--------------- QuickDiag | g3n-h@ckm@n | V6.098.20.2 ---------------

----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 10/04/2020 10:08:39

Updated 07/04/2020 | 21:50 (GMT) by g3n-h@ckm@n
Contact : http://www.sosvirus.net/

Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris
[tolunq (Administrator)] - [TOLUNQ-PC] (S-1-5-21-2440877392-4245707990-3840087772-1000)

System: Microsoft Windows 7 Professionnel - Service Pack 1 - (6.1.7601) -  BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> ()
System: AutoReboot: False - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True
Boot : Microsoft Windows 7 Professionnel |C:\Windows|\Device\Harddisk0\Partition1
Boot : Normal boot
PC: To Be Filled By O.E.M. - To Be Filled By O.E.M. - IdNumber: To Be Filled By O.E.M. - UUID: 03000200-0400-0500-0006-000700080009
Processor : X64 - 3400 Mhz - Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
BIOS Date: 07/13/12 16:19:10 Ver: 04.06.05 - - American Megatrends Inc. - S/N: To Be Filled By O.E.M. - P2.00 - DELL  - 1072009
CoreTemp : ? Celsius

----------| Quick


---------- | SoundDevice

Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0899&SUBSYS_18491898&REV_1000\4&1D2C9EED&0&0001
Son Intel(R) pour écrans - Status: OK - Manufacturer: Intel(R) Corporation - PNPDeviceID: HDAUDIO\FUNC_01&VEN_8086&DEV_2806&SUBSYS_80860101&REV_1000\4&1D2C9EED&0&0301
AMD High Definition Audio Device - Status: OK - Manufacturer: Advanced Micro Devices - PNPDeviceID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1002\5&EF6BCB4&0&0001

---------- | Video

Intel(R) HD Graphics 4000 - Resolution: 1920x1200 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: igdumdim64.dll,igd10iumd64.dll,igd10iumd64.dll,igdumdim32,igd10iumd32,igd10iumd32 - PNPDeviceID: PCI\VEN_8086&DEV_0162&SUBSYS_01621849&REV_09\3&11583659&0&10 - AdapterCompatibility: Intel Corporation - RAM: -2080374784
ASUS EAH5850 Series - Resolution: x - Colors: - RefreshRate: -  Bits Per Pixel - DeviceID: VideoController2 - Drivers: aticfx64.dll,aticfx64.dll,aticfx64.dll,aticfx32,aticfx32,aticfx32,atiumd64.dll,atidxx64.dll,atidxx64.dll,atiumdag,atidxx32,atidxx32,atiumdva,atiumd6a.cap,atitmm64.dll - PNPDeviceID: PCI\VEN_1002&DEV_6899&SUBSYS_E140174B&REV_00\4&15001D53&0&0008 - AdapterCompatibility: Advanced Micro Devices, Inc. - RAM: 1073741824
Inegrated Video Chipset DeviceName: Intel(R) HD Graphics 4000 - DriverVersion: 10.18.10.5069 - SpecificationVersion: 1025

---------- | Codecs

c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16384 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 22016 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 29184 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 24064 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25600 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\lvcod64.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 176416 -  Manufacturer: Logitech Inc. - Status: OK
c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 81408 -  Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK

---------- | Memory

Pagefile = Total (MB) : 17281 | Free (MB) : 13530
Virtual = Total (MB) : 4194 | Free (MB) : 3961

Physical Memory (MB)
--------------------
Total:     16277
Available: 12515
Cached:    12373
Free:      1168

Kernel Memory (MB)
------------------
Paged:     812
Nonpaged:  356

System
------
Handles:   32788
Processes: 107
Threads:   1750

---------- | SID Users

Administrateur : [S-1-5-21-2440877392-4245707990-3840087772-500]
HomeGroupUser$ : [S-1-5-21-2440877392-4245707990-3840087772-1002]
Invité : [S-1-5-21-2440877392-4245707990-3840087772-501]
tolunq : [S-1-5-21-2440877392-4245707990-3840087772-1000]
Administrateurs : [S-1-5-32-544]
Duplicateurs : [S-1-5-32-552]
IIS_IUSRS : [S-1-5-32-568]
Invités : [S-1-5-32-546]
Lecteurs des journaux d’événements : [S-1-5-32-573]
Opérateurs de chiffrement : [S-1-5-32-569]
Opérateurs de configuration réseau : [S-1-5-32-556]
Opérateurs de sauvegarde : [S-1-5-32-551]
Utilisateurs : [S-1-5-32-545]
Utilisateurs avec pouvoir : [S-1-5-32-547]
Utilisateurs de l’Analyseur de performances : [S-1-5-32-558]
Utilisateurs du Bureau à distance : [S-1-5-32-555]
Utilisateurs du journal de performances : [S-1-5-32-559]
Utilisateurs du modèle COM distribué : [S-1-5-32-562]
HomeUsers : [S-1-5-21-2440877392-4245707990-3840087772-1001]
WinRMRemoteWMIUsers__ : [S-1-5-21-2440877392-4245707990-3840087772-1003]

---------- | Drives

C:\ -> [Fixed] | [win7] | Total : 419.18 Go | Free : 268.63 Go -> NTFS (SSD) [SATA]
E:\ -> [Fixed] | [film] | Total : 878.91 Go | Free : 345.03 Go -> NTFS [SATA]
F:\ -> [Fixed] | [Nouveau nom] | Total : 984.11 Go | Free : 809.73 Go -> NTFS [SATA]
H:\ -> [Fixed] | [win10] | Total : 465.13 Go | Free : 431.21 Go -> NTFS (SSD) [SATA]
I:\ -> [Fixed] | [Disque local] | Total : 976.56 Go | Free : 494.9 Go -> NTFS [SATA]
J:\ -> [Fixed] | [films] | Total : 886.45 Go | Free : 720.17 Go -> NTFS [SATA]

Drive: 0
Cylinders: 60801
Tracks per Cylinder: 255
Sectors per Track: 63
Bytes per Sector: 512
Total Space: 500107862016 bytes

Drive: 1
Cylinders: 60801
Tracks per Cylinder: 255
Sectors per Track: 63
Bytes per Sector: 512
Total Space: 500107862016 bytes

Drive: 2
Cylinders: 243201
Tracks per Cylinder: 255
Sectors per Track: 63
Bytes per Sector: 512
Total Space: 2000398934016 bytes


---------- | Windows updates - Activation - License


W.A.T : :)

Last detection : 2020-04-10 07:35:37
Downloaded last ones : 2020-04-09 07:46:07
Installed last ones : 2020-04-09 07:46:34
Next search : 2020-04-11 02:09:17

Test 1 : Windows Is Activated

Volume License


---------- | Browsers

IE : 11.0.9600.19650     (© Microsoft Corporation. Tous droits réservés.)
GC : 80.0.3987.163     (Copyright 2019 Google LLC.)

Default : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url ""

---------- | FlashPlayer

FlashPlayer ActiveX : 32.0.0.344

---------- | Security

AS : Windows Defender Disabled
WMI : OK
WU: Windows Update Service [Auto(2)] = Running
AS: Windows Defender [Manual(3)] = stopped
WMI: Windows Management Instrumentation [Auto(2)] = Running



---------- | Running processes

732 | [Owner : Système | Parent : 4(System) | 1.54 Mo] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7601.24549) = C:\Windows\System32\smss.exe     [11/03/2020 21:07:54]    CPU Usage:0 %
1028 | [Owner : Système | Parent : 808() | 6.42 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe     [14/07/2009 01:19:49]    CPU Usage:0 %
1180 | [Owner : Système | Parent : 808() | 5.37 Mo] - (.Microsoft Corporation - Application de démarrage de Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe     [14/07/2009 01:52:37]    CPU Usage:0 %
1208 | [Owner : Système | Parent : 1188() | 19.68 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe     [14/07/2009 01:19:49]    CPU Usage:0 %
1256 | [Owner : Système | Parent : 1180(wininit.exe) | 12.75 Mo] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.1.7601.24537) = C:\Windows\System32\services.exe     [11/12/2019 12:36:29]    CPU Usage:0 %
1292 | [Owner : Système | Parent : 1188() | 9.21 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.1.7601.24514) = C:\Windows\System32\winlogon.exe     [10/09/2019 19:11:43]    CPU Usage:0 %
1304 | [Owner : Système | Parent : 1180(wininit.exe) | 17.08 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.24549) = C:\Windows\System32\lsass.exe     [11/03/2020 21:07:54]    CPU Usage:0 %
1312 | [Owner : Système | Parent : 1180(wininit.exe) | 5.68 Mo] - (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe     [21/11/2010 05:23:53]    CPU Usage:0 %
1424 | [Owner : Système | Parent : 1256(services.exe) | 12.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
1500 | [Owner : Système | Parent : 1256(services.exe) | 5.85 Mo] - (.Crystal Rich Ltd - USB Safely Remove assistant service.) - (6.2.1.1284) = C:\Program Files (x86)\USB Safely Remove\USBSRService.exe     [20/09/2018 17:50:27]    CPU Usage:0 %
1548 | [Owner : SERVICE RÉSEAU | Parent : 1256(services.exe) | 12.68 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
1616 | [Owner : Système | Parent : 1256(services.exe) | 5.73 Mo] - (.AMD - AMD External Events Service Module.) - (6.14.11.1199) = C:\Windows\System32\atiesrxx.exe     [07/07/2010 03:50:54]    CPU Usage:0 %
1664 | [Owner : SERVICE LOCAL | Parent : 1256(services.exe) | 26.28 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
1696 | [Owner : Système | Parent : 1256(services.exe) | 26.91 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
1732 | [Owner : SERVICE LOCAL | Parent : 1256(services.exe) | 24.55 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
1768 | [Owner : Système | Parent : 1256(services.exe) | 63.01 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
1808 | [Owner : Système | Parent : 1256(services.exe) | 4.71 Mo] - (.Logitech Inc. - Logitech User mode UMVPF service.) - (13.40.840.0) = C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe     [15/12/2011 05:24:00]    CPU Usage:0 %
1988 | [Owner : Système | Parent : 1256(services.exe) | 7.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
1112 | [Owner : Système | Parent : 1256(services.exe) | 8.02 Mo] - (.Intel Corporation - igfxCUIService Module.) - (6.15.10.5069) = C:\Windows\System32\igfxCUIService.exe     [02/01/2018 23:02:06]    CPU Usage:0 %
1192 | [Owner : SERVICE RÉSEAU | Parent : 1256(services.exe) | 23.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
2072 | [Owner : Système | Parent : 1616(atiesrxx.exe) | 7.8 Mo] - (.AMD - AMD External Events Client Module.) - (6.14.11.1199) = C:\Windows\System32\atieclxx.exe     [07/07/2010 03:51:26]    CPU Usage:0 %
2092 | [Owner : Système | Parent : 1696(svchost.exe) | 10.46 Mo] - (.Microsoft Corporation - Composant de saisie tactile ou avec stylet Microsoft.) - (6.1.7601.23971) = C:\Windows\System32\wisptis.exe     [21/01/2018 21:09:10]    CPU Usage:0 %
2160 | [Owner : Système | Parent : 1256(services.exe) | 17.45 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.24000) = C:\Windows\System32\spoolsv.exe     [06/01/2018 22:02:18]    CPU Usage:0 %
2220 | [Owner : SERVICE LOCAL | Parent : 1256(services.exe) | 19.94 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
2404 | [Owner : Système | Parent : 1256(services.exe) | 9.01 Mo] - (.-.) - (8.0.1.8415) = C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe     [16/08/2018 14:49:02]    CPU Usage:0 %
2504 | [Owner : tolunq | Parent : 1256(services.exe) | 15.17 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe     [15/05/2016 15:08:59]    CPU Usage:0 %
2536 | [Owner : tolunq | Parent : 1768(svchost.exe) | 7.19 Mo] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe     [21/11/2010 05:24:27]    CPU Usage:0 %
2544 | [Owner : tolunq | Parent : 1696(svchost.exe) | 14.49 Mo] - (.Microsoft Corporation - Composant de saisie tactile ou avec stylet Microsoft.) - (6.1.7601.23971) = C:\Windows\System32\wisptis.exe     [21/01/2018 21:09:10]    CPU Usage:0 %
2556 | [Owner : tolunq | Parent : 1696(svchost.exe) | 15.51 Mo] - (.Microsoft Corporation - Tablet PC Input Panel Accessory.) - (6.1.7601.18984) = C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe     [15/05/2016 15:32:39]    CPU Usage:0 %
2576 | [Owner : Système | Parent : 1256(services.exe) | 4.44 Mo] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.31.1644) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe     [16/12/2018 20:29:48]    CPU Usage:0 %
2604 | [Owner : tolunq | Parent : 2404(schedul2.exe) | 5.87 Mo] - (.-.) - (8.0.1.8415) = C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe     [16/08/2018 14:22:26]    CPU Usage:0 %
2752 | [Owner : Système | Parent : 1256(services.exe) | 8.22 Mo] - (.Adobe Systems, Incorporated - Adobe Genuine Software Service.) - (6.6.0.204) = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe     [11/05/2018 12:50:52]    CPU Usage:0 %
2772 | [Owner : tolunq | Parent : 1696(svchost.exe) | 7.58 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe     [14/07/2009 01:37:38]    CPU Usage:0 %
2780 | [Owner : tolunq | Parent : 2556(TabTip.exe) | 3.35 Mo] - (.Microsoft Corporation - Tablet PC Input Panel Helper.) - (6.1.7601.18984) = C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe     [15/05/2016 15:32:39]    CPU Usage:0 %
2868 | [Owner : tolunq | Parent : 2744() | 89.65 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.23537) = C:\Windows\explorer.exe     [18/05/2017 12:59:01]    CPU Usage:0 %
2912 | [Owner : Système | Parent : 1256(services.exe) | 7.94 Mo] - (.Adobe Systems, Incorporated - Adobe Genuine Software Integrity Service.) - (6.6.0.204) = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe     [26/09/2016 12:55:26]    CPU Usage:0 %
3192 | [Owner : Système | Parent : 1256(services.exe) | 20.44 Mo] - (.AOMEI Tech Co., Ltd. - AOMEI Backupper Schedule task service.) - (4.6.2.0) = I:\AOMEI Backupper\ABService.exe     [26/03/2019 23:31:30]    CPU Usage:0 %
3436 | [Owner : tolunq | Parent : 2868(explorer.exe) | 22.16 Mo] - (.Crystal Rich Ltd - USB Safely Remove - an enhanced replacement for Windows safe removal tool.) - (6.2.1.1284) = C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe     [20/09/2018 17:50:27]    CPU Usage:0 %
3504 | [Owner : tolunq | Parent : 2868(explorer.exe) | 12.22 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.1129) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe     [23/03/2020 14:56:42]    CPU Usage:0 %
3520 | [Owner : tolunq | Parent : 2868(explorer.exe) | 7.75 Mo] - (.TomTom - System Tray application for TomTom HOME.) - (2.11.3.150) = C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe     [04/07/2018 08:29:56]    CPU Usage:0 %
3676 | [Owner : tolunq | Parent : 2868(explorer.exe) | 53.08 Mo] - (.Dashlane, Inc. - Dashlane.) - (6.2013.0.33804) = C:\Users\tolunq\AppData\Roaming\Dashlane\Dashlane.exe     [15/03/2019 14:12:14]    CPU Usage:0 %
3688 | [Owner : tolunq | Parent : 2868(explorer.exe) | 34.77 Mo] - (.Dashlane, Inc. - Dashlane Plugin Agent.) - (6.2013.0.33804) = C:\Users\tolunq\AppData\Roaming\Dashlane\DashlanePlugin.exe     [15/03/2019 14:12:14]    CPU Usage:0 %
3804 | [Owner : tolunq | Parent : 2868(explorer.exe) | 91.53 Mo] - (.Garmin Ltd. or its subsidiaries - Garmin Express.) - (6.13.1.0) = I:\garmin\Garmin\Express\express.exe     [19/03/2019 15:27:56]    CPU Usage:0 %
3816 | [Owner : tolunq | Parent : 2868(explorer.exe) | 14.9 Mo] - (.Sony - Xperia Companion Agent.) - (2.8.3.0) = C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe     [22/10/2019 18:18:10]    CPU Usage:0 %
3876 | [Owner : tolunq | Parent : 3832() | 28.64 Mo] - (.-.) - (22.0.1.13520) = C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe     [16/08/2018 15:45:52]    CPU Usage:0 %
3896 | [Owner : tolunq | Parent : 3832() | 6.11 Mo] - (.Adobe Systems Inc. - AcroTray.) - (11.0.23.22) = C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe     [01/11/2017 16:27:24]    CPU Usage:0 %
4360 | [Owner : Système | Parent : 1256(services.exe) | 6.87 Mo] - (.Apple Inc. - Bonjour Service.) - (3.0.0.10) = C:\Program Files\Bonjour\mDNSResponder.exe     [30/08/2011 23:05:32]    CPU Usage:0 %
4380 | [Owner : SERVICE LOCAL | Parent : 1256(services.exe) | 5.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
4412 | [Owner : Système | Parent : 1256(services.exe) | 35.36 Mo] - (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - (16.0.9029.2167) = C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe     [19/01/2020 22:18:09]    CPU Usage:0 %
4584 | [Owner : Système | Parent : 1256(services.exe) | 5.02 Mo] - (.Dropbox, Inc. - Dropbox Service.) - (1.0.24.0) = C:\Windows\System32\DbxSvc.exe     [01/04/2020 14:20:52]    CPU Usage:0 %
4860 | [Owner : Système | Parent : 1256(services.exe) | 19.35 Mo] - (.Apache Software Foundation - Apache HTTP Server.) - (2.4.16.0) = I:\FoscamVMS\apache2.4\bin\httpd.exe     [25/09/2019 11:53:11]    CPU Usage:0 %
4952 | [Owner : Système | Parent : 1256(services.exe) | 6.39 Mo] - (.- Work Process Manager.) - (1.0.0.1) = C:\Program Files (x86)\IPCWebComponents\IPCPlgSvr.exe     [25/08/2017 10:27:14]    CPU Usage:0 %
5000 | [Owner : Système | Parent : 1256(services.exe) | 6.22 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\IPCWebComponents\FosIPCCoreManager.exe     [30/08/2018 18:35:42]    CPU Usage:13 %
5056 | [Owner : Système | Parent : 1256(services.exe) | 6.7 Mo] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.24.738.1) = C:\Program Files\Intel\iCLS Client\HeciServer.exe     [19/06/2012 19:10:34]    CPU Usage:0 %
5104 | [Owner : Système | Parent : 1256(services.exe) | 10.44 Mo] - (.- ISCT Agent Application.) - (2.0.1083.0) = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe     [09/02/2012 16:26:48]    CPU Usage:0 %
1912 | [Owner : Système | Parent : 1256(services.exe) | 5.45 Mo] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (8.1.2.1307) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe     [18/05/2017 12:50:41]    CPU Usage:0 %
5180 | [Owner : SERVICE LOCAL | Parent : 1256(services.exe) | 10.73 Mo] - (.- KlimaLogg Pro Service.) - (1.0.1.0) = J:\KlimaLoggPro\KlimaLoggProService.exe     [14/03/2019 18:01:41]    CPU Usage:0 %
5328 | [Owner : Système | Parent : 1256(services.exe) | 30.67 Mo] - (.AO Kaspersky Lab - Kaspersky Password Manager Service.) - (9.0.2.5123) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe     [20/02/2020 16:47:06]    CPU Usage:0 %
5348 | [Owner : Système | Parent : 1256(services.exe) | 5.5 Mo] - (.Logitech Inc. - Logitech Surround Sound Service.) - (8.92.67.0) = C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe     [06/04/2017 01:05:18]    CPU Usage:0 %
5396 | [Owner : SERVICE RÉSEAU | Parent : 1256(services.exe) | 18.08 Mo] - (.Microsoft Corporation - Microsoft Office Software Protection Platform Service.) - (14.0.370.400) = C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE     [09/01/2010 21:34:24]    CPU Usage:0 %
5456 | [Owner : Système | Parent : 1256(services.exe) | 8.48 Mo] - (.Paramount Software UK Ltd - Reflect Service - Enables mounting of images.) - (5.2.6463.0) = C:\Program Files\Macrium\Reflect\ReflectService.exe     [23/01/2014 23:56:10]    CPU Usage:0 %
5484 | [Owner : Système | Parent : 1256(services.exe) | 6.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
5524 | [Owner : Système | Parent : 1256(services.exe) | 5.02 Mo] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - (2.5.5.0) = C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe     [24/07/2017 13:13:59]    CPU Usage:0 %
5560 | [Owner : SERVICE LOCAL | Parent : 1256(services.exe) | 9.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
5584 | [Owner : Système | Parent : 1256(services.exe) | 5.66 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
5608 | [Owner : Système | Parent : 1256(services.exe) | 6.36 Mo] - (.Wacom Technology, Corp. - Tablet Service for professional driver.) - (6.1.5.3) = C:\Windows\System32\Wacom_Tablet.exe     [22/01/2019 19:56:14]    CPU Usage:0 %
5744 | [Owner : Système | Parent : 1256(services.exe) | 3.56 Mo] - (.TomTom - Windows Service for TomTom HOME.) - (2.11.3.150) = C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe     [04/07/2018 08:29:58]    CPU Usage:0 %
5796 | [Owner : Système | Parent : 1256(services.exe) | 7.41 Mo] - (.Microsoft Corporation - Service de cliché instantané de volumes Microsoft®.) - (6.1.7601.17514) = C:\Windows\System32\VSSVC.exe     [21/11/2010 05:23:55]    CPU Usage:0 %
5812 | [Owner : tolunq | Parent : 5608(Wacom_Tablet.exe) | 6.1 Mo] - (.Wacom Technology, Corp. - Tablet user module for professional driver.) - (6.1.5.3) = C:\Windows\System32\WTablet\Wacom_TabletUser.exe     [22/01/2019 19:56:29]    CPU Usage:0 %
5848 | [Owner : Système | Parent : 1256(services.exe) | 17.14 Mo] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4311.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE     [17/07/2012 15:14:44]    CPU Usage:0 %
5900 | [Owner : Système | Parent : 1256(services.exe) | 5.76 Mo] - (.Sony - Xperia Companion Service.) - (2.8.3.0) = C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe     [22/10/2019 18:35:16]    CPU Usage:0 %
6052 | [Owner : Système | Parent : 5848(WLIDSVC.EXE) | 4.43 Mo] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4311.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE     [17/07/2012 15:14:44]    CPU Usage:0 %
6140 | [Owner : Système | Parent : 1424(svchost.exe) | 5.9 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (10.0.14394.1037) = C:\Windows\System32\wbem\unsecapp.exe     [01/11/2017 20:07:12]    CPU Usage:0 %
2424 | [Owner : Système | Parent : 1256(services.exe) | 382.01 Mo] - (.Malwarebytes - Malwarebytes Service.) - (3.2.0.890) = F:\Malwarebytes\Anti-Malware\MBAMService.exe     [08/04/2020 21:32:42]    CPU Usage:0 %
6480 | [Owner : Système | Parent : 5608(Wacom_Tablet.exe) | 21.42 Mo] - (.Wacom Technology, Corp. - Tablet Service for professional driver.) - (6.1.5.3) = C:\Windows\System32\Wacom_Tablet.exe     [22/01/2019 19:56:14]    CPU Usage:0 %
6700 | [Owner : tolunq | Parent : 5328(kpm_service.exe) | 151.27 Mo] - (.AO Kaspersky Lab - Kaspersky Password Manager.) - (9.0.2.5123) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe     [20/02/2020 16:47:06]    CPU Usage:0 %
6948 | [Owner : Système | Parent : 4860(httpd.exe) | 20.96 Mo] - (.Apache Software Foundation - Apache HTTP Server.) - (2.4.16.0) = I:\FoscamVMS\apache2.4\bin\httpd.exe     [25/09/2019 11:53:11]    CPU Usage:0 %
7524 | [Owner : Système | Parent : 3220() | 1.18 Mo] - (.Google LLC - Google Crash Handler.) - (1.3.35.451) = C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe     [21/03/2020 23:11:51]    CPU Usage:0 %
7904 | [Owner : Système | Parent : 1256(services.exe) | 57.07 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.24546) = C:\Windows\System32\SearchIndexer.exe     [01/03/2020 22:29:06]    CPU Usage:0 %
8052 | [Owner : tolunq | Parent : 3804(express.exe) | 89.3 Mo] - (.The CefSharp Authors - CefSharp.BrowserSubprocess.) - (57.0.0.0) = I:\garmin\Garmin\Express\CefSharp.BrowserSubprocess.exe     [18/04/2017 05:45:18]    CPU Usage:0 %
8332 | [Owner : Système | Parent : 3220() | 0.96 Mo] - (.Google LLC - Google Crash Handler.) - (1.3.35.451) = C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe     [21/03/2020 23:11:51]    CPU Usage:0 %
8620 | [Owner : SERVICE LOCAL | Parent : 1256(services.exe) | 23.49 Mo] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.5011) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe     [21/11/2010 05:24:52]    CPU Usage:0 %
8868 | [Owner : SERVICE RÉSEAU | Parent : 1256(services.exe) | 6.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
9044 | [Owner : tolunq | Parent : 8884() | 12.4 Mo] - (.Intel Corporation - igfxEM Module.) - (6.15.10.5069) = C:\Windows\System32\igfxEM.exe     [02/01/2018 23:02:06]    CPU Usage:0 %
9052 | [Owner : SERVICE LOCAL | Parent : 1256(services.exe) | 16.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
9096 | [Owner : SERVICE LOCAL | Parent : 1696(svchost.exe) | 7.26 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (6.2.9200.16384) = C:\Windows\System32\WUDFHost.exe     [15/05/2016 15:05:45]    CPU Usage:0 %
7552 | [Owner : SERVICE RÉSEAU | Parent : 1256(services.exe) | 13.9 Mo] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe     [21/11/2010 05:25:05]    CPU Usage:0 %
9300 | [Owner : Système | Parent : 1424(svchost.exe) | 9.07 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.14409.1005) = C:\Windows\System32\wbem\WmiPrvSE.exe     [01/11/2017 18:38:08]    CPU Usage:0 %
9376 | [Owner : SERVICE LOCAL | Parent : 1256(services.exe) | 14.15 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
9756 | [Owner : tolunq | Parent : 2536(taskeng.exe) | 18.52 Mo] - (.Samsung Electronics Co., Ltd. - Samsung Magician.) - (6.1.0.170) = F:\Samsung\Samsung Magician\SamsungMagician.exe     [28/01/2020 12:37:40]    CPU Usage:0 %
8216 | [Owner : tolunq | Parent : 2424(MBAMService.exe) | 46.66 Mo] - (.Malwarebytes - Malwarebytes Tray Application.) - (4.0.0.616) = F:\Malwarebytes\Anti-Malware\mbamtray.exe     [08/04/2020 21:32:42]    CPU Usage:0 %
3532 | [Owner : Système | Parent : 1256(services.exe) | 48.08 Mo] - (.Intel Corporation - IAStorDataSvc.) - (11.7.0.1013) = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe     [18/05/2017 12:40:11]    CPU Usage:0 %
6116 | [Owner : Système | Parent : 1256(services.exe) | 5.02 Mo] - (.Intel Corporation - Intel(R) ME Service.) - (8.1.0.1265) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe     [18/05/2017 12:50:42]    CPU Usage:0 %
3084 | [Owner : Système | Parent : 1256(services.exe) | 14.78 Mo] - (.AO Kaspersky Lab - Kaspersky Secure Connection.) - (20.0.14.1085) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe     [21/03/2019 06:04:02]    CPU Usage:0 %
8304 | [Owner : Système | Parent : 1256(services.exe) | 6.33 Mo] - (.Intel Corporation - Local Manageability Service.) - (8.1.0.1281) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe     [18/05/2017 12:50:03]    CPU Usage:0 %
7344 | [Owner : Système | Parent : 1256(services.exe) | 14 Mo] - (.Intel Corporation - User Notification Service.) - (8.1.0.1281) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe     [18/05/2017 12:50:18]    CPU Usage:0 %
3992 | [Owner : tolunq | Parent : 3084(ksde.exe) | 4.25 Mo] - (.AO Kaspersky Lab - Kaspersky Secure Connection.) - (20.0.21.1325) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksdeui.exe     [23/03/2020 19:54:50]    CPU Usage:0 %
9524 | [Owner : tolunq | Parent : 1256(services.exe) | 13.79 Mo] - (.Microsoft Corporation - Serveur de personnalisation d’entrée.) - (6.1.7600.16385) = C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe     [14/07/2009 02:03:06]    CPU Usage:0 %
10780 | [Owner : tolunq | Parent : 1424(svchost.exe) | 90.7 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.23537) = C:\Windows\explorer.exe     [18/05/2017 12:59:01]    CPU Usage:0 %
6796 | [Owner : SERVICE LOCAL | Parent : 1664(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (6.1.7601.24523) = C:\Windows\System32\audiodg.exe     [04/10/2019 20:07:56]    CPU Usage:0 %
1724 | [Owner : Système | Parent : 1768(svchost.exe) | 6.79 Mo] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe     [21/11/2010 05:24:27]    CPU Usage:0 %
4008 | [Owner : Système | Parent : 7904(SearchIndexer.exe) | 11.2 Mo] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7601.24546) = C:\Windows\System32\SearchProtocolHost.exe     [01/03/2020 22:29:05]    CPU Usage:0 %
8832 | [Owner : tolunq | Parent : 2868(explorer.exe) | 53.49 Mo] - (.SosVirus - QuickDiag.) - (6.98.20.2) = C:\Users\tolunq\Desktop\QuickDiag.exe     [09/04/2020 19:06:45]    CPU Usage:0 %
5268 | [Owner : SERVICE RÉSEAU | Parent : 1424(svchost.exe) | 8.1 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.14409.1005) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe     [01/11/2017 18:38:08]    CPU Usage:0 %
9680 | [Owner : SERVICE RÉSEAU | Parent : 1256(services.exe) | 9.71 Mo] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe     [21/11/2010 05:23:56]    CPU Usage:0 %

