--------------- QuickDiag | g3n-h@ckm@n | V5_18.09.19.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 02/10/2019 15:44:53 Updated 18/09/2019 | 23:30 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+09:00) Osaka, Sapporo, Tokyo [mimy (Administrator)] - [MIMY-PC] (S-1-5-21-2029272635-3143883451-3429156010-1000) System: Microsoft Windows 7 Home Premium - Service Pack 1 - (6.1.7601) - BuildType: Multiprocessor Free - OSLanguage: 1033 (0409) -> () System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk1\Partition2 Boot : Normal boot PC: MS-7823 - MSI - IdNumber: To be filled by O.E.M. - UUID: 00000000-0000-0000-0000-448A5B8A8463 Processor : X64 - 3400 Mhz - Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz BIOS Date: 05/30/14 11:34:31 Ver: 04.06.05 - en|US|iso8859-1 - American Megatrends Inc. - S/N: To be filled by O.E.M. - V3.7 - ALASKA - 1072009 CoreTemp : 29.8 Celsius ----------| Quick ---------- | SoundDevice USB Audio Device - Status: OK - Manufacturer: (Generic USB Audio) - PNPDeviceID: USB\VID_07CA&PID_0570&MI_02\7&284DD64D&0&0002 NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0040&SUBSYS_10438465&REV_1001\5&1941828&0&0001 Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0892&SUBSYS_1462D823&REV_1003\4&2AAE7760&0&0001 ---------- | Video NVIDIA GeForce GTX 770 - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: nvd3dumx.dll,nvwgf2umx.dll,nvwgf2umx.dll,nvd3dum,nvwgf2um,nvwgf2um - PNPDeviceID: PCI\VEN_10DE&DEV_1184&SUBSYS_84651043&REV_A1\4&3100BAF0&0&00E0 - AdapterCompatibility: NVIDIA - RAM: -2147483648 Inegrated Video Chipset DeviceName: NVIDIA GeForce GTX 770 - DriverVersion: 25.21.14.1967 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16384 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 22016 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\scg726.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 13239 - Manufacturer: SHARP Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25600 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 29184 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 81408 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\alf2cd.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: NCT Company - Status: OK c:\windows\system32\vct3216.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 82944 - Manufacturer: Voxware, Inc. - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 24064 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\ac3acm.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 81920 - Manufacturer: fccHandler - Status: OK c:\windows\system32\lame.ax - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 245760 - Manufacturer: - Status: OK c:\windows\system32\mcdvd_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 261632 - Manufacturer: MainConcept - Status: OK c:\windows\system32\mpg4c32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 413760 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\xvidvfw.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 139264 - Manufacturer: - Status: OK c:\windows\system32\divx.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 638976 - Manufacturer: DivXNetworks, Inc. - Status: OK c:\windows\system32\vp6vfw.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 438272 - Manufacturer: On2.com - Status: OK c:\windows\system32\lagarith.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 216064 - Manufacturer: - Status: OK ---------- | CPU CPU #1 value:37 % CPU #2 value:56 % CPU #3 value:6 % CPU #4 value:75 % Total Overall CPU Usage value:43 % ---------- | Network WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : ROOT\MS_SSTPMINIPORT\0000 WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : ROOT\MS_AGILEVPNMINIPORT\0000 WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : ROOT\MS_L2TPMINIPORT\0000 WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : ROOT\MS_PPTPMINIPORT\0000 WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : ROOT\MS_PPPOEMINIPORT\0000 WAN Miniport (IPv6) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIPV6\0000 WAN Miniport (Network Monitor) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANBH\0000 Bluetooth Device (Personal Area Network) - - - Status: - PnPID : WAN Miniport (IP) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIP\0000 RAS Async Adapter - Wide Area Network (WAN) - Microsoft - Status: - PnPID : SW\{EEAB7790-C514-11D1-B42B-00805FC1270E}\ASYNCMAC Realtek PCIe GBE Family Controller - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8168&SUBSYS_78231462&REV_0C\4&222E9A85&0&00E4 Bluetooth Device (Personal Area Network) - - - Status: - PnPID : Bluetooth Device (Personal Area Network) - - - Status: - PnPID : Bluetooth Device (Personal Area Network) - - - Status: - PnPID : Bluetooth Device (Personal Area Network) - - - Status: - PnPID : Bluetooth Device (Personal Area Network) - - - Status: - PnPID : Bluetooth Device (Personal Area Network) - - - Status: - PnPID : Bluetooth Device (Personal Area Network) - - - Status: - PnPID : Bluetooth Device (Personal Area Network) - - - Status: - PnPID : Bluetooth Device (Personal Area Network) - - - Status: - PnPID : ---------- | Memory RAM = Total (MB) : 16701 | Free (MB) : 14361 Pagefile = Total (MB) : 33399 | Free (MB) : 29627 Virtual = Total (MB) : 4194 | Free (MB) : 3961 Physical Memory 0 : Capacity: 4294967296 - ChannelA-DIMM0 - Posit.: - Manufacturer: 1311 - PartNumber: M2X4G64CB88D9N-DG - S/N: 62950C3C Physical Memory 1 : Capacity: 4294967296 - ChannelA-DIMM1 - Posit.: - Manufacturer: 1311 - PartNumber: M2X4G64CB88CHN-DG - S/N: 488E344F Physical Memory 2 : Capacity: 4294967296 - ChannelB-DIMM0 - Posit.: - Manufacturer: 1311 - PartNumber: M2X4G64CB88D9N-DG - S/N: B89C0C3C Physical Memory 3 : Capacity: 4294967296 - ChannelB-DIMM1 - Posit.: - Manufacturer: 1311 - PartNumber: M2X4G64CB88CHN-DG - S/N: 2E91344E ---------- | SID Users Administrator : [S-1-5-21-2029272635-3143883451-3429156010-500] Guest : [S-1-5-21-2029272635-3143883451-3429156010-501] HomeGroupUser$ : [S-1-5-21-2029272635-3143883451-3429156010-1015] mimy : [S-1-5-21-2029272635-3143883451-3429156010-1000] Administrators : [S-1-5-32-544] Distributed COM Users : [S-1-5-32-562] Event Log Readers : [S-1-5-32-573] Guests : [S-1-5-32-546] IIS_IUSRS : [S-1-5-32-568] Performance Log Users : [S-1-5-32-559] Performance Monitor Users : [S-1-5-32-558] Users : [S-1-5-32-545] HomeUsers : [S-1-5-21-2029272635-3143883451-3429156010-1013] SQLServer2005SQLBrowserUser$MIMY-PC : [S-1-5-21-2029272635-3143883451-3429156010-1010] SQLServerMSSQLServerADHelperUser$MIMY-PC : [S-1-5-21-2029272635-3143883451-3429156010-1009] SQLServerMSSQLUser$mimy-PC$MYMOVIES : [S-1-5-21-2029272635-3143883451-3429156010-1011] SQLServerSQLAgentUser$MIMY-PC$MYMOVIES : [S-1-5-21-2029272635-3143883451-3429156010-1012] ---------- | SystemAccounts Name: Everyone - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATOR OWNER - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: CREATOR GROUP - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: OWNER RIGHTS - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: DIALUP - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: NETWORK - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: BATCH - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIVE - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: PROXY - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: SYSTEM - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Authenticated Users - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: TERMINAL SERVER USER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: LOCAL SERVICE - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: NETWORK SERVICE - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [] | Total : 111.69 Go | Free : 15.26 Go -> NTFS (SSD) [SATA] D:\ -> [CDROM] | [Titan Quest] | Total : 3.15 Go | Free : 0 Go -> UDF [ATAPI] E:\ -> [Fixed] | [DataPC] | Total : 101.43 Go | Free : 22.95 Go -> NTFS [SATA] F:\ -> [Fixed] | [Collection] | Total : 830.08 Go | Free : 713.63 Go -> NTFS [SATA] J:\ -> [Removable] | [SONY MAISON] | Total : 3.67 Go | Free : 3.43 Go -> FAT32 [USB] Disk Usage Information [3 total Physical Disks] Physical Drive #0 [F:, E:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [C:] : Read:0 bytes/sec, Written:1,362,647 bytes/sec Max Read:0 bytes/sec, Max Write:1,362,647 bytes/sec Physical Drive #2 [J:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:0 bytes/sec, Write Maximum:1,362,647 bytes/sec DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - IDE - Fixed hard disk media - 2 Part. - PnPID : IDE\DISKSAMSUNG_SSD_840_EVO_120GB_______________EXT0BB6Q\5&2E589158&0&5.0.0 DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 2 Part. - PnPID : IDE\DISKST1000DX001-1CM162______________________CC43____\5&1831289B&0&3.0.0 DeviceID: \\.\PHYSICALDRIVE2 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_MULTI&PROD_FLASH_READER&REV_1.00\058F0O1111B1&0 ---------- | Windows updates - Activation - License W.A.T : :) Last detection : 2019-10-01 21:54:21 Downloaded last ones : 2019-09-10 22:09:37 Installed last ones : 2019-09-11 06:57:57 Next search : 2019-10-02 15:39:07 Test 1 : Windows Is Activated Volume License ---------- | Browsers IE : 11.0.9600.19463 (© Microsoft Corporation.) Default : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "" ---------- | FlashPlayer ---------- | Security AV : Microsoft Security Essentials Disabled AS : Windows Defender Disabled FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Auto(2)] = Running AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 316 | [Owner : SYSTEM | Parent : 4(System) | 1.36 Mo] - (.Microsoft Corporation - Windows Session Manager.) - (6.1.7601.24520) = C:\Windows\System32\smss.exe [11/09/2019 07:09:22] CPU Usage:0 % 520 | [Owner : SYSTEM | Parent : 496() | 4.94 Mo] - (.Microsoft Corporation - Client Server Runtime Process.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe [14/07/2009 08:19:49] CPU Usage:0 % 596 | [Owner : SYSTEM | Parent : 496() | 4.9 Mo] - (.Microsoft Corporation - Windows Start-Up Application.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe [14/07/2009 08:52:37] CPU Usage:0 % 604 | [Owner : SYSTEM | Parent : 588() | 10.96 Mo] - (.Microsoft Corporation - Client Server Runtime Process.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe [14/07/2009 08:19:49] CPU Usage:0 % 668 | [Owner : SYSTEM | Parent : 588() | 8.17 Mo] - (.Microsoft Corporation - Windows Logon Application.) - (6.1.7601.24514) = C:\Windows\System32\winlogon.exe [11/09/2019 07:09:24] CPU Usage:0 % 692 | [Owner : SYSTEM | Parent : 596(wininit.exe) | 9.84 Mo] - (.Microsoft Corporation - Services and Controller app.) - (6.1.7601.18829) = C:\Windows\System32\services.exe [13/05/2015 08:51:10] CPU Usage:0 % 716 | [Owner : SYSTEM | Parent : 596(wininit.exe) | 15.37 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.24520) = C:\Windows\System32\lsass.exe [11/09/2019 07:09:22] CPU Usage:0 % 724 | [Owner : SYSTEM | Parent : 596(wininit.exe) | 4.79 Mo] - (.Microsoft Corporation - Local Session Manager Service.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe [21/11/2010 12:23:53] CPU Usage:0 % 824 | [Owner : SYSTEM | Parent : 692(services.exe) | 11.02 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 08:31:13] CPU Usage:0 % 884 | [Owner : SYSTEM | Parent : 692(services.exe) | 13.22 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.11.2431.7967) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [26/03/2019 12:55:46] CPU Usage:0 % 940 | [Owner : NETWORK SERVICE | Parent : 692(services.exe) | 9.62 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 08:31:13] CPU Usage:0 % 1020 | [Owner : SYSTEM | Parent : 692(services.exe) | 177.82 Mo] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.10.209.0) = C:\Program Files\Microsoft Security Client\MsMpEng.exe [14/11/2016 21:14:42] CPU Usage:0 % 552 | [Owner : LOCAL SERVICE | Parent : 692(services.exe) | 25.72 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 08:31:13] CPU Usage:0 % 456 | [Owner : SYSTEM | Parent : 692(services.exe) | 19.02 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 08:31:13] CPU Usage:0 % 904 | [Owner : LOCAL SERVICE | Parent : 692(services.exe) | 28.67 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 08:31:13] CPU Usage:0 % 1036 | [Owner : SYSTEM | Parent : 692(services.exe) | 40.74 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 08:31:13] CPU Usage:0 % 1136 | [Owner : LOCAL SERVICE | Parent : 552(svchost.exe) | ?????] - (.Microsoft Corporation - Windows Audio Device Graph Isolation.) - (6.1.7601.24499) = C:\Windows\System32\audiodg.exe [10/07/2019 06:52:02] CPU Usage:0 % 1264 | [Owner : SYSTEM | Parent : 692(services.exe) | 6.66 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 08:31:13] CPU Usage:0 % 1364 | [Owner : NETWORK SERVICE | Parent : 692(services.exe) | 18.63 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 08:31:13] CPU Usage:0 % 1480 | [Owner : SYSTEM | Parent : 692(services.exe) | 14.96 Mo] - (.Microsoft Corporation - Spooler SubSystem App.) - (6.1.7601.24000) = C:\Windows\System32\spoolsv.exe [09/01/2018 09:05:34] CPU Usage:0 % 1508 | [Owner : LOCAL SERVICE | Parent : 692(services.exe) | 19.13 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 08:31:13] CPU Usage:0 % 1624 | [Owner : SYSTEM | Parent : 692(services.exe) | 4.36 Mo] - (.Adobe Systems - Adobe Acrobat Update Service.) - (1.824.34.1201) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [24/07/2019 01:58:34] CPU Usage:0 % 1672 | [Owner : SYSTEM | Parent : 692(services.exe) | 12.85 Mo] - (. - .) - (1.0.0.1) = C:\Program Files (x86)\AVerMedia\AVerMedia Live Gamer EXTREME\AVerUSBPortChecker.exe [16/11/2016 23:35:32] CPU Usage:0 % 1700 | [Owner : SYSTEM | Parent : 692(services.exe) | 7.86 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 08:31:13] CPU Usage:0 % 1744 | [Owner : SYSTEM | Parent : 692(services.exe) | 10.22 Mo] - (.MICRO-STAR INTERNATIONAL CO., LTD. - MSI_Trigger_Service.) - (1.0.9.0) = C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [06/05/2014 10:32:31] CPU Usage:0 % 1900 | [Owner : mimy | Parent : 692(services.exe) | 44.75 Mo] - (.Microsoft Corporation - Host Process for Windows Tasks.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe [06/05/2014 08:47:56] CPU Usage:0 % 1928 | [Owner : mimy | Parent : 1036(svchost.exe) | 7.34 Mo] - (.Microsoft Corporation - Task Scheduler Engine.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe [21/11/2010 12:24:27] CPU Usage:0 % 2028 | [Owner : mimy | Parent : 456(svchost.exe) | 38.42 Mo] - (.Microsoft Corporation - Desktop Window Manager.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe [14/07/2009 08:37:38] CPU Usage:0 % 1220 | [Owner : mimy | Parent : 1992() | 41.85 Mo] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.23537) = C:\Windows\explorer.exe [02/12/2016 23:17:52] CPU Usage:0 % 2096 | [Owner : NETWORK SERVICE | Parent : 692(services.exe) | 1.89 Mo] - (.Microsoft Corporation - SQL Server Windows NT - 64 Bit.) - (2009.100.4042.0) = C:\Program Files\Microsoft SQL Server\MSSQL10_50.MYMOVIES\MSSQL\Binn\sqlservr.exe [30/03/2015 00:54:24] CPU Usage:0 % 2128 | [Owner : mimy | Parent : 1220(explorer.exe) | 20.14 Mo] - (.Microsoft Corporation - Microsoft Security Client User Interface.) - (4.10.209.0) = C:\Program Files\Microsoft Security Client\msseces.exe [14/11/2016 20:57:26] CPU Usage:0 % 2208 | [Owner : mimy | Parent : 1220(explorer.exe) | 12.21 Mo] - (.Realtek Semiconductor - Realtek HD Audio Manager.) - (1.0.603.0) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [31/12/2017 14:43:35] CPU Usage:0 % 2216 | [Owner : mimy | Parent : 1220(explorer.exe) | 7.01 Mo] - (.Microsoft Corporation - XBoxStat.exe.) - (1.20.146.0) = C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe [30/09/2009 17:57:30] CPU Usage:0 % 2252 | [Owner : NETWORK SERVICE | Parent : 692(services.exe) | 11.87 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.14.2564.1478) = C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [26/03/2019 12:55:59] CPU Usage:0 % 2324 | [Owner : mimy | Parent : 1220(explorer.exe) | 100.08 Mo] - (.Epic Games, Inc. - EpicGamesLauncher.) - (10.5.7.0) = F:\jeux\EPic\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [13/11/2018 09:53:47] CPU Usage:0 % 2440 | [Owner : SYSTEM | Parent : 692(services.exe) | 36.56 Mo] - (.AVerMedia TECHNOLOGIES, Inc. - RECentral Service.) - (4.2.0.30) = C:\Program Files (x86)\AVerMedia\AVerMedia RECentral 4\RECentralService.exe [28/05/2018 10:13:40] CPU Usage:0 % 2504 | [Owner : LOCAL SERVICE | Parent : 692(services.exe) | 4.74 Mo] - (.Microsoft Corporation - SQL Browser Service EXE.) - (2009.100.4042.0) = C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [30/03/2015 00:40:18] CPU Usage:0 % 2536 | [Owner : SYSTEM | Parent : 692(services.exe) | 6.99 Mo] - (.Microsoft Corporation - SQL Server VSS Writer - 64 Bit.) - (2009.100.1600.1) = C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [03/04/2010 11:00:10] CPU Usage:0 % 2560 | [Owner : LOCAL SERVICE | Parent : 692(services.exe) | 6.28 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 08:31:13] CPU Usage:0 % 2608 | [Owner : SYSTEM | Parent : 692(services.exe) | 8.78 Mo] - (.Paltiosoft Inc. - Soft-denchi manager.(win32).) - (5.0.3.0) = C:\Program Files (x86)\SoftDenchi\UCManSvc.exe [01/11/2012 09:59:50] CPU Usage:0 % 3016 | [Owner : NETWORK SERVICE | Parent : 824(svchost.exe) | 13.99 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe [21/11/2010 12:24:15] CPU Usage:0 % 3544 | [Owner : NETWORK SERVICE | Parent : 692(services.exe) | 6.47 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 08:31:13] CPU Usage:0 % 3592 | [Owner : SYSTEM | Parent : 884(NVDisplay.Container.exe) | 41.6 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.11.2431.7967) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [26/03/2019 12:55:46] CPU Usage:0 % 3856 | [Owner : mimy | Parent : 2324(EpicGamesLauncher.exe) | 28.91 Mo] - (.Epic Games, Inc. - UnrealCEFSubProcess.) - (4.21.0.0) = F:\jeux\EPic\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe [13/11/2018 09:53:45] CPU Usage:0 % 4028 | [Owner : SYSTEM | Parent : 692(services.exe) | 26.23 Mo] - (.Microsoft Corporation - Microsoft Windows Search Indexer.) - (7.0.7601.24275) = C:\Windows\System32\SearchIndexer.exe [14/11/2018 07:57:58] CPU Usage:0 % 3180 | [Owner : LOCAL SERVICE | Parent : 692(services.exe) | 14.08 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 08:31:13] CPU Usage:0 % 3868 | [Owner : LOCAL SERVICE | Parent : 692(services.exe) | 19.87 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 08:31:13] CPU Usage:0 % 2796 | [Owner : mimy | Parent : 1928(taskeng.exe) | 12.46 Mo] - (.Microsoft Corporation - Microsoft(C) Register Server.) - (6.1.7600.16385) = C:\Windows\SysWOW64\regsvr32.exe [14/07/2009 08:58:32] CPU Usage:35 % 3692 | [Owner : mimy | Parent : 824(svchost.exe) | 7.53 Mo] - (.Microsoft Corporation - COM Surrogate.) - (6.1.7600.16385) = C:\Windows\System32\dllhost.exe [14/07/2009 08:59:17] CPU Usage:0 % 4872 | [Owner : LOCAL SERVICE | Parent : 456(svchost.exe) | 6.58 Mo] - (.Microsoft Corporation - Windows Driver Foundation - User-mode Driver Framework Host Process.) - (6.2.9200.16384) = C:\Windows\System32\WUDFHost.exe [06/05/2014 09:53:05] CPU Usage:0 % 1920 | [Owner : mimy | Parent : 1220(explorer.exe) | 51.14 Mo] - (.SosVirus - QuickDiag.) - (18.9.19.1) = C:\Users\mimy\Downloads\QuickDiag.exe [02/10/2019 15:43:52] CPU Usage:0 % 896 | [Owner : SYSTEM | Parent : 824(svchost.exe) | 7.14 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe [21/11/2010 12:24:15] CPU Usage:0 % 3156 | [Owner : NETWORK SERVICE | Parent : 824(svchost.exe) | 7.55 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [21/11/2010 12:24:27] CPU Usage:0 % 5128 | [Owner : NETWORK SERVICE | Parent : 692(services.exe) | 12.86 Mo] - (.Microsoft Corporation - Microsoft Software Protection Platform Service.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe [21/11/2010 12:23:56] CPU Usage:0 % ---------- | Locked Applications ---------- | Policy Restrictions ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (.Fraunhofer Institut Integrierte Schaltungen IIS.-.MPEG Layer-3 Audio Codec for MSACM.) - (1.9.0.401) -- C:\Windows\System32\l3codeca.acm (.Alexander Roshal.-.WinRAR shell extension.) - (5.1.0.0) -- C:\Program Files\WinRAR\rarext.dll (.Florian Heidenreich.-.Shell Extension Mp3tag - the universal Tag editor.) - (2.59.0.0) -- C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll (.NVIDIA Corporation.-.NVIDIA Shell Extensions.) - (6.14.14.1967) -- C:\Windows\system32\nv3dappshext.dll (.Sony DADC Austria AG..-.SecuROM Context-Menu for Explorer..) - (1.1.221.0) -- c:\windows\SysWOW64\cmdlineext_x64.dll (.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 419.67.) - (25.21.14.1967) -- C:\Windows\system32\nvapi64.dll ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) ---------- | svchost.exe Modules (Microsoft Files Whitelisted) (.Creative Technology Ltd..-.Audio Processing Object Chaining Module.) - (1.0.0.270) -- C:\Windows\system32\MBWrp64.dll (.Creative Technology Ltd..-.Creative Audio Processing Object Module.) - (1.2.16.129) -- C:\Windows\system32\MBAPO264.dll (.Realtek Semiconductor Corp..-.Realtek(r) LFX/GFX DSP component.) - (11.0.6000.539) -- C:\Windows\system32\RltkAPO64.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up Adobe Gamma - (Adobe Gamma.lnk [Startup]) - User: mimy-PC\mimy EpicGamesLauncher - ("F:\jeux\EPic\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\SOFTWARE\...\Run]) - User: mimy-PC\mimy MSC - ("C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [HKLM\SOFTWARE\...\Run]) - User: Public RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s [HKLM\SOFTWARE\...\Run]) - User: Public XboxStat - ("C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Run] "EpicGamesLauncher"="F:\jeux\EPic\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU] "a"=diskmgmt.msc\1 "MRUList"=a [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "UserSelectedDefault"=1 "Device"=\\POISSONE-PC\Brother HL-2130 series,winspool,Ne02: [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "XboxStat"="C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "IconServiceLib"=IconCodecService.dll "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "GDIProcessHandleQuota"=10000 "ShutdownWarningDialogTimeout"=4294967295 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 ""=mnmsrvc "DeviceNotSelectedTimeout"=15 "Spooler"=yes "TransmissionRetryTimeout"=90 "LoadAppInit_DLLs"=1 "AppInit_DLLs"=C:\ProgramData\AppoxinloK\Ozertam.dll [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "BrMfcWnd"=C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] "IconServiceLib"=IconCodecService.dll "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "GDIProcessHandleQuota"=10000 "ShutdownWarningDialogTimeout"=4294967295 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 ""=mnmsrvc "DeviceNotSelectedTimeout"=15 "Spooler"=yes "TransmissionRetryTimeout"=90 "AppInit_DLLs"=C:\ProgramData\AppoxinloK\Tampdinnix.dll "LoadAppInit_DLLs"=1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Wininit.ini : [rename] nul=C:\Users\mimy\AppData\Local\Temp\~f51e43.tmp nul=C:\Users\mimy\AppData\Local\Temp\~f51e43.tmp nul=C:\Users\mimy\AppData\Local\Temp\~f51e43.tmp nul=C:\Users\mimy\AppData\Local\Temp\~e5d141.tmp nul=C:\Users\mimy\AppData\Local\Temp\~e5d141.tmp nul=C:\Users\mimy\AppData\Local\Temp\~e5d141.tmp ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List 83D53E60-330B-74AD-A01F-731408CFB2F5 Adobe Acrobat Update Task CCleaner Update CCleanerSkipUAC DMMGamePlayer Microsoft_Hardware_Launch_IPoint_exe ViGEmBusUpdater {00C76455-19E5-43E1-BF6E-3981289C4065} {067E1A8D-4D45-47C0-A2DB-BE66DB28F7B2} {099A689E-7640-4B7A-B473-FCCD4AF93244} {1A0C7CC2-22DB-482D-BFB5-59FCBF15481D} {1A1E692F-4180-4938-B02F-1D92CDC61B57} {34C9EE21-3541-4B42-919B-CCEF410818DE} {4399CC9B-C1EB-4905-A4FB-2A61A4620193} {47EDCB0C-4501-4A02-8C48-9F4B11A1B631} {646C01C4-C4B8-4760-B2FA-BEECC2C07835} {702C3016-133D-4ADB-9D16-A0B9F1900B0F} {C423C7AF-EB8A-4B06-917F-732063CC037C} {C7831C79-070B-4199-932A-467EB7557FCE} {D25AE7C7-24ED-4189-A157-4248ADD485CC} {F4AB6A54-59ED-4553-86C3-1189D996793B} ---------- | Startings up registry ¦ Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "PreshutdownOrder"=wuauserv gpsvc trustedinstaller "WaitToKillServiceTimeout"=2000 "CurrentUser"=USERNAME "BootDriverFlags"=0 "ServiceControlManagerExtension"=%systemroot%\system32\scext.dll "SystemStartOptions"= NOEXECUTE=OPTIN HYPERVISORLAUNCHTYPE=OFF "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) [HKLM\System\CurrentControlSet\Control\lsa] "auditbaseobjects"=0 "auditbasedirectories"=0 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "Bounds"=0x0030000000200000 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=scecli "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u "Authentication Packages"=msv1_0 "LsaPid"=716 "SecureBoot"=1 "ProductType"=3 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "CriticalSectionTimeout"=2592000 "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "ProcessorControl"=2 "ResourceTimeoutCount"=648000 "BootExecute"=autocheck autochk * "ExcludeFromKnownDlls"= "ObjectDirectories"=\Windows \RPC Control "ProtectionMode"=1 "NumberOfInitialSessions"=2 "SetupExecute"= [HKLM\System\CurrentControlSet\Control\Terminal Server] "RCDependentServices"=CertPropSvc SessionEnv "NotificationTimeOut"=0 "SnapshotMonitors"=1 "ProductVersion"=5.1 "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "fDenyTSConnections"=1 "StartRCM"=0 "TSAdvertise"=0 "DeleteTempDirsOnExit"=1 "fSingleSessionPerUser"=1 "PerSessionTempDir"=0 "TSUserEnabled"=0 "InstanceID"=78358d36-385a-444a-b395-6550d09 "fCredentialLessLogonSupported"=1 "fCredentialLessLogonSupportedTSS"=1 "fCredentialLessLogonSupportedKMRDP"=1 ---------- | .LNK with Arguments ---------- | AppCertDlls ---------- | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Control Panel\Desktop] "ScreenSaveActive"=1 "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "PaintDesktopVersion"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=6 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "UserPreferencesMask"=0x9E3E078012000000 "Wallpaper"=C:\Users\mimy\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg [06/05/2014 07:41:52] "Pattern Upgrade"=TRUE "LowLevelHooksTimeout"=5000 "SCRNSAVE.EXE"=C:\Windows\system32\scrnsave.scr [14/07/2009 08:56:35] "ScreenSaveTimeOut"=60 "ScreenSaverIsSecure"=0 "WaitToKillAppTimeout"=2000 "HungAppTimeout"=2000 [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableLockWorkstation"=0 [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveTypeAutoRun"=0x91000000 [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003028000000000000000000000000000001000000120000000000000022000000 "CleanShutdown"=0 "Browse For Folder Width"=318 "Browse For Folder Height"=288 "link"=0x1E000000 [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=1 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "SuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=4 "Start_ShowRun"=1 "Start_MinMFU"=10 "Start_JumpListItems"=10 "Start_AdminToolsRoot"=0 "StartMenuAdminTools"=0 "TaskbarSizeMove"=1 "DisablePreviewDesktop"=0 "TaskbarSmallIcons"=0 "TaskbarGlomLevel"=0 "Start_PowerButtonAction"=2 ""=0 "AlwaysShowMenus"=1 [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery] "MRUListEx"=0x100000000F0000000E0000000D0000000C0000000B000000090000000A000000080000000700000006000000050000000400000003000000020000000100000000000000FFFFFFFF "0"=0x74006F007300680069000000 "1"=0x54006F0075007300680069000000 "2"=0x54006F0075000000 "3"=0x73007400650061006D000000 "4"=0x73006100760065000000 "5"=0x530061007600650073000000 "6"=0x330036003900370033003700370030000000 "7"=0x6C006500670065006E0064000000 "8"=0x460044004400E630CB30C330C8300000 "10"=0x6D006F007A0061000000 "9"=0x6100750074006F000000 "11"=0x66006100630065000000 "12"=0x77006F0072006B0073000000 "13"=0x7300630065006E00650073002E0063006100630068000000 "14"=0x640065006C006600690078000000 "15"=0x660069007200650066006F0078000000 "16"=0x6D006F007A0069006C006C0061000000 [HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "EnableSecureUIAPath"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "NoDriveTypeAutoRun"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=118 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "EnableSecureUIAPath"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "NoDriveTypeAutoRun"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=496 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin "BuildNumber"=7601 "FirstLogon"=0 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Userinit"=C:\Windows\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "ShutdownWithoutLogon"=0 "WinStationsDisabled"=0 "DisableCAD"=1 "scremoveoption"=0 "ShutdownFlags"=43 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "DefaultDomainName"= "DefaultUserName"= "Userinit"=userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] "PerceivedType"=text ""=htafile "Content Type"=application/hta [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" %* [HKLM\Software\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] "PerceivedType"=text ""=htafile "Content Type"=application/hta [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\WOW6432Node\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [11/09/2019 