--------------- QuickDiag | g3n-h@ckm@n | V5_10.09.19.1 ---------------

----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 12/09/2019 11:52:53

Updated 10/09/2019 | 23:30 (GMT) by g3n-h@ckm@n
Contact : http://www.sosvirus.net/

Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris
[Mugetsu (Administrator)] - [MUGETSU-PC] (S-1-5-21-3543355656-3037117862-3061321469-1000)

System: Microsoft Windows 10 Professionnel - - (10.0.18362) -  BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (1903)
System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True
Boot : Microsoft Windows 10 Professionnel|C:\WINDOWS|\Device\Harddisk0\Partition1
Boot : Normal boot
PC: All Series - ASUS - IdNumber: System Serial Number - UUID: A4237F80-D7DB-11DD-8463-AC9E17834BE6
Processor : X64 - 3498 Mhz - Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz
BIOS Date: 09/30/14 15:52:27 Ver: 20.12 - fr|FR|iso8859-1 - American Megatrends Inc. - S/N: System Serial Number - 2012 - ALASKA - 1072009
CoreTemp : 29.8 Celsius

----------| Quick


---------- | SoundDevice

Périphérique High Definition Audio - Status: OK - Manufacturer: Microsoft - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0892&SUBSYS_1043860B&REV_1003\4&165326BB&0&0001
HD Webcam C310 - Status: OK - Manufacturer: Logitech - PNPDeviceID: USB\VID_046D&PID_081B&MI_02\7&62B0672&0&0002
Périphérique audio USB - Status: OK - Manufacturer: (USB Audio générique) - PNPDeviceID: USB\VID_0C76&PID_161F&MI_00\6&B59E95A&0&0000
NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000
NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0071&SUBSYS_14623160&REV_1001\5&2C602D13&0&0001
Wi-Fi Display Virtual Audio Device - Status: OK - Manufacturer: Ralink - PNPDeviceID: ROOT\MEDIA\0000

---------- | Video

NVIDIA GeForce GTX 970 - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 59 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ff72214788d99390\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ff72214788d99390\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ff72214788d99390\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ff72214788d99390\nvldumdx.dll - PNPDeviceID: PCI\VEN_10DE&DEV_13C2&SUBSYS_31601462&REV_A1\4&3834D97&0&0008 - AdapterCompatibility: NVIDIA - RAM: -1048576
Inegrated Video Chipset DeviceName: NVIDIA GeForce GTX 970 - DriverVersion: 26.21.14.3615 - SpecificationVersion: 1025

---------- | Codecs

C:\WINDOWS\system32\TSBYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 -  Manufacturer: Microsoft Corporation - Status: OK
C:\WINDOWS\system32\MSRLE32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 -  Manufacturer: Microsoft Corporation - Status: OK
C:\WINDOWS\system32\IMAADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 36920 -  Manufacturer: Microsoft Corporation - Status: OK
C:\WINDOWS\system32\MSADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34808 -  Manufacturer: Microsoft Corporation - Status: OK
C:\WINDOWS\system32\MSGSM32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42600 -  Manufacturer: Microsoft Corporation - Status: OK
C:\WINDOWS\system32\L3CODECA.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 92672 -  Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK
C:\WINDOWS\system32\LVCOD64.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 175392 -  Manufacturer: Logitech Inc. - Status: OK
C:\WINDOWS\system32\MSYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27648 -  Manufacturer: Microsoft Corporation - Status: OK
C:\WINDOWS\system32\MSG711.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 26056 -  Manufacturer: Microsoft Corporation - Status: OK
C:\WINDOWS\system32\MSVIDC32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 39424 -  Manufacturer: Microsoft Corporation - Status: OK
C:\WINDOWS\system32\IYUV_32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 -  Manufacturer: Microsoft Corporation - Status: OK

---------- | CPU

CPU #1 value:2 %
CPU #2 value:2 %
CPU #3 value:8 %
CPU #4 value:2 %
Total Overall CPU Usage value:3 %

---------- | Network

Intel[R] Ethernet Connection [2] I218-V : SENT:0 bytes/sec / RECVD:0 bytes/sec
802.11n USB Wireless LAN Card _2 : SENT:14,670 bytes/sec / RECVD:14,670 bytes/sec

Overall -> SEND Maxium:3 bytes/sec,  /  RECEIVE Maximum:14,670 bytes/sec

Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000
Intel(R) Ethernet Connection (2) I218-V - Ethernet 802.3 - Intel Corporation - Status: - PnPID : PCI\VEN_8086&DEV_15A1&SUBSYS_85C41043&REV_00\3&11583659&0&C8
802.11n USB Wireless LAN Card #2 - Ethernet 802.3 - Ralink Technology, Corp. - Status: - PnPID : USB\VID_148F&PID_3070\1.0
Microsoft Wi-Fi Direct Virtual Adapter #2 - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\6&1704CC16&2&11
Microsoft Wi-Fi Direct Virtual Adapter #3 - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\6&1704CC16&2&12
WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_SSTPMINIPORT
WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_AGILEVPNMINIPORT
WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_L2TPMINIPORT
WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPTPMINIPORT
WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPPOEMINIPORT
WAN Miniport (IP) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIP
WAN Miniport (IPv6) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIPV6
WAN Miniport (Network Monitor) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANBH
VirtualBox Host-Only Ethernet Adapter - Ethernet 802.3 - Oracle Corporation - Status: - PnPID : ROOT\NET\0000
RAS Async Adapter - - - Status: - PnPID : 

---------- | Memory

RAM = Total (MB) : 16719 | Free (MB) : 11897
Pagefile = Total (MB) : 33496 | Free (MB) : 27989
Virtual = Total (MB) : 4194 | Free (MB) : 3890

Physical Memory 0 : Capacity: 4294967296 - DIMM_A1 - Posit.: - Manufacturer: 0420 - PartNumber: F3-2133C10-4GSR   - S/N: 00000000
Physical Memory 1 : Capacity: 4294967296 - DIMM_A2 - Posit.: - Manufacturer: 0420 - PartNumber: F3-2133C9-4GXL    - S/N: 00000000
Physical Memory 2 : Capacity: 4294967296 - DIMM_B1 - Posit.: - Manufacturer: 0420 - PartNumber: F3-2133C10-4GSR   - S/N: 00000000
Physical Memory 3 : Capacity: 4294967296 - DIMM_B2 - Posit.: 1 - Manufacturer: 0420 - PartNumber: F3-2133C9-4GXL    - S/N: 00000000

---------- | SID Users

Administrateur : [S-1-5-21-3543355656-3037117862-3061321469-500]
DefaultAccount : [S-1-5-21-3543355656-3037117862-3061321469-503]
HomeGroupUser$ : [S-1-5-21-3543355656-3037117862-3061321469-1002]
Invité : [S-1-5-21-3543355656-3037117862-3061321469-501]
Mugetsu : [S-1-5-21-3543355656-3037117862-3061321469-1000]
WDAGUtilityAccount : [S-1-5-21-3543355656-3037117862-3061321469-504]
Administrateurs : [S-1-5-32-544]
Administrateurs Hyper-V : [S-1-5-32-578]
Duplicateurs : [S-1-5-32-552]
IIS_IUSRS : [S-1-5-32-568]
Invités : [S-1-5-32-546]
Lecteurs des journaux d’événements : [S-1-5-32-573]
Opérateurs d'assistance de contrôle d'accès : [S-1-5-32-579]
Opérateurs de chiffrement : [S-1-5-32-569]
Opérateurs de configuration réseau : [S-1-5-32-556]
Opérateurs de sauvegarde : [S-1-5-32-551]
System Managed Accounts Group : [S-1-5-32-581]
Utilisateurs : [S-1-5-32-545]
Utilisateurs avec pouvoir : [S-1-5-32-547]
Utilisateurs de gestion à distance : [S-1-5-32-580]
Utilisateurs de l’Analyseur de performances : [S-1-5-32-558]
Utilisateurs du Bureau à distance : [S-1-5-32-555]
Utilisateurs du journal de performances : [S-1-5-32-559]
Utilisateurs du modèle COM distribué : [S-1-5-32-562]
HomeUsers : [S-1-5-21-3543355656-3037117862-3061321469-1001]

---------- | SystemAccounts

Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK
Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK
Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK
Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK
Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK
Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK
Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK
Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK
Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK
Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK
Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK
Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK
Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK
Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK
Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK
Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK
Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK
Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK
Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK
Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK
Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK
Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK
Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK
Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK
Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK

---------- | Drives

C:\ -> [Fixed] | [Armageddon] | Total : 111.3 Go | Free : 28.69 Go -> NTFS (SSD) [SATA]
E:\ -> [Fixed] | [Maria] | Total : 928.51 Go | Free : 197.85 Go -> NTFS [SATA]
F:\ -> [Fixed] | [Celeste] | Total : 223.57 Go | Free : 65.02 Go -> NTFS (SSD) [SATA]
G:\ -> [Removable] | [] | Total : 1.86 Go | Free : 0.82 Go -> FAT32 [USB]

Disk Usage Information [4 total Physical Disks]

Physical Drive #0 [C:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec 
Physical Drive #1 [F:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec 
Physical Drive #2 [E:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec 
Physical Drive #3 [G:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec 

Overall - Read Maximum:0 bytes/sec, Write Maximum:0 bytes/sec

DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 2 Part. - PnPID : SCSI\DISK&VEN_&PROD_KINGSTON_SV300S3\4&268C595A&0&000000
DeviceID: \\.\PHYSICALDRIVE3 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_GENERAL&PROD_USB_FLASH_DISK&REV_1.00\0337600000028CA2&0
DeviceID: \\.\PHYSICALDRIVE2 - Status: OK - IDE - Fixed hard disk media - 1 Part. - PnPID : SCSI\DISK&VEN_WDC&PROD_WD10EZEX-08M2NA0\4&268C595A&0&030000
DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - IDE - Fixed hard disk media - 1 Part. - PnPID : SCSI\DISK&VEN_&PROD_KINGSTON_SV300S3\4&268C595A&0&010000

---------- | Windows updates - Activation - License


W.A.T : :)

Test 1 : Windows Is Activated

Volume License


---------- | Browsers

FF : 47.0.2.6148     (©Firefox and Mozilla Developers; available under the MPL 2 license.)
GC : 76.0.3809.132     (Copyright 2019 Google LLC.)

Default : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- ""

---------- | FlashPlayer

FlashPlayer ActiveX : 32.0.0.207

---------- | Security

AV : Windows Defender Disabled
AS : Avast Antivirus Enabled
FW : WINDOWS Firewall
WMI : OK
WU: Windows Update Service [Manual(3)] = Running
AS: Windows Defender [Manual(3)] = stopped
WMI: Windows Management Instrumentation [Auto(2)] = Running



---------- | Running processes

376 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.18362.1) = C:\Windows\System32\smss.exe     [19/03/2019 06:44:35]    CPU Usage:0 %
556 | [Owner : Système | Parent : 544() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.18362.1) = C:\Windows\System32\csrss.exe     [19/03/2019 06:44:35]    CPU Usage:0 %
644 | [Owner : Système | Parent : 544() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.18362.1) = C:\Windows\System32\wininit.exe     [19/03/2019 06:44:35]    CPU Usage:0 %
708 | [Owner : Système | Parent : 644(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.18362.207) = C:\Windows\System32\services.exe     [29/08/2019 17:41:07]    CPU Usage:0 %
728 | [Owner : Système | Parent : 644(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.18362.1) = C:\Windows\System32\lsass.exe     [19/03/2019 06:44:36]    CPU Usage:0 %
832 | [Owner : Système | Parent : 708(services.exe) | 3.95 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
848 | [Owner : Système | Parent : 708(services.exe) | 28.74 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
856 | [Owner : UMFD-0 | Parent : 644(wininit.exe) | 3.53 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.18362.295) = C:\Windows\System32\fontdrvhost.exe     [29/08/2019 17:41:08]    CPU Usage:0 %
384 | [Owner : SERVICE RÉSEAU | Parent : 708(services.exe) | 18.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
548 | [Owner : Système | Parent : 708(services.exe) | 11.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1060 | [Owner : Système | Parent : 708(services.exe) | 7.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1072 | [Owner : SERVICE RÉSEAU | Parent : 708(services.exe) | 12.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1144 | [Owner : Système | Parent : 708(services.exe) | 11.07 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1168 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 12.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1244 | [Owner : Système | Parent : 708(services.exe) | 16.15 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1264 | [Owner : Système | Parent : 708(services.exe) | 6.19 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1300 | [Owner : Système | Parent : 708(services.exe) | 12.18 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1384 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 21.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1448 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 6.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1472 | [Owner : Système | Parent : 708(services.exe) | 10.05 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1536 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 8.43 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.18362.1) = C:\Windows\System32\WUDFHost.exe     [19/03/2019 06:44:53]    CPU Usage:0 %
1620 | [Owner : Système | Parent : 708(services.exe) | 13.2 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.15.2586.5913) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe     [07/06/2017 17:32:10]    CPU Usage:0 %
1648 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 9.67 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1700 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 7.79 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1732 | [Owner : Système | Parent : 708(services.exe) | 13.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1740 | [Owner : Système | Parent : 708(services.exe) | 5.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1748 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 8.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1764 | [Owner : Système | Parent : 708(services.exe) | 9.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1772 | [Owner : Système | Parent : 708(services.exe) | ?????] - (.AVAST Software - Avast remediation exe.) - (19.7.4674.0) = C:\Program Files\AVAST Software\Avast\wsc_proxy.exe     [08/09/2019 16:34:11]    CPU Usage:0 %
1792 | [Owner : Système | Parent : 708(services.exe) | 7.72 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1840 | [Owner : Système | Parent : 708(services.exe) | 8.91 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1860 | [Owner : Système | Parent : 708(services.exe) | 18.53 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1944 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 7.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1996 | [Owner : Système | Parent : 708(services.exe) | 9.61 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
2072 | [Owner : SERVICE RÉSEAU | Parent : 708(services.exe) | 12.9 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
2092 | [Owner : SERVICE RÉSEAU | Parent : 708(services.exe) | 8.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
2176 | [Owner : Système | Parent : 708(services.exe) | 8.77 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
2184 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 12.94 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
2208 | [Owner : Système | Parent : 708(services.exe) | 6.81 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
2320 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 9.41 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
2360 | [Owner : SERVICE RÉSEAU | Parent : 708(services.exe) | 8.45 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
2432 | [Owner : Système | Parent : 708(services.exe) | 8.83 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
2648 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 7.55 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
2804 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 15.03 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
2860 | [Owner : Système | Parent : 708(services.exe) | 7.96 Mo] - (.Wacom Technology, Corp. - Tablet Service.) - (6.3.15.3) = C:\Program Files\Tablet\Wacom\WTabletServicePro.exe     [04/02/2016 19:57:45]    CPU Usage:0 %
2916 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 6.65 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
2924 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 10.36 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
3064 | [Owner : SERVICE LOCAL | Parent : 2804(svchost.exe) | 13.5 Mo] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.18362.267) = C:\Windows\System32\audiodg.exe     [29/08/2019 17:40:48]    CPU Usage:0 %
2592 | [Owner : Système | Parent : 708(services.exe) | 18.65 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
2972 | [Owner : Système | Parent : 708(services.exe) | 14.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1492 | [Owner : Système | Parent : 708(services.exe) | ?????] - (.AVAST Software - Avast Service.) - (19.7.4674.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe     [08/09/2019 16:34:11]    CPU Usage:0 %
3268 | [Owner : Système | Parent : 708(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
3444 | [Owner : Système | Parent : 708(services.exe) | 7.76 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
3492 | [Owner : Système | Parent : 708(services.exe) | 23.28 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.18362.239) = C:\Windows\System32\spoolsv.exe     [29/08/2019 17:40:49]    CPU Usage:0 %
3516 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 9.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
3548 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 23.37 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
3560 | [Owner : Système | Parent : 708(services.exe) | 6.36 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
3804 | [Owner : SERVICE RÉSEAU | Parent : 708(services.exe) | 14.92 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
3872 | [Owner : Système | Parent : 708(services.exe) | 7.01 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
3876 | [Owner : Système | Parent : 708(services.exe) | 32.02 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
3888 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 18.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
3896 | [Owner : Système | Parent : 708(services.exe) | 8.08 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe     [28/08/2019 08:03:48]    CPU Usage:0 %
3908 | [Owner : Système | Parent : 708(services.exe) | 10.82 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\SysWOW64\svchost.exe     [19/03/2019 06:45:20]    CPU Usage:0 %
3916 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 7.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
3928 | [Owner : Système | Parent : 708(services.exe) | 11.25 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
3936 | [Owner : Système | Parent : 708(services.exe) | 24.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
3944 | [Owner : Système | Parent : 708(services.exe) | 14.3 Mo] - (.Adobe Systems, Incorporated - Adobe Genuine Software Integrity Service.) - (6.3.1.77) = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe     [26/09/2016 13:55:26]    CPU Usage:0 %
3956 | [Owner : Système | Parent : 708(services.exe) | 13.68 Mo] - (.Microsoft Corporation - Windows IP Over USB PC Service.) - (10.0.15063.137) = C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe     [30/03/2017 00:52:02]    CPU Usage:0 %
3964 | [Owner : Système | Parent : 708(services.exe) | 13.52 Mo] - (.Adobe Systems, Incorporated - Adobe Genuine Software Service.) - (6.3.1.77) = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe     [11/05/2018 12:50:52]    CPU Usage:0 %
3972 | [Owner : Système | Parent : 708(services.exe) | 40.7 Mo] - (.Hi-Rez Studios - HiPatchService.) - (5.1.6.3) = E:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe     [16/04/2016 02:03:11]    CPU Usage:0 %
3180 | [Owner : Système | Parent : 708(services.exe) | 11.05 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
3408 | [Owner : Système | Parent : 708(services.exe) | 21.67 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
3512 | [Owner : Système | Parent : 708(services.exe) | 5.67 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
3568 | [Owner : Système | Parent : 708(services.exe) | 8.05 Mo] - (.Microsoft Corporation - SQL Server VSS Writer - 64 Bit.) - (2015.130.1601.5) = C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe     [30/04/2016 09:11:08]    CPU Usage:0 %
3816 | [Owner : Système | Parent : 708(services.exe) | 38.13 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.19.2693.9990) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe     [19/08/2018 10:16:15]    CPU Usage:0 %
4100 | [Owner : Système | Parent : 708(services.exe) | 8.15 Mo] - (.Ralink Technology, Corp. - RalinkRegistryWriter.) - (1.0.0.33) = C:\Program Files (x86)\Ralink\Common\RaRegistry.exe     [09/09/2015 22:01:36]    CPU Usage:0 %
4108 | [Owner : Système | Parent : 708(services.exe) | 6.2 Mo] - (.Logitech Inc. - Logitech Surround Sound Service.) - (8.96.81.0) = C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe     [18/08/2017 11:01:24]    CPU Usage:0 %
4124 | [Owner : Système | Parent : 708(services.exe) | 5.09 Mo] - (.Ralink Technology, Corp. - RalinkRegistryWriter.) - (1.0.0.33) = C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe     [09/09/2015 22:01:36]    CPU Usage:0 %
4152 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 13.51 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
4160 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 25.91 Mo] - (.Microsoft Corporation - SMSvcHost.exe.) - (4.8.3752.0) = C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe     [19/03/2019 06:46:43]    CPU Usage:0 %
4220 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 6.66 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
4244 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 5.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
4256 | [Owner : Système | Parent : 708(services.exe) | 9.19 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
4296 | [Owner : SERVICE RÉSEAU | Parent : 708(services.exe) | 13.26 Mo] - (.Microsoft Corporation - Message Queuing Service.) - (5.0.1.1) = C:\Windows\System32\mqsvc.exe     [19/03/2019 06:58:06]    CPU Usage:0 %
4504 | [Owner : SERVICE LOCAL | Parent : 3872(svchost.exe) | 13.34 Mo] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.18362.1) = C:\Windows\System32\dasHost.exe     [19/03/2019 06:44:18]    CPU Usage:0 %
4540 | [Owner : Système | Parent : 708(services.exe) | 17.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
4576 | [Owner : SERVICE RÉSEAU | Parent : 708(services.exe) | 7.31 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
4588 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 10.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
3612 | [Owner : Système | Parent : 708(services.exe) | 13.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
4032 | [Owner : Système | Parent : 708(services.exe) | 12.06 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\SysWOW64\svchost.exe     [19/03/2019 06:45:20]    CPU Usage:0 %
5352 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 8.81 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
5476 | [Owner : SERVICE RÉSEAU | Parent : 708(services.exe) | 17.1 Mo] - (.Microsoft Corporation - SMSvcHost.exe.) - (4.8.3752.0) = C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe     [19/03/2019 06:46:43]    CPU Usage:0 %
5992 | [Owner : Système | Parent : 708(services.exe) | 10.33 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
6084 | [Owner : Système | Parent : 708(services.exe) | 7.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
6092 | [Owner : SERVICE RÉSEAU | Parent : 708(services.exe) | 7.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
6452 | [Owner : SERVICE RÉSEAU | Parent : 848(svchost.exe) | 17.81 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.18362.1) = C:\Windows\System32\wbem\WmiPrvSE.exe     [19/03/2019 06:44:00]    CPU Usage:0 %
6660 | [Owner : Système | Parent : 848(svchost.exe) | 6.99 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (10.0.18362.1) = C:\Windows\System32\wbem\unsecapp.exe     [19/03/2019 06:43:54]    CPU Usage:0 %
7108 | [Owner : Système | Parent : 708(services.exe) | 39 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.18362.267) = C:\Windows\System32\SearchIndexer.exe     [29/08/2019 17:40:57]    CPU Usage:0 %
6944 | [Owner : Système | Parent : 1492(AvastSvc.exe) | 68.74 Mo] - (.AVAST Software - Antivirus engine server.) - (19.7.4674.0) = C:\Program Files\AVAST Software\Avast\aswEngSrv.exe     [08/09/2019 16:34:12]    CPU Usage:0 %
7360 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
7928 | [Owner : Système | Parent : 6980() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.18362.1) = C:\Windows\System32\csrss.exe     [19/03/2019 06:44:35]    CPU Usage:0 %
8004 | [Owner : Système | Parent : 6980() | 9.78 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.18362.267) = C:\Windows\System32\winlogon.exe     [29/08/2019 17:41:08]    CPU Usage:0 %
6576 | [Owner : UMFD-2 | Parent : 8004(winlogon.exe) | 8.72 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.18362.295) = C:\Windows\System32\fontdrvhost.exe     [29/08/2019 17:41:08]    CPU Usage:0 %
6548 | [Owner : DWM-2 | Parent : 8004(winlogon.exe) | 65.87 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.18362.267) = C:\Windows\System32\dwm.exe     [29/08/2019 17:41:04]    CPU Usage:0 %
3672 | [Owner : Système | Parent : 1620(NVDisplay.Container.exe) | 36.96 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.15.2586.5913) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe     [07/06/2017 17:32:10]    CPU Usage:0 %
4780 | [Owner : Système | Parent : 1244(svchost.exe) | 3.22 Mo] - (.AVAST Software - Avast OverSeer Overseer.) - (1.0.375.0) = C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe     [19/08/2019 17:08:10]    CPU Usage:0 %
5272 | [Owner : Système | Parent : 708(services.exe) | 12.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
6600 | [Owner : Système | Parent : 708(services.exe) | 49.92 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
8076 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 7.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
4996 | [Owner : Mugetsu | Parent : 2860(WTabletServicePro.exe) | 8.64 Mo] - (.Wacom Technology, Corp. - Tablet user module for professional driver.) - (6.3.15.3) = C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe     [04/02/2016 19:57:46]    CPU Usage:0 %
1636 | [Owner : Système | Parent : 2860(WTabletServicePro.exe) | 11.94 Mo] - (.Wacom Technology - Wacom Load Agent.) - (1.0.0.2) = C:\Program Files\Tablet\Wacom\WacomHost.exe     [04/02/2016 19:57:45]    CPU Usage:0 %
6544 | [Owner : Mugetsu | Parent : 3816(nvcontainer.exe) | 46.8 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.19.2693.9990) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe     [19/08/2018 10:16:15]    CPU Usage:0 %
5228 | [Owner : Mugetsu | Parent : 2860(WTabletServicePro.exe) | 13.09 Mo] - (.Wacom Technology, Corp. - Touch User Mode Driver.) - (6.3.15.3) = C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe     [04/02/2016 19:57:45]    CPU Usage:0 %
3504 | [Owner : Mugetsu | Parent : 1472(svchost.exe) | 28.12 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.18362.1) = C:\Windows\System32\sihost.exe     [19/03/2019 06:44:12]    CPU Usage:0 %
4180 | [Owner : Mugetsu | Parent : 708(services.exe) | 31.99 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
4204 | [Owner : Système | Parent : 1636(WacomHost.exe) | 26.32 Mo] - (.Wacom Technology, Corp. - Tablet Service for professional driver.) - (6.3.15.3) = C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe     [04/02/2016 19:57:45]    CPU Usage:0 %
4340 | [Owner : Mugetsu | Parent : 708(services.exe) | 37.36 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
568 | [Owner : Mugetsu | Parent : 1244(svchost.exe) | 15.13 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.18362.1) = C:\Windows\System32\taskhostw.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
6984 | [Owner : Système | Parent : 708(services.exe) | 8.28 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
2776 | [Owner : Système | Parent : 708(services.exe) | 22.11 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
1672 | [Owner : Mugetsu | Parent : 6984(svchost.exe) | 15.75 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.18362.1) = C:\Windows\System32\ctfmon.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
8348 | [Owner : Mugetsu | Parent : 8328() | 144.65 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.18362.267) = C:\Windows\explorer.exe     [29/08/2019 17:40:49]    CPU Usage:0 %
8416 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 19.06 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
8484 | [Owner : Mugetsu | Parent : 708(services.exe) | 18.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
9180 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 89.34 Mo] - (.-.) - (0.0.0.0) = C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe     [29/08/2019 17:41:01]    CPU Usage:0 %
8528 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 24.84 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.18362.1) = C:\Windows\System32\RuntimeBroker.exe     [19/03/2019 06:44:06]    CPU Usage:0 %
4232 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 187.03 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.18362.267) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe     [29/08/2019 17:41:09]    CPU Usage:0 %
9424 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 44.36 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.18362.1) = C:\Windows\System32\RuntimeBroker.exe     [19/03/2019 06:44:06]    CPU Usage:0 %
9832 | [Owner : Système | Parent : 708(services.exe) | 25.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
9848 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 6.92 Mo] - (.-.) - (8.51.0.72) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe     [19/08/2019 17:03:41]    CPU Usage:0 %
9964 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 193.12 Mo] - (.Microsoft Corporation - SkypeApp.) - (8.51.0.72) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe     [19/08/2019 17:03:41]    CPU Usage:0 %
10024 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 27.31 Mo] - (.-.) - (1.19071.901.0) = C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19071.901.0_x64__8wekyb3d8bbwe\YourPhone.exe     [30/08/2019 08:00:27]    CPU Usage:0 %
8312 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 11.16 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.18362.239) = C:\Windows\System32\SettingSyncHost.exe     [29/08/2019 17:41:13]    CPU Usage:0 %
9544 | [Owner : Système | Parent : 708(services.exe) | 12.11 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
9480 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 22.52 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.18362.1) = C:\Windows\System32\RuntimeBroker.exe     [19/03/2019 06:44:06]    CPU Usage:0 %
9152 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 36.27 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.18362.1) = C:\Windows\System32\smartscreen.exe     [19/03/2019 06:44:03]    CPU Usage:0 %
9772 | [Owner : Mugetsu | Parent : 8348(explorer.exe) | 174.99 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
8824 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 6.96 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
10264 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 9.15 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
10408 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 66.97 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
10416 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 39.27 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
10576 | [Owner : Système | Parent : 848(svchost.exe) | 34.66 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.18362.1) = C:\Windows\System32\wbem\WmiPrvSE.exe     [19/03/2019 06:44:00]    CPU Usage:0 %
10988 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 80.65 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
11244 | [Owner : Système | Parent : 708(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
8816 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 189.33 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
2520 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 6.62 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.18362.1) = C:\Windows\System32\RuntimeBroker.exe     [19/03/2019 06:44:06]    CPU Usage:0 %
10768 | [Owner : Système | Parent : 708(services.exe) | 16.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
11332 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 24.75 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.18362.1) = C:\Windows\System32\RuntimeBroker.exe     [19/03/2019 06:44:06]    CPU Usage:0 %
11420 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 47.46 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
11608 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 32.72 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
11668 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 41.56 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
11680 | [Owner : Mugetsu | Parent : 8348(explorer.exe) | 9.18 Mo] - (.Microsoft Corporation - Windows Security notification icon.) - (10.0.18362.1) = C:\Windows\System32\SecurityHealthSystray.exe     [19/03/2019 06:44:23]    CPU Usage:0 %
11744 | [Owner : Système | Parent : 708(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.18.1901.16384) = C:\Windows\System32\SecurityHealthService.exe     [29/08/2019 17:41:08]    CPU Usage:0 %
11836 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 41.44 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
11928 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 36.41 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
12032 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 60.4 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
12144 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 35.42 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
12156 | [Owner : Mugetsu | Parent : 8348(explorer.exe) | 54.62 Mo] - (.Logitech Inc. - Logitech Gaming Framework.) - (8.96.81.0) = C:\Program Files\Logitech Gaming Software\LCore.exe     [18/08/2017 11:01:22]    CPU Usage:0 %
12248 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 36.42 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
12268 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 34.67 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
11220 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 49.67 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
11520 | [Owner : Système | Parent : 708(services.exe) | 5.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
12400 | [Owner : Mugetsu | Parent : 12156(LCore.exe) | 18.44 Mo] - (.Logitech, Inc. - Logi Analytics Client (UNICODE).) - (1.1.133.0) = C:\Program Files\Logitech Gaming Software\LAClient\laclient.exe     [18/08/2017 10:41:56]    CPU Usage:0 %
12416 | [Owner : Mugetsu | Parent : 12400(laclient.exe) | 8 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.18362.1) = C:\Windows\System32\conhost.exe     [19/03/2019 06:44:30]    CPU Usage:0 %
12452 | [Owner : Mugetsu | Parent : 11948() | 96.35 Mo] - (.AVAST Software - Avast Antivirus.) - (19.7.4674.0) = C:\Program Files\AVAST Software\Avast\AvastUI.exe     [08/09/2019 16:34:13]    CPU Usage:0 %
12784 | [Owner : Mugetsu | Parent : 8348(explorer.exe) | 89.71 Mo] - (.Valve Corporation - Steam Client Bootstrapper.) - (5.31.28.21) = E:\Steam\Steam.exe     [04/06/2015 23:11:32]    CPU Usage:0 %
12800 | [Owner : Mugetsu | Parent : 8348(explorer.exe) | 25.83 Mo] - (.f.lux Software LLC - f.lux.) - (4.104.0.0) = C:\Users\Mugetsu\AppData\Local\FluxSoftware\Flux\flux.exe     [07/05/2019 21:15:46]    CPU Usage:0 %
13004 | [Owner : Mugetsu | Parent : 708(services.exe) | 24.13 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
13124 | [Owner : Mugetsu | Parent : 8348(explorer.exe) | 76.15 Mo] - (.Skype Technologies S.A. - Skype.) - (8.51.0.92) = C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe     [23/07/2018 16:07:11]    CPU Usage:0 %
13192 | [Owner : Mugetsu | Parent : 13124(Skype.exe) | 14.38 Mo] - (.Skype Technologies S.A. - Skype.) - (8.51.0.92) = C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe     [23/07/2018 16:07:11]    CPU Usage:0 %
11944 | [Owner : Mugetsu | Parent : 13124(Skype.exe) | 49 Mo] - (.Skype Technologies S.A. - Skype.) - (8.51.0.92) = C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe     [23/07/2018 16:07:11]    CPU Usage:0 %
12380 | [Owner : Mugetsu | Parent : 13124(Skype.exe) | 132.56 Mo] - (.Skype Technologies S.A. - Skype.) - (8.51.0.92) = C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe     [23/07/2018 16:07:11]    CPU Usage:0 %
11444 | [Owner : Mugetsu | Parent : 8348(explorer.exe) | 22.44 Mo] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) - (140.0.297.0) = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe     [29/04/2011 20:08:34]    CPU Usage:0 %
1728 | [Owner : Mugetsu | Parent : 12372(hpqbam08.exe) | 8.92 Mo] - (.CANON INC. - Canon IJ Network Scan Utility.) - (3.3.1.0) = C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe     [31/08/2015 17:33:53]    CPU Usage:0 %
12812 | [Owner : Mugetsu | Parent : 12784(Steam.exe) | 50.53 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (5.31.28.21) = E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe     [30/08/2018 19:10:47]    CPU Usage:0 %
11512 | [Owner : Mugetsu | Parent : 8348(explorer.exe) | 56.84 Mo] - (.Ralink Technology, Corp. - Ralink Wireless LAN Card Utility.) - (5.0.1.0) = C:\Program Files (x86)\Ralink\Common\RaUI.exe     [09/09/2015 22:01:35]    CPU Usage:0 %
11552 | [Owner : Système | Parent : 708(services.exe) | 13.09 Mo] - (.Valve Corporation - Steam Client Service.) - (5.31.28.21) = C:\Program Files (x86)\Common Files\Steam\SteamService.exe     [19/06/2015 21:55:52]    CPU Usage:0 %
12808 | [Owner : Mugetsu | Parent : 12372(hpqbam08.exe) | 16.51 Mo] - (.Logitech Inc. - Logitech Webcam Software.) - (13.51.815.0) = C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe     [13/09/2012 00:38:44]    CPU Usage:0 %
8332 | [Owner : Mugetsu | Parent : 12808(LWS.exe) | 25.39 Mo] - (.-.) - (13.51.815.0) = C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe     [13/09/2012 00:38:20]    CPU Usage:0 %
8724 | [Owner : Mugetsu | Parent : 12812(steamwebhelper.exe) | 13.26 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (5.31.28.21) = E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe     [30/08/2018 19:10:47]    CPU Usage:0 %
11584 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 17.31 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
13368 | [Owner : Mugetsu | Parent : 12372(hpqbam08.exe) | 109.35 Mo] - (.Razer Inc. - Razer Synapse.) - (2.21.24.1) = C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe     [17/07/2019 12:42:00]    CPU Usage:0 %
13440 | [Owner : Mugetsu | Parent : 12812(steamwebhelper.exe) | 48.89 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (5.31.28.21) = E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe     [30/08/2018 19:10:47]    CPU Usage:0 %
13508 | [Owner : Mugetsu | Parent : 12372(hpqbam08.exe) | 6.37 Mo] - (.Hewlett-Packard - hpwuSchd Application.) - (80.1.1.0) = C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe     [30/05/2013 15:50:10]    CPU Usage:0 %
13612 | [Owner : Mugetsu | Parent : 12372(hpqbam08.exe) | 15.77 Mo] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.211.12) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe     [01/04/2019 23:25:24]    CPU Usage:0 %
14008 | [Owner : SERVICE RÉSEAU | Parent : 708(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
14136 | [Owner : Système | Parent : 708(services.exe) | 11.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
14208 | [Owner : Système | Parent : 14128() | 1.38 Mo] - (.Google Inc. - Programme d'installation de Google.) - (1.3.28.15) = C:\Program Files (x86)\Google\Update\GoogleUpdate.exe     [15/11/2015 11:19:36]    CPU Usage:0 %
13736 | [Owner : Mugetsu | Parent : 11444(hpqtra08.exe) | 14.76 Mo] - (.Hewlett-Packard Co. - HP CUE Status Root.) - (140.0.342.0) = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe     [29/04/2011 12:34:02]    CPU Usage:0 %
12280 | [Owner : Système | Parent : 708(services.exe) | ?????] - (.Microsoft Corporation - Service Broker du moniteur d'exécution System Guard.) - (10.0.18362.1) = C:\Windows\System32\SgrmBroker.exe     [19/03/2019 06:45:32]    CPU Usage:0 %
12372 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 8.08 Mo] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) - (140.0.411.0) = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe     [29/04/2011 12:33:58]    CPU Usage:0 %
10860 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 5.62 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
3640 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 13.91 Mo] - (.Hewlett-Packard - GPCore COM object.) - (130.0.14.16) = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe     [29/04/2011 18:01:04]    CPU Usage:0 %
4696 | [Owner : Système | Parent : 848(svchost.exe) | 10.54 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.18362.1) = C:\Windows\System32\dllhost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
13708 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 13.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
14932 | [Owner : Mugetsu | Parent : 12812(steamwebhelper.exe) | 83.26 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (5.31.28.21) = E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe     [30/08/2018 19:10:47]    CPU Usage:0 %
15060 | [Owner : Mugetsu | Parent : 12812(steamwebhelper.exe) | 40.89 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (5.31.28.21) = E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe     [30/08/2018 19:10:47]    CPU Usage:0 %
14356 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 50.92 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.18362.1) = C:\Windows\System32\ApplicationFrameHost.exe     [19/03/2019 06:44:23]    CPU Usage:0 %
14344 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 40.92 Mo] - (.Microsoft Corporation - Store.) - (11909.1001.7.0) = C:\Program Files\WindowsApps\Microsoft.WindowsStore_11909.1001.7.0_x64__8wekyb3d8bbwe\WinStore.App.exe     [30/08/2019 08:01:02]    CPU Usage:0 %
14464 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 9.26 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.18362.1) = C:\Windows\System32\RuntimeBroker.exe     [19/03/2019 06:44:06]    CPU Usage:0 %
9560 | [Owner : Système | Parent : 708(services.exe) | 15.55 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
9732 | [Owner : Mugetsu | Parent : 12452(AvastUI.exe) | 138.06 Mo] - (.AVAST Software - Avast Antivirus.) - (19.7.4674.0) = C:\Program Files\AVAST Software\Avast\AvastUI.exe     [08/09/2019 16:34:13]    CPU Usage:0 %
11620 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 49.56 Mo] - (.Microsoft Corporation - Paramètres.) - (10.0.18362.1) = C:\Windows\ImmersiveControlPanel\SystemSettings.exe     [19/03/2019 06:46:39]    CPU Usage:0 %
11800 | [Owner : Système | Parent : 708(services.exe) | 12.27 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
14868 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 34.1 Mo] - (.-.) - (10.19031.1141.0) = C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19031.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe     [06/04/2019 08:08:06]    CPU Usage:0 %
10380 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 52.48 Mo] - (.Microsoft Corporation - Microsoft Edge.) - (11.0.18362.267) = C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe     [29/08/2019 17:40:46]    CPU Usage:0 %
12988 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 8.44 Mo] - (.Microsoft Corporation - Browser_Broker.) - (11.0.18362.267) = C:\Windows\System32\browser_broker.exe     [29/08/2019 17:41:04]    CPU Usage:0 %
10008 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 7.92 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.18362.1) = C:\Windows\System32\RuntimeBroker.exe     [19/03/2019 06:44:06]    CPU Usage:0 %
14072 | [Owner : Mugetsu | Parent : 10008(RuntimeBroker.exe) | 12.82 Mo] - (.Microsoft Corporation - Microsoft Edge Web Platform.) - (11.0.18362.1) = C:\Windows\System32\MicrosoftEdgeSH.exe     [19/03/2019 06:44:09]    CPU Usage:0 %
15280 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 26.18 Mo] - (.Microsoft Corporation - Microsoft Edge Content Process.) - (11.0.18362.1) = C:\Windows\System32\MicrosoftEdgeCP.exe     [19/03/2019 06:44:47]    CPU Usage:0 %
10600 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 12.77 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.18362.1) = C:\Windows\System32\dllhost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
14748 | [Owner : Mugetsu | Parent : 1244(svchost.exe) | 19.83 Mo] - (.Microsoft Corporation - Serveur de personnalisation d’entrée.) - (10.0.18362.1) = C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe     [19/03/2019 06:45:49]    CPU Usage:0 %
11492 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 64.74 Mo] - (.Microsoft Corporation - Windows Defender application.) - (10.0.18362.267) = C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe     [29/08/2019 17:41:02]    CPU Usage:0 %
11176 | [Owner : SERVICE LOCAL | Parent : 708(services.exe) | 11.31 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe     [19/03/2019 06:44:33]    CPU Usage:0 %
15380 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 9.42 Mo] - (.Microsoft Corporation - Windows Security Health Host.) - (4.18.1901.16384) = C:\Windows\System32\SecurityHealthHost.exe     [29/08/2019 17:41:08]    CPU Usage:0 %
15720 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 17.26 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.18362.1) = C:\Windows\System32\RuntimeBroker.exe     [19/03/2019 06:44:06]    CPU Usage:0 %
16024 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 74.14 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
16252 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 82.95 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
12436 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 52.37 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
15248 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 35.79 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
15908 | [Owner : Mugetsu | Parent : 9772(chrome.exe) | 36.04 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [15/11/2015 11:28:45]    CPU Usage:0 %
16176 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 14.9 Mo] - (.Microsoft Corporation - Windows Security Health Host.) - (4.18.1901.16384) = C:\Windows\System32\SecurityHealthHost.exe     [29/08/2019 17:41:08]    CPU Usage:0 %
14664 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 52.25 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.18362.267) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe     [29/08/2019 17:41:05]    CPU Usage:0 %
16344 | [Owner : Mugetsu | Parent : 848(svchost.exe) | 15.28 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.18362.1) = C:\Windows\System32\RuntimeBroker.exe     [19/03/2019 06:44:06]    CPU Usage:0 %
7844 | [Owner : Mugetsu | Parent : 8348(explorer.exe) | 60.74 Mo] - (.SosVirus - QuickDiag.) - (10.9.19.1) = C:\Users\Mugetsu\Downloads\QuickDiag.exe     [12/09/2019 11:50:22]    CPU Usage:0 %
7684 | [Owner : SERVICE RÉSEAU | Parent : 848(svchost.exe) | 14.22 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.18362.1) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe     [19/03/2019 06:45:12]    CPU Usage:0 %

---------- | Locked Applications

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{f9e93b39-49d1-4179-9848-a5a2896955ea}] - () - (%systemroot%\system32\mrt.exe)

---------- | Explorer.exe Modules (Microsoft Files Whitelisted)

(.AVAST Software.-.Hook Library.) - (19.7.4674.0) -- C:\Program Files\AVAST Software\Avast\aswhook.dll
(..-..) - (0.0.0.0) -- C:\WINDOWS\System32\UMPDC.dll
(..-..) - (0.0.0.0) -- C:\Windows\System32\VirtualMonitorManager.dll
(.AVAST Software.-.Avast Shell Extension.) - (19.7.4674.0) -- C:\Program Files\AVAST Software\Avast\ashShell.dll
(.NVIDIA Corporation.-.NVIDIA Driver Loader, Version 436.15.) - (26.21.14.3615) -- C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ff72214788d99390\nvldumdx.dll
(.NVIDIA Corporation.-.NVIDIA D3D10 Driver, Version 436.15.) - (26.21.14.3615) -- C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ff72214788d99390\nvwgf2umx_cfg.dll
(..-..) - (0.0.0.0) -- C:\Windows\ShellExperiences\TileControl.dll
(..-..) - (0.0.0.0) -- C:\Windows\ShellComponents\TaskFlowUI.dll
(.Malwarebytes.-.Malwarebytes Anti-Malware.) - (3.1.1.0) -- E:\Outils\Malwarebytes Anti-Malware\mbamext.dll
(.AVAST Software.-.Avast AAVM Remote Procedure Call Library.) - (19.7.4674.0) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll
(..-.ShellHandler for Notepad++ (64 bit).) - (0.1.0.0) -- E:\Outils\Notepad++\NppShell_06.dll
(.NVIDIA Corporation.-.NVIDIA Shell Extensions.) - (6.14.14.3615) -- C:\WINDOWS\system32\nv3dappshext.dll
(.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 436.15.) - (26.21.14.3615) -- C:\WINDOWS\SYSTEM32\nvapi64.dll

---------- | Winlogon.exe Modules (Microsoft Files Whitelisted)

(.AVAST Software.-.Hook Library.) - (19.7.4674.0) -- C:\Program Files\AVAST Software\Avast\aswhook.dll
(..-..) - (0.0.0.0) -- C:\WINDOWS\System32\UMPDC.dll

---------- | svchost.exe Modules (Microsoft Files Whitelisted)

(..-..) - (0.0.0.0) -- C:\WINDOWS\System32\UMPDC.dll
(.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.25.3.0) -- c:\windows\system32\winsqlite3.dll
(.AVAST Software.-.Avast AMSI COM object.) - (19.7.4674.665) -- C:\Program Files\AVAST Software\Avast\aswAMSI.dll
(.AVAST Software.-.Avast AAVM Remote Procedure Call Library.) - (19.7.4674.0) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll
(.AVAST Software.-.Avast dll loader.) - (19.7.4674.0) -- C:\Program Files\AVAST Software\Avast\dll_loader.dll
(.AVAST Software.-.Hook Library.) - (19.7.4674.0) -- C:\Program Files\AVAST Software\Avast\aswhook.dll
(..-..) - (0.0.0.0) -- C:\Windows\System32\usocoreps.dll
(.Hewlett-Packard.-.PmlDrv Module.) - (12.2.6.51) -- c:\windows\system32\hpzipm12.dll
(..-..) - (0.0.0.0) -- C:\WINDOWS\SYSTEM32\WINBIOPLUGINS\FACEBOOTSTRAPADAPTER.DLL

---------- | ZeroAccess Check

[HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll
[HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll
[HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll

---------- | Startings up

OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL
OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU
Steam - ("E:\Steam\steam.exe" -silent [HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\...\Run]) - User: MUGETSU-PC\Mugetsu
f.lux - ("C:\Users\Mugetsu\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow [HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\...\Run]) - User: MUGETSU-PC\Mugetsu
Skype for Desktop - (C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\...\Run]) - User: MUGETSU-PC\Mugetsu
CCleaner Smart Cleaning - ("C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\...\Run]) - User: MUGETSU-PC\Mugetsu
HP Digital Imaging Monitor - (C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe  [Common Startup]) - User: Public
Ralink Wireless Utility - (C:\PROGRA~2\Ralink\Common\RaUI.exe -s [Common Startup]) - User: Public
SecurityHealth - (%windir%\system32\SecurityHealthSystray.exe [HKLM\SOFTWARE\...\Run]) - User: Public
AvastUI.exe - ("C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui [HKLM\SOFTWARE\...\Run]) - User: Public
Windows Mobile Device Center - (%windir%\WindowsMobile\wmdc.exe [HKLM\SOFTWARE\...\Run]) - User: Public
Launch LCore - (C:\Program Files\Logitech Gaming Software\LCore.exe /minimized [HKLM\SOFTWARE\...\Run]) - User: Public
AdobeGCInvoker-1.0 - ("C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe" [HKLM\SOFTWARE\...\Run]) - User: Public

[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Microsoft\Command Processor]
"CompletionChar"=9   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=9   

[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"="E:\Steam\steam.exe" -silent   
"f.lux"="C:\Users\Mugetsu\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow   
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe   [23/07/2018 16:07:11]
"CCleaner Smart Cleaning"="C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR   

[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
"Free Download Manager"=0x030000003FB9C0E1DE94D101   
"OneDrive"=0x020000000000000000000000   
"Skype"=0x020000000000000000000000   
"Steam"=0x020000000000000000000000   
"f.lux"=0x020000000000000000000000   
"Overwolf"=0x020000000000000000000000   
"CCleaner Monitoring"=0x020000000000000000000000   
"Discord"=0x020000000000000000000000   
"Skype for Desktop"=0x020000000000000000000000   
"com.squirrel.Teams.Teams"=0x020000000000000000000000   
"CCleaner Smart Cleaning"=0x020000000000000000000000   

[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"Device"=HP Photosmart C4400 series,winspool,Ne01:   
"IsMRUEstablished"=1   
"LegacyDefaultPrinterMode"=0   
"MenuDropAlignment"=1   

[HKLM\Software\Microsoft\Command Processor]
"DefaultColor"=0   
"EnableExtensions"=1   
"CompletionChar"=64   
"PathCompletionChar"=64   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=%windir%\system32\SecurityHealthSystray.exe   
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui   
"Windows Mobile Device Center"=%windir%\WindowsMobile\wmdc.exe   
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe /minimized   
"AdobeGCInvoker-1.0"="C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
"SecurityHealth"=0x060000000000000000000000   
"Windows Mobile Device Center"=0x020000000000000000000000   
"NvBackend"=0x020000000000000000000000   
"ShadowPlay"=0x020000000000000000000000   
"AvastUI.exe"=0x020000000000000000000000   
"Windows Mobile-based device management"=0x020000000000000000000000   
"Launch LCore"=0x020000000000000000000000   
"AdobeGCInvoker-1.0"=0x020000000000000000000000   
"WindowsDefender"=0x020000000000000000000000   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]
"StereoLinksInstall"=0x040000000000000000000000   
"RzWizard"=0x040000000000000000000000   
"AvastUI.exe"=0x020000000000000000000000   
"IJNetworkScanUtility"=0x020000000000000000000000   
"SunJavaUpdateSched"=0x020000000000000000000000   
"BlueStacks Agent"=0x020000000000000000000000   
"Razer Synapse"=0x020000000000000000000000   
"LWS"=0x020000000000000000000000   
""=0x020000000000000000000000   
"HP Software Update"=0x020000000000000000000000   

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
""=mnmsrvc   
"AppInit_DLLs"=   
"DdeSendTimeout"=0   
"DesktopHeapLogging"=1   
"DeviceNotSelectedTimeout"=15   
"DwmInputUsesIoCompletionPort"=1   
"EnableDwmInputProcessing"=7   
"GDIProcessHandleQuota"=10000   
"IconServiceLib"=IconCodecService.dll   
"LoadAppInit_DLLs"=0   
"NaturalInputHandler"=Ninput.dll   
"ShutdownWarningDialogTimeout"=4294967295   
"Spooler"=yes   
"ThreadUnresponsiveLogTimeout"=500   
"TransmissionRetryTimeout"=90   
"USERNestedWindowLimit"=50   
"USERPostMessageLimit"=10000   
"USERProcessHandleQuota"=10000   
"Win32kLastWriteTime"=1D55E802858E189   

[HKLM\Software\WOW6432Node\Microsoft\Command Processor]
"CompletionChar"=9   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=9   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run]
"IJNetworkScanUtility"=C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe   [31/08/2015 17:33:53]
"LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide   
"Razer Synapse"="C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"   
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe   [30/05/2013 15:50:10]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows]
""=mnmsrvc   
"AppInit_DLLs"=   
"DdeSendTimeout"=0   
"DesktopHeapLogging"=1   
"DeviceNotSelectedTimeout"=15   
"DwmInputUsesIoCompletionPort"=1   
"EnableDwmInputProcessing"=7   
"GDIProcessHandleQuota"=10000   
"IconServiceLib"=IconCodecService.dll   
"LoadAppInit_DLLs"=0   
"NaturalInputHandler"=Ninput.dll   
"ShutdownWarningDialogTimeout"=4294967295   
"Spooler"=yes   
"ThreadUnresponsiveLogTimeout"=500   
"TransmissionRetryTimeout"=90   
"USERNestedWindowLimit"=50   
"USERPostMessageLimit"=10000   
"USERProcessHandleQuota"=10000   

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED}   


---------- | Win.ini : 



---------- | System.ini : 



---------- | Tasks List

Adobe Flash Player PPAPI Notifier
AdobeAAMUpdater-1.0-MicrosoftAccount-johan.dumestier@outlook.fr
AdobeGCInvoker-1.0-MicrosoftAccount-johan.dumestier@outlook.fr
Avast Emergency Update
CCleaner Update
CCleanerSkipUAC
GoogleUpdateTaskMachineCore
GoogleUpdateTaskMachineUA
NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
OneDrive Standalone Update Task-S-1-5-21-3543355656-3037117862-3061321469-1000
PaintTool SAI
User_Feed_Synchronization-{DCFDDB49-3FD1-40A4-8DA0-F2893E3B08E1}
{C014F3AB-3518-46EF-B374-B1AB81C463DD}

---------- | Startings up registry ¦ Folder


---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server


[HKLM\System\CurrentControlSet\Control]
"BootDriverFlags"=28   
"CurrentUser"=USERNAME   
"EarlyStartServices"=RpcSs
Power
BrokerInfrastructure
SystemEventsBroker
DcomLaunch
RpcEpMapper
LSM
AppIdSvc   
"PreshutdownOrder"=DeviceInstall
UsoSvc
gpsvc
trustedinstaller   
"SvcHostSplitThresholdInKB"=3670016   
"WaitToKillServiceTimeout"=2000   
"SystemStartOptions"= NOEXECUTE=OPTIN   
"SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(1)   
"FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1)   
"LastBootSucceeded"=1   
"LastBootShutdown"=0   
"DirtyShutdownCount"=16   

[HKLM\System\CurrentControlSet\Control\lsa]
"auditbasedirectories"=0   
"auditbaseobjects"=0   
"Bounds"=0x0030000000200000   
"crashonauditfail"=0   
"fullprivilegeauditing"=0x00   
"LimitBlankPasswordUse"=1   
"NoLmHash"=1   
"Notification Packages"=scecli   
"Authentication Packages"=msv1_0   
"disabledomaincreds"=0   
"everyoneincludesanonymous"=0   
"forceguest"=0   
"LsaCfgFlagsDefault"=0   
"LsaPid"=728   
"ProductType"=6   
"restrictanonymous"=0   
"restrictanonymoussam"=1   
"SamConnectedAccountsExist"=1   
"SecureBoot"=1   
"Security Packages"=kerberos
msv1_0
schannel
wdigest
tspkg
pku2u
livessp   

[HKLM\System\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"=credssp.dll   

[HKLM\System\CurrentControlSet\Control\Session Manager]
"AutoChkTimeout"=8   
"BootExecute"=autocheck autochk *   
"BootShell"=%SystemRoot%\system32\bootim.exe   
"CriticalSectionTimeout"=2592000   
"ExcludeFromKnownDlls"=   
"GlobalFlag"=0   
"GlobalFlag2"=0   
"HeapDeCommitFreeBlockThreshold"=0   
"HeapDeCommitTotalFreeThreshold"=0   
"HeapSegmentCommit"=0   
"HeapSegmentReserve"=0   
"InitConsoleFlags"=0   
"NumberOfInitialSessions"=2   
"ObjectDirectories"=\Windows
\RPC Control   
"ProcessorControl"=2   
"ProtectionMode"=1   
"RunLevelExecute"=WinInit
ServiceControlManager   
"RunLevelValidate"=ServiceControlManager   
"SETUPEXECUTE"=   
"AutoChkSkipSystemPartition"=0   
"ResourceTimeoutCount"=648000   

[HKLM\System\CurrentControlSet\Control\Terminal Server]
"AllowRemoteRPC"=0   
"DelayConMgrTimeout"=0   
"DeleteTempDirsOnExit"=1   
"fDenyTSConnections"=1   
"fSingleSessionPerUser"=1   
"NotificationTimeOut"=0   
"PerSessionTempDir"=0   
"ProductVersion"=5.1   
"RCDependentServices"=CertPropSvc
SessionEnv   
"SnapshotMonitors"=1   
"StartRCM"=0   
"TSUserEnabled"=0   
"RailShowallNotifyIcons"=1   
"RDPVGCInstalled"=1   
"fDenyChildConnections"=0   
"InstanceID"=1974e422-2fc0-4856-9cde-3146d7e   
"GlassSessionId"=2   


---------- | .LNK with Arguments


---------- | AppCertDlls


---------- | Dnsapi.dll

C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts
C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts

