--------------- QuickDiag | g3n-h@ckm@n | V5_10.09.19.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 18/09/2019 19:49:27 Updated 10/09/2019 | 23:30 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Mosheur (Administrator)] - [MOSHEUR] (S-1-5-21-2673370752-163226256-3562748738) System: Microsoft Windows 10 Famille - - (10.0.17763) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (1809) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\WINDOWS|\Device\Harddisk0\Partition2 Boot : Normal boot PC: Z97P-D3 - Gigabyte Technology Co., Ltd. - IdNumber: To be filled by O.E.M. - UUID: 03D40274-0435-05BE-B306-810700080009 Processor : X64 - 3500 Mhz - Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz BIOS Date: 05/30/14 09:03:04 Ver: 04.06.05 - en|US|iso8859-1 - American Megatrends Inc. - S/N: To be filled by O.E.M. - F5 - ALASKA - 1072009 CoreTemp : 29.8 Celsius ----------| Quick ---------- | SoundDevice Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0887&SUBSYS_1458A182&REV_1003\4&42F4E46&0&0201 NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0040&SUBSYS_1458361C&REV_1001\5&281AED79&0&0001 NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000 Son Intel(R) pour écrans - Status: OK - Manufacturer: Intel(R) Corporation - PNPDeviceID: HDAUDIO\FUNC_01&VEN_8086&DEV_2807&SUBSYS_80860101&REV_1000\4&1793E418&0&0001 Webcam C170 - Status: OK - Manufacturer: Logitech - PNPDeviceID: USB\VID_046D&PID_082B&MI_02\6&2298C37C&0&0002 Périphérique audio USB - Status: OK - Manufacturer: (USB Audio générique) - PNPDeviceID: USB\VID_0C76&PID_161F&MI_00\6&23095F28&0&0000 ---------- | Video NVIDIA GeForce GTX 760 - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830a0263f2ee97ce\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830a0263f2ee97ce\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830a0263f2ee97ce\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830a0263f2ee97ce\nvldumdx.dll - PNPDeviceID: PCI\VEN_10DE&DEV_1187&SUBSYS_361C1458&REV_A1\4&1286464&0&0008 - AdapterCompatibility: NVIDIA - RAM: -1048576 Intel(R) HD Graphics 4600 - Resolution: x - Colors: - RefreshRate: - Bits Per Pixel - DeviceID: VideoController2 - Drivers: igdumdim64.dll,igd10iumd64.dll,igd10iumd64.dll,igd12umd64.dll - PNPDeviceID: PCI\VEN_8086&DEV_0412&SUBSYS_D0001458&REV_06\3&11583659&0&10 - AdapterCompatibility: Intel Corporation - RAM: 1073741824 Inegrated Video Chipset DeviceName: NVIDIA GeForce GTX 760 - DriverVersion: 26.21.14.3630 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 36680 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42904 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34800 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25824 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 92672 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27648 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 39424 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK ---------- | CPU CPU #1 value:0 % CPU #2 value:3 % CPU #3 value:27 % CPU #4 value:21 % Total Overall CPU Usage value:12 % ---------- | Network Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 Kaspersky Security Data Escort Adapter - Ethernet 802.3 - Kaspersky Security Data Escort Provider - Status: - PnPID : ROOT\NET\0000 Realtek PCIe GbE Family Controller - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8168&SUBSYS_E0001458&REV_06\01000000684CE00000 Bluetooth Device (Personal Area Network) - - - Status: - PnPID : WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_SSTPMINIPORT WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_AGILEVPNMINIPORT WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_L2TPMINIPORT WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPTPMINIPORT WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPPOEMINIPORT WAN Miniport (IP) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIP WAN Miniport (IPv6) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIPV6 WAN Miniport (Network Monitor) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANBH RAS Async Adapter - - - Status: - PnPID : ---------- | Memory RAM = Total (MB) : 8280 | Free (MB) : 1702 Pagefile = Total (MB) : 16668 | Free (MB) : 6117 Virtual = Total (MB) : 4194 | Free (MB) : 3892 Physical Memory 0 : Capacity: 8589934592 - ChannelA-DIMM0 - Posit.: - Manufacturer: 0420 - PartNumber: - S/N: F91B0000 ---------- | SID Users Administrateur : [S-1-5-21-2673370752-163226256-3562748738-500] DefaultAccount : [S-1-5-21-2673370752-163226256-3562748738-503] HomeGroupUser$ : [S-1-5-21-2673370752-163226256-3562748738-1002] Invité : [S-1-5-21-2673370752-163226256-3562748738-501] leleg : [S-1-5-21-2673370752-163226256-3562748738-1004] Mosheur : [S-1-5-21-2673370752-163226256-3562748738] WDAGUtilityAccount : [S-1-5-21-2673370752-163226256-3562748738-504] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] HomeUsers : [S-1-5-21-2673370752-163226256-3562748738-1001] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [] | Total : 118.36 Go | Free : 37.5 Go -> NTFS (SSD) [SATA] D:\ -> [Fixed] | [] | Total : 931.39 Go | Free : 325.07 Go -> NTFS [SATA] F:\ -> [Fixed] | [Mosheur] | Total : 465.76 Go | Free : 92.61 Go -> NTFS [USB] H:\ -> [Fixed] | [Réservé au système] | Total : 0.1 Go | Free : 0.06 Go -> NTFS (SSD) [SATA] I:\ -> [Removable] | [] | Total : 28.89 Go | Free : 28.89 Go -> FAT32 [USB] Disk Usage Information [5 total Physical Disks] Physical Drive #0 [H:, C:] : Read:126,258 bytes/sec, Written:1,631,499 bytes/sec Max Read:126,258 bytes/sec, Max Write:1,631,499 bytes/sec Physical Drive #1 [D:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #2 [I:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #3 [F:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #4 [G:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:126,258 bytes/sec, Write Maximum:1,631,499 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 3 Part. - PnPID : SCSI\DISK&VEN_ADATA&PROD_SP900\4&2A148996&0&020000 DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - IDE - Fixed hard disk media - 1 Part. - PnPID : SCSI\DISK&VEN_ST1000DM&PROD_003-1ER162\4&2A148996&0&040000 DeviceID: \\.\PHYSICALDRIVE3 - Status: OK - USB - External hard disk media - 1 Part. - PnPID : USBSTOR\DISK&VEN_TOSHIBA&PROD_USB_3.5"-HDD\00210CC2&0 DeviceID: \\.\PHYSICALDRIVE2 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_VERBATIM&PROD_STORE_N_GO&REV_PMAP\900078FF15098E76&0 DeviceID: \\.\PHYSICALDRIVE4 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC&PROD_STORAGE_DEVICE&REV_0272\000000000272&0 ---------- | Windows updates - Activation - License W.A.T : :) Test 1 : Windows Is Activated Volume License ---------- | Browsers IE : 11.0.17763.592 (© Microsoft Corporation. Tous droits réservés.) FF : 64.0.2.6947 (©Firefox and Mozilla Developers; available under the MPL 2 license.) GC : 76.0.3809.132 (Copyright 2019 Google LLC.) ---------- | FlashPlayer FlashPlayer ActiveX : 32.0.0.255 FlashPlayer Plugin : 32.0.0.255 ---------- | Security AS : Windows Defender Disabled WMI : OK WU: Windows Update Service [Manual(3)] = Running AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 524 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.17763.292) = C:\Windows\System32\smss.exe [12/03/2019 08:31:36] CPU Usage:0 % 844 | [Owner : Système | Parent : 732() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.17763.1) = C:\Windows\System32\csrss.exe [15/09/2018 09:28:45] CPU Usage:0 % 976 | [Owner : Système | Parent : 732() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.17763.1) = C:\Windows\System32\wininit.exe [15/09/2018 09:28:45] CPU Usage:0 % 984 | [Owner : Système | Parent : 956() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.17763.1) = C:\Windows\System32\csrss.exe [15/09/2018 09:28:45] CPU Usage:0 % 496 | [Owner : Système | Parent : 976(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.17763.652) = C:\Windows\System32\services.exe [14/08/2019 11:13:35] CPU Usage:0 % 604 | [Owner : Système | Parent : 976(wininit.exe) | 19.94 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.17763.1) = C:\Windows\System32\lsass.exe [15/09/2018 09:28:46] CPU Usage:0 % 736 | [Owner : Système | Parent : 496(services.exe) | 3.39 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 1032 | [Owner : Système | Parent : 496(services.exe) | 26.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 1052 | [Owner : UMFD-0 | Parent : 976(wininit.exe) | 2.52 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.17763.737) = C:\Windows\System32\fontdrvhost.exe [11/09/2019 12:54:17] CPU Usage:0 % 1128 | [Owner : Système | Parent : 956() | 10.74 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.17763.737) = C:\Windows\System32\winlogon.exe [11/09/2019 12:54:17] CPU Usage:0 % 1188 | [Owner : UMFD-1 | Parent : 1128(winlogon.exe) | 20.06 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.17763.737) = C:\Windows\System32\fontdrvhost.exe [11/09/2019 12:54:17] CPU Usage:0 % 1232 | [Owner : SERVICE RÉSEAU | Parent : 496(services.exe) | 16.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 1284 | [Owner : Système | Parent : 496(services.exe) | 7.62 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 1472 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 6.36 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 1508 | [Owner : Système | Parent : 496(services.exe) | 8.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 1516 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 11.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 1596 | [Owner : Système | Parent : 496(services.exe) | 14.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 1640 | [Owner : Système | Parent : 496(services.exe) | 11.05 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 1660 | [Owner : Système | Parent : 496(services.exe) | 5.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 1676 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 7.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 1844 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 14.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 1872 | [Owner : Système | Parent : 496(services.exe) | 8.06 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 1896 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 5.81 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 1956 | [Owner : Système | Parent : 496(services.exe) | 9.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 1984 | [Owner : Système | Parent : 496(services.exe) | 7.8 Mo] - (.Intel Corporation - igfxCUIService Module.) - (6.15.10.5063) = C:\Windows\System32\igfxCUIService.exe [01/11/2016 23:05:26] CPU Usage:0 % 1308 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 6.82 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.17763.1) = C:\Windows\System32\WUDFHost.exe [15/09/2018 09:28:52] CPU Usage:0 % 2052 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 6.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 2120 | [Owner : Système | Parent : 496(services.exe) | 11.17 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.15.2586.5913) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [28/01/2019 13:51:43] CPU Usage:0 % 2160 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 7.05 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 2252 | [Owner : Système | Parent : 496(services.exe) | 19.67 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 2332 | [Owner : Système | Parent : 496(services.exe) | 12.78 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 2340 | [Owner : Système | Parent : 496(services.exe) | 5.25 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 2416 | [Owner : SERVICE RÉSEAU | Parent : 496(services.exe) | 10.59 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 2440 | [Owner : Système | Parent : 496(services.exe) | 7.28 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 2448 | [Owner : Système | Parent : 496(services.exe) | 14.94 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 2456 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 7.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 2684 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 8.02 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 2704 | [Owner : Système | Parent : 2120(NVDisplay.Container.exe) | 30.76 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.15.2586.5913) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [28/01/2019 13:51:43] CPU Usage:0 % 2856 | [Owner : SERVICE RÉSEAU | Parent : 496(services.exe) | 7.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 2892 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 8.39 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 2972 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 14.72 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 3064 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 7.02 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 3136 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 9.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 3320 | [Owner : Système | Parent : 496(services.exe) | 6.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 3388 | [Owner : SERVICE LOCAL | Parent : 3320(svchost.exe) | 14.25 Mo] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.17763.1) = C:\Windows\System32\dasHost.exe [15/09/2018 09:28:36] CPU Usage:0 % 3424 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 12.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 3504 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 5.77 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 3512 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 8.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 3552 | [Owner : Système | Parent : 496(services.exe) | 11.62 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 3616 | [Owner : Système | Parent : 496(services.exe) | 16.01 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.17763.615) = C:\Windows\System32\spoolsv.exe [10/07/2019 12:16:38] CPU Usage:0 % 3676 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 20.58 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 3708 | [Owner : SERVICE RÉSEAU | Parent : 496(services.exe) | 7.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 3808 | [Owner : Système | Parent : 496(services.exe) | 6.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 3816 | [Owner : SERVICE RÉSEAU | Parent : 496(services.exe) | 6.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 3928 | [Owner : Système | Parent : 496(services.exe) | 8.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 3940 | [Owner : Système | Parent : 496(services.exe) | 6.26 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 3964 | [Owner : SERVICE RÉSEAU | Parent : 496(services.exe) | 14.61 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 3972 | [Owner : Système | Parent : 496(services.exe) | 26.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 3980 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 27.84 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 3992 | [Owner : Système | Parent : 496(services.exe) | 5.67 Mo] - (.Adobe Systems - Adobe Acrobat Update Service.) - (1.824.34.1201) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [24/07/2019 01:58:34] CPU Usage:0 % 4000 | [Owner : Système | Parent : 496(services.exe) | ?????] - (.AO Kaspersky Lab - Kaspersky Anti-Virus.) - (19.0.0.1088) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\avp.exe [28/02/2018 23:37:30] CPU Usage:0 % 4012 | [Owner : Système | Parent : 496(services.exe) | 45.82 Mo] - (.Corsair Memory, Inc. - Corsair.Service.) - (3.15.0.4) = C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [22/04/2019 19:47:52] CPU Usage:0 % 4044 | [Owner : Système | Parent : 496(services.exe) | 7.66 Mo] - (.Seiko Epson Corporation - ENAgent.) - (1.0.2.15) = C:\Windows\SysWOW64\ENAgent.exe [01/05/2019 16:11:16] CPU Usage:0 % 4056 | [Owner : Système | Parent : 496(services.exe) | 4.9 Mo] - (.Seiko Epson Corporation - Epson Scanner Service (64bit).) - (1.3.0.1) = C:\Windows\System32\escsvc64.exe [16/01/2019 17:14:25] CPU Usage:0 % 4072 | [Owner : Système | Parent : 496(services.exe) | 20.74 Mo] - (.Scarlet.Crush Productions - ScpService.) - (1.2.2.175) = F:\ne pas jetter control manette\ScpServer\bin\ScpService.exe [10/11/2018 12:33:49] CPU Usage:0 % 4080 | [Owner : Système | Parent : 496(services.exe) | 10.99 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 4092 | [Owner : Système | Parent : 496(services.exe) | 21.98 Mo] - (.AO Kaspersky Lab - Kaspersky Password Manager Service.) - (9.0.2.767) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [08/02/2019 23:39:42] CPU Usage:0 % 3444 | [Owner : Système | Parent : 496(services.exe) | 6.2 Mo] - (.-.) - (22.29.1.3) = C:\Program Files (x86)\MobileBrServ\mbbService.exe [02/03/2018 12:03:21] CPU Usage:0 % 4112 | [Owner : Système | Parent : 496(services.exe) | 8.22 Mo] - (.Seiko Epson Corporation - MyEpson Portal Service.) - (1.0.3.3) = C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe [28/06/2017 17:01:20] CPU Usage:0 % 4128 | [Owner : Système | Parent : 496(services.exe) | 8.49 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 4144 | [Owner : Système | Parent : 496(services.exe) | 44.37 Mo] - (.Logitech - Logitech VC ServiceLayer.) - (1.10.67.0) = C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [19/06/2018 03:13:36] CPU Usage:0 % 4156 | [Owner : Système | Parent : 496(services.exe) | 8.93 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 4168 | [Owner : SERVICE RÉSEAU | Parent : 496(services.exe) | 10.91 Mo] - (.Microsoft Corporation - Message Queuing Service.) - (5.0.1.1) = C:\Windows\System32\mqsvc.exe [15/09/2018 09:38:22] CPU Usage:0 % 4180 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 20.41 Mo] - (.Microsoft Corporation - SMSvcHost.exe.) - (4.7.3190.0) = C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [15/09/2018 09:29:50] CPU Usage:0 % 4196 | [Owner : Système | Parent : 496(services.exe) | 29.6 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.19.2693.9990) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [23/05/2018 20:45:29] CPU Usage:0 % 4296 | [Owner : Système | Parent : 496(services.exe) | 5.68 Mo] - (.-.) - (0.0.0.0) = C:\Windows\System32\PnkBstrA.exe [14/05/2018 16:02:13] CPU Usage:0 % 4364 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 6.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 4384 | [Owner : Système | Parent : 496(services.exe) | 12.12 Mo] - (.- SetupAfterRebootService.) - (1.0.0.0) = C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [03/09/2019 19:10:47] CPU Usage:0 % 4432 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 7.06 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 4476 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 11.8 Mo] - (.Electronic Arts - OriginWebHelperService.) - (10.5.47.29954) = F:\Origin\OriginWebHelperService.exe [17/09/2019 11:04:09] CPU Usage:0 % 4484 | [Owner : Système | Parent : 496(services.exe) | 19.35 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 4492 | [Owner : Système | Parent : 496(services.exe) | 44.16 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.17763.652) = C:\Windows\System32\SearchIndexer.exe [14/08/2019 11:13:33] CPU Usage:0 % 4516 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 7.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 4548 | [Owner : Système | Parent : 496(services.exe) | 5.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 4720 | [Owner : Système | Parent : 496(services.exe) | 9.04 Mo] - (.Reason Software Company Inc. - Unchecky Service.) - (1.2.0.0) = D:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [02/09/2017 14:22:41] CPU Usage:0 % 4764 | [Owner : SERVICE RÉSEAU | Parent : 496(services.exe) | 6.9 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 4900 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 5.09 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 5188 | [Owner : Système | Parent : 496(services.exe) | 11.67 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 5556 | [Owner : SERVICE RÉSEAU | Parent : 496(services.exe) | 14.74 Mo] - (.Microsoft Corporation - SMSvcHost.exe.) - (4.7.3190.0) = C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [15/09/2018 09:29:50] CPU Usage:0 % 5760 | [Owner : Système | Parent : 4196(nvcontainer.exe) | 7.83 Mo] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.17763.1) = C:\Windows\System32\rundll32.exe [15/09/2018 09:28:57] CPU Usage:0 % 6032 | [Owner : Système | Parent : 1032(svchost.exe) | 42.34 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17763.1) = C:\Windows\System32\wbem\WmiPrvSE.exe [15/09/2018 09:28:29] CPU Usage:0 % 6344 | [Owner : SERVICE RÉSEAU | Parent : 1032(svchost.exe) | 17.79 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17763.1) = C:\Windows\System32\wbem\WmiPrvSE.exe [15/09/2018 09:28:29] CPU Usage:0 % 6544 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 5.81 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 6656 | [Owner : Mosheur | Parent : 4720(unchecky_svc.exe) | 10.96 Mo] - (.Reason Software Company Inc. - Unchecky Background Process.) - (1.2.0.0) = D:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe [02/09/2017 14:22:41] CPU Usage:0 % 6672 | [Owner : Mosheur | Parent : 4112(mepService.exe) | 37.05 Mo] - (.Seiko Epson Corporation - MyEpson Portal.) - (1.1.3.0) = C:\Program Files (x86)\epson\MyEpson Portal\mep.exe [01/11/2018 15:05:18] CPU Usage:0 % 6696 | [Owner : Mosheur | Parent : 1956(svchost.exe) | 28.38 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.17763.1) = C:\Windows\System32\sihost.exe [15/09/2018 09:28:34] CPU Usage:0 % 6744 | [Owner : Mosheur | Parent : 496(services.exe) | 21.76 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 6956 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 16.84 Mo] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.9034) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe [25/04/2019 20:17:23] CPU Usage:0 % 6972 | [Owner : Mosheur | Parent : 496(services.exe) | 39.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 7084 | [Owner : Système | Parent : 496(services.exe) | 14.79 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 7116 | [Owner : Mosheur | Parent : 1596(svchost.exe) | 19.02 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.17763.475) = C:\Windows\System32\taskhostw.exe [04/05/2019 09:53:28] CPU Usage:0 % 7284 | [Owner : Système | Parent : 496(services.exe) | 7.19 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 7364 | [Owner : Mosheur | Parent : 7284(svchost.exe) | 19.98 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.17763.1) = C:\Windows\System32\ctfmon.exe [15/09/2018 09:28:45] CPU Usage:0 % 7524 | [Owner : Mosheur | Parent : 7492() | 168.69 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.17763.719) = C:\Windows\explorer.exe [11/09/2019 12:53:42] CPU Usage:0 % 7644 | [Owner : Mosheur | Parent : 4196(nvcontainer.exe) | 22.86 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.19.2693.9990) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [23/05/2018 20:45:29] CPU Usage:0 % 7660 | [Owner : Mosheur | Parent : 4196(nvcontainer.exe) | 32.18 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.19.2693.9990) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [23/05/2018 20:45:29] CPU Usage:0 % 7700 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 16.03 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 7744 | [Owner : Système | Parent : 4012(Corsair.Service.exe) | 39.48 Mo] - (.Corsair Memory, Inc. - Corsair.Service.CpuIdRemote.) - (3.15.0.4) = C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe [22/04/2019 19:47:50] CPU Usage:0 % 7756 | [Owner : Système | Parent : 7744(Corsair.Service.CpuIdRemote64.exe) | 4.87 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17763.404) = C:\Windows\System32\conhost.exe [25/04/2019 20:18:59] CPU Usage:0 % 8416 | [Owner : Système | Parent : 4012(Corsair.Service.exe) | 22.53 Mo] - (.Corsair Memory, Inc. - Corsair.Service.DisplayAdapter.) - (3.15.0.4) = C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe [22/04/2019 19:47:52] CPU Usage:0 % 8460 | [Owner : Système | Parent : 8416(Corsair.Service.DisplayAdapter.exe) | 6.32 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17763.404) = C:\Windows\System32\conhost.exe [25/04/2019 20:18:59] CPU Usage:0 % 8480 | [Owner : Mosheur | Parent : 8320() | 10.39 Mo] - (.Intel Corporation - igfxEM Module.) - (6.15.10.5063) = C:\Windows\System32\igfxEM.exe [01/11/2016 23:05:26] CPU Usage:0 % 8488 | [Owner : Mosheur | Parent : 496(services.exe) | 17.33 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 8340 | [Owner : Mosheur | Parent : 496(services.exe) | 32.9 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 9928 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 29.34 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 09:28:29] CPU Usage:0 % 10044 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 25.74 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 09:28:29] CPU Usage:0 % 10364 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 18.62 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.17763.615) = C:\Windows\System32\SettingSyncHost.exe [10/07/2019 12:16:48] CPU Usage:0 % 10420 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 16.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 10776 | [Owner : Système | Parent : 496(services.exe) | 29.92 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 10804 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 2.94 Mo] - (.-.) - (8.51.0.72) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe [16/08/2019 12:26:49] CPU Usage:0 % 11084 | [Owner : Système | Parent : 496(services.exe) | 11.17 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 11260 | [Owner : Mosheur | Parent : 4000(avp.exe) | 0.73 Mo] - (.AO Kaspersky Lab - Kaspersky Anti-Virus.) - (19.0.0.1088) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\avpui.exe [30/05/2018 12:53:54] CPU Usage:0 % 4324 | [Owner : Système | Parent : 7092() | 1.1 Mo] - (.Google LLC - Google Crash Handler.) - (1.3.34.11) = C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe [15/05/2019 07:59:30] CPU Usage:0 % 11408 | [Owner : Système | Parent : 7092() | 0.57 Mo] - (.Google LLC - Google Crash Handler.) - (1.3.34.11) = C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe [15/05/2019 07:59:30] CPU Usage:0 % 11552 | [Owner : Mosheur | Parent : 4196(nvcontainer.exe) | 10.49 Mo] - (.NVIDIA Corporation - NVIDIA ShadowPlay Helper.) - (3.20.0.118) = C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe [23/05/2018 20:45:40] CPU Usage:0 % 11612 | [Owner : Mosheur | Parent : 7644(nvcontainer.exe) | 43.66 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (73.3683.1933.1) = C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [23/05/2018 20:45:38] CPU Usage:0 % 11732 | [Owner : Système | Parent : 496(services.exe) | 9.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 11892 | [Owner : Mosheur | Parent : 11612(NVIDIA Share.exe) | 28.66 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (73.3683.1933.1) = C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [23/05/2018 20:45:38] CPU Usage:0 % 11984 | [Owner : Mosheur | Parent : 11964() | 41.96 Mo] - (.Node.js - NVIDIA Web Helper Service.) - (11.13.0.0) = C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [23/05/2018 20:45:33] CPU Usage:0 % 12004 | [Owner : Mosheur | Parent : 11984(NVIDIA Web Helper.exe) | 5.07 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17763.404) = C:\Windows\System32\conhost.exe [25/04/2019 20:18:59] CPU Usage:0 % 13032 | [Owner : Mosheur | Parent : 11612(NVIDIA Share.exe) | 50.96 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (73.3683.1933.1) = C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [23/05/2018 20:45:38] CPU Usage:0 % 10152 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 37.19 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.17763.529) = C:\Windows\System32\smartscreen.exe [31/05/2019 18:45:36] CPU Usage:0 % 9576 | [Owner : Mosheur | Parent : 7524(explorer.exe) | 8.45 Mo] - (.Microsoft Corporation - Windows Security notification icon.) - (10.0.17763.1) = C:\Windows\System32\SecurityHealthSystray.exe [15/09/2018 09:28:39] CPU Usage:0 % 12776 | [Owner : Système | Parent : 496(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.18.1807.16384) = C:\Windows\System32\SecurityHealthService.exe [14/08/2019 11:13:31] CPU Usage:0 % 13432 | [Owner : Mosheur | Parent : 7524(explorer.exe) | 11.38 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.657.0) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [10/08/2017 05:45:32] CPU Usage:0 % 13556 | [Owner : Mosheur | Parent : 7524(explorer.exe) | 71.1 Mo] - (.Valve Corporation - Steam Client Bootstrapper.) - (5.35.39.45) = D:\Program Files (x86)\Steam\Steam.exe [23/07/2016 01:36:30] CPU Usage:2 % 13704 | [Owner : Système | Parent : 496(services.exe) | 11.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 13772 | [Owner : Mosheur | Parent : 12464() | 57.6 Mo] - (.Microsoft Corporation - SkypeBridge.) - (8.51.0.72) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe [16/08/2019 12:26:49] CPU Usage:0 % 12232 | [Owner : DWM-1 | Parent : 1128(winlogon.exe) | 67.74 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.17763.1) = C:\Windows\System32\dwm.exe [15/09/2018 09:28:44] CPU Usage:0 % 6448 | [Owner : Mosheur | Parent : 4092(kpm_service.exe) | 81.47 Mo] - (.AO Kaspersky Lab - Kaspersky Password Manager.) - (9.0.2.1186) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe [08/02/2019 23:39:46] CPU Usage:0 % 13208 | [Owner : Mosheur | Parent : 7524(explorer.exe) | 48.12 Mo] - (.Microsoft Corporation - Microsoft OneDrive.) - (19.152.801.8) = C:\Users\Mosheur\AppData\Local\Microsoft\OneDrive\OneDrive.exe [25/04/2019 19:42:41] CPU Usage:0 % 5448 | [Owner : Mosheur | Parent : 13556(Steam.exe) | 43.21 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (5.35.39.45) = D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [29/08/2018 14:24:56] CPU Usage:0 % 14344 | [Owner : Système | Parent : 496(services.exe) | 11.35 Mo] - (.Valve Corporation - Steam Client Service.) - (5.35.39.45) = C:\Program Files (x86)\Common Files\Steam\SteamService.exe [31/08/2017 16:33:35] CPU Usage:0 % 14412 | [Owner : Mosheur | Parent : 5448(steamwebhelper.exe) | 11.26 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (5.35.39.45) = D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [29/08/2018 14:24:56] CPU Usage:0 % 14632 | [Owner : Mosheur | Parent : 5448(steamwebhelper.exe) | 37.12 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (5.35.39.45) = D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [29/08/2018 14:24:56] CPU Usage:0 % 15076 | [Owner : Mosheur | Parent : 7524(explorer.exe) | 69.42 Mo] - (.Electronic Arts - Origin.) - (10.5.47.29954) = F:\Origin\Origin.exe [28/05/2019 09:43:57] CPU Usage:0 % 15328 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 63.51 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.17763.719) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [11/09/2019 12:53:48] CPU Usage:0 % 2328 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 72.96 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.17763.719) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [11/09/2019 12:54:18] CPU Usage:0 % 9704 | [Owner : Mosheur | Parent : 7524(explorer.exe) | 64.88 Mo] - (.Telegram FZ-LLC - Telegram Desktop.) - (1.8.8.0) = C:\Users\Mosheur\Desktop\Telegram.exe [24/11/2018 09:02:31] CPU Usage:0 % 9956 | [Owner : Mosheur | Parent : 14784() | 50.7 Mo] - (.Corsair Memory, Inc. - iCUE.) - (3.15.101.0) = C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe [22/04/2019 20:19:30] CPU Usage:0 % 13428 | [Owner : Mosheur | Parent : 13976() | 6.33 Mo] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.221.11) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [04/07/2019 21:12:52] CPU Usage:0 % 12556 | [Owner : Mosheur | Parent : 9956(iCUE.exe) | 61.18 Mo] - (.Corsair Memory, Inc. - iCUE OSD Renderer.) - (3.15.101.0) = C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdLauncher.exe [22/04/2019 19:50:48] CPU Usage:0 % 10012 | [Owner : Mosheur | Parent : 12556(CorsairOsdLauncher.exe) | 10.54 Mo] - (.Corsair Memory, Inc. - iCUE OSD Helper.) - (3.15.101.0) = C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdHelper.exe [22/04/2019 19:50:24] CPU Usage:0 % 15236 | [Owner : Mosheur | Parent : 12556(CorsairOsdLauncher.exe) | 9.26 Mo] - (.Corsair Memory, Inc. - iCUE OSD Helper.) - (3.15.99.0) = C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdHelper.x64.exe [22/04/2019 19:47:02] CPU Usage:0 % 14904 | [Owner : Mosheur | Parent : 5448(steamwebhelper.exe) | 54.5 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (5.35.39.45) = D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [29/08/2018 14:24:56] CPU Usage:0 % 10060 | [Owner : Mosheur | Parent : 5448(steamwebhelper.exe) | 34.67 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (5.35.39.45) = D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [29/08/2018 14:24:56] CPU Usage:0 % 7360 | [Owner : Mosheur | Parent : 6056() | 28.96 Mo] - (.Intel Corporation - IAStorIcon.) - (14.8.16.1063) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [19/04/2017 19:59:52] CPU Usage:0 % 12984 | [Owner : Mosheur | Parent : 15076(Origin.exe) | 32.64 Mo] - (.-.) - (0.0.0.0) = F:\Origin\QtWebEngineProcess.exe [28/05/2019 09:43:58] CPU Usage:0 % 12760 | [Owner : Mosheur | Parent : 15076(Origin.exe) | 37.51 Mo] - (.