07:09:23] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [11/09/2019 07:09:23] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe"=33 "C:\Program Files (x86)\Realtek\NICDRV_8169\RTINSTALLER64.EXE"=1 "SIGN.MEDIA=D734FECF Installer.exe"=1 "SIGN.MEDIA=A2765800 Autorun.exe"=1 "SIGN.MEDIA=BC120397 setup.exe"=1 "SIGN.MEDIA=E4030 AutoRunCD.exe"=1 "SIGN.MEDIA=4DE81370 AutoRunCD.exe"=1 "SIGN.MEDIA=38991A80 AutoRunCD.exe"=1 "SIGN.MEDIA=2D6F4631 setup.exe"=1 "SIGN.MEDIA=38991A80 setup.exe"=1 "SIGN.MEDIA=4DE81370 setup.exe"=1 "SIGN.MEDIA=E0DD35FF setup.exe"=1 "SIGN.MEDIA=3744F82B setup.exe"=1 "SIGN.MEDIA=5CC55E44 setup.exe"=1 "SIGN.MEDIA=71B567E6 setup.exe"=1 "SIGN.MEDIA=A718CF90 Setup.exe"=1 "SIGN.MEDIA=CFCE9515 setup.exe"=1 "C:\Program Files (x86)\Setup Files\Ms7823v370\MSISetup.exe"=1 "SIGN.MEDIA=241F2F INSTALL.EXE"=1 "SIGN.MEDIA=D37A57 installer.exe"=1 "SIGN.MEDIA=2B20B9C setup.exe"=1 "SIGN.MEDIA=BDC2B1D8 setup.exe"=1 "SIGN.MEDIA=8033A1 Installer.exe"=1 "SIGN.MEDIA=330CD470 setup.exe"=1 "SIGN.MEDIA=ECD6F0D5 Startup.exe"=1 "SIGN.MEDIA=8928DE Installer.exe"=1 "SIGN.MEDIA=D72874 Installer.exe"=1 "SIGN.MEDIA=BC803573 setup.exe"=1 "SIGN.MEDIA=36201F8B setup.exe"=1 "SIGN.MEDIA=55277635 setup.exe"=1 "SIGN.MEDIA=C3D0FCBD setup.exe"=1 "SIGN.MEDIA=DBE0AEA2 setup.exe"=1 "SIGN.MEDIA=6EE0854 setup.exe"=1 "SIGN.MEDIA=D5097 Startup.exe"=1 "SIGN.MEDIA=D49490 StartSetup.exe"=1 "SIGN.MEDIA=D49490 setup.exe"=1 "SIGN.MEDIA=B7BA06 Setup.exe"=1 "SIGN.MEDIA=DAC7D30 x64\setup.exe"=1 "SIGN.MEDIA=7 installer.exe"=1 "SIGN.MEDIA=286D3314 setup.exe"=1 "SIGN.MEDIA=869F344A setup_divinity_original_sin_enhanced_edition_2.0.0.3.exe"=1 "SIGN.MEDIA=329D19B SETUP.EXE"=1 "SIGN.MEDIA=1BE4AA Setup.exe"=1 "SIGN.MEDIA=E2D32BF6 setup.exe"=1 "SIGN.MEDIA=7975123C setup.exe"=1 "SIGN.MEDIA=1DD227B5 setup.exe"=1 "SIGN.MEDIA=3837B2A8 setup.exe"=1 "SIGN.MEDIA=4137B297 setup.exe"=1 "SIGN.MEDIA=C668DFBD setup.exe"=1 "SIGN.MEDIA=CB8818DE setup.exe"=1 "SIGN.MEDIA=F5C72EF7 setup.exe"=1 "SIGN.MEDIA=5BBC28C1 Setup.exe"=1 "SIGN.MEDIA=286FCC Setup.exe"=1 "SIGN.MEDIA=54D5BE63 setup.exe"=1 "SIGN.MEDIA=DEC06A4D Setup.exe"=1 "C:\Program Files (x86)\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe"=32 "SIGN.MEDIA=3FA878 codec\nsplay.exe"=1 "SIGN.MEDIA=6BC9BE0 setup.exe"=1 "SIGN.MEDIA=497FA788 setup.exe"=1 "SIGN.MEDIA=FAEC995 Setup.exe"=1 "C:\Windows\IsUn0411.exe"=32 "SIGN.MEDIA=DC298C2B autorun.exe"=1 "SIGN.MEDIA=FAC6EA4B AUTORUN.EXE"=1 "SIGN.MEDIA=2498DCA0 BRSetup.exe"=1 "SIGN.MEDIA=8A44DA04 setup.exe"=1 "SIGN.MEDIA=1627191A setup.exe"=1 "SIGN.MEDIA=7B6EDF17 setup.exe"=1 "SIGN.MEDIA=C1D380 setup.exe"=1 "SIGN.MEDIA=3D24006 EASetup.exe"=1 "SIGN.MEDIA=E8631E installer.exe"=1 "SIGN.MEDIA=A23EDCF6 game\setup.exe"=1 "SIGN.MEDIA=2F3D7F67 setup.exe"=1 "SIGN.MEDIA=19B6863C Setup.exe"=1 "SIGN.MEDIA=43F1D AnnoFinder.exe"=2 "SIGN.MEDIA=29CB96D Setup.exe"=1 "F:\jeux\torment\setup-correcfr.exe"=1 "F:\jeux\torment\Setup-GhostDog's-PST-UI.exe"=1 "C:\Users\mimy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1SLGG2CY\Firefox Installer.exe"=1 "C:\Users\mimy\Downloads\Firefox Installer.exe"=1 "C:\Users\mimy\Downloads\Thunderbird Setup 60.6.1.exe"=1 "C:\Users\mimy\Downloads\DTLiteInstaller.exe"=1 "C:\Users\mimy\Downloads\RSI-Setup-1.1.1.exe"=1 "C:\Users\mimy\Downloads\CMASetup.exe"=1 "C:\Users\mimy\Downloads\HxDSetupFR\setup.exe"=1 "C:\Users\mimy\Downloads\FavBinEdit-1-2-4.exe"=1 "C:\Users\mimy\Downloads\Frhed-1.7.1-Setup.exe"=1 "C:\Users\mimy\Downloads\BzEditor-1.9.8.5.exe"=1 "C:\Program Files\Adroit System Care_mimy\unins000.exe"=1 "C:\Users\mimy\Downloads\Revision_1_4_0_2_SteamInstaller\Revision_1_4_0_2_SteamInstaller.exe"=1 "C:\Users\mimy\Downloads\AVT-C875(GL710)_RECentral_v1.3.0.117_Drv_v3.7.x.39_StreamEngine_v1.3.0.17.exe"=1 "C:\Users\Public\Documents\AVerMedia Assist Central\GC570_Win7_Drv_x86_V1.0.0.14_Install\GC570_Win7_Drv_x86_V1.0.0.14_Install.exe"=1 "C:\Users\mimy\Downloads\LiveGamerHD2_1.1.5.0.exe"=1 "C:\Users\mimy\Downloads\RECentral_4_v4.2.0.30_18052801_x64.exe"=1 "C:\Users\mimy\Downloads\GC550_Drv_x64_v3.0.64.99.exe"=1 "C:\Users\mimy\Downloads\GC570_Win7_Drv_x64_V1.0.64.14_Install\GC570_Win7_Drv_x64_V1.0.64.14_Install.exe"=1 "C:\Users\mimy\Downloads\Aegisub-3.2.2-32.exe"=1 "C:\Users\mimy\Downloads\youtube_downloader_hd.exe"=1 "SIGN.MEDIA=278BCDB7 setup.exe"=1 "C:\Users\mimy\Downloads\Xbox360_64Eng(1).exe"=1 ---------- | IFEO ---------- | Mountpoints2 [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\G] : G:\setup.exe (AutoRun) [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{01b28216-d52c-11e3-a034-ecc4591d2f2f}] : E:\AutoRun.exe (AutoRun) [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{01b2821a-d52c-11e3-a034-cca930821e45}] : E:\AutoRun.exe (AutoRun) [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{06be85f1-716a-11e6-829c-448a5b8a8463}] : L:\setup.exe (AutoRun) [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{11889716-e001-11e3-bef0-448a5b8a8463}] : E:\AutoRun.exe (AutoRun) [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{1a0ea6a2-d504-11e3-b0e0-448a5b8a8463}] : E:\AutoRun.exe (AutoRun) [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{20993978-eb15-11e3-9155-448a5b8a8463}] : D:\AutoRun.exe (AutoRun) [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{4bd9ce0a-08d5-11e6-8581-448a5b8a8463}] : H:\CMADownloader.exe (AutoRun) [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{6dde39cf-da86-11e3-93bf-806e6f6e6963}] : E:\AutoRun.exe (AutoRun) [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{776f2115-dff5-11e3-b0c0-448a5b8a8463}] : E:\AutoRun.exe (AutoRun) [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{776f2118-dff5-11e3-b0c0-448a5b8a8463}] : E:\AutoRun.exe (AutoRun) [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{7dbe15a4-5e4a-11e8-ab27-448a5b8a8463}] : G:\CMADownloader.exe (AutoRun) [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{9fb04cea-e000-11e3-bbd0-448a5b8a8463}] : E:\AutoRun.exe (AutoRun) [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{d402a573-daf6-11e3-892a-448a5b8a8463}] : E:\AutoRun.exe (AutoRun) [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{d85664d3-0cd7-11e4-8ec3-806e6f6e6963}] : D:\Launch.exe (AutoRun) [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{de9eb864-d4c0-11e3-b0a0-448a5b8a8463}] : E:\AutoRun.exe (AutoRun) ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=128920218544262440 "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=1 "DisableRoutinelyTakingAction"=1 "ProductStatus"=0 "InstallTime"=0x7AAE80383969CF01 [HKLM\Software\WOW6432Node\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ixAptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ixAvSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ixCommonSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ixFwSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ixRealTimeSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TKFsAvM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TKFsFtM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TKPcFt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TKRgAc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TKRgFt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ixAptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ixAvSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ixCommonSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ixFwSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ixRealTimeSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MsMpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TKFsAvM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TKFsFtM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TKPcFt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TKRgAc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TKRgFt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] ---------- | Winsock (Whitelist) ---------- | Hosts ---------- | Ping Pinging google.com [216.58.197.14] with 32 bytes of data: Reply from 216.58.197.14: bytes=32 time=3ms TTL=54 Reply from 216.58.197.14: bytes=32 time=3ms TTL=54 Reply from 216.58.197.14: bytes=32 time=3ms TTL=54 Reply from 216.58.197.14: bytes=32 time=3ms TTL=54 Ping statistics for 216.58.197.14: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 3ms, Maximum = 3ms, Average = 3ms ---------- | @ [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\Windows\system32\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=http://google.com "XMLHTTP"=1 "NoUpdateCheck"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "NotifyDownloadComplete"=yes "DisableScriptDebuggerIE"=yes "ImageStoreRandomFolder"=oqkyc3f "IE10TourNoShow"=0 "SearchBandRestoreBarCount"=0 "SearchBandMigrationVersion"=1 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"= "DoNotTrack"=1 "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0xB680707337C8D401 "Search Bar"=Preserve "Use Search Asst"=yes "DownloadWindowPlacement"=0x2C0000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF50020000F1000000D0040000D1020000 "ScriptDebugger_EnableHiddenTabs"=0 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "StatusBarWeb"=1 "ForceGDIPlus"=0 "AlwaysShowMenus"=0 "ShutdownWaitForOnUnload"=0 "DNSPreresolution"=8 "SpellChecking"=1 "LangToolsBroker"={5bbd58bb-993e-4c17-8af6-3af8e908fca8} "DisablePasswordReveal"=0 "Check_Associations"=no "DisableRequiresActiveXPrompt"= "GotoIntranetSiteForSingleWordEntry"=0 "AutoSearch"=1 "SuppressScriptDebuggerDialog"=0 "PredictedViewExpansion"=100 "PredictedViewChangeThreshold"=10 "PredictedViewChangeThresholdPaint"=10 "ContentLayerCacheExpansion"=300 "RenderingLoopMaxTime"=250 "NscSingleExpand"=0 "Error Dlg Displayed On Every Error"=no "Friendly http errors"=yes "CSS_Compat"=doctype "Expand Alt Text"=no "Display Inline Videos"=1 "Print_Background"=no "Use Stylesheets"=1 "SmoothScroll"=1 "Show image placeholders"=0 "Disable Diagnostics Mode"=no "Move System Caret"=no "Enable AutoImageResize"=yes "UseThemes"=1 "UseHR"=0 "Q300829"=0 "Cleanup HTCs"=0 "XDomainRequest"=1 "DOMStorage"=1 "EnableAlternativeCodec"=yes "JScriptProfileCacheEventDelay"=5000 "CrossfadeMinTimeoutInMS"=30000 "CrossfadeMaxTimeoutInMS"=30000 "CrossfadeCurrentTimeoutInMS"=30000 "ScrollTimeoutInMS"=6000 "IE10RunOnceLastShown"=0 "IE10TourShown"=1 "IE10RecommendedSettingsNo"=0 "FrameTabWindow"=1 "AdminTabProcs"=1 "SessionMerging"=1 "FrameMerging"=1 "HangRecovery"=1 "DesktopTransparentCoverWindowTime"=8 "TSEnable"=1 "Isolation"=PMIL "Isolation64Bit"=0 "IsolationImmersive"=PMEM "TabShutdownDelay"=60000 "FrameShutdownDelay"=0 "MinIEEnabled"=1 "FormSuggest Passwords"=yes "FormSuggest PW Ask"=yes "RefcountTracker"=0 "TabDragOnSingleProc"=0 "ForceBFCacheCandidacyPass"=0 "Fasterback"=1 "BackForwardInstrumentation"=0 "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE09&ocid=UE09DHP "Start Page_TIMESTAMP"=0xC29E459F3AC8D401 "OperationalData"=5 "FullScreen"=no "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF4B0000004B000000420600002C030000 "CompatibilityFlags"=0 "Start Page Redirect Cache_TIMESTAMP"=0xAF474424BB78D501 "IE10TourShownTime"=0xE8F5707337C8D401 "Use FormSuggest"=no "DefSpellLang"=en-US "IE11DefaultsFRECompletionTime"=0xEAB04D00C755D501 "IE11DefaultsFREConfigUpdateTimestamp"=0x1E010824BB78D501 "Start Page Redirect Cache"=http://www.msn.com/ja-jp/?pc=UE09&ocid=UE09DHP "Start Page Redirect Cache AcceptLangs"=ja-JP [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"=http://google.com [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Internet Explorer\SearchURL] "Default"=https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBLoO-BhLymRVyoiO2t6mfQOsf-WWM7VfzKCU53sPz1PPLRbQja7MYlT-bcptNke4CZumfsSfrGi5akr_f7Cs8gJcjSIV9J7pCmG9Hljsd78xk1AXqU3XbmowpyxBFFYjiL0XprtUOnTdfS7MJ8DI3t34bIKon9V-XGUM8xVAol3yZIltsKYHn1Zf-gLPBzEj9q&q={searchTerms} [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=IEUser@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "WarnOnPost"=0x01000000 "UrlEncoding"=0 "SecureProtocols"=2688 "PrivacyAdvanced"=0 "ZonesSecurityUpgrade"=0xC40852B68D8AD401 "DisableCachingOfSSLPages"=0 "WarnonZoneCrossing"=0 "CertificateRevocation"=1 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "GlobalUserOffline"=0 "EnableAutodial"=0 "NoNetAutodial"=0 "ProxyHttp1.1"=1 "EnableSPDY3_0"=0 "BackgroundConnections"=1 "EnableSSL3Fallback"=1 "EnablePunycode"=1 "ShowPunycode"=0 "CreateUriCacheSize"=80 "CoInternetCombineIUriCacheSize"=80 "SecurityIdIUriCacheSize"=30 "SpecialFoldersCacheSize"=8 "SyncMode5"=4 [HKLM\Software\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Start Page"=http://www.google.com/ "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://www.google.com/ "Default_Page_URL"=http://www.google.com/ "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://www.google.com/?q={searchTerms} "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Start Page"=http://www.google.com/ "Check_Associations"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://www.google.com/ "Default_Page_URL"=http://www.google.com/ "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Local Page"=C:\Windows\SysWOW64\blank.htm "Search Page"=http://www.google.com/?q={searchTerms} "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\SearchURL] "Default"=https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBLoO-BhLymRVyoiO2t6mfQOsf-WWM7VfzKCU53sPz1PPLRbQja7MYlT-bcptNke4CZumfsSfrGi5akr_f7Cs8gJcjSIV9J7pCmG9Hljsd78xk1AXqU3XbmowpyxBFFYjiL0XprtUOnTdfS7MJ8DI3t34bIKon9V-XGUM8xVAol3yZIltsKYHn1Zf-gLPBzEj9q&q={searchTerms} [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kml] "Application"=googleearth.exe [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kmz] "Application"=googleearth.exe ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending)] - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced)] - {05B38830-F4E9-4329-978B-1DD28605D202} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing)] - {0596C850-7BDD-4C9D-AFDF-873BE6890637} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- %SystemRoot%\system32\EhStorShell.dll [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} -- %SystemRoot%\system32\ntshrui.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending)] - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced)] - {05B38830-F4E9-4329-978B-1DD28605D202} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing)] - {0596C850-7BDD-4C9D-AFDF-873BE6890637} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- %SystemRoot%\system32\EhStorShell.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} -- %SystemRoot%\system32\ntshrui.dll [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 "ShowDiscussionButton"=Yes [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} "ShowSearchSuggestionsInAddressGlobal"=1 "DefaultPackCorrection"=1 "DefaultPackNTCorrection"=1 "UpgradeTime"=0xDC61F48937C8D401 "TopResult"=1 "ShowSearchSuggestionsGlobal"=1 "KnownProvidersUpgradeTime"=0x8703B38837C8D401 "Version"=4 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions ---------- | SearchScopes [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE10 : [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{96BBC430-9900-4299-9F5D-7951AB36EFDF}] - (Google) - http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - () - : ---------- | Browser Helper Objects ---------- | Chrome ---------- | Opera ---------- | Firefox [HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE] - () : C:\Windows\system32\Wat\npWatWeb.dll [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2] - (Java・Deployment Toolkit) : C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2] - (Oracleョ Next Generation Java・Plug-In) : C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/GENUINE] - () : C:\Windows\system32\Wat\npWatWeb.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll C:\Users\mimy\AppData\Roaming\Mozilla\Firefox\Profiles\zzjrmfjx.default\Prefs.js user_pref("app.normandy.startupRolloutPrefs.extensions.fxmonitor.enabled", true); user_pref("browser.startup.homepage_override.buildID", "20190917135527"); user_pref("browser.startup.homepage_override.mstone", "69.0.1"); user_pref("extensions.blocklist.lastModified", "Mon, 30 Sep 2019 17:37:51 GMT"); user_pref("extensions.blocklist.pingCountTotal", 164); user_pref("extensions.blocklist.pingCountVersion", 12); user_pref("extensions.databaseSchema", 31); user_pref("extensions.getAddons.cache.lastUpdate", 1569939251); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.incognito.migrated", true); user_pref("extensions.lastAppBuildId", "20190917135527"); user_pref("extensions.lastAppVersion", "69.0.1"); user_pref("extensions.lastPlatformVersion", "69.0.1"); user_pref("extensions.pendingOperations", false); user_pref("extensions.signer.hotfixed", true); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"directory\":\"{b20e9343-58fb-4196-85f3-7d464a722f96}\",\"addons\":{\"webcompat@mozilla.org\":{\"version\":\"6.1.0\"}}}"); user_pref("extensions.ui.dictionary.hidden", true); user_pref("extensions.ui.lastCategory", "addons://list/extension"); user_pref("extensions.ui.locale.hidden", true); user_pref("extensions.webcompat.perform_injections", true); user_pref("extensions.webcompat.perform_ua_overrides", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.screenshots@mozilla.org", true); user_pref("extensions.webextensions.uuids", "{\"formautofill@mozilla.org\":\"541b3b11-aa55-4cc9-a802-33d12ee0ffe7\",\"screenshots@mozilla.org\":\"94b98635-b794-4d10-9e24-ef84e6cedff8\",\"webcompat-reporter@mozilla.org\":\"74b255e8-6bdf-4a99-8165-1a8d62d5f388\",\"webcompat@mozilla.org\":\"8d84ad80-8ef1-4cf7-99ae-9507446c6384\",\"{154b4525-8716-4c81-9df0-4d140cd0b599}\":\"c216ca7e-278f-4e4a-9cef-ae79f509196f\",\"checkerplusforgmail@jasonsavard.com\":\"cd03214f-78dd-40dd-a988-65422f660830\",\"baidu-code-update@mozillaonline.com\":\"1320eb76-08fb-463f-94a8-66b12a971730\",\"hotfix-update-xpi-intermediate@mozilla.com\":\"90aed5be-c2e3-482a-aa94-23d28a4e3d17\",\"fxmonitor@mozilla.org\":\"174f9d69-664c-4856-8b35-b6534fca9afb\",\"google@search.mozilla.org\":\"eab398ee-e22d-4e95-84a6-6344a6f1c1e7\",\"bing@search.mozilla.org\":\"d42737e6-f654-4116-8196-8285889ba19d\",\"amazon@search.mozilla.org\":\"5cab741c-fed7-4e12-ae1d-70010a716311\",\"ddg@search.mozilla.org\":\"b8a5dfd4-84a8-42ed-a778-dd9ab76b89a2\",\"ebay@search.mozilla.org\":\"abfbc16b-00b6-4704-a1ae-9919eef3a089\",\"qwant@search.mozilla.org\":\"487339b6-8338-4e76-82ca-7cd0b3fa83cc\",\"wikipedia@search.mozilla.org\":\"5f4ac78c-0edf-4ae5-9b99-0ba9a49679b7\"}"); [Profile0] - Name=default -> Profiles/zzjrmfjx.default ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.11.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{B822C819-4A62-47D3-8466-41B300C5128A}] "DhcpNameServer"=192.168.11.1 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{B822C819-4A62-47D3-8466-41B300C5128A}] "DhcpNameServer"=192.168.11.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{B822C819-4A62-47D3-8466-41B300C5128A}] "DhcpNameServer"=192.168.11.1 ---------- | Applications [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\SOFTWARE\Classes\Applications\ImgBurn.exe] : "C:\Program Files (x86)\ImgBurn\ImgBurn.exe" /MODE WRITE /SOURCE "%1" [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\SOFTWARE\Classes\Applications\mpc-hc64.exe] : "C:\Program Files\MPC-HC\mpc-hc64.exe" "%1" [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\SOFTWARE\Classes\Applications\soffice.exe] : "C:\Program Files (x86)\OpenOffice 4\program\soffice.exe" "%1" [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\SOFTWARE\Classes\Applications\WinRAR.exe] : "C:\Program Files\WinRAR\WinRAR.exe" "%1" [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\SOFTWARE\Classes\Applications\wrdvicon.exe] : "C:\Windows\Installer\{9085040C-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\aegisub32.exe] : "C:\Program Files (x86)\Aegisub\aegisub32.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\foobar2000.exe] : "C:\Program Files (x86)\foobar2000\foobar2000.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\ImageReady.exe] : "C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\ImageReady.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\Photoshop.exe] : "C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Photoshop.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\SC2Editor.exe] : "E:/jeuxInstall/StarCraft II/Support/SC2Editor.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\SC2Switcher.exe] : "E:/jeuxInstall/StarCraft II/Support/SC2Switcher.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\Classes\Applications\wordview.exe] : "C:\PROGRA~2\MIF5BA~1\OFFICE11\WORDVIEW.EXE" /n /dde [HKLM\SOFTWARE\Classes\Applications\xnview.exe] : "C:\Program Files (x86)\XnView\xnview.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\aegisub32.exe] : "C:\Program Files (x86)\Aegisub\aegisub32.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\foobar2000.exe] : "C:\Program Files (x86)\foobar2000\foobar2000.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ImageReady.exe] : "C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\ImageReady.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Photoshop.exe] : "C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Photoshop.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\SC2Editor.exe] : "E:/jeuxInstall/StarCraft II/Support/SC2Editor.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\SC2Switcher.exe] : "E:/jeuxInstall/StarCraft II/Support/SC2Switcher.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordview.exe] : "C:\PROGRA~2\MIF5BA~1\OFFICE11\WORDVIEW.EXE" /n /dde [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\xnview.exe] : "C:\Program Files (x86)\XnView\xnview.exe" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "regsvc"=RemoteRegistry "DcomLaunch"=Power PlugPlay DcomLaunch "secsvcs"=WinDefend "bthsvcs"=bthserv "GPSvcGroup"=GPSvc [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power PlugPlay DcomLaunch ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Adobe] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Adventure Game Studio] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Akeo Consulting] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\AliceSoft] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Andy] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Animeeple] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Anvsoft] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\AppDataLow] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Apple Computer, Inc.] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Apple Inc.] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\AppWork] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Autodesk] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\AVerMedia] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\AVerMediaBackup] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\AWSoftware] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Baidu] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\BBSoft] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Bethesda Softworks] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\BitTorrent] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Blackbird Interactive] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Blizzard Entertainment] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\BlueStacks] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Brother] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\BugSplat] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\c.mos] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Canon] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\CDCoverDownloader] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\CDDB] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Chromium] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\CineForm] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Clients] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Clubic] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\CPUID] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Crystal Dynamics] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Cygnus Solutions] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Cygwin] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Datastead] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\DAZ] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\DDS2] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\DEAD:CODE] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\DefaultCompany] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Disc Soft] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\DivXNetworks] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\DMM GAMES] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Eidos Montreal] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\ej-technologies] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\ElAmigos] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\EMU] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Epic Games] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\epsxe] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Eushully] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\F&C] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Failbetter Games] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\FdSoft] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\FlashIntegro] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Fnp] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\foobar2000] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Freemake] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Frhed] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Futuremark] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\g3n-h@ckm@n] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Gabest] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\GameSpy] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Geek Uninstaller] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\GNU] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\GOG.com] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Google] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Haali] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Harebrained Schemes] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Icaros] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\illusion] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Illustrate] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\ImgBurn] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Intel] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Intel Corporation] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Invelos Software] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\inXile] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\IO Interactive] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\JavaSoft] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\K.Horishima] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Kingsoft] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\KISS] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\KT] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Licenses] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\livrotheque] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Macromedia] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\MediaInfo] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\MimarSinan] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Mink] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Mozilla] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\MozillaPlugins] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\MPC-HC] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\MyCompany] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\NCH Software] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\NCH Swift Sound] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Netscape] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Nightdive Studios] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\ninetail] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Nitroplus] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Novawave Inc.] