--------------- QuickDiag | g3n-h@ckm@n | V5_14.10.19.2 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 17/10/2019 22:54:37 Updated 14/10/2019 | 16:45 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Amsterdam, Berlin, Berne, Rome, Stockholm, Vienne [Nadia Navarro Cruz (Administrator)] - [NADIA-PC] (S-1-5-21-922658149-1620859959-2037323602-1011) System: Microsoft Windows 10 Professionnel - - (10.0.18362) - BuildType: Multiprocessor Free - OSLanguage: 1036 (100c) -> (1903) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Professionnel|C:\WINDOWS|\Device\Harddisk0\Partition2 Boot : Normal boot PC: System Product Name - System manufacturer - IdNumber: System Serial Number - UUID: 1E000F80-008C-C300-12DE-E0CB4E34E831 Processor : X64 - 2809 Mhz - Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz BIOS Date: 11/23/09 17:18:32 Ver: 08.00.15 - en|US|iso8859-1 - American Megatrends Inc. - S/N: System Serial Number - 0501 - 112309 - 20091123 CoreTemp : ? Celsius ----------| Quick ---------- | SoundDevice VIA HD Audio - Status: OK - Manufacturer: VIA Technologies, Inc. - PNPDeviceID: HDAUDIO\FUNC_01&VEN_1106&DEV_4441&SUBSYS_104383D0&REV_1001\4&1798630E&0&0001 NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000 NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0071&SUBSYS_145836E1&REV_1001\5&21DA95D&0&0001 ---------- | Video NVIDIA GeForce GTX 970 - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_8e4f37220e99138f\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_8e4f37220e99138f\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_8e4f37220e99138f\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_8e4f37220e99138f\nvldumdx.dll - PNPDeviceID: PCI\VEN_10DE&DEV_13C2&SUBSYS_36E11458&REV_A1\4&113C73B2&0&0018 - AdapterCompatibility: NVIDIA - RAM: -1048576 Inegrated Video Chipset DeviceName: NVIDIA GeForce GTX 970 - DriverVersion: 24.21.13.9924 - SpecificationVersion: 1025 ---------- | Codecs C:\WINDOWS\system32\MSYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27648 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\MSVIDC32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 39424 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\MSADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34808 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\IMAADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 36920 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\MSG711.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 26056 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\MSRLE32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\IYUV_32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\FF_VFW.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 127488 - Manufacturer: - Status: OK C:\WINDOWS\system32\MSGSM32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42600 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\TSBYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\L3CODECA.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 92672 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK ---------- | CPU ---------- | Memory RAM = Total (MB) : 8379 | Free (MB) : 6516 Pagefile = Total (MB) : 16768 | Free (MB) : 14714 Virtual = Total (MB) : 4194 | Free (MB) : 3901 ---------- | SID Users Administrateur : [S-1-5-21-922658149-1620859959-2037323602-500] Black Dragon : [S-1-5-21-922658149-1620859959-2037323602-1019] DefaultAccount : [S-1-5-21-922658149-1620859959-2037323602-503] HomeGroupUser$ : [S-1-5-21-922658149-1620859959-2037323602-1005] Invité : [S-1-5-21-922658149-1620859959-2037323602-501] Nadia Navarro Cruz : [S-1-5-21-922658149-1620859959-2037323602-1011] WDAGUtilityAccount : [S-1-5-21-922658149-1620859959-2037323602-504] Administrateurs : [S-1-5-32-544] Administrateurs Hyper-V : [S-1-5-32-578] Duplicateurs : [S-1-5-32-552] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Opérateurs d'assistance de contrôle d'accès : [S-1-5-32-579] Opérateurs de chiffrement : [S-1-5-32-569] Opérateurs de configuration réseau : [S-1-5-32-556] Opérateurs de sauvegarde : [S-1-5-32-551] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs avec pouvoir : [S-1-5-32-547] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du Bureau à distance : [S-1-5-32-555] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] HomeUsers : [S-1-5-21-922658149-1620859959-2037323602-1003] WinRMRemoteWMIUsers__ : [S-1-5-21-922658149-1620859959-2037323602-1006] ---------- | Drives C:\ -> [Fixed] | [] | Total : 558.3 Go | Free : 479.88 Go -> NTFS [RAID] E:\ -> [Fixed] | [Stockage] | Total : 931.51 Go | Free : 809.51 Go -> NTFS [ATA] DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - SCSI - Fixed hard disk media - 3 Part. - PnPID : SCSI\DISK&VEN_INTEL&PROD_RAID_0_VOLUME\4&3F914BA&0&060200 DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - IDE - Fixed hard disk media - 1 Part. - PnPID : IDE\DISKWDC_WD1001FALS-00E3A0___________________05.01D05\8&2E8EEF2D&0&0.0.0 ---------- | Windows updates - Activation - License W.A.T : :) Test 1 : Windows Is Activated Volume License ---------- | Browsers IE : 11.0.18362.1 (© Microsoft Corporation. Tous droits réservés.) FF : 69.0.3.7221 (©Firefox and Mozilla Developers; available under the MPL 2 license.) Default : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "" ---------- | FlashPlayer FlashPlayer ActiveX : 32.0.0.255 FlashPlayer Plugin : 32.0.0.270 ---------- | Security AV : Windows Defender Enabled AS : Windows Defender Enabled AM : Malwarebytes' Anti-Malware ( 2.3.173.0) [Update : 11/09/2014 14:11:04] FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Manual(3)] = stopped AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 428 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.18362.329) = C:\Windows\System32\smss.exe [02/10/2019 17:21:15] 564 | [Owner : Système | Parent : 548() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.18362.1) = C:\Windows\System32\csrss.exe [19/03/2019 06:44:35] 652 | [Owner : Système | Parent : 548() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.18362.387) = C:\Windows\System32\wininit.exe [03/10/2019 18:43:41] 724 | [Owner : Système | Parent : 652(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.18362.387) = C:\Windows\System32\services.exe [03/10/2019 18:43:44] 764 | [Owner : Système | Parent : 652(wininit.exe) | 15.52 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.18362.1) = C:\Windows\System32\lsass.exe [19/03/2019 06:44:36] 964 | [Owner : Système | Parent : 724(services.exe) | 3.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 984 | [Owner : UMFD-0 | Parent : 652(wininit.exe) | 12.58 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.18362.356) = C:\Windows\System32\fontdrvhost.exe [02/10/2019 17:21:16] 1000 | [Owner : Système | Parent : 724(services.exe) | 26.98 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 524 | [Owner : SERVICE RÉSEAU | Parent : 724(services.exe) | 12.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 668 | [Owner : Système | Parent : 724(services.exe) | 8.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 1136 | [Owner : Système | Parent : 724(services.exe) | 7.93 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 1196 | [Owner : Système | Parent : 724(services.exe) | 12.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 1204 | [Owner : Système | Parent : 724(services.exe) | 10.68 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 1216 | [Owner : Système | Parent : 724(services.exe) | 15.68 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 1340 | [Owner : Système | Parent : 724(services.exe) | 6.13 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 1364 | [Owner : Système | Parent : 724(services.exe) | 9.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 1424 | [Owner : Système | Parent : 724(services.exe) | 7.58 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 1492 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 19.84 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 1500 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 5.93 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 1564 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 8.89 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 1656 | [Owner : Système | Parent : 724(services.exe) | 16.5 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.11.2431.7967) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [26/06/2017 21:01:25] 1668 | [Owner : Système | Parent : 724(services.exe) | 6.87 Mo] - (.-.) - (2.18.0.0) = C:\Windows\System32\nvwmi64.exe [13/11/2013 19:39:17] 1768 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 7.58 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 1780 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 1788 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 8.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 1796 | [Owner : Système | Parent : 724(services.exe) | 9.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 1804 | [Owner : Système | Parent : 724(services.exe) | 101.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 1832 | [Owner : Système | Parent : 724(services.exe) | 5.85 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 1968 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 7.63 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 2008 | [Owner : Système | Parent : 724(services.exe) | 8.41 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 1908 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 7.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 648 | [Owner : Système | Parent : 724(services.exe) | 8.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 2104 | [Owner : SERVICE RÉSEAU | Parent : 724(services.exe) | 12.89 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 2136 | [Owner : SERVICE RÉSEAU | Parent : 724(services.exe) | 8.03 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 2308 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 8.83 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 2624 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 14.06 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 2700 | [Owner : Système | Parent : 724(services.exe) | 5.56 Mo] - (.Logitech, Inc. - Logitech Bluetooth Service.) - (5.90.41.0) = C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [02/07/2015 22:21:26] 2708 | [Owner : Système | Parent : 724(services.exe) | 7.47 Mo] - (.Wacom Technology, Corp. - Tablet Service.) - (5.3.3.2) = C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [09/03/2014 18:33:45] 2744 | [Owner : Système | Parent : 724(services.exe) | 18.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 2820 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 6.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 2828 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 9.94 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 2868 | [Owner : Système | Parent : 724(services.exe) | 14.79 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 2948 | [Owner : SERVICE LOCAL | Parent : 2624(svchost.exe) | 13.7 Mo] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.18362.387) = C:\Windows\System32\audiodg.exe [03/10/2019 18:43:16] 2956 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 7.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 3052 | [Owner : Système | Parent : 724(services.exe) | 17.51 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.18362.387) = C:\Windows\System32\spoolsv.exe [03/10/2019 18:43:17] 2092 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 32.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 3060 | [Owner : SERVICE RÉSEAU | Parent : 724(services.exe) | 8.44 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 3472 | [Owner : Système | Parent : 724(services.exe) | 6.66 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 3480 | [Owner : Système | Parent : 724(services.exe) | 18.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 3488 | [Owner : Système | Parent : 724(services.exe) | 38.04 Mo] - (.- Service.) - (2.0.90.0) = C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [02/02/2011 15:08:16] 3500 | [Owner : Système | Parent : 724(services.exe) | 6.96 Mo] - (.Adobe Systems - Adobe Acrobat Update Service.) - (1.824.35.289) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [10/09/2019 23:16:22] 3568 | [Owner : Système | Parent : 724(services.exe) | 6.73 Mo] - (.Hewlett-Packard Company - LightScribe Service.) - (1.18.6.1) = C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [17/06/2009 12:21:20] 3588 | [Owner : Système | Parent : 724(services.exe) | 6.72 Mo] - (.Dropbox, Inc. - Dropbox Service.) - (1.0.24.0) = C:\Windows\System32\DbxSvc.exe [15/10/2019 20:05:00] 3596 | [Owner : Système | Parent : 724(services.exe) | 10 Mo] - (.pdfforge GmbH - PDF Architect Helper Service.) - (1.0.0.1) = C:\Program Files (x86)\PDF Architect\HelperService.exe [08/04/2013 18:44:12] 3604 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 25.33 Mo] - (.Microsoft Corporation - SMSvcHost.exe.) - (4.8.3752.0) = C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [19/03/2019 06:46:43] 3612 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 16.09 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 3620 | [Owner : Système | Parent : 724(services.exe) | 11.56 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 3628 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 7.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 3636 | [Owner : SERVICE RÉSEAU | Parent : 724(services.exe) | 11.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 3644 | [Owner : Système | Parent : 724(services.exe) | 7.26 Mo] - (.pdfforge GmbH - PDF Architect Conversion Service.) - (1.1.83.9982) = C:\Program Files (x86)\PDF Architect\ConversionService.exe [08/04/2013 18:43:36] 3664 | [Owner : Système | Parent : 724(services.exe) | 26.36 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 3676 | [Owner : Système | Parent : 724(services.exe) | 5.95 Mo] - (.- NVIDIA Performance Driver Service.) - (2.1.0.0) = C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [08/12/2009 08:14:26] 3700 | [Owner : Système | Parent : 724(services.exe) | 7.23 Mo] - (.- nTitles PSIService.) - (2.0.0.1) = C:\Windows\SysWOW64\PSIService.exe [05/06/2007 13:20:32] 3692 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 6.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 3800 | [Owner : Système | Parent : 724(services.exe) | 11.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 3816 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 9.25 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 3896 | [Owner : Système | Parent : 724(services.exe) | 5.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 3952 | [Owner : Système | Parent : 724(services.exe) | 5.93 Mo] - (.VIA Technologies, Inc. - Service binary.) - (0.1.0.0) = C:\Windows\System32\ViakaraokeSrv.exe [22/06/2015 02:49:50] 3960 | [Owner : Système | Parent : 724(services.exe) | 8.2 Mo] - (.Wacom Technology, Corp. - Tablet Service for consumer driver.) - (5.2.1.6) = C:\Windows\System32\Pen_Tablet.exe [28/10/2010 17:17:37] 4008 | [Owner : Système | Parent : 724(services.exe) | 9.11 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 4048 | [Owner : Système | Parent : 724(services.exe) | 17.91 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 4064 | [Owner : SERVICE RÉSEAU | Parent : 724(services.exe) | 13.62 Mo] - (.Microsoft Corporation - Message Queuing Service.) - (5.0.1.1) = C:\Windows\System32\mqsvc.exe [19/03/2019 06:58:06] 4092 | [Owner : Système | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.18.1909.6) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1909.6-0\MsMpEng.exe [03/10/2019 18:20:42] 4220 | [Owner : Système | Parent : 724(services.exe) | 13.26 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 4236 | [Owner : Système | Parent : 724(services.exe) | 14.4 Mo] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - (5.21.1478.500) = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [21/01/2015 06:21:00] 4400 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 5.52 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 4408 | [Owner : SERVICE LOCAL | Parent : 3472(svchost.exe) | 12.11 Mo] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.18362.1) = C:\Windows\System32\dasHost.exe [19/03/2019 06:44:18] 4664 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 10.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 4672 | [Owner : Système | Parent : 724(services.exe) | 12.53 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 5384 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 8.11 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 5564 | [Owner : SERVICE RÉSEAU | Parent : 724(services.exe) | 17.12 Mo] - (.Microsoft Corporation - SMSvcHost.exe.) - (4.8.3752.0) = C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [19/03/2019 06:46:43] 5836 | [Owner : Système | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 6068 | [Owner : Système | Parent : 724(services.exe) | 6.11 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 5476 | [Owner : Système | Parent : 724(services.exe) | 7.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 3812 | [Owner : SERVICE RÉSEAU | Parent : 724(services.exe) | 7.45 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 5596 | [Owner : Système | Parent : 724(services.exe) | 9.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 6648 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Service.) - (4.18.1909.6) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1909.6-0\NisSrv.exe [03/10/2019 18:20:42] 6812 | [Owner : Système | Parent : 6800() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.18362.1) = C:\Windows\System32\csrss.exe [19/03/2019 06:44:35] 6860 | [Owner : Système | Parent : 6800() | 9.72 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.18362.418) = C:\Windows\System32\winlogon.exe [08/10/2019 20:41:55] 6940 | [Owner : DWM-2 | Parent : 6860(winlogon.exe) | 55.02 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.18362.387) = C:\Windows\System32\dwm.exe [03/10/2019 18:43:37] 7000 | [Owner : UMFD-2 | Parent : 6860(winlogon.exe) | 14.61 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.18362.356) = C:\Windows\System32\fontdrvhost.exe [02/10/2019 17:21:16] 7116 | [Owner : Système | Parent : 1668(nvwmi64.exe) | 13.44 Mo] - (.-.) - (2.18.0.0) = C:\Windows\System32\nvwmi64.exe [13/11/2013 19:39:17] 2924 | [Owner : Système | Parent : 1656(NVDisplay.Container.exe) | 28.54 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.11.2431.7967) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [26/06/2017 21:01:25] 2616 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 5.53 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 844 | [Owner : Système | Parent : 724(services.exe) | 6.67 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 1540 | [Owner : Nadia Navarro Cruz | Parent : 724(services.exe) | 23.74 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 1608 | [Owner : Nadia Navarro Cruz | Parent : 1364(svchost.exe) | 26.1 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.18362.1) = C:\Windows\System32\sihost.exe [19/03/2019 06:44:12] 1692 | [Owner : Nadia Navarro Cruz | Parent : 724(services.exe) | 34.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 2076 | [Owner : Système | Parent : 724(services.exe) | 15.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 828 | [Owner : Nadia Navarro Cruz | Parent : 1216(svchost.exe) | 12.55 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.18362.387) = C:\Windows\System32\taskhostw.exe [03/10/2019 18:43:39] 4780 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 16.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 3760 | [Owner : Système | Parent : 724(services.exe) | 6.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 3840 | [Owner : Nadia Navarro Cruz | Parent : 3760(svchost.exe) | 13.9 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.18362.1) = C:\Windows\System32\ctfmon.exe [19/03/2019 06:44:33] 6356 | [Owner : Nadia Navarro Cruz | Parent : 2708(WTabletServiceCon.exe) | 12.27 Mo] - (.Wacom Technology, Corp. - Touch User Mode Driver.) - (5.3.3.2) = C:\Program Files\Tablet\Pen\Pen_TouchUser.exe [09/03/2014 18:33:45] 6076 | [Owner : Nadia Navarro Cruz | Parent : 6360() | 98.67 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.18362.387) = C:\Windows\explorer.exe [03/10/2019 18:43:19] 5680 | [Owner : Nadia Navarro Cruz | Parent : 724(services.exe) | 16.87 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 6272 | [Owner : Nadia Navarro Cruz | Parent : 1000(svchost.exe) | 6.87 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.18362.1) = C:\Windows\System32\dllhost.exe [19/03/2019 06:44:33] 7180 | [Owner : Système | Parent : 724(services.exe) | 7.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 7216 | [Owner : SERVICE LOCAL | Parent : 724(services.exe) | 7.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 7248 | [Owner : Nadia Navarro Cruz | Parent : 1000(svchost.exe) | 78.42 Mo] - (.-.) - (0.0.0.0) = C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe [02/10/2019 17:20:59] 7888 | [Owner : Nadia Navarro Cruz | Parent : 1000(svchost.exe) | 23.18 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.18362.1) = C:\Windows\System32\smartscreen.exe [19/03/2019 06:44:03] 7960 | [Owner : Nadia Navarro Cruz | Parent : 6076(explorer.exe) | 8.95 Mo] - (.Microsoft Corporation - Windows Security notification icon.) - (10.0.18362.1) = C:\Windows\System32\SecurityHealthSystray.exe [19/03/2019 06:44:23] 7056 | [Owner : Système | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.18.1901.16384) = C:\Windows\System32\SecurityHealthService.exe [02/10/2019 17:21:17] 7156 | [Owner : Nadia Navarro Cruz | Parent : 6076(explorer.exe) | 8.62 Mo] - (.NVIDIA Corporation - NVIDIA Backend.) - (20.16.6.0) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [25/01/2016 16:35:13] 4164 | [Owner : Nadia Navarro Cruz | Parent : 6076(explorer.exe) | 52.07 Mo] - (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) - (6.67.83.0) = C:\Program Files\Logitech\SetPointP\SetPoint.exe [26/08/2015 03:21:56] 7200 | [Owner : Nadia Navarro Cruz | Parent : 6076(explorer.exe) | 6.28 Mo] - (.Logitech, Inc. - Logitech Blutooth Wizard Host Process.) - (5.80.4.0) = C:\Program Files\Logitech\SetPointP\LBTWiz.exe [26/08/2015 03:19:26] 5700 | [Owner : Système | Parent : 724(services.exe) | 21.47 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 7744 | [Owner : Nadia Navarro Cruz | Parent : 4164(SetPoint.exe) | 13.87 Mo] - (.Logitech, Inc. - Logitech KHAL Main Process.) - (5.90.41.0) = C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe [02/07/2015 22:28:44] 2732 | [Owner : Nadia Navarro Cruz | Parent : 7700() | 7.51 Mo] - (.NEC Electronics Corporation - USB 3.0 Monitor.) - (1.0.15.0) = C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [21/10/2009 13:12:50] 5572 | [Owner : Nadia Navarro Cruz | Parent : 7700() | 6.96 Mo] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) - (10.1.16.13) = C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe [24/09/2015 17:40:42] 1228 | [Owner : Nadia Navarro Cruz | Parent : 1000(svchost.exe) | 60.47 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.18362.387) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [03/10/2019 18:43:38] 1872 | [Owner : Système | Parent : 724(services.exe) | 15.89 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 7372 | [Owner : Nadia Navarro Cruz | Parent : 6076(explorer.exe) | 62.52 Mo] - (.SosVirus - QuickDiag.) - (14.10.19.2) = C:\Users\nadia_booasp5\Desktop\QuickDiag.exe [17/10/2019 22:30:42] 7400 | [Owner : Système | Parent : 724(services.exe) | 5.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe [19/03/2019 06:44:33] 7128 | [Owner : Système | Parent : 724(services.exe) | 22.4 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.18362.329) = C:\Windows\System32\SearchIndexer.exe [02/10/2019 17:20:50] 1816 | [Owner : Système | Parent : 7128(SearchIndexer.exe) | 12.97 Mo] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.18362.329) = C:\Windows\System32\SearchProtocolHost.exe [02/10/2019 17:20:50] 848 | [Owner : Système | Parent : 7128(SearchIndexer.exe) | 6.51 Mo] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.18362.329) = C:\Windows\System32\SearchFilterHost.exe [02/10/2019 17:20:50] 516 | [Owner : SERVICE RÉSEAU | Parent : 1000(svchost.exe) | 11.58 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.18362.1) = C:\Windows\System32\wbem\WmiPrvSE.exe [19/03/2019 06:44:00] 5508 | [Owner : Système | Parent : 1000(svchost.exe) | 8.75 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.18362.1) = C:\Windows\System32\wbem\WmiPrvSE.exe [19/03/2019 06:44:00] 7424 | [Owner : SERVICE RÉSEAU | Parent : 1000(svchost.exe) | 10.41 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.18362.1) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [19/03/2019 06:45:12] 7284 | [Owner : SERVICE RÉSEAU | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (10.0.18362.418) = C:\Windows\System32\sppsvc.exe [08/10/2019 20:41:52] ---------- | Locked Applications ---------- | Policy Restrictions ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\WINDOWS\System32\UMPDC.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\VirtualMonitorManager.dll (.Dropbox, Inc..-.Dropbox Shell Extension.) - (1.0.27.0) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll (.NVIDIA Corporation.-.NVIDIA Driver Loader, Version 399.24.) - (24.21.13.9924) -- C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_8e4f37220e99138f\nvldumdx.dll (.NVIDIA Corporation.-.NVIDIA D3D10 Driver, Version 399.24.) - (24.21.13.9924) -- C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_8e4f37220e99138f\nvwgf2umx_cfg.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellExperiences\TileControl.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellComponents\TaskFlowUI.dll ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\WINDOWS\System32\UMPDC.dll ---------- | svchost.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\WINDOWS\System32\UMPDC.dll (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.25.3.0) -- c:\windows\system32\winsqlite3.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU CCleaner Smart Cleaning - ("C:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\...\Run]) - User: Nadia-PC\Nadia Navarro Cruz CodeMeter Control Center - (C:\PROGRA~2\CODEME~1\Runtime\bin\CODEME~2.EXE [Common Startup]) - User: Public Serveur réseau - (C:\PROGRA~2\WIBUKEY\Server\WkSvMgr.exe [Common Startup]) - User: Public SecurityHealth - (%windir%\system32\SecurityHealthSystray.exe [HKLM\SOFTWARE\...\Run]) - User: Public Kernel and Hardware Abstraction Layer - (KHALMNPR.EXE [HKLM\SOFTWARE\...\Run]) - User: Public NvBackend - ("C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [HKLM\SOFTWARE\...\Run]) - User: Public AdobeAAMUpdater-1.0 - ("C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [HKLM\SOFTWARE\...\Run]) - User: Public EvtMgr6 - (C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming [HKLM\SOFTWARE\...\Run]) - User: Public Logitech Download Assistant - (C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [HKLM\SOFTWARE\...\Run]) - User: Public Bluetooth Connection Assistant - (LBTWIZ.EXE -silent [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Smart Cleaning"="C:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "CCleaner Monitoring"=0x030000002B1E929C058ED201 "OneDrive"=0x020000000000000000000000 [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=PDFCreator,winspool,Ne00: "IsMRUEstablished"=0 "LegacyDefaultPrinterMode"=0 [HKLM\Software\Microsoft\Command Processor] "DefaultColor"=0 "EnableExtensions"=1 "CompletionChar"=64 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=%windir%\system32\SecurityHealthSystray.exe "Kernel and Hardware Abstraction Layer"=KHALMNPR.EXE "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming "Logitech Download Assistant"=C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch "Bluetooth Connection Assistant"=LBTWIZ.EXE -silent [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "SecurityHealth"=0x040000000000000000000000 "Logitech Download Assistant"=0x060000000000000000000000 "Bluetooth Connection Assistant"=0x060000000000000000000000 "AdobeAAMUpdater-1.0"=0x020000000000000000000000 "Kernel and Hardware Abstraction Layer"=0x020000000000000000000000 "EvtMgr6"=0x020000000000000000000000 "NvBackend"=0x020000000000000000000000 "ShadowPlay"=0x020000000000000000000000 "WindowsDefender"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "StereoLinksInstall"=0x040000000000000000000000 "Acrobat Assistant 8.0"=0x03000000AF227A5A73D7D101 "Adobe Acrobat Speed Launcher"=0x020000000000000000000000 "AdobeCS6ServiceManager"=0x020000000000000000000000 "APSDaemon"=0x020000000000000000000000 "SunJavaUpdateSched"=0x020000000000000000000000 "NBAgent"=0x03000000590EC91CD5D5D101 "QuickTime Task"=0x020000000000000000000000 "SwitchBoard"=0x020000000000000000000000 "NUSB3MON"=0x020000000000000000000000 "Dropbox"=0x03000000015FAD4E73D7D101 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D57A09AF121096 [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "NBAgent"="C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart "NUSB3MON"="C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19/02/2010 14:37:14] "AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin "Adobe Acrobat Speed Launcher"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" "Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" "Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List Adobe Acrobat Update Task Adobe Flash Player NPAPI Notifier Adobe Flash Player Updater CCleaner Update CCleanerSkipUAC CreateChoiceProcessTask DropboxUpdateTaskMachineCore DropboxUpdateTaskMachineUA GoogleUpdateTaskMachineCore GoogleUpdateTaskMachineCore1d0e306f3ea8eea GoogleUpdateTaskMachineUA GoogleUpdateTaskMachineUA1d0e306f45f3257 Microsoft_Hardware_Launch_ipoint_exe Microsoft_Hardware_Launch_itype_exe Microsoft_Hardware_Launch_mousekeyboardcenter_exe Microsoft_Hardware_Launch_rundll32_exe OneDrive Standalone Update Task OneDrive Standalone Update Task-S-1-5-21-922658149-1620859959-2037323602-1011 OneDrive Standalone Update Task-S-1-5-21-922658149-1620859959-2037323602-1019 SidebarExecute User_Feed_Synchronization-{1780C022-55FE-4AC1-91F0-36392F0AF14F} {0EFF2961-ECCE-49E4-9905-58D7F3F09623} {3BC41033-8124-4D38-8FF0-694AC44C40E9} {64C7CD91-A4CB-41B4-92F3-143DDEEFB25D} {96A05229-4448-437B-8317-801E7730B23C} {9D02678D-58AC-4738-AE98-5A9D4FD34FA1} {B4612826-19BF-4393-960B-0C2CB3C00DA7} {C5252DE0-848F-4D55-B468-AA825D0040DD} {D607F1AE-40E3-4FC5-95BB-B2F4E7F28314} {DE68EF1D-389E-4FEA-842A-CEC78F9A79DD} {EDCD78D6-EC45-4016-BDD9-36B3C5ABFBEE} {FA18A97A-F112-4AC8-ABAE-2F57614B39F6} {FC77EA13-951F-4C85-AF22-1590EF4D3E1C} ---------- | Startings up registry ¦ Folder [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeBridge] : [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5.5ServiceManager] : "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BambooCore] : C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [16/10/2012 11:39:00] [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Bluetooth Connection Assistant] : LBTWIZ.EXE -silent [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] : "C:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] : "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] : "C:\Program Files (x86)\uTorrent\uTorrent.exe" ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=DeviceInstall UsoSvc gpsvc trustedinstaller "SvcHostSplitThresholdInKB"=3670016 "WaitToKillServiceTimeout"=2000 "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) "LastBootSucceeded"=1 "LastBootShutdown"=0 "DirtyShutdownCount"=13 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=scecli "Authentication Packages"=msv1_0 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "LsaCfgFlagsDefault"=0 "LsaPid"=764 "ProductType"=6 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 "SecureBoot"=1 "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u livessp [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "GlobalFlag2"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "AutoChkSkipSystemPartition"=0 "ResourceTimeoutCount"=648000 [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "RailShowallNotifyIcons"=1 "RDPVGCInstalled"=1 "InstanceID"=82409c67-f300-4bc9-9c6c-c13bd41 "GlassSessionId"=2 ---------- | .LNK with Arguments ---------- | AppCertDlls ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretTimeout"=5000 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "ScreenSaveActive"=1 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "WallPaper"=C:\Users\nadia_booasp5\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg [02/10/2016 21:03:05] "Win8DpiScaling"=0 "DpiScalingVer"=4096 "UserPreferencesMask"=0x9E1E078012000000 "MaxVirtualDesktopDimension"=1920 "MaxMonitorDimension"=1920 "TranscodedImageCount"=1 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC301002B73030080070000B0040000F4CCFD9ADF1CD20143003A005C00550073006500720073005C006E0061006400690061005F0062006F006F0061007300700035005C0041007000700044006100740061005C004C006F00630061006C005C004D006900630072006F0073006F00660074005C00570069006E0064006F00770073005C005400680065006D00650073005C0052006F0061006D00650064005400680065006D006500460069006C00650073005C004400650073006B0074006F0070004200610063006B00670072006F0075006E0064005C0069006D00670030002E006A00700067000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "PreferredUILanguages"=fr-FR "AutoColorization"=0 "ImageColor"=2940843252 "WaitToKillAppTimeout"=2000 "HungAppTimeout"=2000 [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveTypeAutoRun"=0 [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Microsoft\Windows\CurrentVersion\Explorer] "ShellState"=0x240000003928000000000000000000000000000001000000130000000000000063000000 "ExplorerStartupTraceRecorded"=1 "UserSignedIn"=1 "SlowContextMenuEntries"=0x6024B221EA3A6910A2DC08002B30309DA6010000BD0E0C47735D584D9CEDE91E22E232823A06000016EC7DE90DA5BB49AE24CF682282E08D33020000AB2C5BD29A8A1745A9B2CB5F68A5A8028701000060B81DB4E464D2119906E49FADC173CA55040000 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "TelemetrySalt"=1 "GlobalAssocChangedCounter"=26 "FirstRunTelemetryComplete"=1 "AppReadinessLogonComplete"=1 "EdgeDesktopShortcutCreated"=1 "PostAppInstallTasksCompleted"=1 [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=1 "ShowCompColor"=1 "HideFileExt"=1 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "SeparateProcess"=1 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "TaskbarSizeMove"=0 "DisablePreviewDesktop"=0 "TaskbarGlomLevel"=0 "StoreAppsOnTaskbar"=1 "StartMenuInit"=13 "TaskbarStateLastRun"=0x6AA4A15D00000000 "ReindexedProfile"=1 "AlwaysShowMenus"=1 "ShowTaskViewButton"=1 [HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "EnableLinkedConnections"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "AccessDeniedDialog"={100B4FC8-74C1-470F-B1B7-DD7B6BAE79BD} "SmartScreenEnabled"=RequireAdmin [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "EnableLinkedConnections"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "AccessDeniedDialog"={100B4FC8-74C1-470F-B1B7-DD7B6BAE79BD} "GlobalAssocChangedCounter"=2 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=18362 "FirstLogon"=0 "PUUActive"=0xCC727E61010008000A000500F20B0000250C0000250C0000D200000007001600BB053A01AB10000031100000F104000094040000640000000000000000000000960F0000540100001200000000000000A140FFEC2C85D501F20B00000000000001000000F20B0000BA4700009A00000003362E0000000000 "DP"=0xD200E800060008000D000000CC727E612DB31A0000000000A140FFEC2C85D501B71F08DA2885D501000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000F03F80510100C0A200800B0100100B0900107017008000291C00002F1C08AF0A0080240826462E88AE4ED30D01C01030050C11B10D0D00EA00801562252415E225245D7A008019809100199091207EAF0000210C6019218C60198D0D01804042280140433D4166EE0080B2207604F224760709520000C8A1E100C8F1E900812901802604F20026B5F201 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "scremoveoption"=0 "LastLogOffEndTimePerfCounter"=502861360 "ShutdownFlags"=2147483815 "Userinit"=C:\Windows\system32\userinit.exe, "ShutdownWithoutLogon"=0 "DisableCad"=1 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-21-922658149-1620859959-2037323602-1011 "LastUsedUsername"=Nadia Navarro Cruz [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [19/03/2019 14:02:17] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [19/03/2019 14:02:17] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Program Files\Common Files\Logishrd\CDDRV3\LDConfig.exe"=0x5341435001000000000000000700000028000000C8870100DF75020001000000000000000000000A73220000631F6E6F0EDED4010000000000000000020000002800000000000000400000000000000000000000000000000000000003020000000000005100000051000000 "C:\Program Files\Common Files\Logishrd\sp6\LU2\LULnchr.exe"=0x534143500100000000000000070000002800000018590500F752060001000000000000000000020671220000631F6E6F0EDED4010000008000000000020000002800000000000000400000000000000000000000000000000000000084F71600000000005700000057000000 "C:\Users\nadia_booasp5\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C8BA020001D3020001000000000000000000000A0021000033504C2B57DFD1010000000100000000 "C:\Program Files\Logitech\SetPointP\LogiAppBroker.exe"=0x534143500100000000000000070000002800000078DC0500A2D1060001000000000000000000000A73220000D5B3B31A57DFD1010000000000000000050000001000000000000000000000000000000040000000020000002800000000000000400000400000000000000000000000000000000055242000000000000100000001000000 "C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\setup.exe"=0x53414350010000000000000007000000280000003872060076E6060001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000008000004000000000000000000000000000000000B3D10100000000000100000001000000 "SIGN.MEDIA=1DE316F4 install.exe"=0x534143500100000000000000070000002800000000000900000000000100000000000000000001057120000033504C2B57DFD101000000000000000005000000100000000000000000000000000201058008000002000000280000000002010580080060001020000000000000002000000000005A4C6402000000000200000002000000 "C:\Users\nadia\AppData\Local\Temp\jre-8u111-windows-au.exe"=0x534143500100000000000000070000002800000040420B0047080C0001000000000000000000000A7122000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000007E50200000000000100000001000000 "C:\Users\nadia_booasp5\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C0AC02007050030001000000000000000000000A0021000033504C2B57DFD1010000000100000000 "C:\Users\nadia\AppData\Local\Temp\jre-8u121-windows-au.exe"=0x5341435001000000000000000700000028000000404A0B009A2E0C0001000000000000000000000A7122000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000E96C0200000000000100000001000000 "C:\Users\nadia_booasp5\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000D87E030025C1030001000000000000000000000A0021000033504C2B57DFD1010000000100000000 "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe"=0x534143500100000000000000070000002800000090BF050000A506000100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000B73A0000000000000100000001000000 "C:\Users\nadia_booasp5\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000D88003007F30040001000000000000000000000A0021000033504C2B57DFD1010000000100000000 "C:\Users\nadia\AppData\Local\Temp\jre-8u131-windows-au.exe"=0x5341435001000000000000000700000028000000404A0B00316E0B0001000000000000000000000A7122000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000A2630200000000000100000001000000 "C:\Users\nadia_booasp5\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000D88203009CF3030001000000000000000000000A0021000033504C2B57DFD1010000000100000000 "C:\Users\nadia_booasp5\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000D09A0300AA58040001000000000000000000000A7120000033504C2B57DFD1010000000100000000 "C:\Windows\System32\UNPUXWorker.exe"=0x534143500100000000000000070000002800000060570100B8B0010001000000000000000000000A73220000D5B3B31A57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000003E000000000000000200000002000000 "C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE"=0x5341435001000000000000000700000028000000E0721801EEAF180101000000000000000000000A71220000E63F486B2AA0D2010000000100000000 "C:\Users\nadia_booasp5\AppData\Local\Microsoft\OneDrive\17.3.6917.0607_1\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000D09A0300AA58040001000000000000000000000A71200000E63F486B2AA0D2010000000100000000 "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"=0x5341435001000000000000000700000028000000F0A52100B6F1210001000000000000000000010600010000E63F486B2AA0D201000000000000000002000000280000000000000000000010000000000000000000000000000000001AA00300000000000400000004000000 "C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE"=0x5341435001000000000000000700000028000000D86406002358070001000000000000000000000A71220000E63F486B2AA0D2010000000100000000 "C:\Users\nadia\AppData\Local\Temp\jre-8u141-windows-au.exe"=0x5341435001000000000000000700000028000000404A0B0046ED0B0001000000000000000000000A71220000E63F486B2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000FB350200000000000100000001000000 "C:\Users\nadia\AppData\Local\Temp\jre-8u151-windows-au.exe"=0x534143500100000000000000070000002800000040541C005DC41C0001000000000000000000000A71220000E63F486B2AA0D201000000000000000002000000280000000000000000000040000000000000000000000000000000000FD30000000000000100000001000000 "C:\Users\nadia\AppData\Local\Temp\jre-8u161-windows-au.exe"=0x534143500100000000000000070000002800000040721C001B701D0001000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000005A210500000000000100000001000000 "C:\Users\nadia\AppData\Local\Temp\jre-8u171-windows-au.exe"=0x5341435001000000000000000700000028000000C8C11C00A8A21D0001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000FEE90100000000000100000001000000 "C:\Users\nadia\AppData\Local\Temp\jre-8u181-windows-au.exe"=0x534143500100000000000000070000002800000078151D00112B1D0001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000C85A0200000000000100000001000000 "C:\Users\nadia\AppData\Local\Temp\jre-8u191-windows-au.exe"=0x534143500100000000000000070000002800000078E11C006A471D0001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000F5490100000000000100000001000000 "C:\Users\nadia\AppData\Local\Temp\jre-8u201-windows-au.exe"=0x534143500100000000000000070000002800000060211E0080801E0001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000400000000000000000000000000000000056820200000000000100000001000000 "SIGN.MEDIA=B9E18 install.EXE"=0x534143500100000000000000070000002800000000440B000000000001000000000000000000010571200000BFA2139DEDD1D3010000000000000000020000002800000000000000000800500000000000000000000000000000000019C70000000000000100000001000000 "C:\Program Files\InterActual\InterActual Player\inuninst.exe"=0x5341435001000000000000000700000028000000000602000000000001000000000000000000010571200000BFA2139DEDD1D3010000000000000000020000002800000000000000000800400000000000000000000000000000000022240000000000000100000001000000 "C:\Users\nadia\AppData\Local\Temp\jre-8u221-windows-au.exe"=0x5341435001000000000000000700000028000000D8971F006538200001000000000000000000000A71220000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000001C880000000000000100000001000000 "C:\Users\nadia\Downloads\ccsetup558_rtb.exe"=0x534143500100000000000000070000002800000070B334019640350101000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000FD580000000000000100000001000000 "C:\Users\nadia\Downloads\ccsetup561.exe"=0x5341435001000000000000000700000028000000B8BD3E0153F33E0101000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000400000000000000000000000000000000054BF0100000000000100000001000000 "C:\Program Files (x86)\CCleaner\CCleaner64.exe"=0x5341435001000000000000000700000028000000209A5A0143F55A0101000000000000000000000A00210000631F6E6F0EDED4010000000000000000020000002800000000000000000000400000000000000000000000000000000023100200000000000100000001000000 "C:\Users\nadia_booasp5\AppData\Local\Microsoft\OneDrive\19.002.0107.0005\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000308104009156050001000000000000000000000A00210000631F6E6F0EDED4010000000100000000 "C:\Users\nadia_booasp5\Downloads\ccsetup562.exe"=0x534143500100000000000000070000002800000010368401CE54840101000000000000000000000A00210000631F6E6F0EDED401000000000000000002000000280000000000000000000040000000000000000000000000000000003F230500000000000100000001000000 "C:\Users\nadia_booasp5\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000583F1702FAF0170201000000000000000000000A00210000631F6E6F0EDED4010000000100000000 "C:\Users\nadia_booasp5\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000809C05005ADD050001000000000000000000000A00210000631F6E6F0EDED4010000000100000000 "C:\Program Files\Logitech\SetPointP\SetPoint.exe"=0x534143500100000000000000070000002800000078822F008015300001000000000000000000000A00210000631F6E6F0EDED401000000000000000002000000280000000000000040000020000000000000000000000000000000002E000000000000000100000001000000 "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"=0x5341435001000000000000000700000028000000E0759700E487970001000000000000000000000A71220000631F6E6F0EDED401000000000000000002000000280000000000000000000040000000000000000000000000000000004A0C0200000000000100000001000000 "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"=0x534143500100000000000000070000002800000020CA0800DD1C090001000000000000000000000A00210000631F6E6F0EDED4010000000100000000 "C:\Users\nadia\Downloads\ccsetup563.exe"=0x5341435001000000000000000700000028000000800B770117F4770101000000000000000000000A00210000631F6E6F0EDED4010000000000000000 "C:\Program Files (x86)\CodeMeter\Runtime\bin\cmu32.exe"=0x534143500100000000000000070000002800000078670E00EEDC0E0001000000000000000000030600010000631F6E6F0EDED401000000000000000002000000280000000000000000000040000000000000000000000000000000004C370000000000000500000005000000 "C:\Users\nadia_booasp5\Desktop\QuickDiag.exe"=0x5341435001000000000000000700000028000000980F4F00932E4F0001000000000000000000000A00210000631F6E6F0EDED4010000000000000000 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=132145063575381677 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "DisableAntiSpyware"=0 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "ProductType"=2 "ManagedDefenderProductType"=0 "ProductStatus"=0 "InstallTime"=0xB8F5AF52CCD5D101 "OOBEInstallTime"=0x664470703C79D501 "InstallLocation"=C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\ "DisableAntiVirus"=0 "LastEnabledTime"=0x0C2D1C972471D301 "BackupLocation"=C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 "DefaultInboundAction"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 "DefaultInboundAction"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 "DefaultInboundAction"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinQuic] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) ---------- | Hosts ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [2a00:1450:400a:803::200e] avec 32 octets de donn?es?: R?ponse de 2a00:1450:400a:803::200e?: temps=6 ms R?ponse de 2a00:1450:400a:803::200e?: temps=5 ms R?ponse de 2a00:1450:400a:803::200e?: temps=6 ms R?ponse de 2a00:1450:400a:803::200e?: temps=5 ms Statistiques Ping pour 2a00:1450:400a:803::200e: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 5ms, Maximum = 6ms, Moyenne = 5ms ---------- | @ [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=%11%\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "ImageStoreRandomFolder"=cokplcj [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "CertificateRevocation"=1 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "ZonesSecurityUpgrade"=0xBD866504F676D501 "WarnonZoneCrossing"=0 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "LockDatabase"=132147339542609506 [HKLM\Software\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Check_Associations"=yes [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings] "CallLegacyWCMPolicies"=0 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\CurrentVersion\Internet Settings] "CallLegacyWCMPolicies"=0 ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn] : c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll ---------- | Execution FileExts ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt01] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [26/04/2019 20:21:46] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt02] - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [26/04/2019 20:21:46] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt03] - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [26/04/2019 20:21:46] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt04] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [26/04/2019 20:21:46] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt05] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [26/04/2019 20:21:46] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt06] - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [26/04/2019 20:21:46] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt07] - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [26/04/2019 20:21:46] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt08] - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [26/04/2019 20:21:46] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt09] - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [26/04/2019 20:21:46] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt10] - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [26/04/2019 20:21:46] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [19/03/2019 06:44:47] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ID de superposition d'icônes des signatures numériques AutoCAD] - {36A21736-36C2-4C11-8ACB-D4136F2B57BD} -- C:\Windows\system32\AcSignIcon.dll [04/02/2011 05:42:59] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Identificateur de superposition d'icônes dans les signatures numériques AutoCAD] - {36A21736-36C2-4C11-8ACB-D4136F2B57BD} -- C:\Windows\system32\AcSignIcon.dll [04/02/2011 05:42:59] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81} -- %SystemRoot%\System32\cscui.