---------- | Policies | Registry

[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Control Panel\Desktop]
"ActiveWndTrackTimeout"=0   
"BlockSendInputResets"=0   
"CaretTimeout"=5000   
"CaretWidth"=1   
"ClickLockTime"=1200   
"CoolSwitchColumns"=7   
"CoolSwitchRows"=3   
"CursorBlinkRate"=530   
"DockMoving"=1   
"DragFromMaximize"=1   
"DragFullWindows"=1   
"DragHeight"=4   
"DragWidth"=4   
"FocusBorderHeight"=1   
"FocusBorderWidth"=1   
"FontSmoothing"=2   
"FontSmoothingOrientation"=1   
"ForegroundFlashCount"=7   
"ForegroundLockTimeout"=200000   
"LeftOverlapChars"=3   
"MenuShowDelay"=400   
"MouseWheelRouting"=2   
"PaintDesktopVersion"=0   
"Pattern"=0   
"RightOverlapChars"=3   
"ScreenSaveActive"=1   
"SnapSizing"=1   
"TileWallpaper"=0   
"WallpaperOriginX"=0   
"WallpaperOriginY"=0   
"WheelScrollChars"=3   
"WheelScrollLines"=3   
"WindowArrangementActive"=1   
"FontSmoothingGamma"=1200   
"FontSmoothingType"=1   
"WallPaper"=C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper   [29/08/2019 17:28:45]
"WallpaperStyle"=6   
"UserPreferencesMask"=0x9E3E078012000000   
"Win8DpiScaling"=0   
"DpiScalingVer"=4096   
"MaxVirtualDesktopDimension"=4296   
"MaxMonitorDimension"=1920   
"TranscodedImageCount"=2   
"LastUpdated"=0   
"TranscodedImageCache"=0x7AC3010000EA1800C0030000D0020000CEA7B16AFC30D50143003A005C00550073006500720073005C004D007500670065007400730075005C004400650073006B0074006F0070005C0066006F006E006400200064002700E9006300720061006E005C00730061007A006B003700310036006E00610075003700330031002E0070006E006700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000   
"PreferredUILanguages"=fr-FR   
"TranscodedImageCache_006"=0x7AC30100CB4505008007000038040000B43D3A82F370D20145003A005C0050006500720073006F006E006E0065006C005C0066006F006E006400200064002700E9006300720061006E005C0068004300470068007900580046002E006A007000670000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005C005C003F005C0044004900530050004C0041005900230053004E005900460046003000300023003500260033003400640039003300380034003400260030002600550049004400340038003600340023007B00650036006600300037006200350066002D0065006500390037002D0034006100390030002D0062003000370036002D003300330066003500370062006600340065006100610037007D000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000   
"TranscodedImageCache_003"=0x7AC3010033CA2E00000A0000A005000062F524AB9F75D20145003A005C0050006500720073006F006E006E0065006C005C0066006F006E006400200064002700E9006300720061006E005C00700069006E006B00690065005F007000690065005F00770061006C006C00700061007000650072005F00680064005F00620079005F00670065006E006A0069006C0069006D002D0064003600330035006B00760032002E006A007000670000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005C005C003F005C0044004900530050004C00410059002300470053004D00340042003700370023003500260033003400640039003300380034003400260030002600550049004400340038003600340023007B00650036006600300037006200350066002D0065006500390037002D0034006100390030002D0062003000370036002D003300330066003500370062006600340065006100610037007D000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000   
"ScreenSaverIsSecure"=0   
"ScreenSaveTimeOut"=60   
"TranscodedImageCache_000"=0x7AC3010000EA1800C0030000D0020000CEA7B16AFC30D50143003A005C00550073006500720073005C004D007500670065007400730075005C004400650073006B0074006F0070005C0066006F006E006400200064002700E9006300720061006E005C00730061007A006B003700310036006E00610075003700330031002E0070006E00670000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005C005C003F005C0044004900530050004C00410059002300470053004D00350036004600420023003500260033003400640039003300380034003400260030002600550049004400340033003500330023007B00650036006600300037006200350066002D0065006500390037002D0034006100390030002D0062003000370036002D003300330066003500370062006600340065006100610037007D000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000   
"TranscodedImageCache_001"=0x7AC3010094CB13005E1A0000F80F0000006258B20E38D20143003A005C00550073006500720073005C004D007500670065007400730075005C004400650073006B0074006F0070005C0066006F006E006400200064002700E9006300720061006E005C003700360030003300380036002E006A0070006700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005C005C003F005C0044004900530050004C00410059002300470053004D00340042003700370023003500260033003400640039003300380034003400260030002600550049004400340038003600340023007B00650036006600300037006200350066002D0065006500390037002D0034006100390030002D0062003000370036002D003300330066003500370062006600340065006100610037007D000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000   
"WaitToKillAppTimeout"=2000   
"HungAppTimeout"=2000   

[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1   

[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Microsoft\Windows\CurrentVersion\Explorer]
"EdgeDesktopShortcutCreated"=1   
"ShellState"=0x240000003328000000000000000000000000000001000000130000000000000062000000   
"ExplorerStartupTraceRecorded"=1   
"UserSignedIn"=1   
"SlowContextMenuEntries"=0x6024B221EA3A6910A2DC08002B30309DD5010000FB9A790967ADD111ABCD00C04FC30936420200000114020000000000C0000000000000465A0B0000AF75193DC6488E4FA182BE0E08FA86A9B0020000BD0E0C47735D584D9CEDE91E22E232823D080000   
"SIDUpdatedOnLibraries"=1   
"LocalKnownFoldersMigrated"=1   
"TelemetrySalt"=3   
"GlobalAssocChangedCounter"=63   
"FirstRunTelemetryComplete"=1   
"AppReadinessLogonComplete"=1   
"PostAppInstallTasksCompleted"=1   

[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_SearchFiles"=2   
"ServerAdminUI"=0   
"Hidden"=1   
"ShowCompColor"=1   
"HideFileExt"=0   
"DontPrettyPath"=0   
"ShowInfoTip"=1   
"HideIcons"=0   
"MapNetDrvBtn"=0   
"WebView"=1   
"Filter"=0   
"SuperHidden"=0   
"SeparateProcess"=0   
"AutoCheckSelect"=0   
"IconsOnly"=0   
"ShowTypeOverlay"=1   
"ListviewAlphaSelect"=1   
"ListviewShadow"=1   
"TaskbarAnimations"=1   
"StartMenuInit"=13   
"Start_ShowMyGames"=0   
""=0   
"TaskbarSizeMove"=0   
"ShowSuperHidden"=0   
"ShowStatusBar"=1   
"StoreAppsOnTaskbar"=1   
"EnableStartMenu"=1   
"ReindexedProfile"=1   
"TaskbarStateLastRun"=0x8F67765D00000000   
"MMTaskbarEnabled"=0   
"ShowCortanaButton"=1   

[HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers]
"authenticodeenabled"=0   
"DefaultLevel"=262144   
"TransparentEnabled"=1   
"PolicyScope"=0   
"ExecutableTypes"=ADE
ADP
BAS
BAT
CHM
CMD
COM
CPL
CRT
EXE
HLP
HTA
INF
INS
ISP
LNK
MDB
MDE
MSC
MSI
MSP
MST
OCX
PCD
PIF
REG
SCR
SHS
URL
VB
WSC   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5   
"ConsentPromptBehaviorUser"=3   
"DSCAutomationHostEnabled"=2   
"EnableCursorSuppression"=1   
"EnableFullTrustStartupTasks"=2   
"EnableInstallerDetection"=1   
"EnableLUA"=1   
"EnableSecureUIAPaths"=1   
"EnableUIADesktopToggle"=0   
"EnableUwpStartupTasks"=2   
"EnableVirtualization"=1   
"PromptOnSecureDesktop"=1   
"SupportFullTrustStartupTasks"=1   
"SupportUwpStartupTasks"=1   
"ValidateAdminCodeSignatures"=0   
"undockwithoutlogon"=1   
"dontdisplaylastusername"=0   
"legalnoticecaption"=   
"legalnoticetext"=   
"scforceoption"=0   
"shutdownwithoutlogon"=1   
"SoftwareSASGeneration"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"ForceActiveDesktopOn"=0   
"NoActiveDesktop"=1   
"NoActiveDesktopChanges"=1   
"NoRecentDocsHistory"=0   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=1   
"NoComponents"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1   
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1   
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1   
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1   
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1   
"{871C5380-42A0-1069-A2EA-08002B30309D}"=1   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   
"{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1   
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu]
"{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=1   
"DefaultValue"=2   
"HKeyRoot"=2147483649   
"Id"=2   
"RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced   
"Text"=@shell32.dll,-30500   
"Type"=radio   
"ValueName"=Hidden   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer]
"ActiveSetupDisabled"=0   
"ActiveSetupTaskOverride"=1   
"AsyncRunOnce"=1   
"AsyncUpdatePCSettings"=1   
"DisableAppInstallsOnFirstLogon"=1   
"DisableResolveStoreCategories"=1   
"DisableUpgradeCleanup"=1   
"EarlyAppResolverStart"=1   
"FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}   
"FSIASleepTimeInMs"=60000   
"GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}   
"IconUnderline"=2   
"ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}   
"LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}   
"MachineOobeUpdates"=1   
"NoWaitOnRoamingPayloads"=1   
"TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd}   
"AccessDeniedDialog"={100B4FC8-74C1-470F-B1B7-DD7B6BAE79BD}   
"SmartScreenEnabled"=RequireAdmin   
"GlobalAssocChangedCounter"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_TrackDocs"=1   
"TaskbarSizeMove"=0   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations]
"Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s   

[HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers]
"authenticodeenabled"=0   
"DefaultLevel"=262144   
"TransparentEnabled"=1   
"PolicyScope"=0   
"ExecutableTypes"=ADE
ADP
BAS
BAT
CHM
CMD
COM
CPL
CRT
EXE
HLP
HTA
INF
INS
ISP
LNK
MDB
MDE
MSC
MSI
MSP
MST
OCX
PCD
PIF
REG
SCR
SHS
URL
VB
WSC   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5   
"ConsentPromptBehaviorUser"=3   
"DSCAutomationHostEnabled"=2   
"EnableCursorSuppression"=1   
"EnableFullTrustStartupTasks"=2   
"EnableInstallerDetection"=1   
"EnableLUA"=1   
"EnableSecureUIAPaths"=1   
"EnableUIADesktopToggle"=0   
"EnableUwpStartupTasks"=2   
"EnableVirtualization"=1   
"PromptOnSecureDesktop"=1   
"SupportFullTrustStartupTasks"=1   
"SupportUwpStartupTasks"=1   
"ValidateAdminCodeSignatures"=0   
"undockwithoutlogon"=1   
"dontdisplaylastusername"=0   
"legalnoticecaption"=   
"legalnoticetext"=   
"scforceoption"=0   
"shutdownwithoutlogon"=1   
"SoftwareSASGeneration"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"ForceActiveDesktopOn"=0   
"NoActiveDesktop"=1   
"NoActiveDesktopChanges"=1   
"NoRecentDocsHistory"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=1   
"NoComponents"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1   
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1   
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1   
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1   
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1   
"{871C5380-42A0-1069-A2EA-08002B30309D}"=1   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   
"{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1   
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu]
"{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=1   
"DefaultValue"=2   
"HKeyRoot"=2147483649   
"Id"=2   
"RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced   
"Text"=@shell32.dll,-30500   
"Type"=radio   
"ValueName"=Hidden   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer]
"ActiveSetupDisabled"=0   
"ActiveSetupTaskOverride"=1   
"AsyncRunOnce"=1   
"AsyncUpdatePCSettings"=1   
"DisableAppInstallsOnFirstLogon"=1   
"DisableResolveStoreCategories"=1   
"DisableUpgradeCleanup"=1   
"EarlyAppResolverStart"=1   
"FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}   
"FSIASleepTimeInMs"=60000   
"GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}   
"IconUnderline"=2   
"ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}   
"LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}   
"MachineOobeUpdates"=1   
"NoWaitOnRoamingPayloads"=1   
"TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd}   
"AccessDeniedDialog"={100B4FC8-74C1-470F-B1B7-DD7B6BAE79BD}   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_TrackDocs"=1   
"TaskbarSizeMove"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations]
"Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s   


---------- | Winlogon 

[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders   
"BuildNumber"=18362   
"FirstLogon"=0   
"PUUActive"=0xCC727E6101000F002C007B000F8204009246050092460500D200000002002200B07091D376B10D00AA4F080082E002005EB10200CD62010000000000000000009B440600662100000002000000000000443D4B4C4F69D5010F82040000000000010000000F820400BA470000000000000000000000000000   
"DP"=0xD200E80022000F002E000000CC727E618328D40000000000443D4B4C4F69D5017BB4DCEC2E69D501000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000F03F805101009993000034889024348890250E820080EB2A0160FB2A21605BDE000042AA160C62AA360DA04F00800044040A0044040A69DB00C08130D0208138D120115400C001672405236F24056702008085060352850603563E2700800828220048283204B01B00C028D400622AFC40635DEE0080A30CC019A3ACC21D5BB000C03A0511003A153100   
"ParseAutoexec"=1   

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"AutoRestartShell"=1   
"Background"=0 0 0   
"CachedLogonsCount"=10   
"DebugServerCommand"=no   
"DisableBackButton"=1   
"EnableSIHostIntegration"=1   
"ForceUnlockLogon"=0   
"LegalNoticeCaption"=   
"LegalNoticeText"=   
"PasswordExpiryWarning"=5   
"PowerdownAfterShutdown"=0   
"PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16}   
"ReportBootOk"=1   
"Shell"=explorer.exe   
"ShellCritical"=0   
"ShellInfrastructure"=sihost.exe   
"SiHostCritical"=0   
"SiHostReadyTimeOut"=0   
"SiHostRestartCountLimit"=0   
"SiHostRestartTimeGap"=0   
"VMApplet"=SystemPropertiesPerformance.exe /pagefile   
"WinStationsDisabled"=0   
"scremoveoption"=0   
"LastLogOffEndTimePerfCounter"=401942127   
"ShutdownFlags"=2147483815   
"Userinit"=C:\Windows\system32\userinit.exe,   
"ShutdownWithoutLogon"=0   
"DisableCad"=1   
"EnableFirstLogonAnimation"=1   
"AutoLogonSID"=S-1-5-21-3543355656-3037117862-3061321469-1000   
"LastUsedUsername"=Mugetsu   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]
"DefaultDomainName"=   
"DefaultUserName"=   
"PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16}   
"Shell"=explorer.exe   
"ShellCritical"=0   
"SiHostCritical"=0   
"SiHostReadyTimeOut"=0   
"SiHostRestartCountLimit"=0   
"SiHostRestartTimeGap"=0   


---------- | Associations

[HKLM\Software\Classes\.exe]
""=exefile   

[HKLM\Software\Classes\exefile\Shell\Open\Command]
""="%1" %*   
"IsolatedCommand"="%1" %*   

[HKLM\Software\Classes\.com]
""=comfile   

[HKLM\Software\Classes\comfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.reg]
""=regfile   

[HKLM\Software\Classes\regfile\Shell\Open\Command]
""=regedit.exe "%1"   

[HKLM\Software\Classes\.scr]
""=scrfile   

[HKLM\Software\Classes\scrfile\Shell\Open\Command]
""="%1" /S   

[HKLM\Software\Classes\.bat]
""=batfile   

[HKLM\Software\Classes\batfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.cmd]
""=cmdfile   

[HKLM\Software\Classes\cmdfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.pif]
""=piffile   

[HKLM\Software\Classes\piffile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.inf]
""=inffile   

[HKLM\Software\Classes\inffile\Shell\Open\Command]
""=%SystemRoot%\system32\NOTEPAD.EXE %1   

[HKLM\Software\Classes\.url]
""=InternetShortcut   

[HKLM\Software\Classes\.lnk]
""=lnkfile   

[HKLM\Software\Classes\.hta]
""=htafile   
"Content Type"=application/hta   
"PerceivedType"=text   

[HKLM\Software\Classes\htafile\Shell\Open\Command]
""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %*   

[HKLM\Software\Classes\InternetShortcut]
"EditFlags"=2   
"FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046   
"FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"IsShortcut"=   
"NeverShowExt"=   
"PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment   

[HKLM\Software\Classes\Application.Manifest]
""=Application Manifest   
"BrowserFlags"=4096   
"EditFlags"=4259840   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200   

[HKLM\Software\Classes\Application.Reference]
""=Application Reference   
"EditFlags"=131072   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201   
"IsShortcut"=   
"NeverShowExt"=   

[HKLM\Software\Classes\Folder]
""=Folder   
"AppUserModelID"=Microsoft.Windows.Explorer   
"ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified   
"ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay   
"ContentViewModeLayoutPatternForBrowse"=delta   
"ContentViewModeLayoutPatternForSearch"=alpha   
"EditFlags"=0xD2030000   
"FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus   
"NoRecentDocs"=   
"ThumbnailCutoff"=0   
"TileInfo"=prop:System.Title;System.HomeGroupSharingStatus   

[HKLM\Software\WOW6432Node\Classes\.exe]
""=exefile   

[HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command]
""="%1" %*   
"IsolatedCommand"="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.com]
""=comfile   

[HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.reg]
""=regfile   

[HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command]
""=regedit.exe "%1"   

[HKLM\Software\WOW6432Node\Classes\.scr]
""=scrfile   

[HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command]
""="%1" /S   

[HKLM\Software\WOW6432Node\Classes\.bat]
""=batfile   

[HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.cmd]
""=cmdfile   

[HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.pif]
""=piffile   

[HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.inf]
""=inffile   

[HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command]
""=%SystemRoot%\system32\NOTEPAD.EXE %1   

[HKLM\Software\WOW6432Node\Classes\.url]
""=InternetShortcut   

[HKLM\Software\WOW6432Node\Classes\.lnk]
""=lnkfile   

[HKLM\Software\WOW6432Node\Classes\.hta]
""=htafile   
"Content Type"=application/hta   
"PerceivedType"=text   

[HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command]
""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %*   

[HKLM\Software\WOW6432Node\Classes\InternetShortcut]
"EditFlags"=2   
"FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046   
"FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"IsShortcut"=   
"NeverShowExt"=   
"PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment   

[HKLM\Software\WOW6432Node\Classes\Application.Manifest]
""=Application Manifest   
"BrowserFlags"=4096   
"EditFlags"=4259840   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200   

[HKLM\Software\WOW6432Node\Classes\Application.Reference]
""=Application Reference   
"EditFlags"=131072   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201   
"IsShortcut"=   
"NeverShowExt"=   

[HKLM\Software\WOW6432Node\Classes\Folder]
""=Folder   
"AppUserModelID"=Microsoft.Windows.Explorer   
"ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified   
"ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay   
"ContentViewModeLayoutPatternForBrowse"=delta   
"ContentViewModeLayoutPatternForSearch"=alpha   
"EditFlags"=0xD2030000   
"FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus   
"NoRecentDocs"=   
"ThumbnailCutoff"=0   
"TileInfo"=prop:System.Title;System.HomeGroupSharingStatus   

[HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command]
""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe"   
[HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal

[HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command]
""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"   
[HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser

[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command]
""=   
[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"ReinstallCommand"=

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command]
""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command]
""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command]
""=   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"ReinstallCommand"=


---------- | AppcompatFlags

[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
"SIGN.MEDIA=3A8CAF6 DVDSetup.exe"=1
"E:\outils\Nexus Mod Manager\uninstall\unins000.exe"=1
"C:\Users\Mugetsu\Downloads\SkypeSetup.exe"=1
"C:\Users\Mugetsu\Downloads\rcsetup152.exe"=1
"C:\Users\Mugetsu\AppData\Local\Discord\Update.exe"=1
"C:\Users\Public\Documents\Wondershare\data-recovery_full935.exe"=1
"C:\Program Files\Recuva\uninst.exe"=1
"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe"=32
"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe"=32
"C:\Program Files (x86)\HP\Digital Imaging\{886E586A-9121-4515-9C18-2C04202614B2}\hpzstub.exe"=1

[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\AVAST Software\Avast\avastui.exe"=0x534143500100000000000000070000002800000010975D007A3A5E0001000000000000000000000A0021000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000052433201000000000C0000000C000000
"E:\Outils\Sai 1.1.0\sai.exe"=0x534143500100000000000000070000002800000000101900000000000100000000000000000000067120000033504C2B57DFD101000000000000000005000000100000000000000000000000000000002000000002000000500000000000000020000070000002000000000000000000000000009AB5A000000000002100000021000000000000000000005000000000000000000000000000000000A0869500000000000C00000000000000
"C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe"=0x5341435001000000000000000700000028000000A0250300354C030001000000000000000000010600210000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000DFBC4401000000000700000007000000
"C:\Users\Mugetsu\Downloads\ComicRackSetup09178.exe"=0x5341435001000000000000000700000028000000A7E1B300000000000100000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000018260300000000000100000001000000
"E:\Outils\unity\Editor\Unity.exe"=0x5341435001000000000000000700000028000000D8BD00035B8E010301000000000000000000000A00210000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000D5702D02000000001400000014000000
"C:\Users\Mugetsu\Downloads\GwSetup.exe"=0x534143500100000000000000070000002800000080850200F42503000100000000000000000000067100000019B4C529E312D101000000000000000002000000280000000000000000080040000000000000000000000000000000006C810500000000000100000001000000
"SIGN.MEDIA=3E118 Setup.exe"=0x534143500100000000000000070000002800000078D80300EBC104000100000000000000000001057120000019B4C529E312D10100000000000000000200000028000000000000008008004000000000000000000000000000000000C6690A00000000000100000001000000
"C:\Users\Mugetsu\Downloads\SourceTreeSetup_1.8.3.exe"=0x53414350010000000000000007000000280000003046CE000F89CE0001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000054190000000000000100000001000000
"E:\Outils\SourceTree\SourceTree.exe"=0x5341435001000000000000000700000028000000C8A90F0006A210000100000000000000000001068001000059193B14E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000007F78C800000000000400000004000000
"C:\Windows\SysWOW64\LogiDPPApp.exe"=0x5341435001000000000000000700000028000000689301005FDD01000100000000000000000001067102000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000C4100100000000000200000002000000
"C:\Users\Mugetsu\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe"=0x534143500100000000000000070000002800000010A61400A6A9140001000000000000000000010671220000E63F486B2AA0D20100000080000000000200000028000000000000000000000000000000000000000000000000000000315A010000000000B2010000B2010000
"C:\Users\Mugetsu\Downloads\Razer_Synapse_Framework_V2.20.15.707.exe"=0x534143500100000000000000070000002800000010BA5A01C9CD5A0101000000000000000000000A0021000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000006A610000000000000200000002000000
"C:\Users\Mugetsu\Downloads\Razer_Synapse_Framework_V2.20.15.707 (1).exe"=0x534143500100000000000000070000002800000010BA5A01C9CD5A0101000000000000000000000A0021000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000005B590000000000000100000001000000
"C:\Windows\Installer\Razer Game Scanner Service\RzGSSuninstall.exe"=0x5341435001000000000000000700000028000000003015000000000001000000000000000000000A0021000033504C2B57DFD10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000BE0A0000000000000100000001000000
"C:\Windows\Installer\Razer InGame Engine\uninstall.exe"=0x5341435001000000000000000700000028000000008C1400000000000100000000000000000003060001000033504C2B57DFD1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000075040000000000000100000001000000
"C:\Users\Mugetsu\Downloads\krita-3.0-x64-setup.exe"=0x5341435001000000000000000700000028000000FE93E2030000000001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000CB070100000000000100000001000000
"E:\Outils\Krita (x64)\bin\krita.exe"=0x534143500100000000000000070000002800000000B241009BB9410001000000000000000000000A63200000D5B3B31A57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000029980D00000000000500000005000000
"C:\Users\Mugetsu\Downloads\npp.6.9.2.Installer.exe"=0x5341435001000000000000000700000028000000A841400008F940000100000000000000000001067100000033504C2B57DFD10100000000000000000200000028000000000000000008004000000000000000000000000000000000CCBE0000000000000100000001000000
"E:\Outils\7-Zip\7zFM.exe"=0x5341435001000000000000000700000028000000007006000000000001000000000000000000010671200000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000DA0E5100000000000600000006000000
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\Launcher_Main.exe"=0x5341435001000000000000000700000028000000683D0400228704000100000000000000000001060021000033504C2B57DFD1010000000000000000020000002800000000000000800000001000000000000000000000000000000063AE0600000000000900000009000000
"SIGN.MEDIA=651781CA Dishonored2.exe"=0x5341435001000000000000000700000028000000001B1F00F8321F000100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000008000000000000000000000000000000000000000E8370000000000000200000002000000
"C:\Users\Mugetsu\Downloads\ffxivsetup_ft.exe"=0x53414350010000000000000007000000280000004023B006D39CB0060100000000000000000003060001000033504C2B57DFD1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000010000000000000000000000000000050B60000000000000100000001000000
"E:\jeux\ff14\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe"=0x5341435001000000000000000700000028000000409B3A0077A43A000100000000000000000003067122000033504C2B57DFD10100000000000000000200000028000000000000008000000000020000000000000000000000000000990B0000000000000100000001000000
"SIGN.MEDIA=398A06 Realtek\RTL8187 Wireless LAN Utility\RTxAdmin.exe"=0x534143500100000000000000070000002800000000600000000000000100000000000000000000067120000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000001F000000000000000200000002000000
"E:\jeux\Ankama\Krosmaga\Krosmaga.exe"=0x53414350010000000000000007000000280000003005DF00AC2ADF000100000000000000000002060001000033504C2B57DFD10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000032A4400000000000F0000000F000000
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\VsImmersiveActivateHelper140.exe"=0x5341435001000000000000000700000028000000F8A601000ED601000100000000000000000003060001000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000002F000000000000000100000001000000
"C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe"=0x5341435001000000000000000700000028000000388AC2000A7AC30001000000000000000000000A73220000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000A5160000000000000100000001000000
"E:\Outils\OpenOffice\program\swriter.exe"=0x5341435001000000000000000700000028000000009601001759020001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000013CCE501000000003000000030000000
"C:\Users\Mugetsu\Downloads\Illustrator_Set-Up.exe"=0x5341435001000000000000000700000028000000F8FF1E00BB2E1F0001000000000000000000000A0021000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000011BD8800000000000200000002000000
"C:\Windows\SysWOW64\msiexec.exe"=0x534143500100000000000000070000002800000000E40000F2B301000300000001000000000003060001000033504C2B57DFD1010000000000000000
"E:\Outils\Audacity\unins000.exe"=0x5341435001000000000000000700000028000000C9C11600000000000300000000000000000003060001000033504C2B57DFD101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000200000000000000000000000000004B250000000000000100000001000000
"C:\Users\Mugetsu\Downloads\SuperMeatBoySetup.exe"=0x53414350010000000000000007000000280000002560AA0A000000000100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000378E0000000000000100000001000000
"E:\jeux\Team Meat\SuperMeatBoy\SuperMeatBoy.exe"=0x534143500100000000000000070000002800000000E82E004F5D2F000100000000000000000001067122000033504C2B57DFD101000000000000000002000000A0000000000000060000002000120200000000000000000000000000C4872300000000000200000001000000000000060000006000120200000000000000000000000000620F00000000000001000000000000000000000000000040000000000000000000000000000000003D080000000000000100000000000000000000000000000000120200000000000000000000000000272B0000000000000200000000000000
"C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe"=0x534143500100000000000000070000002800000030010A00EDA70A0001000000000000000000000A0021000033504C2B57DFD101000000C000000000
"C:\Users\Mugetsu\Downloads\cgoban.exe"=0x53414350010000000000000007000000280000001ACFB5020000000001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000972F0100000000000100000001000000
"C:\Users\Mugetsu\Downloads\rcsetup153.exe"=0x534143500100000000000000070000002800000060E254009B9B55000100000000000000000001060001000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000069BA0600000000000100000001000000
"C:\Users\Mugetsu\Downloads\aida64extreme580.exe"=0x534143500100000000000000070000002800000048D0EE021B23EF020100000000000000000003060001000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000DE730C00000000000100000001000000
"E:\Outils\AIDA64 Extreme\aida64.exe"=0x5341435001000000000000000700000028000000D01F2B01DA7B2B0101000000000000000000000A0021000033504C2B57DFD1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000056DF0300000000000100000001000000
"C:\Users\Mugetsu\Downloads\Heroes-of-the-Storm-Setup (1).exe"=0x5341435001000000000000000700000028000000F00533001C3B330001000000000000000000000A0021000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000098A40100000000000100000001000000
"C:\Users\Mugetsu\Downloads\GameMakerStudio-Installer-2.0.5.77.exe"=0x5341435001000000000000000700000028000000F0626B0ACFE66B0A0100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000A7360200000000000100000001000000
"C:\Users\Mugetsu\Downloads\Git-2.12.2-64-bit.exe"=0x534143500100000000000000070000002800000050E53502BDAB360201000000000000000000000A0021000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000046CF0000000000000100000001000000
"E:\Outils\Git\cmd\git-gui.exe"=0x5341435001000000000000000700000028000000E84C0200B494020001000000000000000000000A00210000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000EAEB0301000000000200000002000000
"C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\HelpMain\launchershortcut.exe"=0x534143500100000000000000070000002800000068D5010089CA02000100000000000000000001060021000033504C2B57DFD10100000000000000000200000028000000000000008000000000000000000000000000000000000000AD871400000000000200000002000000
"C:\Users\Mugetsu\Downloads\OBS-Studio-18.0.1-Full-Installer.exe"=0x5341435001000000000000000700000028000000C0C5BC06FD1EBD0601000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000EF770000000000000200000002000000
"C:\Program Files\Windows NT\Accessories\wordpad.exe"=0x534143500100000000000000070000002800000000AA440006DE440001000000010000000000000A73220000D5B3B31A57DFD1010000000000000000
"E:\Outils\Notepad++\notepad++.exe"=0x5341435001000000000000000700000028000000B0562300AA95230001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000500000000000000000000010000000000000000000000000000000008F32F30100000000080000000800000000000000000000000000000000000000000000000000000093F71300000000000600000000000000
"SIGN.MEDIA=BBE5CF4 Le roi nu.exe"=0x534143500100000000000000070000002800000064596306000000000100000000000000000001057120000033504C2B57DFD10100000000000000000200000028000000000000000000000000040000000000000000000000000000C80B0000000000000100000001000000
"E:\Outils\VLC\vlc.exe"=0x5341435001000000000000000700000028000000C01702006E31020001000000000000000000000A61220000631F6E6F0EDED4010000000000000000020000002800000000000000000000100000000000000000000000000000000079033500000000000600000006000000
"C:\Users\Mugetsu\Downloads\Heroes-of-the-Storm-Setup.exe"=0x5341435001000000000000000700000028000000F00533001C3B330001000000000000000000000A0021000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000008E1F0000000000000100000001000000
"F:\jeux\HoTs\HOTS Logs Uploader.exe"=0x5341435001000000000000000700000028000000008A19000000000001000000000000000000000AF5200000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000001D52E206000000001900000019000000
"C:\Users\Mugetsu\Downloads\mumble-1.2.19_plus_MumbleComSkin.exe"=0x5341435001000000000000000700000028000000A0DCEA008F65EB0001000000000000000000010600010000E63F486B2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000987B0000000000000100000001000000
"F:\jeux\gw2\Gw2.exe"=0x53414350010000000000000002000000280000000000000000000000000000000000000000000000000000001D1701000000000001000000010000000700000028000000F8E37D01E7F87D0101000000000000000000020600010000631F6E6F0EDED4010000000000000000
"C:\Users\Mugetsu\Downloads\OverwolfTeamSpeakInstaller.exe"=0x534143500100000000000000070000002800000058200E00AB540E0001000000000000000000030600010000E63F486B2AA0D201000000000000000002000000280000000000000000000040000000000000000000000000000000001E5F0200000000000100000001000000
"C:\Program Files\Windows Photo Viewer\ImagingDevices.exe"=0x534143500100000000000000070000002800000040990100B7DA010001000000010000000000000A63220000E78E163C2AA0D2010000000000000000
"C:\Users\Mugetsu\Downloads\GeForce_Experience_v3.6.0.74.exe"=0x5341435001000000000000000700000028000000402C230587EC230501000000000000000000020600010000E63F486B2AA0D2010000000000000000020000002800000000000000000000400000000000000000000000000000000060870000000000000100000001000000
"C:\Users\Mugetsu\Downloads\vs_community__1048033320.1497810863.exe"=0x5341435001000000000000000700000028000000D8E40F0015AE100001000000000000000000000A00210000E63F486B2AA0D2010000000000000000
"C:\Users\Mugetsu\Downloads\MXMInstaller.exe"=0x5341435001000000000000000700000028000000A0F0DF05C63FE00501000000000000000000010600010000E63F486B2AA0D201000000000000000002000000280000000000000000000040000000000000000000000000000000002A979F00000000000100000001000000
"E:\jeux\NCsoft\NC Launcher\NCLauncherMatryoshka.exe"=0x5341435001000000000000000700000028000000704E0800C9AC080001000000000000000000000A71220000E63F486B2AA0D2010000000000000000050000001000000000000000000000000000000080000000020000002800000000000000800000000000000000000000000000000000000091290000000000000100000001000000
"E:\jeux\NCsoft\NC Launcher\NCLauncherS.exe"=0x534143500100000000000000070000002800000070D267000C91680001000000000000000000000A71220000E63F486B2AA0D20100000000000000000500000010000000000000000000000000000000800000000200000028000000000000008000004002000000000000000000000000000000856F5500000000000A0000000A000000
"C:\Program Files\Recuva\recuva64.exe"=0x5341435001000000000000000700000028000000D8A24B00213C4C0001000000000000000000000A73220000E78E163C2AA0D201000000000000000002000000280000000000000000000040000000000000000000000000000000009C030300000000000200000002000000
"C:\Users\Mugetsu\Downloads\audacity-win-2-1-2.exe"=0x5341435001000000000000000700000028000000F94E94010000000001000000000000000000000A00210000E63F486B2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000C0500000000000000100000001000000
"E:\Outils\Audacity\audacity.exe"=0x534143500100000000000000070000002800000000B88D000000000001000000000000000000000A71220000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000029892A00000000000200000002000000
"C:\Users\Mugetsu\Downloads\GameMakerStudio-Installer-2.0.7.171.exe"=0x534143500100000000000000070000002800000050ABAA0AAFFEAA0A01000000000000000000010600010000E63F486B2AA0D2010000000000000000020000002800000000000000000000400000000000000000000000000000000085F70C00000000000200000002000000
"E:\Outils\GameMaker Studio 2\GameMakerStudio.exe"=0x5341435001000000000000000700000028000000E0F701004390020001000000000000000000000A80210000E78E163C2AA0D201000000000000000002000000280000000000000000000000000000000000000000000000000000000C231300000000000200000002000000
"E:\Outils\gamemaker studio\GameMaker-Studio 1.4\GameMaker_Player.exe"=0x53414350010000000000000007000000280000002E3543020000000001000000000000000000010600010000E63F486B2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000B6EE0000000000000100000001000000
"E:\Outils\gamemaker studio\GameMakerPlayer\GameMakerPlayer.exe"=0x534143500100000000000000070000002800000000043D0011C23D0001000000000000000000000A71220000E63F486B2AA0D2010000000000000000020000002800000000000000000000000200000000000000000000000000000027010700000000000100000001000000
"E:\jeux\My_First_Game1.exe"=0x5341435001000000000000000700000028000000B9CA2A000000000001000000000000000000010600010000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000753F0100000000000100000001000000
"E:\Outils\OpenOffice\program\scalc.exe"=0x534143500100000000000000070000002800000000960100491B020001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000BC912200000000001200000012000000
"C:\Users\Mugetsu\Downloads\malwarebytes-anti-malware_2-2-1-1043_fr_215092.exe"=0x534143500100000000000000070000002800000090AF5C017A9F5D0101000000000000000000000A00210000E63F486B2AA0D2010000000000000000020000002800000000000000000000400000000000000000000000000000000046275E00000000000100000001000000
"C:\Users\Mugetsu\Downloads\jdk-8u144-windows-x64.exe"=0x534143500100000000000000070000002800000038685C0C30DE5C0C01000000000000000000000A73220000E78E163C2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000EDF20300000000000100000001000000
"E:\Outils\eclipse\eclipse\eclipse.exe"=0x534143500100000000000000070000002800000000C60400BD47050001000000000000000000000A73200000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A0754B00000000000100000001000000
"C:\Users\Mugetsu\Downloads\GMStudio-Installer-1.4.1763.exe"=0x534143500100000000000000070000002800000008D02C07DB4E2D0701000000000000000000010600010000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000173D1400000000000100000001000000
"C:\Program Files\Logitech Gaming Software\LU_1\LogitechUpdate.exe"=0x5341435001000000000000000700000028000000188D1F00D466200001000000000000000000020671020000E63F486B2AA0D20100000080000000000200000028000000000000000000000000000000000000000000000000000000B4A33E00000000000900000009000000
"C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe"=0x5341435001000000000000000700000028000000785E06008B3A070001000000000000000000000A71220000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000056E50901000000000300000003000000
"C:\Program Files\Logitech Gaming Software\LU_1\LULnchr.exe"=0x5341435001000000000000000700000028000000186905005920060001000000000000000000020671020000631F6E6F0EDED401000000800000000002000000280000000000000000000000000000000000000000000000000000007E89010000000000B7020000B7020000
"C:\Program Files (x86)\Common Files\Overwolf\0.107.254.0\OverwolfHelper.exe"=0x5341435001000000000000000700000028000000B0660100474B020001000000000000000000000A71220000E63F486B2AA0D2010000000000000000050000001000000000000000000000000000000080000000020000002800000000000000800000400000000000000000000000000000000031EE4F03000000000300000003000000
"C:\Program Files (x86)\Common Files\Overwolf\0.107.254.0\OverwolfHelper64.exe"=0x5341435001000000000000000700000028000000A8880100354B020001000000000000000000000A73220000E78E163C2AA0D20100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000C3ED4F03000000000300000003000000
"C:\Users\Mugetsu\Downloads\Razer_Synapse_Installer_v2.21.00.830.exe"=0x5341435001000000000000000700000028000000F0B18F01E8DB8F0101000000000000000000000A00210000E63F486B2AA0D201000000000000000002000000280000000000000000000040000000000000000000000000000000005AF80A00000000000600000006000000
"E:\Steam\steamapps\common\ProjectZomboid\PZServerSettings.exe"=0x534143500100000000000000070000002800000000F4000000000000010000000000000000000306F1020000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000DB1A0000000000000100000001000000
"E:\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.bat"=0x53414350010000000000000007000000280000000026040017C9040001000000000000000000010500100000E78E163C2AA0D2010000000000000000
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"=0x5341435001000000000000000700000028000000B81A0900E4C5090001000000000000000000000A80210000E63F486B2AA0D20100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000BB767C00000000000300000003000000
"C:\Users\Mugetsu\Downloads\Razer_Synapse_Installer_v2.21.00.830 (1).exe"=0x5341435001000000000000000700000028000000F0B18F01E8DB8F0101000000000000000000000A00210000E63F486B2AA0D2010000000000000000020000002800000000000000000000400000000000000000000000000000000004720000000000000100000001000000
"C:\Program Files (x86)\Common Files\Razer\rig\32bit\rzigehlp.exe"=0x534143500100000000000000070000002800000010ED0100B7AD020001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000407D1412000000004302000043020000
"C:\ProgramData\Oracle\Java\javapath_target_127232671\javaw.exe"=0x53414350010000000000000007000000280000004028030074CD030001000000000000000000000A00210000E78E163C2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000D3A30300000000000100000001000000
"C:\Users\Mugetsu\Downloads\kobosetup.exe"=0x534143500100000000000000070000002800000020A558039F5C590301000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000041C20100000000000100000001000000
"C:\Users\Mugetsu\Downloads\R-3.4.3-win.exe"=0x534143500100000000000000070000002800000017F0E8040000000001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000012B60000000000000100000001000000
"C:\Users\Mugetsu\Downloads\RStudio-1.1.423.exe"=0x534143500100000000000000070000002800000058115D05FBB45D0501000000000000000000000A71200000DB80FDAC2839D301000000000000000002000000280000000000000000080040000000000000000000000000000000000A980000000000000100000001000000
"C:\Program Files\RStudio\bin\rstudio.exe"=0x5341435001000000000000000700000028000000DCED820063F5820001000000000000000000010600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000068010701000000000200000002000000
"C:\Users\Mugetsu\AppData\Local\FluxSoftware\Flux\flux.exe"=0x5341435001000000000000000700000028000000F89D1900EDC2190001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000003E6A5A00000000000100000001000000
"E:\Outils\Malwarebytes Anti-Malware\mbam.exe"=0x5341435001000000000000000700000028000000E0759700E487970001000000000000000000000A71220000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000060CA0100000000000100000001000000
"C:\Users\Mugetsu\Downloads\dofus.exe"=0x5341435001000000000000000700000028000000608662002955630001000000000000000000020600010000BFA2139DEDD1D30100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000100000000000000000000000000000EF230100000000000100000001000000
"E:\jeux\Ankama\Dofus\Dofus.exe"=0x5341435001000000000000000700000028000000608662002955630001000000000000000000020600010000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000049D32F00000000000200000002000000
"E:\Outils\BSO\obs-studio\bin\64bit\obs64.exe"=0x5341435001000000000000000700000028000000100E29001EE5290001000000000000000000000A73220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000041A64601000000000300000003000000
"E:\jeux\teeworlds-0.6.4-win32\teeworlds.exe"=0x534143500100000000000000070000002800000000D20D000000000001000000000000000000000A71200000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A5D40A00000000000A0000000A000000
"E:\Outils\OpenOffice\program\soffice.exe"=0x5341435001000000000000000700000028000000001A9600AE40960001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000
"E:\jeux\LoE_Launcher\LoE-Launcher.exe"=0x534143500100000000000000070000002800000000CA27000000000001000000000000000000000A75220000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000007D384A00000000000600000006000000
"C:\Users\Mugetsu\Downloads\Detection.exe"=0x5341435001000000000000000700000028000000A0024E008E9D4E0001000000000000000000000A73220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000C5570000000000000100000001000000
"E:\Outils\Teamspeak\ts3client_win64.exe"=0x5341435001000000000000000700000028000000980EE8009C78E80001000000000000000000000A73220000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000E9E38000000000000500000005000000
"C:\Users\Mugetsu\Downloads\398.82-desktop-win10-64bit-international-whql.exe"=0x534143500100000000000000070000002800000048CF9F1EA96CA01E01000000000000000000020600010000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000EB6B1000000000000100000001000000
"C:\Users\Mugetsu\Downloads\League of Legends installer EUW.exe"=0x5341435001000000000000000700000028000000C88B13052FBD130501000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000091AB300000000000100000001000000
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"=0x5341435001000000000000000700000028000000C8FB0500679F060001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000
"C:\Users\Mugetsu\Downloads\GMStudio-Installer-1.4.9999.exe"=0x5341435001000000000000000700000028000000C868E4045EB1E40401000000000000000000010600010000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000097450600000000000100000001000000
"E:\Outils\gamemaker studio\GameMaker-Studio 1.4\GameMaker-Studio.exe"=0x5341435001000000000000000700000028000000E0730300E007040001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000D4B89000000000000800000008000000
"C:\Program Files (x86)\Ralink\Common\RaUI.exe"=0x5341435001000000000000000700000028000000905BEE00797FEE0001000000000000000000010671000000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000FA000000000000000400000004000000
"C:\Program Files (x86)\Kobo\Kobo.exe"=0x53414350010000000000000007000000280000009017220048A4220001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000007110000000000000100000001000000
"E:\Outils\JRE\bin\javaw.exe"=0x53414350010000000000000007000000280000004028030074CD030001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000BB000000000000000100000001000000
"E:\scrivener\Scrivener.exe"=0x5341435001000000000000000700000028000000A8DC4E019E034F0101000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000002000006000000000000000000000000000000000191FCE01000000000A0000000A000000
"C:\Users\Mugetsu\Downloads\SURVEY_PROGRAM_WINDOWS_ENGLISH.exe"=0x534143500100000000000000070000002800000066EBD3040000000001000000000000000000010600010000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000006A640600000000000100000001000000
"E:\jeux\SURVEY_PROGRAM\DELTARUNE.exe"=0x5341435001000000000000000700000028000000009E4A005BD2490001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000082480000000000000100000001000000
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe"=0x534143500100000000000000070000002800000068F7F7029706F80201000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000100000000000000000000000000000000043070000000000000100000001000000
"SIGN.MEDIA=5DF752A AutoRun.exe"=0x5341435001000000000000000700000028000000009001000000000001000000000000000000010571200000BFA2139DEDD1D30100000000000000000200000028000000000000008000000000000000000000000000000000000000EA7E0200000000000100000001000000
"C:\Users\Mugetsu\Downloads\windirstat1_1_2_setup.exe"=0x534143500100000000000000070000002800000061DA09000000000001000000000000000000000671000000BFA2139DEDD1D301000000000000000002000000280000000000000000080040000000000000000000000000000000006F711C00000000000100000001000000
"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe"=0x5341435001000000000000000700000028000000F0C91A00C4951B0001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000007A7B0000000000000200000002000000
"C:\Program Files\Logitech Gaming Software\LCore.exe"=0x5341435001000000000000000700000028000000787A1201470B130101000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000081020000000000000200000002000000
"C:\Users\Mugetsu\Downloads\Teams_windows_x64.exe"=0x534143500100000000000000070000002800000070A557053152580501000000000000000000030600010000BFA2139DEDD1D3010000000000000000
"C:\Users\Mugetsu\AppData\Local\Microsoft\OneDrive\19.002.0107.0008\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000308104006ACC040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000
"C:\Users\Mugetsu\Downloads\PS_AIO_03_C4400_NonNet_Full_Win_WW_140_404-4.exe"=0x53414350010000000000000007000000280000009011280B0AA0280B01000000000000000000010600010000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000248F4B06000000000100000001000000
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe"=0x5341435001000000000000000700000028000000008008000000000001000000000000000000000A73200000BFA2139DEDD1D301000000000000000002000000280000000000000000000010000000000000000000000000000000005A1EC902000000000E0000000E000000
"C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe"=0x534143500100000000000000070000002800000048B600006317010001000000000000000000000A73220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000D03B0000000000000200000002000000
"C:\Program Files\CCleaner\CCleaner.exe"=0x5341435001000000000000000700000028000000D81E7000A486700001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000100000000000000000000000000000000038010000000000000100000001000000
"C:\Users\Mugetsu\Downloads\ccsetup555_rtb.exe"=0x534143500100000000000000070000002800000020243F0146B13F0101000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000000C095800000000000100000001000000
"C:\Users\Mugetsu\AppData\Local\Discord\Update.exe"=0x5341435001000000000000000700000028000000583F1700E87E170001000000000000000000000A75220000631F6E6F0EDED401000000000000000002000000280000000000000000000000040000000000000000000000000000003A5EFD04000000002F0000002F000000
"E:\jeux\Lol\LeagueClient.exe"=0x5341435001000000000000000700000028000000D8074E00BC624E0001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000CE2B3900000000000100000001000000
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe"=0x5341435001000000000000000700000028000000007E08000000000001000000000000000000000A73200000BFA2139DEDD1D30100000000000000000200000028000000000000000000001000000000000000000000000000000000677FA503000000002000000020000000
"E:\Outils\Git\git-bash.exe"=0x5341435001000000000000000700000028000000E8500200AAB5020001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000038780100000000000100000001000000
"C:\Users\Mugetsu\Downloads\Git-2.21.0-64-bit.exe"=0x5341435001000000000000000700000028000000C0E7C202A783C30201000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A7B90100000000000100000001000000
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe"=0x534143500100000000000000070000002800000000EA08000000000001000000000000000000000A73200000BFA2139DEDD1D30100000000000000000200000028000000000000000000001000000000000000000000000000000000CA037001000000000800000008000000
"E:\jeux\MineCraft\MinecraftLauncher.exe"=0x5341435001000000000000000700000028000000804917001867170001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000080000000000000000000000000000000000000000EBA7C00000000000900000009000000
"C:\Users\Mugetsu\AppData\Local\Temp\jre-8u211-windows-au.exe"=0x534143500100000000000000070000002800000060411F007902200001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000535E0200000000000100000001000000
"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe"=0x5341435001000000000000000700000028000000582F07007005080001000000000000000000000A71220000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000002D40E800000000000200000002000000
"E:\Steam\bin\steamservice.exe"=0x534143500100000000000000070000002800000020DD190081CE1A0001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000B2A30000000000000200000002000000
"E:\Outils\Nexus Mod Manager\NexusClient.exe"=0x5341435001000000000000000700000028000000A89C2E007DC92E0001000000000000000000000A75220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000066CF0000000000000100000001000000
"C:\Program Files\Black Tree Gaming Ltd\Vortex\Vortex.exe"=0x53414350010000000000000007000000280000007823970570B1970501000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000050000000000000000000000000000000000000000000000000000000D365030100000000020000000200000000000000000000400000000000000000000000000000000033360000000000000100000000000000
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe"=0x534143500100000000000000070000002800000000EA08000000000001000000000000000000000A73200000BFA2139DEDD1D30100000000000000000200000028000000000000000000001000000000000000000000000000000000E1DC4403000000002A0000002A000000
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe"=0x5341435001000000000000000700000028000000008C02004C22030001000000010000000000000A61220000BFA2139DEDD1D3010000000000000000
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe"=0x534143500100000000000000070000002800000000EA08000000000001000000000000000000000A73200000BFA2139DEDD1D301000000000000000002000000280000000000000000000010000000000000000000000000000000008C8D0803000000001900000019000000
"E:\Outils\mumble\mumble.exe"=0x5341435001000000000000000700000028000000002D04007FA2040001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000002000006000000000000000000000000000000000580DF201000000001800000018000000
"C:\Program Files (x86)\Windows Live\Mail\wlmail.exe"=0x5341435001000000000000000700000028000000C88E01004EE2010001000000000000000000030671220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000071540F00000000000100000001000000
"E:\Steam\Steam.exe"=0x534143500100000000000000070000002800000020FD30006B1D310001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000001F000000000000000100000001000000
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe"=0x534143500100000000000000070000002800000000E60C000000000001000000000000000000000A73200000BFA2139DEDD1D3010000000000000000020000002800000000000000000000100000000000000000000000000000000092E75703000000001400000014000000
"C:\Users\Mugetsu\Downloads\ffxivsetup.exe"=0x53414350010000000000000007000000280000002848AE01972CAF0101000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000046000500000000000300000003000000
"E:\jeux\ff14\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe"=0x534143500100000000000000070000002800000028840F00EB2E100001000000000000000000000A71200000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000039CE0E00000000000500000005000000
"C:\Program Files\CCleaner\CCleaner64.exe"=0x5341435001000000000000000700000028000000782757018659570101000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000004F569700000000000100000001000000
"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayService.exe"=0x534143500100000000000000070000002800000058B75E00A7E75E0001000000000000000000000A71220000BFA2139DEDD1D301000000000000000002000000280000000000000080000000000000000000000000000000000000007C080000000000000100000001000000
"C:\Users\Mugetsu\AppData\Local\Temp\e3080aa2-e9a6-4928-9a52-1a80c054293e\setup.exe"=0x534143500100000000000000070000002800000090F2070042B0080001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000800000400000000000000000000000000000000094F90300000000000100000001000000
"C:\ProgramData\NVIDIA Corporation\Downloader\PostProcessing\GFE\920c23fb7471819f37d81760e38997e7\setup.exe"=0x5341435001000000000000000700000028000000385307009857070001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000E5BF0000000000000100000001000000
"C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe"=0x5341435001000000000000000700000028000000A05E03005CC5030001000000000000000000000A00210000631F6E6F0EDED401000000000000000002000000280000000000000080000000000000000000000000000000000000002330B600000000000200000002000000
"E:\Outils\VB\VirtualBox.exe"=0x534143500100000000000000070000002800000008D120008940210001000000000000000000000A73200000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000FB4FF601000000000500000005000000
"E:\Outils\VB\VBoxExtPackHelperApp.exe"=0x5341435001000000000000000700000028000000D8FD00006041010001000000000000000000000A73200000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000007F120000000000000100000001000000
"C:\Users\Mugetsu\AppData\Local\Temp\Temp1_MSIAfterburnerSetup.zip\MSIAfterburnerSetup461.exe"=0x5341435001000000000000000700000028000000C803D8025809D80201000000000000000000010600010000BFA2139DEDD1D3010000000000000000
"E:\Outils\msiafterburner\MSI Afterburner\MSIAfterburner.exe"=0x5341435001000000000000000700000028000000F0ED0B00B1F70B0001000000000000000000000A71220000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000BF609700000000000400000004000000
"E:\Outils\7-Zip\7zG.exe"=0x5341435001000000000000000700000028000000007A03000000000001000000000000000000010671200000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000020200000000000000000000000000F2040000000000000100000001000000
"E:\Steam\steamapps\common\Break the Game\BTG\BTGwithEditor.exe"=0x5341435001000000000000000700000028000000009A1D000000000001000000000000000000000A71220000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000007A350600000000000200000002000000
"C:\Program Files (x86)\HP\Digital Imaging\{886E586A-9121-4515-9C18-2C04202614B2}\hpzstub.exe"=0x5341435001000000000000000700000028000000905F0A00A64A0B0001000000000000000000010600210000631F6E6F0EDED40100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000099B7600000000000200000002000000
"C:\Users\Mugetsu\AppData\Local\Temp\Razer\RzUpdater\RzUpdateManager.exe"=0x5341435001000000000000000700000028000000C8DE0800540A090001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000008F6D0000000000000100000001000000
"E:\Outils\FurMark\FurMark.exe"=0x534143500100000000000000070000002800000000B828000000000001000000000000000000000A71200000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000004C1D00000000000300000003000000
"C:\ProgramData\NVIDIA Corporation\Downloader\74ed991dbf060857a635d4444305667a\GeForce_Experience_Update_v3.20.0.105_Official_4E4BAD.exe"=0x534143500100000000000000070000002800000050EA43074814440701000000000000000000020600010000BFA2139DEDD1D3010000000000000000020000002800000000000000000000400000000000000000000000000000000035B00000000000000100000001000000
"C:\Users\Mugetsu\AppData\Roaming\Microsoft\Skype for Desktop\Skype-Setup.exe"=0x534143500100000000000000070000002800000088991604BA07170401000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000172B0000000000000100000001000000
"E:\Outils\VB\VBoxSVC.exe"=0x534143500100000000000000070000002800000000AF54001B58550001000000000000000000000A73200000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000380E0000000000000200000002000000
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"=0x5341435001000000000000000700000028000000F09D19000DAF190001000000000000000000000A00210000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000014543402000000000F0000000F000000
"C:\Users\Mugetsu\Downloads\OCCT5.3.2.exe"=0x534143500100000000000000070000002800000000822001A754210101000000000000000000000A73220000631F6E6F0EDED4010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000062991700000000000300000003000000
"C:\Program Files\Speccy\Speccy64.exe"=0x5341435001000000000000000700000028000000D8206A00FA936A0001000000000000000000000A73220000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000DEF70D00000000000400000004000000
"F:\jeux\gw2\Gw2-64.exe"=0x5341435001000000000000000700000028000000A84A10025DDF100201000000000000000000020600010000631F6E6F0EDED401000000000000000002000000280000000000000000000000000000000000000000000000000000007D3EC600000000002D0000002D000000
"E:\Outils\OCCT5.3.2.exe"=0x534143500100000000000000070000002800000000822001A754210101000000000000000000000A73220000631F6E6F0EDED4010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000079FE0900000000000100000001000000
"C:\ProgramData\NVIDIA Corporation\Downloader\latest\setup.exe"=0x534143500100000000000000070000002800000028D207002C15080001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000856C0000000000000100000001000000
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe"=0x534143500100000000000000070000002800000038FB090080FF090001000000000000000000000A71200000631F6E6F0EDED4010000000000000000020000002800000000000000800000000000000000000000000000000000000057010000000000000100000001000000
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"=0x5341435001000000000000000700000028000000608432009488320001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000B1464B00000000000100000001000000
"C:\Program Files\Speccy\Speccy.exe"=0x5341435001000000000000000700000028000000D8204E00E5A24E0001000000000000000000000A71220000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000B0070000000000000100000001000000
"C:\Users\Mugetsu\Downloads\QuickDiag.exe"=0x534143500100000000000000070000002800000098094F009D3C4F0001000000000000000000000A00210000631F6E6F0EDED4010000000000000000