---------- | Locked Applications


---------- | Policy Restrictions


---------- | Explorer.exe Modules (Microsoft Files Whitelisted)

(..-..) - (0.0.0.0) -- C:\Users\tolunq\AppData\Local\MEGAsync\ShellExtX64.dll
(..-..) - (20.0.0.3146) -- C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
(.Dropbox, Inc..-.Dropbox Shell Extension.) - (1.0.37.0) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll
(..-.fzshellext Dynamic Link Library.) - (3.38.1.0) -- i:\FileZilla FTP Client\fzshellext_64.dll
(.Alexander Roshal.-.WinRAR shell extension.) - (5.71.0.0) -- C:\Program Files\WinRAR\rarext.dll
(.AO Kaspersky Lab.-.Shell Extension.) - (20.0.19.1327) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll
(.AO Kaspersky Lab.-.Helper Library.) - (30.0.3762.27) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\remote_eka_prague_loader.dll
(.AO Kaspersky Lab.-.PR_REMOTE.) - (30.253.92.0) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\prremote.dll
(.AO Kaspersky Lab.-.Kaspersky Product Info library.) - (20.0.20.1311) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\product_info.dll
(.AO Kaspersky Lab.-.Product Metainformation.) - (20.0.22.1412) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\product_metainfo.dll
(.AO Kaspersky Lab.-.Component service provider.) - (30.0.3762.27) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\kl_service.dll
(.Axantum Software AB.-.AxCrypt Shell Extension.) - (1.7.2067.0) -- C:\Program Files\Axantum\AxCrypt\AxCryptShellExt.dll
(.Adobe Systems Inc..-.Adobe Acrobat Context Menu.) - (11.0.0.379) -- C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll
(.Adobe Systems Inc..-.Adobe Acrobat Context Menu.) - (11.0.0.379) -- C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\fr_fr\Acrobat Elements\ContextMenuShim64.fra
(.Intel Corporation.-.igfxDTCM Module.) - (6.15.10.5069) -- C:\Windows\system32\igfxDTCM.dll
(.Intel Corporation.-.igfxDH Module.) - (6.15.10.5069) -- C:\Windows\system32\igfxDH.dll
(.Intel Corporation.-.igfxLHM Module.) - (6.15.10.5069) -- C:\Windows\system32\igfxLHM.dll
(.Intel Corporation.-.igfxDI Module.) - (6.15.10.5069) -- C:\Windows\system32\igfxDI.dll
(.Advanced Micro Devices, Inc..-.AMD Desktop Control Panel.) - (6.14.10.2001) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
(.Advanced Micro Devices, Inc..-.AMD Desktop Control Panel.) - (6.14.10.2001) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamfra.dll
(.Piriform Ltd.-.Recuva shell extensions.) - (1.53.0.1087) -- C:\Program Files\Recuva\RecuvaShell64.dll

---------- | Explorer.exe Modules (Microsoft Files Whitelisted)


---------- | Winlogon.exe Modules (Microsoft Files Whitelisted)


---------- | svchost.exe Modules (Microsoft Files Whitelisted)

(.Apple Inc..-.Bonjour Namespace Provider.) - (3.0.0.10) -- C:\Program Files\Bonjour\mdnsNSP.dll
(.Apple Inc..-.Bonjour Client Library.) - (3.0.0.10) -- C:\Windows\system32\dnssd.dll
(.IMI Kurwica.-.IMI Kurwica SLC for ESU.) - (1.2.0.0) -- C:\Windows\system32\sle.dll

---------- | ZeroAccess Check

[HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll
[HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll
[HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll

---------- | Startings up

TomTomHOME.exe - ("C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\...\Run]) - User: tolunq-PC\tolunq
Dashlane - ("C:\Users\tolunq\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup [HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\...\Run]) - User: tolunq-PC\tolunq
DashlanePlugin - ("C:\Users\tolunq\AppData\Roaming\Dashlane\DashlanePlugin.exe" ws [HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\...\Run]) - User: tolunq-PC\tolunq
GarminExpress - ("I:\garmin\Garmin\Express\express.exe" /minimized [HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\...\Run]) - User: tolunq-PC\tolunq
XperiaCompanionAgent - ("C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe" [HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\...\Run]) - User: tolunq-PC\tolunq
kpm.exe - ("C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe" autoStart [HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\...\Run]) - User: tolunq-PC\tolunq
AdobeGCInvoker-1.0 - ("C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe" [HKLM\SOFTWARE\...\Run]) - User: Public
USB Safely Remove - ("C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe" /startup [HKLM\SOFTWARE\...\Run]) - User: Public
Acronis Scheduler2 Service - (C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [HKLM\SOFTWARE\...\Run]) - User: Public
AdobeAAMUpdater-1.0 - ("C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [HKLM\SOFTWARE\...\Run]) - User: Public
WinZip UN - (G:\WinZip\WZUpdateNotifier.exe -show [HKLM\SOFTWARE\...\Run]) - User: Public
RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s [HKLM\SOFTWARE\...\Run]) - User: Public

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Microsoft\Command Processor]
"CompletionChar"=9   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=9   
"DelayedExpansion"=0   

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"   
"Dashlane"="C:\Users\tolunq\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup   
"DashlanePlugin"="C:\Users\tolunq\AppData\Roaming\Dashlane\DashlanePlugin.exe" ws   
"GarminExpress"="I:\garmin\Garmin\Express\express.exe" /minimized   
"XperiaCompanionAgent"="C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe"   
"kpm.exe"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe" autoStart   

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"UserSelectedDefault"=1   
"MenuDropAlignment"=1   
"Device"=Canon MP560 series Printer,winspool,Ne03:   

[HKLM\Software\Microsoft\Command Processor]
"CompletionChar"=64   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=64   
"DelayedExpansion"=0   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeGCInvoker-1.0"="C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"   
"USB Safely Remove"="C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe" /startup   
"Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe   [16/08/2018 14:22:26]
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"   
"WinZip UN"=G:\WinZip\WZUpdateNotifier.exe -show   
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s   

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"IconServiceLib"=IconCodecService.dll   
"DdeSendTimeout"=0   
"DesktopHeapLogging"=1   
"GDIProcessHandleQuota"=10000   
"ShutdownWarningDialogTimeout"=4294967295   
"USERNestedWindowLimit"=50   
"USERPostMessageLimit"=10000   
"USERProcessHandleQuota"=10000   
""=mnmsrvc   
"DeviceNotSelectedTimeout"=15   
"Spooler"=yes   
"TransmissionRetryTimeout"=90   
"RequireSignedAppInit_DLLs"=1   
"AppInit_DLLs"=   
"LoadAppInit_DLLs"=0   

[HKLM\Software\WOW6432Node\Microsoft\Command Processor]
"CompletionChar"=64   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=64   
"DelayedExpansion"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run]
"AcronisTibMounterMonitor"=C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe   [16/08/2018 14:19:52]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe   [16/08/2018 15:45:52]
""=   
"Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"   
"Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup   
"KeePass 2 PreLoad"="C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows]
"IconServiceLib"=IconCodecService.dll   
"DdeSendTimeout"=0   
"DesktopHeapLogging"=1   
"GDIProcessHandleQuota"=10000   
"ShutdownWarningDialogTimeout"=4294967295   
"USERNestedWindowLimit"=50   
"USERPostMessageLimit"=10000   
"USERProcessHandleQuota"=10000   
""=mnmsrvc   
"DeviceNotSelectedTimeout"=15   
"Spooler"=yes   
"TransmissionRetryTimeout"=90   
"LoadAppInit_DLLs"=0   
"AppInit_DLLs"=   

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED}   


---------- | Win.ini : 



---------- | System.ini : 



---------- | Tasks List

Adobe Acrobat Update Task
Adobe Flash Player Updater
AdobeAAMUpdater-1.0-tolunq-PC-tolunq
AdobeGCInvoker-1.0
AMD Updater
CorelUpdateHelperTaskCore
DropboxUpdateTaskMachineCore
DropboxUpdateTaskMachineUA
EOSv3 Scheduler onLogOn
EOSv3 Scheduler onTime
GarminUpdaterTask
GoogleUpdateTaskMachineCore
GoogleUpdateTaskMachineUA
ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
OneDrive Standalone Update Task-S-1-5-21-2440877392-4245707990-3840087772-1000
SamsungMagician
{AB5A0C61-4553-4280-9400-3DA68DB8D1B2}
{EC93F6F6-B5BC-485A-AB95-B709870C5E14}

---------- | Startings up registry ¦ Folder

[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Avira SystrayStartTrigger] : "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"  

---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server


[HKLM\System\CurrentControlSet\Control]
"PreshutdownOrder"=wuauserv
gpsvc
trustedinstaller   
"WaitToKillServiceTimeout"=2000   
"CurrentUser"=USERNAME   
"BootDriverFlags"=0   
"ServiceControlManagerExtension"=%systemroot%\system32\scext.dll   
"SystemStartOptions"= NOEXECUTE=OPTIN   
"SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(1)   
"FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1)   

[HKLM\System\CurrentControlSet\Control\lsa]
"auditbaseobjects"=0   
"auditbasedirectories"=0   
"crashonauditfail"=0   
"fullprivilegeauditing"=0x00   
"Bounds"=0x0030000000200000   
"LimitBlankPasswordUse"=1   
"NoLmHash"=1   
"Notification Packages"=scecli   
"Security Packages"=kerberos
msv1_0
schannel
wdigest
tspkg
pku2u
livessp   
"Authentication Packages"=msv1_0   
"LsaPid"=1304   
"SecureBoot"=1   
"ProductType"=6   
"disabledomaincreds"=0   
"everyoneincludesanonymous"=0   
"forceguest"=0   
"restrictanonymous"=0   
"restrictanonymoussam"=1   
"enabledcom"=y   