-.) - (0.0.0.0) = F:\Origin\QtWebEngineProcess.exe [28/05/2019 09:43:58] CPU Usage:0 % 12840 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 97.1 Mo] - (.Microsoft Corporation - SkypeApp.) - (8.51.0.72) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe [16/08/2019 12:26:49] CPU Usage:0 % 11596 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 24.64 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 09:28:29] CPU Usage:0 % 11320 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 32.97 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.17763.1) = C:\Windows\System32\ApplicationFrameHost.exe [15/09/2018 09:28:39] CPU Usage:0 % 12900 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 0.36 Mo] - (.Microsoft Corporation - Store.) - (11909.1001.7.0) = C:\Program Files\WindowsApps\Microsoft.WindowsStore_11909.1001.7.0_x64__8wekyb3d8bbwe\WinStore.App.exe [30/08/2019 11:35:41] CPU Usage:0 % 11008 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 21.52 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 09:28:29] CPU Usage:0 % 4352 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 0.55 Mo] - (.-.) - (10.1906.53.0) = C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1906.53.0_x64__8wekyb3d8bbwe\Calculator.exe [06/08/2019 12:00:39] CPU Usage:0 % 4560 | [Owner : Système | Parent : 496(services.exe) | 32.13 Mo] - (.Intel Corporation - IAStorDataSvc.) - (14.8.16.1063) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19/04/2017 19:59:52] CPU Usage:0 % 10296 | [Owner : Système | Parent : 496(services.exe) | ?????] - (.Microsoft Corporation - Service Broker du moniteur d'exécution System Guard.) - (10.0.17763.404) = C:\Windows\System32\SgrmBroker.exe [25/04/2019 20:19:01] CPU Usage:0 % 9196 | [Owner : Système | Parent : 496(services.exe) | 21.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 5704 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 5460 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 0.46 Mo] - (.Microsoft Corporation - Microsoft Outlook.) - (16.0.11901.20180) = C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe\HxOutlook.exe [02/08/2019 10:14:40] CPU Usage:0 % 4672 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 18.17 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 09:28:29] CPU Usage:0 % 6096 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 0.51 Mo] - (.Microsoft Corporation - Microsoft Outlook Communications.) - (16.0.11901.20184) = C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe\HxTsr.exe [02/08/2019 10:14:40] CPU Usage:0 % 6456 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 0.31 Mo] - (.Microsoft Corporation - Microsoft Outlook Calendar.) - (16.0.11901.20180) = C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe [02/08/2019 10:14:40] CPU Usage:0 % 9184 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 0.08 Mo] - (.-.) - (2019.19061.18920.0) = C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe [02/09/2019 13:43:07] CPU Usage:0 % 7540 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 28.04 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 09:28:29] CPU Usage:0 % 2776 | [Owner : Système | Parent : 496(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 8892 | [Owner : Système | Parent : 496(services.exe) | 10.75 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 1732 | [Owner : Mosheur | Parent : 5480() | 3.12 Mo] - (.Microsoft Corporation - Interpréteur de commandes Windows.) - (10.0.17763.592) = C:\Windows\System32\cmd.exe [10/07/2019 12:16:47] CPU Usage:0 % 8100 | [Owner : Mosheur | Parent : 1732(cmd.exe) | 7.3 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17763.404) = C:\Windows\System32\conhost.exe [25/04/2019 20:18:59] CPU Usage:0 % 4856 | [Owner : Mosheur | Parent : 1732(cmd.exe) | 8.42 Mo] - (.Kaspersky Lab AO - Native Messaging Server for Kaspersky Password Manager browser extension.) - (9.0.2.767) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\plugin-nm-server.exe [08/02/2019 23:39:50] CPU Usage:0 % 11220 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 6.7 Mo] - (.AO Kaspersky Lab - Transport Proxy.) - (9.0.2.767) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\transport_proxy.exe [08/02/2019 23:39:42] CPU Usage:0 % 7100 | [Owner : SERVICE RÉSEAU | Parent : 1032(svchost.exe) | 8.34 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17763.1) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [15/09/2018 09:29:00] CPU Usage:0 % 12888 | [Owner : Mosheur | Parent : 2392() | 11.27 Mo] - (.Adobe Systems Incorporated - Adobe Collaboration Synchronizer 19.12.) - (19.12.20036.14839) = C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [31/07/2019 23:42:50] CPU Usage:0 % 1028 | [Owner : Mosheur | Parent : 12888(AdobeCollabSync.exe) | 18.84 Mo] - (.Adobe Systems Incorporated - Adobe Collaboration Synchronizer 19.12.) - (19.12.20036.14839) = C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [31/07/2019 23:42:50] CPU Usage:0 % 7824 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 0.82 Mo] - (.-.) - (0.0.0.0) = C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe [17/07/2019 17:02:52] CPU Usage:0 % 8424 | [Owner : Système | Parent : 496(services.exe) | 7.53 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 1668 | [Owner : Système | Parent : 496(services.exe) | 7.92 Mo] - (.AO Kaspersky Lab - Kaspersky Secure Connection.) - (19.0.0.1088) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [28/02/2018 23:37:30] CPU Usage:0 % 4332 | [Owner : Mosheur | Parent : 1668(ksde.exe) | 3.37 Mo] - (.AO Kaspersky Lab - Kaspersky Secure Connection.) - (19.0.0.1088) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe [21/05/2019 14:01:38] CPU Usage:0 % 7220 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 10.76 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 14788 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 41.26 Mo] - (.Microsoft Corporation - WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe.) - (10.0.17763.292) = C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe [12/03/2019 08:31:33] CPU Usage:0 % 536 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 19.8 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 09:28:29] CPU Usage:0 % 6480 | [Owner : SERVICE LOCAL | Parent : 496(services.exe) | 9.79 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 4972 | [Owner : Mosheur | Parent : 9960() | 28.81 Mo] - (.Piriform Ltd - CCleaner.) - (5.61.0.7392) = C:\Program Files\CCleaner\CCleaner64.exe [15/08/2019 13:29:58] CPU Usage:0 % 7348 | [Owner : Mosheur | Parent : 8528() | 3.12 Mo] - (.Microsoft Corporation - Interpréteur de commandes Windows.) - (10.0.17763.592) = C:\Windows\System32\cmd.exe [10/07/2019 12:16:47] CPU Usage:0 % 4588 | [Owner : Mosheur | Parent : 7348(cmd.exe) | 7.32 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17763.404) = C:\Windows\System32\conhost.exe [25/04/2019 20:18:59] CPU Usage:0 % 12472 | [Owner : Mosheur | Parent : 7348(cmd.exe) | 8.56 Mo] - (.Kaspersky Lab AO - Native Messaging Server for Kaspersky Password Manager browser extension.) - (9.0.2.767) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\plugin-nm-server.exe [08/02/2019 23:39:50] CPU Usage:0 % 7024 | [Owner : Mosheur | Parent : 15384() | 3.12 Mo] - (.Microsoft Corporation - Interpréteur de commandes Windows.) - (10.0.17763.592) = C:\Windows\System32\cmd.exe [10/07/2019 12:16:47] CPU Usage:0 % 15792 | [Owner : Mosheur | Parent : 7024(cmd.exe) | 7.35 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17763.404) = C:\Windows\System32\conhost.exe [25/04/2019 20:18:59] CPU Usage:0 % 10904 | [Owner : Mosheur | Parent : 7024(cmd.exe) | 8.69 Mo] - (.Kaspersky Lab AO - Native Messaging Server for Kaspersky Password Manager browser extension.) - (9.0.2.767) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\plugin-nm-server.exe [08/02/2019 23:39:50] CPU Usage:0 % 15464 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 19.25 Mo] - (.-.) - (1.19082.1006.0) = C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19082.1006.0_x64__8wekyb3d8bbwe\YourPhone.exe [17/09/2019 15:33:04] CPU Usage:0 % 6552 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 7.02 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 09:28:29] CPU Usage:0 % 11804 | [Owner : Mosheur | Parent : 8600() | 3.12 Mo] - (.Microsoft Corporation - Interpréteur de commandes Windows.) - (10.0.17763.592) = C:\Windows\System32\cmd.exe [10/07/2019 12:16:47] CPU Usage:0 % 16304 | [Owner : Mosheur | Parent : 11804(cmd.exe) | 7.3 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17763.404) = C:\Windows\System32\conhost.exe [25/04/2019 20:18:59] CPU Usage:0 % 14816 | [Owner : Mosheur | Parent : 11804(cmd.exe) | 8.65 Mo] - (.Kaspersky Lab AO - Native Messaging Server for Kaspersky Password Manager browser extension.) - (9.0.2.767) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\plugin-nm-server.exe [08/02/2019 23:39:50] CPU Usage:0 % 15652 | [Owner : Mosheur | Parent : 7752() | 267.99 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 1464 | [Owner : Mosheur | Parent : 15652(opera.exe) | 8.92 Mo] - (.Opera Software - Opera crash-reporter.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera_crashreporter.exe [17/09/2019 15:09:48] CPU Usage:0 % 6496 | [Owner : Mosheur | Parent : 15652(opera.exe) | 123.42 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 11560 | [Owner : Mosheur | Parent : 15652(opera.exe) | 21.21 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 4852 | [Owner : Mosheur | Parent : 15652(opera.exe) | 98.13 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 7236 | [Owner : Mosheur | Parent : 15652(opera.exe) | 86.96 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 16300 | [Owner : Mosheur | Parent : 15652(opera.exe) | 86.69 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 16708 | [Owner : Mosheur | Parent : 15652(opera.exe) | 163.14 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 3408 | [Owner : Mosheur | Parent : 15652(opera.exe) | 35.33 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 17304 | [Owner : Mosheur | Parent : 15652(opera.exe) | 51.48 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 11868 | [Owner : Mosheur | Parent : 15652(opera.exe) | 39.76 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 8456 | [Owner : Mosheur | Parent : 15652(opera.exe) | 30.41 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 16944 | [Owner : Mosheur | Parent : 15652(opera.exe) | 60.84 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 2628 | [Owner : Mosheur | Parent : 15652(opera.exe) | 38.54 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 12196 | [Owner : Mosheur | Parent : 15652(opera.exe) | 149.21 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 16888 | [Owner : Mosheur | Parent : 15652(opera.exe) | 41.82 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 14804 | [Owner : Mosheur | Parent : 15652(opera.exe) | 57.22 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 7208 | [Owner : Mosheur | Parent : 15652(opera.exe) | 99.33 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 9548 | [Owner : Mosheur | Parent : 15652(opera.exe) | 52.65 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 964 | [Owner : Mosheur | Parent : 15652(opera.exe) | 65.19 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 16356 | [Owner : Mosheur | Parent : 15652(opera.exe) | 66.26 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 652 | [Owner : Mosheur | Parent : 15652(opera.exe) | 62.13 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 12980 | [Owner : Mosheur | Parent : 15652(opera.exe) | 69.32 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 10272 | [Owner : Mosheur | Parent : 15652(opera.exe) | 89.95 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 16284 | [Owner : Système | Parent : 496(services.exe) | 9.07 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 6380 | [Owner : Mosheur | Parent : 15652(opera.exe) | 58.24 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 15932 | [Owner : Système | Parent : 496(services.exe) | 5.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 14084 | [Owner : Mosheur | Parent : 15652(opera.exe) | 65.58 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 17060 | [Owner : Mosheur | Parent : 15652(opera.exe) | 57.72 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 12824 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 11.12 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.17763.1) = C:\Windows\System32\dllhost.exe [15/09/2018 09:28:45] CPU Usage:0 % 16776 | [Owner : Mosheur | Parent : 7524(explorer.exe) | 180.13 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 10716 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 6.78 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 2236 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 8.36 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 1136 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 98.33 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 15780 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 28.12 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 3764 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 97.42 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 10472 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 55.26 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 6092 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 36.74 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 8500 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 31.64 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 17376 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 60.59 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 14360 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 41.18 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 12044 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 25.1 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 17208 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 30.6 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 2908 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 3.18 Mo] - (.Microsoft Corporation - Interpréteur de commandes Windows.) - (10.0.17763.592) = C:\Windows\System32\cmd.exe [10/07/2019 12:16:47] CPU Usage:0 % 8536 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 52.74 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 16336 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 30.23 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 17032 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 49.51 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 7404 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 26.71 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 7920 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 111.22 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:2 % 11496 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 23.68 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 8548 | [Owner : Mosheur | Parent : 2908(cmd.exe) | 7.72 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17763.404) = C:\Windows\System32\conhost.exe [25/04/2019 20:18:59] CPU Usage:0 % 2660 | [Owner : Mosheur | Parent : 2908(cmd.exe) | 16.1 Mo] - (.Kaspersky Lab AO - Native Messaging Server for Kaspersky Password Manager browser extension.) - (9.0.2.767) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\plugin-nm-server.exe [08/02/2019 23:39:50] CPU Usage:0 % 18260 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 125.48 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 18364 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 319.79 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:10 % 8116 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 120.72 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 17964 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 13.72 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 14752 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 146.54 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 17468 | [Owner : Mosheur | Parent : 16776(chrome.exe) | 21.86 Mo] - (.Google LLC - Google Chrome.) - (76.0.3809.132) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [17/01/2019 18:59:12] CPU Usage:0 % 17280 | [Owner : Mosheur | Parent : 1032(svchost.exe) | 15.93 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.17763.1) = C:\Windows\System32\dllhost.exe [15/09/2018 09:28:45] CPU Usage:0 % 1356 | [Owner : Mosheur | Parent : 15652(opera.exe) | 174.44 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 17540 | [Owner : Mosheur | Parent : 15652(opera.exe) | 89.05 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 14168 | [Owner : Mosheur | Parent : 15652(opera.exe) | 72.51 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 10156 | [Owner : Système | Parent : 496(services.exe) | 6.68 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 15632 | [Owner : Mosheur | Parent : 15652(opera.exe) | 27.84 Mo] - (.Opera Software - Opera Internet Browser.) - (63.0.3368.88) = C:\Users\Mosheur\AppData\Local\Programs\Opera\63.0.3368.88\opera.exe [17/09/2019 15:09:48] CPU Usage:0 % 17088 | [Owner : Système | Parent : 4492(SearchIndexer.exe) | 12.59 Mo] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.17763.652) = C:\Windows\System32\SearchProtocolHost.exe [14/08/2019 11:13:32] CPU Usage:0 % 5136 | [Owner : Système | Parent : 496(services.exe) | 11.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 09:28:45] CPU Usage:0 % 12164 | [Owner : SERVICE LOCAL | Parent : 3424(svchost.exe) | 14.76 Mo] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.17763.737) = C:\Windows\System32\audiodg.exe [11/09/2019 12:53:41] CPU Usage:0 % 5052 | [Owner : Mosheur | Parent : 7524(explorer.exe) | 60.24 Mo] - (.SosVirus - QuickDiag.) - (10.9.19.1) = C:\Users\Mosheur\Desktop\QuickDiag.exe [18/09/2019 19:48:43] CPU Usage:0 % 12780 | [Owner : SERVICE RÉSEAU | Parent : 1032(svchost.exe) | 10.8 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17763.1) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [15/09/2018 09:29:00] CPU Usage:0 % ---------- | Locked Applications ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\Windows\System32\InputHost.dll (.Google.-.Google Drive shell extension.) - (3.45.5545.5747) -- C:\Program Files\Google\Drive\googledrivesync64.dll (.NVIDIA Corporation.-.NVIDIA Driver Loader, Version 436.30.) - (26.21.14.3630) -- C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830a0263f2ee97ce\nvldumdx.dll (.NVIDIA Corporation.-.NVIDIA D3D10 Driver, Version 436.30.) - (26.21.14.3630) -- C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830a0263f2ee97ce\nvwgf2umx_cfg.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellExperiences\TileControl.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellComponents\TaskFlowUI.dll (.Corsair Memory, Inc..-.iCUE OSD Helper Library.) - (3.15.99.0) -- C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdHook.x64.dll (.AO Kaspersky Lab.-.Shell Extension.) - (19.0.0.1310) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\x64\ShellEx.dll (.AO Kaspersky Lab.-.Helper Library.) - (20.0.543.426) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\x64\remote_eka_prague_loader.dll (.AO Kaspersky Lab.-.PR_REMOTE.) - (20.0.543.426) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\x64\prremote.dll (.AO Kaspersky Lab.-.Kaspersky Product Info library.) - (19.0.0.1239) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\x64\product_info.dll (.AO Kaspersky Lab.-.Product Metainformation.) - (19.0.0.1390) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\x64\product_metainfo.dll (.AO Kaspersky Lab.-.Component service provider.) - (1.10.0.0) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\x64\kl_service.dll (.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 436.30.) - (26.21.14.3630) -- C:\WINDOWS\SYSTEM32\nvapi64.dll (.NVIDIA Corporation.-.NVIDIA Display Shell Extension.) - (1.2.0.1) -- C:\WINDOWS\system32\nvshext.dll (.Intel Corporation.-.igfxDTCM Module.) - (6.15.10.5063) -- C:\WINDOWS\system32\igfxDTCM.dll (.Alexander Roshal.-.WinRAR shell extension.) - (5.70.0.0) -- C:\Program Files\WinRAR\rarext.dll (..-..) - (0.0.0.0) -- C:\PROGRA~2\PrivaZer\PRIVAM~1.DLL (.Google.-.Google Drive shell extension.) - (3.45.5545.5747) -- C:\Program Files\Google\Drive\contextmenu64.dll (..-.ShellHandler for Notepad++ (64 bit).) - (0.1.0.0) -- F:\Program Files (x86)\Notepad++\NppShell_06.dll (.NVIDIA Corporation.-.NVIDIA Shell Extensions.) - (6.14.14.3630) -- C:\WINDOWS\system32\nv3dappshext.dll (.Sony DADC Austria AG..-.SecuROM Context-Menu for Explorer..) - (1.1.221.0) -- c:\windows\SysWOW64\cmdlineext_x64.dll ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) ---------- | svchost.exe Modules (Microsoft Files Whitelisted) (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.23.2.0) -- c:\windows\system32\winsqlite3.dll (.Corsair Memory, Inc..-.iCUE OSD Helper Library.) - (3.15.99.0) -- C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdHook.x64.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU Telegram - (Telegram.lnk [Startup]) - User: MOSHEUR\Mosheur Steam - ("D:\Program Files (x86)\Steam\steam.exe" -silent [HKU\S-1-5-21-2673370752-163226256-3562748738-1000\SOFTWARE\...\Run]) - User: MOSHEUR\Mosheur CCleaner Smart Cleaning - ("C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-2673370752-163226256-3562748738-1000\SOFTWARE\...\Run]) - User: MOSHEUR\Mosheur AF7756D76B13EB73A5D2E3BAD524FB8AAC15CFCF._service_run - ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service /prefetch:8 [HKU\S-1-5-21-2673370752-163226256-3562748738-1000\SOFTWARE\...\Run]) - User: MOSHEUR\Mosheur kpm.exe - ("C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe" autoStart [HKU\S-1-5-21-2673370752-163226256-3562748738-1000\SOFTWARE\...\Run]) - User: MOSHEUR\Mosheur EPLTarget\P0000000000000001 - (C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIVCE.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-255 257 Series" [HKU\S-1-5-21-2673370752-163226256-3562748738-1000\SOFTWARE\...\Run]) - User: MOSHEUR\Mosheur OneDrive - ("C:\Users\Mosheur\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-2673370752-163226256-3562748738-1000\SOFTWARE\...\Run]) - User: MOSHEUR\Mosheur EADM - ("F:\Origin\Origin.exe" -AutoStart [HKU\S-1-5-21-2673370752-163226256-3562748738-1000\SOFTWARE\...\Run]) - User: MOSHEUR\Mosheur EPLTarget\P0000000000000000 - (C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIVCE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-255 257 Series" [HKU\S-1-5-21-2673370752-163226256-3562748738-1000\SOFTWARE\...\Run]) - User: MOSHEUR\Mosheur Ubisoft Game Launcher - ("F:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe" -uplay_silent [HKU\S-1-5-21-2673370752-163226256-3562748738-1000\SOFTWARE\...\Run]) - User: MOSHEUR\Mosheur SecurityHealth - (%windir%\system32\SecurityHealthSystray.exe [HKLM\SOFTWARE\...\Run]) - User: Public IAStorIcon - ("C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [HKLM\SOFTWARE\...\Run]) - User: Public RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s [HKLM\SOFTWARE\...\Run]) - User: Public [HKLM\Software\Microsoft\Command Processor] "DefaultColor"=0 "EnableExtensions"=1 "CompletionChar"=64 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=%windir%\system32\SecurityHealthSystray.exe "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "SecurityHealth"=0x060000000000000000000000 "IAStorIcon"=0x020000000000000000000000 "RTHDVCPL"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "EEventManager"=0x03000000D55C3B2C51FCD401 "CORSAIR iCUE Software"=0x020000000000000000000000 "USB3MON"=0x020000000000000000000000 "SunJavaUpdateSched"=0x020000000000000000000000 "LWS"=0x03000000B6CE55D281FED401 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"=C:\Windows\system32\nvinitx.dll "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=1 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D521CEAB49C89D [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe" "LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide "CORSAIR iCUE Software"="C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe" --autorun "EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "KeePass 2 PreLoad"="C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List Adobe Acrobat Update Task Adobe Flash Player NPAPI Notifier Adobe Flash Player PPAPI Notifier Adobe Flash Player Updater CCleaner Update CCleanerSkipUAC EPSON XP-255 257 Series Update {4C4C71C1-8C1F-4573-82C1-A6C8623A56F7} EPSON XP-255 257 Series Update {6C6184F3-FC8C-417C-A33C-6221471D08A0} EPSON XP-255 257 Series Update {AA4AD284-329A-40BC-B080-F70933DA229E} EPSON XP-255 257 Series Update {B9138B0D-4637-4284-9035-B0BE281817CF} GarminUpdaterTask GoogleUpdateTaskMachineCore GoogleUpdateTaskMachineUA NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} OneDrive Standalone Update Task-S-1-5-21-2673370752-163226256-3562748738-1000 Opera scheduled Autoupdate 1543934761 PrivaZer_SkipUAC {046A7683-A8D2-4BA1-A840-4551A1A2728C} {0935B356-400C-4433-BE98-533ADBCEAE24} {0C8D92CF-FCDE-4F76-8DD5-167A72CC9335} {0EBF5027-FA63-4FED-8432-04B4D4BDA2B2} {193B7F9E-8125-48FF-AD2B-E22EB1F97DD5} {2EBF33E4-D2BA-4BF4-9C2E-E4E69E64BD9C} {32724301-C210-4090-A09B-8C7B9F530559} {35CCE60E-9D6B-4A09-922B-31F56A22DF1C} {3895AAED-AA40-45A8-B3BC-E22C005C159F} {3F032F11-24C7-4893-AF0F-6F674B2E7455} {4370A0CA-C033-4C7D-BD5F-FF27860BC0D0} {4AEB6F76-01A7-4D83-9EBA-7A141648B9F3} {4E0A311B-2079-4D24-B6A3-BDB2371F30C3} {534AF700-0ACC-4D26-B04D-49A063FB936C} {62947ECB-A822-45DE-86FC-78D77B1B1ED1} {68BB7F58-44CB-4767-8B38-4D3C5C4DFBA7} {6943E509-FB3A-4B21-900A-CABB114DD64F} {728B5AAF-573A-40AC-91EB-AA856F8E98E3} {74517E31-0119-435A-91C7-54CF1ED590AB} {8187B8A4-D390-4B34-8F3B-A0A9261F3D64} {81E28C97-12F1-47F2-A8C6-D155C61DC4F2} {82A8A879-2431-45C2-B615-A34344F5E082} {8F4626D9-2BB5-4AAA-9FB2-0188210E05B6} {A201980C-0F39-4DAA-8CB7-B9C2FD08F312} {A2B8B39A-38FF-4B05-AA34-6B76D36E0430} {A3DFA161-07B0-4047-82BD-331F88EFC5E0} {B4766559-724F-457D-9E36-0D8942475FED} {BB2696AA-56D8-4948-9C7F-722FB181D267} {C8A26AC2-E783-4849-9324-63867602DA88} {C8AB2370-65B9-48F5-ADF2-E405C90E5A43} {CE172C37-AB47-4D04-9BAB-B29619A5B330} {CEA95AEA-65D7-4806-A593-D79BF4EAB019} {DD287CA5-36EE-429B-8F75-7C0908E34DD9} {DD63EB32-22C9-4735-9643-C7F293AB8F8C} {E12000AF-4DE5-48AE-A5BE-1378A631A1E5} {EDC56B31-23B0-4274-BC41-DD10A66FEC49} {F11A9475-F16D-4438-9154-7FF6F4EECECC} {F1B025BB-BEA2-4B93-8D20-D42BC90FD9EA} {FF1C9817-8D62-4463-9D2D-E017F4A4EFAF} {FF1D0627-78F3-4E61-9F8B-7C48709D6F8B} ---------- | Startings up registry ¦ Folder [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EEventManager] : "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EPLTarget] : [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LWS] : C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Start WingMan Profiler] : C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=DeviceInstall UsoSvc gpsvc trustedinstaller "SvcHostSplitThresholdInKB"=3670016 "WaitToKillServiceTimeout"=2000 "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=7 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=scecli "Authentication Packages"=msv1_0 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "LsaPid"=604 "ProductType"=3 "restrictanonymous"=0 "restrictanonymoussam"=1 "SecureBoot"=1 "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u livessp [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "GlobalFlag2"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "AutoChkSkipSystemPartition"=0 "ResourceTimeoutCount"=648000 [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=0fd15981-c42c-444d-92db-0827e0b "GlassSessionId"=1 ---------- | .LNK with Arguments ---------- | AppCertDlls ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 "NoDriveTypeAutoRun"=20 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=28 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 "NoDriveTypeAutoRun"=20 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=43 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DefaultDomainName"= "DefaultUserName"= "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "scremoveoption"=0 "LastLogOffEndTimePerfCounter"=321430720491 "ShutdownFlags"=2147484331 "Userinit"=C:\Windows\system32\userinit.exe, "ShutdownWithoutLogon"=0 "DisableCad"=1 "EnableFirstLogonAnimation"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Firefox-E7CF176E110C211B\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\Firefox-E7CF176E110C211B\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [10/07/2019 12:17:29] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-E7CF176E110C211B\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-E7CF176E110C211B\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [10/07/2019 12:17:29] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=132006870498240406 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=windowsdefender:// "ProductType"=2 "InstallTime"=0xCEA7939F8CFBD401 "InstallLocation"=C:\Program Files\Windows Defender\ "OOBEInstallTime"=0xF5FA5CA88CFBD401 "ProductStatus"=0 "DisableAntiSpyware"=1 "DisableAntiVirus"=1 "LastEnabledTime"=0x75CFDD2DC667D501 "ManagedDefenderProductType"=0 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) ---------- | Hosts # Fichier Hosts créé par RstHosts 127.0.0.1 localhost ::1 localhost # unchecky_begin # These rules were added by the Unchecky program in order to block advertising software modules 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 rp.yefeneri2.com 0.0.0.0 os.yefeneri2.com 0.0.0.0 os2.yefeneri2.