa6b-628a-11e7-8e8f-dc85decbcf03}.TMContainer00000000000000000002.regtrans-ms [MD5.E9297B151D3E978DDF8263F2FEF1AEAA] - |A| - [13/08/2017 16:34:06] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?Â?à [MD5.5A5EAC7E741B94EB997044411F68C6EF] - |A| - [13/08/2017 16:34:06] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?Â?Ã.LOG1 [MD5.5C757F3DFFB26D291846EC75446FA3F2] - |A| - [13/08/2017 16:34:06] - (.-.) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?Â?Ã.LOG2 [MD5.CDCACFB5E13D75D08C91C15ABEFA0E28] - |A| - [13/08/2017 16:34:06] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?Â?Ã{c87dc9cd-7f6a-11e7-8e96-dc85decbcf03}.TM.blf [MD5.F1C150D7CEE9063EE7CE0568D2455A68] - |A| - [13/08/2017 16:34:06] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?Â?Ã{c87dc9cd-7f6a-11e7-8e96-dc85decbcf03}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - |A| - [13/08/2017 16:34:06] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\?Â?Ã{c87dc9cd-7f6a-11e7-8e96-dc85decbcf03}.TMContainer00000000000000000002.regtrans-ms [MD5.B6DDBA7299BCE684D57C1B08535D7ED1] - |A| - [25/06/2017 12:00:02] - (.-.) - [32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\???? [MD5.FB06FC57518CB55C7668B6D85F5ACEA4] - |A| - [25/06/2017 12:00:02] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????.LOG1 [MD5.90A8A9361D7314CF22C0566816E357D4] - |A| - [25/06/2017 12:00:02] - (.-.) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????.LOG2 [MD5.40142567D67FA920287AD1D3200B5C88] - |A| - [25/06/2017 12:00:02] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????{4baea600-57f7-11e7-8e8f-dc85decbcf03}.TM.blf [MD5.13F7B059D22AD10F10563F1302360082] - |A| - [25/06/2017 12:00:02] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????{4baea600-57f7-11e7-8e8f-dc85decbcf03}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - |A| - [25/06/2017 12:00:02] - (.-.) - [512 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\????{4baea600-57f7-11e7-8e8f-dc85decbcf03}.TMContainer00000000000000000002.regtrans-ms ---------- | [Axel&Nico] [13/09/2016 12:53:50] - |D| - [101] - C:\Users\Axel&Nico\.oracle_jre_usage [01/12/2017 18:28:25] - |RD| - [298] - C:\Users\Axel&Nico\3D Objects [01/07/2019 18:16:59] - |HD| - [3301412115] - C:\Users\Axel&Nico\AppData [01/07/2019 18:16:59] - |SHD| - [0] - C:\Users\Axel&Nico\Application Data [28/09/2015 10:56:09] - |RD| - [412] - C:\Users\Axel&Nico\Contacts [01/07/2019 18:16:59] - |SHD| - [0] - C:\Users\Axel&Nico\Cookies [28/09/2015 10:55:47] - |RD| - [55342279059] - C:\Users\Axel&Nico\Desktop [28/09/2015 10:55:47] - |RD| - [17502559421] - C:\Users\Axel&Nico\Documents [28/09/2015 10:55:47] - |RD| - [13081714722] - C:\Users\Axel&Nico\Downloads [27/09/2016 16:45:42] - |RD| - [2760883] - C:\Users\Axel&Nico\Dropbox [28/09/2015 10:55:47] - |RD| - [908] - C:\Users\Axel&Nico\Favorites [28/09/2015 10:55:47] - |RD| - [3912] - C:\Users\Axel&Nico\Links [01/07/2019 18:16:59] - |SHD| - [0] - C:\Users\Axel&Nico\Local Settings [01/07/2019 18:16:59] - |SHD| - [0] - C:\Users\Axel&Nico\Menu Démarrer [01/07/2019 18:16:59] - |SHD| - [0] - C:\Users\Axel&Nico\Mes documents [01/12/2017 18:29:58] - |HD| - [4812931] - C:\Users\Axel&Nico\MicrosoftEdgeBackups [01/07/2019 18:16:59] - |SHD| - [0] - C:\Users\Axel&Nico\Modèles [28/09/2015 10:55:47] - |RD| - [1256466233] - C:\Users\Axel&Nico\Music [18/11/2016 19:03:16] - |D| - [0] - C:\Users\Axel&Nico\My Online Documents [01/07/2019 18:16:59] - |AH| - [12320768] - C:\Users\Axel&Nico\NTUSER.DAT [01/07/2019 18:16:59] - |ASH| - [3082240] - C:\Users\Axel&Nico\ntuser.dat.LOG1 [01/07/2019 18:16:59] - |ASH| - [3014656] - C:\Users\Axel&Nico\ntuser.dat.LOG2 [01/07/2019 18:16:59] - |ASH| - [65536] - C:\Users\Axel&Nico\NTUSER.DAT{7b6d6e52-9c22-11e9-b2de-086266a207fd}.TM.blf [01/07/2019 18:16:59] - |ASH| - [524288] - C:\Users\Axel&Nico\NTUSER.DAT{7b6d6e52-9c22-11e9-b2de-086266a207fd}.TMContainer00000000000000000001.regtrans-ms [01/07/2019 18:16:59] - |ASH| - [524288] - C:\Users\Axel&Nico\NTUSER.DAT{7b6d6e52-9c22-11e9-b2de-086266a207fd}.TMContainer00000000000000000002.regtrans-ms [01/07/2019 18:49:46] - |SH| - [20] - C:\Users\Axel&Nico\ntuser.ini [28/09/2015 20:05:24] - |RD| - [100] - C:\Users\Axel&Nico\OneDrive [28/09/2015 10:55:47] - |RD| - [65090850] - C:\Users\Axel&Nico\Pictures [25/04/2019 14:13:02] - |D| - [10542] - C:\Users\Axel&Nico\Praat [01/07/2019 18:16:59] - |SHD| - [0] - C:\Users\Axel&Nico\Recent [28/09/2015 10:55:47] - |RD| - [282] - C:\Users\Axel&Nico\Saved Games [28/09/2015 10:56:09] - |RD| - [1879] - C:\Users\Axel&Nico\Searches [01/07/2019 18:16:59] - |SHD| - [0] - C:\Users\Axel&Nico\SendTo [28/09/2015 10:55:47] - |RD| - [694] - C:\Users\Axel&Nico\Videos [01/07/2019 18:16:59] - |SHD| - [0] - C:\Users\Axel&Nico\Voisinage d'impression [01/07/2019 18:16:59] - |SHD| - [0] - C:\Users\Axel&Nico\Voisinage réseau [01/07/2019 18:16:59] - |D| - [2339935870] - C:\Users\Axel&Nico\AppData\Local [28/09/2015 10:55:49] - |D| - [6609244] - C:\Users\Axel&Nico\AppData\LocalLow [01/07/2019 18:16:59] - |D| - [954867001] - C:\Users\Axel&Nico\AppData\Roaming [31/12/2015 09:57:54] - |D| - [0] - C:\Users\Axel&Nico\AppData\Local\ActiveSync [02/10/2015 08:17:25] - |D| - [2342409] - C:\Users\Axel&Nico\AppData\Local\Adobe [04/05/2017 08:30:28] - |D| - [4832152] - C:\Users\Axel&Nico\AppData\Local\AirDC++ [26/04/2019 10:38:39] - |D| - [39128999] - C:\Users\Axel&Nico\AppData\Local\Apowersoft [01/07/2019 18:16:59] - |SHD| - [0] - C:\Users\Axel&Nico\AppData\Local\Application Data [28/09/2015 10:56:54] - |D| - [1690] - C:\Users\Axel&Nico\AppData\Local\ASUS [05/08/2016 19:04:08] - |D| - [0] - C:\Users\Axel&Nico\AppData\Local\Audacity [28/09/2015 10:55:56] - |A| - [1791] - C:\Users\Axel&Nico\AppData\Local\BTServer.log [01/09/2016 16:51:16] - |D| - [7500336] - C:\Users\Axel&Nico\AppData\Local\bunkus.org [28/06/2016 20:19:36] - |D| - [0] - C:\Users\Axel&Nico\AppData\Local\CEF [28/09/2015 20:02:35] - |D| - [32006168] - C:\Users\Axel&Nico\AppData\Local\Comms [02/09/2016 09:44:12] - |D| - [2246256] - C:\Users\Axel&Nico\AppData\Local\ConnectedDevicesPlatform [16/02/2016 15:32:32] - |D| - [57645170] - C:\Users\Axel&Nico\AppData\Local\CrashDumps [27/05/2018 13:41:02] - |D| - [68516] - C:\Users\Axel&Nico\AppData\Local\D3DSCache [07/06/2017 00:16:14] - |D| - [0] - C:\Users\Axel&Nico\AppData\Local\DBG [28/09/2015 21:35:12] - |D| - [0] - C:\Users\Axel&Nico\AppData\Local\Diagnostics [18/11/2017 18:07:26] - |D| - [113755592] - C:\Users\Axel&Nico\AppData\Local\Discord [27/11/2016 11:36:07] - |D| - [1963] - C:\Users\Axel&Nico\AppData\Local\Disc_Soft_Ltd [27/09/2016 16:41:51] - |D| - [268690] - C:\Users\Axel&Nico\AppData\Local\Dropbox [13/09/2016 12:57:59] - |D| - [1340252] - C:\Users\Axel&Nico\AppData\Local\fontconfig [28/09/2015 20:53:46] - |D| - [220094375] - C:\Users\Axel&Nico\AppData\Local\Google [28/09/2015 11:03:11] - |D| - [71] - C:\Users\Axel&Nico\AppData\Local\GWX [01/07/2019 18:16:59] - |SHD| - [0] - C:\Users\Axel&Nico\AppData\Local\Historique [01/07/2019 19:42:41] - |AH| - [12124] - C:\Users\Axel&Nico\AppData\Local\IconCache.db [02/10/2015 08:19:26] - |D| - [0] - C:\Users\Axel&Nico\AppData\Local\Macromedia [08/09/2018 14:11:26] - |D| - [776360] - C:\Users\Axel&Nico\AppData\Local\mbam [23/10/2018 17:29:41] - |D| - [235676] - C:\Users\Axel&Nico\AppData\Local\mbamtray [01/07/2019 18:16:59] - |D| - [411523279] - C:\Users\Axel&Nico\AppData\Local\Microsoft [30/09/2015 20:49:57] - |D| - [65404] - C:\Users\Axel&Nico\AppData\Local\Microsoft Help [28/09/2015 20:51:56] - |D| - [70882] - C:\Users\Axel&Nico\AppData\Local\MicrosoftEdge [30/09/2015 19:35:08] - |D| - [1033737319] - C:\Users\Axel&Nico\AppData\Local\Mozilla [28/09/2015 10:55:53] - |D| - [75595338] - C:\Users\Axel&Nico\AppData\Local\NVIDIA [28/09/2015 10:55:53] - |D| - [56235] - C:\Users\Axel&Nico\AppData\Local\NVIDIA Corporation [01/12/2017 18:03:03] - |D| - [312717143] - C:\Users\Axel&Nico\AppData\Local\Packages [24/12/2016 13:15:02] - |D| - [64] - C:\Users\Axel&Nico\AppData\Local\paint.net [25/01/2018 19:56:10] - |D| - [0] - C:\Users\Axel&Nico\AppData\Local\PlaceholderTileLogoFolder [28/09/2015 23:57:30] - |D| - [0] - C:\Users\Axel&Nico\AppData\Local\Programs [28/09/2015 20:03:23] - |D| - [841473] - C:\Users\Axel&Nico\AppData\Local\Publishers [07/06/2017 20:43:00] - |D| - [5185] - C:\Users\Axel&Nico\AppData\Local\Recovery [31/12/2015 10:23:19] - |D| - [2820] - C:\Users\Axel&Nico\AppData\Local\speech [06/11/2016 20:33:47] - |D| - [40911] - C:\Users\Axel&Nico\AppData\Local\SquirrelTemp [01/07/2019 18:16:59] - |D| - [2803605] - C:\Users\Axel&Nico\AppData\Local\Temp [01/07/2019 18:16:59] - |SHD| - [0] - C:\Users\Axel&Nico\AppData\Local\Temporary