[HKLM\System\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"=credssp.dll   

[HKLM\System\CurrentControlSet\Control\Session Manager]
"CriticalSectionTimeout"=2592000   
"GlobalFlag"=0   
"HeapDeCommitFreeBlockThreshold"=0   
"HeapDeCommitTotalFreeThreshold"=0   
"HeapSegmentCommit"=0   
"HeapSegmentReserve"=0   
"ProcessorControl"=2   
"ResourceTimeoutCount"=648000   
"BootExecute"=   
"ExcludeFromKnownDlls"=   
"ObjectDirectories"=\Windows
\RPC Control   
"ProtectionMode"=1   
"NumberOfInitialSessions"=2   
"SetupExecute"=   
"PendingFileRenameOperations"=\??\C:\Windows\system32\WPRO_41_2001woem.tmp

\??\C:\Windows\system32\WPRO_41_2001woem_nm.tmp
   

[HKLM\System\CurrentControlSet\Control\Terminal Server]
"RCDependentServices"=CertPropSvc
SessionEnv   
"NotificationTimeOut"=0   
"SnapshotMonitors"=1   
"ProductVersion"=5.1   
"AllowRemoteRPC"=0   
"DelayConMgrTimeout"=0   
"fDenyTSConnections"=1   
"StartRCM"=0   
"TSAdvertise"=0   
"DeleteTempDirsOnExit"=1   
"fSingleSessionPerUser"=1   
"PerSessionTempDir"=0   
"TSUserEnabled"=0   
"InstanceID"=72124df1-40dd-4d4c-a880-3042b5d   
"fCredentialLessLogonSupported"=1   
"fCredentialLessLogonSupportedTSS"=1   
"fCredentialLessLogonSupportedKMRDP"=1   


---------- | .LNK with Arguments

c:\programdata\microsoft\windows\start menu\programs\flying model simulator\visit fms official website.lnk - Encrypted: False - Target: C:\Program Files\Internet Explorer\iexplore.exe - Args: (hxxp://simulator.home.pages.de) - Hidden: False - Status: OK

---------- | AppCertDlls


---------- | Dnsapi.dll

C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts
C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts

---------- | Policies | Registry

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Control Panel\Desktop]
"ScreenSaveActive"=1   
"ActiveWndTrackTimeout"=0   
"BlockSendInputResets"=0   
"CaretWidth"=1   
"ClickLockTime"=1200   
"CoolSwitchColumns"=7   
"CoolSwitchRows"=3   
"CursorBlinkRate"=530   
"DockMoving"=1   
"DragFromMaximize"=1   
"DragFullWindows"=1   
"DragHeight"=4   
"DragWidth"=4   
"FocusBorderHeight"=1   
"FocusBorderWidth"=1   
"FontSmoothing"=2   
"FontSmoothingGamma"=0   
"FontSmoothingOrientation"=1   
"FontSmoothingType"=2   
"ForegroundFlashCount"=7   
"ForegroundLockTimeout"=200000   
"LeftOverlapChars"=3   
"MenuShowDelay"=400   
"PaintDesktopVersion"=0   
"RightOverlapChars"=3   
"SnapSizing"=1   
"TileWallpaper"=0   
"WallpaperOriginX"=0   
"WallpaperOriginY"=0   
"WallpaperStyle"=10   
"WheelScrollChars"=3   
"WheelScrollLines"=5   
"WindowArrangementActive"=1   
"UserPreferencesMask"=0x9E3E058012000000   
"Wallpaper"=   
"LogPixels"=130   
"Pattern Upgrade"=TRUE   
"ScreenSaveTimeOut"=6060   
"ScreenSaverIsSecure"=0   
"WaitToKillAppTimeout"=2000   
"HungAppTimeout"=2000   

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=255   
"NoDrives"=0   

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{871C5380-42A0-1069-A2EA-08002B30309D}"=0   

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer]
"ExplorerStartupTraceRecorded"=1   
"ShellState"=0x240000003028000000000000000000000000000001000000120000000000000022000000   
"CleanShutdown"=0   
"Browse For Folder Width"=462   
"Browse For Folder Height"=376   
"EnableAutoTray"=1   
"link"=0x1E000000   

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_SearchFiles"=2   
"ServerAdminUI"=0   
"Hidden"=1   
"ShowCompColor"=1   
"HideFileExt"=0   
"DontPrettyPath"=0   
"ShowInfoTip"=1   
"MapNetDrvBtn"=0   
"WebView"=1   
"Filter"=0   
"SuperHidden"=1   
"SeparateProcess"=1   
"AutoCheckSelect"=0   
"IconsOnly"=0   
"ShowTypeOverlay"=1   
"ListviewAlphaSelect"=1   
"ListviewShadow"=1   
"TaskbarAnimations"=1   
"StartMenuInit"=4   
"Start_ShowMyGames"=1   
""=0   
"ShowSuperHidden"=1   
"TaskbarSizeMove"=1   
"Start_MinMFU"=10   
"Start_JumpListItems"=10   
"DisablePreviewDesktop"=0   
"TaskbarSmallIcons"=0   
"TaskbarGlomLevel"=0   
"Start_PowerButtonAction"=2   
"Start_ShowRecentDocs"=1   
"Start_ShowMyDocs"=1   
"HideIcons"=0   

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery]
"MRUListEx"=0x0000000018000000190000001600000014000000150000001700000013000000120000001100000010000000370000000F0000000E0000000A0000000C0000000900000008000000070000000600000005000000040000005B0000000200000001000000630000002B000000620000000B00000061000000600000005F0000005E0000005D000000440000005C000000590000005A00000058000000570000000D000000560000005500000050000000540000005300000052000000510000004F000000450000004E0000004D000000470000004C0000004A0000004B00000049000000480000004600000003000000430000004200000041000000400000003F0000003E0000003C0000003D0000003B0000003A00000034000000390000003800000036000000350000002D0000003300000032000000310000002E00000022000000300000002F0000002C0000002A0000002900000028000000270000002600000025000000230000002400000021000000200000001F0000001E0000001D0000001C0000001B0000001A000000FFFFFFFF   
"26"=0x4D004400500048000000   
"27"=0x67007500690074006100720065000000   
"28"=0x6300680061006E0073006F006E0073000000   
"29"=0x2A002E0044004F00430058000000   
"30"=0x7A00740076000000   
"31"=0x770069006E007A00690070000000   
"32"=0x61006C006C00200069006E0063006C00750073006900760065000000   
"33"=0x6C00650073002000670061006D0069006E0073000000   
"36"=0x63007200610063006B0020006F00660066006900630065000000   
"35"=0x70006F0075007200200069006E007300740061006C006C006100740069006F006E002000700063000000   
"37"=0x63006C0069006F000000   
"38"=0x70006500720073006F000000   
"39"=0x62006F00690073000000   
"40"=0x7600690073006900740065007500720073000000   
"41"=0x740069006E006900740069006E000000   
"42"=0x6D006500750072007400720065007300200061000000   
"44"=0x6D006500750072007400720065000000   
"47"=0x78006C0073000000   
"48"=0x2A002E0078006C0073000000   
"34"=0x7000720067000000   
"46"=0x61006E0061006C0079007300650073000000   
"49"=0x730061006E0066000000   
"50"=0x730061006E0067000000   
"51"=0x630061006D00700069006E0067000000   
"45"=0x740065006E00730069006F006E000000   
"53"=0x7200650063007500720061000000   
"54"=0x65006C0065006300740072006F006C00750078000000   
"56"=0x75006E00690076006500720073006500320067006F000000   
"57"=0x770068006100740073006100700070000000   
"52"=0x65007300650074000000   
"58"=0x78000000   
"59"=0x6A00750069006E000000   
"61"=0x73006100750076006500670061007200640065000000   
"60"=0x730061006D00730075006E0067000000   
"62"=0x74006F006D0074006F006D000000   
"63"=0x6600690072007300740020006D0061006E000000   
"64"=0x6C006F0063006B000000   
"65"=0x730063007200650065006E000000   
"66"=0x2A002E00610070006B000000   
"67"=0x6C006F0063006B00730063007200650065006E000000   
"3"=0x650063006F006E006F006D006900650073000000   
"70"=0x61006300740069007600610074006F00720073000000   
"72"=0x6E00650072006F000000   
"73"=0x500048004F0054004F00530048004F0050000000   
"75"=0x700069006C006F007400650073000000   
"74"=0x43004300200032003000310037000000   
"76"=0x6100630072006F006200610074000000   
"71"=0x61007800630072007900700074000000   
"77"=0x6400690073006B0070006100720074000000   
"78"=0x4D0053004F002E0044004C004C000000   
"69"=0x6F00660066006900630065000000   
"79"=0x6F0066006600690063006500200032003000310036000000   
"81"=0x2A002E0069006D0067000000   
"82"=0x4B004500530050004500520053004B0059000000   
"83"=0x4B004100530050004500520053004B0059000000   
"84"=0x2A002E005200410052000000   
"80"=0x2A002E00490053004F000000   
"85"=0x440052004900560045005200530020004D0041000000   
"86"=0x4D004F00420049004C0045000000   
"13"=0x2A002E005000440046000000   
"87"=0x6400610074006500640065006D006F00640069006600690063006100740069006F006E003A000E20320031002F000E20300031002F000E2032003000320030000000   
"88"=0x460049004C004C004500200046004100430049004C0045000000   
"90"=0x44004900450055000000   
"89"=0x43004F00440045000000   
"92"=0x680061006C0066000000   
"68"=0x6D006100670069006300690061006E000000   
"93"=0x760069006E000000   
"94"=0x6D00650067006100730079006E0063000000   
"95"=0x630073000000   
"96"=0x63006F0075006E007400650072000000   
"97"=0x43006F0075006E00740065007200200053007400720069006B006500200047006C006F00620061006C0020004F006600660065006E00730069007600650020002E007A00690070000000   
"11"=0x2A002E006A0070000000   
"98"=0x43006F0075006E007400650072002D0053007400720069006B006500200047004F002000700061007400630068000000   
"43"=0x6D0065007500720074007200650073000000   
"99"=0x73006B00690070007000650072000000   
"1"=0x680065006C0065006E0065000000   
"2"=0x6E00610070006F006C0065006F006E002000610020007300610069006E00740065002000680065006C0065006E0065000000   
"91"=0x6E00610070006F006C0065006F006E000000   
"4"=0x7600690072007400750061006C00200073006B00690070007000650072000000   
"5"=0x2A002E006D00700033000000   
"6"=0x760073006B000000   
"7"=0x6200610074006D0061006E000000   
"8"=0x6A006F0063006B00650072000000   
"9"=0x63006F006D006D0065006E007400200069006E007300740061006C006C006500720020006B006100730070006500720073006B007900200074006F00740061006C002000730065006300750072006900740079000000   
"12"=0x6C0069007300740065000000   
"10"=0x6C00610020006E00650075007600690065006D006500200070006F007200740065000000   
"14"=0x6100750020006E006F006D0020006400650020006C0061002000740065007200720065000000   
"15"=0x72006F006C0061006E0064000000   
"55"=0x6400690073006E00650079000000   
"16"=0x68006F007300740073000000   
"17"=0x630063006C0065006E006500610072000000   
"18"=0x2A002E000000   
"19"=0x2A002E00610076000000   
"23"=0x2A002E006100760069000000   
"21"=0x59004F0055005400550042004500200042005900200043004C00490043004B0020005000520045004D00490055004D000000   
"20"=0x59006F0075005400750062006500200042007900200043006C00690063006B000000   
"22"=0x770061007700610063006900740079000000   
"25"=0x79006F00750074006F006D00610074006F000000   
"24"=0x79006F00750074007500620065000000   
"0"=0x2A002E006A00700067000000   

[HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers]
"authenticodeenabled"=0   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5   
"ConsentPromptBehaviorUser"=3   
"EnableInstallerDetection"=1   
"EnableLUA"=1   
"EnableSecureUIAPaths"=1   
"EnableUIADesktopToggle"=0   
"EnableVirtualization"=1   
"PromptOnSecureDesktop"=1   
"ValidateAdminCodeSignatures"=0   
"dontdisplaylastusername"=0   
"legalnoticecaption"=   
"legalnoticetext"=   
"scforceoption"=0   
"shutdownwithoutlogon"=1   
"undockwithoutlogon"=1   
"FilterAdministratorToken"=0   
"DSCAutomationHostEnabled"=2   
"EnableLinkedConnections"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=255   
"NoDriveAutoRun"=67108863   
"NoDrives"=0   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=1   
"NoComponents"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1   
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1   
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1   
"{871C5380-42A0-1069-A2EA-08002B30309D}"=1   
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1   
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1   
"{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1   
"{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu]
"{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced   
"Text"=@shell32.dll,-30500   
"Type"=radio   
"CheckedValue"=1   
"ValueName"=Hidden   
"DefaultValue"=2   
"HKeyRoot"=2147483649   
"HelpID"=shell.hlp#51105   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer]
"ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}   
"BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd}   
"GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}   
"LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}   
"FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}   
"IconUnderline"=2   
"GlobalAssocChangedCounter"=126   
"SmartScreenEnabled"=Off   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"TaskbarSizeMove"=0   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations]
"Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s   

[HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers]
"authenticodeenabled"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5   
"ConsentPromptBehaviorUser"=3   
"EnableInstallerDetection"=1   
"EnableLUA"=1   
"EnableSecureUIAPaths"=1   
"EnableUIADesktopToggle"=0   
"EnableVirtualization"=1   
"PromptOnSecureDesktop"=1   
"ValidateAdminCodeSignatures"=0   
"dontdisplaylastusername"=0   
"legalnoticecaption"=   
"legalnoticetext"=   
"scforceoption"=0   
"shutdownwithoutlogon"=1   
"undockwithoutlogon"=1   
"FilterAdministratorToken"=0   
"DSCAutomationHostEnabled"=2   
"EnableLinkedConnections"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=255   
"NoDriveAutoRun"=67108863   
"NoDrives"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=1   
"NoComponents"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1   
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1   
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1   
"{871C5380-42A0-1069-A2EA-08002B30309D}"=1   
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1   
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1   
"{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1   
"{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu]
"{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced   
"Text"=@shell32.dll,-30500   
"Type"=radio   
"CheckedValue"=1   
"ValueName"=Hidden   
"DefaultValue"=2   
"HKeyRoot"=2147483649   
"HelpID"=shell.hlp#51105   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer]
"ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}   
"BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd}   
"GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}   
"LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}   
"FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}   
"IconUnderline"=2   
"GlobalAssocChangedCounter"=208   
"SmartScreenEnabled"=Off   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"TaskbarSizeMove"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations]
"Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s   


---------- | Winlogon 

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin   
"BuildNumber"=7601   
"FirstLogon"=0   
"ParseAutoexec"=1   

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ReportBootOk"=1   
"Shell"=explorer.exe   
"PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16}   
"Userinit"=C:\Windows\System32\Userinit.exe,   
"VMApplet"=SystemPropertiesPerformance.exe /pagefile   
"AutoRestartShell"=1   
"Background"=0 0 0   
"CachedLogonsCount"=10   
"DebugServerCommand"=no   
"ForceUnlockLogon"=0   
"LegalNoticeCaption"=   
"LegalNoticeText"=   
"PasswordExpiryWarning"=5   
"PowerdownAfterShutdown"=0   
"ShutdownWithoutLogon"=0   
"WinStationsDisabled"=0   
"DisableCAD"=1   
"scremoveoption"=0   
"ShutdownFlags"=43   
"AutoAdminLogon"=0   
"DefaultUserName"=tolunq   
"LegalNotice Text"=   
"SFCDisable"=0   
"System"=   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ReportBootOk"=1   
"Shell"=explorer.exe   
"PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16}   
"DefaultDomainName"=   
"DefaultUserName"=   
"Userinit"=C:\Windows\System32\Userinit.exe,   
"VMApplet"=SystemPropertiesPerformance.exe /pagefile   
"AUTORESTARTSHELL"=1   


---------- | Associations

[HKLM\Software\Classes\.exe]
""=exefile   
"Content Type"=application/x-msdownload   

[HKLM\Software\Classes\exefile\Shell\Open\Command]
""="%1" %*   
"IsolatedCommand"="%1" %*   

[HKLM\Software\Classes\.com]
""=ComFile   

[HKLM\Software\Classes\comfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.reg]
""=regfile   

[HKLM\Software\Classes\regfile\Shell\Open\Command]
""=regedit.exe "%1"   

[HKLM\Software\Classes\.scr]
""=scrfile   

[HKLM\Software\Classes\scrfile\Shell\Open\Command]
""="%1" /S   

[HKLM\Software\Classes\.bat]
""=batfile   

[HKLM\Software\Classes\batfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.cmd]
""=cmdfile   

[HKLM\Software\Classes\cmdfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.pif]
""=piffile   

[HKLM\Software\Classes\piffile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.inf]
""=inffile   

[HKLM\Software\Classes\inffile\Shell\Open\Command]
""=%SystemRoot%\System32\NOTEPAD.EXE %1   

[HKLM\Software\Classes\.url]
""=InternetShortcut   

[HKLM\Software\Classes\.lnk]
""=lnkfile   

[HKLM\Software\Classes\.hta]
"PerceivedType"=text   
""=htafile   
"Content Type"=application/hta   

[HKLM\Software\Classes\htafile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\InternetShortcut]
"NeverShowExt"=   
"InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"EditFlags"=2   
"FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"IsShortcut"=   
"FriendlyTypeName"=@C:\Windows\system32\ieframe.dll,-10046   
"PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment   
""=Raccourci Internet   

[HKLM\Software\Classes\Application.Manifest]
""=Application Manifest   
"EditFlags"=65536   
"BrowserFlags"=4096   
"FriendlyTypeName"=@dfshim.dll,-200   

[HKLM\Software\Classes\Application.Reference]
"NeverShowExt"=   
""=Application Reference   
"IsShortcut"=   
"EditFlags"=131072   
"FriendlyTypeName"=@dfshim.dll,-201   

[HKLM\Software\Classes\Folder]
"ContentViewModeLayoutPatternForBrowse"=delta   
"ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified   
"ContentViewModeLayoutPatternForSearch"=alpha   
"ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay   
""=Folder   
"EditFlags"=0xD2030000   
"FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size   
"NoRecentDocs"=   
"ThumbnailCutoff"=0   
"TileInfo"=prop:System.Title;System.ItemTypeText   

[HKLM\Software\WOW6432Node\Classes\.exe]
""=exefile   
"Content Type"=application/x-msdownload   

[HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command]
""="%1" %*   
"IsolatedCommand"="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.com]
""=ComFile   

[HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.reg]
""=regfile   

[HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command]
""=regedit.exe "%1"   

[HKLM\Software\WOW6432Node\Classes\.scr]
""=scrfile   

[HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command]
""="%1" /S   

[HKLM\Software\WOW6432Node\Classes\.bat]
""=batfile   

[HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.cmd]
""=cmdfile   

[HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.pif]
""=piffile   

[HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.inf]
""=inffile   

[HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command]
""=%SystemRoot%\System32\NOTEPAD.EXE %1   

[HKLM\Software\WOW6432Node\Classes\.url]
""=InternetShortcut   

[HKLM\Software\WOW6432Node\Classes\.lnk]
""=lnkfile   

[HKLM\Software\WOW6432Node\Classes\.hta]
"PerceivedType"=text   
""=htafile   
"Content Type"=application/hta   

[HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\InternetShortcut]
"NeverShowExt"=   
"InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"EditFlags"=2   
"FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"IsShortcut"=   
"FriendlyTypeName"=@C:\Windows\system32\ieframe.dll,-10046   
"PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment   
""=Raccourci Internet   

[HKLM\Software\WOW6432Node\Classes\Application.Manifest]
""=Application Manifest   
"EditFlags"=65536   
"BrowserFlags"=4096   
"FriendlyTypeName"=@dfshim.dll,-200   

[HKLM\Software\WOW6432Node\Classes\Application.Reference]
"NeverShowExt"=   
""=Application Reference   
"IsShortcut"=   
"EditFlags"=131072   
"FriendlyTypeName"=@dfshim.dll,-201   

[HKLM\Software\WOW6432Node\Classes\Folder]
"ContentViewModeLayoutPatternForBrowse"=delta   
"ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified   
"ContentViewModeLayoutPatternForSearch"=alpha   
"ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay   
""=Folder   
"EditFlags"=0xD2030000   
"FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size   
"NoRecentDocs"=   
"ThumbnailCutoff"=0   
"TileInfo"=prop:System.Title;System.ItemTypeText   