---------- | IFEO


---------- | Mountpoints2


---------- | Windows

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows   
"APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"Beep"=#USR:Control Panel\Sound   
"CoolSwitch"=USR:Control Panel\Desktop   
"DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW   
"DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DoubleClickHeight"=#USR:Control Panel\Mouse   
"DoubleClickSpeed"=#USR:Control Panel\Mouse   
"DoubleClickWidth"=#USR:Control Panel\Mouse   
"DragFullWindows"=USR:Control Panel\Desktop   
"InitialKeyboardIndicators"=USR:Control Panel\Keyboard   
"LowPowerActive"=#USR:Control Panel\Desktop   
"LowPowerTimeOut"=#USR:Control Panel\Desktop   
"MouseSpeed"=#USR:Control Panel\Mouse   
"MouseThreshold1"=#USR:Control Panel\Mouse   
"MouseThreshold2"=#USR:Control Panel\Mouse   
"PowerOffActive"=#USR:Control Panel\Desktop   
"PowerOffTimeOut"=#USR:Control Panel\Desktop   
"ScreenSaveActive"=#USR:Control Panel\Desktop   
"ScreenSaveTimeOut"=#USR:Control Panel\Desktop   
"SnapToDefaultButton"=#USR:Control Panel\Mouse   
"Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows   
"SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"SwapMouseButtons"=#USR:Control Panel\Mouse   
"TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot   
"ScreenSaverActive"=USR:Control Panel\Desktop   
"ScreenSaverIsSecure"=USR:Control Panel\Desktop   
"SCRNSAVE.EXE"=USR:Control Panel\Desktop   
"Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
"APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"Beep"=#USR:Control Panel\Sound   
"CoolSwitch"=USR:Control Panel\Desktop   
"DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW   
"DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DoubleClickHeight"=#USR:Control Panel\Mouse   
"DoubleClickSpeed"=#USR:Control Panel\Mouse   
"DoubleClickWidth"=#USR:Control Panel\Mouse   
"DragFullWindows"=USR:Control Panel\Desktop   
"InitialKeyboardIndicators"=USR:Control Panel\Keyboard   
"LowPowerActive"=#USR:Control Panel\Desktop   
"LowPowerTimeOut"=#USR:Control Panel\Desktop   
"MouseSpeed"=#USR:Control Panel\Mouse   
"MouseThreshold1"=#USR:Control Panel\Mouse   
"MouseThreshold2"=#USR:Control Panel\Mouse   
"PowerOffActive"=#USR:Control Panel\Desktop   
"PowerOffTimeOut"=#USR:Control Panel\Desktop   
"ScreenSaveActive"=#USR:Control Panel\Desktop   
"ScreenSaveTimeOut"=#USR:Control Panel\Desktop   
"SnapToDefaultButton"=#USR:Control Panel\Mouse   
"SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"SwapMouseButtons"=#USR:Control Panel\Mouse   
"TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot   
"ScreenSaverActive"=USR:Control Panel\Desktop   
"ScreenSaverIsSecure"=USR:Control Panel\Desktop   
"SCRNSAVE.EXE"=USR:Control Panel\Desktop   
"Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon   

[HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems]
"windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

---------- | Security center

[HKLM\SOFTWARE\Microsoft\Security Center]
"cval"=1

[HKLM\SOFTWARE\Microsoft\Security Center\svc]
"VistaSp1"=132115660911061739

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender
"ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100
"ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000
"DisableAntiSpyware"=1
"RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe
"ProductType"=2
"ManagedDefenderProductType"=0
"ProductStatus"=0
"InstallTime"=0x507322D03693D101
"DisableAntiVirus"=1
"InstallLocation"=C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.5-0\
"LastEnabledTime"=0x9F690A837E5ED501
"OOBEInstallTime"=0x413E50A07E5ED501

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=1


---------- | Safeboot

[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinQuic]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

---------- | Winsock (Whitelist)


---------- | Hosts

[31] More lines

---------- | Ping

Envoi d'une requ?te 'ping' sur google.com [216.58.201.238] avec 32 octets de donn?es?:
R?ponse de 216.58.201.238?: octets=32 temps=9 ms TTL=54
R?ponse de 216.58.201.238?: octets=32 temps=8 ms TTL=54
R?ponse de 216.58.201.238?: octets=32 temps=9 ms TTL=54
R?ponse de 216.58.201.238?: octets=32 temps=9 ms TTL=54

Statistiques Ping pour 216.58.201.238:
    Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%),
Dur?e approximative des boucles en millisecondes :
    Minimum = 8ms, Maximum = 9ms, Moyenne = 8ms

---------- | @

[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Microsoft\Internet Explorer\Main]
"Anchor Underline"=yes
"Disable Script Debugger"=yes
"DisableScriptDebuggerIE"=yes
"Display Inline Images"=yes
"Do404Search"=0x01000000
"Save_Session_History_On_Exit"=no
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Show_FullURL"=no
"Show_StatusBar"=yes
"Show_ToolBar"=yes
"Show_URLinStatusBar"=yes
"Show_URLToolBar"=yes
"Use_DlgBox_Colors"=yes
"UseClearType"=no
"XMLHTTP"=1
"Cache_Update_Frequency"=Once_Per_Session
"Local Page"=C:\Windows\system32\blank.htm
"NoUpdateCheck"=1
"Enable Browser Extensions"=yes
"Play_Background_Sounds"=yes
"Play_Animations"=yes
"Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"CompatibilityFlags"=0
"FullScreen"=no
"Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF270000002700000047030000A7020000
"IE8RunOnceLastShown"=1
"IE8RunOnceLastShown_TIMESTAMP"=0x915C94B312AAD001
"IE8TourShown"=1
"IE8TourShownTime"=0x9FEA10B512AAD001
"OperationalData"=13
"ImageStoreRandomFolder"=z0nyv5d
"IE10RunOnceLastShown"=1
"IE10RunOnceLastShown_TIMESTAMP"=0xA1536976861FD101
"IE10TourShown"=1
"IE10TourShownTime"=0xEDE0AA4BFCF4D101
"DoNotTrack"=1
"IE10RunOncePerInstallCompleted"=1
"IE10RunOnceCompletionTime"=0xEDE0AA4BFCF4D101
"NotifyDownloadComplete"=yes
"ApplicationTileImmersiveActivation"=0
"AssociationActivationMode"=2
"EdgeSwitchingOSBuildNumber"=10586.th2_release_sec.160223-1728
"AutoHide"=yes

[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"DisableCachingOfSSLPages"=0
"IE5_UA_Backup_Flag"=5.0
"SecureProtocols"=2688
"CertificateRevocation"=1
"PrivacyAdvanced"=0
"EnableNegotiate"=1
"MigrateProxy"=1
"ProxyEnable"=0
"User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32)
"EmailName"=User@
"PrivDiscUiShown"=1
"EnableHttp1_1"=1
"WarnOnIntranet"=1
"MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges 
"AutoConfigProxy"=wininet.dll
"UseSchannelDirectly"=0x01000000
"WarnOnPost"=0x01000000
"UrlEncoding"=0
"ZonesSecurityUpgrade"=0xEDE0AA4BFCF4D101
"WarnonZoneCrossing"=0
"GlobalUserOffline"=0
"LockDatabase"=132127414384405219

[HKLM\Software\Microsoft\Internet Explorer\Main]
"ApplicationTileImmersiveActivation"=1
"AssociationActivationMode"=0
"AutoHide"=yes
"Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141

[HKLM\Software\Microsoft\Internet Explorer\AboutURLs]
"blank"=res://mshtml.dll/blank.htm
"DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm
"Home"=270
"InPrivate"=res://ieframe.dll/inprivate.htm
"NavigationCanceled"=res://ieframe.dll/navcancl.htm
"NavigationFailure"=res://ieframe.dll/navcancl.htm
"NoAdd-ons"=res://ieframe.dll/noaddon.htm
"NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm
"PostNotCached"=res://ieframe.dll/repost.htm
"SecurityRisk"=res://ieframe.dll/securityatrisk.htm

[HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"ftp"=ftp://
"home"=http://
"mosaic"=http://
"www"=http://

[HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"ActiveXCache"=C:\Windows\Downloaded Program Files
"CodeBaseSearchPath"=CODEBASE
"EnablePunycode"=1
"MinorVersion"=0
"WarnOnIntranet"=1

[HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings]
"CallLegacyWCMPolicies"=0

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main]
"ApplicationTileImmersiveActivation"=1
"AssociationActivationMode"=0
"AutoHide"=yes
"Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs]
"blank"=res://mshtml.dll/blank.htm
"DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm
"Home"=270
"InPrivate"=res://ieframe.dll/inprivate.htm
"NavigationCanceled"=res://ieframe.dll/navcancl.htm
"NavigationFailure"=res://ieframe.dll/navcancl.htm
"NoAdd-ons"=res://ieframe.dll/noaddon.htm
"NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm
"PostNotCached"=res://ieframe.dll/repost.htm
"SecurityRisk"=res://ieframe.dll/securityatrisk.htm

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"ftp"=ftp://
"home"=http://
"mosaic"=http://
"www"=http://

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings]
"ActiveXCache"=C:\Windows\Downloaded Program Files
"CodeBaseSearchPath"=CODEBASE
"EnablePunycode"=1
"MinorVersion"=0
"WarnOnIntranet"=1

[HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\CurrentVersion\Internet Settings]
"CallLegacyWCMPolicies"=0


---------- | Proxy


---------- | reparsepoint


---------- | Detection of offsets


---------- | Notify 


---------- | Execution FileExts











---------- | SIOI | SEH | URLSH

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3] - {BBACC218-34EA-4666-9D7A-C78F2274A524} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw] - {472083B0-C522-11CF-8763-00608CC02F24} --  C:\Program Files\AVAST Software\Avast\ashShell.dll   [08/09/2019 16:34:11]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast] - {472083B0-C522-11CF-8763-00608CC02F24} --  C:\Program Files\AVAST Software\Avast\ashShell.dll   [08/09/2019 16:34:11]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} --  C:\Windows\System32\EhStorShell.dll   [19/03/2019 06:44:47]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81} --  %SystemRoot%\System32\cscui.dll   
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3] - {BBACC218-34EA-4666-9D7A-C78F2274A524} --     

[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=   


---------- | Toolbar

[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"Locked"=1   

[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=0xE3EFEB7F196B494398D2FFB09D4B49CA00F4020000   
"ITBar7Layout"=0x13000000000000000000000030000000100001003700000001000000000700005E010000060000004101000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000E3EFEB7F196B494398D2FFB09D4B49CA0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000   

[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"=0633EE93-D776-472f-A0FF-E1416B8B2E3A   
"DefaultPackCorrection"=1   
"DefaultPackNTCorrection"=1   
"KnownProvidersUpgradeTime"=0x138E2AD344FDD001   
"Version"=4   
"UpgradeTime"=0x476856D444FDD001   

[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990}   

[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990}   


---------- | Extensions

[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}] : (@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003) -       []
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}] : () -       []
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}] : (@C:\WINDOWS\WindowsMobile\INetRepl.dll,-223) -       []

---------- | SearchScopes

[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 : 
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Google) - http://www.globasearch.com/?serie=209&installkey=VjSM37AZNP6Da48q9pmk&b=3&q={searchTerms} : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Google) - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Google) - http://www.globasearch.com/?serie=209&installkey=VjSM37AZNP6Da48q9pmk&b=3&q={searchTerms} : 

---------- | Browser Helper Objects

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll  [01/06/2019 22:14:56]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll  [01/06/2019 22:14:56]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll  [01/06/2019 22:14:56]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll  [01/06/2019 22:14:56]

---------- | Chrome

C:\Users\Mugetsu\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Mugetsu\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Mugetsu\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf =  : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx
C:\Users\Mugetsu\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo =  : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx
C:\Users\Mugetsu\AppData\Local\Google\Chrome\User Data\Default\extensions\cfhdojbkjhnklbpkdaibdccddilifddb =  :     __MSG_description__ -    short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstorageunlimitedStoragenotifications] - https://clients2.google.com/service/update2/crx
C:\Users\Mugetsu\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf =  : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx
C:\Users\Mugetsu\AppData\Local\Google\Chrome\User Data\Default\extensions\eofcbnmajmjmplflapaojjnihcjkigck =  :     __MSG_avastAppDesc__ -     __MSG_avastAppShortName__ - https://clients2.google.com/service/update2/crx
C:\Users\Mugetsu\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Mugetsu\AppData\Local\Google\Chrome\User Data\Default\extensions\ggmdibamnodmnjaomnnpgeabmahemknh =  :     Check if streamers are online or not -     Multi Twitch - https://clients2.google.com/service/update2/crx
C:\Users\Mugetsu\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi =  :     __MSG_extDesc__ -     __MSG_extName__ - https://clients2.google.com/service/update2/crx
C:\Users\Mugetsu\AppData\Local\Google\Chrome\User Data\Default\extensions\gighmmpiobklfepjocnamgkkbiglidom =  :     __MSG_description__ -    short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstorageunlimitedStoragenotificationsidlealarms] - https://clients2.google.com/service/update2/crx
C:\Users\Mugetsu\AppData\Local\Google\Chrome\User Data\Default\extensions\hdokiejnpimakedhajhdlcegeplioahd =  : Google & co -    version_name: 4.33.0 - https://clients2.google.com/service/update2/crx
C:\Users\Mugetsu\AppData\Local\Google\Chrome\User Data\Default\extensions\mlomiejdfkolichcflejclcbmpeaniij =  :     __MSG_short_description__ -    version_name: 8.4.2 - https://clients2.google.com/service/update2/crx
C:\Users\Mugetsu\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda =  : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\Mugetsu\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia =  : Google & co - https://mail.google.com/mail - Google & co - [*://mail.google.com/mail] - https://clients2.google.com/service/update2/crx
C:\Users\Mugetsu\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm =  :     Provider for discovery and services for mirroring of Chrome Media Router -     Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx

[HKLM\Software\WOW6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
[HKLM\Software\WOW6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]

---------- | Opera


---------- | Firefox


[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0] - (Unity Player 5.3.4f1) : C:\Users\Mugetsu\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\MozillaPlugins\SkypeForBusinessPlugin-15.8] - (Skype for Business Web App Plug-in) : C:\Users\Mugetsu\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.400\npGatewayNpapi.dll
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\MozillaPlugins\SkypeForBusinessPlugin64-15.8] - (Skype for Business Web App Plug-in) : C:\Users\Mugetsu\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.400\npGatewayNpapi-x64.dll
[HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.211.2] - (Java™ Deployment Toolkit) : C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll
[HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.211.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll
[HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll
[HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7] - (WebTablet Plugin API) : C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
[HKLM\Software\MozillaPlugins\wacom.com/WacomTabletPlugin] - () : C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 10.1 Plugin) : C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.211.2] - (Java™ Deployment Toolkit) : C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.211.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1] - (VLC Multimedia Plugin) : E:\Outils\VLC\npvlc.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7] - (WebTablet Plugin API) : C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin] - () : C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll


C:\Users\Mugetsu\AppData\Roaming\Mozilla\Firefox\Profiles\3e5gg59m.default\Prefs.js

user_pref("browser.search.order.1", "Amazon");
user_pref("browser.startup.homepage_override.buildID", "20161031133903");
user_pref("browser.startup.homepage_override.mstone", "47.0.2");
user_pref("extensions.blocklist.pingCountTotal", 16);
user_pref("extensions.blocklist.pingCountVersion", 2);
user_pref("extensions.bootstrappedAddons", "{\"jid1-1269JvYFBgj1Wg@jetpack\":{\"version\":\"0.3.3\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Mugetsu\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3e5gg59m.default\\\\extensions\\\\jid1-1269JvYFBgj1Wg@jetpack.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":false},\"{1018e4d6-728f-4b20-ad56-37578a4de76b}\":{\"version\":\"5.2.3\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Mugetsu\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3e5gg59m.default\\\\extensions\\\\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":false},\"e10srollout@mozilla.org\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Mugetsu\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3e5gg59m.default\\\\features\\\\{63319c75-e799-4108-8e79-5e4ba884333f}\\\\e10srollout@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"firefox@getpocket.com\":{\"version\":\"1.0.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Mugetsu\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3e5gg59m.default\\\\features\\\\{63319c75-e799-4108-8e79-5e4ba884333f}\\\\firefox@getpocket.com.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"google-code-correction@mozilla.org\":{\"version\":\"0.9\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Mugetsu\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3e5gg59m.default\\\\features\\\\{63319c75-e799-4108-8e79-5e4ba884333f}\\\\google-code-correction@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true},\"loop@mozilla.org\":{\"version\":\"3.0.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Mugetsu\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3e5gg59m.default\\\\features\\\\{63319c75-e799-4108-8e79-5e4ba884333f}\\\\loop@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true},\"timecop@mozilla.com\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Mugetsu\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3e5gg59m.default\\\\features\\\\{63319c75-e799-4108-8e79-5e4ba884333f}\\\\timecop@mozilla.com.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true},\"websensehelper@mozilla.org\":{\"version\":\"2.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Mugetsu\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3e5gg59m.default\\\\features\\\\{63319c75-e799-4108-8e79-5e4ba884333f}\\\\websensehelper@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true}}");
user_pref("extensions.databaseSchema", 17);
user_pref("extensions.e10sBlockedByAddons", true);
user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:47.0.2");
user_pref("extensions.fdm_ffext@freedownloadmanager.org.sdk.baseURI", "resource://fdm_ffext-at-freedownloadmanager-dot-org/");
user_pref("extensions.fdm_ffext@freedownloadmanager.org.sdk.domain", "fdm_ffext-at-freedownloadmanager-dot-org");
user_pref("extensions.fdm_ffext@freedownloadmanager.org.sdk.load.reason", "startup");
user_pref("extensions.fdm_ffext@freedownloadmanager.org.sdk.rootURI", "file:///C:/ProgramData/Free%20Download%20Manager/Firefox/Extensions/2.1.13/");
user_pref("extensions.fdm_ffext@freedownloadmanager.org.sdk.version", "2.1.13");
user_pref("extensions.flagfox.warn.tld", "disabled");
user_pref("extensions.getAddons.cache.lastUpdate", 1535096331);
user_pref("extensions.getAddons.databaseSchema", 5);
user_pref("extensions.hotfix.lastVersion", "20170302.01");
user_pref("extensions.jid1-1269JvYFBgj1Wg@jetpack.sdk.baseURI", "resource://jid1-1269jvyfbgj1wg-at-jetpack/");
user_pref("extensions.jid1-1269JvYFBgj1Wg@jetpack.sdk.domain", "jid1-1269jvyfbgj1wg-at-jetpack");
user_pref("extensions.jid1-1269JvYFBgj1Wg@jetpack.sdk.load.reason", "startup");
user_pref("extensions.jid1-1269JvYFBgj1Wg@jetpack.sdk.rootURI", "jar:file:///C:/Users/Mugetsu/AppData/Roaming/Mozilla/Firefox/Profiles/3e5gg59m.default/extensions/jid1-1269JvYFBgj1Wg@jetpack.xpi!/");
user_pref("extensions.jid1-1269JvYFBgj1Wg@jetpack.sdk.version", "0.3.3");
user_pref("extensions.lastAppVersion", "47.0.2");
user_pref("extensions.lastPlatformVersion", "47.0.2");
user_pref("extensions.pendingOperations", false);
user_pref("extensions.shownSelectionUI", true);
user_pref("extensions.systemAddonSet", "{\"schema\":1,\"directory\":\"{63319c75-e799-4108-8e79-5e4ba884333f}\",\"addons\":{\"websensehelper@mozilla.org\":{\"version\":\"2.0\"},\"firefox@getpocket.com\":{\"version\":\"1.0.2\"},\"loop@mozilla.org\":{\"version\":\"3.0.0\"},\"e10srollout@mozilla.org\":{\"version\":\"1.0\"},\"timecop@mozilla.com\":{\"version\":\"1.0\"},\"google-code-correction@mozilla.org\":{\"version\":\"0.9\"}}}");
user_pref("extensions.ui.dictionary.hidden", true);
user_pref("extensions.ui.experiment.hidden", true);
user_pref("extensions.ui.lastCategory", "addons://list/extension");
user_pref("extensions.ui.locale.hidden", true);
user_pref("extensions.xpiState", "{\"app-profile\":{\"helloworld@xulschool.com\":{\"d\":\"C:\\\\Users\\\\Mugetsu\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3e5gg59m.default\\\\extensions\\\\helloworld@xulschool.com.xpi\",\"e\":false,\"v\":\"0.1\",\"st\":1473505950362},\"jid1-1269JvYFBgj1Wg@jetpack\":{\"d\":\"C:\\\\Users\\\\Mugetsu\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3e5gg59m.default\\\\extensions\\\\jid1-1269JvYFBgj1Wg@jetpack.xpi\",\"e\":true,\"v\":\"0.3.3\",\"st\":1473508628215},\"{1018e4d6-728f-4b20-ad56-37578a4de76b}\":{\"d\":\"C:\\\\Users\\\\Mugetsu\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3e5gg59m.default\\\\extensions\\\\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi\",\"e\":true,\"v\":\"5.2.3\",\"st\":1518684070136}},\"app-system-addons\":{\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Users\\\\Mugetsu\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3e5gg59m.default\\\\features\\\\{63319c75-e799-4108-8e79-5e4ba884333f}\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1535096333714},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Users\\\\Mugetsu\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3e5gg59m.default\\\\features\\\\{63319c75-e799-4108-8e79-5e4ba884333f}\\\\firefox@getpocket.com.xpi\",\"e\":true,\"v\":\"1.0.2\",\"st\":1535096334050},\"google-code-correction@mozilla.org\":{\"d\":\"C:\\\\Users\\\\Mugetsu\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3e5gg59m.default\\\\features\\\\{63319c75-e799-4108-8e79-5e4ba884333f}\\\\google-code-correction@mozilla.org.xpi\",\"e\":true,\"v\":\"0.9\",\"st\":1535096333750},\"loop@mozilla.org\":{\"d\":\"C:\\\\Users\\\\Mugetsu\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3e5gg59m.default\\\\features\\\\{63319c75-e799-4108-8e79-5e4ba884333f}\\\\loop@mozilla.org.xpi\",\"e\":true,\"v\":\"3.0.0\",\"st\":1535096333712},\"timecop@mozilla.com\":{\"d\":\"C:\\\\Users\\\\Mugetsu\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3e5gg59m.default\\\\features\\\\{63319c75-e799-4108-8e79-5e4ba884333f}\\\\timecop@mozilla.com.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1535096333690},\"websensehelper@mozilla.org\":{\"d\":\"C:\\\\Users\\\\Mugetsu\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3e5gg59m.default\\\\features\\\\{63319c75-e799-4108-8e79-5e4ba884333f}\\\\websensehelper@mozilla.org.xpi\",\"e\":true,\"v\":\"2.0\",\"st\":1535096333581}},\"app-system-defaults\":{\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"e\":false,\"v\":\"1.0\",\"st\":1535014638369},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"e\":false,\"v\":\"1.0.2\",\"st\":1535014638368},\"loop@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\loop@mozilla.org.xpi\",\"e\":false,\"v\":\"1.3.2\",\"st\":1535014638329},\"websensehelper@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\websensehelper@mozilla.org.xpi\",\"e\":false,\"v\":\"1.0\",\"st\":1535014638235}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":true,\"v\":\"47.0.2\",\"st\":1535014638370}}}");


[Profile0] - Name=default -> Profiles/3e5gg59m.default

---------- | DNS

[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"DhcpNameServer"=89.2.0.1 89.2.0.2
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{2a9564b5-8342-4150-bdba-5e1339dab7dd}]
"DhcpNameServer"=192.168.1.1
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{51107928-1bb7-4b1a-ba0d-a0cb55a1ec4e}]
"DhcpNameServer"=89.2.0.1 89.2.0.2
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{51886f1f-8b39-42a5-b8a5-91699e9a9daf}]
"DhcpNameServer"=212.27.40.241 212.27.40.240
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{51e6f498-b559-428d-b67b-9577686ada71}]
"DhcpNameServer"=212.27.40.240 212.27.40.241
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{6fac3714-7d95-4a7e-9be4-e8eecbfabf08}]
"DhcpNameServer"=192.168.42.129
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{8eeb6c75-6fb4-4ef9-92c7-a23e2215ca12}]
"DhcpNameServer"=192.168.42.129
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{f8664f11-bf8a-4dc3-84cf-2f20f0616f0b}]
"DhcpNameServer"=192.168.42.129
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{2a9564b5-8342-4150-bdba-5e1339dab7dd}]
"DhcpNameServer"=192.168.1.1
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{51107928-1bb7-4b1a-ba0d-a0cb55a1ec4e}]
"DhcpNameServer"=89.2.0.1 89.2.0.2
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{51886f1f-8b39-42a5-b8a5-91699e9a9daf}]
"DhcpNameServer"=212.27.40.241 212.27.40.240
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{51e6f498-b559-428d-b67b-9577686ada71}]
"DhcpNameServer"=212.27.40.240 212.27.40.241
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{6fac3714-7d95-4a7e-9be4-e8eecbfabf08}]
"DhcpNameServer"=192.168.42.129
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{8eeb6c75-6fb4-4ef9-92c7-a23e2215ca12}]
"DhcpNameServer"=192.168.42.129
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{f8664f11-bf8a-4dc3-84cf-2f20f0616f0b}]
"DhcpNameServer"=192.168.42.129

---------- | Applications

[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\Classes\Applications\7z.exe] : "E:\outils\7-Zip\7z.exe" "%1"
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\Classes\Applications\7zFM.exe] : "E:\outils\7-Zip\7zFM.exe" "%1"
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\Classes\Applications\7zG.exe] : "E:\outils\7-Zip\7zG.exe" "%1"
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\Classes\Applications\notepad++.exe] : "E:\Outils\Notepad++\notepad++.exe" "%1"
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\Classes\Applications\sai.exe] : "E:\Outils\Sai 1.1.0\sai.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\devenv.exe] : "C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\krita.exe] : "E:\Outils\Krita (x64)\bin\krita.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
[HKLM\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen
[HKLM\SOFTWARE\Classes\Applications\rstudio.exe] : C:\Program Files\RStudio\bin\rstudio.exe "%1"
[HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "E:\Outils\VLC\vlc.exe" --started-from-file "%1"
[HKLM\SOFTWARE\Classes\Applications\VSLauncher.exe] : "C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\VSLauncher.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1"
[HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\devenv.exe] : "C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\krita.exe] : "E:\Outils\Krita (x64)\bin\krita.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\rstudio.exe] : C:\Program Files\RStudio\bin\rstudio.exe "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "E:\Outils\VLC\vlc.exe" --started-from-file "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\VSLauncher.exe] : "C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\VSLauncher.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"

---------- | SvcHost (Whitelist)

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]
"DcomLaunch"=Power
LSM
BrokerInfrastructure
PlugPlay
DcomLaunch
SystemEventsBroker
DeviceInstall
"rdxgroup"=RetailDemo
"Camera"=FrameS
"LocalServiceNoNetworkFirewall"=BFE
mpssvc
"diagnostics"=DiagSvc
"AarSvcGroup"=AarSvc
"PrintWorkflow"=PrintWorkflowUserSvc
"wusvcs"=WaaSMedicSvc
"BcastDVRUserService"=BcastDVRUserService
"GraphicsPerfSvcGroup"=GraphicsPerfSvc
"autoTimeSvc"=autoTimeSvc
"ClipboardSvcGroup"=cbdhsvc
"BthAppGroup"=BluetoothUserService
"smbsvcs"=lanmanserver
browser
"DevicesFlow"=DeviceAssociationBrokerSvc
DevicesFlowUserSvc
DevicePickerUserSvc
ConsentUxUserSvc
"PeerDist"=PeerDistSvc
"AssignedAccessManagerSvc"=AssignedAccessManagerSvc
"iissvcs"=w3svc
was
"HPZ12"=Pml Driver HPZ12
Net Driver HPZ12

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost]
"DcomLaunch"=DcomLaunch
DeviceInstall
"PrintWorkflow"=PrintWorkflowUserSvc
"DevicesFlow"=DeviceAssociationBrokerSvc
"smbsvcs"=lanmanserver
"iissvcs"=w3svc
was
"hpdevmgmt"=hpqcxs08
hpqddsvc


---------- | SvcHost - Netsvcs (Whitelist)


---------- | Software

[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\5tudio]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\7-Zip]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Adobe]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Ambient Design]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Ankama]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\AppDataLow]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\AVAST Software]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Blizzard Entertainment]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Boneloaf]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Browser Cleanup]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Bugsplat]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Canon]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Caphyon]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\cd projekt red]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\CeVIO]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Chromium]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Clever Endeavour Games]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Clients]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Code Avarice]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Convar]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\CoolROM]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\CrowsCrowsCrows]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\CyberCoconut]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Cygwin]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Daedalic Entertainment GmbH]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\DefaultCompany]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Defiant Development]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Digital Extremes]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Dinosaur Polo Club]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Disc Soft]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Discord]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Distromatic]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\E-Line Media]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Eidos]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\ej-technologies]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Enterbrain]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Epic Games]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\eSellerate]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\FinalWire]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Firaxis]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\FreeDownloadManager.ORG]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Freehold Games]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\g3n-h@ckm@n]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Game Maker]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\GameMakerPlayer]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\GameMakerStudio2]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\GMStudio]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Google]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Hewlett-Packard]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Hopoo Games, LLC]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\HP]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\IM Providers]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\INCAInternet]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Intel]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\JavaSoft]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Kobo]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Laser Dog Games Ltd]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Le Cartel Studio]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Leadertech]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\LinuxLive]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Local AppWizard-Generated Applications]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\LoE]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\LogiShrd]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Logitech]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Macromedia]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\MalboM]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\MangaGamer]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Michael Herf]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Microsoft]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Mojang]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Monomi Park]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Mozilla]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\MozillaPlugins]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\MSI]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Mumble]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\MXMCLIENT]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Necrophone Games]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Nobody's Getting Paid Here]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\nSpace Inc.]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\NVIDIA Corporation]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\OpenOffice]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Oracle]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\PaintTool SAI]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\PCSX2]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Piriform]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Policies]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\ProtectedStorage]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\QtProject]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Razer]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\RegisteredApplications]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Sandbox Interactive GmbH]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Scrivener]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Seifert]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Skype]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\skypeapp-7e51afa9092c]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\SmashGames]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\SSPrint]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Stunlock Studios]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\SubSystems]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Sven Co-op Team]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\SyncEngines]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\sysinternals]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\SYSTEMAX Software Development]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Tactical Adventures]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\TeamSpeak 3 Client]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Terraria]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Thunder Lotus Games]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\tinyBuild GAMES]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Trolltech]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Ubisoft]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Unity]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Unity Technologies]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Valve]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Wacom]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\WeirdBeard]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Wondershare]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Wow6432Node]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\AppDataLow\Software\Adobe]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\AppDataLow\Software\Amazon]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\AppDataLow\Software\JavaSoft]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\AppDataLow\Software\Microsoft]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\AppDataLow\Software\Unity]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Microsoft\Windows\AssignedAccessConfiguration]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Microsoft\Windows\CurrentVersion]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Microsoft\Windows\DWM]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Microsoft\Windows\PrivacySettingsBeforeCreatorsUpdate]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Microsoft\Windows\Shell]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Microsoft\Windows\TabletPC]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Microsoft\Windows\Windows Error Reporting]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Microsoft\Windows\Winlogon]
[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM\Software\57979c68-f490-55b8-8fed-8b017a5af2fe]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\Alienware]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\Canon]
[HKLM\Software\Clients]
[HKLM\Software\CVSM]
[HKLM\Software\DefaultUserEnvironment]
[HKLM\Software\dotnet]
[HKLM\Software\g3n-h@ckm@n]
[HKLM\Software\GitForWindows]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Khronos]
[HKLM\Software\Krita]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\Microsoft]
[HKLM\Software\Mozilla]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\OCBASE]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\Oracle]
[HKLM\Software\Partner]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Python]
[HKLM\Software\R-core]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Samsung]
[HKLM\Software\Sonic]
[HKLM\Software\SSPrint]
[HKLM\Software\sysinternals]
[HKLM\Software\TeamSpeak 3 Client]
[HKLM\Software\WacDriverDL]
[HKLM\Software\Wacom]
[HKLM\Software\Windows]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Microsoft\Windows\AssignedAccessConfiguration]
[HKLM\Software\Microsoft\Windows\AssignedAccessCsp]
[HKLM\Software\Microsoft\Windows\Autopilot]
[HKLM\Software\Microsoft\Windows\ClickNote]
[HKLM\Software\Microsoft\Windows\CurrentVersion]
[HKLM\Software\Microsoft\Windows\Dwm]
[HKLM\Software\Microsoft\Windows\DynamicManagement]
[HKLM\Software\Microsoft\Windows\EnterpriseResourceManager]
[HKLM\Software\Microsoft\Windows\Heat]
[HKLM\Software\Microsoft\Windows\HTML Help]
[HKLM\Software\Microsoft\Windows\ITStorage]
[HKLM\Software\Microsoft\Windows\Notepad]
[HKLM\Software\Microsoft\Windows\PrivacySettingsBeforeCreatorsUpdate]
[HKLM\Software\Microsoft\Windows\ScheduledDiagnostics]
[HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKLM\Software\Microsoft\Windows\Shell]
[HKLM\Software\Microsoft\Windows\Tablet PC]
[HKLM\Software\Microsoft\Windows\TabletPC]
[HKLM\Software\Microsoft\Windows\UpdateApi]
[HKLM\Software\Microsoft\Windows\Windows Error Reporting]
[HKLM\Software\Microsoft\Windows\Windows Search]
[HKLM\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AarSvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\apphost]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AssignedAccessManagerSvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\autotimesvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BcastDVRUserService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\btagservice]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BthAppGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ClipboardSvcGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\iissvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs]
[HKLM\Software\WOW6432Node\7-Zip]
[HKLM\Software\WOW6432Node\Adobe]
[HKLM\Software\WOW6432Node\AGEIA Technologies]
[HKLM\Software\WOW6432Node\AppDataLow]
[HKLM\Software\WOW6432Node\Apple Inc.]
[HKLM\Software\WOW6432Node\ASUS]
[HKLM\Software\WOW6432Node\Atlassian]
[HKLM\Software\WOW6432Node\AVAST Software]
[HKLM\Software\WOW6432Node\bethesda softworks]
[HKLM\Software\WOW6432Node\Blizzard Entertainment]
[HKLM\Software\WOW6432Node\Canon]
[HKLM\Software\WOW6432Node\Caphyon]
[HKLM\Software\WOW6432Node\Core Design]
[HKLM\Software\WOW6432Node\dotnet]
[HKLM\Software\WOW6432Node\EasyAntiCheat]
[HKLM\Software\WOW6432Node\enterbrain]
[HKLM\Software\WOW6432Node\Epic Games]
[HKLM\Software\WOW6432Node\EpicGames]
[HKLM\Software\WOW6432Node\Google]
[HKLM\Software\WOW6432Node\Hewlett-Packard]
[HKLM\Software\WOW6432Node\Hi-Rez Studios]
[HKLM\Software\WOW6432Node\HiRez Studios]
[HKLM\Software\WOW6432Node\ICE]
[HKLM\Software\WOW6432Node\Intel]
[HKLM\Software\WOW6432Node\JavaSoft]
[HKLM\Software\WOW6432Node\JreMetrics]
[HKLM\Software\WOW6432Node\Khronos]
[HKLM\Software\WOW6432Node\Kobo]
[HKLM\Software\WOW6432Node\LinuxLive USB Creator]
[HKLM\Software\WOW6432Node\logishrd]
[HKLM\Software\WOW6432Node\Logitech]
[HKLM\Software\WOW6432Node\Macromedia]
[HKLM\Software\WOW6432Node\MicroQuill]
[HKLM\Software\WOW6432Node\Microsoft]
[HKLM\Software\WOW6432Node\Mojang]
[HKLM\Software\WOW6432Node\Mozilla]
[HKLM\Software\WOW6432Node\mozilla.org]
[HKLM\Software\WOW6432Node\MozillaPlugins]
[HKLM\Software\WOW6432Node\MSI]
[HKLM\Software\WOW6432Node\Notepad++]
[HKLM\Software\WOW6432Node\NuGet]
[HKLM\Software\WOW6432Node\NVIDIA Corporation]
[HKLM\Software\WOW6432Node\OBS Multiplatform]
[HKLM\Software\WOW6432Node\OBS Studio]
[HKLM\Software\WOW6432Node\ODBC]
[HKLM\Software\WOW6432Node\OpenAL]
[HKLM\Software\WOW6432Node\OpenOffice]
[HKLM\Software\WOW6432Node\Oracle]
[HKLM\Software\WOW6432Node\Piriform]
[HKLM\Software\WOW6432Node\plaync]
[HKLM\Software\WOW6432Node\PreEmptive Solutions]
[HKLM\Software\WOW6432Node\Python]
[HKLM\Software\WOW6432Node\R-core]
[HKLM\Software\WOW6432Node\Ralink]
[HKLM\Software\WOW6432Node\Razer]
[HKLM\Software\WOW6432Node\re-logic]
[HKLM\Software\WOW6432Node\Riot Games]
[HKLM\Software\WOW6432Node\Riot Games, Inc]
[HKLM\Software\WOW6432Node\RStudio]
[HKLM\Software\WOW6432Node\Skype]
[HKLM\Software\WOW6432Node\Square Enix]
[HKLM\Software\WOW6432Node\SquareEnix]
[HKLM\Software\WOW6432Node\SvenCo-op]
[HKLM\Software\WOW6432Node\SYSTEMAX Software Development]
[HKLM\Software\WOW6432Node\Team17 Software Ltd.]
[HKLM\Software\WOW6432Node\TeamMeat]
[HKLM\Software\WOW6432Node\TeamSpeak 3 Client]
[HKLM\Software\WOW6432Node\Ubisoft]
[HKLM\Software\WOW6432Node\Valve]
[HKLM\Software\WOW6432Node\VideoLAN]
[HKLM\Software\WOW6432Node\Volatile]
[HKLM\Software\WOW6432Node\Wacom]
[HKLM\Software\WOW6432Node\WafCX]
[HKLM\Software\WOW6432Node\Wondershare]
[HKLM\Software\WOW6432Node\WOW6432Node]
[HKLM\Software\WOW6432Node\Xamarin]
[HKLM\Software\WOW6432Node\Yahoo]
[HKLM\Software\WOW6432Node\Clients]
[HKLM\Software\WOW6432Node\Policies]
[HKLM\Software\WOW6432Node\RegisteredApplications]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm]
[HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Heat]
[HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC]
[HKLM\Software\WOW6432Node\Microsoft\Windows\UpdateApi]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\iissvcs]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs]

---------- | Drives


E:

[02/12/2006 00:37:14] - |A| - (.© Microsoft Corporation. - Microsoft® Debug Information Accessor.) - [904704] - (8.0.50727.762) - E:\msdia80.dll
[07/11/2007 09:03:18] - |A| - (.© Microsoft Corporation. - External Installer.) - [562688] - (9.0.21022.8) - E:\install.exe

F:


G:


---------- | C:

[14/07/2009 05:18:56] - |SHD| - [16999203768] - C:\$Recycle.Bin
[22/08/2019 22:08:29] - |HD| - [426433] - C:\$SysReset
[18/06/2015 15:01:01] - |SHD| - [19034140] - C:\Boot
[MD5.BCF446885395009F4D96F44BACE255F3] - [18/06/2015 15:01:01] - |RASH| - (.-.) - [409654] - (0.0.0.0) - C:\bootmgr
[MD5.93B885ADFE0DA089CDF634904FD59F71] - [10/04/2016 16:18:22] - |ASH| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT
[MD5.1D6B8EA0C57249AD9AF108FC334A7F0E] - [18/06/2015 15:01:05] - |RASH| - (.-.) - [8192] - (0.0.0.0) - C:\BOOTSECT.BAK
[MD5.A50513BC3F50F591565A368054DD7813] - [24/07/2018 22:41:21] - |SH| - (.-.) - [80] - (0.0.0.0) - C:\bootTel.dat
[22/02/2019 20:46:55] - |HD| - [0] - C:\Config.Msi
[14/07/2009 07:08:56] - |SHD| - [0] - C:\Documents and Settings
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [29/08/2019 17:22:54] - |ASH| - (.-.) - [12840095744] - (0.0.0.0) - C:\hiberfil.sys
[29/08/2019 17:37:39] - |D| - [7432678] - C:\inetpub
[13/02/2016 15:20:39] - |D| - [17338368] - C:\Logs
[18/06/2015 23:17:29] - |D| - [0] - C:\MSI
[19/03/2019 06:52:43] - |D| - [0] - C:\PerfLogs
[19/03/2019 06:52:43] - |RD| - [9088232505] - C:\Program Files
[19/03/2019 06:52:44] - |RD| - [12409275231] - C:\Program Files (x86)
[19/03/2019 06:52:44] - |HD| - [12728813407] - C:\ProgramData
[12/09/2019 11:51:09] - |D| - [68686] - C:\QuickDiag
[MD5.898CE5677C5FC655D4E71C38B49CEC2A] - [12/09/2019 11:52:53] - |A| - (.-.) - [239915] - (0.0.0.0) - C:\QuickDiag.txt
[13/01/2018 20:21:32] - |SHDC| - [0] - C:\Recovery
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [29/08/2019 17:18:33] - |ASH| - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys
[26/12/2014 12:19:40] - |SHD| - [0] - C:\System Volume Information
[22/07/2015 22:15:33] - |D| - [43182] - C:\temp
[19/03/2019 06:37:22] - |RD| - [27080531216] - C:\Users
[19/03/2019 06:37:22] - |D| - [27511359913] - C:\Windows

---------- | C:\WINDOWS

[MD5.D2A2D69173654899705C88EEE378A5B2] - [18/06/2015 23:17:31] - |A| - (.© Microsoft Corporation. - Resource only DLL containing MOF for ASL code.) - [11248] - (6.1.7600.16385) - C:\WINDOWS\acpimof.dll
[19/03/2019 06:52:44] - |D| - [802] - C:\WINDOWS\addins
[19/03/2019 06:52:44] - |D| - [19817055] - C:\WINDOWS\appcompat
[19/03/2019 06:52:44] - |D| - [8771070] - C:\WINDOWS\apppatch
[19/03/2019 06:52:44] - |D| - [0] - C:\WINDOWS\AppReadiness
[19/03/2019 06:52:43] - |RD| - [3008173767] - C:\WINDOWS\assembly
[MD5.12EBDA58437CD1EA7066FCB6455241D2] - [26/09/2016 18:58:26] - |A| - (.Copyright (c) 2014 AVAST Software - avast! Screen Saver stub.) - [53208] - (12.3.3154.0) - C:\WINDOWS\avastSS.scr
[19/03/2019 06:52:44] - |D| - [785153] - C:\WINDOWS\bcastdvr
[MD5.B75D52E7DBEEF44A2C3324A2CE0272C9] - [19/03/2019 06:43:47] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [73216] - (10.0.18362.1) - C:\WINDOWS\bfsvc.exe
[19/03/2019 14:04:01] - |SHD| - [578755] - C:\WINDOWS\BitLockerDiscoveryVolumeContents
[19/03/2019 06:52:44] - |D| - [39549067] - C:\WINDOWS\Boot
[MD5.333720F3600844E900B1A277487BDC57] - [29/08/2019 17:44:41] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat
[19/03/2019 06:52:44] - |D| - [2459128] - C:\WINDOWS\Branding
[19/03/2019 06:37:22] - |D| - [0] - C:\WINDOWS\CbsTemp
[MD5.BB3AB8CA59A0A15ED4258D7390BBB796] - [29/08/2019 17:23:21] - |A| - (.-.) - [7576] - (0.0.0.0) - C:\WINDOWS\comsetup.log
[19/03/2019 06:52:44] - |D| - [92874485] - C:\WINDOWS\Containers
[14/07/2009 09:46:31] - |D| - [0] - C:\WINDOWS\CSC
[19/03/2019 06:52:44] - |D| - [11501377] - C:\WINDOWS\Cursors
[19/03/2019 06:52:44] - |D| - [3984631] - C:\WINDOWS\debug
[MD5.0E359EF178B73AAAE2C6D6AC11B4FE15] - [29/08/2019 17:27:23] - |A| - (.-.) - [11433] - (0.0.0.0) - C:\WINDOWS\diagerr.xml
[19/03/2019 06:52:44] - |D| - [4560322] - C:\WINDOWS\diagnostics
[19/03/2019 06:52:44] - |D| - [2074128] - C:\WINDOWS\DiagTrack
[MD5.0E359EF178B73AAAE2C6D6AC11B4FE15] - [29/08/2019 17:27:23] - |A| - (.-.) - [11433] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml
[19/03/2019 14:01:27] - |D| - [0] - C:\WINDOWS\DigitalLocker
[19/03/2019 06:52:44] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files
[MD5.9BA3629DA25EA41969AEBBD9B8E54655] - [19/03/2019 06:55:49] - |A| - (.-.) - [776] - (0.0.0.0) - C:\WINDOWS\DtcInstall.log
[14/07/2009 09:46:36] - |D| - [0] - C:\WINDOWS\ehome
[19/03/2019 06:52:44] - |HD| - [61960] - C:\WINDOWS\ELAMBKUP
[19/03/2019 14:01:27] - |D| - [97792] - C:\WINDOWS\en-US
[MD5.5BF20D72234EFA5640E8DF7F25F3CDC1] - [29/08/2019 17:40:49] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4552376] - (10.0.18362.267) - C:\WINDOWS\explorer.exe
[19/03/2019 06:52:44] - |RSD| - [374842786] - C:\WINDOWS\Fonts
[22/06/2015 14:14:37] - |D| - [117440] - C:\WINDOWS\fr
[19/03/2019 14:01:27] - |D| - [110592] - C:\WINDOWS\fr-FR
[19/03/2019 06:52:44] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter
[19/03/2019 06:52:44] - |D| - [71084274] - C:\WINDOWS\Globalization
[19/03/2019 06:52:44] - |D| - [71992641] - C:\WINDOWS\Help
[MD5.7FE51A1679579DB427447CE8DFD8D47F] - [29/08/2019 17:41:22] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1059840] - (10.0.18362.267) - C:\WINDOWS\HelpPane.exe
[MD5.DF73D52FDCE65F90A2E49EFB5248C77C] - [19/03/2019 06:45:38] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.18362.1) - C:\WINDOWS\hh.exe
[MD5.67533D0829B939A21FC907AC25E9E4F4] - [22/02/2019 20:46:35] - |A| - (.-.) - [203619] - (0.0.0.0) - C:\WINDOWS\hpoins29.dat
[MD5.ABCEBB2735ACCD296EB7D89AC2C8A1A6] - [22/02/2019 20:46:35] - |A| - (.-.) - [608] - (0.0.0.0) - C:\WINDOWS\hpomdl29.dat
[MD5.ABCEBB2735ACCD296EB7D89AC2C8A1A6] - [26/08/2019 20:56:28] - |A| - (.-.) - [608] - (0.0.0.0) - C:\WINDOWS\hpomdl29.dat.temp
[19/03/2019 06:52:44] - |D| - [29869] - C:\WINDOWS\IdentityCRL
[MD5.4436AFA81BE53D005209FC73EF62A3A8] - [29/08/2019 17:19:55] - |A| - (.-.) - [5654] - (0.0.0.0) - C:\WINDOWS\iis.log
[19/03/2019 06:52:44] - |D| - [28824510] - C:\WINDOWS\IME
[19/03/2019 06:52:44] - |RD| - [9266179] - C:\WINDOWS\ImmersiveControlPanel
[19/03/2019 06:50:07] - |D| - [172794325] - C:\WINDOWS\INF
[12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\InfusedApps
[19/03/2019 06:52:44] - |D| - [38126462] - C:\WINDOWS\InputMethod
[19/03/2019 06:52:44] - |HDC| - [2883090889] - C:\WINDOWS\Installer
[MD5.36932522D014499D7F7B1BB921D05842] - [02/12/2018 19:44:33] - |A| - (.Copyright© 1990-1998 InstallShield Software Corporation Phone : (847) 240-9111  - InstallShield® unInstaller.) - [327168] - (5.50.137.0) - C:\WINDOWS\IsUn040c.exe
[19/03/2019 06:52:44] - |D| - [94304] - C:\WINDOWS\L2Schemas
[19/03/2019 06:52:44] - |HD| - [0] - C:\WINDOWS\LanguageOverlayCache
[07/09/2019 22:35:34] - |D| - [170042312] - C:\WINDOWS\LastGood.Tmp
[19/03/2019 06:52:44] - |D| - [1876501278] - C:\WINDOWS\LiveKernelReports
[MD5.608C86AF929C424D073632F610B6776A] - [29/08/2019 17:19:36] - |A| - (.-.) - [388] - (0.0.0.0) - C:\WINDOWS\LkmdfCoInst.log
[19/03/2019 06:52:44] - |D| - [23172146] - C:\WINDOWS\Logs
[19/03/2019 06:52:44] - |RSD| - [27428396] - C:\WINDOWS\Media
[MD5.23AF90D2355D8C83AA4567EF1763B467] - [19/03/2019 06:44:30] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin
[19/03/2019 06:52:43] - |RD| - [975274389] - C:\WINDOWS\Microsoft.NET
[19/03/2019 06:52:44] - |D| - [3323] - C:\WINDOWS\Migration
[19/03/2019 06:52:44] - |D| - [0] - C:\WINDOWS\ModemLogs
[MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 04:35:42] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\WINDOWS\msdfmap.ini
[MD5.F1139811BBF61362915958806AD30211] - [19/03/2019 06:45:00] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [181248] - (10.0.18362.1) - C:\WINDOWS\notepad.exe
[MD5.1F5E755DEC3195B4CC71D238DED3249D] - [01/09/2019 12:19:01] - |A| - (.-.) - [198928] - (0.0.0.0) - C:\WINDOWS\ntbtlog.txt
[MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [19/08/2018 10:15:37] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\WINDOWS\NvContainerRecovery.bat
[19/03/2019 14:03:09] - |D| - [419226] - C:\WINDOWS\OCR
[19/03/2019 06:52:44] - |RD| - [65] - C:\WINDOWS\Offline Web Pages
[28/08/2019 21:04:59] - |DC| - [542356704] - C:\WINDOWS\Panther
[19/03/2019 06:52:44] - |D| - [1188972] - C:\WINDOWS\Performance
[MD5.45DC76C2B614BA768C249EA15C95972B] - [07/09/2017 20:34:12] - |A| - (.-.) - [411494] - (0.0.0.0) - C:\WINDOWS\PFRO.log
[19/03/2019 06:52:44] - |D| - [1283900] - C:\WINDOWS\PLA
[19/03/2019 06:52:44] - |D| - [10272272] - C:\WINDOWS\PolicyDefinitions
[29/08/2019 17:18:31] - |D| - [4870700] - C:\WINDOWS\Prefetch
[19/03/2019 06:52:44] - |RD| - [1997304] - C:\WINDOWS\PrintDialog
[MD5.AD5867D2A8665FFB20B0651AFC12114B] - [19/03/2019 14:04:34] - |A| - (.-.) - [34925] - (0.0.0.0) - C:\WINDOWS\Professional.xml
[19/03/2019 06:52:44] - |D| - [5895170] - C:\WINDOWS\Provisioning
[MD5.86818EEEE0708A17F367CB15A8B50C69] - [23/12/2016 07:19:18] - |A| - (.Copyright © 2001-2016 Python Software Foundation. Copyright © 2000 BeOpen.com. Copyright © 1995-2001 CNRI. Copyright © 1991-1995 SMC. - Python.) - [889496] - (3.6.150.1013) - C:\WINDOWS\py.exe
[MD5.821CEF24AE0BF12A1A6ABDED2AE4B5D4] - [16/12/2016 23:22:50] - |A| - (.Copyright © 2001-2016 Python Software Foundation. Copyright © 2000 BeOpen.com. Copyright © 1995-2001 CNRI. Copyright © 1991-1995 SMC. - Python.) - [55456] - (3.6.122.1013) - C:\WINDOWS\pyshellext.amd64.dll
[MD5.ECF8B09CE608468DFE9BCF64B08ACEAD] - [23/12/2016 07:19:18] - |A| - (.Copyright © 2001-2016 Python Software Foundation. Copyright © 2000 BeOpen.com. Copyright © 1995-2001 CNRI. Copyright © 1991-1995 SMC. - Python.) - [890008] - (3.6.150.1013) - C:\WINDOWS\pyw.exe
[MD5.29409008DF22243BB320333F9FD5C060] - [19/03/2019 06:45:47] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [358400] - (10.0.18362.1) - C:\WINDOWS\regedit.exe
[19/03/2019 06:52:44] - |D| - [1117876] - C:\WINDOWS\Registration
[19/03/2019 14:04:01] - |D| - [0] - C:\WINDOWS\RemotePackages
[19/03/2019 06:52:44] - |D| - [5287304] - C:\WINDOWS\rescache
[19/03/2019 06:52:44] - |D| - [4333435] - C:\WINDOWS\Resources
[19/03/2019 06:52:44] - |D| - [0] - C:\WINDOWS\SchCache
[19/03/2019 06:52:44] - |D| - [190773] - C:\WINDOWS\schemas
[19/03/2019 06:52:44] - |D| - [7059185] - C:\WINDOWS\security
[29/08/2019 17:44:17] - |D| - [167608362] - C:\WINDOWS\ServiceProfiles
[19/03/2019 06:52:44] - |D| - [4096] - C:\WINDOWS\ServiceState
[19/03/2019 06:37:22] - |D| - [73363113] - C:\WINDOWS\servicing
[19/03/2019 06:56:38] - |D| - [25840] - C:\WINDOWS\Setup
[MD5.34CCD0A7195A0452AD581B5089073CF2] - [29/08/2019 17:19:03] - |A| - (.-.) - [328900] - (0.0.0.0) - C:\WINDOWS\setupact.log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [29/08/2019 17:19:03] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\setuperr.log
[19/03/2019 06:52:44] - |D| - [7052288] - C:\WINDOWS\ShellComponents
[19/03/2019 06:52:44] - |D| - [55826944] - C:\WINDOWS\ShellExperiences
[13/02/2016 15:03:00] - |D| - [0] - C:\WINDOWS\ShellNew
[19/03/2019 06:52:44] - |D| - [6828144] - C:\WINDOWS\SKB
[18/06/2015 05:07:50] - |D| - [28417248] - C:\WINDOWS\SoftwareDistribution
[19/03/2019 06:52:44] - |D| - [86040769] - C:\WINDOWS\Speech
[19/03/2019 06:52:44] - |D| - [63949381] - C:\WINDOWS\Speech_OneCore
[MD5.DD8E5CAD821A7A4122D7FA0BF92512D6] - [29/08/2019 17:40:49] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [132096] - (10.0.18362.239) - C:\WINDOWS\splwow64.exe
[16/01/2016 19:21:00] - |D| - [11776] - C:\WINDOWS\symbols
[19/03/2019 06:52:44] - |D| - [31039] - C:\WINDOWS\System
[MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 04:34:57] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini
[19/03/2019 06:37:22] - |D| - [5766466266] - C:\WINDOWS\System32
[19/03/2019 06:52:45] - |D| - [210620286] - C:\WINDOWS\SystemApps
[19/03/2019 06:52:46] - |D| - [189210613] - C:\WINDOWS\SystemResources
[19/03/2019 06:52:46] - |D| - [1435072186] - C:\WINDOWS\SysWOW64
[19/03/2019 06:52:46] - |D| - [0] - C:\WINDOWS\TAPI
[14/07/2009 05:20:14] - |D| - [524] - C:\WINDOWS\Tasks
[19/03/2019 06:52:46] - |D| - [1101695] - C:\WINDOWS\Temp
[19/03/2019 06:52:46] - |D| - [13786112] - C:\WINDOWS\TextInput
[19/03/2019 06:52:46] - |D| - [0] - C:\WINDOWS\tracing
[19/03/2019 06:52:46] - |D| - [306688] - C:\WINDOWS\twain_32
[MD5.BC67755EBD59B2523C943F0D1A9982EF] - [19/03/2019 06:46:01] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [64512] - (1.7.1.3) - C:\WINDOWS\twain_32.dll
[08/01/2018 00:46:50] - |SD| - [0] - C:\WINDOWS\UpdateAssistantV2
[19/03/2019 06:52:46] - |D| - [12420] - C:\WINDOWS\Vss
[19/03/2019 06:52:46] - |D| - [33142] - C:\WINDOWS\WaaS
[19/03/2019 06:52:46] - |D| - [16568315] - C:\WINDOWS\Web
[MD5.3E6F24B5319C375DD219EE357D9BAB06] - [14/07/2009 04:34:57] - |A| - (.-.) - [438] - (0.0.0.0) - C:\WINDOWS\win.ini
[05/12/2015 17:59:25] - |D| - [27949476] - C:\WINDOWS\WindowsMobile
[MD5.C844CA459F3B209329984772269B6E56] - [19/03/2019 06:44:30] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest
[MD5.2CC83D93DD1DDE691158CF5E9882420B] - [28/08/2019 08:09:42] - |A| - (.-.) - [276] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log
[MD5.CAA192BFDFB5F2A131EBD649B7062DE3] - [19/03/2019 06:46:01] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.18362.1) - C:\WINDOWS\winhlp32.exe
[19/03/2019 06:37:22] - |D| - [8846053984] - C:\WINDOWS\WinSxS
[MD5.907AE50A03DEEC4CFFDC70EA3D5AD4D8] - [31/03/2014 21:34:22] - |A| - (.© 2012 Microsoft Corporation. Tous droits réservés. - Écran de veille de la Galerie de photos.) - [322248] - (16.4.3528.331) - C:\WINDOWS\WLXPGSS.SCR
[MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [19/03/2019 06:58:10] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx
[MD5.1D27F61CC5D659247D2E0C111C5386DE] - [19/03/2019 06:45:54] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.18362.1) - C:\WINDOWS\write.exe

---------- | C:\WINDOWS\System32\GroupPolicy


---------- | Systemroot\System


---------- | Systemroot\Installer (Microsoft Files Whitelisted)