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com [47] More lines ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [216.58.204.110] avec 32 octets de donn?es?: R?ponse de 216.58.204.110?: octets=32 temps=3 ms TTL=54 R?ponse de 216.58.204.110?: octets=32 temps=6 ms TTL=54 R?ponse de 216.58.204.110?: octets=32 temps=5 ms TTL=54 R?ponse de 216.58.204.110?: octets=32 temps=3 ms TTL=54 Statistiques Ping pour 216.58.204.110: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 3ms, Maximum = 6ms, Moyenne = 4ms ---------- | @ [HKLM\Software\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Default_Search_URL"=http://www.google.fr/ "Default_Page_URL"=http://www.google.fr/ "Start Page"=http://www.google.fr/ "Search Page"=http://www.google.fr/?q={searchTerms} [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings] "CallLegacyWCMPolicies"=0 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\CurrentVersion\Internet Settings] "CallLegacyWCMPolicies"=0 ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ GoogleDriveBlacklisted] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} -- C:\Program Files\Google\Drive\googledrivesync64.dll [27/06/2019 12:58:16] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ GoogleDriveSynced] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} -- C:\Program Files\Google\Drive\googledrivesync64.dll [27/06/2019 12:58:16] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ GoogleDriveSyncing] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} -- C:\Program Files\Google\Drive\googledrivesync64.dll [27/06/2019 12:58:16] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [15/09/2018 09:28:50] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- ---------- | Toolbar [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{9421DD08-935F-4701-A9CA-22DF90AC4EA6}"=EPTBL "{C500C267-63BF-451F-8797-4D720C9A2ED9}"= [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{C500C267-63BF-451F-8797-4D720C9A2ED9}"= "{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}"=E-Web Print [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{40AE684B-A1EA-4FF4-8E05-5BCADC4D4DB2}] : () - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{40AE684B-A1EA-4FF4-8E05-5BCADC4D4DB2}] : () - [] ---------- | SearchScopes [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EC1E29BB-F56A-45D8-B023-D3EF710FA0E0}] -> (Kaspersky Protection) : C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\IEExt\ie_plugin.dll [30/05/2018 12:53:54] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F710F7E5-A520-471D-989C-F653AC328FB2}] -> (Kaspersky Password Manager) : C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\ie_engine.dll [08/02/2019 23:39:48] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}] -> (E-Web Print) : C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [27/11/2014 11:38:00] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [22/07/2019 10:10:33] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [22/07/2019 10:10:33] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EC1E29BB-F56A-45D8-B023-D3EF710FA0E0}] -> (Kaspersky Protection) : C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\IEExt\ie_plugin.dll [30/05/2018 12:53:54] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F710F7E5-A520-471D-989C-F653AC328FB2}] -> (Kaspersky Password Manager) : C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\ie_engine.dll [08/02/2019 23:39:48] ---------- | Chrome C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\amkpcclbbgegoafihnpgomddadjhcadd = : __MSG_ExtensionDescription__ - __MSG_ExtensionName__ - permissions:[nativeMessagingmanagementcookieswebRequest\u003Call_urls>webRequestBlockingstorage] - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\apfgogkjjjedakfeibebkfmlbmagifci = : Le guide de la télévision de rattrapage - http://www.tv-replay.fr/ - Tv-replay - [http://www.tv-replay.fr/] - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\bhmmomiinigofkjcapegjjndpbikblnp = : Google & co - short_name: Web of Trust - http://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\bpgpffljkgjmijjdmjbdppndoojdgboe = : This extension gives you access to all secret emoticons in Facebook coments and posts. - Mogicons - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\cbhfnngmnophinhnggknkmfjapkpppae = : Trouvez ce que les médias populaires cachent - RT en Français - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\cfhdojbkjhnklbpkdaibdccddilifddb = : __MSG_description__ - short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstorageunlimitedStoragenotifications] - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\dhnkblpjbkfklfloegejegedcafpliaa = : __MSG_extension_description__ - __MSG_extension_name__ - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\dmgjckeibmdfndlflobjhddhmemajjld = : __MSG_description__ - short_name: __MSG_short_name__ - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\eedlgdlajadkbbjoobobefphmfkcchfk = : __MSG_store_shortdesc_new__ - __MSG_store_title_new__ - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\efaidnbmnnnibpcajpcglclefindmkaj = : __MSG_web2pdfExtnDescription__ - __MSG_web2pdfExtnName__ - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc = : Best Video Downloader Extension. Downloads most popular media types from ANY website. - short_name: Video Downloader PLUS - permissions:[tabs\u003Call_urls>webRequesthttp://*/*https://*/*cookieswebRequestBlockingunlimitedStoragestoragemanagementdownloadswebNavigation] - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\fihnjjcciajhdojfnbdddfaoknhalnja = : short_name: __MSG_extensionDescription__ - __MSG_extensionName__ - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\fllaojicojecljbmefodhfapmkghcbnh = : __MSG_gaoptout_description__ - __MSG_gaoptout_name__ - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\hdokiejnpimakedhajhdlcegeplioahd = : Google & co - version_name: 4.33.0 - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\hflefjhkfeiaignkclmphmokmmbhbhik = : __MSG_description__ - short_name: __MSG_short_name__ - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\hkdlcejbjnnmjgajjjfenejacioiimpp = : Great collection of emoticons and stickers that you can use in Facebook status comments and chat. - https://www.mogicons.com/?utm_source=chrome&utm_medium=application&utm_campaign=emoticons - Mogicons.com - [https://www.mogicons.com/?utm_source=chrome&utm_medium=application&utm_campaign=emoticons] - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\imkpamgpfalmdaikobnkefcmmkpgljjd = : Remove popup ads on The Pirate Bay. - short_name: APB - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\mlomiejdfkolichcflejclcbmpeaniij = : __MSG_short_description__ - version_name: 8.4.2 - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\oiiohfpnbijbgdidjfcpcljcfbmkaooi = : __MSG_slogan__ - short_name: StopFlash - matches:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\oofnbdifeelbaidfgpikinijekkjcicg = : __MSG_description__ - short_name: __MSG_short_name__ - permissions:[contextMenusprivacystoragetabsunlimitedStoragewebNavigationwebRequestwebRequestBlocking\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\pgjjikdiikihdfpoppgaidccahalehjh = : __MSG_extDescription__ - short_name: Speedtest - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail - Google & co - [*://mail.google.com/mail] - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Mosheur\AppData\Local\Google\Chrome\User Data\Default\extensions\ppejmaapfaehlikmnkbmlhbmhniacpon = : __MSG_extension_description__ - short_name: AbpForYt - matches:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx [HKLM\Software\Google\Chrome\Extensions\amkpcclbbgegoafihnpgomddadjhcadd] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\amkpcclbbgegoafihnpgomddadjhcadd] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj] ---------- | Opera C:\Users\Mosheur\AppData\Roaming\Opera Software\Opera Stable\extensions\bbkekonodcdmedgffkkbgmnnekbainbg = : __MSG_short_description__ - version_name: 8.4.2 - https://extension-updates.opera.com/api/omaha/update/ C:\Users\Mosheur\AppData\Roaming\Opera Software\Opera Stable\extensions\eeokceolphhfjdfcibaiiopmekmcbedp = : Google & co - short_name: Web of Trust - https://extension-updates.opera.com/api/omaha/update/ C:\Users\Mosheur\AppData\Roaming\Opera Software\Opera Stable\extensions\glaedmooikiamindhmfcfccncmmdagge = : __MSG_extDescription__ - short_name: ImTranslator - matches:[\u003Call_urls>] - https://extension-updates.opera.com/api/omaha/update/ C:\Users\Mosheur\AppData\Roaming\Opera Software\Opera Stable\extensions\hnjalnkldgigidggphhmacmimbdlafdo = : Google & co - version_name: 4.33.0 - https://extension-updates.opera.com/api/omaha/update/ C:\Users\Mosheur\AppData\Roaming\Opera Software\Opera Stable\extensions\mchdgimobfnilobnllpdnompfjkkfdmi = : __MSG_extDescription__ - short_name: __MSG_extName__ - matches:[\u003Call_urls>] - https://extension-updates.opera.com/api/omaha/update/ C:\Users\Mosheur\AppData\Roaming\Opera Software\Opera Stable\extensions\oidhhegpmlfpoeialbgcdocjalghfpkp = : __MSG_description__ - short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstorageunlimitedStoragenotifications] - https://extension-updates.opera.com/api/omaha/update/ ---------- | Firefox [HKLM\Software\mozilla\Firefox\Extensions] "light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi "e-webprint@epson.com"=C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 32.0.0.255 Plugin) : C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 32.0.0.255 Plugin) : C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4] - (ESN Sonar browser plugin) : C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0] - () : C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.221.2] - (Java™ Deployment Toolkit) : C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.221.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6] - (VLC Multimedia Plugin) : D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.4] - (VLC Multimedia Plugin) : D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.6] - (VLC Multimedia Plugin) : D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1] - (VLC Multimedia Plugin) : D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.8] - (VLC Multimedia Plugin) : D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll C:\Users\Mosheur\AppData\Roaming\Mozilla\Firefox\Profiles\m8dk7t3g.default\Prefs.js user_pref("app.normandy.startupRolloutPrefs.extensions.fxmonitor.enabled", true); user_pref("browser.startup.homepage_override.buildID", "20190827005903"); user_pref("browser.startup.homepage_override.mstone", "69.0"); user_pref("devtools.webextensions.{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.enabled", true); user_pref("extensions.activeThemeID", "default-theme@mozilla.org"); user_pref("extensions.blocklist.lastModified", "Fri, 13 Sep 2019 11:31:13 GMT"); user_pref("extensions.blocklist.pingCountTotal", 10); user_pref("extensions.blocklist.pingCountVersion", 2); user_pref("extensions.bootstrappedAddons", "{\"kpm_win_add_on_9.0@kaspersky\":{\"version\":\"*\",\"type\":\"webextension\",\"multiprocessCompatible\":true}}"); user_pref("extensions.databaseSchema", 31); user_pref("extensions.getAddons.cache.lastUpdate", 1568716948); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.incognito.migrated", true); user_pref("extensions.lastAppBuildId", "20190813150448"); user_pref("extensions.lastAppVersion", "69.0"); user_pref("extensions.lastPlatformVersion", "69.0"); user_pref("extensions.pendingOperations", false); user_pref("extensions.privatebrowsing.notification", true); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}"); user_pref("extensions.ui.dictionary.hidden", true); user_pref("extensions.ui.lastCategory", "addons://legacy/"); user_pref("extensions.ui.locale.hidden", true); user_pref("extensions.webcompat.perform_injections", true); user_pref("extensions.webcompat.perform_ua_overrides", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.firefox@ghostery.com", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.jid1-q4sG8pYhq8KGHs@jetpack", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.screenshots@mozilla.org", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.support@lastpass.com", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}", true); user_pref("extensions.webextensions.uuids", "{\"light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com\":\"8b624195-4b03-40c2-8af7-722e0d5d5076\",\"screenshots@mozilla.org\":\"efaaaee1-7b7e-4893-b785-b93e867e9c6d\",\"kpm_win_add_on_9.0@kaspersky\":\"45426fe4-b346-4fa4-9c4a-b7b4229e4a37\",\"formautofill@mozilla.org\":\"173a5963-ad7d-4b58-be6e-5423486822e6\",\"webcompat@mozilla.org\":\"a76789bb-e4e7-46c4-b439-74deae0cda1a\",\"webcompat-reporter@mozilla.org\":\"9322d0f3-a529-4815-a527-cb857a81f3c8\",\"fxmonitor@mozilla.org\":\"128f7b1d-1df9-4a64-839d-bdcb1750259f\",\"firefox@ghostery.com\":\"b3ed8769-5c55-408c-b364-471b2f41c09f\",\"support@lastpass.com\":\"9b9afa9d-77ed-40c5-a54d-8eaac6abafc7\",\"{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}\":\"2a8bdb68-4c7d-45f4-908f-eb86daf3bca3\",\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":\"32567533-157f-4990-abf3-ef7d530f7978\",\"jid1-q4sG8pYhq8KGHs@jetpack\":\"56f9a035-c67e-4ab4-a659-eccb49cc31a0\",\"baidu-code-update@mozillaonline.com\":\"a8c54523-2f73-40c4-9578-fc3672c90d2d\",\"translator@zoli.bod\":\"9da68d58-39d2-4e7b-ae30-db7d358d9864\",\"{446900e4-71c2-419f-a6a7-df9c091e268b}\":\"c191676d-6783-4190-958b-8efb527bed47\",\"default-theme@mozilla.org\":\"91e080f7-1d96-41ee-af3c-c0a54a3a06df\",\"google@search.mozilla.org\":\"d97dc699-c9bd-4051-a4c1-c7877c0f3c21\",\"bing@search.mozilla.org\":\"ab737fdb-0e64-4a89-b05a-4f4e855788a4\",\"amazon@search.mozilla.org\":\"72f12f5c-5fbb-402d-804e-be2af9db5ca6\",\"ddg@search.mozilla.org\":\"21336d62-e98f-42b9-aac9-6d446f7ede9b\",\"ebay@search.mozilla.org\":\"ac828199-1324-4894-b0de-6949a7601dc5\",\"qwant@search.mozilla.org\":\"5c1095b0-b195-4ed3-b1cb-16ed37745133\",\"wikipedia@search.mozilla.org\":\"d8abe358-c01f-4bd3-b80e-8060e15714af\"}"); user_pref("services.sync.extension-storage.lastSync", "0"); [Profile0] - Name=default -> Profiles/m8dk7t3g.default ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.254 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{91851A70-1381-488D-A542-7CA77858775C}] "DhcpNameServer"=192.168.1.1 192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{ebd1e221-0b8a-48e1-ad85-cf70f0a9f192}] "NameServer"=8.8.8.8,8.8.4.4 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{F5ACE1C0-9276-4A4B-A29C-2AC5A758600D}] "DhcpNameServer"=192.168.1.254 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{91851A70-1381-488D-A542-7CA77858775C}] "DhcpNameServer"=192.168.1.1 192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{ebd1e221-0b8a-48e1-ad85-cf70f0a9f192}] "NameServer"=8.8.8.8,8.8.4.4 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{F5ACE1C0-9276-4A4B-A29C-2AC5A758600D}] "DhcpNameServer"=192.168.1.254 ---------- | Applications [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DcomLaunch SystemEventsBroker DeviceInstall "rdxgroup"=RetailDemo "Camera"=FrameS "LocalServiceNoNetworkFirewall"=BFE mpssvc "diagnostics"=DiagSvc "PrintWorkflow"=PrintWorkflowUserSvc "wusvcs"=WaaSMedicSvc "BcastDVRUserService"=BcastDVRUserService "GraphicsPerfSvcGroup"=GraphicsPerfSvc "ClipboardSvcGroup"=cbdhsvc "BthAppGroup"=BluetoothUserService "smbsvcs"=lanmanserver "DevicesFlow"=DevicesFlowUserSvc ConsentUxUserSvc DevicePickerUserSvc "iissvcs"=w3svc was [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=DcomLaunch DeviceInstall "PrintWorkflow"=PrintWorkflowUserSvc "smbsvcs"=lanmanserver "iissvcs"=w3svc was ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKLM\Software\AGEIA Technologies] [HKLM\Software\Apple Inc.] [HKLM\Software\ATI Technologies] [HKLM\Software\Clients] [HKLM\Software\Corsair] [HKLM\Software\cybelsoft] [HKLM\Software\DefaultUserEnvironment] [HKLM\Software\Dolby] [HKLM\Software\DTS] [HKLM\Software\EA Games] [HKLM\Software\EPSON] [HKLM\Software\EpsonNet] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\Intel] [HKLM\Software\JreMetrics] [HKLM\Software\KasperskyLab] [HKLM\Software\Khronos] [HKLM\Software\Knowles] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\mozilla.org] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nahimic] [HKLM\Software\Nuance] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Oracle] [HKLM\Software\Partner] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RT 7 Lite] [HKLM\Software\RTLSetup] [HKLM\Software\Software] [HKLM\Software\Sonic] [HKLM\Software\SRS Labs] [HKLM\Software\sysinternals] [HKLM\Software\TeamSpeak 3 Client] [HKLM\Software\WinRAR] [HKLM\Software\Wondershare] [HKLM\Software\WOW6432Node] [HKLM\Software\Yamaha APO] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\Dwm] [HKLM\Software\Microsoft\Windows\DynamicManagement] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\Heat] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\PrivacySettingsBeforeCreatorsUpdate] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\UpdateApi] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\apphost] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BcastDVRUserService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\btagservice] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BthAppGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ClipboardSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\iissvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] [HKLM\Software\WOW6432Node\activision] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\Corsair] [HKLM\Software\WOW6432Node\DownloadCenter] [HKLM\Software\WOW6432Node\ea games] [HKLM\Software\WOW6432Node\EasyAntiCheat] [HKLM\Software\WOW6432Node\Electronic Arts] [HKLM\Software\WOW6432Node\EPSON] [HKLM\Software\WOW6432Node\EpsonNet] [HKLM\Software\WOW6432Node\ESN Launcher] [HKLM\Software\WOW6432Node\ESN Sonar-0.70.4] [HKLM\Software\WOW6432Node\Garmin] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\KasperskyLab] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\logishrd] [HKLM\Software\WOW6432Node\Logitech] [HKLM\Software\WOW6432Node\LogMeInInc] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\MAGIX] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Notepad++] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OpenOffice] [HKLM\Software\WOW6432Node\Oracle] [HKLM\Software\WOW6432Node\Origin] [HKLM\Software\WOW6432Node\Origin Games] [HKLM\Software\WOW6432Node\Piriform] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\rebellion] [HKLM\Software\WOW6432Node\SEIKO EPSON Corp.] [HKLM\Software\WOW6432Node\Sensible Vision] [HKLM\Software\WOW6432Node\Skype] [HKLM\Software\WOW6432Node\techland] [HKLM\Software\WOW6432Node\Ubisoft] [HKLM\Software\WOW6432Node\Unchecky] [HKLM\Software\WOW6432Node\Valve] [HKLM\Software\WOW6432Node\VideoLAN] [HKLM\Software\WOW6432Node\WafCX] [HKLM\Software\WOW6432Node\Wondershare] [HKLM\Software\WOW6432Node\WOW6432Node] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Even Balance] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\Heat] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\UpdateApi] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\iissvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] ---------- | Drives D: [02/12/2006 00:37:14] - |A| - (.© Microsoft Corporation. - Microsoft® Debug Information Accessor.) - [904704] - (8.0.50727.762) - D:\msdia80.dll F: [07/11/2007 08:03:18] - |A| - (.(C) Microsoft Corporation. - UI Wrapper Resource DLL.) - [76304] - (9.0.21022.8) - F:\install.res.1028.dll [07/11/2007 08:03:18] - |A| - (.© Microsoft Corporation. Alle Rechte vorbehalten. - Ressourcen-DLL für UI-Wrapper.) - [96272] - (9.0.21022.8) - F:\install.res.1031.dll [07/11/2007 08:03:18] - |A| - (.© Microsoft Corporation. - UI Wrapper Resource DLL.) - [91152] - (9.0.21022.8) - F:\install.res.1033.dll [07/11/2007 08:03:18] - |A| - (.© Microsoft Corporation. Tous droits réservés. - UI Wrapper Resource DLL.) - [97296] - (9.0.21022.8) - F:\install.res.1036.dll [07/11/2007 08:03:18] - |A| - (.© Microsoft Corporation. Tutti i diritti riservati. - DLL di risorse del wrapper dell'interfaccia utente.) - [95248] - (9.0.21022.8) - F:\install.res.1040.dll [07/11/2007 08:03:18] - |A| - (.(C) Copyright Microsoft Corporation. - UI Wrapper Resource DLL.) - [81424] - (9.0.21022.8) - F:\install.res.1041.dll [07/11/2007 08:03:18] - |A| - (.(C) Microsoft Corporation. - UI ?? ??? DLL.) - [79888] - (9.0.21022.8) - F:\install.res.1042.dll [07/11/2007 08:03:18] - |A| - (.(C) Microsoft Corporation???????? - ???????? DLL.) - [75792] - (9.0.21022.8) - F:\install.res.2052.dll [07/11/2007 08:03:18] - |A| - (.© Microsoft Corporation. Reservados todos los derechos. - Archivo DLL de recursos del contenedor de la interfaz de usuario.) - [96272] - (9.0.21022.8) - F:\install.res.3082.dll [07/11/2007 08:03:18] - |A| - (.© Microsoft Corporation. - External Installer.) - [562688] - (9.0.21022.8) - F:\install.exe [10/11/2018 12:21:20] - |A| - (.Samsung Electronic Ltd. - Samsung Kies Installer 2.0 .) - [77795152] - (16.0.0.400) - F:\Kies_2.0.0.11034_5.exe [07/11/2007 08:00:40] - |A| - (.-.) - [1110] - (0.0.0.0) - F:\globdata.ini [07/11/2007 08:00:40] - |A| - (.-.) - [843] - (0.0.0.0) - F:\install.ini H: I: ---------- | C: [14/07/2009 05:18:56] - |SHD| - [586] - C:\$Recycle.Bin [19/03/2019 14:37:09] - |HD| - [1657719900] - C:\$WINDOWS.~BT [01/05/2019 17:48:51] - |HD| - [278304] - C:\$Windows.~WS [05/09/2019 11:47:02] - |D| - [18461] - C:\AdwCleaner [08/04/2016 14:49:49] - |RASHD| - [3] - C:\Autorun.inf [MD5.96FEA3EDE0B2421D567BBE811C069B59] - [06/12/2017 23:30:44] - |A| - (.-.) - [952] - (0.0.0.0) - C:\DelFix.txt [14/07/2009 07:08:56] - |SHD| - [0] - C:\Documents and Settings [25/04/2019 18:19:49] - |D| - [4274279149] - C:\ESD [07/04/2016 11:41:24] - |D| - [0] - C:\GvTemp [25/04/2019 20:17:42] - |D| - [136119] - C:\inetpub [07/04/2016 10:20:46] - |D| - [545580] - C:\Intel [28/01/2018 08:40:35] - |D| - [76397] - C:\KVRT_Data [18/09/2019 12:08:25] - |HD| - [0] - C:\OneDriveTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [30/04/2019 17:04:10] - |ASH| - (.-.) - [8589934592] - (0.0.0.0) - C:\pagefile.sys [15/09/2018 09:33:50] - |D| - [0] - C:\PerfLogs [15/09/2018 09:33:50] - |RD| - [6822323202] - C:\Program Files [15/09/2018 09:33:50] - |RD| - [15482441240] - C:\Program Files (x86) [15/09/2018 09:33:50] - |HD| - [15130149726] - C:\ProgramData [18/09/2019 19:49:22] - |D| - [68685] - C:\QuickDiag [MD5.017FA3CC7B97190D283008853A4B1BAF] - [18/09/2019 19:49:27] - |A| - (.-.) - [177962] - (0.0.0.0) - C:\QuickDiag.txt [25/04/2019 19:30:51] - |SHD| - [1119] - C:\Recovery [MD5.D41D8CD98F00B204E9800998ECF8427E] - [25/04/2019 19:25:55] - |ASH| - (.-.) - [16777216] - (0.0.0.0) - C:\swapfile.sys [06/04/2016 23:41:28] - |SHD| - [0] - C:\System Volume Information [13/04/2016 15:48:19] - |D| - [0] - C:\temp [15/09/2018 08:09:26] - |RD| - [29619428238] - C:\Users [15/09/2018 08:09:26] - |D| - [27633421415] - C:\Windows ---------- | C:\WINDOWS [15/09/2018 09:33:50] - |D| - [802] - C:\WINDOWS\addins [15/09/2018 09:33:50] - |D| - [15512752] - C:\WINDOWS\appcompat [15/09/2018 09:33:50] - |D| - [8427096] - C:\WINDOWS\apppatch [15/09/2018 09:33:50] - |D| - [0] - C:\WINDOWS\AppReadiness [15/09/2018 09:33:50] - |RSD| - [1765208671] - C:\WINDOWS\assembly [15/09/2018 09:33:50] - |D| - [740161] - C:\WINDOWS\bcastdvr [MD5.49D0AD393AE0B1EE7F3A3DD81B54BFBF] - [15/09/2018 09:28:22] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [78848] - (10.0.17763.1) - C:\WINDOWS\bfsvc.exe [15/09/2018 09:33:50] - |D| - [39075631] - C:\WINDOWS\Boot [MD5.9C948345410C07467CAA99804C1D6ECA] - [25/04/2019 20:21:16] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [15/09/2018 09:33:50] - |D| - [2449912] - C:\WINDOWS\Branding [15/09/2018 09:23:35] - |D| - [0] - C:\WINDOWS\CbsTemp [31/08/2017 12:48:00] - |D| - [299551567] - C:\WINDOWS\CheckSur [15/09/2018 09:33:50] - |D| - [28247166] - C:\WINDOWS\Containers [MD5.1F334AC7713E228137147CBFBB7BC9AA] - [15/09/2018 18:41:43] - |A| - (.-.) - [33951] - (0.0.0.0) - C:\WINDOWS\Core.xml [15/09/2018 09:33:50] - |D| - [11482410] - C:\WINDOWS\Cursors [15/09/2018 09:33:50] - |D| - [14026693] - C:\WINDOWS\debug [MD5.F0E857AA9EFCC374C1931F7E9978C480] - [25/04/2019 19:30:47] - |A| - (.-.) - [24768] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [15/09/2018 09:33:50] - |D| - [4241520] - C:\WINDOWS\diagnostics [MD5.F0E857AA9EFCC374C1931F7E9978C480] - [25/04/2019 19:30:47] - |A| - (.-.) - [24768] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [15/09/2018 18:39:05] - |D| - [0] - C:\WINDOWS\DigitalLocker [15/09/2018 09:33:50] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files [14/07/2009 17:35:13] - |D| - [0] - C:\WINDOWS\ehome [15/09/2018 09:33:50] - |HD| - [46584] - C:\WINDOWS\ELAMBKUP [15/09/2018 18:39:05] - |D| - [0] - C:\WINDOWS\en-US [MD5.9F985AB249E70183D07CF5EDE85D3B5F] - [11/09/2019 12:53:42] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4353016] - (10.0.17763.719) - C:\WINDOWS\explorer.exe [15/09/2018 09:33:50] - |RSD| - [373674836] - C:\WINDOWS\Fonts [15/09/2018 18:39:05] - |D| - [110080] - C:\WINDOWS\fr-FR [15/09/2018 09:33:50] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter [15/09/2018 09:33:50] - |D| - [53407874] - C:\WINDOWS\Globalization [MD5.46E77AB5E91094D6C1EE518CA4626972] - [27/08/2009 09:04:14] - |A| - (.Copyright (C) 2007 - GSetup MFC Application.) - [207400] - (1.0.0.1) - C:\WINDOWS\GSetup.exe [MD5.A8ED0188CA6580088F760D25D83E557E] - [31/08/2017 11:22:48] - |A| - (.-.) - [10] - (0.0.0.0) - C:\WINDOWS\GSetup.ini [15/09/2018 09:33:50] - |D| - [71728026] - C:\WINDOWS\Help [MD5.6CAA2887418899D8AA5D4FB06E8DB043] - [11/09/2019 12:54:41] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1071616] - (10.0.17763.719) - C:\WINDOWS\HelpPane.exe [MD5.1CECEE8D02A8E9B19D3A1A65C7A2B249] - [15/09/2018 09:29:18] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.17763.1) - C:\WINDOWS\hh.exe [15/09/2018 09:33:50] - |D| - [29869] - C:\WINDOWS\IdentityCRL [15/09/2018 09:33:50] - |D| - [28822422] - C:\WINDOWS\IME [15/09/2018 09:33:50] - |RD| - [8780645] - C:\WINDOWS\ImmersiveControlPanel [15/09/2018 09:31:55] - |D| - [202740219] - C:\WINDOWS\INF [15/09/2018 09:33:50] - |D| - [38126462] - C:\WINDOWS\InputMethod [15/09/2018 09:33:50] - |SHDC| - [2753142437] - C:\WINDOWS\Installer [15/09/2018 09:33:50] - |D| - [94163] - C:\WINDOWS\L2Schemas [15/09/2018 09:33:50] - |HD| - [0] - C:\WINDOWS\LanguageOverlayCache [12/09/2019 14:27:00] - |D| - [169220128] - C:\WINDOWS\LastGood.Tmp [15/09/2018 09:33:50] - |D| - [0] - C:\WINDOWS\LiveKernelReports [15/09/2018 08:09:30] - |D| - [25229589] - C:\WINDOWS\Logs [15/09/2018 09:33:50] - |RSD| - [20503177] - C:\WINDOWS\media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [15/09/2018 09:28:57] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [15/09/2018 09:33:50] - |RD| - [825060282] - C:\WINDOWS\Microsoft.NET [15/09/2018 09:33:50] - |D| - [4398] - C:\WINDOWS\Migration [15/09/2018 09:33:50] - |D| - [0] - C:\WINDOWS\ModemLogs [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 04:35:42] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\WINDOWS\msdfmap.ini [MD5.0E61079D3283687D2E279272966AE99D] - [04/05/2019 09:53:27] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [254464] - (10.0.17763.475) - C:\WINDOWS\notepad.exe [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [28/01/2019 13:48:59] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\WINDOWS\NvContainerRecovery.bat [15/09/2018 18:40:22] - |D| - [199472] - C:\WINDOWS\OCR [15/09/2018 09:33:50] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [23/08/2019 17:10:04] - |D| - [121926] - C:\WINDOWS\Panther [15/09/2018 09:33:50] - |D| - [2365154] - C:\WINDOWS\Performance [MD5.7E7849B7E63521703573661B7FE16139] - [27/08/2019 07:06:43] - |A| - (.-.) - [1164] - (0.0.0.0) - C:\WINDOWS\PFRO.log [15/09/2018 09:33:50] - |D| - [1136442] - C:\WINDOWS\PLA [15/09/2018 09:33:50] - |D| - [2906183] - C:\WINDOWS\PolicyDefinitions [25/04/2019 19:25:59] - |D| - [5849800] - C:\WINDOWS\Prefetch [15/09/2018 09:33:50] - |RD| - [1910255] - C:\WINDOWS\PrintDialog [15/09/2018 09:33:50] - |D| - [5680954] - C:\WINDOWS\Provisioning [MD5.A3668018735B59050AD123A5A8CDC184] - [12/03/2019 08:31:48] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [358400] - (10.0.17763.168) - C:\WINDOWS\regedit.exe [15/09/2018 09:33:50] - |D| - [22588] - C:\WINDOWS\Registration [15/09/2018 09:33:50] - |D| - [15499824] - C:\WINDOWS\rescache [15/09/2018 09:33:50] - |D| - [4057566] - C:\WINDOWS\Resources [MD5.2F887699ECB55E01D486700FB67E8805] - [31/08/2017 11:41:16] - |A| - (.Copyright (C) 2017 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2856800] - (1.0.7.2) - C:\WINDOWS\RtlExUpd.dll [15/09/2018 09:33:50] - |D| - [0] - C:\WINDOWS\SchCache [15/09/2018 09:33:50] - |D| - [122082] - C:\WINDOWS\schemas [15/09/2018 09:33:50] - |D| - [8085504] - C:\WINDOWS\security [25/04/2019 20:21:25] - |D| - [80916991] - C:\WINDOWS\ServiceProfiles [15/09/2018 09:33:50] - |D| - [4096] - C:\WINDOWS\ServiceState [15/09/2018 08:09:26] - |D| - [726201799] - C:\WINDOWS\servicing [15/09/2018 09:36:53] - |D| - [6688] - C:\WINDOWS\Setup [15/09/2018 09:33:50] - |D| - [6752256] - C:\WINDOWS\ShellComponents [15/09/2018 09:33:50] - |D| - [52918784] - C:\WINDOWS\ShellExperiences [15/09/2018 09:33:50] - |D| - [3070736] - C:\WINDOWS\SKB [31/08/2017 11:14:05] - |D| - [1460005636] - C:\WINDOWS\SoftwareDistribution [15/09/2018 09:33:50] - |D| - [86038209] - C:\WINDOWS\Speech [15/09/2018 09:33:50] - |D| - [63949381] - C:\WINDOWS\Speech_OneCore [MD5.E2715D34A68C5A320CFBECA93A94CFE4] - [10/07/2019 12:16:38] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [132608] - (10.0.17763.615) - C:\WINDOWS\splwow64.exe [15/09/2018 09:33:50] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 04:34:57] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [15/09/2018 08:09:26] - |D| - [7602294380] - C:\WINDOWS\System32 [15/09/2018 09:33:50] - |D| - [203724865] - C:\WINDOWS\SystemApps [15/09/2018 09:33:51] - |D| - [26533875] - C:\WINDOWS\SystemResources [15/09/2018 08:09:31] - |D| - [1779918918] - C:\WINDOWS\SysWOW64 [15/09/2018 09:33:51] - |D| - [0] - C:\WINDOWS\TAPI [14/07/2009 05:20:14] - |D| - [36190] - C:\WINDOWS\Tasks [15/09/2018 09:33:51] - |D| - [689098] - C:\WINDOWS\Temp [15/09/2018 09:33:51] - |D| - [14425088] - C:\WINDOWS\TextInput [15/09/2018 09:33:51] - |D| - [0] - C:\WINDOWS\tracing [15/09/2018 09:33:51] - |D| - [16384] - C:\WINDOWS\twain_32 [MD5.4B8ED4EF819DC87A2DC108EF60504FE9] - [15/09/2018 09:29:28] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [64512] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [15/09/2018 09:33:51] - |D| - [12420] - C:\WINDOWS\Vss [15/09/2018 08:09:29] - |D| - [28886] - C:\WINDOWS\WaaS [15/09/2018 09:33:51] - |D| - [15729830] - C:\WINDOWS\Web [MD5.162904DAA5412143F5403233E77F787E] - [14/07/2009 04:34:57] - |A| - (.-.) - [403] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [15/09/2018 09:28:58] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.351FDCE5B7CDE5009C768FFDA64B5E57] - [15/09/2018 09:29:27] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.17763.1) - C:\WINDOWS\winhlp32.exe [15/09/2018 08:09:26] - |D| - [8692536574] - C:\WINDOWS\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [15/09/2018 09:38:26] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.10F2BC4209233AB34BDA602967D0F798] - [15/09/2018 09:29:24] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.17763.1) - C:\WINDOWS\write.exe [MD5.F9F4905664C5B42B49E78EFA12D1A6B6] - [16/09/2017 17:56:20] - |A| - (.-.) - [20] - (0.0.0.0) - C:\WINDOWS\¨ôÝ [MD5.F9F4905664C5B42B49E78EFA12D1A6B6] - [16/09/2017 17:50:28] - |A| - (.-.) - [20] - (0.0.0.0) - C:\WINDOWS\ÈöÕ ---------- | C:\WINDOWS\System32\GroupPolicy ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [24/10/2018 05:07:56] - C:\WINDOWS\Installer\10f5904.msi : (OpenOffice 4.1.6 - OpenOffice) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/08/2017 17:00:00] - C:\WINDOWS\Installer\11afae0.msi : ( -) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/06/2010 16:42:14] - C:\WINDOWS\Installer\1272e94.msi : (Logitech Gaming Software 5.10 - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [31/01/2019 10:36:26] - C:\WINDOWS\Installer\13df8c6.msi : (Epson Event Manager - Seiko Epson Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/05/2019 16:03:27] - C:\WINDOWS\Installer\13df8c9.msi : (Epson Connect Printer Setup - Seiko Epson Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/12/2018 14:41:05] - C:\WINDOWS\Installer\16d739.msi : (Google Chrome Installer - Google, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2017 14:56:26] - C:\WINDOWS\Installer\1700ed.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/03/2015 10:41:29] - C:\WINDOWS\Installer\17f99e5.msi : ( - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/07/2019 10:10:19] - C:\WINDOWS\Installer\1c9d78.msi : (Java SE Runtime Environment 8 Update 221 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/07/2019 10:10:42] - C:\WINDOWS\Installer\1c9d7f.msi : (Java Auto Updater - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [31/03/2017 12:04:39] - C:\WINDOWS\Installer\226e15.msi : ( - Nokia) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/11/2015 11:56:58] - C:\WINDOWS\Installer\29de52.msi : (Epic Games Launcher Prerequisites (x64) - Epic Games, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/05/2016 23:56:24] - C:\WINDOWS\Installer\3770a.msi : (Intel(R) ME UninstallLegacy - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/04/2016 13:20:00] - C:\WINDOWS\Installer\38ecbc.msi : (MyEpson Portal Setup - SEIKO EPSON CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/07/2019 17:38:50] - C:\WINDOWS\Installer\3d542.msi : (Backup and Sync from Google - Google, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/09/2012 01:34:20] - C:\WINDOWS\Installer\46954.msi : (LWS Help_main - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/09/2012 09:41:18] - C:\WINDOWS\Installer\4695c.msi : (LWS Webcam Software - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/09/2012 09:41:16] - C:\WINDOWS\Installer\46964.msi : (CameraHelperMsi - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/09/2012 01:46:08] - C:\WINDOWS\Installer\4696c.msi : (Logitech eReg 1.12 merge module-to-MSI converter - Logitech, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/07/2012 00:15:18] - C:\WINDOWS\Installer\46974.msi : (LWS Facebook - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/09/2012 00:19:08] - C:\WINDOWS\Installer\4697c.msi : (LWS Gallery - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/09/2012 01:36:58] - C:\WINDOWS\Installer\46984.msi : (LWS Launcher - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/09/2012 09:41:12] - C:\WINDOWS\Installer\4698c.msi : (LWS Motion Detection - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/09/2012 09:41:22] - C:\WINDOWS\Installer\46994.msi : (LWS Pictures And Video - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/07/2011 04:51:16] - C:\WINDOWS\Installer\4699c.msi : (LWS Twitter - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/06/2011 05:26:48] - C:\WINDOWS\Installer\469a4.msi : (LWS WLM Plugin - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/11/2011 00:14:28] - C:\WINDOWS\Installer\469ac.msi : (LWS YouTube Plugin - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/04/2017 20:01:24] - C:\WINDOWS\Installer\46ace.msi : (Intel(R) Rapid Storage Technology - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/05/2019 07:59:29] - C:\WINDOWS\Installer\56412cc.msi : (Google Update Helper - Google LLC) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/03/2019 12:50:58] - C:\WINDOWS\Installer\961775.msi : (Kaspersky Password Manager - Kaspersky Lab) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/05/2018 12:53:17] - C:\WINDOWS\Installer\9b6a42.msi : (Kaspersky Total Security - Kaspersky Lab) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/10/2018 15:18:02] - C:\WINDOWS\Installer\9ce78.msi : (Elevated Installer - Garmin Ltd or its subsidiaries) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/10/2018 15:17:50] - C:\WINDOWS\Installer\9ce80.msi : (ANT Drivers Installer x64 - Garmin Ltd or its subsidiaries) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/08/2019 15:00:20] - C:\WINDOWS\Installer\9e1a1d.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/05/2019 14:01:23] - C:\WINDOWS\Installer\bd2b54.msi : (Kaspersky Secure Connection - Kaspersky Lab) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/05/2015 08:45:36] - C:\WINDOWS\Installer\cfeff8.msi : (Epson E-Web Print - SEIKO EPSON CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/11/2018 15:42:42] - C:\WINDOWS\Installer\cff002.msi : (Easy Photo Scan - Seiko Epson Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/06/2018 11:25:38] - C:\WINDOWS\Installer\cff008.msi : (Epson Photo+ - Seiko Epson Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/09/2018 17:01:38] - C:\WINDOWS\Installer\d977b6.msi : (Epson Printer Connection Checker - Seiko Epson Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/02/2019 04:41:00] - C:\WINDOWS\Installer\ea9d70.msi : (Epson Software Updater - Seiko Epson Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/09/2016 07:43:32] - C:\WINDOWS\Installer\ea9d7e.msi : (EpsonNet Print - SEIKO EPSON Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/02/2014 09:38:28] - C:\WINDOWS\Installer\eadd2.msi : (Intel(R) Chipset Device Software - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/05/2016 23:57:06] - C:\WINDOWS\Installer\f7e2f.msi : (Intel(R) Management Engine Components - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/06/2019 17:38:18] - [4640768] - (.