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command]
""="C:\Program Files\Mozilla Firefox\firefox.exe"   
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo]
"ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal

[HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command]
""="C:\Program Files\Mozilla Firefox\firefox.exe"   
[HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo]
"ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal

[HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command]
""=   
[HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo]
"ReinstallCommand"=

[HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command]
""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"   
[HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser

[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command]
""="C:\Program Files (x86)\Internet Explorer\iexplore.exe"   
[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command]
""="C:\Program Files\Mozilla Firefox\firefox.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo]
"ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command]
""=   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo]
"ReinstallCommand"=

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command]
""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command]
""="C:\Program Files (x86)\Internet Explorer\iexplore.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall


---------- | AppcompatFlags

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
"SIGN.MEDIA=1891F9 AUTORUN.EXE"=1
"SIGN.MEDIA=BFD5E MSETUP4.EXE"=1
"SIGN.MEDIA=A48214 Setup.exe"=1
"SIGN.MEDIA=6192C8 Setup\setup.exe"=1
"SIGN.MEDIA=378492 Install Navigator.exe"=1
"C:\Program Files (x86)\Windows Live\Mail\wlmail.exe"=1
"SIGN.MEDIA=369A6 Welcome.exe"=1
"SIGN.MEDIA=2EA6A0 Welcome.exe"=1
"SIGN.MEDIA=2EA6A0 Autorun.exe"=1
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"=1
"SIGN.MEDIA=1E50C77 pour installation PC-activateurs office et windows\activateurs microsoft office et windows\Activators\Office 2010 Toolkit.exe"=1
"SIGN.MEDIA=3999B2 Pinnacle-Studio_21_Installer.exe"=1
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOME.exe"=1
"SIGN.MEDIA=2EB99C2B mSetup.exe"=1
"SIGN.MEDIA=FA6E2 Install.exe"=1
"SIGN.MEDIA=226E2836 mSetup.exe"=1
"SIGN.MEDIA=7BFD36E9 setup.exe"=1
"SIGN.MEDIA=333982E OriginSetup.exe"=1
"SIGN.MEDIA=CAA9B6C6 setup.exe"=1
"SIGN.MEDIA=512FE00 fms.exe"=1
"SIGN.MEDIA=512FE00 BMIflightsimulator_021b.exe"=1
"SIGN.MEDIA=1B4DD91 setup.exe"=1
"SIGN.MEDIA=39E52 ATISETUP.EXE"=1
"E:\PROGRAMMES\Samsung_Magician_Installer\Samsung_Magician_Installer.exe"=1
"C:\Windows\System32\msiexec.exe"=1


---------- | IFEO


---------- | Mountpoints2


---------- | Windows

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
"MouseSpeed"=#USR:Control Panel\Mouse   
"MouseThreshold1"=#USR:Control Panel\Mouse   
"MouseThreshold2"=#USR:Control Panel\Mouse   
"SwapMouseButtons"=#USR:Control Panel\Mouse   
"Beep"=#USR:Control Panel\Sound   
"DoubleClickSpeed"=#USR:Control Panel\Mouse   
"CoolSwitch"=USR:Control Panel\Desktop   
"DoubleClickHeight"=#USR:Control Panel\Mouse   
"DoubleClickWidth"=#USR:Control Panel\Mouse   
"DragFullWindows"=USR:Control Panel\Desktop   
"InitialKeyboardIndicators"=USR:Control Panel\Keyboard   
"LowPowerActive"=#USR:Control Panel\Desktop   
"LowPowerTimeOut"=#USR:Control Panel\Desktop   
"PowerOffActive"=#USR:Control Panel\Desktop   
"PowerOffTimeOut"=#USR:Control Panel\Desktop   
"ScreenSaveActive"=#USR:Control Panel\Desktop   
"ScreenSaveTimeOut"=#USR:Control Panel\Desktop   
"SnapToDefaultButton"=#USR:Control Panel\Mouse   
""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows   
"Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows   
"TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW   
"DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
""=@SYS:Software\Swearware\dump   

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot   
"ScreenSaverActive"=USR:Control Panel\Desktop   
"ScreenSaverIsSecure"=USR:Control Panel\Desktop   
"SCRNSAVE.EXE"=USR:Control Panel\Desktop   
"Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
"MouseSpeed"=#USR:Control Panel\Mouse   
"MouseThreshold1"=#USR:Control Panel\Mouse   
"MouseThreshold2"=#USR:Control Panel\Mouse   
"SwapMouseButtons"=#USR:Control Panel\Mouse   
"Beep"=#USR:Control Panel\Sound   
"DoubleClickSpeed"=#USR:Control Panel\Mouse   
"CoolSwitch"=USR:Control Panel\Desktop   
"DoubleClickHeight"=#USR:Control Panel\Mouse   
"DoubleClickWidth"=#USR:Control Panel\Mouse   
"DragFullWindows"=USR:Control Panel\Desktop   
"InitialKeyboardIndicators"=USR:Control Panel\Keyboard   
"LowPowerActive"=#USR:Control Panel\Desktop   
"LowPowerTimeOut"=#USR:Control Panel\Desktop   
"PowerOffActive"=#USR:Control Panel\Desktop   
"PowerOffTimeOut"=#USR:Control Panel\Desktop   
"ScreenSaveActive"=#USR:Control Panel\Desktop   
"ScreenSaveTimeOut"=#USR:Control Panel\Desktop   
"SnapToDefaultButton"=#USR:Control Panel\Mouse   
"TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW   
"APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
""=@SYS:DoesNotExist   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot   
"ScreenSaverActive"=USR:Control Panel\Desktop   
"ScreenSaverIsSecure"=USR:Control Panel\Desktop   
"SCRNSAVE.EXE"=USR:Control Panel\Desktop   
"Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon   

[HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems]
"windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

---------- | Security center

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify"=0
"UpdatesDisableNotify"=0

[HKLM\SOFTWARE\Microsoft\Security Center]
"cval"=1
"UpdatesDisableNotify"=0

[HKLM\SOFTWARE\Microsoft\Security Center\svc]
"VistaSp1"=128920218544262440
"AntiVirusOverride"=0
"AntiSpywareOverride"=0
"FirewallOverride"=0

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=1
"DisableRoutinelyTakingAction"=0
"ProductStatus"=0
"InstallTime"=0x60D44ED2BFCFD201

[HKLM\Software\WOW6432Node\Microsoft\Windows Defender]
"DisableAntiSpyware"=0
"DisableRoutinelyTakingAction"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=1


---------- | Safeboot

[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\60945931.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\epmntdrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EuGdiDrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\60945931.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\epmntdrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EuGdiDrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

---------- | Winsock (Whitelist)


---------- | Hosts

127.0.0.1       localhost

---------- | Ping

Envoi d'une requ?te 'ping' sur google.com [216.58.198.206] avec 32 octets de donn?es?:
R?ponse de 216.58.198.206?: octets=32 temps=20 ms TTL=52
R?ponse de 216.58.198.206?: octets=32 temps=18 ms TTL=52
R?ponse de 216.58.198.206?: octets=32 temps=24 ms TTL=52
R?ponse de 216.58.198.206?: octets=32 temps=18 ms TTL=52

Statistiques Ping pour 216.58.198.206:
    Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%),
Dur?e approximative des boucles en millisecondes :
    Minimum = 18ms, Maximum = 24ms, Moyenne = 20ms

---------- | @

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Microsoft\Internet Explorer\Main]
"Disable Script Debugger"=yes
"Anchor Underline"=yes
"Cache_Update_Frequency"=Once_Per_Session
"Display Inline Images"=yes
"Do404Search"=0x01000000
"Local Page"=C:\Windows\system32\blank.htm
"Save_Session_History_On_Exit"=no
"Show_FullURL"=no
"Show_StatusBar"=yes
"Show_ToolBar"=yes
"Show_URLinStatusBar"=yes
"Show_URLToolBar"=yes
"Use_DlgBox_Colors"=yes
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"XMLHTTP"=1
"NoUpdateCheck"=1
"DisableScriptDebuggerIE"=yes
"Enable Browser Extensions"=yes
"Play_Background_Sounds"=yes
"Play_Animations"=yes
"Start Page"=http://google.fr/
"ImageStoreRandomFolder"=uqgm8f0
"Start Page Redirect Cache AcceptLangs"=fr-FR
"SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=
"DoNotTrack"=1
"IE10RunOncePerInstallCompleted"=1
"IE10RunOnceCompletionTime"=0xD91685F6D27BD301
"IE10TourShown"=1
"IE10TourShownTime"=0x3C4F893B7449D301
"DownloadWindowPlacement"=0x2C0000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDC010000EC0000003F05000076030000
"Isolation"=PMIL
"TabProcGrowth"=0
"DefSpellLang"=fr-FR
"SuppressScriptDebuggerDialog"=0
"SearchBandRestoreBarCount"=0
"SearchBandMigrationVersion"=1
"ScriptDebugger_EnableHiddenTabs"=0
"ApplicationTileImmersiveActivation"=1
"AssociationActivationMode"=0
"StatusBarWeb"=1
"ForceGDIPlus"=0
"AlwaysShowMenus"=0
"ShutdownWaitForOnUnload"=0
"DNSPreresolution"=8
"SpellChecking"=1
"LangToolsBroker"={5bbd58bb-993e-4c17-8af6-3af8e908fca8}
"DisablePasswordReveal"=0
"Check_Associations"=no
"DisableRequiresActiveXPrompt"=
"GotoIntranetSiteForSingleWordEntry"=0
"AutoSearch"=1
"PredictedViewExpansion"=100
"PredictedViewChangeThreshold"=10
"PredictedViewChangeThresholdPaint"=10
"ContentLayerCacheExpansion"=300
"RenderingLoopMaxTime"=250
"NscSingleExpand"=0
"Error Dlg Displayed On Every Error"=no
"NotifyDownloadComplete"=yes
"Friendly http errors"=yes
"CSS_Compat"=doctype
"Expand Alt Text"=no
"Display Inline Videos"=1
"Print_Background"=no
"Use Stylesheets"=1
"SmoothScroll"=1
"Show image placeholders"=0
"Disable Diagnostics Mode"=no
"Move System Caret"=no
"Enable AutoImageResize"=yes
"UseThemes"=1
"UseHR"=0
"Q300829"=0
"Cleanup HTCs"=0
"XDomainRequest"=1
"DOMStorage"=1
"EnableAlternativeCodec"=yes
"JScriptProfileCacheEventDelay"=5000
"CrossfadeMinTimeoutInMS"=30000
"CrossfadeMaxTimeoutInMS"=30000
"CrossfadeCurrentTimeoutInMS"=30000
"ScrollTimeoutInMS"=6000
"IE10RunOnceLastShown"=1
"IE10TourNoShow"=0
"IE10RecommendedSettingsNo"=0
"FrameTabWindow"=1
"AdminTabProcs"=1
"SessionMerging"=1
"FrameMerging"=1
"HangRecovery"=1
"DesktopTransparentCoverWindowTime"=8
"TSEnable"=1
"Isolation64Bit"=0
"IsolationImmersive"=PMEM
"TabShutdownDelay"=0
"FrameShutdownDelay"=0
"MinIEEnabled"=1
"FormSuggest Passwords"=no
"FormSuggest PW Ask"=no
"RefcountTracker"=0
"TabDragOnSingleProc"=0
"ForceBFCacheCandidacyPass"=0
"Fasterback"=1
"BackForwardInstrumentation"=0
"OperationalData"=5
"FullScreen"=no
"Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7E0000001E000000F605000038040000
"CompatibilityFlags"=0
"IE10RunOnceLastShown_TIMESTAMP"=0x382C500A0F5ED301
"AutoHide"=yes
"RunOnceHasShown"=1
"RunOnceComplete"=1
"Use FormSuggest"=no
"Start Page_TIMESTAMP"=0x92C8624C19DBD401
"IEWatsonDisabled"=1
"IE11DefaultsFRECompletionTime"=0x14C43F5FDC72D501
"IE11DefaultsFREConfigUpdateTimestamp"=0x23E13411D90DD601
"PlaySounds"=0
"UseSWRender"=0
"MixedContentBlockImages"=0
"IE11TimeOffBetweenCampaigns"=24
"IE11DefaultsFRECurrentOfferShowCount"=0
"OneTimeCleanupComplete"=1
"IE11DefaultsFREGPOFileOptions"=0
"IE11DefaultsFREGPOFileCheck"=1
"IE11DefaultsFREGPOCheckTimestamp"=0x23E13411D90DD601

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Microsoft\Internet Explorer\TypedURLs]
"url1"=https://www.podbean.com/podcast-detail/dy96h-380be/Affaires-sensibles-Podcast

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"IE5_UA_Backup_Flag"=5.0
"User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32)
"EmailName"=IEUser@
"PrivDiscUiShown"=1
"EnableHttp1_1"=1
"WarnOnIntranet"=1
"MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges 
"AutoConfigProxy"=wininet.dll
"UseSchannelDirectly"=0x01000000
"WarnOnPost"=0x01000000
"UrlEncoding"=0
"SecureProtocols"=2688
"PrivacyAdvanced"=0
"ZonesSecurityUpgrade"=0x8AA9CB7EC0CFD201
"DisableCachingOfSSLPages"=0
"WarnonZoneCrossing"=0
"CertificateRevocation"=1
"EnableNegotiate"=1
"MigrateProxy"=1
"ProxyEnable"=0
"EnableAutodial"=0
"NoNetAutodial"=0
"ProxyHttp1.1"=1
"EnableSPDY3_0"=0
"BackgroundConnections"=1
"EnableSSL3Fallback"=1
"EnablePunycode"=1
"ShowPunycode"=0
"CreateUriCacheSize"=80
"CoInternetCombineIUriCacheSize"=80
"SecurityIdIUriCacheSize"=30
"SpecialFoldersCacheSize"=8
"SyncMode5"=4
"WarnonBadCertRecving"=1
"WarnOnPostRedirect"=0
"WarnOnHTTPSToHTTPRedirect"=1
"DisableIDNPrompt"=0
"EnforceP3PValidity"=0

[HKLM\Software\Microsoft\Internet Explorer\Main]
"AutoHide"=yes
"Security Risk Page"=about:SecurityRisk
"Extensions Off Page"=about:NoAdd-ons
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Anchor_Visitation_Horizon"=0x01000000
"Cache_Percent_of_Disk"=0x0A000000
"Placeholder_Width"=0x1A000000
"Placeholder_Height"=0x1A000000
"Default_Secondary_Page_URL"=
"Use_Async_DNS"=yes
"Start Page"=about:blank
"Local Page"=C:\Windows\System32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Delete_Temp_Files_On_Exit"=yes
"Enable_Disk_Cache"=yes
"ApplicationTileImmersiveActivation"=1
"AssociationActivationMode"=0
"x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

[HKLM\Software\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKLM\Software\Microsoft\Internet Explorer\AboutURLs]
"blank"=res://mshtml.dll/blank.htm
"NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm
"InPrivate"=res://ieframe.dll/inprivate_win7.htm
"NavigationFailure"=res://ieframe.dll/navcancl.htm
"NoAdd-ons"=res://ieframe.dll/noaddon.htm
"Home"=270
"PostNotCached"=res://ieframe.dll/repost.htm
"DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm
"NavigationCanceled"=res://ieframe.dll/navcancl.htm
"SecurityRisk"=res://ieframe.dll/securityatrisk.htm
"Compat"=res://mshtml.dll/compat.htm

[HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"mosaic"=http://
"www"=http://
"home"=http://
"ftp"=ftp://
"gopher"=gopher://

[HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"EnablePunycode"=1
"CodeBaseSearchPath"=CODEBASE
"WarnOnIntranet"=1
"MinorVersion"=0
"ActiveXCache"=C:\Windows\Downloaded Program Files
"WarnOnPost"=0x01000000
"WarnonBadCertRecving"=1
"WarnOnPostRedirect"=0
"WarnOnZoneCrossing"=1
"WarnOnHTTPSToHTTPRedirect"=1
"ProxyEnable"=0

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main]
"AutoHide"=yes
"Security Risk Page"=about:SecurityRisk
"Extensions Off Page"=about:NoAdd-ons
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"Anchor_Visitation_Horizon"=0x01000000
"Cache_Percent_of_Disk"=0x0A000000
"Placeholder_Width"=0x1A000000
"Placeholder_Height"=0x1A000000
"Default_Secondary_Page_URL"=
"Use_Async_DNS"=yes
"Start Page"=about:blank
"Local Page"=C:\Windows\SysWOW64\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Delete_Temp_Files_On_Exit"=yes
"Enable_Disk_Cache"=yes
"ApplicationTileImmersiveActivation"=1
"AssociationActivationMode"=0
"x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"FormSuggest PW Ask"=no
"FormSuggest Passwords"=no
"FormSuggest Use FormSuggest"=no

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs]
"blank"=res://mshtml.dll/blank.htm
"NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm
"InPrivate"=res://ieframe.dll/inprivate_win7.htm
"NavigationFailure"=res://ieframe.dll/navcancl.htm
"NoAdd-ons"=res://ieframe.dll/noaddon.htm
"Home"=270
"PostNotCached"=res://ieframe.dll/repost.htm
"DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm
"NavigationCanceled"=res://ieframe.dll/navcancl.htm
"SecurityRisk"=res://ieframe.dll/securityatrisk.htm
"Compat"=res://mshtml.dll/compat.htm

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"mosaic"=http://
"www"=http://
"home"=http://
"ftp"=ftp://

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings]
"EnablePunycode"=1
"CodeBaseSearchPath"=CODEBASE
"WarnOnIntranet"=1
"MinorVersion"=0
"ActiveXCache"=C:\Windows\Downloaded Program Files
"ProxyEnable"=0