[20/09/2015 19:07:14] - C:\WINDOWS\Installer\11f7bb9.msi : (League of Legends - Riot Games)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[27/09/2012 01:34:20] - C:\WINDOWS\Installer\13073b.msi : (LWS Help_main - Logitech)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[13/09/2012 09:41:18] - C:\WINDOWS\Installer\130740.msi : (LWS Webcam Software - Logitech)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[13/09/2012 09:41:16] - C:\WINDOWS\Installer\130745.msi : (CameraHelperMsi - Logitech)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[26/10/2012 19:55:20] - C:\WINDOWS\Installer\13074a.msi : (Logitech eReg 1.12 merge module-to-MSI converter - Logitech, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[24/07/2012 00:15:18] - C:\WINDOWS\Installer\13074f.msi : (LWS Facebook - Logitech)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[27/09/2012 00:19:08] - C:\WINDOWS\Installer\130754.msi : (LWS Gallery - Logitech)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[27/09/2012 01:36:58] - C:\WINDOWS\Installer\130759.msi : (LWS Launcher - Logitech)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[13/09/2012 09:41:12] - C:\WINDOWS\Installer\13075e.msi : (LWS Motion Detection - Logitech)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[13/09/2012 09:41:22] - C:\WINDOWS\Installer\130763.msi : (LWS Pictures And Video - Logitech)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[27/07/2011 04:51:16] - C:\WINDOWS\Installer\130768.msi : (LWS Twitter - Logitech)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[13/06/2011 05:26:48] - C:\WINDOWS\Installer\13076d.msi : (LWS WLM Plugin - Logitech)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[12/11/2011 00:14:28] - C:\WINDOWS\Installer\130772.msi : (LWS YouTube Plugin - Logitech)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[10/12/2015 17:43:58] - C:\WINDOWS\Installer\198fa14.msi : (Gtk# for .Net 2.12.26 - Xamarin, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[04/11/2015 06:12:36] - C:\WINDOWS\Installer\1a7207c.msi : (PreEmptive Solutions provides analytics, obfuscation, tamper defense, and shelf life. - PreEmptive Solutions LLC)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[11/06/2015 04:09:05] - C:\WINDOWS\Installer\1a72082.msi : (PreEmptive Analytics Visual Studio Components - PreEmptive Solutions)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[23/12/2016 08:11:22] - C:\WINDOWS\Installer\1ae5679.msi : (Python 3.6.0 Core Interpreter (64-bit) - Python Software Foundation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[18/06/2017 22:26:38] - C:\WINDOWS\Installer\1ae567f.msi : (Python 3.6.0 Core Interpreter (64-bit symbols) - Python Software Foundation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[23/12/2016 08:11:48] - C:\WINDOWS\Installer\1ae5685.msi : (Python 3.6.0 Development Libraries (64-bit) - Python Software Foundation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[23/12/2016 08:12:02] - C:\WINDOWS\Installer\1ae568b.msi : (Python 3.6.0 Executables (64-bit) - Python Software Foundation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[18/06/2017 22:26:39] - C:\WINDOWS\Installer\1ae5691.msi : (Python 3.6.0 Executables (64-bit symbols) - Python Software Foundation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[23/12/2016 08:12:28] - C:\WINDOWS\Installer\1ae5697.msi : (Python 3.6.0 Standard Library (64-bit) - Python Software Foundation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[18/06/2017 22:27:00] - C:\WINDOWS\Installer\1ae569d.msi : (Python 3.6.0 Standard Library (64-bit symbols) - Python Software Foundation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[23/12/2016 08:14:26] - C:\WINDOWS\Installer\1ae56a3.msi : (Python 3.6.0 Test Suite (64-bit) - Python Software Foundation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[18/06/2017 22:27:01] - C:\WINDOWS\Installer\1ae56a9.msi : (Python 3.6.0 Test Suite (64-bit symbols) - Python Software Foundation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[23/12/2016 08:12:00] - C:\WINDOWS\Installer\1ae56af.msi : (Python 3.6.0 Documentation (64-bit) - Python Software Foundation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[23/12/2016 08:14:38] - C:\WINDOWS\Installer\1ae56b5.msi : (Python 3.6.0 Utility Scripts (64-bit) - Python Software Foundation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[23/12/2016 08:14:02] - C:\WINDOWS\Installer\1ae56bb.msi : (Python 3.6.0 Tcl/Tk Support (64-bit) - Python Software Foundation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[18/06/2017 22:27:01] - C:\WINDOWS\Installer\1ae56c1.msi : (Python 3.6.0 Tcl/Tk Support (64-bit symbols) - Python Software Foundation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[23/12/2016 07:24:28] - C:\WINDOWS\Installer\1ae56c7.msi : (Python Launcher - Python Software Foundation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[23/12/2016 08:13:04] - C:\WINDOWS\Installer\1ae56cd.msi : (Python 3.6.0 pip Bootstrap (64-bit) - Python Software Foundation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/05/2009 12:07:02] - C:\WINDOWS\Installer\1afc3.msi : ( - Cisco Systems, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/04/2009 17:41:50] - C:\WINDOWS\Installer\1afc9.msi : ( - Cisco Systems, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/04/2009 18:29:40] - C:\WINDOWS\Installer\1afcf.msi : ( - Cisco Systems, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[23/08/2019 08:11:13] - C:\WINDOWS\Installer\1e7a7da.msi : (Oracle VM VirtualBox 6.0.10 installation package - Oracle Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/06/2019 22:14:42] - C:\WINDOWS\Installer\260e4aa.msi : (Java SE Runtime Environment 8 Update 211 - Oracle Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/06/2019 22:14:40] - C:\WINDOWS\Installer\260e4b0.msi : (Java SE Runtime Environment 8 Update 211 - Oracle Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/06/2019 22:14:40] - C:\WINDOWS\Installer\260e4bd.msi : (Java Auto Updater - Oracle Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[26/08/2019 20:58:16] - C:\WINDOWS\Installer\2a90b.msi : (Emily - Razer Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[04/02/2016 20:32:08] - C:\WINDOWS\Installer\336ebd.msi : (ArtRage Lite - Ambient Design)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[15/05/2019 18:16:25] - C:\WINDOWS\Installer\75880a.msi : (Google Update Helper - Google LLC)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[11/09/2017 20:45:12] - C:\WINDOWS\Installer\7941969.msi : (Java SE Development Kit 8 Update 144 (64-bit) - Oracle Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[09/12/2018 10:47:02] - C:\WINDOWS\Installer\7a133.msi : (Minecraft - Mojang)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[26/10/2017 21:18:35] - C:\WINDOWS\Installer\8b5206.msi : (Epic Games Launcher - Epic Games, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[19/11/2015 10:56:58] - C:\WINDOWS\Installer\8b520c.msi : (Epic Games Launcher Prerequisites (x64) - Epic Games, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[21/10/2015 17:37:24] - C:\WINDOWS\Installer\a5909e.msi : (OpenOffice 4.1.2 - OpenOffice)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[03/07/2019 21:42:10] - C:\WINDOWS\Installer\bbefa2d.msi : (Mumble 1.3.0 - The Mumble Developers)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[02/08/2016 18:37:47] - C:\WINDOWS\Installer\d8715.msi : (SourceTree - Atlassian)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[25/04/2011 20:17:49] - C:\WINDOWS\Installer\f90f995.msi : (64 Bit HP CIO Components Installer Package - Hewlett-Packard)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[13/05/2011 01:40:42] - C:\WINDOWS\Installer\f90f99f.msi : ( - )          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[30/04/2011 01:04:13] - C:\WINDOWS\Installer\f90f9a5.msi : ( - )          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[13/05/2011 02:04:42] - C:\WINDOWS\Installer\f90f9ab.msi : ( - )          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/05/2012 00:56:14] - C:\WINDOWS\Installer\f90f9b2.msi : ( -)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/05/2012 01:58:59] - C:\WINDOWS\Installer\f90f9b8.msi : ( - )          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[18/11/2009 10:46:23] - C:\WINDOWS\Installer\f90f9be.msi : ( - )          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[30/04/2011 00:46:01] - C:\WINDOWS\Installer\f90f9c8.msi : (Hewlett-Packard - Hewlett-Packard)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[29/04/2011 23:24:50] - C:\WINDOWS\Installer\f90f9ce.msi : ( - )          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[29/04/2011 21:01:06] - C:\WINDOWS\Installer\f90f9d4.msi : (Builds the Destinations MSI - Builds the Destinations MSI)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[30/04/2011 04:08:51] - C:\WINDOWS\Installer\f90f9db.msi : ( - )          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[29/04/2011 20:35:14] - C:\WINDOWS\Installer\f90f9e1.msi : ( - )          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[29/04/2011 18:05:11] - C:\WINDOWS\Installer\f90f9ee.msi : ( - )          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[29/04/2011 21:31:13] - C:\WINDOWS\Installer\f90f9f7.msi : ( - )          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[30/04/2011 03:50:19] - C:\WINDOWS\Installer\f90f9fd.msi : ( - )          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[30/04/2011 02:10:25] - C:\WINDOWS\Installer\f90fa03.msi : ( - )          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[18/11/2009 08:58:23] - C:\WINDOWS\Installer\f90fa09.msi : ( - )          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[29/04/2011 22:44:02] - C:\WINDOWS\Installer\f90fa0f.msi : ( - )          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[29/04/2011 19:38:34] - C:\WINDOWS\Installer\f90fa15.msi : ( - )          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[14/08/2014 22:15:59] - C:\WINDOWS\Installer\f90fa1c.msi : (HP Update - Hewlett-Packard)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[31/08/2016 23:05:04] - [27551744] - (.().-. - ()) - C:\WINDOWS\Installer\1501fd78.msp
[15/10/2016 01:43:56] - [53345280] - (.().-. - ()) - C:\WINDOWS\Installer\1501fd86.msp
[23/10/2018 22:56:06] - [27389952] - (.().-. - ()) - C:\WINDOWS\Installer\1534cae7.msp
[15/01/2019 22:21:14] - [53014528] - (.().-. - ()) - C:\WINDOWS\Installer\1534caf6.msp
[20/11/2015 10:42:55] - [91508736] - (.().-. - ()) - C:\WINDOWS\Installer\1a71e37.msp
[20/11/2015 10:38:33] - [31764480] - (.().-. - ()) - C:\WINDOWS\Installer\1a71eb4.msp
[26/04/2013 09:29:36] - [52736] - (.().-. - ()) - C:\WINDOWS\Installer\1a71efd.msp
[30/05/2015 05:30:00] - [684032] - (.().-. - ()) - C:\WINDOWS\Installer\1a72096.msp
[30/05/2015 05:30:00] - [581632] - (.().-. - ()) - C:\WINDOWS\Installer\1a7209e.msp
[30/05/2015 05:30:00] - [18862080] - (.().-. - ()) - C:\WINDOWS\Installer\1a720a6.msp
[30/05/2015 05:30:00] - [17629184] - (.().-. - ()) - C:\WINDOWS\Installer\1a720ae.msp
[09/12/2015 09:27:06] - [1392640] - (.().-. - ()) - C:\WINDOWS\Installer\1a72cb0.msp
[09/12/2015 09:05:05] - [28672] - (.().-. - ()) - C:\WINDOWS\Installer\1a72cbb.msp
[28/06/2011 21:27:28] - [4028928] - (.().-. - ()) - C:\WINDOWS\Installer\1aa4419.msp
[28/06/2011 21:21:32] - [4637184] - (.().-. - ()) - C:\WINDOWS\Installer\1aa5986.msp
[12/12/2015 02:26:16] - [27550208] - (.().-. - ()) - C:\WINDOWS\Installer\28566e6.msp
[17/01/2016 23:34:54] - [53338112] - (.().-. - ()) - C:\WINDOWS\Installer\28566ee.msp
[04/02/2016 09:53:56] - [7045120] - (.().-. - ()) - C:\WINDOWS\Installer\32be6d3.msp
[09/03/2017 22:51:26] - [27551744] - (.().-. - ()) - C:\WINDOWS\Installer\5360221.msp
[12/04/2017 18:45:23] - [53348864] - (.().-. - ()) - C:\WINDOWS\Installer\536022f.msp
[10/02/2017 16:06:18] - [27551744] - (.().-. - ()) - C:\WINDOWS\Installer\597e3e.msp
[15/03/2017 21:23:06] - [53348864] - (.().-. - ()) - C:\WINDOWS\Installer\597e4c.msp
[11/07/2016 21:33:24] - [27550720] - (.().-. - ()) - C:\WINDOWS\Installer\5a08567.msp
[13/09/2016 21:02:23] - [53339648] - (.().-. - ()) - C:\WINDOWS\Installer\5a08575.msp
[27/04/2016 22:59:56] - [27550720] - (.().-. - ()) - C:\WINDOWS\Installer\73cf6d.msp
[23/06/2016 21:21:34] - [53339648] - (.().-. - ()) - C:\WINDOWS\Installer\73cf7b.msp
[04/05/2017 00:51:32] - [27551744] - (.().-. - ()) - C:\WINDOWS\Installer\a1b786d.msp
[14/06/2017 17:38:16] - [53350400] - (.().-. - ()) - C:\WINDOWS\Installer\a1b787c.msp
[15/12/2015 03:39:28] - [1134592] - (.().-. - ()) - C:\WINDOWS\Installer\df11f9.msp
[06/01/2016 03:28:22] - [319488] - (.().-. - ()) - C:\WINDOWS\Installer\e053e6.msp

---------- | %System%\*.in*

[09/09/2015 22:01:24] - [451] - C:\WINDOWS\System32\DiagFunc.ini
[19/03/2019 06:45:40] - [3329] - C:\WINDOWS\System32\ieuinit.inf
[26/10/2012 16:42:24] - [29494] - C:\WINDOWS\System32\lvcoin64.ini
[29/08/2019 17:29:13] - [1925022] - C:\WINDOWS\System32\PerfStringBackup.INI
[19/03/2019 06:45:00] - [60124] - C:\WINDOWS\System32\tcpmon.ini
[19/03/2019 06:44:30] - [2404] - C:\WINDOWS\System32\WimBootCompress.ini
[09/09/2015 22:01:24] - [451] - C:\WINDOWS\Syswow64\DiagFunc.ini
[19/03/2019 06:46:01] - [3329] - C:\WINDOWS\Syswow64\ieuinit.inf
[07/06/2017 17:32:32] - [1874664] - C:\WINDOWS\Syswow64\PerfStringBackup.INI
[19/03/2019 06:45:19] - [2404] - C:\WINDOWS\Syswow64\WimBootCompress.ini