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\NVIDIA Corporation] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Obsidian Entertainment] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\OpenOffice] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Paltiosoft] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\PC SOFT] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Piriform] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Policies] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\QtProject] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Razer] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Realtek] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\RED] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\RegisteredApplications] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\roamingdevice] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\rOva] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\RPSofts] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Rtp] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\SecuROM] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\sfM no Violet] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\SlySoft] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\SmallGamesInfo] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Sony Corporation] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\SourceForge] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Syncios] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Sysinternals] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\TACHYON] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Thunderbird] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Trolltech] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Ubisoft] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Unity] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Unity Technologies] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Valve] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\VB and VBA Program Settings] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\VDO] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\VirtualDub.org] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Vision Thing] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\WinHIIP] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\WinHTTrack Website Copier] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\WinRAR] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\WinRAR SFX] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Wondershare] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Wow6432Node] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\ZHP] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\{B2CB09FF-2453-4f85-9F40-21C05BE4CBA8}] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\SOFTWARE\AppDataLow\Software\JavaSoft] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\SOFTWARE\AppDataLow\Software\Unity] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\AGEIA Technologies] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\ASIO] [HKLM\Software\ATI Technologies] [HKLM\Software\AVerMedia] [HKLM\Software\Brother] [HKLM\Software\Canon] [HKLM\Software\CBSTEST] [HKLM\Software\Clients] [HKLM\Software\Disc Soft] [HKLM\Software\ej-technologies] [HKLM\Software\FlashIntegro] [HKLM\Software\Fortemedia] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\GEAR Software] [HKLM\Software\Icaros] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\Khronos] [HKLM\Software\LAV64] [HKLM\Software\Licenses] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\mozilla.org] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nuance] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\QWRyb2l0IFN5c3RlbSBDYXJl] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RTLSetup] [HKLM\Software\SRS Labs] [HKLM\Software\sysinternals] [HKLM\Software\Waves Audio] [HKLM\Software\WinHTTrack Website Copier] [HKLM\Software\WinRAR] [HKLM\Software\Wondershare] [HKLM\Software\Wow6432Node] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GPSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\Software\WOW6432Node\$(brand_name)] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\Adobe Systems] [HKLM\Software\WOW6432Node\Aegisub] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\ASIO] [HKLM\Software\WOW6432Node\Aureal] [HKLM\Software\WOW6432Node\AVerFilters] [HKLM\Software\WOW6432Node\AVerMedia] [HKLM\Software\WOW6432Node\AVerUpdate] [HKLM\Software\WOW6432Node\Bethesda Softworks] [HKLM\Software\WOW6432Node\Black Isle] [HKLM\Software\WOW6432Node\Blizzard Entertainment] [HKLM\Software\WOW6432Node\Borland] [HKLM\Software\WOW6432Node\Brother] [HKLM\Software\WOW6432Node\Brother Industries, Ltd.] [HKLM\Software\WOW6432Node\Caphyon] [HKLM\Software\WOW6432Node\CDDB] [HKLM\Software\WOW6432Node\Cygnus Solutions] [HKLM\Software\WOW6432Node\Disc Soft] [HKLM\Software\WOW6432Node\DMM GAMES] [HKLM\Software\WOW6432Node\ej-technologies] [HKLM\Software\WOW6432Node\Elaborate Bytes] [HKLM\Software\WOW6432Node\Electronic Arts] [HKLM\Software\WOW6432Node\Epic Games] [HKLM\Software\WOW6432Node\EpicGames] [HKLM\Software\WOW6432Node\F&C] [HKLM\Software\WOW6432Node\Florian Heidenreich] [HKLM\Software\WOW6432Node\foobar2000] [HKLM\Software\WOW6432Node\Freemake] [HKLM\Software\WOW6432Node\Funcom] [HKLM\Software\WOW6432Node\GOG.com] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\ImgBurn] [HKLM\Software\WOW6432Node\InstallShield] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\Internet Download Manager] [HKLM\Software\WOW6432Node\Iron Lore] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Kiss] [HKLM\Software\WOW6432Node\KLCodecPack] [HKLM\Software\WOW6432Node\LAV] [HKLM\Software\WOW6432Node\localNETService] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Matrox] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\MimarSinan] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\MSI] [HKLM\Software\WOW6432Node\mtAppoxinloK] [HKLM\Software\WOW6432Node\My Movies] [HKLM\Software\WOW6432Node\NCH Software] [HKLM\Software\WOW6432Node\NCH Swift Sound] [HKLM\Software\WOW6432Node\Nefarius Software Solutions e.U.] [HKLM\Software\WOW6432Node\Nitroplus] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\Nullsoft] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\ONKYO Sound and Vision Corp.] [HKLM\Software\WOW6432Node\OpenAL] [HKLM\Software\WOW6432Node\OpenOffice] [HKLM\Software\WOW6432Node\Paltiosoft] [HKLM\Software\WOW6432Node\PocketSoft] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Rockstar Games] [HKLM\Software\WOW6432Node\sierra] [HKLM\Software\WOW6432Node\Sierra OnLine] [HKLM\Software\WOW6432Node\SlySoft] [HKLM\Software\WOW6432Node\SoftDenchi] [HKLM\Software\WOW6432Node\Stardock] [HKLM\Software\WOW6432Node\Starter] [HKLM\Software\WOW6432Node\Syncios] [HKLM\Software\WOW6432Node\TACHYON] [HKLM\Software\WOW6432Node\Unreal Technology] [HKLM\Software\WOW6432Node\Valve] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\WafCX] [HKLM\Software\WOW6432Node\Wondershare] [HKLM\Software\WOW6432Node\WOW6432Node] [HKLM\Software\WOW6432Node\XnView] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ---------- | Drives E: F: J: ---------- | C: [14/07/2009 12:18:56] - |SHD| - [129] - C:\$Recycle.Bin [02/12/2016 22:51:18] - |D| - [9570018] - C:\b300d6997f32c75f13073b64 [29/06/2016 17:50:29] - |SHD| - [0] - C:\Config.Msi [14/07/2009 14:08:56] - |SHD| - [0] - C:\Documents and Settings [MD5.D41D8CD98F00B204E9800998ECF8427E] - [06/05/2014 23:36:26] - |ASH| - (.-.) - [12826120192] - (0.0.0.0) - C:\hiberfil.sys [MD5.D41D8CD98F00B204E9800998ECF8427E] - [11/01/2017 23:24:10] - |ASH| - (.-.) - [17101496320] - (0.0.0.0) - C:\pagefile.sys [14/07/2009 12:20:08] - |D| - [0] - C:\PerfLogs [14/07/2009 12:20:08] - |RD| - [5446526972] - C:\Program Files [14/07/2009 12:20:08] - |D| - [3098083982] - C:\Program Files (x86) [14/07/2009 12:20:08] - |HD| - [2653941848] - C:\ProgramData [21/02/2017 21:21:17] - |D| - [418150158] - C:\PS_CS2_FR_NonRet [02/10/2019 15:44:49] - |D| - [68686] - C:\QuickDiag [MD5.A15A269C2CD797A37C7C314595DDBB6A] - [02/10/2019 15:44:53] - |A| - (.-.) - [123868] - (0.0.0.0) - C:\QuickDiag.txt [06/05/2014 07:41:48] - |SHD| - [172384274] - C:\Recovery [06/05/2014 23:36:26] - |SHD| - [0] - C:\System Volume Information [MD5.158FE86686FAF3D1D2C47E8478F7F256] - [06/08/2019 10:02:15] - |A| - (.-.) - [12] - (0.0.0.0) - C:\SystemBoardInfoResult.txt [07/05/2014 16:03:38] - |D| - [9734] - C:\Temp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [03/08/2019 07:00:02] - |A| - (.-.) - [0] - (0.0.0.0) - C:\TKSPProtectLog.txt [05/05/2015 19:42:38] - |D| - [0] - C:\tmp [14/07/2009 12:20:08] - |RD| - [29938580886] - C:\Users [MD5.25C27DB8E5624670E03BFB0F2DDCB2C5] - [06/08/2019 10:06:42] - |A| - (.-.) - [549] - (0.0.0.0) - C:\UVCDeviceControl.log [14/07/2009 12:20:08] - |D| - [37345444800] - C:\Windows ---------- | C:\Windows [MD5.D2A2D69173654899705C88EEE378A5B2] - [15/07/2014 09:42:07] - |A| - (.© Microsoft Corporation. - Resource only DLL containing MOF for ASL code.) - [11248] - (6.1.7600.16385) - C:\Windows\acpimof.dll [MD5.D830EA44721DB0656DE301F91A7B5D95] - [17/03/2016 08:03:12] - |A| - (.-.) - [111] - (0.0.0.0) - C:\Windows\ACTIVEJP.INI [14/07/2009 12:20:08] - |D| - [42269719] - C:\Windows\AppCompat [14/07/2009 12:20:08] - |D| - [10942692] - C:\Windows\AppPatch [14/07/2009 12:20:08] - |RSD| - [1604696582] - C:\Windows\assembly [MD5.317CD1CE327B6520BF4EE007BCD39E61] - [21/11/2010 12:24:22] - |A| - (.© Microsoft Corporation. - Boot File Servicing Utility.) - [71168] - (6.1.7601.17514) - C:\Windows\bfsvc.exe [14/07/2009 12:20:09] - |D| - [29234168] - C:\Windows\Boot [MD5.79A88FCC86D01E33347BF3B8957DA5E3] - [14/07/2009 14:38:36] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [14/07/2009 12:20:09] - |D| - [2418176] - C:\Windows\Branding [MD5.0BE3A85FABE31AC15B16A974B0AA8B9D] - [20/05/2014 22:52:00] - |A| - (.-.) - [27] - (0.0.0.0) - C:\Windows\BRPP2KA.INI [MD5.04FA3E66BF0FE83EF07C46245A71FC3C] - [20/05/2014 22:52:00] - |A| - (.-.) - [573] - (0.0.0.0) - C:\Windows\BRWMARK.INI [MD5.3A6757A1EAD355A206D0DEEEA295C094] - [14/09/2016 08:32:10] - |A| - (.-.) - [57] - (0.0.0.0) - C:\Windows\CS_MEIDO.INI [14/07/2009 12:20:09] - |D| - [2113488] - C:\Windows\Cursors [MD5.D1BAC9FEFE81470C37C2C52A571C5EC5] - [13/05/2015 19:58:56] - |A| - (.-.) - [8192] - (0.0.0.0) - C:\Windows\d3dx.dat [14/07/2009 13:45:54] - |D| - [137426] - C:\Windows\debug [14/07/2009 14:32:38] - |D| - [2736616] - C:\Windows\diagnostics [MD5.9CADC91DF349C198FFB5477A5B23B6C2] - [20/08/2016 22:08:04] - |A| - (.© Microsoft Corporation. - Driver Install Frameworks for API library module.) - [524768] - (2.1.0.0) - C:\Windows\difxapi.dll [14/07/2009 14:37:46] - |D| - [0] - C:\Windows\DigitalLocker [MD5.BC0BC9A2BD5CCED700C6233B8C768E9E] - [03/05/2019 19:04:07] - |A| - (.-.) - [48778] - (0.0.0.0) - C:\Windows\DirectX.log [14/07/2009 14:32:38] - |D| - [65] - C:\Windows\Downloaded Program Files [31/12/2017 12:29:42] - |D| - [39522310] - C:\Windows\Driver Cache [MD5.D70351A617850C50882567E024FAB854] - [12/08/2014 14:55:23] - |N| - (.Copyright(C) 2003-2010 by nobukichi - Kantan Installer.) - [614912] - (2.105.152.3370) - C:\Windows\eiunin21.exe [13/12/2017 15:08:45] - |D| - [116936] - C:\Windows\en [14/07/2009 14:37:46] - |D| - [110080] - C:\Windows\en-US [MD5.2A66E81AE941E54A237490FC35D387C8] - [06/05/2014 08:37:23] - |A| - (.-.) - [1945] - (0.0.0.0) - C:\Windows\epplauncher.mif [MD5.50338DC3ED9955266532E0FF193520DB] - [19/01/2019 22:43:25] - |A| - (.-.) - [485] - (0.0.0.0) - C:\Windows\eReg.dat [05/12/2018 22:54:39] - |D| - [143322156] - C:\Windows\ERUNT [MD5.38AE1B3C38FAEF56FE4907922F0385BA] - [02/12/2016 23:17:52] - |A| - (.© Microsoft Corporation. - Windows Explorer.) - [3229696] - (6.1.7601.23537) - C:\Windows\explorer.exe [14/07/2009 12:20:09] - |RSD| - [374066771] - C:\Windows\Fonts [MD5.92BB2E9AA28542C685C59EFCBAC2490B] - [14/07/2009 08:22:13] - |A| - (.© Microsoft Corporation. - BitLocker Drive Encryption Servicing Utility.) - [15360] - (6.1.7600.16385) - C:\Windows\fveupdate.exe [MD5.8BB588E0A12FD310393D2DC8A533BE6B] - [15/08/2017 20:53:23] - |A| - (.-.) - [145] - (0.0.0.0) - C:\Windows\game.INI [14/07/2009 12:20:09] - |D| - [32090797] - C:\Windows\Globalization [MD5.027FD87605A59E4B46B90288D3D501BF] - [07/05/2014 16:03:38] - |A| - (.-.) - [22] - (0.0.0.0) - C:\Windows\GPU-Z.INI [14/07/2009 12:20:09] - |D| - [109519238] - C:\Windows\Help [MD5.A66E522F3CBFB8709EA37844922A002E] - [14/06/2017 10:14:20] - |A| - (.© Microsoft Corporation. - Microsoft Help and Support.) - [733696] - (6.1.7601.23834) - C:\Windows\HelpPane.exe [MD5.12589371C087A76B6E8E152939E59E98] - [09/05/2018 08:05:05] - |A| - (.© Microsoft Corporation. - Microsoft® HTML Help Executable.) - [16896] - (6.1.7601.24134) - C:\Windows\hh.exe [MD5.1AEB4967A760D6EC21A3270F1B004AC1] - [12/04/2011 17:29:01] - |A| - (.-.) - [48265] - (0.0.0.0) - C:\Windows\HomePremium.xml [14/07/2009 12:20:09] - |D| - [143540740] - C:\Windows\IME [14/07/2009 12:20:10] - |D| - [139806441] - C:\Windows\inf [06/05/2014 08:05:36] - |SHD| - [3518020353] - C:\Windows\Installer [MD5.36932522D014499D7F7B1BB921D05842] - [21/05/2014 22:20:22] - |A| - (.Copyright© 1990-1998 InstallShield Software Corporation Phone : (847) 240-9111 - InstallShield® unInstaller.) - [327168] - (5.50.137.0) - C:\Windows\IsUn040c.exe [MD5.29359D9161CAD8AE48B44B01A3E95911] - [16/03/2016 18:09:55] - |A| - (.Copyright (C) 1990-1997 InstallShield Software Corporation Phone : (847) 240-9111 - InstallShield (R) unInstaller.) - [304128] - (5.10.133.0) - C:\Windows\IsUn0411.exe [MD5.515E4684008E955DE0C81E6A7AEA1C2A] - [31/05/2017 19:11:29] - |A| - (.Copyright InstallShield Corporation, Inc. 1990-1997 - InstallShield® unInstaller.) - [306688] - (5.51.138.0) - C:\Windows\IsUninst.exe [14/07/2009 12:20:10] - |D| - [48371] - C:\Windows\L2Schemas [14/07/2009 12:20:10] - |D| - [0] - C:\Windows\LiveKernelReports [14/07/2009 12:20:10] - |D| - [84473954] - C:\Windows\Logs [14/07/2009 12:20:10] - |RSD| - [13327133] - C:\Windows\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [14/07/2009 09:10:29] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [14/07/2009 12:20:10] - |D| - [890026834] - C:\Windows\Microsoft.NET [06/05/2014 09:58:21] - |D| - [4398] - C:\Windows\Migration [26/08/2014 23:46:29] - |D| - [0] - C:\Windows\Minidump [14/07/2009 12:20:10] - |D| - [0] - C:\Windows\ModemLogs [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 11:35:42] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\Windows\msdfmap.ini [03/12/2018 06:59:44] - |HD| - [0] - C:\Windows\msdownld.tmp [MD5.B32189BDFF6E577A92BAA61AD49264E6] - [12/08/2015 08:36:32] - |A| - (.© Microsoft Corporation. - Notepad.) - [193536] - (6.1.7601.18917) - C:\Windows\notepad.exe [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [26/03/2019 12:55:46] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\Windows\NvContainerRecovery.bat [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [26/03/2019 12:55:59] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\Windows\NvTelemetryContainerRecovery.bat [14/07/2009 14:32:38] - |D| - [65] - C:\Windows\Offline Web Pages [MD5.A6D8A8EFDF5CB2223D47C8FAF0608028] - [03/12/2017 22:17:40] - |N| - (.-.) - [818] - (0.0.0.0) - C:\Windows\ONKYOHS.ini.cfg [MD5.56117A8917DEFAC9EBCFB80F5C31C3C9] - [03/12/2017 22:17:42] - |A| - (.-.) - [72] - (0.0.0.0) - C:\Windows\ONKYOHS.ini.cfl [MD5.8B1141866A90AD6F50266778EC9C3DF8] - [03/12/2017 22:17:40] - |A| - (.-.) - [233] - (0.0.0.0) - C:\Windows\ONKYOHS.ini.imi [07/05/2014 00:36:03] - |D| - [972488] - C:\Windows\Panther [09/12/2014 15:26:38] - |D| - [0] - C:\Windows\PCHEALTH [14/07/2009 14:32:38] - |D| - [63019762] - C:\Windows\Performance [MD5.296D5D8F0ECF13E986A60A0153AF417E] - [01/07/2017 06:57:00] - |A| - (.-.) - [188600] - (0.0.0.0) - C:\Windows\PFRO.log [14/07/2009 12:20:10] - |D| - [1109514] - C:\Windows\PLA [14/07/2009 12:20:10] - |D| - [2332972] - C:\Windows\PolicyDefinitions [06/05/2014 23:36:33] - |D| - [0] - C:\Windows\Prefetch [MD5.2E2C937846A0B8789E5E91739284D17A] - [14/07/2009 08:27:10] - |A| - (.© Microsoft Corporation. - Registry Editor.) - [427008] - (6.1.7600.16385) - C:\Windows\regedit.exe [14/07/2009 12:20:10] - |D| - [1071164] - C:\Windows\Registration [11/11/2015 21:15:07] - |D| - [5267358] - C:\Windows\rescache [14/07/2009 12:20:10] - |D| - [1674534] - C:\Windows\Resources [MD5.A095B3E67C8EB8F2137EAC63687F2F5B] - [06/05/2014 10:41:52] - |A| - (.Copyright (C) 2016 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2839520] - (1.0.7.0) - C:\Windows\RtlExUpd.dll [14/07/2009 12:20:10] - |D| - [0] - C:\Windows\SchCache [14/07/2009 12:20:10] - |D| - [58021] - C:\Windows\schemas [14/07/2009 12:20:10] - |D| - [1057262] - C:\Windows\security [14/07/2009 13:45:47] - |D| - [308344415] - C:\Windows\ServiceProfiles [14/07/2009 12:20:10] - |D| - [314326458] - C:\Windows\servicing [14/07/2009 13:45:50] - |D| - [42] - C:\Windows\Setup [MD5.6F0F16FD35A5F39ED7045451826E850C] - [07/07/2015 15:23:37] - |N| - (.Copyright(C) 1987-1999 Microsoft Corporation - Visual Basic 6.0 Setup Toolkit.) - [245760] - (6.0.0.8439) - C:\Windows\Setup1.exe [MD5.647D43BEAB85DEBCA0FDA46A0EF98836] - [24/03/2019 07:04:41] - |A| - (.-.) - [48339] - (0.0.0.0) - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [24/03/2019 07:04:41] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log [MD5.4C5E6BFAF1BBFFEC60B47BFFF9AE3CC8] - [24/07/2018 16:13:52] - |A| - (.-.) - [474] - (0.0.0.0) - C:\Windows\SIERRA.INI [02/12/2016 07:50:45] - |D| - [1674791700] - C:\Windows\SoftwareDistribution [06/05/2014 07:41:45] - |D| - [1492621523] - C:\Windows\SoftwareDistribution.Old [24/07/2018 16:15:05] - |D| - [0] - C:\Windows\solcache [14/07/2009 12:20:10] - |D| - [181014046] - C:\Windows\Speech [MD5.127AA81343A7C6F665C22CB1293B0A90] - [06/05/2014 10:12:27] - |A| - (.© Microsoft Corporation. - Print driver host for 32bit applications.) - [67072] - (6.1.7601.17777) - C:\Windows\splwow64.exe [MD5.E6B54B8F350E0BBC7D093DF3E826E34B] - [07/07/2015 15:23:37] - |A| - (.Copyright (C) 1987-1998 Microsoft Corp. - Visual Basic Setup Toolkit Uninstaller.) - [73216] - (6.0.84.50) - C:\Windows\ST6UNST.EXE [MD5.9060C3C745E7B2D8E1A81DD061021546] - [14/07/2009 14:28:38] - |A| - (.-.) - [48201] - (0.0.0.0) - C:\Windows\Starter.xml [14/05/2014 10:29:40] - |D| - [0] - C:\Windows\Sun [14/07/2009 12:20:10] - |D| - [320] - C:\Windows\system [MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 11:34:57] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [14/07/2009 12:20:10] - |D| - [6253738613] - C:\Windows\System32 [14/07/2009 12:20:14] - |D| - [2863745321] - C:\Windows\SysWOW64 [14/07/2009 12:20:14] - |D| - [15] - C:\Windows\TAPI [14/07/2009 12:20:14] - |D| - [32586] - C:\Windows\Tasks [14/07/2009 12:20:14] - |D| - [98475484] - C:\Windows\Temp [14/07/2009 12:20:14] - |D| - [0] - C:\Windows\tracing [MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [11/06/2009 06:41:17] - |A| - (.- Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\Windows\twain.dll [14/07/2009 14:32:38] - |D| - [2408974] - C:\Windows\twain_32 [MD5.163A95975E1D8819E653AA3E961371CA] - [21/11/2010 12:25:10] - |A| - (.- Twain_32 Source Manager (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\Windows\twain_32.dll [MD5.F36A271706EDD23C94956AFB56981184] - [14/07/2009 07:47:26] - |A| - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\Windows\twunk_16.exe [MD5.0BD6E68F3EA0DD62CD86283D86895381] - [14/07/2009 09:14:40] - |A| - (.- Twain.dll Client's 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\Windows\twunk_32.exe [26/03/2016 08:14:19] - |D| - [186512] - C:\Windows\ucharge [14/07/2009 12:20:14] - |D| - [12420] - C:\Windows\Vss [14/07/2009 12:20:14] - |D| - [40681427] - C:\Windows\Web [MD5.48BE14CFCF68FD154E7B83A2BF12E55C] - [23/08/2017 15:38:27] - |A| - (.-.) - [22] - (0.0.0.0) - C:\Windows\WET.INI [MD5.162904DAA5412143F5403233E77F787E] - [14/07/2009 11:34:57] - |A| - (.-.) - [403] - (0.0.0.0) - C:\Windows\win.ini [MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [14/07/2009 13:54:24] - |RAH| - (.-.) - [749] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.605586E2A5A121A5874778929C4482C5] - [23/03/2019 22:15:55] - |A| - (.-.) - [2072984] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.1D420D66250BCAAAED05724FB34008CF] - [14/07/2009 09:12:29] - |A| - (.© Microsoft Corporation. - Windows Winhlp32 Stub.) - [9728] - (6.1.7600.16385) - C:\Windows\winhlp32.exe [MD5.E2D950702345C2735D08AA5D265AEAE8] - [19/01/2019 23:01:54] - |A| - (.-.) - [310] - (0.0.0.0) - C:\Windows\wininit.ini [14/07/2009 12:20:14] - |D| - [16842325812] - C:\Windows\winsxs [MD5.907AE50A03DEEC4CFFDC70EA3D5AD4D8] - [31/03/2014 21:34:22] - |A| - (.© 2012 Microsoft Corporation. - Photo Gallery Screen Saver.) - [322248] - (16.4.3528.331) - C:\Windows\WLXPGSS.SCR [MD5.EA3ECB92A2EA3A42273CB3B308CA1A5B] - [09/01/2018 13:52:33] - |A| - (.-.) - [156910] - (0.0.0.0) - C:\Windows\WMSysPr8.prx [MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [11/06/2009 05:52:44] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.F8ED3B4B209E2CB49028E36CF06CA851] - [14/07/2009 08:56:28] - |A| - (.© Microsoft Corporation. - Windows Write.) - [10240] - (6.1.7600.16385) - C:\Windows\write.exe ---------- | C:\Windows\System32\GroupPolicy [MD5.C57F2E759C7EBFE8C8285F5D2F2BFC6A] - [24/04/2019 15:18:48] - |A| - (.-.) - [127] - (0.0.0.0) - C:\Windows\System32\GroupPolicy\GPT.INI [24/04/2019 15:18:48] - |D| - [150] - C:\Windows\System32\GroupPolicy\Machine [24/04/2019 15:18:48] - |D| - [0] - C:\Windows\System32\GroupPolicy\User ---------- | Systemroot\System [20/08/2016 22:08:09] - |A| - [138] - C:\Windows\System\Dlap.pfx () - () [03/12/2017 22:17:40] - |A| - [182] - C:\Windows\System\ONKYOHS.ini () - () ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [27/05/2008 15:28:49] - C:\Windows\Installer\127a349.msi : (ZERO - Eushully) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/10/2018 22:15:03] - C:\Windows\Installer\127a34d.msi : (ZERO Ver1.01 Update - Eushully) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/03/2019 14:01:50] - C:\Windows\Installer\15a7f46.msi : (Adobe Reader Extended Asian Language Font Pack - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/05/2019 22:19:07] - C:\Windows\Installer\2c03e.msi : (NativeDesktopMediaService - Jetmedia) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/03/2016 08:13:01] - C:\Windows\Installer\2cc61f.msi : (SoftDenchi runtime programs. - Paltiosoft Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/12/2014 23:39:13] - C:\Windows\Installer\360b1e.msi : (Java SE Runtime Environment 8.0 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/12/2014 23:39:10] - C:\Windows\Installer\360b25.msi : (Java Auto Updater - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/05/2014 10:20:30] - C:\Windows\Installer\475a54.msi : (Intel(R) Chipset Device Software - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [31/07/2019 19:41:13] - C:\Windows\Installer\4e729.msi : (NativeDesktopMediaService - Jetmedia) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/06/2017 14:47:02] - C:\Windows\Installer\632f2e.msi : (Blank Project Template - Etron Technology) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/08/2014 18:16:04] - C:\Windows\Installer\7818fe.msi : (OpenOffice 4.1.1 - OpenOffice) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/11/2018 09:52:28] - C:\Windows\Installer\8ed8b7.msi : (Epic Games Launcher - Epic Games, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/11/2015 10:56:58] - C:\Windows\Installer\8ed8be.msi : (Epic Games Launcher Prerequisites (x64) - Epic Games, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/10/2019 19:14:56] - C:\Windows\Installer\9bd58.msi : (ViGEm Bus Driver - Nefarius Software Solutions e.U.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/08/2019 22:38:35] - C:\Windows\Installer\9def7.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/04/2005 10:10:24] - C:\Windows\Installer\a3c872.msi : (Adobe Photoshop CS2 - Adobe Systems) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/04/2005 16:30:12] - C:\Windows\Installer\a3c879.msi : (Adobe Bridge 1.0 - Adobe Systems) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2005 16:04:42] - C:\Windows\Installer\a3c880.msi : (Adobe Common File -) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [31/03/2005 18:33:38] - C:\Windows\Installer\a3c887.msi : (Adobe Help Center - Adobe Systems) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [31/03/2005 19:00:28] - C:\Windows\Installer\a3c88e.msi : (Adobe Stock Photo 1.0 - Adobe Systems) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/11/2014 07:55:37] - C:\Windows\Installer\afcae.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/03/2015 17:41:29] - C:\Windows\Installer\bdf9f.msi : ( - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [31/07/2007 21:29:20] - [12880896] - (.().-. - ()) - C:\Windows\Installer\132be91.msp [25/07/2019 05:01:10] - [41811968] - (.().-. - ()) - C:\Windows\Installer\1360bc2.msp [10/12/2014 20:53:31] - [53442560] - (.().-. - ()) - C:\Windows\Installer\14abdb9.msp [10/07/2014 15:02:38] - [51200] - (.().-. - ()) - C:\Windows\Installer\14abe4b.msp [10/07/2014 15:02:50] - [9720320] - (.().-. - ()) - C:\Windows\Installer\14abeb2.msp [10/07/2014 15:02:50] - [8308736] - (.().-. - ()) - C:\Windows\Installer\14abf25.msp [10/07/2014 13:45:52] - [2819584] - (.().-. - ()) - C:\Windows\Installer\14abf33.msp [10/07/2014 15:02:54] - [25837056] - (.().-. - ()) - C:\Windows\Installer\14abf64.msp [07/06/2018 20:41:40] - [10661888] - (.().-. - ()) - C:\Windows\Installer\1553e3.msp [13/05/2019 15:57:34] - [59400192] - (.().-. - ()) - C:\Windows\Installer\1708df5.msp [03/01/2019 18:17:04] - [1720320] - (.().-. - ()) - C:\Windows\Installer\170a5c5.msp [04/12/2018 20:12:58] - [41668608] - (.().-. - ()) - C:\Windows\Installer\17386cc.msp [03/08/2018 08:32:16] - [41656320] - (.().-. - ()) - C:\Windows\Installer\199e8ed.msp [16/01/2019 16:06:59] - [53014528] - (.().-. - ()) - C:\Windows\Installer\1bed6d6.msp [15/08/2018 06:08:56] - [41676800] - (.().-. - ()) - C:\Windows\Installer\1da83fe.msp [10/04/2019 08:34:58] - [41828352] - (.().-. - ()) - C:\Windows\Installer\1df932f.msp [14/09/2016 16:43:09] - [53339648] - (.().-. - ()) - C:\Windows\Installer\1ec7dc0.msp [12/10/2016 16:00:29] - [53345280] - (.().-. - ()) - C:\Windows\Installer\20065be.msp [14/06/2017 17:07:59] - [53350400] - (.().-. - ()) - C:\Windows\Installer\20cb1da.msp [15/03/2017 22:27:28] - [53348864] - (.().-. - ()) - C:\Windows\Installer\21332dc.msp [04/06/2019 16:15:38] - [41811968] - (.().-. - ()) - C:\Windows\Installer\235e31f.msp [13/05/2015 23:07:05] - [53332992] - (.().-. - ()) - C:\Windows\Installer\2c56c6.msp [07/11/2018 17:19:22] - [41668608] - (.().-. - ()) - C:\Windows\Installer\2d9910e.msp [13/01/2016 22:17:29] - [53338112] - (.().-. - ()) - C:\Windows\Installer\2eb52a0.msp [12/04/2017 22:24:35] - [53348864] - (.().-. - ()) - C:\Windows\Installer\30a74d0.msp [09/12/2015 22:47:30] - [53336064] - (.().-. - ()) - C:\Windows\Installer\30b5262.msp [14/12/2014 08:51:25] - [53299200] - (.().-. - ()) - C:\Windows\Installer\3412a6.msp [23/06/2016 23:19:37] - [53339648] - (.().-. - ()) - C:\Windows\Installer\3521c2.msp [28/06/2011 21:21:32] - [4637184] - (.().-. - ()) - C:\Windows\Installer\355d61b.msp [28/06/2011 21:27:28] - [4028928] - (.().-. - ()) - C:\Windows\Installer\355e73a.msp [24/07/2014 23:38:15] - [53303296] - (.().-. - ()) - C:\Windows\Installer\388bccb.msp [21/12/2018 17:00:22] - [41832448] - (.().-. - ()) - C:\Windows\Installer\3fff21.msp [08/07/2014 19:29:51] - [53303296] - (.().-. - ()) - C:\Windows\Installer\4784a.msp [22/10/2018 22:33:19] - [2584576] - (.().-. - ()) - C:\Windows\Installer\4f78b.msp [13/06/2019 21:38:00] - [2260992] - (.().-. - ()) - C:\Windows\Installer\5eb57a.msp [12/08/2015 13:27:47] - [53332992] - (.().-. - ()) - C:\Windows\Installer\623044.msp [20/11/2013 19:35:18] - [6696448] - (.().-. - ()) - C:\Windows\Installer\666237.msp [30/11/2016 12:21:48] - [10891264] - (.().-. - ()) - C:\Windows\Installer\666243.msp [25/08/2010 17:06:30] - [6479360] - (.().-. - ()) - C:\Windows\Installer\66624f.msp [12/09/2007 16:37:22] - [344064] - (.().-. - ()) - C:\Windows\Installer\66625a.msp [17/05/2011 18:28:52] - [6862848] - (.().-. - ()) - C:\Windows\Installer\666266.msp [04/09/2017 15:43:06] - [6676480] - (.().-. - ()) - C:\Windows\Installer\666272.msp [12/12/2012 10:40:24] - [6141440] - (.().-. - ()) - C:\Windows\Installer\66627e.msp [24/05/2011 16:27:26] - [60928] - (.().-. - ()) - C:\Windows\Installer\666289.msp [27/10/2017 09:20:04] - [3747840] - (.().-. - ()) - C:\Windows\Installer\666296.msp [28/08/2017 23:44:32] - [6455296] - (.().-. - ()) - C:\Windows\Installer\6662a2.msp [30/06/2012 03:47:34] - [54272] - (.().-. - ()) - C:\Windows\Installer\72a2ca.msp [30/06/2012 03:47:30] - [9682432] - (.().-. - ()) - C:\Windows\Installer\72a2ec.msp [30/06/2012 03:47:28] - [8294912] - (.().-. - ()) - C:\Windows\Installer\72a2f5.msp [30/06/2012 03:47:30] - [116224] - (.().-. - ()) - C:\Windows\Installer\72a2fe.msp [30/06/2012 03:47:26] - [137216] - (.().-. - ()) - C:\Windows\Installer\72a307.msp [30/06/2012 01:02:02] - [2811392] - (.().-. - ()) - C:\Windows\Installer\72a311.msp [30/06/2012 03:47:34] - [26948096] - (.().-. - ()) - C:\Windows\Installer\72a321.msp [30/06/2012 03:47:30] - [2934784] - (.().-. - ()) - C:\Windows\Installer\72a32a.msp [13/11/2018 13:24:12] - [3485696] - (.().-. - ()) - C:\Windows\Installer\9ce3e.msp [08/04/2019 15:22:42] - [7155712] - (.().-. - ()) - C:\Windows\Installer\9fd2b.msp [23/02/2018 22:25:19] - [1343488] - (.().-. - ()) - C:\Windows\Installer\a30e6.msp [09/07/2018 14:47:48] - [27000832] - (.().-. - ()) - C:\Windows\Installer\a36f0.msp [13/08/2018 15:19:45] - [1441792] - (.().-. - ()) - C:\Windows\Installer\b90c5.msp [08/10/2018 20:11:44] - [2174976] - (.().-. - ()) - C:\Windows\Installer\b93c6.msp [12/05/2018 15:05:37] - [7094272] - (.().-. - ()) - C:\Windows\Installer\b9be4.msp [11/02/2019 15:36:53] - [8757248] - (.().-. - ()) - C:\Windows\Installer\bb144.msp [10/12/2018 15:52:51] - [44044288] - (.().-. - ()) - C:\Windows\Installer\bcb03.msp [12/08/2019 15:29:03] - [50438144] - (.().-. - ()) - C:\Windows\Installer\bd47d.msp [18/09/2018 17:10:59] - [4706304] - (.().-. - ()) - C:\Windows\Installer\be3da.msp [30/03/2015 05:07:00] - [69632] - (.().-. - ()) - C:\Windows\Installer\be505b.msp [30/03/2015 05:01:28] - [9658368] - (.().-. - ()) - C:\Windows\Installer\be50c3.msp [30/03/2015 05:01:26] - [8269824] - (.().