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt01] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 20:21:46] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt02] - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 20:21:46] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt03] - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 20:21:46] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt04] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 20:21:46] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt05] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 20:21:46] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt06] - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 20:21:46] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt07] - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 20:21:46] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt08] - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 20:21:46] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt09] - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 20:21:46] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt10] - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 20:21:46] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 20:21:46] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 20:21:46] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll [26/04/2019 20:21:46] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{25A3A431-30BB-47C8-AD6A-E1063801134F}"=0x00 "{47833539-D0C5-4125-9FA8-0819E2EAAC93}"=0x00 [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{0000036B-C524-4050-81A0-243669A86B9F}] : () - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}] : (@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}] : () - [] ---------- | SearchScopes [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}] -> (Logitech SetPoint) : C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [26/08/2015 03:16:26] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F586CB96-7091-42ec-9829-F5D5CE65AFC1}] -> (DIALux Browser Helper Object) : C:\Program Files (x86)\DIALux\Dialux.BHO_x86.dll [10/12/2013 14:30:10] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}] -> (PDF Architect Helper) : C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [08/04/2013 18:46:08] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] -> (Windows Live Messenger Companion Helper) : C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [08/03/2012 18:14:38] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] -> (Adobe PDF Conversion Toolbar Helper) : C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [24/09/2015 17:42:02] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}] -> (Logitech SetPoint) : C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [26/08/2015 03:16:26] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] -> (SmartSelect Class) : C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [24/09/2015 17:42:02] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F586CB96-7091-42ec-9829-F5D5CE65AFC1}] -> (DIALux Browser Helper Object) : C:\Program Files (x86)\DIALux\Dialux.BHO_x86.dll [10/12/2013 14:30:10] ---------- | Chrome ---------- | Opera ---------- | Firefox [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "{F003DA68-8256-4b37-A6C4-350FA04494DF}"=C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt "FFPDFArchitectConverter@pdfarchitect.com"=C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt "web2pdfextension@web2pdf.adobedotcom"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 32.0.0.270 Plugin) : C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_270.dll [HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2] - (Java™ Deployment Toolkit) : C:\Windows\system32\npDeployJava1.dll [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3] - (WebTablet Plugin API) : C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect] - () : C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 32.0.0.270 Plugin) : C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_270.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@graphisoft.com/GDL Web Plug-in] - () : C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVision] - (NVIDIA stereo images plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] - (NVIDIA 3D Vision Streaming plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3] - (WebTablet Plugin API) : C:\Program Files (x86)\TabletPlugins\npwacom.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3] - (WebTablet Plugin API) : C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Acrobat] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{0670e6e9-2303-4290-bdf1-471927c8f2cf}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{0670e6e9-2303-4290-bdf1-471927c8f2cf}] "DhcpNameServer"=192.168.1.1 ---------- | Applications [HKLM\SOFTWARE\Classes\Applications\Acrobat.exe] : "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\Illustrator.exe] : "C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\Migros Photo Service.exe] : "C:\Program Files\Migros\Migros Photo Service\Migros Photo Service.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\ois.exe] : C:\Program Files (x86)\Microsoft Office\Office12\OIS.EXE /shellOpen "%1" [HKLM\SOFTWARE\Classes\Applications\Photoshop.exe] : "C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\WinRAR.exe] : "C:\Program Files\WinRAR\WinRAR.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Acrobat.exe] : "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Illustrator.exe] : "C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Migros Photo Service.exe] : "C:\Program Files\Migros\Migros Photo Service\Migros Photo Service.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ois.exe] : C:\Program Files (x86)\Microsoft Office\Office12\OIS.EXE /shellOpen "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Photoshop.exe] : "C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WinRAR.exe] : "C:\Program Files\WinRAR\WinRAR.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DcomLaunch SystemEventsBroker DeviceInstall "rdxgroup"=RetailDemo "Camera"=FrameS "LocalServiceNoNetworkFirewall"=BFE mpssvc "diagnostics"=DiagSvc "AarSvcGroup"=AarSvc "PrintWorkflow"=PrintWorkflowUserSvc "wusvcs"=WaaSMedicSvc "BcastDVRUserService"=BcastDVRUserService "GraphicsPerfSvcGroup"=GraphicsPerfSvc "autoTimeSvc"=autoTimeSvc "ClipboardSvcGroup"=cbdhsvc "BthAppGroup"=BluetoothUserService "smbsvcs"=lanmanserver browser "DevicesFlow"=DeviceAssociationBrokerSvc DevicesFlowUserSvc DevicePickerUserSvc ConsentUxUserSvc "PeerDist"=PeerDistSvc "AssignedAccessManagerSvc"=AssignedAccessManagerSvc "iissvcs"=w3svc was [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=DcomLaunch DeviceInstall "PrintWorkflow"=PrintWorkflowUserSvc "DevicesFlow"=DeviceAssociationBrokerSvc "smbsvcs"=lanmanserver "iissvcs"=w3svc was ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Adobe] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\AppDataLow] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Apple Inc.] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Autodesk] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\AvastAdSDK] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Chromium] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Clients] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\DropboxUpdate] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\g3n-h@ckm@n] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Google] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Graphisoft] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\IADirectShow] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\InterActual Technologies] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\JavaSoft] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\LogiShrd] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Logitech] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Microsoft] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Mozilla] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\NEC Electronics] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Netscape] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\NVIDIA Corporation] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\ODBC] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\PDF Architect] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Piriform] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Policies] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\RegisteredApplications] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\SyncEngines] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\sysinternals] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\WIBU-SYSTEMS] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\WinRAR] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Wow6432Node] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Accessibility] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Active Setup] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\ActiveMovie] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\ActiveSync] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Assistance] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\AuthCookies] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Avalon.Graphics] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\CalendarRT] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Clipboard] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Command Processor] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\CommsAPHost] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Connection Manager] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\ContactsRT] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\CTF] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\DeviceDirectory] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\EventSystem] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\F12] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\FamilyStore] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Fax] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Feeds] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\FTP] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\GameBar] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\GameBarApi] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\IdentityCRL] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\IME] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\IMEMIP] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Input] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\InputMethod] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\InputPersonalization] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Internet Connection Wizard] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Internet Explorer] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Internet Mail and News] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Java VM] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Keyboard] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\MediaPlayer] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Messaging] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Microsoft Management Console] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\MicrosoftEdge] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\MobilePC] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\MS Design Tools] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\MSF] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Multimedia] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Narrator] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\NGC] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Office] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\OneDrive] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Osk] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\PeerNet] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Personalization] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Phone] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Pim] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Poom] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\RAS Phonebook] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Remote Assistance] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\ScreenMagnifier] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Sensors] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Shared] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Shared Tools] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\SkyDrive] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Speech] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Speech Virtual] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Speech_OneCore] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Spelling] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\SQMClient] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\StorageLibrary] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\SystemCertificates] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\TabletTip] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\TPG] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\UEV] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Unified Store] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Unistore] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\UNP] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\UserData] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\UserDataService] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\VBA] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\WAB] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\WcmSvc] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Web Service Providers] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\wfs] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Windows] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Windows Defender Security Center] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Windows NT] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Windows Search] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Windows Security Health] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\Wisp] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\SOFTWARE\Microsoft\XboxLive] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Microsoft\Windows\AssignedAccessConfiguration] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Microsoft\Windows\PrivacySettingsBeforeCreatorsUpdate] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Microsoft\Windows\Winlogon] [HKU\S-1-5-21-922658149-1620859959-2037323602-1011\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\Abvent] [HKLM\Software\Adobe] [HKLM\Software\AGEIA Technologies] [HKLM\Software\Alienware] [HKLM\Software\ASUS] [HKLM\Software\ATI Technologies] [HKLM\Software\Audible] [HKLM\Software\Autodesk] [HKLM\Software\BrowserChoice] [HKLM\Software\Clients] [HKLM\Software\Codec Tweak Tool] [HKLM\Software\CVSM] [HKLM\Software\DefaultUserEnvironment] [HKLM\Software\Earth Resource Mapping] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\GNU] [HKLM\Software\Google] [HKLM\Software\HaaliMkx] [HKLM\Software\IM Providers] [HKLM\Software\Intel] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\KLCodecPack64] [HKLM\Software\Logishrd] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Macrovision] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\mozilla.org] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nero] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Partner] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\RegisteredApplications] [HKLM\Software\Sonic] [HKLM\Software\sysinternals] [HKLM\Software\Volatile] [HKLM\Software\Wacom] [HKLM\Software\WIBU-SYSTEMS] [HKLM\Software\Windows] [HKLM\Software\WinRAR] [HKLM\Software\WOW6432Node] [HKLM\SOFTWARE\Microsoft\.NETFramework] [HKLM\SOFTWARE\Microsoft\AccountsControl] [HKLM\SOFTWARE\Microsoft\Active Setup] [HKLM\SOFTWARE\Microsoft\ActiveSync] [HKLM\SOFTWARE\Microsoft\ADs] [HKLM\SOFTWARE\Microsoft\Advanced INF Setup] [HKLM\SOFTWARE\Microsoft\ALG] [HKLM\SOFTWARE\Microsoft\AllUserInstallAgent] [HKLM\SOFTWARE\Microsoft\AMSI] [HKLM\SOFTWARE\Microsoft\Analog] [HKLM\SOFTWARE\Microsoft\AppServiceProtocols] [HKLM\SOFTWARE\Microsoft\AppV] [HKLM\SOFTWARE\Microsoft\ASP.NET] [HKLM\SOFTWARE\Microsoft\Assistance] [HKLM\SOFTWARE\Microsoft\AuthHost] [HKLM\SOFTWARE\Microsoft\Avalon.Graphics] [HKLM\SOFTWARE\Microsoft\BidInterface] [HKLM\SOFTWARE\Microsoft\BitLockerCsp] [HKLM\SOFTWARE\Microsoft\CallAndMessagingEnhancement] [HKLM\SOFTWARE\Microsoft\Cellular] [HKLM\SOFTWARE\Microsoft\Chkdsk] [HKLM\SOFTWARE\Microsoft\Clipboard] [HKLM\SOFTWARE\Microsoft\ClipboardServer] [HKLM\SOFTWARE\Microsoft\Code Store Database] [HKLM\SOFTWARE\Microsoft\COM3] [HKLM\SOFTWARE\Microsoft\Command Processor] [HKLM\SOFTWARE\Microsoft\CommsAPHost] [HKLM\SOFTWARE\Microsoft\Composition] [HKLM\SOFTWARE\Microsoft\Connect to a Network Projector] [HKLM\SOFTWARE\Microsoft\CoreShell] [HKLM\SOFTWARE\Microsoft\Cryptography] [HKLM\SOFTWARE\Microsoft\CTF] [HKLM\SOFTWARE\Microsoft\DataAccess] [HKLM\SOFTWARE\Microsoft\DataCollection] [HKLM\SOFTWARE\Microsoft\DataMarketplace] [HKLM\SOFTWARE\Microsoft\DataSharing] [HKLM\SOFTWARE\Microsoft\DDDS] [HKLM\SOFTWARE\Microsoft\DevDiv] [HKLM\SOFTWARE\Microsoft\Device Association Framework] [HKLM\SOFTWARE\Microsoft\DeviceReg] [HKLM\SOFTWARE\Microsoft\Dfrg] [HKLM\SOFTWARE\Microsoft\DFS] [HKLM\SOFTWARE\Microsoft\DiagnosticLogCSP] [HKLM\SOFTWARE\Microsoft\DirectDraw] [HKLM\SOFTWARE\Microsoft\DirectInput] [HKLM\SOFTWARE\Microsoft\DirectMusic] [HKLM\SOFTWARE\Microsoft\DirectPlay8] [HKLM\SOFTWARE\Microsoft\DirectPlayNATHelp] [HKLM\SOFTWARE\Microsoft\DirectShow] [HKLM\SOFTWARE\Microsoft\DirectX] [HKLM\SOFTWARE\Microsoft\DownloadManager] [HKLM\SOFTWARE\Microsoft\Driver Signing] [HKLM\SOFTWARE\Microsoft\DRM] [HKLM\SOFTWARE\Microsoft\DusmSvc] [HKLM\SOFTWARE\Microsoft\DVDNavigator] [HKLM\SOFTWARE\Microsoft\DVR] [HKLM\SOFTWARE\Microsoft\DXP] [HKLM\SOFTWARE\Microsoft\EAPSIMMethods] [HKLM\SOFTWARE\Microsoft\Enrollment] [HKLM\SOFTWARE\Microsoft\Enrollments] [HKLM\SOFTWARE\Microsoft\EnterpriseCertificates] [HKLM\SOFTWARE\Microsoft\EnterpriseDataProtection] [HKLM\SOFTWARE\Microsoft\EnterpriseResourceManager] [HKLM\SOFTWARE\Microsoft\EventSounds] [HKLM\SOFTWARE\Microsoft\EventSystem] [HKLM\SOFTWARE\Microsoft\F12] [HKLM\SOFTWARE\Microsoft\FamilyStore] [HKLM\SOFTWARE\Microsoft\Fax] [HKLM\SOFTWARE\Microsoft\FaxServer] [HKLM\SOFTWARE\Microsoft\Feeds] [HKLM\SOFTWARE\Microsoft\FilePicker] [HKLM\SOFTWARE\Microsoft\FilterDS] [HKLM\SOFTWARE\Microsoft\FingerKB] [HKLM\SOFTWARE\Microsoft\FlashConfig] [HKLM\SOFTWARE\Microsoft\FTH] [HKLM\SOFTWARE\Microsoft\Function Discovery] [HKLM\SOFTWARE\Microsoft\Fusion] [HKLM\SOFTWARE\Microsoft\FuzzyDS] [HKLM\SOFTWARE\Microsoft\GameOverlay] [HKLM\SOFTWARE\Microsoft\GPUPipeline] [HKLM\SOFTWARE\Microsoft\HTMLHelp] [HKLM\SOFTWARE\Microsoft\Hvsi] [HKLM\SOFTWARE\Microsoft\IdentityCRL] [HKLM\SOFTWARE\Microsoft\IdentityStore] [HKLM\SOFTWARE\Microsoft\IHDS] [HKLM\SOFTWARE\Microsoft\IMAPI] [HKLM\SOFTWARE\Microsoft\IME] [HKLM\SOFTWARE\Microsoft\IMEJP] [HKLM\SOFTWARE\Microsoft\IMEKR] [HKLM\SOFTWARE\Microsoft\IMETC] [HKLM\SOFTWARE\Microsoft\InetStp] [HKLM\SOFTWARE\Microsoft\InProcLogger] [HKLM\SOFTWARE\Microsoft\Input] [HKLM\SOFTWARE\Microsoft\InputMethod] [HKLM\SOFTWARE\Microsoft\InputPersonalization] [HKLM\SOFTWARE\Microsoft\Internet Account Manager] [HKLM\SOFTWARE\Microsoft\Internet Domains] [HKLM\SOFTWARE\Microsoft\Internet Explorer] [HKLM\SOFTWARE\Microsoft\IsoBurn] [HKLM\SOFTWARE\Microsoft\KGL] [HKLM\SOFTWARE\Microsoft\LanguageOverlay] [HKLM\SOFTWARE\Microsoft\LexiconUpdate] [HKLM\SOFTWARE\Microsoft\Managed Desktop] [HKLM\SOFTWARE\Microsoft\MdmCommon] [HKLM\SOFTWARE\Microsoft\MdmDiagnostics] [HKLM\SOFTWARE\Microsoft\MediaEngine] [HKLM\SOFTWARE\Microsoft\MediaPlayer] [HKLM\SOFTWARE\Microsoft\MemoryDiagnostic] [HKLM\SOFTWARE\Microsoft\Messaging] [HKLM\SOFTWARE\Microsoft\MessengerService] [HKLM\SOFTWARE\Microsoft\Microsoft Camera Codec Pack] [HKLM\SOFTWARE\Microsoft\MiracastReceiver] [HKLM\SOFTWARE\Microsoft\MMC] [HKLM\SOFTWARE\Microsoft\Mobile] [HKLM\SOFTWARE\Microsoft\MpEngine] [HKLM\SOFTWARE\Microsoft\MpSigStub] [HKLM\SOFTWARE\Microsoft\MSBuild] [HKLM\SOFTWARE\Microsoft\MSDE] [HKLM\SOFTWARE\Microsoft\MSDRM] [HKLM\SOFTWARE\Microsoft\MSDTC] [HKLM\SOFTWARE\Microsoft\MSF] [HKLM\SOFTWARE\Microsoft\MSIME] [HKLM\SOFTWARE\Microsoft\MSLicensing] [HKLM\SOFTWARE\Microsoft\MSMQ] [HKLM\SOFTWARE\Microsoft\MSN Apps] [HKLM\SOFTWARE\Microsoft\MSSQLServer] [HKLM\SOFTWARE\Microsoft\MTF] [HKLM\SOFTWARE\Microsoft\MTFFuzzyFactors] [HKLM\SOFTWARE\Microsoft\MTFInputType] [HKLM\SOFTWARE\Microsoft\MTFKeyboardMappings] [HKLM\SOFTWARE\Microsoft\Multimedia] [HKLM\SOFTWARE\Microsoft\Multivariant] [HKLM\SOFTWARE\Microsoft\NET Framework Setup] [HKLM\SOFTWARE\Microsoft\NetSh] [HKLM\SOFTWARE\Microsoft\Network] [HKLM\SOFTWARE\Microsoft\NetworkAccessProtection] [HKLM\SOFTWARE\Microsoft\Non-Driver Signing] [HKLM\SOFTWARE\Microsoft\Notepad] [HKLM\SOFTWARE\Microsoft\ODBC] [HKLM\SOFTWARE\Microsoft\OEM] [HKLM\SOFTWARE\Microsoft\Office] [HKLM\SOFTWARE\Microsoft\OfficeCSP] [HKLM\SOFTWARE\Microsoft\OfficeSoftwareProtectionPlatform] [HKLM\SOFTWARE\Microsoft\Ole] [HKLM\SOFTWARE\Microsoft\OnlineProviders] [HKLM\SOFTWARE\Microsoft\Outlook Express] [HKLM\SOFTWARE\Microsoft\Palm] [HKLM\SOFTWARE\Microsoft\Personalization] [HKLM\SOFTWARE\Microsoft\Phone] [HKLM\SOFTWARE\Microsoft\Photos] [HKLM\SOFTWARE\Microsoft\PIM] [HKLM\SOFTWARE\Microsoft\PLA] [HKLM\SOFTWARE\Microsoft\PlayReady] [HKLM\SOFTWARE\Microsoft\PlayToReceiver] [HKLM\SOFTWARE\Microsoft\PointOfService] [HKLM\SOFTWARE\Microsoft\Policies] [HKLM\SOFTWARE\Microsoft\PolicyManager] [HKLM\SOFTWARE\Microsoft\Poom] [HKLM\SOFTWARE\Microsoft\PowerShell] [HKLM\SOFTWARE\Microsoft\Print] [HKLM\SOFTWARE\Microsoft\Provisioning] [HKLM\SOFTWARE\Microsoft\PushRouter] [HKLM\SOFTWARE\Microsoft\RADAR] [HKLM\SOFTWARE\Microsoft\Ras] [HKLM\SOFTWARE\Microsoft\RcsPresence] [HKLM\SOFTWARE\Microsoft\Reliability Analysis] [HKLM\SOFTWARE\Microsoft\Remediation] [HKLM\SOFTWARE\Microsoft\RemovalTools] [HKLM\SOFTWARE\Microsoft\rempl] [HKLM\SOFTWARE\Microsoft\RendezvousApps] [HKLM\SOFTWARE\Microsoft\Router] [HKLM\SOFTWARE\Microsoft\Rpc] [HKLM\SOFTWARE\Microsoft\SchedulingAgent] [HKLM\SOFTWARE\Microsoft\Schema Library] [HKLM\SOFTWARE\Microsoft\SDDS] [HKLM\SOFTWARE\Microsoft\Security Center] [HKLM\SOFTWARE\Microsoft\SecurityManager] [HKLM\SOFTWARE\Microsoft\SEMgr] [HKLM\SOFTWARE\Microsoft\Sensors] [HKLM\SOFTWARE\Microsoft\ServerManager] [HKLM\SOFTWARE\Microsoft\Settings] [HKLM\SOFTWARE\Microsoft\Shared] [HKLM\SOFTWARE\Microsoft\Shared Tools] [HKLM\SOFTWARE\Microsoft\Shared Tools Location] [HKLM\SOFTWARE\Microsoft\Shell] [HKLM\SOFTWARE\Microsoft\SideShow] [HKLM\SOFTWARE\Microsoft\sih] [HKLM\SOFTWARE\Microsoft\Silverlight] [HKLM\SOFTWARE\Microsoft\Siuf] [HKLM\SOFTWARE\Microsoft\SMB1Uninstall] [HKLM\SOFTWARE\Microsoft\SoftGrid] [HKLM\SOFTWARE\Microsoft\Software] [HKLM\SOFTWARE\Microsoft\Speech] [HKLM\SOFTWARE\Microsoft\Speech_OneCore] [HKLM\SOFTWARE\Microsoft\SQMClient] [HKLM\SOFTWARE\Microsoft\StrongName] [HKLM\SOFTWARE\Microsoft\Sync Framework] [HKLM\SOFTWARE\Microsoft\Sysprep] [HKLM\SOFTWARE\Microsoft\SystemCertificates] [HKLM\SOFTWARE\Microsoft\SystemSettings] [HKLM\SOFTWARE\Microsoft\TableTextService] [HKLM\SOFTWARE\Microsoft\TabletTip] [HKLM\SOFTWARE\Microsoft\TaskFlowDataEngine] [HKLM\SOFTWARE\Microsoft\Tcpip] [HKLM\SOFTWARE\Microsoft\TelemetryClient] [HKLM\SOFTWARE\Microsoft\Terminal Server Client] [HKLM\SOFTWARE\Microsoft\TermServLicensing] [HKLM\SOFTWARE\Microsoft\TIP Shared] [HKLM\SOFTWARE\Microsoft\TMM] [HKLM\SOFTWARE\Microsoft\TouchPrediction] [HKLM\SOFTWARE\Microsoft\TPG] [HKLM\SOFTWARE\Microsoft\Tpm] [HKLM\SOFTWARE\Microsoft\Tracing] [HKLM\SOFTWARE\Microsoft\Transaction Server] [HKLM\SOFTWARE\Microsoft\TV System Services] [HKLM\SOFTWARE\Microsoft\uDRM] [HKLM\SOFTWARE\Microsoft\UEV] [HKLM\SOFTWARE\Microsoft\Unified Store] [HKLM\SOFTWARE\Microsoft\Unistore] [HKLM\SOFTWARE\Microsoft\UNP] [HKLM\SOFTWARE\Microsoft\UPnP Control Point] [HKLM\SOFTWARE\Microsoft\UPnP Device Host] [HKLM\SOFTWARE\Microsoft\UserData] [HKLM\SOFTWARE\Microsoft\UserManager] [HKLM\SOFTWARE\Microsoft\Virtual Machine] [HKLM\SOFTWARE\Microsoft\W3SVC] [HKLM\SOFTWARE\Microsoft\WAB] [HKLM\SOFTWARE\Microsoft\Wallet] [HKLM\SOFTWARE\Microsoft\Wbem] [HKLM\SOFTWARE\Microsoft\WcmSvc] [HKLM\SOFTWARE\Microsoft\WIMMount] [HKLM\SOFTWARE\Microsoft\Windows] [HKLM\SOFTWARE\Microsoft\Windows Advanced Threat Protection] [HKLM\SOFTWARE\Microsoft\Windows Defender] [HKLM\SOFTWARE\Microsoft\Windows Defender Security Center] [HKLM\SOFTWARE\Microsoft\Windows Desktop Search] [HKLM\SOFTWARE\Microsoft\Windows Embedded] [HKLM\SOFTWARE\Microsoft\Windows Live] [HKLM\SOFTWARE\Microsoft\Windows Mail] [HKLM\SOFTWARE\Microsoft\Windows Media Device Manager] [HKLM\SOFTWARE\Microsoft\Windows Media Foundation] [HKLM\SOFTWARE\Microsoft\Windows Media Player NSS] [HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem] [HKLM\SOFTWARE\Microsoft\Windows NT] [HKLM\SOFTWARE\Microsoft\Windows Performance Toolkit] [HKLM\SOFTWARE\Microsoft\Windows Phone] [HKLM\SOFTWARE\Microsoft\Windows Photo Viewer] [HKLM\SOFTWARE\Microsoft\Windows Portable Devices] [HKLM\SOFTWARE\Microsoft\Windows Script Host] [HKLM\SOFTWARE\Microsoft\Windows Search] [HKLM\SOFTWARE\Microsoft\Windows Security Health] [HKLM\SOFTWARE\Microsoft\WindowsRuntime] [HKLM\SOFTWARE\Microsoft\WindowsSelfHost] [HKLM\SOFTWARE\Microsoft\WindowsStore] [HKLM\SOFTWARE\Microsoft\WindowsUpdate] [HKLM\SOFTWARE\Microsoft\Wisp] [HKLM\SOFTWARE\Microsoft\WlanSvc] [HKLM\SOFTWARE\Microsoft\Wlpasvc] [HKLM\SOFTWARE\Microsoft\Workspaces] [HKLM\SOFTWARE\Microsoft\Wow64] [HKLM\SOFTWARE\Microsoft\WSDAPI] [HKLM\SOFTWARE\Microsoft\WwanSvc] [HKLM\SOFTWARE\Microsoft\XAML] [HKLM\SOFTWARE\Microsoft\XboxGameSaveStorage] [HKLM\SOFTWARE\Microsoft\XboxLive] [HKLM\Software\Microsoft\Windows\AssignedAccessConfiguration] [HKLM\Software\Microsoft\Windows\AssignedAccessCsp] [HKLM\Software\Microsoft\Windows\Autopilot] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\Dwm] [HKLM\Software\Microsoft\Windows\DynamicManagement] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\Heat] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\Notepad] [HKLM\Software\Microsoft\Windows\PrivacySettingsBeforeCreatorsUpdate] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\UpdateApi] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AarSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\apphost] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AssignedAccessManagerSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\autotimesvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BcastDVRUserService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\btagservice] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BthAppGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ClipboardSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\iissvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\Apple Computer, Inc.] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\Audible] [HKLM\Software\WOW6432Node\Autodesk] [HKLM\Software\WOW6432Node\Bunndle] [HKLM\Software\WOW6432Node\Celsys] [HKLM\Software\WOW6432Node\DIAL GmbH] [HKLM\Software\WOW6432Node\Dropbox] [HKLM\Software\WOW6432Node\DropboxUpdate] [HKLM\Software\WOW6432Node\DT Soft] [HKLM\Software\WOW6432Node\GIGABYTE] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\HPS] [HKLM\Software\WOW6432Node\IM Providers] [HKLM\Software\WOW6432Node\InstallShield] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Kaydara] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\LightScribe] [HKLM\Software\WOW6432Node\Logitech] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Macrovision] [HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\WOW6432Node\MAXSOFT-OCRON] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Migros Photo Service] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Nero] [HKLM\Software\WOW6432Node\Norton] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\Oracle] [HKLM\Software\WOW6432Node\PDFCreator] [HKLM\Software\WOW6432Node\Skype] [HKLM\Software\WOW6432Node\SoftShape] [HKLM\Software\WOW6432Node\VideoLAN] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\Wacom] [HKLM\Software\WOW6432Node\WIBU-SYSTEMS] [HKLM\Software\WOW6432Node\Windows] [HKLM\Software\WOW6432Node\WOW6432Node] [HKLM\Software\WOW6432Node\Yahoo] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\.NETFramework] [HKLM\Software\WOW6432Node\Microsoft\Active Setup] [HKLM\Software\WOW6432Node\Microsoft\ADs] [HKLM\Software\WOW6432Node\Microsoft\Advanced INF Setup] [HKLM\Software\WOW6432Node\Microsoft\AMSI] [HKLM\Software\WOW6432Node\Microsoft\AppServiceProtocols] [HKLM\Software\WOW6432Node\Microsoft\AppV] [HKLM\Software\WOW6432Node\Microsoft\ASP.NET] [HKLM\Software\WOW6432Node\Microsoft\ASP.NET MVC 4] [HKLM\Software\WOW6432Node\Microsoft\Assistance] [HKLM\Software\WOW6432Node\Microsoft\AuthHost] [HKLM\Software\WOW6432Node\Microsoft\Avalon.Graphics] [HKLM\Software\WOW6432Node\Microsoft\BidInterface] [HKLM\Software\WOW6432Node\Microsoft\BitLockerCsp] [HKLM\Software\WOW6432Node\Microsoft\ClipboardServer] [HKLM\Software\WOW6432Node\Microsoft\Code Store Database] [HKLM\Software\WOW6432Node\Microsoft\Command Processor] [HKLM\Software\WOW6432Node\Microsoft\Cryptography] [HKLM\Software\WOW6432Node\Microsoft\CTF] [HKLM\Software\WOW6432Node\Microsoft\DataAccess] [HKLM\Software\WOW6432Node\Microsoft\DevDiv] [HKLM\Software\WOW6432Node\Microsoft\Device Association Framework] [HKLM\Software\WOW6432Node\Microsoft\Direct3D] [HKLM\Software\WOW6432Node\Microsoft\DirectDraw] [HKLM\Software\WOW6432Node\Microsoft\DirectInput] [HKLM\Software\WOW6432Node\Microsoft\DirectMusic] [HKLM\Software\WOW6432Node\Microsoft\DirectPlay] [HKLM\Software\WOW6432Node\Microsoft\DirectPlay8] [HKLM\Software\WOW6432Node\Microsoft\DirectPlayNATHelp] [HKLM\Software\WOW6432Node\Microsoft\DirectShow] [HKLM\Software\WOW6432Node\Microsoft\DirectX] [HKLM\Software\WOW6432Node\Microsoft\DownloadManager] [HKLM\Software\WOW6432Node\Microsoft\DRM] [HKLM\Software\WOW6432Node\Microsoft\DVDNavigator] [HKLM\Software\WOW6432Node\Microsoft\DVR] [HKLM\Software\WOW6432Node\Microsoft\EAPSIMMethods] [HKLM\Software\WOW6432Node\Microsoft\ENROLLMENTS] [HKLM\Software\WOW6432Node\Microsoft\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Exchange] [HKLM\Software\WOW6432Node\Microsoft\F12] [HKLM\Software\WOW6432Node\Microsoft\Fax] [HKLM\Software\WOW6432Node\Microsoft\Feeds] [HKLM\Software\WOW6432Node\Microsoft\FilePicker] [HKLM\Software\WOW6432Node\Microsoft\FlashConfig] [HKLM\Software\WOW6432Node\Microsoft\FTH] [HKLM\Software\WOW6432Node\Microsoft\Function Discovery] [HKLM\Software\WOW6432Node\Microsoft\Fusion] [HKLM\Software\WOW6432Node\Microsoft\GameOverlay] [HKLM\Software\WOW6432Node\Microsoft\HTMLHelp] [HKLM\Software\WOW6432Node\Microsoft\IdentityCRL] [HKLM\Software\WOW6432Node\Microsoft\IdentityStore] [HKLM\Software\WOW6432Node\Microsoft\IMAPI] [HKLM\Software\WOW6432Node\Microsoft\IME] [HKLM\Software\WOW6432Node\Microsoft\IMEJP] [HKLM\Software\WOW6432Node\Microsoft\IMEKR] [HKLM\Software\WOW6432Node\Microsoft\IMETC] [HKLM\Software\WOW6432Node\Microsoft\InetStp] [HKLM\Software\WOW6432Node\Microsoft\InputMethod] [HKLM\Software\WOW6432Node\Microsoft\Internet Account Manager] [HKLM\Software\WOW6432Node\Microsoft\Internet Domains] [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer] [HKLM\Software\WOW6432Node\Microsoft\IsoBurn] [HKLM\Software\WOW6432Node\Microsoft\Jet] [HKLM\Software\WOW6432Node\Microsoft\Live Mesh] [HKLM\Software\WOW6432Node\Microsoft\Machine Debug Manager] [HKLM\Software\WOW6432Node\Microsoft\MediaEngine] [HKLM\Software\WOW6432Node\Microsoft\MediaPlayer] [HKLM\Software\WOW6432Node\Microsoft\MessengerService] [HKLM\Software\WOW6432Node\Microsoft\Microsoft Camera Codec Pack] [HKLM\Software\WOW6432Node\Microsoft\Microsoft Games] [HKLM\Software\WOW6432Node\Microsoft\Microsoft Office Outlook Connector] [HKLM\Software\WOW6432Node\Microsoft\Microsoft Reference] [HKLM\Software\WOW6432Node\Microsoft\Microsoft SQL Server Compact Edition] [HKLM\Software\WOW6432Node\Microsoft\Migwiz] [HKLM\Software\WOW6432Node\Microsoft\MiracastReceiver] [HKLM\Software\WOW6432Node\Microsoft\MMC] [HKLM\Software\WOW6432Node\Microsoft\MSBuild] [HKLM\Software\WOW6432Node\Microsoft\MSDE] [HKLM\Software\WOW6432Node\Microsoft\MSDRM] [HKLM\Software\WOW6432Node\Microsoft\MSDTC] [HKLM\Software\WOW6432Node\Microsoft\MSF] [HKLM\Software\WOW6432Node\Microsoft\MSLicensing] [HKLM\Software\WOW6432Node\Microsoft\MSN] [HKLM\Software\WOW6432Node\Microsoft\MSN Apps] [HKLM\Software\WOW6432Node\Microsoft\MSOSOAP] [HKLM\Software\WOW6432Node\Microsoft\MSSearch36] [HKLM\Software\WOW6432Node\Microsoft\MTF] [HKLM\Software\WOW6432Node\Microsoft\Multimedia] [HKLM\Software\WOW6432Node\Microsoft\NET Framework Setup] [HKLM\Software\WOW6432Node\Microsoft\NetSh] [HKLM\Software\WOW6432Node\Microsoft\Network] [HKLM\Software\WOW6432Node\Microsoft\NetworkAccessProtection] [HKLM\Software\WOW6432Node\Microsoft\Notepad] [HKLM\Software\WOW6432Node\Microsoft\ODBC] [HKLM\Software\WOW6432Node\Microsoft\OEM] [HKLM\Software\WOW6432Node\Microsoft\Office] [HKLM\Software\WOW6432Node\Microsoft\Office Server] [HKLM\Software\WOW6432Node\Microsoft\OnlineProviders] [HKLM\Software\WOW6432Node\Microsoft\Outlook Express] [HKLM\Software\WOW6432Node\Microsoft\Palm] [HKLM\Software\WOW6432Node\Microsoft\Photos] [HKLM\Software\WOW6432Node\Microsoft\PLA] [HKLM\Software\WOW6432Node\Microsoft\Policies] [HKLM\Software\WOW6432Node\Microsoft\PowerShell] [HKLM\Software\WOW6432Node\Microsoft\Print] [HKLM\Software\WOW6432Node\Microsoft\Provisioning] [HKLM\Software\WOW6432Node\Microsoft\RADAR] [HKLM\Software\WOW6432Node\Microsoft\RendezvousApps] [HKLM\Software\WOW6432Node\Microsoft\SchedulingAgent] [HKLM\Software\WOW6432Node\Microsoft\Schema Library] [HKLM\Software\WOW6432Node\Microsoft\Security Center] [HKLM\Software\WOW6432Node\Microsoft\Sensors] [HKLM\Software\WOW6432Node\Microsoft\ServerManager] [HKLM\Software\WOW6432Node\Microsoft\Shared] [HKLM\Software\WOW6432Node\Microsoft\Shared Tools] [HKLM\Software\WOW6432Node\Microsoft\Shared Tools Location] [HKLM\Software\WOW6432Node\Microsoft\SideShow] [HKLM\Software\WOW6432Node\Microsoft\Silverlight] [HKLM\Software\WOW6432Node\Microsoft\Software] [HKLM\Software\WOW6432Node\Microsoft\SPEECH] [HKLM\Software\WOW6432Node\Microsoft\Speech_OneCore] [HKLM\Software\WOW6432Node\Microsoft\SQMClient] [HKLM\Software\WOW6432Node\Microsoft\Sync Framework] [HKLM\Software\WOW6432Node\Microsoft\SystemSettings] [HKLM\Software\WOW6432Node\Microsoft\TableTextService] [HKLM\Software\WOW6432Node\Microsoft\TabletTip] [HKLM\Software\WOW6432Node\Microsoft\Tcpip] [HKLM\Software\WOW6432Node\Microsoft\Terminal Server Client] [HKLM\Software\WOW6432Node\Microsoft\TIP Shared] [HKLM\Software\WOW6432Node\Microsoft\TouchPrediction] [HKLM\Software\WOW6432Node\Microsoft\TPG] [HKLM\Software\WOW6432Node\Microsoft\Tpm] [HKLM\Software\WOW6432Node\Microsoft\Tracing] [HKLM\Software\WOW6432Node\Microsoft\TV System Services] [HKLM\Software\WOW6432Node\Microsoft\UCCPlatform] [HKLM\Software\WOW6432Node\Microsoft\uDRM] [HKLM\Software\WOW6432Node\Microsoft\UEV] [HKLM\Software\WOW6432Node\Microsoft\Updates] [HKLM\Software\WOW6432Node\Microsoft\UPnP Control Point] [HKLM\Software\WOW6432Node\Microsoft\UPnP Device Host] [HKLM\Software\WOW6432Node\Microsoft\VBA] [HKLM\Software\WOW6432Node\Microsoft\Visio] [HKLM\Software\WOW6432Node\Microsoft\VisualStudio] [HKLM\Software\WOW6432Node\Microsoft\VSTA] [HKLM\Software\WOW6432Node\Microsoft\VSTAHost] [HKLM\Software\WOW6432Node\Microsoft\VSTAHostConfig] [HKLM\Software\WOW6432Node\Microsoft\W3SVC] [HKLM\Software\WOW6432Node\Microsoft\WAB] [HKLM\Software\WOW6432Node\Microsoft\WBEM] [HKLM\Software\WOW6432Node\Microsoft\WIMMount] [HKLM\Software\WOW6432Node\Microsoft\Windows] [HKLM\Software\WOW6432Node\Microsoft\Windows Desktop Search] [HKLM\Software\WOW6432Node\Microsoft\Windows Live] [HKLM\Software\WOW6432Node\Microsoft\Windows Live Mail] [HKLM\Software\WOW6432Node\Microsoft\Windows Live Writer] [HKLM\Software\WOW6432Node\Microsoft\Windows Mail] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Device Manager] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Foundation] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Player NSS] [HKLM\Software\WOW6432Node\Microsoft\Windows Messaging Subsystem] [HKLM\Software\WOW6432Node\Microsoft\Windows NT] [HKLM\Software\WOW6432Node\Microsoft\Windows Phone] [HKLM\Software\WOW6432Node\Microsoft\Windows Photo Viewer] [HKLM\Software\WOW6432Node\Microsoft\Windows Portable Devices] [HKLM\Software\WOW6432Node\Microsoft\Windows Script Host] [HKLM\Software\WOW6432Node\Microsoft\WindowsRuntime] [HKLM\Software\WOW6432Node\Microsoft\WindowsUpdate] [HKLM\Software\WOW6432Node\Microsoft\Wisp] [HKLM\Software\WOW6432Node\Microsoft\WlanSvc] [HKLM\Software\WOW6432Node\Microsoft\Workspaces] [HKLM\Software\WOW6432Node\Microsoft\WSDAPI] [HKLM\Software\WOW6432Node\Microsoft\Cellular] [HKLM\Software\WOW6432Node\Microsoft\COM3] [HKLM\Software\WOW6432Node\Microsoft\DeviceReg] [HKLM\Software\WOW6432Node\Microsoft\DFS] [HKLM\Software\WOW6432Node\Microsoft\Driver Signing] [HKLM\Software\WOW6432Node\Microsoft\EnterpriseCertificates] [HKLM\Software\WOW6432Node\Microsoft\EventSystem] [HKLM\Software\WOW6432Node\Microsoft\FingerKB] [HKLM\Software\WOW6432Node\Microsoft\FuzzyDS] [HKLM\Software\WOW6432Node\Microsoft\Input] [HKLM\Software\WOW6432Node\Microsoft\LanguageOverlay] [HKLM\Software\WOW6432Node\Microsoft\Messaging] [HKLM\Software\WOW6432Node\Microsoft\MSMQ] [HKLM\Software\WOW6432Node\Microsoft\MTFFuzzyFactors] [HKLM\Software\WOW6432Node\Microsoft\MTFInputType] [HKLM\Software\WOW6432Node\Microsoft\MTFKeyboardMappings] [HKLM\Software\WOW6432Node\Microsoft\Non-Driver Signing] [HKLM\Software\WOW6432Node\Microsoft\Ole] [HKLM\Software\WOW6432Node\Microsoft\Phone] [HKLM\Software\WOW6432Node\Microsoft\Pim] [HKLM\Software\WOW6432Node\Microsoft\Poom] [HKLM\Software\WOW6432Node\Microsoft\Ras] [HKLM\Software\WOW6432Node\Microsoft\Rpc] [HKLM\Software\WOW6432Node\Microsoft\SecurityManager] [HKLM\Software\WOW6432Node\Microsoft\Semgr] [HKLM\Software\WOW6432Node\Microsoft\Shell] [HKLM\Software\WOW6432Node\Microsoft\SystemCertificates] [HKLM\Software\WOW6432Node\Microsoft\TermServLicensing] [HKLM\Software\WOW6432Node\Microsoft\Transaction Server] [HKLM\Software\WOW6432Node\Microsoft\Unified Store] [HKLM\Software\WOW6432Node\Microsoft\UserData] [HKLM\Software\WOW6432Node\Microsoft\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\XAML] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\Heat] [HKLM\Software\WOW6432Node\Microsoft\Windows\Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\UpdateApi] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\iissvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] ---------- | Drives E: [26/02/2012 21:21:51] - |ASH| - (.-.) - [366] - (0.0.0.0) - E:\desktop.ini ---------- | C: [14/03/2012 20:58:08] - |HD| - [922762383] - C:\$INPLACE.~TR [14/07/2009 05:18:56] - |SHD| - [223130037] - C:\$Recycle.Bin [03/10/2016 22:08:57] - |HD| - [267275] - C:\$SysReset [14/03/2012 21:03:55] - |HD| - [625006625] - C:\$WINDOWS.~Q [11/03/2013 12:12:04] - |D| - [3395132130] - C:\Autodesk [MD5.93B885ADFE0DA089CDF634904FD59F71] - [30/10/2015 10:13:44] - |ASH| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT [MD5.361D6394DD28C0684CC41366DD97C2F1] - [27/09/2019 22:39:28] - |SH| - (.-.) - [80] - (0.0.0.0) - C:\bootTel.dat [MD5.D41D8CD98F00B204E9800998ECF8427E] - [15/08/2015 18:51:36] - |A| - (.-.) - [0] - (0.0.0.0) - C:\d479c2329b68ec7142e14d95e3 [MD5.28620D088075E3181A6A2DEC024CF465] - [01/03/2015 18:50:22] - |A| - (.-.) - [1464] - (0.0.0.0) - C:\DIAL Communication Framework Setup Log.txt [MD5.5F50E97EC3615D87FD14294C77608803] - [01/03/2015 18:50:25] - |A| - (.-.) - [46069] - (0.0.0.0) - C:\DIALux Setup Information.txt [MD5.1C80A535CDF1683B1DB852DFD0EB692A] - [01/03/2015 19:22:33] - |A| - (.-.) - [225637] - (0.0.0.0) - C:\DIALux Setup Log.txt [14/07/2009 07:08:56] - |SHD| - [0] - C:\Documents and Settings [MD5.D41D8CD98F00B204E9800998ECF8427E] - [15/08/2015 18:51:36] - |A| - (.-.) - [0] - (0.0.0.0) - C:\ea0cceb84cf3dd769c887c [25/01/2016 18:17:32] - |D| - [0] - C:\GvTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/09/2019 22:40:35] - |ASH| - (.-.) - [6435377152] - (0.0.0.0) - C:\hiberfil.sys [02/10/2019 17:05:51] - |D| - [1102712] - C:\inetpub [27/04/2016 07:53:12] - |D| - [17338368] - C:\Logs [MD5.FE5A0B29A5EA757E6891DC7B70E7B112] - [23/09/2005 01:39:38] - |A| - (.© Microsoft Corporation. - Microsoft® Debug Information Accessor.) - [894976] - (8.0.50727.42) - C:\msdia80.dll [21/11/2010 18:51:20] - |RHD| - [529670008] - C:\MSOCache [26/05/2015 17:19:37] - |D| - [393216] - C:\NPE [MD5.01BA3FAAC78CCEBCC216868A619E81E0] - [13/05/2012 14:09:23] - |A| - (.-.) - [262144] - (0.0.0.0) - C:\ntuser.dat [MD5.607CFB6BB4D812E8A0418F34E4EB4AAC] - [13/05/2012 14:09:23] - |ASH| - (.-.) - [5120] - (0.0.0.0) - C:\ntuser.dat.LOG1 [MD5.D41D8CD98F00B204E9800998ECF8427E] - [13/05/2012 14:09:23] - |ASH| - (.-.) - [0] - (0.0.0.0) - C:\ntuser.dat.LOG2 [MD5.BA4345420610DCE47D5B50F6F3FA5BFB] - [13/05/2012 14:09:23] - |ASH| - (.-.) - [65536] - (0.0.0.0) - C:\ntuser.dat{a8ad233e-9ceb-11e1-896e-e0cb4e34e831}.TM.blf [MD5.478ED0FDB8A35EA405B890333553640B] - [13/05/2012 14:09:23] - |ASH| - (.-.) - [524288] - (0.0.0.0) - C:\ntuser.dat{a8ad233e-9ceb-11e1-896e-e0cb4e34e831}.TMContainer00000000000000000001.regtrans-ms [MD5.59071590099D21DD439896592338BF95] - [13/05/2012 14:09:23] - |ASH| - (.-.) - [524288] - (0.0.0.0) - C:\ntuser.dat{a8ad233e-9ceb-11e1-896e-e0cb4e34e831}.TMContainer00000000000000000002.regtrans-ms [02/10/2016 12:00:54] - |HD| - [0] - C:\OneDriveTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/09/2019 22:40:37] - |ASH| - (.