---------- | Proxy


---------- | reparsepoint


---------- | Detection of offsets


---------- | Notify 

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] : igfxdev.dll

---------- | Execution FileExts










---------- | SIOI | SEH | URLSH

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\
 MEGA (Pending)] - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} --  C:\Users\tolunq\AppData\Local\MEGAsync\ShellExtX64.dll   [06/09/2019 00:47:44]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\
 MEGA (Synced)] - {05B38830-F4E9-4329-978B-1DD28605D202} --  C:\Users\tolunq\AppData\Local\MEGAsync\ShellExtX64.dll   [06/09/2019 00:47:44]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\
 MEGA (Syncing)] - {0596C850-7BDD-4C9D-AFDF-873BE6890637} --  C:\Users\tolunq\AppData\Local\MEGAsync\ShellExtX64.dll   [06/09/2019 00:47:44]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\                    IMFSafeBox] - {0BB81440-5F42-4480-A5F7-770A6F439FC8} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\      OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\      OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\      OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\      OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\      OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\      OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\     AcronisDrive] - {5D74FD4B-4EFB-4586-8022-8637BBE40970} --  C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll   [02/03/2017 11:46:00]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\     AcronisSyncError] - {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} --  C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll   [02/03/2017 11:46:00]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\     AcronisSyncInProgress] - {00F848DC-B1D4-4892-9C25-CAADC86A215D} --  C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll   [02/03/2017 11:46:00]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\     AcronisSyncOk] - {71573297-552E-46fc-BE3D-3DFAF88D47B7} --  C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll   [02/03/2017 11:46:00]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   DropboxExt01] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} --  C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll   [04/04/2020 19:10:40]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   DropboxExt02] - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} --  C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll   [04/04/2020 19:10:40]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   DropboxExt03] - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} --  C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll   [04/04/2020 19:10:40]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   DropboxExt04] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} --  C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll   [04/04/2020 19:10:40]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   DropboxExt05] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} --  C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll   [04/04/2020 19:10:40]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   DropboxExt06] - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} --  C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll   [04/04/2020 19:10:40]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   DropboxExt07] - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} --  C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll   [04/04/2020 19:10:40]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   DropboxExt08] - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} --  C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll   [04/04/2020 19:10:40]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   DropboxExt09] - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} --  C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll   [04/04/2020 19:10:40]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   DropboxExt10] - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} --  C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll   [04/04/2020 19:10:40]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} --  %SystemRoot%\system32\EhStorShell.dll   
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81} --  %SystemRoot%\System32\cscui.dll   
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} --  %SystemRoot%\system32\ntshrui.dll   
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\
 MEGA (Pending)] - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} --  C:\Users\tolunq\AppData\Local\MEGAsync\ShellExtX32.dll   [06/09/2019 00:47:40]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\
 MEGA (Synced)] - {05B38830-F4E9-4329-978B-1DD28605D202} --  C:\Users\tolunq\AppData\Local\MEGAsync\ShellExtX32.dll   [06/09/2019 00:47:40]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\
 MEGA (Syncing)] - {0596C850-7BDD-4C9D-AFDF-873BE6890637} --  C:\Users\tolunq\AppData\Local\MEGAsync\ShellExtX32.dll   [06/09/2019 00:47:40]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   DropboxExt01] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} --  C:\Program Files (x86)\Dropbox\Client\DropboxExt.37.0.dll   [04/04/2020 19:10:40]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   DropboxExt02] - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} --  C:\Program Files (x86)\Dropbox\Client\DropboxExt.37.0.dll   [04/04/2020 19:10:40]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   DropboxExt03] - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} --  C:\Program Files (x86)\Dropbox\Client\DropboxExt.37.0.dll   [04/04/2020 19:10:40]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   DropboxExt04] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} --  C:\Program Files (x86)\Dropbox\Client\DropboxExt.37.0.dll   [04/04/2020 19:10:40]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   DropboxExt05] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} --  C:\Program Files (x86)\Dropbox\Client\DropboxExt.37.0.dll   [04/04/2020 19:10:40]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   DropboxExt06] - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} --  C:\Program Files (x86)\Dropbox\Client\DropboxExt.37.0.dll   [04/04/2020 19:10:40]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   DropboxExt07] - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} --  C:\Program Files (x86)\Dropbox\Client\DropboxExt.37.0.dll   [04/04/2020 19:10:40]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   DropboxExt08] - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} --  C:\Program Files (x86)\Dropbox\Client\DropboxExt.37.0.dll   [04/04/2020 19:10:40]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   DropboxExt09] - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} --  C:\Program Files (x86)\Dropbox\Client\DropboxExt.37.0.dll   [04/04/2020 19:10:40]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   DropboxExt10] - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} --  C:\Program Files (x86)\Dropbox\Client\DropboxExt.37.0.dll   [04/04/2020 19:10:40]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} --  %SystemRoot%\system32\EhStorShell.dll   
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} --  %SystemRoot%\system32\ntshrui.dll   

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=   


---------- | Toolbar

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"Locked"=1   
"ShowDiscussionButton"=Yes   

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"ITBar7Layout"=0x13000000000000000000000020000000100003001700000001000000800600006D01000006000000410100000000000007000000400100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000044DF53486B7DE9489258D800EEE54AF65A3C29EF379FFD4991C42B867063FC5400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000   
"ITBar7Height"=29   
"ITBar7Height64"=58   
"ITBar7Layout64"=0x13000000000000000000000020000000100002001C00000001000000000700005E010000070000004001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005A3C29EF379FFD4991C42B867063FC5400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000   
"{4853DF44-7D6B-48E9-9258-D800EEE54AF6}"=0x44DF53486B7DE9489258D800EEE54AF6   
"{EF293C5A-9F37-49FD-91C4-2B867063FC54}"=0x5A3C29EF379FFD4991C42B867063FC54   

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultPackCorrection"=1   
"DefaultPackNTCorrection"=1   
"Version"=4   
"UpgradeTime"=0xE2A5061BC6CFD201   
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}   

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"=0x00   
"{EF293C5A-9F37-49FD-91C4-2B867063FC54}"=   

[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar]
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"=0x00   
"{669695BC-A811-4A9D-8CDF-BA8C795F261C}"=Dashlane Toolbar   
"{EF293C5A-9F37-49FD-91C4-2B867063FC54}"=   


---------- | Extensions

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping] : () -       []
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (&Envoyer à OneNote) -       []
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (Notes &liées OneNote) -       []
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}] : (@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003) -       []
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (&Envoyer à OneNote) -       []
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (Notes &liées OneNote) -       []

---------- | SearchScopes

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE10 : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : 

---------- | Browser Helper Objects

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -> (Programme d’aide de l’Assistant de connexion au compte Microsoft) : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll  [17/07/2012 14:51:50]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] -> (Adobe Acrobat Create PDF Helper) : C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll  [28/03/2017 19:24:52]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] -> (Adobe Acrobat Create PDF from Selection) : C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll  [28/03/2017 19:24:52]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42D79B50-CC4A-4A8E-860F-BE674AF053A2}] -> (Dashlane BHO) : C:\Users\tolunq\AppData\Roaming\Dashlane\ie\Dashlanei.dll  [15/03/2019 14:12:13]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -> (Programme d’aide de l’Assistant de connexion au compte Microsoft) : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll  [17/07/2012 14:51:50]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] -> (Adobe Acrobat Create PDF Helper) : C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll  [28/03/2017 19:24:52]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}] -> () :   
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] -> (Adobe Acrobat Create PDF from Selection) : C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll  [28/03/2017 19:24:52]

---------- | Chrome

C:\Users\tolunq\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\tolunq\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\tolunq\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf =  : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx
C:\Users\tolunq\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo =  : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx
C:\Users\tolunq\AppData\Local\Google\Chrome\User Data\Default\extensions\efaidnbmnnnibpcajpcglclefindmkaj =  :     __MSG_web2pdfExtnDescription__ -     __MSG_web2pdfExtnName__ - https://clients2.google.com/service/update2/crx
C:\Users\tolunq\AppData\Local\Google\Chrome\User Data\Default\extensions\elhpdacimkjpccooodognopfhbdgnpbk =  :     __MSG_ExtensionDescription__ -     __MSG_ExtensionName__ - permissions:[nativeMessagingmanagementcookiescontextMenuswebRequestwebRequestBlocking\u003Call_urls>storage] - https://clients2.google.com/service/update2/crx
C:\Users\tolunq\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\tolunq\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi =  :     __MSG_extDesc__ -     __MSG_extName__ - https://clients2.google.com/service/update2/crx
C:\Users\tolunq\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda =  : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\tolunq\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia =  : Google & co - https://mail.google.com/mail - Google & co - [*://mail.google.com/mail] - https://clients2.google.com/service/update2/crx
C:\Users\tolunq\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm =  :     Provider for discovery and services for mirroring of Chrome Media Router -     Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx

[HKLM\Software\Google\Chrome\Extensions\elhpdacimkjpccooodognopfhbdgnpbk]
[HKLM\Software\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk]
[HKLM\Software\WOW6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
[HKLM\Software\WOW6432Node\Google\Chrome\Extensions\elhpdacimkjpccooodognopfhbdgnpbk]

---------- | Opera


---------- | Firefox


[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\mozilla\Firefox\Extensions]
"{72CA2996-F580-47DF-98FF-0B853D09CEC8}"=C:\Users\tolunq\AppData\Roaming\Kaspersky Lab\Kaspersky Password Manager\kpmAutofill
[HKLM\Software\mozilla\Firefox\Extensions]
"web2pdfextension.17@acrobat.adobe.com"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
[HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions]
"web2pdfextension.17@acrobat.adobe.com"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\MozillaPlugins\@kaspersky.com/Password Manager] - () : J:\Kaspersky Password Manager\npkpmAutofill.dll
[HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll
[HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] - (Office Authorization plug-in for NPAPI browsers) : C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL
[HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.5.1] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.6] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.3] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.4] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.6] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.7] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.8] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42] - (Intel IPT WebApi plugin) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] - (This plugin updates Intel WebAPI component) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@IPCWebComponents] - () : C:\Program Files (x86)\IPCWebComponents\npIPCReg.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] - (Office Authorization plug-in for NPAPI browsers) : C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL
[HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files (x86)\MICROS~1\Office14\NPSPWRAP.DLL
[HKLM\Software\WOW6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3] - (WebTablet Plugin API) : C:\Program Files (x86)\TabletPlugins\npwacom.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Acrobat] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll


C:\Users\tolunq\AppData\Roaming\Mozilla\Firefox\Profiles\r1aqyoal.default-1514283007430-1550785339471\Prefs.js

user_pref("app.normandy.startupRolloutPrefs.extensions.fxmonitor.enabled", true);
user_pref("browser.startup.homepage", "https://www.google.fr/");
user_pref("browser.startup.homepage_override.buildID", "20200403064753");
user_pref("browser.startup.homepage_override.mstone", "74.0.1");
user_pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed-list\":[],\"nav-bar\":[\"back-button\",\"forward-button\",\"urlbar-container\",\"stop-reload-button\",\"home-button\",\"downloads-button\",\"light_plugin_a07576a3cebc4a72a8cf2c925907db05_kaspersky_com-browser-action\",\"_d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d_-browser-action\",\"ublock0_raymondhill_net-browser-action\",\"jetpack-extension_dashlane_com-browser-action\",\"fxa-toolbar-menu-button\",\"light_plugin_b29d4ad94f82454bbc9215bcbd7e80ae_kaspersky_com-browser-action\",\"kpm_win_add_on_9_0_kaspersky-browser-action\",\"_0b6555af-b17c-44b9-8e95-ab1e554dca4f_-browser-action\"],\"toolbar-menubar\":[\"menubar-items\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"PersonalToolbar\":[\"personal-bookmarks\"]},\"seen\":[\"developer-button\",\"light_plugin_a07576a3cebc4a72a8cf2c925907db05_kaspersky_com-browser-action\",\"_d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d_-browser-action\",\"webide-button\",\"ublock0_raymondhill_net-browser-action\",\"jetpack-extension_dashlane_com-browser-action\",\"web2pdfextension_17_acrobat_adobe_com-browser-action\",\"_ce741827-b6d9-415a-a8ea-be83f96d6b0d_-browser-action\",\"light_plugin_b29d4ad94f82454bbc9215bcbd7e80ae_kaspersky_com-browser-action\",\"kpm_win_add_on_9_0_kaspersky-browser-action\",\"_0b6555af-b17c-44b9-8e95-ab1e554dca4f_-browser-action\"],\"dirtyAreaCache\":[\"nav-bar\",\"toolbar-menubar\",\"TabsToolbar\",\"PersonalToolbar\"],\"currentVersion\":16,\"newElementCount\":8}");
user_pref("devtools.webextensions.{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.enabled", true);
user_pref("extensions.activeThemeID", "default-theme@mozilla.org");
user_pref("extensions.blocklist.lastModified", "Mon, 20 Jan 2020 14:21:43 GMT");
user_pref("extensions.blocklist.pingCountTotal", 251);
user_pref("extensions.blocklist.pingCountVersion", -1);
user_pref("extensions.databaseSchema", 31);
user_pref("extensions.getAddons.cache.lastUpdate", 1586451428);
user_pref("extensions.getAddons.databaseSchema", 6);
user_pref("extensions.incognito.migrated", true);
user_pref("extensions.lastAppBuildId", "20200403064753");
user_pref("extensions.lastAppVersion", "74.0.1");
user_pref("extensions.lastPlatformVersion", "74.0.1");
user_pref("extensions.pendingOperations", false);
user_pref("extensions.pocket.settings.test.panelSignUp", "control");
user_pref("extensions.privatebrowsing.notification", true);
user_pref("extensions.signer.hotfixed", true);
user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}");
user_pref("extensions.ui.dictionary.hidden", true);
user_pref("extensions.ui.lastCategory", "addons://list/extension");
user_pref("extensions.ui.locale.hidden", true);
user_pref("extensions.webcompat.perform_injections", true);
user_pref("extensions.webcompat.perform_ua_overrides", true);
user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.doh-rollout@mozilla.org", true);
user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.jetpack-extension@dashlane.com", true);
user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com", true);
user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.light_plugin_B29D4AD94F82454BBC9215BCBD7E80AE@kaspersky.com", true);
user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.screenshots@mozilla.org", true);
user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.uBlock0@raymondhill.net", true);
user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.web2pdfextension.17@acrobat.adobe.com", true);
user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.{ce741827-b6d9-415a-a8ea-be83f96d6b0d}", true);
user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}", true);
user_pref("extensions.webextensions.uuids", "{\"formautofill@mozilla.org\":\"b51892bc-2c72-4423-a38b-139875b26367\",\"screenshots@mozilla.org\":\"dc96266c-4e93-4f38-a64d-d93fa814864d\",\"webcompat-reporter@mozilla.org\":\"58bfb95e-978a-4a4a-a34b-dbe39e91ba15\",\"webcompat@mozilla.org\":\"561e879f-38fe-420a-a79e-52fd842183b6\",\"fxmonitor@mozilla.org\":\"65c9a690-ce51-4f62-8b4d-342efca79c22\",\"light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com\":\"ad4a6980-ebc8-4280-bef0-0b478692adf8\",\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":\"4ce34d72-b618-416a-867c-e1abdecbfc63\",\"uBlock0@raymondhill.net\":\"3ec3f890-7d1e-41b8-80fb-a6e52853a165\",\"jetpack-extension@dashlane.com\":\"106652ab-defb-40a9-b84c-d37203cfc870\",\"baidu-code-update@mozillaonline.com\":\"45fbc74e-9c9d-44ca-b8a4-73230a294c82\",\"adguardadblocker@adguard.com\":\"cf32d45f-a332-4578-b60d-7dfbab74f1a4\",\"@youtube-converter-video-music-downloader\":\"7b0d4432-2352-4202-ac5a-6b0449a3943c\",\"firefox@ghostery.com\":\"be286424-b0fb-4444-b26d-81d6b0d4f3df\",\"web2pdfextension.17@acrobat.adobe.com\":\"b2ec99b8-af7b-4a7e-8bda-8da89f68f0eb\",\"default-theme@mozilla.org\":\"02fbdbdb-131c-471c-9bdd-f91a858a0983\",\"google@search.mozilla.org\":\"05cccfa4-4640-470b-a385-f60dff0c7336\",\"bing@search.mozilla.org\":\"a593be05-9381-4ccf-84da-395992cdcd8a\",\"amazon@search.mozilla.org\":\"38126385-7385-4b0e-92bf-2ae8822f31df\",\"ddg@search.mozilla.org\":\"663ae314-d932-4330-a66c-9b60b39ade36\",\"ebay@search.mozilla.org\":\"552747e4-47ca-49c9-b0fb-ca647bd9e74e\",\"qwant@search.mozilla.org\":\"8ac298a1-c256-4b2e-8953-35577d18497c\",\"wikipedia@search.mozilla.org\":\"4e3cbc92-c711-48ae-988d-3d3ea31037b2\",\"{ce741827-b6d9-415a-a8ea-be83f96d6b0d}\":\"ed4119d5-c056-4d95-9883-74741b2f7838\",\"doh-rollout@mozilla.org\":\"6374b496-17a8-4b4d-9ade-b9bde20d234d\",\"ascsurfingprotectionnew@iobit.com\":\"82d065ec-6726-4064-b00f-961c9b2109b7\",\"light_plugin_B29D4AD94F82454BBC9215BCBD7E80AE@kaspersky.com\":\"2d63edb2-3b42-4d19-b986-e85290d8e805\",\"kpm_win_add_on_9.0@kaspersky\":\"3e06f288-141a-40b9-ba99-cb6585c76307\"}");

C:\Users\tolunq\AppData\Roaming\Mozilla\Firefox\Profiles\r1aqyoal.default-1514283007430-1550785339471

[Profile0] - Name=default-1514283007430 -> Profiles/r1aqyoal.default-1514283007430-1550785339471

---------- | DNS

[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"DhcpNameServer"=192.168.1.1
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{472C9357-37F7-4595-BFEA-0696E95EE6D7}]
"DhcpNameServer"=192.168.1.1
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{9592A2F2-A8C7-44D4-847F-5CFF77C813E8}]
"DhcpNameServer"=192.168.1.1 192.168.1.10 192.168.1.1
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{E4A0422C-4779-4749-973E-7E8B327BC315}]
"NameServer"=8.8.8.8,8.8.4.4
[HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{472C9357-37F7-4595-BFEA-0696E95EE6D7}]
"DhcpNameServer"=192.168.1.1
[HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{9592A2F2-A8C7-44D4-847F-5CFF77C813E8}]
"DhcpNameServer"=192.168.1.1 192.168.1.10 192.168.1.1
[HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{E4A0422C-4779-4749-973E-7E8B327BC315}]
"NameServer"=8.8.8.8,8.8.4.4
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{472C9357-37F7-4595-BFEA-0696E95EE6D7}]
"DhcpNameServer"=192.168.1.1
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{9592A2F2-A8C7-44D4-847F-5CFF77C813E8}]
"DhcpNameServer"=192.168.1.1 192.168.1.10 192.168.1.1
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{E4A0422C-4779-4749-973E-7E8B327BC315}]
"NameServer"=8.8.8.8,8.8.4.4

---------- | Applications

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Classes\Applications\audacity.exe] : "I:\Audacity\audacity.exe" "%1"
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1"
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Classes\Applications\PinnacleStudio.EXE] : "C:\Program Files\Pinnacle\Studio 21\programs\PinnacleStudio.EXE" "%1"
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Classes\Applications\WinRAR.exe] : "C:\Program Files\WinRAR\WinRAR.exe" "%1"
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Classes\Applications\winzip64.exe] : "G:\WinZip\winzip64.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\Acrobat.exe] : "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\csgo.exe] : "g:\counter sticke go\counter-strike global offensive\csgo.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1"
[HKLM\SOFTWARE\Classes\Applications\Galerie photo Pixum.exe] : "j:\Pixum\Univers photo Pixum\Galerie photo Pixum.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\hl2.exe] : "f:\half-life - source quadrilogy\hl2.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\Classes\Applications\ois.exe] : C:\Program Files (x86)\MICROS~1\Office14\OIS.EXE /shellOpen "%1"
[HKLM\SOFTWARE\Classes\Applications\Photoshop.exe] : "C:\Program Files\Adobe\Adobe Photoshop CC 2017\Photoshop.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
[HKLM\SOFTWARE\Classes\Applications\Univers photo Pixum.exe] : "j:\Pixum\Univers photo Pixum\Univers photo Pixum.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1"
[HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Acrobat.exe] : "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\csgo.exe] : "g:\counter sticke go\counter-strike global offensive\csgo.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Galerie photo Pixum.exe] : "j:\Pixum\Univers photo Pixum\Galerie photo Pixum.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\hl2.exe] : "f:\half-life - source quadrilogy\hl2.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ois.exe] : C:\Program Files (x86)\MICROS~1\Office14\OIS.EXE /shellOpen "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Photoshop.exe] : "C:\Program Files\Adobe\Adobe Photoshop CC 2017\Photoshop.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Univers photo Pixum.exe] : "j:\Pixum\Univers photo Pixum\Univers photo Pixum.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"

---------- | SvcHost (Whitelist)

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]
"regsvc"=RemoteRegistry
"DcomLaunch"=Power
PlugPlay
DcomLaunch
"secsvcs"=WinDefend
"bthsvcs"=bthserv
"PeerDist"=PeerDistSvc
"GPSvcGroup"=GPSvc

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost]
"DcomLaunch"=Power
PlugPlay
DcomLaunch


---------- | SvcHost - Netsvcs (Whitelist)