Internet Files [28/09/2015 20:02:27] - |D| - [19936198] - C:\Users\Axel&Nico\AppData\Local\TileDataLayer [07/10/2016 12:24:14] - |D| - [38032] - C:\Users\Axel&Nico\AppData\Local\Ubisoft [28/06/2016 20:17:45] - |D| - [3146] - C:\Users\Axel&Nico\AppData\Local\Ubisoft Game Launcher [28/09/2015 10:56:02] - |D| - [15504] - C:\Users\Axel&Nico\AppData\Local\VirtualStore [30/06/2019 19:43:01] - |D| - [224742] - C:\Users\Axel&Nico\AppData\Local\ZHP [09/06/2017 10:56:25] - |D| - [1110145] - C:\Users\Axel&Nico\AppData\LocalLow\Adobe [28/09/2015 10:57:55] - |SD| - [568049] - C:\Users\Axel&Nico\AppData\LocalLow\Microsoft [18/11/2016 17:55:58] - |D| - [3248128] - C:\Users\Axel&Nico\AppData\LocalLow\Mozilla [13/09/2016 12:53:00] - |D| - [1667072] - C:\Users\Axel&Nico\AppData\LocalLow\Oracle [13/09/2016 12:53:50] - |D| - [15850] - C:\Users\Axel&Nico\AppData\LocalLow\Sun [26/11/2017 18:37:21] - |D| - [0] - C:\Users\Axel&Nico\AppData\LocalLow\Temp [24/03/2018 19:32:58] - |A| - [539] - C:\Users\Axel&Nico\AppData\Roaming\.emacs [27/01/2018 18:27:06] - |D| - [0] - C:\Users\Axel&Nico\AppData\Roaming\.emacs.d [24/03/2018 19:33:42] - |A| - [540] - C:\Users\Axel&Nico\AppData\Roaming\.emacs~ [28/09/2015 10:56:03] - |D| - [5465405] - C:\Users\Axel&Nico\AppData\Roaming\Adobe [24/02/2017 17:51:17] - |D| - [167963594] - C:\Users\Axel&Nico\AppData\Roaming\Anki2 [26/04/2019 10:38:44] - |D| - [43014] - C:\Users\Axel&Nico\AppData\Roaming\Apowersoft [05/08/2016 19:04:08] - |D| - [1710] - C:\Users\Axel&Nico\AppData\Roaming\Audacity [21/10/2015 09:07:15] - |D| - [0] - C:\Users\Axel&Nico\AppData\Roaming\awsRun [15/01/2017 10:36:47] - |D| - [1495723] - C:\Users\Axel&Nico\AppData\Roaming\BitTorrent [08/07/2017 10:58:53] - |D| - [1816734] - C:\Users\Axel&Nico\AppData\Roaming\Canon [27/11/2016 11:06:37] - |D| - [0] - C:\Users\Axel&Nico\AppData\Roaming\DAEMON Tools Lite [03/12/2017 17:07:07] - |D| - [0] - C:\Users\Axel&Nico\AppData\Roaming\Daum [18/11/2017 18:08:04] - |D| - [61114117] - C:\Users\Axel&Nico\AppData\Roaming\discord [27/09/2016 16:42:45] - |D| - [307748] - C:\Users\Axel&Nico\AppData\Roaming\Dropbox [29/09/2015 19:50:45] - |D| - [22534755] - C:\Users\Axel&Nico\AppData\Roaming\Foxit Software [03/10/2015 10:33:10] - |D| - [1079838] - C:\Users\Axel&Nico\AppData\Roaming\Free Download Manager [03/10/2015 10:33:10] - |D| - [0] - C:\Users\Axel&Nico\AppData\Roaming\FreeDownloadManager.ORG [28/09/2015 21:52:41] - |A| - [0] - C:\Users\Axel&Nico\AppData\Roaming\gdfw.log [28/09/2015 21:52:40] - |A| - [779] - C:\Users\Axel&Nico\AppData\Roaming\gdscan.log [09/06/2018 17:40:03] - |D| - [340] - C:\Users\Axel&Nico\AppData\Roaming\Gpower2 [28/09/2015 10:58:13] - |D| - [0] - C:\Users\Axel&Nico\AppData\Roaming\Intel Corporation [30/12/2016 11:25:07] - |D| - [152] - C:\Users\Axel&Nico\AppData\Roaming\KUAIYA_TITLE [28/09/2015 10:58:04] - |D| - [2344] - C:\Users\Axel&Nico\AppData\Roaming\Macromedia [08/12/2016 01:22:16] - |D| - [20773437] - C:\Users\Axel&Nico\AppData\Roaming\MAGIX [22/05/2017 11:04:53] - |D| - [1214814] - C:\Users\Axel&Nico\AppData\Roaming\MediaInfo [01/07/2019 18:16:59] - |SD| - [65262892] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft [30/09/2015 19:35:08] - |D| - [539536686] - C:\Users\Axel&Nico\AppData\Roaming\Mozilla [15/12/2016 12:10:32] - |D| - [213] - C:\Users\Axel&Nico\AppData\Roaming\MPC-HC [17/11/2016 16:04:17] - |D| - [318026] - C:\Users\Axel&Nico\AppData\Roaming\Nero [20/02/2016 20:45:42] - |D| - [158703] - C:\Users\Axel&Nico\AppData\Roaming\NVIDIA [08/04/2016 23:55:32] - |D| - [342] - C:\Users\Axel&Nico\AppData\Roaming\PotPlayerMini64 [17/11/2016 16:02:09] - |D| - [48397297] - C:\Users\Axel&Nico\AppData\Roaming\Seagate [02/09/2016 09:50:08] - |D| - [76] - C:\Users\Axel&Nico\AppData\Roaming\Skype [13/09/2016 12:53:50] - |D| - [0] - C:\Users\Axel&Nico\AppData\Roaming\Sun [29/09/2015 23:35:00] - |D| - [13819009] - C:\Users\Axel&Nico\AppData\Roaming\vlc [28/09/2015 11:02:12] - |D| - [121351] - C:\Users\Axel&Nico\AppData\Roaming\WebStorage [09/10/2015 08:48:51] - |D| - [12] - C:\Users\Axel&Nico\AppData\Roaming\WinRAR [30/06/2019 19:43:01] - |D| - [3436811] - C:\Users\Axel&Nico\AppData\Roaming\ZHP [28/09/2015 10:56:09] - |SH| - [174] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [01/07/2019 18:16:59] - |SHD| - [0] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [02/09/2016 09:16:50] - |RD| - [47423] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [01/07/2019 18:16:59] - |RD| - [3888] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [01/07/2019 18:16:59] - |RD| - [2936] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [28/09/2015 10:56:10] - |RD| - [174] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [04/05/2017 08:30:08] - |D| - [3744] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AirDC++ [07/03/2016 17:12:20] - |A| - [545] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anki.lnk [13/09/2016 12:49:16] - |D| - [1191] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth [12/02/2017 11:50:15] - |A| - [1335] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\bittorrent.lnk [01/07/2019 18:16:59] - |SH| - [264] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [18/11/2017 18:08:05] - |D| - [0] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc [18/11/2017 18:19:03] - |A| - [1510] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord.lnk [12/02/2017 11:26:47] - |A| - [1087] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInfo64.lnk [12/02/2017 11:19:45] - |A| - [847] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\file_recovery.lnk [28/09/2015 21:28:09] - |A| - [1058] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fonctionnalités optionnelles.lnk [19/06/2018 09:30:04] - |A| - [1593] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\gMKVExtractGUI.lnk [06/11/2016 20:34:13] - |D| - [0] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc [22/05/2017 08:40:27] - |A| - [771] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JRT.lnk [01/07/2019 18:16:59] - |D| - [170] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [12/02/2017 11:37:14] - |A| - [1452] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\mbam.lnk [22/05/2017 08:21:29] - |A| - [893] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk [10/05/2018 16:28:39] - |A| - [2354] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive (1).lnk [01/07/2019 18:16:59] - |A| - [1105] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [28/09/2015 10:56:10] - |RD| - [174] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [01/07/2019 18:16:59] - |RD| - [4913] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [12/02/2017 11:21:59] - |A| - [824] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tdsskiller.lnk [28/06/2016 20:17:45] - |D| - [2420] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft [01/07/2019 18:16:59] - |RD| - [7754] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [29/09/2015 23:33:58] - |D| - [4421] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [28/09/2015 10:56:10] - |SH| - [174] - C:\Users\Axel&Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] [10/09/2015 07:54:19] - |RHD| - [61294] - C:\Users\Public\AccountPictures [22/08/2013 17:36:30] - |RHD| - [3666] - C:\Users\Public\Desktop [19/03/2019 06:49:35] - |ASH| - [174] - C:\Users\Public\desktop.ini [22/08/2013 17:36:30] - |RD| - [278] - C:\Users\Public\Documents [22/08/2013 17:36:30] - |RD| - [174] - C:\Users\Public\Downloads [14/01/2015 19:19:33] - |D| - [2278826] - C:\Users\Public\Foxit Software [19/03/2019 06:52:44] - |RHD| - [1135] - C:\Users\Public\Libraries [22/08/2013 17:36:30] - |RD| - [380] - C:\Users\Public\Music [28/09/2015 21:44:23] - |A| - [8192] - C:\Users\Public\NTUSER.DAT [28/09/2015 21:44:23] - |A| - [8192] - C:\Users\Public\NTUSER.DAT.LOG1 [28/09/2015 21:44:23] - |A| - [0] - C:\Users\Public\NTUSER.DAT.LOG2 [28/09/2015 21:44:23] - |ASH| - [65536] - C:\Users\Public\NTUSER.DAT{ab1246c8-6617-11e5-8d6f-dc85decbcf02}.TM.blf [28/09/2015 21:44:23] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{ab1246c8-6617-11e5-8d6f-dc85decbcf02}.TMContainer00000000000000000001.regtrans-ms [28/09/2015 21:44:23] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{ab1246c8-6617-11e5-8d6f-dc85decbcf02}.TMContainer00000000000000000002.regtrans-ms [22/08/2013 17:36:30] - |RD| - [1263209] - C:\Users\Public\Pictures [22/08/2013 17:36:30] - |RD| - [380] - C:\Users\Public\Videos ---------- | C:\ProgramData [09/06/2017 10:53:53] - |D| - [378385028] - C:\ProgramData\Adobe [01/07/2019 18:48:55] - |SHD| - [0] - C:\ProgramData\Application Data [10/04/2015 