-.) - [8589934592] - (0.0.0.0) - C:\pagefile.sys [19/03/2019 06:52:43] - |D| - [0] - C:\PerfLogs [19/03/2019 06:52:43] - |RD| - [15563237281] - C:\Program Files [19/03/2019 06:52:44] - |RD| - [9459180756] - C:\Program Files (x86) [19/03/2019 06:52:44] - |HD| - [2921838494] - C:\ProgramData [17/10/2019 22:31:38] - |D| - [68686] - C:\QuickDiag [MD5.9306F147C20C1DFA442F7576A3EFE63D] - [17/10/2019 22:31:50] - |A| - (.-.) - [180554] - (0.0.0.0) - C:\QuickDiag.txt [02/10/2019 18:12:57] - |SHD| - [0] - C:\Recovery [MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/09/2019 22:40:37] - |ASH| - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys [29/01/2010 01:21:05] - |SHD| - [50234744] - C:\System Volume Information [19/03/2019 06:37:22] - |RD| - [15276292231] - C:\Users [19/03/2019 06:37:22] - |D| - [34429155632] - C:\Windows [04/07/2016 10:52:06] - |D| - [0] - C:\Windows.old(1) ---------- | C:\WINDOWS [19/03/2019 06:52:44] - |D| - [802] - C:\WINDOWS\addins [19/03/2019 06:52:44] - |D| - [17858279] - C:\WINDOWS\appcompat [19/03/2019 06:52:44] - |D| - [9005888] - C:\WINDOWS\apppatch [19/03/2019 06:52:44] - |D| - [0] - C:\WINDOWS\AppReadiness [MD5.52FEB5F0E031C7E67B032912BA0ED796] - [28/01/2010 18:34:11] - |A| - (.-.) - [30414] - (0.0.0.0) - C:\WINDOWS\Ascd_tmp.ini [19/03/2019 06:52:43] - |RD| - [1627539671] - C:\WINDOWS\assembly [19/03/2019 06:52:44] - |D| - [785153] - C:\WINDOWS\bcastdvr [MD5.B75D52E7DBEEF44A2C3324A2CE0272C9] - [19/03/2019 06:43:47] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [73216] - (10.0.18362.1) - C:\WINDOWS\bfsvc.exe [19/03/2019 14:04:01] - |SHD| - [578755] - C:\WINDOWS\BitLockerDiscoveryVolumeContents [19/03/2019 06:52:44] - |D| - [39562095] - C:\WINDOWS\Boot [MD5.69DCC9CA8C78C6EDA98CC39811038F6F] - [02/10/2019 17:30:05] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [19/03/2019 06:52:44] - |D| - [2467832] - C:\WINDOWS\Branding [19/03/2019 06:37:22] - |D| - [0] - C:\WINDOWS\CbsTemp [08/06/2010 21:48:54] - |D| - [214923106] - C:\WINDOWS\CheckSur [19/03/2019 06:52:44] - |D| - [92824373] - C:\WINDOWS\Containers [14/07/2009 17:35:29] - |D| - [0] - C:\WINDOWS\CSC [19/03/2019 06:52:44] - |D| - [11501377] - C:\WINDOWS\Cursors [19/03/2019 06:52:44] - |D| - [746581] - C:\WINDOWS\debug [MD5.050C668A459D689E7C033DBCA4417642] - [02/10/2019 18:10:46] - |A| - (.-.) - [22863] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [19/03/2019 06:52:44] - |D| - [4777478] - C:\WINDOWS\diagnostics [19/03/2019 06:52:44] - |D| - [2074128] - C:\WINDOWS\DiagTrack [MD5.050C668A459D689E7C033DBCA4417642] - [02/10/2019 18:10:46] - |A| - (.-.) - [22863] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [01/03/2015 19:23:15] - |D| - [473600] - C:\WINDOWS\DIALux [MD5.AD1241A215D46C28602A9EF4651879BA] - [01/03/2015 19:24:50] - |A| - (.-.) - [102] - (0.0.0.0) - C:\WINDOWS\Dialux.ini [19/03/2019 14:01:27] - |D| - [0] - C:\WINDOWS\DigitalLocker [19/03/2019 06:52:44] - |SD| - [2321895] - C:\WINDOWS\Downloaded Program Files [14/07/2009 17:35:30] - |D| - [0] - C:\WINDOWS\ehome [19/03/2019 06:52:44] - |HD| - [46472] - C:\WINDOWS\ELAMBKUP [02/10/2019 17:09:42] - |D| - [48128] - C:\WINDOWS\en-GB [19/03/2019 14:01:27] - |D| - [49664] - C:\WINDOWS\en-US [MD5.E185BDA84E5F03F4E1D8DCA30E209277] - [26/01/2011 21:11:23] - |A| - (.-.) - [1912] - (0.0.0.0) - C:\WINDOWS\epplauncher.mif [MD5.D7874DD30BA935AAED6F730A0ED84610] - [03/10/2019 18:43:19] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4612520] - (10.0.18362.387) - C:\WINDOWS\explorer.exe [19/03/2019 06:52:44] - |RSD| - [733239474] - C:\WINDOWS\Fonts [21/04/2012 10:21:10] - |D| - [107376] - C:\WINDOWS\fr [19/03/2019 14:01:27] - |D| - [110592] - C:\WINDOWS\fr-FR [19/03/2019 06:52:44] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter [19/03/2019 06:52:44] - |D| - [83805498] - C:\WINDOWS\Globalization [19/03/2019 06:52:44] - |D| - [73477886] - C:\WINDOWS\Help [MD5.7FE51A1679579DB427447CE8DFD8D47F] - [02/10/2019 17:21:53] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1059840] - (10.0.18362.267) - C:\WINDOWS\HelpPane.exe [MD5.DF73D52FDCE65F90A2E49EFB5248C77C] - [19/03/2019 06:45:38] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.18362.1) - C:\WINDOWS\hh.exe [19/03/2019 06:52:44] - |D| - [29869] - C:\WINDOWS\IdentityCRL [MD5.8416CA01553AA206B999A1A2C5A43BA7] - [08/10/2019 21:04:21] - |A| - (.-.) - [37643] - (0.0.0.0) - C:\WINDOWS\iis.log [19/03/2019 06:52:44] - |D| - [92646166] - C:\WINDOWS\IME [19/03/2019 06:52:44] - |RD| - [9278666] - C:\WINDOWS\ImmersiveControlPanel [19/03/2019 06:50:07] - |D| - [179861835] - C:\WINDOWS\INF [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\InfusedApps [19/03/2019 06:52:44] - |D| - [38126462] - C:\WINDOWS\InputMethod [19/03/2019 06:52:44] - |SHDC| - [8556010429] - C:\WINDOWS\Installer [MD5.D41D8CD98F00B204E9800998ECF8427E] - [20/07/2019 18:02:59] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\iPlayer.INI [MD5.515E4684008E955DE0C81E6A7AEA1C2A] - [26/10/2011 13:43:14] - |A| - (.Copyright InstallShield Corporation, Inc. 1990-1997 - InstallShield® unInstaller.) - [306688] - (5.51.138.0) - C:\WINDOWS\IsUninst.exe [02/10/2019 17:14:11] - |D| - [78848] - C:\WINDOWS\ja-JP [MD5.C5847A8A716CB6835DAB38EEDC5DD8BA] - [21/09/2007 04:12:34] - |A| - (.(C) 1998-2007 Logitech. - Logitech KHAL Main Process.) - [134160] - (4.24.28.0) - C:\WINDOWS\KHALMNPR.Exe [19/03/2019 06:52:44] - |D| - [94304] - C:\WINDOWS\L2Schemas [19/03/2019 06:52:44] - |HD| - [0] - C:\WINDOWS\LanguageOverlayCache [MD5.718FECF22BF4BD4FC05B79AA4BEC75D0] - [28/01/2010 18:34:14] - |A| - (.-.) - [1769] - (0.0.0.0) - C:\WINDOWS\Language_trs.ini [12/10/2019 12:03:19] - |D| - [267602452] - C:\WINDOWS\LastGood.Tmp [19/03/2019 06:52:44] - |D| - [0] - C:\WINDOWS\LiveKernelReports [19/03/2019 06:52:44] - |D| - [137838645] - C:\WINDOWS\Logs [19/03/2019 06:52:44] - |RSD| - [27554727] - C:\WINDOWS\Media [MD5.A6CE8CE757E0C2AA85A3736A633797AB] - [11/10/2019 22:28:21] - |A| - (.-.) - [892289796] - (0.0.0.0) - C:\WINDOWS\MEMORY.DMP [MD5.23AF90D2355D8C83AA4567EF1763B467] - [19/03/2019 06:44:30] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [19/03/2019 06:52:43] - |RD| - [941024314] - C:\WINDOWS\Microsoft.NET [19/03/2019 06:52:44] - |D| - [3510] - C:\WINDOWS\Migration [11/10/2019 22:28:23] - |D| - [9156440] - C:\WINDOWS\Minidump [19/03/2019 06:52:44] - |D| - [0] - C:\WINDOWS\ModemLogs [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 04:35:42] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\WINDOWS\msdfmap.ini [MD5.F1139811BBF61362915958806AD30211] - [19/03/2019 06:45:00] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [181248] - (10.0.18362.1) - C:\WINDOWS\notepad.exe [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [26/06/2017 21:01:26] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\WINDOWS\NvContainerRecovery.bat [19/03/2019 14:03:09] - |D| - [2104608] - C:\WINDOWS\OCR [19/03/2019 06:52:44] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [29/09/2019 20:02:30] - |DC| - [316636683] - C:\WINDOWS\Panther [19/03/2019 06:52:44] - |D| - [4213317] - C:\WINDOWS\Performance [MD5.C7CF8099C796BA74B56F6A9C7DD3D483] - [15/10/2016 16:40:16] - |A| - (.-.) - [151814] - (0.0.0.0) - C:\WINDOWS\PFRO.log [19/03/2019 06:52:44] - |D| - [1453676] - C:\WINDOWS\PLA [19/03/2019 06:52:44] - |D| - [14187917] - C:\WINDOWS\PolicyDefinitions [02/10/2019 17:45:13] - |D| - [25513976] - C:\WINDOWS\Prefetch [19/03/2019 06:52:44] - |RD| - [1997298] - C:\WINDOWS\PrintDialog [MD5.AD5867D2A8665FFB20B0651AFC12114B] - [19/03/2019 14:04:34] - |A| - (.-.) - [34925] - (0.0.0.0) - C:\WINDOWS\Professional.xml [19/03/2019 06:52:44] - |D| - [5913305] - C:\WINDOWS\Provisioning [22/01/2012 19:43:51] - |D| - [49328] - C:\WINDOWS\pss [MD5.29409008DF22243BB320333F9FD5C060] - [19/03/2019 06:45:47] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [358400] - (10.0.18362.1) - C:\WINDOWS\regedit.exe [19/03/2019 06:52:44] - |D| - [1117876] - C:\WINDOWS\Registration [19/03/2019 14:04:01] - |D| - [0] - C:\WINDOWS\RemotePackages [19/03/2019 06:52:44] - |D| - [9265960] - C:\WINDOWS\rescache [19/03/2019 06:52:44] - |D| - [3840771] - C:\WINDOWS\Resources [MD5.D8D23B988DABD6AFD614F961E6BCF1DF] - [06/04/2010 14:42:02] - |A| - (.-.) - [91] - (0.0.0.0) - C:\WINDOWS\Sansa Media Converter.INI [19/03/2019 06:52:44] - |D| - [0] - C:\WINDOWS\SchCache [19/03/2019 06:52:44] - |D| - [190773] - C:\WINDOWS\schemas [19/03/2019 06:52:44] - |D| - [9548829] - C:\WINDOWS\security [02/10/2019 17:29:19] - |D| - [81737086] - C:\WINDOWS\ServiceProfiles [19/03/2019 06:52:44] - |D| - [4096] - C:\WINDOWS\ServiceState [19/03/2019 06:37:22] - |D| - [1880167064] - C:\WINDOWS\servicing [19/03/2019 06:56:38] - |D| - [57140] - C:\WINDOWS\Setup [MD5.D8B55642C450AAF87F2984D1101E5ADF] - [12/10/2019 12:04:42] - |A| - (.-.) - [6280] - (0.0.0.0) - C:\WINDOWS\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [12/10/2019 12:04:42] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\setuperr.log [19/03/2019 06:52:44] - |D| - [7052288] - C:\WINDOWS\ShellComponents [19/03/2019 06:52:44] - |D| - [56039936] - C:\WINDOWS\ShellExperiences [27/04/2016 07:29:59] - |D| - [97307] - C:\WINDOWS\ShellNew [19/03/2019 06:52:44] - |D| - [6828144] - C:\WINDOWS\SKB [28/01/2010 18:29:34] - |D| - [447490497] - C:\WINDOWS\SoftwareDistribution [19/03/2019 06:52:44] - |D| - [137989018] - C:\WINDOWS\Speech [19/03/2019 06:52:44] - |D| - [128174223] - C:\WINDOWS\Speech_OneCore [MD5.7FE20527607797A8DADE19838B8B1573] - [03/10/2019 18:43:17] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [132096] - (10.0.18362.387) - C:\WINDOWS\splwow64.exe [12/05/2010 17:02:09] - |D| - [0] - C:\WINDOWS\Sun [19/03/2019 06:52:44] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 04:34:57] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [MD5.286A9EDB379DC3423A528B0864A0F111] - [15/08/2010 18:40:20] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.sav [19/03/2019 06:37:22] - |D| - [5656648470] - C:\WINDOWS\System32 [19/03/2019 06:52:45] - |D| - [212887551] - C:\WINDOWS\SystemApps [19/03/2019 06:52:46] - |D| - [191190261] - C:\WINDOWS\SystemResources [19/03/2019 06:52:46] - |D| - [1430655807] - C:\WINDOWS\SysWOW64 [19/03/2019 06:52:46] - |D| - [0] - C:\WINDOWS\TAPI [14/07/2009 05:20:14] - |D| - [4570] - C:\WINDOWS\Tasks [19/03/2019 06:52:46] - |D| - [269074031] - C:\WINDOWS\Temp [26/01/2011 21:10:51] - |D| - [66129296] - C:\WINDOWS\Temp58E81DA6-7529-BC08-B831-D6E4D2F05322-Signatures [19/03/2019 06:52:46] - |D| - [13786112] - C:\WINDOWS\TextInput [19/03/2019 06:52:46] - |D| - [0] - C:\WINDOWS\tracing [19/03/2019 06:52:46] - |D| - [7680] - C:\WINDOWS\twain_32 [MD5.BC67755EBD59B2523C943F0D1A9982EF] - [19/03/2019 06:46:01] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [64512] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [15/08/2010 18:38:53] - |D| - [1070872] - C:\WINDOWS\UbiSoft [MD5.892AEA779FDFD653877413CB35F8682F] - [15/08/2010 18:43:06] - |A| - (.Copyright Stirling Technologies, Inc. 1990-1995 Phone : (708) 240-9111 - InstallSHIELD Deinstaller.) - [155648] - (2.10.816.0) - C:\WINDOWS\uninst.exe [17/06/2017 21:19:49] - |SD| - [0] - C:\WINDOWS\UpdateAssistantV2 [MD5.E9954CEBEF7433005BAFD3D3D3D1ECD4] - [25/06/2007 19:37:22] - |A| - (.Copyright (C) 2007 by SamLogic - Visual Installer Uninstaller.) - [225280] - (8.0.0.1) - C:\WINDOWS\VIXUNIN.EXE [MD5.A894DEBA97BA1C835C60EF7E30F8FA83] - [01/06/2015 12:26:56] - |A| - (.-.) - [931] - (0.0.0.0) - C:\WINDOWS\VIXUNIN.EXE.manifest [MD5.417EB686F94F3BCB14DB135DD2E0C06E] - [28/03/2010 15:17:58] - |A| - (.-.) - [15804] - (0.0.0.0) - C:\WINDOWS\vpd.properties [19/03/2019 06:52:46] - |D| - [12420] - C:\WINDOWS\Vss [19/03/2019 06:52:46] - |D| - [33194] - C:\WINDOWS\WaaS [19/03/2019 06:52:46] - |D| - [16568315] - C:\WINDOWS\Web [MD5.25434CA96A3CAA96C990C78872C1B122] - [14/07/2009 04:34:57] - |A| - (.-.) - [829] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [19/03/2019 06:44:30] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.2CC83D93DD1DDE691158CF5E9882420B] - [05/10/2019 12:09:50] - |A| - (.-.) - [276] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.CAA192BFDFB5F2A131EBD649B7062DE3] - [19/03/2019 06:46:01] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.18362.1) - C:\WINDOWS\winhlp32.exe [19/03/2019 06:37:22] - |D| - [9351054404] - C:\WINDOWS\WinSxS [MD5.4860944ABF2F8EAB74039A3A132B9995] - [08/03/2012 18:37:20] - |A| - (.© 2010 Microsoft Corporation. Tous droits réservés. - Écran de veille photos Windows Live.) - [302448] - (15.4.3555.308) - C:\WINDOWS\WLXPGSS.SCR [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [19/03/2019 06:58:10] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.1D27F61CC5D659247D2E0C111C5386DE] - [19/03/2019 06:45:54] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.18362.1) - C:\WINDOWS\write.exe ---------- | C:\WINDOWS\System32\GroupPolicy [MD5.EC3584F3DB838942EC3669DB02DC908E] - [27/11/2012 19:39:16] - |A| - (.-.) - [11] - (0.0.0.0) - C:\WINDOWS\System32\GroupPolicy\gpt.ini [27/11/2012 19:39:16] - |D| - [0] - C:\WINDOWS\System32\GroupPolicy\Machine [27/11/2012 19:39:16] - |D| - [0] - C:\WINDOWS\System32\GroupPolicy\User ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [11/01/2016 17:31:20] - C:\WINDOWS\Installer\100347.msi : (Adobe AIR Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/11/2014 16:23:04] - C:\WINDOWS\Installer\13ccbc4.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/10/2013 16:09:29] - C:\WINDOWS\Installer\13fb2f5.msi : (PDF Architect Installer - pdfforge GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/11/2010 19:46:36] - C:\WINDOWS\Installer\1489bd.msi : (Autodesk Material Library 2011 - Autodesk) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/11/2010 19:46:38] - C:\WINDOWS\Installer\1489c3.msi : (Autodesk Material Library Base Resolution Image Library - Autodesk) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/02/2011 13:27:14] - C:\WINDOWS\Installer\1489c9.msi : (Autodesk Content Service - Autodesk) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2011 00:29:09] - C:\WINDOWS\Installer\1489d2.msi : (AutoCAD 2012 - Autodesk, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/02/2011 11:42:35] - C:\WINDOWS\Installer\148a60.msi : (AutoCAD 2012 LanguagePack - French - Autodesk, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/03/2015 10:41:29] - C:\WINDOWS\Installer\1578aa5.msi : ( - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/11/2008 16:57:38] - C:\WINDOWS\Installer\17908.msi : (Logitech eReg 1.12 merge module-to-MSI converter - Logitech, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:36] - C:\WINDOWS\Installer\1c7823.msi : (LS_HSI - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:34] - C:\WINDOWS\Installer\1c7828.msi : (Nero Multimedia Suite 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:36:02] - C:\WINDOWS\Installer\1c782f.msi : (NeroControlCenter - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:36:00] - C:\WINDOWS\Installer\1c7837.msi : (Nero Core Components 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:54] - C:\WINDOWS\Installer\1c783f.msi : (Nero Dolby Files 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:36:05] - C:\WINDOWS\Installer\1c7847.msi : (Nero BDCore 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:48] - C:\WINDOWS\Installer\1c784f.msi : (Nero 10 Menu TemplatePack Basic - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:47] - C:\WINDOWS\Installer\1c7857.msi : (Nero Movie 10 ThemePack Basic - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:36:05] - C:\WINDOWS\Installer\1c785f.msi : (Nero Burning ROM 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:36:03] - C:\WINDOWS\Installer\1c7867.msi : (Nero BurnRights 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:36:07] - C:\WINDOWS\Installer\1c786f.msi : (Nero BackItUp 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:36:00] - C:\WINDOWS\Installer\1c7877.msi : (Nero CoverDesigner 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:56] - C:\WINDOWS\Installer\1c787f.msi : (Nero DiscSpeed 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:54] - C:\WINDOWS\Installer\1c7887.msi : (Nero Express 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:51] - C:\WINDOWS\Installer\1c788f.msi : (Nero InfoTool 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:49] - C:\WINDOWS\Installer\1c7897.msi : (Nero MediaHub 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:45] - C:\WINDOWS\Installer\1c789f.msi : (Nero RescueAgent 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:47] - C:\WINDOWS\Installer\1c78a7.msi : (Nero Recode 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:39] - C:\WINDOWS\Installer\1c78af.msi : (Nero Vision 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:43] - C:\WINDOWS\Installer\1c78b7.msi : (Nero SoundTrax 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:37] - C:\WINDOWS\Installer\1c78bf.msi : (Nero WaveEditor 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:41] - C:\WINDOWS\Installer\1c78c8.msi : (Nero StartSmart 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:36:05] - C:\WINDOWS\Installer\1c78d0.msi : (Nero BackItUp 10 Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:36:03] - C:\WINDOWS\Installer\1c78d8.msi : (Nero Burning ROM 10 Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:36:00] - C:\WINDOWS\Installer\1c78e0.msi : (Nero ControlCenter 10 Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:36:02] - C:\WINDOWS\Installer\1c78e8.msi : (Nero BurnRights 10 Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:59] - C:\WINDOWS\Installer\1c78f0.msi : (Nero CoverDesigner 10 Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:55] - C:\WINDOWS\Installer\1c78f8.msi : (Nero DiscSpeed 10 Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:53] - C:\WINDOWS\Installer\1c7900.msi : (Nero Express 10 Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:50] - C:\WINDOWS\Installer\1c7908.msi : (Nero InfoTool 10 Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:48] - C:\WINDOWS\Installer\1c7910.msi : (Nero MediaHub 10 Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:46] - C:\WINDOWS\Installer\1c7918.msi : (Nero Recode 10 Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:43] - C:\WINDOWS\Installer\1c7920.msi : (Nero RescueAgent 10 Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:42] - C:\WINDOWS\Installer\1c7928.msi : (Nero SoundTrax 10 Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:40] - C:\WINDOWS\Installer\1c7930.msi : (Nero StartSmart 10 Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:38] - C:\WINDOWS\Installer\1c7938.msi : (Nero Vision 10 Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:36] - C:\WINDOWS\Installer\1c7940.msi : (Nero WaveEditor 10 Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/05/2010 23:35:40] - C:\WINDOWS\Installer\1c7947.msi : (Nero Update - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/03/2019 21:47:53] - C:\WINDOWS\Installer\1ef8c72e.msi : (Google Earth Pro - Google) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/10/2015 14:20:59] - C:\WINDOWS\Installer\1f91ca.msi : (Adobe Help - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [02/02/2010 20:42:23] - C:\WINDOWS\Installer\23150f.msi : (Spelling Dictionaries for Adobe Reader 9 - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/02/2010 10:57:22] - C:\WINDOWS\Installer\2dc8d94.msi : ( - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/02/2010 10:57:23] - C:\WINDOWS\Installer\2dc8dad.msi : (ImagXpress - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/01/2015 22:16:40] - C:\WINDOWS\Installer\36c6dd.msi : (CodeMeter Runtime Installer - WIBU-SYSTEMS AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/02/2014 22:08:41] - C:\WINDOWS\Installer\3b849c.msi : (Apple Application Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/10/2013 17:23:11] - C:\WINDOWS\Installer\3f506.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/10/2013 16:32:27] - C:\WINDOWS\Installer\3f50e.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/10/2013 16:46:01] - C:\WINDOWS\Installer\3f524.msi : (PDF Settings CS6 - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/10/2013 17:09:48] - C:\WINDOWS\Installer\3f6d7.msi : (Installers - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/10/2009 10:29:00] - C:\WINDOWS\Installer\3f8fb5.msi : (FARO LS - FARO Scanner Production) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/11/2009 20:10:30] - C:\WINDOWS\Installer\56b93.msi : (Logitech eReg 1.20 merge module-to-MSI converter - Logitech, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/03/2014 18:48:06] - C:\WINDOWS\Installer\587a3.msi : (Bamboo Dock - Wacom Europe GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/08/2019 16:44:46] - C:\WINDOWS\Installer\5bf5ef6f.msi : (Dropbox Update Helper - Dropbox, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/09/2011 04:42:18] - C:\WINDOWS\Installer\5d318.msi : (Apple Software Update Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [02/02/2010 21:46:47] - C:\WINDOWS\Installer\6a46d.msi : (NVIDIA Performance Drivers - NVIDIA Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/05/2012 01:48:11] - C:\WINDOWS\Installer\806c6.msi : (Google SketchUp 8 Installer - Google, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/10/2019 20:49:01] - C:\WINDOWS\Installer\a0f531e.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/08/2015 15:23:01] - C:\WINDOWS\Installer\c27eb.msi : (QuickTime Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/10/2019 20:51:09] - C:\WINDOWS\Installer\ccbae0f.msi : (Google Update Helper - Google LLC) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/01/2010 18:35:09] - C:\WINDOWS\Installer\d677d.msi : (USB 3.0 Host Controller Driver - NEC Electronics Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 21:49:46] - C:\WINDOWS\Installer\e065f2.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 21:49:46] - C:\WINDOWS\Installer\e065fa.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 21:49:46] - C:\WINDOWS\Installer\e06602.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 21:49:46] - C:\WINDOWS\Installer\e0660a.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 21:49:46] - C:\WINDOWS\Installer\e06612.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 21:49:46] - C:\WINDOWS\Installer\e0661a.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 21:49:46] - C:\WINDOWS\Installer\e06622.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 21:49:46] - C:\WINDOWS\Installer\e0662a.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 21:49:46] - C:\WINDOWS\Installer\e06632.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 21:49:46] - C:\WINDOWS\Installer\e0663a.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 21:49:46] - C:\WINDOWS\Installer\e06642.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 21:49:46] - C:\WINDOWS\Installer\e0664a.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 21:49:46] - C:\WINDOWS\Installer\e06652.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 21:49:46] - C:\WINDOWS\Installer\e0665a.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/04/2015 21:33:05] - C:\WINDOWS\Installer\ecf9de.msi : (Skype - Skype Technologies S.A.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/05/2016 05:20:29] - [58986496] - (.().-. - ()) - C:\WINDOWS\Installer\100633c.msp [23/06/2016 13:54:16] - [53339648] - (.().-. - ()) - C:\WINDOWS\Installer\100efae.msp [16/09/2015 21:29:04] - [9687040] - (.().-. - ()) - C:\WINDOWS\Installer\101e5c.msp [02/10/2015 21:33:12] - [16429056] - (.().-. - ()) - C:\WINDOWS\Installer\101e71.msp [16/09/2015 21:23:46] - [10035200] - (.().-. - ()) - C:\WINDOWS\Installer\101e86.msp [18/03/2015 04:08:20] - [11128832] - (.().-. - ()) - C:\WINDOWS\Installer\1087d9.msp [04/04/2009 07:41:22] - [14085120] - (.().-. - ()) - C:\WINDOWS\Installer\115b45.msp [04/04/2009 07:42:30] - [20993024] - (.().-. - ()) - C:\WINDOWS\Installer\115b63.msp [04/04/2009 17:05:54] - [7999488] - (.().-. - ()) - C:\WINDOWS\Installer\115ce7.msp [04/04/2009 15:46:36] - [1110528] - (.().-. - ()) - C:\WINDOWS\Installer\115cf2.msp [04/04/2009 17:09:26] - [10874880] - (.().-. - ()) - C:\WINDOWS\Installer\115cfd.msp [04/04/2009 17:10:08] - [9926144] - (.().-. - ()) - C:\WINDOWS\Installer\115d08.msp [04/04/2009 17:10:16] - [7888384] - (.().-. - ()) - C:\WINDOWS\Installer\115d12.msp [04/04/2009 17:10:24] - [1282560] - (.().-. - ()) - C:\WINDOWS\Installer\115d1a.msp [04/04/2009 09:06:02] - [4443136] - (.().-. - ()) - C:\WINDOWS\Installer\115d24.msp [14/04/2009 04:56:48] - [10826752] - (.().-. - ()) - C:\WINDOWS\Installer\115d2c.msp [21/06/2011 12:01:14] - [4991488] - (.().-. - ()) - C:\WINDOWS\Installer\115d41.msp [25/02/2009 19:08:18] - [8311808] - (.().-. - ()) - C:\WINDOWS\Installer\115d63.msp [07/05/2009 09:04:18] - [10289664] - (.().-. - ()) - C:\WINDOWS\Installer\115d6b.msp [14/04/2009 03:46:40] - [7391744] - (.().-. - ()) - C:\WINDOWS\Installer\115d73.msp [14/04/2009 04:22:04] - [7532544] - (.().-. - ()) - C:\WINDOWS\Installer\115d7b.msp [17/03/2011 20:00:20] - [90624] - (.().-. - ()) - C:\WINDOWS\Installer\115d83.msp [08/04/2019 08:22:42] - [7155712] - (.().-. - ()) - C:\WINDOWS\Installer\11beadeb.msp [19/11/2014 09:45:32] - [11059200] - (.().-. - ()) - C:\WINDOWS\Installer\122b996.msp [25/11/2014 11:16:04] - [11124736] - (.().-. - ()) - C:\WINDOWS\Installer\122b9ac.msp [12/11/2014 21:12:46] - [10436608] - (.().-. - ()) - C:\WINDOWS\Installer\122b9c1.msp [25/11/2014 11:17:26] - [9691136] - (.().-. - ()) - C:\WINDOWS\Installer\122b9d6.msp [25/11/2014 11:15:34] - [4333568] - (.().-. - ()) - C:\WINDOWS\Installer\122b9eb.msp [15/11/2016 23:18:50] - [4337664] - (.().-. - ()) - C:\WINDOWS\Installer\13118235.msp [15/11/2016 23:17:40] - [8134656] - (.().-. - ()) - C:\WINDOWS\Installer\13118249.msp [15/11/2016 23:18:24] - [11169792] - (.().-. - ()) - C:\WINDOWS\Installer\1311825e.msp [15/11/2016 23:18:56] - [9695232] - (.().-. - ()) - C:\WINDOWS\Installer\13118272.msp [15/11/2016 23:17:32] - [16433152] - (.().-. - ()) - C:\WINDOWS\Installer\13118286.msp [15/11/2016 23:17:00] - [10465280] - (.().-. - ()) - C:\WINDOWS\Installer\1311829a.msp [23/07/2010 01:04:08] - [11395072] - (.().-. - ()) - C:\WINDOWS\Installer\13fa64.msp [20/11/2010 23:33:46] - [1980928] - (.().-. - ()) - C:\WINDOWS\Installer\13fa79.msp [04/08/2010 15:12:26] - [1004544] - (.().-. - ()) - C:\WINDOWS\Installer\13fa81.msp [23/07/2010 01:03:24] - [338432] - (.().-. - ()) - C:\WINDOWS\Installer\13fa96.msp [18/08/2009 13:08:34] - [1373696] - (.().-. - ()) - C:\WINDOWS\Installer\13faaa.msp [26/05/2009 18:53:56] - [579072] - (.().-. - ()) - C:\WINDOWS\Installer\13fabe.msp [16/10/2009 07:08:48] - [2237952] - (.().-. - ()) - C:\WINDOWS\Installer\13fad3.msp [20/05/2010 19:57:12] - [5907456] - (.().-. - ()) - C:\WINDOWS\Installer\13faf1.msp [20/05/2010 19:57:18] - [4989952] - (.().-. - ()) - C:\WINDOWS\Installer\13faf2.msp [17/03/2011 20:01:58] - [9563648] - (.().-. - ()) - C:\WINDOWS\Installer\13fb08.msp [29/04/2011 12:33:30] - [8173568] - (.().-. - ()) - C:\WINDOWS\Installer\13fb1d.msp [27/07/2009 04:31:24] - [3738624] - (.().-. - ()) - C:\WINDOWS\Installer\13fb32.msp [24/03/2010 18:54:54] - [2516992] - (.().-. - ()) - C:\WINDOWS\Installer\13fb5a.msp [24/03/2010 18:54:48] - [3126272] - (.().-. - ()) - C:\WINDOWS\Installer\13fb5b.msp [05/08/2009 07:49:32] - [3457024] - (.().-. - ()) - C:\WINDOWS\Installer\13fb73.msp [13/08/2010 18:00:36] - [9404928] - (.().-. - ()) - C:\WINDOWS\Installer\13fb8a.msp [29/04/2011 12:27:04] - [4158464] - (.().-. - ()) - C:\WINDOWS\Installer\13fbb0.msp [04/08/2010 15:13:04] - [686080] - (.().-. - ()) - C:\WINDOWS\Installer\13fbc5.msp [13/08/2010 18:02:20] - [2545664] - (.().-. - ()) - C:\WINDOWS\Installer\13fbda.msp [21/10/2010 18:10:00] - [3995136] - (.().-. - ()) - C:\WINDOWS\Installer\13fbf3.msp [29/04/2011 12:28:40] - [1995264] - (.().-. - ()) - C:\WINDOWS\Installer\13fc08.msp [29/04/2011 12:31:46] - [9006080] - (.().-. - ()) - C:\WINDOWS\Installer\13fc1d.msp [17/03/2011 20:03:50] - [308736] - (.().-. - ()) - C:\WINDOWS\Installer\13fc31.msp [22/04/2011 19:41:34] - [11507712] - (.().-. - ()) - C:\WINDOWS\Installer\13fc52.msp [16/09/2014 22:23:56] - [11124736] - (.().-. - ()) - C:\WINDOWS\Installer\1443d7.msp [16/09/2014 21:32:04] - [4333568] - (.().-. - ()) - C:\WINDOWS\Installer\1443ec.msp [12/05/2018 08:05:37] - [7094272] - (.().-. - ()) - C:\WINDOWS\Installer\149f493f.msp [16/11/2017 04:34:24] - [10555392] - (.().-. - ()) - C:\WINDOWS\Installer\14a1a322.msp [01/10/2015 00:07:56] - [52576256] - (.().-. - ()) - C:\WINDOWS\Installer\1578aa6.msp [20/02/2019 14:28:20] - [1986560] - (.().-. - ()) - C:\WINDOWS\Installer\199ad0bc.msp [15/01/2019 21:30:34] - [53014528] - (.().-. - ()) - C:\WINDOWS\Installer\19d74237.msp [20/06/2015 03:57:20] - [13508608] - (.().-. - ()) - C:\WINDOWS\Installer\1c3e69.msp [18/05/2015 14:56:08] - [1118208] - (.().-. - ()) - C:\WINDOWS\Installer\1c3e73.msp [11/11/2015 23:31:42] - [10461184] - (.().-. - ()) - C:\WINDOWS\Installer\1c47cc.msp [19/11/2015 11:34:30] - [11161600] - (.().-. - ()) - C:\WINDOWS\Installer\1c47e2.msp [11/11/2015 23:32:20] - [16424960] - (.().-. - ()) - C:\WINDOWS\Installer\1c47f7.msp [15/12/2015 03:39:28] - [1134592] - (.().-. - ()) - C:\WINDOWS\Installer\1c6f357.msp [15/09/2011 19:39:56] - [15017984] - (.().-. - ()) - C:\WINDOWS\Installer\1c70d1.msp [15/09/2011 19:40:24] - [33243648] - (.().-. - ()) - C:\WINDOWS\Installer\1c70f7.msp [15/09/2011 19:34:14] - [8499712] - (.().-. - ()) - C:\WINDOWS\Installer\1c72ca.msp [15/09/2011 19:35:04] - [1833984] - (.().-. - ()) - C:\WINDOWS\Installer\1c72d3.msp [15/09/2011 19:37:06] - [14140416] - (.().-. - ()) - C:\WINDOWS\Installer\1c72df.msp [15/09/2011 19:38:04] - [10838528] - (.().-. - ()) - C:\WINDOWS\Installer\1c72ea.msp [15/09/2011 19:39:22] - [11163136] - (.().-. - ()) - C:\WINDOWS\Installer\1c72f6.msp [15/09/2011 19:40:36] - [7959552] - (.().-. - ()) - C:\WINDOWS\Installer\1c7300.msp [15/09/2011 19:40:52] - [4760064] - (.().-. - ()) - C:\WINDOWS\Installer\1c7307.msp [06/01/2016 03:28:22] - [319488] - (.().-. - ()) - C:\WINDOWS\Installer\1c8332e.msp [10/03/2015 11:26:44] - [9801728] - (.().-. - ()) - C:\WINDOWS\Installer\1de581.msp [20/06/2015 03:57:58] - [9691136] - (.().-. - ()) - C:\WINDOWS\Installer\1de596.msp [14/04/2015 08:53:04] - [15880192] - (.().-. - ()) - C:\WINDOWS\Installer\1de5ab.msp [18/03/2015 04:08:56] - [4333568] - (.().-. - ()) - C:\WINDOWS\Installer\1de5c0.msp [22/07/2015 09:09:24] - [16433152] - (.().-. - ()) - C:\WINDOWS\Installer\1f33df.msp [14/07/2015 14:59:14] - [8818688] - (.().-. - ()) - C:\WINDOWS\Installer\1f33f4.msp [01/07/2015 23:37:38] - [9801728] - (.().-. - ()) - C:\WINDOWS\Installer\1f3409.msp [18/03/2015 04:08:56] - [9019392] - (.().-. - ()) - C:\WINDOWS\Installer\1f341e.msp [14/07/2015 15:00:26] - [4939776] - (.().-. - ()) - C:\WINDOWS\Installer\1f3433.msp [14/07/2015 15:04:30] - [4333568] - (.().-. - ()) - C:\WINDOWS\Installer\1f3448.msp [14/07/2015 14:56:40] - [10444800] - (.().-. - ()) - C:\WINDOWS\Installer\1f345d.msp [22/07/2015 09:07:40] - [5079040] - (.().-. - ()) - C:\WINDOWS\Installer\1f3472.msp [14/07/2015 15:04:18] - [11120640] - (.().-. - ()) - C:\WINDOWS\Installer\1f3488.msp [12/08/2015 15:47:22] - [53332992] - (.().-. - ()) - C:\WINDOWS\Installer\1f3498.msp [22/07/2015 09:10:44] - [10031104] - (.().-. - ()) - C:\WINDOWS\Installer\1f34a0.msp [13/08/2015 07:59:22] - [9687040] - (.().-. - ()) - C:\WINDOWS\Installer\22323a.msp [02/09/2015 16:00:04] - [1118208] - (.().-. - ()) - C:\WINDOWS\Installer\230ae0.msp [13/08/2015 07:57:10] - [10039296] - (.().-. - ()) - C:\WINDOWS\Installer\230af5.msp [19/08/2015 05:52:56] - [9801728] - (.().-. - ()) - C:\WINDOWS\Installer\230b0a.msp [20/07/2017 12:43:32] - [13115392] - (.().-. - ()) - C:\WINDOWS\Installer\2392717c.msp [13/07/2016 01:06:16] - [4984832] - (.().-. - ()) - C:\WINDOWS\Installer\2496223b.msp [18/09/2018 10:10:59] - [4706304] - (.().-. - ()) - C:\WINDOWS\Installer\24ba939d.msp [10/02/2016 12:45:24] - [13086720] - (.().-. - ()) - C:\WINDOWS\Installer\256fe8.msp [10/02/2016 12:39:10] - [3665920] - (.().-. - ()) - C:\WINDOWS\Installer\256ffd.msp [10/02/2016 12:39:52] - [2584576] - (.().-. - ()) - C:\WINDOWS\Installer\257012.msp [18/02/2016 08:40:12] - [11165696] - (.().-. - ()) - C:\WINDOWS\Installer\257028.msp [18/02/2016 08:40:00] - [4337664] - (.().-. - ()) - C:\WINDOWS\Installer\25703d.msp [04/02/2016 09:53:56] - [7045120] - (.().-. - ()) - C:\WINDOWS\Installer\25705c.msp [03/11/2016 09:25:06] - [1642496] - (.().-. - ()) - C:\WINDOWS\Installer\25b53696.msp [13/01/2016 08:51:02] - [9699328] - (.().-. - ()) - C:\WINDOWS\Installer\267062.msp [11/11/2015 23:32:34] - [8818688] - (.().-. - ()) - C:\WINDOWS\Installer\27a538.msp [04/11/2015 17:11:08] - [9715712] - (.().-. - ()) - C:\WINDOWS\Installer\27a54d.msp [13/12/2015 17:37:34] - [53336064] - (.().-. - ()) - C:\WINDOWS\Installer\27a55d.msp [19/11/2015 11:34:14] - [4333568] - (.().-. - ()) - C:\WINDOWS\Installer\27a571.msp [11/11/2015 23:34:28] - [9691136] - (.().-. - ()) - C:\WINDOWS\Installer\27a586.msp [19/01/2017 12:28:55] - [1937408] - (.().-. - ()) - C:\WINDOWS\Installer\28a942e3.msp [14/12/2017 16:32:40] - [10469376] - (.().-. - ()) - C:\WINDOWS\Installer\28c9951d.msp [14/12/2017 16:35:44] - [11165696] - (.().-. - ()) - C:\WINDOWS\Installer\28c99532.msp [14/12/2017 16:34:48] - [16977920] - (.().-. - ()) - C:\WINDOWS\Installer\28c99546.msp [14/12/2017 16:36:22] - [9699328] - (.().-. - ()) - C:\WINDOWS\Installer\28c9955a.msp [14/12/2017 16:49:20] - [4337664] - (.().-. - ()) - C:\WINDOWS\Installer\28c9956e.msp [14/12/2017 16:50:44] - [102400] - (.().-. - ()) - C:\WINDOWS\Installer\28c9957a.msp [14/12/2017 16:35:16] - [12849152] - (.().-. - ()) - C:\WINDOWS\Installer\28c9958e.msp [12/07/2016 05:25:29] - [39538688] - (.().-. - ()) - C:\WINDOWS\Installer\2a172156.msp [13/01/2016 08:47:38] - [4337664] - (.().-. - ()) - C:\WINDOWS\Installer\2b9012.msp [13/01/2016 08:46:56] - [11177984] - (.().-. - ()) - C:\WINDOWS\Installer\2b9028.msp [13/01/2016 08:41:26] - [16441344] - (.().-. - ()) - C:\WINDOWS\Installer\2b903d.msp [13/01/2016 08:39:14] - [10461184] - (.().-. - ()) - C:\WINDOWS\Installer\2b9052.msp [01/07/2016 08:32:56] - [4341760] - (.().-. - ()) - C:\WINDOWS\Installer\2df47e17.msp [01/07/2016 08:32:08] - [11137024] - (.().-. - ()) - C:\WINDOWS\Installer\2df47e2c.msp [15/06/2016 23:27:32] - [10461184] - (.().-. - ()) - C:\WINDOWS\Installer\2df47e40.msp [16/06/2016 00:18:16] - [9699328] - (.().-. - ()) - C:\WINDOWS\Installer\2df47e54.msp [12/01/2016 05:19:17] - [46080000] - (.().-. - ()) - C:\WINDOWS\Installer\3503a8.msp [23/11/2017 10:31:16] - [282624] - (.().-. - ()) - C:\WINDOWS\Installer\35b05036.msp [22/10/2018 15:33:19] - [2584576] - (.().-. - ()) - C:\WINDOWS\Installer\3aa36c1f.msp [10/10/2016 09:29:03] - [36499456] - (.().-. - ()) - C:\WINDOWS\Installer\3bad0e00.msp [15/10/2016 13:03:22] - [53345280] - (.().-. - ()) - C:\WINDOWS\Installer\3bc0bddf.msp [03/09/2016 21:43:22] - [9809920] - (.().-. - ()) - C:\WINDOWS\Installer\3bc0bdf2.msp [23/09/2016 10:42:52] - [11177984] - (.().-. - ()) - C:\WINDOWS\Installer\3bdcd7dd.msp [23/09/2016 10:42:50] - [4337664] - (.().-. - ()) - C:\WINDOWS\Installer\3bdcd7f1.msp [28/04/2011 05:42:32] - [4990976] - (.().-. - ()) - C:\WINDOWS\Installer\3be04.msp [22/06/2017 05:41:28] - [10461184] - (.().-. - ()) - C:\WINDOWS\Installer\3de3600f.msp [22/06/2017 05:41:40] - [9695232] - (.().-. - ()) - C:\WINDOWS\Installer\3de36023.msp [03/07/2017 16:22:36] - [16998400] - (.().-. - ()) - C:\WINDOWS\Installer\3de36037.msp [18/03/2016 21:07:16] - [4251648] - (.().-. - ()) - C:\WINDOWS\Installer\3ef1a3.msp [18/03/2016 21:07:26] - [9699328] - (.().-. - ()) - C:\WINDOWS\Installer\3ef1b8.msp [18/03/2016 21:07:02] - [10059776] - (.().-. - ()) - C:\WINDOWS\Installer\3ef1ce.msp [24/02/2016 08:14:42] - [9805824] - (.().-. - ()) - C:\WINDOWS\Installer\3ef1e3.msp [18/03/2016 21:06:44] - [10059776] - (.().-. - ()) - C:\WINDOWS\Installer\3ef1f8.msp [08/03/2016 05:45:28] - [14458880] - (.().-. - ()) - C:\WINDOWS\Installer\3ef212.msp [11/07/2017 06:57:12] - [1732608] - (.().-. - ()) - C:\WINDOWS\Installer\4182d.msp [07/10/2014 17:44:32] - [4333568] - (.().-. - ()) - C:\WINDOWS\Installer\41be34.msp [07/10/2014 17:44:08] - [11153408] - (.().-. - ()) - C:\WINDOWS\Installer\41be4a.msp [29/10/2014 08:00:18] - [4931584] - (.().-. - ()) - C:\WINDOWS\Installer\41be5f.msp [19/08/2011 16:21:50] - [39936] - (.().-. - ()) - C:\WINDOWS\Installer\43497.msp [19/08/2011 16:21:51] - [4425728] - (.().-. - ()) - C:\WINDOWS\Installer\434cd.msp [19/08/2011 16:21:52] - [2933248] - (.().-. - ()) - C:\WINDOWS\Installer\434e6.msp [19/08/2011 16:21:53] - [136704] - (.().-. - ()) - C:\WINDOWS\Installer\434f0.msp [19/08/2011 16:21:55] - [1139200] - (.().-. - ()) - C:\WINDOWS\Installer\43501.msp [19/08/2011 16:21:56] - [715264] - (.().-. - ()) - C:\WINDOWS\Installer\4351a.msp [19/08/2011 16:22:01] - [3313152] - (.().-. - ()) - C:\WINDOWS\Installer\4353b.msp [19/08/2011 16:22:03] - [5872128] - (.().-. - ()) - C:\WINDOWS\Installer\4357c.msp [19/08/2011 16:22:04] - [2956288] - (.().-. - ()) - C:\WINDOWS\Installer\4359b.msp [19/08/2011 16:22:05] - [14623744] - (.().-. - ()) - C:\WINDOWS\Installer\435cc.msp [19/08/2011 16:22:06] - [3731968] - (.().-. - ()) - C:\WINDOWS\Installer\435db.msp [19/08/2011 16:22:07] - [205824] - (.().-. - ()) - C:\WINDOWS\Installer\435eb.msp [19/08/2011 16:22:07] - [3103744] - (.().-. - ()) - C:\WINDOWS\Installer\435fe.msp [19/08/2011 16:22:07] - [1828864] - (.().-. - ()) - C:\WINDOWS\Installer\4360c.msp [19/08/2011 16:22:08] - [29184] - (.().-. - ()) - C:\WINDOWS\Installer\4361c.msp [19/08/2011 16:22:08] - [631296] - (.().-. - ()) - C:\WINDOWS\Installer\4362a.msp [19/08/2011 16:22:09] - [469504] - (.().-. - ()) - C:\WINDOWS\Installer\43639.msp [19/08/2011 16:22:10] - [665088] - (.().-. - ()) - C:\WINDOWS\Installer\43651.msp [19/08/2011 16:22:10] - [515072] - (.().-. - ()) - C:\WINDOWS\Installer\4365b.msp [19/08/2011 16:22:11] - [2149888] - (.().-. - ()) - C:\WINDOWS\Installer\4366c.msp [19/08/2011 16:22:11] - [61440] - (.().-. - ()) - C:\WINDOWS\Installer\43677.msp [19/08/2011 16:22:11] - [23552] - (.().-. - ()) - C:\WINDOWS\Installer\43682.msp [19/08/2011 16:22:12] - [31232] - (.().-. - ()) - C:\WINDOWS\Installer\4368c.msp [19/08/2011 16:22:12] - [25088] - (.().-. - ()) - C:\WINDOWS\Installer\436a3.msp [03/01/2019 11:17:04] - [1720320] - (.().-. - ()) - C:\WINDOWS\Installer\47bc87ca.msp [27/10/2016 16:43:22] - [9019392] - (.().-. - ()) - C:\WINDOWS\Installer\485ef8ea.msp [11/10/2016 21:17:00] - [10461184] - (.().-. - ()) - C:\WINDOWS\Installer\485ef8fe.msp [11/10/2016 21:17:18] - [16416768] - (.().-. - ()) - C:\WINDOWS\Installer\485ef912.msp [11/10/2016 21:17:14] - [9695232] - (.().-. - ()) - C:\WINDOWS\Installer\485ef926.msp [11/10/2016 21:17:00] - [11165696] - (.().-. - ()) - C:\WINDOWS\Installer\485ef93b.msp [11/10/2016 21:16:58] - [4337664] - (.().-. - ()) - C:\WINDOWS\Installer\485ef94f.msp [29/11/2017 12:42:28] - [1355776] - (.().-. - ()) - C:\WINDOWS\Installer\4910ffbd.msp [16/02/2017 13:26:24] - [10465280] - (.().-. - ()) - C:\WINDOWS\Installer\49e2fe4b.msp [17/03/2017 22:42:43] - [53348864] - (.().-. - ()) - C:\WINDOWS\Installer\49e2fe5a.msp [16/02/2017 13:27:46] - [11173888] - (.().-. - ()) - C:\WINDOWS\Installer\49e8f381.msp [16/02/2017 13:28:36] - [9695232] - (.().-. - ()) - C:\WINDOWS\Installer\49e8f395.msp [16/02/2017 13:27:26] - [8134656] - (.().-. - ()) - C:\WINDOWS\Installer\49e8f3a9.msp [07/02/2017 13:39:54] - [9805824] - (.().-. - ()) - C:\WINDOWS\Installer\49e8f3bd.msp [16/02/2017 13:27:56] - [4337664] - (.().-. - ()) - C:\WINDOWS\Installer\49e8f3d1.msp [19/05/2016 04:10:58] - [4988928] - (.().-. - ()) - C:\WINDOWS\Installer\4bfc8.msp [13/11/2018 06:24:12] - [3485696] - (.().-. - ()) - C:\WINDOWS\Installer\4d69064.msp [11/04/2017 23:27:48] - [11177984] - (.().-. - ()) - C:\WINDOWS\Installer\5052573.msp [11/04/2017 23:25:46] - [9420800] - (.().-. - ()) - C:\WINDOWS\Installer\5052587.msp [11/04/2017 23:25:26] - [16441344] - (.().-. - ()) - C:\WINDOWS\Installer\505259b.msp [11/04/2017 23:25:56] - [4337664] - (.().-. - ()) - C:\WINDOWS\Installer\50525af.msp [15/06/2016 23:57:14] - [4984832] - (.().-. - ()) - C:\WINDOWS\Installer\514a92f.msp [18/09/2013 16:20:14] - [5009920] - (.().-. - ()) - C:\WINDOWS\Installer\54240.msp [18/09/2013 16:23:50] - [4347904] - (.().-. - ()) - C:\WINDOWS\Installer\54255.msp [18/09/2013 16:22:18] - [10510848] - (.().-. - ()) - C:\WINDOWS\Installer\5426a.msp [04/09/2013 17:56:48] - [5980160] - (.().-. - ()) - C:\WINDOWS\Installer\5427f.msp [18/09/2013 16:23:10] - [9745408] - (.().-. - ()) - C:\WINDOWS\Installer\54294.msp [04/09/2013 17:56:14] - [11640832] - (.().-. - ()) - C:\WINDOWS\Installer\542a9.msp [18/09/2013 16:23:22] - [11210240] - (.().-. - ()) - C:\WINDOWS\Installer\542bf.msp [28/08/2017 18:40:46] - [2424832] - (.().-. - ()) - C:\WINDOWS\Installer\57a55ccf.msp [17/07/2013 13:33:26] - [16541184] - (.().-. - ()) - C:\WINDOWS\Installer\5adf7a.msp [08/05/2013 21:36:50] - [10943488] - (.().-. - ()) - C:\WINDOWS\Installer\5adfa1.msp [28/08/2013 11:37:22] - [13143552] - (.().-. - ()) - C:\WINDOWS\Installer\5adfcf.msp [03/08/2013 13:12:46] - [11208192] - (.().-. - ()) - C:\WINDOWS\Installer\5adfe5.msp [11/07/2013 05:30:06] - [8865792] - (.().-. - ()) - C:\WINDOWS\Installer\5adffa.msp [08/05/2013 21:36:58] - [10508800] - (.().-. - ()) - C:\WINDOWS\Installer\5ae00f.msp [03/08/2013 13:12:54] - [4347904] - (.().-. - ()) - C:\WINDOWS\Installer\5ae024.msp [08/05/2013 21:37:18] - [9744896] - (.().-. - ()) - C:\WINDOWS\Installer\5ae039.msp [13/06/2019 14:38:00] - [2260992] - (.().-. - ()) - C:\WINDOWS\Installer\5e6e6.msp [18/03/2016 21:06:48] - [4988928] - (.().-. - ()) - C:\WINDOWS\Installer\5fd16.msp [14/02/2018 10:26:58] - [4337664] - (.().-. - ()) - C:\WINDOWS\Installer\61cbda2b.msp [14/02/2018 10:26:46] - [10469376] - (.().-. - ()) - C:\WINDOWS\Installer\61cbda3f.msp [14/02/2018 10:26:48] - [10543104] - (.().-. - ()) - C:\WINDOWS\Installer\61cbda54.msp [21/04/2012 10:18:39] - [39936] - (.().-. - ()) - C:\WINDOWS\Installer\63a33.msp [21/04/2012 10:18:39] - [4426240] - (.().-. - ()) - C:\WINDOWS\Installer\63a6a.msp [21/04/2012 10:18:40] - [2932224] - (.().-. - ()) - C:\WINDOWS\Installer\63a83.msp [21/04/2012 10:18:40] - [136704] - (.().-. - ()) - C:\WINDOWS\Installer\63a8d.msp [21/04/2012 10:18:41] - [1139712] - (.().-. - ()) - C:\WINDOWS\Installer\63a9e.msp [21/04/2012 10:18:41] - [715264] - (.().-. - ()) - C:\WINDOWS\Installer\63aab.msp [21/04/2012 10:18:42] - [3312128] - (.().-. - ()) - C:\WINDOWS\Installer\63acc.msp [21/04/2012 10:18:43] - [5535744] - (.().-. - ()) - C:\WINDOWS\Installer\63ae6.msp [21/04/2012 10:18:44] - [5868544] - (.().-. - ()) - C:\WINDOWS\Installer\63b03.msp [21/04/2012 10:18:45] - [2957312] - (.().-. - ()) - C:\WINDOWS\Installer\63b22.msp [21/04/2012 10:18:46] - [14624256] - (.().-. - ()) - C:\WINDOWS\Installer\63b52.msp [21/04/2012 10:18:46] - [3734016] - (.().-. - ()) - C:\WINDOWS\Installer\63b61.msp [21/04/2012 10:18:47] - [205824] - (.().-. - ()) - C:\WINDOWS\Installer\63b71.msp [21/04/2012 10:18:48] - [276480] - (.().-. - ()) - C:\WINDOWS\Installer\63bc6.msp [21/04/2012 10:18:49] - [3105792] - (.().-. - ()) - C:\WINDOWS\Installer\63bd9.msp [21/04/2012 10:18:49] - [1829376] - (.().-. - ()) - C:\WINDOWS\Installer\63be7.msp [21/04/2012 10:18:49] - [29184] - (.().-. - ()) - C:\WINDOWS\Installer\63bf2.msp [21/04/2012 10:18:49] - [631296] - (.().-. - ()) - C:\WINDOWS\Installer\63c00.msp [21/04/2012 10:18:50] - [469504] - (.().-. - ()) - C:\WINDOWS\Installer\63c0f.msp [21/04/2012 10:18:50] - [5127680] - (.().-. - ()) - C:\WINDOWS\Installer\63c1f.msp [21/04/2012 10:18:51] - [665600] - (.().-. - ()) - C:\WINDOWS\Installer\63c2b.msp [21/04/2012 10:18:51] - [515584] - (.().-. - ()) - C:\WINDOWS\Installer\63c35.msp [21/04/2012 10:18:51] - [2149888] - (.().-. - ()) - C:\WINDOWS\Installer\63c46.msp [21/04/2012 10:18:51] - [61440] - (.().-. - ()) - C:\WINDOWS\Installer\63c51.msp [21/04/2012 10:18:51] - [23552] - (.().-. - ()) - C:\WINDOWS\Installer\63c5c.msp [21/04/2012 10:18:52] - [31232] - (.().-. - ()) - C:\WINDOWS\Installer\63c66.msp [21/04/2012 10:18:52] - [25088] - (.().-. - ()) - C:\WINDOWS\Installer\63c7d.msp [13/11/2017 06:26:16] - [23506944] - (.().-. - ()) - C:\WINDOWS\Installer\64538ae7.msp [26/10/2017 15:21:46] - [5144576] - (.().-. - ()) - C:\WINDOWS\Installer\646dcd4c.msp [26/10/2017 15:22:16] - [10547200] - (.().-. - ()) - C:\WINDOWS\Installer\646dcd61.msp [26/10/2017 15:22:16] - [4341760] - (.().-. - ()) - C:\WINDOWS\Installer\646dcd75.msp [26/10/2017 15:22:14] - [9691136] - (.().-. - ()) - C:\WINDOWS\Installer\646dcd89.msp [26/10/2017 15:21:36] - [10465280] - (.().-. - ()) - C:\WINDOWS\Installer\646dcd9d.msp [25/07/2012 16:57:08] - [2532864] - (.().-. - ()) - C:\WINDOWS\Installer\667e8.msp [28/06/2011 21:21:32] - [4637184] - (.().-. - ()) - C:\WINDOWS\Installer\697b4.msp [28/06/2011 21:27:28] - [4028928] - (.().-. - ()) - C:\WINDOWS\Installer\6ba12.msp [22/10/2013 07:10:14] - [1111552] - (.().-. - ()) - C:\WINDOWS\Installer\7063f.msp [06/09/2013 06:46:04] - [13146112] - (.().-. - ()) - C:\WINDOWS\Installer\70654.msp [19/05/2016 04:14:28] - [4030464] - (.().-. - ()) - C:\WINDOWS\Installer\72f3f3.msp [19/05/2016 04:10:16] - [10465280] - (.().-. - ()) - C:\WINDOWS\Installer\72f407.msp [19/05/2016 04:19:50] - [9699328] - (.().-. - ()) - C:\WINDOWS\Installer\72f41b.msp [19/05/2016 04:19:22] - [4337664] - (.().-. - ()) - C:\WINDOWS\Installer\72f42f.msp [19/05/2016 04:18:12] - [10534912] - (.().-. - ()) - C:\WINDOWS\Installer\72f444.msp [11/03/2014 22:52:49] - [53303296] - (.().-. - ()) - C:\WINDOWS\Installer\7410e1.msp [16/05/2014 05:06:18] - [9850368] - (.().-. - ()) - C:\WINDOWS\Installer\756aa.msp [16/04/2014 08:43:24] - [22920192] - (.().-. - ()) - C:\WINDOWS\Installer\756bf.msp [01/11/2013 18:17:42] - [5009920] - (.().-. - ()) - C:\WINDOWS\Installer\756d4.msp [16/05/2014 05:07:12] - [5002752] - (.().-. - ()) - C:\WINDOWS\Installer\756e9.msp [16/05/2014 05:10:46] - [11215360] - (.().-. - ()) - C:\WINDOWS\Installer\756ff.msp [29/01/2014 03:37:28] - [13148160] - (.().