---------- | Software

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Acronis]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Active@ File Preview]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Adobe]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\AMD]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\AMD Driver Downloader]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\AOMEI]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\AppDataLow]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Applications WinDev]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Arobas Music]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Ashampoo]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\ATI]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Audacity]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Avid]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Axantum]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Bomgar]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Bsd Concept]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\BugSplat]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Canon]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\CanonBJ]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\CeWe Color]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Chromium]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Clients]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\CompSoft]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Corel]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Dashlane]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Dashlane_profiles]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Debugmode]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\DivX]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\DivXNetworks]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Dropbox]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\DropboxUpdate]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\DT Soft]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\EaseUS]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\East Imperial Soft]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\EFD Software]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\ElAmigos]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Epic Games]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\ESET]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\factormystic.net]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\FormatFactory]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Garmin]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Google]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\GreenTree Applications]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\GreenTree Applications-BackupByYTDPortable]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Haali]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\IM Providers]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Intel]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\ITNConv]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Jihosoft]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\KasperskyLab]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\KasperskyLabSetup]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Kobo]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\LogiShrd]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Logitech]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Logo]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\LumaEmu]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Macrium]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Macromedia]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Malwarebytes]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\MediaHuman]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Microsoft]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Mirage]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Mozilla]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\MozillaPlugins]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Nero]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Netscape]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\NewBlue]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\ODBC]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\OpenAutomate]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Opendisc]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Paramount Software (UK) Ltd.]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\PC SOFT]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Pinnacle Systems]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Piriform]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Policies]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\proDAD]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\ProtectedStorage]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\QtProject]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Realtek]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Red Giant Software]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\RegisteredApplications]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Rene.E Laboratory]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Resplendence Sp]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\SafelyRemove]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Sierra On-Line]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Skype]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\skypeapp-36f8814553c5]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\skypeapp-67c2b7b2c9f1]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Sony]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Sony Creative Software]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Spoon]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\SyncEngines]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Sysinternals]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\TomTom]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Totalidea Software]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Trolltech]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Trolltech-BackupByMalwarebytesPortable]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Unity]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Valve]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Visible Body]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\VOB]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\VS Revo Group]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\VueScan]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\WinRAR]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\WinRAR SFX]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Wow6432Node]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\ZHP]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\{B2CB09FF-2453-4f85-9F40-21C05BE4CBA8}]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}-BackupByYTDPortable]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\???????????????]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\AppDataLow\Software\Adobe]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\AppDataLow\Software\Microsoft]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Active Setup]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\ActiveMovie]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\ASF Stream Descriptor File]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Assistance]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Avalon.Graphics]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Calc]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Command Processor]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\CTF]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Dependency Walker]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Direct3D]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\DirectInput]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\DirectX Diagnostic Tool]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\DVDNavigator]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Ease of Access]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\EventSystem]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Exchange]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\F12]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Fax]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Feeds]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\FileSquirt]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\FTP]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Fusion]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\GDIPlus]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\IAM]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\IdentityCRL]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\IME]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\IMEJP]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\IMEMIP]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\InputPersonalization]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Installer]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\IntelliPoint]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Intellipoint Intellitype Pro Auto Update]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Internet Connection Wizard]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Internet Explorer]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Internet Mail and News]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Keyboard]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Lptr]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\MediaPlayer]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Microsoft Antimalware]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Microsoft DVD Wizard Settings]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Microsoft Games]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Microsoft Management Console]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\MPEG2Demultiplexer]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\MS Design Tools]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\MS Switch]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\MSDAIPP]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\MSF]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Multimedia]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Notepad]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Office]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\OLE]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\OneDrive]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Osk]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\PeerNet]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Protected Storage System Provider]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\RAS AutoDial]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\RAS Phonebook]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Remote Assistance]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\RPM]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\ScreenMagnifier]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Security Center]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Shared]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Shared Tools]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\SideShow]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Silverlight]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\SkyDrive]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Speech]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Spelling]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\SQMClient]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\SystemCertificates]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\TabletTip]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\TelemetryClient]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\TPG]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Tracing]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\VBA]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Visual Basic]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\WAB]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Web Service Providers]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\wfs]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Windows]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Windows Live]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Windows Live Mail]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Windows Mail]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Windows Media]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Windows NT]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Windows Photo Viewer]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Windows Script]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Windows Script Host]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Windows Search]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Windows Sidebar]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\Wisp]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\RestartManager]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Microsoft\Windows\CurrentVersion]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Microsoft\Windows\DWM]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Microsoft\Windows\Shell]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Microsoft\Windows\TabletPC]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Microsoft\Windows\Windows Error Reporting]
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM\Software\173a9bac-6f0d-50c4-8202-4744c69d091a]
[HKLM\Software\Acronis]
[HKLM\Software\Adobe]
[HKLM\Software\Alienware]
[HKLM\Software\AMD]
[HKLM\Software\AMDDVR]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ATI]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Autodesk]
[HKLM\Software\Avid]
[HKLM\Software\Axantum]
[HKLM\Software\Canon]
[HKLM\Software\CBSTEST]
[HKLM\Software\Clients]
[HKLM\Software\Corel]
[HKLM\Software\Corel Corporation]
[HKLM\Software\cybelsoft]
[HKLM\Software\Dolby]
[HKLM\Software\DTS]
[HKLM\Software\FileZilla 3]
[HKLM\Software\Fortemedia]
[HKLM\Software\g3n-h@ckm@n]
[HKLM\Software\Google]
[HKLM\Software\INextUUID]
[HKLM\Software\Intel]
[HKLM\Software\IPS]
[HKLM\Software\JavaSoft]
[HKLM\Software\KasperskyLab]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\Logitech]
[HKLM\Software\Macrium]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes]
[HKLM\Software\Microsoft]
[HKLM\Software\Mozilla]
[HKLM\Software\mozilla.org]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Nuance]
[HKLM\Software\ODBC]
[HKLM\Software\Pegasus Imaging]
[HKLM\Software\Pinnacle]
[HKLM\Software\Pinnacle Systems]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Roxio]
[HKLM\Software\SafelyRemove]
[HKLM\Software\SAMSUNG]
[HKLM\Software\Sonic]
[HKLM\Software\SonicFocus]
[HKLM\Software\SoundResearch]
[HKLM\Software\SRS Labs]
[HKLM\Software\Ulead Systems]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\VueScan]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinRAR]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Yamaha APO]
[HKLM\SOFTWARE\Microsoft\.NETFramework]
[HKLM\SOFTWARE\Microsoft\Active Setup]
[HKLM\SOFTWARE\Microsoft\ADs]
[HKLM\SOFTWARE\Microsoft\Advanced INF Setup]
[HKLM\SOFTWARE\Microsoft\ALG]
[HKLM\SOFTWARE\Microsoft\AMSI]
[HKLM\SOFTWARE\Microsoft\AOMEI]
[HKLM\SOFTWARE\Microsoft\ASP.NET]
[HKLM\SOFTWARE\Microsoft\Assistance]
[HKLM\SOFTWARE\Microsoft\AudioCompressionManager]
[HKLM\SOFTWARE\Microsoft\Avalon.Graphics]
[HKLM\SOFTWARE\Microsoft\BidInterface]
[HKLM\SOFTWARE\Microsoft\COM3]
[HKLM\SOFTWARE\Microsoft\Command Processor]
[HKLM\SOFTWARE\Microsoft\Conferencing]
[HKLM\SOFTWARE\Microsoft\Connect to a Network Projector]
[HKLM\SOFTWARE\Microsoft\Cryptography]
[HKLM\SOFTWARE\Microsoft\CTF]
[HKLM\SOFTWARE\Microsoft\DataAccess]
[HKLM\SOFTWARE\Microsoft\DataFactory]
[HKLM\SOFTWARE\Microsoft\DesiredStateConfiguration]
[HKLM\SOFTWARE\Microsoft\DevDiv]
[HKLM\SOFTWARE\Microsoft\Dfrg]
[HKLM\SOFTWARE\Microsoft\DFS]
[HKLM\SOFTWARE\Microsoft\Direct3D]
[HKLM\SOFTWARE\Microsoft\DirectDraw]
[HKLM\SOFTWARE\Microsoft\DirectInput]
[HKLM\SOFTWARE\Microsoft\DirectMusic]
[HKLM\SOFTWARE\Microsoft\DirectPlay8]
[HKLM\SOFTWARE\Microsoft\DirectPlayNATHelp]
[HKLM\SOFTWARE\Microsoft\DirectShow]
[HKLM\SOFTWARE\Microsoft\DirectX]
[HKLM\SOFTWARE\Microsoft\DownloadManager]
[HKLM\SOFTWARE\Microsoft\Driver Signing]
[HKLM\SOFTWARE\Microsoft\DRM]
[HKLM\SOFTWARE\Microsoft\DVR]
[HKLM\SOFTWARE\Microsoft\DXP]
[HKLM\SOFTWARE\Microsoft\EnterpriseCertificates]
[HKLM\SOFTWARE\Microsoft\Environment]
[HKLM\SOFTWARE\Microsoft\EventSystem]
[HKLM\SOFTWARE\Microsoft\Exchange]
[HKLM\SOFTWARE\Microsoft\F12]
[HKLM\SOFTWARE\Microsoft\Fax]
[HKLM\SOFTWARE\Microsoft\Feeds]
[HKLM\SOFTWARE\Microsoft\FlashConfig]
[HKLM\SOFTWARE\Microsoft\FTH]
[HKLM\SOFTWARE\Microsoft\Function Discovery]
[HKLM\SOFTWARE\Microsoft\Fusion]
[HKLM\SOFTWARE\Microsoft\GPUPipeline]
[HKLM\SOFTWARE\Microsoft\HTMLHelp]
[HKLM\SOFTWARE\Microsoft\IdentityCRL]
[HKLM\SOFTWARE\Microsoft\IdentityStore]
[HKLM\SOFTWARE\Microsoft\IE4]
[HKLM\SOFTWARE\Microsoft\IMAPI]
[HKLM\SOFTWARE\Microsoft\IMEJP]
[HKLM\SOFTWARE\Microsoft\IMEKR]
[HKLM\SOFTWARE\Microsoft\IMETC]
[HKLM\SOFTWARE\Microsoft\InputPersonalization]
[HKLM\SOFTWARE\Microsoft\IntelliPoint]
[HKLM\SOFTWARE\Microsoft\Intellipoint Intellitype Pro Auto Update]
[HKLM\SOFTWARE\Microsoft\IntelliPoint IntelliType Pro Bluetooth]
[HKLM\SOFTWARE\Microsoft\Internet Account Manager]
[HKLM\SOFTWARE\Microsoft\Internet Domains]
[HKLM\SOFTWARE\Microsoft\Internet Explorer]
[HKLM\SOFTWARE\Microsoft\IsoBurn]
[HKLM\SOFTWARE\Microsoft\Jet]
[HKLM\SOFTWARE\Microsoft\LPKSetup]
[HKLM\SOFTWARE\Microsoft\MediaCenterPeripheral]
[HKLM\SOFTWARE\Microsoft\MediaPlayer]
[HKLM\SOFTWARE\Microsoft\MessengerService]
[HKLM\SOFTWARE\Microsoft\MigWiz]
[HKLM\SOFTWARE\Microsoft\MMC]
[HKLM\SOFTWARE\Microsoft\Mobile]
[HKLM\SOFTWARE\Microsoft\MpSigStub]
[HKLM\SOFTWARE\Microsoft\MSBuild]
[HKLM\SOFTWARE\Microsoft\MSDE]
[HKLM\SOFTWARE\Microsoft\MSDTC]
[HKLM\SOFTWARE\Microsoft\MSF]
[HKLM\SOFTWARE\Microsoft\MSLicensing]
[HKLM\SOFTWARE\Microsoft\MSMQ]
[HKLM\SOFTWARE\Microsoft\MSN Apps]
[HKLM\SOFTWARE\Microsoft\MSSQLServer]
[HKLM\SOFTWARE\Microsoft\Multimedia]
[HKLM\SOFTWARE\Microsoft\NapServer]
[HKLM\SOFTWARE\Microsoft\NET Framework Setup]
[HKLM\SOFTWARE\Microsoft\NetSh]
[HKLM\SOFTWARE\Microsoft\Network]
[HKLM\SOFTWARE\Microsoft\NetworkAccessProtection]
[HKLM\SOFTWARE\Microsoft\Non-Driver Signing]
[HKLM\SOFTWARE\Microsoft\Notepad]
[HKLM\SOFTWARE\Microsoft\ODBC]
[HKLM\SOFTWARE\Microsoft\Office]
[HKLM\SOFTWARE\Microsoft\OfficeSoftwareProtectionPlatform]
[HKLM\SOFTWARE\Microsoft\Ole]
[HKLM\SOFTWARE\Microsoft\OnlineProviders]
[HKLM\SOFTWARE\Microsoft\Outlook Express]
[HKLM\SOFTWARE\Microsoft\PCHealth]
[HKLM\SOFTWARE\Microsoft\PLA]
[HKLM\SOFTWARE\Microsoft\PlayReady]
[HKLM\SOFTWARE\Microsoft\PowerShell]
[HKLM\SOFTWARE\Microsoft\Preinstall]
[HKLM\SOFTWARE\Microsoft\Print]
[HKLM\SOFTWARE\Microsoft\RADAR]
[HKLM\SOFTWARE\Microsoft\Ras]
[HKLM\SOFTWARE\Microsoft\RAS AutoDial]
[HKLM\SOFTWARE\Microsoft\Reliability Analysis]
[HKLM\SOFTWARE\Microsoft\RemovalTools]
[HKLM\SOFTWARE\Microsoft\RendezvousApps]
[HKLM\SOFTWARE\Microsoft\Router]
[HKLM\SOFTWARE\Microsoft\Rpc]
[HKLM\SOFTWARE\Microsoft\SchedulingAgent]
[HKLM\SOFTWARE\Microsoft\Schema Library]
[HKLM\SOFTWARE\Microsoft\Security Center]
[HKLM\SOFTWARE\Microsoft\Sensors]
[HKLM\SOFTWARE\Microsoft\ServicesForNFS]
[HKLM\SOFTWARE\Microsoft\Shared]
[HKLM\SOFTWARE\Microsoft\Shared Tools]
[HKLM\SOFTWARE\Microsoft\Shared Tools Location]
[HKLM\SOFTWARE\Microsoft\SideShow]
[HKLM\SOFTWARE\Microsoft\Silverlight]
[HKLM\SOFTWARE\Microsoft\Software]
[HKLM\SOFTWARE\Microsoft\Speech]
[HKLM\SOFTWARE\Microsoft\SQMClient]
[HKLM\SOFTWARE\Microsoft\Sync Framework]
[HKLM\SOFTWARE\Microsoft\Sysprep]
[HKLM\SOFTWARE\Microsoft\SystemCertificates]
[HKLM\SOFTWARE\Microsoft\TableTextService]
[HKLM\SOFTWARE\Microsoft\TabletTip]
[HKLM\SOFTWARE\Microsoft\Tcpip]
[HKLM\SOFTWARE\Microsoft\Terminal Server Client]
[HKLM\SOFTWARE\Microsoft\TermServLicensing]
[HKLM\SOFTWARE\Microsoft\TIP Shared]
[HKLM\SOFTWARE\Microsoft\TMM]
[HKLM\SOFTWARE\Microsoft\TPG]
[HKLM\SOFTWARE\Microsoft\Tpm]
[HKLM\SOFTWARE\Microsoft\Tracing]
[HKLM\SOFTWARE\Microsoft\Transaction Server]
[HKLM\SOFTWARE\Microsoft\TV System Services]
[HKLM\SOFTWARE\Microsoft\uDRM]
[HKLM\SOFTWARE\Microsoft\Updates]
[HKLM\SOFTWARE\Microsoft\UPnP Device Host]
[HKLM\SOFTWARE\Microsoft\Virtual Machine]
[HKLM\SOFTWARE\Microsoft\VisualStudio]
[HKLM\SOFTWARE\Microsoft\WAB]
[HKLM\SOFTWARE\Microsoft\WBEM]
[HKLM\SOFTWARE\Microsoft\WebcamTelemetry]
[HKLM\SOFTWARE\Microsoft\WIMMount]
[HKLM\SOFTWARE\Microsoft\Windows]
[HKLM\SOFTWARE\Microsoft\Windows Defender]
[HKLM\SOFTWARE\Microsoft\Windows Desktop Search]
[HKLM\SOFTWARE\Microsoft\Windows Mail]
[HKLM\SOFTWARE\Microsoft\Windows Media Device Manager]
[HKLM\SOFTWARE\Microsoft\Windows Media Foundation]
[HKLM\SOFTWARE\Microsoft\Windows Media Player NSS]
[HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem]
[HKLM\SOFTWARE\Microsoft\Windows NT]
[HKLM\SOFTWARE\Microsoft\Windows Photo Viewer]
[HKLM\SOFTWARE\Microsoft\Windows Portable Devices]
[HKLM\SOFTWARE\Microsoft\Windows Script Host]
[HKLM\SOFTWARE\Microsoft\Windows Search]
[HKLM\SOFTWARE\Microsoft\Wisp]
[HKLM\SOFTWARE\Microsoft\Wlansvc]
[HKLM\SOFTWARE\Microsoft\Workspaces]
[HKLM\SOFTWARE\Microsoft\WwanSvc]
[HKLM\Software\Microsoft\Windows\CurrentVersion]
[HKLM\Software\Microsoft\Windows\HTML Help]
[HKLM\Software\Microsoft\Windows\ITStorage]
[HKLM\Software\Microsoft\Windows\ScheduledDiagnostics]
[HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKLM\Software\Microsoft\Windows\Tablet PC]
[HKLM\Software\Microsoft\Windows\TabletPC]
[HKLM\Software\Microsoft\Windows\Windows Error Reporting]
[HKLM\Software\Microsoft\Windows\Windows Search]
[HKLM\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GPSvcGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport]
[HKLM\Software\WOW6432Node\Acronis]
[HKLM\Software\WOW6432Node\Adobe]
[HKLM\Software\WOW6432Node\AMD]
[HKLM\Software\WOW6432Node\ANI]
[HKLM\Software\WOW6432Node\Apple Inc.]
[HKLM\Software\WOW6432Node\Ashampoo]
[HKLM\Software\WOW6432Node\ATI]
[HKLM\Software\WOW6432Node\ATI Technologies]
[HKLM\Software\WOW6432Node\Avid]
[HKLM\Software\WOW6432Node\Canon]
[HKLM\Software\WOW6432Node\Caphyon]
[HKLM\Software\WOW6432Node\Codemasters]
[HKLM\Software\WOW6432Node\Corel]
[HKLM\Software\WOW6432Node\Corel Corporation]
[HKLM\Software\WOW6432Node\Cygwin]
[HKLM\Software\WOW6432Node\D-Link]
[HKLM\Software\WOW6432Node\DebugMode]
[HKLM\Software\WOW6432Node\DivX]
[HKLM\Software\WOW6432Node\Dropbox]
[HKLM\Software\WOW6432Node\DropboxUpdate]
[HKLM\Software\WOW6432Node\DT Soft]
[HKLM\Software\WOW6432Node\EaseUS]
[HKLM\Software\WOW6432Node\EaseUS Todo Backup]
[HKLM\Software\WOW6432Node\Eset]
[HKLM\Software\WOW6432Node\FAST Multimedia]
[HKLM\Software\WOW6432Node\FileZilla 3]
[HKLM\Software\WOW6432Node\FileZilla Client]
[HKLM\Software\WOW6432Node\Foscam]
[HKLM\Software\WOW6432Node\Freemake]
[HKLM\Software\WOW6432Node\Garmin]
[HKLM\Software\WOW6432Node\Google]
[HKLM\Software\WOW6432Node\HaaliMkx]
[HKLM\Software\WOW6432Node\HPS]
[HKLM\Software\WOW6432Node\InstallShield]
[HKLM\Software\WOW6432Node\Intel]
[HKLM\Software\WOW6432Node\IVT Corporation]
[HKLM\Software\WOW6432Node\JavaSoft]
[HKLM\Software\WOW6432Node\KasperskyLab]
[HKLM\Software\WOW6432Node\Khronos]
[HKLM\Software\WOW6432Node\Kobo]
[HKLM\Software\WOW6432Node\Lame For Audacity]
[HKLM\Software\WOW6432Node\Licenses]
[HKLM\Software\WOW6432Node\Macromedia]
[HKLM\Software\WOW6432Node\MAXSOFT-OCRON]
[HKLM\Software\WOW6432Node\McAfee]
[HKLM\Software\WOW6432Node\Mephisto]
[HKLM\Software\WOW6432Node\Microsoft]
[HKLM\Software\WOW6432Node\MicroVision]
[HKLM\Software\WOW6432Node\Mozilla]
[HKLM\Software\WOW6432Node\mozilla.org]
[HKLM\Software\WOW6432Node\MozillaPlugins]
[HKLM\Software\WOW6432Node\Nero]
[HKLM\Software\WOW6432Node\Nuance]
[HKLM\Software\WOW6432Node\ODBC]
[HKLM\Software\WOW6432Node\OpenAL]
[HKLM\Software\WOW6432Node\Pegasus Imaging]
[HKLM\Software\WOW6432Node\PegasusImaging]
[HKLM\Software\WOW6432Node\Pinnacle]
[HKLM\Software\WOW6432Node\Pinnacle Systems]
[HKLM\Software\WOW6432Node\Realtek]
[HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\WOW6432Node\Red Giant Software]
[HKLM\Software\WOW6432Node\Rene.E Laboratory]
[HKLM\Software\WOW6432Node\Runtime Software]
[HKLM\Software\WOW6432Node\Samsung Magician]
[HKLM\Software\WOW6432Node\Skype]
[HKLM\Software\WOW6432Node\Softgogo]
[HKLM\Software\WOW6432Node\Sony Creative Software]
[HKLM\Software\WOW6432Node\SRS Labs]
[HKLM\Software\WOW6432Node\TerraTec Electronic GmbH]
[HKLM\Software\WOW6432Node\TomTom]
[HKLM\Software\WOW6432Node\Totalidea Software]
[HKLM\Software\WOW6432Node\Univers photo Pixum]
[HKLM\Software\WOW6432Node\Volatile]
[HKLM\Software\WOW6432Node\VueScan]
[HKLM\Software\WOW6432Node\Wacom]
[HKLM\Software\WOW6432Node\WafCX]
[HKLM\Software\WOW6432Node\Wondershare]
[HKLM\Software\WOW6432Node\Clients]
[HKLM\Software\WOW6432Node\Policies]
[HKLM\Software\WOW6432Node\RegisteredApplications]
[HKLM\Software\WOW6432Node\Microsoft\.NETFramework]
[HKLM\Software\WOW6432Node\Microsoft\Active Setup]
[HKLM\Software\WOW6432Node\Microsoft\ADs]
[HKLM\Software\WOW6432Node\Microsoft\Advanced INF Setup]
[HKLM\Software\WOW6432Node\Microsoft\AMSI]
[HKLM\Software\WOW6432Node\Microsoft\AOMEI]
[HKLM\Software\WOW6432Node\Microsoft\ASP.NET]
[HKLM\Software\WOW6432Node\Microsoft\Assistance]
[HKLM\Software\WOW6432Node\Microsoft\AudioCompressionManager]
[HKLM\Software\WOW6432Node\Microsoft\Avalon.Graphics]
[HKLM\Software\WOW6432Node\Microsoft\BidInterface]
[HKLM\Software\WOW6432Node\Microsoft\Command Processor]
[HKLM\Software\WOW6432Node\Microsoft\Cryptography]
[HKLM\Software\WOW6432Node\Microsoft\CTF]
[HKLM\Software\WOW6432Node\Microsoft\DataAccess]
[HKLM\Software\WOW6432Node\Microsoft\DataFactory]
[HKLM\Software\WOW6432Node\Microsoft\DesiredStateConfiguration]
[HKLM\Software\WOW6432Node\Microsoft\DevDiv]
[HKLM\Software\WOW6432Node\Microsoft\Direct3D]
[HKLM\Software\WOW6432Node\Microsoft\DirectDraw]
[HKLM\Software\WOW6432Node\Microsoft\DirectInput]
[HKLM\Software\WOW6432Node\Microsoft\DirectMusic]
[HKLM\Software\WOW6432Node\Microsoft\DirectPlay]
[HKLM\Software\WOW6432Node\Microsoft\DirectPlay8]
[HKLM\Software\WOW6432Node\Microsoft\DirectPlayNATHelp]
[HKLM\Software\WOW6432Node\Microsoft\DirectShow]
[HKLM\Software\WOW6432Node\Microsoft\DirectX]
[HKLM\Software\WOW6432Node\Microsoft\DownloadManager]
[HKLM\Software\WOW6432Node\Microsoft\DRM]
[HKLM\Software\WOW6432Node\Microsoft\DVR]
[HKLM\Software\WOW6432Node\Microsoft\Edge]
[HKLM\Software\WOW6432Node\Microsoft\Exchange]
[HKLM\Software\WOW6432Node\Microsoft\Fax]
[HKLM\Software\WOW6432Node\Microsoft\Feeds]
[HKLM\Software\WOW6432Node\Microsoft\FlashConfig]
[HKLM\Software\WOW6432Node\Microsoft\FTH]
[HKLM\Software\WOW6432Node\Microsoft\Function Discovery]
[HKLM\Software\WOW6432Node\Microsoft\Fusion]
[HKLM\Software\WOW6432Node\Microsoft\HTMLHelp]
[HKLM\Software\WOW6432Node\Microsoft\IdentityCRL]
[HKLM\Software\WOW6432Node\Microsoft\IdentityStore]
[HKLM\Software\WOW6432Node\Microsoft\IMAPI]
[HKLM\Software\WOW6432Node\Microsoft\IMEJP]
[HKLM\Software\WOW6432Node\Microsoft\IMEKR]
[HKLM\Software\WOW6432Node\Microsoft\IMETC]
[HKLM\Software\WOW6432Node\Microsoft\Internet Account Manager]
[HKLM\Software\WOW6432Node\Microsoft\Internet Domains]
[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer]
[HKLM\Software\WOW6432Node\Microsoft\IsoBurn]
[HKLM\Software\WOW6432Node\Microsoft\Jet]
[HKLM\Software\WOW6432Node\Microsoft\Loki]
[HKLM\Software\WOW6432Node\Microsoft\Lptr]
[HKLM\Software\WOW6432Node\Microsoft\MediaCenterPeripheral]
[HKLM\Software\WOW6432Node\Microsoft\MediaPlayer]
[HKLM\Software\WOW6432Node\Microsoft\MessengerService]
[HKLM\Software\WOW6432Node\Microsoft\microsoft games]
[HKLM\Software\WOW6432Node\Microsoft\Microsoft Reference]
[HKLM\Software\WOW6432Node\Microsoft\Migwiz]
[HKLM\Software\WOW6432Node\Microsoft\MMC]
[HKLM\Software\WOW6432Node\Microsoft\Mobile]
[HKLM\Software\WOW6432Node\Microsoft\MSBuild]
[HKLM\Software\WOW6432Node\Microsoft\MSDE]
[HKLM\Software\WOW6432Node\Microsoft\MSDTC]
[HKLM\Software\WOW6432Node\Microsoft\MSF]
[HKLM\Software\WOW6432Node\Microsoft\MSLicensing]
[HKLM\Software\WOW6432Node\Microsoft\MSN Apps]
[HKLM\Software\WOW6432Node\Microsoft\MSOSOAP]
[HKLM\Software\WOW6432Node\Microsoft\MSSearch36]
[HKLM\Software\WOW6432Node\Microsoft\Multimedia]
[HKLM\Software\WOW6432Node\Microsoft\NapServer]
[HKLM\Software\WOW6432Node\Microsoft\NET Framework Setup]
[HKLM\Software\WOW6432Node\Microsoft\NetSh]
[HKLM\Software\WOW6432Node\Microsoft\Network]
[HKLM\Software\WOW6432Node\Microsoft\NetworkAccessProtection]
[HKLM\Software\WOW6432Node\Microsoft\Notepad]
[HKLM\Software\WOW6432Node\Microsoft\ODBC]
[HKLM\Software\WOW6432Node\Microsoft\Office]
[HKLM\Software\WOW6432Node\Microsoft\OfficeSoftwareProtectionPlatform]
[HKLM\Software\WOW6432Node\Microsoft\OnlineProviders]
[HKLM\Software\WOW6432Node\Microsoft\Outlook Express]
[HKLM\Software\WOW6432Node\Microsoft\PCHealth]
[HKLM\Software\WOW6432Node\Microsoft\PLA]
[HKLM\Software\WOW6432Node\Microsoft\PolicyManager]
[HKLM\Software\WOW6432Node\Microsoft\PowerShell]
[HKLM\Software\WOW6432Node\Microsoft\Print]
[HKLM\Software\WOW6432Node\Microsoft\RADAR]
[HKLM\Software\WOW6432Node\Microsoft\Reliability Analysis]
[HKLM\Software\WOW6432Node\Microsoft\RendezvousApps]
[HKLM\Software\WOW6432Node\Microsoft\RFC1156Agent]
[HKLM\Software\WOW6432Node\Microsoft\SchedulingAgent]
[HKLM\Software\WOW6432Node\Microsoft\Schema Library]
[HKLM\Software\WOW6432Node\Microsoft\Security Center]
[HKLM\Software\WOW6432Node\Microsoft\Sensors]
[HKLM\Software\WOW6432Node\Microsoft\Shared]
[HKLM\Software\WOW6432Node\Microsoft\Shared Tools]
[HKLM\Software\WOW6432Node\Microsoft\Shared Tools Location]
[HKLM\Software\WOW6432Node\Microsoft\SideShow]
[HKLM\Software\WOW6432Node\Microsoft\Silverlight]
[HKLM\Software\WOW6432Node\Microsoft\SnippingTool]
[HKLM\Software\WOW6432Node\Microsoft\Software]
[HKLM\Software\WOW6432Node\Microsoft\Speech]
[HKLM\Software\WOW6432Node\Microsoft\SQMClient]
[HKLM\Software\WOW6432Node\Microsoft\StrongName]
[HKLM\Software\WOW6432Node\Microsoft\Sync Framework]
[HKLM\Software\WOW6432Node\Microsoft\TableTextService]
[HKLM\Software\WOW6432Node\Microsoft\TabletTip]
[HKLM\Software\WOW6432Node\Microsoft\Tcpip]
[HKLM\Software\WOW6432Node\Microsoft\Terminal Server Client]
[HKLM\Software\WOW6432Node\Microsoft\TIP Shared]
[HKLM\Software\WOW6432Node\Microsoft\TPG]
[HKLM\Software\WOW6432Node\Microsoft\Tpm]
[HKLM\Software\WOW6432Node\Microsoft\Tracing]
[HKLM\Software\WOW6432Node\Microsoft\TV System Services]
[HKLM\Software\WOW6432Node\Microsoft\uDRM]
[HKLM\Software\WOW6432Node\Microsoft\Updates]
[HKLM\Software\WOW6432Node\Microsoft\UPnP Device Host]
[HKLM\Software\WOW6432Node\Microsoft\VBA]
[HKLM\Software\WOW6432Node\Microsoft\Visio]
[HKLM\Software\WOW6432Node\Microsoft\VisualStudio]
[HKLM\Software\WOW6432Node\Microsoft\VSTA Runtime Setup]
[HKLM\Software\WOW6432Node\Microsoft\VSTO Runtime Setup]
[HKLM\Software\WOW6432Node\Microsoft\WAB]
[HKLM\Software\WOW6432Node\Microsoft\WBEM]
[HKLM\Software\WOW6432Node\Microsoft\WIMMount]
[HKLM\Software\WOW6432Node\Microsoft\Windows]
[HKLM\Software\WOW6432Node\Microsoft\Windows CE Services]
[HKLM\Software\WOW6432Node\Microsoft\Windows Defender]
[HKLM\Software\WOW6432Node\Microsoft\Windows Desktop Search]
[HKLM\Software\WOW6432Node\Microsoft\Windows Live]
[HKLM\Software\WOW6432Node\Microsoft\Windows Live Mail]
[HKLM\Software\WOW6432Node\Microsoft\Windows Live Writer]
[HKLM\Software\WOW6432Node\Microsoft\Windows Mail]
[HKLM\Software\WOW6432Node\Microsoft\Windows Media Device Manager]
[HKLM\Software\WOW6432Node\Microsoft\Windows Media Foundation]
[HKLM\Software\WOW6432Node\Microsoft\Windows Media Player NSS]
[HKLM\Software\WOW6432Node\Microsoft\Windows Messaging Subsystem]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT]
[HKLM\Software\WOW6432Node\Microsoft\Windows Photo Viewer]
[HKLM\Software\WOW6432Node\Microsoft\Windows Portable Devices]
[HKLM\Software\WOW6432Node\Microsoft\Windows Script Host]
[HKLM\Software\WOW6432Node\Microsoft\Windows Search]
[HKLM\Software\WOW6432Node\Microsoft\Workspaces]
[HKLM\Software\WOW6432Node\Microsoft\XNA]
[HKLM\Software\WOW6432Node\Microsoft\COM3]
[HKLM\Software\WOW6432Node\Microsoft\DFS]
[HKLM\Software\WOW6432Node\Microsoft\Driver Signing]
[HKLM\Software\WOW6432Node\Microsoft\EnterpriseCertificates]
[HKLM\Software\WOW6432Node\Microsoft\EventSystem]
[HKLM\Software\WOW6432Node\Microsoft\MSMQ]
[HKLM\Software\WOW6432Node\Microsoft\Non-Driver Signing]
[HKLM\Software\WOW6432Node\Microsoft\Ole]
[HKLM\Software\WOW6432Node\Microsoft\Ras]
[HKLM\Software\WOW6432Node\Microsoft\Rpc]
[HKLM\Software\WOW6432Node\Microsoft\SystemCertificates]
[HKLM\Software\WOW6432Node\Microsoft\TermServLicensing]
[HKLM\Software\WOW6432Node\Microsoft\Transaction Server]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Help]
[HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc]