---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan

[MD5.4B65B2FB8D8EEBE46F8C6FDA4F6A7E51] - |A| - [29/08/2019 17:23:09] - (.-.) - [504.44 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc.log
[MD5.00000000000000000000000000000000] - |D| - [02/09/2019 22:11:36] - [0 Ko] - C:\WINDOWS\Temp\avast_ash2
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 19:29:30] - [43.6 Ko] - C:\WINDOWS\Temp\cpuz148
[MD5.00000000000000000000000000000000] - |D| - [29/08/2019 17:25:14] - [0 Ko] - C:\WINDOWS\Temp\Crashpad
[MD5.00000000000000000000000000000000] - |D| - [30/08/2019 07:53:16] - [0 Ko] - C:\WINDOWS\Temp\CR_CDDAC.tmp
[MD5.00000000000000000000000000000000] - |D| - [12/09/2019 09:12:19] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_alternativeTrace
[MD5.00000000000000000000000000000000] - |D| - [12/09/2019 09:12:19] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_aot
[MD5.00000000000000000000000000000000] - |D| - [12/09/2019 09:12:19] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_diag
[MD5.00000000000000000000000000000000] - |D| - [12/09/2019 09:12:19] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_miniTrace
[MD5.A7A5894DF0D25FB101245AB297DA831E] - |A| - [29/08/2019 17:23:09] - (.-.) - [436.37 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\hpqddsvc.log
[MD5.4DFE289885358E6D5006225BDAC812B3] - |A| - [05/09/2019 18:29:36] - (.-.) - [5.12 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20190905-182936-0.log
[MD5.CCF654DD02F5F33BE5A16A89E2EC2A60] - |A| - [06/09/2019 09:49:00] - (.-.) - [5.12 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20190906-094900-0.log
[MD5.04A399ADECAEB0596C1851599CD5458A] - |A| - [07/09/2019 22:39:41] - (.-.) - [5.12 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20190907-223941-0.log
[MD5.907E49F4773E832D26A765409081B204] - |A| - [11/09/2019 14:23:05] - (.-.) - [5.12 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20190911-142305-0.log
[MD5.A53A6B57120F8BD2F014459E00A7345D] - |A| - [11/09/2019 14:38:11] - (.-.) - [5.12 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20190911-143811-0.log
[MD5.EB0B1FB43F2C5C1E68DB03AF69A2F0EE] - |A| - [11/09/2019 20:57:36] - (.-.) - [5.12 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20190911-205736-0.log
[MD5.1D88EACC36337DA23FDAD164BEB2A1A8] - |A| - [11/09/2019 20:59:02] - (.-.) - [5.12 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20190911-205902-0.log
[MD5.B1ABEA03FFCB648185C7B2A4E1C43485] - |A| - [11/09/2019 21:26:26] - (.-.) - [5.12 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20190911-212626-0.log
[MD5.9EFC6577E42AA397B708330362AEF662] - |A| - [11/09/2019 22:39:22] - (.-.) - [5.12 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20190911-223922-0.log
[MD5.29C98FCB46923AC97F63BBCECBF92E5E] - |A| - [11/09/2019 23:45:13] - (.-.) - [5.12 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20190911-234513-0.log
[MD5.CC79E14EA773D9E83A4BC03E4DDB6B33] - |A| - [12/09/2019 08:36:43] - (.-.) - [5.12 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20190912-083643-0.log
[MD5.613C203C642287AB5478C929C95E5E53] - |A| - [12/09/2019 09:12:21] - (.-.) - [5.12 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20190912-091221-0.log
[MD5.9E5CD92D6711685602FD4BE4D0D183F1] - |A| - [29/08/2019 17:28:10] - (.-.) - [33.26 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpCmdRun.log
[MD5.00000000000000000000000000000000] - |D| - [29/08/2019 17:19:11] - [0 Ko] - C:\WINDOWS\Temp\NvidiaLogging
[MD5.00000000000000000000000000000000] - |D| - [04/09/2019 08:07:22] - [0 Ko] - C:\WINDOWS\Temp\tw-1048-7b0-52a9598.tmp
[MD5.00000000000000000000000000000000] - |D| - [04/09/2019 08:07:22] - [0 Ko] - C:\WINDOWS\Temp\tw-1048-7b0-52a959a.tmp
[MD5.00000000000000000000000000000000] - |D| - [04/09/2019 08:07:22] - [0 Ko] - C:\WINDOWS\Temp\tw-1048-7b0-52a959c.tmp
[MD5.00000000000000000000000000000000] - |D| - [04/09/2019 08:07:22] - [0 Ko] - C:\WINDOWS\Temp\tw-1048-7b0-52a959e.tmp
[MD5.00000000000000000000000000000000] - |D| - [04/09/2019 08:07:22] - [0 Ko] - C:\WINDOWS\Temp\tw-1048-7b0-52a95b0.tmp
[MD5.00000000000000000000000000000000] - |D| - [04/09/2019 08:07:22] - [0 Ko] - C:\WINDOWS\Temp\tw-1048-7b0-52a95b2.tmp
[MD5.00000000000000000000000000000000] - |D| - [04/09/2019 08:07:22] - [0 Ko] - C:\WINDOWS\Temp\tw-1048-7b0-52a95c3.tmp
[MD5.00000000000000000000000000000000] - |D| - [04/09/2019 08:07:22] - [0 Ko] - C:\WINDOWS\Temp\tw-1048-7b0-52a95c5.tmp
[MD5.00000000000000000000000000000000] - |D| - [04/09/2019 08:07:22] - [0 Ko] - C:\WINDOWS\Temp\tw-1048-7b0-52a95c7.tmp
[MD5.00000000000000000000000000000000] - |D| - [04/09/2019 08:07:22] - [0 Ko] - C:\WINDOWS\Temp\tw-1048-7b0-52a95c9.tmp
[MD5.00000000000000000000000000000000] - |D| - [04/09/2019 08:07:22] - [0 Ko] - C:\WINDOWS\Temp\tw-1048-7b0-52a95db.tmp
[MD5.00000000000000000000000000000000] - |D| - [04/09/2019 08:07:22] - [0 Ko] - C:\WINDOWS\Temp\tw-1048-7b0-52a95dd.tmp
[MD5.00000000000000000000000000000000] - |D| - [04/09/2019 08:07:22] - [0 Ko] - C:\WINDOWS\Temp\tw-1048-7b0-52a95df.tmp
[MD5.00000000000000000000000000000000] - |D| - [04/09/2019 08:07:22] - [0 Ko] - C:\WINDOWS\Temp\tw-1048-7b0-52a95e1.tmp
[MD5.00000000000000000000000000000000] - |D| - [04/09/2019 08:07:22] - [0 Ko] - C:\WINDOWS\Temp\tw-1048-7b0-52a95f3.tmp
[MD5.00000000000000000000000000000000] - |D| - [04/09/2019 08:07:22] - [0 Ko] - C:\WINDOWS\Temp\tw-1048-7b0-52a95f5.tmp
[MD5.00000000000000000000000000000000] - |D| - [04/09/2019 08:07:22] - [0 Ko] - C:\WINDOWS\Temp\tw-1048-7b0-52a95f7.tmp
[MD5.00000000000000000000000000000000] - |D| - [04/09/2019 08:07:22] - [0 Ko] - C:\WINDOWS\Temp\tw-1048-7b0-52a9608.tmp
[MD5.00000000000000000000000000000000] - |D| - [04/09/2019 08:07:22] - [0 Ko] - C:\WINDOWS\Temp\tw-1048-7b0-52a961a.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 19:53:34] - [0 Ko] - C:\WINDOWS\Temp\tw-1eb4-1e08-4d35bd.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 19:53:34] - [0 Ko] - C:\WINDOWS\Temp\tw-1eb4-1e08-4d35bf.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 19:53:34] - [0 Ko] - C:\WINDOWS\Temp\tw-1eb4-1e08-4d35c1.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 19:53:34] - [0 Ko] - C:\WINDOWS\Temp\tw-1eb4-1e08-4d35c3.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 19:53:34] - [0 Ko] - C:\WINDOWS\Temp\tw-1eb4-1e08-4d35d4.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 19:53:34] - [0 Ko] - C:\WINDOWS\Temp\tw-1eb4-1e08-4d35d6.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 19:53:34] - [0 Ko] - C:\WINDOWS\Temp\tw-1eb4-1e08-4d35d8.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 19:53:34] - [0 Ko] - C:\WINDOWS\Temp\tw-1eb4-1e08-4d35da.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 19:53:34] - [0 Ko] - C:\WINDOWS\Temp\tw-1eb4-1e08-4d35dc.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 19:53:34] - [0 Ko] - C:\WINDOWS\Temp\tw-1eb4-1e08-4d35de.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 19:53:34] - [0 Ko] - C:\WINDOWS\Temp\tw-1eb4-1e08-4d35f0.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 19:53:34] - [0 Ko] - C:\WINDOWS\Temp\tw-1eb4-1e08-4d35f2.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 19:53:34] - [0 Ko] - C:\WINDOWS\Temp\tw-1eb4-1e08-4d35f4.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 19:53:34] - [0 Ko] - C:\WINDOWS\Temp\tw-1eb4-1e08-4d35f6.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 19:53:34] - [0 Ko] - C:\WINDOWS\Temp\tw-1eb4-1e08-4d35f8.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 19:53:34] - [0 Ko] - C:\WINDOWS\Temp\tw-1eb4-1e08-4d360a.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 19:53:34] - [0 Ko] - C:\WINDOWS\Temp\tw-1eb4-1e08-4d360c.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 19:53:34] - [0 Ko] - C:\WINDOWS\Temp\tw-1eb4-1e08-4d360e.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 19:53:34] - [0 Ko] - C:\WINDOWS\Temp\tw-1eb4-1e08-4d3610.tmp
[MD5.00000000000000000000000000000000] - |D| - [03/09/2019 08:24:42] - [0 Ko] - C:\WINDOWS\Temp\tw-203c-2f10-140ba5.tmp
[MD5.00000000000000000000000000000000] - |D| - [03/09/2019 08:24:42] - [0 Ko] - C:\WINDOWS\Temp\tw-203c-2f10-140bb6.tmp
[MD5.00000000000000000000000000000000] - |D| - [03/09/2019 08:24:42] - [0 Ko] - C:\WINDOWS\Temp\tw-203c-2f10-140bb8.tmp
[MD5.00000000000000000000000000000000] - |D| - [03/09/2019 08:24:42] - [0 Ko] - C:\WINDOWS\Temp\tw-203c-2f10-140bba.tmp
[MD5.00000000000000000000000000000000] - |D| - [03/09/2019 08:24:42] - [0 Ko] - C:\WINDOWS\Temp\tw-203c-2f10-140bbc.tmp
[MD5.00000000000000000000000000000000] - |D| - [03/09/2019 08:24:42] - [0 Ko] - C:\WINDOWS\Temp\tw-203c-2f10-140bbe.tmp
[MD5.00000000000000000000000000000000] - |D| - [03/09/2019 08:24:43] - [0 Ko] - C:\WINDOWS\Temp\tw-203c-2f10-140bc0.tmp
[MD5.00000000000000000000000000000000] - |D| - [03/09/2019 08:24:43] - [0 Ko] - C:\WINDOWS\Temp\tw-203c-2f10-140bd2.tmp
[MD5.00000000000000000000000000000000] - |D| - [03/09/2019 08:24:43] - [0 Ko] - C:\WINDOWS\Temp\tw-203c-2f10-140bd4.tmp
[MD5.00000000000000000000000000000000] - |D| - [03/09/2019 08:24:43] - [0 Ko] - C:\WINDOWS\Temp\tw-203c-2f10-140be5.tmp
[MD5.00000000000000000000000000000000] - |D| - [03/09/2019 08:24:43] - [0 Ko] - C:\WINDOWS\Temp\tw-203c-2f10-140be7.tmp
[MD5.00000000000000000000000000000000] - |D| - [03/09/2019 08:24:43] - [0 Ko] - C:\WINDOWS\Temp\tw-203c-2f10-140be9.tmp
[MD5.00000000000000000000000000000000] - |D| - [03/09/2019 08:24:43] - [0 Ko] - C:\WINDOWS\Temp\tw-203c-2f10-140beb.tmp
[MD5.00000000000000000000000000000000] - |D| - [03/09/2019 08:24:43] - [0 Ko] - C:\WINDOWS\Temp\tw-203c-2f10-140bed.tmp
[MD5.00000000000000000000000000000000] - |D| - [03/09/2019 08:24:43] - [0 Ko] - C:\WINDOWS\Temp\tw-203c-2f10-140bff.tmp
[MD5.00000000000000000000000000000000] - |D| - [03/09/2019 08:24:43] - [0 Ko] - C:\WINDOWS\Temp\tw-203c-2f10-140c01.tmp
[MD5.00000000000000000000000000000000] - |D| - [03/09/2019 08:24:43] - [0 Ko] - C:\WINDOWS\Temp\tw-203c-2f10-140c03.tmp
[MD5.00000000000000000000000000000000] - |D| - [03/09/2019 08:24:43] - [0 Ko] - C:\WINDOWS\Temp\tw-203c-2f10-140c05.tmp
[MD5.00000000000000000000000000000000] - |D| - [03/09/2019 08:24:43] - [0 Ko] - C:\WINDOWS\Temp\tw-203c-2f10-140c17.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 11:00:19] - [0 Ko] - C:\WINDOWS\Temp\tw-20c0-f30-1219bdc8.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 11:00:19] - [0 Ko] - C:\WINDOWS\Temp\tw-20c0-f30-1219bdf9.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 11:00:19] - [0 Ko] - C:\WINDOWS\Temp\tw-20c0-f30-1219bdfb.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 11:00:19] - [0 Ko] - C:\WINDOWS\Temp\tw-20c0-f30-1219be1d.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 11:00:19] - [0 Ko] - C:\WINDOWS\Temp\tw-20c0-f30-1219be2e.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 11:00:19] - [0 Ko] - C:\WINDOWS\Temp\tw-20c0-f30-1219be4f.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 11:00:19] - [0 Ko] - C:\WINDOWS\Temp\tw-20c0-f30-1219be71.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 11:00:19] - [0 Ko] - C:\WINDOWS\Temp\tw-20c0-f30-1219be73.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 11:00:19] - [0 Ko] - C:\WINDOWS\Temp\tw-20c0-f30-1219be84.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 11:00:19] - [0 Ko] - C:\WINDOWS\Temp\tw-20c0-f30-1219be96.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 11:00:19] - [0 Ko] - C:\WINDOWS\Temp\tw-20c0-f30-1219be98.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 11:00:19] - [0 Ko] - C:\WINDOWS\Temp\tw-20c0-f30-1219be9a.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 11:00:19] - [0 Ko] - C:\WINDOWS\Temp\tw-20c0-f30-1219be9c.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 11:00:19] - [0 Ko] - C:\WINDOWS\Temp\tw-20c0-f30-1219beae.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 11:00:19] - [0 Ko] - C:\WINDOWS\Temp\tw-20c0-f30-1219beb0.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 11:00:19] - [0 Ko] - C:\WINDOWS\Temp\tw-20c0-f30-1219beb2.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 11:00:19] - [0 Ko] - C:\WINDOWS\Temp\tw-20c0-f30-1219beb4.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 11:00:19] - [0 Ko] - C:\WINDOWS\Temp\tw-20c0-f30-1219bec5.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 11:00:19] - [0 Ko] - C:\WINDOWS\Temp\tw-20c0-f30-1219bed7.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 08:11:17] - [0 Ko] - C:\WINDOWS\Temp\tw-2304-227c-73227c9.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 08:11:17] - [0 Ko] - C:\WINDOWS\Temp\tw-2304-227c-73227db.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 08:11:17] - [0 Ko] - C:\WINDOWS\Temp\tw-2304-227c-73227dd.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 08:11:17] - [0 Ko] - C:\WINDOWS\Temp\tw-2304-227c-73227df.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 08:11:17] - [0 Ko] - C:\WINDOWS\Temp\tw-2304-227c-73227e1.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 08:11:17] - [0 Ko] - C:\WINDOWS\Temp\tw-2304-227c-73227e3.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 08:11:17] - [0 Ko] - C:\WINDOWS\Temp\tw-2304-227c-73227e5.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 08:11:17] - [0 Ko] - C:\WINDOWS\Temp\tw-2304-227c-73227f7.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 08:11:17] - [0 Ko] - C:\WINDOWS\Temp\tw-2304-227c-73227f9.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 08:11:17] - [0 Ko] - C:\WINDOWS\Temp\tw-2304-227c-73227fb.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 08:11:17] - [0 Ko] - C:\WINDOWS\Temp\tw-2304-227c-73227fd.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 08:11:17] - [0 Ko] - C:\WINDOWS\Temp\tw-2304-227c-73227ff.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 08:11:17] - [0 Ko] - C:\WINDOWS\Temp\tw-2304-227c-7322801.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 08:11:17] - [0 Ko] - C:\WINDOWS\Temp\tw-2304-227c-7322812.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 08:11:17] - [0 Ko] - C:\WINDOWS\Temp\tw-2304-227c-7322814.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 08:11:17] - [0 Ko] - C:\WINDOWS\Temp\tw-2304-227c-7322816.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 08:11:17] - [0 Ko] - C:\WINDOWS\Temp\tw-2304-227c-7322818.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 08:11:17] - [0 Ko] - C:\WINDOWS\Temp\tw-2304-227c-732281a.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 08:11:17] - [0 Ko] - C:\WINDOWS\Temp\tw-2304-227c-732282c.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 13:26:11] - [0 Ko] - C:\WINDOWS\Temp\tw-2b00-42c0-b74e509.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 13:26:11] - [0 Ko] - C:\WINDOWS\Temp\tw-2b00-42c0-b74e51b.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 13:26:11] - [0 Ko] - C:\WINDOWS\Temp\tw-2b00-42c0-b74e51d.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 13:26:11] - [0 Ko] - C:\WINDOWS\Temp\tw-2b00-42c0-b74e51f.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 13:26:11] - [0 Ko] - C:\WINDOWS\Temp\tw-2b00-42c0-b74e521.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 13:26:11] - [0 Ko] - C:\WINDOWS\Temp\tw-2b00-42c0-b74e532.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 13:26:11] - [0 Ko] - C:\WINDOWS\Temp\tw-2b00-42c0-b74e534.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 13:26:11] - [0 Ko] - C:\WINDOWS\Temp\tw-2b00-42c0-b74e536.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 13:26:11] - [0 Ko] - C:\WINDOWS\Temp\tw-2b00-42c0-b74e538.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 13:26:11] - [0 Ko] - C:\WINDOWS\Temp\tw-2b00-42c0-b74e53a.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 13:26:11] - [0 Ko] - C:\WINDOWS\Temp\tw-2b00-42c0-b74e54c.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 13:26:11] - [0 Ko] - C:\WINDOWS\Temp\tw-2b00-42c0-b74e54e.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 13:26:11] - [0 Ko] - C:\WINDOWS\Temp\tw-2b00-42c0-b74e550.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 13:26:11] - [0 Ko] - C:\WINDOWS\Temp\tw-2b00-42c0-b74e552.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 13:26:11] - [0 Ko] - C:\WINDOWS\Temp\tw-2b00-42c0-b74e563.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 13:26:11] - [0 Ko] - C:\WINDOWS\Temp\tw-2b00-42c0-b74e575.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 13:26:11] - [0 Ko] - C:\WINDOWS\Temp\tw-2b00-42c0-b74e577.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 13:26:12] - [0 Ko] - C:\WINDOWS\Temp\tw-2b00-42c0-b74e589.tmp
[MD5.00000000000000000000000000000000] - |D| - [05/09/2019 13:26:12] - [0 Ko] - C:\WINDOWS\Temp\tw-2b00-42c0-b74e58b.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 17:17:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2bfc-1ea0-925d370.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 17:17:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2bfc-1ea0-925d372.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 17:17:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2bfc-1ea0-925d383.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 17:17:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2bfc-1ea0-925d385.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 17:17:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2bfc-1ea0-925d397.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 17:17:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2bfc-1ea0-925d3a9.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 17:17:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2bfc-1ea0-925d3ab.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 17:17:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2bfc-1ea0-925d3bc.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 17:17:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2bfc-1ea0-925d3ce.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 17:17:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2bfc-1ea0-925d3df.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 17:17:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2bfc-1ea0-925d3f1.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 17:17:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2bfc-1ea0-925d3f3.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 17:17:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2bfc-1ea0-925d3f5.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 17:17:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2bfc-1ea0-925d3f7.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 17:17:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2bfc-1ea0-925d3f9.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 17:17:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2bfc-1ea0-925d40b.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 17:17:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2bfc-1ea0-925d40d.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 17:17:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2bfc-1ea0-925d40f.tmp
[MD5.00000000000000000000000000000000] - |D| - [09/09/2019 17:17:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2bfc-1ea0-925d411.tmp
[MD5.00000000000000000000000000000000] - |D| - [07/09/2019 20:27:22] - [0 Ko] - C:\WINDOWS\Temp\tw-32e0-2be4-76f3619.tmp
[MD5.00000000000000000000000000000000] - |D| - [07/09/2019 20:27:23] - [0 Ko] - C:\WINDOWS\Temp\tw-32e0-2be4-76f3986.tmp
[MD5.00000000000000000000000000000000] - |D| - [07/09/2019 20:27:23] - [0 Ko] - C:\WINDOWS\Temp\tw-32e0-2be4-76f3a72.tmp
[MD5.00000000000000000000000000000000] - |D| - [07/09/2019 20:27:23] - [0 Ko] - C:\WINDOWS\Temp\tw-32e0-2be4-76f3ab3.tmp
[MD5.00000000000000000000000000000000] - |D| - [07/09/2019 20:27:23] - [0 Ko] - C:\WINDOWS\Temp\tw-32e0-2be4-76f3af3.tmp
[MD5.00000000000000000000000000000000] - |D| - [07/09/2019 20:27:23] - [0 Ko] - C:\WINDOWS\Temp\tw-32e0-2be4-76f3b72.tmp
[MD5.00000000000000000000000000000000] - |D| - [07/09/2019 20:27:23] - [0 Ko] - C:\WINDOWS\Temp\tw-32e0-2be4-76f3c10.tmp
[MD5.00000000000000000000000000000000] - |D| - [07/09/2019 20:27:23] - [0 Ko] - C:\WINDOWS\Temp\tw-32e0-2be4-76f3c61.tmp
[MD5.00000000000000000000000000000000] - |D| - [07/09/2019 20:27:23] - [0 Ko] - C:\WINDOWS\Temp\tw-32e0-2be4-76f3c91.tmp
[MD5.00000000000000000000000000000000] - |D| - [07/09/2019 20:27:23] - [0 Ko] - C:\WINDOWS\Temp\tw-32e0-2be4-76f3cb3.tmp
[MD5.00000000000000000000000000000000] - |D| - [07/09/2019 20:27:23] - [0 Ko] - C:\WINDOWS\Temp\tw-32e0-2be4-76f3cc4.tmp
[MD5.00000000000000000000000000000000] - |D| - [07/09/2019 20:27:23] - [0 Ko] - C:\WINDOWS\Temp\tw-32e0-2be4-76f3d05.tmp
[MD5.00000000000000000000000000000000] - |D| - [07/09/2019 20:27:23] - [0 Ko] - C:\WINDOWS\Temp\tw-32e0-2be4-76f3d36.tmp
[MD5.00000000000000000000000000000000] - |D| - [07/09/2019 20:27:23] - [0 Ko] - C:\WINDOWS\Temp\tw-32e0-2be4-76f3d57.tmp
[MD5.00000000000000000000000000000000] - |D| - [07/09/2019 20:27:23] - [0 Ko] - C:\WINDOWS\Temp\tw-32e0-2be4-76f3d78.tmp
[MD5.00000000000000000000000000000000] - |D| - [07/09/2019 20:27:24] - [0 Ko] - C:\WINDOWS\Temp\tw-32e0-2be4-76f3d99.tmp
[MD5.00000000000000000000000000000000] - |D| - [07/09/2019 20:27:24] - [0 Ko] - C:\WINDOWS\Temp\tw-32e0-2be4-76f3dab.tmp
[MD5.00000000000000000000000000000000] - |D| - [07/09/2019 20:27:24] - [0 Ko] - C:\WINDOWS\Temp\tw-32e0-2be4-76f3dcc.tmp
[MD5.00000000000000000000000000000000] - |D| - [07/09/2019 20:27:24] - [0 Ko] - C:\WINDOWS\Temp\tw-32e0-2be4-76f3dfd.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 15:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-384c-3594-143bfc.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 15:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-384c-3594-143c0d.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 15:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-384c-3594-143c0f.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 15:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-384c-3594-143c11.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 15:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-384c-3594-143c13.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 15:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-384c-3594-143c15.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 15:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-384c-3594-143c17.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 15:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-384c-3594-143c29.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 15:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-384c-3594-143c2b.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 15:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-384c-3594-143c2d.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 15:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-384c-3594-143c2f.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 15:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-384c-3594-143c31.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 15:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-384c-3594-143c42.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 15:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-384c-3594-143c44.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 15:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-384c-3594-143c46.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 15:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-384c-3594-143c48.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 15:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-384c-3594-143c4a.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 15:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-384c-3594-143c5c.tmp
[MD5.00000000000000000000000000000000] - |D| - [11/09/2019 15:00:01] - [0 Ko] - C:\WINDOWS\Temp\tw-384c-3594-143c5e.tmp
[MD5.00000000000000000000000000000000] - |D| - [10/09/2019 07:47:53] - [0 Ko] - C:\WINDOWS\Temp\tw-3d1c-38a8-c4317d7.tmp
[MD5.00000000000000000000000000000000] - |D| - [10/09/2019 07:47:53] - [0 Ko] - C:\WINDOWS\Temp\tw-3d1c-38a8-c4317d9.tmp
[MD5.00000000000000000000000000000000] - |D| - [10/09/2019 07:47:53] - [0 Ko] - C:\WINDOWS\Temp\tw-3d1c-38a8-c4317db.tmp
[MD5.00000000000000000000000000000000] - |D| - [10/09/2019 07:47:53] - [0 Ko] - C:\WINDOWS\Temp\tw-3d1c-38a8-c4317dd.tmp
[MD5.00000000000000000000000000000000] - |D| - [10/09/2019 07:47:53] - [0 Ko] - C:\WINDOWS\Temp\tw-3d1c-38a8-c4317df.tmp
[MD5.00000000000000000000000000000000] - |D| - [10/09/2019 07:47:53] - [0 Ko] - C:\WINDOWS\Temp\tw-3d1c-38a8-c4317e1.tmp
[MD5.00000000000000000000000000000000] - |D| - [10/09/2019 07:47:53] - [0 Ko] - C:\WINDOWS\Temp\tw-3d1c-38a8-c4317f2.tmp
[MD5.00000000000000000000000000000000] - |D| - [10/09/2019 07:47:53] - [0 Ko] - C:\WINDOWS\Temp\tw-3d1c-38a8-c4317f4.tmp
[MD5.00000000000000000000000000000000] - |D| - [10/09/2019 07:47:53] - [0 Ko] - C:\WINDOWS\Temp\tw-3d1c-38a8-c4317f6.tmp
[MD5.00000000000000000000000000000000] - |D| - [10/09/2019 07:47:53] - [0 Ko] - C:\WINDOWS\Temp\tw-3d1c-38a8-c4317f8.tmp
[MD5.00000000000000000000000000000000] - |D| - [10/09/2019 07:47:53] - [0 Ko] - C:\WINDOWS\Temp\tw-3d1c-38a8-c4317fa.tmp
[MD5.00000000000000000000000000000000] - |D| - [10/09/2019 07:47:53] - [0 Ko] - C:\WINDOWS\Temp\tw-3d1c-38a8-c4317fc.tmp
[MD5.00000000000000000000000000000000] - |D| - [10/09/2019 07:47:53] - [0 Ko] - C:\WINDOWS\Temp\tw-3d1c-38a8-c43180e.tmp
[MD5.00000000000000000000000000000000] - |D| - [10/09/2019 07:47:53] - [0 Ko] - C:\WINDOWS\Temp\tw-3d1c-38a8-c431810.tmp
[MD5.00000000000000000000000000000000] - |D| - [10/09/2019 07:47:53] - [0 Ko] - C:\WINDOWS\Temp\tw-3d1c-38a8-c431812.tmp
[MD5.00000000000000000000000000000000] - |D| - [10/09/2019 07:47:53] - [0 Ko] - C:\WINDOWS\Temp\tw-3d1c-38a8-c431814.tmp
[MD5.00000000000000000000000000000000] - |D| - [10/09/2019 07:47:53] - [0 Ko] - C:\WINDOWS\Temp\tw-3d1c-38a8-c431816.tmp
[MD5.00000000000000000000000000000000] - |D| - [10/09/2019 07:47:53] - [0 Ko] - C:\WINDOWS\Temp\tw-3d1c-38a8-c431818.tmp
[MD5.00000000000000000000000000000000] - |D| - [10/09/2019 07:47:53] - [0 Ko] - C:\WINDOWS\Temp\tw-3d1c-38a8-c43182a.tmp
[MD5.00000000000000000000000000000000] - |D| - [08/09/2019 07:58:21] - [0 Ko] - C:\WINDOWS\Temp\tw-3f70-db4-1ffe816.tmp
[MD5.00000000000000000000000000000000] - |D| - [08/09/2019 07:58:21] - [0 Ko] - C:\WINDOWS\Temp\tw-3f70-db4-1ffe828.tmp
[MD5.00000000000000000000000000000000] - |D| - [08/09/2019 07:58:21] - [0 Ko] - C:\WINDOWS\Temp\tw-3f70-db4-1ffe82a.tmp
[MD5.00000000000000000000000000000000] - |D| - [08/09/2019 07:58:21] - [0 Ko] - C:\WINDOWS\Temp\tw-3f70-db4-1ffe82c.tmp
[MD5.00000000000000000000000000000000] - |D| - [08/09/2019 07:58:21] - [0 Ko] - C:\WINDOWS\Temp\tw-3f70-db4-1ffe82e.tmp
[MD5.00000000000000000000000000000000] - |D| - [08/09/2019 07:58:21] - [0 Ko] - C:\WINDOWS\Temp\tw-3f70-db4-1ffe830.tmp
[MD5.00000000000000000000000000000000] - |D| - [08/09/2019 07:58:21] - [0 Ko] - C:\WINDOWS\Temp\tw-3f70-db4-1ffe841.tmp
[MD5.00000000000000000000000000000000] - |D| - [08/09/2019 07:58:21] - [0 Ko] - C:\WINDOWS\Temp\tw-3f70-db4-1ffe843.tmp
[MD5.00000000000000000000000000000000] - |D| - [08/09/2019 07:58:21] - [0 Ko] - C:\WINDOWS\Temp\tw-3f70-db4-1ffe845.tmp
[MD5.00000000000000000000000000000000] - |D| - [08/09/2019 07:58:21] - [0 Ko] - C:\WINDOWS\Temp\tw-3f70-db4-1ffe847.tmp
[MD5.00000000000000000000000000000000] - |D| - [08/09/2019 07:58:21] - [0 Ko] - C:\WINDOWS\Temp\tw-3f70-db4-1ffe849.tmp
[MD5.00000000000000000000000000000000] - |D| - [08/09/2019 07:58:21] - [0 Ko] - C:\WINDOWS\Temp\tw-3f70-db4-1ffe85b.tmp
[MD5.00000000000000000000000000000000] - |D| - [08/09/2019 07:58:21] - [0 Ko] - C:\WINDOWS\Temp\tw-3f70-db4-1ffe85d.tmp
[MD5.00000000000000000000000000000000] - |D| - [08/09/2019 07:58:21] - [0 Ko] - C:\WINDOWS\Temp\tw-3f70-db4-1ffe85f.tmp
[MD5.00000000000000000000000000000000] - |D| - [08/09/2019 07:58:21] - [0 Ko] - C:\WINDOWS\Temp\tw-3f70-db4-1ffe861.tmp
[MD5.00000000000000000000000000000000] - |D| - [08/09/2019 07:58:21] - [0 Ko] - C:\WINDOWS\Temp\tw-3f70-db4-1ffe863.tmp
[MD5.00000000000000000000000000000000] - |D| - [08/09/2019 07:58:21] - [0 Ko] - C:\WINDOWS\Temp\tw-3f70-db4-1ffe874.tmp
[MD5.00000000000000000000000000000000] - |D| - [08/09/2019 07:58:21] - [0 Ko] - C:\WINDOWS\Temp\tw-3f70-db4-1ffe876.tmp
[MD5.00000000000000000000000000000000] - |D| - [08/09/2019 07:58:21] - [0 Ko] - C:\WINDOWS\Temp\tw-3f70-db4-1ffe878.tmp
[MD5.00000000000000000000000000000000] - |D| - [06/09/2019 12:22:57] - [0 Ko] - C:\WINDOWS\Temp\tw-3f98-6f4-8d5ab2.tmp
[MD5.00000000000000000000000000000000] - |D| - [06/09/2019 12:22:57] - [0 Ko] - C:\WINDOWS\Temp\tw-3f98-6f4-8d5ac4.tmp
[MD5.00000000000000000000000000000000] - |D| - [06/09/2019 12:22:57] - [0 Ko] - C:\WINDOWS\Temp\tw-3f98-6f4-8d5ac6.tmp
[MD5.00000000000000000000000000000000] - |D| - [06/09/2019 12:22:57] - [0 Ko] - C:\WINDOWS\Temp\tw-3f98-6f4-8d5ac8.tmp
[MD5.00000000000000000000000000000000] - |D| - [06/09/2019 12:22:57] - [0 Ko] - C:\WINDOWS\Temp\tw-3f98-6f4-8d5aca.tmp
[MD5.00000000000000000000000000000000] - |D| - [06/09/2019 12:22:57] - [0 Ko] - C:\WINDOWS\Temp\tw-3f98-6f4-8d5aeb.tmp
[MD5.00000000000000000000000000000000] - |D| - [06/09/2019 12:22:57] - [0 Ko] - C:\WINDOWS\Temp\tw-3f98-6f4-8d5afd.tmp
[MD5.00000000000000000000000000000000] - |D| - [06/09/2019 12:22:57] - [0 Ko] - C:\WINDOWS\Temp\tw-3f98-6f4-8d5aff.tmp
[MD5.00000000000000000000000000000000] - |D| - [06/09/2019 12:22:57] - [0 Ko] - C:\WINDOWS\Temp\tw-3f98-6f4-8d5b01.tmp
[MD5.00000000000000000000000000000000] - |D| - [06/09/2019 12:22:57] - [0 Ko] - C:\WINDOWS\Temp\tw-3f98-6f4-8d5b03.tmp
[MD5.00000000000000000000000000000000] - |D| - [06/09/2019 12:22:57] - [0 Ko] - C:\WINDOWS\Temp\tw-3f98-6f4-8d5b05.tmp
[MD5.00000000000000000000000000000000] - |D| - [06/09/2019 12:22:57] - [0 Ko] - C:\WINDOWS\Temp\tw-3f98-6f4-8d5b07.tmp
[MD5.00000000000000000000000000000000] - |D| - [06/09/2019 12:22:57] - [0 Ko] - C:\WINDOWS\Temp\tw-3f98-6f4-8d5b18.tmp
[MD5.00000000000000000000000000000000] - |D| - [06/09/2019 12:22:57] - [0 Ko] - C:\WINDOWS\Temp\tw-3f98-6f4-8d5b1a.tmp
[MD5.00000000000000000000000000000000] - |D| - [06/09/2019 12:22:57] - [0 Ko] - C:\WINDOWS\Temp\tw-3f98-6f4-8d5b1c.tmp
[MD5.00000000000000000000000000000000] - |D| - [06/09/2019 12:22:57] - [0 Ko] - C:\WINDOWS\Temp\tw-3f98-6f4-8d5b1e.tmp
[MD5.00000000000000000000000000000000] - |D| - [06/09/2019 12:22:57] - [0 Ko] - C:\WINDOWS\Temp\tw-3f98-6f4-8d5b20.tmp
[MD5.00000000000000000000000000000000] - |D| - [06/09/2019 12:22:57] - [0 Ko] - C:\WINDOWS\Temp\tw-3f98-6f4-8d5b32.tmp
[MD5.00000000000000000000000000000000] - |D| - [06/09/2019 12:22:57] - [0 Ko] - C:\WINDOWS\Temp\tw-3f98-6f4-8d5b34.tmp
[MD5.CFCD208495D565EF66E7DFF9F98764DA] - |A| - [29/08/2019 17:23:10] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\WacomInstallO.txt
[MD5.CACEC06C48010C0F4417E7A74594359D] - |A| - [11/09/2019 21:25:52] - (.-.) - [0.5 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\WER-1628234-0.sysdata.xml
[MD5.CACEC06C48010C0F4417E7A74594359D] - |A| - [11/09/2019 23:44:46] - (.-.) - [0.5 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\WER-3939500-0.sysdata.xml
[MD5.CACEC06C48010C0F4417E7A74594359D] - |A| - [11/09/2019 22:38:56] - (.-.) - [0.5 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\WER-4365500-0.sysdata.xml
[MD5.00000000000000000000000000000000] - |D| - [29/08/2019 17:23:08] - [0 Ko] - C:\WINDOWS\Temp\_avast_
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:27] - [0 Ko] - C:\WINDOWS\System32\0409
[MD5.00000000000000000000000000000000] - |D| - [02/08/2009 12:30:47] - [0 Ko] - C:\WINDOWS\System32\040C
[MD5.00000000000000000000000000000000] - |D| - [16/01/2016 19:14:30] - [438.24 Ko] - C:\WINDOWS\System32\1033
[MD5.00000000000000000000000000000000] - |D| - [18/06/2017 22:00:56] - [366.3 Ko] - C:\WINDOWS\System32\1036
[MD5.63A4C3CB06A6D1316A1AE813EEA1A613] - |A| - [14/07/2009 06:45:49] - (.-.) - [15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[MD5.63A4C3CB06A6D1316A1AE813EEA1A613] - |A| - [14/07/2009 06:45:49] - (.-.) - [15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[MD5.C652A5EA6545C98CE71684018E0640E7] - |A| - [19/03/2019 06:44:33] - (.-.) - [3.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AdvancedKeySettingsNotification.png
[MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [19/03/2019 06:44:28] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AppHelpToast.png
[MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [19/03/2019 06:44:28] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AudioToastIcon.png
[MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [19/03/2019 06:44:03] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@BackgroundAccessToastIcon.png
[MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [19/03/2019 06:44:47] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@bitlockertoastimage.png
[MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [19/03/2019 06:44:47] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@EnrollmentToastIcon.png
[MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [19/03/2019 06:44:52] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@language_notification_icon.png
[MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [19/03/2019 06:45:47] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@optionalfeatures.png
[MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [19/03/2019 06:45:02] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@VpnToastIcon.png
[MD5.79166EAF65485F1432DD72B72870026B] - |A| - [19/03/2019 06:45:32] - (.-.) - [190.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@windows-hello-V4.1.gif
[MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsHelloFaceToastIcon.png
[MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-black.png
[MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-white.png
[MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.png
[MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [19/03/2019 06:44:01] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WirelessDisplayToast.png
[MD5.D0FCF781D0801ABF5F74B54E98076A5B] - |A| - [19/03/2019 06:44:12] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanNotificationIcon.png
[MD5.85D91E478AF18125007C531227FF6E59] - |A| - [19/03/2019 06:44:12] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanSimLockIcon.png
[MD5.31A16C523B62500F83C82217F056A538] - |A| - [19/03/2019 06:44:21] - (.-.) - [8.13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ActiveHours.png
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [2751.51 Ko] - C:\WINDOWS\System32\AdvancedInstallers
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\af-ZA
[MD5.0724FA8BCAF2725746F9BB4264989D96] - |A| - [19/03/2019 06:43:47] - (.-.) - [13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\agentactivationruntimestarter.exe
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [5.97 Ko] - C:\WINDOWS\System32\am-et
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0 Ko] - C:\WINDOWS\System32\AppLocker
[MD5.00000000000000000000000000000000] - |D| - [22/07/2015 20:12:13] - [0 Ko] - C:\WINDOWS\System32\appmgmt
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [2710.82 Ko] - C:\WINDOWS\System32\appraiser
[MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 14:04:01] - [287.49 Ko] - C:\WINDOWS\System32\AppV
[MD5.6CBD4E2DCE4577A476EA4860AE1B567D] - |A| - [13/02/2017 15:50:12] - (.-.) - [637.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\appverif.chm
[MD5.EACA2737107A7F14A40C09643F003906] - |A| - [29/03/2017 21:48:16] - (.-.) - [126.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\appverifUI.dll
[MD5.F94192B47ACA96AFFEBC1073891EBB42] - |A| - [16/07/2016 13:43:20] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AppVStreamingUX.exe.config
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [279 Ko] - C:\WINDOWS\System32\ar-SA
[MD5.A3FA2DD7B000AE0964395512E9C37E41] - |A| - [19/03/2019 06:45:35] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [607 Ko] - (3.3.2.0) - C:\WINDOWS\System32\archiveint.dll
[MD5.1FBDFD7CB4DBF205124B7BBD818E8F58] - |A| - [02/06/2007 13:01:12] - (.Copyright (C) Ambient Design Ltd 2006 - ARThumb DLL.) - [178.73 Ko] - (1.0.0.1) - C:\WINDOWS\System32\ARThumb64.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\as-IN
[MD5.FD82F0D54CFDFC908E7C3723B86AB1DA] - |A| - [19/03/2019 06:57:20] - (.-.) - [488.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AssignedAccessCsp.dll
[MD5.6ECE5A28A9B58426B73589FFD9107230] - |A| - [08/09/2019 16:34:27] - (.Copyright (c) 2019 AVAST Software - Avast start-up scanner.) - [355.38 Ko] - (19.7.4674.0) - C:\WINDOWS\System32\aswBoot.exe
[MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [19/03/2019 06:43:47] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AverageRoom.bin
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\az-Latn-AZ
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\be-BY
[MD5.00000000000000000000000000000000] - |D| - [29/08/2019 17:37:39] - [14.04 Ko] - C:\WINDOWS\System32\BestPractices
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [259 Ko] - C:\WINDOWS\System32\bg-BG
[MD5.705628497C0012302212A46ADD463E6E] - |A| - [19/03/2019 06:43:45] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-black.png
[MD5.F63C615733A3337BF2BEA96C6EE9B568] - |A| - [19/03/2019 06:43:45] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-high.png
[MD5.705628497C0012302212A46ADD463E6E] - |A| - [19/03/2019 06:43:45] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-white.png
[MD5.DAF1DCB4AEE839A1965F4CC160C49A53] - |A| - [19/03/2019 06:43:45] - (.-.) - [8.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.png
[MD5.28ECA83D7F9D10D69E969675D1FF6725] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.contrast-white.png
[MD5.A620186FF1CDE4EE117FC4CAD648B9CC] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\bn-BD
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\bn-IN
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [5885.86 Ko] - C:\WINDOWS\System32\Boot
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\bs-Latn-BA
[MD5.6CC5FAF5A7B51609D0D2A90AC1202918] - |A| - [19/03/2019 06:44:29] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [182 Ko] - (1.0.0.1) - C:\WINDOWS\System32\BthpanContextHandler.dll
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0.1 Ko] - C:\WINDOWS\System32\Bthprops
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ca-ES
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ca-ES-valencia
[MD5.00000000000000000000000000000000] - |HD| - [12/12/2015 16:08:55] - [4504.85 Ko] - C:\WINDOWS\System32\CanonIJ Uninstaller Information
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:37:22] - [61708.58 Ko] - C:\WINDOWS\System32\CatRoot
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [50126.46 Ko] - C:\WINDOWS\System32\catroot2
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\chr-CHER-US
[MD5.09F6C9BF8B22D230CA73CBF17C5F9700] - |A| - [11/03/2010 00:57:08] - (.Copyright CANON INC. 2006-2010 All Rights Reserved - Canon IJ Driver Installer.) - [242.5 Ko] - (1.8.0.70) - C:\WINDOWS\System32\CNMIUAE.DLL
[MD5.93B9E4D0B7BD601372C5B50FE0381533] - |A| - [12/12/2015 16:08:44] - (.Copyright CANON INC. 2000-2011 All Rights Reserved - IJ Language Monitor.) - [376 Ko] - (0.3.0.1) - C:\WINDOWS\System32\CNMLMAE.DLL
[MD5.225399AEA05354FFC1AC4B41711ADD13] - |A| - [31/08/2015 17:26:13] - (.Copyright CANON INC. 2003-2012 All Rights Reserved - Canon IJ Network 64bit comm Module.) - [351.5 Ko] - (3.1.1.10) - C:\WINDOWS\System32\CNMN6PPM.DLL
[MD5.E7F344507DE8FB326D1089FF6C207C5F] - |A| - [31/08/2015 17:26:13] - (.Copyright CANON INC. 2003-2012 All Rights Reserved - Canon IJ Network 64bit UI Module.) - [38.5 Ko] - (3.1.1.10) - C:\WINDOWS\System32\CNMN6UI.DLL
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [11.19 Ko] - C:\WINDOWS\System32\CodeIntegrity
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [375 Ko] - C:\WINDOWS\System32\Com
[MD5.535884123FABC2C15AA7DEC9834B55D4] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.contrast-white.png
[MD5.89F92266DFC6F93961DFFBB2D6C61A15] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:37:22] - [369396.98 Ko] - C:\WINDOWS\System32\config
[MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:45] - [86.84 Ko] - C:\WINDOWS\System32\Configuration
[MD5.5C77E079B337BCF6235F39183D7C7026] - |A| - [19/03/2019 06:44:16] - (.-.) - [223.02 Ko] - (0.0.0.0) - C:\WINDOWS\System32\containerdevicemanagement.dll
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [322.5 Ko] - C:\WINDOWS\System32\cs-CZ
[MD5.2419907A0BB9A14F1871F0BDA7F65578] - |A| - [29/08/2019 17:41:22] - (.© 1996 - 2017 Daniel Stenberg, <daniel@haxx.se>. - The curl executable.) - [411.5 Ko] - (7.55.1.0) - C:\WINDOWS\System32\curl.exe
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\cy-GB
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [318.5 Ko] - C:\WINDOWS\System32\da-DK
[MD5.7155B124089FAC5F304084116669F6DF] - |A| - [19/03/2019 06:43:57] - (.-.) - [146 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DataStoreCacheDumpTool.exe
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [277.94 Ko] - C:\WINDOWS\System32\DDFs
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [363 Ko] - C:\WINDOWS\System32\de-DE
[MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [19/03/2019 06:44:03] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultAccountTile.png
[MD5.618BA9E529EAB7E11DBA43469481835F] - |A| - [19/03/2019 06:43:47] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultHrtfs.bin
[MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [19/03/2019 06:49:38] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultQuestions.json
[MD5.6C22EC440786D5E1EA69E0D53C4F3B4B] - |A| - [19/03/2019 06:44:45] - (.-.) - [35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\deploymentcsphelper.exe
[MD5.851A9305E14B348CA0D9C7FB75391FDB] - |A| - [19/03/2019 06:44:21] - (.-.) - [272.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DesktopKeepOnToastImg.gif
[MD5.4A6FA3C0EFD237F104E09A22883D9388] - |A| - [19/03/2019 06:44:25] - (.-.) - [3.85 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DetailedReading-Default.xml
[MD5.2E4A8F4B4B71F266861613647BCE2DAE] - |A| - [19/03/2019 06:57:20] - (.-.) - [133.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DeviceUpdateCenterCsp.dll
[MD5.B227DF8720C51EE0A80CB23CCCEF1EC6] - |A| - [26/10/2012 16:42:24] - (.-.) - [328.35 Ko] - (13.80.853.0) - C:\WINDOWS\System32\DevManagerCore.dll
[MD5.2B6AD8152E878FD7133B4E5061F6C275] - |A| - [09/09/2015 22:01:24] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DiagFunc.ini
[MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:45] - [916.5 Ko] - C:\WINDOWS\System32\DiagSvcs
[MD5.173D1EB779621B66784DCABEDF9AFB4F] - |A| - [19/03/2019 06:44:18] - (.-.) - [82.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DiskSnapshot.conf
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [9703.81 Ko] - C:\WINDOWS\System32\Dism
[MD5.6AB2B935BF38EB13CFCB9506223FD6E7] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.contrast-white.png
[MD5.FF004E0B30E5E4EC747B3D8EF6E3B89E] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.png
[MD5.8D220B2451DFE2E17A95212D8E0C7B2E] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth1.bin
[MD5.13318050805A1AC2D4A4C534887AB007] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth10.bin
[MD5.54A4D2752B62FFE8A98E588DB906E799] - |A| - [19/03/2019 06:45:34] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth11.bin
[MD5.FA7D32EB423DAC57B0AE079CCA87DE7A] - |A| - [19/03/2019 06:45:34] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth12.bin
[MD5.3570691E603B87CC41363341E8348904] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth2.bin
[MD5.DF7C0D8374183AB5CA91C1204CA91A0B] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth3.bin
[MD5.46F4C31CFE6F93F9CA045DF5C1E23752] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth4.bin
[MD5.A88FC6AF11F7E33395C51F9D979FFDFB] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth5.bin
[MD5.91B60C6DB00407A19FB7B16C15C3B07E] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth6.bin
[MD5.8F40E6DF99054EF4DF58281867B404B3] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth7.bin
[MD5.681F63EA513534AFC3A881CF81D65DEF] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth8.bin
[MD5.F0259D2CCAC0734A7E83CD875179A6A8] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth9.bin
[MD5.00000000000000000000000000000000] - |DC| - [22/06/2015 14:13:29] - [1222.5 Ko] - C:\WINDOWS\System32\DRVSTORE
[MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:45] - [214.5 Ko] - C:\WINDOWS\System32\dsc
[MD5.2AC58918336D59AAAB91DBDB97FB3182] - |A| - [19/03/2019 06:44:30] - (.-.) - [2529.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\dwmscene.dll
[MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [19/03/2019 06:43:47] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicLong.bin
[MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [19/03/2019 06:43:47] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicMedium.bin
[MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [19/03/2019 06:43:47] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicShort.bin
[MD5.D5F2BE5B35EDA786EB1B27884174A3CB] - |A| - [26/08/2019 21:32:39] - (.Copyright © EasyAntiCheat Oy 2018 - EasyAntiCheat UserMode.) - [19.22 Ko] - (1.0.0.0) - C:\WINDOWS\System32\eac_usermode_505842930830.dll
[MD5.D5F2BE5B35EDA786EB1B27884174A3CB] - |A| - [22/08/2019 22:47:58] - (.Copyright © EasyAntiCheat Oy 2018 - EasyAntiCheat UserMode.) - [19.22 Ko] - (1.0.0.0) - C:\WINDOWS\System32\eac_usermode_7875404915277.dll
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [365.5 Ko] - C:\WINDOWS\System32\el-GR
[MD5.AF4A1BE416BB681F53004EAAE0D260DE] - |A| - [10/04/2016 16:39:22] - (.-.) - [22.66 Ko] - (0.0.0.0) - C:\WINDOWS\System32\emptyregdb.dat
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:27] - [3455 Ko] - C:\WINDOWS\System32\en
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [243.5 Ko] - C:\WINDOWS\System32\en-GB
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [43939.54 Ko] - C:\WINDOWS\System32\en-US
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [348 Ko] - C:\WINDOWS\System32\es-ES
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [271 Ko] - C:\WINDOWS\System32\es-MX
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [238 Ko] - C:\WINDOWS\System32\et-EE
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\eu-ES
[MD5.00000000000000000000000000000000] - |D| - [21/06/2015 01:36:43] - [154.5 Ko] - C:\WINDOWS\System32\EventProviders
[MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:45] - [16996.14 Ko] - C:\WINDOWS\System32\F12
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\fa-IR
[MD5.4DED57BD7ACB9B0EBBE82034EC44645A] - |A| - [19/03/2019 06:44:39] - (.-.) - [43.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastBulldogImg.png
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [7.11 Ko] - C:\WINDOWS\System32\ff-Adlm-SN
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [322.5 Ko] - C:\WINDOWS\System32\fi-FI
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\fil-PH
[MD5.85300262FE37D3D2B91B8508C62CC374] - |A| - [29/08/2019 17:18:34] - (.-.) - [309.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FNTCACHE.DAT
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:27] - [3490.5 Ko] - C:\WINDOWS\System32\fr
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [278.5 Ko] - C:\WINDOWS\System32\fr-CA
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [48488.28 Ko] - C:\WINDOWS\System32\fr-FR
[MD5.3C402FA88BB488B77A73428623B7825B] - |A| - [19/03/2019 06:45:49] - (.-.) - [167 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FsNVSDeviceSource.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ga-IE
[MD5.41FD64AE28A0C932CA7B2A250993D675] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.contrast-white.png
[MD5.6DC77FD8B062264AF1C6DA325ABB7010] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.png
[MD5.2E6AF4D5BF6E31E728F409984C3045D4] - |A| - [19/03/2019 06:45:50] - (.-.) - [86.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\gatherNetworkInfo.vbs
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\gd-GB
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\gl-ES
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\WINDOWS\System32\GroupPolicy
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\WINDOWS\System32\GroupPolicyUsers
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\gu-IN
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ha-Latn-NG
[MD5.EA99A87E98D995DE6E280CF85CEAD413] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.contrast-white.png
[MD5.B8E586ED92DB703FFA480E254996160E] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [256.5 Ko] - C:\WINDOWS\System32\he-IL
[MD5.6E9E9D56B192B2995493E529CFF2BBFE] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.contrast-white.png
[MD5.7F1E9502267F778F3A8139C35A352190] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.png
[MD5.202A07E4526B050E22624328E64E0470] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.contrast-white.png
[MD5.1892ACC10CAC009BCAC146AD650ABA58] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.png
[MD5.031713BFD5F30E63336D3CA5D2767BE9] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.contrast-white.png
[MD5.C1BD7976C99830E33A713D02374054EC] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.png
[MD5.D6F7FB7B9386E0A029DCCD11DD84B15A] - |A| - [19/03/2019 06:44:11] - (.-.) - [260 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeatCore.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\hi-IN
[MD5.6813927F6A57291B8434A957CAED2EEB] - |A| - [19/01/2010 16:12:08] - (.Copyright © 2009 - WSDResolver Dynamic Link Library.) - [68.5 Ko] - (1.0.0.1) - C:\WINDOWS\System32\HPBWSDR.DLL
[MD5.5B50CDC567CE0E85468F32A585291662] - |A| - [27/11/2009 13:15:28] - (.Copyright © 2005 - bidichan.) - [223.5 Ko] - (1.5.1.1) - C:\WINDOWS\System32\hplbddrv.dll
[MD5.B4DE48A0333CD63B62CDC63B516D9902] - |A| - [19/03/2019 06:45:54] - (.-.) - [37.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HvSocket.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\hy-AM
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:04:01] - [158.57 Ko] - C:\WINDOWS\System32\Hydrogen
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [5.36 Ko] - C:\WINDOWS\System32\ias
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [36.27 Ko] - C:\WINDOWS\System32\icsxml
[MD5.2E977573411A099BD0213832B7442F0E] - |A| - [29/08/2019 17:40:59] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Combined Library.) - [2267 Ko] - (63.1.0.0) - C:\WINDOWS\System32\icu.dll
[MD5.D2A4919E61E99157AD2DE994795C0F83] - |RA| - [19/03/2019 06:44:15] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [24.5 Ko] - (63.1.0.0) - C:\WINDOWS\System32\icuin.dll
[MD5.003EEDD728E2952E23DB9F6516B9194A] - |RA| - [19/03/2019 06:44:15] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [29 Ko] - (63.1.0.0) - C:\WINDOWS\System32\icuuc.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\id-ID
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ig-NG
[MD5.8CE43FCE353B86A81F67014B6EEE5143] - |A| - [19/03/2019 06:43:45] - (.-.) - [195.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\IHDS.dll
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [25976.29 Ko] - C:\WINDOWS\System32\IME
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [5577.75 Ko] - C:\WINDOWS\System32\inetsrv
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [6775 Ko] - C:\WINDOWS\System32\InputMethod
[MD5.8DE9AE82152650C178BF1E24014E8503] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.contrast-white.png
[MD5.0B9FBD6F3ED617CD36D042D3422F1C2B] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0 Ko] - C:\WINDOWS\System32\Ipmi
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\is-IS
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [348 Ko] - C:\WINDOWS\System32\it-IT
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [264.09 Ko] - C:\WINDOWS\System32\ja-jp
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ka-GE
[MD5.23AC7515B6D8A794BCC01B582F044078] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.contrast-white.png
[MD5.3DF873E16CCEA9B42857FB5FA085CB00] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [532.61 Ko] - C:\WINDOWS\System32\Keywords
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\kk-KZ
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\km-KH
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\kn-IN
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [238.5 Ko] - C:\WINDOWS\System32\ko-KR
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\kok-IN
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ku-Arab-IQ
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ky-KG
[MD5.9451D4436E2EA67EB33FCC764E4AABED] - |A| - [19/03/2019 06:44:21] - (.-.) - [186.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LaptopPlugInToastImg.gif
[MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [19/03/2019 06:43:47] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LargeRoom.bin
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [22/07/2019 21:31:34] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\System32\last.dump
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\lb-LU
[MD5.157FB82D7141B18624FF2D42190C97E1] - |A| - [19/03/2019 14:02:30] - (.-.) - [1572 Ko] - (2.6.5.1) - C:\WINDOWS\System32\libcrypto.dll
[MD5.D558A70ADE1D59ABA791A09BE44970AF] - |A| - [19/06/2015 21:05:08] - (.Copyright © 1998-2005 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. - OpenSSL Shared Library.) - [1468.5 Ko] - (1.0.0.10) - C:\WINDOWS\System32\libeay32.dll
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [625.17 Ko] - C:\WINDOWS\System32\Licenses
[MD5.23C8C188C7A05F7CC046F52C3508E261] - |A| - [18/08/2017 11:01:32] - (.(C) 1998-2011 Logitech. - Logitech KMDF Co-Installer (UNICODE).) - [1800.27 Ko] - (5.30.42.0) - C:\WINDOWS\System32\LkmdfCoInst.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\lo-LA
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [29252.67 Ko] - C:\WINDOWS\System32\LogFiles
[MD5.B65E8E52916A527F88486875EE291AA8] - |A| - [26/10/2012 16:42:22] - (.-.) - [10663.85 Ko] - (13.80.853.0) - C:\WINDOWS\System32\LogiDPP.dll
[MD5.24764C249F769991079F6D4B14B822AF] - |A| - [26/10/2012 16:42:22] - (.-.) - [100.85 Ko] - (13.80.853.0) - C:\WINDOWS\System32\LogiDPPApp.exe
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [246.5 Ko] - C:\WINDOWS\System32\lt-LT
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [247.5 Ko] - C:\WINDOWS\System32\lv-LV
[MD5.4D4248F6D008D86D5575EE5B154971AE] - |A| - [26/10/2012 16:42:22] - (.(c) 1996-2012 Logitech. - Logitech Co-Installer.) - [256.28 Ko] - (13.80.853.0) - C:\WINDOWS\System32\lvco1380853.dll
[MD5.FF510CF2A7FA73192E7DB06D7C311799] - |A| - [26/10/2012 16:42:24] - (.(c) 1996-2012 Logitech. - Video Codec.) - [171.28 Ko] - (13.80.853.0) - C:\WINDOWS\System32\lvcod64.dll
[MD5.1A8AE8A66B6C289046276453768EF270] - |A| - [26/10/2012 16:42:24] - (.-.) - [28.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\lvcoin64.ini
[MD5.0E35F1D6CBA2008E067C87AB6A089860] - |A| - [07/06/2017 17:32:20] - (.-.) - [41.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\lvcoinst.log
[MD5.B4CD287DFAA6578AC763A3800F0C2DC8] - |A| - [26/10/2012 16:42:24] - (.(c) 1996-2012 Logitech. - Logitech Camera Property Pages.) - [750.28 Ko] - (13.80.853.0) - C:\WINDOWS\System32\LVUI64.dll
[MD5.CCFDDF84B42198B0AAD27D11ACFD254E] - |A| - [26/10/2012 16:42:22] - (.(c) 1996-2012 Logitech. - Logitech Camera Property Pages.) - [547.28 Ko] - (13.80.853.0) - C:\WINDOWS\System32\LVUIRC64.dll
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [62520.66 Ko] - C:\WINDOWS\System32\Macromed
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:03:17] - [32.68 Ko] - C:\WINDOWS\System32\MailContactsCalendarSync
[MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [19/03/2019 06:46:54] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\WINDOWS\System32\manage-bde.wsf
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\WINDOWS\System32\manifeststore
[MD5.F53CAB05B340E9C28028764995BC1071] - |A| - [19/03/2019 06:45:05] - (.-.) - [836.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MBR2GPT.EXE
[MD5.F23EB28468FC8B62AF941308EC30387F] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.contrast-white.png
[MD5.6E27512E38D598E0A60F8E5ADCF032CD] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.png
[MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [19/03/2019 06:43:47] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediumRoom.bin
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\mi-NZ
[MD5.00000000000000000000000000000000] - |D| - [29/08/2019 17:44:17] - [1122.38 Ko] - C:\WINDOWS\System32\Microsoft
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [7391.85 Ko] - C:\WINDOWS\System32\migration
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [46633.82 Ko] - C:\WINDOWS\System32\migwiz
[MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [19/03/2019 06:46:18] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MixedRealityRuntime.json
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\mk-MK
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ml-IN
[MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [19/03/2019 06:49:39] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\mmc.exe.config
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\mn-MN
[MD5.B43E43FFFDD0F06A6925C7C89594042B] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.contrast-white.png
[MD5.5D2F0D3E50BF1129D260AC1405FF2A18] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\mr-IN
[MD5.00000000000000000000000000000000] - |D| - [10/04/2016 19:14:57] - [9.25 Ko] - C:\WINDOWS\System32\MRT
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ms-MY
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [45.5 Ko] - C:\WINDOWS\System32\MSDRM
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [4292.28 Ko] - C:\WINDOWS\System32\MsDtc
[MD5.00000000000000000000000000000000] - |D| - [29/08/2019 17:37:39] - [6162.17 Ko] - C:\WINDOWS\System32\msmq
[MD5.18403DE4979A328F21279DECB2E4298F] - |A| - [19/03/2019 06:46:15] - (.-.) - [3.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\msmqpub.mof
[MD5.E0640DE5407EEE4C6E16D839243B71F9] - |A| - [19/03/2019 06:58:39] - (.-.) - [8.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\msmqtrc.mof
[MD5.3ED9AC3EE11EE2C16E2E41F0DC4BAD42] - |A| - [19/03/2019 06:46:15] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\msmqtrcRemove.mof
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\mt-MT
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [19.16 Ko] - C:\WINDOWS\System32\MUI
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [45.64 Ko] - C:\WINDOWS\System32\my-mm
[MD5.6B1E196C4E5CB30D6FF99CFA8F1F071D] - |A| - [19/03/2019 06:44:28] - (.-.) - [28.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NarratorControlTemplates.xml
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [311.5 Ko] - C:\WINDOWS\System32\nb-NO
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [640 Ko] - C:\WINDOWS\System32\NDF
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ne-NP
[MD5.D57EE98CE1C2052DF2C87221DDFD1030] - |A| - [07/06/2017 17:31:35] - (.-.) - [181.63 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetSetupMig.log
[MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [19/03/2019 06:45:50] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetTrace.PLA.Diagnostics.xml
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [68 Ko] - C:\WINDOWS\System32\networklist
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [342.5 Ko] - C:\WINDOWS\System32\nl-NL
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\nn-NO
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\nso-ZA
[MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:45] - [3781.5 Ko] - C:\WINDOWS\System32\Nui
[MD5.0C441127CBBA0C12F48B7BA350906DBD] - |A| - [07/06/2017 17:32:14] - (.-.) - [8487.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvcoproc.bin
[MD5.F1A96D4677EFAF8D6C404E369C9719FA] - |A| - [22/08/2019 23:03:38] - (.-.) - [53.42 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvinfo.pb
[MD5.3BC31486C4164B2C7F440EE987A4BDC8] - |A| - [07/09/2019 22:34:20] - (.-.) - [660.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvofapi64.dll
[MD5.DC55B5C2A8A45395DB884591324D359B] - |A| - [19/03/2019 14:04:01] - (.-.) - [18.02 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OEMDefaultAssociations.xml
[MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-black.png
[MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-white.png
[MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.png
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [15271.88 Ko] - C:\WINDOWS\System32\oobe
[MD5.2AD7B4F3C8D2BB686D231EDFF404B7A4] - |A| - [25/06/2018 17:08:24] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [120.02 Ko] - (6.14.357.24) - C:\WINDOWS\System32\OpenAL32.dll
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:02:30] - [3554.5 Ko] - C:\WINDOWS\System32\OpenSSH
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\or-IN
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [3.81 Ko] - C:\WINDOWS\System32\osa-Osge-001
[MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [19/03/2019 06:43:47] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OutdoorAudioEnvironment.bin
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\pa-Arab-PK
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\pa-IN
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [1746.17 Ko] - C:\WINDOWS\System32\PerceptionSimulation
[MD5.2A96310112FC24E76D89C3F96E94695A] - |A| - [19/03/2019 06:55:38] - (.-.) - [156.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc009.dat
[MD5.DDD6819EC559163934A8032F44055F0E] - |A| - [19/03/2019 14:01:29] - (.-.) - [163.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc00C.dat
[MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [19/03/2019 06:55:38] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd009.dat
[MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [19/03/2019 14:01:29] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd00C.dat
[MD5.2911B25368BC58FB3E441144B8AB2C52] - |A| - [19/03/2019 06:55:38] - (.-.) - [748.95 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh009.dat
[MD5.EC2DE9D994A2FD527E15EC51F31615DF] - |A| - [19/03/2019 14:01:29] - (.-.) - [812.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh00C.dat
[MD5.5158D1FF0D90CFAA199A5C5EA35099BA] - |A| - [29/08/2019 17:29:13] - (.-.) - [1879.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerfStringBackup.INI
[MD5.79D34E3B62076D4C875C748F5BE71ECA] - |A| - [19/03/2019 06:43:45] - (.-.) - [2.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.contrast-white.png
[MD5.4D9495349D00D9AD907F227FF51F289F] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.92 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [341.5 Ko] - C:\WINDOWS\System32\pl-PL
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [456.5 Ko] - C:\WINDOWS\System32\PointOfService
[MD5.686E760C5AEA12E78A85B617B76D99A9] - |A| - [18/10/2012 22:52:30] - (.-.) - [3776.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PortChanger.exe
[MD5.77D96999819206E9208DF12819E5DBA7] - |A| - [19/03/2019 06:44:12] - (.-.) - [42.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\pospaymentsworker.exe
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:28] - [973.95 Ko] - C:\WINDOWS\System32\Printing_Admin_Scripts
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0 Ko] - C:\WINDOWS\System32\ProximityToast
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\prs-AF
[MD5.007893E8374C766471239EB291BA8C17] - |A| - [19/03/2019 06:44:00] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\psmodulediscoveryprovider.mof
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [336 Ko] - C:\WINDOWS\System32\pt-BR
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [338.5 Ko] - C:\WINDOWS\System32\pt-PT
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\quc-Latn-GT
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\quz-PE
[MD5.EAB23AC006BF96114D82A634CAD5015E] - |A| - [09/09/2015 22:01:24] - (.(c) Copyright 2008, Ralink Technology, Inc. - RaCertMg Dynamic Link Library.) - [2347.06 Ko] - (1.0.0.9) - C:\WINDOWS\System32\RaCertMgr.dll
[MD5.3B9B5F18E8E86E1300A3E325EBE626FC] - |A| - [19/06/2015 21:05:02] - (.-.) - [7.68 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RaCoInst.log
[MD5.B75546BCB1205B2DB68A3DAD400BE323] - |A| - [09/09/2015 22:01:24] - (.(c) Copyright 2012, Ralink Technology, Inc. - Ralink UI Extensions DLL.) - [124.5 Ko] - (1.0.0.7) - C:\WINDOWS\System32\RAEXTUI.dll
[MD5.DED8E595A72E0F675D447817F5FF515F] - |A| - [09/09/2015 22:01:24] - (.(c) Copyright 2012, Ralink Technology, Inc. -  Ralink Extensions DLL.) - [1089.5 Ko] - (1.0.0.20) - C:\WINDOWS\System32\RAIHV.dll
[MD5.00000000000000000000000000000000] - |D| - [19/06/2015 21:04:54] - [4.98 Ko] - C:\WINDOWS\System32\RaLanguages
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [23.75 Ko] - C:\WINDOWS\System32\ras
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0 Ko] - C:\WINDOWS\System32\RasToast
[MD5.E713275BCE55BBE5B7E4B37D482C66F7] - |A| - [12/04/2016 07:20:52] - (.Copyright © 2014 Razer Inc. All rights reserved - RazerCoinstaller.) - [93.16 Ko] - (0.0.0.5) - C:\WINDOWS\System32\RazerCoinstaller.dll
[MD5.2210F24EDC6E80B1D311B2C3641DE9FA] - |A| - [29/08/2019 17:41:25] - (.-.) - [1983.5 Ko] - (1.0.1907.17001) - C:\WINDOWS\System32\rdpnano.dll
[MD5.D8D02FD6073373A537FC0C1024E7C6DA] - |A| - [19/03/2019 06:43:47] - (.-.) - [60.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rdsxvmaudio.dll
[MD5.9EB5D001B61A90672B8DA7E272545704] - |A| - [19/03/2019 06:58:49] - (.Copyright (C) 2009 - RemoteFX Helper.) - [131.5 Ko] - (1.1.0.0) - C:\WINDOWS\System32\RDVGHelper.exe
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [2.19 Ko] - C:\WINDOWS\System32\Recovery
[MD5.826549DF7B1333179BA8CA939B12DAD3] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.contrast-white.png
[MD5.B4DEEC96F9DF6961D5DE054F11BF9C2B] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.png
[MD5.C6CA43573C21CA6392F57F238C8391FC] - |A| - [26/10/2012 16:42:22] - (.-.) - [39.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Repository.reg
[MD5.093F9EE0C00B452996E7837F1D7165E5] - |A| - [29/08/2019 17:41:19] - (.-.) - [107.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResBParser.dll
[MD5.1FB4B6A26FEEF4A99B7D0ECD2ADDF075] - |A| - [19/03/2019 06:45:56] - (.-.) - [9.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageList
[MD5.93915F385A4EED6C0FBEE364EA90CE56] - |A| - [19/03/2019 06:45:56] - (.-.) - [9.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageListLowCost
[MD5.39BB5D2A5EC1CBDD722CAB7BDCEC41F5] - |A| - [19/03/2019 06:45:56] - (.-.) - [8.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageList
[MD5.39A2449AFF6ABAD80B97EA7C7CEB3F8E] - |A| - [19/03/2019 06:45:56] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageListLowCost
[MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-black.png
[MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-white.png
[MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.png
[MD5.AE9FE55FED83149715734CB83339055A] - |A| - [19/03/2019 06:44:21] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartTonight_80.png
[MD5.AE9FE55FED83149715734CB83339055A] - |A| - [19/03/2019 06:44:21] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartTonight_80_contrast-black.png
[MD5.891AD355AB777A95695FC8A8A623A614] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.98 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartTonight_80_contrast-white.png
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0.07 Ko] - C:\WINDOWS\System32\restore
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [261 Ko] - C:\WINDOWS\System32\ro-RO
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [334 Ko] - C:\WINDOWS\System32\ru-RU
[MD5.AA694008D3068ED546D9DF920BF5300D] - |A| - [19/03/2019 06:44:35] - (.-.) - [57.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\runexehelper.exe
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\rw-RW
[MD5.2CF34465F8DE12B1BF00CD8B9C22846E] - |A| - [12/03/2015 05:43:00] - (.Copyright 2012 - Samsung Electronics.) - [221.12 Ko] - (1.0.0.6) - C:\WINDOWS\System32\SBuySupplies.exe
[MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [19/03/2019 06:46:39] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScavengeSpace.xml
[MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-black.png
[MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-white.png
[MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.png
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\sd-Arab-PK
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [6.92 Ko] - C:\WINDOWS\System32\SecureBootUpdates
[MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [19/03/2019 06:44:01] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\settings.dat
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [77.44 Ko] - C:\WINDOWS\System32\Sgrm
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [2370 Ko] - C:\WINDOWS\System32\ShellExperiences
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [23.7 Ko] - C:\WINDOWS\System32\si-lk
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [254.5 Ko] - C:\WINDOWS\System32\sk-SK
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [251.5 Ko] - C:\WINDOWS\System32\sl-SI
[MD5.00000000000000000000000000000000] - |D| - [29/08/2019 17:18:34] - [27723.53 Ko] - C:\WINDOWS\System32\SleepStudy
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:28] - [98.06 Ko] - C:\WINDOWS\System32\slmgr
[MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [19/03/2019 06:43:47] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SmallRoom.bin
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:37:22] - [13385.02 Ko] - C:\WINDOWS\System32\SMI
[MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-black.png
[MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-white.png
[MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.png
[MD5.DE3EAAF17BC934C77C4FC0C626EEA03B] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.contrast-white.png
[MD5.3308374DB8D20CFDA4D4204E2B5E559E] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.png
[MD5.CEDAB194F8B9DADA895371B4560B97F0] - |A| - [19/03/2019 06:45:54] - (.-.) - [38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpectrumSyncClient.dll
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [7680.8 Ko] - C:\WINDOWS\System32\Speech
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [12411.23 Ko] - C:\WINDOWS\System32\Speech_OneCore
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [246833.1 Ko] - C:\WINDOWS\System32\spool
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [14931.68 Ko] - C:\WINDOWS\System32\spp
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [23.61 Ko] - C:\WINDOWS\System32\sppui
[MD5.00000000000000000000000000000000] - |D| - [24/06/2015 23:24:44] - [1775.5 Ko] - C:\WINDOWS\System32\SPReview
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\sq-AL
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\sr-Cyrl-BA
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\sr-Cyrl-RS
[MD5.00000000000000000000000000000000] - |D| - [16/07/2016 13:47:48] - [0 Ko] - C:\WINDOWS\System32\sr-Latn-CS
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [253.5 Ko] - C:\WINDOWS\System32\sr-Latn-RS
[MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [19/03/2019 06:45:56] - (.-.) - [19.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms-apr.dat
[MD5.763BCEE61F573235E1C60E80438AC301] - |A| - [29/08/2019 17:41:25] - (.-.) - [57.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms.dat
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [52568 Ko] - C:\WINDOWS\System32\sru
[MD5.EBF15D23B92DE845AC8C952AE9153492] - |A| - [19/03/2019 06:43:47] - (.-.) - [443 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ssdm.dll
[MD5.11BCBCF837E19434C417C859A8638881] - |A| - [19/06/2015 21:05:08] - (.Copyright © 1998-2005 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. - OpenSSL Shared Library.) - [301.5 Ko] - (1.0.0.10) - C:\WINDOWS\System32\ssleay32.dll
[MD5.00000000000000000000000000000000] - |D| - [31/08/2015 17:26:13] - [153 Ko] - C:\WINDOWS\System32\STRING
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [317.5 Ko] - C:\WINDOWS\System32\sv-SE
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\sw-KE
[MD5.86F89BFB30410D33A0BFE9793DC181B0] - |A| - [01/09/2019 12:09:21] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\swhealthex.log
[MD5.20C4FE2B130D9F0C92D7629E71AFBB66] - |A| - [19/03/2019 06:46:24] - (.-.) - [1.68 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SyncAppvPublishingServer.vbs
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:43] - [1401.24 Ko] - C:\WINDOWS\System32\Sysprep
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [947.28 Ko] - C:\WINDOWS\System32\SystemResetPlatform
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [10.73 Ko] - C:\WINDOWS\System32\ta-in
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [10.73 Ko] - C:\WINDOWS\System32\ta-lk
[MD5.5F6B04A0EC5FE46FEEEC887406F63E57] - |A| - [19/03/2019 06:45:35] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [49.5 Ko] - (3.3.2.0) - C:\WINDOWS\System32\tar.exe
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [780.95 Ko] - C:\WINDOWS\System32\Tasks
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [741.51 Ko] - C:\WINDOWS\System32\Tasks_Migrated
[MD5.D602CA245CC6774A0981B607F0675609] - |A| - [19/03/2019 06:45:00] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcpmon.ini
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\te-IN
[MD5.364B8B76EBB95762632341E49F26144D] - |A| - [29/08/2019 17:40:58] - (.-.) - [1798 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TextInputMethodFormatter.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\tg-Cyrl-TJ
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [232 Ko] - C:\WINDOWS\System32\th-TH
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [5.97 Ko] - C:\WINDOWS\System32\ti-et
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\tk-TM
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\tn-ZA
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [312.5 Ko] - C:\WINDOWS\System32\tr-TR
[MD5.B88B8D017386A00D7724519F475317A0] - |A| - [19/03/2019 06:43:54] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlan.xslt
[MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [19/03/2019 06:43:54] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlanCredentials.xslt
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\tt-RU
[MD5.D200497DD3A24F138123F0EB6C385D1D] - |A| - [19/03/2019 06:46:26] - (.-.) - [0.14 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UevAppMonitor.exe.config
[MD5.4AAEE8D86EC81DA2A1514ABC77E71F57] - |A| - [19/03/2019 06:46:26] - (.-.) - [3.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UevCustomActionTypes.tlb
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ug-CN
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [249 Ko] - C:\WINDOWS\System32\uk-UA
[MD5.B9A75ED4500DD953DF172FE6F63578E8] - |A| - [19/03/2019 06:43:49] - (.-.) - [53.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\umpdc.dll
[MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:45] - [1917.6 Ko] - C:\WINDOWS\System32\UNP
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ur-PK
[MD5.FC21BF5A1667FC745FE53D05DA4CB8A2] - |A| - [12/03/2015 05:43:06] - (.Copyright (C) 2004  Co., Ltd. - SSCoInst.) - [87.5 Ko] - (1.0.0.4) - C:\WINDOWS\System32\us003ci.dll
[MD5.36B6FE3848FEB51F719389CA758278A2] - |A| - [12/03/2015 05:43:06] - (.- UPD Co-Installer.) - [154.31 Ko] - (3.0.0.2) - C:\WINDOWS\System32\us003ci.exe
[MD5.DBAB523742E598670B37A65B16528CE1] - |A| - [12/03/2015 05:43:04] - (.- Language Monitor for Status Monitor.) - [22 Ko] - (1.4.9.0) - C:\WINDOWS\System32\us003lm.dll
[MD5.21B9D3543310B811B3F0DBE3838EEF12] - |A| - [19/03/2019 06:44:18] - (.-.) - [44.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UsbPmApi.dll
[MD5.BAB4BA3C107F89955FABD06688B232F0] - |A| - [29/08/2019 17:41:01] - (.-.) - [37 Ko] - (0.0.0.0) - C:\WINDOWS\System32\usocoreps.dll
[MD5.F7588533600D24CFFDB5842176B81106] - |A| - [19/03/2019 06:57:21] - (.-.) - [116 Ko] - (0.0.0.0) - C:\WINDOWS\System32\uwfcfgmgmt.dll
[MD5.BD456ED873EF48503EC28DC0317B505A] - |A| - [19/03/2019 06:57:21] - (.-.) - [147.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\uwfcsp.dll
[MD5.5489D0B06F4A77C8676E3A6F0A8E2D79] - |A| - [19/03/2019 06:57:47] - (.-.) - [30 Ko] - (0.0.0.0) - C:\WINDOWS\System32\uwfservicingapi.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\uz-Latn-UZ
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\vi-VN
[MD5.E9A66CB07CCDB9B99F084315E04FCBC7] - |A| - [19/03/2019 06:59:03] - (.-.) - [92.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\VirtualMonitorManager.dll
[MD5.7877BB5C324A67F9372A8101B8B04FB6] - |A| - [07/09/2019 22:34:20] - (.Copyright (C) 2015-2019 - Vulkan Loader.) - [988.7 Ko] - (1.1.106.0) - C:\WINDOWS\System32\vulkan-1-999-0-0-0.dll
[MD5.7877BB5C324A67F9372A8101B8B04FB6] - |A| - [07/09/2019 22:34:20] - (.Copyright (C) 2015-2019 - Vulkan Loader.) - [988.7 Ko] - (1.1.106.0) - C:\WINDOWS\System32\vulkan-1.dll
[MD5.D1ECA7C0F5F563CD9201CDAC3BFD0899] - |A| - [07/09/2019 22:34:20] - (.Copyright (C) 2015-2019 - Vulkan Info.) - [294.2 Ko] - (1.1.106.0) - C:\WINDOWS\System32\vulkaninfo-1-999-0-0-0.exe
[MD5.D1ECA7C0F5F563CD9201CDAC3BFD0899] - |A| - [07/09/2019 22:34:20] - (.Copyright (C) 2015-2019 - Vulkan Info.) - [294.2 Ko] - (1.1.106.0) - C:\WINDOWS\System32\vulkaninfo.exe
[MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [19/03/2019 06:44:30] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WdsUnattendTemplate.xml
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\WINDOWS\System32\wfp
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [1.12 Ko] - C:\WINDOWS\System32\WinBioDatabase
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [49316.93 Ko] - C:\WINDOWS\System32\WinBioPlugIns
[MD5.E30AD4BFF3700940585102E79813639C] - |A| - [11/09/2017 20:47:35] - (.Copyright © 2019 - Java(TM) Platform SE binary.) - [108.37 Ko] - (8.0.2110.12) - C:\WINDOWS\System32\WindowsAccessBridge-64.dll
[MD5.8B956E4F6378335CC19BE3296A6C9B7E] - |A| - [19/03/2019 06:44:11] - (.-.) - [122 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsDefaultHeatProcessor.dll
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [11878.72 Ko] - C:\WINDOWS\System32\WindowsPowerShell
[MD5.28E98ED0B6B08B7F1D163FFD184B28AF] - |A| - [19/03/2019 06:44:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsSecurityIcon.png
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [143060 Ko] - C:\WINDOWS\System32\winevt
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [6161.92 Ko] - C:\WINDOWS\System32\WinMetadata
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:28] - [207.67 Ko] - C:\WINDOWS\System32\winrm
[MD5.1B46E2E85D401A629966A8F62D9B0775] - |A| - [19/03/2019 06:43:52] - (.-.) - [9.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcatltoast.png
[MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [19/03/2019 06:43:52] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcmon.png
[MD5.69FEC1494F4C454E994D27CA6750832B] - |A| - [19/03/2019 06:44:35] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpr.config.xml
[MD5.549347BCD4AACD63243D78E8F869DBB1] - |A| - [25/06/2018 17:08:24] - (.Copyright © 2008 - OpenAL32.) - [455.52 Ko] - (2.2.0.5) - C:\WINDOWS\System32\wrap_oal.dll
[MD5.2DE2D263D2C5739AB4A37C5616ABA671] - |A| - [19/03/2019 06:44:03] - (.-.) - [97 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xboxgipsynthetic.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\xh-ZA
[MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.61 Ko] - (0.0.0.0) - C:\WINDOWS\System32\X_80.contrast-black.png
[MD5.6FF92221AF9D6CDF0966C4E44C367975] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.57 Ko] - (0.0.0.0) - C:\WINDOWS\System32\X_80.contrast-white.png
[MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.61 Ko] - (0.0.0.0) - C:\WINDOWS\System32\X_80.png
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\yo-NG
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [237.99 Ko] - C:\WINDOWS\System32\zh-CN
[MD5.00000000000000000000000000000000] - |D| - [16/07/2016 13:47:48] - [6.5 Ko] - C:\WINDOWS\System32\zh-HK
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [207.5 Ko] - C:\WINDOWS\System32\zh-TW
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\zu-ZA
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:28] - [0 Ko] - C:\WINDOWS\SysWOW64\0409
[MD5.00000000000000000000000000000000] - |D| - [02/08/2009 12:30:51] - [0 Ko] - C:\WINDOWS\SysWOW64\040C
[MD5.00000000000000000000000000000000] - |D| - [16/01/2016 19:22:12] - [438.24 Ko] - C:\WINDOWS\SysWOW64\1033
[MD5.00000000000000000000000000000000] - |D| - [18/06/2017 22:00:56] - [366.3 Ko] - C:\WINDOWS\SysWOW64\1036
[MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [19/03/2019 06:45:19] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AppHelpToast.png
[MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [19/03/2019 06:45:19] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AudioToastIcon.png
[MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [19/03/2019 06:45:22] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@EnrollmentToastIcon.png
[MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [19/03/2019 06:45:30] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@VpnToastIcon.png
[MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [19/03/2019 06:45:13] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@WirelessDisplayToast.png
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [1856.8 Ko] - C:\WINDOWS\SysWOW64\AdvancedInstallers
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\af-ZA
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\am-ET
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\AppLocker
[MD5.6CBD4E2DCE4577A476EA4860AE1B567D] - |A| - [10/02/2017 19:45:44] - (.-.) - [637.35 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\appverif.chm
[MD5.155F98A03A7C10E514A2022AF3831F5C] - |A| - [29/03/2017 21:52:42] - (.-.) - [101.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\appverifUI.dll
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [97.5 Ko] - C:\WINDOWS\SysWOW64\ar-SA
[MD5.7230E04E6BD86FFE4E1034D9B3B893A3] - |A| - [19/03/2019 06:45:59] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [520 Ko] - (3.3.2.0) - C:\WINDOWS\SysWOW64\archiveint.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\as-IN
[MD5.DA4158441F8F7492D7CC4ECDBEC8B72E] - |A| - [07/06/2017 17:31:56] - (.Copyright (C) 2010 - AsIO DLL.) - [36.51 Ko] - (1.0.0.4) - C:\WINDOWS\SysWOW64\AsIO.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\az-Latn-AZ
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\be-BY
[MD5.00000000000000000000000000000000] - |D| - [29/08/2019 17:37:39] - [12.62 Ko] - C:\WINDOWS\SysWOW64\BestPractices
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [58.5 Ko] - C:\WINDOWS\SysWOW64\bg-BG
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\bn-BD
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\bn-IN
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\bs-Latn-BA
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0.1 Ko] - C:\WINDOWS\SysWOW64\Bthprops
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ca-ES
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ca-ES-valencia
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot2
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\chr-CHER-US
[MD5.80621A595D8AC5A16BC0E91750301BC1] - |A| - [31/08/2015 17:26:13] - (.Copyright CANON INC. 2003-2012 All Rights Reserved - Canon IJ Network 32bit comm Module.) - [358 Ko] - (3.1.1.10) - C:\WINDOWS\SysWOW64\CNMNPPM.DLL
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [322 Ko] - C:\WINDOWS\SysWOW64\Com
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [5.34 Ko] - C:\WINDOWS\SysWOW64\config
[MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:46] - [86.84 Ko] - C:\WINDOWS\SysWOW64\Configuration
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [118.5 Ko] - C:\WINDOWS\SysWOW64\cs-CZ
[MD5.1E02A122FE09272058FC1EF0B1B6265E] - |A| - [29/08/2019 17:41:27] - (.© 1996 - 2017 Daniel Stenberg, <daniel@haxx.se>. - The curl executable.) - [377 Ko] - (7.55.1.0) - C:\WINDOWS\SysWOW64\curl.exe
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\cy-GB
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [119.5 Ko] - C:\WINDOWS\SysWOW64\da-DK
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [131 Ko] - C:\WINDOWS\SysWOW64\de-DE
[MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [19/03/2019 06:45:13] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\DefaultAccountTile.png
[MD5.B227DF8720C51EE0A80CB23CCCEF1EC6] - |A| - [26/10/2012 16:42:24] - (.-.) - [328.35 Ko] - (13.80.853.0) - C:\WINDOWS\SysWOW64\DevManagerCore.dll
[MD5.2B6AD8152E878FD7133B4E5061F6C275] - |A| - [09/09/2015 22:01:24] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\DiagFunc.ini
[MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:46] - [186 Ko] - C:\WINDOWS\SysWOW64\DiagSvcs
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [7676.23 Ko] - C:\WINDOWS\SysWOW64\Dism
[MD5.B2878B10259C66B4CAA5C6D16D884D41] - |A| - [12/08/2017 15:48:01] - (.Copyright © EasyAntiCheat Ltd 2016 - EasyAntiCheat Service.) - [373.54 Ko] - (4.0.0.0) - C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [131 Ko] - C:\WINDOWS\SysWOW64\el-GR
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:28] - [3118 Ko] - C:\WINDOWS\SysWOW64\en
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [53 Ko] - C:\WINDOWS\SysWOW64\en-GB
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [8608.26 Ko] - C:\WINDOWS\SysWOW64\en-US
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [126 Ko] - C:\WINDOWS\SysWOW64\es-ES
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [59 Ko] - C:\WINDOWS\SysWOW64\es-MX
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [53.5 Ko] - C:\WINDOWS\SysWOW64\et-EE
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\eu-ES
[MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:46] - [13060.65 Ko] - C:\WINDOWS\SysWOW64\F12
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\fa-IR
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [119.5 Ko] - C:\WINDOWS\SysWOW64\fi-FI
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\fil-PH
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:28] - [3150 Ko] - C:\WINDOWS\SysWOW64\fr
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [60.5 Ko] - C:\WINDOWS\SysWOW64\fr-CA
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [9424.26 Ko] - C:\WINDOWS\SysWOW64\fr-FR
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\FxsTmp
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ga-IE
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\gd-GB
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\gl-ES
[MD5.1E91815C329345AD54FE08BF7A98F749] - |A| - [19/03/2019 14:02:24] - (.Copyright (C) 2017 - Gracenote SDK component.) - [4073.5 Ko] - (3.10.5.5585) - C:\WINDOWS\SysWOW64\gnsdk_fp.dll
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicy
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicyUsers
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\gu-IN
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ha-Latn-NG
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [93 Ko] - C:\WINDOWS\SysWOW64\he-IL
[MD5.791F8E1C60E6466F93D792D375D8F1B5] - |A| - [19/03/2019 06:45:13] - (.-.) - [203.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HeatCore.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\hi-IN
[MD5.659B216490380FBE2DC77DECC203E5ED] - |A| - [29/08/2019 17:41:16] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Combined Library.) - [1849.5 Ko] - (63.1.0.0) - C:\WINDOWS\SysWOW64\icu.dll
[MD5.1EAD0C642EF0B2692D44A206CAD63C74] - |RA| - [19/03/2019 06:45:16] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [24 Ko] - (63.1.0.0) - C:\WINDOWS\SysWOW64\icuin.dll
[MD5.9D459E0C31117F3A841D2EA00F7BC99C] - |RA| - [19/03/2019 06:45:16] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [28.5 Ko] - (63.1.0.0) - C:\WINDOWS\SysWOW64\icuuc.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\id-ID
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ig-NG
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [21339.25 Ko] - C:\WINDOWS\SysWOW64\IME
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [7070.07 Ko] - C:\WINDOWS\SysWOW64\inetsrv
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [213 Ko] - C:\WINDOWS\SysWOW64\InputMethod
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [1160 Ko] - C:\WINDOWS\SysWOW64\InstallShield
[MD5.E1D9B162740B31CAEE817740341EFF09] - |A| - [18/02/2002 19:40:28] - (.-.) - [6.05 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\INT13EXT.VXD
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\Ipmi
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\is-IS
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [125 Ko] - C:\WINDOWS\SysWOW64\it-IT
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [89 Ko] - C:\WINDOWS\SysWOW64\ja-JP
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ka-GE
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\kk-KZ
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\km-KH
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\kn-IN
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [91 Ko] - C:\WINDOWS\SysWOW64\ko-KR
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\kok-IN
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ku-Arab-IQ
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ky-KG
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\lb-LU
[MD5.8BCC6072AA8373B87031BA199AF10CF3] - |A| - [09/09/2015 22:01:38] - (.-.) - [87 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\libgcc_s_sjlj-1.dll
[MD5.75A072D944DD229D3E14ABA97D5511E2] - |A| - [09/09/2015 22:01:38] - (.-.) - [803 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\libstdc++-6.dll
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [625.17 Ko] - C:\WINDOWS\SysWOW64\Licenses
[MD5.00000000000000000000000000000000] - |D| - [18/06/2015 23:37:54] - [10842.33 Ko] - C:\WINDOWS\SysWOW64\LiveUpdate
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\lo-LA
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\LogFiles
[MD5.B65E8E52916A527F88486875EE291AA8] - |A| - [26/10/2012 16:42:22] - (.-.) - [10663.85 Ko] - (13.80.853.0) - C:\WINDOWS\SysWOW64\LogiDPP.dll
[MD5.24764C249F769991079F6D4B14B822AF] - |A| - [26/10/2012 16:42:22] - (.-.) - [100.85 Ko] - (13.80.853.0) - C:\WINDOWS\SysWOW64\LogiDPPApp.exe
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [56.5 Ko] - C:\WINDOWS\SysWOW64\lt-LT
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [56 Ko] - C:\WINDOWS\SysWOW64\lv-LV
[MD5.BDC67729D0A4940C525654FF869C5289] - |A| - [26/10/2012 16:42:22] - (.(c) 1996-2012 Logitech. - Video Codec.) - [297.85 Ko] - (13.80.853.0) - C:\WINDOWS\SysWOW64\lvcodec2.dll
[MD5.E8C604C7E16CE90C0D4564EC06B118E8] - |A| - [26/10/2012 16:42:22] - (.(c) 1996-2012 Logitech. - Logitech Camera Property Pages.) - [529.85 Ko] - (13.80.853.0) - C:\WINDOWS\SysWOW64\LVUI2.dll
[MD5.F13DA78D0873B2025556D65DB5E3210D] - |A| - [26/10/2012 16:42:24] - (.(c) 1996-2012 Logitech. - Logitech Camera Property Pages.) - [525.85 Ko] - (13.80.853.0) - C:\WINDOWS\SysWOW64\LVUI2RC.dll
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [51262.15 Ko] - C:\WINDOWS\SysWOW64\Macromed
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:03:17] - [32.68 Ko] - C:\WINDOWS\SysWOW64\MailContactsCalendarSync
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\WINDOWS\SysWOW64\manifeststore
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\mi-NZ
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [3611.62 Ko] - C:\WINDOWS\SysWOW64\migration
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [812.8 Ko] - C:\WINDOWS\SysWOW64\migwiz
[MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [19/03/2019 06:46:21] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\MixedRealityRuntime.json
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\mk-MK
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ml-IN
[MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [19/03/2019 06:49:45] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\mmc.exe.config
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\mn-MN
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\mr-IN
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ms-MY
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [45.5 Ko] - C:\WINDOWS\SysWOW64\MSDRM
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [52.28 Ko] - C:\WINDOWS\SysWOW64\Msdtc
[MD5.18403DE4979A328F21279DECB2E4298F] - |A| - [19/03/2019 06:46:15] - (.-.) - [3.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\msmqpub.mof
[MD5.E0640DE5407EEE4C6E16D839243B71F9] - |A| - [19/03/2019 07:00:58] - (.-.) - [8.88 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\msmqtrc.mof
[MD5.3ED9AC3EE11EE2C16E2E41F0DC4BAD42] - |A| - [19/03/2019 06:46:15] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\msmqtrcRemove.mof
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\mt-MT
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [19.15 Ko] - C:\WINDOWS\SysWOW64\MUI
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [116 Ko] - C:\WINDOWS\SysWOW64\nb-NO
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\NDF
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ne-NP
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [51 Ko] - C:\WINDOWS\SysWOW64\networklist
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [122 Ko] - C:\WINDOWS\SysWOW64\nl-NL
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\nn-NO
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\nso-ZA
[MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:46] - [3781.5 Ko] - C:\WINDOWS\SysWOW64\Nui
[MD5.4BB02B2DE9D61D7B9FE6B2BB512C36DF] - |A| - [07/09/2019 22:34:20] - (.-.) - [531.7 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\nvofapi.dll
[MD5.B3B9C8925432FDA674ACCA908FE3CFDE] - |A| - [19/03/2019 07:00:31] - (.-.) - [36.79 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\OneDrive.ico
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [754.8 Ko] - C:\WINDOWS\SysWOW64\oobe
[MD5.235355A8DD26903E75D5E812ECF50E53] - |A| - [25/06/2018 17:08:24] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [106.52 Ko] - (6.14.357.24) - C:\WINDOWS\SysWOW64\OpenAL32.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\or-IN
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\pa-Arab-PK
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\pa-IN
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [79 Ko] - C:\WINDOWS\SysWOW64\PerceptionSimulation
[MD5.2DBC55CA4798BD742CFBF1BDE5FC6731] - |A| - [07/06/2017 17:32:32] - (.-.) - [1830.73 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PerfStringBackup.INI
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [124 Ko] - C:\WINDOWS\SysWOW64\pl-PL
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:28] - [969.13 Ko] - C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\prs-AF
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [121.5 Ko] - C:\WINDOWS\SysWOW64\pt-BR
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [123 Ko] - C:\WINDOWS\SysWOW64\pt-PT
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\quc-Latn-GT
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\quz-PE
[MD5.2D20E70AAF29452AB081301E16993B30] - |A| - [09/09/2015 22:01:23] - (.(c) Copyright 2008, Ralink Technology, Inc. - RaCertMg Dynamic Link Library.) - [1571.06 Ko] - (1.0.0.9) - C:\WINDOWS\SysWOW64\RaCertMgr.dll
[MD5.221494C29E9F4B6D02514CA29F2A3A4E] - |A| - [09/09/2015 22:01:26] - (.-.) - [13.79 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\RaCoInst.dat
[MD5.B75546BCB1205B2DB68A3DAD400BE323] - |A| - [09/09/2015 22:01:24] - (.(c) Copyright 2012, Ralink Technology, Inc. - Ralink UI Extensions DLL.) - [124.5 Ko] - (1.0.0.7) - C:\WINDOWS\SysWOW64\RAEXTUI.dll
[MD5.DED8E595A72E0F675D447817F5FF515F] - |A| - [09/09/2015 22:01:24] - (.(c) Copyright 2012, Ralink Technology, Inc. -  Ralink Extensions DLL.) - [1089.5 Ko] - (1.0.0.20) - C:\WINDOWS\SysWOW64\RAIHV.dll
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [23.75 Ko] - C:\WINDOWS\SysWOW64\ras
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\RasToast
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0.82 Ko] - C:\WINDOWS\SysWOW64\Recovery
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\restore
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [57.5 Ko] - C:\WINDOWS\SysWOW64\ro-RO
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [121.5 Ko] - C:\WINDOWS\SysWOW64\ru-RU
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\rw-RW
[MD5.0BE719C4DE682B6521535F229D6B9E5E] - |A| - [11/08/2015 13:08:40] - (.Copyright © 2015 Razer Inc. All rights reserved - Razer Audio Manager.) - [412 Ko] - (1.0.38.0) - C:\WINDOWS\SysWOW64\rzaudiodll.dll
[MD5.99BBCF6B6648D0751B905419B534BD97] - |A| - [11/08/2015 13:08:42] - (.Copyright © 2015 Razer Inc. All rights reserved - Razer RzDeviceDLL Manager.) - [1169.5 Ko] - (1.0.38.0) - C:\WINDOWS\SysWOW64\rzdevicedll.dll
[MD5.1987E86DCBEF29B9ABFF648303BDAF16] - |A| - [14/03/2016 07:36:22] - (.Copyright © 2016 Razer Inc. All rights reserved - Razer RzDeviceDLL Manager.) - [95.46 Ko] - (1.0.45.6) - C:\WINDOWS\SysWOW64\rzdevinfo.dll
[MD5.4FE516F1AFAD6DE8AC0CC13CC86E1D68] - |A| - [11/08/2015 13:08:46] - (.Copyright © 2015 Razer Inc. All rights reserved - Razer RzDisplayDLL Manager.) - [114.5 Ko] - (1.0.38.0) - C:\WINDOWS\SysWOW64\rzdisplaydll.dll
[MD5.6EC9BA3CC7A422C90E0739D836FDB456] - |A| - [11/08/2015 13:08:52] - (.Copyright © 2015 Razer Inc. All rights reserved - Razer RzTouchDll.) - [152 Ko] - (1.0.38.0) - C:\WINDOWS\SysWOW64\rztouchdll.dll
[MD5.604E07596BAA1C7DE760DAF5A84DE910] - |A| - [16/07/2015 05:13:46] - (.Copyright © 2015 Razer Inc. All rights reserved - Razer RzVirtualDev Manager.) - [85.5 Ko] - (1.0.37.0) - C:\WINDOWS\SysWOW64\rzvirtualdev.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\sd-Arab-PK
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\si-LK
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [57 Ko] - C:\WINDOWS\SysWOW64\sk-SK
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [57 Ko] - C:\WINDOWS\SysWOW64\sl-SI
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:28] - [98.06 Ko] - C:\WINDOWS\SysWOW64\slmgr
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\SMI
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [4078.3 Ko] - C:\WINDOWS\SysWOW64\Speech
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [8871.62 Ko] - C:\WINDOWS\SysWOW64\Speech_OneCore
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [1936.8 Ko] - C:\WINDOWS\SysWOW64\spp
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [23.61 Ko] - C:\WINDOWS\SysWOW64\sppui
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\sq-AL
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\sr-Cyrl-BA
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\sr-Cyrl-RS
[MD5.00000000000000000000000000000000] - |D| - [16/07/2016 13:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\sr-Latn-CS
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [56.5 Ko] - C:\WINDOWS\SysWOW64\sr-Latn-RS
[MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [19/03/2019 06:46:09] - (.-.) - [19.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\srms-apr.dat
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\sru
[MD5.EC1C75518F1AFF370C27B0EB8B09E932] - |A| - [19/03/2019 06:45:07] - (.-.) - [323 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ssdm.dll
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [117 Ko] - C:\WINDOWS\SysWOW64\sv-SE
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\sw-KE
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:28] - [0 Ko] - C:\WINDOWS\SysWOW64\sysprep
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ta-IN
[MD5.A3487FD8447683A4F74645C99E7CB255] - |A| - [19/03/2019 06:45:59] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [42.5 Ko] - (3.3.2.0) - C:\WINDOWS\SysWOW64\tar.exe
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\Tasks
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\te-IN
[MD5.21C60C44D0511D809DD8A381C4CE4E4D] - |A| - [29/08/2019 17:41:15] - (.-.) - [1075.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [50.5 Ko] - C:\WINDOWS\SysWOW64\th-TH
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ti-ET
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\tk-TM
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\tn-ZA
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [115 Ko] - C:\WINDOWS\SysWOW64\tr-TR
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [25/09/2015 18:32:03] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\track
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\tt-RU
[MD5.01E96A85B337B702AE2BC7F838AE7B65] - |A| - [19/03/2019 06:46:31] - (.-.) - [3.34 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\UevCustomActionTypes.tlb
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ug-CN
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [57 Ko] - C:\WINDOWS\SysWOW64\uk-UA
[MD5.6C0B99BB629982510C1DA46E47AE6F6D] - |A| - [19/03/2019 06:45:16] - (.-.) - [45.56 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\umpdc.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ur-PK
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\uz-Latn-UZ
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\vi-VN
[MD5.3CE2237F15DC64C9CBA81A29A4CF89B2] - |A| - [07/09/2019 22:34:20] - (.Copyright (C) 2015-2019 - Vulkan Loader.) - [855.7 Ko] - (1.1.106.0) - C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
[MD5.3CE2237F15DC64C9CBA81A29A4CF89B2] - |A| - [07/09/2019 22:34:20] - (.Copyright (C) 2015-2019 - Vulkan Loader.) - [855.7 Ko] - (1.1.106.0) - C:\WINDOWS\SysWOW64\vulkan-1.dll
[MD5.C97C30B3522B7BBA8D4DA282B11ED6F0] - |A| - [07/09/2019 22:34:20] - (.Copyright (C) 2015-2019 - Vulkan Info.) - [266.7 Ko] - (1.1.106.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
[MD5.C97C30B3522B7BBA8D4DA282B11ED6F0] - |A| - [07/09/2019 22:34:20] - (.Copyright (C) 2015-2019 - Vulkan Info.) - [266.7 Ko] - (1.1.106.0) - C:\WINDOWS\SysWOW64\vulkaninfo.exe
[MD5.E30AD4BFF3700940585102E79813639C] - |A| - [01/06/2019 22:16:25] - (.Copyright © 2019 - Java(TM) Platform SE binary.) - [108.37 Ko] - (8.0.2110.12) - C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
[MD5.69E4DB68C3968DF92346FDF8477A3D1B] - |A| - [19/03/2019 06:45:13] - (.-.) - [104.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WindowsDefaultHeatProcessor.dll
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [10745.39 Ko] - C:\WINDOWS\SysWOW64\WindowsPowerShell
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:28] - [207.67 Ko] - C:\WINDOWS\SysWOW64\winrm
[MD5.D494267BC169604FAC5E3679B9A97FED] - |A| - [25/06/2018 17:08:24] - (.Copyright © 2008 - OpenAL32.) - [434.52 Ko] - (2.2.0.5) - C:\WINDOWS\SysWOW64\wrap_oal.dll
[MD5.246C62BF8A69AF9A9D1783F4548652BF] - |A| - [19/03/2019 06:45:13] - (.-.) - [62.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\xh-ZA
[MD5.00000000000000000000000000000000] - |D| - [29/08/2019 17:37:26] - [10.16 Ko] - C:\WINDOWS\SysWOW64\XPSViewer
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\yo-NG
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [82 Ko] - C:\WINDOWS\SysWOW64\zh-CN
[MD5.00000000000000000000000000000000] - |D| - [16/07/2016 13:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\zh-HK
[MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [82 Ko] - C:\WINDOWS\SysWOW64\zh-TW
[MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\zu-ZA