-. - ()) - C:\WINDOWS\Installer\75714.msp [12/03/2014 02:04:02] - [5196288] - (.().-. - ()) - C:\WINDOWS\Installer\75729.msp [16/04/2014 08:41:38] - [7844864] - (.().-. - ()) - C:\WINDOWS\Installer\7573e.msp [01/11/2013 18:15:08] - [6185472] - (.().-. - ()) - C:\WINDOWS\Installer\75753.msp [16/05/2014 05:10:50] - [4346880] - (.().-. - ()) - C:\WINDOWS\Installer\75768.msp [16/04/2014 08:40:26] - [7900672] - (.().-. - ()) - C:\WINDOWS\Installer\7577d.msp [10/12/2015 13:00:52] - [11157504] - (.().-. - ()) - C:\WINDOWS\Installer\775cf4.msp [10/12/2015 12:59:00] - [5300224] - (.().-. - ()) - C:\WINDOWS\Installer\775d09.msp [23/12/2015 19:00:14] - [10461184] - (.().-. - ()) - C:\WINDOWS\Installer\775d1e.msp [10/12/2015 12:57:20] - [0] - (.().-. - ()) - C:\WINDOWS\Installer\775d33.msp [15/01/2016 22:10:10] - [53338112] - (.().-. - ()) - C:\WINDOWS\Installer\775d43.msp [10/12/2015 12:57:36] - [24256512] - (.().-. - ()) - C:\WINDOWS\Installer\775d5d.msp [23/12/2015 19:00:18] - [9687040] - (.().-. - ()) - C:\WINDOWS\Installer\775d72.msp [09/08/2014 15:02:48] - [53303296] - (.().-. - ()) - C:\WINDOWS\Installer\8157b.msp [23/02/2018 15:25:19] - [1343488] - (.().-. - ()) - C:\WINDOWS\Installer\822a55a.msp [21/07/2016 05:18:58] - [11169792] - (.().-. - ()) - C:\WINDOWS\Installer\824541.msp [13/07/2016 01:07:32] - [13078528] - (.().-. - ()) - C:\WINDOWS\Installer\824556.msp [18/02/2015 06:17:44] - [16441344] - (.().-. - ()) - C:\WINDOWS\Installer\84ccb.msp [18/02/2015 06:15:46] - [13508608] - (.().-. - ()) - C:\WINDOWS\Installer\84cdf.msp [18/02/2015 06:29:44] - [11120640] - (.().-. - ()) - C:\WINDOWS\Installer\84cf5.msp [18/02/2015 06:22:54] - [4939776] - (.().-. - ()) - C:\WINDOWS\Installer\84d0a.msp [10/02/2015 14:54:50] - [9691136] - (.().-. - ()) - C:\WINDOWS\Installer\84d1f.msp [18/02/2015 06:14:44] - [10448896] - (.().-. - ()) - C:\WINDOWS\Installer\84d34.msp [10/02/2015 14:54:42] - [4333568] - (.().-. - ()) - C:\WINDOWS\Installer\84d49.msp [10/04/2017 07:34:32] - [57815040] - (.().-. - ()) - C:\WINDOWS\Installer\8aa536a8.msp [24/03/2018 15:17:44] - [10461184] - (.().-. - ()) - C:\WINDOWS\Installer\8b21193e.msp [24/03/2018 15:18:34] - [9695232] - (.().-. - ()) - C:\WINDOWS\Installer\8b211952.msp [24/03/2018 15:18:30] - [4341760] - (.().-. - ()) - C:\WINDOWS\Installer\8b211966.msp [24/03/2018 15:18:34] - [10539008] - (.().-. - ()) - C:\WINDOWS\Installer\8b21197b.msp [07/07/2015 12:36:08] - [4726784] - (.().-. - ()) - C:\WINDOWS\Installer\8b6b3.msp [07/07/2015 12:39:32] - [10043392] - (.().-. - ()) - C:\WINDOWS\Installer\8b6c9.msp [20/06/2015 03:56:20] - [10444800] - (.().-. - ()) - C:\WINDOWS\Installer\8b6de.msp [08/08/2015 14:56:02] - [53332992] - (.().-. - ()) - C:\WINDOWS\Installer\8b6ee.msp [27/07/2011 08:39:50] - [9892352] - (.().-. - ()) - C:\WINDOWS\Installer\8ff96.msp [27/07/2011 08:37:28] - [11592192] - (.().-. - ()) - C:\WINDOWS\Installer\8ffb2.msp [06/09/2011 22:48:02] - [8181248] - (.().-. - ()) - C:\WINDOWS\Installer\8ffc7.msp [21/09/2011 17:18:24] - [4985856] - (.().-. - ()) - C:\WINDOWS\Installer\8ffdc.msp [10/08/2011 18:42:04] - [7070208] - (.().-. - ()) - C:\WINDOWS\Installer\8fff1.msp [06/09/2011 22:46:22] - [9006080] - (.().-. - ()) - C:\WINDOWS\Installer\90006.msp [10/08/2011 18:43:30] - [3795968] - (.().-. - ()) - C:\WINDOWS\Installer\9001b.msp [04/10/2017 13:35:44] - [10547200] - (.().-. - ()) - C:\WINDOWS\Installer\90a420f0.msp [04/10/2017 13:36:24] - [4341760] - (.().-. - ()) - C:\WINDOWS\Installer\90a42104.msp [29/06/2016 03:24:56] - [9805824] - (.().-. - ()) - C:\WINDOWS\Installer\92c04e.msp [21/07/2016 05:15:16] - [16433152] - (.().-. - ()) - C:\WINDOWS\Installer\92c062.msp [13/07/2016 01:04:54] - [1126400] - (.().-. - ()) - C:\WINDOWS\Installer\92c06a.msp [21/07/2016 05:24:44] - [4337664] - (.().-. - ()) - C:\WINDOWS\Installer\92c07e.msp [08/10/2018 13:11:44] - [2174976] - (.().-. - ()) - C:\WINDOWS\Installer\93b1be78.msp [10/11/2010 02:15:36] - [1830400] - (.().-. - ()) - C:\WINDOWS\Installer\98228a.msp [10/11/2010 01:23:40] - [1139712] - (.().-. - ()) - C:\WINDOWS\Installer\982298.msp [10/11/2010 04:58:48] - [5870080] - (.().-. - ()) - C:\WINDOWS\Installer\9822b1.msp [09/11/2010 22:15:02] - [113664] - (.().-. - ()) - C:\WINDOWS\Installer\9822f0.msp [10/11/2010 03:20:22] - [3733504] - (.().-. - ()) - C:\WINDOWS\Installer\982312.msp [10/11/2010 03:16:22] - [3314688] - (.().-. - ()) - C:\WINDOWS\Installer\982331.msp [10/11/2010 03:18:26] - [14617088] - (.().-. - ()) - C:\WINDOWS\Installer\982360.msp [10/11/2010 02:15:38] - [136704] - (.().-. - ()) - C:\WINDOWS\Installer\982368.msp [10/11/2010 01:46:30] - [4427776] - (.().-. - ()) - C:\WINDOWS\Installer\982379.msp [10/11/2010 02:20:38] - [2932736] - (.().-. - ()) - C:\WINDOWS\Installer\98238f.msp [10/11/2010 02:36:26] - [2958336] - (.().-. - ()) - C:\WINDOWS\Installer\9823ab.msp [10/11/2010 02:31:00] - [205312] - (.().-. - ()) - C:\WINDOWS\Installer\9823b6.msp [10/11/2010 02:22:04] - [25088] - (.().-. - ()) - C:\WINDOWS\Installer\9823be.msp [10/11/2010 02:39:08] - [665600] - (.().-. - ()) - C:\WINDOWS\Installer\9823c6.msp [16/08/2016 23:51:56] - [5308416] - (.().-. - ()) - C:\WINDOWS\Installer\9837d98a.msp [16/09/2016 23:06:12] - [53339648] - (.().-. - ()) - C:\WINDOWS\Installer\9837d999.msp [17/08/2016 00:18:52] - [13074432] - (.().-. - ()) - C:\WINDOWS\Installer\9837d9ac.msp [17/08/2016 00:15:28] - [9695232] - (.().-. - ()) - C:\WINDOWS\Installer\9837d9c0.msp [17/08/2016 00:15:52] - [16412672] - (.().-. - ()) - C:\WINDOWS\Installer\9837d9d4.msp [17/08/2016 00:18:00] - [10465280] - (.().-. - ()) - C:\WINDOWS\Installer\9837d9e8.msp [10/10/2013 19:50:28] - [53242880] - (.().-. - ()) - C:\WINDOWS\Installer\99939.msp [21/07/2011 12:34:34] - [3456000] - (.().-. - ()) - C:\WINDOWS\Installer\99cbb2.msp [17/05/2016 17:56:42] - [2978304] - (.().-. - ()) - C:\WINDOWS\Installer\99cbbc.msp [22/03/2017 06:57:52] - [13086720] - (.().-. - ()) - C:\WINDOWS\Installer\99da8fb9.msp [14/03/2017 14:50:38] - [10469376] - (.().-. - ()) - C:\WINDOWS\Installer\99da8fcd.msp [14/03/2017 14:51:16] - [16433152] - (.().-. - ()) - C:\WINDOWS\Installer\99da8fe1.msp [14/03/2017 14:51:36] - [9691136] - (.().-. - ()) - C:\WINDOWS\Installer\99da8ff5.msp [16/04/2017 20:05:05] - [53348864] - (.().-. - ()) - C:\WINDOWS\Installer\99da9004.msp [02/08/2016 13:49:06] - [1511424] - (.().-. - ()) - C:\WINDOWS\Installer\9c285c73.msp [12/03/2013 23:38:40] - [53209600] - (.().-. - ()) - C:\WINDOWS\Installer\9d8102.msp [10/12/2018 08:52:51] - [44044288] - (.().-. - ()) - C:\WINDOWS\Installer\9e334c7.msp [16/10/2015 22:27:14] - [3657728] - (.().-. - ()) - C:\WINDOWS\Installer\9fa423.msp [16/10/2015 22:29:18] - [4333568] - (.().-. - ()) - C:\WINDOWS\Installer\9fa438.msp [29/10/2015 04:25:12] - [1122304] - (.().-. - ()) - C:\WINDOWS\Installer\9fa441.msp [16/10/2015 22:27:36] - [16429056] - (.().-. - ()) - C:\WINDOWS\Installer\9fa456.msp [16/10/2015 22:28:16] - [10457088] - (.().-. - ()) - C:\WINDOWS\Installer\9fa46b.msp [03/09/2017 01:58:32] - [10063872] - (.().-. - ()) - C:\WINDOWS\Installer\a0220a7f.msp [05/09/2017 18:21:32] - [17059840] - (.().-. - ()) - C:\WINDOWS\Installer\a0220a93.msp [03/09/2017 02:12:06] - [9691136] - (.().-. - ()) - C:\WINDOWS\Installer\a0220aa7.msp [03/09/2017 02:08:26] - [9703424] - (.().-. - ()) - C:\WINDOWS\Installer\a0220abb.msp [03/09/2017 02:20:42] - [12152832] - (.().-. - ()) - C:\WINDOWS\Installer\a0220ad6.msp [03/09/2017 02:21:40] - [1875968] - (.().-. - ()) - C:\WINDOWS\Installer\a0220add.msp [03/09/2017 02:09:52] - [5218304] - (.().-. - ()) - C:\WINDOWS\Installer\a0220b01.msp [03/09/2017 02:10:26] - [4997120] - (.().-. - ()) - C:\WINDOWS\Installer\a0220b17.msp [03/09/2017 02:07:04] - [1142784] - (.().-. - ()) - C:\WINDOWS\Installer\a0220b20.msp [05/09/2017 18:24:04] - [8134656] - (.().-. - ()) - C:\WINDOWS\Installer\a0220b34.msp [09/07/2018 07:47:48] - [27000832] - (.().-. - ()) - C:\WINDOWS\Installer\a03bd0b.msp [14/10/2019 12:12:32] - [20799488] - (.().-. - ()) - C:\WINDOWS\Installer\a0f53f0.msp [16/10/2015 22:29:12] - [5173248] - (.().-. - ()) - C:\WINDOWS\Installer\a3b5dd.msp [16/10/2015 22:30:46] - [9687040] - (.().-. - ()) - C:\WINDOWS\Installer\a3b5f2.msp [16/10/2015 22:29:26] - [11161600] - (.().-. - ()) - C:\WINDOWS\Installer\a3b608.msp [16/10/2015 22:28:26] - [5300224] - (.().-. - ()) - C:\WINDOWS\Installer\a5c98c.msp [16/10/2015 22:26:34] - [8691712] - (.().-. - ()) - C:\WINDOWS\Installer\a5c9a3.msp [10/07/2013 13:43:30] - [53242368] - (.().-. - ()) - C:\WINDOWS\Installer\a6c19.msp [26/02/2016 23:09:22] - [1277952] - (.().-. - ()) - C:\WINDOWS\Installer\ab640b.msp [25/01/2018 19:59:52] - [17022976] - (.().-. - ()) - C:\WINDOWS\Installer\aee6c188.msp [25/01/2018 20:06:22] - [12877824] - (.().-. - ()) - C:\WINDOWS\Installer\aee6c19c.msp [25/01/2018 20:07:20] - [1875968] - (.().-. - ()) - C:\WINDOWS\Installer\aee6c1a3.msp [23/01/2013 18:05:40] - [9765376] - (.().-. - ()) - C:\WINDOWS\Installer\af38b.msp [25/09/2012 12:39:54] - [1794560] - (.().-. - ()) - C:\WINDOWS\Installer\af396.msp [08/05/2013 21:37:02] - [9661440] - (.().-. - ()) - C:\WINDOWS\Installer\af3ab.msp [08/03/2013 18:34:38] - [5196288] - (.().-. - ()) - C:\WINDOWS\Installer\af3c3.msp [25/09/2012 12:35:46] - [4285952] - (.().-. - ()) - C:\WINDOWS\Installer\af3d8.msp [18/07/2012 15:46:48] - [593408] - (.().-. - ()) - C:\WINDOWS\Installer\af3ed.msp [25/07/2012 16:59:06] - [11032064] - (.().-. - ()) - C:\WINDOWS\Installer\af416.msp [25/09/2012 12:35:30] - [7695360] - (.().-. - ()) - C:\WINDOWS\Installer\af42b.msp [25/07/2012 16:57:06] - [3157504] - (.().-. - ()) - C:\WINDOWS\Installer\af443.msp [21/06/2013 10:24:42] - [10079232] - (.().-. - ()) - C:\WINDOWS\Installer\af44c.msp [09/01/2013 12:39:02] - [19780096] - (.().-. - ()) - C:\WINDOWS\Installer\af474.msp [19/06/2012 12:54:40] - [2239488] - (.().-. - ()) - C:\WINDOWS\Installer\af489.msp [19/12/2012 22:36:38] - [13662720] - (.().-. - ()) - C:\WINDOWS\Installer\af4b1.msp [13/08/2018 08:19:45] - [1441792] - (.().-. - ()) - C:\WINDOWS\Installer\b43c7413.msp [14/04/2016 08:05:44] - [4337664] - (.().-. - ()) - C:\WINDOWS\Installer\b9b928.msp [14/04/2016 08:01:50] - [5959680] - (.().-. - ()) - C:\WINDOWS\Installer\b9b93d.msp [14/04/2016 08:04:46] - [11169792] - (.().-. - ()) - C:\WINDOWS\Installer\b9b953.msp [14/04/2016 08:00:42] - [11554816] - (.().-. - ()) - C:\WINDOWS\Installer\b9b968.msp [14/04/2016 04:13:38] - [7323648] - (.().-. - ()) - C:\WINDOWS\Installer\b9b98b.msp [09/05/2017 14:35:10] - [1126400] - (.().-. - ()) - C:\WINDOWS\Installer\b9c07ce9.msp [03/06/2017 20:23:32] - [13152256] - (.().-. - ()) - C:\WINDOWS\Installer\b9c6aa81.msp [17/06/2017 21:01:56] - [53350400] - (.().-. - ()) - C:\WINDOWS\Installer\b9c6aa90.msp [03/06/2017 20:25:46] - [11177984] - (.().-. - ()) - C:\WINDOWS\Installer\b9cf79b1.msp [03/06/2017 20:26:12] - [4337664] - (.().-. - ()) - C:\WINDOWS\Installer\b9cf79c5.msp [09/05/2017 14:34:04] - [9809920] - (.().-. - ()) - C:\WINDOWS\Installer\b9cf79d9.msp [03/06/2017 20:25:10] - [8134656] - (.().-. - ()) - C:\WINDOWS\Installer\b9cf79ed.msp [03/06/2017 20:24:38] - [5312512] - (.().-. - ()) - C:\WINDOWS\Installer\b9cf7a01.msp [03/06/2017 20:23:08] - [17035264] - (.().-. - ()) - C:\WINDOWS\Installer\b9cf7a15.msp [29/10/2015 09:48:45] - [1208320] - (.().-. - ()) - C:\WINDOWS\Installer\bd9cd.msp [14/10/2015 11:40:18] - [1224704] - (.().-. - ()) - C:\WINDOWS\Installer\c16a0.msp [25/11/2015 11:42:23] - [212992] - (.().-. - ()) - C:\WINDOWS\Installer\c1a4a.msp [08/03/2016 05:45:31] - [2719744] - (.().-. - ()) - C:\WINDOWS\Installer\c1c3f.msp [02/06/2016 06:48:41] - [2772992] - (.().-. - ()) - C:\WINDOWS\Installer\c2168.msp [16/02/2016 14:48:12] - [9687040] - (.().-. - ()) - C:\WINDOWS\Installer\c3b9d.msp [19/05/2016 05:30:11] - [1429504] - (.().-. - ()) - C:\WINDOWS\Installer\c4966.msp [16/05/2014 05:08:36] - [8179200] - (.().-. - ()) - C:\WINDOWS\Installer\ccf33.msp [13/05/2019 08:57:34] - [59400192] - (.().-. - ()) - C:\WINDOWS\Installer\cd3f71.msp [09/01/2017 05:41:00] - [25853952] - (.().-. - ()) - C:\WINDOWS\Installer\d0475.msp [14/01/2015 23:36:26] - [4333568] - (.().-. - ()) - C:\WINDOWS\Installer\d38a5b.msp [14/01/2015 23:34:40] - [10444800] - (.().-. - ()) - C:\WINDOWS\Installer\d38add.msp [14/01/2015 23:35:00] - [2576384] - (.().-. - ()) - C:\WINDOWS\Installer\d38af4.msp [14/01/2015 23:35:04] - [10158080] - (.().-. - ()) - C:\WINDOWS\Installer\d38b0c.msp [14/01/2015 23:35:00] - [11120640] - (.().-. - ()) - C:\WINDOWS\Installer\d38b2a.msp [14/01/2015 23:36:46] - [9691136] - (.().-. - ()) - C:\WINDOWS\Installer\d38b3f.msp [21/02/2017 14:33:51] - [12845056] - (.().-. - ()) - C:\WINDOWS\Installer\d83ad626.msp [14/04/2016 08:02:44] - [4988928] - (.().-. - ()) - C:\WINDOWS\Installer\dd2727.msp [11/02/2019 08:36:53] - [8757248] - (.().-. - ()) - C:\WINDOWS\Installer\f4dff.msp [12/05/2012 00:35:42] - [53217792] - (.().-. - ()) - C:\WINDOWS\Installer\f64f66.msp [17/02/2012 08:45:24] - [2299392] - (.().-. - ()) - C:\WINDOWS\Installer\fc65d.msp [28/04/2012 21:43:58] - [8459264] - (.().-. - ()) - C:\WINDOWS\Installer\fc672.msp [01/11/2011 13:34:30] - [2531840] - (.().-. - ()) - C:\WINDOWS\Installer\fc687.msp [15/03/2012 02:24:28] - [1795584] - (.().-. - ()) - C:\WINDOWS\Installer\fc69c.msp [01/11/2011 13:34:58] - [4225536] - (.().-. - ()) - C:\WINDOWS\Installer\fc6b6.msp [01/11/2011 13:34:26] - [1169920] - (.().-. - ()) - C:\WINDOWS\Installer\fc6cb.msp [01/11/2011 13:34:28] - [2247168] - (.().-. - ()) - C:\WINDOWS\Installer\fc6e0.msp [04/04/2012 22:38:16] - [3620864] - (.().-. - ()) - C:\WINDOWS\Installer\fc6f5.msp [28/04/2012 21:44:02] - [9586176] - (.().-. - ()) - C:\WINDOWS\Installer\fc714.msp [23/03/2012 14:59:02] - [7899648] - (.().-. - ()) - C:\WINDOWS\Installer\fc729.msp [27/03/2012 00:28:54] - [5009920] - (.().-. - ()) - C:\WINDOWS\Installer\fc747.msp [01/11/2011 13:34:56] - [4250112] - (.().-. - ()) - C:\WINDOWS\Installer\fc76b.msp [28/04/2012 21:44:02] - [9101824] - (.().-. - ()) - C:\WINDOWS\Installer\fc780.msp [30/05/2012 07:17:06] - [5010432] - (.().-. - ()) - C:\WINDOWS\Installer\fc795.msp [04/04/2012 22:38:44] - [2831360] - (.().-. - ()) - C:\WINDOWS\Installer\fc7aa.msp ---------- | %System%\*.in* [19/03/2019 06:45:40] - [3329] - C:\WINDOWS\System32\ieuinit.inf [02/10/2019 18:04:09] - [7116] - C:\WINDOWS\System32\PerfStringBackup.INI [19/03/2019 06:45:00] - [60124] - C:\WINDOWS\System32\tcpmon.ini [19/03/2019 06:44:30] - [2404] - C:\WINDOWS\System32\WimBootCompress.ini [19/03/2019 06:46:01] - [3329] - C:\WINDOWS\Syswow64\ieuinit.inf [26/06/2017 21:01:55] - [1954888] - C:\WINDOWS\Syswow64\PerfStringBackup.INI [19/03/2019 06:45:19] - [2404] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:44] - [0 Ko] - C:\WINDOWS\AppPatch\Custom\Custom64 [MD5.3B8D081B2117080620EF9ED1ADBEA609] - |A| - [22/01/2012 19:43:51] - (.-.) - [24 Ko] - (0.0.0.0) - C:\WINDOWS\PSS\boot.backup [MD5.85C570085B6FB7AE8E328EE16D2BB8BB] - |ASH| - [22/01/2012 19:43:51] - (.-.) - [21 Ko] - (0.0.0.0) - C:\WINDOWS\PSS\boot.backup.LOG [MD5.D41D8CD98F00B204E9800998ECF8427E] - |ASH| - [22/01/2012 19:43:51] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\PSS\boot.backup.LOG1 [MD5.D41D8CD98F00B204E9800998ECF8427E] - |ASH| - [22/01/2012 19:43:51] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\PSS\boot.backup.LOG2 [MD5.0DCE57B5520C5F81A036A007455F4BD4] - |A| - [06/10/2012 09:45:25] - (.-.) - [2.15 Ko] - (0.0.0.0) - C:\WINDOWS\PSS\CodeMeter Control Center.lnk.CommonStartup [MD5.028F4C11DB5ECA8977881461EA778067] - |A| - [12/06/2013 16:38:57] - (.-.) - [1.02 Ko] - (0.0.0.0) - C:\WINDOWS\PSS\Dropbox.lnk.Startup [MD5.604372E7F3251CF06A72C8C753A1A3FF] - |A| - [16/10/2019 20:49:00] - (.-.) - [2.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AdobeARM.log [MD5.25581AAFCE1CE9E2ECBD06A2D71A41AE] - |A| - [13/10/2019 20:03:44] - (.-.) - [3140 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Application_207167C5-80E3-0000-4EA0-7120E380D501.evtx [MD5.9D87C20E80945E9FD5B0372E7AD88354] - |A| - [12/10/2019 11:57:49] - (.-.) - [3140 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Application_207167C5-80E3-0005-916B-7120E380D501.evtx [MD5.7930D559AB70297C4C5B252F88DD5F63] - |A| - [12/10/2019 10:56:40] - (.-.) - [2116 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Application_214F715E-80DA-0004-C596-4F21DA80D501.evtx [MD5.96B47DE012BF3FBFD16F83974B82A43E] - |A| - [14/10/2019 21:58:52] - (.-.) - [3140 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Application_6DAF3775-82C9-0000-243E-AF6DC982D501.evtx [MD5.F7FD5CA5219A7FA55F7D7E773516AA2F] - |A| - [16/10/2019 20:51:52] - (.-.) - [3140 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Application_6DAF3775-82C9-0005-2573-AF6DC982D501.evtx [MD5.9201DF9FAB268C97EE5DFFA6C14C7866] - |A| - [14/10/2019 20:42:45] - (.-.) - [3140 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Application_A89469AB-81F6-0004-008A-94A8F681D501.evtx [MD5.1E2700930849891E1CB1F054C2C22745] - |A| - [13/10/2019 20:50:42] - (.-.) - [3140 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Application_A89469AB-81F6-0005-EA6C-94A8F681D501.evtx [MD5.B23131421B572571BF253573FCCDD1CD] - |A| - [13/10/2019 20:03:45] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AppxErrorReport_207167C5-80E3-0000-4EA0-7120E380D501.txt [MD5.B23131421B572571BF253573FCCDD1CD] - |A| - [12/10/2019 11:57:49] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AppxErrorReport_207167C5-80E3-0005-916B-7120E380D501.txt [MD5.B23131421B572571BF253573FCCDD1CD] - |A| - [12/10/2019 10:56:40] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AppxErrorReport_214F715E-80DA-0004-C596-4F21DA80D501.txt [MD5.B23131421B572571BF253573FCCDD1CD] - |A| - [14/10/2019 21:58:52] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AppxErrorReport_6DAF3775-82C9-0000-243E-AF6DC982D501.txt [MD5.B23131421B572571BF253573FCCDD1CD] - |A| - [16/10/2019 20:51:53] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AppxErrorReport_6DAF3775-82C9-0005-2573-AF6DC982D501.txt [MD5.B23131421B572571BF253573FCCDD1CD] - |A| - [14/10/2019 20:42:46] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AppxErrorReport_A89469AB-81F6-0004-008A-94A8F681D501.txt [MD5.B23131421B572571BF253573FCCDD1CD] - |A| - [13/10/2019 20:50:42] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AppxErrorReport_A89469AB-81F6-0005-EA6C-94A8F681D501.txt [MD5.864C22FB9A1C0670EDF01C6ED3E4FBE4] - |A| - [16/10/2019 20:50:28] - (.-.) - [251.88 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\ArmUI.ini [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 22:50:46] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_alternativeTrace [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 22:50:46] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_aot [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 22:50:46] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_diag [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 22:50:46] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_miniTrace [MD5.00000000000000000000000000000000] - |D| - [05/10/2019 09:29:41] - [0 Ko] - C:\WINDOWS\Temp\E0ED79DD-8F11-49F8-BED2-F5AFC1555EEB-Sigs [MD5.00000000000000000000000000000000] - |D| - [02/10/2019 17:49:19] - [1.75 Ko] - C:\WINDOWS\Temp\HP [MD5.258020D4036C1B4E7DD83D4847295FA6] - |A| - [13/10/2019 20:03:43] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppReadiness_Admin_207167C5-80E3-0000-4EA0-7120E380D501.evtx [MD5.C20CD4627A2A82946CF94E3321053818] - |A| - [12/10/2019 11:57:47] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppReadiness_Admin_207167C5-80E3-0005-916B-7120E380D501.evtx [MD5.80B21F1CE6698630FDF0822074FE4F80] - |A| - [12/10/2019 10:56:39] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppReadiness_Admin_214F715E-80DA-0004-C596-4F21DA80D501.evtx [MD5.28EC5F5485309FB9DBF79C73F8A6CF6B] - |A| - [14/10/2019 21:58:49] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppReadiness_Admin_6DAF3775-82C9-0000-243E-AF6DC982D501.evtx [MD5.297F15BDCE22257BB338E02C5487C69F] - |A| - [16/10/2019 20:51:51] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppReadiness_Admin_6DAF3775-82C9-0005-2573-AF6DC982D501.evtx [MD5.A49C1792FA64E0B6DB6800D6449E792E] - |A| - [14/10/2019 20:42:43] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppReadiness_Admin_A89469AB-81F6-0004-008A-94A8F681D501.evtx [MD5.0578A06F7FFF01064C438EFC6E1C61C3] - |A| - [13/10/2019 20:50:40] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppReadiness_Admin_A89469AB-81F6-0005-EA6C-94A8F681D501.evtx [MD5.9727E706BBF46439602C5F92DBC00243] - |A| - [13/10/2019 20:03:43] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppReadiness_Operational_207167C5-80E3-0000-4EA0-7120E380D501.evtx [MD5.9727E706BBF46439602C5F92DBC00243] - |A| - [12/10/2019 11:57:47] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppReadiness_Operational_207167C5-80E3-0005-916B-7120E380D501.evtx [MD5.6D3D6DE10FBE5815BB6B2E17987886CF] - |A| - [12/10/2019 10:56:39] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppReadiness_Operational_214F715E-80DA-0004-C596-4F21DA80D501.evtx [MD5.9727E706BBF46439602C5F92DBC00243] - |A| - [14/10/2019 21:58:49] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppReadiness_Operational_6DAF3775-82C9-0000-243E-AF6DC982D501.evtx [MD5.C8FCF5E215A6A3E96C0C5B145B215382] - |A| - [16/10/2019 20:51:51] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppReadiness_Operational_6DAF3775-82C9-0005-2573-AF6DC982D501.evtx [MD5.9727E706BBF46439602C5F92DBC00243] - |A| - [14/10/2019 20:42:43] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppReadiness_Operational_A89469AB-81F6-0004-008A-94A8F681D501.evtx [MD5.9727E706BBF46439602C5F92DBC00243] - |A| - [13/10/2019 20:50:41] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppReadiness_Operational_A89469AB-81F6-0005-EA6C-94A8F681D501.evtx [MD5.C478A0D9F059D666504C7EF05F2EF68A] - |A| - [13/10/2019 20:03:42] - (.-.) - [5188 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppXDeploymentServer_Operational_207167C5-80E3-0000-4EA0-7120E380D501.evtx [MD5.A2B3B74F3056ED188A3128004BB18749] - |A| - [12/10/2019 11:57:47] - (.-.) - [5188 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppXDeploymentServer_Operational_207167C5-80E3-0005-916B-7120E380D501.evtx [MD5.49C3FA36029BC066590CA0AEFFC52175] - |A| - [12/10/2019 10:56:38] - (.-.) - [5188 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppXDeploymentServer_Operational_214F715E-80DA-0004-C596-4F21DA80D501.evtx [MD5.D7828C761925B6CDB228A420AF43A7C9] - |A| - [14/10/2019 21:58:47] - (.-.) - [5188 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppXDeploymentServer_Operational_6DAF3775-82C9-0000-243E-AF6DC982D501.evtx [MD5.CB67C397546C02CC8D5BAE8E9253AF57] - |A| - [16/10/2019 20:51:50] - (.-.) - [5188 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppXDeploymentServer_Operational_6DAF3775-82C9-0005-2573-AF6DC982D501.evtx [MD5.A3E1235E199BD53A92C5100149408AA4] - |A| - [14/10/2019 20:42:42] - (.-.) - [5188 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppXDeploymentServer_Operational_A89469AB-81F6-0004-008A-94A8F681D501.evtx [MD5.D40F2C9551AB6198A07DA40DE724D505] - |A| - [13/10/2019 20:50:40] - (.-.) - [5188 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppXDeploymentServer_Operational_A89469AB-81F6-0005-EA6C-94A8F681D501.evtx [MD5.B3EEABCD19A008154BDFDF9DC242CF05] - |A| - [13/10/2019 20:03:42] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppXPackaging_Operational_207167C5-80E3-0000-4EA0-7120E380D501.evtx [MD5.F87737D7AF3B6C9863C573971E5D70A7] - |A| - [12/10/2019 11:57:47] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppXPackaging_Operational_207167C5-80E3-0005-916B-7120E380D501.evtx [MD5.8CC871F8F4D4287F6F85FA8703C530B1] - |A| - [12/10/2019 10:56:38] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppXPackaging_Operational_214F715E-80DA-0004-C596-4F21DA80D501.evtx [MD5.AAC2E38C6CF136E5886C46614C0E66BE] - |A| - [14/10/2019 21:58:48] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppXPackaging_Operational_6DAF3775-82C9-0000-243E-AF6DC982D501.evtx [MD5.8D9343E4B552D8344F55E14F81566E6D] - |A| - [16/10/2019 20:51:50] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppXPackaging_Operational_6DAF3775-82C9-0005-2573-AF6DC982D501.evtx [MD5.0E35524B21085FDF03D971394A61ED50] - |A| - [14/10/2019 20:42:43] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppXPackaging_Operational_A89469AB-81F6-0004-008A-94A8F681D501.evtx [MD5.84C9DFC567ACD64ED4540D024D94C063] - |A| - [13/10/2019 20:50:40] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-AppXPackaging_Operational_A89469AB-81F6-0005-EA6C-94A8F681D501.evtx [MD5.0385630ABDD343124F47A12333902D88] - |A| - [13/10/2019 20:03:43] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-SettingSync_Debug_207167C5-80E3-0000-4EA0-7120E380D501.evtx [MD5.157A5F5923032CFECE1405044F5D19B8] - |A| - [12/10/2019 11:57:47] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-SettingSync_Debug_207167C5-80E3-0005-916B-7120E380D501.evtx [MD5.956260425C3AEDC187A6042C6627B79D] - |A| - [12/10/2019 10:56:39] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-SettingSync_Debug_214F715E-80DA-0004-C596-4F21DA80D501.evtx [MD5.D1B5C18B3926854F917DC05645FCFFAB] - |A| - [14/10/2019 21:58:49] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-SettingSync_Debug_6DAF3775-82C9-0000-243E-AF6DC982D501.evtx [MD5.D85CBAF28A411968CBDEEA65489C9BA2] - |A| - [16/10/2019 20:51:51] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-SettingSync_Debug_6DAF3775-82C9-0005-2573-AF6DC982D501.evtx [MD5.73C5FB7089B3161B512A987B514FA783] - |A| - [14/10/2019 20:42:43] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-SettingSync_Debug_A89469AB-81F6-0004-008A-94A8F681D501.evtx [MD5.D0D54932B6F8367AC1E8C2706CFECD33] - |A| - [13/10/2019 20:50:41] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-SettingSync_Debug_A89469AB-81F6-0005-EA6C-94A8F681D501.evtx [MD5.DFA35AE4B6A50016E6F879CB12984A35] - |A| - [13/10/2019 20:03:43] - (.-.) - [68 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-SettingSync_Operational_207167C5-80E3-0000-4EA0-7120E380D501.evtx [MD5.B93605800BC1E7031CC6CD1CB78D3A38] - |A| - [12/10/2019 11:57:48] - (.-.) - [68 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-SettingSync_Operational_207167C5-80E3-0005-916B-7120E380D501.evtx [MD5.36C6FB03AF84F8767AFA9F77B1304B85] - |A| - [12/10/2019 10:56:39] - (.-.) - [68 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-SettingSync_Operational_214F715E-80DA-0004-C596-4F21DA80D501.evtx [MD5.AD0379E9284442475D3E5EBC392E6FF4] - |A| - [14/10/2019 21:58:49] - (.-.) - [68 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-SettingSync_Operational_6DAF3775-82C9-0000-243E-AF6DC982D501.evtx [MD5.CFD57D1E434BFCB87805C007373DD33D] - |A| - [16/10/2019 20:51:51] - (.-.) - [68 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-SettingSync_Operational_6DAF3775-82C9-0005-2573-AF6DC982D501.evtx [MD5.E238AABB44065BFFEA188EB9315B15C9] - |A| - [14/10/2019 20:42:43] - (.-.) - [68 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-SettingSync_Operational_A89469AB-81F6-0004-008A-94A8F681D501.evtx [MD5.CAF6454E3E999F00DA18529D58A01204] - |A| - [13/10/2019 20:50:41] - (.-.) - [68 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-SettingSync_Operational_A89469AB-81F6-0005-EA6C-94A8F681D501.evtx [MD5.AC82EC1C8D83BC33D2FCACEF1E57F2FA] - |A| - [13/10/2019 20:03:42] - (.-.) - [2116 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-StateRepository_Operational_207167C5-80E3-0000-4EA0-7120E380D501.evtx [MD5.67E0266941039CD3F86C2F4454DE6E9F] - |A| - [12/10/2019 11:57:47] - (.-.) - [2116 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-StateRepository_Operational_207167C5-80E3-0005-916B-7120E380D501.evtx [MD5.2C9AE02CD6F1C6A8215DA04213363F6E] - |A| - [12/10/2019 10:56:39] - (.-.) - [2116 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-StateRepository_Operational_214F715E-80DA-0004-C596-4F21DA80D501.evtx [MD5.3D544CD4389ECF318768615F5E6CD37E] - |A| - [14/10/2019 21:58:48] - (.-.) - [2116 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-StateRepository_Operational_6DAF3775-82C9-0000-243E-AF6DC982D501.evtx [MD5.6075672BEB681DFBBE542A63FDD2C500] - |A| - [16/10/2019 20:51:51] - (.-.) - [2116 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-StateRepository_Operational_6DAF3775-82C9-0005-2573-AF6DC982D501.evtx [MD5.9365A92F2F58AA5D79EA806A54FC4430] - |A| - [14/10/2019 20:42:43] - (.-.) - [2116 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-StateRepository_Operational_A89469AB-81F6-0004-008A-94A8F681D501.evtx [MD5.B643E3B17A45FA0B6AED2791CB9B9378] - |A| - [13/10/2019 20:50:40] - (.-.) - [2116 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-StateRepository_Operational_A89469AB-81F6-0005-EA6C-94A8F681D501.evtx [MD5.25737D53064E51142AD45A65F1612C0A] - |A| - [13/10/2019 20:03:43] - (.-.) - [19524 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-Store_Operational_207167C5-80E3-0000-4EA0-7120E380D501.evtx [MD5.5A3EB18B48D1BC7159292336C3A38ABD] - |A| - [12/10/2019 11:57:48] - (.-.) - [19524 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-Store_Operational_207167C5-80E3-0005-916B-7120E380D501.evtx [MD5.E20E5BC1AF4B43E1404D07098ACF98E1] - |A| - [12/10/2019 10:56:39] - (.-.) - [19524 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-Store_Operational_214F715E-80DA-0004-C596-4F21DA80D501.evtx [MD5.0B59BD2F6E175FC7298BFD2BFF91E2A6] - |A| - [14/10/2019 21:58:49] - (.-.) - [19524 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-Store_Operational_6DAF3775-82C9-0000-243E-AF6DC982D501.evtx [MD5.5432101A8A8305282BE9A255B9B09CE1] - |A| - [16/10/2019 20:51:51] - (.-.) - [19524 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-Store_Operational_6DAF3775-82C9-0005-2573-AF6DC982D501.evtx [MD5.8C995ED83337C25E51A1C14BAE66FDF3] - |A| - [14/10/2019 20:42:43] - (.-.) - [19524 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-Store_Operational_A89469AB-81F6-0004-008A-94A8F681D501.evtx [MD5.153BFC66405435F5EA85EA28A1D83E35] - |A| - [13/10/2019 20:50:41] - (.-.) - [19524 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-Store_Operational_A89469AB-81F6-0005-EA6C-94A8F681D501.evtx [MD5.B3C6EE2E150B772D64554C74F71F912F] - |A| - [13/10/2019 20:03:44] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-WindowsUpdateClient_Operational_207167C5-80E3-0000-4EA0-7120E380D501.evtx [MD5.DA016CA5FEEFD16DA8FF8DCC55B8A57A] - |A| - [12/10/2019 11:57:48] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-WindowsUpdateClient_Operational_207167C5-80E3-0005-916B-7120E380D501.evtx [MD5.DC7FFC988E99A9829D0F8474C6CDED33] - |A| - [12/10/2019 10:56:40] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-WindowsUpdateClient_Operational_214F715E-80DA-0004-C596-4F21DA80D501.evtx [MD5.816AA356A3FAF5EA3354DFFF4E601F45] - |A| - [14/10/2019 21:58:51] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-WindowsUpdateClient_Operational_6DAF3775-82C9-0000-243E-AF6DC982D501.evtx [MD5.067409645C51EC46736C2B34D5EEC8DD] - |A| - [16/10/2019 20:51:52] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-WindowsUpdateClient_Operational_6DAF3775-82C9-0005-2573-AF6DC982D501.evtx [MD5.93EF0F94DA00CB3CA2AF63D40F1CCBCC] - |A| - [14/10/2019 20:42:45] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-WindowsUpdateClient_Operational_A89469AB-81F6-0004-008A-94A8F681D501.evtx [MD5.4F22C866081E07F97DCCEB29234F15BC] - |A| - [13/10/2019 20:50:42] - (.-.) - [1092 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft-Windows-WindowsUpdateClient_Operational_A89469AB-81F6-0005-EA6C-94A8F681D501.evtx [MD5.9FB6E84A8B5302D7BF24F1EE6D3A0EA0] - |A| - [02/10/2019 18:12:39] - (.-.) - [91.83 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpCmdRun.log [MD5.9BD162B42DA63D25A095CF4F3776A4BA] - |A| - [03/10/2019 18:20:41] - (.-.) - [146.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpSigStub.log [MD5.8A67B52199975DA42053CA05AC976E32] - |A| - [13/10/2019 20:03:44] - (.-.) - [2116 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\System_207167C5-80E3-0000-4EA0-7120E380D501.evtx [MD5.AF14176002466EAE97B9C568C39853FC] - |A| - [12/10/2019 11:57:48] - (.-.) - [2116 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\System_207167C5-80E3-0005-916B-7120E380D501.evtx [MD5.C54BAEBFCD8026F6A5AF274170561BF3] - |A| - [12/10/2019 10:56:40] - (.-.) - [2116 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\System_214F715E-80DA-0004-C596-4F21DA80D501.evtx [MD5.A60CE1B42BEB864AA8E6BF7D6741D008] - |A| - [14/10/2019 21:58:51] - (.-.) - [2116 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\System_6DAF3775-82C9-0000-243E-AF6DC982D501.evtx [MD5.8652CF2FB3AAA527166054CFA3067E72] - |A| - [16/10/2019 20:51:52] - (.-.) - [2116 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\System_6DAF3775-82C9-0005-2573-AF6DC982D501.evtx [MD5.602FF4958A76331C8D4E3FFB24A4A0A0] - |A| - [14/10/2019 20:42:45] - (.-.) - [2116 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\System_A89469AB-81F6-0004-008A-94A8F681D501.evtx [MD5.7CF3A714E5B290844607DBAE71BC2B40] - |A| - [13/10/2019 20:50:42] - (.-.) - [2116 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\System_A89469AB-81F6-0005-EA6C-94A8F681D501.evtx [MD5.469DA9385FD0443086AE56DBD43E3954] - |A| - [16/10/2019 22:32:22] - (.-.) - [1.61 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tpm-1854-2018-acb8f.tmp [MD5.00000000000000000000000000000000] - |D| - [16/10/2019 23:11:35] - [0 Ko] - C:\WINDOWS\Temp\tw-1204-16c8-adfbe.tmp [MD5.00000000000000000000000000000000] - |D| - [16/10/2019 23:11:35] - [0 Ko] - C:\WINDOWS\Temp\tw-1204-16c8-ae00e.tmp [MD5.00000000000000000000000000000000] - |D| - [16/10/2019 23:11:35] - [0 Ko] - C:\WINDOWS\Temp\tw-1204-16c8-ae020.tmp [MD5.00000000000000000000000000000000] - |D| - [16/10/2019 23:11:35] - [0 Ko] - C:\WINDOWS\Temp\tw-1204-16c8-ae041.tmp [MD5.00000000000000000000000000000000] - |D| - [16/10/2019 23:11:36] - [0 Ko] - C:\WINDOWS\Temp\tw-1204-16c8-ae091.tmp [MD5.00000000000000000000000000000000] - |D| - [16/10/2019 23:11:36] - [0 Ko] - C:\WINDOWS\Temp\tw-1204-16c8-ae093.tmp [MD5.00000000000000000000000000000000] - |D| - [16/10/2019 23:11:36] - [0 Ko] - C:\WINDOWS\Temp\tw-1204-16c8-ae0a5.tmp [MD5.00000000000000000000000000000000] - |D| - [16/10/2019 23:11:36] - [0 Ko] - C:\WINDOWS\Temp\tw-1204-16c8-ae0b6.tmp [MD5.00000000000000000000000000000000] - |D| - [16/10/2019 23:11:36] - [0 Ko] - C:\WINDOWS\Temp\tw-1204-16c8-ae116.tmp [MD5.00000000000000000000000000000000] - |D| - [16/10/2019 23:11:36] - [0 Ko] - C:\WINDOWS\Temp\tw-1204-16c8-ae128.tmp [MD5.00000000000000000000000000000000] - |D| - [16/10/2019 23:11:36] - [0 Ko] - C:\WINDOWS\Temp\tw-1204-16c8-ae12a.tmp [MD5.00000000000000000000000000000000] - |D| - [16/10/2019 23:11:36] - [0 Ko] - C:\WINDOWS\Temp\tw-1204-16c8-ae14b.tmp [MD5.00000000000000000000000000000000] - |D| - [16/10/2019 23:11:36] - [0 Ko] - C:\WINDOWS\Temp\tw-1204-16c8-ae17c.tmp [MD5.00000000000000000000000000000000] - |D| - [16/10/2019 23:11:36] - [0 Ko] - C:\WINDOWS\Temp\tw-1204-16c8-ae19d.tmp [MD5.00000000000000000000000000000000] - |D| - [16/10/2019 23:11:36] - [0 Ko] - C:\WINDOWS\Temp\tw-1204-16c8-ae1af.tmp [MD5.00000000000000000000000000000000] - |D| - [16/10/2019 23:11:36] - [0 Ko] - C:\WINDOWS\Temp\tw-1204-16c8-ae1e0.tmp [MD5.00000000000000000000000000000000] - |D| - [16/10/2019 23:11:36] - [0 Ko] - C:\WINDOWS\Temp\tw-1204-16c8-ae201.tmp [MD5.00000000000000000000000000000000] - |D| - [16/10/2019 23:11:36] - [0 Ko] - C:\WINDOWS\Temp\tw-1204-16c8-ae213.tmp [MD5.00000000000000000000000000000000] - |D| - [16/10/2019 23:11:36] - [0 Ko] - C:\WINDOWS\Temp\tw-1204-16c8-ae234.tmp [MD5.00000000000000000000000000000000] - |D| - [16/10/2019 22:32:21] - [0 Ko] - C:\WINDOWS\Temp\tw-1854-2018-ac68b.tmp [MD5.00000000000000000000000000000000] - |D| - [16/10/2019 22:32:22] - [0 Ko] - C:\WINDOWS\Temp\tw-1854-2018-acb8e.tmp [MD5.00000000000000000000000000000000] - |D| - [12/10/2019 11:06:06] - [0 Ko] - C:\WINDOWS\Temp\tw-94-14a4-e193e.tmp [MD5.00000000000000000000000000000000] - |D| - [12/10/2019 11:06:06] - [0 Ko] - C:\WINDOWS\Temp\tw-94-14a4-e196f.tmp [MD5.00000000000000000000000000000000] - |D| - [12/10/2019 11:06:06] - [0 Ko] - C:\WINDOWS\Temp\tw-94-14a4-e1a7b.tmp [MD5.00000000000000000000000000000000] - |D| - [12/10/2019 11:06:06] - [0 Ko] - C:\WINDOWS\Temp\tw-94-14a4-e1afa.tmp [MD5.00000000000000000000000000000000] - |D| - [12/10/2019 11:06:07] - [0 Ko] - C:\WINDOWS\Temp\tw-94-14a4-e1cd0.tmp [MD5.00000000000000000000000000000000] - |D| - [12/10/2019 11:06:07] - [0 Ko] - C:\WINDOWS\Temp\tw-94-14a4-e1d5f.tmp [MD5.00000000000000000000000000000000] - |D| - [12/10/2019 11:06:07] - [0 Ko] - C:\WINDOWS\Temp\tw-94-14a4-e1dce.tmp [MD5.00000000000000000000000000000000] - |D| - [12/10/2019 11:06:07] - [0 Ko] - C:\WINDOWS\Temp\tw-94-14a4-e1ef9.tmp [MD5.00000000000000000000000000000000] - |D| - [12/10/2019 11:06:07] - [0 Ko] - C:\WINDOWS\Temp\tw-94-14a4-e1f88.tmp [MD5.00000000000000000000000000000000] - |D| - [12/10/2019 11:06:07] - [0 Ko] - C:\WINDOWS\Temp\tw-94-14a4-e1fc8.tmp [MD5.00000000000000000000000000000000] - |D| - [12/10/2019 11:06:07] - [0 Ko] - C:\WINDOWS\Temp\tw-94-14a4-e2076.tmp [MD5.00000000000000000000000000000000] - |D| - [12/10/2019 11:06:08] - [0 Ko] - C:\WINDOWS\Temp\tw-94-14a4-e2192.tmp [MD5.00000000000000000000000000000000] - |D| - [12/10/2019 11:06:08] - [0 Ko] - C:\WINDOWS\Temp\tw-94-14a4-e223f.tmp [MD5.00000000000000000000000000000000] - |D| - [12/10/2019 11:06:08] - [0 Ko] - C:\WINDOWS\Temp\tw-94-14a4-e22ed.tmp [MD5.00000000000000000000000000000000] - |D| - [12/10/2019 11:06:08] - [0 Ko] - C:\WINDOWS\Temp\tw-94-14a4-e23ba.tmp [MD5.00000000000000000000000000000000] - |D| - [12/10/2019 11:06:08] - [0 Ko] - C:\WINDOWS\Temp\tw-94-14a4-e2449.tmp [MD5.00000000000000000000000000000000] - |D| - [12/10/2019 11:06:09] - [0 Ko] - C:\WINDOWS\Temp\tw-94-14a4-e24b8.tmp [MD5.00000000000000000000000000000000] - |D| - [12/10/2019 11:06:09] - [0 Ko] - C:\WINDOWS\Temp\tw-94-14a4-e2518.tmp [MD5.00000000000000000000000000000000] - |D| - [12/10/2019 11:06:09] - [0 Ko] - C:\WINDOWS\Temp\tw-94-14a4-e2633.tmp [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 23:04:02] - [0 Ko] - C:\WINDOWS\Temp\tw-e98-1a70-caed1.tmp [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 23:04:02] - [0 Ko] - C:\WINDOWS\Temp\tw-e98-1a70-caf11.tmp [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 23:04:02] - [0 Ko] - C:\WINDOWS\Temp\tw-e98-1a70-caf13.tmp [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 23:04:02] - [0 Ko] - C:\WINDOWS\Temp\tw-e98-1a70-caf25.tmp [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 23:04:02] - [0 Ko] - C:\WINDOWS\Temp\tw-e98-1a70-caf37.tmp [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 23:04:02] - [0 Ko] - C:\WINDOWS\Temp\tw-e98-1a70-caf58.tmp [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 23:04:02] - [0 Ko] - C:\WINDOWS\Temp\tw-e98-1a70-caf79.tmp [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 23:04:02] - [0 Ko] - C:\WINDOWS\Temp\tw-e98-1a70-caf8b.tmp [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 23:04:02] - [0 Ko] - C:\WINDOWS\Temp\tw-e98-1a70-caf9c.tmp [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 23:04:02] - [0 Ko] - C:\WINDOWS\Temp\tw-e98-1a70-caf9e.tmp [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 23:04:02] - [0 Ko] - C:\WINDOWS\Temp\tw-e98-1a70-cafcf.tmp [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 23:04:02] - [0 Ko] - C:\WINDOWS\Temp\tw-e98-1a70-cafe1.tmp [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 23:04:02] - [0 Ko] - C:\WINDOWS\Temp\tw-e98-1a70-caff3.tmp [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 23:04:02] - [0 Ko] - C:\WINDOWS\Temp\tw-e98-1a70-caff5.tmp [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 23:04:02] - [0 Ko] - C:\WINDOWS\Temp\tw-e98-1a70-cb016.tmp [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 23:04:02] - [0 Ko] - C:\WINDOWS\Temp\tw-e98-1a70-cb037.tmp [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 23:04:02] - [0 Ko] - C:\WINDOWS\Temp\tw-e98-1a70-cb058.tmp [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 23:04:02] - [0 Ko] - C:\WINDOWS\Temp\tw-e98-1a70-cb089.tmp [MD5.00000000000000000000000000000000] - |D| - [17/10/2019 23:04:02] - [0 Ko] - C:\WINDOWS\Temp\tw-e98-1a70-cb0aa.tmp [MD5.00000000000000000000000000000000] - |D| - [12/10/2019 12:03:46] - [7.71 Ko] - C:\WINDOWS\Temp\VulkanRT [MD5.00000000000000000000000000000000] - |D| - [12/10/2019 12:04:11] - [0 Ko] - C:\WINDOWS\Temp\{CD0F73F0-0104-4C2A-82CD-5E8784A75EC6} [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:27] - [0 Ko] - C:\WINDOWS\System32\0409 [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 17:24:06] - [0 Ko] - C:\WINDOWS\System32\040C [MD5.5B71A54F5EA8CA78793E7FB3C58F2483] - |A| - [14/07/2009 06:45:49] - (.-.) - [25.73 Ko] - (0.0.0.0) - C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [MD5.5B71A54F5EA8CA78793E7FB3C58F2483] - |A| - [14/07/2009 06:45:49] - (.-.) - [25.73 Ko] - (0.0.0.0) - C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [MD5.C652A5EA6545C98CE71684018E0640E7] - |A| - [19/03/2019 06:44:33] - (.-.) - [3.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AdvancedKeySettingsNotification.png [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [19/03/2019 06:44:28] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [19/03/2019 06:44:28] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [19/03/2019 06:44:03] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@BackgroundAccessToastIcon.png [MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [19/03/2019 06:44:47] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@bitlockertoastimage.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [19/03/2019 06:44:47] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@EnrollmentToastIcon.png [MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [19/03/2019 06:44:52] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@language_notification_icon.png [MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [19/03/2019 06:45:47] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@optionalfeatures.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [19/03/2019 06:45:02] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@VpnToastIcon.png [MD5.79166EAF65485F1432DD72B72870026B] - |A| - [19/03/2019 06:45:32] - (.-.) - [190.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@windows-hello-V4.1.gif [MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [19/03/2019 06:45:32] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsHelloFaceToastIcon.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-black.png [MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-white.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [19/03/2019 06:44:01] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WirelessDisplayToast.png [MD5.D0FCF781D0801ABF5F74B54E98076A5B] - |A| - [19/03/2019 06:44:12] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanNotificationIcon.png [MD5.85D91E478AF18125007C531227FF6E59] - |A| - [19/03/2019 06:44:12] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanSimLockIcon.png [MD5.BA2CD38540899A29A8FB30454F5BDD0A] - |A| - [04/02/2011 05:42:59] - (.Copyright (c) 1982-2011 by Autodesk, Inc. - AutoCAD component.) - [34.22 Ko] - (18.2.51.0) - C:\WINDOWS\System32\AcSignExt.dll [MD5.5343074598AC4A7A79FB4845BBE7202C] - |A| - [18/02/2011 11:15:59] - (.Copyright (c) 1982-2011 by Autodesk, Inc. - AutoCAD component.) - [16.82 Ko] - (18.2.51.0) - C:\WINDOWS\System32\AcSignExtRes.dll [MD5.8AF68BE833FCC6F1CF9DD3CE4C530B4C] - |A| - [04/02/2011 05:42:59] - (.Copyright (c) 1982-2011 by Autodesk, Inc. - AutoCAD component.) - [44.22 Ko] - (18.2.51.0) - C:\WINDOWS\System32\AcSignIcon.dll [MD5.8494DB51CF1916B851643387563753FA] - |A| - [04/02/2011 05:42:59] - (.Copyright (c) 1982-2011 by Autodesk, Inc. - AutoCAD component.) - [422.72 Ko] - (18.2.51.0) - C:\WINDOWS\System32\AcSignOpt.exe [MD5.31A16C523B62500F83C82217F056A538] - |A| - [19/03/2019 06:44:21] - (.-.) - [8.13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ActiveHours.png [MD5.0724FA8BCAF2725746F9BB4264989D96] - |A| - [19/03/2019 06:43:47] - (.-.) - [13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\agentactivationruntimestarter.exe [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [5.97 Ko] - C:\WINDOWS\System32\am-et [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0 Ko] - C:\WINDOWS\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [02/02/2010 21:35:12] - [0 Ko] - C:\WINDOWS\System32\appmgmt [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [2710.82 Ko] - C:\WINDOWS\System32\appraiser [MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 14:04:01] - [287.7 Ko] - C:\WINDOWS\System32\AppV [MD5.F94192B47ACA96AFFEBC1073891EBB42] - |A| - [16/07/2016 13:43:20] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AppVStreamingUX.exe.config [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [355.5 Ko] - C:\WINDOWS\System32\ar-SA [MD5.A3FA2DD7B000AE0964395512E9C37E41] - |A| - [19/03/2019 06:45:35] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [607 Ko] - (3.3.2.0) - C:\WINDOWS\System32\archiveint.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\as-IN [MD5.AAAC5481A733198E4DC872C6155091EA] - |A| - [03/10/2019 18:44:26] - (.-.) - [491 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AssignedAccessCsp.dll [MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [19/03/2019 06:43:47] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AverageRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\be-BY [MD5.00000000000000000000000000000000] - |D| - [02/10/2019 17:05:51] - [105.42 Ko] - C:\WINDOWS\System32\BestPractices [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [348 Ko] - C:\WINDOWS\System32\bg-BG [MD5.705628497C0012302212A46ADD463E6E] - |A| - [19/03/2019 06:43:45] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-black.png [MD5.F63C615733A3337BF2BEA96C6EE9B568] - |A| - [19/03/2019 06:43:45] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-high.png [MD5.705628497C0012302212A46ADD463E6E] - |A| - [19/03/2019 06:43:45] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-white.png [MD5.DAF1DCB4AEE839A1965F4CC160C49A53] - |A| - [19/03/2019 06:43:45] - (.-.) - [8.