---------- | Drives


E:


F:


H:


I:


J:

[01/08/2018 13:16:32] - |A| - (.-.) - [1033] - (0.0.0.0) - J:\sauvegarde lumia windows phone 640 - 01 08 18 - Raccourci.lnk

---------- | C:

[23/12/2017 23:29:20] - |D| - [7845150] - C:\$RECYCLE.BIN
[29/04/2018 20:09:10] - |D| - [13078] - C:\$WINDOWS.~BT
[29/04/2018 20:26:18] - |HD| - [296467] - C:\$Windows.~WS
[MD5.D5F59E6995DBE6F1B801DEFEA5F6DC13] - [24/08/2018 11:32:56] - |A| - (.-.) - [151552] - (0.0.0.0) - C:\1036.MST
[01/04/2020 20:23:15] - |D| - [1265596930] - C:\AdsFix
[MD5.CDC4B1FFA5F9700DC3D87D1F27AD32FD] - [01/04/2020 20:24:05] - |A| - (.-.) - [50194] - (0.0.0.0) - C:\AdsFix_02_04_2020_10_39_41.txt
[18/05/2017 22:31:11] - |D| - [3630063878] - C:\AMD
[MD5.E6CEDB048D5399553671378BCF3328DD] - [26/01/2020 12:09:01] - |H| - (.-.) - [1024] - (0.0.0.0) - C:\AMTAG.BIN
[23/01/2017 20:58:53] - |RD| - [87] - C:\autorun.inf
[18/05/2017 22:13:48] - |SHD| - [20550640] - C:\Boot
[MD5.ACB83AE20552C4F78CABCA8E72763AC8] - [18/05/2017 22:13:48] - |RASH| - (.-.) - [399860] - (0.0.0.0) - C:\bootmgr
[MD5.4535B8E70C6BCD8E6DEFDB036133666A] - [18/05/2017 22:13:49] - |RASH| - (.-.) - [8192] - (0.0.0.0) - C:\BOOTSECT.BAK
[MD5.386B7A8BCA74B3464A2EA01BA12F2443] - [19/01/2020 21:55:57] - |N| - (.-.) - [4568] - (0.0.0.0) - C:\bootsqm.dat
[05/12/2017 21:31:11] - |D| - [464] - C:\CAT-Logs
[25/05/2017 09:47:09] - |D| - [27625488] - C:\Config.Msi
[MD5.816CD751AD0AB512CD040BCF6DED898A] - [26/12/2017 22:23:55] - |A| - (.-.) - [411] - (0.0.0.0) - C:\DelFix.txt
[14/07/2009 07:08:56] - |SHD| - [0] - C:\Documents and Settings
[MD5.690936808A256365C6369CF4E1D36406] - [20/08/2019 10:43:02] - |A| - (.-.) - [3457315] - (0.0.0.0) - C:\drone.mp4
[06/07/2017 21:44:00] - |D| - [0] - C:\easeus_tb_cloud
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [31/07/2017 13:40:22] - |A| - (.-.) - [0] - (0.0.0.0) - C:\error.txt
[29/04/2018 20:10:12] - |D| - [0] - C:\ESD
[MD5.3FB1BAEC90347696BC5DA95A9A19443B] - [06/07/2017 21:44:07] - |ASH| - (.-.) - [430080] - (0.0.0.0) - C:\EUMONBMP.SYS
[14/01/2020 13:15:04] - |SHD| - [7984098] - C:\found.000
[18/05/2017 12:30:21] - |D| - [1433012] - C:\Intel
[15/03/2018 23:19:04] - |AD| - [182233907] - C:\Kaspersky Rescue Disk 10.0
[23/02/2018 15:04:32] - |D| - [76804] - C:\KVRT_Data
[MD5.58375F85294A12FFD8CC2967CDF32104] - [20/08/2019 10:58:52] - |A| - (.-.) - [530] - (0.0.0.0) - C:\logWSVCUUpdateHelper.log
[19/05/2017 20:53:28] - |RD| - [669900934] - C:\MSOCache
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [18/05/2017 12:14:21] - |ASH| - (.-.) - [629145600] - (0.0.0.0) - C:\pagefile.sys
[14/07/2009 05:20:08] - |D| - [0] - C:\PerfLogs
[14/07/2009 05:20:08] - |RD| - [6858307601] - C:\Program Files
[14/07/2009 05:20:08] - |RD| - [9766369004] - C:\Program Files (x86)
[14/07/2009 05:20:08] - |D| - [24163927229] - C:\ProgramData
[08/04/2020 21:12:30] - |D| - [565104] - C:\QuickDiag
[MD5.7F1A2BE724DF18D60CF10B72D347CECD] - [10/04/2020 10:08:39] - |A| - (.-.) - [181319] - (0.0.0.0) - C:\QuickDiag.txt
[18/05/2017 12:20:14] - |D| - [174245381] - C:\Recovery
[31/07/2017 12:58:15] - |D| - [83409] - C:\sensible world of soccer
[21/11/2017 13:37:28] - |D| - [404158] - C:\subinacl
[MD5.828CCCA15BC8AB3F9F67CD8740C7FFE6] - [26/03/2019 23:41:56] - |AH| - (.-.) - [1024] - (0.0.0.0) - C:\SYSTAG.BIN
[23/01/2017 21:04:40] - |SHD| - [9954130462] - C:\System Volume Information
[MD5.81A293996AEF47E3EC3BFE963D965C47] - [24/08/2018 11:32:56] - |A| - (.-.) - [30821888] - (0.0.0.0) - C:\TomTom HOME.msi
[14/07/2009 05:20:08] - |RD| - [51094355792] - C:\Users
[24/08/2017 22:02:54] - |D| - [69121350] - C:\VMS_CAPTURE
[14/07/2009 05:20:08] - |D| - [81513003246] - C:\Windows
[18/05/2017 22:05:11] - |D| - [129] - C:\Windows.old
[MD5.E33EB657FE1F170B8C6C0590D007567E] - [19/05/2017 19:12:36] - |RSH| - (.-.) - [398735] - (0.0.0.0) - C:\WKVDQ
[MD5.3083D84D132E060F7696213CE315117C] - [06/07/2017 21:58:11] - |ASH| - (.-.) - [4096] - (0.0.0.0) - C:\{2A85721C-26F0-4389-B6CC-404EE2AF1E6B}.CBM
[MD5.82F53972157F53C75503BD26568882AD] - [06/07/2017 21:50:18] - |ASH| - (.-.) - [433664] - (0.0.0.0) - C:\{E2A4ADCE-7277-4902-84AA-E300188E37DF}.CBM