06:05:31] - |D| - [23958042] - C:\ProgramData\ASUS [14/01/2015 19:17:16] - |D| - [4065] - C:\ProgramData\ASUS WebStorage [28/09/2015 19:00:33] - |SHD| - [0] - C:\ProgramData\Bureau [29/09/2015 21:27:06] - |HD| - [56302707] - C:\ProgramData\CanonBJ [26/07/2017 18:39:05] - |HD| - [5531] - C:\ProgramData\CanonIJScan [08/07/2017 10:54:06] - |D| - [86797] - C:\ProgramData\CanonIJWSpt [16/07/2016 13:47:48] - |D| - [0] - C:\ProgramData\Comms [14/01/2015 19:18:52] - |D| - [52690731] - C:\ProgramData\CyberLink [27/11/2016 10:57:15] - |D| - [3020] - C:\ProgramData\DAEMON Tools Lite [01/07/2019 18:48:55] - |SHD| - [0] - C:\ProgramData\Documents [06/06/2017 23:27:10] - |A| - [0] - C:\ProgramData\DP45977C.lfl [03/12/2016 17:11:16] - |D| - [1904586] - C:\ProgramData\DriversCloud.com [27/09/2016 16:41:51] - |D| - [47894204] - C:\ProgramData\Dropbox [06/01/2016 16:22:28] - |D| - [827] - C:\ProgramData\Elcomsoft Password Recovery [21/10/2015 13:42:51] - |D| - [773768] - C:\ProgramData\Free Download Manager [03/10/2015 10:33:12] - |D| - [0] - C:\ProgramData\FreeDownloadManager.ORG [28/09/2015 21:49:14] - |D| - [466857916] - C:\ProgramData\G Data [28/09/2015 21:52:12] - |D| - [3654504] - C:\ProgramData\G DATA Software [14/01/2015 19:17:52] - |D| - [27676] - C:\ProgramData\install_clap [10/04/2015 05:55:46] - |D| - [11145166] - C:\ProgramData\Intel [30/09/2015 00:28:05] - |D| - [2831] - C:\ProgramData\IsolatedStorage [10/04/2015 06:08:17] - |D| - [5837072] - C:\ProgramData\MAGIX [28/09/2015 23:58:04] - |D| - [79708430] - C:\ProgramData\Malwarebytes [14/01/2015 19:20:05] - |D| - [176] - C:\ProgramData\McAfee [28/09/2015 19:00:33] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [19/03/2019 06:52:44] - |SD| - [1100152958] - C:\ProgramData\Microsoft [01/07/2019 18:53:58] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [28/09/2015 19:00:33] - |SHD| - [0] - C:\ProgramData\Modèles [30/01/2019 13:37:22] - |D| - [18566] - C:\ProgramData\Mozilla [17/11/2016 16:03:03] - |D| - [318026] - C:\ProgramData\Nero [10/04/2015 05:57:33] - |D| - [2422627] - C:\ProgramData\NVIDIA [06/06/2017 23:27:25] - |D| - [32703365] - C:\ProgramData\NVIDIA Corporation [13/09/2016 12:53:32] - |D| - [84093066] - C:\ProgramData\Oracle [14/01/2015 19:19:00] - |D| - [28154800] - C:\ProgramData\Package Cache [11/07/2018 09:42:57] - |D| - [65536] - C:\ProgramData\Packages [30/06/2016 10:58:29] - |D| - [6687] - C:\ProgramData\PMS [10/04/2015 06:02:25] - |D| - [10415298] - C:\ProgramData\Realtek [19/03/2019 06:52:44] - |D| - [5314] - C:\ProgramData\regid.1991-06.com.microsoft [08/07/2017 10:53:01] - |D| - [39936] - C:\ProgramData\SetupTemp [14/01/2015 19:26:16] - |D| - [26509312] - C:\ProgramData\Skype [19/03/2019 06:52:44] - |D| - [0] - C:\ProgramData\SoftwareDistribution [14/01/2015 19:17:53] - |D| - [362752] - C:\ProgramData\Temp [13/09/2016 12:49:45] - |D| - [58636261] - C:\ProgramData\UMS [19/03/2019 06:52:44] - |D| - [16911] - C:\ProgramData\USOPrivate [01/07/2019 18:10:18] - |D| - [1019904] - C:\ProgramData\USOShared [14/01/2015 19:17:16] - |D| - [4065] - C:\ProgramData\WebStorage [14/01/2015 19:19:54] - |D| - [852973] - C:\ProgramData\WildTangent [19/03/2019 14:02:58] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [19/03/2019 06:49:34] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [28/09/2015 19:00:33] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [19/03/2019 06:52:44] - |RD| - [184302] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [29/09/2015 20:07:45] - |D| - [1789] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [19/03/2019 06:52:44] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [19/03/2019 06:52:44] - |RD| - [14299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [09/06/2017 10:55:06] - |A| - [2457] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [19/03/2019 06:52:44] - |RD| - [22954] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [14/01/2015 19:13:40] - |D| - [8257] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS [05/08/2016 19:07:47] - |A| - [1099] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk [13/09/2016 12:49:15] - |D| - [4701] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth [15/01/2017 10:36:39] - |D| - [2024] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitTorrent [29/09/2015 21:28:08] - |D| - [1649] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series [25/01/2018 20:07:13] - |D| - [2444] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5700 series Manual [25/01/2018 20:03:46] - |D| - [4075] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [23/09/2017 11:08:07] - |D| - [970] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [14/01/2015 19:18:52] - |RD| - [1652] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3 [27/11/2016 11:06:37] - |D| - [951] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [08/04/2016 23:53:35] - |D| - [4290] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum [19/03/2019 06:49:34] - |ASH| - [400] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [03/12/2016 17:11:16] - |D| - [2988] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com [26/06/2019 08:07:38] - |D| - [1319] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox [06/01/2016 16:22:28] - |D| - [7583] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery [25/01/2018 20:07:33] - |D| - [2167] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enregistrement utilisateur de Canon MG5700 series [04/10/2018 10:05:45] - |A| - [2390] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk [30/09/2015 19:34:40] - |A| - [1239] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk [30/09/2015 00:27:01] - |D| - [5835] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager [03/05/2019 17:30:38] - |D| - [4303] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA TOTAL SECURITY [14/01/2015 19:19:56] - |RD| - [2730] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [27/01/2018 18:26:38] - |D| - [1229] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gnu Emacs [29/09/2015 20:03:42] - |A| - [2306] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [19/03/2019 06:46:39] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [10/04/2015 05:55:46] - |RD| - [2421] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [13/09/2016 12:53:44] - |D| - [6773] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [19/03/2019 06:52:44] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [04/10/2018 10:05:45] - |D| - [5033] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office ??? [01/09/2016 16:48:46] - |D| - [6606] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix [14/01/2015 19:36:33] - |A| - [1323] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk [04/10/2018 10:05:45] - |A| - [2394] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk [21/10/2016 08:37:50] - |D| - [2702] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016 [24/12/2016 13:16:15] - |A| - [1147] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk [14/01/2015 19:36:31] - |A| - [1392] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk [04/10/2018 10:05:45] - |A| - [2465] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk [30/06/2016 10:58:29] - |D| - [6004] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server [17/11/2016 16:03:05] - |D| - [2211] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard 2.0 [14/01/2015 19:27:22] - |D| - [1983] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [19/03/2019 06:52:44] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [19/03/2019 06:52:44] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [30/10/2015 21:03:03] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [28/02/2016 21:00:53] - |D| - [2116] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraStar Deluxe WorldParty [13/09/2016 12:49:45] - |D| - [6130] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Universal Media Server [13/09/2016 12:49:45] - |A| - [2008] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Universal Media Server.lnk [29/09/2015 20:09:06] - |D| - [5892] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [11/03/2016 19:16:13] - |D| - [2504] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0 [14/01/2015 19:19:56] - |A| - [2526] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - asus.lnk [29/09/2015 23:33:58] - |D| - [4349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [04/10/2018 10:05:45] - |A| - [2458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [19/03/2019 06:49:34] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [09/06/2017 10:54:39] - |D| - [377399015] - C:\Program Files (x86)\Adobe [14/01/2015 19:13:37] - |D| - [405953217] - C:\Program Files (x86)\ASUS [05/08/2016 19:07:40] - |AD| - [59592640] - C:\Program Files (x86)\Audacity [13/09/2016 12:49:15] - |D| - [4418601] - C:\Program Files (x86)\AviSynth [15/01/2017 10:36:39] - |AD| - [1111409] - C:\Program Files (x86)\BitTorrent [08/07/2017 10:58:54] - |D| - [32289115] - C:\Program Files (x86)\Canon [10/04/2015 05:58:41] - |D| - [3558495] - C:\Program Files (x86)\Cisco [19/03/2019 06:52:44] - |D| - [869645835] - C:\Program Files (x86)\Common Files [14/01/2015 19:18:41] - |D| - [229085281] - C:\Program Files (x86)\CyberLink [19/03/2019 06:49:34] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [27/09/2016 16:41:53] - |D| - [322726571] - C:\Program Files (x86)\Dropbox [06/01/2016 16:22:28] - |D| - [568501] - C:\Program Files (x86)\Elcomsoft [06/01/2016 16:22:28] - |AD| - [7561735] - C:\Program Files (x86)\Elcomsoft Password Recovery [30/09/2015 00:28:05] - |D| - [3017873] - C:\Program Files (x86)\FileHippo.com [03/12/2015 14:30:49] - |AD| - [512334478] - C:\Program Files (x86)\Foxit PhantomPDF [30/09/2015 00:26:58] - |AD| - [33828604] - C:\Program Files (x86)\Free Download Manager [28/09/2015 21:50:47] - |D| - [301916465] - C:\Program Files (x86)\G Data [28/09/2015 20:53:49] - |D| - [480777199] - C:\Program Files (x86)\Google [14/01/2015 18:52:14] - |HD| - [149130501] - C:\Program Files (x86)\InstallShield Installation Information [14/01/2015 18:37:12] - |D| - [17852755] - C:\Program Files (x86)\Intel [19/03/2019 06:52:44] - |D| - [2000761] - C:\Program Files (x86)\Internet Explorer [15/12/2016 11:49:39] - |AD| - [200832859] - C:\Program Files (x86)\K-Lite Codec Pack [16/02/2016 19:04:17] - |D| - [1670519] - C:\Program Files (x86)\Microsoft ASP.NET [14/01/2015 19:28:55] - |AD| - [3375224237] - C:\Program Files (x86)\Microsoft Office [05/04/2018 15:49:32] - |D| - [20466392] - C:\Program Files (x86)\Microsoft OneDrive [14/01/2015 19:36:28] - |AD| - [1829877] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [19/03/2019 06:52:44] - |D| - [8217279] - C:\Program Files (x86)\Microsoft.NET [21/06/2019 09:01:38] - |D| - [186986564] - C:\Program Files (x86)\Mozilla Firefox [30/09/2015 19:34:39] - |D| - [371621] - C:\Program Files (x86)\Mozilla Maintenance Service [01/07/2019 18:05:23] - |D| - [25757] - C:\Program Files (x86)\MSBuild [10/04/2015 06:08:19] - |AD| - [154033] - C:\Program Files (x86)\MSXML 4.0 [06/06/2017 23:27:20] - |D| - [253169928] - C:\Program Files (x86)\NVIDIA Corporation [30/06/2016 10:58:15] - |D| - [200942810] - C:\Program Files (x86)\PS3 Media Server [14/01/2015 18:52:14] - |D| - [17016071] - C:\Program Files (x86)\Realtek [10/04/2015 05:58:17] - |AD| - [9389359] - C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver [01/07/2019 18:05:23] - |D| - [40789249] - C:\Program Files (x86)\Reference Assemblies [17/11/2016 16:03:02] - |AD| - [210231352] - C:\Program Files (x86)\Seagate [14/01/2015 19:27:21] - |RD| - [25319419] - C:\Program Files (x86)\Skype [14/01/2015 18:52:14] - |HD| - [0] - C:\Program Files (x86)\Temp [01/11/2016 09:31:34] - |D| - [0] - C:\Program Files (x86)\Ubisoft [06/06/2017 23:27:31] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [13/09/2016 12:45:46] - |D| - [191603006] - C:\Program Files (x86)\Universal Media Server [29/09/2015 20:24:00] - |AD| - [399224] - C:\Program Files (x86)\uTorrent [11/03/2016 19:16:13] - |D| - [1394294] - C:\Program Files (x86)\VulkanRT [14/01/2015 19:19:54] - |D| - [15502679] - C:\Program Files (x86)\WildTangent Games [19/03/2019 06:52:44] - |D| - [1828368] - C:\Program Files (x86)\Windows Defender [14/01/2015 19:36:16] - |AD| - [163816659] - C:\Program Files (x86)\Windows Live [19/03/2019 06:52:44] - |D| - [625664] - C:\Program Files (x86)\Windows Mail [19/03/2019 14:02:58] - |D| - [3372909] - C:\Program Files (x86)\Windows Media Player [19/03/2019 14:02:58] - |D| - [39720] - C:\Program Files (x86)\Windows Multimedia Platform [19/03/2019 06:52:44] - |D| - [7758680] - C:\Program Files (x86)\Windows NT [19/03/2019 14:02:58] - |D| - [5355464] - C:\Program Files (x86)\Windows Photo Viewer [19/03/2019 14:02:58] - |D| - [39720] - C:\Program Files (x86)\Windows Portable Devices [19/03/2019 06:52:44] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [19/03/2019 06:52:44] - |D| - [3524411] - C:\Program Files (x86)\WindowsPowerShell ---------- | C:\Program Files [29/09/2015 20:07:45] - |D| - [4737583] - C:\Program Files\7-Zip [04/05/2017 08:30:02] - |AD| - [191920677] - C:\Program Files\AirDC++ [25/01/2018 20:07:27] - |D| - [13771952] - C:\Program Files\Canon [25/01/2018 20:01:37] - |HD| - [12867095] - C:\Program Files\CanonBJ [23/09/2017 11:08:04] - |AD| - [46405000] - C:\Program Files\CCleaner [19/03/2019 06:52:43] - |D| - [181410114] - C:\Program Files\Common Files [27/11/2016 11:06:34] - |D| - [38284759] - C:\Program Files\DAEMON Tools Lite [08/04/2016 23:53:30] - |D| - [101372666] - C:\Program Files\DAUM [19/03/2019 06:49:34] - |ASH| - [174] - C:\Program Files\desktop.ini [03/12/2016 17:11:16] - |AD| - [15221907] - C:\Program Files\DriversCloud.com [28/09/2015 19:00:33] - |SHD| - [0] - C:\Program Files\Fichiers communs [14/01/2015 19:13:08] - |AD| - [60787844] - C:\Program Files\Intel [19/03/2019 06:52:44] - |D| - [2661980] - C:\Program Files\Internet Explorer [13/09/2016 12:53:29] - |D| - [215704670] - C:\Program Files\Java [10/12/2016 12:33:02] - |D| - [170258289] - C:\Program Files\Malwarebytes [22/05/2017 08:21:29] - |D| - [19800884] - C:\Program Files\MediaInfo [29/09/2015 20:18:08] - |D| - [8979840] - C:\Program Files\Microsoft Office 15 [01/09/2016 16:48:43] - |D| - [76811836] - C:\Program Files\MKVToolNix [19/03/2019 06:52:44] - |D| - [0] - C:\Program Files\ModifiableWindowsApps [01/07/2019 18:05:23] - |D| - [25757] - C:\Program Files\MSBuild [06/06/2017 23:27:20] - |D| - [848541524] - C:\Program Files\NVIDIA Corporation [24/12/2016 13:16:00] - |AD| - [60664523] - C:\Program Files\paint.net [30/05/2018 17:17:10] - |D| - [48564104] - C:\Program Files\Realtek [01/07/2019 18:05:23] - |D| - [39993001] - C:\Program Files\Reference Assemblies [16/11/2018 09:14:46] - |D| - [38639249] - C:\Program Files\rempl [30/07/2015 23:52:28] - |HD| - [0] - C:\Program Files\Uninstall Information [02/06/2017 10:31:26] - |AD| - [9961472] - C:\Program Files\UNP [29/09/2015 20:08:56] - |D| - [176857799] - C:\Program Files\VideoLAN [19/03/2019 06:52:44] - |D| - [16281616] - C:\Program Files\Windows Defender [19/03/2019 06:52:44] - |D| - [636416] - C:\Program Files\Windows Mail [19/03/2019 14:02:58] - |D| - [4903825] - C:\Program Files\Windows Media Player [19/03/2019 14:02:58] - |D| - [47720] - C:\Program Files\Windows Multimedia Platform [19/03/2019 06:52:44] - |D| - [8094040] - C:\Program Files\Windows NT [19/03/2019 14:02:58] - |D| - [6172824] - C:\Program Files\Windows Photo Viewer [19/03/2019 14:02:58] - |D| - [47720] - C:\Program Files\Windows Portable Devices [19/03/2019 06:52:44] - |D| - [110373] - C:\Program Files\Windows Security [19/03/2019 06:52:44] - |SHD| - [0] - C:\Program Files\Windows Sidebar [19/03/2019 06:52:44] - |HD| - [5080006571] - C:\Program Files\WindowsApps [19/03/2019 06:52:44] - |D| - [3888365] - C:\Program Files\WindowsPowerShell [29/09/2015 23:33:16] - |AD| - [5459865] - C:\Program Files\WinRAR ---------- | C:\Program Files (x86)\Common Files [09/06/2017 10:54:39] - |AD| - [23594804] - C:\Program Files (x86)\Common Files\Adobe [14/01/2015 19:17:11] - |D| - [8191707] - C:\Program Files (x86)\Common Files\AWS [23/10/2018 08:46:52] - |D| - [23320] - C:\Program Files (x86)\Common Files\DESIGNER [28/09/2015 21:50:44] - |D| - [578991736] - C:\Program Files (x86)\Common Files\G Data [14/01/2015 18:52:12] - |D| - [3261625] - C:\Program Files (x86)\Common Files\InstallShield [10/04/2015 05:56:03] - |D| - [235145] - C:\Program Files (x86)\Common Files\Intel Corporation [19/04/2019 08:39:27] - |D| - [2036720] - C:\Program Files (x86)\Common Files\Java [10/04/2015 06:08:17] - |AD| - [0] - C:\Program Files (x86)\Common Files\MAGIX Services [19/03/2019 06:52:44] - |D| - [34911320] - C:\Program Files (x86)\Common Files\Microsoft Shared [14/01/2015 19:18:52] - |D| - [1485205] - C:\Program Files (x86)\Common Files\Nikon [19/04/2019 08:39:49] - |D| - [1540304] - C:\Program Files (x86)\Common Files\Oracle [10/04/2015 05:56:04] - |D| - [196972] - C:\Program Files (x86)\Common Files\postureAgent [19/03/2019 06:52:44] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [14/01/2015 19:27:21] - |AD| - [2399872] - C:\Program Files (x86)\Common Files\Skype [19/03/2019 06:52:44] - |D| - [9949579] - C:\Program