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.png [MD5.28ECA83D7F9D10D69E969675D1FF6725] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.contrast-white.png [MD5.A620186FF1CDE4EE117FC4CAD648B9CC] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\bn-BD [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\bn-IN [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [5984.26 Ko] - C:\WINDOWS\System32\Boot [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\bs-Latn-BA [MD5.6CC5FAF5A7B51609D0D2A90AC1202918] - |A| - [19/03/2019 06:44:29] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [182 Ko] - (1.0.0.1) - C:\WINDOWS\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0.1 Ko] - C:\WINDOWS\System32\Bthprops [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ca-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ca-ES-valencia [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:37:22] - [92185.04 Ko] - C:\WINDOWS\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [96121.93 Ko] - C:\WINDOWS\System32\catroot2 [MD5.396D6B1835CA95007C3D067D80ACE9DC] - |A| - [01/03/2015 19:24:52] - (.Copyright © AMYUNI Technologies 1999-2010 - Common Driver Interface DLL.) - [6372.5 Ko] - (4.5.2.9) - C:\WINDOWS\System32\cdintf450_64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\chr-CHER-US [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [11.19 Ko] - C:\WINDOWS\System32\CodeIntegrity [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [380 Ko] - C:\WINDOWS\System32\Com [MD5.535884123FABC2C15AA7DEC9834B55D4] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.contrast-white.png [MD5.89F92266DFC6F93961DFFBB2D6C61A15] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:37:22] - [332255.48 Ko] - C:\WINDOWS\System32\config [MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:45] - [113.25 Ko] - C:\WINDOWS\System32\Configuration [MD5.FDCF1790F100879ADF8F8684018FAAC0] - |A| - [02/10/2019 17:20:56] - (.-.) - [232.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\containerdevicemanagement.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [410 Ko] - C:\WINDOWS\System32\cs-CZ [MD5.2419907A0BB9A14F1871F0BDA7F65578] - |A| - [02/10/2019 17:21:53] - (.© 1996 - 2017 Daniel Stenberg, . - The curl executable.) - [411.5 Ko] - (7.55.1.0) - C:\WINDOWS\System32\curl.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\cy-GB [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [406 Ko] - C:\WINDOWS\System32\da-DK [MD5.B3E4FEC7C8AD9291722B49D0D63E6550] - |A| - [02/10/2019 17:20:37] - (.-.) - [146 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DataStoreCacheDumpTool.exe [MD5.6630BF2665BD744302D6242C1610890B] - |A| - [15/10/2019 20:05:00] - (.Dropbox, Inc. - Dropbox Service.) - [49.83 Ko] - (1.0.24.0) - C:\WINDOWS\System32\DbxSvc.exe [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [277.94 Ko] - C:\WINDOWS\System32\DDFs [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [461 Ko] - C:\WINDOWS\System32\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [19/03/2019 06:44:03] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultAccountTile.png [MD5.618BA9E529EAB7E11DBA43469481835F] - |A| - [19/03/2019 06:43:47] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [19/03/2019 06:49:38] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultQuestions.json [MD5.F7F850426712A6DD554FBC9B678AE221] - |A| - [06/11/2012 21:37:05] - (.Copyright © 2012 - Java(TM) Platform SE binary.) - [894.98 Ko] - (10.9.2.5) - C:\WINDOWS\System32\deployJava1.dll [MD5.6C22EC440786D5E1EA69E0D53C4F3B4B] - |A| - [19/03/2019 06:44:45] - (.-.) - [35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\deploymentcsphelper.exe [MD5.CFBAA9BD9B9188FFDF4C3E60CC6BEA18] - |A| - [28/03/2010 14:55:09] - (.Copyright © 2004 - Java(TM) Platform SE binary.) - [445 Ko] - (6.0.180.7) - C:\WINDOWS\System32\deploytk.dll [MD5.851A9305E14B348CA0D9C7FB75391FDB] - |A| - [19/03/2019 06:44:21] - (.-.) - [272.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DesktopKeepOnToastImg.gif [MD5.4A6FA3C0EFD237F104E09A22883D9388] - |A| - [19/03/2019 06:44:25] - (.-.) - [3.85 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DetailedReading-Default.xml [MD5.2E4A8F4B4B71F266861613647BCE2DAE] - |A| - [19/03/2019 06:57:20] - (.-.) - [133.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DeviceUpdateCenterCsp.dll [MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:45] - [920.5 Ko] - C:\WINDOWS\System32\DiagSvcs [MD5.173D1EB779621B66784DCABEDF9AFB4F] - |A| - [19/03/2019 06:44:18] - (.-.) - [82.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [9911.6 Ko] - C:\WINDOWS\System32\Dism [MD5.6AB2B935BF38EB13CFCB9506223FD6E7] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.contrast-white.png [MD5.FF004E0B30E5E4EC747B3D8EF6E3B89E] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.png [MD5.C3F8294852FB20F1E03F4A0867100D4C] - |A| - [03/10/2019 18:44:10] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth1.bin [MD5.DC1864D247977386E3046B21B238728F] - |A| - [03/10/2019 18:44:10] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth10.bin [MD5.F5E7B12404FD058E87FFACC4D8ADBFF5] - |A| - [03/10/2019 18:44:10] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth11.bin [MD5.3B7F5ED89ED8860BE5480890010CFE48] - |A| - [03/10/2019 18:44:10] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth12.bin [MD5.ACA932E837044CCD3F76534E85B5E4FA] - |A| - [03/10/2019 18:44:10] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth2.bin [MD5.A1E025AD5275E77BE562B7FADFEF9A6D] - |A| - [03/10/2019 18:44:10] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth3.bin [MD5.1465663694A2FEE2631840D7D1244FB4] - |A| - [03/10/2019 18:44:10] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth4.bin [MD5.B616A3727148474D13AD0AC6508015CC] - |A| - [03/10/2019 18:44:10] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth5.bin [MD5.4E07AC9E6D18F2AF157498A6F33573B0] - |A| - [03/10/2019 18:44:10] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth6.bin [MD5.E13AFE8490D5272FE7D36148609390B3] - |A| - [03/10/2019 18:44:10] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth7.bin [MD5.25D97861D9C814B7E89A1DAF9E71C499] - |A| - [03/10/2019 18:44:10] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth8.bin [MD5.6944755C4B18463F32F9E9A0A9623475] - |A| - [03/10/2019 18:44:10] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth9.bin [MD5.00000000000000000000000000000000] - |DC| - [02/02/2010 18:10:11] - [48.58 Ko] - C:\WINDOWS\System32\DRVSTORE [MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:45] - [252 Ko] - C:\WINDOWS\System32\dsc [MD5.14996F92188DFE0C532C6B4BE0E47574] - |A| - [22/06/2015 02:49:50] - (.(c) VIA Technologies, Inc. - DTS Surround Sensation Control Page.) - [98.65 Ko] - (1.0.0.1) - C:\WINDOWS\System32\Dts2PropPageExt.dll [MD5.1394A49F087BE158119BDC01965E7E6E] - |A| - [03/10/2019 18:43:37] - (.-.) - [2529.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\dwmscene.dll [MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [19/03/2019 06:43:47] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicLong.bin [MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [19/03/2019 06:43:47] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicMedium.bin [MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [19/03/2019 06:43:47] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicShort.bin [MD5.BD76ED39C8D04EC228D2CED63528F581] - |A| - [22/06/2015 02:51:26] - (.©2011 Dolby Laboratories. - Dolby PCEE4 ASL Analog x64.) - [127.09 Ko] - (7.2.7000.11) - C:\WINDOWS\System32\EEA64A.dll [MD5.C599243708A54946C3F1AC89921AF178] - |A| - [22/06/2015 02:51:26] - (.©2011 Dolby Laboratories. - Dolby PCEE4 ASL HDMI x64.) - [127.09 Ko] - (7.2.7000.11) - C:\WINDOWS\System32\EEA64H.dll [MD5.86F7F15051F0C4ABAED7323A04C1DD40] - |A| - [22/06/2015 02:51:26] - (.©2011 Dolby Laboratories. - Dolby PCEE4 COM DLL x64.) - [435.77 Ko] - (7.2.7000.11) - C:\WINDOWS\System32\EED64A.dll [MD5.A467834825D429EA8F3EB258222298BD] - |A| - [22/06/2015 02:51:26] - (.©2011 Dolby Laboratories. - Dolby PCEE4 HDMI COM DLL x64.) - [435.77 Ko] - (7.2.7000.11) - C:\WINDOWS\System32\EED64H.dll [MD5.86992AD3E6F73094D59B9088C4D3FFE2] - |A| - [22/06/2015 02:51:26] - (.©2011 Dolby Laboratories. - Dolby PCEE4 GFX APO x64.) - [82.7 Ko] - (7.2.7000.11) - C:\WINDOWS\System32\EEG64A.dll [MD5.7E92DEFD7BE92FB074209546882F6D18] - |A| - [22/06/2015 02:51:26] - (.©2011 Dolby Laboratories. - Dolby PCEE4 HDMI GFX APO x64.) - [82.7 Ko] - (7.2.7000.11) - C:\WINDOWS\System32\EEG64H.dll [MD5.19322E8036AF874B11B5951DB1DF7F54] - |A| - [22/06/2015 02:51:26] - (.©2011 Dolby Laboratories. - Dolby PCEE4 LFX APO x64.) - [143.77 Ko] - (7.2.7000.11) - C:\WINDOWS\System32\EEL64A.dll [MD5.FDDEB262C668DBFC5FB1FFE14FEE5611] - |A| - [22/06/2015 02:51:26] - (.©2011 Dolby Laboratories. - Dolby PCEE4 HDMI LFX APO x64.) - [143.77 Ko] - (7.2.7000.11) - C:\WINDOWS\System32\EEL64H.dll [MD5.158149482870EFED2DC03502BF2AD996] - |A| - [22/06/2015 02:51:26] - (.©2011 Dolby Laboratories. - Dolby PCEE4 Control Panel x64.) - [7066 Ko] - (7.2.7000.11) - C:\WINDOWS\System32\EEP64A.dll [MD5.4DD73C7FA523C5CD2EFDC3A915D9855E] - |A| - [22/06/2015 02:51:28] - (.©2011 Dolby Laboratories. - Dolby PCEE4 HDMI Control Panel x64.) - [7066 Ko] - (7.2.7000.11) - C:\WINDOWS\System32\EEP64H.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [466 Ko] - C:\WINDOWS\System32\el-GR [MD5.FA9B36F0769B46504A504F1DCFDD5E87] - |A| - [14/03/2012 21:52:04] - (.-.) - [22.66 Ko] - (0.0.0.0) - C:\WINDOWS\System32\emptyregdb.dat [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:27] - [3204 Ko] - C:\WINDOWS\System32\en [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [18287.38 Ko] - C:\WINDOWS\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [27515.83 Ko] - C:\WINDOWS\System32\en-US [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [441 Ko] - C:\WINDOWS\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [361.5 Ko] - C:\WINDOWS\System32\es-MX [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [320 Ko] - C:\WINDOWS\System32\et-EE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\eu-ES [MD5.00000000000000000000000000000000] - |D| - [16/03/2012 19:59:45] - [154.5 Ko] - C:\WINDOWS\System32\EventProviders [MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:45] - [17057.64 Ko] - C:\WINDOWS\System32\F12 [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\fa-IR [MD5.4DED57BD7ACB9B0EBBE82034EC44645A] - |A| - [19/03/2019 06:44:39] - (.-.) - [43.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastBulldogImg.png [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [7.11 Ko] - C:\WINDOWS\System32\ff-Adlm-SN [MD5.2752A77D5909BD0FE985318FF5A7B78B] - |A| - [03/02/2010 11:13:06] - (.Copyright © 2002-2013 - ffdshow VFW.) - [124.5 Ko] - (1.3.4531.0) - C:\WINDOWS\System32\ff_vfw.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [411 Ko] - C:\WINDOWS\System32\fi-FI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\fil-PH [MD5.C69047B4CA6B449C04E459BA7F4F89B4] - |A| - [02/10/2019 17:45:18] - (.-.) - [5133.36 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:27] - [3490.5 Ko] - C:\WINDOWS\System32\fr [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [371.5 Ko] - C:\WINDOWS\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [48651.28 Ko] - C:\WINDOWS\System32\fr-FR [MD5.3C402FA88BB488B77A73428623B7825B] - |A| - [19/03/2019 06:45:49] - (.-.) - [167 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FsNVSDeviceSource.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0 Ko] - C:\WINDOWS\System32\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ga-IE [MD5.41FD64AE28A0C932CA7B2A250993D675] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.contrast-white.png [MD5.6DC77FD8B062264AF1C6DA325ABB7010] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.png [MD5.2E6AF4D5BF6E31E728F409984C3045D4] - |A| - [19/03/2019 06:45:50] - (.-.) - [86.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\gatherNetworkInfo.vbs [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\gd-GB [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\gl-ES [MD5.00000000000000000000000000000000] - |HD| - [14/07/2009 05:20:11] - [0.01 Ko] - C:\WINDOWS\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\WINDOWS\System32\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\gu-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ha-Latn-NG [MD5.EA99A87E98D995DE6E280CF85CEAD413] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.contrast-white.png [MD5.B8E586ED92DB703FFA480E254996160E] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [329.5 Ko] - C:\WINDOWS\System32\he-IL [MD5.6E9E9D56B192B2995493E529CFF2BBFE] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.contrast-white.png [MD5.7F1E9502267F778F3A8139C35A352190] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.png [MD5.202A07E4526B050E22624328E64E0470] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.contrast-white.png [MD5.1892ACC10CAC009BCAC146AD650ABA58] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.png [MD5.031713BFD5F30E63336D3CA5D2767BE9] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.contrast-white.png [MD5.C1BD7976C99830E33A713D02374054EC] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.png [MD5.D6F7FB7B9386E0A029DCCD11DD84B15A] - |A| - [19/03/2019 06:44:11] - (.-.) - [260 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\hi-IN [MD5.B4DE48A0333CD63B62CDC63B516D9902] - |A| - [19/03/2019 06:45:54] - (.-.) - [37.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HvSocket.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\hy-AM [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:04:01] - [158.57 Ko] - C:\WINDOWS\System32\Hydrogen [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [5.36 Ko] - C:\WINDOWS\System32\ias [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [36.27 Ko] - C:\WINDOWS\System32\icsxml [MD5.2E977573411A099BD0213832B7442F0E] - |A| - [02/10/2019 17:20:53] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Combined Library.) - [2267 Ko] - (63.1.0.0) - C:\WINDOWS\System32\icu.dll [MD5.D2A4919E61E99157AD2DE994795C0F83] - |RA| - [19/03/2019 06:44:15] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [24.5 Ko] - (63.1.0.0) - C:\WINDOWS\System32\icuin.dll [MD5.003EEDD728E2952E23DB9F6516B9194A] - |RA| - [19/03/2019 06:44:15] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [29 Ko] - (63.1.0.0) - C:\WINDOWS\System32\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\id-ID [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ig-NG [MD5.8CE43FCE353B86A81F67014B6EEE5143] - |A| - [19/03/2019 06:43:45] - (.-.) - [195.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\IHDS.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [25976.08 Ko] - C:\WINDOWS\System32\IME [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [7101.67 Ko] - C:\WINDOWS\System32\inetsrv [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [6775 Ko] - C:\WINDOWS\System32\InputMethod [MD5.8DE9AE82152650C178BF1E24014E8503] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.contrast-white.png [MD5.0B9FBD6F3ED617CD36D042D3422F1C2B] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0 Ko] - C:\WINDOWS\System32\Ipmi [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\is-IS [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [439.5 Ko] - C:\WINDOWS\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [02/10/2019 17:14:12] - [3483 Ko] - C:\WINDOWS\System32\ja [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [33827.32 Ko] - C:\WINDOWS\System32\ja-jp [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ka-GE [MD5.23AC7515B6D8A794BCC01B582F044078] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.contrast-white.png [MD5.3DF873E16CCEA9B42857FB5FA085CB00] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [532.61 Ko] - C:\WINDOWS\System32\Keywords [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\kk-KZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\km-KH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\kn-IN [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [302 Ko] - C:\WINDOWS\System32\ko-KR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\kok-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ku-Arab-IQ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ky-KG [MD5.9451D4436E2EA67EB33FCC764E4AABED] - |A| - [19/03/2019 06:44:21] - (.-.) - [186.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LaptopPlugInToastImg.gif [MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [19/03/2019 06:43:47] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LargeRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\lb-LU [MD5.1F9A1F359B61A378AB0452E38BD4671F] - |A| - [18/06/2015 04:25:00] - (.(C) 1998-2015 Logitech. - Logitech Bluetooth Co-Installer (UNICODE).) - [59.14 Ko] - (5.90.38.0) - C:\WINDOWS\System32\LBTCoIns.DLL [MD5.157FB82D7141B18624FF2D42190C97E1] - |A| - [19/03/2019 14:02:30] - (.-.) - [1572 Ko] - (2.6.5.1) - C:\WINDOWS\System32\libcrypto.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [625.17 Ko] - C:\WINDOWS\System32\Licenses [MD5.3A990028C3616E00E7CA95A10408B80C] - |A| - [18/06/2015 04:25:00] - (.(C) 1998-2015 Logitech. - Logitech KMDF Co-Installer (UNICODE).) - [1810.64 Ko] - (5.90.38.0) - C:\WINDOWS\System32\LkmdfCoInst.dll [MD5.7C3788193D1E0F1ACE8B6E9F414FAD41] - |A| - [18/06/2015 04:25:00] - (.(C) 1998-2015 Logitech. - Logitech Bluetooth Co-Installer (UNICODE).) - [61.64 Ko] - (5.90.38.0) - C:\WINDOWS\System32\LMouFiltCoInst.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\lo-LA [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [28965.78 Ko] - C:\WINDOWS\System32\LogFiles [MD5.AC012AD7539A8F9FFD31CF80BAA06CC7] - |A| - [20/09/2012 17:02:06] - (.Copyright © 2010-2012 Logitech. All Rights Reserved - Logitech Download Assistant.) - [1789.8 Ko] - (1.10.77.0) - C:\WINDOWS\System32\LogiLDA.DLL [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [335.5 Ko] - C:\WINDOWS\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [333.5 Ko] - C:\WINDOWS\System32\lv-LV [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [58448.17 Ko] - C:\WINDOWS\System32\Macromed [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:03:17] - [32.68 Ko] - C:\WINDOWS\System32\MailContactsCalendarSync [MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [19/03/2019 06:46:54] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\WINDOWS\System32\manage-bde.wsf [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\WINDOWS\System32\manifeststore [MD5.3F0C67A297DF11A7E07026B3B8BB5A0C] - |A| - [22/06/2015 02:51:26] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [662.28 Ko] - (3.6.0.0) - C:\WINDOWS\System32\MaxxAudioAPO30.dll [MD5.574258BF8B82C6283E6C41EBABDC1CC0] - |A| - [22/06/2015 02:51:26] - (.Copyright (C) 2010-2013 - MaxxAudio APO Shell.) - [1007.2 Ko] - (4.12.5.0) - C:\WINDOWS\System32\MaxxAudioAPOShell64.dll [MD5.DF28C4E10D2581DFAE8140EF29BB7E52] - |A| - [22/06/2015 02:51:28] - (.Copyright © 1996-2013 -.) - [27244.8 Ko] - (1.7.3.0) - C:\WINDOWS\System32\MaxxAudioVnA64.dll [MD5.B178DCBF725D542401B36B708409F959] - |A| - [08/10/2019 20:42:05] - (.-.) - [836.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MBR2GPT.EXE [MD5.F23EB28468FC8B62AF941308EC30387F] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.contrast-white.png [MD5.6E27512E38D598E0A60F8E5ADCF032CD] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.png [MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [19/03/2019 06:43:47] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediumRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\mi-NZ [MD5.00000000000000000000000000000000] - |D| - [02/10/2019 17:29:19] - [1157.74 Ko] - C:\WINDOWS\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [7396.72 Ko] - C:\WINDOWS\System32\migration [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [46640.32 Ko] - C:\WINDOWS\System32\migwiz [MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [19/03/2019 06:46:18] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MixedRealityRuntime.json [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\mk-MK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ml-IN [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [19/03/2019 06:49:39] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\mmc.exe.config [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\mn-MN [MD5.B43E43FFFDD0F06A6925C7C89594042B] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.contrast-white.png [MD5.5D2F0D3E50BF1129D260AC1405FF2A18] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\mr-IN [MD5.00000000000000000000000000000000] - |D| - [14/08/2013 09:32:41] - [0 Ko] - C:\WINDOWS\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ms-MY [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [45.5 Ko] - C:\WINDOWS\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [4484.28 Ko] - C:\WINDOWS\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [02/10/2019 17:05:51] - [6162.17 Ko] - C:\WINDOWS\System32\msmq [MD5.18403DE4979A328F21279DECB2E4298F] - |A| - [19/03/2019 06:46:15] - (.-.) - [3.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\msmqpub.mof [MD5.E0640DE5407EEE4C6E16D839243B71F9] - |A| - [19/03/2019 06:58:39] - (.-.) - [8.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\msmqtrc.mof [MD5.3ED9AC3EE11EE2C16E2E41F0DC4BAD42] - |A| - [19/03/2019 06:46:15] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\msmqtrcRemove.mof [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\mt-MT [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [30.3 Ko] - C:\WINDOWS\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [45.64 Ko] - C:\WINDOWS\System32\my-mm [MD5.6B1E196C4E5CB30D6FF99CFA8F1F071D] - |A| - [19/03/2019 06:44:28] - (.-.) - [28.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NarratorControlTemplates.xml [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [401 Ko] - C:\WINDOWS\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [1024 Ko] - C:\WINDOWS\System32\NDF [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ne-NP [MD5.040C9AB775278D56447DE68D6071CCC4] - |A| - [26/06/2017 20:59:54] - (.-.) - [117.01 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetSetupMig.log [MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [19/03/2019 06:45:50] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [136 Ko] - C:\WINDOWS\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [436 Ko] - C:\WINDOWS\System32\nl-NL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\nn-NO [MD5.7BAE25CCB88706C339292C23265AAA46] - |A| - [06/11/2012 21:37:05] - (.Copyright © 2012 - NPRuntime Script Plug-in Library for Java(TM) Deploy.) - [1009.98 Ko] - (10.9.2.5) - C:\WINDOWS\System32\npDeployJava1.dll [MD5.BE6A4E612B29E0EDE7FF437E99C32DCF] - |A| - [22/06/2015 02:51:26] - (.© QSound Labs, Inc. - nQ APO.) - [91.52 Ko] - (6.0.0.0) - C:\WINDOWS\System32\nQAPO.dll [MD5.B21696CAC01541D46A6E125F7973EA51] - |A| - [22/06/2015 02:49:50] - (.(c) QSound Labs, Inc. -.) - [92.5 Ko] - (6.0.6001.1) - C:\WINDOWS\System32\nQPropPageExt.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\nso-ZA [MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:45] - [3781.5 Ko] - C:\WINDOWS\System32\Nui [MD5.0B14FAE1818E7E92F76A2D7FEF62E632] - |A| - [30/10/2009 23:44:44] - (.-.) - [248.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NvApps.xml [MD5.A5B61A97393620007C04D6510ED440C0] - |A| - [26/06/2017 21:01:31] - (.-.) - [8135 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvcoproc.bin [MD5.A7CAE0DCE0FD584E8988148D361BC7B4] - |A| - [20/04/2010 21:54:13] - (.-.) - [14.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvdisp.nvu [MD5.DEF07D5AA963F5601E5C709DE7625D88] - |A| - [09/11/2017 04:57:28] - (.-.) - [43.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvinfo.pb [MD5.BA353E0623E45F4D19BE37476A370646] - |A| - [13/11/2013 19:39:17] - (.-.) - [4.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvPerfProvider.man [MD5.931C0EE2CE47DECDA60E0665BD278341] - |A| - [13/11/2013 19:39:17] - (.-.) - [2629.17 Ko] - (2.18.0.0) - C:\WINDOWS\System32\nvwmi64.exe [MD5.6C1FCC7FAA1782D253CE5316E47D4EBE] - |A| - [30/10/2009 23:44:44] - (.-.) - [68.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NvwsApps.xml [MD5.2145E8D9F059A01AD670A8A0FE3B74BF] - |A| - [19/03/2019 14:04:01] - (.-.) - [18.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OEMDefaultAssociations.xml [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-black.png [MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-white.png [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.png [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [37669.85 Ko] - C:\WINDOWS\System32\oobe [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:02:30] - [3554.5 Ko] - C:\WINDOWS\System32\OpenSSH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\or-IN [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [3.81 Ko] - C:\WINDOWS\System32\osa-Osge-001 [MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [19/03/2019 06:43:47] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OutdoorAudioEnvironment.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\pa-IN [MD5.C89B88BCA6D6B72A470D8BF5730254C6] - |A| - [24/10/2013 16:09:36] - (.Copyright (C) 2011, 2012, 2013 - pdfcmon.) - [107.68 Ko] - (0.3.0.0) - C:\WINDOWS\System32\pdfcmon.dll [MD5.86FF1BD15D05E2D8D5840F1FA9B6ABD5] - |A| - [04/07/2016 10:11:50] - (.-.) - [0.37 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Pen_Tablet.dat [MD5.C903226372B818C678F7061739AA5FA5] - |A| - [19/03/2019 06:55:38] - (.-.) - [167.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc009.dat [MD5.317B86FC130AC9F5762AABEF89A96F1F] - |A| - [19/03/2019 14:01:29] - (.-.) - [178.26 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc00C.dat [MD5.EC738CA85AD860D55C0A66E6BAA415FC] - |A| - [02/10/2019 17:14:16] - (.-.) - [153.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc011.dat [MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [19/03/2019 06:55:38] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd009.dat [MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [19/03/2019 14:01:29] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd00C.dat [MD5.50681B748A019D0096B5DF4EBE1EAB74] - |A| - [02/10/2019 17:14:16] - (.-.) - [32.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd011.dat [MD5.A037DA91F0AC41BAC5344C299F30B90F] - |A| - [19/03/2019 06:55:38] - (.-.) - [780.75 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh009.dat [MD5.D17F72F1B0C47436DBFD03D0BBB027AA] - |A| - [19/03/2019 14:01:29] - (.-.) - [860.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh00C.dat [MD5.27AB151D554AD8113B50AA2BE9DBE27C] - |A| - [02/10/2019 17:14:16] - (.-.) - [502.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh011.dat [MD5.7ECAE26B6D58794598F04E37B32A0952] - |A| - [02/10/2019 18:04:09] - (.-.) - [6.95 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerfStringBackup.INI [MD5.79D34E3B62076D4C875C748F5BE71ECA] - |A| - [19/03/2019 06:43:45] - (.-.) - [2.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.contrast-white.png [MD5.4D9495349D00D9AD907F227FF51F289F] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.92 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [434.5 Ko] - C:\WINDOWS\System32\pl-PL [MD5.7AAC31B8B3B2B56249DB709E1C60B127] - |A| - [18/02/2011 11:18:45] - (.Copyright (c) 1982-2010 by Autodesk, Inc. - Autodesk Hardcopy component.) - [350.32 Ko] - (10.2.51.0) - C:\WINDOWS\System32\plotman.cpl [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [464 Ko] - C:\WINDOWS\System32\PointOfService [MD5.77D96999819206E9208DF12819E5DBA7] - |A| - [19/03/2019 06:44:12] - (.-.) - [42.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\pospaymentsworker.exe [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:28] - [1380.13 Ko] - C:\WINDOWS\System32\Printing_Admin_Scripts [MD5.C946D7A4937017D347CBD0E12D70F192] - |A| - [22/06/2015 02:49:50] - (.TODO: (c) . - TODO: .) - [62.65 Ko] - (1.0.0.1) - C:\WINDOWS\System32\PropPageExt.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0 Ko] - C:\WINDOWS\System32\ProximityToast [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\prs-AF [MD5.007893E8374C766471239EB291BA8C17] - |A| - [19/03/2019 06:44:00] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [429 Ko] - C:\WINDOWS\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [431 Ko] - C:\WINDOWS\System32\pt-PT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\quz-PE [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [23.75 Ko] - C:\WINDOWS\System32\ras [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0 Ko] - C:\WINDOWS\System32\RasToast [MD5.2210F24EDC6E80B1D311B2C3641DE9FA] - |A| - [02/10/2019 17:21:59] - (.-.) - [1983.5 Ko] - (1.0.1907.17001) - C:\WINDOWS\System32\rdpnano.dll [MD5.D8D02FD6073373A537FC0C1024E7C6DA] - |A| - [19/03/2019 06:43:47] - (.-.) - [60.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rdsxvmaudio.dll [MD5.9EB5D001B61A90672B8DA7E272545704] - |A| - [19/03/2019 06:58:49] - (.Copyright (C) 2009 - RemoteFX Helper.) - [131.5 Ko] - (1.1.0.0) - C:\WINDOWS\System32\RDVGHelper.exe [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [2.19 Ko] - C:\WINDOWS\System32\Recovery [MD5.826549DF7B1333179BA8CA939B12DAD3] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.contrast-white.png [MD5.B4DEEC96F9DF6961D5DE054F11BF9C2B] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.png [MD5.1B7341B9AAFB4925790B5C37C10F285A] - |A| - [03/10/2019 18:44:07] - (.-.) - [107.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResBParser.dll [MD5.1FB4B6A26FEEF4A99B7D0ECD2ADDF075] - |A| - [19/03/2019 06:45:56] - (.-.) - [9.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageList [MD5.93915F385A4EED6C0FBEE364EA90CE56] - |A| - [19/03/2019 06:45:56] - (.-.) - [9.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageListLowCost [MD5.39BB5D2A5EC1CBDD722CAB7BDCEC41F5] - |A| - [19/03/2019 06:45:56] - (.-.) - [8.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageList [MD5.39A2449AFF6ABAD80B97EA7C7CEB3F8E] - |A| - [19/03/2019 06:45:56] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageListLowCost [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-black.png [MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-white.png [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.png [MD5.AE9FE55FED83149715734CB83339055A] - |A| - [19/03/2019 06:44:21] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartTonight_80.png [MD5.AE9FE55FED83149715734CB83339055A] - |A| - [19/03/2019 06:44:21] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartTonight_80_contrast-black.png [MD5.891AD355AB777A95695FC8A8A623A614] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.98 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartTonight_80_contrast-white.png [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0.07 Ko] - C:\WINDOWS\System32\restore [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [351 Ko] - C:\WINDOWS\System32\ro-RO [MD5.AA694008D3068ED546D9DF920BF5300D] - |A| - [19/03/2019 06:44:35] - (.-.) - [57.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\runexehelper.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\rw-RW [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [19/03/2019 06:46:39] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScavengeSpace.xml [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-black.png [MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-white.png [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\sd-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [6.92 Ko] - C:\WINDOWS\System32\SecureBootUpdates [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [19/03/2019 06:44:01] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\settings.dat [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [77.44 Ko] - C:\WINDOWS\System32\Sgrm [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [2370 Ko] - C:\WINDOWS\System32\ShellExperiences [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [23.7 Ko] - C:\WINDOWS\System32\si-lk [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [341 Ko] - C:\WINDOWS\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [337.5 Ko] - C:\WINDOWS\System32\sl-SI [MD5.00000000000000000000000000000000] - |D| - [02/10/2019 17:45:22] - [15095.27 Ko] - C:\WINDOWS\System32\SleepStudy [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:28] - [133.19 Ko] - C:\WINDOWS\System32\slmgr [MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [19/03/2019 06:43:47] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:37:22] - [12617.02 Ko] - C:\WINDOWS\System32\SMI [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-black.png [MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-white.png [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.png [MD5.DE3EAAF17BC934C77C4FC0C626EEA03B] - |A| - [19/03/2019 06:43:45] - (.-.) - [1.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.contrast-white.png [MD5.3308374DB8D20CFDA4D4204E2B5E559E] - |A| - [19/03/2019 06:43:45] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.png [MD5.CEDAB194F8B9DADA895371B4560B97F0] - |A| - [19/03/2019 06:45:54] - (.-.) - [38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpectrumSyncClient.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [7901.3 Ko] - C:\WINDOWS\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [12967.89 Ko] - C:\WINDOWS\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [114830.49 Ko] - C:\WINDOWS\System32\spool [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [15192.37 Ko] - C:\WINDOWS\System32\spp [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [23.61 Ko] - C:\WINDOWS\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [16/03/2012 20:00:26] - [1775.5 Ko] - C:\WINDOWS\System32\SPReview [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\sq-AL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\sr-Cyrl-BA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\sr-Cyrl-RS [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 13:47:48] - [0 Ko] - C:\WINDOWS\System32\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [339 Ko] - C:\WINDOWS\System32\sr-Latn-RS [MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [19/03/2019 06:45:56] - (.-.) - [19.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms-apr.dat [MD5.763BCEE61F573235E1C60E80438AC301] - |A| - [02/10/2019 17:21:59] - (.-.) - [57.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms.dat [MD5.00000000000000000000000000000000] - |D| - [26/06/2017 21:00:54] - [2140.42 Ko] - C:\WINDOWS\System32\SRSLabs [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [20504 Ko] - C:\WINDOWS\System32\sru [MD5.EBF15D23B92DE845AC8C952AE9153492] - |A| - [19/03/2019 06:43:47] - (.-.) - [443 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ssdm.dll [MD5.5425DDFB3F6DC0CB99B08F7FACB7155A] - |A| - [18/02/2011 11:19:03] - (.Copyright (c) 1982-2010 by Autodesk, Inc. - Autodesk Hardcopy component.) - [350.32 Ko] - (10.2.51.0) - C:\WINDOWS\System32\styleman.cpl [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [408 Ko] - C:\WINDOWS\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\sw-KE [MD5.20C4FE2B130D9F0C92D7629E71AFBB66] - |A| - [19/03/2019 06:46:24] - (.-.) - [1.68 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SyncAppvPublishingServer.vbs [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:43] - [1408.89 Ko] - C:\WINDOWS\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [955.28 Ko] - C:\WINDOWS\System32\SystemResetPlatform [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [10.73 Ko] - C:\WINDOWS\System32\ta-in [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [10.73 Ko] - C:\WINDOWS\System32\ta-lk [MD5.5F6B04A0EC5FE46FEEEC887406F63E57] - |A| - [19/03/2019 06:45:35] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [49.5 Ko] - (3.3.2.0) - C:\WINDOWS\System32\tar.exe [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [842.43 Ko] - C:\WINDOWS\System32\Tasks [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [788.21 Ko] - C:\WINDOWS\System32\Tasks_Migrated [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [19/03/2019 06:45:00] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\te-IN [MD5.364B8B76EBB95762632341E49F26144D] - |A| - [02/10/2019 17:20:51] - (.-.) - [1798 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TextInputMethodFormatter.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\tg-Cyrl-TJ [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [310.5 Ko] - C:\WINDOWS\System32\th-TH [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [5.97 Ko] - C:\WINDOWS\System32\ti-et [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\tk-TM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\tn-ZA [MD5.E8B2CCAA7CB999F03B1611DE3E960AEE] - |A| - [28/10/2010 17:17:27] - (.-.) - [0.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TouchTabletUserDefaults.xml [MD5.B88B8D017386A00D7724519F475317A0] - |A| - [19/03/2019 06:43:54] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [19/03/2019 06:43:54] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlanCredentials.xslt [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\tt-RU [MD5.D200497DD3A24F138123F0EB6C385D1D] - |A| - [19/03/2019 06:46:26] - (.-.) - [0.14 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UevAppMonitor.exe.config [MD5.4AAEE8D86EC81DA2A1514ABC77E71F57] - |A| - [19/03/2019 06:46:26] - (.-.) - [3.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UevCustomActionTypes.tlb [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ug-CN [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [337 Ko] - C:\WINDOWS\System32\uk-UA [MD5.B9A75ED4500DD953DF172FE6F63578E8] - |A| - [19/03/2019 06:43:49] - (.-.) - [53.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\umpdc.dll [MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:45] - [1917.6 Ko] - C:\WINDOWS\System32\UNP [MD5.88AF3B6E9A464BC0B99EC6566918BD66] - |A| - [03/02/2010 11:13:06] - (.-.) - [202 Ko] - (3.91.100.345) - C:\WINDOWS\System32\unrar.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ur-PK [MD5.C5051D8BC14B8A4C3C1F4F8CDA648C3F] - |A| - [03/10/2019 18:43:29] - (.-.) - [46.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UsbPmApi.dll [MD5.BAB4BA3C107F89955FABD06688B232F0] - |A| - [02/10/2019 17:20:58] - (.-.) - [37 Ko] - (0.0.0.0) - C:\WINDOWS\System32\usocoreps.dll [MD5.F7588533600D24CFFDB5842176B81106] - |A| - [19/03/2019 06:57:21] - (.-.) - [116 Ko] - (0.0.0.0) - C:\WINDOWS\System32\uwfcfgmgmt.dll [MD5.BD456ED873EF48503EC28DC0317B505A] - |A| - [19/03/2019 06:57:21] - (.-.) - [147.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\uwfcsp.dll [MD5.5489D0B06F4A77C8676E3A6F0A8E2D79] - |A| - [19/03/2019 06:57:47] - (.-.) - [30 Ko] - (0.0.0.0) - C:\WINDOWS\System32\uwfservicingapi.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\uz-Latn-UZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\vi-VN [MD5.FC2C55B04D90B8B080E30257D4A3D04F] - |A| - [22/06/2015 02:51:26] - (.(c) VIA Technologies, Inc. - ViaKaraoke APO.) - [1152.83 Ko] - (0.1.0.0) - C:\WINDOWS\System32\ViaKaraokeApo.dll [MD5.C71A00E391CFED4A091045BAFE383A56] - |A| - [22/06/2015 02:49:50] - (.(c)VIA Technologies,Inc. - VIA APO for MicArray Applications..) - [129.15 Ko] - (0.2.0.0) - C:\WINDOWS\System32\ViaKaraokePropPageExt.dll [MD5.004175DA13E0372DA58F523104921631] - |A| - [22/06/2015 02:49:50] - (.(c) VIA Technologies, Inc. - Service binary.) - [35.65 Ko] - (0.1.0.0) - C:\WINDOWS\System32\ViakaraokeSrv.exe [MD5.036D403A50EB5B4031EF7CAC96864881] - |A| - [22/06/2015 02:51:28] - (.(c)Copyright Reserved. VIA Technologies,Inc. - ViaMicArray APO.) - [1965.33 Ko] - (0.5.0.0) - C:\WINDOWS\System32\ViaMicArrayAPO.dll [MD5.BC1F298EFB2BF2937829BB8E22DEA171] - |A| - [22/06/2015 02:49:50] - (.VIA Technologies,Inc. - VIA APO for MicArray Applications..) - [101.65 Ko] - (0.5.0.0) - C:\WINDOWS\System32\ViaMicArrayPropPageExt.dll [MD5.57BEAB40E1C1278A8C9893E45EAFAFD2] - |A| - [22/06/2015 02:49:52] - (.VIA Technologies, Inc. - VIA LFX/GFX DSP UI component.) - [3231.7 Ko] - (11.5.0.20) - C:\WINDOWS\System32\VIAPropPageExt.dll [MD5.18F0196E5F6497EC8051F21FFA9530C5] - |A| - [22/06/2015 02:51:28] - (.Copyright (c) VIA Technologies, Inc. All Rights Reserved - VIA LFX/GFX DSP Component.) - [1164.83 Ko] - (1.0.0.0) - C:\WINDOWS\System32\VIASysFx.dll [MD5.E9A66CB07CCDB9B99F084315E04FCBC7] - |A| - [19/03/2019 06:59:03] - (.-.) - [92.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\VirtualMonitorManager.dll [MD5.DCBC124C9A91552398F5FB208542CEDC] - |A| - [22/06/2015 02:51:28] - (.Copyright (c) 2006-2013 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [1979.67 Ko] - (1.2.16.73) - C:\WINDOWS\System32\VMAPO264.DLL [MD5.D2E85128463DB0631EF323C373C0549D] - |A| - [22/06/2015 02:51:28] - (.Copyright (c) 2006-2011 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [875.34 Ko] - (1.0.54.0) - C:\WINDOWS\System32\VMAPO64.DLL [MD5.49E1F416E4E416E8CB70C293B10C9205] - |A| - [22/06/2015 02:51:28] - (.Copyright (c) 2006-2010 Creative Technology Ltd. - Creative Chaining Property Page Loader Module.) - [61.66 Ko] - (1.0.0.180) - C:\WINDOWS\System32\VMPPCN64.DLL [MD5.D848CC73FF1E9AAC31C495D3E75A5ABB] - |A| - [22/06/2015 02:51:28] - (.Copyright (c) 2006-2011 Creative Technology Ltd. - Creative Property Page Loader Module.) - [65.7 Ko] - (1.0.54.0) - C:\WINDOWS\System32\VMPPLD64.DLL [MD5.9791E1D4C55FB349B107821BED13FE9B] - |A| - [22/06/2015 02:51:28] - (.Copyright (c) 2006-2011 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [619.05 Ko] - (1.0.15.150) - C:\WINDOWS\System32\VMTHX64.DLL [MD5.A163AB774B4A56BF09972DD845C52548] - |A| - [22/06/2015 02:51:28] - (.Copyright (c) 2006-2010 Creative Technology Ltd. - Audio Processing Object Chaining Module.) - [391.12 Ko] - (1.0.0.220) - C:\WINDOWS\System32\VMWRP64.DLL [MD5.31E35A89622C4C2D19529A9649CE87A9] - |A| - [16/03/2016 23:29:26] - (.-.) - [124.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkan-1-1-0-5-1.dll [MD5.AC97F59AAF23E9F6BAF6D29D6241ADF3] - |A| - [20/06/2018 21:58:08] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [944.3 Ko] - (1.1.77.0) - C:\WINDOWS\System32\vulkan-1-999-0-0-0.dll [MD5.AC97F59AAF23E9F6BAF6D29D6241ADF3] - |A| - [20/06/2018 21:58:08] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [944.3 Ko] - (1.1.77.0) - C:\WINDOWS\System32\vulkan-1.dll [MD5.067D351A5912A33D3463A92C4BE97074] - |A| - [16/03/2016 23:28:42] - (.-.) - [44.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo-1-1-0-5-1.exe [MD5.E127D369C4C8D9790B4094679480FBDF] - |A| - [20/06/2018 21:58:24] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [250.8 Ko] - (1.1.77.0) - C:\WINDOWS\System32\vulkaninfo-1-999-0-0-0.exe [MD5.E127D369C4C8D9790B4094679480FBDF] - |A| - [20/06/2018 21:58:24] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [250.8 Ko] - (1.1.77.0) - C:\WINDOWS\System32\vulkaninfo.exe [MD5.63A673FB3E0FD1B30D7994ABD7F13E49] - |A| - [22/06/2015 02:51:28] - (.Copyright © 1996-2012 - General Library for Plug-Ins.) - [2080.52 Ko] - (4.4.3.0) - C:\WINDOWS\System32\WavesGUILib64.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [190060.03 Ko] - C:\WINDOWS\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:28] - [0 Ko] - C:\WINDOWS\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [72488.59 Ko] - C:\WINDOWS\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [19/03/2019 06:44:30] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\WINDOWS\System32\wfp [MD5.4E88E16573740F9A3FBCABDCAECF3E5C] - |A| - [21/01/2015 06:21:00] - (.Copyright (C) 2002-2015 by WIBU-SYSTEMS AG - CodeMeter Library.) - [834.85 Ko] - (5.21.1478.500) - C:\WINDOWS\System32\WibuCm64.dll [MD5.97610FD60C90FC82FFA72AE02709B121] - |A| - [21/01/2015 06:21:00] - (.Copyright (C) 2002-2015 by WIBU-SYSTEMS AG - CodeMeter Library, ±¾µØ»¯/ÖÐÎÄ£¨¼òÌ壩.) - [20.5 Ko] - (5.21.1478.500) - C:\WINDOWS\System32\WibuCm64.lcn [MD5.B3196F55718DABE2A99A3A79212A12F4] - |A| - [21/01/2015 06:21:00] - (.Copyright © 2002-2015 bei WIBU-SYSTEMS AG - CodeMeter Library, Sprachmodul/Deutsch.) - [46 Ko] - (5.21.1478.500) - C:\WINDOWS\System32\WibuCm64.lde [MD5.BA50376B5656F8DBF61B913F28D60B1A] - |A| - [21/01/2015 06:21:00] - (.Patentado © 2002-2015 por WIBU-SYSTEMS AG - CodeMeter Library.) - [45 Ko] - (5.21.1478.500) - C:\WINDOWS\System32\WibuCm64.les [MD5.B110A9E076B49764E2ED021503A1E849] - |A| - [21/01/2015 06:21:00] - (.Copyright © 2002-2015 WIBU-SYSTEMS AG - CodeMeter Library, Langue/Français.) - [44 Ko] - (5.21.1478.500) - C:\WINDOWS\System32\WibuCm64.lfr [MD5.C7BFF409F3D321C9BB0FB16B354D3428] - |A| - [21/01/2015 06:21:00] - (.Copyright © 2002-2015 da WIBU-SYSTEMS AG - CodeMeter Library, Localizzazione/Italiano.) - [41 Ko] - (5.21.1478.500) - C:\WINDOWS\System32\WibuCm64.lit [MD5.E45350CF3F61B9DA2CB7F7F349AFFDE3] - |A| - [21/01/2015 06:21:00] - (.Copyright ? 2002-2015 by WIBU-SYSTEMS AG - CodeMeter Library, ƒ[ƒJƒ‰ƒCƒ[ƒCƒVƒ‡ƒ“/“ú–{Œê.) - [27 Ko] - (5.21.1478.500) - C:\WINDOWS\System32\WibuCm64.ljp [MD5.2649C7174B35E6AA9A5973CD2A5D2FE6] - |A| - [21/01/2015 06:21:00] - (.-.) - [40 Ko] - (5.21.1478.500) - C:\WINDOWS\System32\WibuCm64.lru [MD5.5924A97589F29DF00AA66527871DCF5A] - |A| - [21/01/2015 06:21:00] - (.Copyright (C) 2004-2015 by WIBU-SYSTEMS AG - CodeMeter Java Calling Driver.) - [213.38 Ko] - (5.21.1478.500) - C:\WINDOWS\System32\wibucmJNI64.dll [MD5.1C88520AB11F2041B496A2673BD89C91] - |A| - [28/03/2010 15:28:30] - (.Copyright (C) 2002-06 by WIBU-SYSTEMS AG - WIBU-KEY Java Native Interface Library.) - [585.5 Ko] - (5.20.36.500) - C:\WINDOWS\System32\wibuKJni64.dll [MD5.E14E86AF86C1C5B014F0F0E0FA127C2A] - |A| - [21/01/2015 06:21:00] - (.Copyright (C) 2005-2015 by WIBU-SYSTEMS AG - WIBU AxProtector Java.) - [1287.36 Ko] - (9.11.1478.500) - C:\WINDOWS\System32\WibuXpm4J64.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [1.12 Ko] - C:\WINDOWS\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [49316.93 Ko] - C:\WINDOWS\System32\WinBioPlugIns [MD5.8B956E4F6378335CC19BE3296A6C9B7E] - |A| - [19/03/2019 06:44:11] - (.