().-. - ()) - C:\WINDOWS\Installer\174766d.msp [11/02/2019 08:36:53] - [8757248] - (.().-. - ()) - C:\WINDOWS\Installer\18c8a7f.msp [07/06/2018 13:41:40] - [10661888] - (.().-. - ()) - C:\WINDOWS\Installer\1cb15d.msp [08/10/2018 13:11:44] - [2174976] - (.().-. - ()) - C:\WINDOWS\Installer\1ef6fbc.msp [22/08/2018 19:23:34] - [53350400] - (.().-. - ()) - C:\WINDOWS\Installer\204a0c.msp [14/08/2018 23:08:56] - [41676800] - (.().-. - ()) - C:\WINDOWS\Installer\2484fe2.msp [09/07/2018 07:47:48] - [27000832] - (.().-. - ()) - C:\WINDOWS\Installer\24cf34a.msp [13/06/2019 14:38:00] - [2260992] - (.().-. - ()) - C:\WINDOWS\Installer\2682a29.msp [31/08/2018 07:38:14] - [41668608] - (.().-. - ()) - C:\WINDOWS\Installer\2968a9.msp [18/09/2018 10:10:59] - [4706304] - (.().-. - ()) - C:\WINDOWS\Installer\2a68900.msp [12/08/2019 08:29:03] - [50438144] - (.().-. - ()) - C:\WINDOWS\Installer\33f2c.msp [01/10/2018 11:17:16] - [18440192] - (.().-. - ()) - C:\WINDOWS\Installer\3a2a52.msp [28/06/2011 21:27:28] - [4028928] - (.().-. - ()) - C:\WINDOWS\Installer\3ad63a.msp [28/06/2011 21:21:32] - [4637184] - (.().-. - ()) - C:\WINDOWS\Installer\3ae836.msp [15/08/2018 05:42:26] - [41648128] - (.().-. - ()) - C:\WINDOWS\Installer\464a41.msp [03/08/2018 01:32:16] - [41656320] - (.().-. - ()) - C:\WINDOWS\Installer\49dbbc.msp [08/01/2019 22:27:42] - [41828352] - (.().-. - ()) - C:\WINDOWS\Installer\5cf1d.msp [16/01/2019 13:00:18] - [53014528] - (.().-. - ()) - C:\WINDOWS\Installer\611131.msp [15/04/2019 11:55:50] - [19210240] - (.().-. - ()) - C:\WINDOWS\Installer\722cc3.msp [18/07/2018 12:46:02] - [17960960] - (.().-. - ()) - C:\WINDOWS\Installer\80e75b.msp [05/06/2019 13:14:37] - [4653056] - (.().-. - ()) - C:\WINDOWS\Installer\83d49e.msp [03/01/2019 11:17:04] - [1720320] - (.().-. - ()) - C:\WINDOWS\Installer\84af92.msp [07/11/2018 10:19:22] - [41668608] - (.().-. - ()) - C:\WINDOWS\Installer\906b90.msp [10/12/2018 09:48:46] - [41836544] - (.().-. - ()) - C:\WINDOWS\Installer\93130.msp [23/02/2018 15:25:19] - [1343488] - (.().-. - ()) - C:\WINDOWS\Installer\a13b8.msp [21/12/2018 10:00:22] - [41832448] - (.().-. - ()) - C:\WINDOWS\Installer\a1ad09.msp [08/04/2019 08:22:42] - [7155712] - (.().-. - ()) - C:\WINDOWS\Installer\ab738.msp [07/08/2019 12:41:14] - [36864] - (.().-. - ()) - C:\WINDOWS\Installer\af9935.msp [22/08/2019 13:14:18] - [2002944] - (.().-. - ()) - C:\WINDOWS\Installer\b867c.msp [13/05/2019 08:57:34] - [59400192] - (.().-. - ()) - C:\WINDOWS\Installer\ba4d7.msp [22/10/2018 15:33:19] - [2584576] - (.().-. - ()) - C:\WINDOWS\Installer\ba9cb.msp [13/11/2018 06:24:12] - [3485696] - (.().-. - ()) - C:\WINDOWS\Installer\bbfaf.msp [10/12/2018 08:52:51] - [44044288] - (.().-. - ()) - C:\WINDOWS\Installer\bc3d4.msp [20/02/2019 14:28:20] - [1986560] - (.().-. - ()) - C:\WINDOWS\Installer\bcf9b.msp [13/08/2018 08:19:45] - [1441792] - (.().-. - ()) - C:\WINDOWS\Installer\bd840.msp [12/05/2018 08:05:37] - [7094272] - (.().-. - ()) - C:\WINDOWS\Installer\cd57a9.msp [04/12/2018 13:12:58] - [41668608] - (.().-. - ()) - C:\WINDOWS\Installer\d00193.msp [04/08/2018 03:31:00] - [41672704] - (.().-. - ()) - C:\WINDOWS\Installer\de306.msp [05/12/2018 15:15:46] - [17375232] - (.().-. - ()) - C:\WINDOWS\Installer\efeb05.msp [07/08/2019 13:53:09] - [45056] - (.().-. - ()) - C:\WINDOWS\Installer\f3554c.msp ---------- | %System%\*.in* [15/09/2018 09:29:16] - [3329] - C:\WINDOWS\System32\ieuinit.inf [26/10/2012 09:42:22] - [29494] - C:\WINDOWS\System32\lvcoin64.ini [25/04/2019 19:27:40] - [1978156] - C:\WINDOWS\System32\PerfStringBackup.INI [15/09/2018 09:28:56] - [60124] - C:\WINDOWS\System32\tcpmon.ini [15/09/2018 09:28:42] - [2404] - C:\WINDOWS\System32\WimBootCompress.ini [15/09/2018 09:29:28] - [3329] - C:\WINDOWS\Syswow64\ieuinit.inf [31/08/2017 11:24:43] - [1974598] - C:\WINDOWS\Syswow64\PerfStringBackup.INI [15/09/2018 09:29:07] - [2404] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [0 Ko] - C:\WINDOWS\AppPatch\Custom\Custom64 [MD5.00000000000000000000000000000000] - |D| - [18/09/2019 12:07:35] - [43.6 Ko] - C:\WINDOWS\Temp\cpuz148 [MD5.00000000000000000000000000000000] - |D| - [25/04/2019 19:29:59] - [628.26 Ko] - C:\WINDOWS\Temp\LogiDFULibUpdate [MD5.A1C513C7284E496FFFC2679D12E771A3] - |A| - [18/09/2019 13:14:35] - (.-.) - [1.09 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpCmdRun.log [MD5.00000000000000000000000000000000] - |D| - [26/08/2019 08:17:33] - [0 Ko] - C:\WINDOWS\Temp\Nebula-DFUPackages [MD5.00000000000000000000000000000000] - |D| - [18/09/2019 13:14:37] - [0 Ko] - C:\WINDOWS\Temp\tw-3a1c-3c84-3db055.tmp [MD5.00000000000000000000000000000000] - |D| - [18/09/2019 13:14:37] - [0 Ko] - C:\WINDOWS\Temp\tw-3a1c-3c84-3db067.tmp [MD5.00000000000000000000000000000000] - |D| - [18/09/2019 13:14:37] - [0 Ko] - C:\WINDOWS\Temp\tw-3a1c-3c84-3db069.tmp [MD5.00000000000000000000000000000000] - |D| - [18/09/2019 13:14:37] - [0 Ko] - C:\WINDOWS\Temp\tw-3a1c-3c84-3db06b.tmp [MD5.00000000000000000000000000000000] - |D| - [18/09/2019 13:14:37] - [0 Ko] - C:\WINDOWS\Temp\tw-3a1c-3c84-3db07c.tmp [MD5.00000000000000000000000000000000] - |D| - [18/09/2019 13:14:37] - [0 Ko] - C:\WINDOWS\Temp\tw-3a1c-3c84-3db07e.tmp [MD5.00000000000000000000000000000000] - |D| - [18/09/2019 13:14:37] - [0 Ko] - C:\WINDOWS\Temp\tw-3a1c-3c84-3db080.tmp [MD5.00000000000000000000000000000000] - |D| - [18/09/2019 13:14:37] - [0 Ko] - C:\WINDOWS\Temp\tw-3a1c-3c84-3db082.tmp [MD5.00000000000000000000000000000000] - |D| - [18/09/2019 13:14:37] - [0 Ko] - C:\WINDOWS\Temp\tw-3a1c-3c84-3db084.tmp [MD5.00000000000000000000000000000000] - |D| - [18/09/2019 13:14:37] - [0 Ko] - C:\WINDOWS\Temp\tw-3a1c-3c84-3db086.tmp [MD5.00000000000000000000000000000000] - |D| - [18/09/2019 13:14:37] - [0 Ko] - C:\WINDOWS\Temp\tw-3a1c-3c84-3db088.tmp [MD5.00000000000000000000000000000000] - |D| - [18/09/2019 13:14:37] - [0 Ko] - C:\WINDOWS\Temp\tw-3a1c-3c84-3db09a.tmp [MD5.00000000000000000000000000000000] - |D| - [18/09/2019 13:14:37] - [0 Ko] - C:\WINDOWS\Temp\tw-3a1c-3c84-3db09c.tmp [MD5.00000000000000000000000000000000] - |D| - [18/09/2019 13:14:37] - [0 Ko] - C:\WINDOWS\Temp\tw-3a1c-3c84-3db09e.tmp [MD5.00000000000000000000000000000000] - |D| - [18/09/2019 13:14:37] - [0 Ko] - C:\WINDOWS\Temp\tw-3a1c-3c84-3db0a0.tmp [MD5.00000000000000000000000000000000] - |D| - [18/09/2019 13:14:37] - [0 Ko] - C:\WINDOWS\Temp\tw-3a1c-3c84-3db0a2.tmp [MD5.00000000000000000000000000000000] - |D| - [18/09/2019 13:14:37] - [0 Ko] - C:\WINDOWS\Temp\tw-3a1c-3c84-3db0a4.tmp [MD5.00000000000000000000000000000000] - |D| - [18/09/2019 13:14:37] - [0 Ko] - C:\WINDOWS\Temp\tw-3a1c-3c84-3db0b6.tmp [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 18:39:05] - [0 Ko] - C:\WINDOWS\System32\0409 [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 17:24:06] - [0 Ko] - C:\WINDOWS\System32\040C [MD5.2C6FD57D7E173F8E667CB20DC93A8FDA] - |A| - [14/07/2009 06:45:49] - (.-.) - [22.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [MD5.2C6FD57D7E173F8E667CB20DC93A8FDA] - |A| - [14/07/2009 06:45:49] - (.-.) - [22.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [15/09/2018 09:28:43] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [15/09/2018 09:28:42] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [15/09/2018 09:28:30] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@BackgroundAccessToastIcon.png [MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [15/09/2018 09:28:50] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@bitlockertoastimage.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [15/09/2018 09:28:51] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@EnrollmentToastIcon.png [MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [15/09/2018 09:28:53] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@language_notification_icon.png [MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [15/09/2018 09:29:21] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@optionalfeatures.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [15/09/2018 09:28:56] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@VpnToastIcon.png [MD5.7AC3EA1A5175106ED6467FF0C5315541] - |A| - [15/09/2018 09:28:26] - (.-.) - [14.75 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WiFiNotificationIcon.png [MD5.79166EAF65485F1432DD72B72870026B] - |A| - [15/09/2018 09:29:13] - (.-.) - [190.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@windows-hello-V4.1.gif [MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [15/09/2018 09:29:13] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsHelloFaceToastIcon.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [15/09/2018 09:28:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-black.png [MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [15/09/2018 09:28:39] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-white.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [15/09/2018 09:28:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [15/09/2018 09:29:14] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WirelessDisplayToast.png [MD5.D0FCF781D0801ABF5F74B54E98076A5B] - |A| - [15/09/2018 09:28:36] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanNotificationIcon.png [MD5.85D91E478AF18125007C531227FF6E59] - |A| - [15/09/2018 09:28:36] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanSimLockIcon.png [MD5.B8A657021E72AE1CDC1F06479751598E] - |A| - [10/08/2017 05:45:18] - (.-.) - [115.81 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AcpiServiceVnA64.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:09:30] - [2819.03 Ko] - C:\WINDOWS\System32\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [5.97 Ko] - C:\WINDOWS\System32\am-et [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [0 Ko] - C:\WINDOWS\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [2710.82 Ko] - C:\WINDOWS\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [354.5 Ko] - C:\WINDOWS\System32\ar-SA [MD5.FE6D792232F609743EABF2C089033651] - |A| - [15/09/2018 09:29:14] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [607.5 Ko] - (3.3.2.0) - C:\WINDOWS\System32\archiveint.dll [MD5.3A127BF3B2BABDE8D7B593872355C525] - |A| - [10/08/2017 05:45:18] - (.-.) - [102.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\audioLibVc.dll [MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [15/09/2018 09:28:22] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AverageRoom.bin [MD5.00000000000000000000000000000000] - |D| - [25/04/2019 20:17:43] - [12.63 Ko] - C:\WINDOWS\System32\BestPractices [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [347.5 Ko] - C:\WINDOWS\System32\bg-BG [MD5.705628497C0012302212A46ADD463E6E] - |A| - [15/09/2018 09:28:22] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-black.png [MD5.F63C615733A3337BF2BEA96C6EE9B568] - |A| - [15/09/2018 09:28:22] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-high.png [MD5.705628497C0012302212A46ADD463E6E] - |A| - [15/09/2018 09:28:22] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-white.png [MD5.DAF1DCB4AEE839A1965F4CC160C49A53] - |A| - [15/09/2018 09:28:22] - (.-.) - [8.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.png [MD5.28ECA83D7F9D10D69E969675D1FF6725] - |A| - [15/09/2018 09:28:22] - (.-.) - [1.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.contrast-white.png [MD5.A620186FF1CDE4EE117FC4CAD648B9CC] - |A| - [15/09/2018 09:28:22] - (.-.) - [1.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [5675.23 Ko] - C:\WINDOWS\System32\Boot [MD5.FF8455531929A7067F8A6267B34D2DB8] - |A| - [15/09/2018 09:28:42] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [181.5 Ko] - (1.0.0.1) - C:\WINDOWS\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [0.1 Ko] - C:\WINDOWS\System32\Bthprops [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:09:26] - [89515.03 Ko] - C:\WINDOWS\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [47081.83 Ko] - C:\WINDOWS\System32\catroot2 [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [26569.52 Ko] - C:\WINDOWS\System32\CodeIntegrity [MD5.64430E214B5B229D426D2D35538C402D] - |A| - [06/10/2016 19:41:12] - (.-.) - [366.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ColorImageEnhancement.wmv [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [369.5 Ko] - C:\WINDOWS\System32\com [MD5.535884123FABC2C15AA7DEC9834B55D4] - |A| - [15/09/2018 09:28:22] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.contrast-white.png [MD5.89F92266DFC6F93961DFFBB2D6C61A15] - |A| - [15/09/2018 09:28:22] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:09:26] - [456905.12 Ko] - C:\WINDOWS\System32\config [MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 09:33:50] - [53.11 Ko] - C:\WINDOWS\System32\Configuration [MD5.82DF5576BDD96CE8DF5A06C0571EA463] - |A| - [06/10/2016 19:41:18] - (.-.) - [499.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\cp_resources.bin [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [605.5 Ko] - C:\WINDOWS\System32\cs-CZ [MD5.2419907A0BB9A14F1871F0BDA7F65578] - |A| - [11/09/2019 12:53:39] - (.© 1996 - 2017 Daniel Stenberg, . - The curl executable.) - [411.5 Ko] - (7.55.1.0) - C:\WINDOWS\System32\curl.exe [MD5.59075B2A63DF6A568123218BF4DC2696] - |A| - [31/08/2017 11:40:57] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\CustomModeApp.exe.config [MD5.899E708E589C09700BFF1C73CB7D7002] - |A| - [31/08/2017 11:40:57] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\CustomModeAppv2_0.exe.config [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [599 Ko] - C:\WINDOWS\System32\da-DK [MD5.44C688E0013097CF8594C9145BF37631] - |A| - [12/03/2019 08:31:25] - (.-.) - [145 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DataStoreCacheDumpTool.exe [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [240.31 Ko] - C:\WINDOWS\System32\DDFs [MD5.9248BFE961EDE39902A92C4D3C5054E5] - |A| - [10/08/2017 05:45:16] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [266.32 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPA64.dll [MD5.424212F70954534623967697AC8F4A0E] - |A| - [10/08/2017 05:45:18] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1919.73 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPD64A.dll [MD5.B1012BBB953480A5F56149570BB59C29] - |A| - [10/08/2017 05:45:18] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [319.78 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPO64A.dll [MD5.F10EFB99F30B23473F68C82A2B3FBA05] - |A| - [10/08/2017 05:45:22] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6929.87 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPP64A.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [656.5 Ko] - C:\WINDOWS\System32\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [15/09/2018 09:28:30] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultAccountTile.png [MD5.618BA9E529EAB7E11DBA43469481835F] - |A| - [15/09/2018 09:28:22] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [15/09/2018 09:31:36] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultQuestions.json [MD5.851A9305E14B348CA0D9C7FB75391FDB] - |A| - [15/09/2018 09:28:39] - (.-.) - [272.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DesktopKeepOnToastImg.gif [MD5.4A6FA3C0EFD237F104E09A22883D9388] - |A| - [15/09/2018 09:28:44] - (.-.) - [3.85 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DetailedReading-Default.xml [MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 09:33:50] - [907 Ko] - C:\WINDOWS\System32\DiagSvcs [MD5.BE6BCD1A0D8F8F8072996900200D4CF8] - |A| - [15/09/2018 09:28:38] - (.-.) - [82.01 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:09:28] - [9546.33 Ko] - C:\WINDOWS\System32\Dism [MD5.254D1F4D191CE37B4A0FE4E042AF59F6] - |A| - [19/03/2019 02:30:46] - (.-.) - [811.4 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplayAudiox64.cab [MD5.6AB2B935BF38EB13CFCB9506223FD6E7] - |A| - [15/09/2018 09:28:22] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.contrast-white.png [MD5.FF004E0B30E5E4EC747B3D8EF6E3B89E] - |A| - [15/09/2018 09:28:22] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.png [MD5.60E6C68CB0B797EDD0386A68526935A4] - |A| - [06/10/2016 19:41:20] - (.-.) - [0.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DPTopologyApp.exe.config [MD5.899E708E589C09700BFF1C73CB7D7002] - |A| - [06/10/2016 19:41:20] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DPTopologyAppv2_0.exe.config [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:12] - [161297.38 Ko] - C:\WINDOWS\System32\drivers [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [0 Ko] - C:\WINDOWS\System32\DriverState [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:09:26] - [2818079.81 Ko] - C:\WINDOWS\System32\DriverStore [MD5.8A8CD51BDBF9DC2B90CEBF2063E162A2] - |A| - [11/09/2019 12:53:38] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth1.bin [MD5.6CDE0E22F0B00B0A035F3AF4D0451BAE] - |A| - [11/09/2019 12:53:38] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth2.bin [MD5.682A2633D2421DC199E8B86C81B93C1F] - |A| - [11/09/2019 12:53:38] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth3.bin [MD5.0A8A5C2FB5547705B00AC1D971BBA863] - |A| - [11/09/2019 12:53:38] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth4.bin [MD5.EFFAD40C1F1BE31D6D7959DB29F1E986] - |A| - [11/09/2019 12:53:38] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth5.bin [MD5.F09F3BB6CA25056DB5A34907C82EE359] - |A| - [11/09/2019 12:53:38] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth6.bin [MD5.0666E3EE60650FAA5A65FA46B6B68502] - |A| - [11/09/2019 12:53:38] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth7.bin [MD5.DC5E43E887981A2C523BDF748E45ADDF] - |A| - [11/09/2019 12:53:38] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth8.bin [MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 09:33:50] - [161.5 Ko] - C:\WINDOWS\System32\dsc [MD5.1070E285015450038E852E7DF8E35574] - |A| - [10/08/2017 05:45:20] - (.(c) DTS. - DTS Bass Enhancement COM DLL.) - [726.52 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSBassEnhancementDLL64.dll [MD5.3B024F75083A59BDAEC2145B914B3D7E] - |A| - [10/08/2017 05:45:22] - (.(c) DTS. - DTS Boost COM DLL.) - [1473.56 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSBoostDLL64.dll [MD5.D1ABCAF99B5EEC55DDF88B2892D83477] - |A| - [10/08/2017 05:45:22] - (.(c) DTS. - DTS Gain Compensator COM DLL.) - [430.92 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSGainCompensatorDLL64.dll [MD5.84F3CCE4F3FE6222B386338DB1ACEC2A] - |A| - [10/08/2017 05:45:22] - (.(c) DTS. - DTS GFX APO.) - [247.95 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSGFXAPO64.dll [MD5.A58853FF9AE4B1C01E4BE710281A4550] - |A| - [10/08/2017 05:45:22] - (.(c) DTS. - DTS GFX APO.) - [246.95 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSGFXAPONS64.dll [MD5.6F3E4D44C8DFF3DDBC3B8E1866CD7D8A] - |A| - [10/08/2017 05:45:22] - (.(c) DTS. - DTS LFX APO.) - [247.91 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSLFXAPO64.dll [MD5.B87ECA45FD8A0556D653921A796FAFCB] - |A| - [10/08/2017 05:45:24] - (.(c) DTS. - DTS Limiter COM DLL.) - [434.95 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSLimiterDLL64.dll [MD5.C6538BC87B8BCD3CB759D2971F05E8D9] - |A| - [10/08/2017 05:45:24] - (.(c) DTS. - DTS NEO:PC COM DLL.) - [492.48 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSNeoPCDLL64.dll [MD5.5BA27075C1B4515522CC4666A8DE02E5] - |A| - [10/08/2017 05:45:24] - (.(c) DTS. - DTS Surround Sensation Headphone COM DLL.) - [1553.77 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSS2HeadphoneDLL64.dll [MD5.1EE2450277A700AEAEDAFA6C3A1C4ABF] - |A| - [10/08/2017 05:45:24] - (.(c) DTS. - DTS Surround Sensation Speaker COM DLL.) - [1738.88 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSS2SpeakerDLL64.dll [MD5.F08164CE5DA9DD84A2CB354DD5D13D62] - |A| - [10/08/2017 05:45:26] - (.(c) DTS. - DTS Symmetry COM DLL.) - [710.38 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSSymmetryDLL64.dll [MD5.EB70D4FE8ECB5ED9449C070357B32170] - |A| - [10/08/2017 05:45:26] - (.(c) DTS. - DTS Voice Clarity COM DLL.) - [691.7 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSVoiceClarityDLL64.dll [MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [15/09/2018 09:28:22] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicLong.bin [MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [15/09/2018 09:28:22] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicMedium.bin [MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [15/09/2018 09:28:22] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicShort.bin [MD5.10C38E1CA0D664F58E8B9F3645885E1D] - |A| - [12/03/2019 08:31:17] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\WINDOWS\System32\edgehtmlpluginpolicy.bin [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [663 Ko] - C:\WINDOWS\System32\el-GR [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 18:39:05] - [0 Ko] - C:\WINDOWS\System32\en [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [325.5 Ko] - C:\WINDOWS\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [1942.96 Ko] - C:\WINDOWS\System32\en-US [MD5.6C91E297472D30A786A254842293C792] - |AS| - [14/09/2016 14:31:00] - (.Copyright (C) SEIKO EPSON CORPORATION 2004-2016. - EpsonNet Print Component.) - [489 Ko] - (3.1.4.1) - C:\WINDOWS\System32\enppmon.dll [MD5.0020666B7B64DC9483E1411A9C48705C] - |AS| - [14/09/2016 14:31:06] - (.Copyright (C) SEIKO EPSON CORPORATION 2004-2016. - EpsonNet Print Component.) - [2581 Ko] - (3.1.4.1) - C:\WINDOWS\System32\enppui.dll [MD5.6C91E297472D30A786A254842293C792] - |AS| - [14/09/2016 14:31:00] - (.Copyright (C) SEIKO EPSON CORPORATION 2004-2016. - EpsonNet Print Component.) - [489 Ko] - (3.1.4.1) - C:\WINDOWS\System32\ensppmon.dll [MD5.0020666B7B64DC9483E1411A9C48705C] - |AS| - [14/09/2016 14:31:06] - (.Copyright (C) SEIKO EPSON CORPORATION 2004-2016. - EpsonNet Print Component.) - [2581 Ko] - (3.1.4.1) - C:\WINDOWS\System32\ensppui.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [637.5 Ko] - C:\WINDOWS\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [360.5 Ko] - C:\WINDOWS\System32\es-MX [MD5.BAC5074667751F72A9CE48CDC31BAC48] - |A| - [13/10/2017 12:52:19] - (.Copyright (C) 2007 SEIKO EPSON CORP. - E_GCINST.) - [10.5 Ko] - (1.0.0.6) - C:\WINDOWS\System32\E_GCINST.DLL [MD5.8159960E8BA20F1C4A4EBCF0DAEC60E5] - |A| - [13/10/2017 12:52:19] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2010. - ECBTEGB AMD64.) - [82 Ko] - (3.3.0.0) - C:\WINDOWS\System32\E_ID4BLFE.DLL [MD5.2E21840342850A8A7F28D28D6DD3A1CD] - |A| - [13/10/2017 12:52:19] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2013. - EPSON Bi-directional Monitor AMD64.) - [175.5 Ko] - (4.4.0.0) - C:\WINDOWS\System32\E_ILMBLFE.DLL [MD5.8159960E8BA20F1C4A4EBCF0DAEC60E5] - |A| - [19/04/2019 13:58:26] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2010. - ECBTEGB AMD64.) - [82 Ko] - (3.3.0.0) - C:\WINDOWS\System32\E_YD4BVCE.DLL [MD5.4DED57BD7ACB9B0EBBE82034EC44645A] - |A| - [15/09/2018 09:28:26] - (.-.) - [43.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastBulldogImg.png [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [605 Ko] - C:\WINDOWS\System32\fi-FI [MD5.A08B87CC51FB774ED45FDF4284B1974F] - |A| - [06/10/2016 19:41:20] - (.-.) - [626.49 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FilmModeDetection.wmv [MD5.43AA490460A074CF6F077B1677BA3CB3] - |A| - [23/08/2019 17:10:02] - (.-.) - [287.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 18:39:05] - [3403.5 Ko] - C:\WINDOWS\System32\fr [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [370.5 Ko] - C:\WINDOWS\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [46934.1 Ko] - C:\WINDOWS\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [0 Ko] - C:\WINDOWS\System32\FxsTmp [MD5.41FD64AE28A0C932CA7B2A250993D675] - |A| - [15/09/2018 09:28:22] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.contrast-white.png [MD5.6DC77FD8B062264AF1C6DA325ABB7010] - |A| - [15/09/2018 09:28:22] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.png [MD5.2E6AF4D5BF6E31E728F409984C3045D4] - |A| - [15/09/2018 09:29:23] - (.-.) - [86.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\gatherNetworkInfo.vbs [MD5.899E708E589C09700BFF1C73CB7D7002] - |A| - [06/10/2016 19:41:22] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Gfxv2_0.exe.config [MD5.60E6C68CB0B797EDD0386A68526935A4] - |A| - [06/10/2016 19:41:22] - (.-.) - [0.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Gfxv4_0.exe.config [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [25/04/2019 19:26:38] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GfxValDisplayLog.bin [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\WINDOWS\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\WINDOWS\System32\GroupPolicyUsers [MD5.EA99A87E98D995DE6E280CF85CEAD413] - |A| - [15/09/2018 09:28:22] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.contrast-white.png [MD5.B8E586ED92DB703FFA480E254996160E] - |A| - [15/09/2018 09:28:22] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [329 Ko] - C:\WINDOWS\System32\he-IL [MD5.6E9E9D56B192B2995493E529CFF2BBFE] - |A| - [15/09/2018 09:28:22] - (.-.) - [1.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.contrast-white.png [MD5.7F1E9502267F778F3A8139C35A352190] - |A| - [15/09/2018 09:28:22] - (.-.) - [1.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.png [MD5.202A07E4526B050E22624328E64E0470] - |A| - [15/09/2018 09:28:22] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.contrast-white.png [MD5.1892ACC10CAC009BCAC146AD650ABA58] - |A| - [15/09/2018 09:28:22] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.png [MD5.031713BFD5F30E63336D3CA5D2767BE9] - |A| - [15/09/2018 09:28:22] - (.-.) - [1.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.contrast-white.png [MD5.C1BD7976C99830E33A713D02374054EC] - |A| - [15/09/2018 09:28:22] - (.-.) - [1.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.png [MD5.9270BD94661CE72F98F5B0BB9D184D15] - |A| - [15/09/2018 09:28:34] - (.-.) - [256.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [336.5 Ko] - C:\WINDOWS\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [613 Ko] - C:\WINDOWS\System32\hu-HU [MD5.E092D70A1D2D6E2CE75071A0A12EC06C] - |A| - [15/09/2018 09:29:24] - (.-.) - [37.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HvSocket.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 18:40:58] - [160.64 Ko] - C:\WINDOWS\System32\hydrogen [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [5.36 Ko] - C:\WINDOWS\System32\ias [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [36.27 Ko] - C:\WINDOWS\System32\icsxml [MD5.2FF8EEFAAEC9FAE611A587BD6D3C56C7] - |RA| - [31/05/2019 18:45:33] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1816.5 Ko] - (61.1.0.0) - C:\WINDOWS\System32\icuin.dll [MD5.18FDD8D8C5BFA9B1767C2BFE97E74090] - |RA| - [15/09/2018 09:28:36] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1315.5 Ko] - (61.1.0.0) - C:\WINDOWS\System32\icuuc.dll [MD5.AB2D50B6F3C665B55C8E5A049D59E7CC] - |A| - [06/10/2016 19:41:44] - (.-.) - [5663.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igdclbif.bin [MD5.B03168BB8DFED7DB0B85704BFE0410FF] - |A| - [19/03/2019 02:31:08] - (.Copyright (C) 2012-2015 - MDF(CM) Runtime DX11 Dynamic Link Library.) - [168.65 Ko] - (5.0.0.1148) - C:\WINDOWS\System32\igfx11cmrt64.dll [MD5.CDFE719872BAB62FCE3E3BAB8FA74B9B] - |A| - [19/03/2019 02:31:08] - (.Copyright (C) 2010 - 2015 - MDF(CM) JIT Dynamic Link Library.) - [1545.09 Ko] - (5.0.0.1148) - C:\WINDOWS\System32\igfxcmjit64.dll [MD5.B0F50A62891D3A8FB9314B9A82F8CE29] - |A| - [19/03/2019 02:31:10] - (.Copyright (C) 2010 - 2015 - MDF(CM) Runtime Dynamic Link Library.) - [169.66 Ko] - (5.0.0.1148) - C:\WINDOWS\System32\igfxcmrt64.dll [MD5.D163F5C9EFBB1BC724F25041D79314CC] - |A| - [19/03/2019 02:31:10] - (.-.) - [258.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igfxCPL.cpl [MD5.799108C6A83B9BE34D244F729F10B1EF] - |A| - [19/03/2019 02:31:10] - (.-.) - [92.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igfxCUIServicePS.dll [MD5.2D39490D45A4ED44066486F709BD88DB] - |A| - [19/03/2019 02:31:10] - (.-.) - [74.62 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxDHLib.dll [MD5.EE8C20566DDC6016075DAFC07E9FF59B] - |A| - [19/03/2019 02:31:10] - (.-.) - [84.59 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxDHLibv2_0.dll [MD5.B8396CA55D36E8F13DCBF79B0E0BF3B5] - |A| - [19/03/2019 02:31:10] - (.-.) - [20.09 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxDILib.dll [MD5.66A6521BD40DD0F6A308E4780543328F] - |A| - [19/03/2019 02:31:10] - (.-.) - [20.12 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxDILibv2_0.dll [MD5.76F467B771A59BA3DD547CEBA272C973] - |A| - [19/03/2019 02:31:10] - (.-.) - [18.59 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxEMLib.dll [MD5.2FF6FC6B7A54D05F9B3CF4C428AB5580] - |A| - [19/03/2019 02:31:10] - (.-.) - [18.59 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxEMLibv2_0.dll [MD5.0BFECAB4F5389CAFBDEAE91CC05BAA0F] - |A| - [19/03/2019 02:31:10] - (.-.) - [13.59 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxLHMLib.dll [MD5.607D02B85EC0F5F5057945C033976C8A] - |A| - [19/03/2019 02:31:10] - (.-.) - [13.59 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxLHMLibv2_0.dll [MD5.9C6D2A5596C4EAE7901561647AFF2B6F] - |A| - [19/03/2019 02:33:22] - (.-.) - [982.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igfxSDK.exe [MD5.EDFB459A6531A0FAA92C00796158B52D] - |A| - [19/03/2019 02:31:10] - (.-.) - [90.12 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxSDKLib.dll [MD5.02248D53C616B3DB16DAFD4DB9AE6374] - |A| - [19/03/2019 02:31:10] - (.-.) - [100.59 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxSDKLibv2_0.dll [MD5.CA992D3AC2BF7129B78B3DCBFBA7B09E] - |A| - [19/03/2019 02:33:22] - (.-.) - [375.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igfxTray.exe [MD5.6C0F36ABFE80433B352FA7748ED887BF] - |A| - [06/10/2016 19:42:04] - (.-.) - [2748 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxa64.cpa [MD5.0D3AF85E1F169395885151038ADE9317] - |A| - [06/10/2016 19:42:04] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxa64.vp [MD5.A0D0A10C8DA1B00A2EE378357F72BA90] - |A| - [06/10/2016 19:42:04] - (.-.) - [39.37 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxc64.vp [MD5.7B929507BB2C2A3FBD2956EC3515364C] - |A| - [06/10/2016 19:42:04] - (.-.) - [40.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxc64_dev.vp [MD5.1A8302994182D4FC003A71DC6D23EE81] - |A| - [06/10/2016 19:42:04] - (.-.) - [38.73 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxg64.vp [MD5.38FA402460982FE9A071BEC11C58B0D3] - |A| - [06/10/2016 19:42:04] - (.-.) - [38.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxg64_dev.vp [MD5.26526A63D35D8E4E19C46F920AAF48F2] - |A| - [06/10/2016 19:42:04] - (.-.) - [39.4 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxo64.vp [MD5.9CD97189D5A5E409BBEC1B28A8AFD428] - |A| - [06/10/2016 19:42:04] - (.-.) - [39.97 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxo64_dev.vp [MD5.A8A73B0D81A1C8F317398B4E1EBCBBAA] - |A| - [19/03/2019 02:31:12] - (.-.) - [4.73 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxs64.vp [MD5.5C75F3B35EB158BF27B87A5920B77A3E] - |A| - [15/09/2018 09:28:22] - (.-.) - [195 Ko] - (0.0.0.0) - C:\WINDOWS\System32\IHDS.dll [MD5.3ED204C864E5CC3C78D3DBB707D102D1] - |A| - [06/10/2016 19:42:06] - (.-.) - [394.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ImageStabilization.wmv [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [25900.42 Ko] - C:\WINDOWS\System32\IME [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [4315.68 Ko] - C:\WINDOWS\System32\inetsrv [MD5.ADDF24D54BB454BF9FC38C9CA8FBDAA5] - |A| - [12/03/2019 08:31:29] - (.-.) - [813.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [6841.5 Ko] - C:\WINDOWS\System32\InputMethod [MD5.8DE9AE82152650C178BF1E24014E8503] - |A| - [15/09/2018 09:28:22] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.contrast-white.png [MD5.0B9FBD6F3ED617CD36D042D3422F1C2B] - |A| - [15/09/2018 09:28:22] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.png [MD5.65D9B2F2891A51BE7260DCFDA1198FA5] - |A| - [19/03/2019 02:33:18] - (.Copyright (C) 2015 - IntelCpHDCPSvc Executable.) - [421.03 Ko] - (1.0.0.1) - C:\WINDOWS\System32\IntelCpHDCPSvc.exe [MD5.BCAA82ADC71316DC0CA1258A65328938] - |A| - [19/03/2019 02:31:14] - (.Copyright © The Khronos Group Inc 2014 - OpenCL Client DLL.) - [89.09 Ko] - (2.0.2.0) - C:\WINDOWS\System32\Intel_OpenCL_ICD64.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [0 Ko] - C:\WINDOWS\System32\Ipmi [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [636 Ko] - C:\WINDOWS\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [513.59 Ko] - C:\WINDOWS\System32\ja-jp [MD5.23AC7515B6D8A794BCC01B582F044078] - |A| - [15/09/2018 09:28:22] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.contrast-white.png [MD5.3DF873E16CCEA9B42857FB5FA085CB00] - |A| - [15/09/2018 09:28:22] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.png [MD5.48BA9C6110A5EBA910E7FB2E7D23CFC1] - |A| - [31/08/2017 16:15:30] - (.Copyright © Kaspersky Lab ZAO 1996-2012. - Filtering Platform Helper Class.) - [107.59 Ko] - (1.0.0.12) - C:\WINDOWS\System32\klfphc.dll [MD5.128BDDCC6F352F96A533947CD4037673] - |A| - [25/04/2018 21:41:26] - (.