Files (x86)\Common Files\System [14/01/2015 19:34:47] - |D| - [202824824] - C:\Program Files (x86)\Common Files\Windows Live ---------- | C:\Program Files\Common files [18/01/2018 17:13:34] - |D| - [1848464] - C:\Program Files\Common files\AV [14/01/2015 19:20:08] - |D| - [379872] - C:\Program Files\Common files\McAfee [19/03/2019 06:52:43] - |D| - [168389817] - C:\Program Files\Common files\microsoft shared [19/03/2019 06:52:44] - |D| - [2702] - C:\Program Files\Common files\Services [19/03/2019 06:52:44] - |D| - [10789259] - C:\Program Files\Common files\System ---------- | Tasks [MD5.ED9A8934C3C1186D58424758EE953821] - [27/09/2016 16:41:53] - |A| - [1220] - C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job [MD5.2FEB24D0917D901BCA6C6A68D15ECB67] - [27/09/2016 16:41:54] - |A| - [1224] - C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [01/07/2019 18:48:16] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.5EE72231EA3B109343C943A8BD9C71BC] - [01/07/2019 18:48:16] - |A| - [3482] - C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.49D9A36856E538943C8AEC3532E492E8] - [01/07/2019 18:48:16] - |A| - [3924] - C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier : C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe [MD5.77CD8253172A88038B76F72C03B6554D] - [01/07/2019 18:48:16] - |A| - [3450] - C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater : C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.00000000000000000000000000000000] - [01/07/2019 18:48:16] - |D| - [16088] - C:\WINDOWS\System32\Tasks\ASUS [MD5.053F8666B5FA93900CD092178077850F] - [01/07/2019 18:48:16] - |A| - [2818] - C:\WINDOWS\System32\Tasks\Axel&Nico DBAgent 2 0 : "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" [MD5.B5274D15395F36AEE6F249B4B6E0D237] - [01/07/2019 18:48:16] - |A| - [2988] - C:\WINDOWS\System32\Tasks\CCleaner Update : C:\Program Files\CCleaner\CCUpdate.exe [MD5.4AFA4A47510E1D98AFA0A5AF97FBBAC7] - [01/07/2019 18:48:16] - |A| - [2220] - C:\WINDOWS\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.9A89A3ADB2BB0CBCE825CA05FF0186C5] - [01/07/2019 18:48:16] - |A| - [3522] - C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore : C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [MD5.A5FC08A56F2E8D3B8CE2C1C86B9919DD] - [01/07/2019 18:48:16] - |A| - [3746] - C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA : C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [MD5.D137CB3EA23195A536625D8EFDD3D86E] - [01/07/2019 18:48:16] - |A| - [3292] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.20076F19BAFA81CA86AAFFF44BB58D9E] - [01/07/2019 18:48:16] - |A| - [3516] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.136B9A542F2BC222168B130690D6F9A5] - [01/07/2019 18:48:16] - |A| - [3034] - C:\WINDOWS\System32\Tasks\klcp_update : CodecTweakTool.exe [MD5.00000000000000000000000000000000] - [19/03/2019 06:52:45] - |D| - [678444] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.BD62D94CC7603FD9DCA7969A13EF4895] - [01/07/2019 18:48:16] - |A| - [2862] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2779967726-3164674173-1318877449-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.17BC8D1E2E5E2F3E2086FEE3A3A85C42] - [01/07/2019 18:48:16] - |A| - [2940] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2779967726-3164674173-1318877449-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.00000000000000000000000000000000] - [01/07/2019 18:48:16] - |D| - [3032] - C:\WINDOWS\System32\Tasks\S-1-5-21-2779967726-3164674173-1318877449-1001 [MD5.21301F9740E49506BE362DFF7875BDD1] - [01/07/2019 18:48:16] - |A| - [2824] - C:\WINDOWS\System32\Tasks\Seagate_Install_Launch : C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [MD5.00000000000000000000000000000000] - [19/03/2019 06:52:46] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "WiFiDirect-KM-Driver-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "DeliveryOptimization-TCP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "Netlogon-NamedPipe-In"=v2.30|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.30|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Infra-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "{CA8B2BDC-E62F-4FC9-A1BD-0037476DADA2}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox Game Bar Plugin|Desc=Xbox Game Bar Plugin|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-1823635404-1364722122-2170562666-1762391777-2399050872-3465541734-3732476201|EmbedCtxt=Xbox Game Bar Plugin|Platform=2:6:2|Platform2=GTEQ| "{ED00E643-79DA-40F1-B75B-B45E6A511C99}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{8AAD0F1F-706B-47A4-949D-7C45BB2562F3}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{9651DFCB-6EBA-4073-B7E7-587F46C75E92}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{8C822C8E-3F05-44DF-B3CA-061CE2940F21}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ| "{F4BBFAAB-26B9-4C9B-BA38-833685D1633E}"=v2.28|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe|Name=Dropbox| "{F6D656C4-DFC1-4F1C-998B-68759897BE98}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=LINE|Desc=LINE|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-3154901008-2849271269-1294263849-4111868753-1430083361-3789501531-791294240|EmbedCtxt=LINE|Platform=2:6:2|Platform2=GTEQ| "{A5F2D17D-E53E-4576-BEEF-730DA363425A}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "{ED237655-30C9-42C2-AFB2-8C49D71213C4}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{53F6F715-CB62-4F0F-B0BA-B2BC12B95D03}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{2D683C6D-6CC4-41DD-94A4-86FEE72CC870}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{80BF1A43-EB13-49C2-B193-8B97C27B9D83}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{0000CB85-BBA9-4CCC-894E-97F5CD13B930}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Fresh Paint|Desc=Fresh Paint|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-753205055-3642759886-2300710532-466079404-1496176425-3605778055-1481226570|EmbedCtxt=Fresh Paint|Platform=2:6:2|Platform2=GTEQ| "{9AD92B3A-9355-4662-ACEB-B706CFC900C0}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=3D Builder|Desc=3D Builder|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-3995430443-3719053022-3339397951-2895237338-2437516106-1575886070-2755610054|EmbedCtxt=3D Builder|Platform=2:6:2|Platform2=GTEQ| "{DF89341A-2FE6-4ED1-821A-CEF8E6ACA012}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Canon Inkjet Print Utility|Desc=Canon Inkjet Print Utility|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-115199243-2764431856-1086699609-1912897127-1214238601-531789971-2447004905|EmbedCtxt=Canon Inkjet Print Utility|Platform=2:6:2|Platform2=GTEQ| "{BEF005C9-007C-4D98-AFCB-7D450B6F36A4}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Canon Inkjet Print Utility|Desc=Canon Inkjet Print Utility|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-115199243-2764431856-1086699609-1912897127-1214238601-531789971-2447004905|EmbedCtxt=Canon Inkjet Print Utility|Platform=2:6:2|Platform2=GTEQ| "{14AEF1C9-36B5-41A1-A996-50AF46807E4E}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Sway|Desc=Sway|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ| "{6BD3173A-5BE2-4E0E-AEBB-6951A0EB285F}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|App=C:\Users\Axel&Nico\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe|Name=Online Video Converter| "{67FA191E-6986-41AA-B5BB-1455185F84B5}"=v2.28|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\Axel&Nico\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe|Name=Online Video Converter| "{244513B6-FFF8-4BC8-86F9-8077858512FC}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|App=C:\Users\Axel&Nico\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe|Name=Apowersoft Online Launcher| "{F633D54F-494C-49FD-ACF5-08ECBDFDDCAA}"=v2.28|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\Axel&Nico\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe|Name=Apowersoft Online Launcher| "{B9EFFD4D-76E6-4352-AC14-EBB8BFBCCABD}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{BFAE1F1B-785C-42BC-8AC5-0B0CE59B34E0}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{2321BCA7-60EA-4B52-8189-51A8391DC2C1}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\CCleaner\CCUpdate.exe|Name=CCleaner Update| "{64E3C673-C67E-4D92-8554-15B5A01A302B}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\CCleaner\CCUpdate.exe|Name=CCleaner