-.) - [122 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [12708.05 Ko] - C:\WINDOWS\System32\WindowsPowerShell [MD5.28E98ED0B6B08B7F1D163FFD184B28AF] - |A| - [19/03/2019 06:44:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsSecurityIcon.png [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [110116 Ko] - C:\WINDOWS\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [6163.84 Ko] - C:\WINDOWS\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:28] - [293.35 Ko] - C:\WINDOWS\System32\winrm [MD5.46CAB3B2019053C890063000CF5B9696] - |A| - [28/03/2010 15:28:30] - (.Copyright (C) 2004-06 by WIBU-SYSTEMS AG - WIBU-SYSTEMS Standard Technology.) - [490.5 Ko] - (5.20.23.500) - C:\WINDOWS\System32\WkExt64.dll [MD5.D4C4002CFF38940A2D9333E788A27365] - |A| - [28/03/2010 15:28:22] - (.Copyright © 1993-2006 by WIBU-SYSTEMS AG - WIBU-KEY Calling Driver.) - [190.5 Ko] - (5.20.0.500) - C:\WINDOWS\System32\WkWin64.dll [MD5.180EB6EEE0EA61D83B7033415E00C84E] - |A| - [28/03/2010 15:28:30] - (.Copyright © 1993-2006 WIBU-SYSTEMS AG - Pilote d'appel WIBU-KEY, Langue/Français.) - [21 Ko] - (5.20.0.500) - C:\WINDOWS\System32\WkWin64.lfr [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\wo-SN [MD5.1B46E2E85D401A629966A8F62D9B0775] - |A| - [19/03/2019 06:43:52] - (.-.) - [9.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcatltoast.png [MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [19/03/2019 06:43:52] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcmon.png [MD5.69FEC1494F4C454E994D27CA6750832B] - |A| - [19/03/2019 06:44:35] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpr.config.xml [MD5.00000000000000000000000000000000] - |D| - [28/10/2010 17:17:42] - [2348.29 Ko] - C:\WINDOWS\System32\WTablet [MD5.2DE2D263D2C5739AB4A37C5616ABA671] - |A| - [19/03/2019 06:44:03] - (.-.) - [97 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\xh-ZA [MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.61 Ko] - (0.0.0.0) - C:\WINDOWS\System32\X_80.contrast-black.png [MD5.6FF92221AF9D6CDF0966C4E44C367975] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.57 Ko] - (0.0.0.0) - C:\WINDOWS\System32\X_80.contrast-white.png [MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [19/03/2019 06:44:21] - (.-.) - [0.61 Ko] - (0.0.0.0) - C:\WINDOWS\System32\X_80.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\yo-NG [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [291.49 Ko] - C:\WINDOWS\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 13:47:48] - [6.5 Ko] - C:\WINDOWS\System32\zh-HK [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [261.5 Ko] - C:\WINDOWS\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\zu-ZA [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:28] - [0 Ko] - C:\WINDOWS\SysWOW64\0409 [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 17:24:07] - [0 Ko] - C:\WINDOWS\SysWOW64\040C [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [19/03/2019 06:45:19] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [19/03/2019 06:45:19] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [19/03/2019 06:45:22] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [19/03/2019 06:45:30] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@VpnToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [19/03/2019 06:45:13] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@WirelessDisplayToast.png [MD5.3D225D8435666C14ADDF17C14806C355] - |A| - [21/10/2012 21:10:39] - (.Copyright 1999 - ActiveSkin Module.) - [336 Ko] - (3.55.0.2) - C:\WINDOWS\SysWOW64\ActiveSkin.ocx [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [1856.8 Ko] - C:\WINDOWS\SysWOW64\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\af-ZA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\am-ET [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [174 Ko] - C:\WINDOWS\SysWOW64\ar-SA [MD5.7230E04E6BD86FFE4E1034D9B3B893A3] - |A| - [19/03/2019 06:45:59] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [520 Ko] - (3.3.2.0) - C:\WINDOWS\SysWOW64\archiveint.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\as-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\be-BY [MD5.00000000000000000000000000000000] - |D| - [02/10/2019 17:05:51] - [12.62 Ko] - C:\WINDOWS\SysWOW64\BestPractices [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [147.5 Ko] - C:\WINDOWS\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\bn-BD [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\bn-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\bs-Latn-BA [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0.1 Ko] - C:\WINDOWS\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ca-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ca-ES-valencia [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot2 [MD5.880C5F8D12F7AFEFB6635C9B5304768D] - |A| - [01/03/2015 19:24:51] - (.Copyright © AMYUNI Technologies 1999-2010 - Common Driver Interface DLL.) - [4697 Ko] - (4.5.2.9) - C:\WINDOWS\SysWOW64\cdintf450.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\chr-CHER-US [MD5.E8ABB4C72F42D1356D6790A9D2CEB543] - |A| - [27/12/2012 12:22:07] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CM-Backup2-1515017-12Dec27-11-22-07.wbb [MD5.8FBA7F439634D4380A0DE681D9BCE855] - |A| - [29/12/2012 16:43:22] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CM-Backup2-1515017-12Dec29-15-43-22.wbb [MD5.A9BE771D0182F81B28CEE6B884F1ADAE] - |A| - [05/11/2012 19:05:20] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CM-Backup2-1515017-12Nov05-18-05-20.wbb [MD5.87BE4E270D1CE2FADDB99C676D9FC576] - |A| - [06/11/2012 21:41:59] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CM-Backup2-1515017-12Nov06-20-41-59.wbb [MD5.5907699ED78E8D8CE7751D54C7231D5C] - |A| - [15/10/2012 17:57:00] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CM-Backup2-1515017-12Oct15-17-57-00.wbb [MD5.DEDA04DE209675C37C72D7BB5AA2C92A] - |A| - [29/10/2012 18:48:38] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CM-Backup2-1515017-12Oct29-17-48-38.wbb [MD5.7F403EC6B1D9B413A1F7B733BA899DF9] - |A| - [09/04/2013 17:21:45] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CM-Backup2-1515017-13Apr09-17-21-45.wbb [MD5.FACDC43F526EEDCF2345A1CC305B79DB] - |A| - [17/04/2013 21:45:13] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CM-Backup2-1515017-13Apr17-21-45-13.wbb [MD5.0F727BA1367738EBC7C9F50FF8ADC069] - |A| - [06/02/2013 21:53:43] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CM-Backup2-1515017-13Feb06-20-53-43.wbb [MD5.6AAA6F91D91DB82684CE5BE37F9503F6] - |A| - [17/02/2013 12:48:36] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CM-Backup2-1515017-13Feb17-11-48-36.wbb [MD5.BFF4D35BB2399677D253234E564F2ADC] - |A| - [20/02/2013 17:08:17] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CM-Backup2-1515017-13Feb20-16-08-17.wbb [MD5.E1EB39BB6F7B063788E42D3B56CD1F00] - |A| - [31/01/2013 21:19:43] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CM-Backup2-1515017-13Jan31-20-19-43.wbb [MD5.C80DC99FE5A63CCEAE1368273D58BC10] - |A| - [06/06/2013 17:38:05] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CM-Backup2-1515017-13Jun06-17-38-05.wbb [MD5.62851F1EAD3E93A64D4110908D9F57C5] - |A| - [08/06/2013 20:27:02] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CM-Backup2-1515017-13Jun08-20-27-02.wbb [MD5.5B67B597B2542C37DA531B3DC499813F] - |A| - [12/06/2013 17:20:45] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CM-Backup2-1515017-13Jun12-17-20-45.wbb [MD5.42569996CBB25E68996FFBF03E39126A] - |A| - [03/03/2013 11:41:48] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CM-Backup2-1515017-13Mar03-10-41-48.wbb [MD5.36BD20C6E398E00DD80DA2F683DBDD7A] - |A| - [04/03/2013 21:40:42] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CM-Backup2-1515017-13Mar04-20-40-42.wbb [MD5.18E8FDB7D6C7DC347034368A7DFFF02E] - |A| - [05/03/2013 21:41:00] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CM-Backup2-1515017-13Mar05-20-41-00.wbb [MD5.11292D3F812B7575EB30ECB1AB34E0C9] - |A| - [15/05/2013 17:54:31] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CM-Backup2-1515017-13May15-17-54-31.wbb [MD5.373F6D7CC87F457194E55AC4D961C0C6] - |A| - [30/05/2013 20:35:31] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CM-Backup2-1515017-13May30-20-35-31.wbb [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [327 Ko] - C:\WINDOWS\SysWOW64\Com [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [936.18 Ko] - C:\WINDOWS\SysWOW64\config [MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:46] - [113.25 Ko] - C:\WINDOWS\SysWOW64\Configuration [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [206 Ko] - C:\WINDOWS\SysWOW64\cs-CZ [MD5.1E02A122FE09272058FC1EF0B1B6265E] - |A| - [02/10/2019 17:22:04] - (.© 1996 - 2017 Daniel Stenberg, . - The curl executable.) - [377 Ko] - (7.55.1.0) - C:\WINDOWS\SysWOW64\curl.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\cy-GB [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [207 Ko] - C:\WINDOWS\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [229 Ko] - C:\WINDOWS\SysWOW64\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [19/03/2019 06:45:13] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\DefaultAccountTile.png [MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:46] - [186 Ko] - C:\WINDOWS\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [7883.73 Ko] - C:\WINDOWS\SysWOW64\Dism [MD5.1E91815C329345AD54FE08BF7A98F749] - |A| - [19/03/2019 14:02:24] - (.Copyright (C) 2017 - Gracenote SDK component.) - [4073.5 Ko] - (3.10.5.5585) - C:\WINDOWS\SysWOW64\gnsdk_fp.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\gu-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ha-Latn-NG [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [166 Ko] - C:\WINDOWS\SysWOW64\he-IL [MD5.791F8E1C60E6466F93D792D375D8F1B5] - |A| - [19/03/2019 06:45:13] - (.-.) - [203.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\hi-IN [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [142.5 Ko] - C:\WINDOWS\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [212.5 Ko] - C:\WINDOWS\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\hy-AM [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [36.27 Ko] - C:\WINDOWS\SysWOW64\icsxml [MD5.659B216490380FBE2DC77DECC203E5ED] - |A| - [02/10/2019 17:21:40] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Combined Library.) - [1849.5 Ko] - (63.1.0.0) - C:\WINDOWS\SysWOW64\icu.dll [MD5.1EAD0C642EF0B2692D44A206CAD63C74] - |RA| - [19/03/2019 06:45:16] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [24 Ko] - (63.1.0.0) - C:\WINDOWS\SysWOW64\icuin.dll [MD5.9D459E0C31117F3A841D2EA00F7BC99C] - |RA| - [19/03/2019 06:45:16] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [28.5 Ko] - (63.1.0.0) - C:\WINDOWS\SysWOW64\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\id-ID [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ig-NG [MD5.0838C5A83A31B78E9BA817C3DB17A91C] - |A| - [15/08/2010 18:40:20] - (.-.) - [193 Ko] - (3.24.15.3) - C:\WINDOWS\SysWOW64\ir32_32.sav [MD5.50CC4A65F784A51813A169EA33CF319A] - |A| - [09/08/2014 14:58:47] - (.Copyright © 2015 - Java(TM) Web Start Launcher.) - [272.09 Ko] - (11.65.2.17) - C:\WINDOWS\SysWOW64\javaws.exe [MD5.93EBB3F095CDDB19C0100455F17FC792] - |A| - [03/02/2010 15:15:02] - (.-.) - [3.36 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\jupdate-1.6.0_17-b04.log [MD5.23831F64F8BBEADE777B5581B911821B] - |A| - [20/04/2010 18:16:38] - (.-.) - [4.27 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\jupdate-1.6.0_20-b02.log [MD5.38CCE0C6CFD96D3D40419B37A06D1DAA] - |A| - [06/08/2010 15:06:47] - (.-.) - [5.05 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\jupdate-1.6.0_21-b07.log [MD5.CE56501FBB659E632CE1099514302547] - |A| - [12/11/2010 22:56:17] - (.-.) - [3.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\jupdate-1.6.0_22-b04.log [MD5.B0ABAA92001E543354EC64CB9C1A3883] - |A| - [02/01/2011 20:08:44] - (.-.) - [3.52 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\jupdate-1.6.0_23-b05.log [MD5.B07EDDE1CF7B6BDF8184144FDA8F4035] - |A| - [18/02/2011 22:50:02] - (.-.) - [3.11 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\jupdate-1.6.0_24-b07.log [MD5.6610475FBCFB94F70D0BB9D6027A99E0] - |A| - [06/07/2011 17:41:33] - (.-.) - [3.66 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\jupdate-1.6.0_26-b03.log [MD5.68C5D5C5DC0C30CCEEB3E6CA02519143] - |A| - [24/10/2011 10:14:43] - (.-.) - [2.99 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\jupdate-1.6.0_29-b11.log [MD5.906D2362553419A0A2FE1E80C122917C] - |A| - [17/01/2013 00:17:04] - (.-.) - [4.44 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\jupdate-1.7.0_11-b21.log [MD5.43E1DADA8C90A43B44B4EC978596709A] - |A| - [20/04/2013 11:32:03] - (.-.) - [3.92 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\jupdate-1.7.0_21-b11.log [MD5.E735AC0DF69AE9C492231B9FA9A2965A] - |A| - [19/10/2013 17:59:08] - (.-.) - [4.16 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\jupdate-1.7.0_45-b18.log [MD5.7346107BE6626E2FA873479E3755881C] - |A| - [21/01/2014 18:44:24] - (.-.) - [5.19 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\jupdate-1.7.0_51-b13.log [MD5.D815E312E8273BA7E8133CA27D36E957] - |A| - [20/04/2014 15:05:04] - (.-.) - [4.14 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\jupdate-1.7.0_55-b14.log [MD5.480D809600C2B77110F1F14699A4FD6B] - |A| - [09/08/2014 14:58:26] - (.-.) - [4.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\jupdate-1.7.0_67-b01.log [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ka-GE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\kk-KZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\km-KH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\kn-IN [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [154.5 Ko] - C:\WINDOWS\SysWOW64\ko-KR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\kok-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ku-Arab-IQ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ky-KG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\lb-LU [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [625.17 Ko] - C:\WINDOWS\SysWOW64\Licenses [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\lo-LA [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\LogFiles [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [145.5 Ko] - C:\WINDOWS\SysWOW64\lt-LT [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [142 Ko] - C:\WINDOWS\SysWOW64\lv-LV [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [50783.03 Ko] - C:\WINDOWS\SysWOW64\Macromed [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:03:17] - [32.68 Ko] - C:\WINDOWS\SysWOW64\MailContactsCalendarSync [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\WINDOWS\SysWOW64\manifeststore [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\mi-NZ [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [3617.83 Ko] - C:\WINDOWS\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [812.8 Ko] - C:\WINDOWS\SysWOW64\migwiz [MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [19/03/2019 06:46:21] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\MixedRealityRuntime.json [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\mk-MK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ml-IN [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [19/03/2019 06:49:45] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\mmc.exe.config [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\mn-MN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\mr-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ms-MY [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [45.5 Ko] - C:\WINDOWS\SysWOW64\MSDRM [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [52.28 Ko] - C:\WINDOWS\SysWOW64\Msdtc [MD5.18403DE4979A328F21279DECB2E4298F] - |A| - [19/03/2019 06:46:15] - (.-.) - [3.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\msmqpub.mof [MD5.E0640DE5407EEE4C6E16D839243B71F9] - |A| - [19/03/2019 07:00:58] - (.-.) - [8.88 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\msmqtrc.mof [MD5.3ED9AC3EE11EE2C16E2E41F0DC4BAD42] - |A| - [19/03/2019 06:46:15] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\msmqtrcRemove.mof [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\mt-MT [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [30.3 Ko] - C:\WINDOWS\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [205.5 Ko] - C:\WINDOWS\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ne-NP [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [51 Ko] - C:\WINDOWS\SysWOW64\networklist [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [215.5 Ko] - C:\WINDOWS\SysWOW64\nl-NL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\nn-NO [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\nso-ZA [MD5.00000000000000000000000000000000] - |SD| - [19/03/2019 06:52:46] - [3781.5 Ko] - C:\WINDOWS\SysWOW64\Nui [MD5.B3B9C8925432FDA674ACCA908FE3CFDE] - |A| - [19/03/2019 07:00:31] - (.-.) - [36.79 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\OneDrive.ico [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [758.52 Ko] - C:\WINDOWS\SysWOW64\oobe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\or-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\pa-IN [MD5.B24314E9DD2279255DA482A057E4D47C] - |A| - [26/06/2017 21:01:55] - (.-.) - [1909.07 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [216.5 Ko] - C:\WINDOWS\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:28] - [1375.31 Ko] - C:\WINDOWS\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\prs-AF [MD5.8FDA02E3E944E203E118F3DABA7C026D] - |A| - [05/06/2007 13:20:30] - (.© 2000-2005 Protexis Inc. - nTitles PSIKey.) - [1425.54 Ko] - (2.0.0.1) - C:\WINDOWS\SysWOW64\PSIKey.dll [MD5.F115AF58ABE5605D7D709CBFBD83F418] - |A| - [05/06/2007 13:20:32] - (.© 2000-2005 Protexis Inc. - nTitles PSIService.) - [173.54 Ko] - (2.0.0.1) - C:\WINDOWS\SysWOW64\PSIService.exe [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [214.5 Ko] - C:\WINDOWS\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [215.5 Ko] - C:\WINDOWS\SysWOW64\pt-PT [MD5.F318E151801F7EB505894718E03BC438] - |A| - [20/03/2010 16:56:53] - (.-.) - [5.54 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\quartz.vxd [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\quc-Latn-GT [MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [19/03/2019 06:46:09] - (.-.) - [19.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\srms-apr.dat [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\sru [MD5.EC1C75518F1AFF370C27B0EB8B09E932] - |A| - [19/03/2019 06:45:07] - (.-.) - [323 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [207.5 Ko] - C:\WINDOWS\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\sw-KE [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:28] - [0 Ko] - C:\WINDOWS\SysWOW64\sysprep [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ta-IN [MD5.A3487FD8447683A4F74645C99E7CB255] - |A| - [19/03/2019 06:45:59] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [42.5 Ko] - (3.3.2.0) - C:\WINDOWS\SysWOW64\tar.exe [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [0 Ko] - C:\WINDOWS\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\te-IN [MD5.21C60C44D0511D809DD8A381C4CE4E4D] - |A| - [02/10/2019 17:21:39] - (.-.) - [1075.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\tg-Cyrl-TJ [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [129 Ko] - C:\WINDOWS\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ti-ET [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\tk-TM [MD5.01E96A85B337B702AE2BC7F838AE7B65] - |A| - [19/03/2019 06:46:31] - (.-.) - [3.34 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\UevCustomActionTypes.tlb [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ug-CN [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [145 Ko] - C:\WINDOWS\SysWOW64\uk-UA [MD5.6C0B99BB629982510C1DA46E47AE6F6D] - |A| - [19/03/2019 06:45:16] - (.-.) - [45.56 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\umpdc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ur-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\uz-Latn-UZ [MD5.CC7C694B2BD1510C5AAE7374A5B52B92] - |A| - [03/02/1999 08:45:42] - (.-.) - [26.46 Ko] - (2.0.0.5215) - C:\WINDOWS\SysWOW64\VBAFR32.OLB [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\vi-VN [MD5.550BA20DF6C08E628CA9ABD0F6E917B8] - |A| - [20/03/2010 16:56:53] - (.-.) - [10 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vidx16.dll [MD5.4D6F38D3CDA2D0BA502BC1C499A622CF] - |A| - [26/09/2010 16:38:04] - (.Copyright © 2000-3 ON2 Technologies - VP6 VIDEO FOR WINDOWS CODEC.) - [432 Ko] - (6.0.6.4) - C:\WINDOWS\SysWOW64\vp6vfw.dll [MD5.2623C7D8F70C372504980A4D386FBA4E] - |A| - [16/03/2016 23:30:22] - (.-.) - [125.77 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkan-1-1-0-5-1.dll [MD5.3140C410C9D67F9BDF19C82A65ACD7DF] - |A| - [20/06/2018 21:58:08] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [814.3 Ko] - (1.1.77.0) - C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll [MD5.3140C410C9D67F9BDF19C82A65ACD7DF] - |A| - [20/06/2018 21:58:08] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [814.3 Ko] - (1.1.77.0) - C:\WINDOWS\SysWOW64\vulkan-1.dll [MD5.73C1487067DFC42F7BBC83E9B78E2462] - |A| - [16/03/2016 23:29:38] - (.-.) - [40.77 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-5-1.exe [MD5.B147E64F63584C2FF33E0BC8CDB64895] - |A| - [20/06/2018 21:58:22] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [226.8 Ko] - (1.1.77.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe [MD5.B147E64F63584C2FF33E0BC8CDB64895] - |A| - [20/06/2018 21:58:22] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [226.8 Ko] - (1.1.77.0) - C:\WINDOWS\SysWOW64\vulkaninfo.exe [MD5.07E49665BEC7CE85C222F6BCD903EE2C] - |A| - [21/01/2015 06:21:00] - (.Copyright (C) 2002-2015 by WIBU-SYSTEMS AG - CodeMeter Library.) - [697.85 Ko] - (5.21.1478.500) - C:\WINDOWS\SysWOW64\WibuCm32.dll [MD5.EC652C00FC5F00CDF57BB314CCF0DA86] - |A| - [21/01/2015 06:21:00] - (.Copyright (C) 2002-2015 by WIBU-SYSTEMS AG - CodeMeter Library, ±¾µØ»¯/ÖÐÎÄ£¨¼òÌ壩.) - [20.5 Ko] - (5.21.1478.500) - C:\WINDOWS\SysWOW64\WibuCm32.lcn [MD5.6FA2E851CB59D23A6FA15E1E3AC50802] - |A| - [21/01/2015 06:21:00] - (.Copyright © 2002-2015 bei WIBU-SYSTEMS AG - CodeMeter Library, Sprachmodul/Deutsch.) - [46 Ko] - (5.21.1478.500) - C:\WINDOWS\SysWOW64\WibuCm32.lde [MD5.DF12C677A46A501A771A56CA458B3EE4] - |A| - [21/01/2015 06:21:00] - (.Patentado © 2002-2015 por WIBU-SYSTEMS AG - CodeMeter Library.) - [45 Ko] - (5.21.1478.500) - C:\WINDOWS\SysWOW64\WibuCm32.les [MD5.601BCAF8D869472B064DF2700058E632] - |A| - [21/01/2015 06:21:00] - (.Copyright © 2002-2015 WIBU-SYSTEMS AG - CodeMeter Library, Langue/Français.) - [44 Ko] - (5.21.1478.500) - C:\WINDOWS\SysWOW64\WibuCm32.lfr [MD5.1BC2A0DF0C790532E3011EAA517C2219] - |A| - [21/01/2015 06:21:00] - (.Copyright © 2002-2015 da WIBU-SYSTEMS AG - CodeMeter Library, Localizzazione/Italiano.) - [41 Ko] - (5.21.1478.500) - C:\WINDOWS\SysWOW64\WibuCm32.lit [MD5.405C72225A55EC07EF1B4719D872CD6D] - |A| - [21/01/2015 06:21:00] - (.Copyright ? 2002-2015 by WIBU-SYSTEMS AG - CodeMeter Library, ƒ[ƒJƒ‰ƒCƒ[ƒCƒVƒ‡ƒ“/“ú–{Œê.) - [27 Ko] - (5.21.1478.500) - C:\WINDOWS\SysWOW64\WibuCm32.ljp [MD5.272D7F191BC04E9010074B21A23DDCBD] - |A| - [21/01/2015 06:21:00] - (.-.) - [40 Ko] - (5.21.1478.500) - C:\WINDOWS\SysWOW64\WibuCm32.lru [MD5.4A4E29D910DB3C9276BAA158A9E0D29B] - |A| - [21/01/2015 06:21:00] - (.Copyright (C) 2004-2015 by WIBU-SYSTEMS AG - CodeMeter Java Calling Driver.) - [176.88 Ko] - (5.21.1478.500) - C:\WINDOWS\SysWOW64\wibucmJNI.dll [MD5.7F86A6F8027E2F11DFDEA703D61CE9E5] - |A| - [28/03/2010 15:28:30] - (.Copyright (C) 2002-06 by WIBU-SYSTEMS AG - WIBU-KEY Java Native Interface Library.) - [468 Ko] - (5.20.36.500) - C:\WINDOWS\SysWOW64\wibuKJni.dll [MD5.C9D71B140B8604DB8152833A9BF4EB0B] - |A| - [21/01/2015 06:21:00] - (.Copyright (C) 2005-2015 by WIBU-SYSTEMS AG - WIBU AxProtector Java.) - [1011.36 Ko] - (9.11.1478.500) - C:\WINDOWS\SysWOW64\WibuXpm4J32.dll [MD5.69E4DB68C3968DF92346FDF8477A3D1B] - |A| - [19/03/2019 06:45:13] - (.-.) - [104.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [11502.2 Ko] - C:\WINDOWS\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 14:01:28] - [293.35 Ko] - C:\WINDOWS\SysWOW64\winrm [MD5.9F5F81509E8B689C034698FC5ADE7B57] - |A| - [28/03/2010 15:28:30] - (.Copyright (C) 2004-06 by WIBU-SYSTEMS AG - WIBU-SYSTEMS Standard Technology.) - [340 Ko] - (5.20.23.500) - C:\WINDOWS\SysWOW64\WkExt32.dll [MD5.CB0459CB74C337250F2E18E6FAE99365] - |A| - [28/03/2010 15:28:22] - (.Copyright © 1993-2006 by WIBU-SYSTEMS AG - WIBU-KEY Calling Driver.) - [156 Ko] - (5.20.0.500) - C:\WINDOWS\SysWOW64\WkWin32.dll [MD5.1D98A8547BBCA9807117E68285B68010] - |A| - [28/03/2010 15:28:30] - (.Copyright © 1993-2006 WIBU-SYSTEMS AG - Pilote d'appel WIBU-KEY, Langue/Français.) - [21.5 Ko] - (5.20.0.500) - C:\WINDOWS\SysWOW64\WkWin32.lfr [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\wo-SN [MD5.246C62BF8A69AF9A9D1783F4548652BF] - |A| - [19/03/2019 06:45:13] - (.-.) - [62.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\xh-ZA [MD5.00000000000000000000000000000000] - |D| - [02/10/2019 17:05:30] - [19.8 Ko] - C:\WINDOWS\SysWOW64\XPSViewer [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\yo-NG [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [135.5 Ko] - C:\WINDOWS\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 13:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\zh-HK [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:46] - [136 Ko] - C:\WINDOWS\SysWOW64\zh-TW [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\zu-ZA ---------- | [.oracle_jre_usage] [21/10/2016 21:43:14] - |A| - [57] - C:\Users\nadia_booasp5\.oracle_jre_usage\cce3fe3b0d8d8002.timestamp ---------- | [3D Objects] [05/10/2019 09:20:50] - |ASH| - [298] - C:\Users\nadia_booasp5\3D Objects\desktop.ini ---------- | [AppData] [02/10/2019 17:55:14] - |D| - [732469775] - C:\Users\nadia_booasp5\AppData\Local [02/10/2016 20:53:00] - |D| - [93570] - C:\Users\nadia_booasp5\AppData\LocalLow [02/10/2019 17:55:14] - |D| - [26326462] - C:\Users\nadia_booasp5\AppData\Roaming ---------- | [Application Data] ---------- | [Contacts] [02/10/2016 20:53:04] - |ASH| - [412] - C:\Users\nadia_booasp5\Contacts\desktop.ini ---------- | [Cookies] ---------- | [Desktop] [05/10/2019 09:24:16] - |D| - [71588036] - C:\Users\nadia_booasp5\Desktop\Anciennes données de Firefox [02/10/2016 20:53:03] - |ASH| - [282] - C:\Users\nadia_booasp5\Desktop\desktop.ini [05/10/2019 09:22:36] - |A| - [1450] - C:\Users\nadia_booasp5\Desktop\Microsoft Edge.lnk [17/10/2019 22:30:42] - |A| - [5181336] - C:\Users\nadia_booasp5\Desktop\QuickDiag.exe ---------- | [Documents] [02/10/2016 20:53:04] - |ASH| - [402] - C:\Users\nadia_booasp5\Documents\desktop.ini [02/10/2019 17:55:14] - |SHD| - [0] - C:\Users\nadia_booasp5\Documents\Ma musique [02/10/2019 17:55:14] - |SHD| - [0] - C:\Users\nadia_booasp5\Documents\Mes images [02/10/2019 17:55:14] - |SHD| - [0] - C:\Users\nadia_booasp5\Documents\Mes vidéos ---------- | [Downloads] [02/10/2016 20:53:04] - |ASH| - [282] - C:\Users\nadia_booasp5\Downloads\desktop.ini ---------- | [Favorites] [02/10/2016 21:02:39] - |D| - [1716] - C:\Users\nadia_booasp5\Favorites\Architecture [02/10/2016 21:02:39] - |D| - [0] - C:\Users\nadia_booasp5\Favorites\Autodesk [02/10/2016 12:13:11] - |A| - [208] - C:\Users\nadia_booasp5\Favorites\Bing.url [02/10/2016 21:02:39] - |D| - [1043] - C:\Users\nadia_booasp5\Favorites\Bonnes images [02/10/2016 20:53:04] - |ASH| - [402] - C:\Users\nadia_booasp5\Favorites\desktop.ini [02/10/2016 21:02:39] - |D| - [3087] - C:\Users\nadia_booasp5\Favorites\Ecole TIP [02/10/2016 21:02:39] - |D| - [267] - C:\Users\nadia_booasp5\Favorites\HP [02/10/2016 21:02:39] - |D| - [6379] - C:\Users\nadia_booasp5\Favorites\Liens [02/10/2016 20:53:03] - |RD| - [1341] - C:\Users\nadia_booasp5\Favorites\Links [02/10/2016 21:02:39] - |D| - [7139] - C:\Users\nadia_booasp5\Favorites\Manga [02/10/2016 21:02:39] - |D| - [842] - C:\Users\nadia_booasp5\Favorites\Musique [05/10/2012 17:56:19] - |A| - [363] - C:\Users\nadia_booasp5\Favorites\Outlook Web App.url [04/11/2011 22:25:01] - |A| - [329] - C:\Users\nadia_booasp5\Favorites\Scandale puces graphiques NVIDIA 8400M et 8600M Facebook.url [02/10/2016 21:02:38] - |D| - [267] - C:\Users\nadia_booasp5\Favorites\Sites Web Microsoft ---------- | [Links] [02/10/2016 20:53:04] - |SH| - [504] - C:\Users\nadia_booasp5\Links\desktop.ini [02/10/2016 20:53:04] - |A| - [556] - C:\Users\nadia_booasp5\Links\Desktop.lnk [02/10/2016 20:53:04] - |A| - [1029] - C:\Users\nadia_booasp5\Links\Downloads.lnk ---------- | [Local Settings] ---------- | [Menu Démarrer] ---------- | [Mes documents] ---------- | [MicrosoftEdgeBackups] [05/10/2019 09:21:56] - |D| - [4731907] - C:\Users\nadia_booasp5\MicrosoftEdgeBackups\backups ---------- | [Modèles] ---------- | [Music] [02/10/2016 20:53:04] - |ASH| - [504] - C:\Users\nadia_booasp5\Music\desktop.ini ---------- | [OneDrive] [05/10/2019 09:24:35] - |ASH| - [63] - C:\Users\nadia_booasp5\OneDrive\.849C9593-D756-4E56-8D6E-42412F2A707B [05/10/2019 09:23:52] - |D| - [0] - C:\Users\nadia_booasp5\OneDrive\Attachments [02/10/2016 20:55:12] - |D| - [0] - C:\Users\nadia_booasp5\OneDrive\AvastCleanup [11/10/2019 22:24:07] - |A| - [1180] - C:\Users\nadia_booasp5\OneDrive\Coffre-fort.lnk [02/10/2016 20:54:16] - |SH| - [104] - C:\Users\nadia_booasp5\OneDrive\desktop.ini [02/10/2016 20:55:12] - |D| - [65875313] - C:\Users\nadia_booasp5\OneDrive\Documents [02/10/2016 20:55:12] - |D| - [66630434] - C:\Users\nadia_booasp5\OneDrive\Hepia [02/10/2016 20:55:12] - |D| - [270008309] - C:\Users\nadia_booasp5\OneDrive\Images [02/10/2016 20:55:12] - |D| - [11398105] - C:\Users\nadia_booasp5\OneDrive\Lili - photos [02/10/2016 20:55:11] - |D| - [0] - C:\Users\nadia_booasp5\OneDrive\Musique [02/10/2016 20:55:12] - |D| - [780288] - C:\Users\nadia_booasp5\OneDrive\TIP et votre avis [02/10/2016 20:59:14] - |A| - [934165] - C:\Users\nadia_booasp5\OneDrive\VID-20140420-WA0000.mp4 [02/10/2016 20:59:12] - |A| - [30366292] - C:\Users\nadia_booasp5\OneDrive\Video.mp4 ---------- | [Pictures] [02/10/2016 20:53:53] - |RD| - [190] - C:\Users\nadia_booasp5\Pictures\Camera Roll [02/10/2016 20:53:03] - |ASH| - [504] - C:\Users\nadia_booasp5\Pictures\desktop.ini [02/10/2016 20:53:55] - |RD| - [190] - C:\Users\nadia_booasp5\Pictures\Saved Pictures ---------- | [Recent] ---------- | [Saved Games] [02/10/2016 20:53:04] - |ASH| - [282] - C:\Users\nadia_booasp5\Saved Games\desktop.ini ---------- | [Searches] [02/10/2016 20:53:04] - |ASH| - [524] - C:\Users\nadia_booasp5\Searches\desktop.ini [02/10/2016 20:53:04] - |RAH| - [248] - C:\Users\nadia_booasp5\Searches\Everywhere.search-ms [02/10/2016 20:53:04] - |RAH| - [248] - C:\Users\nadia_booasp5\Searches\Indexed Locations.search-ms [02/10/2016 20:53:57] - |A| - [855] - C:\Users\nadia_booasp5\Searches\winrt--{S-1-5-21-922658149-1620859959-2037323602-1011}-.searchconnector-ms ---------- | [SendTo] ---------- | [Videos] [02/10/2016 20:53:03] - |ASH| - [504] - C:\Users\nadia_booasp5\Videos\desktop.ini ---------- | [Voisinage d'impression] ---------- | [Voisinage réseau] ---------- | C:\ProgramData [06/06/2013 17:22:12] - |D| - [368] - C:\ProgramData\Abvent [02/02/2010 20:38:48] - |D| - [770225826] - C:\ProgramData\Adobe [25/02/2016 11:41:02] - |D| - [0] - C:\ProgramData\ALM [28/03/2010 15:18:40] - |D| - [100063744] - C:\ProgramData\Apple [08/08/2015 15:23:28] - |D| - [28405760] - C:\ProgramData\Apple Computer [02/10/2019 18:12:57] - |SHD| - [0] - C:\ProgramData\Application Data [11/03/2013 12:14:40] - |AD| - [2751565] - C:\ProgramData\Autodesk [14/03/2012 22:04:45] - |SHD| - [0] - C:\ProgramData\Bureau [14/10/2019 21:56:46] - |AH| - [4] - C:\ProgramData\cm-lock [14/01/2016 20:17:56] - |D| - [0] - C:\ProgramData\CodeMeter [16/07/2016 13:47:48] - |D| - [0] - C:\ProgramData\Comms [26/10/2011 12:57:29] - |D| - [1368] - C:\ProgramData\DAEMON Tools Lite [01/03/2015 18:48:48] - |D| - [188327] - C:\ProgramData\DIAL GmbH [01/03/2015 19:23:19] - |D| - [155806317] - C:\ProgramData\DIALux [02/10/2019 18:12:57] - |SHD| - [0] - C:\ProgramData\Documents [13/06/2015 08:50:38] - |D| - [21206116] - C:\ProgramData\Dropbox [12/10/2018 10:30:24] - |D| - [2320] - C:\ProgramData\Etiam [14/03/2012 22:04:45] - |SHD| - [0] - C:\ProgramData\Favoris [16/04/2010 10:57:11] - |D| - [82455] - C:\ProgramData\FLEXnet [17/05/2010 18:56:19] - |D| - [0] - C:\ProgramData\Google [17/10/2011 20:18:52] - |D| - [10254827] - C:\ProgramData\hps [23/03/2013 23:10:33] - |D| - [5043144] - C:\ProgramData\InstallMate [03/02/2010 11:07:40] - |D| - [390] - C:\ProgramData\LightScribe [28/01/2010 19:41:49] - |D| - [23804268] - C:\ProgramData\LogiShrd [10/02/2013 20:02:44] - |D| - [343868] - C:\ProgramData\Logitech [16/11/2012 19:09:32] - |D| - [53352321] - C:\ProgramData\Malwarebytes [14/03/2012 22:04:45] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [19/03/2019 06:52:44] - |SD| - [1507228044] - C:\ProgramData\Microsoft [14/02/2010 18:11:23] - |D| - [15137402] - C:\ProgramData\Microsoft Games [03/02/2010 10:41:08] - |D| - [81668] - C:\ProgramData\Microsoft Help [03/10/2019 08:52:20] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [10/06/2012 15:25:12] - |A| - [312] - C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [14/03/2012 22:04:45] - |SHD| - [0] - C:\ProgramData\Modèles [28/04/2012 11:56:58] - |D| - [59503] - C:\ProgramData\Mozilla [03/02/2010 11:00:34] - |D| - [3313199] - C:\ProgramData\Nero [26/05/2015 17:17:17] - |D| - [6813] - C:\ProgramData\Norton [28/03/2010 17:23:32] - |D| - [0] - C:\ProgramData\NOS [26/06/2017 21:01:25] - |D| - [3021897] - C:\ProgramData\NVIDIA [26/06/2017 21:01:16] - |D| - [38033690] - C:\ProgramData\NVIDIA Corporation [27/09/2013 20:38:19] - |D| - [1370175] - C:\ProgramData\Oracle [01/03/2015 18:49:14] - |D| - [28154726] - C:\ProgramData\Package Cache [10/07/2018 20:32:11] - |D| - [393216] - C:\ProgramData\Packages [02/02/2010 18:09:36] - |D| - [34223152] - C:\ProgramData\Pure Networks [21/03/2012 22:51:00] - |D| - [6836] - C:\ProgramData\regid.1986-12.com.adobe [19/03/2019 06:52:44] - |D| - [993] - C:\ProgramData\regid.1991-06.com.microsoft [22/05/2015 15:17:29] - |AD| - [207] - C:\ProgramData\Reprise [22/05/2015 15:17:08] - |D| - [2339] - C:\ProgramData\SketchUp [21/12/2012 23:45:00] - |D| - [82358272] - C:\ProgramData\Skype [23/03/2013 23:11:11] - |D| - [0] - C:\ProgramData\SoftSafe [19/03/2019 06:52:44] - |D| - [0] - C:\ProgramData\SoftwareDistribution [17/10/2011 20:18:52] - |D| - [1071036] - C:\ProgramData\tmp [19/03/2019 06:52:44] - |D| - [7979] - C:\ProgramData\USOPrivate [02/10/2019 17:49:25] - |D| - [4694016] - C:\ProgramData\USOShared [09/03/2014 18:48:10] - |D| - [10285719] - C:\ProgramData\Wacom [19/03/2019 14:04:01] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [19/03/2019 06:49:34] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [14/03/2012 22:04:45] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [19/03/2019 06:52:44] - |RD| - [588344] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [21/09/2014 14:04:26] - |A| - [949] - C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [19/03/2019 06:52:44] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [19/03/2019 06:52:44] - |RD| - [20318] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [13/04/2017 21:14:28] - |A| - [2457] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [22/10/2015 17:19:52] - |A| - [2457] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [19/03/2019 06:52:44] - |RD| - [25478] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [25/02/2016 11:40:15] - |A| - [2465] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk [25/02/2016 11:40:15] - |A| - [2453] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk [21/10/2015 14:21:01] - |A| - [997] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [25/02/2016 11:40:15] - |D| - [2182] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2 [25/02/2016 11:34:32] - |D| - [10004] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6 [06/10/2012 09:44:35] - |A| - [2519] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [09/04/2016 12:31:06] - |D| - [7837] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Artlantis Studio 6 [11/03/2013 12:17:55] - |D| - [16907] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk [09/03/2014 18:48:10] - |D| - [2022] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo Dock [21/11/2010 18:47:22] - |D| - [1186] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [06/10/2012 09:45:20] - |D| - [9968] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter [19/03/2019 06:49:34] - |ASH| - [400] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [01/03/2015 18:50:16] - |D| - [9415] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DIALux [16/10/2019 20:47:59] - |D| - [1312] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox [25/02/2015 11:21:02] - |A| - [2008] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnerCAD 2013.lnk [28/09/2014 20:35:08] - |D| - [6881] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow x64 [29/04/2011 16:55:38] - |A| - [1150] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk [14/07/2009 07:32:38] - |RD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [19/03/2019 21:48:16] - |A| - [2253] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk [30/05/2013 10:56:02] - |D| - [2043] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 8 [05/06/2010 18:42:30] - |D| - [16231] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graphisoft [19/03/2019 06:46:39] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [03/02/2010 11:13:07] - |D| - [13152] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack x64 [04/05/2010 23:40:35] - |RD| - [9260] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling [12/02/2013 19:30:01] - |D| - [4175] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [19/03/2019 06:52:44] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [11/09/2014 14:11:08] - |D| - [3724] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [22/01/2012 19:33:29] - |D| - [14290] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games [21/11/2010 18:55:19] - |D| - [32320] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [12/05/2012 00:36:28] - |D| - [2338] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [24/08/2014 09:37:48] - |D| - [2249] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Migros Photo Service [16/06/2012 19:33:37] - |D| - [3263] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movies2iPhone [28/01/2010 18:39:52] - |D| - [2549] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NEC Electronics [28/03/2010 16:43:51] - |D| - [277771] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [02/02/2010 21:46:48] - |D| - [9000] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [24/10/2013 16:09:50] - |D| - [3665] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect [24/10/2013 16:09:39] - |D| - [10780] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator [08/08/2015 15:23:36] - |D| - [6698] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [25/08/2010 08:31:30] - |D| - [3652] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva [30/10/2014 21:33:27] - |D| - [2137] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [19/03/2019 06:52:44] - |RD| - [3535] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [19/03/2019 06:52:44] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [20/08/2012 19:59:38] - |D| - [6750] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [09/03/2014 18:34:34] - |RD| - [4037] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom [28/03/2010 15:28:32] - |D| - [4613] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIBU-KEY [03/02/2010 12:17:13] - |RD| - [4687] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [31/10/2010 14:39:02] - |A| - [1478] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [31/10/2010 14:39:20] - |A| - [1305] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk [31/10/2010 14:39:13] - |A| - [1374] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk [28/03/2010 13:10:02] - |D| - [3008] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/01/2016 20:18:00] - |A| - [2207] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [19/03/2019 06:49:34] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [28/03/2010 15:28:33] - |A| - [1154] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Serveur réseau.lnk ---------- | C:\Program Files (x86) [02/02/2010 20:38:45] - |AD| - [2497392633] - C:\Program Files (x86)\Adobe [06/10/2012 09:44:34] - |AD| - [2428606] - C:\Program Files (x86)\Apple Software Update [11/03/2013 12:16:34] - |D| - [102373958] - C:\Program Files (x86)\Autodesk [09/03/2014 18:47:55] - |AD| - [14746922] - C:\Program Files (x86)\Bamboo Dock [01/06/2015 12:27:05] - |D| - [4399079] - C:\Program Files (x86)\Blocon [03/02/2010 15:36:41] - |AD| - [50783364] - C:\Program Files (x86)\CCleaner [06/10/2012 09:45:20] - |AD| - [35118309] - C:\Program Files (x86)\CodeMeter [19/03/2019 06:52:44] - |D| - [1714916130] - C:\Program Files (x86)\Common Files [19/03/2019 06:49:34] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [01/03/2015 18:50:22] - |D| - [8489053] - C:\Program Files (x86)\DIAL GmbH [01/03/2015 19:23:15] - |AD| - [437683238] - C:\Program Files (x86)\DIALux [20/03/2010 16:56:55] - |D| - [0] - C:\Program Files (x86)\directx [04/07/2016 15:30:05] - |D| - [356852012] - C:\Program Files (x86)\Dropbox [25/02/2015 11:20:44] - |D| - [88952586] - C:\Program Files (x86)\enercad2013 [25/01/2016 18:17:20] - |D| - [158352] - C:\Program Files (x86)\GIGABYTE [03/02/2010 14:40:23] - |D| - [86305340] - C:\Program Files (x86)\Google [06/10/2012 09:45:36] - |D| - [40644559] - C:\Program Files (x86)\GRAPHISOFT [28/01/2010 18:40:01] - |HD| - [9665363] - C:\Program Files (x86)\InstallShield Installation Information [19/03/2019 06:52:44] - |D| - [3396547] - C:\Program Files (x86)\Internet Explorer [11/09/2014 14:11:02] - |AD| - [60287500] - C:\Program Files (x86)\Malwarebytes Anti-Malware [16/11/2012 19:09:30] - |D| - [0] - C:\Program Files (x86)\Malwarebytes' Anti-Malware [02/02/2010 19:37:41] - |D| - [0] - C:\Program Files (x86)\Microsoft Antimalware [25/01/2016 18:02:23] - |D| - [1670519] - C:\Program Files (x86)\Microsoft ASP.NET [28/08/2012 15:31:49] - |D| - [685906258] - C:\Program Files (x86)\Microsoft Games [21/11/2010 18:52:41] - |AD| - [604887818] - C:\Program Files (x86)\Microsoft Office [09/01/2016 15:10:05] - |D| - [8067784] - C:\Program Files (x86)\Microsoft OneDrive [12/05/2012 00:35:45] - |D| - [42894550] - C:\Program Files (x86)\Microsoft Silverlight [03/02/2010 10:43:51] - |AD| - [1829877] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [21/11/2010 18:54:36] - |D| - [14904] - C:\Program Files (x86)\Microsoft Visual Studio [21/11/2010 18:52:59] - |AD| - [1387249] - C:\Program Files (x86)\Microsoft Visual Studio 8 [21/11/2010 18:54:43] - |D| - [3726168] - C:\Program Files (x86)\Microsoft Works [19/03/2019 06:52:44] - |D| - [8175999] - C:\Program Files (x86)\Microsoft.NET [28/03/2013 19:49:25] - |D| - [0] - C:\Program Files (x86)\Migros [16/06/2012 19:33:33] - |D| - [12000721] - C:\Program Files (x86)\Movies2iPhone [11/10/2019 21:14:05] - |D| - [201755135] - C:\Program Files (x86)\Mozilla Firefox [28/04/2012 11:56:57] - |D| - [396254] - C:\Program Files (x86)\Mozilla Maintenance Service [02/10/2019 17:05:29] - |D| - [26521] - C:\Program Files (x86)\MSBuild [03/02/2010 11:59:17] - |D| - [0] - C:\Program Files (x86)\MSXML 4.0 [28/01/2010 18:39:52] - |D| - [971681] - C:\Program Files (x86)\NEC Electronics [28/03/2010 16:43:50] - |AD| - [1383687309] - C:\Program Files (x86)\Nero [26/06/2017 21:01:07] - |D| - [261500432] - C:\Program Files (x86)\NVIDIA Corporation [24/10/2013 16:09:47] - |AD| - [193644015] - C:\Program Files (x86)\PDF Architect [24/10/2013 16:09:35] - |D| - [24847515] - C:\Program Files (x86)\PDFCreator [08/08/2015 15:23:28] - |AD| - [73564567] - C:\Program Files (x86)\QuickTime [02/10/2019 17:05:29] - |D| - [40041217] - C:\Program Files (x86)\Reference Assemblies [30/10/2014 21:33:26] - |RD| - [47632438] - C:\Program Files (x86)\Skype [26/10/2011 13:43:32] - |D| - [0] - C:\Program Files (x86)\Smith Micro [28/10/2010 17:17:27] - |D| - [57983527] - C:\Program Files (x86)\Tablet [28/10/2010 17:18:32] - |D| - [2843601] - C:\Program Files (x86)\TabletPlugins [26/06/2017 21:01:21] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [21/09/2014 14:04:16] - |AD| - [399224] - C:\Program Files (x86)\uTorrent [20/08/2012 19:59:28] - |D| - [96620555] - C:\Program Files (x86)\VideoLAN [02/04/2016 16:35:42] - |D| - [612756] - C:\Program Files (x86)\VulkanRT [28/03/2010 15:28:09] - |D| - [0] - C:\Program Files (x86)\WIBU-SYSTEMS [28/03/2010 15:28:09] - |AD| - [11815280] - C:\Program Files (x86)\WIBUKEY [19/03/2019 06:52:44] - |D| - [1828368] - C:\Program Files (x86)\Windows Defender [03/02/2010 12:17:02] - |AD| - [153091095] - C:\Program Files (x86)\Windows Live [19/03/2019 06:52:44] - |D| - [625664] - C:\Program Files (x86)\Windows Mail [19/03/2019 14:04:01] - |D| - [4457597] - C:\Program Files (x86)\Windows Media Player [19/03/2019 14:04:01] - |D| - [39720] - C:\Program Files (x86)\Windows Multimedia Platform [19/03/2019 06:52:44] - |D| - [7763800] - C:\Program Files (x86)\Windows NT [19/03/2019 14:04:01] - |D| - [5355464] - C:\Program Files (x86)\Windows Photo Viewer [19/03/2019 14:04:01] - |D| - [39720] - C:\Program Files (x86)\Windows Portable Devices [19/03/2019 06:52:44] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [19/03/2019 06:52:44] - |D| - [2481729] - C:\Program Files (x86)\WindowsPowerShell ---------- | C:\Program Files [20/01/2016 09:58:28] - |D| - [943953968] - C:\Program Files\Abvent [25/02/2016 11:34:28] - |D| - [1785206573] - C:\Program Files\Adobe [09/04/2016 12:29:23] - |D| - [382328054] - C:\Program Files\Artlantis Studio 6 [11/03/2013 12:17:01] - |D| - [1918614176] - C:\Program Files\Autodesk [14/01/2016 20:17:56] - |D| - [4019448] - C:\Program Files\CodeMeter [19/03/2019 06:52:43] - |D| - [818657877] - C:\Program Files\Common Files [19/03/2019 06:49:34] - |ASH| - [174] - C:\Program Files\desktop.ini [01/03/2015 18:49:50] - |D| - [2552864] - C:\Program Files\DIAL GmbH [14/07/2009 07:32:38] - |D| - [0] - C:\Program Files\DVD Maker [14/03/2012 22:04:45] - |SHD| - [0] - C:\Program Files\Fichiers