© 2018 AO Kaspersky Lab. - System Interceptors PDK usermode service interceptor.) - [148.21 Ko] - (20.0.125.0) - C:\WINDOWS\System32\klhkum.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [485.5 Ko] - C:\WINDOWS\System32\ko-KR [MD5.9451D4436E2EA67EB33FCC764E4AABED] - |A| - [15/09/2018 09:28:39] - (.-.) - [186.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LaptopPlugInToastImg.gif [MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [15/09/2018 09:28:22] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LargeRoom.bin [MD5.157FB82D7141B18624FF2D42190C97E1] - |A| - [15/09/2018 18:39:53] - (.-.) - [1572 Ko] - (2.6.5.1) - C:\WINDOWS\System32\libcrypto.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [625.17 Ko] - C:\WINDOWS\System32\Licenses [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [2470.13 Ko] - C:\WINDOWS\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [334.5 Ko] - C:\WINDOWS\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [333 Ko] - C:\WINDOWS\System32\lv-LV [MD5.842FE246144628943AA6522C98DF0932] - |A| - [18/01/2012 06:44:26] - (.(c) 1996-2012 Logitech. - Logitech Co-Installer.) - [257.28 Ko] - (13.31.1044.0) - C:\WINDOWS\System32\lvco13311044.dll [MD5.4D4248F6D008D86D5575EE5B154971AE] - |A| - [26/10/2012 09:42:20] - (.(c) 1996-2012 Logitech. - Logitech Co-Installer.) - [256.28 Ko] - (13.80.853.0) - C:\WINDOWS\System32\lvco1380853.dll [MD5.1A8AE8A66B6C289046276453768EF270] - |A| - [26/10/2012 09:42:22] - (.-.) - [28.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\lvcoin64.ini [MD5.21A283779741ABC529EEA15B3D85B76A] - |A| - [29/08/2019 17:30:30] - (.-.) - [1.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\lvcoinst.log [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [90463.98 Ko] - C:\WINDOWS\System32\Macromed [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 18:40:28] - [32.68 Ko] - C:\WINDOWS\System32\MailContactsCalendarSync [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\WINDOWS\System32\manifeststore [MD5.038B6660B2D2F80587F36FC40CD27BA2] - |A| - [12/03/2019 08:31:32] - (.-.) - [840 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MBR2GPT.EXE [MD5.F23EB28468FC8B62AF941308EC30387F] - |A| - [15/09/2018 09:28:22] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.contrast-white.png [MD5.6E27512E38D598E0A60F8E5ADCF032CD] - |A| - [15/09/2018 09:28:22] - (.-.) - [0.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.png [MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [15/09/2018 09:28:22] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediumRoom.bin [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [15/09/2018 09:31:36] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\mmc.exe.config [MD5.B43E43FFFDD0F06A6925C7C89594042B] - |A| - [15/09/2018 09:28:22] - (.-.) - [1.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.contrast-white.png [MD5.5D2F0D3E50BF1129D260AC1405FF2A18] - |A| - [15/09/2018 09:28:22] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [31/08/2017 12:10:06] - [0 Ko] - C:\WINDOWS\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [45.5 Ko] - C:\WINDOWS\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [4148.28 Ko] - C:\WINDOWS\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [25/04/2019 20:17:43] - [6153.42 Ko] - C:\WINDOWS\System32\msmq [MD5.18403DE4979A328F21279DECB2E4298F] - |A| - [15/09/2018 09:29:36] - (.-.) - [3.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\msmqpub.mof [MD5.E0640DE5407EEE4C6E16D839243B71F9] - |A| - [15/09/2018 09:38:55] - (.-.) - [8.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\msmqtrc.mof [MD5.3ED9AC3EE11EE2C16E2E41F0DC4BAD42] - |A| - [15/09/2018 09:29:36] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\msmqtrcRemove.mof [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [20.55 Ko] - C:\WINDOWS\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [34.35 Ko] - C:\WINDOWS\System32\my-mm [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [595 Ko] - C:\WINDOWS\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [640 Ko] - C:\WINDOWS\System32\NDF [MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [15/09/2018 09:29:23] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [153 Ko] - C:\WINDOWS\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [630.5 Ko] - C:\WINDOWS\System32\nl-NL [MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 09:33:50] - [3781.5 Ko] - C:\WINDOWS\System32\Nui [MD5.529FA747D44DA283857820FF70DDD40E] - |A| - [28/01/2019 13:51:50] - (.-.) - [8505.26 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvcoproc.bin [MD5.FC03DB5A5F18FF3DBD77794E6992056F] - |A| - [09/11/2017 03:57:28] - (.-.) - [53.42 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvinfo.pb [MD5.A0E1849B746886BAA9E68451C8D51F82] - |A| - [28/01/2019 13:51:04] - (.-.) - [374.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvofapi.dll [MD5.D6C593CD240CA6EC3B248D9B719D61AA] - |A| - [12/09/2019 14:25:49] - (.-.) - [660.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvofapi64.dll [MD5.7F3D6C958422727C4EA7C247E4743C8F] - |A| - [15/09/2018 18:40:58] - (.-.) - [17.14 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OEMDefaultAssociations.xml [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [15/09/2018 09:28:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-black.png [MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [15/09/2018 09:28:39] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-white.png [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [15/09/2018 09:28:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.png [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [15971.36 Ko] - C:\WINDOWS\System32\oobe [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 18:39:53] - [3554.5 Ko] - C:\WINDOWS\System32\OpenSSH [MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [15/09/2018 09:28:22] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OutdoorAudioEnvironment.bin [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [1123.97 Ko] - C:\WINDOWS\System32\PerceptionSimulation [MD5.4A044AF6A4656C7D33D61D3C95981F9E] - |A| - [15/09/2018 09:35:59] - (.-.) - [156.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc009.dat [MD5.B2FEED68F0C723DE1CAC846D5677AED0] - |A| - [15/09/2018 18:39:07] - (.-.) - [179.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc00C.dat [MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [15/09/2018 09:35:59] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd009.dat [MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [15/09/2018 18:39:07] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd00C.dat [MD5.B57FD926114AE3DB92C55C82A3B7D058] - |A| - [15/09/2018 09:35:59] - (.-.) - [749.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh009.dat [MD5.C969D70548E8D8BEA093DCB6DD59B190] - |A| - [15/09/2018 18:39:07] - (.-.) - [847.07 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh00C.dat [MD5.A68ED07CE3C73FB12E9F24A9A034E1FE] - |A| - [25/04/2019 19:27:40] - (.-.) - [1931.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerfStringBackup.INI [MD5.79D34E3B62076D4C875C748F5BE71ECA] - |A| - [15/09/2018 09:28:22] - (.-.) - [2.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.contrast-white.png [MD5.4D9495349D00D9AD907F227FF51F289F] - |A| - [15/09/2018 09:28:22] - (.-.) - [1.92 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [630.5 Ko] - C:\WINDOWS\System32\pl-PL [MD5.CD421DDB5C6E5458CE52EDC36DE7DC5B] - |A| - [14/05/2018 16:02:13] - (.-.) - [74.37 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PnkBstrA.exe [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [437 Ko] - C:\WINDOWS\System32\PointOfService [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 18:39:06] - [420.74 Ko] - C:\WINDOWS\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [0 Ko] - C:\WINDOWS\System32\ProximityToast [MD5.007893E8374C766471239EB291BA8C17] - |A| - [15/09/2018 09:28:29] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [624.5 Ko] - C:\WINDOWS\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [627.5 Ko] - C:\WINDOWS\System32\pt-PT [MD5.70B62EA1DA9CFA6D90A2DA9EC41D910F] - |A| - [10/08/2017 05:45:30] - (.©2012 Dolby Laboratories. - Dolby PCEE4 ASL Analog x64.) - [131.05 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEA64A.dll [MD5.43D7DB63A1B8E2C6A92716CA92431F03] - |A| - [10/08/2017 05:45:32] - (.©2012 Dolby Laboratories. - Dolby PCEE4 COM DLL x64.) - [437.22 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EED64A.dll [MD5.FDC88B9A8C518DE91AAADC2E790CFC30] - |A| - [10/08/2017 05:45:32] - (.©2012 Dolby Laboratories. - Dolby PCEE4 GFX APO x64.) - [82.63 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEG64A.dll [MD5.4B21BEC216BFED6D760E4230E59B6A4A] - |A| - [10/08/2017 05:45:32] - (.©2012 Dolby Laboratories. - Dolby PCEE4 LFX APO x64.) - [148.23 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEL64A.dll [MD5.188D9AF8BD47C00688ADF2DAEE70E922] - |A| - [10/08/2017 05:45:28] - (.©2012 Dolby Laboratories. - Dolby PCEE4 Control Panel x64.) - [7004.8 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEP64A.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [23.75 Ko] - C:\WINDOWS\System32\ras [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [0 Ko] - C:\WINDOWS\System32\RasToast [MD5.2210F24EDC6E80B1D311B2C3641DE9FA] - |A| - [14/08/2019 11:13:23] - (.-.) - [1983.5 Ko] - (1.0.1907.17001) - C:\WINDOWS\System32\rdpnano.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [1.87 Ko] - C:\WINDOWS\System32\Recovery [MD5.826549DF7B1333179BA8CA939B12DAD3] - |A| - [15/09/2018 09:28:22] - (.-.) - [1.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.contrast-white.png [MD5.B4DEEC96F9DF6961D5DE054F11BF9C2B] - |A| - [15/09/2018 09:28:22] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.png [MD5.C6CA43573C21CA6392F57F238C8391FC] - |A| - [26/10/2012 09:42:20] - (.-.) - [39.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Repository.reg [MD5.DA9D442C05D54D24E103DBFFAC9966B8] - |A| - [31/08/2017 11:40:57] - (.-.) - [158.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resARA.cui [MD5.24D7767BB5A92CFC45AFB907AF0447B1] - |A| - [31/08/2017 11:40:57] - (.-.) - [142.72 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resCHS.cui [MD5.EFDD4AE7B4DA2A12F271B336FEE228D7] - |A| - [31/08/2017 11:40:57] - (.-.) - [143.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resCHT.cui [MD5.D57346699D8C8EAAD62E41A1A9D9D1CE] - |A| - [31/08/2017 11:40:56] - (.-.) - [149.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resCSY.cui [MD5.F0681F1F1A17A9953EA6DA51D07C3298] - |A| - [31/08/2017 11:40:57] - (.-.) - [146.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resDAN.cui [MD5.2E95E4FD1A0C19EB2D1A25742D2F7581] - |A| - [31/08/2017 11:40:57] - (.-.) - [151.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resDEU.cui [MD5.6F2989FD566FAD45AA824D79B8AB8E9F] - |A| - [31/08/2017 11:40:57] - (.-.) - [175.94 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resELL.cui [MD5.07C7409BF9BB0DE0681BE2E37D345DD2] - |A| - [31/08/2017 11:40:56] - (.-.) - [145.27 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resENU.cui [MD5.FFBB4443F5C6922CC8AE04570B79118A] - |A| - [31/08/2017 11:40:56] - (.-.) - [150.99 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resESN.cui [MD5.6EE746C67B97FF4C25E5DB7BE30DADCC] - |A| - [31/08/2017 11:40:57] - (.-.) - [148.99 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resFIN.cui [MD5.DEC50C7FDACD4FEF048AE8DEA92E220B] - |A| - [31/08/2017 11:40:57] - (.-.) - [153.02 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resFRA.cui [MD5.85136AD4C6402CDA519A828BFF030F70] - |A| - [31/08/2017 11:40:57] - (.-.) - [157.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resHEB.cui [MD5.A2F79431CA041236B28953372961DD55] - |A| - [31/08/2017 11:40:56] - (.-.) - [148.57 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resHRV.cui [MD5.339A69E190849AB09618CBBC6A4941D5] - |A| - [31/08/2017 11:40:56] - (.-.) - [153 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resHUN.cui [MD5.B0353388F1E5EC15476F04415D9CD709] - |A| - [31/08/2017 11:40:57] - (.-.) - [151.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resITA.cui [MD5.07A03EACD63BDB7E26D19AAB9E8EE965] - |A| - [31/08/2017 11:40:56] - (.-.) - [157.49 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resJPN.cui [MD5.6506FA437D5442067A5490453E02C6B4] - |A| - [31/08/2017 11:40:56] - (.-.) - [151.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resKOR.cui [MD5.CE0213536A9B322659B082E7315A81F4] - |A| - [31/08/2017 11:40:57] - (.-.) - [150.24 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resNLD.cui [MD5.9FC32F05EFEDC9E2DFEBA5CF25E702C4] - |A| - [31/08/2017 11:40:56] - (.-.) - [147.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resNOR.cui [MD5.3674D10DDF9C6469C9FDC9DAA6B05A9D] - |A| - [31/08/2017 11:40:56] - (.-.) - [150.57 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resPLK.cui [MD5.93915F385A4EED6C0FBEE364EA90CE56] - |A| - [15/09/2018 09:29:25] - (.-.) - [9.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageList [MD5.93915F385A4EED6C0FBEE364EA90CE56] - |A| - [15/09/2018 09:29:25] - (.-.) - [9.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageListLowCost [MD5.39A2449AFF6ABAD80B97EA7C7CEB3F8E] - |A| - [15/09/2018 09:29:25] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageList [MD5.39A2449AFF6ABAD80B97EA7C7CEB3F8E] - |A| - [15/09/2018 09:29:25] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageListLowCost [MD5.F07A45C9D036F7550F474C5DF497D159] - |A| - [31/08/2017 11:40:56] - (.-.) - [149.69 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resPTB.cui [MD5.13D95CCB47B9217BB974AD5C67DBAD31] - |A| - [31/08/2017 11:40:56] - (.-.) - [149.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resPTG.cui [MD5.2C17E210566467F0458F452BF67C306A] - |A| - [31/08/2017 11:40:56] - (.-.) - [151.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resROM.cui [MD5.9AE787133FEC857E16559907E2968C38] - |A| - [31/08/2017 11:40:56] - (.-.) - [171.89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resRUS.cui [MD5.D30155B657A00FA9A8E472C3E36306B9] - |A| - [31/08/2017 11:40:56] - (.-.) - [150.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resSKY.cui [MD5.A357B3A6A1C6FCD8A8D5B65297F5FE55] - |A| - [31/08/2017 11:40:56] - (.-.) - [147.96 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resSLV.cui [MD5.44B2E46215B39D32064C52E2B785D2E6] - |A| - [31/08/2017 11:40:56] - (.-.) - [148.13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resSVE.cui [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [15/09/2018 09:28:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-black.png [MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [15/09/2018 09:28:39] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-white.png [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [15/09/2018 09:28:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.png [MD5.AE9FE55FED83149715734CB83339055A] - |A| - [14/08/2019 11:13:27] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartTonight_80.png [MD5.AE9FE55FED83149715734CB83339055A] - |A| - [14/08/2019 11:13:27] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartTonight_80_contrast-black.png [MD5.891AD355AB777A95695FC8A8A623A614] - |A| - [14/08/2019 11:13:27] - (.-.) - [0.98 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartTonight_80_contrast-white.png [MD5.C20A7C24C0D0A2C7E6F858D071BBD4E3] - |A| - [31/08/2017 11:40:57] - (.-.) - [182.96 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resTHA.cui [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [0.07 Ko] - C:\WINDOWS\System32\restore [MD5.A63A0911148E7F161DF20AD39CBA4BF3] - |A| - [31/08/2017 11:40:56] - (.-.) - [149.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\resTRK.cui [MD5.A85F27598A105C3CDF3F7F670C7CCB7B] - |A| - [31/08/2017 11:55:37] - (.-.) - [20.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\results.xml [MD5.903B8789D3B79CB091B627E75F609A7A] - |A| - [20/01/2011 13:32:51] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RTSLCS.dll [MD5.8AA05F502FCF586AFEA8E5C4AFB19AEB] - |A| - [15/09/2018 09:28:46] - (.-.) - [56.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\runexehelper.exe [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [15/09/2018 09:29:46] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScavengeSpace.xml [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [15/09/2018 09:28:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-black.png [MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [15/09/2018 09:28:39] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-white.png [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [15/09/2018 09:28:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.png [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [6.92 Ko] - C:\WINDOWS\System32\SecureBootUpdates [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [15/09/2018 09:28:26] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\settings.dat [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [68.05 Ko] - C:\WINDOWS\System32\Sgrm [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [2304 Ko] - C:\WINDOWS\System32\ShellExperiences [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [23.7 Ko] - C:\WINDOWS\System32\si-lk [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [340 Ko] - C:\WINDOWS\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [336.5 Ko] - C:\WINDOWS\System32\sl-SI [MD5.00000000000000000000000000000000] - |D| - [25/04/2019 19:25:56] - [84238.34 Ko] - C:\WINDOWS\System32\SleepStudy [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 18:39:06] - [52.14 Ko] - C:\WINDOWS\System32\slmgr [MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [15/09/2018 09:28:22] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:09:26] - [14513.02 Ko] - C:\WINDOWS\System32\SMI [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [15/09/2018 09:28:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-black.png [MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [15/09/2018 09:28:39] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-white.png [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [15/09/2018 09:28:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.png [MD5.DE3EAAF17BC934C77C4FC0C626EEA03B] - |A| - [15/09/2018 09:28:22] - (.-.) - [1.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.contrast-white.png [MD5.3308374DB8D20CFDA4D4204E2B5E559E] - |A| - [15/09/2018 09:28:22] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.png [MD5.D7C806511EE5CD3E3F9FB0D26957EBED] - |A| - [15/09/2018 09:29:24] - (.-.) - [37.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpectrumSyncClient.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [7564.02 Ko] - C:\WINDOWS\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [12345.23 Ko] - C:\WINDOWS\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [139193.21 Ko] - C:\WINDOWS\System32\spool [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [6488.59 Ko] - C:\WINDOWS\System32\spp [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [23.61 Ko] - C:\WINDOWS\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [0 Ko] - C:\WINDOWS\System32\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [338.5 Ko] - C:\WINDOWS\System32\sr-Latn-RS [MD5.2E00E08420875FAE0B173C6A34C2A575] - |A| - [15/09/2018 09:29:25] - (.-.) - [18.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms-apr.dat [MD5.EA8B12C5A67ADC1FE689FF886BD4CB7E] - |A| - [14/08/2019 11:13:56] - (.-.) - [57.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms.dat [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [44184 Ko] - C:\WINDOWS\System32\sru [MD5.DE63BBC4AF740A7D0C379A9D758FBCE9] - |A| - [15/09/2018 09:28:22] - (.-.) - [439 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [601 Ko] - C:\WINDOWS\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:09:28] - [1391.42 Ko] - C:\WINDOWS\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [955.28 Ko] - C:\WINDOWS\System32\SystemResetPlatform [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [10.73 Ko] - C:\WINDOWS\System32\ta-in [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [10.73 Ko] - C:\WINDOWS\System32\ta-lk [MD5.0B8821B257EEE9C01CD29C62AE9D3EF9] - |A| - [15/09/2018 09:29:16] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [49.5 Ko] - (3.3.2.0) - C:\WINDOWS\System32\tar.exe [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [860.35 Ko] - C:\WINDOWS\System32\Tasks [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [475.07 Ko] - C:\WINDOWS\System32\Tasks_Migrated [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [15/09/2018 09:28:56] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [310 Ko] - C:\WINDOWS\System32\th-TH [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [5.97 Ko] - C:\WINDOWS\System32\ti-et [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [593 Ko] - C:\WINDOWS\System32\tr-TR [MD5.B88B8D017386A00D7724519F475317A0] - |A| - [15/09/2018 09:28:26] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [15/09/2018 09:28:26] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlanCredentials.xslt [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [336.5 Ko] - C:\WINDOWS\System32\uk-UA [MD5.00000000000000000000000000000000] - |D| - [25/04/2018 18:15:21] - [4138 Ko] - C:\WINDOWS\System32\unknown [MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 09:33:50] - [2133.08 Ko] - C:\WINDOWS\System32\UNP [MD5.F729741D514ED13EF6AFCB1B568987A9] - |A| - [15/09/2018 09:28:38] - (.-.) - [44.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UsbPmApi.dll [MD5.4E34890374954C6B807D142A1CF21C1C] - |A| - [12/09/2019 14:25:55] - (.Copyright (C) 2015-2019 - Vulkan Loader.) - [988.7 Ko] - (1.1.106.0) - C:\WINDOWS\System32\vulkan-1-999-0-0-0.dll [MD5.4E34890374954C6B807D142A1CF21C1C] - |A| - [12/09/2019 14:25:55] - (.Copyright (C) 2015-2019 - Vulkan Loader.) - [988.7 Ko] - (1.1.106.0) - C:\WINDOWS\System32\vulkan-1.dll [MD5.2B3EBB84E2EF6FC09E410D6706860649] - |A| - [12/09/2019 14:25:55] - (.Copyright (C) 2015-2019 - Vulkan Info.) - [294.2 Ko] - (1.1.106.0) - C:\WINDOWS\System32\vulkaninfo-1-999-0-0-0.exe [MD5.2B3EBB84E2EF6FC09E410D6706860649] - |A| - [12/09/2019 14:25:55] - (.Copyright (C) 2015-2019 - Vulkan Info.) - [294.2 Ko] - (1.1.106.0) - C:\WINDOWS\System32\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [01/09/2017 08:25:04] - [0 Ko] - C:\WINDOWS\System32\Wat [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [80534.06 Ko] - C:\WINDOWS\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 18:39:06] - [0 Ko] - C:\WINDOWS\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [117589.79 Ko] - C:\WINDOWS\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [15/09/2018 09:28:44] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [128 Ko] - C:\WINDOWS\System32\wfp [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [1.12 Ko] - C:\WINDOWS\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [48376.75 Ko] - C:\WINDOWS\System32\WinBioPlugIns [MD5.89539DF69CB40A7D214B9EC799EF5CAA] - |A| - [15/09/2018 09:28:34] - (.-.) - [122.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [10507.8 Ko] - C:\WINDOWS\System32\WindowsPowerShell [MD5.28E98ED0B6B08B7F1D163FFD184B28AF] - |A| - [15/09/2018 09:28:26] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsSecurityIcon.png [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [197660 Ko] - C:\WINDOWS\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [6006.72 Ko] - C:\WINDOWS\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 18:39:06] - [107.53 Ko] - C:\WINDOWS\System32\winrm [MD5.F92C9F9F9FF08AE25A3CFA99329457B3] - |A| - [27/04/2010 16:57:18] - (.© 1999-2010 Logitech. - Logitech Force Feedback Driver.) - [321.07 Ko] - (5.9.129.0) - C:\WINDOWS\System32\WmJoyFrc.dll [MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [15/09/2018 09:28:24] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcmon.png [MD5.69FEC1494F4C454E994D27CA6750832B] - |A| - [15/09/2018 09:28:46] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpr.config.xml [MD5.CD70FD75FDAF5B66A3F0FD38513DA636] - |A| - [15/09/2018 09:28:30] - (.-.) - [95 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [473.49 Ko] - C:\WINDOWS\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [186.5 Ko] - C:\WINDOWS\System32\zh-HK [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [438.5 Ko] - C:\WINDOWS\System32\zh-TW [MD5.5C5A797761421CF9B72087F3BC8A5259] - |A| - [01/09/2017 08:01:09] - (.-.) - [0.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat [MD5.1373F6562D5E4C715D5D3583E350093E] - |A| - [25/04/2019 19:26:39] - (.-.) - [0.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 18:39:06] - [0 Ko] - C:\WINDOWS\SysWOW64\0409 [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 17:24:07] - [0 Ko] - C:\WINDOWS\SysWOW64\040C [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [15/09/2018 09:29:07] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [15/09/2018 09:29:07] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [15/09/2018 09:29:08] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [15/09/2018 09:29:12] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@VpnToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [15/09/2018 09:29:27] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@WirelessDisplayToast.png [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:09:31] - [1963.8 Ko] - C:\WINDOWS\SysWOW64\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [228.5 Ko] - C:\WINDOWS\SysWOW64\ar-SA [MD5.30196C11BFB7FC2F4DD2A289AFFD8A84] - |A| - [15/09/2018 09:29:27] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [521 Ko] - (3.3.2.0) - C:\WINDOWS\SysWOW64\archiveint.dll [MD5.00000000000000000000000000000000] - |D| - [25/04/2019 20:17:43] - [12.63 Ko] - C:\WINDOWS\SysWOW64\BestPractices [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [206.5 Ko] - C:\WINDOWS\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [0.1 Ko] - C:\WINDOWS\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot2 [MD5.38718C4E864DC8F8E1DB0EF3B5566FA7] - |A| - [03/09/2018 14:34:02] - (.Copyright (C) 2004/05 Sony DADC Austria AG - SecuROM Context-Menu for Explorer..) - [174.61 Ko] - (1.1.221.0) - C:\WINDOWS\SysWOW64\CmdLineExt_x64.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [317.5 Ko] - C:\WINDOWS\SysWOW64\com [MD5.1E02A122FE09272058FC1EF0B1B6265E] - |A| - [11/09/2019 12:54:42] - (.© 1996 - 2017 Daniel Stenberg, . - The curl executable.) - [377 Ko] - (7.55.1.0) - C:\WINDOWS\SysWOW64\curl.exe [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [462 Ko] - C:\WINDOWS\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [491.5 Ko] - C:\WINDOWS\SysWOW64\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [15/09/2018 09:29:03] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\DefaultAccountTile.png [MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 09:33:51] - [202.5 Ko] - C:\WINDOWS\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [7551.51 Ko] - C:\WINDOWS\SysWOW64\Dism [MD5.1E91815C329345AD54FE08BF7A98F749] - |A| - [15/09/2018 18:39:50] - (.Copyright (C) 2017 - Gracenote SDK component.) - [4073.5 Ko] - (3.10.5.5585) - C:\WINDOWS\SysWOW64\gnsdk_fp.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [217.5 Ko] - C:\WINDOWS\SysWOW64\he-IL [MD5.2E2FE36B09077A3EEBF713F3257514FC] - |A| - [15/09/2018 09:29:03] - (.-.) - [200.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [200.5 Ko] - C:\WINDOWS\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [471 Ko] - C:\WINDOWS\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [36.27 Ko] - C:\WINDOWS\SysWOW64\icsxml [MD5.93214B768B4306824547485C4F8D43DC] - |RA| - [31/05/2019 18:45:42] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1581 Ko] - (61.1.0.0) - C:\WINDOWS\SysWOW64\icuin.dll [MD5.7A55602EDBB1ECC335AA0E3FE75C2890] - |RA| - [25/04/2019 20:19:15] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1128 Ko] - (61.1.0.0) - C:\WINDOWS\SysWOW64\icuuc.dll [MD5.DC0E693807A529CCC10D1AB9126FB753] - |A| - [12/03/2019 08:31:41] - (.-.) - [577.96 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [219 Ko] - C:\WINDOWS\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [1160 Ko] - C:\WINDOWS\SysWOW64\InstallShield [MD5.F53839918398E5C75E493CC2126064C0] - |A| - [19/03/2019 02:31:14] - (.Copyright © The Khronos Group Inc 2014 - OpenCL Client DLL.) - [93.09 Ko] - (2.0.2.0) - C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\Ipmi [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [477.5 Ko] - C:\WINDOWS\SysWOW64\it-IT [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [390.5 Ko] - C:\WINDOWS\SysWOW64\ja-JP [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [389 Ko] - C:\WINDOWS\SysWOW64\ko-KR [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [625.17 Ko] - C:\WINDOWS\SysWOW64\Licenses [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\LogFiles [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [203 Ko] - C:\WINDOWS\SysWOW64\lt-LT [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [200 Ko] - C:\WINDOWS\SysWOW64\lv-LV [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [69858.28 Ko] - C:\WINDOWS\SysWOW64\Macromed [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 18:40:28] - [32.68 Ko] - C:\WINDOWS\SysWOW64\MailContactsCalendarSync [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\WINDOWS\SysWOW64\manifeststore [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [3628.78 Ko] - C:\WINDOWS\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [815.3 Ko] - C:\WINDOWS\SysWOW64\migwiz [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [15/09/2018 09:31:37] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\mmc.exe.config [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [45.5 Ko] - C:\WINDOWS\SysWOW64\MSDRM [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [52.28 Ko] - C:\WINDOWS\SysWOW64\Msdtc [MD5.18403DE4979A328F21279DECB2E4298F] - |A| - [15/09/2018 09:29:54] - (.-.) - [3.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\msmqpub.mof [MD5.E0640DE5407EEE4C6E16D839243B71F9] - |A| - [15/09/2018 09:41:19] - (.-.) - [8.88 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\msmqtrc.mof [MD5.3ED9AC3EE11EE2C16E2E41F0DC4BAD42] - |A| - [15/09/2018 09:29:54] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\msmqtrcRemove.mof [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [20.55 Ko] - C:\WINDOWS\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [461 Ko] - C:\WINDOWS\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [51 Ko] - C:\WINDOWS\SysWOW64\networklist [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [475 Ko] - C:\WINDOWS\SysWOW64\nl-NL [MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 09:33:51] - [3781.5 Ko] - C:\WINDOWS\SysWOW64\Nui [MD5.C7CD78EF83E5E7CCD999BA37E128FA91] - |A| - [12/09/2019 14:25:49] - (.-.) - [531.88 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\nvofapi.dll [MD5.B3B9C8925432FDA674ACCA908FE3CFDE] - |A| - [15/09/2018 09:40:49] - (.-.) - [36.79 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\OneDrive.ico [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [677.3 Ko] - C:\WINDOWS\SysWOW64\oobe [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [68 Ko] - C:\WINDOWS\SysWOW64\PerceptionSimulation [MD5.EEDD77CD7C7619DC202C4F1A7EC54D1B] - |A| - [31/08/2017 11:24:43] - (.-.) - [1928.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [477 Ko] - C:\WINDOWS\SysWOW64\pl-PL [MD5.3A2E85F7D90D15460C337CE80C2E3B29] - |A| - [14/05/2018 15:38:14] - (.-.) - [75.09 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PnkBstrA.exe [MD5.AEB46528F8846550636959353A269A2A] - |A| - [14/05/2018 15:38:14] - (.-.) - [275.27 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PnkBstrB.ex0 [MD5.7216827676AE6B40F7873C481B9E9446] - |A| - [14/05/2018 15:38:14] - (.-.) - [220.87 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PnkBstrB.exe [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 18:39:06] - [420.74 Ko] - C:\WINDOWS\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [474 Ko] - C:\WINDOWS\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [477 Ko] - C:\WINDOWS\SysWOW64\pt-PT [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [23.75 Ko] - C:\WINDOWS\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\RasToast [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [0.82 Ko] - C:\WINDOWS\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\restore [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [207 Ko] - C:\WINDOWS\SysWOW64\ro-RO [MD5.00000000000000000000000000000000] - |D| - [07/09/2019 20:30:51] - [2198.24 Ko] - C:\WINDOWS\SysWOW64\RTCOM [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [475.5 Ko] - C:\WINDOWS\SysWOW64\ru-RU [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [201 Ko] - C:\WINDOWS\SysWOW64\sk-SK [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [200 Ko] - C:\WINDOWS\SysWOW64\sl-SI [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 18:39:06] - [52.14 Ko] - C:\WINDOWS\SysWOW64\slmgr [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\SMI [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [4051.8 Ko] - C:\WINDOWS\SysWOW64\Speech [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [8995.62 Ko] - C:\WINDOWS\SysWOW64\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [1304.29 Ko] - C:\WINDOWS\SysWOW64\spp [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [23.61 Ko] - C:\WINDOWS\SysWOW64\sppui [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\WINDOWS\SysWOW64\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [200.5 Ko] - C:\WINDOWS\SysWOW64\sr-Latn-RS [MD5.2E00E08420875FAE0B173C6A34C2A575] - |A| - [15/09/2018 09:29:33] - (.