-. - ()) - C:\Windows\Installer\be5137.msp [30/03/2015 03:47:24] - [2822144] - (.().-. - ()) - C:\Windows\Installer\be5146.msp [30/03/2015 05:01:30] - [25653248] - (.().-. - ()) - C:\Windows\Installer\be517a.msp [20/02/2019 21:28:20] - [1986560] - (.().-. - ()) - C:\Windows\Installer\bf800.msp [22/08/2019 20:14:18] - [2002944] - (.().-. - ()) - C:\Windows\Installer\c01df.msp ---------- | %System%\*.in* [14/07/2009 13:57:09] - [73] - C:\Windows\System32\desktop.ini [15/04/2015 15:20:18] - [16303] - C:\Windows\System32\ieuinit.inf [03/12/2017 22:17:42] - [63] - C:\Windows\System32\Onkyoasio64.ini [14/07/2009 14:13:15] - [873458] - C:\Windows\System32\PerfStringBackup.INI [11/06/2009 06:01:25] - [60124] - C:\Windows\System32\tcpmon.ini [29/01/2018 19:40:14] - [4779] - C:\Windows\System32\TKFWFV.inf [09/08/2004 07:00:42] - [114] - C:\Windows\Syswow64\BRLMW03A.INI [15/04/2015 15:20:19] - [16303] - C:\Windows\Syswow64\ieuinit.inf [14/07/2009 13:55:01] - [57] - C:\Windows\Syswow64\mapisvc.inf [03/12/2017 22:17:42] - [58] - C:\Windows\Syswow64\Onkyoasio.ini [06/05/2014 08:06:40] - [867834] - C:\Windows\Syswow64\PerfStringBackup.INI ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.6712E83EA2BF4FB46A316EEEF51E8101] - |A| - [13/03/2019 09:31:02] - (.-.) - [124.99 Ko] - (0.0.0.0) - C:\Windows\AppPatch\AppPatch64\sysmain.sdb [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:08] - [0 Ko] - C:\Windows\AppPatch\Custom\Custom64 [MD5.00000000000000000000000000000000] - |D| - [22/03/2018 07:02:04] - [884.72 Ko] - C:\Windows\Temp\1258961E-D0A1-4EE5-8E92-1332CA19643E15c0.1d3c1603ed17b85 [MD5.00000000000000000000000000000000] - |D| - [10/07/2019 06:57:25] - [0 Ko] - C:\Windows\Temp\3C11808E-CEDA-464B-915D-9752C6EBE8F9-Sigs [MD5.1FE0956A2BD29DCD2AAA9CE41CD9E9EF] - |A| - [12/04/2019 22:31:58] - (.-.) - [9.78 Ko] - (0.0.0.0) - C:\Windows\Temp\AdobeARM.log [MD5.1045C63E46C075F7C367F4E45019B93E] - |A| - [12/04/2019 22:32:17] - (.-.) - [0.17 Ko] - (0.0.0.0) - C:\Windows\Temp\AdobeARM_NotLocked.log [MD5.06D7CE8E72516770C8D094ED03C17970] - |A| - [15/05/2019 16:24:29] - (.-.) - [4.47 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00000.log [MD5.C188B1BA59D287C5B1734ABB940CFE02] - |A| - [15/05/2019 16:24:33] - (.-.) - [2.9 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00001.log [MD5.C178EAD35633AAD1422E9DF37AE3B935] - |A| - [10/07/2019 17:02:41] - (.-.) - [4.47 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00002.log [MD5.1C04A43E85BD5F85ECA44B5EAD461AB4] - |A| - [10/07/2019 17:02:45] - (.-.) - [2.9 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00003.log [MD5.2F2ACF03917F18D1F5AA2390FD36B41F] - |A| - [11/09/2019 12:41:05] - (.-.) - [4.47 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00004.log [MD5.AE412DF89DEF6440A66DC4AD252CF382] - |A| - [11/09/2019 12:41:09] - (.-.) - [2.9 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00005.log [MD5.1825133C488CFD5E6D74A655789EECEB] - |A| - [23/03/2019 07:11:53] - (.-.) - [0.24 Ko] - (0.0.0.0) - C:\Windows\Temp\BootClean.log [MD5.2CF1AFF6018EDE5A35A6625C6124DDAC] - |A| - [15/05/2019 16:24:11] - (.-.) - [1.58 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP46-KB4495588-x64_decompression_log.txt [MD5.35149DFAE97A55CF12BA5B5759E938FE] - |A| - [10/07/2019 17:02:28] - (.-.) - [1.4 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP47-KB4506997-x64_decompression_log.txt [MD5.4F2C7CF0D30E3E6B0909BAD8112E917A] - |A| - [11/09/2019 12:40:53] - (.-.) - [1.46 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP47-KB4511516-x64_decompression_log.txt [MD5.A0A860BC3B275CBCA3B36A812A50007A] - |A| - [15/05/2019 16:24:28] - (.-.) - [4.57 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20190515_072428_603.txt [MD5.3734C258A3C13D12A6E8986E199A99D4] - |A| - [15/05/2019 16:24:28] - (.-.) - [2.63 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20190515_072428_986.txt [MD5.16E4C3EF17CBB0FC2490BBA3A95357A3] - |A| - [10/07/2019 17:02:40] - (.-.) - [4.57 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20190710_080240_222.txt [MD5.4CEC7996D9DB5C0D5E95C92610D897E5] - |A| - [10/07/2019 17:02:40] - (.-.) - [2.63 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20190710_080240_472.txt [MD5.C698D3121985680FC0DF24F5248F380E] - |A| - [11/09/2019 12:41:04] - (.-.) - [4.57 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20190911_034104_627.txt [MD5.D93262AF45888C59F04814BF4E335C9C] - |A| - [11/09/2019 12:41:04] - (.-.) - [2.63 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20190911_034104_977.txt [MD5.04B8C074492C02DF3114CB633D417E27] - |A| - [15/05/2019 16:24:23] - (.-.) - [11479.58 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4495588_20190515_162416086-Microsoft .NET Framework 4.7.2-MSP0.txt [MD5.FCD5DB503CB9BBFFA65439ED2C1513CB] - |A| - [15/05/2019 16:24:15] - (.-.) - [100.99 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4495588_20190515_162416086.html [MD5.F76303E2BA25B8AF6A6DA727FEA3CF2D] - |A| - [10/07/2019 17:02:34] - (.-.) - [11976.55 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4506997_20190710_170233152-Microsoft .NET Framework 4.7.2-MSP0.txt [MD5.A951F0B9C0F5A8225129FDBBE62C22CA] - |A| - [10/07/2019 17:02:32] - (.-.) - [100.78 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4506997_20190710_170233152.html [MD5.8104581BC825A6FEC6E226B0A1BD6421] - |A| - [11/09/2019 12:40:59] - (.-.) - [12443.74 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4511516_20190911_124058337-Microsoft .NET Framework 4.7.2-MSP0.txt [MD5.556D2FB1F477E9C224DC1486B1363028] - |A| - [11/09/2019 12:40:58] - (.-.) - [99.65 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4511516_20190911_124058337.html [MD5.42196E070EE6A3443106EFB79299C332] - |A| - [05/12/2018 19:48:42] - (.-.) - [1533.22 Ko] - (0.0.0.0) - C:\Windows\Temp\MpCmdRun.log [MD5.7FC7BA5EDB006FE464151B8F7759AAA0] - |A| - [06/12/2018 22:37:08] - (.-.) - [654.84 Ko] - (0.0.0.0) - C:\Windows\Temp\MpSigStub.log [MD5.333E9A150E139123174635245627F2E5] - |A| - [09/08/2019 22:38:35] - (.-.) - [441.19 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI9de9b.LOG [MD5.2FFBAAA78CBBAE896F07BBDCDD96DE0C] - |A| - [12/04/2019 22:32:08] - (.-.) - [10614.18 Ko] - (0.0.0.0) - C:\Windows\Temp\MSIa23b5.LOG [MD5.24C2BDBF38C732D2D7E2BE384A8ABEB5] - |A| - [14/05/2019 22:01:24] - (.-.) - [12128.29 Ko] - (0.0.0.0) - C:\Windows\Temp\MSIb0ee.LOG [MD5.07A249EDBE11D51CE989BA5449A4E7D9] - |A| - [16/08/2019 21:38:34] - (.-.) - [13059.32 Ko] - (0.0.0.0) - C:\Windows\Temp\MSIbf8a0.LOG [MD5.4ED22A8EBD2E1AE86C121F5F394E7E6B] - |A| - [23/08/2019 06:58:54] - (.-.) - [10148.66 Ko] - (0.0.0.0) - C:\Windows\Temp\MSIc1d8e.LOG [MD5.5BFDCA478043E5AA65595C6B2E1F7739] - |A| - [15/06/2019 23:08:07] - (.-.) - [9695.18 Ko] - (0.0.0.0) - C:\Windows\Temp\MSIed4fc.LOG [MD5.00000000000000000000000000000000] - |D| - [26/03/2019 12:55:43] - [19.1 Ko] - C:\Windows\Temp\NvidiaLogging [MD5.DBEF78447120E830587017C581F994F1] - |A| - [11/09/2019 12:41:06] - (.-.) - [10.19 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI2487.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [11/09/2019 12:41:06] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI2487.tmp-tmp [MD5.DBEF78447120E830587017C581F994F1] - |A| - [15/05/2019 16:24:30] - (.-.) - [10.19 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIAF1D.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [15/05/2019 16:24:30] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIAF1D.tmp-tmp [MD5.DBEF78447120E830587017C581F994F1] - |A| - [10/07/2019 17:02:41] - (.-.) - [10.19 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIFE47.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [10/07/2019 17:02:41] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIFE47.tmp-tmp [MD5.00000000000000000000000000000000] - |D| - [20/05/2019 23:34:33] - [28 Ko] - C:\Windows\Temp\SDIAG_29a75444-a30e-499c-8af7-1de985ba0808 [MD5.00000000000000000000000000000000] - |D| - [14/08/2019 16:57:32] - [28 Ko] - C:\Windows\Temp\SDIAG_2d5ecab9-0d6b-40fd-9602-1a32464b68b9 [MD5.00000000000000000000000000000000] - |D| - [20/05/2019 23:34:27] - [28 Ko] - C:\Windows\Temp\SDIAG_650ce3fe-d255-4291-8d54-267640258b43 [MD5.00000000000000000000000000000000] - |D| - [20/05/2019 23:34:22] - [28 Ko] - C:\Windows\Temp\SDIAG_70db0993-d2ac-4863-a3b8-f572e17b71c4 [MD5.00000000000000000000000000000000] - |D| - [14/08/2019 16:58:27] - [28 Ko] - C:\Windows\Temp\SDIAG_84addeb7-8dfc-44e2-8a60-4e8b83841e79 [MD5.00000000000000000000000000000000] - |D| - [14/08/2019 16:57:26] - [28 Ko] - C:\Windows\Temp\SDIAG_8700c01b-5d28-4a6c-b747-914bfd963293 [MD5.00000000000000000000000000000000] - |D| - [24/05/2019 07:04:01] - [28 Ko] - C:\Windows\Temp\SDIAG_d38bc160-44d9-42a4-b6f8-99213b205165 [MD5.00000000000000000000000000000000] - |D| - [24/05/2019 07:04:08] - [28 Ko] - C:\Windows\Temp\SDIAG_d467b5ff-b366-4c4a-a241-38a099b48542 [MD5.C090ED1F3A9E7295F4970607DDDEEEC8] - |A| - [10/07/2019 17:28:30] - (.-.) - [128 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_6F36.tmp [MD5.1CF12C03542D39788152503964C82ACB] - |A| - [10/07/2019 17:28:32] - (.-.) - [320 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_78A9.tmp [MD5.22DF0C77C5C0C94344B14B5EE6389908] - |A| - [02/07/2019 20:00:32] - (.-.) - [0.18 Ko] - (0.0.0.0) - C:\Windows\Temp\UCManSvcps.log [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 17:17:52] - [0 Ko] - C:\Windows\System32\0409 [MD5.00000000000000000000000000000000] - |D| - [09/12/2014 15:27:09] - [317.43 Ko] - C:\Windows\System32\1033 [MD5.D41D8CD98F00B204E9800998ECF8427E] - |AH| - [06/05/2014 10:50:26] - (.-.) - [19.08 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [MD5.D41D8CD98F00B204E9800998ECF8427E] - |AH| - [06/05/2014 10:50:26] - (.-.) - [19.08 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [MD5.59683D1E4CD0B1AD6AE32E1D627AE25F] - |A| - [16/05/2018 12:29:34] - (.Copyright © 2003 by fccHandler - AC-3 ACM Decompressor.) - [80 Ko] - (0.7.0.0) - C:\Windows\System32\AC3ACM.acm [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:10] - [4987.5 Ko] - C:\Windows\System32\AdvancedInstallers [MD5.8210141840CE237FBF40B6E26E2DD11D] - |A| - [16/05/2018 12:29:34] - (.NCT Company Copyright 1999 - 2001 - NCT ALF2CD Audio CODEC.) - [38 Ko] - (2.3.1.0) - C:\Windows\System32\alf2cd.acm [MD5.00000000000000000000000000000000] - |D| - [19/05/2015 17:02:58] - [2732.89 Ko] - C:\Windows\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:10] - [415 Ko] - C:\Windows\System32\ar-SA [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:10] - [173 Ko] - C:\Windows\System32\bg-BG [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:10] - [2583.3 Ko] - C:\Windows\System32\Boot [MD5.85FE9CD4BA40DDB12012ECB49C9CB263] - |A| - [26/10/1999 16:00:00] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\System32\BRADM10A.DAT [MD5.F02F93D5AEC524052E4A37C1BB7CCF31] - |A| - [14/07/2009 10:20:24] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother Multi Function CoInstaller.) - [19 Ko] - (1.0.0.20) - C:\Windows\System32\brcoinst.dll [MD5.3FC8CD18DA06D8D2F990EF4ECC42AB99] - |A| - [20/05/2014 22:52:01] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\System32\bridf08b.dat [MD5.4C1549D5165F74ABC24DF7BFB981DF05] - |A| - [14/07/2009 10:18:16] - (.Copyright (C) Brother Industries. 1996-2008 - Brother MFC WIA minidriver(for 64Bit).) - [224 Ko] - (7.0.2.2) - C:\Windows\System32\Brmf3wia.dll [MD5.F4CD2AB5415DCE817BEADC8203C8DD25] - |A| - [14/07/2009 10:19:59] - (.Copyright(C) 2001-2008 Brother Industries, Ltd. - USB STI device accessing module for Brother MFC.) - [37.5 Ko] - (7.0.0.0) - C:\Windows\System32\BrUs2Sti.dll [MD5.F7E457984E711DDBBB0BD7F0D8424D5F] - |A| - [20/05/2014 22:51:52] - (.Copyright(C) 2001-2009 Brother Industries, Ltd. - USB STI device accessing module for Brother MFC(for 64Bit).) - [49 Ko] - (2.0.7.0) - C:\Windows\System32\BrUsi09a.dll [MD5.69E4B483019B912DFFC7E59BA35432EC] - |A| - [19/12/2012 03:42:28] - (.Copyright (C) Brother Industries. 1996-2009 - Brother MFC WIA minidriver(for 64Bit).) - [1523.5 Ko] - (3.10.6.13) - C:\Windows\System32\BrWia09b.dll [MD5.7D00FF6A4315FDF4ACAFBB4EF157EA9F] - |A| - [14/07/2009 09:07:04] - (.Copyright (C) 2008 - Bthpan Context Handler.) - [91.5 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:10] - [196525.64 Ko] - C:\Windows\System32\catroot [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:10] - [34822.94 Ko] - C:\Windows\System32\catroot2 [MD5.4620AFA49AD4C6F60C58E7AECEACD0C2] - |N| - [20/08/2016 22:08:06] - (.Copyright (C) 2006 - Vista Driver Installer.) - [346 Ko] - (1.0.0.9) - C:\Windows\System32\CmiInstallResAll64.dll [MD5.39BAA6B02F27933851C354CA83CF9B66] - |A| - [03/09/2015 03:03:06] - (.Copyright CANON INC. 2015 - Canon SELPHY Driver Language Monitor.) - [69.98 Ko] - (2.0.1.2) - C:\Windows\System32\cnylcp03.dll [MD5.5268BAD1291DEDE0B0B65F06313038EB] - |A| - [03/09/2015 01:42:20] - (.Copyright CANON INC. 2015 - Canon SELPHY Driver Status Monitor.) - [78.97 Ko] - (2.0.1.2) - C:\Windows\System32\cnyscp03.exe [MD5.1DAD321941250366FD8E0F2BEB5EBDDA] - |A| - [03/09/2015 03:03:12] - (.Copyright CANON INC. 2015 - SELPHY CP Family Status Monitor.) - [53.98 Ko] - (2.0.1.2) - C:\Windows\System32\cnyscp3c.dll [MD5.D6D49CAB147882FCB323BB3895BD0EDC] - |A| - [03/09/2015 01:42:16] - (.Copyright CANON INC. 2015 - SELPHY CP Family Status Monitor.) - [57.47 Ko] - (2.0.1.2) - C:\Windows\System32\cnyscp3e.dll [MD5.A38ED9DBDCCBF97C68BA89E0FB4A2582] - |A| - [03/09/2015 03:03:12] - (.Copyright CANON INC. 2015 - SELPHY CP Family Status Monitor.) - [58.47 Ko] - (2.0.1.2) - C:\Windows\System32\cnyscp3f.dll [MD5.AC47B1C89D9523A260A32335E524DB10] - |A| - [03/09/2015 03:03:16] - (.Copyright CANON INC. 2015 - SELPHY CP Family Status Monitor.) - [56.48 Ko] - (2.0.1.2) - C:\Windows\System32\cnyscp3g.dll [MD5.2A2CAE359DEDD3AA046050A34665BA87] - |A| - [03/09/2015 03:03:16] - (.Copyright CANON INC. 2015 - SELPHY CP Family Status Monitor.) - [56.48 Ko] - (2.0.1.2) - C:\Windows\System32\cnyscp3i.dll [MD5.9F3F5BFF5BC5A8F24980800575E7BB34] - |A| - [03/09/2015 03:03:18] - (.Copyright CANON INC. 2015 - SELPHY CP Family Status Monitor.) - [55.97 Ko] - (2.0.1.2) - C:\Windows\System32\cnyscp3j.dll [MD5.B043245052E7D00AC5C212DCB4BA4BDC] - |A| - [03/09/2015 03:03:20] - (.Copyright CANON INC. 2015 - SELPHY CP Family Status Monitor.) - [54.48 Ko] - (2.0.1.2) - C:\Windows\System32\cnyscp3k.dll [MD5.3E2E4D0BA6B21F62C6531C5DACC4B966] - |A| - [03/09/2015 03:03:20] - (.Copyright CANON INC. 2015 - SELPHY CP Family Status Monitor.) - [57.97 Ko] - (2.0.1.2) - C:\Windows\System32\cnyscp3r.dll [MD5.CBBBC418177E94F83E7F6D1ABFD28C87] - |A| - [03/09/2015 03:03:20] - (.Copyright CANON INC. 2015 - SELPHY CP Family Status Monitor.) - [58.47 Ko] - (2.0.1.2) - C:\Windows\System32\cnyscp3s.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:10] - [19665.34 Ko] - C:\Windows\System32\CodeIntegrity [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:10] - [357 Ko] - C:\Windows\System32\com [MD5.00000000000000000000000000000000] - |SD| - [06/05/2014 10:01:46] - [5028.19 Ko] - C:\Windows\System32\CompatTel [MD5.62B53E06F95506669CCB6D3810A88E51] - |A| - [31/12/2017 14:43:22] - (.2013 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [119.45 Ko] - (1.0.0.4) - C:\Windows\System32\CONEQMSAPOGUILibrary.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:10] - [421631.47 Ko] - C:\Windows\System32\config [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:10] - [683 Ko] - C:\Windows\System32\cs-CZ [MD5.8F061E65176FD673FC4B19CF1134E102] - |A| - [22/03/2012 21:11:54] - (.-.) - [12.7 Ko] - (0.0.0.0) - C:\Windows\System32\CsrSecCoins.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:10] - [678.5 Ko] - C:\Windows\System32\da-DK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:10] - [753.5 Ko] - C:\Windows\System32\de-DE [MD5.079B8AEB4A55BF8493BD1EC70285D920] - |ASH| - [14/07/2009 13:57:09] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\Windows\System32\desktop.ini [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:10] - [5307 Ko] - C:\Windows\System32\Dism [MD5.902179013800F311AFF57CD5F29BE346] - |A| - [16/05/2018 12:29:34] - (.Copyright (C) DivXNetworks 2001-2003 - DivX Video for Windows Codec.) - [624 Ko] - (5.0.5.830) - C:\Windows\System32\divx.dll [MD5.EFF71E68DD8F9DC0BBD89CD83153C336] - |A| - [16/05/2018 12:29:34] - (.Copyright © DivXNetworks, 2001-2003 - DivX (TM) Decoder Filter.) - [216.03 Ko] - (5.0.5.830) - C:\Windows\System32\divxdec.ax [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:10] - [87610.35 Ko] - C:\Windows\System32\drivers [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [2887875.25 Ko] - C:\Windows\System32\DriverStore [MD5.00000000000000000000000000000000] - |DC| - [07/05/2014 11:43:16] - [42.42 Ko] - C:\Windows\System32\DRVSTORE [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [748 Ko] - C:\Windows\System32\el-GR [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 17:17:52] - [1804 Ko] - C:\Windows\System32\en [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [34347.63 Ko] - C:\Windows\System32\en-US [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [710.5 Ko] - C:\Windows\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [160.5 Ko] - C:\Windows\System32\et-EE [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [668 Ko] - C:\Windows\System32\fi-FI [MD5.ABC8CDB1AA60D9D2F5260B069273F2D6] - |A| - [14/07/2009 13:45:34] - (.-.) - [297.65 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [731 Ko] - C:\Windows\System32\fr-FR [MD5.2AE808CB0D9A667B0CF41EA74B3B9BAC] - |A| - [11/06/2009 05:36:24] - (.-.) - [39.6 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs [MD5.5C7B8533FEC9E65368D14965EC4C9D8A] - |A| - [03/10/2012 16:14:56] - (.Copyright © 2000-2012 GEAR Software Inc. - GEARAspi.) - [122.92 Ko] - (2.1.3.1) - C:\Windows\System32\GEARAspi64.dll [MD5.00000000000000000000000000000000] - |HD| - [14/07/2009 12:20:11] - [0.27 Ko] - C:\Windows\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers [MD5.1E6438D4EA6E1174A3B3B1EDC4DE660B] - |AH| - [20/05/2014 10:33:50] - (.© LogMeIn, Inc. 2004-2009 - Hamachi Virtual Network Interface Driver.) - [33.06 Ko] - (7.0.1.1) - C:\Windows\System32\hamachi.sys [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [400 Ko] - C:\Windows\System32\he-IL [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [168 Ko] - C:\Windows\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [691 Ko] - C:\Windows\System32\hu-HU [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [5.36 Ko] - C:\Windows\System32\ias [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [36.27 Ko] - C:\Windows\System32\icsxml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [36875.94 Ko] - C:\Windows\System32\IME [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [0 Ko] - C:\Windows\System32\inetsrv [MD5.AAA0C03BF54FC8A4E895B576861A9848] - |A| - [21/11/2010 12:07:41] - (.-.) - [29.12 Ko] - (0.0.0.0) - C:\Windows\System32\InstallPackage_ETW.Log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [712 Ko] - C:\Windows\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [520.5 Ko] - C:\Windows\System32\ja-JP [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [516 Ko] - C:\Windows\System32\ko-KR [MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [14/07/2009 11:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\System32\korwbrkr.lex [MD5.69A0628BBE1A404B1BA0B6DCA7610A06] - |A| - [16/05/2018 12:29:34] - (.Copyright (C) 1997 Fraunhofer IIS - MPEG Layer-3 Audio Decoder.) - [96 Ko] - (1.9.0.311) - C:\Windows\System32\L3CODECX.AX [MD5.FA425C74CE2EB719B2A77A7A2ADDAE32] - |A| - [16/05/2018 12:29:34] - (.Copyright © 2011 - Lagarith.) - [211 Ko] - (1.3.27.0) - C:\Windows\System32\Lagarith.dll [MD5.5E6F49F657A509D079C60D08A2EE33A7] - |A| - [16/05/2018 12:29:34] - (.Copyright © 2005 Elecard Ltd. - LAME Audio Encoder.) - [240 Ko] - (1.0.54.50801) - C:\Windows\System32\lame.ax [MD5.E89C001FB4D9E08CC7072CE774CDB999] - |A| - [21/11/2010 11:52:07] - (.-.) - [0.01 Ko] - (0.0.0.0) - C:\Windows\System32\LocalGroupAdminAdd.log [MD5.563C3703A9B57CC9B370A76D6173D09C] - |A| - [21/11/2010 11:52:08] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\System32\Local_LLU.log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [2528.54 Ko] - C:\Windows\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [165 Ko] - C:\Windows\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [166 Ko] - C:\Windows\System32\lv-LV [MD5.00000000000000000000000000000000] - |D| - [07/05/2014 15:46:19] - [198.57 Ko] - C:\Windows\System32\Macromed [MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [14/07/2009 05:17:48] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\Windows\System32\manage-bde.wsf [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [1981.88 Ko] - C:\Windows\System32\manifeststore [MD5.0555A73AACDBDC43B3BD55D51F366FEA] - |A| - [31/12/2017 14:43:26] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [322.8 Ko] - (2.2.9.0) - C:\Windows\System32\MaxxAudioAPO20.dll [MD5.BB678631766E3E05A19E51B74EB00B13] - |A| - [31/12/2017 14:43:27] - (.Copyright © 1996-2014 -.) - [2002.13 Ko] - (4.1.1.0) - C:\Windows\System32\MaxxAudioEQ64.dll [MD5.3D90F8AEF34697D2AC495FBBF9D8F20C] - |A| - [31/12/2017 14:43:30] - (.Copyright (c) 2006-2016 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [1930.48 Ko] - (1.2.16.129) - C:\Windows\System32\MBAPO264.dll [MD5.2CEC53E370A14B4C9C5D3E99F0BFA3F7] - |A| - [31/12/2017 14:43:30] - (.Copyright (c) 2006-2010 Creative Technology Ltd. - Audio Processing Object Chaining Module.) - [400.41 Ko] - (1.0.0.270) - C:\Windows\System32\MBWrp64.dll [MD5.521F1463E9733FD867E097727DD90177] - |A| - [16/05/2018 12:29:34] - (.Main Concept Ltd. 1999-2001 - MainConcept DV Codec.) - [255.5 Ko] - (2.0.0.0) - C:\Windows\System32\mcdvd_32.dll [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 13:45:42] - [119.84 Ko] - C:\Windows\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [3465.93 Ko] - C:\Windows\System32\migration [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [37830.93 Ko] - C:\Windows\System32\migwiz [MD5.39E801545FFF6230C80140E0F8A06629] - |A| - [14/07/2009 13:57:09] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\Windows\System32\migwiz.lnk [MD5.18158A80FC9FAB608D6BB8FAE9FD5DA4] - |AH| - [02/07/2015 22:45:45] - (.-.) - [100.14 Ko] - (0.0.0.0) - C:\Windows\System32\mlfcache.dat [MD5.00000000000000000000000000000000] - |D| - [06/05/2014 09:38:45] - [0 Ko] - C:\Windows\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [4340.28 Ko] - C:\Windows\System32\Msdtc [MD5.D4C70F515F52228D81B80F62BF230D82] - |A| - [16/05/2018 12:29:37] - (.Copyright (c) Flash-Integro LLC, 2011-2019. - mslvddsfilter4 ActiveX DLL.) - [74.86 Ko] - (4.0.1.191) - C:\Windows\System32\mslvddsfilter4.ax [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [11.33 Ko] - C:\Windows\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [667 Ko] - C:\Windows\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [512 Ko] - C:\Windows\System32\NDF [MD5.CD48AD912839B9FB6CCA5D4AA9B37500] - |A| - [14/07/2009 07:01:19] - (.-.) - [21.3 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [85 Ko] - C:\Windows\System32\NetworkList [MD5.8E24A7BCAEF2045DA1FF29217622843E] - |A| - [21/11/2010 11:52:07] - (.-.) - [0.04 Ko] - (0.0.0.0) - C:\Windows\System32\Network_LLU.log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [716 Ko] - C:\Windows\System32\nl-NL [MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [14/07/2009 11:35:51] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\System32\noise.kor [MD5.FC2622CB73E942FD0D925D65328997F7] - |A| - [26/03/2019 12:54:47] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\Windows\System32\nv-vk64.json [MD5.48B8335172C9C11C329F79F81F1F96A8] - |A| - [26/03/2019 12:55:53] - (.-.) - [8326.53 Ko] - (0.0.0.0) - C:\Windows\System32\nvcoproc.bin [MD5.09DA733E9CB30636E86EBC60E24419C0] - |A| - [26/03/2019 12:54:47] - (.-.) - [45.92 Ko] - (0.0.0.0) - C:\Windows\System32\nvinfo.pb [MD5.A5A51098DC965DE96F47BB1EE573C573] - |A| - [26/03/2019 12:54:47] - (.-.) - [409.97 Ko] - (0.0.0.0) - C:\Windows\System32\nvofapi64.dll [MD5.B06517DFC0F6B538411C9EAD3C14BCF2] - |A| - [03/12/2017 22:14:53] - (.Copyright (c) 2004-2010 C-Media Electronics Inc. - C-Media Universal ASIO Driver.) - [51 Ko] - (2.0.0.3) - C:\Windows\System32\Onkyoasio64.dll [MD5.66C6C4DE196719B32A9666DD18091290] - |N| - [03/12/2017 22:17:42] - (.-.) - [0.06 Ko] - (0.0.0.0) - C:\Windows\System32\Onkyoasio64.ini [MD5.182F0AA2550B4F4E875E82DDDA91D38F] - |N| - [03/12/2017 22:17:42] - (.Copyright (C) 2010 - Vista Driver Installer.) - [787 Ko] - (1.0.1.6) - C:\Windows\System32\ONKYOHS.exe [MD5.2901049544FDF863362FABA2363EB647] - |A| - [14/07/2009 05:24:21] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\Windows\System32\onlinesetup.cmd [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [13231.26 Ko] - C:\Windows\System32\oobe [MD5.2AD7B4F3C8D2BB686D231EDFF404B7A4] - |A| - [01/09/2014 18:32:36] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [120.02 Ko] - (6.14.357.24) - C:\Windows\System32\OpenAL32.dll [MD5.564AC568B31E77531E459A0D0FECDD0D] - |A| - [14/07/2009 11:36:59] - (.-.) - [143.33 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [11/06/2009 05:33:35] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\System32\PerfCenterCpl.ico [MD5.7AAA3E23CE4C7845B112F7A79B110E60] - |A| - [14/07/2009 11:36:59] - (.-.) - [30.81 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat [MD5.85D0C2270A45400A21E82EC4818B15BF] - |A| - [14/07/2009 11:36:59] - (.-.) - [711.9 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat [MD5.81DDD56C25D90FAEF54224B4209CA950] - |A| - [14/07/2009 14:13:15] - (.-.) - [852.99 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [701.5 Ko] - C:\Windows\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 17:17:51] - [413.88 Ko] - C:\Windows\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [697 Ko] - C:\Windows\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [704.5 Ko] - C:\Windows\System32\pt-PT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:11] - [23.75 Ko] - C:\Windows\System32\ras [MD5.E0F2A0AB2E5DAF6C4DE252E87BF1CFA3] - |A| - [02/10/2018 17:02:01] - (.-.) - [9 Ko] - (0.0.0.0) - C:\Windows\System32\RdCi1003.dll [MD5.5256C93437B3BF1C2574A840205562C6] - |A| - [02/10/2018 17:02:01] - (.-.) - [55.5 Ko] - (0.0.0.0) - C:\Windows\System32\RDCP1003.CPL [MD5.24B2ADA395883FA03260D6DEB1B39869] - |A| - [31/12/2017 14:43:34] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [314.17 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DAA64.dll [MD5.6241068A334C45059492867DF7890588] - |A| - [31/12/2017 14:43:34] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [314.17 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DHT64.dll [MD5.00000000000000000000000000000000] - |D| - [09/12/2014 15:27:37] - [0 Ko] - C:\Windows\System32\RsFx [MD5.00000000000000000000000000000000] - |D| - [31/12/2017 14:43:55] - [213.47 Ko] - C:\Windows\System32\RTCOM [MD5.793408DA550E60C0CF1C760F4C49C1E1] - |A| - [31/12/2017 14:43:34] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [209.79 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEED64A.dll [MD5.6C41CFD7D8437E6DD597439164418BE9] - |A| - [31/12/2017 14:43:34] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [86.27 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEG64A.dll [MD5.28D25F2764B6DB8CE3E2B0707119E9C7] - |A| - [31/12/2017 14:43:34] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [108.38 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEL64A.dll [MD5.B817DB4E2172DA73044E7D64304363D8] - |A| - [31/12/2017 14:43:34] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [378.23 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEP64A.dll [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [21/11/2010 12:24:25] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml [MD5.C74D61FCA22F36791105D7878AF73572] - |A| - [11/06/2009 06:08:17] - (.-.) - [8.09 Ko] - (0.0.0.0) - C:\Windows\System32\spcinstrumentation.man [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:13] - [26875.5 Ko] - C:\Windows\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:13] - [60156.17 Ko] - C:\Windows\System32\spool [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:13] - [1891.03 Ko] - C:\Windows\System32\spp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:13] - [30.19 Ko] - C:\Windows\System32\sppui [MD5.533AEA09DC0DD18A5C8E23ECD3165153] - |A| - [06/05/2014 10:50:27] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\Windows\System32\spsys.log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:13] - [170 Ko] - C:\Windows\System32\sr-Latn-CS [MD5.69DEC334A320C6B6D9B3A09570741FAA] - |A| - [31/12/2017 14:43:37] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [204.62 Ko] - (1.1.0.0) - C:\Windows\System32\SRSHP64.dll [MD5.5951E1D28E558C338408DDDC02497B9D] - |A| - [31/12/2017 14:43:37] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [216.76 Ko] - (1.1.4.0) - C:\Windows\System32\SRSTSH64.dll [MD5.DCFEBC12609F7605EAEB2514ADEE16AD] - |A| - [31/12/2017 14:43:37] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [519.9 Ko] - (3.2.0.0) - C:\Windows\System32\SRSTSX64.dll [MD5.3D5F9EF9749AC9BFEE28C00E49FB689A] - |A| - [31/12/2017 14:43:37] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [162.3 Ko] - (1.1.3.0) - C:\Windows\System32\SRSWOW64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:13] - [680.5 Ko] - C:\Windows\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:13] - [137.38 Ko] - C:\Windows\System32\sysprep [MD5.5EC92F0EAE3CA59F647C3CA5AA7CB053] - |A| - [21/11/2010 12:24:36] - (.