communs [19/03/2019 21:48:12] - |D| - [219169767] - C:\Program Files\Google [05/06/2010 18:42:25] - |D| - [4007454206] - C:\Program Files\Graphisoft [20/07/2019 18:02:18] - |D| - [0] - C:\Program Files\InterActual [19/03/2019 06:52:44] - |D| - [3464310] - C:\Program Files\Internet Explorer [03/02/2010 11:13:02] - |AD| - [27975510] - C:\Program Files\KLCP64 [03/02/2010 15:23:35] - |D| - [62710383] - C:\Program Files\Logitech [14/03/2012 21:08:20] - |D| - [184] - C:\Program Files\Microsoft Games [21/11/2010 18:53:03] - |D| - [593814] - C:\Program Files\Microsoft Office [12/05/2012 00:35:45] - |AD| - [55728894] - C:\Program Files\Microsoft Silverlight [24/08/2014 09:33:24] - |D| - [293232165] - C:\Program Files\Migros [19/03/2019 06:52:44] - |D| - [0] - C:\Program Files\ModifiableWindowsApps [02/10/2019 17:05:29] - |D| - [25757] - C:\Program Files\MSBuild [26/06/2017 21:01:07] - |D| - [1130902685] - C:\Program Files\NVIDIA Corporation [04/05/2010 23:22:42] - |AD| - [10928904] - C:\Program Files\Recuva [02/10/2019 17:05:29] - |D| - [39244969] - C:\Program Files\Reference Assemblies [18/11/2018 10:53:23] - |D| - [27210344] - C:\Program Files\rempl [09/03/2014 18:33:43] - |D| - [53005564] - C:\Program Files\Tablet [09/03/2014 18:34:34] - |D| - [2304004] - C:\Program Files\TabletPlugins [27/04/2016 07:45:00] - |HD| - [0] - C:\Program Files\Uninstall Information [15/06/2017 21:10:48] - |AD| - [26214400] - C:\Program Files\UNP [26/06/2017 21:00:55] - |D| - [2919632] - C:\Program Files\VIA [14/01/2016 20:17:59] - |D| - [2943680] - C:\Program Files\WIBU-SYSTEMS [19/03/2019 06:52:44] - |D| - [16281616] - C:\Program Files\Windows Defender [19/03/2019 14:04:01] - |D| - [16539936] - C:\Program Files\Windows Defender Advanced Threat Protection [31/10/2010 14:38:07] - |D| - [7755583] - C:\Program Files\Windows Live [19/03/2019 06:52:44] - |D| - [636416] - C:\Program Files\Windows Mail [19/03/2019 14:04:01] - |D| - [4903825] - C:\Program Files\Windows Media Player [19/03/2019 14:04:01] - |D| - [47720] - C:\Program Files\Windows Multimedia Platform [19/03/2019 06:52:44] - |D| - [8100184] - C:\Program Files\Windows NT [19/03/2019 14:04:01] - |D| - [6172824] - C:\Program Files\Windows Photo Viewer [19/03/2019 14:04:01] - |D| - [47720] - C:\Program Files\Windows Portable Devices [19/03/2019 06:52:44] - |D| - [110373] - C:\Program Files\Windows Security [19/03/2019 06:52:44] - |SHD| - [0] - C:\Program Files\Windows Sidebar [19/03/2019 06:52:44] - |HD| - [3667894506] - C:\Program Files\WindowsApps [19/03/2019 06:52:44] - |D| - [2844089] - C:\Program Files\WindowsPowerShell [28/03/2010 13:09:54] - |D| - [4523079] - C:\Program Files\WinRAR [28/10/2010 17:18:35] - |D| - [6017104] - C:\Program Files\WTouch ---------- | C:\Program Files (x86)\Common Files [07/10/2010 18:12:59] - |AD| - [739233882] - C:\Program Files (x86)\Common Files\Adobe [28/10/2010 17:29:22] - |AD| - [50373581] - C:\Program Files (x86)\Common Files\Adobe AIR [06/10/2012 09:44:39] - |D| - [66300846] - C:\Program Files (x86)\Common Files\Apple [11/03/2013 12:16:00] - |D| - [173425566] - C:\Program Files (x86)\Common Files\Autodesk Shared [12/06/2014 17:29:48] - |AD| - [99992] - C:\Program Files (x86)\Common Files\DESIGNER [01/03/2015 18:50:10] - |D| - [7371042] - C:\Program Files (x86)\Common Files\DIAL GmbH [01/03/2015 18:50:15] - |D| - [10393352] - C:\Program Files (x86)\Common Files\DIALux [28/03/2010 15:19:30] - |D| - [1127936] - C:\Program Files (x86)\Common Files\Graphisoft Shared [13/03/2010 13:22:52] - |D| - [3607436] - C:\Program Files (x86)\Common Files\InstallShield [04/05/2010 23:40:35] - |AD| - [33771286] - C:\Program Files (x86)\Common Files\LightScribe [03/02/2010 15:23:49] - |D| - [517484] - C:\Program Files (x86)\Common Files\LogiShrd [01/10/2011 19:15:26] - |D| - [867343] - C:\Program Files (x86)\Common Files\Macrovision Shared [19/03/2019 06:52:44] - |D| - [247227880] - C:\Program Files (x86)\Common Files\Microsoft Shared [03/02/2010 11:00:33] - |D| - [19958275] - C:\Program Files (x86)\Common Files\Nero [19/03/2019 06:52:44] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [30/10/2014 21:33:27] - |AD| - [2399872] - C:\Program Files (x86)\Common Files\Skype [02/10/2019 17:30:51] - |D| - [41095079] - C:\Program Files (x86)\Common Files\SpeechEngines [19/03/2019 06:52:44] - |D| - [47520605] - C:\Program Files (x86)\Common Files\System [03/02/2010 12:07:27] - |D| - [269621971] - C:\Program Files (x86)\Common Files\Windows Live ---------- | C:\Program Files\Common files [21/10/2015 14:17:47] - |D| - [586113351] - C:\Program Files\Common files\Adobe [11/03/2013 12:17:01] - |AD| - [123109579] - C:\Program Files\Common files\Autodesk Shared [28/01/2010 19:42:05] - |D| - [35746395] - C:\Program Files\Common files\Logishrd [16/04/2010 10:40:26] - |D| - [1432164] - C:\Program Files\Common files\Macrovision Shared [19/03/2019 06:52:43] - |D| - [60894571] - C:\Program Files\Common files\microsoft shared [19/03/2019 06:52:44] - |D| - [2702] - C:\Program Files\Common files\Services [02/10/2019 17:30:49] - |D| - [599040] - C:\Program Files\Common files\SpeechEngines [19/03/2019 06:52:44] - |D| - [10760075] - C:\Program Files\Common files\System ---------- | Tasks [MD5.A7C19E107BE45FA1E9E86D25F182C810] - [04/07/2016 15:30:07] - |A| - [1212] - C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job [MD5.9A2AED80CC689E336023680871890700] - [04/07/2016 15:30:07] - |A| - [1216] - C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job [MD5.87C4FC8D00C0EC7AEB0FA109CA39EE99] - [03/02/2010 14:40:24] - |A| - [1066] - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [MD5.08F83D85E380342C89EB37395B11F605] - [03/02/2010 14:40:25] - |A| - [1070] - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [02/10/2019 18:12:36] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.03218B198F7E6A70D610E3DDABCCDC1D] - [02/10/2019 18:12:36] - |A| - [4562] - C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.FFBA3F55CCC2ED64EE7AE7D6AEEEC706] - [02/10/2019 18:12:36] - |A| - [4760] - C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier : C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [MD5.328EF5421DE2C7188089245F911BBC33] - [02/10/2019 18:12:36] - |A| - [4050] - C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater : C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.00000000000000000000000000000000] - [02/10/2019 18:12:36] - |D| - [3536] - C:\WINDOWS\System32\Tasks\Apple [MD5.72EAFC49490B44DC62B5AFC5DC936E0D] - [02/10/2019 18:12:36] - |A| - [3948] - C:\WINDOWS\System32\Tasks\CCleaner Update : C:\Program Files (x86)\CCleaner\CCUpdate.exe [MD5.3F3A77246FAEB195F6C525A155A1E679] - [02/10/2019 18:12:36] - |A| - [2912] - C:\WINDOWS\System32\Tasks\CCleanerSkipUAC : "C:\Program Files (x86)\CCleaner\CCleaner.exe" [MD5.F17301F903E530539BBF920CA1BCC855] - [02/10/2019 18:12:36] - |A| - [3646] - C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask : C:\Windows\System32\browserchoice.exe [MD5.7839B8BC18F393F8A774205C4F333C6F] - [02/10/2019 18:12:36] - |A| - [3506] - C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore : C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [MD5.652F8343C1FDA711A3E4BB828A4B183C] - [02/10/2019 18:12:36] - |A| - [3730] - C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA : C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [MD5.2E45F07151563D65C89332E9B01F10EB] - [02/10/2019 18:12:36] - |A| - [3924] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.D22BB2EF6CED8817865F7F85002D8457] - [02/10/2019 18:12:36] - |A| - [3496] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d0e306f3ea8eea : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.1A1F95917356E0855727183C05973AC5] - [02/10/2019 18:12:36] - |A| - [4176] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.F8BD249D625A4622BA6792C09C7A4F18] - [02/10/2019 18:12:36] - |A| - [3620] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d0e306f45f3257 : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [02/10/2019 18:12:36] - |D| - [0] - C:\WINDOWS\System32\Tasks\Leader Technologies [MD5.00000000000000000000000000000000] - [19/03/2019 06:52:45] - |D| - [740890] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.429C5C6B78EE778511B44CD4E2325073] - [02/10/2019 18:12:36] - |A| - [3244] - C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe : C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [MD5.440F8A9227BEDC9038F3183BBF87AA00] - [02/10/2019 18:12:36] - |A| - [3242] - C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe : C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [MD5.72D5E52FB040444349AA670B68E60F98] - [02/10/2019 18:12:36] - |A| - [3270] - C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe : C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [MD5.013C670973630FDF150BA65DFCB4D3B1] - [02/10/2019 18:12:36] - |A| - [3130] - C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe : rundll32.exe [MD5.B0C290F6DB953417F0FBEA0C85C05BD5] - [02/10/2019 18:12:36] - |A| - [2822] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task : C:\Users\Nadia\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [MD5.D1B8D06871F1042457807D2401F809AB] - [05/10/2019 09:24:26] - |A| - [3390] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-922658149-1620859959-2037323602-1011 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.FF4194D3E5A35E6548CBCC7429C0E9D4] - [02/10/2019 18:12:36] - |A| - [3378] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-922658149-1620859959-2037323602-1019 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.F959BF36BFC623FF5200684C2F28CE2C] - [02/10/2019 18:12:36] - |A| - [3300] - C:\WINDOWS\System32\Tasks\SidebarExecute : C:\Program Files\Windows Sidebar\sidebar.exe [MD5.22BA017F5DFF38BF34D6894E4140420E] - [02/10/2019 18:12:36] - |A| - [4046] - C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1780C022-55FE-4AC1-91F0-36392F0AF14F} : C:\Windows\system32\msfeedssync.exe [MD5.00000000000000000000000000000000] - [02/10/2019 18:12:36] - |D| - [3848] - C:\WINDOWS\System32\Tasks\WPD [MD5.9F87865EB22EEBF79897E28AD7B9DAB2] - [02/10/2019 18:12:36] - |A| - [3102] - C:\WINDOWS\System32\Tasks\{0EFF2961-ECCE-49E4-9905-58D7F3F09623} : C:\Program Files (x86)\Zoo Tycoon 2\zt.exe [MD5.F5ECF07D33961E0DC0FE20A8B734FF13] - [02/10/2019 18:12:36] - |A| - [3184] - C:\WINDOWS\System32\Tasks\{3BC41033-8124-4D38-8FF0-694AC44C40E9} : C:\Windows\system32\pcalua.exe [MD5.D0C16647C141CE1141B220C9C61009BF] - [02/10/2019 18:12:36] - |A| - [3134] - C:\WINDOWS\System32\Tasks\{64C7CD91-A4CB-41B4-92F3-143DDEEFB25D} : C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe [MD5.2F2070C17FFE5B34C2FDA2DEB497D1CC] - [02/10/2019 18:12:36] - |A| - [3134] - C:\WINDOWS\System32\Tasks\{96A05229-4448-437B-8317-801E7730B23C} : C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe [MD5.158A8048125463FD059D445960016957] - [02/10/2019 18:12:36] - |A| - [3366] - C:\WINDOWS\System32\Tasks\{9D02678D-58AC-4738-AE98-5A9D4FD34FA1} : C:\Windows\system32\pcalua.exe [MD5.71808FA851E2B1782E0826D3DE2CFABC] - [02/10/2019 18:12:36] - |A| - [3134] - C:\WINDOWS\System32\Tasks\{B4612826-19BF-4393-960B-0C2CB3C00DA7} : C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe [MD5.385AAD9444970BEA849ADFD2F787C16E] - [02/10/2019 18:12:36] - |A| - [3212] - C:\WINDOWS\System32\Tasks\{C5252DE0-848F-4D55-B468-AA825D0040DD} : C:\Windows\system32\pcalua.exe [MD5.E66C1EB616A413DA795A3FA6D06EE77B] - [02/10/2019 18:12:36] - |A| - [3318] - C:\WINDOWS\System32\Tasks\{D607F1AE-40E3-4FC5-95BB-B2F4E7F28314} : C:\Windows\system32\pcalua.exe [MD5.84F403BAD74F9B9E1925BD5C2B6C9696] - [02/10/2019 18:12:36] - |A| - [3304] - C:\WINDOWS\System32\Tasks\{DE68EF1D-389E-4FEA-842A-CEC78F9A79DD} : C:\Windows\system32\pcalua.exe [MD5.6EB42D5120C49783EA74214022C68AD8] - [02/10/2019 18:12:36] - |A| - [3134] - C:\WINDOWS\System32\Tasks\{EDCD78D6-EC45-4016-BDD9-36B3C5ABFBEE} : C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe [MD5.FA5038544487203CAFB759ED1BB90DEA] - [02/10/2019 18:12:36] - |A| - [3102] - C:\WINDOWS\System32\Tasks\{FA18A97A-F112-4AC8-ABAE-2F57614B39F6} : C:\Program Files (x86)\Zoo Tycoon 2\zt.exe [MD5.D6E9CBBAD1CAC90A984D4794B7EC4353] - [02/10/2019 18:12:36] - |A| - [3102] - C:\WINDOWS\System32\Tasks\{FC77EA13-951F-4C85-AF22-1590EF4D3E1C} : C:\Program Files (x86)\Zoo Tycoon 2\zt.exe [MD5.00000000000000000000000000000000] - [19/03/2019 06:52:46] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "WiFiDirect-KM-Driver-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "DeliveryOptimization-TCP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "Netlogon-NamedPipe-In"=v2.30|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.30|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Infra-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "WCF-NetTcpActivator-In-TCP-64bit"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=808|App=%systemroot%\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll,-2000|Desc=@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll,-2001|EmbedCtxt=@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll,-2002| "{AF8BEF77-5A1F-465D-9EB0-6AE772B002DE}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{00AEFD47-AFCC-4383-8F59-B919B809963A}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ| "{801B4349-574B-43CA-BBA6-4A4E17BBCB63}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ| "{885FD815-3292-4F3F-AF7D-9D282D01591B}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Twitter|Desc=Twitter|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-1063257880-1914585122-1954150059-946145533-116938067-416079064-1690466945|EmbedCtxt=Twitter|Platform=2:6:2|Platform2=GTEQ| "{4EB8EA46-6B73-4745-A653-3B9B89F7BA60}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Instagram|Desc=Instagram|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-137757286-3657761651-2591663955-2133694990-1398096907-727781299-4101125796|EmbedCtxt=Instagram|Platform=2:6:2|Platform2=GTEQ| "{678B763D-6F27-4C14-98FA-AA96742DD80A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe|Name=Zoo Tycoon 2 Executable| "{53FA37F3-F31B-49DF-AD11-998AD5C2D888}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe|Name=Zoo Tycoon 2 Executable| "UDP Query User{839CF5C0-6154-4631-83F3-AAA6DFBB5BB3}C:\program files (x86)\google\google earth\plugin\geplugin.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\google\google earth\plugin\geplugin.exe|Name=Google Earth|Desc=Google Earth| "TCP Query User{CF281937-CFA0-4241-935D-B646E6807BAD}C:\program files (x86)\google\google earth\plugin\geplugin.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\google\google earth\plugin\geplugin.exe|Name=Google Earth|Desc=Google Earth| "{63E43A44-641E-4768-9E65-455DF1617089}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Mesh\MOE.exe|Name=Windows Live Mesh|Edge=TRUE| "{F147AEB1-1972-45B3-B00B-89A270C2B93F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (SSDP)| "{77A601F1-89CA-4C5C-B670-0E2BC2F18EBF}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (UPnP)| "{1CF9253A-7DA2-4BA9-8773-A1BE3ECEAD2A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe|Name=Windows Live Communications Platform|Edge=TRUE| "UDP Query User{2AE52667-3D7C-4595-8D39-B25B13807F33}C:\program files (x86)\google\google earth\client\googleearth.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\google\google earth\client\googleearth.exe|Name=Google Earth|Desc=Google Earth| "TCP Query User{6645D5C3-4D9A-4DB0-AA85-4C096C081442}C:\program files (x86)\google\google earth\client\googleearth.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\google\google earth\client\googleearth.exe|Name=Google Earth|Desc=Google Earth| "{F78F939A-7C55-4DF3-846E-BFFC80027142}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe|Name=Windows Live FolderShare| "{B5552C31-91BA-489A-ABA4-1ABEBEBAB781}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=svchost.exe|Svc=ssdpsrv|Name=Windows Live Messenger (SSDP-In)|EmbedCtxt=@C:\Program Files (x86)\Windows Live\Messenger\msgsres.dll,-4200| "{7EF0FF85-8D62-48EA-B8C3-68880F5F341A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Windows Live Messenger (UPnP-In)|EmbedCtxt=@C:\Program Files (x86)\Windows Live\Messenger\msgsres.dll,-4200| "{54F8C60C-3123-4DE4-928C-47DF4156B0EE}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002| "{275C3F5B-6594-4860-8B34-A205BCB618A2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe|Name=Zoo Tycoon 2 Executable| "{AFB14546-6160-4F9B-B521-FCE62C8E7449}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe|Name=Zoo Tycoon 2 Executable| "{827CBD76-DA05-48DC-8A91-5897ECCDC19E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe|Name=WebKit|Edge=TRUE| "{85A75F27-9C2D-452F-B95E-64EFC7B57E1B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\uTorrent\uTorrent.exe|Name=µTorrent (TCP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| "{92FED389-9974-47C0-A804-4713D34B9BFB}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\uTorrent\uTorrent.exe|Name=µTorrent (UDP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| "{1DB59A73-DBBA-408F-8932-22736243F451}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Graphisoft\ArchiCAD 18\ArchiCAD.exe|Name=ArchiCAD 18.0| "{62453C0D-7504-429D-8295-0AF590FD4065}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Graphisoft\ArchiCAD 18\ArchiCAD.exe|Name=ArchiCAD 18.0| "{A9289F99-B1B4-4772-B90C-574F78C1B568}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Graphisoft\ArchiCAD 18\CineRender\CineRender 64bit.exe|Name=ArchiCAD 18.0| "{7B4C771A-767B-4D44-8797-9C5CE822A028}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Graphisoft\ArchiCAD 18\CineRender\CineRender 64bit.exe|Name=ArchiCAD 18.0| "TCP Query User{17C075C7-3E82-45F1-875E-ABD0AF1590D5}C:\program files\graphisoft\archicad 18\archicad.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\graphisoft\archicad 18\archicad.exe|Name=ArchiCAD 18.0.0 Component|Desc=ArchiCAD 18.0.0 Component|Defer=User| "UDP Query User{0C702A4D-F603-4E16-AF83-51A80A572AFE}C:\program files\graphisoft\archicad 18\archicad.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\graphisoft\archicad 18\archicad.exe|Name=ArchiCAD 18.0.0 Component|Desc=ArchiCAD 18.0.0 Component|Defer=User| "TCP Query User{1FA9AF99-F47D-4DF4-B45F-6A925D095D4D}C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe|Name=CineRender|Desc=CineRender|Defer=User| "UDP Query User{877D3B21-5E4B-4EA8-8FF8-B670789E4760}C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe|Name=CineRender|Desc=CineRender|Defer=User| "TCP Query User{BF49EDA3-4815-4575-A8D3-F30BD1D2DB09}C:\program files\artlantis studio 6\artlantis license manager.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\program files\artlantis studio 6\artlantis license manager.exe|Name=Artlantis License Manager|Desc=Artlantis License Manager|Defer=User| "UDP Query User{29D0C4CF-4439-49FA-B4AF-12490A0BF1AD}C:\program files\artlantis studio 6\artlantis license manager.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\program files\artlantis studio 6\artlantis license manager.exe|Name=Artlantis License Manager|Desc=Artlantis License Manager|Defer=User| "{477A58A4-6C9B-4BE3-95D2-8E271C6383C3}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Graphisoft\ArchiCAD 19\ArchiCAD.exe|Name=ArchiCAD 19.0| "{D5B50005-75C5-4A23-B210-E3DE846F44D2}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Graphisoft\ArchiCAD 19\ArchiCAD.exe|Name=ArchiCAD 19.0| "{9F525576-2FD5-4EC3-82A2-57F6A3B642EF}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Graphisoft\ArchiCAD 19\CineRender\CineRender 64bit.exe|Name=ArchiCAD 19.0| "{60F8D9FA-2862-485D-8ABA-5BA659BAFE8A}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Graphisoft\ArchiCAD 19\CineRender\CineRender 64bit.exe|Name=ArchiCAD 19.0| "{3E345806-C000-44F2-98B8-371B06BC6C4F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe|Name=CodeMeterFWEx1|Edge=TRUE| "{CAB45438-DDEF-41B8-99BB-EBD081D0A7BF}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe|Name=CodeMeter Runtime Server| "{4B9137E4-F149-4CCE-8A5A-E074BBE1915F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe|Name=CodeMeter Runtime Server| "{4D002538-9B90-4CED-9B87-4F67D7D69CF1}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe|Name=CodeMeter Runtime Server| "{50A70E37-93F5-43AF-BDB1-7E6D6C76A1F4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe|Name=CodeMeter Runtime Server| "TCP Query User{CCF87C1B-6783-4B6D-93D8-11F1EA3949B5}C:\program files\graphisoft\archicad 19\licensefilegenerator.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\graphisoft\archicad 19\licensefilegenerator.exe|Name=ArchiCAD 19.0.0 FRA Component|Desc=ArchiCAD 19.0.0 FRA Component|Defer=User| "UDP Query User{1B44F993-C5A2-4099-9124-8B44427B8AE9}C:\program files\graphisoft\archicad 19\licensefilegenerator.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\graphisoft\archicad 19\licensefilegenerator.exe|Name=ArchiCAD 19.0.0 FRA Component|Desc=ArchiCAD 19.0.0 FRA Component|Defer=User| "{C6C92DA8-F608-4FDA-9960-830D5592D3C1}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-922658149-1620859959-2037323602-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{671D1FF1-EC31-4074-9FF0-3C2487E1F0B0}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1000|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{F142AF12-2C97-4E41-8CC3-541FF23214AE}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1000|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{B6F1395B-92CC-49FC-B011-8F1067D28337}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Candy Crush Soda Saga|Desc=Candy Crush Soda Saga|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1000|AppPkgId=S-1-15-2-3055884410-2067824683-223899546-422323478-2359388318-2114876276-1379654078|EmbedCtxt=Candy Crush Soda Saga|Platform=2:6:2|Platform2=GTEQ| "{99878292-B5EF-4922-98C1-100CF92A9A35}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Twitter|Desc=Twitter|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1000|AppPkgId=S-1-15-2-1063257880-1914585122-1954150059-946145533-116938067-416079064-1690466945|EmbedCtxt=Twitter|Platform=2:6:2|Platform2=GTEQ| "{EB5A16B2-EEBD-43C1-8C7E-B2F170CC1C2D}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Store Purchase App|Desc=Store Purchase App|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1000|AppPkgId=S-1-15-2-2246242352-370130666-2593524754-1827188282-2313440240-2317694540-2761805292|EmbedCtxt=Store Purchase App|Platform=2:6:2|Platform2=GTEQ| "{4E8CD070-2741-4F2F-94FC-28C32552B4F8}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1000|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ| "{6C0AA0B5-F530-4B4B-A82B-6DEBB047DA33}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1000|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{0CFFF2DC-41C7-446F-9E51-C59EE4D38418}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1000|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{972AED80-9890-427F-BBBE-CFF7025637CE}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1000|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{80B1780D-8EA7-4FC2-AEB6-5791491DF991}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1000|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{D1502D22-A7FA-48F0-A974-71D6EE543A74}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1000|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{4AD0EE03-B40A-4729-B471-522F285650BA}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1000|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{CD80B5B1-8052-42B1-A7CC-17728725F738}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1007|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{E4774183-A26E-4829-A160-17C60C378C37}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1007|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{A6D75D43-BA30-4145-9E23-91DDDEB4BF65}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1008|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{58B25ABD-F764-4C2B-8B97-C4CED435DA11}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1008|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{0E58A8F7-1DA8-455C-B28F-E31967182DD2}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1008|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ| "{6BFBBED4-B3F0-4B26-A665-04D39A755D87}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1008|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{C09C155C-844F-4FD9-8D78-9DA8A9C4B9DC}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1008|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{9292BA79-051D-47D2-B253-96E87AE334C5}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1008|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{B4BF97A2-A747-4138-9B51-293BD67D3ABF}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1008|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{68663425-A32F-41E8-8FAC-CE14E73FA89F}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1008|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{BFDDA224-9DC8-4478-B090-184EACB3E9ED}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Twitter|Desc=Twitter|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1008|AppPkgId=S-1-15-2-1063257880-1914585122-1954150059-946145533-116938067-416079064-1690466945|EmbedCtxt=Twitter|Platform=2:6:2|Platform2=GTEQ| "{5AB4D9C7-2725-4C03-A376-373ACFF4BC17}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=TuneIn Radio|Desc=TuneIn Radio|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1008|AppPkgId=S-1-15-2-3448222774-1362972896-3828232384-2484587679-1204535923-2579446900-1598161228|EmbedCtxt=TuneIn Radio|Platform=2:6:2|Platform2=GTEQ| "{0399EAB4-2B76-4C1D-81AB-80220A0BA997}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=TuneIn Radio|Desc=TuneIn Radio|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1008|AppPkgId=S-1-15-2-3448222774-1362972896-3828232384-2484587679-1204535923-2579446900-1598161228|EmbedCtxt=TuneIn Radio|Platform=2:6:2|Platform2=GTEQ| "{A41C8A7E-D8EE-4031-A263-7F351EAFF709}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1008|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ| "{7038F9F3-FA93-48BE-B716-75716C2DDCCB}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1008|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{95C696A0-C23E-49CE-BB77-F3ECF6E9886C}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=PicsArt - Photo Studio|Desc=PicsArt - Photo Studio|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1008|AppPkgId=S-1-15-2-1181921518-3464117289-2491546964-2984050378-2494007796-3931238436-1143461145|EmbedCtxt=PicsArt - Photo Studio|Platform=2:6:2|Platform2=GTEQ| "{2D47F9DE-4CCD-4048-8A10-45E1CF25C131}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=PicsArt - Photo Studio|Desc=PicsArt - Photo Studio|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1008|AppPkgId=S-1-15-2-1181921518-3464117289-2491546964-2984050378-2494007796-3931238436-1143461145|EmbedCtxt=PicsArt - Photo Studio|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{DA1718E3-112B-4C17-8575-7716D3689D90}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1008|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{5860DD17-4E43-4F51-BAEB-4241A8F4FE05}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1008|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{9A3E4092-5A44-4147-8DD4-775F296C0297}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Candy Crush Soda Saga|Desc=Candy Crush Soda Saga|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1008|AppPkgId=S-1-15-2-3055884410-2067824683-223899546-422323478-2359388318-2114876276-1379654078|EmbedCtxt=Candy Crush Soda Saga|Platform=2:6:2|Platform2=GTEQ| "{251FEB58-441E-4DB5-95DF-822C2F7F9B1A}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=FarmVille 2: Country Escape|Desc=FarmVille 2: Country Escape|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1008|AppPkgId=S-1-15-2-1319742552-342565696-2870756418-3096612201-3793223069-383708253-2495714412|EmbedCtxt=FarmVille 2: Country Escape|Platform=2:6:2|Platform2=GTEQ| "{334BC525-33AC-4090-B8A2-192F8F128B58}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=FarmVille 2: Country Escape|Desc=FarmVille 2: Country Escape|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1008|AppPkgId=S-1-15-2-1319742552-342565696-2870756418-3096612201-3793223069-383708253-2495714412|EmbedCtxt=FarmVille 2: Country Escape|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{F3D8B03F-8EE8-49E0-B6CC-1AC89A478D68}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1009|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{7334F98E-80B0-4199-BA8E-C4E7C32B7D7B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1009|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{D007EA6F-1B96-4192-920D-E9647B994FC4}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1009|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ| "{11184AD1-86A1-4A39-BA80-6F4608E8971D}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1009|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{B459A0B0-B0CB-4095-81DB-E8A9DA22FDD1}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1009|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{91E86604-C3DA-44D9-99B2-A7AC870B636B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1009|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{E9E36691-0B98-4FAD-BEB6-8CF89FD479A5}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1009|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{32A9611D-74C3-4FE2-96B3-FA56D0C3037E}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1009|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{62220BB2-812A-4781-BD15-A7728DC16E4C}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1009|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{F98CEC3A-E274-4C0A-BBC9-EB69712EE655}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1009|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{060F1AAE-5FA8-4F9C-A572-A679AB8D671E}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=TuneIn Radio|Desc=TuneIn Radio|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1009|AppPkgId=S-1-15-2-3448222774-1362972896-3828232384-2484587679-1204535923-2579446900-1598161228|EmbedCtxt=TuneIn Radio|Platform=2:6:2|Platform2=GTEQ| "{FF4BBF27-5A3C-429B-ACA4-09C3C834D302}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=TuneIn Radio|Desc=TuneIn Radio|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1009|AppPkgId=S-1-15-2-3448222774-1362972896-3828232384-2484587679-1204535923-2579446900-1598161228|EmbedCtxt=TuneIn Radio|Platform=2:6:2|Platform2=GTEQ| "{A107D2A3-4EE1-450C-AED4-73693EB8928B}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1009|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ| "{C70DFBB5-75E0-49FB-A339-5A6930D96A3E}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1009|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{BB6B1174-DBFC-4BDD-B5E6-8BBF84FB9647}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Twitter|Desc=Twitter|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1009|AppPkgId=S-1-15-2-1063257880-1914585122-1954150059-946145533-116938067-416079064-1690466945|EmbedCtxt=Twitter|Platform=2:6:2|Platform2=GTEQ| "{4E155EB9-5F25-4299-AEAC-2C979B684DBA}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=PicsArt - Photo Studio|Desc=PicsArt - Photo Studio|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1009|AppPkgId=S-1-15-2-1181921518-3464117289-2491546964-2984050378-2494007796-3931238436-1143461145|EmbedCtxt=PicsArt - Photo Studio|Platform=2:6:2|Platform2=GTEQ| "{A2906CF2-98C4-4C21-B1C3-928F26402F00}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=PicsArt - Photo Studio|Desc=PicsArt - Photo Studio|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1009|AppPkgId=S-1-15-2-1181921518-3464117289-2491546964-2984050378-2494007796-3931238436-1143461145|EmbedCtxt=PicsArt - Photo Studio|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{B7FAD720-E462-4A8F-85D7-1F75F4D01EFA}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Store Purchase App|Desc=Store Purchase App|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1009|AppPkgId=S-1-15-2-2246242352-370130666-2593524754-1827188282-2313440240-2317694540-2761805292|EmbedCtxt=Store Purchase App|Platform=2:6:2|Platform2=GTEQ| "{08340266-02AB-41D8-8E9F-8B36136FE69F}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Store Purchase App|Desc=Store Purchase App|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1008|AppPkgId=S-1-15-2-2246242352-370130666-2593524754-1827188282-2313440240-2317694540-2761805292|EmbedCtxt=Store Purchase App|Platform=2:6:2|Platform2=GTEQ| "{8C5C7075-448F-421D-8907-1598F72DA2DF}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=FarmVille 2: Country Escape|Desc=FarmVille 2: Country Escape|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1009|AppPkgId=S-1-15-2-1319742552-342565696-2870756418-3096612201-3793223069-383708253-2495714412|EmbedCtxt=FarmVille 2: Country Escape|Platform=2:6:2|Platform2=GTEQ| "{0EAF703F-D88F-472C-BA80-2720227EA274}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=FarmVille 2: Country Escape|Desc=FarmVille 2: Country Escape|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1009|AppPkgId=S-1-15-2-1319742552-342565696-2870756418-3096612201-3793223069-383708253-2495714412|EmbedCtxt=FarmVille 2: Country Escape|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{8270579F-F21B-4280-AEAC-314B82517AB6}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1010|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{7D992BC2-FF91-4247-8EE4-1F0997AF2E7A}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1010|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{88D0F19E-C85A-4D12-AF3B-AB68F16958EC}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Store Purchase App|Desc=Store Purchase App|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1010|AppPkgId=S-1-15-2-2246242352-370130666-2593524754-1827188282-2313440240-2317694540-2761805292|EmbedCtxt=Store Purchase App|Platform=2:6:2|Platform2=GTEQ| "{6EB4D4FC-409E-439F-A894-7EFD3AEA0ABB}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1010|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ| "{5E20A4FB-7FCE-4673-97E0-3D9A4C4F60F6}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1010|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{5413D612-4CB4-4BE3-B7DF-183B26B7F24D}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1010|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{A819C57E-CD0B-41B3-AEFD-0BE18A074AFA}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1010|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{FCEE569B-69B5-456B-B95F-9BB5232F5B2B}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1010|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{B1865BE9-A402-49EC-8AE3-652441790E1C}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1010|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{C5441CA5-9885-4C5A-BF4C-747A7AF6CE7F}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1010|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{F1A4FBB7-6D8A-4196-B2E5-BE6E959946E0}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1010|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{0FC27A03-E3B2-4BB8-8E01-7A4FDFEA526E}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Twitter|Desc=Twitter|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1010|AppPkgId=S-1-15-2-1063257880-1914585122-1954150059-946145533-116938067-416079064-1690466945|EmbedCtxt=Twitter|Platform=2:6:2|Platform2=GTEQ| "{D1C5E59D-3E4D-40AC-9E9B-854FA6B0A0F5}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=TuneIn Radio|Desc=TuneIn Radio|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1010|AppPkgId=S-1-15-2-3448222774-1362972896-3828232384-2484587679-1204535923-2579446900-1598161228|EmbedCtxt=TuneIn Radio|Platform=2:6:2|Platform2=GTEQ| "{ECEAA1AA-1111-4DFC-BF5F-F9FC3893C9E4}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=TuneIn Radio|Desc=TuneIn Radio|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1010|AppPkgId=S-1-15-2-3448222774-1362972896-3828232384-2484587679-1204535923-2579446900-1598161228|EmbedCtxt=TuneIn Radio|Platform=2:6:2|Platform2=GTEQ| "{AC6AB1EE-C1A4-4D08-9714-17D9AD2CF505}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1010|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ| "{59EAD496-5664-4580-AE1A-BB395F84D3AE}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1010|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{D849D8F2-44A8-4220-AC05-31B4CE973721}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=PicsArt - Photo Studio|Desc=PicsArt - Photo Studio|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1010|AppPkgId=S-1-15-2-1181921518-3464117289-2491546964-2984050378-2494007796-3931238436-1143461145|EmbedCtxt=PicsArt - Photo Studio|Platform=2:6:2|Platform2=GTEQ| "{E695D27F-D458-4A87-A40B-A643157E414E}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=PicsArt - Photo Studio|Desc=PicsArt - Photo Studio|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1010|AppPkgId=S-1-15-2-1181921518-3464117289-2491546964-2984050378-2494007796-3931238436-1143461145|EmbedCtxt=PicsArt - Photo Studio|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{A0F5573C-7F77-427E-BB2C-B59D1FDC2BD6}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1014|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{8441D257-B662-44BE-BC7C-1376BE18ED5F}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1014|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{769ECCBE-B671-462F-B03B-3C5A7ADF8D6C}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Store Purchase App|Desc=Store Purchase App|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-2246242352-370130666-2593524754-1827188282-2313440240-2317694540-2761805292|EmbedCtxt=Store Purchase App|Platform=2:6:2|Platform2=GTEQ| "{D6B7454B-98B5-4A01-87FE-147224188D87}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1018|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{7916BC35-DE36-477A-8C11-2F268F898825}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1018|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{D7AD1973-CE9F-41A3-8A7A-7020DC45C92A}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Store Purchase App|Desc=Store Purchase App|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1018|AppPkgId=S-1-15-2-2246242352-370130666-2593524754-1827188282-2313440240-2317694540-2761805292|EmbedCtxt=Store Purchase App|Platform=2:6:2|Platform2=GTEQ| "{ABC9EEC1-D55B-4336-B85D-8C6B5391C84E}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1018|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ| "{6F86A937-E66A-47C1-81D6-629878567575}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1018|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{FC106055-748D-45C5-9A06-B43D0DDE11AB}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1018|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{F51CEA2D-55A5-498E-A28E-AF34316118CB}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1018|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{BE0BEBBD-0FD9-4497-AA26-4597F86B5B53}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1018|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{0DC5DEB1-9990-4F7D-8192-B23226927B53}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1018|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{9FDFD226-A4B0-431C-BB35-A1E6AFA73D00}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1018|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{BD758D00-9F67-4D6B-96AF-9DC89D1E0A61}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1018|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{6EC58591-DD5C-4988-8EB5-CB4D8A6D0178}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=FarmVille 2: Country Escape|Desc=FarmVille 2: Country Escape|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1018|AppPkgId=S-1-15-2-1319742552-342565696-2870756418-3096612201-3793223069-383708253-2495714412|EmbedCtxt=FarmVille 2: Country Escape|Platform=2:6:2|Platform2=GTEQ| "{7C5F68BA-CEB9-4182-BEC1-91B1E29479B5}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=FarmVille 2: Country Escape|Desc=FarmVille 2: Country Escape|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1018|AppPkgId=S-1-15-2-1319742552-342565696-2870756418-3096612201-3793223069-383708253-2495714412|EmbedCtxt=FarmVille 2: Country Escape|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{705EB3D0-D37F-4563-98D5-C6FC1380E453}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{09FEFA4F-7CA2-4223-B25D-A04DE8F02EE8}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{81288C36-67E4-43F6-AD6F-7854A8D6BB92}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ| "{FCC10915-D055-4DCE-9E95-1C0831A029DA}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{64913E58-255E-4D68-A00D-A95A57BBCEE8}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Twitter|Desc=Twitter|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-1063257880-1914585122-1954150059-946145533-116938067-416079064-1690466945|EmbedCtxt=Twitter|Platform=2:6:2|Platform2=GTEQ| "{D86087E1-B571-400F-A911-69C1A135CD4C}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{57599D64-8106-405E-8329-CA547EBCBA00}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{1605B840-B050-4EA6-8FCB-2F74C1629680}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{66E2E0FD-3D16-4CD7-80E0-436661C32747}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{9F315378-0307-4B19-B6DF-AD70BE065A0D}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{DEDD5FD7-B03A-4BB7-9241-E8060D4A3954}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{2FAEE0D4-E4F1-4630-85CF-4A1BB4FCEBFC}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=TuneIn Radio|Desc=TuneIn Radio|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-3448222774-1362972896-3828232384-2484587679-1204535923-2579446900-1598161228|EmbedCtxt=TuneIn Radio|Platform=2:6:2|Platform2=GTEQ| "{F1EF6EB9-AB9A-4279-89AA-18CDDEA5D105}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=TuneIn Radio|Desc=TuneIn Radio|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-3448222774-1362972896-3828232384-2484587679-1204535923-2579446900-1598161228|EmbedCtxt=TuneIn Radio|Platform=2:6:2|Platform2=GTEQ| "{A3115B37-9AD5-4133-A70E-EA89018388B2}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ| "{9CFFBB12-25C6-4BC2-A6A1-ECDECF72E21F}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{7654DE7C-DC5A-43FE-97BE-6684011E4136}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Name=PicsArt - Photo Studio|Desc=PicsArt - Photo Studio|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-1181921518-3464117289-2491546964-2984050378-2494007796-3931238436-1143461145|EmbedCtxt=PicsArt - Photo Studio|Platform=2:6:2|Platform2=GTEQ| "{9439B186-E80D-4937-B4F6-7D350411C00B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Name=PicsArt - Photo Studio|Desc=PicsArt - Photo Studio|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-1181921518-3464117289-2491546964-2984050378-2494007796-3931238436-1143461145|EmbedCtxt=PicsArt - Photo Studio|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{E4C006EF-31A0-41A1-81BE-6DE9F11577B8}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{2A32C532-88E1-4819-A6ED-D90FE83DF123}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=FarmVille 2: Country Escape|Desc=FarmVille 2: Country Escape|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-1319742552-342565696-2870756418-3096612201-3793223069-383708253-2495714412|EmbedCtxt=FarmVille 2: Country Escape|Platform=2:6:2|Platform2=GTEQ| "{93F92E3B-D327-4B0D-BD1A-7335EF1B103E}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=FarmVille 2: Country Escape|Desc=FarmVille 2: Country Escape|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-1319742552-342565696-2870756418-3096612201-3793223069-383708253-2495714412|EmbedCtxt=FarmVille 2: Country Escape|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{9EF5D6EB-18C7-4FED-9E6F-1FB8DDDD8EF4}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Pay|Desc=Microsoft Pay|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Microsoft Pay|Platform=2:6:2|Platform2=GTEQ| "{C21857B6-36DA-48E4-B12F-A1E21D1865FC}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Candy Crush Soda Saga|Desc=Candy Crush Soda Saga|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-3055884410-2067824683-223899546-422323478-2359388318-2114876276-1379654078|EmbedCtxt=Candy Crush Soda Saga|Platform=2:6:2|Platform2=GTEQ| "{38B7F637-D2E2-49DB-BBD7-281892FA2161}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Shell Input Application|Desc=Shell Input Application|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-3945102849-3632965805-3846928828-240845225-3300287824-62672950-817265009|EmbedCtxt=Shell Input Application|Platform=2:6:2|Platform2=GTEQ| "{F00126E7-5B95-4EFC-B887-00AF30EDDADD}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{29202D95-FF24-48C5-9D30-9A54DEBA364B}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{6287F295-8C9B-4BBF-A458-8BCB87BDC644}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{CF3EA048-0292-4203-8206-4717AE5884B9}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{114C1280-CFFC-44CA-9D6D-C93C62B76D50}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=3D Builder|Desc=3D Builder|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-3995430443-3719053022-3339397951-2895237338-2437516106-1575886070-2755610054|EmbedCtxt=3D Builder|Platform=2:6:2|Platform2=GTEQ| "{11C16DEA-047D-4F63-AB2B-19EEC2D3E0BB}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=3D Builder|Desc=3D Builder|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-3995430443-3719053022-3339397951-2895237338-2437516106-1575886070-2755610054|EmbedCtxt=3D Builder|Platform=2:6:2|Platform2=GTEQ| "{64BEF98D-273F-453E-8D51-AB04AE412E54}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=PicsArt - Photo Studio|Desc=PicsArt - Photo Studio|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-1181921518-3464117289-2491546964-2984050378-2494007796-3931238436-1143461145|EmbedCtxt=PicsArt - Photo Studio|Platform=2:6:2|Platform2=GTEQ| "{9A926188-3D58-4028-944F-A06DD9549C79}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=PicsArt - Photo Studio|Desc=PicsArt - Photo Studio|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-1181921518-3464117289-2491546964-2984050378-2494007796-3931238436-1143461145|EmbedCtxt=PicsArt - Photo Studio|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{BF190EDC-63BC-44E1-B083-7424766188AD}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=TuneIn Radio|Desc=TuneIn Radio|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-3448222774-1362972896-3828232384-2484587679-1204535923-2579446900-1598161228|EmbedCtxt=TuneIn Radio|Platform=2:6:2|Platform2=GTEQ| "{4D8E6D42-BCCC-4142-8602-25D20A592C73}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=TuneIn Radio|Desc=TuneIn Radio|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-3448222774-1362972896-3828232384-2484587679-1204535923-2579446900-1598161228|EmbedCtxt=TuneIn Radio|Platform=2:6:2|Platform2=GTEQ| "{69F0CC0F-89A0-4449-8389-B214A7B26E7D}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Sway|Desc=Sway|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ| "{AB8C2A53-F4FA-4B0B-82E1-9794087DE4B7}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Mahjong|Desc=Microsoft Mahjong|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-2481395877-3904904754-2872837976-1880937080-3242436791-3293372984-3327460953|EmbedCtxt=Microsoft Mahjong|Platform=2:6:2|Platform2=GTEQ| "{82BFBC80-B6F6-41F5-9446-E81F783A90FC}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{DAAF7349-8B5C-4196-A8ED-2BD86835A75D}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{651BEA40-8FAA-4BA5-BE31-8094FB76E888}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game Bar Plugin|Desc=Xbox Game Bar Plugin|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-1823635404-1364722122-2170562666-1762391777-2399050872-3465541734-3732476201|EmbedCtxt=Xbox Game Bar Plugin|Platform=2:6:2|Platform2=GTEQ| "{E1D8449B-8BCA-4568-97E5-6B5982E64679}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4371-4379|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{C2906A2B-444D-4EA8-A638-8319DC9B18D0}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4381-4389|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{F9B5B718-80A3-41E0-8872-E36EE3370495}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{07167A98-3724-48B5-A881-3F357C196D3E}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{EAE28C2C-8635-4169-A478-D4D28650D4A2}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=57621|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{02991696-53F2-47A8-A593-7E85CEBF563A}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=57621-57631|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{A024A478-1BEE-4FC4-9C99-323C125B1219}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{4DE6C736-5755-4C4D-AC6E-6D1C02E35C6D}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{A269EBFD-ECAF-4965-AEC7-24A2BB7FCBAD}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Spotify Music|Desc=Spotify Music|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1019|AppPkgId=S-1-15-2-557819504-3144503769-3460048582-2468406004-2969798954-3397036932-4166026031|EmbedCtxt=Spotify Music|Platform=2:6:2|Platform2=GTEQ| "{69BAF0D7-24AA-4774-9011-CD0B0912E7E4}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Shell Input Application|Desc=Shell Input Application|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-3945102849-3632965805-3846928828-240845225-3300287824-62672950-817265009|EmbedCtxt=Shell Input Application|Platform=2:6:2|Platform2=GTEQ| "{D6506841-A8C9-436E-831F-4A6717191377}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=FarmVille 2: Country Escape|Desc=FarmVille 2: Country Escape|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-1319742552-342565696-2870756418-3096612201-3793223069-383708253-2495714412|EmbedCtxt=FarmVille 2: Country Escape|Platform=2:6:2|Platform2=GTEQ| "{279022F3-1142-4DBB-B83B-09C6F1A771D8}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=FarmVille 2: Country Escape|Desc=FarmVille 2: Country Escape|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-1319742552-342565696-2870756418-3096612201-3793223069-383708253-2495714412|EmbedCtxt=FarmVille 2: Country Escape|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{E128CD00-4546-42EB-8EC9-A9CE0702E88D}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{F5834ABA-ACA3-4B6F-89D1-9C747F648706}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{BD0696AE-AA3E-4BBB-80AD-C49B84122C41}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-922658149-1620859959-2037323602-1011|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{6C2D755E-CB8E-4A64-9ECF-DA1F99F0E0F9}C:\program files\graphisoft\archicad 19\archicad.