-.) - [18.28 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\srms-apr.dat [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\sru [MD5.2A9EB39951763761E55D46BFEB595AEB] - |A| - [15/09/2018 09:29:00] - (.-.) - [319.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [462.5 Ko] - C:\WINDOWS\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 18:39:06] - [0 Ko] - C:\WINDOWS\SysWOW64\sysprep [MD5.8E49D76E21295D010FF0803D65928F5A] - |A| - [15/09/2018 09:29:28] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [42.5 Ko] - (3.3.2.0) - C:\WINDOWS\SysWOW64\tar.exe [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [185 Ko] - C:\WINDOWS\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [457 Ko] - C:\WINDOWS\SysWOW64\tr-TR [MD5.A88B20DABDA28A87D3C9FFA453ED2205] - |A| - [16/01/2019 17:14:25] - (.(C) 1993-2009 TWAIN Working Group. - TWAIN 32 Source Manager (Image Acquisition Interface).) - [144.02 Ko] - (2.1.4.0) - C:\WINDOWS\SysWOW64\twaindsm.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [202.5 Ko] - C:\WINDOWS\SysWOW64\uk-UA [MD5.182305604A1CD975A05B592E0D2D4D90] - |A| - [12/09/2019 14:25:55] - (.Copyright (C) 2015-2019 - Vulkan Loader.) - [855.7 Ko] - (1.1.106.0) - C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll [MD5.182305604A1CD975A05B592E0D2D4D90] - |A| - [12/09/2019 14:25:55] - (.Copyright (C) 2015-2019 - Vulkan Loader.) - [855.7 Ko] - (1.1.106.0) - C:\WINDOWS\SysWOW64\vulkan-1.dll [MD5.2417683012B0BAC92436313D6B036993] - |A| - [12/09/2019 14:25:55] - (.Copyright (C) 2015-2019 - Vulkan Info.) - [266.7 Ko] - (1.1.106.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe [MD5.2417683012B0BAC92436313D6B036993] - |A| - [12/09/2019 14:25:55] - (.Copyright (C) 2015-2019 - Vulkan Info.) - [266.7 Ko] - (1.1.106.0) - C:\WINDOWS\SysWOW64\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [01/09/2017 08:25:04] - [0 Ko] - C:\WINDOWS\SysWOW64\Wat [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [15810.72 Ko] - C:\WINDOWS\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 18:39:06] - [0 Ko] - C:\WINDOWS\SysWOW64\WCN [MD5.F884B2B3047C6A61B21540CEAACC53BC] - |A| - [15/09/2018 09:29:03] - (.-.) - [104.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [9390.73 Ko] - C:\WINDOWS\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [6004.44 Ko] - C:\WINDOWS\SysWOW64\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 18:39:06] - [107.53 Ko] - C:\WINDOWS\SysWOW64\winrm [MD5.B5CD782B6F7F477C615464E900B16909] - |A| - [27/04/2010 14:02:12] - (.© 1999-2010 Logitech. - Logitech Force Feedback Driver.) - [249.57 Ko] - (5.9.129.0) - C:\WINDOWS\SysWOW64\WmJoyF32.dll [MD5.4CC6C2D85CE89C54905BAEFCA1A0AA95] - |A| - [15/09/2018 09:29:03] - (.-.) - [62 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [11/09/2018 17:14:35] - [137.63 Ko] - C:\WINDOWS\SysWOW64\xlive [MD5.9C996FDA7D3F28B19A5049D30AA73DC4] - |A| - [20/02/2014 18:14:02] - (.-.) - [175.17 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xlive.dll.cat [MD5.00000000000000000000000000000000] - |D| - [25/04/2019 20:17:43] - [10.14 Ko] - C:\WINDOWS\SysWOW64\XPSViewer [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [365 Ko] - C:\WINDOWS\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [186.5 Ko] - C:\WINDOWS\SysWOW64\zh-HK [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:51] - [366.5 Ko] - C:\WINDOWS\SysWOW64\zh-TW [MD5.7086037865973F6F5FAEE3FCA203A29A] - |A| - [01/05/2019 16:11:17] - (.-.) - [8.26 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ÷ØÙÚÛÜÝÞ ---------- | [Mosheur] [14/10/2017 15:18:28] - |D| - [397885] - C:\Users\Mosheur\.gimp-2.8 [26/03/2018 17:16:22] - |A| - [189] - C:\Users\Mosheur\.gtk-bookmarks [31/08/2017 16:40:29] - |D| - [0] - C:\Users\Mosheur\.Origin [31/08/2017 16:40:29] - |D| - [0] - C:\Users\Mosheur\.QtWebEngineProcess [14/10/2017 15:19:59] - |D| - [0] - C:\Users\Mosheur\.thumbnails [25/04/2019 19:31:08] - |RD| - [298] - C:\Users\Mosheur\3D Objects [26/01/2018 14:10:31] - |D| - [0] - C:\Users\Mosheur\ansel [25/04/2019 19:27:59] - |HD| - [5430979391] - C:\Users\Mosheur\AppData [25/04/2019 19:27:59] - |SHD| - [0] - C:\Users\Mosheur\Application Data [31/08/2017 11:14:11] - |RD| - [58511] - C:\Users\Mosheur\Contacts [25/04/2019 19:27:59] - |SHD| - [0] - C:\Users\Mosheur\Cookies [31/08/2017 11:14:08] - |D| - [6788638044] - C:\Users\Mosheur\Desktop [31/08/2017 11:14:08] - |RD| - [913842101] - C:\Users\Mosheur\Documents [31/08/2017 11:14:08] - |RD| - [41753732] - C:\Users\Mosheur\Downloads [31/08/2017 11:14:08] - |RD| - [4248] - C:\Users\Mosheur\Favorites [16/12/2017 20:01:05] - |D| - [575019613] - C:\Users\Mosheur\Google Drive [31/08/2017 11:35:56] - |D| - [4349530] - C:\Users\Mosheur\Intel [01/09/2017 10:01:40] - |SHD| - [25308] - C:\Users\Mosheur\IntelGraphicsProfiles [31/08/2017 11:14:08] - |RD| - [2498] - C:\Users\Mosheur\Links [25/04/2019 19:27:59] - |SHD| - [0] - C:\Users\Mosheur\Local Settings [02/07/2018 14:41:33] - |D| - [324] - C:\Users\Mosheur\LOCAL_APPDATA_FONTCONFIG_CACHE [25/04/2019 19:27:59] - |SHD| - [0] - C:\Users\Mosheur\Menu Démarrer [25/04/2019 19:27:59] - |SHD| - [0] - C:\Users\Mosheur\Mes documents [25/04/2019 19:31:29] - |HD| - [3158247] - C:\Users\Mosheur\MicrosoftEdgeBackups [25/04/2019 19:27:59] - |SHD| - [0] - C:\Users\Mosheur\Modèles [31/08/2017 11:14:08] - |RD| - [1165] - C:\Users\Mosheur\Music [25/04/2019 19:27:59] - |AH| - [4980736] - C:\Users\Mosheur\NTUSER.DAT [25/04/2019 19:27:59] - |ASH| - [1662976] - C:\Users\Mosheur\ntuser.dat.LOG1 [25/04/2019 19:27:59] - |ASH| - [98304] - C:\Users\Mosheur\ntuser.dat.LOG2 [25/04/2019 19:27:59] - |ASH| - [65536] - C:\Users\Mosheur\NTUSER.DAT{1c3790b4-b8ad-11e8-aa21-e41d2d101530}.TM.blf [25/04/2019 19:27:59] - |ASH| - [524288] - C:\Users\Mosheur\NTUSER.DAT{1c3790b4-b8ad-11e8-aa21-e41d2d101530}.TMContainer00000000000000000001.regtrans-ms [25/04/2019 19:27:59] - |ASH| - [524288] - C:\Users\Mosheur\NTUSER.DAT{1c3790b4-b8ad-11e8-aa21-e41d2d101530}.TMContainer00000000000000000002.regtrans-ms [25/04/2019 19:30:59] - |SH| - [20] - C:\Users\Mosheur\ntuser.ini [25/04/2019 19:42:41] - |RAD| - [2531664] - C:\Users\Mosheur\OneDrive [31/08/2017 11:14:08] - |RD| - [398466933] - C:\Users\Mosheur\Pictures [25/04/2019 19:27:59] - |SHD| - [0] - C:\Users\Mosheur\Recent [31/08/2017 11:14:08] - |RD| - [39728399] - C:\Users\Mosheur\Saved Games [31/08/2017 11:14:17] - |RD| - [2815] - C:\Users\Mosheur\Searches [25/04/2019 19:27:59] - |SHD| - [0] - C:\Users\Mosheur\SendTo [13/10/2017 13:18:25] - |A| - [367] - C:\Users\Mosheur\Sti_Trace.log [01/09/2017 10:55:29] - |D| - [81920] - C:\Users\Mosheur\Tracing [31/08/2017 11:14:08] - |RD| - [30125542] - C:\Users\Mosheur\Videos [25/04/2019 19:27:59] - |SHD| - [0] - C:\Users\Mosheur\Voisinage d'impression [25/04/2019 19:27:59] - |SHD| - [0] - C:\Users\Mosheur\Voisinage réseau [02/06/2019 16:10:15] - |A| - [3117952] - C:\Users\Mosheur\ZHPCleaner.exe [10/09/2017 17:47:56] - |A| - [2839424] - C:\Users\Mosheur\ZHPDiag3.exe [25/04/2019 19:27:59] - |D| - [3571220003] - C:\Users\Mosheur\AppData\Local [31/08/2017 11:23:48] - |D| - [0] - C:\Users\Mosheur\AppData\LocalGoogle [31/08/2017 11:14:08] - |D| - [315584420] - C:\Users\Mosheur\AppData\LocalLow [25/04/2019 19:27:59] - |D| - [1544174967] - C:\Users\Mosheur\AppData\Roaming [03/03/2019 18:45:05] - |D| - [18993048] - C:\Users\Mosheur\AppData\Local\2K [24/11/2017 19:49:13] - |D| - [8485] - C:\Users\Mosheur\AppData\Local\4A Games [01/09/2017 17:11:08] - |D| - [2148374] - C:\Users\Mosheur\AppData\Local\Adobe [25/04/2019 19:27:59] - |SHD| - [0] - C:\Users\Mosheur\AppData\Local\Application Data [16/08/2018 23:46:02] - |D| - [1] - C:\Users\Mosheur\AppData\Local\BattlEye [03/03/2019 18:45:06] - |D| - [19171] - C:\Users\Mosheur\AppData\Local\cache [01/07/2019 21:29:02] - |D| - [2706] - C:\Users\Mosheur\AppData\Local\CAPCOM [31/08/2017 16:37:28] - |D| - [5602027] - C:\Users\Mosheur\AppData\Local\CEF [25/04/2019 19:41:09] - |D| - [44349735] - C:\Users\Mosheur\AppData\Local\Comms [25/04/2019 19:31:00] - |D| - [3349889] - C:\Users\Mosheur\AppData\Local\ConnectedDevicesPlatform [30/01/2018 21:07:43] - |D| - [5864332] - C:\Users\Mosheur\AppData\Local\Corsair [26/02/2019 14:59:03] - |D| - [49324] - C:\Users\Mosheur\AppData\Local\CorsairOsdLauncher [22/09/2017 10:10:53] - |D| - [0] - C:\Users\Mosheur\AppData\Local\CrashDumps [05/01/2018 17:18:37] - |D| - [8040917] - C:\Users\Mosheur\AppData\Local\Criterion Games [25/04/2019 19:40:10] - |D| - [1948412] - C:\Users\Mosheur\AppData\Local\D3DSCache [27/04/2019 16:07:58] - |D| - [0] - C:\Users\Mosheur\AppData\Local\DBG [31/08/2017 11:17:37] - |D| - [108316] - C:\Users\Mosheur\AppData\Local\Diagnostics [01/09/2017 10:42:37] - |D| - [351551413] - C:\Users\Mosheur\AppData\Local\Discord [14/10/2017 15:18:29] - |D| - [2854884] - C:\Users\Mosheur\AppData\Local\fontconfig [15/09/2017 16:50:07] - |D| - [8262] - C:\Users\Mosheur\AppData\Local\Garmin_Ltd._or_its_subsid [14/10/2017 15:18:28] - |D| - [660] - C:\Users\Mosheur\AppData\Local\gegl-0.2 [05/09/2019 18:36:33] - |D| - [2007] - C:\Users\Mosheur\AppData\Local\GOG.com [31/08/2017 11:23:47] - |D| - [721819645] - C:\Users\Mosheur\AppData\Local\Google [03/03/2018 12:26:24] - |D| - [3939272] - C:\Users\Mosheur\AppData\Local\GoToAssist Corporate [14/10/2017 15:44:57] - |D| - [202] - C:\Users\Mosheur\AppData\Local\gtk-2.0 [25/04/2019 19:27:59] - |SHD| - [0] - C:\Users\Mosheur\AppData\Local\Historique [23/08/2019 21:44:44] - |AH| - [136494] - C:\Users\Mosheur\AppData\Local\IconCache.db [24/11/2017 15:37:24] - |D| - [106] - C:\Users\Mosheur\AppData\Local\id Software [30/05/2018 13:03:11] - |D| - [6080140] - C:\Users\Mosheur\AppData\Local\Kaspersky Lab [18/09/2019 19:05:13] - |D| - [737] - C:\Users\Mosheur\AppData\Local\keepassxc [03/06/2018 18:24:28] - |D| - [2993] - C:\Users\Mosheur\AppData\Local\Logitech [20/02/2018 20:15:25] - |D| - [2914129] - C:\Users\Mosheur\AppData\Local\Logitech® Webcam Software [22/08/2018 19:38:03] - |D| - [776360] - C:\Users\Mosheur\AppData\Local\mbam [12/03/2019 12:20:31] - |D| - [235676] - C:\Users\Mosheur\AppData\Local\mbamtray [25/04/2019 19:27:59] - |D| - [413779290] - C:\Users\Mosheur\AppData\Local\Microsoft [25/04/2019 19:31:19] - |D| - [68704] - C:\Users\Mosheur\AppData\Local\MicrosoftEdge [17/01/2019 20:43:24] - |D| - [24056935] - C:\Users\Mosheur\AppData\Local\Mozilla [03/03/2019 18:45:23] - |D| - [0] - C:\Users\Mosheur\AppData\Local\My Games [12/12/2018 19:09:50] - |D| - [2506944] - C:\Users\Mosheur\AppData\Local\Notepad++ [26/01/2018 14:17:21] - |D| - [440400266] - C:\Users\Mosheur\AppData\Local\NVIDIA [01/09/2017 13:19:38] - |D| - [173336387] - C:\Users\Mosheur\AppData\Local\NVIDIA Corporation [26/04/2019 19:08:39] - |D| - [0] - C:\Users\Mosheur\AppData\Local\OneDrive [04/12/2018 16:46:02] - |D| - [37001668] - C:\Users\Mosheur\AppData\Local\Opera Software [02/09/2017 15:02:20] - |D| - [114798794] - C:\Users\Mosheur\AppData\Local\Origin [25/04/2019 19:31:04] - |D| - [450402813] - C:\Users\Mosheur\AppData\Local\Packages [25/04/2019 19:45:16] - |D| - [151707] - C:\Users\Mosheur\AppData\Local\PlaceholderTileLogoFolder [18/02/2018 19:15:18] - |D| - [59737] - C:\Users\Mosheur\AppData\Local\PoolNationFX [30/04/2019 16:37:18] - |D| - [5315347] - C:\Users\Mosheur\AppData\Local\PrivaZer [11/09/2017 18:54:20] - |D| - [403197977] - C:\Users\Mosheur\AppData\Local\Programs [25/04/2019 19:31:13] - |D| - [12207423] - C:\Users\Mosheur\AppData\Local\Publishers [14/05/2018 15:52:13] - |D| - [3625093] - C:\Users\Mosheur\AppData\Local\PunkBuster [05/09/2019 18:36:13] - |D| - [31] - C:\Users\Mosheur\AppData\Local\Rebellion [15/09/2018 21:13:18] - |A| - [910] - C:\Users\Mosheur\AppData\Local\recently-used.xbel [04/01/2019 16:05:25] - |D| - [939] - C:\Users\Mosheur\AppData\Local\redout [02/07/2018 14:41:04] - |A| - [7617] - C:\Users\Mosheur\AppData\Local\resmon.resmoncfg [17/06/2018 13:10:53] - |D| - [3774195] - C:\Users\Mosheur\AppData\Local\Rockstar Games [29/03/2018 21:50:47] - |D| - [851464] - C:\Users\Mosheur\AppData\Local\RootsofInsanity [08/02/2019 18:59:48] - |D| - [2813] - C:\Users\Mosheur\AppData\Local\Seiko_Epson_Corporation [27/11/2017 15:02:11] - |D| - [4096] - C:\Users\Mosheur\AppData\Local\Sniper Elite Nazi Zombie Army 2 [05/09/2019 18:36:30] - |D| - [3150986] - C:\Users\Mosheur\AppData\Local\Sniper Elite V2 Remastered [31/05/2019 18:20:07] - |D| - [18744385] - C:\Users\Mosheur\AppData\Local\Sniper3 [27/04/2018 18:32:22] - |D| - [62916149] - C:\Users\Mosheur\AppData\Local\SniperElite4 [10/09/2018 15:23:26] - |D| - [31] - C:\Users\Mosheur\AppData\Local\SniperV2 [19/07/2019 17:31:38] - |D| - [940] - C:\Users\Mosheur\AppData\Local\speech [01/09/2017 10:42:37] - |D| - [7098] - C:\Users\Mosheur\AppData\Local\SquirrelTemp [31/08/2017 16:37:28] - |D| - [199342260] - C:\Users\Mosheur\AppData\Local\Steam [08/02/2018 18:56:19] - |D| - [0] - C:\Users\Mosheur\AppData\Local\Targem [02/04/2018 14:26:30] - |D| - [12444956] - C:\Users\Mosheur\AppData\Local\techland [25/04/2019 19:27:59] - |D| - [1760466] - C:\Users\Mosheur\AppData\Local\Temp [25/04/2019 19:27:59] - |SHD| - [0] - C:\Users\Mosheur\AppData\Local\Temporary Internet Files [31/08/2017 16:53:47] - |D| - [5409] - C:\Users\Mosheur\AppData\Local\Ubisoft Game Launcher [13/02/2018 18:58:02] - |D| - [81] - C:\Users\Mosheur\AppData\Local\UnrealEngine [31/08/2017 11:14:10] - |D| - [0] - C:\Users\Mosheur\AppData\Local\VirtualStore [28/08/2019 16:06:38] - |D| - [2533162] - C:\Users\Mosheur\AppData\Local\Warframe [05/10/2018 14:10:38] - |D| - [2914002] - C:\Users\Mosheur\AppData\Local\WB Games [14/10/2017 15:23:52] - |D| - [17408] - C:\Users\Mosheur\AppData\Local\webkit [16/09/2017 17:56:27] - |D| - [0] - C:\Users\Mosheur\AppData\Local\Windows Live [15/09/2017 12:30:01] - |D| - [82] - C:\Users\Mosheur\AppData\Local\Wondershare [09/09/2017 12:12:35] - |D| - [998706] - C:\Users\Mosheur\AppData\Local\ZHP [03/09/2017 18:14:26] - |D| - [5388] - C:\Users\Mosheur\AppData\Local\Zombie Army Trilogy [16/12/2017 20:34:32] - |D| - [19627] - C:\Users\Mosheur\AppData\Local\{003ACA6A-C058-424D-B955-A82DE5375C64} [01/09/2017 17:12:18] - |D| - [21173859] - C:\Users\Mosheur\AppData\LocalLow\Adobe [31/05/2019 17:49:57] - |D| - [1282] - C:\Users\Mosheur\AppData\LocalLow\Home Net Games [31/08/2017 11:16:46] - |D| - [2360632] - C:\Users\Mosheur\AppData\LocalLow\Microsoft [16/12/2017 20:44:01] - |D| - [0] - C:\Users\Mosheur\AppData\LocalLow\Mozilla [21/10/2018 14:26:41] - |D| - [103363] - C:\Users\Mosheur\AppData\LocalLow\Noble Empire [18/10/2018 21:30:13] - |D| - [4769652] - C:\Users\Mosheur\AppData\LocalLow\Pipeworks [09/04/2018 13:22:16] - |D| - [16666205] - C:\Users\Mosheur\AppData\LocalLow\Robot Riot [10/06/2018 16:34:19] - |D| - [15377] - C:\Users\Mosheur\AppData\LocalLow\Sun [08/02/2019 19:06:00] - |D| - [0] - C:\Users\Mosheur\AppData\LocalLow\Temp [21/10/2018 14:26:43] - |D| - [270494050] - C:\Users\Mosheur\AppData\LocalLow\Unity [09/04/2018 13:23:04] - |D| - [0] - C:\Users\Mosheur\AppData\Roaming\.mono [03/03/2019 18:45:12] - |D| - [26] - C:\Users\Mosheur\AppData\Roaming\2K [01/09/2017 09:06:50] - |D| - [3665823] - C:\Users\Mosheur\AppData\Roaming\Adobe [27/02/2018 18:57:17] - |D| - [5348] - C:\Users\Mosheur\AppData\Roaming\com.playsaurus.heroclicker [12/06/2018 16:39:31] - |D| - [482] - C:\Users\Mosheur\AppData\Roaming\com.valve.FTP [30/01/2018 19:43:55] - |D| - [8770240] - C:\Users\Mosheur\AppData\Roaming\Corsair [01/09/2017 10:42:42] - |D| - [328642911] - C:\Users\Mosheur\AppData\Roaming\discord [25/08/2019 16:09:21] - |D| - [2249380] - C:\Users\Mosheur\AppData\Roaming\EasyAntiCheat [13/10/2017 13:21:57] - |D| - [873909] - C:\Users\Mosheur\AppData\Roaming\EPSON [18/10/2018 13:31:33] - |D| - [1991] - C:\Users\Mosheur\AppData\Roaming\Fatshark [24/10/2017 14:30:11] - |D| - [2050388] - C:\Users\Mosheur\AppData\Roaming\FiraxisLive [15/09/2017 16:50:07] - |D| - [0] - C:\Users\Mosheur\AppData\Roaming\Garmin [31/08/2017 11:37:14] - |D| - [0] - C:\Users\Mosheur\AppData\Roaming\Google [04/01/2019 14:10:19] - |D| - [548] - C:\Users\Mosheur\AppData\Roaming\HD Tune Pro [31/08/2017 11:14:12] - |D| - [0] - C:\Users\Mosheur\AppData\Roaming\Identities [01/05/2019 14:40:05] - |D| - [0] - C:\Users\Mosheur\AppData\Roaming\InstallShield [31/08/2017 11:49:35] - |D| - [1362] - C:\Users\Mosheur\AppData\Roaming\Intel Corporation [18/09/2019 19:31:41] - |D| - [3850] - C:\Users\Mosheur\AppData\Roaming\KeePass [20/02/2018 20:12:24] - |D| - [345] - C:\Users\Mosheur\AppData\Roaming\Leadertech [09/12/2017 19:40:36] - |D| - [4498] - C:\Users\Mosheur\AppData\Roaming\Logishrd [09/12/2017 19:35:59] - |D| - [0] - C:\Users\Mosheur\AppData\Roaming\Logitech [24/11/2017 11:47:45] - |D| - [49248187] - C:\Users\Mosheur\AppData\Roaming\Macromedia [31/08/2017 11:14:08] - |D| - [0] - C:\Users\Mosheur\AppData\Roaming\Media Center Programs [25/04/2019 19:27:59] - |SD| - [103040376] - C:\Users\Mosheur\AppData\Roaming\Microsoft [16/12/2017 20:44:00] - |D| - [68162094] - C:\Users\Mosheur\AppData\Roaming\Mozilla [12/12/2018 19:09:49] - |D| - [3368088] - C:\Users\Mosheur\AppData\Roaming\Notepad++ [31/05/2019 18:27:08] - |D| - [50215] - C:\Users\Mosheur\AppData\Roaming\NVIDIA [05/04/2018 17:55:27] - |D| - [38367934] - C:\Users\Mosheur\AppData\Roaming\OpenOffice [04/12/2018 16:45:51] - |D| - [557064099] - C:\Users\Mosheur\AppData\Roaming\Opera Software [02/09/2017 15:04:08] - |D| - [95878] - C:\Users\Mosheur\AppData\Roaming\Origin [17/06/2018 13:10:43] - |RHD| - [10583] - C:\Users\Mosheur\AppData\Roaming\SecuROM [01/09/2017 10:55:29] - |D| - [88096486] - C:\Users\Mosheur\AppData\Roaming\Skype [22/07/2019 10:10:40] - |D| - [0] - C:\Users\Mosheur\AppData\Roaming\Sun [01/09/2017 10:33:36] - |D| - [774] - C:\Users\Mosheur\AppData\Roaming\TeamViewer [29/09/2017 12:29:04] - |D| - [2721582] - C:\Users\Mosheur\AppData\Roaming\TS3Client [16/09/2017 17:23:28] - |D| - [99134] - C:\Users\Mosheur\AppData\Roaming\vlc [02/09/2017 14:19:25] - |D| - [12] - C:\Users\Mosheur\AppData\Roaming\WinRAR [16/09/2017 17:50:48] - |D| - [4] - C:\Users\Mosheur\AppData\Roaming\WMM [09/09/2017 12:12:35] - |D| - [287578420] - C:\Users\Mosheur\AppData\Roaming\ZHP [31/08/2017 11:14:17] - |SH| - [174] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [25/04/2019 19:27:59] - |SHD| - [0] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [31/08/2017 11:14:08] - |RD| - [42837] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [25/04/2019 19:27:59] - |RD| - [3888] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [25/04/2019 19:27:59] - |RD| - [4231] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [31/08/2017 11:14:17] - |RD| - [174] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [08/02/2018 18:55:49] - |D| - [1940] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crossout [25/04/2019 19:27:59] - |SH| - [264] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [01/09/2017 10:42:42] - |D| - [2186] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc [25/04/2019 19:27:59] - |D| - [170] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [25/04/2019 20:01:06] - |A| - [438] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mosheur (F).lnk [04/12/2018 16:46:02] - |A| - [1436] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk [25/04/2019 19:27:59] - |A| - [2444] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [01/05/2019 12:18:38] - |A| - [674] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Origin.lnk [30/04/2019 16:37:18] - |D| - [4036] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer [22/08/2019 18:38:28] - |A| - [953] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk [31/08/2017 11:14:17] - |RD| - [1115] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [25/04/2019 19:27:59] - |RD| - [4913] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [04/05/2019 17:56:17] - |A| - [233] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tom Clancy's Rainbow Six Siege.url [31/08/2017 16:53:47] - |D| - [1905] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft [25/04/2019 19:27:59] - |RD| - [7536] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [19/12/2017 17:43:36] - |D| - [4301] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [31/08/2017 11:14:17] - |SH| - [174] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [07/06/2019 18:19:17] - |A| - [941] - C:\Users\Mosheur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk ---------- | [Public] [25/04/2019 19:31:08] - |RHD| - [80110] - C:\Users\Public\AccountPictures [14/07/2009 05:20:08] - |RHD| - [4856] - C:\Users\Public\Desktop [15/09/2018 09:31:35] - |ASH| - [174] - C:\Users\Public\desktop.ini [14/07/2009 05:20:08] - |RD| - [241353574] - C:\Users\Public\Documents [14/07/2009 05:20:08] - |RD| - [174] - C:\Users\Public\Downloads [14/07/2009 05:20:08] - |RHD| - [0] - C:\Users\Public\Favorites [15/09/2018 09:33:50] - |RHD| - [1135] - C:\Users\Public\Libraries [14/07/2009 05:20:08] - |RD| - [69365] - C:\Users\Public\Music [06/12/2017 14:35:51] - |A| - [262144] - C:\Users\Public\ntuser.dat [06/12/2017 14:35:51] - |A| - [10240] - C:\Users\Public\ntuser.dat.LOG1 [06/12/2017 14:35:51] - |A| - [0] - C:\Users\Public\ntuser.dat.LOG2 [08/12/2017 11:01:16] - |ASH| - [65536] - C:\Users\Public\ntuser.dat{184cd851-dbde-11e7-aab0-74d435beb381}.TM.blf [08/12/2017 11:01:16] - |ASH| - [524288] - C:\Users\Public\ntuser.dat{184cd851-dbde-11e7-aab0-74d435beb381}.TMContainer00000000000000000001.regtrans-ms [08/12/2017 11:01:16] - |ASH| - [524288] - C:\Users\Public\ntuser.dat{184cd851-dbde-11e7-aab0-74d435beb381}.TMContainer00000000000000000002.regtrans-ms [06/12/2017 14:35:51] - |A| - [65536] - C:\Users\Public\ntuser.dat{de5cc39b-da6d-11e7-8d14-74d435beb381}.TM.blf [06/12/2017 14:35:51] - |A| - [524288] - C:\Users\Public\ntuser.dat{de5cc39b-da6d-11e7-8d14-74d435beb381}.TMContainer00000000000000000001.regtrans-ms [06/12/2017 14:35:51] - |A| - [524288] - C:\Users\Public\ntuser.dat{de5cc39b-da6d-11e7-8d14-74d435beb381}.TMContainer00000000000000000002.regtrans-ms [14/07/2009 05:20:08] - |RD| - [530164] - C:\Users\Public\Pictures [14/07/2009 17:35:05] - |RD| - [0] - C:\Users\Public\Recorded TV [14/07/2009 05:20:08] - |RD| - [380] - C:\Users\Public\Videos ---------- | C:\ProgramData [09/04/2018 13:23:04] - |D| - [0] - C:\ProgramData\.mono [01/09/2017 17:11:47] - |D| - [385938468] - C:\ProgramData\Adobe [25/04/2019 19:30:51] - |SHD| - [0] - C:\ProgramData\Application Data [31/08/2017 11:14:06] - |SHD| - [0] - C:\ProgramData\Bureau [09/05/2019 15:12:43] - |D| - [85097758] - C:\ProgramData\CLink4 [26/02/2019 13:43:12] - |D| - [163932335] - C:\ProgramData\Corsair [25/04/2019 19:30:51] - |SHD| - [0] - C:\ProgramData\Documents [18/12/2017 15:45:16] - |A| - [0] - C:\ProgramData\DP45977C.lfl [05/12/2017 22:50:18] - |D| - [1154] - C:\ProgramData\Electronic Arts [13/10/2017 12:52:07] - |D| - [14054489] - C:\ProgramData\EPSON [31/08/2017 11:14:06] - |SHD| - [0] - C:\ProgramData\Favoris [25/08/2019 16:09:20] - |D| - [6920927] - C:\ProgramData\For Honor Data [08/02/2018 18:55:50] - |D| - [67] - C:\ProgramData\Gaijin [15/09/2017 16:49:58] - |D| - [4798811601] - C:\ProgramData\Garmin [31/08/2017 11:38:45] - |D| - [31517204] - C:\ProgramData\Intel [31/08/2017 16:15:23] - |D| - [2198512345] - C:\ProgramData\Kaspersky Lab [06/12/2017 14:29:02] - |D| - [19393289] - C:\ProgramData\Kaspersky Lab Setup Files [09/12/2017 19:40:20] - |D| - [234364424] - C:\ProgramData\Logishrd [05/12/2017 13:16:53] - |D| - [0] - C:\ProgramData\Malwarebytes [25/08/2019 17:50:35] - |D| - [3205591545] - C:\ProgramData\ManiaPlanet [31/08/2017 11:14:06] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [15/09/2018 09:33:50] - |SD| - [858285725] - C:\ProgramData\Microsoft [25/04/2019 19:37:26] - |D| - [25] - C:\ProgramData\Microsoft OneDrive [31/08/2017 11:14:06] - |SHD| - [0] - C:\ProgramData\Modèles [12/03/2019 13:01:39] - |D| - [17511] - C:\ProgramData\Mozilla [21/05/2019 14:02:03] - |A| - [8192] - C:\ProgramData\ntuser.dat [21/05/2019 14:02:03] - |ASH| - [8192] - C:\ProgramData\ntuser.dat.LOG1 [21/05/2019 14:02:03] - |ASH| - [0] - C:\ProgramData\ntuser.dat.LOG2 [21/05/2019 14:02:03] - |ASH| - [65536] - C:\ProgramData\ntuser.dat{4b513fa1-7ba3-11e9-9857-74d435beb381}.TM.blf [21/05/2019 14:02:03] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{4b513fa1-7ba3-11e9-9857-74d435beb381}.TMContainer00000000000000000001.regtrans-ms [21/05/2019 14:02:03] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{4b513fa1-7ba3-11e9-9857-74d435beb381}.TMContainer00000000000000000002.regtrans-ms [01/09/2017 09:33:43] - |D| - [13716438] - C:\ProgramData\NVIDIA [01/09/2017 09:33:29] - |D| - [2295189107] - C:\ProgramData\NVIDIA Corporation [22/07/2019 10:10:25] - |D| - [70997662] - C:\ProgramData\Oracle [02/09/2017 15:02:10] - |D| - [367993674] - C:\ProgramData\Origin [31/08/2017 11:27:27] - |D| - [167954376] - C:\ProgramData\Package Cache [25/04/2019 19:41:50] - |D| - [409600] - C:\ProgramData\Packages [05/12/2017 22:50:22] - |D| - [100779042] - C:\ProgramData\PopCap Games [30/04/2019 16:37:18] - |D| - [71] - C:\ProgramData\privazer [15/09/2018 09:33:50] - |D| - [999] - C:\ProgramData\regid.1991-06.com.microsoft [01/09/2017 10:55:22] - |D| - [45734888] - C:\ProgramData\Skype [15/09/2018 09:33:50] - |D| - [0] - C:\ProgramData\SoftwareDistribution [18/05/2019 13:55:45] - |D| - [645] - C:\ProgramData\Sony Corporation [01/09/2017 10:42:23] - |D| - [54332920] - C:\ProgramData\SquirrelMachineInstalls [13/10/2017 12:56:10] - |D| - [4680] - C:\ProgramData\UDL [02/09/2017 14:22:41] - |D| - [2194] - C:\ProgramData\Unchecky [15/09/2018 09:33:50] - |D| - [15641] - C:\ProgramData\USOPrivate [25/04/2019 19:32:06] - |D| - [9461760] - C:\ProgramData\USOShared [24/02/2018 09:53:35] - |D| - [1754] - C:\ProgramData\VS Revo Group [15/09/2018 18:40:58] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices [15/09/2017 12:30:19] - |D| - [0] - C:\ProgramData\Wondershare ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [27/04/2019 18:35:11] - |D| - [1211] - C:\ProgramData\Microsoft\Windows\Start Menu\Corsair [15/09/2018 09:31:34] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [31/08/2017 11:14:06] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [15/09/2018 09:33:50] - |RD| - [158833] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [15/09/2018 09:33:50] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [15/09/2018 09:33:50] - |RD| - [20318] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [01/09/2017 17:12:05] - |A| - [2457] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [15/09/2018 09:33:50] - |RD| - [22954] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [18/12/2017 11:33:51] - |D| - [7370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google [28/12/2018 14:05:13] - |D| - [963] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [15/09/2018 09:31:34] - |SH| - [530] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [16/01/2019 17:14:26] - |D| - [5903] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [16/01/2019 17:15:37] - |D| - [10749] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software [16/12/2017 20:43:59] - |A| - [936] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk [14/07/2009 07:32:38] - |RD| - [666] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [26/10/2018 09:47:00] - |D| - [2166] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin [23/01/2019 17:54:27] - |D| - [2959] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D [17/01/2019 18:59:12] - |A| - [2299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [04/01/2019 14:10:01] - |D| - [6456] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro [15/09/2018 09:29:46] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [11/02/2019 15:32:17] - |RD| - [2398] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [22/07/2019 10:10:36] - |D| - [6890] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [08/03/2019 12:51:16] - |D| - [6734] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager [21/05/2019 14:02:10] - |D| - [5999] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection [30/05/2018 12:54:18] - |D| - [5602] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security [18/09/2019 19:23:12] - |A| - [1186] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk [20/02/2018 20:12:13] - |D| - [4305] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [15/09/2018 09:33:50] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [25/08/2019 17:50:42] - |D| - [808] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManiaPlanet [11/09/2018 17:14:34] - |D| - [1245] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [22/08/2018 19:24:06] - |D| - [2265] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [18/03/2018 18:58:15] - |A| - [936] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [12/12/2018 19:09:50] - |A| - [727] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk [26/01/2018 14:17:18] - |D| - [1461] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [01/05/2019 15:13:21] - |SD| - [7392] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.6 [02/09/2017 15:03:20] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [04/01/2019 14:54:07] - |D| - [1352] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paramètres de la caméra Logitech [30/04/2019 16:37:18] - |A| - [1966] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk [25/09/2018 19:22:24] - |D| - [1397] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [15/09/2018 09:33:50] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [15/09/2018 09:33:50] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [02/09/2017 14:22:42] - |D| - [1430] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky [16/09/2017 17:23:13] - |D| - [5106] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [11/09/2018 17:14:29] - |A| - [1338] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk [25/04/2019 19:28:14] - |A| - [1576] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [19/12/2017 17:43:36] - |D| - [4229] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [15/09/2018 09:31:34] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [01/09/2017 17:11:59] - |D| - [357117989] - C:\Program Files (x86)\Adobe [14/05/2018 15:39:06] - |D| - [11486068] - C:\Program Files (x86)\Battlelog Web Plugins [15/09/2018 09:33:50] - |D| - [335878049] - C:\Program Files (x86)\Common Files [27/04/2019 18:35:03] - |D| - [570882154] - C:\Program Files (x86)\Corsair [15/09/2018 09:31:34] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [25/08/2019 16:09:13] - |D| - [1846728] - C:\Program Files (x86)\EasyAntiCheat [13/10/2017 13:16:45] - |D| - [157765680] - C:\Program Files (x86)\epson [16/01/2019 17:15:37] - |D| - [231173499] - C:\Program Files (x86)\EPSON Software [15/09/2017 16:49:52] - |D| - [178727923] - C:\Program Files (x86)\Garmin [23/01/2019 17:54:27] - |D| - [15593190] - C:\Program Files (x86)\Geeks3D [31/08/2017 11:23:47] - |D| - [523050560] - C:\Program Files (x86)\Google [04/01/2019 14:10:01] - |D| - [4459473] - C:\Program Files (x86)\HD Tune Pro [31/08/2017 11:25:59] - |HD| - [18569096] - C:\Program Files (x86)\InstallShield Installation Information [31/08/2017 11:36:16] - |D| - [11254982] - C:\Program Files (x86)\Intel [15/09/2018 09:33:50] - |D| - [1986331] - C:\Program Files (x86)\Internet Explorer [22/07/2019 10:10:24] - |D| - [189279320] - C:\Program Files (x86)\Java [31/08/2017 16:15:23] - |D| - [532709862] - C:\Program Files (x86)\Kaspersky Lab [18/09/2019 19:23:12] - |D| - [7227891] - C:\Program Files (x86)\KeePass Password Safe 2 [20/02/2018 20:12:13] - |D| - [38884251] - C:\Program Files (x86)\Logitech [25/08/2019 17:50:35] - |D| - [161315671] - C:\Program Files (x86)\ManiaPlanet [25/09/2018 19:22:18] - |D| - [207666323] - C:\Program Files (x86)\Microsoft [11/09/2018 17:14:33] - |D| - [9356010] - C:\Program Files (x86)\Microsoft Games for Windows - LIVE [22/08/2018 19:23:34] - |D| - [42894550] - C:\Program Files (x86)\Microsoft Silverlight [15/09/2018 09:33:50] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [17/07/2018 08:03:02] - |D| - [14105664] - C:\Program Files (x86)\Mobile [02/03/2018 12:03:19] - |D| - [41627050] - C:\Program Files (x86)\MobileBrServ [17/01/2019 18:57:32] - |D| - [168638924] - C:\Program Files (x86)\Mozilla Firefox [16/12/2017 20:43:58] - |D| - [376570] - C:\Program Files (x86)\Mozilla Maintenance Service [25/04/2019 20:17:42] - |D| - [25757] - C:\Program Files (x86)\MSBuild [01/09/2017 09:33:27] - |D| - [288042327] - C:\Program Files (x86)\NVIDIA Corporation [01/05/2019 15:13:14] - |D| - [331073854] - C:\Program Files (x86)\OpenOffice 4 [03/09/2017 09:25:15] - |D| - [10489041387] - C:\Program Files (x86)\Origin Games [07/05/2019 16:52:11] - |D| - [25533919] - C:\Program Files (x86)\PrivaZer [31/08/2017 11:26:00] - |D| - [441054577] - C:\Program Files (x86)\Realtek [25/04/2019 20:17:42] - |D| - [38462721] - C:\Program Files (x86)\Reference Assemblies [17/07/2018 08:02:57] - |D| - [14491509] - C:\Program Files (x86)\Switcher [03/09/2019 19:10:30] - |HD| - [0] - C:\Program Files (x86)\Temp [25/05/2018 15:40:40] - |D| - [10884] - C:\Program Files (x86)\VulkanRT [15/09/2018 09:33:50] - |D| - [1719928] - C:\Program Files (x86)\Windows Defender [15/09/2018 09:33:50] - |D| - [625152] - C:\Program