-.) - [339.75 Ko] - (0.0.0.0) - C:\Windows\System32\systemsf.ebd [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:13] - [268.58 Ko] - C:\Windows\System32\Tasks [MD5.47F22CAD4A16BB40153555D631546B94] - |A| - [11/06/2009 06:01:25] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:13] - [380 Ko] - C:\Windows\System32\th-TH [MD5.F712C8732001D6588FE59C63E0960847] - |A| - [29/01/2018 19:40:16] - (.Copyright (C) INCA Internet. 2000-2012 - Tachyon Kernel ACI DLL 1.0.) - [151.84 Ko] - (2012.8.21.1) - C:\Windows\System32\TKAciU64.dll [MD5.B6647D779BD20034286124C517BD5287] - |A| - [29/01/2018 19:40:16] - (.Copyright (C) INCA Internet. 2000-2016 - Tachyon Kernel Control Driver 1.0.) - [200.55 Ko] - (2016.1.27.1) - C:\Windows\System32\TKCtrl2k.sys [MD5.B76D55A00D95C8B4C5A4A141F8B0133F] - |A| - [29/01/2018 19:40:16] - (.Copyright (C) INCA Internet. 2000-2016 - Tachyon Kernel Control Driver 1.0.) - [143.79 Ko] - (2016.1.27.1) - C:\Windows\System32\TKCtrl2k64.sys [MD5.787AA2418F166E7C3C99AB7244B078E2] - |A| - [05/02/2016 11:05:34] - (.Copyright (C) INCA Internet. 2000-2014 - Tachyon Kernel Control DLL 1.0.) - [343.25 Ko] - (2014.10.23.1) - C:\Windows\System32\TKCtrlU64.dll [MD5.0FF5BC110227F375E3F52D5994DBA983] - |A| - [29/01/2018 19:40:16] - (.Copyright (C) INCA Internet. 2000-2013 - Tachyon MBR Protection Driver 2.0.) - [75.23 Ko] - (2013.10.10.1) - C:\Windows\System32\tkdacex2k.sys [MD5.71844C767E7EE4AEB1322C9606853029] - |A| - [29/01/2018 19:40:18] - (.Copyright (C) INCA Internet. 2000-2013 - Tachyon MBR Protection Driver 2.0.) - [49.73 Ko] - (2013.10.10.1) - C:\Windows\System32\tkdacex2k64.sys [MD5.80C9119836819C98B87A21987BE59673] - |A| - [14/09/2017 14:03:54] - (.Copyright (C) INCA Internet. 2000-2013 - Tachyon MBR Protection Driver Management Dll 2.0.) - [83.26 Ko] - (2013.5.30.1) - C:\Windows\System32\tkdacex64.dll [MD5.DF0DC8BCEB238101CDFFB95CF337291B] - |A| - [29/01/2018 19:40:16] - (.Copyright (C) INCA Internet. 2000-2013 - Tachyon MBR Protection Driver Management Dll 2.0.) - [84.76 Ko] - (2013.5.30.1) - C:\Windows\System32\tkdacexu64.dll [MD5.9B25C40B921E33E00D29299B6AE0DD49] - |A| - [07/03/2018 16:59:06] - (.Copyright (C) INCA Internet. 2000-2016 - Tachyon Anti-Virus Driver 2.0.) - [227.14 Ko] - (2017.8.2.1) - C:\Windows\System32\TKFsAv.sys [MD5.F222681D5FCB98100826BA2A16DC5489] - |A| - [07/03/2018 16:59:02] - (.Copyright (C) INCA Internet. 2000-2016 - Tachyon Anti-Virus Driver 2.0.) - [194.15 Ko] - (2017.8.2.1) - C:\Windows\System32\TKFsAv64.sys [MD5.E9761FADE0718D3B14BFBEBCBE66CDD0] - |A| - [16/01/2018 13:55:26] - (.Copyright (C) INCA Internet. 2000-2014 - Tachyon Anti-Virus Driver Management Dll 2.0.) - [272.57 Ko] - (2018.1.16.1) - C:\Windows\System32\TKFsAvMU64.dll [MD5.C3F389CAE7088CBCCFEC89879FF05304] - |A| - [07/03/2018 16:59:04] - (.Copyright (C) INCA Internet. 2000-2014 - Tachyon File System MiniFilter Driver 2.0.) - [25.24 Ko] - (2014.7.1.1) - C:\Windows\System32\TKFsFt.sys [MD5.50EA573555A02CF3FD2DDA56DF907D89] - |A| - [07/03/2018 16:59:02] - (.Copyright (C) INCA Internet. 2000-2014 - Tachyon File System MiniFilter Driver 2.0.) - [28.15 Ko] - (2014.7.1.1) - C:\Windows\System32\TKFsFt64.sys [MD5.C65176A42968C13DB53D8DD125A43F3B] - |A| - [29/01/2018 19:40:18] - (.Copyright (C) INCA Internet. 2000-2014 - Tachyon File System MiniFilter Driver Management Dll 2.0.) - [237.64 Ko] - (2014.7.14.1) - C:\Windows\System32\TKFsFtMU64.dll [MD5.7D5C9464829502C4F785383425930E31] - |A| - [29/01/2018 19:40:18] - (.Copyright(C) INCAInternet. 2000-2015 - Tachyon Firewall Core Driver.) - [159.47 Ko] - (2015.1.16.1) - C:\Windows\System32\TKFW.sys [MD5.CFE400EED6D8EDDFECC42E9C2328EDD5] - |A| - [29/01/2018 19:40:18] - (.Copyright(C) INCA Internet. 2000-2013 - Tachyon Firewall Filter Driver.) - [81.01 Ko] - (2013.8.7.1) - C:\Windows\System32\tkfwflt.sys [MD5.1DFA8D499BAEDD64A02BA131223E7DD2] - |A| - [29/01/2018 19:40:16] - (.-.) - [7.24 Ko] - (0.0.0.0) - C:\Windows\System32\TKFWFV.cat [MD5.A0D37811119C7077E569846409C676BE] - |A| - [29/01/2018 19:40:14] - (.-.) - [4.67 Ko] - (0.0.0.0) - C:\Windows\System32\TKFWFV.inf [MD5.FF178762663A7E5B78FE5F6E97664971] - |A| - [29/01/2018 19:40:14] - (.Copyright(C) INCA Internet. 2000-2010 - Tachyon Firewall LW Filter Driver.) - [31.09 Ko] - (2010.9.3.1) - C:\Windows\System32\TKFWFV.sys [MD5.03CA1284C0D1EC9F785CC2D99ECF4A69] - |A| - [29/01/2018 19:40:16] - (.-.) - [7.25 Ko] - (0.0.0.0) - C:\Windows\System32\TKFWFV64.cat [MD5.9638CBC32E752C61BE3D2AC5F128A572] - |A| - [29/01/2018 19:40:18] - (.Copyright(C) INCA Internet. 2000-2010 - Tachyon Firewall LW Filter Driver.) - [33.59 Ko] - (2010.9.3.1) - C:\Windows\System32\TKFWFV64.sys [MD5.525EF3DDAB2670DCC0CC6D4E6E21394A] - |A| - [29/01/2018 19:40:16] - (.Copyright(C) INCA Internet. 2000-2015 - Tachyon Firewall Core Driver.) - [158.91 Ko] - (2015.1.16.1) - C:\Windows\System32\tkfwvt.sys [MD5.D6CCCF67168FE2902F1BB92BEAB24F82] - |A| - [29/01/2018 19:40:18] - (.Copyright(C) INCA Internet. 2000-2015 - Tachyon Firewall Core Driver.) - [181.53 Ko] - (2015.1.16.1) - C:\Windows\System32\tkfwvt64.sys [MD5.4385E30F48A83DFAAF7CFDFF124B245F] - |A| - [29/01/2018 19:40:18] - (.Copyright (C) INCA Internet. 2000-2015 - Tachyon IDS Core Driver.) - [131.43 Ko] - (2015.1.16.1) - C:\Windows\System32\tkids.sys [MD5.69EF28822E72CD4146864F8CBA225B41] - |A| - [29/01/2018 19:40:16] - (.Copyright (C) INCA Internet. 2000-2015 - Tachyon IDS Core Driver 2.0.) - [86.99 Ko] - (2015.1.16.1) - C:\Windows\System32\TKIdsVt.sys [MD5.9E99D91709390EADB958B686EB823072] - |A| - [29/01/2018 19:40:14] - (.Copyright (C) INCA Internet. 2000-2015 - Tachyon IDS Core Driver 2.0.) - [103.11 Ko] - (2015.1.16.1) - C:\Windows\System32\TKIdsVt64.sys [MD5.2D941F545E65991077270DA9BFA225D6] - |A| - [29/01/2018 19:40:20] - (.Copyright (C) INCA Internet. 2000-2013 - Tachyon Process Control Filter Driver 1.0.) - [36.26 Ko] - (2013.12.16.1) - C:\Windows\System32\TKPcFtCb.sys [MD5.FCE5766FF34AEE062F3B307A5BE5DC44] - |A| - [30/01/2018 12:41:24] - (.Copyright (C) INCA Internet. 2000-2015 - Tachyon Process Control Filter Driver 1.0.) - [53.23 Ko] - (2017.4.12.1) - C:\Windows\System32\TKPcFtCb64.sys [MD5.AF5D31641DAE403C782D9ECD5E157527] - |A| - [30/01/2018 12:41:24] - (.Copyright (C) INCA Internet. 2000-2015 - Tachyon Process Control Filter Driver 1.0.) - [61.79 Ko] - (2017.4.12.1) - C:\Windows\System32\TKPcFtHk.sys [MD5.71252A997A8799439D573C9A12EAD4FE] - |A| - [07/03/2018 16:59:02] - (.Copyright (C) INCA Internet. 2000-2010 - Tachyon Process Control Filter Driver 1.0.) - [23.81 Ko] - (2011.9.23.1) - C:\Windows\System32\TKPcFtHk64.sys [MD5.3A125B5F43E1BB43A0B0A750446CF158] - |A| - [29/01/2018 19:40:18] - (.Copyright (C) INCA Internet. 2000-2015 - Tachyon Process Control Filter Driver Management Dll 1.0.) - [324.13 Ko] - (2015.2.13.1) - C:\Windows\System32\TKPcFtU64.dll [MD5.E9BD3C15003623C1550FC668541AF6F7] - |A| - [27/10/2017 13:59:28] - (.Copyright (C) INCA Internet. 2000-2015 - Tachyon Kernel Process Log Driver 1.0.) - [165.5 Ko] - (2017.10.27.1) - C:\Windows\System32\tkpl2k.sys [MD5.17E01A2845C192D52A0AD0FF1FD7E529] - |A| - [27/10/2017 13:59:28] - (.Copyright (C) INCA Internet. 2000-2015 - Tachyon Kernel Process Log Driver 1.0.) - [119.59 Ko] - (2017.10.27.1) - C:\Windows\System32\tkpl2k64.sys [MD5.4C75AB09DDE1124FE3FD1D2542519C3B] - |A| - [14/09/2017 14:03:52] - (.Copyright (C) INCA Internet. 2000-2013 - Tachyon Kernel Process Log Driver Management Dll 1.0.) - [84.76 Ko] - (2013.5.15.1) - C:\Windows\System32\tkpl64.dll [MD5.499D1DED7AFAEAAB4F4C6791BDBA5C42] - |A| - [29/01/2018 19:40:16] - (.Copyright (C) INCA Internet. 2000-2014 - Tachyon Kernel Process Log Driver Management Dll 1.0.) - [94.59 Ko] - (2014.3.14.1) - C:\Windows\System32\tkplu64.dll [MD5.D13BCBA7F36B96C18B5BF6A61F6BDBE7] - |A| - [30/01/2018 05:47:32] - (.Copyright (C) INCA Internet. 2000-2015 - Tachyon Registry Access Control Driver.) - [131.23 Ko] - (2017.4.25.1) - C:\Windows\System32\TKRgAc2k.sys [MD5.03BC4F28136DF99296D0D443573D5BA8] - |A| - [30/01/2018 05:47:28] - (.Copyright (C) INCA Internet. 2000-2015 - Tachyon Registry Access Control Driver.) - [113.05 Ko] - (2017.4.25.1) - C:\Windows\System32\TKRgAc2k64.sys [MD5.F0D5CD4C28628FFAFAE5A979D02CE2A4] - |A| - [14/09/2017 14:03:52] - (.Copyright (C) INCA Internet. 2000-2012 - Tachyon Registry Access Control Driver Management Dll 2.0.) - [208.81 Ko] - (2012.5.8.1) - C:\Windows\System32\TKRgAc64.dll [MD5.A264D8BC894408B4450547C01997222B] - |A| - [29/01/2018 19:40:18] - (.-.) - [42.39 Ko] - (0.0.0.0) - C:\Windows\System32\TKRgAc9x.vxd [MD5.C545B6617BFB93EBEBEB817D554DF3D9] - |A| - [29/01/2018 19:40:20] - (.Copyright (C) INCA Internet. 2000-2010 - Tachyon Registry Access Control Driver.) - [93.37 Ko] - (2010.12.1.1) - C:\Windows\System32\TKRgAcNt4.sys [MD5.53F003A9EFCDECF5C8F31F8703D8F29D] - |A| - [29/01/2018 19:40:16] - (.Copyright (C) INCA Internet. 2000-2014 - Tachyon Registry Access Control Driver Management Dll 2.0.) - [251.36 Ko] - (2014.6.9.1) - C:\Windows\System32\TKRgAcu64.dll [MD5.6DD73BDF34F2359FEEBEEDCF3D0F0887] - |A| - [30/01/2018 05:47:32] - (.Copyright (C) INCA Internet. 2000-2015 - Tachyon Registry Filter Driver.) - [80.07 Ko] - (2015.4.15.1) - C:\Windows\System32\TKRgFt2k.sys [MD5.AD194F08D1AA465951510DC7B9627DB2] - |A| - [14/09/2017 14:03:52] - (.Copyright (C) INCA Internet. 2000-2012 - Tachyon Registry Filter Driver Management Dll 1.0.) - [201.81 Ko] - (2012.5.8.1) - C:\Windows\System32\TKRgFt64.dll [MD5.A7357F05E8EB20FA3536020ED0CB93C0] - |A| - [29/01/2018 19:40:16] - (.-.) - [21.82 Ko] - (0.0.0.0) - C:\Windows\System32\TKRgFt9x.vxd [MD5.82C18F65B7C574A26D92CBB610C06A90] - |A| - [29/01/2018 19:40:18] - (.Copyright (C) INCA Internet. 2000-2010 - Tachyon Registry Filter Driver.) - [49.28 Ko] - (2010.12.1.1) - C:\Windows\System32\TKRgFtNt4.sys [MD5.1A0C10FA8D1906A441EDC622FB765448] - |A| - [30/01/2018 05:47:28] - (.Copyright (C) INCA Internet. 2000-2014 - Tachyon Registry Filter Driver Management Dll 1.0.) - [244.3 Ko] - (2017.4.25.1) - C:\Windows\System32\TKRgFtu64.dll [MD5.A33C7BA5C22D80CA9AA046C97C2818C2] - |A| - [04/02/2018 23:49:44] - (.Copyright (C) INCA Internet. 2000-2015 - Tachyon Registry Filter Driver(XP Later).) - [94.29 Ko] - (2018.2.5.1) - C:\Windows\System32\TKRgFtXp.sys [MD5.E3F72AA54D1BCF550925B4536FE0A0C3] - |A| - [04/02/2018 23:50:20] - (.Copyright (C) INCA Internet. 2000-2015 - Tachyon Registry Filter Driver(XP Later).) - [67.23 Ko] - (2018.2.5.1) - C:\Windows\System32\TKRgFtXp64.sys [MD5.62361E956A05DC51A3EB36B747D2E8EA] - |A| - [29/01/2018 19:40:18] - (.Copyright (C) INCA Internet. 2000-2010 - Tachyon Self-Protection Driver 1.0.) - [100.22 Ko] - (2010.11.8.1) - C:\Windows\System32\tksp2k.sys [MD5.1214502997A7880DD899CFCFA5451519] - |A| - [14/09/2017 14:03:54] - (.Copyright (C) INCA Internet. 2000-2010 - Tachyon Self-Protection Driver Management Dll 1.0.) - [76.09 Ko] - (2010.11.8.1) - C:\Windows\System32\tksp64.dll [MD5.4607FB4B709A1D980389AA452D43D8DB] - |A| - [29/01/2018 19:40:18] - (.Copyright (C) INCA Internet. 2000-2010 - Tachyon Self-Protection Driver Management Dll 1.0.) - [78.09 Ko] - (2010.11.8.1) - C:\Windows\System32\tkspu64.dll [MD5.4AFEB8809C9C70DCDE32D1FFAB12F7D3] - |A| - [29/01/2018 19:40:18] - (.Copyright (C) INCA Internet. 2000-2014 - Tachyon Self-Protection Driver 1.0.) - [103.88 Ko] - (2015.4.23.99) - C:\Windows\System32\tkspxp.sys [MD5.152651C32949B3515A13A6D4CF08218B] - |A| - [29/01/2018 19:40:16] - (.Copyright (C) INCA Internet. 2000-2014 - Tachyon Self-Protection Driver 1.0.) - [78.93 Ko] - (2015.4.23.99) - C:\Windows\System32\tkspxp64.sys [MD5.F17D9A5E726A510FFF69537DA2811701] - |A| - [29/01/2018 19:40:16] - (.Copyright (C) INCA Internet. 2000-2013 - Tachyon Tools Driver 1.0.) - [28.48 Ko] - (2013.4.17.1) - C:\Windows\System32\TKTool2k.sys [MD5.B86DAC7005D2DE3AF97E194B97E49DFD] - |A| - [29/01/2018 19:40:16] - (.Copyright (C) INCA Internet. 2000-2013 - Tachyon Tools Driver 1.0.) - [31.73 Ko] - (2013.4.17.1) - C:\Windows\System32\TKTool2k64.sys [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:13] - [661 Ko] - C:\Windows\System32\tr-TR [MD5.37EBD33D5AC9E2C4221CBAFC1A575C7A] - |A| - [01/11/2012 09:19:04] - (.Copyright (C) 2001-12 Paltiosoft Inc. - Show lincense dialog.(win64).) - [230.64 Ko] - (5.0.3.0) - C:\Windows\System32\UCOpgDlg.dll [MD5.B511427E5F3943444F5A095A6DBF0EB8] - |A| - [01/11/2012 09:29:44] - (.Copyright (C) 2001-12 Paltiosoft Inc. - UCOpgDlgRes.dll.) - [68.5 Ko] - (5.0.3.0) - C:\Windows\System32\UCOpgDlgRes.dll [MD5.21B46DA90E9DF39CD71A38F27FCF0504] - |A| - [01/11/2012 09:14:22] - (.Copyright (C) 2001-12 Paltiosoft Inc. - Utility functions.(win64).) - [67.5 Ko] - (5.0.3.0) - C:\Windows\System32\UCUtil50.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:13] - [166.5 Ko] - C:\Windows\System32\uk-UA [MD5.05F9840831C29F5BE93AD8BE810D5614] - |A| - [14/07/2009 13:45:37] - (.-.) - [18 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup.etl [MD5.F736AA948D0C3CBCE212B7B2CB0EF115] - |A| - [14/07/2009 13:45:37] - (.-.) - [45 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup000.etl [MD5.00000000000000000000000000000000] - |D| - [30/07/2018 18:38:46] - [2188.17 Ko] - C:\Windows\System32\unknown [MD5.DDD11D768F92694D43F15CB90E553C09] - |A| - [13/05/2014 10:42:08] - (.-.) - [251.59 Ko] - (5.1.100.1066) - C:\Windows\System32\unrar64.dll [MD5.83A083A42F97BCF3F8E016820178DDE2] - |A| - [16/05/2018 12:29:34] - (.Copyright © 1998, Voxware, Inc. - Voxware Audio Compression Manager Driver.) - [81 Ko] - (1.6.0.17) - C:\Windows\System32\vct3216.acm [MD5.FAC0D5B16EFA7376CA81047490187D0D] - |A| - [16/05/2018 12:29:34] - (.Copyright © 2000-3 ON2 Technologies - VP6 VIDEO FOR WINDOWS CODEC.) - [428 Ko] - (6.4.2.0) - C:\Windows\System32\vp6vfw.dll [MD5.22B58587CBCA0D73ADA9B1907B937121] - |A| - [26/03/2019 12:54:47] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [983.2 Ko] - (1.1.97.0) - C:\Windows\System32\vulkan-1-999-0-0-0.dll [MD5.22B58587CBCA0D73ADA9B1907B937121] - |A| - [26/03/2019 12:54:47] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [983.2 Ko] - (1.1.97.0) - C:\Windows\System32\vulkan-1.dll [MD5.AF63D535BB3981DD586DA7FD72F5508B] - |A| - [26/03/2019 12:54:47] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [279.7 Ko] - (1.1.97.0) - C:\Windows\System32\vulkaninfo-1-999-0-0-0.exe [MD5.AF63D535BB3981DD586DA7FD72F5508B] - |A| - [26/03/2019 12:54:47] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [279.7 Ko] - (1.1.97.0) - C:\Windows\System32\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [06/05/2014 10:54:00] - [1754.83 Ko] - C:\Windows\System32\Wat [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [48611.11 Ko] - C:\Windows\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 17:17:51] - [60.46 Ko] - C:\Windows\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [43337.04 Ko] - C:\Windows\System32\wdi [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [14/07/2009 06:54:15] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [0 Ko] - C:\Windows\System32\wfp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 14:32:38] - [0 Ko] - C:\Windows\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 14:32:38] - [73.5 Ko] - C:\Windows\System32\WinBioPlugIns [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 14:32:38] - [8584.71 Ko] - C:\Windows\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [116064 Ko] - C:\Windows\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 17:17:52] - [99.06 Ko] - C:\Windows\System32\winrm [MD5.549347BCD4AACD63243D78E8F869DBB1] - |A| - [01/09/2014 18:32:36] - (.Copyright © 2008 - OpenAL32.) - [455.52 Ko] - (2.2.0.5) - C:\Windows\System32\wrap_oal.dll [MD5.1D9FB9784F32276EFB43512A81217753] - |A| - [16/05/2018 12:29:34] - (.-.) - [52 Ko] - (0.0.0.0) - C:\Windows\System32\xvid.ax [MD5.0B86EF053161AA4AC3F973FE370EED96] - |A| - [16/05/2018 12:29:34] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\System32\xvidcore.dll [MD5.E8F602CA1E700496240CF07D9681D040] - |A| - [16/05/2018 12:29:34] - (.-.) - [136 Ko] - (0.0.0.0) - C:\Windows\System32\xvidvfw.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [448 Ko] - C:\Windows\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [258.5 Ko] - C:\Windows\System32\zh-HK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [451 Ko] - C:\Windows\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [09/12/2014 15:27:09] - [317.43 Ko] - C:\Windows\SysWOW64\1033 [MD5.59683D1E4CD0B1AD6AE32E1D627AE25F] - |A| - [09/01/2018 13:52:33] - (.Copyright © 2003 by fccHandler - AC-3 ACM Decompressor.) - [80 Ko] - (0.7.0.0) - C:\Windows\SysWOW64\AC3ACM.acm [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [2258.5 Ko] - C:\Windows\SysWOW64\AdvancedInstallers [MD5.8210141840CE237FBF40B6E26E2DD11D] - |A| - [09/01/2018 13:52:33] - (.NCT Company Copyright 1999 - 2001 - NCT ALF2CD Audio CODEC.) - [38 Ko] - (2.3.1.0) - C:\Windows\SysWOW64\alf2cd.acm [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [222 Ko] - C:\Windows\SysWOW64\ar-SA [MD5.93279C65865FE1A58269504204C2C52B] - |A| - [22/02/2017 21:13:48] - (.Alvaro Redondo - AR Button Control.) - [128 Ko] - (1.10.0.5) - C:\Windows\SysWOW64\ARButton.ocx [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [173 Ko] - C:\Windows\SysWOW64\bg-BG [MD5.B431F2725136A9A2B64ACD9CD6624D52] - |A| - [02/04/2010 05:33:34] - (.Copyright Brother Industries, Ltd 2004 - brlm03a.) - [24.71 Ko] - (1.0.6.3) - C:\Windows\SysWOW64\BRLM03A.DLL [MD5.822B31A9FC679366560BC4D416BBBB0E] - |A| - [09/08/2004 06:42:08] - (.Copyright (C) 2003,2004 Brother Industries, Ltd. - Wraper DLL for brlm03a(NT/2K/XP) / brif03a(9x).) - [76 Ko] - (1.0.0.182) - C:\Windows\SysWOW64\BRLMW03A.DLL [MD5.C0497C30E6976143CB46C016E8333707] - |A| - [09/08/2004 07:00:42] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\BRLMW03A.INI [MD5.38E5E24BEDE6F59AFC648CB7EF897D69] - |A| - [05/02/2010 02:42:32] - (.Copyright (C) 1999-2008 Brother Industries, Ltd. - BrMuSNMP.) - [176 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\BROSNMP.DLL [MD5.06872311905299BA7FE505CED6C1F99A] - |A| - [10/05/2010 08:45:58] - (.Copyright (C) 2000-2009 Brother Industries Ltd. - brrbtool.) - [101.3 Ko] - (0.1.5.0) - C:\Windows\SysWOW64\BRRBTOOL.EXE [MD5.954388D98B5CBFA1D32C5D43D5FA5275] - |A| - [17/01/2005 07:10:16] - (.-.) - [44 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\BRTCPCON.DLL [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot2 [MD5.55DD5A88D5227A3AFE7B11005F154EB5] - |A| - [07/01/2016 14:53:20] - (.Copyright Chilkat Software, Inc. - Chilkat RSA ActiveX.) - [1136 Ko] - (9.3.0.0) - C:\Windows\SysWOW64\ChilkatRsa.dll [MD5.2053537E97ED18016D75CA39015B07BD] - |A| - [21/07/1997 16:23:16] - (.Copyright © Iterated Systems, Inc. 1995-1997. - ClearVideo Decoder DLL.) - [198.5 Ko] - (1.3.0.1) - C:\Windows\SysWOW64\clrviddc.dll [MD5.FB23C977D78CEE707FEC17820B7686EA] - |A| - [21/07/1997 16:23:16] - (.Copyright © Iterated Systems, Inc. 1995-1997. - ClearVideo Decompressor Driver.) - [128.5 Ko] - (1.3.0.1) - C:\Windows\SysWOW64\clrviddd.dll [MD5.9ADD154CBC0EA85B55E414C35C58CEB1] - |A| - [03/05/2019 17:21:50] - (.Copyright (C) 2006 Sony DADC Austria AG - SecuROM context menu for Explorer..) - [105.61 Ko] - (1.1.219.0) - C:\Windows\SysWOW64\CmdLineExt.dll [MD5.38718C4E864DC8F8E1DB0EF3B5566FA7] - |A| - [21/05/2014 09:08:19] - (.Copyright (C) 2004/05 Sony DADC Austria AG - SecuROM Context-Menu for Explorer..) - [174.61 Ko] - (1.1.221.0) - C:\Windows\SysWOW64\CmdLineExt_x64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [302.5 Ko] - C:\Windows\SysWOW64\com [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [1417733.36 Ko] - C:\Windows\SysWOW64\config [MD5.7D6D5B7500BED56C68D318025E449267] - |A| - [22/02/2017 21:13:47] - (.-.) - [100 Ko] - (1.2.0.0) - C:\Windows\SysWOW64\cpvButton.ocx [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [450.5 Ko] - C:\Windows\SysWOW64\cs-CZ [MD5.FDEF330575C8C8EAD815F58BB7A93ED3] - |A| - [06/05/2014 10:33:01] - (.Copyright 2011 - CSVer.) - [52 Ko] - (9.4.0.1026) - C:\Windows\SysWOW64\CSVer.dll [MD5.367065AA3B34B4FEFFA8BE3C83075409] - |A| - [16/08/2017 11:20:49] - (.Copyright © 1994 WexTech Systems, Inc. - Doc-To-Help Hyperformance Tools DLL.) - [43.42 Ko] - (1.6.4.0) - C:\Windows\SysWOW64\D2HTOOLS.DLL [MD5.74529599302A2E09C30B1E119A0709F2] - |A| - [31/12/2017 15:57:58] - (.-.) - [484 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\D3DX8ab.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [446 Ko] - C:\Windows\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [481 Ko] - C:\Windows\SysWOW64\de-DE [MD5.56D8FC659F7A3E410EDF6A4C7E40ED81] - |A| - [11/06/1997 23:31:32] - (.Copyright © 1995 - 1996 - Decvw_32.) - [86.39 Ko] - (2.0.0.1) - C:\Windows\SysWOW64\decvw_32.dll [MD5.00000000000000000000000000000000] - |D| - [13/05/2014 09:14:19] - [0 Ko] - C:\Windows\SysWOW64\directx [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [4141.5 Ko] - C:\Windows\SysWOW64\Dism [MD5.902179013800F311AFF57CD5F29BE346] - |A| - [09/01/2018 13:52:33] - (.Copyright (C) DivXNetworks 2001-2003 - DivX Video for Windows Codec.) - [624 Ko] - (5.0.5.830) - C:\Windows\SysWOW64\divx.dll [MD5.EFF71E68DD8F9DC0BBD89CD83153C336] - |A| - [09/01/2018 13:52:33] - (.Copyright © DivXNetworks, 2001-2003 - DivX (TM) Decoder Filter.) - [216.03 Ko] - (5.0.5.830) - C:\Windows\SysWOW64\divxdec.ax [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [3500.45 Ko] - C:\Windows\SysWOW64\drivers [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [1.05 Ko] - C:\Windows\SysWOW64\DriverStore [MD5.00000000000000000000000000000000] - |D| - [30/01/2019 12:56:12] - [0 Ko] - C:\Windows\SysWOW64\ekudrpcy [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [478.5 Ko] - C:\Windows\SysWOW64\el-GR [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 17:17:52] - [1648 Ko] - C:\Windows\SysWOW64\en [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [31135.52 Ko] - C:\Windows\SysWOW64\en-US [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [468 Ko] - C:\Windows\SysWOW64\es-ES [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [160.5 Ko] - C:\Windows\SysWOW64\et-EE [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [448 Ko] - C:\Windows\SysWOW64\fi-FI [MD5.F6CEA89F337E77F662782F4331794678] - |A| - [22/02/2017 21:13:47] - (.© 2001 Florian Egel, FLOMIX Studios - Cool Graphic Routines.) - [64 Ko] - (3.3.0.1) - C:\Windows\SysWOW64\FoxCBmp3.dl [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [476 Ko] - C:\Windows\SysWOW64\fr-FR [MD5.498BD12B38B549887D9E856EB734354E] - |A| - [03/10/2012 16:14:58] - (.Copyright © 2000-2012 GEAR Software Inc. - GEARAspi.) - [104.42 Ko] - (2.1.3.1) - C:\Windows\SysWOW64\GEARAspi.dll [MD5.FB00273CF7CE639C136853F3FC04B10C] - |A| - [22/02/2017 21:13:48] - (.Copyright 1997 - Gif89 Module.) - [43.5 Ko] - (1.0.0.1) - C:\Windows\SysWOW64\Gif89.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [0.01 Ko] - C:\Windows\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [210 Ko] - C:\Windows\SysWOW64\he-IL [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [168 Ko] - C:\Windows\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [453.5 Ko] - C:\Windows\SysWOW64\hu-HU [MD5.FA2E1F09ED6C4C221E4513A7E815E13D] - |A| - [27/08/2013 14:00:08] - (.-.) - [1.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IusEventLog.dll [MD5.1CD396361AB475E8C46797D5DA622BFB] - |A| - [29/08/1997 15:46:16] - (.Copyright (C) Vivo Software 1997 - VivoActive H.263 Video Decompressor.) - [201.5 Ko] - (2.0.0.2) - C:\Windows\SysWOW64\ivvideo.dll [MD5.94A8EBD816A366041F8CCF5AFD3AB7DE] - |N| - [19/07/2017 14:33:25] - (.-.) - [55 Ko] - (1.20.15.1) - C:\Windows\SysWOW64\iyvu9_32.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [375.5 Ko] - C:\Windows\SysWOW64\ja-JP [MD5.9F90ABB82122AA9796CED77D0B9CDB31] - |A| - [06/08/2014 19:07:48] - (.Copyright © 2014 - Java(TM) Platform SE binary.) - [172.41 Ko] - (8.0.20.26) - C:\Windows\SysWOW64\java.exe [MD5.9976A25384786083866C4DB1810D5962] - |A| - [06/08/2014 19:07:48] - (.Copyright © 2014 - Java(TM) Platform SE binary.) - [172.41 Ko] - (8.0.20.26) - C:\Windows\SysWOW64\javaw.exe [MD5.3A54EE6C9C9908362AA34133DE667C99] - |A| - [06/08/2014 19:07:50] - (.Copyright © 2014 - Java(TM) Web Start Launcher.) - [265.91 Ko] - (11.20.2.26) - C:\Windows\SysWOW64\javaws.exe [MD5.6FBE94182B2B7038D5A3D58D0085C191] - |A| - [21/07/2014 07:34:06] - (.-.) - [4.38 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [371 Ko] - C:\Windows\SysWOW64\ko-KR [MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [14/07/2009 11:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\korwbrkr.lex [MD5.69A0628BBE1A404B1BA0B6DCA7610A06] - |A| - [09/01/2018 13:52:33] - (.Copyright (C) 1997 Fraunhofer IIS - MPEG Layer-3 Audio Decoder.) - [96 Ko] - (1.9.0.311) - C:\Windows\SysWOW64\L3CODECX.AX [MD5.FA425C74CE2EB719B2A77A7A2ADDAE32] - |A| - [09/01/2018 13:52:33] - (.Copyright © 2011 - Lagarith.) - [211 Ko] - (1.3.27.0) - C:\Windows\SysWOW64\Lagarith.dll [MD5.5E6F49F657A509D079C60D08A2EE33A7] - |A| - [09/01/2018 13:52:33] - (.Copyright © 2005 Elecard Ltd. - LAME Audio Encoder.) - [240 Ko] - (1.0.54.50801) - C:\Windows\SysWOW64\lame.ax [MD5.FA3E0A8BA3D210D80AC31AA02D2F5B6B] - |A| - [31/12/2017 15:57:58] - (.-.) - [2310.31 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\libfftw3-3.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 14:32:38] - [0 Ko] - C:\Windows\SysWOW64\LogFiles [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [165 Ko] - C:\Windows\SysWOW64\lt-LT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [166 Ko] - C:\Windows\SysWOW64\lv-LV [MD5.00000000000000000000000000000000] - |D| - [07/05/2014 15:46:20] - [270.17 Ko] - C:\Windows\SysWOW64\Macromed [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [1968.26 Ko] - C:\Windows\SysWOW64\manifeststore [MD5.CF75BB3F6F8D2EE7BA563BF5A9203591] - |A| - [14/07/2009 13:55:01] - (.-.) - [0.06 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mapisvc.inf [MD5.46B2789314A5327D88365E275101774B] - |A| - [31/12/2017 14:43:30] - (.Copyright (c) 2006-2016 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [1702.48 Ko] - (1.2.16.129) - C:\Windows\SysWOW64\MBAPO232.dll [MD5.521F1463E9733FD867E097727DD90177] - |A| - [09/01/2018 13:52:33] - (.Main Concept Ltd. 1999-2001 - MainConcept DV Codec.) - [255.5 Ko] - (2.0.0.0) - C:\Windows\SysWOW64\mcdvd_32.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [2638.43 Ko] - C:\Windows\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [32737.45 Ko] - C:\Windows\SysWOW64\migwiz [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [52.28 Ko] - C:\Windows\SysWOW64\Msdtc [MD5.F4033FB2016372EB53FBF55BCD26A5AE] - |A| - [09/01/2018 13:52:36] - (.Copyright (c) Flash-Integro LLC, 2011-2017. - mslvddsfilter4 ActiveX DLL.) - [64.18 Ko] - (4.0.1.126) - C:\Windows\SysWOW64\mslvddsfilter4.ax [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [11.33 Ko] - C:\Windows\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [441 Ko] - C:\Windows\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [0 Ko] - C:\Windows\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [51 Ko] - C:\Windows\SysWOW64\NetworkList [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [464.5 Ko] - C:\Windows\SysWOW64\nl-NL [MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [14/07/2009 11:35:50] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\noise.kor [MD5.D6D88492875B2D4C414764F04949B447] - |A| - [26/03/2019 12:54:47] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\nv-vk32.json [MD5.185F7B8528EC9AD3A2F8F96A1A90738C] - |A| - [26/03/2019 12:54:47] - (.-.) - [360.14 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\nvofapi.dll [MD5.AA1AB1827DBC306EF87E25B15E58EFE4] - |A| - [20/08/2016 22:07:42] - (.Copyright (c) 2004-2010 C-Media Electronics Inc. - C-Media Universal ASIO Driver.) - [296 Ko] - (2.0.0.3) - C:\Windows\SysWOW64\Onkyoasio.dll [MD5.7DB2C227D1336BB9F2DCD7491DE995B6] - |N| - [03/12/2017 22:17:42] - (.-.) - [0.06 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\Onkyoasio.ini [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [2566.05 Ko] - C:\Windows\SysWOW64\oobe [MD5.235355A8DD26903E75D5E812ECF50E53] - |A| - [01/09/2014 18:32:36] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [106.52 Ko] - (6.14.357.24) - C:\Windows\SysWOW64\OpenAL32.dll [MD5.F04ADF34F2D3C589D2E5635C68FA8B3D] - |A| - [07/01/2016 14:38:23] - (.Contains paintlib code. paintlib is copyright (c) 1996-2000 Ulrich von Zadow - PaintX Module.) - [444 Ko] - (1.0.5.0) - C:\Windows\SysWOW64\PaintX.dll [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [11/06/2009 06:17:19] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfCenterCpl.ico [MD5.68707866BEC08A2263C5C6F275CC4B08] - |A| - [06/05/2014 08:06:40] - (.-.) - [847.49 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [459 Ko] - C:\Windows\SysWOW64\pl-PL [MD5.5564EE004708EBB76086F6D66ACF60FF] - |A| - [08/07/2014 18:50:53] - (.-.) - [275.09 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PnkBstrB.ex0 [MD5.5564EE004708EBB76086F6D66ACF60FF] - |A| - [08/07/2014 19:10:27] - (.-.) - [275.09 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PnkBstrB.xtr [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 17:17:52] - [413.88 Ko] - C:\Windows\SysWOW64\Printing_Admin_Scripts [MD5.FF369A987B42849881C3200082B38562] - |A| - [03/05/2019 19:04:06] - (.-.) - [40 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\psfind.