---------- | [Administrateur]

[13/02/2016 15:16:17] - |HD| - [127513893] - C:\Users\Administrateur\AppData
[13/02/2016 15:16:17] - |SHD| - [0] - C:\Users\Administrateur\Application Data
[13/02/2016 15:20:48] - |RD| - [412] - C:\Users\Administrateur\Contacts
[13/02/2016 15:16:17] - |SHD| - [0] - C:\Users\Administrateur\Cookies
[13/02/2016 15:16:17] - |RD| - [282] - C:\Users\Administrateur\Desktop
[13/02/2016 15:16:17] - |RD| - [402] - C:\Users\Administrateur\Documents
[13/02/2016 15:16:17] - |RD| - [282] - C:\Users\Administrateur\Downloads
[13/02/2016 15:16:17] - |RD| - [690] - C:\Users\Administrateur\Favorites
[13/02/2016 15:16:17] - |RD| - [2015] - C:\Users\Administrateur\Links
[13/02/2016 15:16:17] - |SHD| - [0] - C:\Users\Administrateur\Local Settings
[13/02/2016 15:16:17] - |SHD| - [0] - C:\Users\Administrateur\Menu Démarrer
[13/02/2016 15:16:17] - |SHD| - [0] - C:\Users\Administrateur\Mes documents
[13/02/2016 15:16:17] - |SHD| - [0] - C:\Users\Administrateur\Modèles
[13/02/2016 15:16:17] - |RD| - [504] - C:\Users\Administrateur\Music
[13/02/2016 15:16:16] - |ASH| - [524288] - C:\Users\Administrateur\NTUSER.DAT
[13/02/2016 15:16:17] - |ASH| - [12288] - C:\Users\Administrateur\ntuser.dat.LOG1
[13/02/2016 15:16:17] - |ASH| - [185344] - C:\Users\Administrateur\ntuser.dat.LOG2
[13/02/2016 15:16:17] - |ASH| - [65536] - C:\Users\Administrateur\NTUSER.DAT{c58209f6-d207-11e5-9166-b2df75528388}.TM.blf
[13/02/2016 15:16:17] - |ASH| - [524288] - C:\Users\Administrateur\NTUSER.DAT{c58209f6-d207-11e5-9166-b2df75528388}.TMContainer00000000000000000001.regtrans-ms
[13/02/2016 15:16:17] - |ASH| - [524288] - C:\Users\Administrateur\NTUSER.DAT{c58209f6-d207-11e5-9166-b2df75528388}.TMContainer00000000000000000002.regtrans-ms
[13/02/2016 15:16:17] - |ASH| - [20] - C:\Users\Administrateur\ntuser.ini
[13/02/2016 15:22:01] - |RD| - [105] - C:\Users\Administrateur\OneDrive
[13/02/2016 15:16:17] - |RD| - [504] - C:\Users\Administrateur\Pictures
[13/02/2016 15:16:17] - |SHD| - [0] - C:\Users\Administrateur\Recent
[13/02/2016 15:16:17] - |RD| - [282] - C:\Users\Administrateur\Saved Games
[13/02/2016 15:20:48] - |RD| - [1875] - C:\Users\Administrateur\Searches
[13/02/2016 15:16:17] - |SHD| - [0] - C:\Users\Administrateur\SendTo
[13/02/2016 15:16:17] - |RD| - [504] - C:\Users\Administrateur\Videos
[13/02/2016 15:16:17] - |SHD| - [0] - C:\Users\Administrateur\Voisinage d'impression
[13/02/2016 15:16:17] - |SHD| - [0] - C:\Users\Administrateur\Voisinage réseau
[13/02/2016 15:16:17] - |D| - [127377446] - C:\Users\Administrateur\AppData\Local
[13/02/2016 15:16:17] - |D| - [0] - C:\Users\Administrateur\AppData\LocalLow
[13/02/2016 15:16:17] - |D| - [136447] - C:\Users\Administrateur\AppData\Roaming
[13/02/2016 15:18:40] - |D| - [0] - C:\Users\Administrateur\AppData\Local\ActiveSync
[13/02/2016 15:16:17] - |SHD| - [0] - C:\Users\Administrateur\AppData\Local\Application Data
[13/02/2016 15:16:17] - |SHD| - [0] - C:\Users\Administrateur\AppData\Local\Historique
[13/02/2016 15:23:18] - |AH| - [3368] - C:\Users\Administrateur\AppData\Local\IconCache.db
[13/02/2016 15:16:17] - |D| - [112982044] - C:\Users\Administrateur\AppData\Local\Microsoft
[13/02/2016 15:16:26] - |D| - [3308258] - C:\Users\Administrateur\AppData\Local\Packages
[13/02/2016 15:16:17] - |D| - [0] - C:\Users\Administrateur\AppData\Local\Temp
[13/02/2016 15:16:17] - |SHD| - [0] - C:\Users\Administrateur\AppData\Local\Temporary Internet Files
[13/02/2016 15:16:24] - |D| - [11083776] - C:\Users\Administrateur\AppData\Local\TileDataLayer
[13/02/2016 15:20:46] - |D| - [0] - C:\Users\Administrateur\AppData\Roaming\Adobe
[13/02/2016 15:16:17] - |SD| - [136447] - C:\Users\Administrateur\AppData\Roaming\Microsoft
[13/02/2016 15:20:48] - |ASH| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
[13/02/2016 15:16:17] - |SHD| - [0] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
[13/02/2016 15:16:17] - |RD| - [22466] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
[13/02/2016 15:16:17] - |RD| - [3888] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[13/02/2016 15:16:17] - |RD| - [2925] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[13/02/2016 15:20:48] - |RD| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[13/02/2016 15:20:48] - |ASH| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
[13/02/2016 15:16:17] - |D| - [170] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[13/02/2016 15:22:01] - |A| - [2405] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[13/02/2016 15:20:48] - |RD| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[13/02/2016 15:16:17] - |RD| - [5318] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[13/02/2016 15:16:17] - |RSD| - [7238] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[13/02/2016 15:20:48] - |ASH| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

---------- | [Mugetsu]

[05/06/2019 19:54:58] - |D| - [0] - C:\Users\Mugetsu\.Albion Online Launcher
[04/02/2016 20:35:41] - |D| - [10] - C:\Users\Mugetsu\.android
[01/04/2019 19:11:04] - |A| - [80] - C:\Users\Mugetsu\.bash_history
[11/09/2017 20:49:38] - |D| - [17092951] - C:\Users\Mugetsu\.eclipse
[26/08/2015 20:50:19] - |D| - [410926] - C:\Users\Mugetsu\.gimp-2.8
[03/04/2017 19:21:17] - |A| - [140] - C:\Users\Mugetsu\.gitconfig
[16/04/2016 09:17:33] - |D| - [110] - C:\Users\Mugetsu\.oracle_jre_usage
[11/09/2017 20:49:38] - |D| - [392264962] - C:\Users\Mugetsu\.p2
[13/01/2017 18:52:41] - |D| - [0] - C:\Users\Mugetsu\.QtWebEngineProcess
[13/01/2017 18:52:41] - |D| - [0] - C:\Users\Mugetsu\.TeamSpeak 3
[26/08/2015 20:51:46] - |D| - [0] - C:\Users\Mugetsu\.thumbnails
[11/09/2017 21:05:24] - |D| - [74313] - C:\Users\Mugetsu\.tooling
[23/08/2019 08:20:25] - |D| - [287406] - C:\Users\Mugetsu\.VirtualBox
[13/01/2018 20:43:24] - |RD| - [298] - C:\Users\Mugetsu\3D Objects
[07/01/2018 16:09:09] - |D| - [0] - C:\Users\Mugetsu\ansel
[29/08/2019 17:21:16] - |HD| - [10493202654] - C:\Users\Mugetsu\AppData
[29/08/2019 17:21:16] - |SHD| - [0] - C:\Users\Mugetsu\Application Data
[18/06/2015 22:58:21] - |RD| - [23627] - C:\Users\Mugetsu\Contacts
[29/08/2019 17:21:16] - |SHD| - [0] - C:\Users\Mugetsu\Cookies
[30/01/2017 22:32:21] - |RD| - [159] - C:\Users\Mugetsu\Creative Cloud Files
[18/06/2015 22:58:18] - |RDC| - [19134256] - C:\Users\Mugetsu\Desktop
[18/06/2015 22:58:18] - |RDC| - [3238008544] - C:\Users\Mugetsu\Documents
[18/06/2015 22:58:18] - |RD| - [11335315] - C:\Users\Mugetsu\Downloads
[18/06/2015 22:58:18] - |RD| - [3081] - C:\Users\Mugetsu\Favorites
[18/06/2015 22:58:18] - |RD| - [2532] - C:\Users\Mugetsu\Links
[29/08/2019 17:21:16] - |SHD| - [0] - C:\Users\Mugetsu\Local Settings
[29/08/2019 17:21:16] - |SHD| - [0] - C:\Users\Mugetsu\Menu Démarrer
[24/05/2016 19:53:36] - |A| - [79] - C:\Users\Mugetsu\mercurial.ini
[29/08/2019 17:21:16] - |SHD| - [0] - C:\Users\Mugetsu\Mes documents
[13/01/2018 20:43:46] - |HD| - [4733923] - C:\Users\Mugetsu\MicrosoftEdgeBackups
[29/08/2019 17:21:16] - |SHD| - [0] - C:\Users\Mugetsu\Modèles
[18/06/2015 22:58:18] - |RD| - [504] - C:\Users\Mugetsu\Music
[29/08/2019 17:21:16] - |AH| - [16252928] - C:\Users\Mugetsu\NTUSER.DAT
[29/08/2019 17:21:16] - |ASH| - [4116480] - C:\Users\Mugetsu\ntuser.dat.LOG1
[29/08/2019 17:21:16] - |ASH| - [4116480] - C:\Users\Mugetsu\ntuser.dat.LOG2
[12/09/2019 08:36:48] - |ASH| - [1048576] - C:\Users\Mugetsu\NTUSER.DAT{9ae38a03-ca78-11e9-88d4-d732eaea7366}.TxR.0.regtrans-ms
[12/09/2019 08:36:48] - |ASH| - [1048576] - C:\Users\Mugetsu\NTUSER.DAT{9ae38a03-ca78-11e9-88d4-d732eaea7366}.TxR.1.regtrans-ms
[12/09/2019 08:36:48] - |ASH| - [1048576] - C:\Users\Mugetsu\NTUSER.DAT{9ae38a03-ca78-11e9-88d4-d732eaea7366}.TxR.2.regtrans-ms
[12/09/2019 08:36:48] - |ASH| - [65536] - C:\Users\Mugetsu\NTUSER.DAT{9ae38a03-ca78-11e9-88d4-d732eaea7366}.TxR.blf
[29/08/2019 17:21:16] - |ASH| - [65536] - C:\Users\Mugetsu\NTUSER.DAT{9ae38a04-ca78-11e9-88d4-d732eaea7366}.TM.blf
[29/08/2019 17:21:16] - |ASH| - [524288] - C:\Users\Mugetsu\NTUSER.DAT{9ae38a04-ca78-11e9-88d4-d732eaea7366}.TMContainer00000000000000000001.regtrans-ms
[29/08/2019 17:21:16] - |ASH| - [524288] - C:\Users\Mugetsu\NTUSER.DAT{9ae38a04-ca78-11e9-88d4-d732eaea7366}.TMContainer00000000000000000002.regtrans-ms
[29/08/2019 17:28:25] - |SH| - [20] - C:\Users\Mugetsu\ntuser.ini
[22/06/2015 14:12:24] - |RD| - [376089] - C:\Users\Mugetsu\OneDrive
[18/06/2015 22:58:18] - |RD| - [55288] - C:\Users\Mugetsu\Pictures
[29/08/2019 17:21:16] - |SHD| - [0] - C:\Users\Mugetsu\Recent
[18/06/2015 22:58:18] - |RD| - [11204757] - C:\Users\Mugetsu\Saved Games
[17/01/2016 00:53:28] - |A| - [638] - C:\Users\Mugetsu\SciTE.recent
[17/01/2016 00:53:28] - |A| - [130] - C:\Users\Mugetsu\SciTE.session
[18/06/2015 22:58:27] - |RD| - [1879] - C:\Users\Mugetsu\Searches
[29/08/2019 17:21:16] - |SHD| - [0] - C:\Users\Mugetsu\SendTo
[02/07/2015 20:51:32] - |D| - [0] - C:\Users\Mugetsu\Tracing
[18/06/2015 22:58:18] - |RD| - [12470] - C:\Users\Mugetsu\Videos
[29/08/2019 17:21:16] - |SHD| - [0] - C:\Users\Mugetsu\Voisinage d'impression
[29/08/2019 17:21:16] - |SHD| - [0] - C:\Users\Mugetsu\Voisinage réseau
[29/08/2019 17:21:16] - |D| - [6263362819] - C:\Users\Mugetsu\AppData\Local
[18/06/2015 22:58:18] - |DC| - [286135774] - C:\Users\Mugetsu\AppData\LocalLow
[28/05/2018 22:55:33] - |AC| - [191500] - C:\Users\Mugetsu\AppData\Localtransition_4d667a33cc3f56ff57e291fb0010b7b3.ini
[29/08/2019 17:21:16] - |D| - [3943512561] - C:\Users\Mugetsu\AppData\Roaming
[28/03/2016 18:51:02] - |DC| - [0] - C:\Users\Mugetsu\AppData\Local\238010
[10/04/2016 17:09:14] - |DC| - [0] - C:\Users\Mugetsu\AppData\Local\ActiveSync
[17/07/2015 19:40:34] - |DC| - [793791] - C:\Users\Mugetsu\AppData\Local\Adobe
[12/12/2016 23:15:08] - |DC| - [2489838] - C:\Users\Mugetsu\AppData\Local\Ankama
[29/08/2019 17:21:16] - |SHD| - [0] - C:\Users\Mugetsu\AppData\Local\Application Data
[24/05/2016 19:45:16] - |DC| - [273374403] - C:\Users\Mugetsu\AppData\Local\Atlassian
[06/08/2017 20:10:27] - |DC| - [0] - C:\Users\Mugetsu\AppData\Local\Audacity
[19/07/2018 09:08:00] - |DC| - [12624] - C:\Users\Mugetsu\AppData\Local\AVAST Software
[19/06/2015 22:25:37] - |DC| - [187351840] - C:\Users\Mugetsu\AppData\Local\Battle.net
[21/06/2015 19:39:33] - |DC| - [30680] - C:\Users\Mugetsu\AppData\Local\Black_Tree_Gaming
[15/11/2015 11:18:51] - |DC| - [44335] - C:\Users\Mugetsu\AppData\Local\Blizzard
[19/06/2015 22:25:43] - |DC| - [1143040] - C:\Users\Mugetsu\AppData\Local\Blizzard Entertainment
[21/01/2016 21:53:56] - |DC| - [6085] - C:\Users\Mugetsu\AppData\Local\Bluestacks
[24/07/2015 19:09:41] - |DC| - [11348426] - C:\Users\Mugetsu\AppData\Local\CEF
[07/01/2016 20:35:20] - |DC| - [6699] - C:\Users\Mugetsu\AppData\Local\CeVIO
[13/12/2016 21:25:40] - |DC| - [1048616] - C:\Users\Mugetsu\AppData\Local\Chromium
[10/04/2016 17:09:43] - |DC| - [77575372] - C:\Users\Mugetsu\AppData\Local\Comms
[13/08/2016 09:55:46] - |DC| - [4490051] - C:\Users\Mugetsu\AppData\Local\ConnectedDevicesPlatform
[02/08/2015 14:56:16] - |DC| - [23157000] - C:\Users\Mugetsu\AppData\Local\CrashDumps
[21/05/2018 15:50:24] - |DC| - [617012] - C:\Users\Mugetsu\AppData\Local\D3DSCache
[05/11/2017 19:01:36] - |DC| - [40344250] - C:\Users\Mugetsu\AppData\Local\Daedalic Entertainment GmbH
[18/06/2017 10:08:20] - |DC| - [0] - C:\Users\Mugetsu\AppData\Local\DBG
[11/11/2018 19:46:03] - |DC| - [41301] - C:\Users\Mugetsu\AppData\Local\DELTARUNE
[09/09/2015 22:02:22] - |DC| - [523501] - C:\Users\Mugetsu\AppData\Local\Diagnostics
[15/06/2016 21:14:32] - |DC| - [351715018] - C:\Users\Mugetsu\AppData\Local\Discord
[20/09/2015 19:10:49] - |DC| - [10973] - C:\Users\Mugetsu\AppData\Local\DOSBox
[28/03/2016 18:51:38] - |DC| - [1512] - C:\Users\Mugetsu\AppData\Local\dxhr
[11/09/2017 21:05:23] - |DC| - [2300] - C:\Users\Mugetsu\AppData\Local\Eclipse
[18/02/2017 18:13:03] - |DC| - [301119] - C:\Users\Mugetsu\AppData\Local\ElevatedDiagnostics
[26/10/2017 21:19:42] - |DC| - [713054] - C:\Users\Mugetsu\AppData\Local\EpicGamesLauncher
[24/05/2017 18:57:31] - |DC| - [173] - C:\Users\Mugetsu\AppData\Local\Fallout4
[12/02/2017 19:03:12] - |DC| - [5955152] - C:\Users\Mugetsu\AppData\Local\FluxSoftware
[26/08/2015 20:50:19] - |DC| - [1484148] - C:\Users\Mugetsu\AppData\Local\fontconfig
[29/10/2017 20:53:37] - |DC| - [342773] - C:\Users\Mugetsu\AppData\Local\FortniteGame
[10/08/2017 21:20:07] - |DC| - [51153344] - C:\Users\Mugetsu\AppData\Local\GameMaker-Studio
[10/08/2017 20:21:02] - |DC| - [0] - C:\Users\Mugetsu\AppData\Local\GameMakerStudio2
[16/08/2015 09:12:07] - |DC| - [158947726] - C:\Users\Mugetsu\AppData\Local\Gas Powered Games
[19/06/2015 21:13:30] - |AC| - [64472] - C:\Users\Mugetsu\AppData\Local\GDIPFONTCACHEV1.DAT
[26/08/2015 20:50:19] - |DC| - [660] - C:\Users\Mugetsu\AppData\Local\gegl-0.2
[15/08/2017 13:58:37] - |DC| - [14490071] - C:\Users\Mugetsu\AppData\Local\gm_ttt_34927
[02/10/2017 23:17:39] - |DC| - [922205] - C:\Users\Mugetsu\AppData\Local\gm_ttt_79597
[01/04/2019 20:34:47] - |DC| - [0] - C:\Users\Mugetsu\AppData\Local\gm_ttt_89069
[29/08/2018 19:54:29] - |DC| - [2007] - C:\Users\Mugetsu\AppData\Local\GOG.com
[21/05/2018 13:19:02] - |DC| - [723266849] - C:\Users\Mugetsu\AppData\Local\Google
[26/08/2015 20:56:51] - |DC| - [202] - C:\Users\Mugetsu\AppData\Local\gtk-2.0
[27/07/2015 17:15:13] - |DC| - [71] - C:\Users\Mugetsu\AppData\Local\GWX
[08/10/2017 18:52:37] - |DC| - [257] - C:\Users\Mugetsu\AppData\Local\HirezLauncherUI
[29/08/2019 17:21:16] - |SHD| - [0] - C:\Users\Mugetsu\AppData\Local\Historique
[08/04/2016 18:32:52] - |DC| - [900466] - C:\Users\Mugetsu\AppData\Local\HOTSLogsUploader
[01/09/2019 16:48:22] - |AH| - [92623] - C:\Users\Mugetsu\AppData\Local\IconCache.db
[13/09/2016 23:16:45] - |AC| - [43] - C:\Users\Mugetsu\AppData\Local\klanguageoverridesrc
[04/02/2018 21:29:42] - |DC| - [66909864] - C:\Users\Mugetsu\AppData\Local\Kobo
[13/08/2016 19:53:51] - |DC| - [21203] - C:\Users\Mugetsu\AppData\Local\krita
[16/10/2017 07:56:31] - |DC| - [1759350] - C:\Users\Mugetsu\AppData\Local\Logitech
[07/08/2016 13:58:28] - |DC| - [2914129] - C:\Users\Mugetsu\AppData\Local\Logitech® Webcam Software
[29/08/2019 17:21:16] - |D| - [1462306309] - C:\Users\Mugetsu\AppData\Local\Microsoft
[28/04/2016 19:25:12] - |DC| - [68704] - C:\Users\Mugetsu\AppData\Local\MicrosoftEdge
[16/08/2015 14:44:58] - |DC| - [11027938] - C:\Users\Mugetsu\AppData\Local\MonoDevelop-Unity-4.0
[27/07/2015 19:45:30] - |DC| - [47826060] - C:\Users\Mugetsu\AppData\Local\Mozilla
[27/06/2017 20:31:05] - |DC| - [6370] - C:\Users\Mugetsu\AppData\Local\MXM
[15/11/2015 19:43:06] - |DC| - [0] - C:\Users\Mugetsu\AppData\Local\My Games
[19/09/2015 21:55:54] - |DC| - [966] - C:\Users\Mugetsu\AppData\Local\NBGI
[10/04/2016 20:09:19] - |DC| - [0] - C:\Users\Mugetsu\AppData\Local\NetworkTiles
[24/05/2018 21:26:20] - |DC| - [16829] - C:\Users\Mugetsu\AppData\Local\nuclearthrone
[19/06/2015 21:01:00] - |DC| - [880591299] - C:\Users\Mugetsu\AppData\Local\NVIDIA
[19/06/2015 21:01:02] - |DC| - [98517323] - C:\Users\Mugetsu\AppData\Local\NVIDIA Corporation
[01/09/2019 12:20:40] - |D| - [2961] - C:\Users\Mugetsu\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
[30/09/2018 20:27:03] - |AC| - [0] - C:\Users\Mugetsu\AppData\Local\oobelibMkey.log
[12/07/2015 11:25:58] - |DC| - [130] - C:\Users\Mugetsu\AppData\Local\openvr
[18/06/2017 22:26:11] - |DC| - [838828] - C:\Users\Mugetsu\AppData\Local\Package Cache
[13/01/2018 20:27:47] - |DC| - [1292149076] - C:\Users\Mugetsu\AppData\Local\Packages
[29/08/2019 17:28:38] - |D| - [0] - C:\Users\Mugetsu\AppData\Local\PackageStaging
[12/06/2017 18:45:55] - |DC| - [148082] - C:\Users\Mugetsu\AppData\Local\PAYDAY 2
[10/04/2016 17:44:17] - |DC| - [0] - C:\Users\Mugetsu\AppData\Local\PeerDistRepub
[21/05/2018 17:38:24] - |DC| - [2495] - C:\Users\Mugetsu\AppData\Local\PlaceholderTileLogoFolder
[18/06/2015 23:17:33] - |DC| - [0] - C:\Users\Mugetsu\AppData\Local\Programs
[10/04/2016 17:07:23] - |DC| - [11304439] - C:\Users\Mugetsu\AppData\Local\Publishers
[19/06/2015 21:30:11] - |DC| - [17031] - C:\Users\Mugetsu\AppData\Local\Razer
[30/01/2016 14:45:57] - |AC| - [16071] - C:\Users\Mugetsu\AppData\Local\recently-used.xbel
[06/09/2017 21:25:43] - |DC| - [4518] - C:\Users\Mugetsu\AppData\Local\Recovery
[24/08/2015 19:04:49] - |AC| - [7607] - C:\Users\Mugetsu\AppData\Local\Resmon.ResmonCfg
[15/02/2018 11:43:08] - |DC| - [117939] - C:\Users\Mugetsu\AppData\Local\RStudio-Desktop
[07/11/2015 10:14:59] - |DC| - [2052] - C:\Users\Mugetsu\AppData\Local\RzStats
[05/06/2019 19:54:59] - |DC| - [8293238] - C:\Users\Mugetsu\AppData\Local\Sandbox Interactive GmbH
[12/07/2015 10:36:01] - |DC| - [0] - C:\Users\Mugetsu\AppData\Local\SCE
[24/07/2015 21:18:14] - |DC| - [81124757] - C:\Users\Mugetsu\AppData\Local\Scrivener
[18/06/2017 20:37:36] - |DC| - [32] - C:\Users\Mugetsu\AppData\Local\ServiceHub
[14/05/2016 15:28:58] - |DC| - [3276] - C:\Users\Mugetsu\AppData\Local\Sidhe
[02/07/2015 20:47:29] - |DC| - [0] - C:\Users\Mugetsu\AppData\Local\Skype
[21/06/2015 19:00:37] - |DC| - [986] - C:\Users\Mugetsu\AppData\Local\Skyrim
[15/08/2016 18:19:46] - |DC| - [578100] - C:\Users\Mugetsu\AppData\Local\speech
[20/11/2015 22:37:48] - |DC| - [21751] - C:\Users\Mugetsu\AppData\Local\SquirrelTemp
[19/06/2015 22:06:01] - |DC| - [318580310] - C:\Users\Mugetsu\AppData\Local\Steam
[13/01/2017 18:52:41] - |DC| - [688496] - C:\Users\Mugetsu\AppData\Local\TeamSpeak 3
[01/01/2016 16:24:40] - |DC| - [40] - C:\Users\Mugetsu\AppData\Local\TeamViewer
[29/08/2019 17:21:16] - |D| - [22985522] - C:\Users\Mugetsu\AppData\Local\Temp
[29/08/2019 17:21:16] - |SHD| - [0] - C:\Users\Mugetsu\AppData\Local\Temporary Internet Files
[30/01/2017 22:32:20] - |DC| - [0] - C:\Users\Mugetsu\AppData\Local\Tempzxpsign3283da3a4709a726
[30/01/2017 22:32:21] - |DC| - [0] - C:\Users\Mugetsu\AppData\Local\Tempzxpsigna1ebfeb466b99d16
[21/06/2015 17:04:45] - |DC| - [1721] - C:\Users\Mugetsu\AppData\Local\The Witcher
[01/09/2018 14:09:23] - |DC| - [926] - C:\Users\Mugetsu\AppData\Local\THQ
[10/04/2016 17:07:15] - |DC| - [17807171] - C:\Users\Mugetsu\AppData\Local\TileDataLayer
[20/02/2016 23:49:34] - |DC| - [5203] - C:\Users\Mugetsu\AppData\Local\Ubisoft Game Launcher
[20/12/2015 11:45:55] - |DC| - [7523] - C:\Users\Mugetsu\AppData\Local\UNDERTALE
[12/08/2015 18:33:26] - |DC| - [646302] - C:\Users\Mugetsu\AppData\Local\Unity
[26/10/2017 21:19:42] - |DC| - [54] - C:\Users\Mugetsu\AppData\Local\UnrealEngine
[26/10/2017 21:19:44] - |DC| - [0] - C:\Users\Mugetsu\AppData\Local\UnrealEngineLauncher
[18/06/2015 22:58:20] - |DC| - [13757] - C:\Users\Mugetsu\AppData\Local\VirtualStore
[04/02/2016 20:35:41] - |DC| - [386] - C:\Users\Mugetsu\AppData\Local\Wacom
[21/06/2015 17:24:23] - |DC| - [364791] - C:\Users\Mugetsu\AppData\Local\Warframe
[15/02/2018 11:43:08] - |AC| - [56320] - C:\Users\Mugetsu\AppData\Local\WebpageIcons.db
[22/06/2015 14:10:59] - |DC| - [188416] - C:\Users\Mugetsu\AppData\Local\Windows Live
[02/07/2015 23:38:33] - |DC| - [648363] - C:\Users\Mugetsu\AppData\Local\Windows Live Writer
[13/01/2016 20:02:20] - |DC| - [0] - C:\Users\Mugetsu\AppData\Local\WMTools Downloaded Files
[23/07/2015 19:24:30] - |DC| - [82] - C:\Users\Mugetsu\AppData\Local\Wondershare
[10/08/2017 21:29:39] - |DC| - [1649] - C:\Users\Mugetsu\AppData\Local\YoYo_Games_Ltd
[30/01/2017 22:32:04] - |DC| - [0] - C:\Users\Mugetsu\AppData\LocalLow\Adobe
[12/12/2016 23:32:56] - |DC| - [24687] - C:\Users\Mugetsu\AppData\LocalLow\Ankama
[28/10/2017 20:56:25] - |DC| - [680] - C:\Users\Mugetsu\AppData\LocalLow\Boneloaf
[28/10/2017 14:30:27] - |DC| - [1233] - C:\Users\Mugetsu\AppData\LocalLow\Clever Endeavour Games
[31/05/2016 21:22:14] - |DC| - [12167] - C:\Users\Mugetsu\AppData\LocalLow\CyberCoconut
[27/02/2018 00:31:50] - |DC| - [24378] - C:\Users\Mugetsu\AppData\LocalLow\Daedalic Entertainment GmbH
[31/01/2016 17:15:34] - |DC| - [0] - C:\Users\Mugetsu\AppData\LocalLow\DefaultCompany
[14/10/2017 00:41:07] - |DC| - [207853] - C:\Users\Mugetsu\AppData\LocalLow\Defiant Development
[24/05/2018 21:43:04] - |DC| - [29106] - C:\Users\Mugetsu\AppData\LocalLow\Dinosaur Polo Club
[30/08/2015 21:20:17] - |DC| - [0] - C:\Users\Mugetsu\AppData\LocalLow\E_Line Media
[30/05/2018 17:33:29] - |DC| - [13804] - C:\Users\Mugetsu\AppData\LocalLow\Freehold Games
[29/03/2019 19:18:12] - |DC| - [14002] - C:\Users\Mugetsu\AppData\LocalLow\Hopoo Games, LLC
[08/01/2017 15:37:24] - |DC| - [0] - C:\Users\Mugetsu\AppData\LocalLow\Laser Dog Games Ltd
[26/07/2018 13:37:26] - |DC| - [5474896] - C:\Users\Mugetsu\AppData\LocalLow\LoE
[18/06/2015 23:10:07] - |SDC| - [339846] - C:\Users\Mugetsu\AppData\LocalLow\Microsoft
[18/06/2019 21:00:32] - |DC| - [977954] - C:\Users\Mugetsu\AppData\LocalLow\Monomi Park
[30/11/2015 00:17:58] - |DC| - [47526] - C:\Users\Mugetsu\AppData\LocalLow\Necrophone Games
[16/04/2016 09:16:27] - |DC| - [228947312] - C:\Users\Mugetsu\AppData\LocalLow\Oracle
[05/06/2019 19:55:51] - |DC| - [4627] - C:\Users\Mugetsu\AppData\LocalLow\Sandbox Interactive GmbH
[22/05/2017 19:34:03] - |DC| - [713] - C:\Users\Mugetsu\AppData\LocalLow\SmashGames
[12/07/2015 10:36:01] - |DC| - [1125798] - C:\Users\Mugetsu\AppData\LocalLow\Sony Online Entertainment
[18/06/2015 23:47:42] - |DC| - [391812] - C:\Users\Mugetsu\AppData\LocalLow\Sun
[05/09/2019 16:22:39] - |DC| - [166] - C:\Users\Mugetsu\AppData\LocalLow\Tactical Adventures
[16/12/2016 18:57:32] - |DC| - [0] - C:\Users\Mugetsu\AppData\LocalLow\Temp
[14/01/2017 02:03:02] - |DC| - [14413] - C:\Users\Mugetsu\AppData\LocalLow\Thunder Lotus Games
[12/08/2015 18:33:26] - |DC| - [48482219] - C:\Users\Mugetsu\AppData\LocalLow\Unity
[29/10/2017 00:06:48] - |DC| - [582] - C:\Users\Mugetsu\AppData\LocalLow\WeirdBeard
[09/12/2018 10:48:22] - |DC| - [330449329] - C:\Users\Mugetsu\AppData\Roaming\.minecraft
[20/12/2015 20:29:02] - |DC| - [0] - C:\Users\Mugetsu\AppData\Roaming\.mono
[07/01/2017 02:47:08] - |DC| - [20333] - C:\Users\Mugetsu\AppData\Roaming\10tons
[28/06/2015 09:28:34] - |DC| - [647512] - C:\Users\Mugetsu\AppData\Roaming\Adobe
[30/01/2017 22:32:01] - |AC| - [33] - C:\Users\Mugetsu\AppData\Roaming\AdobeWLCMCache.dat
[05/06/2019 19:56:21] - |DC| - [0] - C:\Users\Mugetsu\AppData\Roaming\Albion
[04/02/2016 20:32:08] - |DC| - [23500] - C:\Users\Mugetsu\AppData\Roaming\Ambient Design
[29/05/2018 00:14:39] - |DC| - [0] - C:\Users\Mugetsu\AppData\Roaming\AnkamaCertificates
[13/01/2016 19:58:00] - |DC| - [3628] - C:\Users\Mugetsu\AppData\Roaming\Audacity
[20/06/2015 21:04:11] - |DC| - [31146364] - C:\Users\Mugetsu\AppData\Roaming\AVAST Software
[13/02/2016 20:34:23] - |DC| - [0] - C:\Users\Mugetsu\AppData\Roaming\Awesomium
[19/06/2015 22:25:37] - |DC| - [15362] - C:\Users\Mugetsu\AppData\Roaming\Battle.net
[06/01/2019 00:31:20] - |DC| - [33] - C:\Users\Mugetsu\AppData\Roaming\Battlerite
[30/01/2017 22:03:58] - |DC| - [6361] - C:\Users\Mugetsu\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[10/08/2015 18:46:47] - |DC| - [105069] - C:\Users\Mugetsu\AppData\Roaming\com.bluemanchu.CardHunter
[06/12/2015 13:03:38] - |DC| - [274] - C:\Users\Mugetsu\AppData\Roaming\com.shirogames.evoland2
[08/01/2019 23:23:18] - |DC| - [345] - C:\Users\Mugetsu\AppData\Roaming\CubeParadox
[29/05/2018 00:13:54] - |AC| - [117] - C:\Users\Mugetsu\AppData\Roaming\D2Info0
[20/11/2015 22:37:54] - |DC| - [144316483] - C:\Users\Mugetsu\AppData\Roaming\discord
[23/03/2018 23:22:10] - |DC| - [32215938] - C:\Users\Mugetsu\AppData\Roaming\discordsdk
[29/05/2018 00:13:54] - |DC| - [8381005] - C:\Users\Mugetsu\AppData\Roaming\Dofus
[29/05/2018 21:02:09] - |DC| - [75] - C:\Users\Mugetsu\AppData\Roaming\Dofus-2
[29/05/2018 00:13:54] - |AC| - [8] - C:\Users\Mugetsu\AppData\Roaming\DofusAppId0_1
[29/05/2018 21:02:09] - |AC| - [8] - C:\Users\Mugetsu\AppData\Roaming\DofusAppId0_2
[14/05/2017 16:14:07] - |DC| - [203] - C:\Users\Mugetsu\AppData\Roaming\dvdcss
[22/08/2019 22:47:42] - |DC| - [2455187] - C:\Users\Mugetsu\AppData\Roaming\EasyAntiCheat
[13/09/2015 18:39:29] - |DC| - [87793790] - C:\Users\Mugetsu\AppData\Roaming\Fatshark
[09/07/2015 21:20:41] - |DC| - [0] - C:\Users\Mugetsu\AppData\Roaming\FreeDownloadManager.ORG
[10/08/2017 21:21:35] - |DC| - [888889904] - C:\Users\Mugetsu\AppData\Roaming\GameMaker-Studio
[02/04/2017 18:56:59] - |DC| - [9365] - C:\Users\Mugetsu\AppData\Roaming\GameMakerStudio2
[28/04/2017 17:38:11] - |DC| - [0] - C:\Users\Mugetsu\AppData\Roaming\Google
[19/06/2015 21:12:26] - |DC| - [79597354] - C:\Users\Mugetsu\AppData\Roaming\Guild Wars 2
[22/02/2019 20:48:46] - |DC| - [189101] - C:\Users\Mugetsu\AppData\Roaming\HP
[22/02/2019 20:47:49] - |DC| - [10752] - C:\Users\Mugetsu\AppData\Roaming\HpUpdate
[09/04/2017 21:33:46] - |DC| - [14990300] - C:\Users\Mugetsu\AppData\Roaming\Human Resource Machine
[18/06/2015 22:58:22] - |DC| - [0] - C:\Users\Mugetsu\AppData\Roaming\Identities
[09/09/2015 22:01:10] - |DC| - [0] - C:\Users\Mugetsu\AppData\Roaming\InstallShield
[13/08/2016 19:53:48] - |DC| - [1390] - C:\Users\Mugetsu\AppData\Roaming\krita
[07/08/2016 13:54:06] - |DC| - [345] - C:\Users\Mugetsu\AppData\Roaming\Leadertech
[16/10/2017 07:55:17] - |DC| - [11175] - C:\Users\Mugetsu\AppData\Roaming\Logishrd
[16/10/2017 07:55:17] - |DC| - [0] - C:\Users\Mugetsu\AppData\Roaming\Logitech
[21/09/2015 21:54:52] - |DC| - [0] - C:\Users\Mugetsu\AppData\Roaming\LolClient
[28/10/2017 15:31:25] - |DC| - [1565] - C:\Users\Mugetsu\AppData\Roaming\LOVE
[21/09/2015 21:54:51] - |DC| - [2324] - C:\Users\Mugetsu\AppData\Roaming\Macromedia
[29/06/2015 18:25:18] - |DC| - [1887049] - C:\Users\Mugetsu\AppData\Roaming\Mangagamer
[21/05/2018 13:19:02] - |DC| - [0] - C:\Users\Mugetsu\AppData\Roaming\Media Center Programs
[29/08/2019 17:21:16] - |SD| - [610109796] - C:\Users\Mugetsu\AppData\Roaming\Microsoft
[29/01/2019 21:51:20] - |DC| - [0] - C:\Users\Mugetsu\AppData\Roaming\Microsoft Teams
[10/02/2016 20:59:00] - |DC| - [1111] - C:\Users\Mugetsu\AppData\Roaming\MMFApplications
[16/08/2015 14:45:01] - |DC| - [54870] - C:\Users\Mugetsu\AppData\Roaming\MonoDevelop-Unity-4.0
[27/07/2015 19:45:30] - |DC| - [20734553] - C:\Users\Mugetsu\AppData\Roaming\Mozilla
[20/06/2015 19:11:16] - |DC| - [43782905] - C:\Users\Mugetsu\AppData\Roaming\Mumble
[07/11/2015 22:53:42] - |DC| - [332480541] - C:\Users\Mugetsu\AppData\Roaming\Natural Selection 2
[19/08/2016 17:54:50] - |DC| - [2630454] - C:\Users\Mugetsu\AppData\Roaming\Notepad++
[02/02/2016 23:51:20] - |DC| - [184] - C:\Users\Mugetsu\AppData\Roaming\NuGet
[21/06/2015 17:22:56] - |DC| - [16245021] - C:\Users\Mugetsu\AppData\Roaming\NVIDIA
[23/08/2015 18:41:42] - |DC| - [17871760] - C:\Users\Mugetsu\AppData\Roaming\obs-studio
[01/09/2019 01:45:07] - |D| - [1370] - C:\Users\Mugetsu\AppData\Roaming\OCCT
[16/01/2016 23:22:25] - |DC| - [12450864] - C:\Users\Mugetsu\AppData\Roaming\OpenOffice
[29/05/2018 00:13:56] - |DC| - [5352] - C:\Users\Mugetsu\AppData\Roaming\Reg
[20/09/2015 19:07:14] - |DC| - [0] - C:\Users\Mugetsu\AppData\Roaming\Riot Games
[15/02/2018 16:30:24] - |DC| - [173] - C:\Users\Mugetsu\AppData\Roaming\RStudio
[02/07/2015 20:47:28] - |DC| - [709239273] - C:\Users\Mugetsu\AppData\Roaming\Skype
[27/06/2015 20:18:14] - |DC| - [59129496] - C:\Users\Mugetsu\AppData\Roaming\SpaceEngineers
[23/03/2018 23:22:06] - |AC| - [3723] - C:\Users\Mugetsu\AppData\Roaming\SpeedRunnersLog.txt
[08/04/2017 15:21:43] - |DC| - [13824106] - C:\Users\Mugetsu\AppData\Roaming\StardewValley
[16/08/2015 14:45:05] - |DC| - [93529] - C:\Users\Mugetsu\AppData\Roaming\stetic
[16/04/2016 09:17:33] - |DC| - [0] - C:\Users\Mugetsu\AppData\Roaming\Sun
[25/01/2017 23:33:42] - |DC| - [788698] - C:\Users\Mugetsu\AppData\Roaming\sweet lily dreams saves
[24/09/2015 18:59:14] - |DC| - [490] - C:\Users\Mugetsu\AppData\Roaming\SYSTEMAX Software Development
[04/07/2018 00:04:51] - |DC| - [2594] - C:\Users\Mugetsu\AppData\Roaming\Teeworlds
[19/02/2017 13:17:31] - |DC| - [1217673] - C:\Users\Mugetsu\AppData\Roaming\The Witness
[26/07/2015 13:14:08] - |DC| - [10075] - C:\Users\Mugetsu\AppData\Roaming\Trine1
[20/03/2016 16:04:29] - |DC| - [10246] - C:\Users\Mugetsu\AppData\Roaming\Trine2
[22/03/2016 23:00:07] - |DC| - [3752157] - C:\Users\Mugetsu\AppData\Roaming\Tropico 3
[24/07/2015 23:17:59] - |DC| - [36687906] - C:\Users\Mugetsu\AppData\Roaming\TS3Client
[12/08/2015 18:41:24] - |DC| - [5309782] - C:\Users\Mugetsu\AppData\Roaming\Unity
[18/06/2017 20:37:36] - |DC| - [560578] - C:\Users\Mugetsu\AppData\Roaming\Visual Studio Setup
[24/07/2015 19:27:17] - |DC| - [87134] - C:\Users\Mugetsu\AppData\Roaming\vlc
[17/06/2019 20:49:20] - |DC| - [433174653] - C:\Users\Mugetsu\AppData\Roaming\Vortex
[18/06/2017 20:37:36] - |DC| - [66] - C:\Users\Mugetsu\AppData\Roaming\vstelemetry
[16/04/2018 14:00:40] - |DC| - [11517] - C:\Users\Mugetsu\AppData\Roaming\Warner Bros. Interactive Entertainment
[02/07/2015 23:38:33] - |DC| - [0] - C:\Users\Mugetsu\AppData\Roaming\Windows Live Writer
[04/02/2016 19:57:43] - |DC| - [68330] - C:\Users\Mugetsu\AppData\Roaming\WTablet
[06/12/2015 13:03:59] - |DC| - [0] - C:\Users\Mugetsu\AppData\Roaming\[Worker]
[18/06/2015 22:58:27] - |SHC| - [174] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
[28/05/2018 22:55:31] - |AC| - [710] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Dofus.lnk
[12/12/2016 23:17:52] - |AC| - [736] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Krosmaga.lnk
[29/08/2019 17:21:16] - |SHD| - [0] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
[13/08/2016 09:44:06] - |RDC| - [63475] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
[29/08/2019 17:21:16] - |RD| - [3888] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[29/08/2019 17:21:16] - |RD| - [2792] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[18/06/2015 22:58:27] - |RDC| - [174] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[16/02/2016 22:05:35] - |DC| - [2235] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
[29/08/2019 17:21:16] - |SH| - [264] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
[14/08/2017 11:20:05] - |DC| - [0] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
[11/09/2017 21:01:37] - |DC| - [737] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eclipse
[12/02/2017 19:03:16] - |AC| - [2222] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
[10/04/2016 17:10:10] - |AC| - [1061] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fonctionnalités optionnelles.lnk
[10/08/2017 21:20:07] - |DC| - [4076] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameMaker-Studio 1.4
[20/11/2015 22:37:55] - |DC| - [2291] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
[22/07/2015 20:14:01] - |DC| - [0] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
[29/08/2019 17:21:16] - |D| - [170] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[29/01/2019 21:51:22] - |DC| - [2436] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
[21/05/2018 13:19:02] - |AC| - [2168] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
[06/02/2016 01:03:29] - |DC| - [2947] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2015 Tools for Unity
[23/08/2019 22:29:40] - |DC| - [5836] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
[23/08/2015 18:36:54] - |DC| - [1687] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OBS Multiplatform
[21/05/2018 13:19:02] - |AC| - [2463] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive (1).lnk
[29/08/2019 17:21:16] - |A| - [1105] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[27/06/2017 20:29:29] - |DC| - [960] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayNC
[18/06/2015 22:58:27] - |RDC| - [174] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[07/04/2019 13:32:12] - |DC| - [2171] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[29/08/2019 17:21:16] - |RD| - [6469] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[20/02/2016 23:49:34] - |DC| - [2684] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[06/01/2019 20:53:12] - |DC| - [2163] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
[29/08/2019 17:21:16] - |RD| - [10302] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[18/06/2015 22:58:27] - |SHC| - [174] - C:\Users\Mugetsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

---------- | [Public]

[13/02/2016 15:20:48] - |RHD| - [37465] - C:\Users\Public\AccountPictures
[14/07/2009 05:20:08] - |RHD| - [4849] - C:\Users\Public\Desktop
[19/03/2019 06:49:35] - |ASH| - [174] - C:\Users\Public\desktop.ini
[14/07/2009 05:20:08] - |RD| - [278] - C:\Users\Public\Documents
[14/07/2009 05:20:08] - |RD| - [174] - C:\Users\Public\Downloads
[14/07/2009 05:20:08] - |RHD| - [0] - C:\Users\Public\Favorites
[19/03/2019 06:52:44] - |RHD| - [1135] - C:\Users\Public\Libraries
[14/07/2009 05:20:08] - |RD| - [69376] - C:\Users\Public\Music
[14/07/2009 05:20:08] - |RD| - [40316] - C:\Users\Public\Pictures
[14/07/2009 09:45:37] - |RD| - [0] - C:\Users\Public\Recorded TV
[13/01/2018 20:14:45] - |D| - [0] - C:\Users\Public\Recorded TV (1)
[21/05/2018 14:07:08] - |D| - [0] - C:\Users\Public\Recorded TV (2)
[14/07/2009 05:20:08] - |RD| - [380] - C:\Users\Public\Videos

---------- | C:\ProgramData

[20/12/2015 20:29:02] - |D| - [0] - C:\ProgramData\.mono
[30/01/2017 22:03:46] - |D| - [261209] - C:\ProgramData\Adobe
[29/08/2019 17:28:17] - |SHD| - [0] - C:\ProgramData\Application Data
[24/05/2016 19:43:45] - |D| - [202610] - C:\ProgramData\Atlassian
[20/06/2015 20:33:25] - |D| - [916681385] - C:\ProgramData\AVAST Software
[19/06/2015 22:20:16] - |D| - [21364296] - C:\ProgramData\Battle.net
[19/06/2015 22:25:33] - |D| - [2861509075] - C:\ProgramData\Blizzard Entertainment
[21/01/2016 20:24:26] - |D| - [655364] - C:\ProgramData\BlueStacksSetup
[19/06/2015 20:55:01] - |D| - [4194316] - C:\ProgramData\boost_interprocess
[18/06/2015 22:58:12] - |SHD| - [0] - C:\ProgramData\Bureau
[10/04/2016 16:33:00] - |HD| - [24930271] - C:\ProgramData\CanonBJ
[04/02/2016 20:33:15] - |D| - [3647920] - C:\ProgramData\Caphyon
[16/07/2016 13:47:48] - |D| - [0] - C:\ProgramData\Comms
[19/06/2015 21:02:36] - |D| - [0] - C:\ProgramData\DAEMON Tools Lite
[18/06/2017 22:25:47] - |D| - [233] - C:\ProgramData\dftmp
[29/08/2019 17:28:17] - |SHD| - [0] - C:\ProgramData\Documents
[26/10/2017 21:19:33] - |D| - [43590631] - C:\ProgramData\Epic
[18/06/2015 22:58:12] - |SHD| - [0] - C:\ProgramData\Favoris
[11/02/2017 22:13:18] - |D| - [5075638] - C:\ProgramData\For Honor
[12/08/2017 15:48:47] - |D| - [10405989] - C:\ProgramData\For Honor Data
[16/10/2015 18:33:05] - |D| - [569930] - C:\ProgramData\Free Download Manager
[09/07/2015 21:20:41] - |D| - [0] - C:\ProgramData\FreeDownloadManager.ORG
[02/04/2017 18:56:59] - |D| - [153024378] - C:\ProgramData\GameMakerStudio2
[03/04/2017 19:20:46] - |D| - [423] - C:\ProgramData\Git
[22/02/2019 19:39:21] - |D| - [75138] - C:\ProgramData\Hewlett-Packard
[16/04/2016 02:03:12] - |D| - [8463180] - C:\ProgramData\Hi-Rez Studios
[22/02/2019 20:46:30] - |D| - [13317895] - C:\ProgramData\HP
[22/02/2019 20:47:30] - |D| - [8988] - C:\ProgramData\HP Product Assistant
[22/02/2019 20:46:35] - |A| - [1797] - C:\ProgramData\hpzinstall.log
[28/03/2016 18:51:00] - |D| - [526] - C:\ProgramData\Intel
[07/08/2016 13:54:13] - |D| - [822] - C:\ProgramData\LogiShrd
[06/09/2017 21:30:33] - |D| - [8697990] - C:\ProgramData\Malwarebytes
[18/06/2015 22:58:12] - |SHD| - [0] - C:\ProgramData\Menu Démarrer
[19/03/2019 06:52:44] - |SD| - [4139152531] - C:\ProgramData\Microsoft
[29/08/2019 17:30:16] - |D| - [0] - C:\ProgramData\Microsoft OneDrive
[29/05/2016 15:15:27] - |A| - [231] - C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[18/06/2015 22:58:12] - |SHD| - [0] - C:\ProgramData\Modèles
[27/07/2015 19:45:24] - |D| - [6958] - C:\ProgramData\Mozilla
[18/06/2015 23:19:29] - |D| - [21046] - C:\ProgramData\Norton
[18/06/2015 23:18:37] - |D| - [25285942] - C:\ProgramData\NortonInstaller
[16/01/2016 19:25:18] - |D| - [232] - C:\ProgramData\NuGet
[07/06/2017 17:32:10] - |D| - [3098077] - C:\ProgramData\NVIDIA
[07/06/2017 17:32:09] - |D| - [2184587015] - C:\ProgramData\NVIDIA Corporation
[18/06/2015 23:59:08] - |D| - [84092478] - C:\ProgramData\Oracle
[21/06/2015 17:21:33] - |D| - [1767773409] - C:\ProgramData\Package Cache
[23/06/2018 12:49:43] - |D| - [311296] - C:\ProgramData\Packages
[16/01/2016 19:29:56] - |D| - [3353827] - C:\ProgramData\PreEmptive Solutions
[09/09/2015 22:01:47] - |D| - [0] - C:\ProgramData\Ralink
[09/09/2015 22:01:25] - |D| - [4952233] - C:\ProgramData\Ralink Driver
[07/06/2017 17:32:21] - |D| - [171808905] - C:\ProgramData\Razer
[19/03/2019 06:52:44] - |D| - [2067] - C:\ProgramData\regid.1991-06.com.microsoft
[20/09/2015 19:19:03] - |D| - [39] - C:\ProgramData\Riot Games
[11/11/2015 17:36:14] - |D| - [0] - C:\ProgramData\Samsung
[02/07/2015 20:47:22] - |D| - [169254912] - C:\ProgramData\Skype
[19/03/2019 06:52:44] - |D| - [0] - C:\ProgramData\SoftwareDistribution
[18/06/2015 23:59:22] - |D| - [119] - C:\ProgramData\Sun
[24/09/2015 18:59:21] - |D| - [1798012] - C:\ProgramData\SYSTEMAX Software Development
[14/08/2015 21:16:54] - |D| - [6455] - C:\ProgramData\Unity
[19/03/2019 06:52:44] - |D| - [13362] - C:\ProgramData\USOPrivate
[29/08/2019 17:21:05] - |D| - [7180288] - C:\ProgramData\USOShared
[23/08/2019 08:20:25] - |D| - [6858] - C:\ProgramData\VirtualBox
[17/06/2019 20:49:17] - |D| - [88726008] - C:\ProgramData\Vortex
[22/02/2019 20:48:46] - |D| - [209] - C:\ProgramData\WEBREG
[18/06/2017 21:47:08] - |AD| - [696898] - C:\ProgramData\Windows App Certification Kit
[19/03/2019 14:04:01] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices
[16/02/2016 22:12:11] - |D| - [0] - C:\ProgramData\Wondershare