Files (x86)\Windows Mail [15/09/2018 18:40:58] - |D| - [3241325] - C:\Program Files (x86)\Windows Media Player [15/09/2018 18:40:58] - |D| - [40432] - C:\Program Files (x86)\Windows Multimedia Platform [15/09/2018 09:33:50] - |D| - [7563096] - C:\Program Files (x86)\windows nt [15/09/2018 18:40:58] - |D| - [5325328] - C:\Program Files (x86)\Windows Photo Viewer [15/09/2018 18:40:58] - |D| - [40432] - C:\Program Files (x86)\Windows Portable Devices [15/09/2018 09:33:50] - |D| - [2250695] - C:\Program Files (x86)\WindowsPowerShell ---------- | C:\Program Files [28/12/2018 14:05:12] - |D| - [46619264] - C:\Program Files\CCleaner [07/02/2062 01:02:00] - |D| - [74695293] - C:\Program Files\Common Files [15/09/2018 09:31:34] - |ASH| - [174] - C:\Program Files\desktop.ini [15/09/2017 16:50:08] - |D| - [707464] - C:\Program Files\DIFX [01/05/2019 14:41:36] - |D| - [6508457] - C:\Program Files\EpsonNet [20/03/2018 10:05:42] - |D| - [60369664] - C:\Program Files\Google [31/08/2017 11:27:34] - |D| - [137673932] - C:\Program Files\Intel [15/09/2018 09:33:50] - |D| - [2645302] - C:\Program Files\internet explorer [03/06/2018 18:09:04] - |D| - [20803303] - C:\Program Files\Logitech [14/07/2009 07:32:38] - |D| - [2680] - C:\Program Files\Microsoft Games [22/08/2018 19:23:34] - |D| - [55728894] - C:\Program Files\Microsoft Silverlight [15/09/2019 15:10:10] - |D| - [200560086] - C:\Program Files\Mozilla Firefox [25/04/2019 20:17:42] - |D| - [25757] - C:\Program Files\MSBuild [01/09/2017 09:30:02] - |D| - [1963167905] - C:\Program Files\NVIDIA Corporation [07/09/2019 20:30:51] - |D| - [37201864] - C:\Program Files\Realtek [25/04/2019 20:17:42] - |D| - [36867241] - C:\Program Files\Reference Assemblies [19/06/2019 11:15:42] - |D| - [13142040] - C:\Program Files\UNP [15/09/2018 09:33:50] - |RD| - [15110670] - C:\Program Files\Windows Defender [15/09/2018 09:33:50] - |D| - [636416] - C:\Program Files\Windows Mail [15/09/2018 18:40:58] - |D| - [4716945] - C:\Program Files\Windows Media Player [15/09/2018 18:40:58] - |D| - [47512] - C:\Program Files\Windows Multimedia Platform [15/09/2018 09:33:50] - |D| - [7895384] - C:\Program Files\windows nt [15/09/2018 18:40:58] - |D| - [6135112] - C:\Program Files\Windows Photo Viewer [15/09/2018 18:40:58] - |D| - [47512] - C:\Program Files\Windows Portable Devices [15/09/2018 09:33:50] - |D| - [110373] - C:\Program Files\Windows Security [15/09/2018 09:33:50] - |HD| - [4120904350] - C:\Program Files\WindowsApps [15/09/2018 09:33:50] - |D| - [2546495] - C:\Program Files\WindowsPowerShell [19/12/2017 17:43:31] - |D| - [7453113] - C:\Program Files\WinRAR ---------- | C:\Program Files (x86)\Common Files [01/09/2017 17:11:59] - |D| - [23660508] - C:\Program Files (x86)\Common Files\Adobe [16/01/2018 15:44:08] - |D| - [22884280] - C:\Program Files (x86)\Common Files\BattlEye [05/12/2017 22:50:10] - |HD| - [6385219] - C:\Program Files (x86)\Common Files\EAInstaller [31/08/2017 11:41:12] - |D| - [0] - C:\Program Files (x86)\Common Files\InstallShield [31/08/2017 11:41:02] - |D| - [67891323] - C:\Program Files (x86)\Common Files\Intel [31/08/2017 11:50:17] - |D| - [248052] - C:\Program Files (x86)\Common Files\Intel Corporation [22/07/2019 10:10:43] - |D| - [2034520] - C:\Program Files (x86)\Common Files\Java [20/02/2018 20:12:13] - |D| - [138590656] - C:\Program Files (x86)\Common Files\LogiShrd [15/09/2018 09:33:50] - |D| - [17499907] - C:\Program Files (x86)\Common Files\microsoft shared [18/06/2018 14:49:33] - |D| - [2049791] - C:\Program Files (x86)\Common Files\Oracle [15/09/2018 09:33:50] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [25/04/2019 20:21:29] - |D| - [41095079] - C:\Program Files (x86)\Common Files\SpeechEngines [31/08/2017 16:33:35] - |D| - [4086657] - C:\Program Files (x86)\Common Files\Steam [15/09/2018 09:33:50] - |D| - [9449355] - C:\Program Files (x86)\Common Files\system [16/09/2017 17:56:03] - |D| - [0] - C:\Program Files (x86)\Common Files\Windows Live ---------- | C:\Program Files\Common files [31/08/2017 16:15:42] - |D| - [3597409] - C:\Program Files\Common files\AV [13/10/2017 12:53:06] - |D| - [152640] - C:\Program Files\Common files\EPSON [31/08/2017 11:56:39] - |D| - [22538027] - C:\Program Files\Common files\logishrd [03/06/2018 18:09:04] - |D| - [1506543] - C:\Program Files\Common files\Logitech [15/09/2018 09:33:50] - |D| - [36002729] - C:\Program Files\Common files\microsoft shared [15/09/2018 09:33:50] - |D| - [2702] - C:\Program Files\Common files\Services [25/04/2019 20:21:29] - |D| - [599040] - C:\Program Files\Common files\SpeechEngines [15/09/2018 09:33:50] - |D| - [10296203] - C:\Program Files\Common files\system ---------- | Tasks [MD5.798C396CF6BECBEE41ADFD8FF691F037] - [23/04/2019 17:46:34] - |A| - [913] - C:\WINDOWS\Tasks\EPSON XP-255 257 Series Update {4C4C71C1-8C1F-4573-82C1-A6C8623A56F7}.job [MD5.C109635687122D752C8DC2551C7BA333] - [13/06/2019 17:09:48] - |A| - [935] - C:\WINDOWS\Tasks\EPSON XP-255 257 Series Update {6C6184F3-FC8C-417C-A33C-6221471D08A0}.job [MD5.672D93283009823BD61FD83D889C2C65] - [13/03/2019 12:23:45] - |A| - [913] - C:\WINDOWS\Tasks\EPSON XP-255 257 Series Update {AA4AD284-329A-40BC-B080-F70933DA229E}.job [MD5.D686244E247CA48D537B99D52031EC8A] - [01/05/2019 15:46:55] - |A| - [941] - C:\WINDOWS\Tasks\EPSON XP-255 257 Series Update {B9138B0D-4637-4284-9035-B0BE281817CF}.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [25/04/2019 19:30:49] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.3F8A4B4A6B7090546EEAA6A1F25EB9C9] - [14/07/2009 07:08:49] - |A| - [32482] - C:\WINDOWS\Tasks\SCHEDLGU(27).TXT [MD5.03218B198F7E6A70D610E3DDABCCDC1D] - [25/04/2019 19:30:49] - |A| - [4562] - C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.FBC34CE0ABEA9F1F89FC957AD0AD4FFC] - [25/04/2019 19:30:49] - |A| - [4748] - C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier : C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe [MD5.FFF74E2C603068F3A4D2EE84C9AFAF69] - [25/04/2019 19:30:49] - |A| - [4760] - C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier : C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_pepper.exe [MD5.8012D6C86701575CB78C6DEFFF194362] - [25/04/2019 19:30:49] - |A| - [4594] - C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater : C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.E5AAC7479DD183F2349668A8A4827F42] - [25/04/2019 19:30:49] - |A| - [3936] - C:\WINDOWS\System32\Tasks\CCleaner Update : C:\Program Files\CCleaner\CCUpdate.exe [MD5.F705EE6676CB9E8423A4159B8BA6DC64] - [25/04/2019 19:30:49] - |A| - [2926] - C:\WINDOWS\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.5296C470DCDC4CC687179283378FEFED] - [25/04/2019 19:30:49] - |A| - [4090] - C:\WINDOWS\System32\Tasks\EPSON XP-255 257 Series Update {4C4C71C1-8C1F-4573-82C1-A6C8623A56F7} : C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSVCE.EXE [MD5.5FE9675BA15141CA277369F22BEEA03E] - [13/06/2019 17:09:48] - |A| - [4140] - C:\WINDOWS\System32\Tasks\EPSON XP-255 257 Series Update {6C6184F3-FC8C-417C-A33C-6221471D08A0} : C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVCE.EXE [MD5.D3C44903649E847D37C3AF3E60D3F9C4] - [25/04/2019 19:30:49] - |A| - [4090] - C:\WINDOWS\System32\Tasks\EPSON XP-255 257 Series Update {AA4AD284-329A-40BC-B080-F70933DA229E} : C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSVCE.EXE [MD5.4FA9648C3C260550E1B4D093C11B6162] - [01/05/2019 15:46:55] - |A| - [4146] - C:\WINDOWS\System32\Tasks\EPSON XP-255 257 Series Update {B9138B0D-4637-4284-9035-B0BE281817CF} : C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVCE.EXE [MD5.A7E5182C025F3392C64C59E9CF816AE1] - [25/04/2019 19:30:49] - |A| - [3666] - C:\WINDOWS\System32\Tasks\GarminUpdaterTask : C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [MD5.469593D543EA5F1036B027ABF74BBE04] - [25/04/2019 19:30:49] - |A| - [3464] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.78B238D2FF6983B922EE741351BEC206] - [25/04/2019 19:30:49] - |A| - [3588] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [15/09/2018 09:33:50] - |D| - [645922] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.3FCF5E0D7D1D01D2FDE412AC20D2ED17] - [25/04/2019 19:30:49] - |A| - [4106] - C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [MD5.0E826737B22050E60FD283750D067C23] - [25/04/2019 19:30:49] - |A| - [4308] - C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [MD5.F55B2F72E563AB4B2C6F011BD0C0A3BC] - [25/04/2019 19:30:49] - |A| - [3976] - C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : "C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe" [MD5.9200A7AEAD4C78C61F5CA9964667C70D] - [25/04/2019 19:30:49] - |A| - [3940] - C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [MD5.F5470B10567C5ADB9FFDBED20177C065] - [25/04/2019 19:30:49] - |A| - [3894] - C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.4C1943F7A098FE04B84E9B3BDC3715BF] - [25/04/2019 19:30:49] - |A| - [3654] - C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.6928FA5790AEDBB68C0E05AC584201F7] - [31/05/2019 18:21:43] - |A| - [3858] - C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [MD5.8921550FF18DFE796942527436217775] - [31/05/2019 18:21:43] - |A| - [3858] - C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [MD5.9746229FB3925E67D35A62B5721F704A] - [31/05/2019 18:21:43] - |A| - [3858] - C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [MD5.5673E967E28B0122E062778E89E73768] - [31/05/2019 18:21:43] - |A| - [3858] - C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [MD5.87CA1447758A834A098337E8BE1E12D6] - [25/04/2019 19:42:42] - |A| - [3366] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2673370752-163226256-3562748738-1000 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.50DD0359CF37A4EDBAD9C7655F13EDD7] - [25/04/2019 19:30:49] - |A| - [4218] - C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1543934761 : C:\Users\Mosheur\AppData\Local\Programs\Opera\launcher.exe [MD5.151A30958D28FEEAC6FEE0721D25D537] - [30/04/2019 16:37:23] - |A| - [3182] - C:\WINDOWS\System32\Tasks\PrivaZer_SkipUAC : C:\Program Files (x86)\PrivaZer\PrivaZer.exe [MD5.00000000000000000000000000000000] - [25/04/2019 19:30:49] - |D| - [0] - C:\WINDOWS\System32\Tasks\Tâches de l’Observateur d’événements [MD5.00000000000000000000000000000000] - [25/04/2019 19:30:49] - |D| - [4484] - C:\WINDOWS\System32\Tasks\WPD [MD5.2AEC7B668359BA8E7D7C46A34B177A8B] - [25/04/2019 19:30:49] - |A| - [3224] - C:\WINDOWS\System32\Tasks\{046A7683-A8D2-4BA1-A840-4551A1A2728C} : C:\Windows\system32\pcalua.exe [MD5.33F7E6B695017ED14AAC4141C512AA69] - [25/04/2019 19:30:49] - |A| - [3106] - C:\WINDOWS\System32\Tasks\{0935B356-400C-4433-BE98-533ADBCEAE24} : C:\Users\Mosheur\Desktop\ChromeSetup.exe [MD5.3E7B69867F4996B066018028853A26A0] - [25/04/2019 19:30:49] - |A| - [3478] - C:\WINDOWS\System32\Tasks\{0C8D92CF-FCDE-4F76-8DD5-167A72CC9335} : C:\Windows\system32\pcalua.exe [MD5.A2957F214A32E1302EEF2B3C8B992389] - [25/04/2019 19:30:49] - |A| - [3470] - C:\WINDOWS\System32\Tasks\{0EBF5027-FA63-4FED-8432-04B4D4BDA2B2} : C:\Windows\system32\pcalua.exe [MD5.FF1499985310718167CBC04FDC08B2AC] - [25/04/2019 19:30:49] - |A| - [3100] - C:\WINDOWS\System32\Tasks\{193B7F9E-8125-48FF-AD2B-E22EB1F97DD5} : C:\Windows\twain_32\escndv\escndv.exe [MD5.589F040B82426E6AA5F9B575383B9C1B] - [25/04/2019 19:30:49] - |A| - [3326] - C:\WINDOWS\System32\Tasks\{2EBF33E4-D2BA-4BF4-9C2E-E4E69E64BD9C} : C:\Windows\system32\pcalua.exe [MD5.E58F5FC4401C2A01914C916C084C9D51] - [25/04/2019 19:30:49] - |A| - [3174] - C:\WINDOWS\System32\Tasks\{32724301-C210-4090-A09B-8C7B9F530559} : C:\Users\Mosheur\Desktop\375.70-desktop-win10-64bit-international-whql.exe [MD5.3A41C98A6E544C4773F0B75B7DCBD48F] - [25/04/2019 19:30:49] - |A| - [3272] - C:\WINDOWS\System32\Tasks\{35CCE60E-9D6B-4A09-922B-31F56A22DF1C} : msiexec.exe [MD5.EA0848B3CC20ED711B01EACB9C15E41B] - [25/04/2019 19:30:49] - |A| - [3226] - C:\WINDOWS\System32\Tasks\{3895AAED-AA40-45A8-B3BC-E22C005C159F} : C:\Windows\system32\pcalua.exe [MD5.7441F6D555799C5CBB203EBB0A4E86A5] - [25/04/2019 19:30:49] - |A| - [3162] - C:\WINDOWS\System32\Tasks\{3F032F11-24C7-4893-AF0F-6F674B2E7455} : C:\Program Files (x86)\Epson Software\Easy Photo Print\EPQuicker.exe [MD5.9FE03521339804649289BBA6D42059AA] - [25/04/2019 19:30:49] - |A| - [3102] - C:\WINDOWS\System32\Tasks\{4370A0CA-C033-4C7D-BD5F-FF27860BC0D0} : D:\Program Files (x86)\Steam\Steam.exe [MD5.691A3A8C346C0E20ED209AE36F479214] - [25/04/2019 19:30:49] - |A| - [3272] - C:\WINDOWS\System32\Tasks\{4AEB6F76-01A7-4D83-9EBA-7A141648B9F3} : msiexec.exe [MD5.04625DCA68215A45EF0A159FB1897C22] - [25/04/2019 19:30:49] - |A| - [3206] - C:\WINDOWS\System32\Tasks\{4E0A311B-2079-4D24-B6A3-BDB2371F30C3} : "c:\program files (x86)\mozilla firefox\firefox.exe" [MD5.0AD176ACFA2DD0D49A04F1046FA31939] - [25/04/2019 19:30:49] - |A| - [3224] - C:\WINDOWS\System32\Tasks\{534AF700-0ACC-4D26-B04D-49A063FB936C} : "c:\program files (x86)\google\chrome\application\chrome.exe" [MD5.A1B4148D78D4F954366A4812D26DE609] - [25/04/2019 19:30:49] - |A| - [3114] - C:\WINDOWS\System32\Tasks\{62947ECB-A822-45DE-86FC-78D77B1B1ED1} : C:\Program Files (x86)\Skype\Phone\Skype.exe [MD5.6697C7D99EB3F91343D173F329699A29] - [25/04/2019 19:30:49] - |A| - [3148] - C:\WINDOWS\System32\Tasks\{68BB7F58-44CB-4767-8B38-4D3C5C4DFBA7} : C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe [MD5.3E38678FA022AA3D92EA898B7FA713D6] - [25/04/2019 19:30:49] - |A| - [3102] - C:\WINDOWS\System32\Tasks\{6943E509-FB3A-4B21-900A-CABB114DD64F} : D:\Program Files (x86)\Steam\Steam.exe [MD5.0AAB5E2A98BBD01C765A5D88179AA72C] - [25/04/2019 19:30:49] - |A| - [3142] - C:\WINDOWS\System32\Tasks\{728B5AAF-573A-40AC-91EB-AA856F8E98E3} : C:\Users\Mosheur\Desktop\GeForce_Experience_v3.12.0.79.exe [MD5.E36C6D0CB3EABF29081A57746008F60B] - [25/04/2019 19:30:49] - |A| - [3292] - C:\WINDOWS\System32\Tasks\{74517E31-0119-435A-91C7-54CF1ED590AB} : C:\Windows\system32\pcalua.exe [MD5.D2C46F62697EA081045A224B592B2EBC] - [25/04/2019 19:30:49] - |A| - [3272] - C:\WINDOWS\System32\Tasks\{8187B8A4-D390-4B34-8F3B-A0A9261F3D64} : msiexec.exe [MD5.7B76E193EC10794C8D25952DF7B1FD19] - [25/04/2019 19:30:49] - |A| - [3142] - C:\WINDOWS\System32\Tasks\{81E28C97-12F1-47F2-A8C6-D155C61DC4F2} : C:\Users\Mosheur\Desktop\GeForce_Experience_v3.12.0.79.exe [MD5.11C9B868EE7C64A55F26EA685AD0F00A] - [25/04/2019 19:30:49] - |A| - [3106] - C:\WINDOWS\System32\Tasks\{82A8A879-2431-45C2-B615-A34344F5E082} : C:\Users\Mosheur\Desktop\ChromeSetup.exe [MD5.01EEF0765108D08722B4751108E67197] - [25/04/2019 19:30:49] - |A| - [3206] - C:\WINDOWS\System32\Tasks\{8F4626D9-2BB5-4AAA-9FB2-0188210E05B6} : "c:\program files (x86)\mozilla firefox\firefox.exe" [MD5.05FF4F6882A90437BAB207DDEC5C3E45] - [25/04/2019 19:30:49] - |A| - [3148] - C:\WINDOWS\System32\Tasks\{A201980C-0F39-4DAA-8CB7-B9C2FD08F312} : C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe [MD5.F4909B23DF98FFBE261368BCA6EF00B7] - [25/04/2019 19:30:49] - |A| - [3102] - C:\WINDOWS\System32\Tasks\{A2B8B39A-38FF-4B05-AA34-6B76D36E0430} : D:\Program Files (x86)\Steam\Steam.exe [MD5.1E1EDAC1B013AE0DEBBB6A77E4982B4F] - [25/04/2019 19:30:49] - |A| - [3142] - C:\WINDOWS\System32\Tasks\{A3DFA161-07B0-4047-82BD-331F88EFC5E0} : C:\Users\Mosheur\Desktop\GeForce_Experience_v3.12.0.79.exe [MD5.759C742D25EF8D93E1847BA839FA04AE] - [25/04/2019 19:30:49] - |A| - [3272] - C:\WINDOWS\System32\Tasks\{B4766559-724F-457D-9E36-0D8942475FED} : msiexec.exe [MD5.745AAA6464174363D8A43D7559DE8A65] - [25/04/2019 19:30:49] - |A| - [3106] - C:\WINDOWS\System32\Tasks\{BB2696AA-56D8-4948-9C7F-722FB181D267} : C:\Users\Mosheur\Desktop\ChromeSetup.exe [MD5.5684B9D8A3D4E43C3ABE9EE6C7572811] - [25/04/2019 19:30:49] - |A| - [3220] - C:\WINDOWS\System32\Tasks\{C8A26AC2-E783-4849-9324-63867602DA88} : C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [MD5.99808244CAC2B04CB6226BDA5FF160DE] - [25/04/2019 19:30:49] - |A| - [3102] - C:\WINDOWS\System32\Tasks\{C8AB2370-65B9-48F5-ADF2-E405C90E5A43} : D:\Program Files (x86)\Steam\Steam.exe [MD5.28C17181CAB1B8788A7ED6F276B0A1D8] - [25/04/2019 19:30:49] - |A| - [3162] - C:\WINDOWS\System32\Tasks\{CE172C37-AB47-4D04-9BAB-B29619A5B330} : C:\Program Files (x86)\Epson Software\Easy Photo Print\EPQuicker.exe [MD5.E206EDA8088B4872578019621993D12C] - [25/04/2019 19:30:49] - |A| - [3106] - C:\WINDOWS\System32\Tasks\{CEA95AEA-65D7-4806-A593-D79BF4EAB019} : C:\Users\Mosheur\Desktop\ChromeSetup.exe [MD5.10E293B67E2C1396F18B4A2BE3DE9F1A] - [25/04/2019 19:30:49] - |A| - [3142] - C:\WINDOWS\System32\Tasks\{DD287CA5-36EE-429B-8F75-7C0908E34DD9} : C:\Users\Mosheur\Desktop\GeForce_Experience_v3.12.0.79.exe [MD5.D0509AE2B91FA41AA4726AC98181ED00] - [25/04/2019 19:30:49] - |A| - [3224] - C:\WINDOWS\System32\Tasks\{DD63EB32-22C9-4735-9643-C7F293AB8F8C} : "c:\program files (x86)\google\chrome\application\chrome.exe" [MD5.5023EF5F6C00C3A31F42BA28FCFE6084] - [25/04/2019 19:30:49] - |A| - [3192] - C:\WINDOWS\System32\Tasks\{E12000AF-4DE5-48AE-A5BE-1378A631A1E5} : C:\Windows\system32\pcalua.exe [MD5.9757A2DBBC224299C8246DF13018A7AB] - [25/04/2019 19:30:49] - |A| - [3206] - C:\WINDOWS\System32\Tasks\{EDC56B31-23B0-4274-BC41-DD10A66FEC49} : "c:\program files (x86)\mozilla firefox\firefox.exe" [MD5.3BCDA33D6DFA395ABA46A8436A924F78] - [25/04/2019 19:30:49] - |A| - [3294] - C:\WINDOWS\System32\Tasks\{F11A9475-F16D-4438-9154-7FF6F4EECECC} : C:\Windows\system32\pcalua.exe [MD5.E41CFA4D22E4D227B82245927E804B26] - [25/04/2019 19:30:49] - |A| - [3148] - C:\WINDOWS\System32\Tasks\{F1B025BB-BEA2-4B93-8D20-D42BC90FD9EA} : C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe [MD5.3E848A1DA652E496A8973188A06839ED] - [25/04/2019 19:30:49] - |A| - [3100] - C:\WINDOWS\System32\Tasks\{FF1C9817-8D62-4463-9D2D-E017F4A4EFAF} : C:\Windows\twain_32\escndv\escndv.exe [MD5.5492F17B788FFAAB2DF400229D0ED803] - [25/04/2019 19:30:49] - |A| - [3272] - C:\WINDOWS\System32\Tasks\{FF1D0627-78F3-4E61-9F8B-7C48709D6F8B} : msiexec.exe [MD5.00000000000000000000000000000000] - [15/09/2018 09:33:51] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "WiFiDirect-KM-Driver-In-TCP"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-TCP"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-UDP"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-UDP"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "DeliveryOptimization-TCP-In"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "Netlogon-NamedPipe-In"=v2.29|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.29|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Infra-In-TCP"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "WCF-NetTcpActivator-In-TCP-64bit"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=808|App=%systemroot%\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll,-2000|Desc=@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll,-2001|EmbedCtxt=@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll,-2002| "{5D59DA99-E8E5-4FF0-B5F6-6B41CC6D2A03}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\CCleaner\CCUpdate.exe|Name=CCleaner Update| "{73290416-3304-4C10-9ABD-9C1BAC8422B0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\CCleaner\CCUpdate.exe|Name=CCleaner Update| "{8CDCC7AF-097F-406E-8C17-9E69E2865BEF}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe|Name=Epson Connect Printer Setup| "{6246DCB3-127E-4D64-A72F-502409587D7A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe|Name=Epson Connect Printer Setup| "{66764A6B-BDF2-4AC5-91BC-BCF9FA21B7E8}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=2968|App=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe|Name=EEventManager Application|EmbedCtxt=EEventManager.exe - Push Scan Discovery|Edge=TRUE|Defer=App| "{6DCBD4C0-B006-4233-9085-F523C32B3856}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=2968|App=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe|Name=EEventManager Application|EmbedCtxt=EEventManager.exe - Push Scan Discovery|Edge=TRUE|Defer=App| "{6973E094-3906-4875-82E9-ED07EF7A314D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe|Name=ESN Sonar Host Application| "{FECE16F3-A88D-4E70-9382-A6C082886F2E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe|Name=ESN Sonar Host Application| "{41DB27D1-1686-4149-A3B4-9AEFE595A5FC}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Windows\SysWOW64\PnkBstrB.exe|Name=PnkBstrB| "{27506299-8CFE-49E9-9C63-C91E862227F0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Windows\SysWOW64\PnkBstrB.exe|Name=PnkBstrB| "{45B04E95-AAED-4FBF-9EB0-15D569161FC0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Windows\SysWOW64\PnkBstrA.exe|Name=PnkBstrA| "{959791FF-0FD5-4AF5-A3B1-93F21FB3BCDE}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Windows\SysWOW64\PnkBstrA.exe|Name=PnkBstrA| "{08DB38C8-2DE8-4CC1-B94F-45725C1D9448}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE|Name=LogiOptionsMgr.EXE|Desc=LogiOptionsMgr.EXE| "{078587AB-6E0F-4204-BE59-3D42E22079DF}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002| "{D6D1DA07-8622-4CD2-9E78-4A8270EC4877}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Shell Input Application|Desc=Shell Input Application|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-3945102849-3632965805-3846928828-240845225-3300287824-62672950-817265009|EmbedCtxt=Shell Input Application|Platform=2:6:2|Platform2=GTEQ| "{C1ADA0BC-62D5-49FA-A5DB-B5124CC0D886}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Pay|Desc=Microsoft Pay|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Microsoft Pay|Platform=2:6:2|Platform2=GTEQ| "{850E16C4-75CB-4D16-B6B5-6AA3451EB9A8}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ| "{BF97870E-323B-4482-80A7-4268D1D6F9A3}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Facebook|Desc=Facebook|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-3324467646-4197585051-1359281946-1224535466-457027138-2879639353-3757999841|EmbedCtxt=Facebook|Platform=2:6:2|Platform2=GTEQ| "{E8BB6262-9491-47AB-B68D-B786691705B3}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Windows\SysWOW64\ENAgent.exe|Name=EPSON ENAgent| "{2CF615C0-7B74-4628-AF45-5668825693FE}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Windows\SysWOW64\ENAgent.exe|Name=EPSON ENAgent| "{66DA1AF9-5666-4361-940E-B2397B32A47C}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe|Name=Rainbow Six - Siege: Launcher| "{DC31FA22-C77F-4DD4-8450-3C7B4BBE3306}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe|Name=Rainbow Six - Siege: Launcher| "{5502EB40-2A63-4215-9244-64F2F03A9D4E}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe|Name=Rainbow Six - Siege: Game| "{AB407F34-DF99-4DC8-A2DE-A6B30B7043BA}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe|Name=Rainbow Six - Siege: Game| "{1CD9750F-0B58-4A2D-9313-D0B1D21A6035}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{0A3291A9-83A1-4643-9983-51AB7A9AC5EE}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Messenger|Desc=Messenger|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-1345574982-3131358661-52681180-1453525950-1322691609-2529609693-64475048|EmbedCtxt=Messenger|Platform=2:6:2|Platform2=GTEQ| "{F453DEE6-14C9-4565-B5B3-F84C040750FA}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox One SmartGlass|Desc=Xbox One SmartGlass|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-2214089197-971179125-4124359169-283697964-1336710732-3555069067-437187921|EmbedCtxt=Xbox One SmartGlass|Platform=2:6:2|Platform2=GTEQ| "{12AA9C06-4788-4EFB-9F2E-375A373EEE13}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox One SmartGlass|Desc=Xbox One SmartGlass|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-2214089197-971179125-4124359169-283697964-1336710732-3555069067-437187921|EmbedCtxt=Xbox One SmartGlass|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{62375D91-4AF4-4256-8020-281F63694DB8}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Block Puzzle Jewel 2019|Desc=Block Puzzle Jewel 2019|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-2028869047-3868074944-3643838351-2371263879-4056423704-8292388-2905549434|EmbedCtxt=Block Puzzle Jewel 2019|Platform=2:6:2|Platform2=GTEQ| "{40670B76-28BE-4405-92F6-46E5CADF278B}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Block Puzzle Jewel 2019|Desc=Block Puzzle Jewel 2019|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-2028869047-3868074944-3643838351-2371263879-4056423704-8292388-2905549434|EmbedCtxt=Block Puzzle Jewel 2019|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{5B02FD9E-45CD-4B52-B817-71A7D2AB0BB3}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Reader Notification Client|Desc=Reader Notification Client|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-337305221-3049341553-1749977169-223016116-2167122799-3306420396-1046646909|EmbedCtxt=Reader Notification Client|Platform=2:6:2|Platform2=GTEQ| "{95BCEAE3-B526-46B6-8F18-BB813BE9B1E7}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Reader Notification Client|Desc=Reader Notification Client|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-337305221-3049341553-1749977169-223016116-2167122799-3306420396-1046646909|EmbedCtxt=Reader Notification Client|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{02270B4D-FFAA-45AB-BCD3-7B01BB9897D2}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{1CD38416-AE1A-4046-956A-50033AB9EDC9}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{4DF647D9-2FCF-4714-BBBE-344EC50EEAB6}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Cooking Fever|Desc=Cooking Fever|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-1425981133-1902147723-1235586017-4066786900-4004135926-1284585104-2450147657|EmbedCtxt=Cooking Fever|Platform=2:6:2|Platform2=GTEQ| "{6F4D1BD2-A83C-4F60-8458-6668BFA19BB4}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Cooking Fever|Desc=Cooking Fever|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-1425981133-1902147723-1235586017-4066786900-4004135926-1284585104-2450147657|EmbedCtxt=Cooking Fever|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{0809C069-1563-49E6-AE7E-DC568A8A3B2C}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{64194B92-D40E-4A3E-A6D1-C73C07B49B6B}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{7CA68887-3BE9-4DF5-BE1C-9B894DD1C36E}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "{77C7D7FD-D8E6-43F1-86B5-2DFFC8DE983C}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{F4C8F4E1-A008-4EA9-AB06-EE718930FC45}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{8990600D-B4EB-488D-9AB5-144DE63C2411}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Candy Crush Friends|Desc=Candy Crush Friends|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-2434645666-2532177092-3042203602-619713399-428220933-2149260498-1813168567|EmbedCtxt=Candy Crush Friends|Platform=2:6:2|Platform2=GTEQ| "{670271AE-677A-4F9B-95EC-31174C2714AC}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game Bar Plugin|Desc=Xbox Game Bar Plugin|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-1823635404-1364722122-2170562666-1762391777-2399050872-3465541734-3732476201|EmbedCtxt=Xbox Game Bar Plugin|Platform=2:6:2|Platform2=GTEQ| "{4350064B-35F1-451C-83AC-630719BF75BE}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{FF7E655A-0892-477B-9178-37D022416257}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{CEA1622E-0DEA-43D1-A9E4-73EC2970C004}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Candy Crush Saga|Desc=Candy Crush Saga|LUOwn=S-1-5-21-2673370752-163226256-3562748738-1000|AppPkgId=S-1-15-2-2599857031-3789198952-3515498744-3120614410-3826243417-3816649221-455961092|EmbedCtxt=Candy Crush Saga|Platform=2:6:2|Platform2=GTEQ| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3f966bd9-fa04-4ec5-991c-d326973b5128}] : (AndroidUsbDeviceClass) [] -> @oem19.inf,%ClassName%;ADB Interface [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b2728d24-ac56-42db-9e02-8edaf5db652f}] : (RDCamera) [] -> @rdcameradriver.inf,%ClassName%;Remote Desktop Camera devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e6f1aa1c-7f3b-4473-b2e8-c97d8ac71d53}] : (UCM) [] -> @c_ucm.inf,%ClassDesc%;USB Connector Managers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eb781aaf-9c70-4523-a5df-642a87eca567}] : (libusb-win32 devices) [] -> libusb-win32 devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [25/04/2019 19:32:08] - (2.1.12.0) - (AO Kaspersky Lab - Kaspersky Lab Anti-Rootkit Monitor) - C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [27/01/2018 11:10:16] - (5.2.6.0) - (AO Kaspersky Lab - Cryptographic Module Driver x64 (56 bit)) - C:\WINDOWS\system32\DRIVERS\cm_km.sys [15/04/2019 11:58:55] - (15.1.206.0) - (AO Kaspersky Lab - Backup Disk Filter [fre_win8_x64]) - C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [25/04/2019 19:32:08] - (11.1.12.0) - (AO Kaspersky Lab - Kaspersky Lab Boot Guard Driver) - C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [25/04/2018 21:41:26] - (20.0.125.61) - (AO Kaspersky Lab - klhk [fre_win7_x64]) - C:\WINDOWS\System32\drivers\klhk.sys [02/02/2018 03:45:36] - (15.1.206.0) - (AO Kaspersky Lab - Backup File Filter [fre_win8_x64]) - C:\WINDOWS\system32\DRIVERS\klbackupflt.sys [30/05/2018 12:53:33] - (15.1.244.0) - (AO Kaspersky Lab - Filter Core [fre_win8_x64]) - C:\WINDOWS\system32\DRIVERS\klflt.sys [30/05/2017 18:51:40] - (15.1.203.0) - (AO Kaspersky Lab - Format Recognizer [fre_win8_x64]) - C:\WINDOWS\system32\DRIVERS\klpd.sys [30/05/2018 12:53:33] - (15.1.244.0) - (AO Kaspersky Lab - Core System Interceptors [fre_win8_x64]) - C:\WINDOWS\system32\DRIVERS\klif.sys [17/02/2018 02:50:42] - (15.1.210.0) - (AO Kaspersky Lab - WFP Network Filter [fre_win8_x64]) - C:\WINDOWS\system32\DRIVERS\klwfp.sys [17/02/2018 02:50:40] - (15.1.211.0) - (AO Kaspersky Lab - WFP Network Connection Filter Driver [fre_win8_x64]) - C:\WINDOWS\system32\DRIVERS\klwtp.sys [11/10/2016 14:14:28] - (15.1.203.0) - (AO Kaspersky Lab - Packet Network Filter [fre_win8_x64]) - C:\WINDOWS\system32\DRIVERS\klim6.sys [24/02/2018 05:17:48] - (15.1.215.0) - (AO Kaspersky Lab - Network Processor [fre_win8_x64]) - C:\WINDOWS\system32\DRIVERS\kneps.sys [25/04/2018 21:41:26] - (16.2.207.0) - (AO Kaspersky Lab - Virtual Disk [fre_win8_x64]) - C:\WINDOWS\system32\DRIVERS\kldisk.sys [12/02/2018 16:51:02] - (9.0.0.22) - (The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6.0)) - C:\WINDOWS\System32\drivers\kltap.sys [12/09/2019 14:25:49] - (26.21.14.3630) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 436.30) - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830a0263f2ee97ce\nvlddmkm.sys [12/04/2019 18:31:55] - (4.13.0.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\WINDOWS\system32\drivers\nvvad64v.sys [11/02/2019 12:49:32] - (303.0.0.0) - (NVIDIA Corporation - Virtual USB Host Controller driver) - C:\WINDOWS\System32\drivers\nvvhci.sys [12/02/2017 16:52:58] - (1.0.0.103) - (Scarlet.Crush Productions - Scp Virtual Bus Driver) - C:\WINDOWS\System32\drivers\ScpVBus.sys [04/01/2019 21:02:28] - (3.0.72.0) - (Corsair - Corsair virtual bus driver) - C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [16/02/2019 14:18:15] - (1.3.38.21) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\WINDOWS\system32\drivers\nvhda64v.sys [15/01/2018 05:16:12] - (15.1.204.0) - (AO Kaspersky Lab - Keyboard Device Filter [fre_win8_x64]) - C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [11/12/2017 11:49:14] - (15.1.202.0) - (AO Kaspersky Lab - Mouse Device Filter [fre_win8_x64]) - C:\WINDOWS\system32\DRIVERS\klmouflt.sys [18/09/2019 12:07:35] - (1.0.4.8) - (CPUID - CPUID Driver) - C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [25/04/2019 19:32:08] - (0.0.0.47) - (AO Kaspersky Lab - Kernel heuristics engine) - C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [25/04/2019 19:32:08] - (6.1.12.0) - (AO Kaspersky Lab - Kaspersky Lab Anti-Rootkit Engine) - C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [18/04/2019 16:19:12] - (3.0.72.0) - (Corsair - Corsair virtual device driver) - C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [25/04/2019 19:49:24] - (4.1.12.0) - (AO Kaspersky Lab - Kaspersky Lab Anti-Rootkit) - C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - bttflt (@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter) -> System32\drivers\bttflt.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - cht4iscsi () -> System32\drivers\cht4sx64.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - cm_km (AO Kaspersky Lab Cryptographic Module x64 (56 bit)) -> system32\DRIVERS\cm_km.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - iaStorA () -> System32\drivers\iaStorA.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - iaStorAVC (@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller) -> System32\drivers\iaStorAVC.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-101) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - ItSas35i () -> System32\drivers\ItSas35i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iusb3hcs (Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0) -> system32\DRIVERS\iusb3hcs.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - klbackupdisk (Kaspersky Lab klbackupdisk) -> system32\DRIVERS\klbackupdisk.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - klelam (klelam) -> system32\DRIVERS\klelam.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - klupd_klif_arkmon () -> System32\Drivers\klupd_klif_arkmon.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - klupd_klif_klbg () -> System32\Drivers\klupd_klif_klbg.