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [455 Ko] - C:\Windows\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [457.5 Ko] - C:\Windows\SysWOW64\pt-PT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [23.75 Ko] - C:\Windows\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [0.64 Ko] - C:\Windows\SysWOW64\Recovery [MD5.2C252C3DEB3E741765155F3EA86269EF] - |A| - [11/11/2018 22:06:37] - (.-.) - [29.17 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\report.txt [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 14:32:38] - [0 Ko] - C:\Windows\SysWOW64\restore [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [193 Ko] - C:\Windows\SysWOW64\ro-RO [MD5.00000000000000000000000000000000] - |D| - [31/12/2017 14:43:52] - [4737.64 Ko] - C:\Windows\SysWOW64\RTCOM [MD5.F3D8C7B0EFA313DAA9F7B2030652DA4B] - |A| - [21/06/2010 17:19:46] - (.Copyright (C) TOSHIBA/MEI 2000-2004 -.) - [36 Ko] - (1.1.3.40202) - C:\Windows\SysWOW64\SDDEVMGR.dll [MD5.3DAE7710A29EDB69D9B7AF9DE090C76E] - |A| - [22/10/2010 13:15:10] - (.Copyright (C) 2001-10 Paltiosoft Inc. - SdSys64.dll.) - [64 Ko] - (4.3.0.0) - C:\Windows\SysWOW64\sdsys64.dll [MD5.06BE40EBFEF9F7FA2ECB82F6F53E03CA] - |A| - [29/05/2018 16:33:07] - (.-.) - [20.67 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\serverlog.txt [MD5.FC2D004A73B067C2EB4AD4EA58FD3968] - |A| - [24/07/2018 16:14:06] - (.Copyright © 1996-98 Cendant Software, Inc. - WON DLL.) - [999 Ko] - (4.0.2.4) - C:\Windows\SysWOW64\SierraNW.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [169.5 Ko] - C:\Windows\SysWOW64\sk-SK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [166 Ko] - C:\Windows\SysWOW64\sl-SI [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 17:17:52] - [37.8 Ko] - C:\Windows\SysWOW64\slmgr [MD5.1ABABD4C9EF2BC81817B4D7D4D9AE539] - |A| - [24/07/2018 16:14:07] - (.Copyright © 1996-97 Cendant Software, Inc. - WON DLL.) - [226.5 Ko] - (4.0.2.4) - C:\Windows\SysWOW64\SNWValid.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [2800 Ko] - C:\Windows\SysWOW64\Speech [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [1142.37 Ko] - C:\Windows\SysWOW64\spp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [30.19 Ko] - C:\Windows\SysWOW64\sppui [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [170 Ko] - C:\Windows\SysWOW64\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [446.5 Ko] - C:\Windows\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 17:17:52] - [0 Ko] - C:\Windows\SysWOW64\sysprep [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [0 Ko] - C:\Windows\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [178.5 Ko] - C:\Windows\SysWOW64\th-TH [MD5.0D2DA91DC6EAD6CD57DF9F5B0E347B85] - |A| - [29/01/2018 19:40:08] - (.Copyright (C) INCA Internet. 2000-2012 - tkfwflt.dll.) - [224.31 Ko] - (2012.1.9.1) - C:\Windows\SysWOW64\tkfwfltU.dll [MD5.11D68A84FE7E9461108001FA303C74EB] - |A| - [29/01/2018 19:40:10] - (.Copyright (C) INCA Internet. 2000-2014 - TKFW.dll.) - [236.13 Ko] - (2015.7.23.1) - C:\Windows\SysWOW64\TKFWU.dll [MD5.2805AD9279163935BA327F8552CAF479] - |A| - [29/01/2018 19:40:10] - (.Copyright (C) INCA Internet. 2000-2012 - tkidsx.dll.) - [324.31 Ko] - (2012.1.9.1) - C:\Windows\SysWOW64\tkidsxU.dll [MD5.B57E61843319B30B464C0C758FF7C4AC] - |A| - [29/01/2018 19:40:10] - (.Copyright (C) INCA Internet. 2000-2010 - tknetcfg Application.) - [122.59 Ko] - (2010.5.13.1) - C:\Windows\SysWOW64\tknetcfg.exe [MD5.B8D4B9759145BF4809427D5A430015D5] - |A| - [29/01/2018 19:40:10] - (.Copyright (C) INCA Internet. 2000-2010 - tknetcfg Application.) - [128.59 Ko] - (2010.5.13.1) - C:\Windows\SysWOW64\tknetcfg64.exe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [442 Ko] - C:\Windows\SysWOW64\tr-TR [MD5.306567F477C44A5CD2253D482B34E671] - |A| - [01/11/2012 09:19:16] - (.Copyright (C) 2001-12 Paltiosoft Inc. - Show lincense dialog.(win32).) - [194.14 Ko] - (5.0.3.0) - C:\Windows\SysWOW64\UCOpgDlg.dll [MD5.F7F7D82476DCC651C56CEF7F0036275E] - |A| - [01/11/2012 09:29:44] - (.Copyright (C) 2001-12 Paltiosoft Inc. - UCOpgDlgRes.dll.) - [68.5 Ko] - (5.0.3.0) - C:\Windows\SysWOW64\UCOpgDlgRes.dll [MD5.084D51DE1C82A34D654D0C21D8732071] - |A| - [24/10/2005 10:13:12] - (.Copyright (C) 2001-5 Paltiosoft Inc. - UCUtil.dll.) - [64 Ko] - (3.6.0.0) - C:\Windows\SysWOW64\UCUtil32.dll [MD5.171E4B85C749E2EF271E316AA56E2428] - |A| - [16/01/2008 13:44:30] - (.Copyright (C) 2001-7 Paltiosoft Inc. - UCUtil.dll.) - [64 Ko] - (4.0.1.0) - C:\Windows\SysWOW64\UCUtil38.dll [MD5.78CD77F0FE61EDDFF34A5DF712393831] - |A| - [12/03/2010 14:19:20] - (.Copyright (C) 2001-10 Paltiosoft Inc. - UCUtil.dll.) - [72 Ko] - (4.2.8.0) - C:\Windows\SysWOW64\UCUtil41.dll [MD5.4544E9FC2DADEBF5A734984C56BF4627] - |A| - [01/11/2012 09:14:28] - (.Copyright (C) 2001-12 Paltiosoft Inc. - Utility functions.(win32).) - [56.5 Ko] - (5.0.3.0) - C:\Windows\SysWOW64\UCUtil50.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [166.5 Ko] - C:\Windows\SysWOW64\uk-UA [MD5.7B2220EC183EE8C019017E3EB5E67481] - |A| - [13/05/2014 10:42:08] - (.-.) - [213.09 Ko] - (5.1.100.1066) - C:\Windows\SysWOW64\unrar.dll [MD5.6AF52FE867E7FD00CBD64570759E4F93] - |A| - [07/01/2016 14:38:11] - (.Info-ZIP 1996-2002 - Info-ZIP's UnZip DLL for Win32.) - [96 Ko] - (1.1.0.0) - C:\Windows\SysWOW64\unzip.dll [MD5.C4C88245CC3EFE040A6EC74B9F360E5D] - |A| - [15/07/2014 09:42:09] - (.-.) - [11.43 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\Utility.xml [MD5.A3AB8E23580288F7421731E28A1491A1] - |A| - [07/01/2016 14:38:23] - (.© 1998-2000 Glenn Randers-Pehrson - PNG image compression library.) - [92 Ko] - (1.0.8.0) - C:\Windows\SysWOW64\vbpng.dll [MD5.83A083A42F97BCF3F8E016820178DDE2] - |A| - [09/01/2018 13:52:33] - (.Copyright © 1998, Voxware, Inc. - Voxware Audio Compression Manager Driver.) - [81 Ko] - (1.6.0.17) - C:\Windows\SysWOW64\vct3216.acm [MD5.2747673CA08DCD728F13467E5B80B3A4] - |A| - [11/06/1997 23:32:08] - (.Copyright © Voxware, Inc. 1995, 1996 - ToolVox RealTime Codec for Windows.) - [550.5 Ko] - (1.1.6.90) - C:\Windows\SysWOW64\vdk32116.dll [MD5.A7DD363BEFB97918E86F41751ED964FF] - |A| - [25/06/1997 12:28:36] - (.Copyright © Voxware, Inc. 1997 - Voxware 32 bit ACM Driver for Windows.) - [71.5 Ko] - (1.1.9.11) - C:\Windows\SysWOW64\vdk32119.acm [MD5.FFE77FBDC54B9A8ADA170F5D7B225026] - |A| - [25/06/1997 12:28:38] - (.© NTT 1996, © Voxware, Inc. 1995,1996,1997 - MetaSound Audio Codec for Windows.) - [410 Ko] - (1.1.32.195) - C:\Windows\SysWOW64\vdk3211w.dll [MD5.196EF12809D105981DEF93BFBD368E03] - |A| - [11/06/1997 23:32:18] - (.Copyright © 1995 - 1997 - Vdodec32.) - [77.5 Ko] - (2.1.0.3) - C:\Windows\SysWOW64\vdodec32.dll [MD5.9777B3FAD154FDA94AF066F7F8F07282] - |A| - [13/06/1997 04:22:50] - (.Copyright © 1994-1997 - vdowave.) - [80.5 Ko] - (2.1.1.2) - C:\Windows\SysWOW64\vdowave.drv [MD5.15BD0F8D507546F512EE5D73C3721FA8] - |A| - [14/07/2009 11:35:41] - (.Copyright © 2000 - vfpodbc.) - [20.05 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\vfpodbc.dll [MD5.43B5FE34A09D4F45737DE4279D3148E6] - |A| - [11/06/1997 23:32:20] - (.Copyright © 1997 - vivog723.) - [120 Ko] - (2.0.0.0) - C:\Windows\SysWOW64\vivog723.acm [MD5.FAC0D5B16EFA7376CA81047490187D0D] - |A| - [09/01/2018 13:52:33] - (.Copyright © 2000-3 ON2 Technologies - VP6 VIDEO FOR WINDOWS CODEC.) - [428 Ko] - (6.4.2.0) - C:\Windows\SysWOW64\vp6vfw.dll [MD5.46562D47E558273CA192BD2A61490DD7] - |A| - [26/03/2019 12:54:47] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [849.7 Ko] - (1.1.97.0) - C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll [MD5.46562D47E558273CA192BD2A61490DD7] - |A| - [26/03/2019 12:54:47] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [849.7 Ko] - (1.1.97.0) - C:\Windows\SysWOW64\vulkan-1.dll [MD5.AC0FBEFBD8CF2550AF975904384E65C2] - |A| - [26/03/2019 12:54:47] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [254.2 Ko] - (1.1.97.0) - C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe [MD5.AC0FBEFBD8CF2550AF975904384E65C2] - |A| - [26/03/2019 12:54:47] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [254.2 Ko] - (1.1.97.0) - C:\Windows\SysWOW64\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [06/05/2014 10:54:00] - [237.33 Ko] - C:\Windows\SysWOW64\Wat [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [8873.84 Ko] - C:\Windows\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 17:17:52] - [60.46 Ko] - C:\Windows\SysWOW64\WCN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [98.45 Ko] - C:\Windows\SysWOW64\wdi [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 14:32:38] - [8539.71 Ko] - C:\Windows\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 17:17:52] - [99.06 Ko] - C:\Windows\SysWOW64\winrm [MD5.D494267BC169604FAC5E3679B9A97FED] - |A| - [01/09/2014 18:32:36] - (.Copyright © 2008 - OpenAL32.) - [434.52 Ko] - (2.2.0.5) - C:\Windows\SysWOW64\wrap_oal.dll [MD5.1D9FB9784F32276EFB43512A81217753] - |A| - [09/01/2018 13:52:33] - (.-.) - [52 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xvid.ax [MD5.0B86EF053161AA4AC3F973FE370EED96] - |A| - [09/01/2018 13:52:33] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xvidcore.dll [MD5.E8F602CA1E700496240CF07D9681D040] - |A| - [09/01/2018 13:52:33] - (.-.) - [136 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xvidvfw.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [343.5 Ko] - C:\Windows\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [255.5 Ko] - C:\Windows\SysWOW64\zh-HK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 12:20:14] - [344 Ko] - C:\Windows\SysWOW64\zh-TW [MD5.5161648A3A88C31FBECB0FE59552E72C] - |A| - [07/01/2016 14:38:11] - (.(C) 1995-2003 Jean-loup Gailly & Mark Adler - zlib data compression library.) - [70.5 Ko] - (1.2.1.0) - C:\Windows\SysWOW64\zlib.dll ---------- | [mimy] [16/11/2017 07:08:55] - |D| - [3116] - C:\Users\mimy\.android [15/11/2017 20:41:00] - |D| - [52942351] - C:\Users\mimy\.AndroidStudio3.0 [17/05/2014 08:05:36] - |D| - [16] - C:\Users\mimy\.appwork [23/05/2018 08:15:23] - |D| - [161765] - C:\Users\mimy\.DMMGamePlayer [21/05/2014 12:56:14] - |D| - [417810] - C:\Users\mimy\.gimp-2.8 [15/11/2017 20:46:32] - |D| - [351395638] - C:\Users\mimy\.gradle [01/07/2015 20:23:47] - |A| - [40] - C:\Users\mimy\.gtk-bookmarks [21/05/2014 12:57:11] - |D| - [192624] - C:\Users\mimy\.thumbnails [15/11/2017 20:46:30] - |D| - [185438] - C:\Users\mimy\AndroidStudioProjects [15/11/2017 20:09:26] - |D| - [0] - C:\Users\mimy\Andy [15/02/2017 14:59:39] - |D| - [0] - C:\Users\mimy\ansel [06/05/2014 07:41:49] - |HD| - [14899953748] - C:\Users\mimy\AppData [06/05/2014 07:41:49] - |SHD| - [0] - C:\Users\mimy\Application Data [29/07/2015 11:26:16] - |A| - [23457] - C:\Users\mimy\BDcoll.gcs [06/05/2014 07:41:52] - |RD| - [45007] - C:\Users\mimy\Contacts [06/05/2014 07:41:49] - |SHD| - [0] - C:\Users\mimy\Cookies [06/05/2014 07:41:49] - |RD| - [230389354] - C:\Users\mimy\Desktop [06/05/2014 07:41:49] - |RD| - [1673699945] - C:\Users\mimy\Documents [06/05/2014 07:41:49] - |RD| - [5180594] - C:\Users\mimy\Downloads [06/05/2014 07:41:49] - |RD| - [3551] - C:\Users\mimy\Favorites [25/06/2019 08:39:37] - |A| - [622] - C:\Users\mimy\Last session mimy.prj [06/05/2014 07:41:49] - |RD| - [2292] - C:\Users\mimy\Links [06/05/2014 07:41:49] - |SHD| - [0] - C:\Users\mimy\Local Settings [06/05/2014 07:41:49] - |RD| - [504] - C:\Users\mimy\Music [06/05/2014 07:41:49] - |SHD| - [0] - C:\Users\mimy\My Documents [06/05/2014 07:41:49] - |SHD| - [0] - C:\Users\mimy\NetHood [06/05/2014 07:41:49] - |ASH| - [4456448] - C:\Users\mimy\NTUSER.DAT [06/05/2014 07:41:49] - |ASH| - [262144] - C:\Users\mimy\ntuser.dat.LOG1 [06/05/2014 07:41:49] - |ASH| - [0] - C:\Users\mimy\ntuser.dat.LOG2 [06/05/2014 07:41:49] - |ASH| - [65536] - C:\Users\mimy\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [06/05/2014 07:41:49] - |ASH| - [524288] - C:\Users\mimy\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [06/05/2014 07:41:49] - |ASH| - [524288] - C:\Users\mimy\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [06/05/2014 07:41:49] - |SH| - [20] - C:\Users\mimy\ntuser.ini [06/05/2014 07:41:49] - |RD| - [17400] - C:\Users\mimy\Pictures [06/05/2014 07:41:49] - |SHD| - [0] - C:\Users\mimy\PrintHood [06/05/2014 07:41:49] - |SHD| - [0] - C:\Users\mimy\Recent [14/10/2015 18:10:41] - |RD| - [282] - C:\Users\mimy\Saved Games [24/05/2014 08:17:46] - |A| - [492] - C:\Users\mimy\SciTE.recent [06/05/2014 07:41:58] - |RD| - [1020] - C:\Users\mimy\Searches [06/05/2014 07:41:49] - |SHD| - [0] - C:\Users\mimy\SendTo [06/05/2014 07:41:49] - |SHD| - [0] - C:\Users\mimy\Start Menu [20/05/2014 22:54:43] - |A| - [0] - C:\Users\mimy\Sti_Trace.log [06/05/2014 07:41:49] - |SHD| - [0] - C:\Users\mimy\Templates [06/05/2014 07:41:49] - |RD| - [614904] - C:\Users\mimy\Videos [20/01/2019 22:33:47] - |RD| - [442] - C:\Users\mimy\Virtual Machines [06/05/2014 07:41:49] - |D| - [5244807447] - C:\Users\mimy\AppData\Local [06/05/2014 07:41:49] - |D| - [14561058] - C:\Users\mimy\AppData\LocalLow [06/05/2014 07:41:49] - |D| - [9640585243] - C:\Users\mimy\AppData\Roaming [24/06/2014 07:54:27] - |D| - [28226707] - C:\Users\mimy\AppData\Local\Adobe [16/09/2019 22:22:33] - |D| - [10619] - C:\Users\mimy\AppData\Local\Aegisub [15/06/2016 14:52:26] - |D| - [5082] - C:\Users\mimy\AppData\Local\AGS [15/11/2017 20:41:43] - |D| - [1421788342] - C:\Users\mimy\AppData\Local\Android [30/08/2016 15:02:07] - |D| - [0] - C:\Users\mimy\AppData\Local\Apple [30/08/2016 15:02:30] - |D| - [5708330] - C:\Users\mimy\AppData\Local\Apple Computer [06/05/2014 07:41:49] - |SHD| - [0] - C:\Users\mimy\AppData\Local\Application Data [11/11/2018 22:06:22] - |D| - [30254695] - C:\Users\mimy\AppData\Local\Bethesda.net Launcher [02/11/2016 14:14:38] - |D| - [0] - C:\Users\mimy\AppData\Local\Black_Tree_Gaming [24/07/2018 17:16:52] - |D| - [125840] - C:\Users\mimy\AppData\Local\BloodstainedRotN [15/11/2017 20:53:55] - |D| - [765563] - C:\Users\mimy\AppData\Local\Bluestacks [14/01/2015 10:36:26] - |D| - [0] - C:\Users\mimy\AppData\Local\calibre-cache [09/09/2015 08:45:39] - |D| - [9420690] - C:\Users\mimy\AppData\Local\CEF [16/12/2016 22:42:45] - |D| - [40] - C:\Users\mimy\AppData\Local\Chromium [05/04/2016 14:37:56] - |D| - [161104154] - C:\Users\mimy\AppData\Local\CrashDumps [13/11/2018 09:53:23] - |D| - [193331] - C:\Users\mimy\AppData\Local\CrashReportClient [30/08/2016 15:03:27] - |D| - [0] - C:\Users\mimy\AppData\Local\CrashRpt [06/05/2014 10:28:52] - |D| - [0] - C:\Users\mimy\AppData\Local\Diagnostics [03/08/2016 12:02:44] - |D| - [5957] - C:\Users\mimy\AppData\Local\Disc_Soft_Ltd [23/05/2018 08:15:34] - |D| - [0] - C:\Users\mimy\AppData\Local\DMMGamePlayer [16/08/2017 11:19:43] - |D| - [11437] - C:\Users\mimy\AppData\Local\DOSBox [14/04/2015 19:31:22] - |D| - [6413824] - C:\Users\mimy\AppData\Local\Downloaded Installations [06/05/2014 11:17:51] - |D| - [0] - C:\Users\mimy\AppData\Local\ElevatedDiagnostics [13/11/2018 09:53:22] - |D| - [1197811] - C:\Users\mimy\AppData\Local\EpicGamesLauncher [03/10/2018 22:08:30] - |D| - [1396081] - C:\Users\mimy\AppData\Local\Eushully [02/11/2016 09:25:00] - |D| - [2159] - C:\Users\mimy\AppData\Local\Fallout4 [21/05/2014 12:56:14] - |D| - [2911892] - C:\Users\mimy\AppData\Local\fontconfig [13/12/2017 14:40:05] - |D| - [3540] - C:\Users\mimy\AppData\Local\FreemakeVideoConverter [12/06/2015 23:32:08] - |D| - [41984] - C:\Users\mimy\AppData\Local\GalaxyCommunicationService [06/05/2014 08:37:23] - |A| - [66392] - C:\Users\mimy\AppData\Local\GDIPFONTCACHEV1.DAT [21/05/2014 12:56:14] - |D| - [660] - C:\Users\mimy\AppData\Local\gegl-0.2 [10/06/2014 09:38:44] - |D| - [3135] - C:\Users\mimy\AppData\Local\Google [21/05/2014 12:57:17] - |D| - [202] - C:\Users\mimy\AppData\Local\gtk-2.0 [06/05/2014 07:41:49] - |SHD| - [0] - C:\Users\mimy\AppData\Local\History [01/12/2014 00:05:52] - |AH| - [7949849] - C:\Users\mimy\AppData\Local\IconCache.db [11/11/2018 23:09:39] - |D| - [609] - C:\Users\mimy\AppData\Local\id Software [30/01/2019 12:54:17] - |A| - [140800] - C:\Users\mimy\AppData\Local\installer.dat [06/05/2014 18:17:19] - |D| - [1875] - C:\Users\mimy\AppData\Local\Intel_Corporation [27/02/2019 11:44:42] - |D| - [42695] - C:\Users\mimy\AppData\Local\Ironclad Games [12/02/2019 09:16:01] - |D| - [66] - C:\Users\mimy\AppData\Local\JDownloader 2.0 [03/01/2016 09:55:12] - |A| - [1] - C:\Users\mimy\AppData\Local\llftool.4.40.agreement [20/05/2014 10:33:52] - |D| - [0] - C:\Users\mimy\AppData\Local\LogMeIn [07/05/2014 16:24:24] - |D| - [0] - C:\Users\mimy\AppData\Local\Macromedia [05/12/2018 19:33:10] - |D| - [813864] - C:\Users\mimy\AppData\Local\mbam [05/12/2018 19:32:46] - |D| - [235676] - C:\Users\mimy\AppData\Local\mbamtray [24/08/2018 22:37:23] - |D| - [0] - C:\Users\mimy\AppData\Local\Mega Limited [06/05/2014 07:41:49] - |D| - [2492585922] - C:\Users\mimy\AppData\Local\Microsoft [26/03/2019 14:32:23] - |D| - [281164346] - C:\Users\mimy\AppData\Local\Mozilla [30/07/2018 18:27:46] - |D| - [0] - C:\Users\mimy\AppData\Local\Novabench [06/05/2014 08:07:48] - |D| - [32319] - C:\Users\mimy\AppData\Local\NVIDIA [06/05/2014 08:09:31] - |D| - [4722735] - C:\Users\mimy\AppData\Local\NVIDIA Corporation [21/04/2015 16:33:51] - |H| - [8288] - C:\Users\mimy\AppData\Local\Plugin.dat [06/05/2014 10:32:30] - |D| - [0] - C:\Users\mimy\AppData\Local\Programs [08/08/2017 15:58:58] - |A| - [847] - C:\Users\mimy\AppData\Local\recently-used.xbel [07/09/2016 17:21:15] - |A| - [7602] - C:\Users\mimy\AppData\Local\Resmon.ResmonCfg [23/06/2016 22:27:44] - |D| - [2908] - C:\Users\mimy\AppData\Local\RON [30/01/2019 12:54:17] - |A| - [722944] - C:\Users\mimy\AppData\Local\sham.db [12/08/2017 22:24:09] - |D| - [0] - C:\Users\mimy\AppData\Local\Sony Corporation [27/02/2019 11:00:09] - |D| - [0] - C:\Users\mimy\AppData\Local\Stardock [06/09/2016 17:02:11] - |D| - [344768839] - C:\Users\mimy\AppData\Local\Steam [06/05/2014 07:41:49] - |D| - [434590931] - C:\Users\mimy\AppData\Local\Temp [06/05/2014 07:41:49] - |SHD| - [0] - C:\Users\mimy\AppData\Local\Temporary Internet Files [18/06/2018 11:06:29] - |D| - [5723473] - C:\Users\mimy\AppData\Local\Thunderbird [27/02/2018 17:54:15] - |D| - [33304] - C:\Users\mimy\AppData\Local\TombRaiderDOX [04/04/2017 21:12:21] - |D| - [0] - C:\Users\mimy\AppData\Local\Ubisoft Game Launcher [27/02/2018 17:54:15] - |D| - [133] - C:\Users\mimy\AppData\Local\UnrealEngine [13/11/2018 09:53:23] - |D| - [0] - C:\Users\mimy\AppData\Local\UnrealEngineLauncher [06/05/2014 07:41:51] - |D| - [1161042] - C:\Users\mimy\AppData\Local\VirtualStore [06/05/2014 21:02:57] - |D| - [940] - C:\Users\mimy\AppData\Local\WDSetup [13/12/2017 15:00:44] - |D| - [0] - C:\Users\mimy\AppData\Local\WMTools Downloaded Files [01/01/2018 08:39:00] - |D| - [82] - C:\Users\mimy\AppData\Local\Wondershare [04/12/2018 07:54:06] - |D| - [436890] - C:\Users\mimy\AppData\Local\ZHP [10/06/2014 10:46:29] - |D| - [7352807] - C:\Users\mimy\AppData\LocalLow\Adobe [10/06/2014 09:39:07] - |D| - [172814] - C:\Users\mimy\AppData\LocalLow\Google [26/08/2018 22:44:32] - |D| - [791020] - C:\Users\mimy\AppData\LocalLow\KISS [30/01/2019 12:58:43] - |D| - [238] - C:\Users\mimy\AppData\LocalLow\MAL [06/05/2014 07:47:57] - |D| - [3818404] - C:\Users\mimy\AppData\LocalLow\Microsoft [16/11/2016 18:13:13] - |D| - [2400256] - C:\Users\mimy\AppData\LocalLow\Mozilla [01/02/2017 08:27:32] - |D| - [25504] - C:\Users\mimy\AppData\LocalLow\Sun [11/01/2017 17:19:11] - |D| - [15] - C:\Users\mimy\AppData\LocalLow\Unity [11/01/2017 17:19:12] - |D| - [0] - C:\Users\mimy\AppData\Roaming\.mono [28/06/2014 07:35:25] - |D| - [2073125] - C:\Users\mimy\AppData\Roaming\AccurateRip [07/05/2014 16:24:24] - |D| - [10137574] - C:\Users\mimy\AppData\Roaming\Adobe [16/09/2019 22:22:16] - |D| - [67350] - C:\Users\mimy\AppData\Roaming\Aegisub [15/11/2017 20:09:19] - |D| - [184] - C:\Users\mimy\AppData\Roaming\Andy [24/10/2018 18:18:30] - |D| - [7445627] - C:\Users\mimy\AppData\Roaming\Anvsoft [07/05/2014 11:43:18] - |D| - [2063067723] - C:\Users\mimy\AppData\Roaming\Apple Computer [21/02/2017 14:17:24] - |D| - [119796] - C:\Users\mimy\AppData\Roaming\Blender Foundation [21/05/2014 11:16:01] - |RD| - [112] - C:\Users\mimy\AppData\Roaming\Brother [25/06/2019 08:21:05] - |D| - [2054] - C:\Users\mimy\AppData\Roaming\BzEditor [14/01/2015 10:35:12] - |D| - [292936] - C:\Users\mimy\AppData\Roaming\calibre [23/05/2018 08:15:42] - |D| - [6144] - C:\Users\mimy\AppData\Roaming\com.dmm.Main [13/10/2016 22:51:17] - |D| - [0] - C:\Users\mimy\AppData\Roaming\Crystal Dynamics [14/05/2014 15:07:56] - |D| - [0] - C:\Users\mimy\AppData\Roaming\DAEMON Tools Lite [14/05/2014 10:05:54] - |D| - [0] - C:\Users\mimy\AppData\Roaming\DMCache [10/11/2015 18:57:38] - |D| - [6344] - C:\Users\mimy\AppData\Roaming\DS4Windows [19/05/2015 08:47:53] - |D| - [0] - C:\Users\mimy\AppData\Roaming\DSDCS [24/06/2019 23:29:19] - |D| - [71] - C:\Users\mimy\AppData\Roaming\Dump4w [28/06/2014 07:35:27] - |D| - [6594560] - C:\Users\mimy\AppData\Roaming\EAC [06/05/2014 21:03:54] - |D| - [149862311] - C:\Users\mimy\AppData\Roaming\FdSoft [18/06/2014 10:19:03] - |D| - [20360] - C:\Users\mimy\AppData\Roaming\FileZilla [29/06/2015 08:30:03] - |D| - [56079031] - C:\Users\mimy\AppData\Roaming\Filmotech_prefs [17/03/2016 22:40:59] - |D| - [4045979] - C:\Users\mimy\AppData\Roaming\FiraxisLive [15/08/2014 23:05:34] - |D| - [411] - C:\Users\mimy\AppData\Roaming\FlacSquisher [09/01/2018 13:58:17] - |D| - [13845520] - C:\Users\mimy\AppData\Roaming\FlashIntegro [16/09/2019 22:22:24] - |D| - [670292] - C:\Users\mimy\AppData\Roaming\fontconfig [25/06/2014 14:09:52] - |D| - [4772417] - C:\Users\mimy\AppData\Roaming\foobar2000 [07/07/2015 15:36:27] - |A| - [35] - C:\Users\mimy\AppData\Roaming\gcstar.log [26/03/2019 14:25:32] - |D| - [8129] - C:\Users\mimy\AppData\Roaming\Geek Uninstaller [13/02/2019 17:27:47] - |D| - [330934] - C:\Users\mimy\AppData\Roaming\HandBrake [06/05/2014 07:41:52] - |D| - [0] - C:\Users\mimy\AppData\Roaming\Identities [03/06/2014 22:28:00] - |D| - [4981315] - C:\Users\mimy\AppData\Roaming\ImgBurn [19/05/2015 08:52:25] - |D| - [5674] - C:\Users\mimy\AppData\Roaming\InputMapper [20/05/2014 22:51:35] - |D| - [0] - C:\Users\mimy\AppData\Roaming\InstallShield [05/09/2014 08:48:58] - |D| - [3072] - C:\Users\mimy\AppData\Roaming\java [07/05/2014 16:24:24] - |D| - [2141] - C:\Users\mimy\AppData\Roaming\Macromedia [02/09/2014 19:49:47] - |D| - [932] - C:\Users\mimy\AppData\Roaming\Mael [06/05/2014 07:41:49] - |D| - [0] - C:\Users\mimy\AppData\Roaming\Media Center Programs [01/05/2016 14:05:09] - |D| - [0] - C:\Users\mimy\AppData\Roaming\Mediatronic [06/05/2014 07:41:49] - |SD| - [2909632] - C:\Users\mimy\AppData\Roaming\Microsoft [13/10/2016 08:22:42] - |D| - [173] - C:\Users\mimy\AppData\Roaming\ModLauncherWPF [23/03/2019 22:21:29] - |D| - [109163368] - C:\Users\mimy\AppData\Roaming\Mozilla [25/06/2014 22:09:04] - |D| - [67267] - C:\Users\mimy\AppData\Roaming\Mp3tag [21/01/2015 23:14:45] - |D| - [94] - C:\Users\mimy\AppData\Roaming\MPC-HC [15/08/2014 22:39:38] - |D| - [262144] - C:\Users\mimy\AppData\Roaming\NCH Software [20/07/2017 22:48:28] - |D| - [11057541] - C:\Users\mimy\AppData\Roaming\Nitroplus [30/07/2018 18:27:46] - |D| - [24576] - C:\Users\mimy\AppData\Roaming\Novabench [27/03/2019 10:57:11] - |D| - [0] - C:\Users\mimy\AppData\Roaming\NVIDIA [01/01/2018 20:43:36] - |D| - [372889] - C:\Users\mimy\AppData\Roaming\obs-studio [07/05/2014 08:53:24] - |D| - [23984083] - C:\Users\mimy\AppData\Roaming\OpenOffice [30/08/2016 13:16:17] - |D| - [0] - C:\Users\mimy\AppData\Roaming\Opera [24/02/2017 07:06:29] - |D| - [1324] - C:\Users\mimy\AppData\Roaming\RenPy [29/07/2019 22:51:08] - |D| - [220] - C:\Users\mimy\AppData\Roaming\Revision_Config_Patcher [03/05/2019 08:03:36] - |D| - [102071296] - C:\Users\mimy\AppData\Roaming\RSI Launcher [03/05/2019 08:04:10] - |D| - [9951915] - C:\Users\mimy\AppData\Roaming\rsilauncher [16/08/2017 10:13:32] - |D| - [44581] - C:\Users\mimy\AppData\Roaming\ScummVM [21/05/2014 14:39:02] - |RHD| - [23912] - C:\Users\mimy\AppData\Roaming\SecuROM [29/08/2017 13:45:34] - |D| - [102311] - C:\Users\mimy\AppData\Roaming\Sierra [23/05/2018 17:23:30] - |D| - [0] - C:\Users\mimy\AppData\Roaming\Sony Corporation [30/08/2016 15:03:26] - |D| - [35817831] - C:\Users\mimy\AppData\Roaming\SyncDroid [30/08/2016 15:03:27] - |D| - [186884478] - C:\Users\mimy\AppData\Roaming\Syncios [30/08/2016 15:03:26] - |D| - [38270025] - C:\Users\mimy\AppData\Roaming\Syncios Data Transfer [18/06/2018 11:06:29] - |D| - [5849852275] - C:\Users\mimy\AppData\Roaming\Thunderbird [12/04/2017 19:50:58] - |D| - [0] - C:\Users\mimy\AppData\Roaming\uplay [14/06/2016 15:29:33] - |D| - [4290900] - C:\Users\mimy\AppData\Roaming\WindSolutions [07/05/2014 09:11:40] - |D| - [12] - C:\Users\mimy\AppData\Roaming\WinRAR [29/01/2019 13:57:12] - |D| - [0] - C:\Users\mimy\AppData\Roaming\wxmedit [19/12/2018 13:12:47] - |D| - [16196422] - C:\Users\mimy\AppData\Roaming\XnView [14/05/2014 08:39:38] - |D| - [79] - C:\Users\mimy\AppData\Roaming\Youtube Downloader HD [30/01/2019 12:55:28] - |D| - [0] - C:\Users\mimy\AppData\Roaming\yx1jb4yfsvs [04/12/2018 07:54:06] - |D| - [924793742] - C:\Users\mimy\AppData\Roaming\ZHP [06/05/2014 07:41:58] - |SH| - [174] - C:\Users\mimy\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [06/05/2014 07:41:49] - |RD| - [32147] - C:\Users\mimy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [27/08/2019 07:50:56] - |A| - [476] - C:\Users\mimy\AppData\Roaming\Microsoft\Windows\Start Menu\YouTube.website [06/05/2014 07:41:49] - |RD| - [12994] - C:\Users\mimy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [06/05/2014 07:41:58] - |RD| - [174] - C:\Users\mimy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [25/06/2019 08:21:05] - |D| - [3089] - C:\Users\mimy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BzEditor [06/05/2014 07:41:58] - |SH| - [476] - C:\Users\mimy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [15/08/2014 22:54:54] - |D| - [1903] - C:\Users\mimy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlacSquisher [19/01/2019 22:43:37] - |D| - [1130] - C:\Users\mimy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [03/12/2018 07:23:55] - |A| - [1042] - C:\Users\mimy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [25/08/2018 23:33:10] - |D| - [3231] - C:\Users\mimy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KISS [29/07/2015 11:44:53] - |D| - [0] - C:\Users\mimy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Livrotheque [06/05/2014 07:41:49] - |RD| - [580] - C:\Users\mimy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [05/09/2014 08:46:50] - |D| - [1956] - C:\Users\mimy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft [14/05/2014 08:54:43] - |RD| - [1519] - C:\Users\mimy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [10/01/2018 16:58:50] - |D| - [0] - C:\Users\mimy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Syncios [07/05/2014 09:11:33] - |D| - [4053] - C:\Users\mimy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [21/02/2017 21:22:45] - |A| - [1345] - C:\Users\mimy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [14/05/2014 08:54:43] - |SH| - [174] - C:\Users\mimy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] [14/07/2009 12:20:08] - |RHD| - [12368] - C:\Users\Public\Desktop [14/07/2009 13:54:24] - |ASH| - [174] - C:\Users\Public\desktop.ini [14/07/2009 12:20:08] - |RD| - [10060234637] - C:\Users\Public\Documents [14/07/2009 12:20:08] - |RD| - [174] - C:\Users\Public\Downloads [14/07/2009 12:20:08] - |RHD| - [0] - C:\Users\Public\Favorites [14/07/2009 12:20:08] - |RHD| - [964] - C:\Users\Public\Libraries [14/07/2009 12:20:08] - |RD| - [380] - C:\Users\Public\Music [14/07/2009 12:20:08] - |RD| - [380] - C:\Users\Public\Pictures [14/07/2009 12:20:08] - |RD| - [380] - C:\Users\Public\Videos ---------- | C:\ProgramData [07/05/2014 09:18:10] - |SH| - [81] - C:\ProgramData\.zreglib [19/05/2014 23:04:40] - |D| - [8522] - C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [03/08/2019 06:59:09] - |D| - [1946112] - C:\ProgramData\7C04BC5C-32E8-7449-8EDE-864C56CE3F45 [10/06/2014 09:43:56] - |D| - [285843879] - C:\ProgramData\Adobe [30/08/2016 15:01:53] - |D| - [421481117] - C:\ProgramData\Apple [30/08/2016 15:02:25] - |D| - [2052] - C:\ProgramData\Apple Computer [14/07/2009 14:08:56] - |SHD| - [0] - C:\ProgramData\Application Data [31/12/2017 12:06:23] - |D| - [92794838] - C:\ProgramData\Blackmagic Design [04/06/2015 23:50:15] - |D| - [0] - C:\ProgramData\boost_interprocess [06/05/2014 19:18:11] - |D| - [63401] - C:\ProgramData\Brother [14/05/2014 15:07:23] - |D| - [13058] - C:\ProgramData\DAEMON Tools Lite [14/07/2009 14:08:56] - |SHD| - [0] - C:\ProgramData\Desktop [14/07/2009 14:08:56] - |SHD| - [0] - C:\ProgramData\Documents [19/05/2015 08:53:54] - |D| - [0] - C:\ProgramData\DSDCS [30/06/2015 11:28:46] - |D| - [5862] - C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 [13/11/2018 09:53:09] - |D| - [29346572] - C:\ProgramData\Epic [14/07/2009 14:08:56] - |SHD| - [0] - C:\ProgramData\Favorites [13/12/2017 14:39:53] - |D| - [0] - C:\ProgramData\Freemake [21/09/2016 15:41:16] - |D| - [7172657] - C:\ProgramData\GSoft4U [14/05/2014 10:05:54] - |D| - [0] - C:\ProgramData\IDM [06/05/2014 10:44:23] - |D| - [51905] - C:\ProgramData\Intel [30/01/2019 12:58:23] - |A| - [4] - C:\ProgramData\irw.atsd [30/01/2019 12:55:07] - |D| - [0] - C:\ProgramData\localNETService [30/01/2019 12:58:23] - |A| - [4] - C:\ProgramData\lock.dat [20/05/2014 10:33:52] - |D| - [0] - C:\ProgramData\LogMeIn [06/05/2014 21:03:55] - |D| - [6193] - C:\ProgramData\LudoColl [10/12/2016 23:12:13] - |D| - [0] - C:\ProgramData\Media