---------- | C:\ProgramData\Microsoft\Windows\Start Menu

[22/02/2019 20:47:28] - |A| - [1502] - C:\ProgramData\Microsoft\Windows\Start Menu\Centre de solutions HP.lnk
[19/03/2019 06:49:34] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini
[18/06/2015 22:58:12] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
[19/03/2019 06:52:44] - |RD| - [272701] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs

---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs

[07/07/2015 20:36:30] - |D| - [1233] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[20/09/2015 21:24:35] - |D| - [1761] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Abandonware-France
[19/03/2019 06:52:44] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
[19/03/2019 06:52:44] - |RD| - [15895] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[19/03/2019 06:52:44] - |RD| - [25478] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[04/02/2016 20:33:11] - |D| - [1323] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtRage Lite
[02/08/2016 18:39:51] - |D| - [1486] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atlassian
[06/08/2017 20:10:23] - |A| - [691] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[19/03/2019 21:25:02] - |A| - [2098] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Antivirus Gratuit.lnk
[19/06/2015 22:25:33] - |D| - [1120] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
[17/06/2019 20:49:18] - |D| - [2084] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Tree Gaming Ltd
[16/01/2016 19:23:53] - |A| - [1554] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
[18/06/2017 20:53:06] - |A| - [1051] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2017.lnk
[31/08/2015 17:33:53] - |D| - [4596] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities
[21/01/2016 20:38:21] - |D| - [1253] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series
[16/03/2017 00:34:38] - |D| - [973] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[02/12/2018 19:46:08] - |D| - [3861] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Design
[19/03/2019 06:49:34] - |ASH| - [400] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
[20/09/2015 19:09:49] - |D| - [8375] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
[22/02/2019 20:47:40] - |A| - [1110] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enregistrement OCR I.R.I.S..lnk
[21/03/2017 22:33:58] - |D| - [1893] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
[10/08/2017 21:20:57] - |D| - [1320] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameMaker Player
[02/04/2017 18:55:54] - |D| - [1690] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameMaker Studio 2
[14/07/2009 07:32:38] - |RD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[26/08/2019 22:30:33] - |D| - [1739] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
[26/08/2015 19:50:27] - |A| - [908] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[01/04/2019 20:27:49] - |D| - [2460] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
[15/05/2016 11:07:26] - |D| - [250] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GUILD WARS
[25/10/2016 19:30:16] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
[16/04/2016 02:03:13] - |D| - [1977] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
[22/02/2019 20:47:07] - |D| - [12856] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[19/03/2019 06:46:39] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
[18/06/2015 23:59:13] - |D| - [6451] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[11/09/2017 20:46:40] - |D| - [1084] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
[12/03/2017 15:48:39] - |D| - [1156] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KGS Online
[04/02/2018 21:27:50] - |D| - [1064] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kobo
[13/08/2016 19:53:01] - |D| - [1605] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Krita
[20/09/2015 19:09:30] - |D| - [1383] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
[07/08/2016 13:53:49] - |D| - [2739] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[19/03/2019 06:52:44] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
[06/09/2017 21:30:36] - |D| - [3450] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[18/06/2017 22:25:47] - |D| - [16855] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Azure
[16/01/2016 19:24:25] - |D| - [1700] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
[17/01/2016 23:35:25] - |D| - [2348] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[09/12/2018 10:48:19] - |D| - [715] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
[22/06/2015 14:14:32] - |A| - [1325] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[27/07/2015 19:45:24] - |A| - [1183] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[19/08/2017 21:07:27] - |A| - [813] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[10/06/2017 12:06:23] - |D| - [1766] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
[27/06/2017 18:39:10] - |D| - [1416] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NC Launcher
[13/02/2016 11:36:37] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
[13/02/2016 11:35:55] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
[21/06/2015 20:40:54] - |D| - [2232] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
[19/08/2016 17:54:53] - |D| - [699] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[19/08/2018 10:16:14] - |D| - [1475] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[15/02/2017 20:05:47] - |D| - [2726] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
[16/01/2016 23:22:12] - |SD| - [5215] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
[03/05/2016 21:03:35] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
[07/07/2015 20:41:28] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
[22/06/2015 14:14:29] - |A| - [1394] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[18/06/2017 22:26:39] - |D| - [5197] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.6
[15/02/2018 11:11:36] - |D| - [2207] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
[09/09/2015 22:01:36] - |D| - [4443] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ralink Wireless
[09/11/2017 20:57:26] - |D| - [2048] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
[16/03/2017 00:34:36] - |D| - [3392] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
[15/02/2018 11:13:28] - |D| - [1982] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio
[13/01/2016 20:18:37] - |D| - [1031] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scrivener
[23/07/2018 16:07:16] - |D| - [1411] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[21/08/2019 16:25:06] - |D| - [2044] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX
[19/03/2019 06:52:44] - |RD| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
[19/06/2015 21:55:52] - |D| - [575] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[17/09/2015 19:33:56] - |D| - [13786] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sven Co-op
[19/03/2019 06:52:44] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
[13/02/2016 15:03:00] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[04/02/2016 19:58:10] - |RD| - [8368] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablette Wacom
[18/02/2017 18:08:21] - |D| - [1528] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Team Meat
[24/07/2015 21:47:53] - |D| - [1170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[12/08/2015 19:24:04] - |D| - [1582] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.1.2f1 (64-bit)
[16/01/2016 18:58:22] - |D| - [2447] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.3.1f1 (64-bit)
[06/02/2016 00:54:03] - |D| - [2447] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.3.2f1 (64-bit)
[19/03/2016 15:22:51] - |D| - [2447] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.3.4f1 (64-bit)
[24/07/2015 19:27:06] - |D| - [3786] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[16/01/2016 19:21:29] - |D| - [5546] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
[16/01/2016 19:17:52] - |A| - [1555] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
[18/06/2017 20:53:04] - |D| - [5607] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
[18/06/2017 20:48:57] - |A| - [802] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017.lnk
[18/06/2017 20:37:36] - |A| - [2305] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
[18/06/2017 21:47:06] - |D| - [13840] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
[22/06/2015 14:13:29] - |RD| - [2546] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[22/06/2015 14:13:42] - |A| - [1478] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[22/06/2015 14:13:40] - |A| - [2506] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[20/08/2017 08:42:58] - |A| - [2435] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk

---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

[19/03/2019 06:49:34] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
[22/02/2019 20:47:21] - |A| - [2186] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[09/09/2015 22:01:36] - |A| - [2010] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk

---------- | C:\Program Files (x86)

[16/01/2016 19:39:02] - |D| - [5502855] - C:\Program Files (x86)\AppInsights
[18/06/2017 21:47:05] - |AD| - [311441] - C:\Program Files (x86)\Application Verifier
[07/06/2017 17:31:56] - |D| - [2289232] - C:\Program Files (x86)\ASUS
[31/08/2015 17:26:30] - |D| - [1469768] - C:\Program Files (x86)\Canon
[12/03/2017 15:48:33] - |AD| - [177767182] - C:\Program Files (x86)\cgoban
[09/09/2015 22:01:24] - |D| - [3598306] - C:\Program Files (x86)\Cisco
[19/03/2019 06:52:44] - |D| - [662424264] - C:\Program Files (x86)\Common Files
[19/03/2019 06:49:34] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini
[18/06/2017 21:51:36] - |D| - [109354541] - C:\Program Files (x86)\Entity Framework Tools
[18/06/2015 23:17:49] - |D| - [465376966] - C:\Program Files (x86)\Google
[16/01/2016 18:58:38] - |D| - [71525874] - C:\Program Files (x86)\GtkSharp
[18/06/2015 23:17:59] - |D| - [0] - C:\Program Files (x86)\GUM6306.tmp
[22/02/2019 20:46:55] - |D| - [212197921] - C:\Program Files (x86)\HP
[18/06/2017 21:52:05] - |D| - [1182443] - C:\Program Files (x86)\IIS
[18/06/2017 21:51:59] - |AD| - [18422932] - C:\Program Files (x86)\IIS Express
[09/09/2015 22:01:23] - |HD| - [12479739] - C:\Program Files (x86)\InstallShield Installation Information
[19/03/2019 06:52:44] - |D| - [1163915] - C:\Program Files (x86)\Internet Explorer
[18/06/2015 23:59:06] - |D| - [189188444] - C:\Program Files (x86)\Java
[04/02/2018 21:27:48] - |D| - [87173080] - C:\Program Files (x86)\Kobo
[07/08/2016 13:53:48] - |D| - [38884251] - C:\Program Files (x86)\Logitech
[23/07/2018 16:07:10] - |D| - [252203594] - C:\Program Files (x86)\Microsoft
[22/06/2015 23:06:56] - |D| - [1670519] - C:\Program Files (x86)\Microsoft ASP.NET
[18/06/2017 22:09:54] - |AD| - [59] - C:\Program Files (x86)\Microsoft ASP.NET Core 1.0 Local Feed - Visual Studio 2017
[18/06/2017 22:14:22] - |AD| - [59] - C:\Program Files (x86)\Microsoft ASP.NET Core 1.1 Local Feed - Visual Studio 2017
[16/01/2016 19:21:00] - |D| - [10427585] - C:\Program Files (x86)\Microsoft Help Viewer
[16/01/2016 19:26:52] - |D| - [19600882] - C:\Program Files (x86)\Microsoft Office365 Tools
[22/06/2015 14:12:24] - |D| - [6081224] - C:\Program Files (x86)\Microsoft OneDrive
[16/01/2016 19:14:06] - |D| - [4161548861] - C:\Program Files (x86)\Microsoft SDKs
[17/01/2016 23:34:51] - |AD| - [55980614] - C:\Program Files (x86)\Microsoft Silverlight
[16/01/2016 19:17:57] - |AD| - [23307526] - C:\Program Files (x86)\Microsoft SQL Server
[22/06/2015 14:13:44] - |AD| - [10638359] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[18/06/2017 20:37:31] - |D| - [167400261] - C:\Program Files (x86)\Microsoft Visual Studio
[16/01/2016 19:23:07] - |D| - [895648] - C:\Program Files (x86)\Microsoft Visual Studio 12.0
[16/01/2016 19:14:28] - |AD| - [1424681799] - C:\Program Files (x86)\Microsoft Visual Studio 14.0
[06/02/2016 01:03:29] - |D| - [928956] - C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
[16/01/2016 19:24:55] - |D| - [44605563] - C:\Program Files (x86)\Microsoft WCF Data Services
[18/06/2017 21:06:49] - |D| - [499808078] - C:\Program Files (x86)\Microsoft Web Tools
[02/07/2015 21:05:31] - |D| - [6076507] - C:\Program Files (x86)\Microsoft XNA
[19/03/2019 06:52:44] - |D| - [38913239] - C:\Program Files (x86)\Microsoft.NET
[13/01/2016 19:59:49] - |D| - [9336778] - C:\Program Files (x86)\Movie Maker 2.6
[23/08/2018 10:57:14] - |D| - [97154752] - C:\Program Files (x86)\Mozilla Firefox
[27/07/2015 19:45:24] - |D| - [289280] - C:\Program Files (x86)\Mozilla Maintenance Service
[29/08/2019 17:37:26] - |D| - [295171499] - C:\Program Files (x86)\MSBuild
[22/07/2015 22:14:55] - |D| - [143455] - C:\Program Files (x86)\Mumble
[13/02/2016 11:35:54] - |D| - [0] - C:\Program Files (x86)\NCWest
[16/01/2016 19:25:18] - |D| - [4293355] - C:\Program Files (x86)\NuGet
[07/06/2017 17:32:05] - |D| - [288042783] - C:\Program Files (x86)\NVIDIA Corporation
[25/06/2018 17:08:24] - |D| - [809496] - C:\Program Files (x86)\OpenAL
[25/10/2017 23:16:46] - |D| - [0] - C:\Program Files (x86)\PKGInstaller
[09/09/2015 22:01:23] - |D| - [258130612] - C:\Program Files (x86)\Ralink
[07/06/2017 17:32:18] - |AD| - [124391410] - C:\Program Files (x86)\Razer
[29/08/2019 17:37:26] - |D| - [1141849442] - C:\Program Files (x86)\Reference Assemblies
[16/01/2016 19:29:35] - |D| - [180542] - C:\Program Files (x86)\ShellDir
[15/03/2017 19:57:54] - |RD| - [1926632] - C:\Program Files (x86)\Skype
[16/08/2015 09:34:26] - |D| - [734823] - C:\Program Files (x86)\Sorian AI Mod
[04/02/2016 19:58:11] - |D| - [2083057] - C:\Program Files (x86)\TabletPlugins
[20/02/2016 23:49:32] - |D| - [357082613] - C:\Program Files (x86)\Ubisoft
[07/06/2017 17:31:56] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information
[19/08/2018 10:15:48] - |D| - [15793] - C:\Program Files (x86)\VulkanRT
[19/03/2019 06:52:44] - |D| - [1794064] - C:\Program Files (x86)\Windows Defender
[16/01/2016 19:14:07] - |D| - [866797206] - C:\Program Files (x86)\Windows Kits
[22/06/2015 14:13:17] - |AD| - [151328872] - C:\Program Files (x86)\Windows Live
[19/03/2019 06:52:44] - |D| - [625664] - C:\Program Files (x86)\Windows Mail
[19/03/2019 14:04:01] - |D| - [3313005] - C:\Program Files (x86)\Windows Media Player
[19/03/2019 14:04:01] - |D| - [39720] - C:\Program Files (x86)\Windows Multimedia Platform
[19/03/2019 06:52:44] - |D| - [7610200] - C:\Program Files (x86)\Windows NT
[18/06/2017 21:48:34] - |D| - [3314504] - C:\Program Files (x86)\Windows Phone Kits
[19/03/2019 14:04:01] - |D| - [5320648] - C:\Program Files (x86)\Windows Photo Viewer
[19/03/2019 14:04:01] - |D| - [39720] - C:\Program Files (x86)\Windows Portable Devices
[19/03/2019 06:52:44] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar
[19/03/2019 06:52:44] - |D| - [2372645] - C:\Program Files (x86)\WindowsPowerShell
[23/07/2015 19:24:28] - |D| - [0] - C:\Program Files (x86)\Wondershare

---------- | C:\Program Files

[18/06/2017 21:47:05] - |AD| - [353569] - C:\Program Files\Application Verifier
[07/06/2017 17:31:55] - |D| - [2064711] - C:\Program Files\ASUS
[20/06/2015 20:33:49] - |D| - [1435130872] - C:\Program Files\AVAST Software
[17/06/2019 20:49:11] - |D| - [324155022] - C:\Program Files\Black Tree Gaming Ltd
[21/01/2016 20:38:14] - |HD| - [17701185] - C:\Program Files\CanonBJ
[16/03/2017 00:34:37] - |AD| - [46673752] - C:\Program Files\CCleaner
[19/03/2019 06:52:43] - |D| - [146160185] - C:\Program Files\Common Files
[19/03/2019 06:49:34] - |ASH| - [174] - C:\Program Files\desktop.ini
[18/06/2017 22:02:25] - |AD| - [255283830] - C:\Program Files\dotnet
[14/07/2009 07:32:38] - |D| - [0] - C:\Program Files\DVD Maker
[18/06/2015 22:58:12] - |SHD| - [0] - C:\Program Files\Fichiers communs
[02/04/2017 18:54:36] - |D| - [0] - C:\Program Files\GameMaker Studio 2
[26/08/2015 19:50:11] - |AD| - [278922803] - C:\Program Files\GIMP 2
[18/06/2015 23:18:10] - |D| - [0] - C:\Program Files\Google
[18/06/2017 21:52:05] - |AD| - [5481155] - C:\Program Files\IIS
[18/06/2017 21:51:59] - |AD| - [19029140] - C:\Program Files\IIS Express
[19/03/2019 06:52:44] - |D| - [1823598] - C:\Program Files\Internet Explorer
[01/06/2019 22:15:13] - |D| - [215700356] - C:\Program Files\Java
[16/10/2017 07:55:47] - |D| - [318124637] - C:\Program Files\Logitech Gaming Software
[18/06/2017 22:15:25] - |D| - [93922152] - C:\Program Files\Microsoft SDKs
[17/01/2016 23:34:51] - |AD| - [69806486] - C:\Program Files\Microsoft Silverlight
[16/01/2016 19:17:56] - |AD| - [250376079] - C:\Program Files\Microsoft SQL Server
[16/01/2016 19:31:50] - |AD| - [9418786] - C:\Program Files\Microsoft SQL Server Compact Edition
[16/01/2016 19:23:09] - |D| - [1125536] - C:\Program Files\Microsoft Visual Studio 12.0
[19/03/2019 06:52:44] - |D| - [0] - C:\Program Files\ModifiableWindowsApps
[29/08/2019 17:37:26] - |D| - [25757] - C:\Program Files\MSBuild
[07/06/2017 17:32:05] - |D| - [1954864806] - C:\Program Files\NVIDIA Corporation
[18/06/2017 22:26:13] - |AD| - [177400732] - C:\Program Files\Python36
[15/02/2018 11:11:20] - |D| - [200942274] - C:\Program Files\R
[23/07/2015 19:25:51] - |AD| - [10928904] - C:\Program Files\Recuva
[29/08/2019 17:37:26] - |D| - [36867241] - C:\Program Files\Reference Assemblies
[12/01/2018 19:14:30] - |D| - [29961328] - C:\Program Files\rempl
[15/02/2018 11:13:13] - |D| - [512362125] - C:\Program Files\RStudio
[01/09/2019 01:40:45] - |D| - [14772192] - C:\Program Files\Speccy
[04/02/2016 19:57:43] - |D| - [164370346] - C:\Program Files\Tablet
[04/02/2016 19:58:10] - |D| - [2321152] - C:\Program Files\TabletPlugins
[13/02/2016 15:16:19] - |HD| - [0] - C:\Program Files\Uninstall Information
[03/05/2017 20:28:05] - |AD| - [26214400] - C:\Program Files\UNP
[18/06/2017 22:15:25] - |AD| - [21324] - C:\Program Files\VS2010Schemas
[18/06/2017 22:15:25] - |AD| - [21324] - C:\Program Files\VS2012Schemas
[19/03/2019 06:52:44] - |D| - [31049220] - C:\Program Files\Windows Defender
[19/03/2019 14:04:01] - |D| - [16496032] - C:\Program Files\Windows Defender Advanced Threat Protection
[22/06/2015 14:13:28] - |D| - [52928] - C:\Program Files\Windows Live
[19/03/2019 06:52:44] - |D| - [636416] - C:\Program Files\Windows Mail
[19/03/2019 14:04:01] - |D| - [4818321] - C:\Program Files\Windows Media Player
[19/03/2019 14:04:01] - |D| - [47720] - C:\Program Files\Windows Multimedia Platform
[19/03/2019 06:52:44] - |D| - [7946584] - C:\Program Files\Windows NT
[19/03/2019 14:04:01] - |D| - [6138008] - C:\Program Files\Windows Photo Viewer
[19/03/2019 14:04:01] - |D| - [47720] - C:\Program Files\Windows Portable Devices
[19/03/2019 06:52:44] - |D| - [110373] - C:\Program Files\Windows Security
[19/03/2019 06:52:44] - |SHD| - [0] - C:\Program Files\Windows Sidebar
[19/03/2019 06:52:44] - |HD| - [2395861573] - C:\Program Files\WindowsApps
[19/03/2019 06:52:44] - |D| - [2699677] - C:\Program Files\WindowsPowerShell

---------- | C:\Program Files (x86)\Common Files

[30/01/2017 22:18:35] - |D| - [123654136] - C:\Program Files (x86)\Common Files\Adobe
[03/12/2015 19:31:16] - |D| - [2] - C:\Program Files (x86)\Common Files\AV
[29/10/2017 20:53:29] - |D| - [3094400] - C:\Program Files (x86)\Common Files\BattlEye
[16/01/2016 19:21:05] - |AD| - [25256] - C:\Program Files (x86)\Common Files\Designer
[22/02/2019 20:47:09] - |D| - [2572005] - C:\Program Files (x86)\Common Files\Hewlett-Packard
[22/02/2019 20:47:12] - |D| - [1413188] - C:\Program Files (x86)\Common Files\HP
[01/06/2019 22:16:14] - |D| - [2036720] - C:\Program Files (x86)\Common Files\Java
[07/06/2017 17:32:21] - |AD| - [91135437] - C:\Program Files (x86)\Common Files\logishrd
[16/01/2016 19:17:24] - |D| - [0] - C:\Program Files (x86)\Common Files\Merge Modules
[18/06/2017 21:47:09] - |D| - [2221] - C:\Program Files (x86)\Common Files\Microsoft
[19/03/2019 06:52:44] - |D| - [158940223] - C:\Program Files (x86)\Common Files\Microsoft Shared
[01/06/2019 22:15:31] - |D| - [1540304] - C:\Program Files (x86)\Common Files\Oracle
[19/03/2019 06:52:44] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services
[29/08/2019 17:45:03] - |D| - [41095079] - C:\Program Files (x86)\Common Files\SpeechEngines
[19/06/2015 21:55:52] - |D| - [4085312] - C:\Program Files (x86)\Common Files\Steam
[19/03/2019 06:52:44] - |D| - [9716619] - C:\Program Files (x86)\Common Files\System
[22/06/2015 14:06:53] - |D| - [216998354] - C:\Program Files (x86)\Common Files\Windows Live
[23/07/2015 19:24:30] - |D| - [6112306] - C:\Program Files (x86)\Common Files\Wondershare

---------- | C:\Program Files\Common files

[03/12/2015 19:31:16] - |D| - [2] - C:\Program Files\Common files\AV
[07/01/2018 13:11:51] - |D| - [2045832] - C:\Program Files\Common files\Avast Software
[07/06/2017 17:32:20] - |D| - [23522326] - C:\Program Files\Common files\logishrd
[19/03/2019 06:52:43] - |D| - [109433984] - C:\Program Files\Common files\microsoft shared
[19/03/2019 06:52:44] - |D| - [2702] - C:\Program Files\Common files\Services
[29/08/2019 17:45:03] - |D| - [599040] - C:\Program Files\Common files\SpeechEngines
[19/03/2019 06:52:44] - |D| - [10556299] - C:\Program Files\Common files\System

---------- | Tasks

[MD5.6C565A3A7566A083C7B9A1D6ECABA1D2] - [01/09/2019 12:19:06] - |A| - [214] - C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
[MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [29/08/2019 17:28:10] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT
[MD5.CEB6D42DB39E3C7FD53E9BA188B59BEE] - [29/08/2019 19:08:10] - |A| - [304] - C:\WINDOWS\Tasks\WebReg HP Photosmart C4400 Series.job
[MD5.13532FDBFA9477B6ABCFBE8B8F42DB73] - [29/08/2019 17:28:10] - |A| - [3996] - C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier         :   C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe
[MD5.FF07952C0A64E990E8A80569EE4859E5] - [29/08/2019 17:28:10] - |A| - [2878] - C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-johan.dumestier@outlook.fr         :   C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
[MD5.2B7E87A61E3465952B0A911C2BEF798E] - [29/08/2019 17:28:10] - |A| - [2924] - C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-johan.dumestier@outlook.fr         :   C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
[MD5.F170B1E5AD300F475F57317CD188014D] - [29/08/2019 17:28:10] - |A| - [3990] - C:\WINDOWS\System32\Tasks\Avast Emergency Update         :   C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
[MD5.00000000000000000000000000000000] - [29/08/2019 17:28:10] - |D| - [10706] - C:\WINDOWS\System32\Tasks\AVAST Software
[MD5.A7186524BF5392F8922B730670C4CA8D] - [29/08/2019 17:28:10] - |A| - [3254] - C:\WINDOWS\System32\Tasks\CCleaner Update         :   C:\Program Files\CCleaner\CCUpdate.exe
[MD5.3FFF8D7E9C4B6950B7F49A9D565727B2] - [29/08/2019 17:28:10] - |A| - [2280] - C:\WINDOWS\System32\Tasks\CCleanerSkipUAC         :   "C:\Program Files\CCleaner\CCleaner.exe"
[MD5.22C680367D64E5A3FF93309D9B181095] - [29/08/2019 17:28:10] - |A| - [3352] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore         :   C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.665D898783BB3F543ED23FF49FF8712D] - [29/08/2019 17:28:10] - |A| - [3576] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA         :   C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.00000000000000000000000000000000] - [19/03/2019 06:52:45] - |D| - [713840] - C:\WINDOWS\System32\Tasks\Microsoft
[MD5.6054902DF76BFDA73C12895E5F2BF6AD] - [29/08/2019 17:28:10] - |A| - [3256] - C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
[MD5.F612706D80585A9070C613E74C2A27D1] - [29/08/2019 17:28:10] - |A| - [3458] - C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
[MD5.E5DAFC2325097E427C491A28F2F74BEA] - [29/08/2019 17:28:10] - |A| - [3212] - C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   "C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
[MD5.A001B7913BD198416FF38C1FA3E9FB41] - [29/08/2019 17:28:10] - |A| - [2974] - C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
[MD5.1A2874FFAF48918772F45E3E29662CEE] - [29/08/2019 17:28:10] - |A| - [3044] - C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
[MD5.F608C3FB353D2CD109273D6E6BFB0071] - [29/08/2019 17:28:10] - |A| - [2804] - C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
[MD5.AB1972829397F18F4A5DE1C18DCC0155] - [29/08/2019 17:28:10] - |A| - [3008] - C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
[MD5.CCADA9CEC11A90D0CE60AB83481DED65] - [29/08/2019 17:28:10] - |A| - [3008] - C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
[MD5.1674B0BA5EAD513DC81F3FEAF1D94835] - [29/08/2019 17:28:10] - |A| - [3008] - C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
[MD5.BCF724465017CC6C0E00D8E37D34850F] - [29/08/2019 17:28:10] - |A| - [3008] - C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
[MD5.0BB07829E26C100939E7D7C3341DBC90] - [29/08/2019 17:28:10] - |A| - [2920] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3543355656-3037117862-3061321469-1000         :   %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
[MD5.175B508929CF6C8756A152088438C549] - [29/08/2019 17:28:10] - |A| - [2642] - C:\WINDOWS\System32\Tasks\PaintTool SAI         :   "C:\Users\Mugetsu\AppData\Local\Temp\is-U8NSO.tmp\prsetup.exe"
[MD5.00000000000000000000000000000000] - [29/08/2019 17:28:10] - |D| - [2962] - C:\WINDOWS\System32\Tasks\S-1-5-21-3543355656-3037117862-3061321469-1000
[MD5.2F0B2FC6F9C8EFF7EA78155EDDAB18CD] - [29/08/2019 17:28:10] - |A| - [3374] - C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DCFDDB49-3FD1-40A4-8DA0-F2893E3B08E1}         :   C:\WINDOWS\system32\msfeedssync.exe
[MD5.00000000000000000000000000000000] - [29/08/2019 17:28:10] - |D| - [3852] - C:\WINDOWS\System32\Tasks\WPD
[MD5.D8A9DC3F7A9FBD5554A2680975D4ED2F] - [29/08/2019 17:28:10] - |A| - [2362] - C:\WINDOWS\System32\Tasks\{C014F3AB-3518-46EF-B374-B1AB81C463DD}         :   "c:\program files (x86)\google\chrome\application\chrome.exe"
[MD5.00000000000000000000000000000000] - [19/03/2019 06:52:46] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft

---------- | Firewall

[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules]
"WiFiDirect-KM-Driver-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver|
"WiFiDirect-KM-Driver-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver|
"WiFiDirect-KM-Driver-In-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver|
"WiFiDirect-KM-Driver-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver|
"DeliveryOptimization-TCP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE|
"DeliveryOptimization-UDP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE|
"Netlogon-NamedPipe-In"=v2.30|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010|
"Netlogon-TCP-RPC-In"=v2.30|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010|
"WirelessDisplay-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay|
"WirelessDisplay-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay|
"WirelessDisplay-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay|
"WirelessDisplay-Infra-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100|
"WCF-NetTcpActivator-In-TCP-64bit"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=808|App=%systemroot%\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll,-2000|Desc=@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll,-2001|EmbedCtxt=@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll,-2002|
"{A7F0BB1C-227D-4F0A-9B3C-7D43106C2491}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-3543355656-3037117862-3061321469-1000|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ|
"{3F4F3553-F182-4E1F-8717-DC36D46AA117}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-3543355656-3037117862-3061321469-1000|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ|
"{553D6D96-6D03-4FAE-9BE1-9B5133311286}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-3543355656-3037117862-3061321469-1000|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ|
"{16DB3725-6273-42D9-B8D9-CA5794D04312}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-3543355656-3037117862-3061321469-1000|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ|
"{9058AD75-DE4D-48A0-952B-03A51D98CBE9}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=E:\jeux\ff14\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe|Name=FINAL FANTASY XIV LAUNCHER|
"{CB45EE5E-E028-4571-A25A-6AB42E5EF1CA}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=E:\jeux\ff14\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe|Name=FINAL FANTASY XIV LAUNCHER|
"{A1E27C3C-4225-478B-B2B7-443808642A33}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=E:\jeux\ff14\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe|Name=FINAL FANTASY XIV BOOT|
"{63231AA1-6E97-4546-8F45-2BF29CB40F5A}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=E:\jeux\ff14\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe|Name=FINAL FANTASY XIV BOOT|
"{79E529AE-47B2-477B-9478-0C6773C65A71}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=3D Builder|Desc=3D Builder|LUOwn=S-1-5-21-3543355656-3037117862-3061321469-1000|AppPkgId=S-1-15-2-3995430443-3719053022-3339397951-2895237338-2437516106-1575886070-2755610054|EmbedCtxt=3D Builder|Platform=2:6:2|Platform2=GTEQ|
"{4C22DCB4-2E96-4C88-830F-DD8E852DCDC7}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=3D Builder|Desc=3D Builder|LUOwn=S-1-5-21-3543355656-3037117862-3061321469-1000|AppPkgId=S-1-15-2-3995430443-3719053022-3339397951-2895237338-2437516106-1575886070-2755610054|EmbedCtxt=3D Builder|Platform=2:6:2|Platform2=GTEQ|
"{6C098A8D-1180-40BF-BB7E-6F869860ECC9}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-3543355656-3037117862-3061321469-1000|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ|
"{B0C106EF-79E4-4096-B9E3-7F6AB4E0B346}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-3543355656-3037117862-3061321469-1000|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ|
"UDP Query User{039E9B72-4CD3-45C7-9D75-72F70320B0BA}F:\jeux\overwatch\_retail_\overwatch.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=F:\jeux\overwatch\_retail_\overwatch.exe|Name=Overwatch Application|Desc=Overwatch Application|Defer=User|
"TCP Query User{B83F8312-089A-40B4-99CE-A781D481E162}F:\jeux\overwatch\_retail_\overwatch.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=F:\jeux\overwatch\_retail_\overwatch.exe|Name=Overwatch Application|Desc=Overwatch Application|Defer=User|
"UDP Query User{875559B6-A0A8-4AAC-8BF0-0E8161627CFE}F:\jeux\hots\heroes of the storm\versions\base74238\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=F:\jeux\hots\heroes of the storm\versions\base74238\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User|
"TCP Query User{2227B5C8-62FD-4D66-ABF8-48CE08688107}F:\jeux\hots\heroes of the storm\versions\base74238\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=F:\jeux\hots\heroes of the storm\versions\base74238\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User|
"UDP Query User{A677D90A-1BE5-489E-9AF4-CA3B65D1608A}E:\jeux\minecraft\runtime\jre-x64\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=E:\jeux\minecraft\runtime\jre-x64\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User|
"TCP Query User{B05164BD-5CFF-4CB4-B668-4D748DB04139}E:\jeux\minecraft\runtime\jre-x64\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=E:\jeux\minecraft\runtime\jre-x64\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User|
"{46FA84A9-3431-4539-B021-83F0C57E02A8}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Sway|Desc=Sway|LUOwn=S-1-5-21-3543355656-3037117862-3061321469-1000|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ|
"{BCC85AE0-28F3-4A65-BE4E-B185DB42CBDA}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-3543355656-3037117862-3061321469-1000|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ|
"{588037AD-5FC0-4266-81D5-BD6A8332614B}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-3543355656-3037117862-3061321469-1000|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ|
"UDP Query User{EC85AE52-0130-4A61-8186-1E5B692093EE}E:\jeux\lol\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=E:\jeux\lol\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe|Name=League of Legends|Desc=League of Legends|Defer=User|
"TCP Query User{8293E9D2-1F28-43DC-B7B9-62E67455E4BA}E:\jeux\lol\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=E:\jeux\lol\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe|Name=League of Legends|Desc=League of Legends|Defer=User|
"{DCDF8DFF-D55C-45E9-8A3F-F7871195C5EE}"=v2.28|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\hp software update\hpwucli.exe|Name=hpwucli.exe|Desc=C:\Program Files (x86)\HP\hp software update\hpwucli.exe|
"{B431F052-88B7-41FE-AD02-8070F71FB733}"=v2.28|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe|Name=hpqusgh.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe|
"{51585DB1-76CA-49E6-9ED5-23453A3DCD18}"=v2.28|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe|Name=hpqusgm.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe|
"{2A461DFA-6555-43D1-8F15-492AC06DB8FD}"=v2.28|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe|Name=hpqgpc01.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe|
"{90A4B5AF-019A-4C7E-BB0A-604DBC3904B2}"=v2.28|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe|Name=hpqgplgtupl.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe|
"{C169A754-94DC-4932-835A-AEFC108D3415}"=v2.28|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe|Name=hpiscnapp.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe|
"{478B76C6-8A23-4858-BE95-FDE2DB23B4A6}"=v2.28|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe|Name=hpfccopy.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe|
"{9E2A2413-0215-4610-B493-6E52F5D11488}"=v2.28|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe|Name=hpqcopy2.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe|
"{764BFDC8-B596-43A2-9480-C24A77F3F418}"=v2.28|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe|Name=hpqkygrp.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe|
"{18BB3B74-CE60-41DA-913C-CE12E907D8FB}"=v2.28|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe|Name=hposid01.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe|
"{C1146EA2-7785-4227-B76D-28D6E7D5C845}"=v2.28|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe|Name=hpqste08.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe|
"{E942E10E-6FAD-48F9-AC66-C6E5A3C40173}"=v2.28|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe|Name=hpqtra08.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe|
"UDP Query User{BEE7EEA4-DA51-41DB-A26E-8FCA7CE63A5B}E:\jeux\lol\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=E:\jeux\lol\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe|Name=League of Legends|Desc=League of Legends|Defer=User|
"TCP Query User{C419C9E7-4CD0-491E-830C-754D3275E517}E:\jeux\lol\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=E:\jeux\lol\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe|Name=League of Legends|Desc=League of Legends|Defer=User|
"UDP Query User{4F39D092-C593-4597-BF3A-9A958249219D}C:\users\mugetsu\appdata\local\microsoft\teams\current\teams.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\mugetsu\appdata\local\microsoft\teams\current\teams.exe|Name=teams.exe|Desc=teams.exe|
"TCP Query User{F8BE73F9-CD46-45C0-AE27-01797896AA11}C:\users\mugetsu\appdata\local\microsoft\teams\current\teams.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\mugetsu\appdata\local\microsoft\teams\current\teams.exe|Name=teams.exe|Desc=teams.exe|
"{F44082A8-B989-44E9-9DB7-0E2AEE7BB8F0}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-3543355656-3037117862-3061321469-1000|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ|
"UDP Query User{7A5D742C-05FD-4703-9187-63FF975395C6}E:\jeux\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=E:\jeux\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User|
"TCP Query User{47DB66FF-88EE-41CF-A46A-AA7DFB84C72F}E:\jeux\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=E:\jeux\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User|
"UDP Query User{299CA7C7-23F0-4130-ADD7-3B47C33FEF11}E:\jeux\lol\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=E:\jeux\lol\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe|Name=League of Legends|Desc=League of Legends|Defer=User|
"TCP Query User{7A1637FF-4B1B-4601-9988-293E653ECCF1}E:\jeux\lol\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=E:\jeux\lol\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe|Name=League of Legends|Desc=League of Legends|Defer=User|
"{094008F7-306F-48AD-97B4-1B474A2CB76E}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Twitter|Desc=Twitter|LUOwn=S-1-5-21-3543355656-3037117862-3061321469-1000|AppPkgId=S-1-15-2-1063257880-1914585122-1954150059-946145533-116938067-416079064-1690466945|EmbedCtxt=Twitter|Platform=2:6:2|Platform2=GTEQ|
"UDP Query User{1E1E864F-A7F0-4C11-BBE6-0AC71926061F}E:\jeux\teeworlds-0.6.4-win32\teeworlds.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=E:\jeux\teeworlds-0.6.4-win32\teeworlds.exe|Name=teeworlds|Desc=teeworlds|Defer=User|
"TCP Query User{7D572E33-1F4C-4DDA-9C4C-D9ECE4E19ECA}E:\jeux\teeworlds-0.6.4-win32\teeworlds.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=E:\jeux\teeworlds-0.6.4-win32\teeworlds.exe|Name=teeworlds|Desc=teeworlds|Defer=User|
"UDP Query User{2FF40EE1-F87F-4446-8918-9E282E668326}F:\jeux\overwatch\overwatch.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=F:\jeux\overwatch\overwatch.exe|Name=Overwatch Application|Desc=Overwatch Application|Defer=User|
"TCP Query User{1579AF62-2142-416B-B695-EF87FD79ADCE}F:\jeux\overwatch\overwatch.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=F:\jeux\overwatch\overwatch.exe|Name=Overwatch Application|Desc=Overwatch Application|Defer=User|
"UDP Query User{69645D12-D66A-49F2-B924-6545DC2D0E57}C:\program files\logitech gaming software\lcore.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\logitech gaming software\lcore.exe|Name=Logitech Gaming Framework|Desc=Logitech Gaming Framework|Defer=User|
"TCP Query User{179D3056-4EC7-4577-B295-F4858302D0E7}C:\program files\logitech gaming software\lcore.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\logitech gaming software\lcore.exe|Name=Logitech Gaming Framework|Desc=Logitech Gaming Framework|Defer=User|
"UDP Query User{C19ABBB0-6BA7-4798-9081-1DDFB852675F}C:\program files\logitech gaming software\lcore.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\logitech gaming software\lcore.exe|Name=Logitech Gaming Framework|Desc=Logitech Gaming Framework|Defer=User|
"TCP Query User{D626AB0A-B324-4E4A-8D48-B549E0974A41}C:\program files\logitech gaming software\lcore.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\logitech gaming software\lcore.exe|Name=Logitech Gaming Framework|Desc=Logitech Gaming Framework|Defer=User|
"UDP Query User{28C8A4E7-7D39-4E65-94E9-BF35A4BD8A55}E:\outils\eclipse\eclipse\eclipse.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=E:\outils\eclipse\eclipse\eclipse.exe|Name=eclipse|Desc=eclipse|Defer=User|
"TCP Query User{37C85B73-9107-406E-B44A-E99597B8E08F}E:\outils\eclipse\eclipse\eclipse.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=E:\outils\eclipse\eclipse\eclipse.exe|Name=eclipse|Desc=eclipse|Defer=User|
"{F9EB3889-4041-498B-A816-9E6852D48FA2}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%SystemRoot%\system32\svchost.exe|Svc=WcesComm|Name=@%systemroot%\WindowsMobile\wmdcBase.exe,-4016|Desc=@%systemroot%\WindowsMobile\wmdcBase.exe,-14016|EmbedCtxt=@%systemroot%\WindowsMobile\wmdcBase.exe,-4014|
"{8963C2E2-3443-4479-BE70-D44D90D12DF8}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%SystemRoot%\system32\svchost.exe|Svc=WcesComm|Name=@%systemroot%\WindowsMobile\wmdcBase.exe,-4016|Desc=@%systemroot%\WindowsMobile\wmdcBase.exe,-14016|EmbedCtxt=@%systemroot%\WindowsMobile\wmdcBase.exe,-4014|
"{CEDFBAE3-E246-4DE7-85C3-5292DF19B7FE}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LA4=127.0.0.1|App=%SystemRoot%\system32\svchost.exe|Svc=WcesComm|Name=@%systemroot%\WindowsMobile\wmdcBase.exe,-4002|Desc=@%systemroot%\WindowsMobile\wmdcBase.exe,-14002|EmbedCtxt=@%systemroot%\WindowsMobile\wmdcBase.exe,-4014|
"{63957374-44F4-4678-AB1B-76069FC51E43}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%SystemRoot%\system32\svchost.exe|Svc=RapiMgr|Name=@%systemroot%\WindowsMobile\wmdcBase.exe,-4016|Desc=@%systemroot%\WindowsMobile\wmdcBase.exe,-14016|EmbedCtxt=@%systemroot%\WindowsMobile\wmdcBase.exe,-4014|
"{B3DE1A7E-8B12-4AFE-8BE6-0BA59ED533C0}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%SystemRoot%\system32\svchost.exe|Svc=RapiMgr|Name=@%systemroot%\WindowsMobile\wmdcBase.exe,-4016|Desc=@%systemroot%\WindowsMobile\wmdcBase.exe,-14016|EmbedCtxt=@%systemroot%\WindowsMobile\wmdcBase.exe,-4014|
"{FF37E7B3-4B77-4C00-8E35-970D6158ADD1}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%SystemRoot%\system32\svchost.exe|Svc=WcesComm|Name=@%systemroot%\WindowsMobile\wmdcBase.exe,-4016|Desc=@%systemroot%\WindowsMobile\wmdcBase.exe,-14016|EmbedCtxt=@%systemroot%\WindowsMobile\wmdcBase.exe,-4014|
"{8949A978-59BF-4B4A-BBD7-9969CFC3E376}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%SystemRoot%\system32\svchost.exe|Svc=WcesComm|Name=@%systemroot%\WindowsMobile\wmdcBase.exe,-4016|Desc=@%systemroot%\WindowsMobile\wmdcBase.exe,-14016|EmbedCtxt=@%systemroot%\WindowsMobile\wmdcBase.exe,-4014|
"{176AB139-761E-4D7B-BE92-F229EA20645C}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LA4=127.0.0.1|App=%SystemRoot%\system32\svchost.exe|Svc=WcesComm|Name=@%systemroot%\WindowsMobile\wmdcBase.exe,-4002|Desc=@%systemroot%\WindowsMobile\wmdcBase.exe,-14002|EmbedCtxt=@%systemroot%\WindowsMobile\wmdcBase.exe,-4014|
"{5F015780-045D-4513-9D5A-D42F4B27C2BB}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%SystemRoot%\system32\svchost.exe|Svc=RapiMgr|Name=@%systemroot%\WindowsMobile\wmdcBase.exe,-4016|Desc=@%systemroot%\WindowsMobile\wmdcBase.exe,-14016|EmbedCtxt=@%systemroot%\WindowsMobile\wmdcBase.exe,-4014|
"{40B164C2-3E93-4632-83E6-264D8D11499B}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%SystemRoot%\system32\svchost.exe|Svc=RapiMgr|Name=@%systemroot%\WindowsMobile\wmdcBase.exe,-4016|Desc=@%systemroot%\WindowsMobile\wmdcBase.exe,-14016|EmbedCtxt=@%systemroot%\WindowsMobile\wmdcBase.exe,-4014|
"{CCCB5E6F-D36A-4C60-B848-AE1442BB1D86}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%SystemRoot%\system32\svchost.exe|Svc=WcesComm|Name=@%systemroot%\WindowsMobile\wmdcBase.exe,-4016|Desc=@%systemroot%\WindowsMobile\wmdcBase.exe,-14016|EmbedCtxt=@%systemroot%\WindowsMobile\wmdcBase.exe,-4014|
"{4E548C65-C11A-44BC-939D-473DFBD7B1F3}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%SystemRoot%\system32\svchost.exe|Svc=WcesComm|Name=@%systemroot%\WindowsMobile\wmdcBase.exe,-4016|Desc=@%systemroot%\WindowsMobile\wmdcBase.exe,-14016|EmbedCtxt=@%systemroot%\WindowsMobile\wmdcBase.exe,-4014|
"{05064E35-70D8-4301-825F-6FB5C7F54465}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LA4=127.0.0.1|App=%SystemRoot%\system32\svchost.exe|Svc=WcesComm|Name=@%systemroot%\WindowsMobile\wmdcBase.exe,-4002|Desc=@%systemroot%\WindowsMobile\wmdcBase.exe,-14002|EmbedCtxt=@%systemroot%\WindowsMobile\wmdcBase.exe,-4014|
"{D50DE5AB-B45B-469D-9A0F-574FB34A3734}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%SystemRoot%\system32\svchost.exe|Svc=RapiMgr|Name=@%systemroot%\WindowsMobile\wmdcBase.exe,-4016|Desc=@%systemroot%\WindowsMobile\wmdcBase.exe,-14016|EmbedCtxt=@%systemroot%\WindowsMobile\wmdcBase.exe,-4014|
"{653C4157-8158-4F1D-A52D-A56A99944E30}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%SystemRoot%\system32\svchost.exe|Svc=RapiMgr|Name=@%systemroot%\WindowsMobile\wmdcBase.exe,-4016|Desc=@%systemroot%\WindowsMobile\wmdcBase.exe,-14016|EmbedCtxt=@%systemroot%\WindowsMobile\wmdcBase.exe,-4014|
"{BE06E3A1-DA42-4DAD-8736-CA700703B1F5}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002|
"{D60F4E22-E627-4023-9F2F-F1F1C134FBE5}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe|Name=Ralink UPnP Media Server|
"{111051DF-633F-43B2-B985-8A2732A0B94D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe|Name=Ralink UPnP Media Server|
"{3B1F88F9-42C8-47D7-B4DD-02E9C53A5465}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Ralink\Common\RaUI.exe|Name=Ralink Utility|
"{FBF5E319-312A-4EFD-9EC9-11E5904E811D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Ralink\Common\RaUI.exe|Name=Ralink Utility|
"{8FCC74BF-0482-44B8-8096-2AB824DC0625}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Battle.net\Battle.net.exe|Name=Battle.net|
"{DC71F800-8DC8-40A6-9DA3-23B786EF16EF}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Battle.net\Battle.net.exe|Name=Battle.net|
"{176F2830-499E-4536-B131-B36D7AC2F763}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe|Name=Windows Live Communications Platform|Edge=TRUE|
"{FF79A85E-F08B-423F-B2C3-98E104307D3C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (UPnP)|
"{60C8CAF8-4EBE-4220-828B-E8FF53B2B062}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (SSDP)|
"{9C624632-FB91-46CB-9B1E-66B287F6D1A6}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe|Name=Windows Live Messenger|Edge=TRUE|
"TCP Query User{CDDFD238-E21D-4886-BDDB-BF23A3522342}C:\program files (x86)\google\chrome\application\chrome.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\google\chrome\application\chrome.exe|Name=Google Chrome|Desc=Google Chrome|Defer=User|
"UDP Query User{E6E67528-F7A7-4EE8-BDAF-8A1596570616}C:\program files (x86)\google\chrome\application\chrome.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\google\chrome\application\chrome.exe|Name=Google Chrome|Desc=Google Chrome|Defer=User|
"TCP Query User{541CD2C7-3AF5-4975-9C4D-0AB64DDBBD76}E:\outils\unity\editor\unity.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=E:\outils\unity\editor\unity.exe|Name=Unity Editor|Desc=Unity Editor|Defer=User|
"UDP Query User{030362FE-90B1-4ED0-B52A-D8AE55F38943}E:\outils\unity\editor\unity.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=E:\outils\unity\editor\unity.exe|Name=Unity Editor|Desc=Unity Editor|Defer=User|
"{F1562B69-A19F-413D-B3A7-62AB47870F0C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=3724|Name=HOT|
"{D9904343-F3E3-49EE-90A5-F540A727E67A}"=v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%SystemRoot%\system32\svchost.exe|Svc=RapiMgr|Name=@%systemroot%\WindowsMobile\wmdcBase.exe,-4016|Desc=@%systemroot%\WindowsMobile\wmdcBase.exe,-14016|EmbedCtxt=@%systemroot%\WindowsMobile\wmdcBase.exe,-4014|
"{C9845672-1BD0-4243-9F10-089A06AAF890}"=v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%SystemRoot%\system32\svchost.exe|Svc=RapiMgr|Name=@%systemroot%\WindowsMobile\wmdcBase.exe,-4016|Desc=@%systemroot%\WindowsMobile\wmdcBase.exe,-14016|EmbedCtxt=@%systemroot%\WindowsMobile\wmdcBase.exe,-4014|
"{68159F84-4BB1-4BA1-B7BB-648FEF6072E9}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LA4=127.0.0.1|App=%SystemRoot%\system32\svchost.exe|Svc=WcesComm|Name=@%systemroot%\WindowsMobile\wmdcBase.exe,-4002|Desc=@%systemroot%\WindowsMobile\wmdcBase.exe,-14002|EmbedCtxt=@%systemroot%\WindowsMobile\wmdcBase.exe,-4014|
"{21E0EA00-4116-4635-8E55-A374C1522782}"=v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%SystemRoot%\system32\svchost.exe|Svc=WcesComm|Name=@%systemroot%\WindowsMobile\wmdcBase.exe,-4016|Desc=@%systemroot%\WindowsMobile\wmdcBase.exe,-14016|EmbedCtxt=@%systemroot%\WindowsMobile\wmdcBase.exe,-4014|
"{0E3BD27D-0726-476C-A8BA-325D2BDF5F55}"=v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%SystemRoot%\system32\svchost.exe|Svc=WcesComm|Name=@%systemroot%\WindowsMobile\wmdcBase.exe,-4016|Desc=@%systemroot%\WindowsMobile\wmdcBase.exe,-14016|EmbedCtxt=@%systemroot%\WindowsMobile\wmdcBase.exe,-4014|
"{37DBC1A8-7626-485B-B53B-E0EF20AF0C4C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe|Name=Visual Studio 2015 Remote Debugger Discovery (devenv.exe)|Desc=Inbound rule to allow Visual Studio to discover remote debuggers running on the local network [UDP 3702]|Edge=TRUE|
"{EBA5E39E-DE44-49B5-B3C0-5D423EAE0139}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2015\UnityVS.OpenFile.exe|Name=UnityVS.OpenFile.exe|Edge=TRUE|
"{E805002F-CC77-4327-8B88-186911FDA889}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe|Name=devenv.exe|Edge=TRUE|
"{8A1D35ED-25BF-4EC3-9580-BE4DC7171800}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=E:\Outils\unity\Editor\Unity.exe|Name=Unity.exe|Edge=TRUE|
"{AA1D96D8-B0BE-43FD-93CA-D7A9EFDF640D}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-3543355656-3037117862-3061321469-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ|
"{A6DC8AB7-8E75-4817-B422-8EC273FF7836}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=ASUS Welcome|Desc=ASUS Welcome|LUOwn=S-1-5-21-3543355656-3037117862-3061321469-1000|AppPkgId=S-1-15-2-1791334737-3644637894-912171476-726613620-3748997741-2897954968-3492054033|EmbedCtxt=ASUS Welcome|Platform=2:6:2|Platform2=GTEQ|
"{BD9BBDCB-5254-4C5B-ADC4-868656CE662F}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=E:\jeux\ff14\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe|Name=FINAL FANTASY XIV - A Realm Reborn BOOT|
"{877C2EAE-4E90-4B97-8F13-C25635DD48D0}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=E:\jeux\ff14\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe|Name=FINAL FANTASY XIV - A Realm Reborn BOOT|
"{381090AD-0D2A-4AB5-9CD9-42380D7B7294}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=E:\jeux\ff14\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe|Name=FINAL FANTASY XIV - A Realm Reborn LAUNCHER|
"{0A4B1876-0ECC-42C3-A8B7-708B8FC7733A}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=E:\jeux\ff14\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe|Name=FINAL FANTASY XIV - A Realm Reborn LAUNCHER|
"TCP Query User{57C9FAAF-03D8-4799-919E-DCEC81D81DF1}F:\jeux\overwatch\overwatch.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=F:\jeux\overwatch\overwatch.exe|Name=Overwatch Application|Desc=Overwatch Application|Defer=User|
"UDP Query User{1BC06D31-667D-4C9F-9512-2E05363E2286}F:\jeux\overwatch\overwatch.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=F:\jeux\overwatch\overwatch.exe|Name=Overwatch Application|Desc=Overwatch Application|Defer=User|
"{24107587-D10E-4B69-876B-107EA6468207}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=E:\jeux\Tom Clancy's Ghost Recon Wildlands\GRW.exe|Name=Ghost Recon Wildlands|
"TCP Query User{325335E2-D8B0-42F3-B755-D038147E068F}C:\program files (x86)\battle.net\battle.net.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\battle.net\battle.net.exe|Name=Blizzard Battle.net App|Desc=Blizzard Battle.net App|Defer=User|
"UDP Query User{93E964EF-D5FD-48EB-B6A5-F444B8BE796C}C:\program files (x86)\battle.net\battle.net.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\battle.net\battle.net.exe|Name=Blizzard Battle.net App|Desc=Blizzard Battle.net App|Defer=User|
"{CCB76B17-2811-40E7-98C0-B95DD805FBF0}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ|
"{076A3863-2021-4EFD-930B-D766AE6801DE}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Shell Input Application|Desc=Shell Input Application|LUOwn=S-1-5-21-3543355656-3037117862-3061321469-1000|AppPkgId=S-1-15-2-3945102849-3632965805-3846928828-240845225-3300287824-62672950-817265009|EmbedCtxt=Shell Input Application|Platform=2:6:2|Platform2=GTEQ|
"{F82293ED-A19D-4C1A-A855-C210A168FD19}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Pay|Desc=Microsoft Pay|LUOwn=S-1-5-21-3543355656-3037117862-3061321469-1000|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Microsoft Pay|Platform=2:6:2|Platform2=GTEQ|
"{95F4A355-B7DC-4D26-817D-15F999BD8551}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Autodesk SketchBook|Desc=Autodesk SketchBook|LUOwn=S-1-5-21-3543355656-3037117862-3061321469-1000|AppPkgId=S-1-15-2-1047515161-358678321-1182485124-675918906-21415711-1529155774-789380781|EmbedCtxt=Autodesk SketchBook|Platform=2:6:2|Platform2=GTEQ|
"{4DF4CDE6-F64D-45E1-9F65-0E8C2F5DF7FC}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Autodesk SketchBook|Desc=Autodesk SketchBook|LUOwn=S-1-5-21-3543355656-3037117862-3061321469-1000|AppPkgId=S-1-15-2-1047515161-358678321-1182485124-675918906-21415711-1529155774-789380781|EmbedCtxt=Autodesk SketchBook|Platform=2:6:2|Platform2=GTEQ|
"{5DC6013F-10A3-496B-96CD-F10879F6DFF2}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome|
"{29A81CC9-AB79-4BB0-9BCE-1FA03B9FEDD4}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game Bar Plugin|Desc=Xbox Game Bar Plugin|LUOwn=S-1-5-21-3543355656-3037117862-3061321469-1000|AppPkgId=S-1-15-2-1823635404-1364722122-2170562666-1762391777-2399050872-3465541734-3732476201|EmbedCtxt=Xbox Game Bar Plugin|Platform=2:6:2|Platform2=GTEQ|





---------- | Control\Class

[HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{091BC97E-2352-4362-A539-10A6D8FF7596}] : (RDPDR) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{2CCDF946-BC55-4FB2-B10C-199A5F362541}] : (LGSHidFilt) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3f966bd9-fa04-4ec5-991c-d326973b5128}] : (AndroidUsbDeviceClass) [] -> @oem5.inf,%ClassName%;Android Devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @c_media.inf,%ClassDesc%;Sound, video and game controllers
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs)
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d3963a7-0f27-4d42-a63b-671f74fbddc9}] : (WacomMultitouch) [] -> @oem66.inf,%WacMT.ClassName%;Wacom Multitouch
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{b2728d24-ac56-42db-9e02-8edaf5db652f}] : (RDCamera) [] -> @rdcameradriver.inf,%ClassName%;Remote Desktop Camera devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{b91b7968-6435-4966-8928-79bf082e3e30}] : (Logitech LCDs) [] -> @oem60.inf,%LGLCD%;Logitech LCDs
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{CC41EBA2-AB57-4F4E-8C3D-1BC33B1E74E3}] : (RDPDR) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e24e7a3c-87cd-4ac9-b426-eec8521b7710}] : (LGWinUSB) [] -> @oem1.inf,%DEVICEMANAGERCATEGORY%;Logitech USB Gaming Devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e6f1aa1c-7f3b-4473-b2e8-c97d8ac71d53}] : (UCM) [] -> @c_ucm.inf,%ClassDesc%;USB Connector Managers
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f72fe0d4-cbcb-407d-8814-9ed673d0dd6b}] : (USB) [] -> @oem65.inf,%ClassName%;ADB Interface
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.)