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas35i () -> System32\drivers\megasas35i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;PCI Bus Driver) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> system32\DRIVERS\ramdisk.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - SgrmAgent (@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001) -> system32\drivers\SgrmAgent.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SmartSAMD () -> System32\drivers\SmartSAMD.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - afunix (afunix) -> \SystemRoot\system32\drivers\afunix.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - bam (@%SystemRoot%\system32\drivers\bam.sys,-100) -> system32\drivers\bam.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - klbackupflt (Kaspersky Lab klbackupflt) -> system32\DRIVERS\klbackupflt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - kldisk (kldisk) -> \SystemRoot\system32\DRIVERS\kldisk.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - klhk (@oem33.inf,%klhkDisplayName%;Kaspersky Lab service driver) -> \SystemRoot\System32\drivers\klhk.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - KLIF (Kaspersky Lab Driver) -> system32\DRIVERS\klif.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - klim6 (@oem25.inf,%KLIM6_Desc%;Kaspersky Anti-Virus NDIS 6 Filter) -> \SystemRoot\system32\DRIVERS\klim6.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - klpd (Kaspersky Lab format recognizer driver) -> system32\DRIVERS\klpd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - klwfp (klwfp) -> \SystemRoot\system32\DRIVERS\klwfp.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Klwtp (KLwtp - WFP callout traffic inspector) -> \SystemRoot\system32\DRIVERS\klwtp.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - kneps (kneps) -> \SystemRoot\system32\DRIVERS\kneps.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> system32\drivers\cldflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MQAC (@mqutil.dll,-6101) -> system32\drivers\mqac.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1444D2EE-C7AD-44A8-844F-2634B49353D1}] : (Logitech Gaming Software 5.10.-.Logitech) -> MsiExec.exe /X{1444D2EE-C7AD-44A8-844F-2634B49353D1} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{335F9123-9306-4DB0-AF07-9C636317EE9D}] : (Intel(R) ME UninstallLegacy.-.Intel Corporation) -> MsiExec.exe /I{335F9123-9306-4DB0-AF07-9C636317EE9D} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{54EC951C-4197-4AA4-803B-101F127BBB38}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{54EC951C-4197-4AA4-803B-101F127BBB38} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{66C5838F-B854-4A55-89E6-A6138747A4DF}] : (Epic Games Launcher Prerequisites (x64).-.Epic Games, Inc.) -> MsiExec.exe /X{66C5838F-B854-4A55-89E6-A6138747A4DF} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{768C0072-2FD2-4934-9824-B2A1E81AEA5D}] : (Backup and Sync from Google.-.Google, Inc.) -> MsiExec.exe /X{768C0072-2FD2-4934-9824-B2A1E81AEA5D} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9503AD68-6198-4081-9F57-1F346D7B58D4}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> MsiExec.exe /I{9503AD68-6198-4081-9F57-1F346D7B58D4} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{96ED1D58-440C-4345-8FEE-C4781366C67F}] : (EpsonNet Print.-.SEIKO EPSON Corporation) -> MsiExec.exe /X{96ED1D58-440C-4345-8FEE-C4781366C67F} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel] : (NVIDIA Ansel.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 436.30.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (Mises à jour NVIDIA 38.0.1.0.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (NVIDIA SHIELD Streaming.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvAbHub] : (NVIDIA ABHub.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend] : (NVIDIA Backend.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer] : (NVIDIA Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHelper] : (NVIDIA TelemetryApi helper for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem] : (NVIDIA LocalSystem Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus] : (NVIDIA Message Bus for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService] : (NVIDIA NetworkService Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor] : (NVAPI Monitor plugin for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session] : (NVIDIA Session Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User] : (NVIDIA User Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer] : (NVIDIA Display Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS] : (NVIDIA Display Container LS.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog] : (NVIDIA Display Watchdog Plugin.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer] : (NVIDIA Display Session Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs] : (NVIDIA NodeJS.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog] : (NVIDIA Watchdog Plugin for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry] : (NVIDIA Telemetry Client.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci] : (NVIDIA Virtual Host Controller.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC] : (Nvidia Share.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 3.20.0.118.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (NVIDIA SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 4.13.0.0.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B7CC660E-F31D-490C-BD2A-2CB2EC5A5E3A}] : (Intel(R) Chipset Device Software.-.Intel Corporation) -> MsiExec.exe /I{B7CC660E-F31D-490C-BD2A-2CB2EC5A5E3A} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D559687A-60C5-4786-9429-C21EC195789D}] : (ANT Drivers Installer x64.-.Garmin Ltd or its subsidiaries) -> MsiExec.exe /I{D559687A-60C5-4786-9429-C21EC195789D} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}] : (Kaspersky Total Security.-.Kaspersky Lab) -> MsiExec.exe /I{718613F4-492D-4272-ACC3-D04A8EF0F883} REMOVE=ALL [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}] : (Kaspersky Password Manager.-.Kaspersky Lab) -> MsiExec.exe /I{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611} REMOVE=ALL [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}] : (Kaspersky Secure Connection.-.Kaspersky Lab) -> MsiExec.exe /I{F10AA188-7166-430E-8810-FEAB2AD73DE3} REMOVE=ALL [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MyEpson Portal] : (MyEpson Portal.-.SEIKO EPSON Corporation) -> MsiExec.exe /I{3361D415-BA35-4143-B301-661991BA6219} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{08610298-29AE-445B-B37D-EFBE05802967}] : (LWS Pictures And Video.-.Logitech) -> MsiExec.exe /I{08610298-29AE-445B-B37D-EFBE05802967} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}] : (Elevated Installer.-.Garmin Ltd or its subsidiaries) -> MsiExec.exe /I{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1028AD34-EB8A-4136-9A93-27FC60FD0A40}] : (Epson Software Updater.-.Seiko Epson Corporation) -> MsiExec.exe /X{1028AD34-EB8A-4136-9A93-27FC60FD0A40} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{15634701-BACE-4449-8B25-1567DA8C9FD3}] : (CameraHelperMsi.-.Logitech) -> MsiExec.exe /I{15634701-BACE-4449-8B25-1567DA8C9FD3} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{15F081E3-93FF-4FF3-B447-42CC458C4F79}] : (Epson Event Manager.-.Seiko Epson Corporation) -> MsiExec.exe /X{15F081E3-93FF-4FF3-B447-42CC458C4F79} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1651216E-E7AD-4250-92A1-FB8ED61391C9}] : (LWS Help_main.-.Logitech) -> MsiExec.exe /I{1651216E-E7AD-4250-92A1-FB8ED61391C9} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{174A3B31-4C43-43DD-866F-73C9DB887B48}] : (LWS Twitter.-.Logitech) -> MsiExec.exe /I{174A3B31-4C43-43DD-866F-73C9DB887B48} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}] : (LWS YouTube Plugin.-.Logitech) -> MsiExec.exe /I{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F32180221F0}] : (Java 8 Update 221.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F32180221F0} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3361D415-BA35-4143-B301-661991BA6219}] : (MyEpson Portal.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /I{3361D415-BA35-4143-B301-661991BA6219} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}] : (erLT.-.Logitech, Inc.) -> MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{48F22622-1CC2-4A83-9C1E-644DD96F832D}] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{50D70A8D-0503-4AA6-97EF-09849E9FB520}] : (OpenOffice 4.1.6.-.Apache Software Foundation) -> MsiExec.exe /I{50D70A8D-0503-4AA6-97EF-09849E9FB520} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google LLC) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6BF9F374-EC67-4808-A90C-F127DE6D989D}] : (Epson E-Web Print.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /X{6BF9F374-EC67-4808-A90C-F127DE6D989D} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}] : (LWS Gallery.-.Logitech) -> MsiExec.exe /I{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{718613F4-492D-4272-ACC3-D04A8EF0F883}] : (Kaspersky Total Security.-.Kaspersky Lab) -> MsiExec.exe /I{718613F4-492D-4272-ACC3-D04A8EF0F883} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{71E66D3F-A009-44AB-8784-75E2819BA4BA}] : (LWS Motion Detection.-.Logitech) -> MsiExec.exe /I{71E66D3F-A009-44AB-8784-75E2819BA4BA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7F1C627F-7F07-4B51-B50F-FF8C64881D6E}] : (Phone Nokia USB Driver.-.Mobile) -> MsiExec.exe /I{7F1C627F-7F07-4B51-B50F-FF8C64881D6E} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}] : (LWS Launcher.-.Logitech) -> MsiExec.exe /I{83C8FA3C-F4EA-46C4-8392-D3CE353738D6} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}] : (Manuels EPSON.-.Seiko Epson Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8937D274-C281-42E4-8CDB-A0B2DF979189}] : (LWS Webcam Software.-.Logitech) -> MsiExec.exe /I{8937D274-C281-42E4-8CDB-A0B2DF979189} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{89860B23-2202-433F-A751-AA16864CD9CB}] : (Easy Photo Scan.-.Seiko Epson Corporation) -> MsiExec.exe /X{89860B23-2202-433F-A751-AA16864CD9CB} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{95D0EADA-5123-41C0-931A-F37946BC0E8E}] : (Garmin Express.-.Garmin Ltd or its subsidiaries) -> MsiExec.exe /I{95D0EADA-5123-41C0-931A-F37946BC0E8E} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9ABD2971-9B8B-4958-9100-4EAFCC32A86D}] : (Epson Printer Connection Checker.-.Seiko Epson Corporation) -> MsiExec.exe /X{9ABD2971-9B8B-4958-9100-4EAFCC32A86D} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9DAEA76B-E50F-4272-A595-0124E826553D}] : (LWS WLM Plugin.-.Logitech) -> MsiExec.exe /I{9DAEA76B-E50F-4272-A595-0124E826553D} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824341201}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824341201} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}] : (Adobe Acrobat Reader DC - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AC0F074E4100} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AF86B687-6934-384B-AA6B-C4D7EE403E15}] : (Google Chrome.-.Google, Inc.) -> MsiExec.exe /X{AF86B687-6934-384B-AA6B-C4D7EE403E15} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}] : (Kaspersky Password Manager.-.Kaspersky Lab) -> MsiExec.exe /X{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}] : (Epson Connect Printer Setup.-.Seiko Epson Corporation) -> MsiExec.exe /X{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DA0C1EA8-166F-4EA0-9B1F-332588273C13}] : (Epson Photo+.-.Seiko Epson Corporation) -> MsiExec.exe /X{DA0C1EA8-166F-4EA0-9B1F-332588273C13} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E50CD42B-C944-4006-94DB-7A533DD3A0F1}] : (CORSAIR iCUE Software.-.Corsair) -> MsiExec.exe /I{E50CD42B-C944-4006-94DB-7A533DD3A0F1} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F10AA188-7166-430E-8810-FEAB2AD73DE3}] : (Kaspersky Secure Connection.-.Kaspersky Lab) -> MsiExec.exe /I{F10AA188-7166-430E-8810-FEAB2AD73DE3} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}] : (LWS Facebook.-.Logitech) -> MsiExec.exe /I{FF167195-9EE4-46C0-8CD7-FBA3457E88AB} ---------- | Ports ---------- | Installer [HKCR\Installer\Products\10743651ECAB9444B8525176ADC8F93D] : CameraHelperMsi [HKCR\Installer\Products\13B3A47134C4DD3468F6379CBD88B784] : LWS Twitter [HKCR\Installer\Products\1792DBA9B8B985941900E4FACC238AD6] : Epson Printer Connection Checker -> C:\WINDOWS\Installer\{9ABD2971-9B8B-4958-9100-4EAFCC32A86D}\icon.ico [HKCR\Installer\Products\2700C8672DF2439489422B1A8EA1AED5] : Backup and Sync from Google -> C:\WINDOWS\Installer\{768C0072-2FD2-4934-9824-B2A1E81AEA5D}\DriveIcon [HKCR\Installer\Products\3219F53360390BD4FA70C9363671EED9] : Intel(R) ME UninstallLegacy [HKCR\Installer\Products\32B068982022F3347A15AA6168C49DBC] : Easy Photo Scan -> C:\WINDOWS\Installer\{89860B23-2202-433F-A751-AA16864CD9CB}\icon.exe [HKCR\Installer\Products\3E180F51FF393FF44B7424CC54C8F497] : Epson Event Manager -> C:\WINDOWS\Installer\{15F081E3-93FF-4FF3-B447-42CC458C4F79}\icon.exe [HKCR\Installer\Products\43DA8201A8BE6314A93972CF06DFA004] : Epson Software Updater -> C:\WINDOWS\Installer\{1028AD34-EB8A-4136-9A93-27FC60FD0A40}\icon.ico [HKCR\Installer\Products\472D7398182C4E24C8BD0A2BFD791998] : LWS Webcam Software [HKCR\Installer\Products\473F9FB676CE80849AC01F72EDD689D9] : Epson E-Web Print -> C:\WINDOWS\Installer\{6BF9F374-EC67-4808-A90C-F127DE6D989D}\icon.exe [HKCR\Installer\Products\4920FD12D9B61474BAF62BBABF2D83E7] : LWS YouTube Plugin [HKCR\Installer\Products\4EA42A62D9304AC4784BF2238120120F] : Java 8 Update 221 -> C:\Program Files (x86)\Java\jre1.8.0_221\\bin\javaws.exe [HKCR\Installer\Products\4F316817D2942724CA3C0DA4E80F8F38] : Kaspersky Total Security -> C:\Windows\Installer\{718613F4-492D-4272-ACC3-D04A8EF0F883}\arp.ico [HKCR\Installer\Products\514D163353AB34143B10669119AB2691] : MyEpson Portal [HKCR\Installer\Products\591761FF4EE90C64C87DBF3A54E788BA] : LWS Facebook [HKCR\Installer\Products\68AB67CA408033019195008142432110] : Adobe Refresh Manager -> C:\WINDOWS\Installer\{AC76BA86-0804-1033-1959-001824341201}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA76301B744CAF070E41400] : Adobe Acrobat Reader DC - Français -> C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico [HKCR\Installer\Products\786B68FA4396B483AAB64C7DEE04E351] : Google Chrome -> C:\Windows\Installer\{AF86B687-6934-384B-AA6B-C4D7EE403E15}\icon.ico [HKCR\Installer\Products\80609FB059F2C7C4A9589EE0C0FAF49E] : Elevated Installer -> C:\Windows\Installer\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}\express.ico [HKCR\Installer\Products\85D1DE69C0445434F8EE4C8731666CF7] : EpsonNet Print [HKCR\Installer\Products\86DA305989161804F975F143D6B7854D] : Intel(R) Rapid Storage Technology [HKCR\Installer\Products\881AA01F6617E0348801EFBAA27DD33E] : Kaspersky Secure Connection -> C:\WINDOWS\Installer\{F10AA188-7166-430E-8810-FEAB2AD73DE3}\arp.ico [HKCR\Installer\Products\89201680EA92B5443BD7FEEB50089276] : LWS Pictures And Video [HKCR\Installer\Products\8AE1C0ADF6610AE4B9F133528872C331] : Epson Photo+ -> C:\WINDOWS\Installer\{DA0C1EA8-166F-4EA0-9B1F-332588273C13}\Icon.exe [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A786955D5C06687449922CE11C5987D9] : ANT Drivers Installer x64 [HKCR\Installer\Products\ADAE0D5932150C1439A13F9764CBE0E8] : Garmin Express [HKCR\Installer\Products\B15D1B9D65BED014EA5BC1FCCAB4C6C8] : Epson Connect Printer Setup -> C:\WINDOWS\Installer\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B1CCEC48FE121B14A919E327E4D5993D] : Manuels EPSON -> C:\Windows\Installer\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}\EPSMICO.ICO [HKCR\Installer\Products\B24DC05E449C600449BDA735D33D0A1F] : CORSAIR iCUE Software -> C:\WINDOWS\Installer\{E50CD42B-C944-4006-94DB-7A533DD3A0F1}\ProgramIcon [HKCR\Installer\Products\B67AEAD9F05E27245A5910428E6255D3] : LWS WLM Plugin [HKCR\Installer\Products\C159CE4579144AA408B301F121B7BB83] : Intel(R) Management Engine Components [HKCR\Installer\Products\C3AF8C38AE4F4C6438293DEC5373836D] : LWS Launcher [HKCR\Installer\Products\C3CE67F61B43E63479BF845CD8B7DEDC] : LWS Gallery [HKCR\Installer\Products\D8A07D0530506AA479FE9048E9F95B02] : OpenOffice 4.1.6 -> C:\WINDOWS\Installer\{50D70A8D-0503-4AA6-97EF-09849E9FB520}\soffice.ico [HKCR\Installer\Products\E066CC7BD13FC094DBA2C22BCEA5E5A3] : Intel(R) Chipset Device Software [HKCR\Installer\Products\E3337F2BD8C64994AA4CEF8CBEFB6911] : Kaspersky Password Manager -> C:\Windows\Installer\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}\product.ico [HKCR\Installer\Products\E6121561DA7E0524291ABFE86D31199C] : LWS Help_main [HKCR\Installer\Products\EE2D4441DA7C8A4448F462434B39351D] : Logitech Gaming Software 5.10 -> C:\Windows\Installer\{1444D2EE-C7AD-44A8-844F-2634B49353D1}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F3D66E17900ABA447848572E18B94AAB] : LWS Motion Detection [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\F726C1F770F715B45BF0FFC84688D1E6] : Phone Nokia USB Driver [HKCR\Installer\Products\F8385C66458B55A4986E6A3178744AFD] : Epic Games Launcher Prerequisites (x64) -> C:\Windows\Installer\{66C5838F-B854-4A55-89E6-A6138747A4DF}\UnrealEngineLauncher.ico ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Le programme Video.UI.exe version 10.19072.1201.0 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 2fa0 Heure de début : 01d56e08eb183a40 Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe ID de rapport : f7c1a9d6-93e7-415e-845c-be00ac938994 Nom complet du package défectueux : Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe ID de l'application relative à un package défectueux : Microsoft.ZuneVideo Type de blocage : Quiesce ------------ Le programme SearchUI.exe version 10.0.17763.719 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 25dc Heure de début : 01d56e08e626d1ca Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe ID de rapport : 88691bcd-ef8c-4327-b084-6a1371e075c4 Nom complet du package défectueux : Microsoft.Windows.Cortana_1.11.6.17763_neutral_neutral_cw5n1h2txyewy ID de l'application relative à un package défectueux : CortanaUI Type de blocage : Quiesce ------------ Le programme YourPhone.exe version 1.19082.1006.0 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 29d8 Heure de début : 01d56e08e6d9bb49 Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19082.1006.0_x64__8wekyb3d8bbwe\YourPhone.exe ID de rapport : b61ba799-79e6-40a4-a321-89ee610ae442 Nom complet du package défectueux : Microsoft.YourPhone_1.19082.1006.0_x64__8wekyb3d8bbwe ID de l'application relative à un package défectueux : App Type de blocage : Quiesce ------------ Le programme ShellExperienceHost.exe version 10.0.17763.719 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 2550 Heure de début : 01d56e08e5eb173f Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe ID de rapport : 7eae2d0c-624a-430a-b477-cb7d003fb4d0 Nom complet du package défectueux : Microsoft.Windows.ShellExperienceHost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy ID de l'application relative à un package défectueux : App Type de blocage : Quiesce ------------ Windows ne peut pas accéder au fichier pour une des raisons suivantes : un problème s’est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les pilotes de stockage installés sur cet ordinateur, ou le disque est manquant. Windows a fermé le programme OriginWebHelperService en raison de cette erreur. Programme : OriginWebHelperService Fichier : La valeur de l’erreur est affichée dans la section Données supplémentaires. Action utilisateur 1. Ouvrez à nouveau le fichier. Cette situation peut résulter d’un problème temporaire qui se corrigera de lui-même à la prochaine exécution du programme. 2. Si le fichier est toujours inaccessible et - Il se trouve sur le réseau : votre administrateur réseau devrait vérifier qu’il n’y a aucun problème avec le réseau et que le serveur peut être contacté. - Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l’ordinateur. 3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l’invite de commandes, entrez CHKDSK /F et appuyez sur Entrée. 4. Si le problème persiste, restaurez le fichier à partir d’une copie de sauvegarde. 5. Déterminez si d’autres fichiers du même disque peuvent être ouverts. Si ce n’est pas le cas, le disque est peut-être endommagé. S’il s’agit d’un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur pour obtenir une assistance supplémentaire. Données supplémentaires Valeur de l’erreur : C000026E Type du disque : 0 ------------ Nom de l’application défaillante OriginWebHelperService.exe, version : 10.5.47.29954, horodatage : 0x5d6feee4 Nom du module défaillant : ntdll.dll, version : 10.0.17763.737, horodatage : 0xd7315be6 Code d’exception : 0xc0000006 Décalage d’erreur : 0x000672a8 ID du processus défaillant : 0x36bc Heure de début de l’application défaillante : 0x01d56d36e53e1376 Chemin d’accès de l’application défaillante : F:\Origin\OriginWebHelperService.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : e1d699c2-7251-4c28-ada0-ac7adab0d599 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Windows ne peut pas accéder au fichier pour une des raisons suivantes : un problème s’est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les pilotes de stockage installés sur cet ordinateur, ou le disque est manquant. Windows a fermé le programme Uplay launcher en raison de cette erreur. Programme : Uplay launcher Fichier : La valeur de l’erreur est affichée dans la section Données supplémentaires. Action utilisateur 1. Ouvrez à nouveau le fichier. Cette situation peut résulter d’un problème temporaire qui se corrigera de lui-même à la prochaine exécution du programme. 2. Si le fichier est toujours inaccessible et - Il se trouve sur le réseau : votre administrateur réseau devrait vérifier qu’il n’y a aucun problème avec le réseau et que le serveur peut être contacté. - Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l’ordinateur. 3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l’invite de commandes, entrez CHKDSK /F et appuyez sur Entrée. 4. Si le problème persiste, restaurez le fichier à partir d’une copie de sauvegarde. 5. Déterminez si d’autres fichiers du même disque peuvent être ouverts. Si ce n’est pas le cas, le disque est peut-être endommagé. S’il s’agit d’un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur pour obtenir une assistance supplémentaire. Données supplémentaires Valeur de l’erreur : C000026E Type du disque : 0 ------------ Nom de l’application défaillante upc.exe, version : 96.0.0.6936, horodatage : 0x5d78d090 Nom du module défaillant : libcef.dll, version : 3.3440.1805.0, horodatage : 0x5b6496ec Code d’exception : 0xc0000006 Décalage d’erreur : 0x00426290 ID du processus défaillant : 0x215c Heure de début de l’application défaillante : 0x01d56d36c93aefb8 Chemin d’accès de l’application défaillante : F:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe Chemin d’accès du module défaillant: F:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libcef.dll ID de rapport : 4e93af2f-5114-4ab1-abb2-a19796a673f3 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Windows ne peut pas accéder au fichier pour une des raisons suivantes : un problème s’est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les pilotes de stockage installés sur cet ordinateur, ou le disque est manquant. Windows a fermé le programme QtWebEngineProcess.exe en raison de cette erreur. Programme : QtWebEngineProcess.exe Fichier : La valeur de l’erreur est affichée dans la section Données supplémentaires. Action utilisateur 1. Ouvrez à nouveau le fichier. Cette situation peut résulter d’un problème temporaire qui se corrigera de lui-même à la prochaine exécution du programme. 2. Si le fichier est toujours inaccessible et - Il se trouve sur le réseau : votre administrateur réseau devrait vérifier qu’il n’y a aucun problème avec le réseau et que le serveur peut être contacté. - Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l’ordinateur. 3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l’invite de commandes, entrez CHKDSK /F et appuyez sur Entrée. 4. Si le problème persiste, restaurez le fichier à partir d’une copie de sauvegarde. 5. Déterminez si d’autres fichiers du même disque peuvent être ouverts. Si ce n’est pas le cas, le disque est peut-être endommagé. S’il s’agit d’un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur pour obtenir une assistance supplémentaire. Données supplémentaires Valeur de l’erreur : C000026E Type du disque : 0 ------------ Nom de l’application défaillante QtWebEngineProcess.exe, version : 0.0.0.0, horodatage : 0x5cface50 Nom du module défaillant : Qt5WebEngineCore.dll, version : 0.0.0.0, horodatage : 0x5cfacd06 Code d’exception : 0xc0000006 Décalage d’erreur : 0x010338a0 ID du processus défaillant : 0x3eb0 Heure de début de l’application défaillante : 0x01d56d36e7a7a222 Chemin d’accès de l’application défaillante : F:\Origin\QtWebEngineProcess.exe Chemin d’accès du module défaillant: F:\Origin\Qt5WebEngineCore.dll ID de rapport : c72fa79e-20cc-4138-ab9d-7ae1b4bff3da Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Windows ne peut pas accéder au fichier pour une des raisons suivantes : un problème s’est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les pilotes de stockage installés sur cet ordinateur, ou le disque est manquant. Windows a fermé le programme QtWebEngineProcess.exe en raison de cette erreur. Programme : QtWebEngineProcess.exe Fichier : La valeur de l’erreur est affichée dans la section Données supplémentaires. Action utilisateur 1. Ouvrez à nouveau le fichier. Cette situation peut résulter d’un problème temporaire qui se corrigera de lui-même à la prochaine exécution du programme. 2. Si le fichier est toujours inaccessible et - Il se trouve sur le réseau : votre administrateur réseau devrait vérifier qu’il n’y a aucun problème avec le réseau et que le serveur peut être contacté. - Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l’ordinateur. 3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l’invite de commandes, entrez CHKDSK /F et appuyez sur Entrée. 4. Si le problème persiste, restaurez le fichier à partir d’une copie de sauvegarde. 5. Déterminez si d’autres fichiers du même disque peuvent être ouverts. Si ce n’est pas le cas, le disque est peut-être endommagé. S’il s’agit d’un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur pour obtenir une assistance supplémentaire. Données supplémentaires Valeur de l’erreur : C000026E Type du disque : 0 ------------ Nom de l’application défaillante QtWebEngineProcess.exe, version : 0.0.0.0, horodatage : 0x5cface50 Nom du module défaillant : Qt5WebEngineCore.dll, version : 0.0.0.0, horodatage : 0x5cfacd06 Code d’exception : 0xc0000006 Décalage d’erreur : 0x010338a0 ID du processus défaillant : 0x301c Heure de début de l’application défaillante : 0x01d56d36e7fcc27c Chemin d’accès de l’application défaillante : F:\Origin\QtWebEngineProcess.exe Chemin d’accès du module défaillant: F:\Origin\Qt5WebEngineCore.dll ID de rapport : 70a4846e-0067-4280-8635-4933c25eae55 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante Origin.exe, version : 0.0.0.0, horodatage : 0x5d6ff09f Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc00000fd Décalage d’erreur : 0x1bc934da ID du processus défaillant : 0xc74 Heure de début de l’application défaillante : 0x01d56d36e2f991d3 Chemin d’accès de l’application défaillante : F:\Origin\Origin.exe Chemin d’accès du module défaillant: unknown ID de rapport : 09530b7a-c74c-459f-aac5-2905415b7902 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Windows ne peut pas accéder au fichier pour une des raisons suivantes : un problème s’est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les pilotes de stockage installés sur cet ordinateur, ou le disque est manquant. Windows a fermé le programme QtWebEngineProcess.exe en raison de cette erreur. Programme : QtWebEngineProcess.exe Fichier : La valeur de l’erreur est affichée dans la section Données supplémentaires. Action utilisateur 1. Ouvrez à nouveau le fichier. Cette situation peut résulter d’un problème temporaire qui se corrigera de lui-même à la prochaine exécution du programme. 2. Si le fichier est toujours inaccessible et - Il se trouve sur le réseau : votre administrateur réseau devrait vérifier qu’il n’y a aucun problème avec le réseau et que le serveur peut être contacté. - Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l’ordinateur. 3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l’invite de commandes, entrez CHKDSK /F et appuyez sur Entrée. 4. Si le problème persiste, restaurez le fichier à partir d’une copie de sauvegarde. 5. Déterminez si d’autres fichiers du même disque peuvent être ouverts. Si ce n’est pas le cas, le disque est peut-être endommagé. S’il s’agit d’un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur pour obtenir une assistance supplémentaire. Données supplémentaires Valeur de l’erreur : C000026E Type du disque : 0 ------------ Nom de l’application défaillante QtWebEngineProcess.exe, version : 0.0.0.0, horodatage : 0x5cface50 Nom du module défaillant : Qt5WebEngineCore.dll, version : 0.0.0.0, horodatage : 0x5cfacd06 Code d’exception : 0xc0000006 Décalage d’erreur : 0x0117a899 ID du processus défaillant : 0x2894 Heure de début de l’application défaillante : 0x01d56c54f9e92184 Chemin d’accès de l’application défaillante : F:\Origin\QtWebEngineProcess.exe Chemin d’accès du module défaillant: F:\Origin\Qt5WebEngineCore.dll ID de rapport : 97186cea-606b-4511-9cc9-2c8715814a52 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Windows ne peut pas accéder au fichier pour une des raisons suivantes : un problème s’est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les pilotes de stockage installés sur cet ordinateur, ou le disque est manquant. Windows a fermé le programme QtWebEngineProcess.exe en raison de cette erreur. Programme : QtWebEngineProcess.exe Fichier : La valeur de l’erreur est affichée dans la section Données supplémentaires. Action utilisateur 1. Ouvrez à nouveau le fichier. Cette situation peut résulter d’un problème temporaire qui se corrigera de lui-même à la prochaine exécution du programme. 2. Si le fichier est toujours inaccessible et - Il se trouve sur le réseau : votre administrateur réseau devrait vérifier qu’il n’y a aucun problème avec le réseau et que le serveur peut être contacté. - Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l’ordinateur. 3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l’invite de commandes, entrez CHKDSK /F et appuyez sur Entrée. 4. Si le problème persiste, restaurez le fichier à partir d’une copie de sauvegarde. 5. Déterminez si d’autres fichiers du même disque peuvent être ouverts. Si ce n’est pas le cas, le disque est peut-être endommagé. S’il s’agit d’un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur pour obtenir une assistance supplémentaire. Données supplémentaires Valeur de l’erreur : C000026E Type du disque : 0 ------------ Nom de l’application défaillante QtWebEngineProcess.exe, version : 0.0.0.0, horodatage : 0x5cface50 Nom du module défaillant : Qt5Gui.dll, version : 0.0.0.0, horodatage : 0x5cfe7dc7 Code d’exception : 0xc0000006 Décalage d’erreur : 0x0001d6d0 ID du processus défaillant : 0x300 Heure de début de l’application défaillante : 0x01d56c54f975bc0f Chemin d’accès de l’application défaillante : F:\Origin\QtWebEngineProcess.exe Chemin d’accès du module défaillant: F:\Origin\Qt5Gui.dll ID de rapport : 02239fad-84c4-4390-ac86-1cbce659bcbf Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Windows ne peut pas accéder au fichier pour une des raisons suivantes : un problème s’est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les pilotes de stockage installés sur cet ordinateur, ou le disque est manquant. Windows a fermé le programme Origin.exe en raison de cette erreur. Programme : Origin.exe Fichier : La valeur de l’erreur est affichée dans la section Données supplémentaires. Action utilisateur 1. Ouvrez à nouveau le fichier. Cette situation peut résulter d’un problème temporaire qui se corrigera de lui-même à la prochaine exécution du programme. 2. Si le fichier est toujours inaccessible et - Il se trouve sur le réseau : votre administrateur réseau devrait vérifier qu’il n’y a aucun problème avec le réseau et que le serveur peut être contacté. - Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l’ordinateur. 3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l’invite de commandes, entrez CHKDSK /F et appuyez sur Entrée. 4. Si le problème persiste, restaurez le fichier à partir d’une copie de sauvegarde. 5. Déterminez si d’autres fichiers du même disque peuvent être ouverts. Si ce n’est pas le cas, le disque est peut-être endommagé. S’il s’agit d’un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur pour obtenir une assistance supplémentaire. Données supplémentaires Valeur de l’erreur : C000026E Type du disque : 0 ------------ Nom de l’application défaillante Origin.exe, version : 0.0.0.0, horodatage : 0x5d6846ac Nom du module défaillant : ntdll.dll, version : 10.0.17763.737, horodatage : 0xd7315be6 Code d’exception : 0xc0000006 Décalage d’erreur : 0x000672a8 ID du processus défaillant : 0x367c Heure de début de l’application défaillante : 0x01d56c54e343f084 Chemin d’accès de l’application défaillante : F:\Origin\Origin.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : 3136fc7a-39e3-4765-a228-99bda4d702b3 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ ----------( EOF)---------- - 4382 | 19:56:07