Update| "{733E69BC-BB2F-41CE-A63D-AE2AF02ED588}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ| "{3F2A8257-4699-4233-B4AD-8A893C197605}"=v2.24|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{345F8641-0553-4502-8303-A879B92D0398}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{8051C171-DBBE-45E2-B957-DA0AAE10D4D7}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (SSDP)| "{DBB84499-492B-4ADA-8E54-0B806562AB15}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (UPnP)| "{D16C5935-69C0-44E4-A2E0-007B3EF1038E}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe|Name=Windows Live Communications Platform|Edge=TRUE| "{4282FE99-8560-4BC7-9576-5F3ED84E263F}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=CheckPoint.VPN|Desc=CheckPoint.VPN|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=CheckPoint.VPN|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=CheckPoint.VPN|Desc=CheckPoint.VPN|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=CheckPoint.VPN|Platform=2:6:2|Platform2=GTEQ| "{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{9E3D57FC-7C37-4424-9352-4831E97D029D}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{F77E5446-4378-4E99-8B7A-7061AAAEA193}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=f5.vpn.client|Desc=f5.vpn.client|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=f5.vpn.client|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{F64300AD-D559-4000-BD45-0997BCC8E70A}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=f5.vpn.client|Desc=f5.vpn.client|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=f5.vpn.client|Platform=2:6:2|Platform2=GTEQ| "{EC799E33-72BA-42D7-9127-DEFE68F9799D}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=JuniperNetworks.JunosPulseVpn|Desc=JuniperNetworks.JunosPulseVpn|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=JuniperNetworks.JunosPulseVpn|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{D6980480-941A-4DF6-AB81-3734ECD3D779}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=JuniperNetworks.JunosPulseVpn|Desc=JuniperNetworks.JunosPulseVpn|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=JuniperNetworks.JunosPulseVpn|Platform=2:6:2|Platform2=GTEQ| "{560448D6-095C-4907-B046-AC7F710701A7}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=SonicWALL.MobileConnect|Desc=SonicWALL.MobileConnect|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL.MobileConnect|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=SonicWALL.MobileConnect|Desc=SonicWALL.MobileConnect|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL.MobileConnect|Platform=2:6:2|Platform2=GTEQ| "{390E2312-BBB0-4EBF-80D0-1940124A5BC1}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=ASUS Welcome|Desc=ASUS Welcome|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-1791334737-3644637894-912171476-726613620-3748997741-2897954968-3492054033|EmbedCtxt=ASUS Welcome|Platform=2:6:2|Platform2=GTEQ| "{5EDC1555-243D-414B-B995-F89BB8A71902}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=JigsWar recommended by ASUS|Desc=Jigswar|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-3699438345-764867176-607887312-443883014-4288786640-4203541789-1524562109|EmbedCtxt=JigsWar recommended by ASUS|Platform=2:6:2|Platform2=GTEQ| "{29EEC932-EB89-4CBF-A964-2C970FCAF16C}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=ASUS WebStorage|Desc=ASUS WebStorage|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-2379699041-582217313-309184701-132115402-2983263408-230732246-1589285292|EmbedCtxt=ASUS WebStorage|Platform=2:6:2|Platform2=GTEQ| "{1BF9C504-59EB-4908-87DC-776A160A0368}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=ASUS WebStorage|Desc=ASUS WebStorage|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-2379699041-582217313-309184701-132115402-2983263408-230732246-1589285292|EmbedCtxt=ASUS WebStorage|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{7878CB9A-940D-4677-878F-DF36440505E4}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|LPort=8888|Name=BiuHTTP| "{7CF92B75-CB3B-42C8-ADF9-5200B24B8477}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\DriversCloud.exe|Name=DriversCloud| "{B0035575-426C-49D9-8F43-57EE7579D014}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\DriversCloud.exe|Name=DriversCloud| "{2C9E97ED-D846-472E-AE68-3BA7527E1721}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=8888|Name=BiuHTTP| "{A4A3513D-33A9-43C0-B162-BA4869FD9307}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{A6F82101-64A1-4B9C-9FA6-84D15F58BB76}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Shell Input Application|Desc=Shell Input Application|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-3945102849-3632965805-3846928828-240845225-3300287824-62672950-817265009|EmbedCtxt=Shell Input Application|Platform=2:6:2|Platform2=GTEQ| "{8B3C8C10-2252-4945-9F3E-8034C3A534FA}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Pay|Desc=Microsoft Pay|LUOwn=S-1-5-21-2779967726-3164674173-1318877449-1001|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Microsoft Pay|Platform=2:6:2|Platform2=GTEQ| "{A1E94E83-4B0E-4DEC-BCB3-3BC4A52C2922}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe|Name=ASUS WiFi GO Server TCP|Desc=|Edge=TRUE| "{842E0A59-55E4-412E-B0D0-DDFE11FD39DA}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe|Name=ASUS WiFi GO Server UDP|Desc=|Edge=TRUE| "{2448F8B7-4E40-461C-808C-73F7B22EC405}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\ASUSDMS.exe|Name=ASUS WiFi GO DMS TCP|Desc=|Edge=TRUE| "{382FDC66-E596-4388-813F-12FE614F679C}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\ASUSDMS.exe|Name=ASUS WiFi GO DMS UDP|Desc=|Edge=TRUE| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @c_media.inf,%ClassDesc%;Sound, video and game controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b2728d24-ac56-42db-9e02-8edaf5db652f}] : (RDCamera) [] -> @rdcameradriver.inf,%ClassName%;Remote Desktop Camera devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e6f1aa1c-7f3b-4473-b2e8-c97d8ac71d53}] : (UCM) [] -> @c_ucm.inf,%ClassDesc%;USB Connector Managers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [10/04/2015 06:06:38] - (0.0.0.0) - ( -) - C:\WINDOWS\System32\Drivers\assdv2.sys [28/09/2015 21:52:58] - (4.9.16258.316) - (G DATA Software AG - G DATA TS4nt SCE Driver) - C:\WINDOWS\System32\Drivers\TS4nt.sys [28/09/2015 21:52:41] - (3.1.19091.1382) - (G Data Software AG - Registry Filter (Retpoline)) - C:\WINDOWS\system32\drivers\HookCentre.sys [28/09/2015 21:52:40] - (1.0.19091.1379) - (G Data Software AG - Filesystem MiniInterceptor (Mini Filter Retpoline)) - C:\WINDOWS\system32\drivers\MiniIcpt.sys [28/09/2015 21:52:58] - (2.0.16258.283) - (G DATA Software AG - G DATA Device Control FSFilter Driver) - C:\WINDOWS\system32\drivers\gddcv64.sys [30/09/2015 08:13:29] - (2.0.17143.577) - (G Data Software - G Data Rootkit Detector Driver) - C:\WINDOWS\system32\drivers\GRD.sys [28/09/2015 21:52:44] - (3.8.19090.1299) - (G DATA Software AG - G DATA WFP Callout Driver (6.3)) - C:\WINDOWS\system32\drivers\gdwfpcd64.sys [10/04/2015 06:07:07] - (0.0.0.0) - ( -) - C:\WINDOWS\SysWow64\drivers\AsUpIO.sys [10/04/2015 06:05:27] - (0.0.0.0) - ( -) - C:\WINDOWS\SysWow64\drivers\AsIO.sys [11/11/2016 07:53:22] - (21.21.13.7563) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 375.63) - C:\WINDOWS\System32\DriverStore\FileRepository\nvak.inf_amd64_791beb67a268df58\nvlddmkm.sys [28/09/2015 21:52:57] - (2.0.16258.283) - (G DATA Software AG - G DATA Device Control DevFilter Driver) - C:\WINDOWS\system32\drivers\gddcd64.sys [18/06/2016 09:28:59] - (1.2.40.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\WINDOWS\system32\drivers\nvvad64v.sys [27/11/2016 11:33:52] - (3.4.0.0) - (Disc Soft Ltd - DAEMON Tools Lite Virtual USB Bus Driver) - C:\WINDOWS\System32\drivers\dtliteusbbus.sys [27/11/2016 11:06:39] - (5.28.0.0) - (Disc Soft Ltd - DAEMON Tools Lite Virtual SCSI Bus Driver) - C:\WINDOWS\System32\drivers\dtlitescsibus.sys [11/11/2016 07:52:48] - (1.3.34.17) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\WINDOWS\system32\drivers\nvhda64v.sys [28/09/2015 23:46:38] - (1.0.15334.325) - (G Data Software AG - G Data Security Software G DATA GDKBB) - C:\WINDOWS\system32\drivers\GDKBB64.sys [28/09/2015 21:52:58] - (1.0.16270.354) - (G DATA Software AG - G DATA Security Software G DATA GDKBFlt) - C:\WINDOWS\system32\drivers\GDKBFlt64.sys [03/05/2019 17:31:03] - (4.1.19091.1392) - (G Data Software AG - WFP PktInterceptor 2 (Pkt2 Filter Retpoline)) - C:\WINDOWS\system32\drivers\PktIcpt.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - amdkmpfd (@oem28.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter) -> System32\drivers\amdkmpfd.