---------- | Loaded modules (whitelist)

[12/07/2019 07:39:20] - (6.0.10.32072) - (Oracle Corporation - VirtualBox NDIS 6.0 Lightweight Filter Driver) - C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys
[23/08/2019 08:11:54] - (6.0.10.32072) - (Oracle Corporation - VirtualBox USB Monitor Driver) - C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
[23/08/2019 08:11:54] - (6.0.10.32072) - (Oracle Corporation - VirtualBox Support Driver) - C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
[07/06/2017 17:31:56] - (0.0.0.0) - ( -) - C:\WINDOWS\SysWow64\drivers\AsIO.sys
[12/07/2019 07:39:20] - (6.0.10.32072) - (Oracle Corporation - VirtualBox NDIS 6.0 Host-Only Network Adapter Driver) - C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys
[07/09/2019 22:34:20] - (26.21.14.3615) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 436.15) - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ff72214788d99390\nvlddmkm.sys
[22/08/2019 23:13:57] - (4.13.0.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\WINDOWS\system32\drivers\nvvad64v.sys
[28/08/2019 18:50:15] - (303.0.0.0) - (NVIDIA Corporation - Virtual USB Host Controller driver) - C:\WINDOWS\System32\drivers\nvvhci.sys
[09/09/2015 22:01:41] - (1.0.3.0) - (Ralink Technology, Corp. - Wi-Fi Display Virtual Audio Driver) - C:\WINDOWS\system32\drivers\mtkvadx.sys
[22/08/2019 23:03:38] - (1.3.38.21) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\WINDOWS\system32\drivers\nvhda64v.sys
[19/03/2019 06:43:34] - (5.1.22.0) - (MediaTek Inc. - MediaTek 802.11n Wireless Adapter Driver) - C:\WINDOWS\System32\drivers\netr28ux.sys
[13/08/2015 17:36:50] - (1.0.38.0) - (Razer Inc - Razer Rzudd Engine) - C:\WINDOWS\System32\drivers\rzudd.sys

---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service

S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - aswArDisk (aswArDisk) -> system32\drivers\aswArDisk.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - aswbidsh (aswbidsh) -> system32\drivers\aswbidsh.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - aswbuniv (aswbuniv) -> system32\drivers\aswbuniv.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - aswElam (aswElam) -> system32\drivers\aswElam.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - aswRvrt (aswRvrt) -> system32\drivers\aswRvrt.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - aswVmm (aswVmm) -> system32\drivers\aswVmm.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - bttflt (@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter) -> System32\drivers\bttflt.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - cht4iscsi () -> System32\drivers\cht4sx64.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False
R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - iaStorAVC (@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller) -> System32\drivers\iaStorAVC.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-101) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - ItSas35i () -> System32\drivers\ItSas35i.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - megasas35i () -> System32\drivers\megasas35i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - MsSecFlt (@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001) -> system32\drivers\mssecflt.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;Pilote de bus PCI) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> system32\DRIVERS\ramdisk.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - SgrmAgent (@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001) -> system32\drivers\SgrmAgent.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - SmartSAMD () -> System32\drivers\SmartSAMD.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - afunix (afunix) -> \SystemRoot\system32\drivers\afunix.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - aswArPot (aswArPot) -> system32\drivers\aswArPot.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - aswbidsdriver (aswbidsdriver) -> system32\drivers\aswbidsdriver.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - aswHdsKe (aswHdsKe) -> system32\drivers\aswHdsKe.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - aswKbd (aswKbd) -> system32\drivers\aswKbd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - aswRdr (aswRdr) -> system32\drivers\aswRdr2.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - aswSnx (aswSnx) -> system32\drivers\aswSnx.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - aswSP (aswSP) -> system32\drivers\aswSP.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - bam (@%SystemRoot%\system32\drivers\bam.sys,-100) -> system32\drivers\bam.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_25ab9510fd18cfda\BasicDisplay.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_9ff437f462543a42\BasicRender.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - CSC (@%systemroot%\system32\cscsvc.dll,-202) -> system32\drivers\csc.sys - AcceptPause: False - AcceptStop: True
S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False
R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - VBoxDrv (VirtualBox Service) -> \SystemRoot\system32\DRIVERS\VBoxDrv.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - VBoxNetLwf (@oem76.inf,%VBoxNetLwfService_Desc%;VirtualBox NDIS6 Bridged Networking Service) -> \SystemRoot\system32\DRIVERS\VBoxNetLwf.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - VBoxUSBMon (VirtualBox USB Monitor Service) -> \SystemRoot\system32\DRIVERS\VBoxUSBMon.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - aswMonFlt (aswMonFlt) -> system32\drivers\aswMonFlt.sys - AcceptPause: False - AcceptStop: True
S2 - [Kernel Driver] - aswStm (aswStm) -> system32\drivers\aswStm.sys - AcceptPause: False - AcceptStop: False
R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> system32\drivers\cldflt.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - LGCoreTemp (Logitech CPU Core Tempurature) -> \??\C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - MQAC (@mqutil.dll,-6101) -> system32\drivers\mqac.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True

---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted)


---------- | Uninstall (Whitelist)

[HKU\S-1-5-21-3543355656-3037117862-3061321469-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\UnityWebPlayer] : (Unity Web Player.-.Unity Technologies ApS) -> C:\Users\Mugetsu\AppData\Local\Unity\WebPlayer\Uninstall.exe /CurrentUser
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DAEMON Tools Lite] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\GIMP-2_is1] : (GIMP 2.8.14.-.The GIMP Team) -> "C:\Program Files\GIMP 2\uninst\unins000.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Git_is1] : (Git version 2.21.0.-.The Git Development Community) -> "E:\Outils\Git\unins001.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Krita_x64] : (Krita (x64) 3.0.-.Krita Foundation) -> "E:\Outils\Krita (x64)\uninstall.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\R for Windows 3.4.3_is1] : (R for Windows 3.4.3.-.R Core Team) -> "C:\Program Files\R\R-3.4.3\unins000.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1944B5D6-0FFB-47C0-BFEC-5C7A2F013FA7}] : (Python 3.6.0 Core Interpreter (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{1944B5D6-0FFB-47C0-BFEC-5C7A2F013FA7}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F64180211F0}] : (Java 8 Update 211 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180211F0}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2EEE46F2-7258-4B4A-9EA9-84CE1D2AC45F}] : (ArtRage Lite.-.Ambient Design) -> MsiExec.exe /X{2EEE46F2-7258-4B4A-9EA9-84CE1D2AC45F}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4A928E09-6798-46AB-A4F7-1B52CD164B3B}] : (Python 3.6.0 Executables (64-bit symbols).-.Python Software Foundation) -> MsiExec.exe /I{4A928E09-6798-46AB-A4F7-1B52CD164B3B}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5D83032F-36B5-42E4-A114-D310119C6F51}] : (Python 3.6.0 Documentation (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{5D83032F-36B5-42E4-A114-D310119C6F51}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{609C0401-C840-43DD-95F4-06A53BC3E352}] : (Oracle VM VirtualBox 6.0.10.-.Oracle Corporation) -> MsiExec.exe /I{609C0401-C840-43DD-95F4-06A53BC3E352}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{631C7E77-5832-40D1-9D6D-7B3766D79BDF}] : (Python 3.6.0 Test Suite (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{631C7E77-5832-40D1-9D6D-7B3766D79BDF}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{64A3A4F4-B792-11D6-A78A-00B0D0180144}] : (Java SE Development Kit 8 Update 144 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{64A3A4F4-B792-11D6-A78A-00B0D0180144}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{66C5838F-B854-4A55-89E6-A6138747A4DF}] : (Epic Games Launcher Prerequisites (x64).-.Epic Games, Inc.) -> MsiExec.exe /X{66C5838F-B854-4A55-89E6-A6138747A4DF}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7B50D081-E670-3B43-A460-0E2CDB5CE984}] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90676013-5216-48EE-AC8D-07AC0C16DA50}] : (Python 3.6.0 Standard Library (64-bit symbols).-.Python Software Foundation) -> MsiExec.exe /I{90676013-5216-48EE-AC8D-07AC0C16DA50}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{96C2F083-44B8-4388-B2A5-F48B75A25188}] : (Python 3.6.0 Tcl/Tk Support (64-bit symbols).-.Python Software Foundation) -> MsiExec.exe /I{96C2F083-44B8-4388-B2A5-F48B75A25188}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A1C31BA5-5438-3A07-9EEE-A5FB2D0FDE36}] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A6A3184B-748E-46F4-9E28-6B5889506170}] : (Python 3.6.0 Development Libraries (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{A6A3184B-748E-46F4-9E28-6B5889506170}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B0B194F8-E0CE-33FE-AA11-636428A4B73D}] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel] : (NVIDIA Ansel.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 436.15.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus] : (NVIDIA Optimus Update 38.0.1.0.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (Mises à jour NVIDIA 38.0.1.0.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (NVIDIA SHIELD Streaming.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvAbHub] : (NVIDIA ABHub.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend] : (NVIDIA Backend.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer] : (NVIDIA Container.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHelper] : (NVIDIA TelemetryApi helper for NvContainer.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem] : (NVIDIA LocalSystem Container.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus] : (NVIDIA Message Bus for NvContainer.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService] : (NVIDIA NetworkService Container.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor] : (NVAPI Monitor plugin for NvContainer.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session] : (NVIDIA Session Container.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User] : (NVIDIA User Container.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer] : (NVIDIA Display Container.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS] : (NVIDIA Display Container LS.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog] : (NVIDIA Display Watchdog Plugin.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer] : (NVIDIA Display Session Container.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs] : (NVIDIA NodeJS.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog] : (NVIDIA Watchdog Plugin for NvContainer.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry] : (NVIDIA Telemetry Client.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci] : (NVIDIA Virtual Host Controller.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC] : (Nvidia Share.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 3.20.0.118.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (NVIDIA SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 4.13.0.0.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C0016766-8F63-4992-9E6F-ECFB2CB12BA6}] : (Python 3.6.0 Executables (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{C0016766-8F63-4992-9E6F-ECFB2CB12BA6}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CFF9C3A7-86C3-410B-9DD1-F1617767D2D6}] : (Python 3.6.0 Test Suite (64-bit symbols).-.Python Software Foundation) -> MsiExec.exe /I{CFF9C3A7-86C3-410B-9DD1-F1617767D2D6}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DFAA81ED-540F-47B5-9113-814CC427CFD8}] : (Python 3.6.0 Core Interpreter (64-bit symbols).-.Python Software Foundation) -> MsiExec.exe /I{DFAA81ED-540F-47B5-9113-814CC427CFD8}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DFFEB619-5455-3697-B145-243D936DB95B}] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E24AA157-AD52-42ED-B484-CA5979D4A728}] : (Python 3.6.0 Tcl/Tk Support (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{E24AA157-AD52-42ED-B484-CA5979D4A728}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F3CB2257-C4C7-4C84-AF63-BADCED1E3273}] : (Python 3.6.0 Standard Library (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{F3CB2257-C4C7-4C84-AF63-BADCED1E3273}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F9C1C892-4908-41F4-900C-7B0DAAF2387B}] : (Python 3.6.0 pip Bootstrap (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{F9C1C892-4908-41F4-900C-7B0DAAF2387B}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{FE905DA4-0F23-4F99-9284-50BB4913CEB4}] : (Python 3.6.0 Utility Scripts (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{FE905DA4-0F23-4F99-9284-50BB4913CEB4}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}] : (64 Bit HP CIO Components Installer.-.Hewlett-Packard) -> MsiExec.exe /I{FF21C3E6-97FD-474F-9518-8DCBE94C2854}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\GameMakerPlayer] : (GameMaker: Player.-.YoYo Games Ltd.) -> "H:\GMS1.4\GameMakerPlayer\uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\League of Legends 3.0.1] : (League of Legends.-.Riot Games) -> msiexec.exe /x {3E75652D-99B1-417E-B163-BEF33CAD3F16}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\OBS Multiplatform] : (OBS Multiplatform.-.OBS Project) -> E:\Outils\BSO\obs-studio\uninstall.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\OBS Studio] : (OBS Studio.-.OBS Project) -> E:\Outils\BSO\obs-studio\uninstall.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\RStudio] : (RStudio.-.RStudio) -> C:\Program Files\RStudio\Uninstall.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Scrivener 1900] : (Scrivener Update.-.Literature and Latte) -> E:\scrivener\uninstall.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Sorian AI Mod_is1] : (Sorian AI Mod 2.1.2.-.) -> "C:\Program Files (x86)\Sorian AI Mod\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SourceTree 1.8.3] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\TeamSpeak 3 Client] : (TeamSpeak 3 Client.-.TeamSpeak Systems GmbH) -> "E:\Outils\TS\uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\UNetbootin] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Unity] : (Unity.-.Unity Technologies ApS) -> E:\Outils\unity\Editor\Uninstall.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{06A1D88C-E102-4527-AF70-29FFD7AF215A}] : (Scan.-.Hewlett-Packard) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{08610298-29AE-445B-B37D-EFBE05802967}] : (LWS Pictures And Video.-.Logitech) -> MsiExec.exe /I{08610298-29AE-445B-B37D-EFBE05802967}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}] : (Razer Synapse.-.Razer Inc.) -> MsiExec.exe /I{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1045AB6F-6151-3634-8C2C-EE308AA1A6A7}] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}] : (DeviceDiscovery.-.Hewlett-Packard) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}] : (HPProductAssistant.-.Hewlett-Packard) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{15634701-BACE-4449-8B25-1567DA8C9FD3}] : (CameraHelperMsi.-.Logitech) -> MsiExec.exe /I{15634701-BACE-4449-8B25-1567DA8C9FD3}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1651216E-E7AD-4250-92A1-FB8ED61391C9}] : (LWS Help_main.-.Logitech) -> MsiExec.exe /I{1651216E-E7AD-4250-92A1-FB8ED61391C9}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{174A3B31-4C43-43DD-866F-73C9DB887B48}] : (LWS Twitter.-.Logitech) -> MsiExec.exe /I{174A3B31-4C43-43DD-866F-73C9DB887B48}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}] : (LWS YouTube Plugin.-.Logitech) -> MsiExec.exe /I{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1] : (Geeks3D FurMark 1.20.8.0.-.Geeks3D) -> "E:\Outils\FurMark\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F32180211F0}] : (Java 8 Update 211.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F32180211F0}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218045F0}] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{292F0F52-B62D-4E71-921B-89A682402201}] : (Toolbox.-.Hewlett-Packard) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2D1ED4EA-B59D-4665-ACB3-9325872A300D}] : (Minecraft.-.Mojang) -> MsiExec.exe /X{2D1ED4EA-B59D-4665-ACB3-9325872A300D}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3E75652D-99B1-417E-B163-BEF33CAD3F16}] : (League of Legends.-.Riot Games) -> MsiExec.exe /X{3E75652D-99B1-417E-B163-BEF33CAD3F16}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}] : (erLT.-.Logitech, Inc.) -> MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}] : (PreEmptive Analytics Visual Studio Components.-.PreEmptive Solutions) -> MsiExec.exe /X{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4C5B1DD0-7E8E-4972-9247-818E6D030552}] : (Dotfuscator and Analytics Community Edition 5.19.0.-.PreEmptive Solutions) -> MsiExec.exe /X{4C5B1DD0-7E8E-4972-9247-818E6D030552}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{51C7AD07-C3F6-4635-8E8A-231306D810FE}] : (Cisco LEAP Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}] : (Status.-.Hewlett-Packard) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google LLC) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}] : (Cisco EAP-FAST Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65AD78AD-D23D-3A1E-9305-3AE65CD522C2}] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{68C4D70D-7A9E-4C90-B7CC-4CB26902F5BD}] : (SourceTree.-.Atlassian) -> MsiExec.exe /I{68C4D70D-7A9E-4C90-B7CC-4CB26902F5BD}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}] : (LWS Gallery.-.Logitech) -> MsiExec.exe /I{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{71E66D3F-A009-44AB-8784-75E2819BA4BA}] : (LWS Motion Detection.-.Logitech) -> MsiExec.exe /I{71E66D3F-A009-44AB-8784-75E2819BA4BA}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}] : (LWS Launcher.-.Logitech) -> MsiExec.exe /I{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{883FC57C-589F-4E6E-ABF8-872BF4372B4C}] : (Mumble 1.3.0.-.The Mumble Developers) -> MsiExec.exe /I{883FC57C-589F-4E6E-ABF8-872BF4372B4C}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8937D274-C281-42E4-8CDB-A0B2DF979189}] : (LWS Webcam Software.-.Logitech) -> MsiExec.exe /I{8937D274-C281-42E4-8CDB-A0B2DF979189}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8EE94FD8-5F52-4463-A340-185D16328158}] : (WebReg.-.Hewlett-Packard) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{904D135E-2B44-4B46-A4B4-78A5FCE8F27C}] : (Epic Games Launcher.-.Epic Games, Inc.) -> MsiExec.exe /X{904D135E-2B44-4B46-A4B4-78A5FCE8F27C}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}] : (HP Update.-.Hewlett-Packard) -> MsiExec.exe /X{912D30CF-F39E-4B31-AD9A-123C6B794EE2}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{93FD7F50-FC1A-4A51-98B5-A6FCC23A53E0}] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9B362566-EC1B-4700-BB9C-EC661BDE2175}] : (DocProc.-.Hewlett-Packard) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}] : (Copy.-.Hewlett-Packard) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9DAEA76B-E50F-4272-A595-0124E826553D}] : (LWS WLM Plugin.-.Logitech) -> MsiExec.exe /I{9DAEA76B-E50F-4272-A595-0124E826553D}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A3D8EE40-B8CA-43CC-8605-D03855F0A3A4}] : (C4400.-.Hewlett-Packard) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A674B2CB-13CA-437B-A215-9DD257959A49}] : (Python Launcher.-.Python Software Foundation) -> MsiExec.exe /X{A674B2CB-13CA-437B-A215-9DD257959A49}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}] : (HPSSupply.-.Hewlett-Packard) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B5FC62F5-A367-37A5-9FD2-A6E137C0096F}] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BB3447F6-9553-4AA9-960E-0DB5310C5779}] : (GPBaseService2.-.Hewlett-Packard) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}] : (Gtk# for .Net 2.12.26.-.Xamarin, Inc.) -> MsiExec.exe /X{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}] : (SolutionCenter.-.Hewlett-Packard) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}] : (Destinations.-.Hewlett-Packard) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BD9CFD69-EB91-354E-9C98-D439E6091932}] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CAE4213F-F797-439D-BD9E-79B71D115BE3}] : (HPPhotoGadget.-.Hewlett-Packard) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}] : (TrayApp.-.Hewlett-Packard) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D360FA88-17C8-4F14-B67F-13AAF9607B12}] : (MarketResearch.-.Hewlett-Packard) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DCB1B348-C94E-4D6D-8CE0-7D9DA5CF663E}] : (OpenOffice 4.1.2.-.Apache Software Foundation) -> MsiExec.exe /I{DCB1B348-C94E-4D6D-8CE0-7D9DA5CF663E}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}] : (Cisco PEAP Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EDF59314-4743-4B6C-9F40-3670CCDF961E}] : (PS_AIO_03_C4400_Software_Min.-.Hewlett-Packard) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EFA2C463-E5F6-4CDA-BF8A-15C9502D4CDA}] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}] : (BufferChm.-.Hewlett-Packard) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}] : (LWS Facebook.-.Logitech) -> MsiExec.exe /I{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{org.igoweb.cgoban}}_is1] : (cgoban.-.KGS Online) -> "C:\Program Files (x86)\cgoban\unins000.exe"

---------- | Ports 


---------- | Installer

[HKCR\Installer\Products\01FC693DB2F5D7145917B066B99944E0] : vs_SQLClickOnceBootstrappermsi
[HKCR\Installer\Products\03069DC511ADF1D3C9B1141E350400EC] : Visual C++ MSBuild Base Package
[HKCR\Installer\Products\04EE8D3AAC8BCC3468500D83550F3A4A] : C4400
[HKCR\Installer\Products\064BA1D45ABE2163CBCE0FDB51017A51] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\06BD92401FECF81079D3BEE7DC86DB27] : Windows Team Extension SDK
[HKCR\Installer\Products\07390D6E1B4D12430A6F54FD9699BEDE] : Visual C++ IDE Base Resource Package
[HKCR\Installer\Products\077E03F5FD27C7C77926519C8FC8DAFD] : Windows SDK Modern Versioned Developer Tools
[HKCR\Installer\Products\08735E734493A6A448F22717828E16E6] : Blend for Visual Studio SDK for .NET 4.5 -> C:\Windows\Installer\{37E53780-3944-4A6A-842F-727128E8616E}\Application
[HKCR\Installer\Products\0B195D5104B775946B0CBE47255BAA6B] : vs_filehandler_amd64
[HKCR\Installer\Products\0C03603C69E56994995BFEE998DAE7AE] : vs_communitymsires
[HKCR\Installer\Products\0DD1B5C4E8E72794297418E8D6305025] : Dotfuscator and Analytics Community Edition 5.19.0 -> C:\Windows\Installer\{4C5B1DD0-7E8E-4972-9247-818E6D030552}\DfIcon.ico
[HKCR\Installer\Products\1026B0516E9EBFD469E0CCDB35BFDDDE] : HPProductAssistant
[HKCR\Installer\Products\102CCEC8AC03EF0E2A4EDE967D78CC4A] : Windows Team Extension SDK Contracts
[HKCR\Installer\Products\1040C906048CDD34594F605AB33C3E25] : Oracle VM VirtualBox 6.0.10 -> C:\WINDOWS\Installer\{609C0401-C840-43DD-95F4-06A53BC3E352}\IconVirtualBox
[HKCR\Installer\Products\10743651ECAB9444B8525176ADC8F93D] : CameraHelperMsi
[HKCR\Installer\Products\13B3A47134C4DD3468F6379CBD88B784] : LWS Twitter
[HKCR\Installer\Products\1616DA6174E21FB4AA779064FE9EE380] : Update for Windows 10 for x64-based Systems (KB4023057)
[HKCR\Installer\Products\165CAEF36FC16D140B3FEBDC9D8CA8B1] : Azure AD Authentication Connected Service
[HKCR\Installer\Products\1694F97F8D0D39828BD1A7063F00DEF6] : Windows SDK Signing Tools
[HKCR\Installer\Products\1A0787F56850E3139AFF2394CD9E6FA3] : VS Update core components
[HKCR\Installer\Products\1A5735E3C4E03E4326491C8CDB8A324E] : WinRT Intellisense IoT - en-us
[HKCR\Installer\Products\1A6454B1FF299793E8E8BD887B9F52CB] : Windows Phone SDK 8.0 Assemblies for Visual Studio 2015
[HKCR\Installer\Products\1D261DA037945134799ED59E9AB20494] : icecap_collection_x64
[HKCR\Installer\Products\1FACC1DCD9ECE6133816D115E43B094C] : Visual C++ Compiler/Tools X86 Base Resource Package
[HKCR\Installer\Products\23F360789C9D44D3AA533766BCA2DC18] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\249387150BFD254479CCDB2F4DBAA384] : IntelliTraceProfilerProxy
[HKCR\Installer\Products\25ED50C077C2AF6D5A165D80FCF59CE6] : Kits Configuration Installer
[HKCR\Installer\Products\25F0F292D26B17E429B1986A28042210] : Toolbox
[HKCR\Installer\Products\25F54DDAA03654F488978ABD08FD29B1] : Universal CRT Extension SDK
[HKCR\Installer\Products\263AC5E16B930DB49B0C96FC510FEF2A] : AzureTools.Notifications
[HKCR\Installer\Products\27ADACE5FC83CE54E813624DCCDEE296] : Windows Simulator
[HKCR\Installer\Products\286FF0AF07CC75C439DC2E673F7E35E7] : BufferChm
[HKCR\Installer\Products\298C1C9F80944F1409C0B7D0AA2F83B7] : Python 3.6.0 pip Bootstrap (64-bit)
[HKCR\Installer\Products\29AC4B0F24696EB448947A68DAF46A82] : TypeScript Power Tool -> C:\WINDOWS\Installer\{F0B4CA92-9642-4BE6-8449-A786AD4FA628}\TypeScriptIcon.ico
[HKCR\Installer\Products\29AC8C60B8854413A8078CC00F062E0B] : Visual C++ MSBuild X64 Package
[HKCR\Installer\Products\29B87F2EED400535410CC782B18FD7E9] : WinRT Intellisense IoT - Other Languages
[HKCR\Installer\Products\2C06AA4BEA6B9334B8F465CAB404E200] : vcpp_crt.redist.clickonce
[HKCR\Installer\Products\2EEB87D0FF8F8944FAA1F38FC1DEA86C] : Razer Synapse -> C:\WINDOWS\Installer\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\2F0E5FEA1D13A4549A295C320C00B7D4] : vs_clickoncebootstrappermsires
[HKCR\Installer\Products\2F181B388B0200F4E8176CE659A1D8F4] : Visual Studio 2015 Prerequisites - ENU Language Pack
[HKCR\Installer\Products\2F64EEE28527A4B4E99A48ECD1A24CF5] : ArtRage Lite -> C:\Windows\Installer\{2EEE46F2-7258-4B4A-9EA9-84CE1D2AC45F}\ArtRageLite.exe
[HKCR\Installer\Products\310676096125EE84CAD870CAC061AD05] : Python 3.6.0 Standard Library (64-bit symbols)
[HKCR\Installer\Products\33F0D309FC3D6D8469D74800049824A8] : Application Insights Tools for Visual Studio 2015
[HKCR\Installer\Products\348CE56C4F12559338DFB8AA2C8F14AE] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\380F2C698B4488342B5A4FB8572A1588] : Python 3.6.0 Tcl/Tk Support (64-bit symbols)
[HKCR\Installer\Products\3A075C5932E9005478B8E4FDE3F21AC1] : Windows Mobile Extension SDK 10.0.15063.0 - ARM
[HKCR\Installer\Products\4003DA6594B0F7696F280B65056BA187] : Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
[HKCR\Installer\Products\41395FDE3474C6B4F9046307CCFD69E1] : PS_AIO_03_C4400_Software_Min
[HKCR\Installer\Products\424AAFE8264EDF37759BEFAB43E68ECE] : Windows SDK for Windows Store Apps
[HKCR\Installer\Products\436520B5B5D7D8B4EBA297341CFCD2D5] : Status
[HKCR\Installer\Products\442692CD1070EDE46969509B1C0D713B] : vs_filehandler_x86
[HKCR\Installer\Products\472D7398182C4E24C8BD0A2BFD791998] : LWS Webcam Software
[HKCR\Installer\Products\4920FD12D9B61474BAF62BBABF2D83E7] : LWS YouTube Plugin
[HKCR\Installer\Products\49E2EBFB68900A70A268685A20ED57EF] : Windows Desktop Extension SDK Contracts
[HKCR\Installer\Products\4AD509EF32F099F4294805BB9431EC4B] : Python 3.6.0 Utility Scripts (64-bit)
[HKCR\Installer\Products\4BFCCD03F860C5C4CB01E5DCACEE554D] : Windows SDK AddOn
[HKCR\Installer\Products\4CA8F2C6EE9E088339F345B40894C17C] : Visual C++ IDE x64 Package
[HKCR\Installer\Products\4D179025E65B57C3AADD631BD906DCE6] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\4DC0D75327B856D8075118FD2BFB1905] : WinRT Intellisense Desktop - Other Languages
[HKCR\Installer\Products\4E1D3FBEE2B8AB43DB8A6788C3EFAFC6] : Visual C++ Compiler/Tools X86 Base Package
[HKCR\Installer\Products\4EA42A62D9304AC4784BF2238120110F] : Java 8 Update 211 -> C:\Program Files (x86)\Java\jre1.8.0_211\\bin\javaws.exe
[HKCR\Installer\Products\4EA42A62D9304AC4784BF2468120110F] : Java 8 Update 211 (64-bit) -> C:\Program Files\Java\jre1.8.0_211\\bin\javaws.exe
[HKCR\Installer\Products\4F4A3A46297B6D117AA8000B0D811044] : Java SE Development Kit 8 Update 144 (64-bit) -> E:\Outils\JDK\\bin\javaws.exe
[HKCR\Installer\Products\5008EECDB6CCAEE3ABE01088858FB619] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\52744B0D6663D294EB6F85A741DBB99D] : MSVCRT_amd64
[HKCR\Installer\Products\561EEBF7356AA2B49AA3643497E4228A] : TypeScript Power Tool -> C:\Windows\Installer\{7FBEE165-A653-4B2A-A93A-4643794E22A8}\TypeScriptIcon.ico
[HKCR\Installer\Products\574D600071F81A94A98EB14F48ABC350] : windows_toolscorepkg
[HKCR\Installer\Products\588A53CAF8F075847BADE6D8BF346E3B] : HPSSupply
[HKCR\Installer\Products\58C0321131813CB4C9420E7BB49556E3] : vs_FileTracker_Singleton
[HKCR\Installer\Products\591761FF4EE90C64C87DBF3A54E788BA] : LWS Facebook
[HKCR\Installer\Products\596A980D0F942B3DE0FBB2CB330AC56D] : WinRT Intellisense UAP - Other Languages
[HKCR\Installer\Products\5C36D919C5653C1F769D53F39E20FE11] : Universal CRT Headers Libraries and Sources
[HKCR\Installer\Products\5C9950AF380CEB14A8AE8EBE09071D82] : MSBuild/NuGet Integration 14.0 (x86)
[HKCR\Installer\Products\5D6775DE4B957B64FA18F5D2497D6C04] : Cisco PEAP Module
[HKCR\Installer\Products\64435A4C0B312653D8680DE563172006] : Visual C++ IDE Professional Core Package
[HKCR\Installer\Products\6562FC2DDA78DD4348B8996501FC3226] : Visual C++ IDE Debugger Resource Package
[HKCR\Installer\Products\6565E1852E6220A47911848C4E993801] : vs_devenvmsi
[HKCR\Installer\Products\65EC0961132295E409600A78D649E98A] :  Tools for .Net 3.5
[HKCR\Installer\Products\665263B9B1CE0074BBC9CE66B1ED1257] : DocProc
[HKCR\Installer\Products\6676100C36F82994E9F6CEBFC21BB26A] : Python 3.6.0 Executables (64-bit)
[HKCR\Installer\Products\6828BC1A3BFC589A7D9927A1F0A2723F] : Windows Software Development Kit DirectX x86 Remote
[HKCR\Installer\Products\69A46712847638B4987EA70536FB51C6] : Movie Maker
[HKCR\Installer\Products\6BB3865F940EC9A72655A11A36D9C864] : Windows SDK EULA
[HKCR\Installer\Products\6BCF2D695D10EDF2AAF6107684E5BBF0] : Windows App Certification Kit Native Components
[HKCR\Installer\Products\6BFF8E1912BF93046A8CAE79C383BF86] : vs_minshellmsires
[HKCR\Installer\Products\6D16134BD615CB13F86AC3C1BCC473C3] : Visual C++ Library CRT Appx Resource Package
[HKCR\Installer\Products\6D5B4491BFF00C74FBCEC5A7F210F37A] : Python 3.6.0 Core Interpreter (64-bit)
[HKCR\Installer\Products\6E3C12FFDF79F4745981D8BC9EC48245] : 64 Bit HP CIO Components Installer
[HKCR\Installer\Products\6F7443BB35599AA469E0D05B13C07597] : GPBaseService2
[HKCR\Installer\Products\6FC9A23AAA7E8B843A3D051C756EF935] : vs_tipsmsi
[HKCR\Installer\Products\70DA7C156F3C5364E8A83231608D01EF] : Cisco LEAP Module
[HKCR\Installer\Products\733F774961DFACA428712E7D0A9F6230] : vs_minshellinteropmsi
[HKCR\Installer\Products\751AA42E25DADE244B48AC95974D7A82] : Python 3.6.0 Tcl/Tk Support (64-bit)
[HKCR\Installer\Products\7522BC3F7C4C48C4FA36ABCDDEE12337] : Python 3.6.0 Standard Library (64-bit)
[HKCR\Installer\Products\75A3F5027C796AC972175A94FB6ED105] : Windows App Certification Kit SupportedApiList x86
[HKCR\Installer\Products\75AC0ECCB518E8B3C8B42F037D3E67C9] : Visual C++ IDE Core Package
[HKCR\Installer\Products\77E7C13623851D04D9D6B773667DB9FD] : Python 3.6.0 Test Suite (64-bit)
[HKCR\Installer\Products\7810FB462D3FB89499AE61A39FEAE69C] : Cisco EAP-FAST Module
[HKCR\Installer\Products\793BAF8F56D11BE35AC69FD625B4C020] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\7A3C9FFC3C68B014D91D1F1677762D6D] : Python 3.6.0 Test Suite (64-bit symbols)
[HKCR\Installer\Products\7BD4C90EC03660F46A13E87A329932FA] : D3DX10
[HKCR\Installer\Products\7D165A0992C0D464491EA2E7C1552303] : DiagnosticsHub_CollectionService
[HKCR\Installer\Products\7E5891C65C1E59A368FEC22664F5513C] : Roslyn Language Services - x86
[HKCR\Installer\Products\7F6FE1E907DE8DB41AEA385CED0FAD19] : VS WCF Debugging
[HKCR\Installer\Products\7F9ED8C2434C065459A4368A5032B74C] : Windows Mobile Extension SDK 10.0.15063.0 - x86
[HKCR\Installer\Products\807E9EB00CD53694C9DFA05A9190E097] : Junk Mail filter update
[HKCR\Installer\Products\8090A798735CD1857575727AE9AC2BB6] : Windows SDK Facade Windows WinMD Versioned
[HKCR\Installer\Products\830F0818044CA343EBEE382DBE6486CB] : Visual C++ IDE Common Package
[HKCR\Installer\Products\83880DAF7393C6F07878DFDFBF6F5320] : WinRT Intellisense UAP - en-us
[HKCR\Installer\Products\841AF09E23D5A283A85E45B3653C2412] : Visual C++ Library PGO X86 Package
[HKCR\Installer\Products\841E9B99383CE32318F95D956E3C7247] : Visual C++ Library CRT Appx Package
[HKCR\Installer\Products\843B1BCDE49CD6D4C80ED7D95AFC66E3] : OpenOffice 4.1.2 -> C:\Windows\Installer\{DCB1B348-C94E-4D6D-8CE0-7D9DA5CF663E}\soffice.ico
[HKCR\Installer\Products\8468EEE0515A02678C3FBD6F68DC4E37] : Windows SDK for Windows Store Apps Metadata
[HKCR\Installer\Products\872982F4DE188E5CE2F0967A3457D619] : Windows Desktop Extension SDK
[HKCR\Installer\Products\87BB85415CD10CB49B3AB246F4A51850] : DeviceDiscovery
[HKCR\Installer\Products\881D49CF80E17073D9324F11874D6446] : Windows Espc Resource Package
[HKCR\Installer\Products\88ACFFF8D992F5332AA24CAD04B33402] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\88AF063D8C7141F46BF731AA9F06B721] : MarketResearch
[HKCR\Installer\Products\89201680EA92B5443BD7FEEB50089276] : LWS Pictures And Video
[HKCR\Installer\Products\8CDD41E806AE81E43B3E917301D4B5AD] : MSVCRT110
[HKCR\Installer\Products\8DF49EE825F536443A0481D561231885] : WebReg
[HKCR\Installer\Products\8E8C0701BFD4F91489A4C538858298E7] : vs_BlendMsi
[HKCR\Installer\Products\8F88D5D46CBD04CA6BC2FA2C4F51CD37] : Windows App Certification Kit x64
[HKCR\Installer\Products\90AA4F9BCA4F8014DA0A72DC4DF5EC3C] : vs_clickoncebootstrappermsi
[HKCR\Installer\Products\90E829A48976BA644A7FB125DC61B4B3] : Python 3.6.0 Executables (64-bit symbols)
[HKCR\Installer\Products\93799D213DFF1673A86A9F920EEF04E7] : Multi-Device Hybrid Apps using C# - Templates - ENU
[HKCR\Installer\Products\959511C6506F2A1613DADC47A5E0BB21] : Windows IoT Extension SDK
[HKCR\Installer\Products\978146D6C628EF546B12456E41BB2F02] : Windows Simulator - ENU
[HKCR\Installer\Products\978D0142F8C0452B2C7054E51109576B] : Universal CRT Tools x86
[HKCR\Installer\Products\996BF77C1B3F3A93CB4547546353124B] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\99999417B49960C4695B5B93367FA0FA] : icecap_collectionresources
[HKCR\Installer\Products\9F8C0DA8825DB57389F774B73C7FFBDD] : Visual C++ Compiler/Tools X86 Base Package
[HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper
[HKCR\Installer\Products\A3FED2B5A1EA92035A9BF3FF7E69853A] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\A5098D9FFDD33143FA44D5092EC95252] : Visual C++ IDE Debugger Package
[HKCR\Installer\Products\A5254F69D074C51F97E6859D89C8E3F5] : Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
[HKCR\Installer\Products\A5F95808C31DE8BA64956B03FC2E95D9] : WinAppDeploy
[HKCR\Installer\Products\A6C64DD86500CEF47BA082BB611A1FF1] : MSVCRT
[HKCR\Installer\Products\A6ECFB1B00FA70C3AB0620A721DED26E] : Windows Phone SDK 8.0 Assemblies for Visual Studio 2017
[HKCR\Installer\Products\A7EDD0E76CE92763CA2980ADC292D27B] : Roslyn Language Services - x86
[HKCR\Installer\Products\A80FB044E97ADAF9569D5ACF86F38D7B] : Windows SDK for Windows Store Apps Tools
[HKCR\Installer\Products\A991B47B4DDE756B0E5523D75444202D] : Windows Software Development Kit DirectX x64 Remote
[HKCR\Installer\Products\AA8E841005A437645B23BDF9038F40EB] : IIS 10.0 Express -> C:\WINDOWS\Installer\{0148E8AA-4A50-4673-B532-DB9F30F804BE}\Icon_IisExpress
[HKCR\Installer\Products\AB4027DB46DDE994B955A682C2FDF44A] : Destinations
[HKCR\Installer\Products\AC1DAAC3011A7183096584E2A5C07851] : Visual C++ MSBuild X86 Package
[HKCR\Installer\Products\AC7C08D81B1DEAAA81678FECA26502F4] : Windows SDK Modern Non-Versioned Developer Tools
[HKCR\Installer\Products\AE4DE1D2D95B5664CA3B395278A203D0] : Minecraft -> C:\WINDOWS\Installer\{2D1ED4EA-B59D-4665-ACB3-9325872A300D}\minecraft.ico
[HKCR\Installer\Products\B2AE4A8D79A15A54FB69473981F35842] : VS Immersive Activate Helper
[HKCR\Installer\Products\B4813A6AE8474F64E982B68598051607] : Python 3.6.0 Development Libraries (64-bit)
[HKCR\Installer\Products\B4EB76DD26E75124FA3A1F328A003A98] : Movie Maker
[HKCR\Installer\Products\B5AFF1F99344C162AA39CEB746A4243F] : Windows SDK for Windows Store Managed Apps Libs
[HKCR\Installer\Products\B67AEAD9F05E27245A5910428E6255D3] : LWS WLM Plugin
[HKCR\Installer\Products\B78DD5CB341041D4AA6E79016941CDB6] : SolutionCenter
[HKCR\Installer\Products\B9FB157332F56794AA26B14F7D19CDEF] : Photo Common
[HKCR\Installer\Products\BBA14B0E233AD2B34B70261C65A640EA] : Visual C++ MSBuild Base Resource Package
[HKCR\Installer\Products\BBEACB025F0BD3C4D860DF80644E09D6] : icecap_collectionresourcesx64
[HKCR\Installer\Products\BC2B476AAC31B7342A51D92D7559A994] : Python Launcher -> C:\WINDOWS\Installer\{A674B2CB-13CA-437B-A215-9DD257959A49}\ARPIcon
[HKCR\Installer\Products\C14E23FDDA4278A44BA33B58351B08E6] : Visual Studio 2015 Prerequisites
[HKCR\Installer\Products\C3AF8C38AE4F4C6438293DEC5373836D] : LWS Launcher
[HKCR\Installer\Products\C3CE67F61B43E63479BF845CD8B7DEDC] : LWS Gallery
[HKCR\Installer\Products\C3ECCA11971CC2748AACF06477202BAD] : .NET Core SDK 1.0.4 (x64)
[HKCR\Installer\Products\C3F0ABAEE7829333D988CB682C5AC3B1] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\C3F992B07EC6255BD3AF9F17BD92C9F4] : Windows IP Over USB
[HKCR\Installer\Products\C75CF388F985E6E4BA8F78B24F73B2C4] : Mumble 1.3.0 -> C:\WINDOWS\Installer\{883FC57C-589F-4E6E-ABF8-872BF4372B4C}\mumble.ico
[HKCR\Installer\Products\C88D1A60201E7254FA0792FF7DFA12A5] : Scan
[HKCR\Installer\Products\C8A2FA24BBE6E2D3B91F165373F9ABCB] : Windows Espc Package
[HKCR\Installer\Products\C8CE0A18264989CBE0C503D17D4A7629] : WinRT Intellisense PPI - Other Languages
[HKCR\Installer\Products\CA9DA8520B8AB61309645476CEFFC56A] : Visual C++ IDE Base Package
[HKCR\Installer\Products\CC42ACE115559C131AF0D1CDD0128C55] : Visual C++ IDE Base Resource Package
[HKCR\Installer\Products\CE43992D6B42D5F06CBB9ECEFC22C021] : Universal CRT Tools x64
[HKCR\Installer\Products\CF6E3F463E862604C9C2BA9DF3FD3F90] : icecap_collection_neutral
[HKCR\Installer\Products\D07D4C86E9A709C47BCCC42B96205FDB] : SourceTree -> C:\WINDOWS\Installer\{68C4D70D-7A9E-4C90-B7CC-4CB26902F5BD}\SourceTree.exe
[HKCR\Installer\Products\D25657E31B99E7141B36EB3FC3DAF361] : League of Legends -> C:\Windows\Installer\{3E75652D-99B1-417E-B163-BEF33CAD3F16}\lol.launcher_1.exe
[HKCR\Installer\Products\D2A0849D521408833B430370038A8BA5] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\D36E13DCDF74C1941871FC02D1A0AF5B] : TrayApp
[HKCR\Installer\Products\D7C711A8B9AD6E14D60410D9B5F5650A] : Windows IoT Extension SDK Contracts
[HKCR\Installer\Products\D8E663C1AABC804DDC42010C8A5BF3EC] : Windows SDK for Windows Store Apps Contracts
[HKCR\Installer\Products\DAD0306A0061767F8CDD7C22DAEFF8CB] : Windows Software Development Kit DirectX x86 Remote
[HKCR\Installer\Products\DB7E58BDDD2B4D343B0C327D5B725B79] : WCF Data Services 5.6.4 Runtime
[HKCR\Installer\Products\DC276626FCFB9A94EAEFBAF0DEB3CFB5] : Gestionnaire pour appareils Windows Mobile -> C:\WINDOWS\Installer\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}\wmdc.exe
[HKCR\Installer\Products\DD81A634C2F5C3B489E5DAC3310BCC52] : PreEmptive Analytics Visual Studio Components -> C:\Windows\Installer\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}\icon.ico
[HKCR\Installer\Products\DDC5B60793C177633B9FFAD8601AE711] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\DE18AAFDF0455B74193118C44C72FC8D] : Python 3.6.0 Core Interpreter (64-bit symbols)
[HKCR\Installer\Products\E00947D5F0FECE14688C8A060A4D6FC0] : IntelliTraceProfilerProxy
[HKCR\Installer\Products\E165DB015B21D3E49B28FD3478E9D7CA] : Active Directory Authentication Library pour SQL Server -> C:\WINDOWS\Installer\{10BD561E-12B5-4E3D-B982-DF43879E7DAC}\ARPIco
[HKCR\Installer\Products\E338BAA0D430B0343D4E935C57B341CA] : Universal CRT Redistributable
[HKCR\Installer\Products\E464C8E2F1CE4893D9ABE01846CBDED5] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\E4E531A27622DAC35B0D23512D20F926] : Visual C++ Compiler/Tools X86 Base Resource Package
[HKCR\Installer\Products\E531D40944B264B44A4B875ACF8E2FC7] : Epic Games Launcher -> C:\WINDOWS\Installer\{904D135E-2B44-4B46-A4B4-78A5FCE8F27C}\Installer.ico
[HKCR\Installer\Products\E5E449D7182711230BFBA0DB97167836] : Visual C++ Library CRT Appx Package
[HKCR\Installer\Products\E6121561DA7E0524291ABFE86D31199C] : LWS Help_main
[HKCR\Installer\Products\E61E74258FCBBA5961353B8FBF8F3B1F] : Windows Software Development Kit DirectX x64 Remote
[HKCR\Installer\Products\E66BAA708174D2242981A4BFC329A217] : Photo Gallery
[HKCR\Installer\Products\E7440C8FC54D25E4498E6C43A0CAD98B] : Entity Framework 6.1.3 Tools  for Visual Studio 15
[HKCR\Installer\Products\E86C46B30E4141245AD305E2F9DB237E] : VS Script Debugging Common
[HKCR\Installer\Products\EA447EC6F0E7FA001FDB70D7A9CFEB6C] : WinRT Intellisense PPI - en-us
[HKCR\Installer\Products\EA902584EC73802295BCB75BA98AB57E] : Universal General MIDI DLS Extension SDK
[HKCR\Installer\Products\ECA5A79430AD21441A0119B0C2547002] : vs_minshellmsi
[HKCR\Installer\Products\EDA7000A6F6FF01428F257224B0FFBED] : Intellisense Lang Pack Mobile Extension SDK 10.0.15063.0
[HKCR\Installer\Products\F15C2C10FC0BE5BB0A019E724DF47702] : Application Verifier x64 External Package
[HKCR\Installer\Products\F187AF9E08E3993428A5DAE3112CC877] : MSVCRT110_amd64
[HKCR\Installer\Products\F2026B54617AA86C91E9341B605BA6E7] : WinRT Intellisense Desktop - en-us
[HKCR\Installer\Products\F23038D55B634E241A413D0111C9F615] : Python 3.6.0 Documentation (64-bit)
[HKCR\Installer\Products\F3124EAC797FD934DBE9977BD111B53E] : HPPhotoGadget
[HKCR\Installer\Products\F349140AB79C6F84F8325C70F899BBA3] : vs_communitymsi
[HKCR\Installer\Products\F3BF308E3B5AE8744A3278BB5FAF1A20] : Windows Mobile Connectivity Tools 10.0.15063.0 - Desktop x86
[HKCR\Installer\Products\F3D66E17900ABA447848572E18B94AAB] : LWS Motion Detection
[HKCR\Installer\Products\F45FAD3B52BD6854E91F692DB41B0488] : Windows Movie Maker 2.6
[HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater
[HKCR\Installer\Products\F735712FA32E0FB3BA2173304EC3B151] : Visual C++ IDE Common Resource Package
[HKCR\Installer\Products\F765294615B60983AB7084C46244F016] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\F8385C66458B55A4986E6A3178744AFD] : Epic Games Launcher Prerequisites (x64) -> C:\WINDOWS\Installer\{66C5838F-B854-4A55-89E6-A6138747A4DF}\UnrealEngineLauncher.ico
[HKCR\Installer\Products\FA43A9AF5ED4D710CDD1B5DCCFB02A3A] : Windows SDK
[HKCR\Installer\Products\FB2BAA3320A0FC83183A1A82482CC134] : Visual C++ MSBuild ARM Package
[HKCR\Installer\Products\FB84B8ED9B28A4342B45E12A03E6F5AB] : vs_clickoncesigntoolmsi
[HKCR\Installer\Products\FC03D219E93F13B4DAA921C3B697E42E] : HP Update -> C:\WINDOWS\Installer\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\FF43B934E47F70845B2EB4575815ADB6] : Galerie de photos
[HKCR\Installer\Products\FF664EB97B078AD408C7BDC46301DFAA] : Copy

---------- | Drives


---------- | MBR


64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin

---------- | 20 LastEventLog

svchost (3268,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
------------

svchost (3012,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
------------

svchost (3272,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
------------

svchost (12924,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
------------

Le programme Skype.exe version 8.51.0.92 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance.
 ID de processus : 2c04
 Heure de début : 01d568ea429c9f1c
 Heure d'arrêt : 4294967295
 Chemin d'accès à l'application : C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
 ID de rapport : 9255e508-2121-46ea-8a44-d626b25d24ea
 Nom complet du package défectueux : 
 ID de l'application relative à un package défectueux : 
 Type de blocage : Top level window is idle

------------

svchost (3256,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
------------

svchost (3372,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
------------

svchost (3420,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
------------

Windows ne peut pas accéder au fichier C:\Windows\System32\wiaservc.dll pour une des raisons suivantes : un problème s’est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les pilotes de stockage installés sur cet ordinateur, ou le disque est manquant. Windows a fermé le programme Host Process for Windows Services en raison de cette erreur.

Programme : Host Process for Windows Services
Fichier : C:\Windows\System32\wiaservc.dll

La valeur de l’erreur est affichée dans la section Données supplémentaires.
Action utilisateur
1. Ouvrez à nouveau le fichier. Cette situation peut résulter d’un problème temporaire qui se corrigera de lui-même à la prochaine exécution du programme.
2. Si le fichier est toujours inaccessible et
	- Il se trouve sur le réseau : votre administrateur réseau devrait vérifier qu’il n’y a aucun problème avec le réseau et que le serveur peut être contacté.
	- Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l’ordinateur.
3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l’invite de commandes, entrez CHKDSK /F et appuyez sur Entrée.
4. Si le problème persiste, restaurez le fichier à partir d’une copie de sauvegarde.
5. Déterminez si d’autres fichiers du même disque peuvent être ouverts. Si ce n’est pas le cas, le disque est peut-être endommagé. S’il s’agit d’un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur pour obtenir une assistance supplémentaire.

Données supplémentaires
Valeur de l’erreur : C0000483
Type du disque : 3
------------

Nom de l’application défaillante svchost.exe_stisvc, version : 10.0.18362.1, horodatage : 0x32d6c210
Nom du module défaillant : wiaservc.dll, version : 10.0.18362.1, horodatage : 0x3ae681a5
Code d’exception : 0xc0000006
Décalage d’erreur : 0x0000000000045b74
ID du processus défaillant : 0x54c
Heure de début de l’application défaillante : 0x01d568d6cc2c9777
Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\svchost.exe
Chemin d’accès du module défaillant: c:\windows\system32\wiaservc.dll
ID de rapport : 0dc5dce8-0bc4-4338-a8fc-5c4318e144d2
Nom complet du package défaillant : 
ID de l’application relative au package défaillant : 
------------

svchost (8348,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
------------

svchost (3376,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
------------

svchost (3380,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
------------

svchost (3316,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
------------

Nom de l’application défaillante svchost.exe_GraphicsPerfSvc, version : 10.0.18362.1, horodatage : 0x32d6c210
Nom du module défaillant : ucrtbase.dll, version : 10.0.18362.267, horodatage : 0x080a13f7
Code d’exception : 0xc0000409
Décalage d’erreur : 0x000000000006d33e
ID du processus défaillant : 0x3568
Heure de début de l’application défaillante : 0x01d5687b2b8dcdbc
Chemin d’accès de l’application défaillante : C:\WINDOWS\System32\svchost.exe
Chemin d’accès du module défaillant: C:\WINDOWS\System32\ucrtbase.dll
ID de rapport : a831f108-8ce8-4c4a-b436-d2368743ec99
Nom complet du package défaillant : 
ID de l’application relative au package défaillant : 
------------

La taille de la mémoire tampon obligatoire est supérieure à la taille de la mémoire tampon transmise à la fonction de collecte de la DLL Compteur extensible « C:\Windows\System32\perfts.dll » pour le service « LSM ». La taille de la mémoire tampon donnée était de 12320 et la taille obligatoire était de 37824.
------------

Nom de l’application défaillante SkypeApp.exe, version : 8.51.0.72, horodatage : 0x5d4c5b0b
Nom du module défaillant : twinapi.appcore.dll, version : 10.0.18362.1, horodatage : 0x42f071ca
Code d’exception : 0xc000027b
Décalage d’erreur : 0x00000000000d5cc8
ID du processus défaillant : 0x2c84
Heure de début de l’application défaillante : 0x01d565a484561626
Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\twinapi.appcore.dll
ID de rapport : 2111b0df-8ade-4edd-8c3e-dad23911e434
Nom complet du package défaillant : Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c
ID de l’application relative au package défaillant : App
------------

Nom de l’application défaillante svchost.exe_GraphicsPerfSvc, version : 10.0.18362.1, horodatage : 0x32d6c210
Nom du module défaillant : ucrtbase.dll, version : 10.0.18362.267, horodatage : 0x080a13f7
Code d’exception : 0xc0000409
Décalage d’erreur : 0x000000000006d33e
ID du processus défaillant : 0x3c60
Heure de début de l’application défaillante : 0x01d5648836ba00a5
Chemin d’accès de l’application défaillante : C:\WINDOWS\System32\svchost.exe
Chemin d’accès du module défaillant: C:\WINDOWS\System32\ucrtbase.dll
ID de rapport : e5074417-1a5c-4916-9cbd-ac7f8e0da3b9
Nom complet du package défaillant : 
ID de l’application relative au package défaillant : 
------------

Nom de l’application défaillante svchost.exe_GraphicsPerfSvc, version : 10.0.18362.1, horodatage : 0x32d6c210
Nom du module défaillant : ucrtbase.dll, version : 10.0.18362.267, horodatage : 0x080a13f7
Code d’exception : 0xc0000409
Décalage d’erreur : 0x000000000006d33e
ID du processus défaillant : 0x174c
Heure de début de l’application défaillante : 0x01d563c7a22fb902
Chemin d’accès de l’application défaillante : C:\WINDOWS\System32\svchost.exe
Chemin d’accès du module défaillant: C:\WINDOWS\System32\ucrtbase.dll
ID de rapport : e3abcb25-9bc4-47f9-b665-aba3ff3c2a0d
Nom complet du package défaillant : 
ID de l’application relative au package défaillant : 
------------


----------( EOF)---------- - 5694 | 11:59:36