Center Programs [14/07/2009 12:20:08] - |SD| - [935725841] - C:\ProgramData\Microsoft [26/03/2019 14:32:20] - |D| - [20939] - C:\ProgramData\Mozilla [15/08/2014 22:39:50] - |D| - [0] - C:\ProgramData\NCH Software [30/07/2018 18:27:41] - |D| - [20480] - C:\ProgramData\Novabench [24/04/2019 15:18:48] - |RASH| - [258] - C:\ProgramData\ntuser.pol [06/05/2014 08:07:25] - |D| - [52967] - C:\ProgramData\NVIDIA [06/05/2014 08:07:08] - |D| - [307687897] - C:\ProgramData\NVIDIA Corporation [16/12/2016 22:42:41] - |A| - [5307] - C:\ProgramData\NvTelemetryContainer.log [16/12/2016 22:42:41] - |A| - [5110] - C:\ProgramData\NvTelemetryContainer.log_backup1 [22/08/2018 15:23:05] - |D| - [257] - C:\ProgramData\Oracle [14/05/2014 15:59:11] - |D| - [110770] - C:\ProgramData\Orbit [07/05/2014 15:46:37] - |D| - [568720181] - C:\ProgramData\Package Cache [26/03/2016 08:14:20] - |D| - [96010] - C:\ProgramData\Paltiosoft [07/05/2014 09:17:21] - |D| - [87672] - C:\ProgramData\SlySoft [13/05/2014 21:02:39] - |D| - [0] - C:\ProgramData\Solidshield [14/07/2009 14:08:56] - |SHD| - [0] - C:\ProgramData\Start Menu [11/01/2017 17:19:06] - |D| - [2335988] - C:\ProgramData\Steam [03/08/2019 06:58:14] - |D| - [13012] - C:\ProgramData\TACHYON [19/05/2015 09:51:21] - |AD| - [0] - C:\ProgramData\TEMP [14/07/2009 14:08:56] - |SHD| - [0] - C:\ProgramData\Templates [30/01/2019 12:58:23] - |A| - [8] - C:\ProgramData\ts.dat [14/06/2016 15:29:32] - |D| - [350705] - C:\ProgramData\WindSolutions [31/12/2017 12:15:58] - |A| - [1029] - C:\ProgramData\WinInfo.txt [01/01/2018 08:39:07] - |D| - [0] - C:\ProgramData\Wondershare [02/10/2019 06:53:13] - |D| - [0] - C:\ProgramData\{063409A3-F4ED-BDDC-95E9-5F31950E0660} [27/06/2019 21:49:13] - |D| - [0] - C:\ProgramData\{1460DF41-220F-AF88-773F-0B2377D85272} [03/08/2019 06:56:21] - |D| - [0] - C:\ProgramData\{26E9139D-EED3-9D01-ABF3-8211AB14DB40} [17/02/2019 07:12:45] - |D| - [0] - C:\ProgramData\{39655C80-A1CE-828D-B6BC-0E0EB65B575F} [18/03/2019 07:12:23] - |D| - [0] - C:\ProgramData\{3E110F7C-F232-85F9-4AEF-7A094A082358} [23/03/2019 07:08:18] - |D| - [0] - C:\ProgramData\{435973DC-8E92-F8B1-EA93-3274EA746B25} [17/02/2019 07:12:45] - |D| - [0] - C:\ProgramData\{66DCC80E-3540-DD34-3828-B75138CFEE00} [30/01/2019 12:54:32] - |D| - [0] - C:\ProgramData\{7927C1DF-3C91-C2CF-E921-4C4EE9C6151F} [03/08/2019 06:56:21] - |D| - [0] - C:\ProgramData\{810054A1-A9EF-3AE8-97B4-6BB6975332E7} [03/08/2019 06:56:21] - |D| - [0] - C:\ProgramData\{841A8D2C-7062-3FF2-1A6D-71B31A8A28E2} [18/03/2019 07:12:23] - |D| - [0] - C:\ProgramData\{8BEFA95A-5414-3007-6C49-84BC6CAEDDED} [30/05/2019 06:56:38] - |D| - [0] - C:\ProgramData\{9948D9E1-24AF-22A0-D739-23AED7DE7AFF} [30/01/2019 12:54:32] - |D| - [0] - C:\ProgramData\{C7CFC361-3E2F-7C27-5723-A4F057C4FDA1} [30/05/2019 06:56:38] - |D| - [0] - C:\ProgramData\{C8815293-AFDD-7369-A5B2-EAFFA555B3AE} [02/10/2019 06:53:13] - |D| - [0] - C:\ProgramData\{CAA70A72-F73C-714F-44EA-CCFD440D95AC} [27/06/2019 21:49:13] - |D| - [0] - C:\ProgramData\{D81628F6-D5B8-63FE-C0C8-7DEFC02F24BE} [23/03/2019 07:08:18] - |D| - [0] - C:\ProgramData\{E44940BC-BDF2-5FA1-8AA0-22D38A477B82} ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 14:01:14] - |A| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk [14/07/2009 13:49:40] - |ASH| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [29/01/2019 08:35:09] - |D| - [989] - C:\ProgramData\Microsoft\Windows\Start Menu\LudoColl [14/07/2009 12:20:08] - |RD| - [37023108] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 13:49:40] - |A| - [1266] - C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 12:20:08] - |RD| - [38657] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [14/04/2017 02:03:53] - |A| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [31/10/2015 22:31:09] - |A| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [14/07/2009 14:32:38] - |RD| - [18363] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [21/02/2017 21:22:39] - |D| - [2295] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe [21/02/2017 21:22:39] - |A| - [2031] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk [21/02/2017 21:22:50] - |A| - [2049] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk [21/02/2017 21:22:29] - |A| - [2002] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS2.lnk [21/02/2017 21:22:29] - |A| - [2005] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS2.lnk [23/02/2017 22:49:35] - |D| - [4802] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adventure Game Studio 3.4.0 P2 [16/09/2019 22:22:06] - |A| - [1041] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aegisub.lnk [15/11/2017 20:40:55] - |D| - [1132] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio [16/09/2019 22:22:08] - |A| - [1070] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASSDraw3.lnk [30/01/2019 09:04:54] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks [26/02/2019 19:44:22] - |D| - [2093] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Isle [30/01/2019 13:03:24] - |D| - [922] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [14/07/2009 13:54:23] - |SH| - [770] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [07/06/2017 17:32:40] - |D| - [36777680] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo [13/11/2018 09:53:11] - |A| - [957] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk [03/10/2018 22:08:40] - |D| - [7126] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eushully [28/06/2014 07:35:23] - |D| - [5109] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy [29/06/2015 08:29:56] - |D| - [2621] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Filmotech [26/03/2019 14:32:21] - |A| - [936] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk [18/08/2019 22:18:09] - |D| - [9353] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro [28/06/2014 08:02:50] - |A| - [1077] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk [24/06/2019 23:34:27] - |D| - [4805] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frhed [14/07/2009 14:32:38] - |RD| - [1848] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [21/09/2016 15:30:38] - |D| - [3299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GSoft4U [24/04/2019 18:08:15] - |D| - [5550] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn [03/06/2014 22:09:11] - |A| - [1841] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk [06/09/2014 22:43:01] - |D| - [8594] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [13/05/2014 10:42:09] - |D| - [18339] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [29/07/2015 11:44:53] - |D| - [2930] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Livrotheque [03/11/2014 22:30:51] - |D| - [995] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LudoColl [14/07/2009 12:20:08] - |RD| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [15/10/2016 23:01:58] - |D| - [2253] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft NetShow [03/01/2019 20:19:38] - |A| - [2745] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk [03/12/2016 07:52:54] - |A| - [2117] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk [08/07/2014 19:29:56] - |D| - [2225] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [09/12/2014 15:27:15] - |D| - [1358] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 [09/12/2014 15:26:43] - |D| - [4534] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 R2 [01/10/2019 19:23:40] - |D| - [6584] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories [13/12/2017 15:08:38] - |A| - [1265] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk [25/06/2014 22:08:45] - |D| - [3887] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag [06/08/2014 23:30:16] - |D| - [3461] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64 [31/07/2017 23:06:59] - |D| - [3458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitroplus [24/06/2015 17:49:04] - |SD| - [7280] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1 [13/12/2017 15:08:40] - |A| - [1334] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk [20/05/2014 21:01:18] - |D| - [4073] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre [16/08/2017 11:19:57] - |D| - [3581] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScummVM [14/07/2009 12:20:08] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [24/07/2018 16:22:39] - |D| - [704] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [03/05/2019 19:08:22] - |D| - [6529] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ [02/12/2017 22:43:44] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TMIDI Player [14/07/2009 13:57:09] - |A| - [1352] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk [20/01/2019 22:30:55] - |RD| - [3190] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC [16/01/2019 19:10:33] - |D| - [6257] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack [07/05/2014 09:11:33] - |D| - [3981] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [19/12/2018 13:12:43] - |D| - [2051] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView [14/07/2009 13:57:08] - |A| - [1246] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk [24/09/2019 17:51:39] - |D| - [3955] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD [26/03/2016 08:14:19] - |D| - [1970] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ソフト電池 ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 13:54:23] - |SH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [10/06/2014 09:44:04] - |D| - [872238462] - C:\Program Files (x86)\Adobe [16/09/2019 22:22:05] - |D| - [35473909] - C:\Program Files (x86)\Aegisub [30/08/2016 15:03:11] - |D| - [623146] - C:\Program Files (x86)\Anvsoft [06/08/2019 12:21:04] - |D| - [384525678] - C:\Program Files (x86)\AVerMedia [15/11/2017 20:54:18] - |AD| - [0] - C:\Program Files (x86)\BlueStacks [20/05/2014 22:51:51] - |D| - [27727351] - C:\Program Files (x86)\Brother [25/06/2019 08:21:05] - |D| - [980002] - C:\Program Files (x86)\BzEditor [14/07/2009 12:20:08] - |D| - [497465325] - C:\Program Files (x86)\Common Files [14/07/2009 13:54:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [07/01/2016 14:41:50] - |D| - [65] - C:\Program Files (x86)\Disclib [19/05/2015 08:52:25] - |D| - [3893] - C:\Program Files (x86)\DSDCS [31/12/2017 12:29:15] - |D| - [395099] - C:\Program Files (x86)\Etron Technology [28/06/2014 07:35:21] - |D| - [16786051] - C:\Program Files (x86)\Exact Audio Copy [29/06/2015 08:29:53] - |D| - [70584003] - C:\Program Files (x86)\Filmotech [15/08/2014 22:54:54] - |D| - [4990346] - C:\Program Files (x86)\FlacSquisher [28/06/2014 08:02:50] - |D| - [9966877] - C:\Program Files (x86)\foobar2000 [13/12/2017 14:39:41] - |D| - [27887876] - C:\Program Files (x86)\Freemake [24/06/2019 23:34:27] - |D| - [115079] - C:\Program Files (x86)\Frhed [10/06/2014 09:38:50] - |D| - [0] - C:\Program Files (x86)\Google [20/07/2016 13:12:14] - |D| - [1446012] - C:\Program Files (x86)\iGraphTabletServer [25/02/2017 22:03:51] - |D| - [25590519] - C:\Program Files (x86)\ImageWriter [03/06/2014 22:09:07] - |D| - [3154587] - C:\Program Files (x86)\ImgBurn [06/05/2014 10:41:48] - |HD| - [40695046] - C:\Program Files (x86)\InstallShield Installation Information [06/05/2014 10:33:01] - |D| - [933197] - C:\Program Files (x86)\Intel [14/07/2009 12:20:08] - |D| - [10303594] - C:\Program Files (x86)\Internet Explorer [15/12/2014 23:39:20] - |D| - [142154573] - C:\Program Files (x86)\Java [13/05/2014 10:42:05] - |D| - [54700676] - C:\Program Files (x86)\K-Lite Codec Pack [19/07/2017 14:33:25] - |D| - [245] - C:\Program Files (x86)\Ligos [29/07/2015 11:44:53] - |D| - [8665101] - C:\Program Files (x86)\livrotheque [06/05/2014 21:02:55] - |D| - [7117075] - C:\Program Files (x86)\LudoColl [12/06/2019 18:06:37] - |D| - [0] - C:\Program Files (x86)\Metronimo [13/11/2014 23:52:01] - |D| - [1670519] - C:\Program Files (x86)\Microsoft ASP.NET [15/10/2016 23:01:51] - |D| - [1160285] - C:\Program Files (x86)\Microsoft NetShow [03/01/2019 20:19:38] - |D| - [11950517] - C:\Program Files (x86)\Microsoft Office [03/12/2016 07:52:52] - |D| - [1527760] - C:\Program Files (x86)\Microsoft Security Client [08/07/2014 19:29:52] - |D| - [42894550] - C:\Program Files (x86)\Microsoft Silverlight [09/12/2014 15:26:41] - |D| - [37622223] - C:\Program Files (x86)\Microsoft SQL Server [13/12/2017 15:08:34] - |D| - [1829877] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [09/12/2014 15:27:27] - |D| - [255840] - C:\Program Files (x86)\Microsoft Visual Studio 9.0 [13/05/2014 09:22:01] - |D| - [6076507] - C:\Program Files (x86)\Microsoft XNA [06/05/2014 08:05:40] - |D| - [597039] - C:\Program Files (x86)\Microsoft.NET [26/03/2019 14:32:21] - |D| - [375141] - C:\Program Files (x86)\Mozilla Maintenance Service [25/06/2014 22:08:45] - |D| - [7809840] - C:\Program Files (x86)\Mp3tag [14/07/2009 14:32:38] - |D| - [25757] - C:\Program Files (x86)\MSBuild [03/01/2019 20:12:38] - |D| - [30807860] - C:\Program Files (x86)\MSECache [06/05/2014 10:32:30] - |D| - [260621] - C:\Program Files (x86)\MSI [15/08/2014 22:39:40] - |D| - [110592] - C:\Program Files (x86)\NCH Software [06/05/2014 08:07:06] - |D| - [216581756] - C:\Program Files (x86)\NVIDIA Corporation [01/09/2014 18:32:36] - |D| - [809496] - C:\Program Files (x86)\OpenAL [24/06/2015 17:48:48] - |D| - [327250814] - C:\Program Files (x86)\OpenOffice 4 [06/05/2014 10:41:49] - |D| - [13798201] - C:\Program Files (x86)\Realtek [14/07/2009 14:32:38] - |D| - [36962049] - C:\Program Files (x86)\Reference Assemblies [15/07/2014 10:58:11] - |D| - [30493970] - C:\Program Files (x86)\Setup Files [07/05/2014 09:17:21] - |D| - [163840] - C:\Program Files (x86)\SlySoft [26/03/2016 08:14:19] - |D| - [2549448] - C:\Program Files (x86)\SoftDenchi [03/08/2019 06:58:06] - |D| - [0] - C:\Program Files (x86)\TACHYON [06/05/2014 10:41:59] - |HD| - [0] - C:\Program Files (x86)\Temp [30/01/2019 12:54:43] - |D| - [1860] - C:\Program Files (x86)\TogTog [14/07/2009 13:57:06] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [30/07/2018 18:39:12] - |D| - [10836] - C:\Program Files (x86)\VulkanRT [14/07/2009 14:32:38] - |D| - [512000] - C:\Program Files (x86)\Windows Defender [14/07/2009 12:20:08] - |D| - [6115840] - C:\Program Files (x86)\Windows Mail [14/07/2009 12:20:08] - |D| - [12062388] - C:\Program Files (x86)\Windows NT [14/07/2009 14:32:38] - |D| - [4394248] - C:\Program Files (x86)\Windows Photo Viewer [14/07/2009 14:32:38] - |D| - [189952] - C:\Program Files (x86)\Windows Portable Devices [20/01/2019 22:30:55] - |D| - [5009408] - C:\Program Files (x86)\Windows Virtual PC [19/12/2018 13:12:42] - |D| - [20441304] - C:\Program Files (x86)\XnView [24/09/2019 17:51:38] - |D| - [31237683] - C:\Program Files (x86)\Youtube Downloader HD ---------- | C:\Program Files [15/11/2017 20:39:50] - |D| - [0] - C:\Program Files\Android [30/07/2018 18:20:57] - |D| - [41190792] - C:\Program Files\CCleaner [14/07/2009 12:20:08] - |D| - [86179365] - C:\Program Files\Common Files [14/07/2009 13:54:24] - |ASH| - [174] - C:\Program Files\desktop.ini [14/07/2009 14:32:38] - |D| - [4890294] - C:\Program Files\DVD Maker [18/08/2019 22:18:00] - |D| - [216644522] - C:\Program Files\FlashIntegro [03/01/2017 20:41:04] - |D| - [295947114] - C:\Program Files\GIMP 2 [15/07/2014 10:58:28] - |D| - [26740] - C:\Program Files\Intel [14/07/2009 12:20:08] - |D| - [30295652] - C:\Program Files\Internet Explorer [01/05/2016 14:05:08] - |D| - [13067] - C:\Program Files\MediaCoder [03/12/2016 07:52:51] - |D| - [33333061] - C:\Program Files\Microsoft Security Client [08/07/2014 19:29:52] - |D| - [55728894] - C:\Program Files\Microsoft Silverlight [09/12/2014 15:26:30] - |D| - [1979303522] - C:\Program Files\Microsoft SQL Server [09/12/2014 15:27:26] - |D| - [7674] - C:\Program Files\Microsoft Visual Studio 9.0 [01/10/2019 19:23:40] - |D| - [8046914] - C:\Program Files\Microsoft Xbox 360 Accessories [15/07/2015 23:55:38] - |D| - [573096] - C:\Program Files\Microsoft.NET [19/09/2019 21:39:20] - |D| - [200573725] - C:\Program Files\Mozilla Firefox [06/08/2014 23:30:14] - |D| - [38841649] - C:\Program Files\MPC-HC [14/07/2009 14:32:38] - |D| - [25757] - C:\Program Files\MSBuild [12/01/2016 00:22:52] - |D| - [22175355] - C:\Program Files\Music Collection [01/10/2019 19:15:06] - |D| - [4560501] - C:\Program Files\Nefarius Software Solutions [06/05/2014 08:01:52] - |D| - [2322050453] - C:\Program Files\NVIDIA Corporation [31/12/2017 14:43:52] - |D| - [36456496] - C:\Program Files\Realtek [14/07/2009 14:32:38] - |D| - [34625193] - C:\Program Files\Reference Assemblies [31/07/2017 23:20:31] - |D| - [381728] - C:\Program Files\SoftDenchi [14/07/2009 14:09:26] - |HD| - [0] - C:\Program Files\Uninstall Information [13/02/2019 17:32:51] - |D| - [0] - C:\Program Files\VideoLAN [14/07/2009 14:32:38] - |D| - [4016640] - C:\Program Files\Windows Defender [13/12/2017 15:08:42] - |D| - [52928] - C:\Program Files\Windows Live [14/07/2009 12:20:08] - |D| - [6602240] - C:\Program Files\Windows Mail [14/07/2009 14:32:38] - |D| - [0] - C:\Program Files\Windows Media Player [14/07/2009 12:20:08] - |D| - [12492468] - C:\Program Files\Windows NT [14/07/2009 14:32:38] - |D| - [5492504] - C:\Program Files\Windows Photo Viewer [14/07/2009 14:32:38] - |D| - [244736] - C:\Program Files\Windows Portable Devices [07/05/2014 09:11:30] - |D| - [5753718] - C:\Program Files\WinRAR ---------- | C:\Program Files (x86)\Common Files [10/06/2014 09:44:04] - |D| - [164207968] - C:\Program Files (x86)\Common Files\Adobe [21/02/2017 21:22:39] - |D| - [72704] - C:\Program Files (x86)\Common Files\Adobe Systems Shared [30/08/2016 15:01:53] - |D| - [0] - C:\Program Files (x86)\Common Files\Apple [06/08/2019 12:23:56] - |D| - [58378752] - C:\Program Files (x86)\Common Files\AVerMedia [19/07/2016 09:17:46] - |D| - [81920] - C:\Program Files (x86)\Common Files\Canon [09/01/2018 13:52:33] - |D| - [7987536] - C:\Program Files (x86)\Common Files\FlashIntegro [06/05/2014 10:41:50] - |D| - [7201977] - C:\Program Files (x86)\Common Files\InstallShield [15/12/2014 23:39:26] - |D| - [2150795] - C:\Program Files (x86)\Common Files\Java [14/07/2009 12:20:08] - |D| - [32442394] - C:\Program Files (x86)\Common Files\microsoft shared [06/05/2014 21:02:57] - |D| - [167391536] - C:\Program Files (x86)\Common Files\PC SOFT [06/05/2014 10:43:19] - |D| - [0] - C:\Program Files (x86)\Common Files\postureAgent [25/06/2014 14:18:18] - |D| - [459184] - C:\Program Files (x86)\Common Files\PX Storage Engine [14/07/2009 12:20:08] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [14/07/2009 12:20:08] - |D| - [41103783] - C:\Program Files (x86)\Common Files\SpeechEngines [06/09/2016 16:57:43] - |D| - [5788119] - C:\Program Files (x86)\Common Files\Steam [19/01/2019 22:43:27] - |D| - [0] - C:\Program Files (x86)\Common Files\SWF Studio [14/07/2009 12:20:08] - |D| - [10195955] - C:\Program Files (x86)\Common Files\System ---------- | C:\Program Files\Common files [16/05/2018 12:29:34] - |D| - [63366976] - C:\Program Files\Common files\FlashIntegro [14/07/2009 12:20:08] - |D| - [10055268] - C:\Program Files\Common files\Microsoft Shared [14/07/2009 12:20:08] - |D| - [2702] - C:\Program Files\Common files\Services [14/07/2009 12:20:08] - |D| - [608768] - C:\Program Files\Common files\SpeechEngines [14/07/2009 12:20:08] - |D| - [12145651] - C:\Program Files\Common files\System ---------- | Tasks [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [14/07/2009 14:08:49] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.B4BAC7DF1590C86406690351A38081B4] - [14/07/2009 14:08:49] - |A| - [32580] - C:\Windows\Tasks\SCHEDLGU.TXT [MD5.05AC4DA0FD35752AD083CC9C9C5D3C90] - [03/08/2019 06:59:09] - |A| - [4142] - C:\Windows\System32\Tasks\83D53E60-330B-74AD-A01F-731408CFB2F5 : C:\Windows\SysWOW64\regsvr32.exe [MD5.1ADEB41B91EA8A07A39BFEA5219F8006] - [25/12/2014 08:07:58] - |A| - [4476] - C:\Windows\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.C5D558985E4597F8CF38F3F1A8ABEDA4] - [30/01/2019 13:03:24] - |A| - [3870] - C:\Windows\System32\Tasks\CCleaner Update : C:\Program Files\CCleaner\CCUpdate.exe [MD5.EDCC8C935DC209864AF402CF2C3972EB] - [30/01/2019 13:03:24] - |A| - [2804] - C:\Windows\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.122602ED7FD8909A562D8BD375426598] - [23/05/2018 08:15:42] - |A| - [3236] - C:\Windows\System32\Tasks\DMMGamePlayer : "C:\Program Files (x86)\DMMGamePlayer\DMMGamePlayer.exe" [MD5.00000000000000000000000000000000] - [24/08/2018 22:37:24] - |D| - [0] - C:\Windows\System32\Tasks\MEGA [MD5.00000000000000000000000000000000] - [14/07/2009 12:20:13] - |D| - [205020] - C:\Windows\System32\Tasks\Microsoft [MD5.7E0027AF1C8FA81C46C6CEA9A46549D1] - [19/05/2015 11:02:45] - |A| - [3040] - C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe : C:\Program Files\Microsoft IntelliPoint\IPoint.exe [MD5.00000000000000000000000000000000] - [15/08/2014 22:39:51] - |D| - [0] - C:\Windows\System32\Tasks\NCH Software [MD5.190A7B791FB4B650928A96E04EDF287D] - [01/10/2019 19:15:06] - |A| - [3624] - C:\Windows\System32\Tasks\ViGEmBusUpdater : C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBusUpdater.exe [MD5.00000000000000000000000000000000] - [14/07/2009 14:09:57] - |D| - [0] - C:\Windows\System32\Tasks\WPD [MD5.F37F41A708F94BE589DF184C7E5385CF] - [22/08/2014 07:56:07] - |A| - [3036] - C:\Windows\System32\Tasks\{00C76455-19E5-43E1-BF6E-3981289C4065} : C:\Windows\system32\pcalua.exe [MD5.16FB7842056AF11019BE57182420EC55] - [30/05/2019 06:57:08] - |A| - [3576] - C:\Windows\System32\Tasks\{067E1A8D-4D45-47C0-A2DB-BE66DB28F7B2} : C:\ProgramData\6006932095928748539\watchdog.exe [MD5.CD259E5AE4DE4D5178009513E407B19F] - [03/08/2019 06:59:04] - |A| - [3576] - C:\Windows\System32\Tasks\{099A689E-7640-4B7A-B473-FCCD4AF93244} : C:\ProgramData\1007090221584837924\watchdog.exe [MD5.4BAEAA677163D01875E321E29C06CA3A] - [14/09/2016 08:29:45] - |A| - [3028] - C:\Windows\System32\Tasks\{1A0C7CC2-22DB-482D-BFB5-59FCBF15481D} : C:\Windows\system32\pcalua.exe [MD5.32DD984639E8191858A614326389A705] - [15/10/2016 22:42:53] - |A| - [3196] - C:\Windows\System32\Tasks\{1A1E692F-4180-4938-B02F-1D92CDC61B57} : C:\Windows\system32\pcalua.exe [MD5.F4938AF65FF53BB11247F6FD6115D6D9] - [22/02/2017 21:27:37] - |A| - [3154] - C:\Windows\System32\Tasks\{34C9EE21-3541-4B42-919B-CCEF410818DE} : C:\Windows\system32\pcalua.exe [MD5.E895CA9926B13A92671F5A2F87A7FEC7] - [22/02/2017 21:14:17] - |A| - [3144] - C:\Windows\System32\Tasks\{4399CC9B-C1EB-4905-A4FB-2A61A4620193} : C:\Windows\system32\pcalua.exe [MD5.F4C627A4D99A3FEDE0F960EE4108EEEB] - [21/02/2017 11:20:30] - |A| - [3122] - C:\Windows\System32\Tasks\{47EDCB0C-4501-4A02-8C48-9F4B11A1B631} : C:\Windows\system32\pcalua.exe [MD5.9AFA0D5A6A0DF1AE432E732AF80210FB] - [08/09/2018 20:50:33] - |A| - [2922] - C:\Windows\System32\Tasks\{646C01C4-C4B8-4760-B2FA-BEECC2C07835} : E:\jeuxInstall\Izumo\Izumo.exe [MD5.6BE7455EE29D6F990BFF9CCE5FDE98F0] - [15/07/2014 10:58:33] - |A| - [3212] - C:\Windows\System32\Tasks\{702C3016-133D-4ADB-9D16-A0B9F1900B0F} : C:\Windows\system32\pcalua.exe [MD5.349C7459293397190377AC297E454F68] - [02/10/2019 06:54:52] - |A| - [3576] - C:\Windows\System32\Tasks\{C423C7AF-EB8A-4B06-917F-732063CC037C} : C:\ProgramData\3206546376656155802\watchdog.exe [MD5.1A82B37A9C54FB44764972CE8826CE70] - [06/08/2019 10:17:53] - |A| - [3140] - C:\Windows\System32\Tasks\{C7831C79-070B-4199-932A-467EB7557FCE} : C:\Windows\system32\pcalua.exe [MD5.75C4214E6CDBBD57646E3B7D055A4030] - [18/08/2014 23:21:04] - |A| - [3028] - C:\Windows\System32\Tasks\{D25AE7C7-24ED-4189-A157-4248ADD485CC} : C:\Windows\system32\pcalua.exe [MD5.98FA2158CCB5725A0F2FB5C9E1041849] - [06/01/2015 11:53:38] - |A| - [3102] - C:\Windows\System32\Tasks\{F4AB6A54-59ED-4553-86C3-1189D996793B} : C:\Windows\system32\pcalua.exe [MD5.00000000000000000000000000000000] - [14/07/2009 12:20:14] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "Netlogon-NamedPipe-In"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "{BF78CAFB-27B0-4BEC-BF24-4B58CD003CB3}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002| "{64C6B463-FD13-4575-B739-81A01B0A18F3}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe|Name=AnyDVD Application| "{31B1AE9E-41CB-4DCF-A011-F93BF40A549E}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe|Name=AnyDVD Application| "{45B94DC6-DC2F-4B43-8ED9-8A0733B83D68}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe|Name=AnyDVD Application| "{6CC2F315-AD36-4AD9-80CF-9078629B50AB}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|App=C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe|Name=AnyDVD Application| "{F51E1B63-4416-43FE-A238-DC6C3A6DA20D}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe|Name=AnyDVD| "{19D673A2-5631-4386-8DCE-3380DF57FBF7}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe|Name=AnyDVD| "{CED76191-B436-4536-981E-8B102B2441A0}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe|Name=AnyDVD| "{25DF81C8-CD2A-48F0-B3FA-25352EC876CD}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|App=C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe|Name=AnyDVD| "{8AD507E4-835E-43E3-A621-F74E5F0BB91D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\Microsoft SQL Server\MSSQL10_50.MYMOVIES\MSSQL\Binn\sqlservr.exe|Name=My Movies SQL Server| "{8E77E399-3B90-4F12-AD46-A6D234BFDC9D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe|Name=My Movies SQL Server Browser| "TCP Query User{FFCA823F-63DC-40A0-83DF-1317A583AF01}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "UDP Query User{BECB924B-B73C-4171-BCAC-3581C3CA0FF6}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "{19CFDA00-A8BE-4F04-BBDC-8FCDFD39D6DB}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\LudoColl\LudoColl.exe|Name=Gestion de collection de jeux vidéo| "{63F4F136-986F-49CC-9668-4AD460DBA2FE}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\LudoColl\LudoColl.exe|Name=Gestion de collection de jeux vidéo| "{4AAB133D-B315-428C-B0D0-2E7DDD9D8E41}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=C:\Program Files (x86)\LudoColl\LudoColl.exe|Name=Gestion de collection de jeux vidéo| "{97598F94-0907-4CC4-B238-DC7511D8000A}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|App=C:\Program Files (x86)\LudoColl\LudoColl.exe|Name=Gestion de collection de jeux vidéo| "TCP Query User{A07C2FE9-AA40-4598-9183-D04D2E2D78FE}C:\program files (x86)\igraphtabletserver\igraphtabletserver.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\igraphtabletserver\igraphtabletserver.exe|Name=iGraphTabletServer|Desc=iGraphTabletServer|Defer=User| "UDP Query User{01FDA2E7-648B-4A1C-BFDF-998EF50935CC}C:\program files (x86)\igraphtabletserver\igraphtabletserver.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\igraphtabletserver\igraphtabletserver.exe|Name=iGraphTabletServer|Desc=iGraphTabletServer|Defer=User| "{0AB2286C-BFF6-4878-8DFA-F61BB87CAF9D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (UPnP)| "{E70A39DD-164F-4BCD-BA9E-F336D3C896A9}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (SSDP)| "{71CDFD23-E93E-46E1-BA48-0651DA119E1D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe|Name=Syncios Data Transfer| "{6EC36629-A41A-4FA6-810F-8192371DFF37}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe|Name=Syncios Data Transfer| "TCP Query User{401D1543-A062-49EF-ACD3-3F43B355228C}C:\program files (x86)\avermedia\avermedia recentral 4\recentral 4.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\avermedia\avermedia recentral 4\recentral 4.exe|Name=RECentral|Desc=RECentral|Defer=User| "UDP Query User{C0C89C89-9E3B-4A1E-9CB6-BA49BC3A0930}C:\program files (x86)\avermedia\avermedia recentral 4\recentral 4.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\avermedia\avermedia recentral 4\recentral 4.exe|Name=RECentral|Desc=RECentral|Defer=User| "{86DE2DF8-E39E-4116-AD01-7358441A1888}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe|Name=Syncios Data Transfer| "{1CDB2FDA-01E0-4EFC-96C3-ABCB0486CF49}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe|Name=Syncios Data Transfer| "TCP Query User{BBD409FB-DF59-4037-B470-6767A4492E04}E:\jeuxinstall\kiss\com3d2\com3d2x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=E:\jeuxinstall\kiss\com3d2\com3d2x64.exe|Name=COM3D2x64|Desc=COM3D2x64|Defer=User| "UDP Query User{5403F7FC-F096-4497-AA22-EFA78188851E}E:\jeuxinstall\kiss\com3d2\com3d2x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=E:\jeuxinstall\kiss\com3d2\com3d2x64.exe|Name=COM3D2x64|Desc=COM3D2x64|Defer=User| "TCP Query User{A4922062-6BE2-4AFE-9EDE-D4352619F398}C:\program files (x86)\avermedia\avermedia recentral 4\recentral 4.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\avermedia\avermedia recentral 4\recentral 4.exe|Name=RECentral|Desc=RECentral|Defer=User| "UDP Query User{89037F82-60DF-4087-A805-F03AA18C4EB1}C:\program files (x86)\avermedia\avermedia recentral 4\recentral 4.