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - assdv2 (assdv2) -> (?) - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - bttflt (@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter) -> System32\drivers\bttflt.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - cht4iscsi () -> System32\drivers\cht4sx64.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - GDElam (GDElam) -> system32\DRIVERS\GDElam.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - iaStorA () -> System32\drivers\iaStorA.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - iaStorAVC (@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller) -> System32\drivers\iaStorAVC.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-101) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - ItSas35i () -> System32\drivers\ItSas35i.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - MbamElam (MbamElam) -> system32\DRIVERS\MbamElam.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas35i () -> System32\drivers\megasas35i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - mfeelamk (McAfee Inc. mfeelamk) -> system32\drivers\mfeelamk.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;Pilote de bus PCI) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> system32\DRIVERS\ramdisk.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - SgrmAgent (@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001) -> system32\drivers\SgrmAgent.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SmartSAMD () -> System32\drivers\SmartSAMD.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - TS4NT (TS4nt driver) -> System32\Drivers\TS4nt.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - afunix (afunix) -> \SystemRoot\system32\drivers\afunix.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - bam (@%SystemRoot%\system32\drivers\bam.sys,-100) -> system32\drivers\bam.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_25ab9510fd18cfda\BasicDisplay.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_9ff437f462543a42\BasicRender.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - gddcv (G Data DCV Driver) -> \??\C:\WINDOWS\system32\drivers\gddcv64.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GDMnIcpt (GDMnIcpt) -> \??\C:\WINDOWS\system32\drivers\MiniIcpt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - gdwfpcd (G Data WFP CD) -> system32\drivers\gdwfpcd64.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GRD (G Data Rootkit Detector Driver) -> \??\C:\WINDOWS\system32\drivers\GRD.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - HookCentre (HookCentre) -> \??\C:\WINDOWS\system32\drivers\HookCentre.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> system32\drivers\cldflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) [HKU\S-1-5-21-2779967726-3164674173-1318877449-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\BitTorrent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Easy-WebPrint EX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\PROSetDX] : (Intel(R) Network Connections 18.5.54.0.-.Intel) -> MsiExec.exe /i{4B5B6BB3-DA04-4B56-AE17-DDBF3F446888} ARPREMOVE=1 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{02D89175-E08F-401B-BA30-8B7512B57724}] : (paint.net.-.dotPDN LLC) -> MsiExec.exe /X{02D89175-E08F-401B-BA30-8B7512B57724} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{23170F69-40C1-2702-0938-000001000000}] : (7-Zip 9.38 (x64 edition).-.Igor Pavlov) -> MsiExec.exe /I{23170F69-40C1-2702-0938-000001000000} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F64180211F0}] : (Java 8 Update 211 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180211F0} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4B5B6BB3-DA04-4B56-AE17-DDBF3F446888}] : (Intel(R) Network Connections 18.5.54.0.-.Intel) -> MsiExec.exe /i{4B5B6BB3-DA04-4B56-AE17-DDBF3F446888} ARPREMOVE=1 ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{54F2237F-018C-483B-8884-9FC0D88840C3}] : (VC_CRT_x64.-.Intel Corporation) -> MsiExec.exe /I{54F2237F-018C-483B-8884-9FC0D88840C3} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> MsiExec.exe /I{93F692D4-0C4D-4EED-9BFE-657C1D5959FE} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AEEC522D-38DD-46FD-9367-3E32F51B3A42}] : (DriversCloud.com (64 bits).-.Cybelsoft) -> MsiExec.exe /X{AEEC522D-38DD-46FD-9367-3E32F51B3A42} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel] : (Ansel.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 375.63.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (Mises à jour NVIDIA 2.11.4.0.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (SHIELD Streaming.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer] : (NVIDIA Display Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS] : (NVIDIA Display Container LS.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 1.2.40.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B5E06417-A4AC-4225-B36E-7E34C91616E7}] : (Intel® Trusted Connect Service Client.-.Intel Corporation) -> MsiExec.exe /I{B5E06417-A4AC-4225-B36E-7E34C91616E7} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AirDC++] : (AirDC++ 3.31 (remove only).-.AirDC++ Team) -> "C:\Program Files\AirDC++\uninstall.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Free Download Manager_is1] : (Free Download Manager 3.9.6.-.FreeDownloadManager.ORG) -> "C:\Program Files (x86)\Free Download Manager\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\UltraStar Deluxe WorldParty] : (UltraStar Deluxe WorldParty.-.USDX Team & zup3r_vock) -> D:\UltraStar Deluxe WorldParty\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{01011662-76A8-41E8-B1A8-4F8821570AC5}] : (Advanced Archive Password Recovery.-.Elcomsoft Co. Ltd.) -> MsiExec.exe /X{01011662-76A8-41E8-B1A8-4F8821570AC5} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{045A0488-55C1-45B1-9992-4B4134904D61}] : (Foxit PhantomPDF.-.Foxit Software Inc.) -> MsiExec.exe /X{045A0488-55C1-45B1-9992-4B4134904D61} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{099218A5-A723-43DC-8DB5-6173656A1E94}] : (Dropbox Update Helper.-.Dropbox, Inc.) -> MsiExec.exe /I{099218A5-A723-43DC-8DB5-6173656A1E94} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}] : (Cisco PEAP Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}] : (Realtek Card Reader.-.Realtek Semiconduct Corp.) -> C:\WINDOWS\RtCRU64.exe /u ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google LLC) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}] : (Cisco EAP-FAST Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}] : (Skype™ 6.18.-.Skype Technologies S.A.) -> MsiExec.exe /X{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7B42FE04-15CD-4FE8-90D3-7ED9B85AB74F}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{89661B04-C646-4412-B6D3-5E19F02F1F37}] : (EAX4 Unified Redist.-.Creative Labs) -> MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{90150000-0138-0409-0000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9F249306-D52B-493E-BC88-445CA25BFD77}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A986A3ED-BE01-4921-8B51-73010F5BA7AD}] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824311644}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824311644} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}] : (Adobe Acrobat Reader DC - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AC0F074E4100} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AF312B06-5C5C-468E-89B3-BE6DE2645722}] : (Cisco LEAP Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{AF312B06-5C5C-468E-89B3-BE6DE2645722} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B455E95A-B804-439F-B533-336B1635AE97}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}] : (Seagate Dashboard.-.Seagate) -> MsiExec.exe /X{EA266F00-A8E7-43A0-8DED-FBFE3F076934} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}] : (.