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\graphisoft\archicad 19\archicad.exe|Name=ArchiCAD 19.0.0 Component|Desc=ArchiCAD 19.0.0 Component| "UDP Query User{89B3A22C-2A90-438D-8F02-251402FBA023}C:\program files\graphisoft\archicad 19\archicad.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\graphisoft\archicad 19\archicad.exe|Name=ArchiCAD 19.0.0 Component|Desc=ArchiCAD 19.0.0 Component| "{6B0CCB1D-8FDB-4763-BE98-C2478CF60E8E}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe|Name=Dropbox| [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\domainprofile\authorizedapplications\list] "C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{281922b1-a910-451e-adb1-0b5567f1edb1}] : (BTDFU) [] -> @oem16.inf,%BTWClassName%;Bluetooth Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3f966bd9-fa04-4ec5-991c-d326973b5128}] : (AndroidUsbDeviceClass) [] -> @oem34.inf,%ClassName%;SAMSUNG Android Phone [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @c_media.inf,%ClassDesc%;Sound, video and game controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b2728d24-ac56-42db-9e02-8edaf5db652f}] : (RDCamera) [] -> @rdcameradriver.inf,%ClassName%;Remote Desktop Camera devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d41dd63a-1395-4419-ae14-a534f5f2ad29}] : (DriverInterface) [] -> DriverInterface [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{DA89094D-4B35-4D92-ABF3-9808A44B6E59}] : (LMouFilt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e6f1aa1c-7f3b-4473-b2e8-c97d8ac71d53}] : (UCM) [] -> @c_ucm.inf,%ClassDesc%;USB Connector Managers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f72fe0d4-cbcb-407d-8814-9ed673d0dd6b}] : (USB) [] -> @oem41.inf,%ClassName%;ADB Interface [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [25/09/2018 02:19:54] - (24.21.13.9924) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 399.24) - C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_8e4f37220e99138f\nvlddmkm.sys [17/05/2013 11:13:26] - (1043.6.0.0) - ( - ATK0110 ACPI Utility) - C:\WINDOWS\system32\DRIVERS\ASACPI.sys [05/05/2016 16:49:23] - (1.2.40.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\WINDOWS\system32\drivers\nvvad64v.sys [09/11/2017 05:38:54] - (1.3.37.4) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\WINDOWS\system32\drivers\nvhda64v.sys [22/06/2015 02:49:50] - (6.0.11.800) - (VIA Technologies, Inc. - VIA High Definition Audio Function Driver) - C:\WINDOWS\system32\drivers\viahduaa.sys [28/03/2010 15:28:22] - (5.20.0.500) - (WIBU-SYSTEMS AG - WIBU-KEY Windows NT Kernel Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\WibuKey64.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - bttflt (@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter) -> System32\drivers\bttflt.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - cht4iscsi () -> System32\drivers\cht4sx64.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - disk (@disk.inf,%disk_ServiceDesc%;Pilote de disque) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - iaStorAVC (@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller) -> System32\drivers\iaStorAVC.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-101) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - ItSas35i () -> System32\drivers\ItSas35i.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas35i () -> System32\drivers\megasas35i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - MsSecFlt (@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001) -> system32\drivers\mssecflt.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;PCI Bus Driver) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> system32\DRIVERS\ramdisk.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - SgrmAgent (@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001) -> system32\drivers\SgrmAgent.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SmartSAMD () -> System32\drivers\SmartSAMD.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> system32\drivers\wd\WdBoot.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> system32\drivers\wd\WdFilter.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - afunix (afunix) -> \SystemRoot\system32\drivers\afunix.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - bam (@%SystemRoot%\system32\drivers\bam.sys,-100) -> system32\drivers\bam.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_307898c750ba9e44\BasicDisplay.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_ba2a8de08ea0d469\BasicRender.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - CSC (@%systemroot%\system32\cscsvc.dll,-202) -> system32\drivers\csc.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> system32\drivers\cldflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MQAC (@mqutil.dll,-6101) -> system32\drivers\mqac.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - WIBUKEY (WIBU-KEY Kernel Driver) -> SYSTEM32\DRIVERS\WibuKey64.sys - AcceptPause: False - AcceptStop: True ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\001FFF2FFF18FF00FF0501F01F02F000-R1] : (ArchiCAD 18 FRA.-.GRAPHISOFT) -> C:\Program Files\GRAPHISOFT\ArchiCAD 18\Uninstall.AC\uninstaller.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\001FFF2FFF19FF00FF0501F01F02F000-R1] : (ArchiCAD 19 FRA.-.GRAPHISOFT) -> C:\Program Files\GRAPHISOFT\ArchiCAD 19\Uninstall.AC\uninstaller.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AutoCAD 2012 Language Pack - French] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\KLiteCodecPack64_is1] : (K-Lite Codec Pack (64-bit) v3.1.1.-.) -> "C:\Program Files\KLCP64\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{05CA69B3-6699-425F-8223-39E4E00B6581}] : (CodeMeter Runtime Kit v5.21.-.WIBU-SYSTEMS AG) -> MsiExec.exe /I{05CA69B3-6699-425F-8223-39E4E00B6581} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1E9FC118-651D-4934-97BE-E53CAE5C7D45}] : (Microsoft_VC80_MFCLOC_x86_x64.-.Adobe) -> MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}] : (Microsoft_VC80_CRT_x86_x64.-.Adobe) -> MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4C0A8D65-4286-4B58-87FE-18AD24289285}] : (NVIDIA Performance Drivers.-.NVIDIA Corporation) -> MsiExec.exe /I{4C0A8D65-4286-4B58-87FE-18AD24289285} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5783F2D7-A001-040C-1102-0060B0CE6BBA}] : (AutoCAD 2012 Language Pack - French.-.Autodesk) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}] : (Google Earth Pro.-.Google) -> MsiExec.exe /I{70A0F34E-564B-4F93-ADD6-3BAEC6E44075} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7D9E3150-3D8F-4F2F-A7C1-19BB127A53C1}] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8557397C-A42D-486F-97B3-A2CBC2372593}] : (Microsoft_VC90_ATL_x86_x64.-.Adobe) -> MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90BF0360-A1DB-4599-A643-95AB90A52C1E}] : (Microsoft_VC90_MFCLOC_x86_x64.-.Adobe) -> MsiExec.exe /I{90BF0360-A1DB-4599-A643-95AB90A52C1E} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{925D058B-564A-443A-B4B2-7E90C6432E55}] : (Microsoft_VC80_ATL_x86_x64.-.Adobe) -> MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}] : (Microsoft_VC90_CRT_x86_x64.-.Adobe) -> MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}] : (Microsoft_VC90_MFC_x86_x64.-.Adobe) -> MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel] : (NVIDIA Ansel.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 399.24.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus] : (NVIDIA Optimus Update 2.11.4.1.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (Mises à jour NVIDIA 2.11.4.1.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (SHIELD Streaming.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer] : (NVIDIA Display Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS] : (NVIDIA Display Container LS.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog] : (NVIDIA Display Watchdog Plugin.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer] : (NVIDIA Display Session Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 1.2.40.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}] : (Microsoft_VC80_MFC_x86_x64.-.Adobe) -> MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Photoshop Elements 8.0] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Bamboo Dock] : (Bamboo Dock.-.Wacom Co., Ltd.) -> C:\Program Files (x86)\Bamboo Dock\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1] : (Adobe Help Manager.-.Adobe Systems Incorporated) -> msiexec /qb /x {AF37176A-78CA-545B-34EF-8B6A21514DD1} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DIAL Data Dispatcher1.0] : (DIAL Data Dispatcher.-.DIAL GmbH) -> "C:\Program Files (x86)\DIAL GmbH\Data Dispatcher\uninstall.exe" "/U:C:\Program Files (x86)\DIAL GmbH\Data Dispatcher\Uninstall\uninstall.xml" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\HEAT2 7.1 Light] : (HEAT2 7.1 Light.-.) -> C:\Windows\ViXUnin.exe C:\Program Files (x86)\Blocon\HEAT2 7.1 Light\Vinstall.log [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Migros Photo Service] : (Migros Photo Service.-.CEWE Stiftung u Co. KGaA) -> "C:\Program Files\Migros\Migros Photo Service\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1] : (Bamboo Dock.-.Wacom Europe GmbH) -> msiexec /qb /x {90DFD61B-8224-00C6-3D69-A983B60A394E} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0274D240-4D1D-4FDA-9A36-09F0BECD288F}] : (Adobe AIR.-.Adobe Systems Incorporated) -> MsiExec.exe /I{0274D240-4D1D-4FDA-9A36-09F0BECD288F} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}] : (Microsoft_VC90_ATL_x86.-.Adobe) -> MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{064A929A-4DE8-40CF-A901-BD40C14E4D25}] : (PDF Architect.-.pdfforge GmbH) -> MsiExec.exe /I{064A929A-4DE8-40CF-A901-BD40C14E4D25} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}] : (Autodesk Content Service.-.Autodesk) -> MsiExec.exe /X{086F9A69-CD39-4893-A9FB-D3A0634CE3F7} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}] : (Nero BackItUp 10 Help (CHM).-.Nero AG) -> MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{08D2E121-7F6A-43EB-97FD-629B44903403}] : (Microsoft_VC90_CRT_x86.-.Adobe) -> MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{099218A5-A723-43DC-8DB5-6173656A1E94}] : (Dropbox Update Helper.-.Dropbox, Inc.) -> MsiExec.exe /I{099218A5-A723-43DC-8DB5-6173656A1E94} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0F22C794-89DE-4F31-9479-827E3385CDAE}] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}] : (Microsoft_VC80_ATL_x86.-.Adobe) -> MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{16987E99-C95C-4513-9239-7B44A0A71DB5}] : (Nero SoundTrax 10 Help (CHM).-.Nero AG) -> MsiExec.exe /X{16987E99-C95C-4513-9239-7B44A0A71DB5} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}] : (Nero MediaHub 10.-.Nero AG) -> MsiExec.exe /X{1F7FB68F-52F6-46A3-B42F-38CE46295AE5} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{237CCB62-8454-43E3-B158-3ACD0134852E}] : (High-Definition Video Playback 10.-.Nero AG) -> MsiExec.exe /X{237CCB62-8454-43E3-B158-3ACD0134852E} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}] : (Nero Core Components 10.-.Nero AG) -> MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}] : (Skype™ 7.3.-.Skype Technologies S.A.) -> MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F03217067FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216017FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216020FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216021FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216022FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216023FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216024FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216026FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216029FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217011FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217021FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217045FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217051FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217055FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218091F0}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}] : (Nero Multimedia Suite 10.-.Nero AG) -> MsiExec.exe /I{277C1559-4CF7-44FF-8D07-98AA9C13AABD} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{329411A0-19F3-4740-874F-17400B126F27}] : (Nero Vision 10 Help (CHM).-.Nero AG) -> MsiExec.exe /X{329411A0-19F3-4740-874F-17400B126F27} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{33643918-7957-4839-92C7-EA96CB621A98}] : (Nero Express 10 Help (CHM).-.Nero AG) -> MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{34490F4E-48D0-492E-8249-B48BECF0537C}] : (Nero DiscSpeed 10.-.Nero AG) -> MsiExec.exe /X{34490F4E-48D0-492E-8249-B48BECF0537C} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}] : (eReg.-.Logitech, Inc.) -> MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{46F044A5-CE8B-4196-984E-5BD6525E361D}] : (Apple Application Support.-.Apple Inc.) -> MsiExec.exe /I{46F044A5-CE8B-4196-984E-5BD6525E361D} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}] : (Nero ControlCenter 10 Help (CHM).-.Nero AG) -> MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{555868C6-49FB-484F-BB43-8980651A1B00}] : (Nero BurnRights 10 Help (CHM).-.Nero AG) -> MsiExec.exe /X{555868C6-49FB-484F-BB43-8980651A1B00} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}] : (neroxml.-.Nero AG) -> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google LLC) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{627FFC10-CE0A-497F-BA2B-208CAC638010}] : (QuickTime 7.-.Apple Inc.) -> MsiExec.exe /I{627FFC10-CE0A-497F-BA2B-208CAC638010} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}] : (Microsoft_VC90_MFC_x86.-.Adobe) -> MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{63AA3EAB-23BB-48B2-9AD0-44F878075604}] : (Nero 10 Menu TemplatePack Basic.-.Nero AG) -> MsiExec.exe /X{63AA3EAB-23BB-48B2-9AD0-44F878075604} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65420DC9-306E-4371-905F-F4DC3B418E52}] : (Autodesk Material Library Base Resolution Image Library 2012.-.Autodesk) -> MsiExec.exe /I{65420DC9-306E-4371-905F-F4DC3B418E52} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}] : (Nero Update.-.Nero AG) -> MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{66049135-9659-4AAD-9169-9CCA269EBB3E}] : (Nero InfoTool 10 Help (CHM).-.Nero AG) -> MsiExec.exe /X{66049135-9659-4AAD-9169-9CCA269EBB3E} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{68AB6930-5BFF-4FF6-923B-516A91984FE6}] : (Nero BackItUp 10.-.Nero AG) -> MsiExec.exe /X{68AB6930-5BFF-4FF6-923B-516A91984FE6} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6DFB899F-17A2-48F0-A533-ED8D6866CF38}] : (Nero Control Center 10.-.Nero AG) -> MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{70550193-1C22-445C-8FA4-564E155DB1A7}] : (Nero Express 10.-.Nero AG) -> MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}] : (Apple Software Update.-.Apple Inc.) -> MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7A295D8F-484B-4FFB-89AB-C1FD497591FE}] : (Nero WaveEditor 10 Help (CHM).-.Nero AG) -> MsiExec.exe /X{7A295D8F-484B-4FFB-89AB-C1FD497591FE} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7A5D731D-B4B3-490E-B339-75685712BAAB}] : (Nero Burning ROM 10.-.Nero AG) -> MsiExec.exe /X{7A5D731D-B4B3-490E-B339-75685712BAAB} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{82EF29B1-9B60-4142-A155-0599216DD053}] : (LightScribe System Software.-.LightScribe) -> MsiExec.exe /X{82EF29B1-9B60-4142-A155-0599216DD053} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}] : (Nero Recode 10.-.Nero AG) -> MsiExec.exe /X{8ECEC853-5C3D-4B10-B5C7-FF11FF724807} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}] : (Autodesk Material Library 2012.-.Autodesk) -> MsiExec.exe /I{8F0837C2-EE09-4903-88F3-1976FE7FFF4E} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{90DFD61B-8224-00C6-3D69-A983B60A394E}] : (Bamboo Dock.-.Wacom Europe GmbH) -> MsiExec.exe /I{90DFD61B-8224-00C6-3D69-A983B60A394E} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}] : (Microsoft_VC80_CRT_x86.-.Adobe) -> MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{92E25238-61A3-4ACD-A407-3C480EEF47A7}] : (Nero RescueAgent 10 Help (CHM).-.Nero AG) -> MsiExec.exe /X{92E25238-61A3-4ACD-A407-3C480EEF47A7} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{943CFD7D-5336-47AF-9418-E02473A5A517}] : (Nero BurnRights 10.-.Nero AG) -> MsiExec.exe /X{943CFD7D-5336-47AF-9418-E02473A5A517} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}] : (FARO LS 1.1.406.58.-.FARO Scanner Production) -> MsiExec.exe /I{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}] : (Nero Vision 10.-.Nero AG) -> MsiExec.exe /X{9A4297F3-2A51-4ED9-92CA-4BCB8380947E} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}] : (Nero BurningROM 10 Help (CHM).-.Nero AG) -> MsiExec.exe /X{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A498D9EB-927B-459B-85D6-DD6EF8C2C564}] : (erLT.-.Logitech, Inc.) -> MsiExec.exe /I{A498D9EB-927B-459B-85D6-DD6EF8C2C564} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}] : (ImagXpress.-.Nero AG) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-000182420219}] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-000182435289}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-000182435289} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824166751}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824191728}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-1033-F400-7760-000000000005}] : (Adobe Acrobat X Pro - English, Français, Deutsch.-.Adobe Systems) -> MsiExec.exe /I{AC76BA86-1033-F400-7760-000000000005} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}] : (Adobe Acrobat Reader DC - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AC0F074E4100} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-5464-3428-900000000004}] : (Spelling Dictionaries Support For Adobe Reader 9.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AF37176A-78CA-545B-34EF-8B6A21514DD1}] : (Adobe Help Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AF37176A-78CA-545B-34EF-8B6A21514DD1} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B6D38690-755E-4F40-A35A-23F8BC2B86AC}] : (Microsoft_VC90_MFCLOC_x86.-.Adobe) -> MsiExec.exe /I{B6D38690-755E-4F40-A35A-23F8BC2B86AC} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BB8B979E-E336-47E7-96BC-1031C1B94561}] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}] : (PDF Settings CS6.-.Adobe Systems Incorporated) -> MsiExec.exe /I{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C18A0418-442A-4186-AF98-D08F5054A2FC}] : (Nero DiscSpeed 10 Help (CHM).-.Nero AG) -> MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C3273C55-E1E4-41FF-8D69-0158090DB8D8}] : (Nero CoverDesigner 10 Help (CHM).-.Nero AG) -> MsiExec.exe /X{C3273C55-E1E4-41FF-8D69-0158090DB8D8} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C3580AC4-C827-4332-B935-9A282ED5BB97}] : (Nero Dolby Files 10.-.Nero AG) -> MsiExec.exe /X{C3580AC4-C827-4332-B935-9A282ED5BB97} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D1A19B02-817E-4296-A45B-07853FD74D57}] : (Microsoft_VC80_MFC_x86.-.Adobe) -> MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D7BF9739-8A68-4335-BBEE-37752AD9E86B}] : (NEC Electronics USB 3.0 Host Controller Driver.-.NEC Electronics Corporation) -> MsiExec.exe /I{D7BF9739-8A68-4335-BBEE-37752AD9E86B} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}] : (Microsoft_VC80_MFCLOC_x86.-.Adobe) -> MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}] : (Nero Recode 10 Help (CHM).-.Nero AG) -> MsiExec.exe /X{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}] : (Nero SoundTrax 10.-.Nero AG) -> MsiExec.exe /X{E1EE5339-5D32-458F-BAAB-B19F6301BCE2} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E337E787-CF61-4B7B-B84F-509202A54023}] : (Nero RescueAgent 10.-.Nero AG) -> MsiExec.exe /X{E337E787-CF61-4B7B-B84F-509202A54023} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E3F4EA31-41D7-4789-9AC4-F26CDAF797BA}] : (Google SketchUp 8.-.Google, Inc.) -> MsiExec.exe /X{E3F4EA31-41D7-4789-9AC4-F26CDAF797BA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}] : (Nero WaveEditor 10.-.Nero AG) -> MsiExec.exe /X{EDCDFAD5-DF80-4600-A493-E9DAD6810230} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}] : (Nero InfoTool 10.-.Nero AG) -> MsiExec.exe /X{F412B4AF-388C-4FF5-9B2F-33DB1C536953} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F467862A-D9CA-47ED-8D81-B4B3C9399272}] : (Nero MediaHub 10 Help (CHM).-.Nero AG) -> MsiExec.exe /X{F467862A-D9CA-47ED-8D81-B4B3C9399272} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}] : (Nero 10 Movie ThemePack Basic.-.Nero AG) -> MsiExec.exe /X{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}] : (Nero StartSmart 10 Help (CHM).-.Nero AG) -> MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}] : (Nero StartSmart 10.-.Nero AG) -> MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FCF00A6E-FB58-477A-ABE9-232907105521}] : (Nero CoverDesigner 10.-.Nero AG) -> MsiExec.exe /X{FCF00A6E-FB58-477A-ABE9-232907105521} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FDAE2B3E-E3A8-42FF-AF6F-0AF4C59AE2CC}] : (.-.) -> ---------- | Ports ---------- | Installer [HKCR\Installer\Products\01CFF726A0ECF794ABB202C8CA360801] : QuickTime 7 -> C:\Windows\Installer\{627FFC10-CE0A-497F-BA2B-208CAC638010}\Installer.ico [HKCR\Installer\Products\0396BA86FFB56FF429B315A61989F46E] : Nero BackItUp 10 -> C:\Windows\Installer\{68AB6930-5BFF-4FF6-923B-516A91984FE6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\042D4720D1D4ADF4A963900FEBDC82F8] : Adobe AIR [HKCR\Installer\Products\0A1149233F91047478F47104B021F672] : Nero Vision 10 Help (CHM) -> C:\Windows\Installer\{329411A0-19F3-4740-874F-17400B126F27}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 [HKCR\Installer\Products\0AB19942EE0FDA44C98CE55CA0CE6F7B] : Skype™ 7.3 -> C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe [HKCR\Installer\Products\13AE4F3E7D149874A94C2FC6AD7F79AB] : Google SketchUp 8 [HKCR\Installer\Products\1B92FE2806B924141A55509912D60D35] : LightScribe System Software -> C:\Windows\Installer\{82EF29B1-9B60-4142-A155-0599216DD053}\ARPPRODUCTICON.exe [HKCR\Installer\Products\1C4235E6CF4867F4A9A36CE5708FE06E] : Complément Messenger -> C:\Windows\Installer\{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}\CompanionIcon [HKCR\Installer\Products\26BCC73245483E341B85A3DC104358E2] : High-Definition Video Playback 10 -> C:\Windows\Installer\{237CCB62-8454-43E3-B158-3ACD0134852E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2C7380F890EE3094883F9167EFF7FFE4] : Autodesk Material Library 2012 -> C:\Windows\Installer\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\358CECE8D3C501B45B7CFF11FF278470] : Nero Recode 10 -> C:\Windows\Installer\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3910550722C1C544F84A65E451D51B7A] : Nero Express 10 -> C:\Windows\Installer\{70550193-1C22-445C-8FA4-564E155DB1A7}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3B96AC509966F5242832934E0EB05618] : CodeMeter Runtime Kit v5.21 -> C:\Windows\Installer\{05CA69B3-6699-425F-8223-39E4E00B6581}\CodeMeter.ico [HKCR\Installer\Products\3F7924A915A29DE429ACB4BC380849E7] : Nero Vision 10 -> C:\Windows\Installer\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\46B5A9879DD95AB419A50FCFA0B1B7EF] : Apple Software Update -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico [HKCR\Installer\Products\4CA0853C728C23349B53A982E25DBB79] : Nero Dolby Files 10 -> C:\Windows\Installer\{C3580AC4-C827-4332-B935-9A282ED5BB97}\ARPPRODUCTICON.exe [HKCR\Installer\Products\52744B0D6663D294EB6F85A741DBB99D] : MSVCRT_amd64 [HKCR\Installer\Products\531940669569DAA41996C9AC62E9BBE3] : Nero InfoTool 10 Help (CHM) -> C:\Windows\Installer\{66049135-9659-4AAD-9169-9CCA269EBB3E}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 [HKCR\Installer\Products\55C3723C4E1EFF14D896108590D08B8D] : Nero CoverDesigner 10 Help (CHM) -> C:\Windows\Installer\{C3273C55-E1E4-41FF-8D69-0158090DB8D8}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 [HKCR\Installer\Products\56D8A0C4682485B478EF81DA42822958] : NVIDIA Performance Drivers -> C:\Windows\Installer\{4C0A8D65-4286-4B58-87FE-18AD24289285}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5A440F64B8EC691489E4B56D25E563D1] : Apple Application Support -> C:\Windows\Installer\{46F044A5-CE8B-4196-984E-5BD6525E361D}\WinInstall.ico [HKCR\Installer\Products\5A812990327ACD34D85B163756A6E149] : Dropbox Update Helper [HKCR\Installer\Products\5DAFDCDE08FD00644A399EAD6D182003] : Nero WaveEditor 10 -> C:\Windows\Installer\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}\ARPPRODUCTICON.exe [HKCR\Installer\Products\6116D6C8427B0184F8D20D746E7B6DE8] : Mesh Runtime [HKCR\Installer\Products\68AB67CA3301004F7706000000000050] : Adobe Acrobat X Pro - English, Français, Deutsch -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000005}\_SC_Acrobat.ico [HKCR\Installer\Products\68AB67CA408033019195001028342598] : Adobe Refresh Manager -> C:\WINDOWS\Installer\{AC76BA86-0804-1033-1959-000182435289}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA746454382090000000040] : Spelling Dictionaries Support For Adobe Reader 9 -> C:\Windows\Installer\{AC76BA86-7AD7-5464-3428-900000000004}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA76301B744CAF070E41400] : Adobe Acrobat Reader DC - Français -> C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico [HKCR\Installer\Products\6C868555BF94F484BB34980856A1B100] : Nero BurnRights 10 Help (CHM) -> C:\Windows\Installer\{555868C6-49FB-484F-BB43-8980651A1B00}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 [HKCR\Installer\Products\6E8A266FCD4F2A1409E1C8110F44DBCE] : MSXML 4.0 SP2 (KB973688) [HKCR\Installer\Products\7040BB568CC47CD459E2E3FEFD5006A2] : Nero Update -> C:\Windows\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\77EAAEFBF7DB43542B68C9C54B96E71B] : PDF Settings CS6 [HKCR\Installer\Products\787E733E16FCB7B48BF40529205A0432] : Nero RescueAgent 10 -> C:\Windows\Installer\{E337E787-CF61-4B7B-B84F-509202A54023}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7BD4C90EC03660F46A13E87A329932FA] : D3DX10 [HKCR\Installer\Products\7D2F3875100AC040102000060BECB6AB] : AutoCAD 2012 - French [HKCR\Installer\Products\7D2F3875100AC040112000060BECB6AB] : AutoCAD 2012 Language Pack - French [HKCR\Installer\Products\7E0BA6F1DDC839B4A832AAE92BEFCF4E] : Junk Mail filter update [HKCR\Installer\Products\8140A81CA2446814FA890DF805452ACF] : Nero DiscSpeed 10 Help (CHM) -> C:\Windows\Installer\{C18A0418-442A-4186-AF98-D08F5054A2FC}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 [HKCR\Installer\Products\8193463375979384297CAE69BC26A189] : Nero Express 10 Help (CHM) -> C:\Windows\Installer\{33643918-7957-4839-92C7-EA96CB621A98}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 [HKCR\Installer\Products\83252E293A16DCA44A70C384E0FE747A] : Nero RescueAgent 10 Help (CHM) -> C:\Windows\Installer\{92E25238-61A3-4ACD-A407-3C480EEF47A7}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 [HKCR\Installer\Products\8A2F6342E7B4C6B4EAE406C448AAA6F4] : Nero Core Components 10 [HKCR\Installer\Products\9335EE1E23D5F854ABBA1BF93610CB2E] : Nero SoundTrax 10 -> C:\Windows\Installer\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9379FB7D86A85334BBEE7357A29D8EB6] : NEC Electronics USB 3.0 Host Controller Driver -> C:\Windows\Installer\{D7BF9739-8A68-4335-BBEE-37752AD9E86B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper [HKCR\Installer\Products\9551C7727FC4FF44D87089AAC931AADB] : Nero Multimedia Suite 10 -> C:\Windows\Installer\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}\ARPPRODUCTICON.exe [HKCR\Installer\Products\96A9F68093DC39849ABF3D0A36C43E7F] : Autodesk Content Service -> C:\Windows\Installer\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}\appicon.ico [HKCR\Installer\Products\99E78961C59C31542993B7440A7AD15B] : Nero SoundTrax 10 Help (CHM) -> C:\Windows\Installer\{16987E99-C95C-4513-9239-7B44A0A71DB5}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 [HKCR\Installer\Products\9CD02456E603173409F54FCDB314E825] : Autodesk Material Library Base Resolution Image Library 2012 -> C:\Windows\Installer\{65420DC9-306E-4371-905F-F4DC3B418E52}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A268764FAC9DDE74D8184B3B9C932927] : Nero MediaHub 10 Help (CHM) -> C:\Windows\Installer\{F467862A-D9CA-47ED-8D81-B4B3C9399272}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 [HKCR\Installer\Products\A4D1C7BDAB80E7C48AAA7B9FBB73D2FC] : Nero Recode 10 Help (CHM) -> C:\Windows\Installer\{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 [HKCR\Installer\Products\A67173FAAC87B54543FEB8A61215D41D] : Adobe Help Manager [HKCR\Installer\Products\A6C64DD86500CEF47BA082BB611A1FF1] : MSVCRT [HKCR\Installer\Products\A929A4608ED4FC049A10DB041CE4D452] : PDF Architect -> C:\Windows\Installer\{064A929A-4DE8-40CF-A901-BD40C14E4D25}\main_icon [HKCR\Installer\Products\B16DFD0942286C00D3969A386BA093E4] : Bamboo Dock [HKCR\Installer\Products\B1B2B325BD8D14B409FF4C7D992E57A8] : Nero ControlCenter 10 Help (CHM) -> C:\Windows\Installer\{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 [HKCR\Installer\Products\B6668C80205C3BA44BBC7DA44CD241EF] : Nero BackItUp 10 Help (CHM) -> C:\Windows\Installer\{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 [HKCR\Installer\Products\B9802F8A97F16FB43B582A2C0B9B7AD4] : ImagXpress [HKCR\Installer\Products\BAE3AA36BB322B84A90D448F87706540] : Nero 10 Menu TemplatePack Basic -> C:\Windows\Installer\{63AA3EAB-23BB-48B2-9AD0-44F878075604}\ARPPRODUCTICON.exe [HKCR\Installer\Products\BE9D894AB729B954586DDDE68F2C5C46] : erLT -> C:\Windows\Installer\{A498D9EB-927B-459B-85D6-DD6EF8C2C564}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C9F7116F5BDA0954B94E217CEB2C7820] : Nero StartSmart 10 Help (CHM) -> C:\Windows\Installer\{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 [HKCR\Installer\Products\D137D5A73B4BE0943B9357867521ABBA] : Nero Burning ROM 10 -> C:\Windows\Installer\{7A5D731D-B4B3-490E-B339-75685712BAAB}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D7DFC3496335FA7449810E42375A5A71] : Nero BurnRights 10 -> C:\Windows\Installer\{943CFD7D-5336-47AF-9418-E02473A5A517}\ARPPRODUCTICON.exe [HKCR\Installer\Products\DDA39468D428E8B4DB27C8D5DC5CA217] : MSXML 4.0 SP2 (KB954430) [HKCR\Installer\Products\E128CD23D7A48784EB8E33F71A357D2F] : Update for Windows 10 for x64-based Systems (KB4023057) [HKCR\Installer\Products\E43F0A07B46539F4DA6DB3EA6C4E0457] : Google Earth Pro -> Cl\WINDOWS\Installer\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}\MainIcon.ico [HKCR\Installer\Products\E4F094430D84E29428944BB8CE0F35C7] : Nero DiscSpeed 10 -> C:\Windows\Installer\{34490F4E-48D0-492E-8249-B48BECF0537C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E6A00FCF85BFA774BA9E329270015512] : Nero CoverDesigner 10 -> C:\Windows\Installer\{FCF00A6E-FB58-477A-ABE9-232907105521}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E984D16F44C6CA94DA20D78ACA7AA356] : Nero StartSmart 10 -> C:\Windows\Installer\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}\ARPPRODUCTICON.exe [HKCR\Installer\Products\EB42B6B97E084C64F95A1B765D0E3F54] : Nero BurningROM 10 Help (CHM) -> C:\Windows\Installer\{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 [HKCR\Installer\Products\EB940C659E972054EB7A79453A6EF0B9] : neroxml [HKCR\Installer\Products\F228BC5F563B1D34CB0CF4ADA102717A] : Nero 10 Movie ThemePack Basic -> C:\Windows\Installer\{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F86BF7F16F253A644BF283EC6492A55E] : Nero MediaHub 10 -> C:\Windows\Installer\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}\NeroMediaHub._63C8A7B0BBE5459F9AC436392B2FF50D.exe [HKCR\Installer\Products\F8D592A7B484BFF498BA1CDF945719EF] : Nero WaveEditor 10 Help (CHM) -> C:\Windows\Installer\{7A295D8F-484B-4FFB-89AB-C1FD497591FE}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 [HKCR\Installer\Products\F998BFD62A710F845A33DED88666FC83] : Nero Control Center 10 -> C:\Windows\Installer\{6DFB899F-17A2-48F0-A533-ED8D6866CF38}\ARPPRODUCTICON.exe [HKCR\Installer\Products\FA4B214FC8835FF4B9F233BDC1359635] : Nero InfoTool 10 -> C:\Windows\Installer\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}\ARPPRODUCTICON.exe ---------- | ADS ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Nom de l’application défaillante svchost.exe_WerSvc, version : 10.0.18362.1, horodatage : 0x32d6c210 Nom du module défaillant : KERNELBASE.dll, version : 10.0.18362.418, horodatage : 0xfba22159 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000007ccc7 ID du processus défaillant : 0x1d04 Heure de début de l’application défaillante : 0x01d5852e692a0e68 Chemin d’accès de l’application défaillante : C:\WINDOWS\System32\svchost.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 8379cd17-9350-43db-ad3c-ba5f49931605 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante svchost.exe_WerSvc, version : 10.0.18362.1, horodatage : 0x32d6c210 Nom du module défaillant : KERNELBASE.dll, version : 10.0.18362.418, horodatage : 0xfba22159 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000007ccc7 ID du processus défaillant : 0x11c0 Heure de début de l’application défaillante : 0x01d5852e612fbba3 Chemin d’accès de l’application défaillante : C:\WINDOWS\System32\svchost.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : bc637967-29d0-4285-8aea-66af238020c5 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante svchost.exe_Schedule, version : 10.0.18362.1, horodatage : 0x32d6c210 Nom du module défaillant : KERNELBASE.dll, version : 10.0.18362.418, horodatage : 0xfba22159 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000007ccc7 ID du processus défaillant : 0x4c0 Heure de début de l’application défaillante : 0x01d5852c8a51c700 Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\svchost.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 1a6de17d-1914-4452-86b3-73cddcca6f4a Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ svchost (5836,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. ------------ Nom de l’application défaillante YourPhone.exe, version : 1.19091.313.0, horodatage : 0x5d897550 Nom du module défaillant : MSVCP140_APP.dll, version : 14.20.27323.0, horodatage : 0x5c47f762 Code d’exception : 0xc000027b Décalage d’erreur : 0x000000000004d22f ID du processus défaillant : 0x1d4c Heure de début de l’application défaillante : 0x01d5852d9ffc4eee Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19091.313.0_x64__8wekyb3d8bbwe\YourPhone.exe Chemin d’accès du module défaillant: C:\Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.27323.0_x64__8wekyb3d8bbwe\MSVCP140_APP.dll ID de rapport : f576266c-6723-450f-a654-0ffceb8d87d4 Nom complet du package défaillant : Microsoft.YourPhone_1.19091.313.0_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante StartMenuExperienceHost.exe, version : 0.0.0.0, horodatage : 0x5d65fb6a Nom du module défaillant : ucrtbase.dll, version : 10.0.18362.387, horodatage : 0x4361b720 Code d’exception : 0xc0000409 Décalage d’erreur : 0x000000000006db8e ID du processus défaillant : 0x21d8 Heure de début de l’application défaillante : 0x01d5852d9de3b152 Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\ucrtbase.dll ID de rapport : 8aef3d6f-56a9-46b2-84c4-99be2eb67369 Nom complet du package défaillant : Microsoft.Windows.StartMenuExperienceHost_10.0.18362.387_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante StartMenuExperienceHost.exe, version : 0.0.0.0, horodatage : 0x5d65fb6a Nom du module défaillant : ucrtbase.dll, version : 10.0.18362.387, horodatage : 0x4361b720 Code d’exception : 0xc0000409 Décalage d’erreur : 0x000000000006db8e ID du processus défaillant : 0x1d2c Heure de début de l’application défaillante : 0x01d5852d9b8fb64b Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\ucrtbase.dll ID de rapport : 7e1d953d-07e9-430e-ad0d-ba826570175a Nom complet du package défaillant : Microsoft.Windows.StartMenuExperienceHost_10.0.18362.387_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante StartMenuExperienceHost.exe, version : 0.0.0.0, horodatage : 0x5d65fb6a Nom du module défaillant : ucrtbase.dll, version : 10.0.18362.387, horodatage : 0x4361b720 Code d’exception : 0xc0000409 Décalage d’erreur : 0x000000000006db8e ID du processus défaillant : 0x1e60 Heure de début de l’application défaillante : 0x01d5852d993de47e Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\ucrtbase.dll ID de rapport : 56175e98-691f-44a3-810d-99ecdda75594 Nom complet du package défaillant : Microsoft.Windows.StartMenuExperienceHost_10.0.18362.387_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante StartMenuExperienceHost.exe, version : 0.0.0.0, horodatage : 0x5d65fb6a Nom du module défaillant : ucrtbase.dll, version : 10.0.18362.387, horodatage : 0x4361b720 Code d’exception : 0xc0000409 Décalage d’erreur : 0x000000000006db8e ID du processus défaillant : 0x594 Heure de début de l’application défaillante : 0x01d5852d96fa8765 Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\ucrtbase.dll ID de rapport : 2ef22b27-9c2a-40c6-bbb0-f6a555ccdf27 Nom complet du package défaillant : Microsoft.Windows.StartMenuExperienceHost_10.0.18362.387_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante StartMenuExperienceHost.exe, version : 0.0.0.0, horodatage : 0x5d65fb6a Nom du module défaillant : ucrtbase.dll, version : 10.0.18362.387, horodatage : 0x4361b720 Code d’exception : 0xc0000409 Décalage d’erreur : 0x000000000006db8e ID du processus défaillant : 0x23e8 Heure de début de l’application défaillante : 0x01d5852d94a99749 Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\ucrtbase.dll ID de rapport : 54ab890a-6cd6-4703-b9ae-19eeddc01289 Nom complet du package défaillant : Microsoft.Windows.StartMenuExperienceHost_10.0.18362.387_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante StartMenuExperienceHost.exe, version : 0.0.0.0, horodatage : 0x5d65fb6a Nom du module défaillant : ucrtbase.dll, version : 10.0.18362.387, horodatage : 0x4361b720 Code d’exception : 0xc0000409 Décalage d’erreur : 0x000000000006db8e ID du processus défaillant : 0x1c50 Heure de début de l’application défaillante : 0x01d5852cf0d137c3 Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\ucrtbase.dll ID de rapport : 8c920e23-52c2-42e7-af2a-8faf0a0a9aa1 Nom complet du package défaillant : Microsoft.Windows.StartMenuExperienceHost_10.0.18362.387_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ ------------ Nom de l’application défaillante YourPhone.exe, version : 1.19091.313.0, horodatage : 0x5d897550 Nom du module défaillant : MSVCP140_APP.dll, version : 14.20.27323.0, horodatage : 0x5c47f762 Code d’exception : 0xc000027b Décalage d’erreur : 0x000000000004d22f ID du processus défaillant : 0x1e10 Heure de début de l’application défaillante : 0x01d5852cf2c173f1 Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19091.313.0_x64__8wekyb3d8bbwe\YourPhone.exe Chemin d’accès du module défaillant: C:\Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.27323.0_x64__8wekyb3d8bbwe\MSVCP140_APP.dll ID de rapport : 6ddb8732-b970-4292-81e1-bee0db3792a8 Nom complet du package défaillant : Microsoft.YourPhone_1.19091.313.0_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : App ------------ ------------ ------------ svchost (6048,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. ------------ Nom de l’application défaillante YourPhone.exe, version : 1.19091.313.0, horodatage : 0x5d897550 Nom du module défaillant : MSVCP140_APP.dll, version : 14.20.27323.0, horodatage : 0x5c47f762 Code d’exception : 0xc000027b Décalage d’erreur : 0x000000000004d22f ID du processus défaillant : 0x1edc Heure de début de l’application défaillante : 0x01d5852be24425ee Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19091.313.0_x64__8wekyb3d8bbwe\YourPhone.exe Chemin d’accès du module défaillant: C:\Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.27323.0_x64__8wekyb3d8bbwe\MSVCP140_APP.dll ID de rapport : dcfdfab4-cf74-43b6-b09a-4e38c55ae0e5 Nom complet du package défaillant : Microsoft.YourPhone_1.19091.313.0_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante StartMenuExperienceHost.exe, version : 0.0.0.0, horodatage : 0x5d65fb6a Nom du module défaillant : ucrtbase.dll, version : 10.0.18362.387, horodatage : 0x4361b720 Code d’exception : 0xc0000409 Décalage d’erreur : 0x000000000006db8e ID du processus défaillant : 0xc5c Heure de début de l’application défaillante : 0x01d5852b512de970 Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\ucrtbase.dll ID de rapport : bb6f9864-4ff8-4a7e-9e04-acdf47843491 Nom complet du package défaillant : Microsoft.Windows.StartMenuExperienceHost_10.0.18362.387_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante StartMenuExperienceHost.exe, version : 0.0.0.0, horodatage : 0x5d65fb6a Nom du module défaillant : ucrtbase.dll, version : 10.0.18362.387, horodatage : 0x4361b720 Code d’exception : 0xc0000409 Décalage d’erreur : 0x000000000006db8e ID du processus défaillant : 0xbd8 Heure de début de l’application défaillante : 0x01d5852b4dfe89db Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\ucrtbase.dll ID de rapport : de9b3269-d542-4864-bd7f-ba5f16c1b94c Nom complet du package défaillant : Microsoft.Windows.StartMenuExperienceHost_10.0.18362.387_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ ----------( EOF)---------- - 5733 | 23:05:55