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\avermedia\avermedia recentral 4\recentral 4.exe|Name=RECentral|Desc=RECentral|Defer=User| "TCP Query User{47CF30AC-247C-4986-B7C3-53F06F9017C8}F:\jeux\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=F:\jeux\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "UDP Query User{855EB5B5-82B1-4311-8E2C-5222896DCA2B}F:\jeux\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=F:\jeux\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "TCP Query User{C25BD81B-924B-41BC-860A-5693A769DD14}F:\jeux\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=F:\jeux\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "UDP Query User{217ED0A0-969E-431D-AC49-3B1267E78E95}F:\jeux\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=F:\jeux\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "TCP Query User{96345A9B-FA79-4157-91A9-C716B3437124}F:\jeux\epic\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=F:\jeux\epic\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe|Name=UE4Game|Desc=UE4Game|Defer=User| "UDP Query User{7D7D8A05-9434-412B-A20F-60020F6E4D71}F:\jeux\epic\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=F:\jeux\epic\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe|Name=UE4Game|Desc=UE4Game|Defer=User| "TCP Query User{C40BDD95-8367-4717-9B03-5AD6FC61C409}F:\jeux\epic\unrealtournament\windowsserver\engine\binaries\win64\ue4server-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=F:\jeux\epic\unrealtournament\windowsserver\engine\binaries\win64\ue4server-win64-shipping.exe|Name=UE4Game|Desc=UE4Game|Defer=User| "UDP Query User{37B6A802-951B-4B71-9C4C-DCF0B2E69245}F:\jeux\epic\unrealtournament\windowsserver\engine\binaries\win64\ue4server-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=F:\jeux\epic\unrealtournament\windowsserver\engine\binaries\win64\ue4server-win64-shipping.exe|Name=UE4Game|Desc=UE4Game|Defer=User| "{9516D95B-8CE1-48B3-A3FA-E3A05D242E0D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe|Name=Syncios Data Transfer| "VirtualPC-In-UDP-1"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=137|App=%SystemRoot%\System32\vpc.exe|Svc=vpc|Name=@vpc.exe,-20511|Desc=@vpc.exe,-20512|EmbedCtxt=@vpc.exe,-20517| "VirtualPC-In-UDP-2"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=138|App=%SystemRoot%\System32\vpc.exe|Svc=vpc|Name=@vpc.exe,-20513|Desc=@vpc.exe,-20514|EmbedCtxt=@vpc.exe,-20517| "VirtualPC-In-TCP-1"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=139|App=%SystemRoot%\System32\vpc.exe|Svc=vpc|Name=@vpc.exe,-20515|Desc=@vpc.exe,-20516|EmbedCtxt=@vpc.exe,-20517| "{745FFB98-5E2C-42F9-8D3B-1C935FF801DC}"=v2.10|Action=Block|Active=TRUE|Dir=Out|App=(Jekrn.exe|Name=Google| "{8DDE679C-C0EF-4A7E-BF07-CEC409C02C62}"=v2.10|Action=Block|Active=TRUE|Dir=In|App=(Jekrn.exe|Name=Google| "{120F84CE-CA8F-4465-959B-1A9D95EBAE1F}"=v2.10|Action=Block|Active=TRUE|Dir=Out|App=(&ekrn.exe|Name=Google| "{2037B2EE-BD0B-44A2-965E-615999D6F3A5}"=v2.10|Action=Block|Active=TRUE|Dir=In|App=(&ekrn.exe|Name=Google| "{8124E3B4-2DFC-4EB5-88E0-00DC9FAD6350}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\CCleaner\CCUpdate.exe|Name=CCleaner Update| "{B84B37AA-FA90-4FBC-A360-B26D74A6447E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\CCleaner\CCUpdate.exe|Name=CCleaner Update| "TCP Query User{9EBCD647-1F03-4337-9BBC-61F0386286EA}F:\starcitizen\starcitizen\live\bin64\starcitizen.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=F:\starcitizen\starcitizen\live\bin64\starcitizen.exe|Name=StarCitizen|Desc=StarCitizen|Defer=User| "UDP Query User{21913EEB-1D1B-456B-BF56-3647E4AD72C0}F:\starcitizen\starcitizen\live\bin64\starcitizen.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=F:\starcitizen\starcitizen\live\bin64\starcitizen.exe|Name=StarCitizen|Desc=StarCitizen|Defer=User| "{22B53ED4-E30B-4D09-B19D-85BC40F41299}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|App=C:\ProgramData\6006932095928748539\desktop_media_service.exe|Name=NativeDesktopMediaService| "{51EDF7D8-BF92-48E5-8E0D-8D6593ADF2B4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|App=C:\Windows\SysWOW64\TCPSVCS.EXE|Name=tcpsvcs System| "{26F49244-CDF2-40F8-8555-A9A66C97030F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|App=C:\ProgramData\1007090221584837924\desktop_media_service.exe|Name=NativeDesktopMediaService| "{D6C2D4D4-F30D-45BB-A998-5B93D5EB3EDA}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|App=C:\Windows\SysWOW64\TCPSVCS.EXE|Name=tcpsvcs System| "{4C63C6C0-DF89-434A-904B-21E24D3DD0DF}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe|Name=VSDC Free Video Editor| "{588D7F65-D4B2-4129-BAA3-B0D602F3848C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe|Name=VSDC Free Video Editor| "{F54B36F8-91DD-43FC-AA89-ADFAEF5F5EC4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\FlashIntegro\VideoEditor\Activation.exe|Name=VSDC Free Video Editor Activater| "{46DC96B7-256B-4301-B4E8-DB5198581873}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\FlashIntegro\VideoEditor\Activation.exe|Name=VSDC Free Video Editor Activater| "{49F3A9B6-2728-4442-B154-03BC13FB4BF5}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\FlashIntegro\VideoEditor\Updater.exe|Name=VSDC Free Video Editor Updater| "{B3E1CBED-DCF8-4FEF-8D45-85FDB091EAC3}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\FlashIntegro\VideoEditor\Updater.exe|Name=VSDC Free Video Editor Updater| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}] : (IPMIDRV) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{473A6B1D-3407-400E-B91A-F991C5A39DC3}] : (Bluetooth) [] -> Bluetooth Radios [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] : (Display) [] -> @DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) [] -> @mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}] : (Monitor) [] -> @Montr_CI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}] : (MTD) [] -> @SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}] : (Net) [] -> @NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}] : (NetClient) [] -> @NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}] : (NetService) [] -> @NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}] : (NetTrans) [] -> @NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) [] -> @StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175D334-C371-4806-B3BA-71FD53C9258D}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53D29EF7-377C-4D14-864B-EB3A85769359}] : (BiometricDevice) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{59F44B03-CCD2-460B-ACD8-53CBF375D174}] : (GEARAspiWDM) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) [] -> @NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) [] -> @%SystemRoot%\system32\batt.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) [] -> @hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88BAE032-5A81-49F0-BC3D-A4FF138216D6}] : (UsbDevice) [] -> @oem71.inf,%ClassName%;Universal Serial Bus devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990A2BD7-E738-46C7-B26F-1CF8FB9F1391}] : (SmartCard) [] -> @sccls.dll,-300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}] : (SideShow) [] -> @%systemroot%\system32\AuxiliaryDisplayClassInstaller.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9D3039DD-CCA5-4B4D-B33D-E2DDC8A8C52E}] : (dtsoftbus01) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{AED279D9-7DD0-49AB-8024-4F65418531FB}] : (VirtualUSB) [] -> @vpcusb.inf,%ClassName%;USB Virtualization [HKLM\SYSTEM\CurrentControlSet\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}] : (Transfer Cable) [] -> @%SystemRoot%\System32\migwiz\migres.dll,-20 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C30ECEA0-11EF-4EF9-B02E-6AF81E6E65C0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}] : (XnaComposite) [] -> @%SystemRoot%\system32\XInput9_1_0.dll,-1000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{DB4F6DDD-9C0E-45E4-9597-78DBBAD0F412}] : (SmartCardFilter) [] -> @sccls.dll,-301 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}] : (WPD) [] -> @wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [26/03/2019 12:54:47] - (25.21.14.1967) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 419.67) - C:\Windows\system32\DRIVERS\nvlddmkm.sys [31/12/2017 12:29:16] - (0.0.0.122) - (Etron Technology Inc - Etron eXtensible Host Controller Driver.) - C:\Windows\System32\Drivers\EtronXHCI.sys [29/12/2014 19:36:30] - (2.2.3.0) - (GEAR Software Inc. - CD DVD Filter) - C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [19/01/2013 00:52:08] - (1.0.8.0) - ( - Intel(R) Smart Connect Technology Device Driver) - C:\Windows\system32\DRIVERS\ISCTD64.sys [19/05/2013 03:02:52] - (1.0.0.103) - (Scarlet.Crush Productions - Scp Virtual Bus Driver) - C:\Windows\system32\DRIVERS\ScpVBus.sys [04/04/2019 20:35:30] - (1.16.112.0) - (Benjamin Höglinger-Stelzer - Virtual Gamepad Emulation Bus Driver) - C:\Windows\system32\DRIVERS\ViGEmBus.sys [09/01/2018 09:34:57] - (0.0.0.122) - (Etron Technology Inc - Etron eXtensible Hub Driver.) - C:\Windows\System32\Drivers\EtronHub3.sys [31/12/2017 14:43:30] - (6.10.0.8) - (Creative Technology Ltd. - Creative Audio Driver) - C:\Windows\system32\drivers\MBfilt64.sys [26/03/2019 12:54:47] - (1.3.38.13) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\Windows\system32\drivers\nvhda64v.sys [06/08/2019 12:22:40] - (1.0.64.14) - (AVerMedia - UVCLower.sys:) - C:\Windows\system32\DRIVERS\UVCLower.sys [02/10/2018 17:02:01] - (1.0.0.0) - (Roland Corporation - ) - C:\Windows\system32\Drivers\rdwm1003.sys [11/09/2019 07:09:23] - (5.1.2.253) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\Windows\System32\ATMFD.DLL ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service R0 - [Kernel Driver] - ACPI (Microsoft ACPI Driver) -> system32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - amdxata () -> system32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - atapi (IDE Channel) -> system32\drivers\atapi.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Disk (Disk Driver) -> system32\drivers\disk.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - MpFilter (Microsoft Malware Protection Driver) -> system32\DRIVERS\MpFilter.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msahci () -> system32\drivers\msahci.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> system32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (PCI Bus Driver) -> system32\drivers\pci.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - spldr (Security Processor Loader Driver) -> (?) - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (Microsoft Virtual Drive Enumerator Driver) -> system32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgr (Volume Manager Driver) -> system32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (Storage volumes) -> system32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - blbdrive () -> system32\DRIVERS\blbdrive.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (CD-ROM Driver) -> system32\DRIVERS\cdrom.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (Microsoft System Management BIOS Driver) -> \SystemRoot\system32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - RsFx0153 (RsFx0153 Driver) -> system32\DRIVERS\RsFx0153.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Serial (Serial port driver) -> system32\DRIVERS\serial.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - TermDD (Terminal Device Driver) -> \SystemRoot\system32\drivers\termdd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - VgaSave () -> \SystemRoot\System32\drivers\vga.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vpcnfltr (Virtual PC Network Filter Driver) -> system32\DRIVERS\vpcnfltr.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vpcvmm (@%SystemRoot%\system32\drivers\vpcvmm.sys,-100) -> system32\drivers\vpcvmm.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) [MD5.4E7C4709AAB1F24E8FE1763DDBFFB93D] - [15/10/2016 22:42:25] - (.-.) - [27.73 Ko] - (0.0.0.0) - C:\Windows\Syswow64\Drivers\SECDRV.SYS ---------- | Uninstall (Whitelist) [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DAZ3DIM1] : (.-.) -> [HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\foobar2000] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Andy OS] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AVerMedia Live Gamer HD 2] : (AVerMedia Live Gamer HD 2 1.0.64.14.-.AVerMedia TECHNOLOGIES, Inc.) -> C:\Program Files (x86)\AVerMedia\AVerMedia Live Gamer HD 2\uninst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Branding] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\GIMP-2_is1] : (GIMP 2.8.18.-.The GIMP Team) -> "C:\Program Files\GIMP 2\uninst\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VSDC Free Video Editor_is1] : (VSDC Free Video Editor version 6.3.6.18.-.Flash-Integro LLC) -> "C:\Program Files\FlashIntegro\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{46C478DE-C381-4200-9627-0DA025B555EB}] : (Intel(R) Chipset Device Software.-.Intel Corporation) -> MsiExec.exe /I{46C478DE-C381-4200-9627-0DA025B555EB} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{63A3DBCF-FB40-4398-9AE5-94EE6206CE12}] : (sdrt(5.0, 64bit).-.パルティオソフト株式会社) -> MsiExec.exe /I{63A3DBCF-FB40-4398-9AE5-94EE6206CE12} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{66C5838F-B854-4A55-89E6-A6138747A4DF}] : (Epic Games Launcher Prerequisites (x64).-.Epic Games, Inc.) -> MsiExec.exe /X{66C5838F-B854-4A55-89E6-A6138747A4DF} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{869109FC-8D5A-46D0-B619-47D7E4173D93}] : (ViGEm Bus Driver.-.Nefarius Software Solutions e.U.) -> MsiExec.exe /X{869109FC-8D5A-46D0-B619-47D7E4173D93} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel] : (NVIDIA Ansel.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (NVIDIA Control Panel 419.67.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer] : (DisplayDriverAnalyzer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer] : (NVIDIA Display Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS] : (NVIDIA Display Container LS.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog] : (NVIDIA Display Watchdog Plugin.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer] : (NVIDIA Display Session Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry] : (NVIDIA Telemetry Client.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer] : (NVIDIA Telemetry Container.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-040C-1E257A25E34D}] : (Adobe Photoshop CS2.-.Adobe Systems, Inc.) -> msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AVerMedia Live Gamer EXTREME] : (AVerMedia Live Gamer EXTREME 3.0.64.99.-.AVerMedia TECHNOLOGIES, Inc.) -> C:\Program Files (x86)\AVerMedia\AVerMedia Live Gamer EXTREME\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\BzEditor] : (BzEditor 1.9.8.5.-.c.mos) -> C:\Program Files (x86)\BzEditor\uninst.exe ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FlacSquisher] : (FlacSquisher 1.3.1.-.FlacSquisher) -> C:\Program Files (x86)\FlacSquisher\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\LUDOCOLL] : (LudoColl.-.FdSoft) -> "C:\Program Files (x86)\LudoColl\WDUNINST.EXE" /REG="LUDOCOLL" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Youtube Downloader HD_is1] : (Youtube Downloader HD v. 2.9.9.58.-.YoutubeDownloaderHD.com) -> "C:\Program Files (x86)\Youtube Downloader HD\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{09730192-3DC9-44BB-1848-ECC4A6F26B41}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0D8B3BD4-3F89-A8AB-0000-808040C0A0E0}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0FDA3B78-A767-2B7C-3AAE-858FD682C349}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{121727D5-FDF3-4723-BA57-EB383440ED72}] : (OpenOffice 4.1.1.-.Apache Software Foundation) -> MsiExec.exe /I{121727D5-FDF3-4723-BA57-EB383440ED72} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{12E387A4-EFDD-F580-40C0-20601030C858}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{138F22A6-DA41-D5B6-91B3-8CA4766293B9}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1391C5AA-9760-A908-8CA4-F6E253F9755F}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{159B0732-95C0-5408-0C24-36A27359050F}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{164588C0-6917-5D8B-50F0-683854FCFAEE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{16C6DF05-F5C6-7C24-36A2-F3D9C54F7662}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{19BA7934-1586-5476-B113-1C547E7AB725}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{20A5B5D0-3E0A-4493-DC94-DE9AE7B50F2D}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{20D527D1-5A42-252C-C246-E9BB1848ECC4}] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{236BB7C4-4419-42FD-040C-1E257A25E34D}] : (Adobe Photoshop CS2.-.Adobe Systems, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F03217065FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218025F0}] : (Java 8 Update 25.-.Oracle Corporation) -> MsiExec.exe /I{26A24AE4-039D-4CA4-87B4-2F83218025F0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26B19044-718B-C52D-C349-EDC72A7E3DB7}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2A3FE0EA-A5D4-07F2-EBC1-A1E354FCFAEE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2EF8878B-6632-07FA-F7E5-D78547D53FBD}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3267F106-2250-7651-796B-A0E0D0702878}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{33260D03-700B-7769-1D57-0206091BA8F8}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{34505A5B-8E14-EAF9-755F-0E2A3FBD9BD1}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3473D492-6DD1-F7EF-E6B2-8BA1F1D33CB4}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3858E7A9-9478-9474-AE0A-0F2D43C9AD07}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3B896E99-6F43-7297-E2A6-796BA0E0D070}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{418E6089-7BED-1F41-E1A3-F4DC4ADECD67}] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{455EE66A-17E3-4E66-9D3C-D630723C3B00}] : (戦女神ZERO.-.Eushully) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{58E74187-63AE-7C66-99CB-B01098C8AC04}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5CC3A148-C34D-8250-7868-9CD43EBA1745}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6AE7C0D0-1757-06EA-5F1D-AB010103040C}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{70EE7B78-90BC-EEDD-4BE1-51F36C446632}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{72E4FE09-C04D-D601-0103-848C52F67153}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{738AE066-D40A-D671-A9FB-78689CD43EBA}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{739AC832-D6F1-4D04-861F-F7140E6E64B1}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{74F0DB9D-3656-48B8-143C-DA8ED57FBE3A}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{74F0DB9D-8FCC-57BF-9EDA-47D53FBD9BD1}] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{786C5747-0C40-4930-9AFE-113BCE553101}] : (Adobe Stock Photos 1.0.-.Adobe Systems) -> MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{792B2861-A8B8-1367-1A4E-F5DF4EEADF9D}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{81935798-5D0C-4892-832E-630E6CC07EAF}] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8EDBA74D-0686-4C99-BFDD-F894678E5101}] : (Adobe Common File Installer.-.Adobe System Incorporated) -> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{943B1807-B16E-4D80-A938-0A76DE4945EA}] : (戦女神ZERO Ver1.01 Update.-.Eushully) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824341201}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824341201} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}] : (Adobe Acrobat Reader DC - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AC0F074E4100} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-2530-0000-AC13084E6700}] : (Extended Asian Language font pack for Adobe Acrobat Reader DC.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-2530-0000-AC13084E6700} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B74D4E10-6884-0000-0000-000000000101}] : (Adobe Bridge 1.0.-.Adobe Systems) -> MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B97C48D7-CF72-4FD8-ADB4-DCE8F9F8569E}] : (Epic Games Launcher.-.Epic Games, Inc.) -> MsiExec.exe /X{B97C48D7-CF72-4FD8-ADB4-DCE8F9F8569E} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D4F8EA9E-80D3-46B3-A5D9-7D264D319297}] : (AVerMedia RECentral 4 Installer.-.AVerMedia TECHNOLOGIES, Inc.) -> MsiExec.exe /I{D4F8EA9E-80D3-46B3-A5D9-7D264D319297} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}] : (Etron USB3.0 Host Controller.-.Etron Technology) -> MsiExec.exe /I{DFBB738C-71D8-4DC5-B8D2-D65C37680E27} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E9787678-119F-4D52-B551-6739B2B22101}] : (Adobe Help Center 1.0.-.Adobe Systems) -> MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ECBC840A-04BF-4D5B-9E24-F25AEB7A4CFD}] : (.-.) -> ---------- | Ports ---------- | Installer [HKCR\Installer\Products\01E4D47B488600000000000000001010] : Adobe Bridge 1.0 [HKCR\Installer\Products\0EFF299C23CA9AF4CBA91F36B7E956D5] : Photo Gallery [HKCR\Installer\Products\1D763DBFF246FC747BB9B94EF83B0470] : SQL Server 2008 R2 SP2 Database Engine Services [HKCR\Installer\Products\4C7BB6329144DF2440C0E152A7523ED4] : Adobe Photoshop CS2 [HKCR\Installer\Products\4EA42A62D9304AC4784BF2381208520F] : Java 8 Update 25 [HKCR\Installer\Products\520A249C048A2FB4987848C9D04D5447] : SQL Server 2008 R2 SP2 Database Engine Shared [HKCR\Installer\Products\5D7271213FDF3274AB75BE834304DE27] : OpenOffice 4.1.1 -> C:\Windows\Installer\{121727D5-FDF3-4723-BA57-EB383440ED72}\soffice.ico [HKCR\Installer\Products\68AB67CA408033019195008142432110] : Adobe Refresh Manager -> C:\Windows\Installer\{AC76BA86-0804-1033-1959-001824341201}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA703520000CA3180E47600] : Extended Asian Language font pack for Adobe Acrobat Reader DC -> C:\Windows\Installer\{AC76BA86-7AD7-2530-0000-AC13084E6700}\ARPPRODUCTICON.exe1 [HKCR\Installer\Products\68AB67CA7DA76301B744CAF070E41400] : Adobe Acrobat Reader DC - Français -> C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico [HKCR\Installer\Products\7081B349E61B08D49A83A067ED9454AE] : 戦女神ZERO Ver1.01 Update [HKCR\Installer\Products\7475C68704C00394A9EF11B3EC551310] : Adobe Stock Photos 1.0 [HKCR\Installer\Products\7BD4C90EC03660F46A13E87A329932FA] : D3DX10 [HKCR\Installer\Products\7D84C79B27FC8DF4DA4BCD8E9F8F65E9] : Epic Games Launcher -> C:\Windows\Installer\{B97C48D7-CF72-4FD8-ADB4-DCE8F9F8569E}\Installer.ico [HKCR\Installer\Products\8767879EF91125D45B1576932B2B1210] : Adobe Help Center 1.0 [HKCR\Installer\Products\8B4937AF56ECE9F4CA993F27DA634542] : SQL Server 2008 R2 SP2 Database Engine Services [HKCR\Installer\Products\8CDD41E806AE81E43B3E917301D4B5AD] : MSVCRT110 [HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper [HKCR\Installer\Products\96530F83636A3FC4DBED30C2C8523140] : Movie Maker [HKCR\Installer\Products\A66EE5543E7166E4D9C36D0327C3B300] : 戦女神ZERO [HKCR\Installer\Products\A6C64DD86500CEF47BA082BB611A1FF1] : MSVCRT [HKCR\Installer\Products\A75F0AACC8AB8DA4AA303FB2E0F46532] : Photo Common [HKCR\Installer\Products\B4EB76DD26E75124FA3A1F328A003A98] : Movie Maker [HKCR\Installer\Products\C837BBFD8D175CD48B2D6DC57386E072] : Etron USB3.0 Host Controller -> C:\Windows\Installer\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C9A2212A996A5634DA8F86EFCA21D516] : SQL Server 2008 R2 SP2 Database Engine Shared [HKCR\Installer\Products\CF901968A5D80D646B91747D4E71D339] : ViGEm Bus Driver -> C:\Windows\Installer\{869109FC-8D5A-46D0-B619-47D7E4173D93}\ViGEm.exe [HKCR\Installer\Products\D0B6F432EA017BB42B3F4ED8841659D2] : SQL Server 2008 R2 SP2 Common Files [HKCR\Installer\Products\E66BAA708174D2242981A4BFC329A217] : Photo Gallery [HKCR\Installer\Products\E9AE8F4D3D083B645A9DD762D4132979] : AVerMedia RECentral 4 Installer [HKCR\Installer\Products\ED874C64183C00246972D00A525B55BE] : Intel(R) Chipset Device Software [HKCR\Installer\Products\EED07F63FBE17074FA2A0E53EEEAAB1A] : SQL Server 2008 R2 SP2 Common Files [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\F8385C66458B55A4986E6A3178744AFD] : Epic Games Launcher Prerequisites (x64) -> C:\Windows\Installer\{66C5838F-B854-4A55-89E6-A6138747A4DF}\UnrealEngineLauncher.ico [HKCR\Installer\Products\FC38113FF01E1ED4BB95C6F03FE884E1] : Sql Server Customer Experience Improvement Program -> C:\Windows\Installer\{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}\ARPIco [HKCR\Installer\Products\FCBD3A3604BF8934A95E49EE2660EC21] : sdrt(5.0, 64bit) -> C:\Windows\Installer\{63A3DBCF-FB40-4398-9AE5-94EE6206CE12}\ARPPRODUCTICON.exe ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Product: NativeDesktopMediaService -- Error 1309. Error reading from file: C:\Users\mimy\AppData\Roaming\Jetmedia\NativeDesktopMediaService 3.6.1\install\08C4704\desktop_media_service.exe. System error 5. Verify that the file exists and that you can access it. ------------ Product: NativeDesktopMediaService -- Error 1309. Error reading from file: C:\Users\mimy\AppData\Roaming\Jetmedia\NativeDesktopMediaService 3.6.1\install\08C4704\desktop_media_service.exe. System error 5. Verify that the file exists and that you can access it. ------------ Faulting application name: RECentral 4.exe, version: 4.2.0.30, time stamp: 0x5b0b6387 Faulting module name: avmvmr.ax, version: 1.2.9.3, time stamp: 0x5af9543a Exception code: 0xc0000005 Fault offset: 0x0000000000006ffe Faulting process id: 0x3dc Faulting application start time: 0x01d5770f96f3b6bb Faulting application path: C:\Program Files (x86)\AVerMedia\AVerMedia RECentral 4\RECentral 4.exe Faulting module path: C:\Program Files (x86)\AVerMedia\AVerMedia RECentral 4\filters\avmvmr.ax Report Id: dbca6050-e302-11e9-b85c-448a5b8a8463 ------------ Certificate Services Client failed to invoke the Providers in response to event 256. Error code 2147942432. ------------ Certificate Services Client failed to load Provider pautoenr.dll. Error code 32. ------------ Certificate Services Client failed to invoke the Providers in response to event 256. Error code 2147942432. ------------ Certificate Services Client failed to load Provider pautoenr.dll. Error code 32. ------------ Faulting application name: RECentral 4.exe, version: 4.2.0.30, time stamp: 0x5b0b6387 Faulting module name: avmvmr.ax, version: 1.2.9.3, time stamp: 0x5af9543a Exception code: 0xc0000005 Fault offset: 0x0000000000006ffe Faulting process id: 0x42c Faulting application start time: 0x01d54fc929f7cb96 Faulting application path: C:\Program Files (x86)\AVerMedia\AVerMedia RECentral 4\RECentral 4.exe Faulting module path: C:\Program Files (x86)\AVerMedia\AVerMedia RECentral 4\filters\avmvmr.ax Report Id: 6f03ddd2-bbbc-11e9-8656-448a5b8a8463 ------------ Faulting application name: RECentral 4.exe, version: 4.2.0.30, time stamp: 0x5b0b6387 Faulting module name: UVCDeviceGraph.dll, version: 4.2.0.30, time stamp: 0x5b0b6290 Exception code: 0xc0000005 Fault offset: 0x0000000000051b09 Faulting process id: 0x10ec Faulting application start time: 0x01d54cdf1df2cf82 Faulting application path: C:\Program Files (x86)\AVerMedia\AVerMedia RECentral 4\RECentral 4.exe Faulting module path: C:\Program Files (x86)\Common Files\AVerMedia\AVerMedia RECentral 4\dll\UVCDeviceGraph.dll Report Id: ab51bc18-b8d2-11e9-acdd-448a5b8a8463 ------------ Loading dependency C:\Program Files (x86)\AVerMedia\AVerMedia RECentral 4\AVerCaptureCardID.dll from the current directory was not allowed when attempted by C:\Program Files (x86)\AVerMedia\AVerMedia RECentral 4\RECentral 4.exe. No other DLL was found and the dependency resolution failed. For more information, see http://go.microsoft.com/fwlink/?LinkId=718136. ------------ Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddWin32ServiceFiles: Unable to back up image of service TACHYON RealTime Service since QueryServiceConfig API failed System Error: The system cannot find the file specified. . ------------ Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddWin32ServiceFiles: Unable to back up image of service TACHYON Anti-Virus Service since QueryServiceConfig API failed System Error: The system cannot find the file specified. . ------------ Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddWin32ServiceFiles: Unable to back up image of service TACHYON Apt Service since QueryServiceConfig API failed System Error: The system cannot find the file specified. . ------------ Application or service 'Apple Mobile Device Service' could not be restarted. ------------ Faulting application name: RECentral 4.exe, version: 4.2.0.30, time stamp: 0x5b0b6387 Faulting module name: avmvmr.ax, version: 1.2.9.3, time stamp: 0x5af9543a Exception code: 0xc0000005 Fault offset: 0x0000000000006ffe Faulting process id: 0x1740 Faulting application start time: 0x01d531eba14e29b5 Faulting application path: C:\Program Files (x86)\AVerMedia\AVerMedia RECentral 4\RECentral 4.exe Faulting module path: C:\Program Files (x86)\AVerMedia\AVerMedia RECentral 4\filters\avmvmr.ax Report Id: e6971ec6-9dde-11e9-b607-448a5b8a8463 ------------ Faulting application name: Bz64.exe, version: 1.9.8.5, time stamp: 0x56c71980 Faulting module name: Bz64.exe, version: 1.9.8.5, time stamp: 0x56c71980 Exception code: 0xc0000005 Fault offset: 0x000000000001d9a9 Faulting process id: 0x624 Faulting application start time: 0x01d530c64381968f Faulting application path: C:\Users\mimy\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\Bz64.exe Faulting module path: C:\Users\mimy\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\Bz64.exe Report Id: cd48f70e-9cb9-11e9-8554-448a5b8a8463 ------------ The program DiskImage13b.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 528 Start Time: 01d525b9b589c15c Termination Time: 419 Application Path: F:\consoles\PC-98\utility\DiskImage_13b\DiskImage13b.exe Report Id: 644862f6-91ae-11e9-a9b1-448a5b8a8463 ------------ Certificate Services Client failed to invoke the Providers in response to event 256. Error code 2147942432. ------------ Certificate Services Client failed to load Provider pautoenr.dll. Error code 32. ------------ ----------( EOF)---------- - 4093 | 15:47:26