-.) -> ---------- | Ports ---------- | Installer [HKCR\Installer\Products\00006109C80000000000000000F01FEC] : Office 16 Click-to-Run Extensibility Component [HKCR\Installer\Products\00006109C80011400000000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109C800C0400000000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109DD0000000100000000F01FEC] : Office 16 Click-to-Run Extensibility Component 64-bit Registration [HKCR\Installer\Products\00006109F80000000100000000F01FEC] : Office 16 Click-to-Run Licensing Component [HKCR\Installer\Products\00F662AE7E8A0A34D8DEBFEFF3709643] : Seagate Dashboard -> C:\WINDOWS\Installer\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}\ARPPRODUCTICON.exe [HKCR\Installer\Products\048BED4F836BECB4CAB650E73FE10021] : Photo Gallery [HKCR\Installer\Products\0EFF299C23CA9AF4CBA91F36B7E956D5] : Photo Gallery [HKCR\Installer\Products\0F0FD3BE5250A5C42A8FED8C863A70D5] : Movie Maker [HKCR\Installer\Products\19B19C078E1660D4686D9ACD2C1989A3] : Movie Maker [HKCR\Installer\Products\1B7D356B5B142894A9529EF14FD631A1] : Movie Maker [HKCR\Installer\Products\1F764691F11C67F458B88521DA8CB349] : MSXML 4.0 SP3 Parser [HKCR\Installer\Products\22FEC891F72A7CD4B966C2224A1BAC90] : Galería de fotos [HKCR\Installer\Products\266110108A678E141B8AF4881275A05C] : Advanced Archive Password Recovery -> C:\WINDOWS\Installer\{01011662-76A8-41E8-B1A8-4F8821570AC5}\product_icon [HKCR\Installer\Products\2ABD888AE54C1034C95275F17CD3BC96] : Movie Maker [HKCR\Installer\Products\2FE970327162CFB4DBFF6EEAD8977B43] : Galeria de Fotografias [HKCR\Installer\Products\3BB6B5B440AD65B4EA71DDFBF3448688] : -> C:\Windows\Installer\{4B5B6BB3-DA04-4B56-AE17-DDBF3F446888}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3F427E579DEA1E344BD5CFC03F9230DD] : Photo Common [HKCR\Installer\Products\3F8B23A0F110C2E48AD75597B11A74D0] : Movie Maker [HKCR\Installer\Products\4A7AAB9E79347ED4C810A5932BF4712F] : ??? [HKCR\Installer\Products\4D296F39D4C0DEE4B9EF56C7D19595EF] : Intel(R) Rapid Storage Technology [HKCR\Installer\Products\4D5742C6C02C3AC439253C1EAB697789] : Photo Common [HKCR\Installer\Products\4EA42A62D9304AC4784BF2468120110F] : Java 8 Update 211 (64-bit) -> C:\Program Files\Java\jre1.8.0_211\\bin\javaws.exe [HKCR\Installer\Products\4FB8353CB5373F540BE95C140A704E8E] : Photo Common [HKCR\Installer\Products\50E7C3A773EE6D74991EE20BA5D33A7F] : Skype™ 6.18 -> C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe [HKCR\Installer\Products\56573393E0336ba49AEACA180E27B001] : PhotoDirector -> C:\Windows\Installer\{39337565-330E-4ab6-A9AE-AC81E0720B10}\ARPPRODUCTICON.exe [HKCR\Installer\Products\57198D20F80EB104AB03B857215B7742] : paint.net -> C:\WINDOWS\Installer\{02D89175-E08F-401B-BA30-8B7512B57724}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\5A812990327ACD34D85B163756A6E149] : Dropbox Update Helper [HKCR\Installer\Products\60B213FAC5C5E864983BEBD62E467522] : Cisco LEAP Module [HKCR\Installer\Products\68AB67CA408033019195008142136144] : Adobe Refresh Manager -> C:\WINDOWS\Installer\{AC76BA86-0804-1033-1959-001824311644}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA76301B744CAF070E41400] : Adobe Acrobat Reader DC - Français -> C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico [HKCR\Installer\Products\69A46712847638B4987EA70536FB51C6] : Movie Maker [HKCR\Installer\Products\6ABA513B7128E484A95C8308E6626546] : Valokuvavalikoima [HKCR\Installer\Products\6E0FE4A0219AEDC47A3FE6657E1CA3F2] : Cisco PEAP Module [HKCR\Installer\Products\71460E5BCA4A52243BE6E7439C61617E] : Intel® Trusted Connect Service Client [HKCR\Installer\Products\7205E5CD8E56BC1418C5A9BA84FB8B2E] : Movie Maker [HKCR\Installer\Products\7810FB462D3FB89499AE61A39FEAE69C] : Cisco EAP-FAST Module [HKCR\Installer\Products\78FAA5B3E1353614EB979898CF421937] : Movie Maker [HKCR\Installer\Products\7BD4C90EC03660F46A13E87A329932FA] : D3DX10 [HKCR\Installer\Products\7C474E62A36E2CE40AC809B999A67AD5] : Movie Maker [HKCR\Installer\Products\7EE7F2130D73D4849B47C01E8B65C097] : Movie Maker [HKCR\Installer\Products\8174D3B56419BC5498984C8EB732B9A3] : Movie Maker [HKCR\Installer\Products\8840A5401C551B549929B4144309D416] : Foxit PhantomPDF -> C:\WINDOWS\Installer\{045A0488-55C1-45B1-9992-4B4134904D61}\IconName.exe [HKCR\Installer\Products\8CDD41E806AE81E43B3E917301D4B5AD] : MSVCRT110 [HKCR\Installer\Products\91E16A89C7521E74E9B336AC13EA4C9D] : Photo Common [HKCR\Installer\Products\96530F83636A3FC4DBED30C2C8523140] : Movie Maker [HKCR\Installer\Products\96F071321C0420729083000010000000] : 7-Zip 9.38 (x64 edition) [HKCR\Installer\Products\99E80CA9B0328e74791254777B1F42AE] : [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A299B6925F3D5DB4B9F40D7281427224] : Photo Common [HKCR\Installer\Products\A6C64DD86500CEF47BA082BB611A1FF1] : MSVCRT [HKCR\Installer\Products\A75F0AACC8AB8DA4AA303FB2E0F46532] : Photo Common [HKCR\Installer\Products\A782C5D2D2D1AB64E88F2D475757BDE6] : S?????? f?t???af??? [HKCR\Installer\Products\A86BF41F88196304DAD00D45CBC92919] : Update for Windows 10 for x64-based Systems (KB4023057) [HKCR\Installer\Products\A8C7338D02DA26647B7C05EE25A48970] : Photo Common [HKCR\Installer\Products\A996E44B8F49C604A9B12C75F48536BC] : Movie Maker [HKCR\Installer\Products\AEDBAD784A742814AAC7C209ADEA1371] : Photo Common [HKCR\Installer\Products\AF0DE16950FA5BB4A8E9F51D72BA23FC] : Photo Gallery [HKCR\Installer\Products\B3A4FB14A06D29E488F38CC8C8512716] : Fotogalerie [HKCR\Installer\Products\B4EB76DD26E75124FA3A1F328A003A98] : Movie Maker [HKCR\Installer\Products\B7586259500022B479F70273B94E11B8] : Photo Common [HKCR\Installer\Products\B799B3D582FD1CB4286E6E2CA935FAE6] : Movie Maker [HKCR\Installer\Products\B9FB157332F56794AA26B14F7D19CDEF] : Photo Common [HKCR\Installer\Products\C2210D1B2EB62A7428EAB03B6F9CC194] : Photo Common [HKCR\Installer\Products\C2880F3D8494AAB4790274CCD4A9FE45] : ???? [HKCR\Installer\Products\C8E69A6B88CF5F6408E086544BCA4A95] : Photo Gallery [HKCR\Installer\Products\CFC471D86863CDA43BFECB26EEF16AA1] : Photo Common [HKCR\Installer\Products\D225CEEADD83DF643976E3235FB1A324] : DriversCloud.com (64 bits) -> C:\WINDOWS\Installer\{AEEC522D-38DD-46FD-9367-3E32F51B3A42}\maconfico [HKCR\Installer\Products\DAEC1A6874FEBB74EA97ADC8901E3528] : Raccolta foto [HKCR\Installer\Products\DDBA347B186E23B43AE3E6F7F348A5AE] : Fotograf Galerisi [HKCR\Installer\Products\E5403FF563A489B4F9F7844BF944967C] : Fotogalleriet [HKCR\Installer\Products\E66BAA708174D2242981A4BFC329A217] : Photo Gallery [HKCR\Installer\Products\F187AF9E08E3993428A5DAE3112CC877] : MSVCRT110_amd64 [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\F63428C9C91F4A244B678FA7829AB59F] : Movie Maker [HKCR\Installer\Products\F7322F45C810B3848848F90C8D88043C] : VC_CRT_x64 [HKCR\Installer\Products\F86DD87653DDCF74A9ABB307F5AB38B1] : Photo Common [HKCR\Installer\Products\F897C7EEFE0E0E244A343E71163C26F8] : Photo Common [HKCR\Installer\Products\FDEDBEEBFEF11D3428C50B54FF5C1F48] : Photo Common [HKCR\Installer\Products\FF43B934E47F70845B2EB4575815ADB6] : Galerie de photos ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . ------------ Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours. ] ------------ Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . ------------ Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours. ] ------------ Échec de lecture de l'état du nœud de cluster : . Le code d'erreur retourné est : 0x8007085A ------------ Échec de lecture de l'état du nœud de cluster : . Le code d'erreur retourné est : 0x8007085A ------------ Échec de lecture de l'état du nœud de cluster : . Le code d'erreur retourné est : 0x8007085A ------------ Échec de lecture de l'état du nœud de cluster : . Le code d'erreur retourné est : 0x8007085A ------------ Le service Services de chiffrement n’a pas réussi à initialiser la base de données du catalogue. L’erreur était la suivante : -2147418113 (0x8000ffff) : Défaillance irrémédiable . ------------ Le service Services de chiffrement n’a pas réussi à initialiser la base de données du catalogue. L’erreur était la suivante : -2147418113 (0x8000ffff) : Défaillance irrémédiable . ------------ Le service Services de chiffrement n’a pas réussi à initialiser la base de données du catalogue. L’erreur était la suivante : -2147418113 (0x8000ffff) : Défaillance irrémédiable . ------------ Le service Services de chiffrement n’a pas réussi à initialiser la base de données du catalogue. L’erreur était la suivante : -2147418113 (0x8000ffff) : Défaillance irrémédiable . ------------ Le serveur {E60687F7-01A1-40AA-86AC-DB1CBF673334} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. ------------ Le serveur {E60687F7-01A1-40AA-86AC-DB1CBF673334} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. ------------ Le serveur {E60687F7-01A1-40AA-86AC-DB1CBF673334} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. ------------ Le dépassement de délai (45000 millisecondes) a été atteint lors de l’attente de la connexion du service Seagate Dashboard Services. ------------ Le service Service Liste des réseaux s’est arrêté avec l’erreur : Le périphérique n’est pas prêt. ------------ Le serveur {A47979D2-C419-11D9-A5B4-001185AD2B89} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. ------------ Le service Service Liste des réseaux s’est arrêté avec l’erreur : Le périphérique n’est pas prêt. ------------ ----------( EOF)---------- - 4672 | 10:27:11