---------- | C:\Windows

[MD5.87E5AAE1AA9431EF1DDEDC46D2145BDB] - [18/05/2017 13:20:15] - |A| - (.-.) - [32] - (0.0.0.0) - C:\Windows\0
[14/07/2009 07:32:38] - |D| - [802] - C:\Windows\addins
[MD5.16D640FFBEFE88D81AC8A90A60C28088] - [26/01/2020 12:08:59] - |A| - (.-.) - [2165096] - (0.0.0.0) - C:\Windows\ampa.exe
[14/07/2009 05:20:08] - |D| - [21953541] - C:\Windows\AppCompat
[14/07/2009 05:20:08] - |D| - [10991332] - C:\Windows\AppPatch
[14/07/2009 05:20:08] - |RSD| - [1734081003] - C:\Windows\assembly
[MD5.A604A87869B0870F37F2BDC09E1032C8] - [18/05/2017 21:55:35] - |A| - (.-.) - [21682] - (0.0.0.0) - C:\Windows\atiogl.xml
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [18/05/2017 22:22:56] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\ativpsrm.bin
[29/08/2019 18:14:28] - |D| - [71790] - C:\Windows\AutoK
[MD5.317CD1CE327B6520BF4EE007BCD39E61] - [21/11/2010 05:24:22] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [71168] - (6.1.7601.17514) - C:\Windows\bfsvc.exe
[14/07/2009 05:20:09] - |D| - [29235208] - C:\Windows\Boot
[MD5.FF945668D84F49C38FE695F88EDEA8EB] - [14/07/2009 07:38:36] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat
[14/07/2009 05:20:09] - |D| - [3233280] - C:\Windows\Branding
[11/11/2017 11:40:19] - |D| - [349791207] - C:\Windows\CheckSur
[12/04/2011 10:28:27] - |D| - [0] - C:\Windows\CSC
[14/07/2009 05:20:09] - |D| - [2113488] - C:\Windows\Cursors
[14/07/2009 06:45:54] - |D| - [303063] - C:\Windows\debug
[MD5.D1E75542EC8D1B4851765A57AC63618E] - [30/07/2017 08:30:48] - |A| - (.-.) - [1908] - (0.0.0.0) - C:\Windows\diagerr.xml
[14/07/2009 07:32:38] - |D| - [3044378] - C:\Windows\diagnostics
[MD5.BBF8F67F3BE6CFC9E078B402222117DF] - [30/07/2017 08:30:48] - |A| - (.-.) - [2562] - (0.0.0.0) - C:\Windows\diagwrn.xml
[14/07/2009 07:37:46] - |D| - [0] - C:\Windows\DigitalLocker
[14/07/2009 07:32:38] - |D| - [65] - C:\Windows\Downloaded Program Files
[12/04/2011 10:28:28] - |D| - [118087153] - C:\Windows\ehome
[19/05/2017 20:34:31] - |D| - [0] - C:\Windows\ELAMBKUP
[MD5.E185BDA84E5F03F4E1D8DCA30E209277] - [23/02/2018 16:00:12] - |A| - (.-.) - [1912] - (0.0.0.0) - C:\Windows\epplauncher.mif
[23/12/2017 23:11:14] - |D| - [362177596] - C:\Windows\erdnt
[MD5.38AE1B3C38FAEF56FE4907922F0385BA] - [18/05/2017 12:59:01] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3229696] - (6.1.7601.23537) - C:\Windows\explorer.exe
[14/07/2009 05:20:09] - |RSD| - [399970187] - C:\Windows\Fonts
[18/04/2016 23:23:46] - |D| - [175616] - C:\Windows\fr-FR
[MD5.92BB2E9AA28542C685C59EFCBAC2490B] - [14/07/2009 01:22:13] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de chiffrement de lecteur BitLocker.) - [15360] - (6.1.7600.16385) - C:\Windows\fveupdate.exe
[14/07/2009 05:20:09] - |D| - [43271715] - C:\Windows\Globalization
[14/07/2009 05:20:09] - |D| - [41044615] - C:\Windows\Help
[MD5.A66E522F3CBFB8709EA37844922A002E] - [14/06/2017 19:52:13] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [733696] - (6.1.7601.23834) - C:\Windows\HelpPane.exe
[MD5.12589371C087A76B6E8E152939E59E98] - [09/05/2018 14:27:40] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [16896] - (6.1.7601.24134) - C:\Windows\hh.exe
[14/07/2009 05:20:09] - |D| - [143541252] - C:\Windows\IME
[14/07/2009 05:20:10] - |D| - [159106862] - C:\Windows\inf
[15/08/2017 18:57:32] - |SHD| - [37442437648] - C:\Windows\Installer
[MD5.456462905091DB042141487FE030E3C9] - [19/01/2020 23:25:51] - |A| - (.Copyright © 2001 - 2002 Indigo Rose Corporation. All Rights Reserved - SUF60Runtime.) - [737280] - (6.0.1.4) - C:\Windows\iun6002.exe
[14/07/2009 05:20:10] - |D| - [48371] - C:\Windows\L2Schemas
[14/07/2009 05:20:10] - |D| - [0] - C:\Windows\LiveKernelReports
[14/07/2009 05:20:10] - |D| - [126938220] - C:\Windows\Logs
[14/07/2009 05:20:10] - |RSD| - [13358214] - C:\Windows\Media
[MD5.23AF90D2355D8C83AA4567EF1763B467] - [14/07/2009 02:10:29] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin
[14/07/2009 05:20:10] - |D| - [1145676586] - C:\Windows\Microsoft.NET
[15/05/2016 22:35:41] - |D| - [63176] - C:\Windows\Migration
[28/06/2017 15:05:43] - |D| - [0] - C:\Windows\Minidump
[14/07/2009 05:20:10] - |D| - [0] - C:\Windows\ModemLogs
[MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 04:35:42] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\Windows\msdfmap.ini
[MD5.B32189BDFF6E577A92BAA61AD49264E6] - [15/05/2016 15:27:14] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [193536] - (6.1.7601.18917) - C:\Windows\notepad.exe
[14/07/2009 07:32:38] - |D| - [65] - C:\Windows\Offline Web Pages
[18/05/2017 22:14:01] - |D| - [1139615] - C:\Windows\Panther
[21/05/2017 22:43:47] - |D| - [0] - C:\Windows\PCHEALTH
[14/07/2009 07:32:38] - |D| - [62522346] - C:\Windows\Performance
[MD5.87A7A7D93262030D1DE2B908AD969BF5] - [27/11/2017 18:10:11] - |A| - (.-.) - [4904376] - (0.0.0.0) - C:\Windows\PFRO.log
[14/07/2009 05:20:10] - |D| - [1124149] - C:\Windows\PLA
[14/07/2009 05:20:10] - |D| - [6329038] - C:\Windows\PolicyDefinitions
[27/10/2017 21:02:09] - |D| - [0] - C:\Windows\Prefetch
[MD5.FFB8B91BD19E5BC10A3344AAF34880F3] - [12/04/2011 10:29:05] - |A| - (.-.) - [53551] - (0.0.0.0) - C:\Windows\Professional.xml
[03/08/2017 21:20:10] - |D| - [0] - C:\Windows\pss
[MD5.2E2C937846A0B8789E5E91739284D17A] - [14/07/2009 01:27:10] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [427008] - (6.1.7600.16385) - C:\Windows\regedit.exe
[14/07/2009 05:20:10] - |D| - [22588] - C:\Windows\registration
[14/07/2009 05:20:10] - |D| - [5360528] - C:\Windows\rescache
[14/07/2009 05:20:10] - |D| - [1686687] - C:\Windows\Resources
[MD5.2FA617D1B062B8D9F08036E90003B3E2] - [18/05/2017 12:35:11] - |A| - (.Copyright (C) 2011 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [1698408] - (1.0.3.6) - C:\Windows\RtlExUpd.dll
[14/07/2009 05:20:10] - |D| - [0] - C:\Windows\SchCache
[14/07/2009 05:20:10] - |D| - [58021] - C:\Windows\schemas
[14/07/2009 05:20:10] - |D| - [5281758] - C:\Windows\security
[14/07/2009 06:45:47] - |D| - [81760214] - C:\Windows\ServiceProfiles
[14/07/2009 05:20:10] - |D| - [567692500] - C:\Windows\servicing
[14/07/2009 06:45:50] - |D| - [42] - C:\Windows\Setup
[MD5.0E60A990D23B52511AD0B17641148FE9] - [09/04/2020 20:24:44] - |A| - (.-.) - [890] - (0.0.0.0) - C:\Windows\setupact.log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [09/04/2020 20:24:44] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log
[19/05/2017 20:53:39] - |D| - [38200] - C:\Windows\SHELLNEW
[05/12/2017 12:53:19] - |D| - [1477691121] - C:\Windows\SoftDist.old
[28/12/2017 23:21:24] - |D| - [1744971100] - C:\Windows\SoftwareDistribution
[03/12/2017 22:35:08] - |D| - [834478082] - C:\Windows\SoftwareDistribution.Old
[14/07/2009 05:20:10] - |D| - [70579144] - C:\Windows\Speech
[MD5.127AA81343A7C6F665C22CB1293B0A90] - [15/05/2016 15:04:35] - |A| - (.© Microsoft Corporation. - Print driver host for 32bit applications.) - [67072] - (6.1.7601.17777) - C:\Windows\splwow64.exe
[MD5.9060C3C745E7B2D8E1A81DD061021546] - [14/07/2009 07:28:38] - |A| - (.-.) - [48201] - (0.0.0.0) - C:\Windows\Starter.xml
[14/07/2009 05:20:10] - |D| - [0] - C:\Windows\system
[MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - [14/07/2009 04:34:57] - |A| - (.-.) - [215] - (0.0.0.0) - C:\Windows\system.ini
[14/07/2009 05:20:10] - |D| - [6688587745] - C:\Windows\System32
[14/07/2009 05:20:14] - |D| - [2287012289] - C:\Windows\SysWOW64
[14/07/2009 05:20:14] - |D| - [15] - C:\Windows\TAPI
[14/07/2009 05:20:14] - |D| - [34870] - C:\Windows\Tasks
[14/07/2009 05:20:14] - |D| - [10246646] - C:\Windows\Temp
[14/07/2009 05:20:14] - |D| - [0] - C:\Windows\tracing
[MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/06/2009 23:41:17] - |A| - (.- Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\Windows\twain.dll
[14/07/2009 07:32:38] - |D| - [13764086] - C:\Windows\twain_32
[MD5.163A95975E1D8819E653AA3E961371CA] - [21/11/2010 05:25:10] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\Windows\twain_32.dll
[11/03/2019 19:35:44] - |D| - [281600] - C:\Windows\twain_64
[MD5.F36A271706EDD23C94956AFB56981184] - [14/07/2009 00:47:26] - |A| - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\Windows\twunk_16.exe
[MD5.0BD6E68F3EA0DD62CD86283D86895381] - [14/07/2009 02:14:40] - |A| - (.- Twain.dll Client's 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\Windows\twunk_32.exe
[MD5.8CE5266F0BBB73C95886CB72B0063CB8] - [22/12/2017 22:29:11] - |A| - (.Copyright © MindVision Software 1995-2004 - Uninstall application file.) - [90112] - (3.6.1.0) - C:\Windows\unvise32.exe
[14/07/2009 05:20:14] - |D| - [12420] - C:\Windows\Vss
[14/07/2009 05:20:14] - |D| - [40681427] - C:\Windows\Web
[MD5.2465EBC8CD6E412CDC1AB9FEF40BCAE6] - [14/07/2009 04:34:57] - |A| - (.-.) - [478] - (0.0.0.0) - C:\Windows\win.ini
[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [14/07/2009 06:54:24] - |RAH| - (.-.) - [749] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest
[MD5.9468880C3BA7E7ABECB004208FDFD897] - [18/05/2017 12:20:12] - |A| - (.-.) - [1911577] - (0.0.0.0) - C:\Windows\WindowsUpdate.log
[MD5.22F9BB27BA0737B106EC579A6F23B550] - [15/05/2016 15:00:25] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide Microsoft®.) - [296960] - (50.1.7600.16386) - C:\Windows\winhlp32.exe
[14/07/2009 05:20:14] - |D| - [25443527277] - C:\Windows\winsxs
[15/05/2016 22:35:50] - |D| - [1671] - C:\Windows\WinToolkit
[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [10/06/2009 22:52:44] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx
[MD5.F8ED3B4B209E2CB49028E36CF06CA851] - [14/07/2009 01:56:28] - |A| - (.© Microsoft Corporation. - Windows Write.) - [10240] - (6.1.7600.16385) - C:\Windows\write.exe
[27/02/2020 18:07:03] - |D| - [45317] - C:\Windows\WuEsu

---------- | C:\Windows\System32\GroupPolicy


---------- | Systemroot\System


---------- | Systemroot\Installer (Microsoft Files Whitelisted)

[22/04/2017 04:26:24] - C:\Windows\Installer\105d0ea.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\14aa71.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[03/07/2017 10:32:30] - C:\Windows\Installer\190416.msi : ([ProductName] Installer - Apple Inc.)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[23/03/2020 19:50:33] - C:\Windows\Installer\1c6d1.msi : (Kaspersky Total Security - Kaspersky)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[23/03/2020 19:53:03] - C:\Windows\Installer\1c6dd.msi : (Kaspersky Secure Connection - Kaspersky)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[23/03/2020 19:55:39] - C:\Windows\Installer\1c6e9.msi : (Kaspersky Password Manager - Kaspersky Lab)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1d1747.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1d1831.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1d18fc.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1d18fd.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1d20aa.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1d2e7f.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1d339d.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1d4d83.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1e031c.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1e054d.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1e0b27.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1e15d1.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1e24af.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1e537c.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1ea69b.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1ebb91.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1ecf6f.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1ed4bc.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1ee2fe.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1eec61.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1ef288.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1ef93d.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1f0760.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1f1ad0.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1f2117.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1f274e.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1f580e.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1f6b8e.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1f7233.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1f7474.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1f7bd4.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\1faffd.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\202211.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\204d55.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[18/07/2017 11:12:15] - C:\Windows\Installer\205e17c.msi : (Pinnacle Studio - Corel Corporation)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[26/03/2018 19:25:58] - C:\Windows\Installer\205e185.msi : (Corel Update Helper v2 x86 - Corel Corporation)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[15/10/2015 12:12:17] - C:\Windows\Installer\205e18d.msi : (Dazzle Video Capture DVC100 X64 Driver 1.08 - Pinnacle)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\20668f.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\2086cc.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\20b0d8.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\20c0cf.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\21a9e5.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\21ae96.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\21af04.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[18/07/2017 11:12:14] - C:\Windows\Installer\21b5ff6.msi : (Blank Project Template - Corel Corporation)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[18/07/2017 11:12:09] - C:\Windows\Installer\21b6000.msi : (Creative Pack Volume 1 - Corel Corporation)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[26/03/2018 19:51:20] - C:\Windows\Installer\21b6013.msi : (Blank Project Template - InstallShield)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[18/07/2017 11:12:12] - C:\Windows\Installer\21b6094.msi : (ScoreFitter Volumes 1-2 - Corel Corporation)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[18/07/2017 11:12:12] - C:\Windows\Installer\21b609e.msi : (Title Extreme - Corel Corporation)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\21bda4.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\21d633.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\229730.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\22a4b7.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\22ab2d.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\22b2cb.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\22f038.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\234d84.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\23511c.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\23dd54.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\23f9d9.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\246b40.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/10/2019 18:36:36] - C:\Windows\Installer\29ac5d.msi : (Desktop companion application for your Xperia smartphone. - Sony)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/10/2019 18:36:36] - C:\Windows\Installer\29ac67.msi : (Desktop companion application for your Xperia smartphone. - Sony)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[08/02/2012 10:56:43] - C:\Windows\Installer\331a39.msi : (Studio 15 - Pinnacle Systems)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/12/2017 21:46:38] - C:\Windows\Installer\331a4b.msi : (Video Driver installation - Pinnacle Systems)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[08/02/2012 10:44:06] - C:\Windows\Installer\331a51.msi : (Studio 15 Ultimate Collection - Pinnacle Systems)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[08/02/2012 10:57:11] - C:\Windows\Installer\331a5d.msi : (Blank Project Template - InstallShield)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[27/02/2020 01:00:00] - C:\Windows\Installer\3f2904.msi : (WinZip Compression Utility - Corel Corporation)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\40f787.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\5503a9.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\58c340.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[28/03/2020 12:25:45] - C:\Windows\Installer\6d9f4.msi : (Backup and Sync from Google - Google, Inc.)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[21/04/2014 05:12:52] - C:\Windows\Installer\70408d.msi : ( - FOSCAM)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[21/03/2020 23:11:50] - C:\Windows\Installer\74cd.msi : (Google Update Helper - Google LLC)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\799261.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[12/04/2018 18:56:28] - C:\Windows\Installer\7f1bae.msi : (Roxio MyDVD - ¹«Ë¾Ãû³Æ)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[29/01/2020 13:03:07] - C:\Windows\Installer\7f8fa.msi : (Dropbox Update Helper - Dropbox, Inc.)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[10/12/2010 14:06:42] - C:\Windows\Installer\8d050.msi : ( - Oliver Carr)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[25/08/2018 11:59:23] - C:\Windows\Installer\8d0ae.msi : (Blank Project Template - TomTom)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[19/03/2019 15:27:18] - C:\Windows\Installer\94309.msi : (Elevated Installer - Garmin Ltd or its subsidiaries)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[19/03/2019 15:27:14] - C:\Windows\Installer\94311.msi : (ANT Drivers Installer x64 - Garmin Ltd or its subsidiaries)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[15/05/2018 12:26:33] - C:\Windows\Installer\975718.msi : (Pinnacle 3D Title Editor - Corel Corporation)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\a7e53.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\bcc64.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[29/03/2019 16:58:52] - C:\Windows\Installer\bd097.msi : (Adobe ARM Installer - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\c97236.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[03/03/2018 13:04:22] - C:\Windows\Installer\cd6c6f.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\cd70e.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\d1007.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2017 04:26:24] - C:\Windows\Installer\d2d6f1.msi : (Installers - Adobe Systems Incorporated)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[27/01/2019 13:25:33] - C:\Windows\Installer\dea56.msi : (YouTube By Click - ByClick)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[23/12/2017 00:44:16] - C:\Windows\Installer\e3db5c.msi : (Install Manager for Pinnacle Studio for Dazzle - Corel Corporation)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[07/01/2020 13:51:14] - C:\Windows\Installer\f60379.msi : (Hardware Detection DriversCloud.com - Cybelsoft)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[15/03/2019 18:34:12] - [53014528] - (.().-. - ()) - C:\Windows\Installer\19a68f.msp
[25/11/2019 12:48:02] - [35319808] - (.().-. - ()) - C:\Windows\Installer\1ac0ed.msp
[23/03/2020 19:58:34] - [573440] - (.().-. - ()) - C:\Windows\Installer\1c6fb.msp
[08/08/2019 06:10:46] - [33751040] - (.().-. - ()) - C:\Windows\Installer\29b8a1.msp
[26/07/2019 21:14:58] - [33325056] - (.().-. - ()) - C:\Windows\Installer\4ef5ce.msp
[25/07/2019 10:34:08] - [34856960] - (.().-. - ()) - C:\Windows\Installer\76b9d0.msp
[11/12/2019 09:34:20] - [35799040] - (.().-. - ()) - C:\Windows\Installer\da1d8.msp

---------- | %System%\*.in*

[14/07/2009 06:57:09] - [73] - C:\Windows\System32\desktop.ini
[15/05/2016 15:46:17] - [16303] - C:\Windows\System32\ieuinit.inf
[15/12/2011 05:08:20] - [28418] - C:\Windows\System32\lvcoin64.ini
[15/05/2016 22:35:42] - [83101602] - C:\Windows\System32\PerfStringBackup.INI
[10/06/2009 23:01:25] - [60124] - C:\Windows\System32\tcpmon.ini
[15/05/2016 15:46:17] - [16303] - C:\Windows\Syswow64\ieuinit.inf
[14/07/2009 06:55:01] - [535] - C:\Windows\Syswow64\mapisvc.inf
[15/05/2016 22:35:42] - [74214462] - C:\Windows\Syswow64\PerfStringBackup.INI

---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan

[MD5.6712E83EA2BF4FB46A316EEEF51E8101] - |A| - [24/02/2019 20:32:00] - (.-.) - [124.99 Ko] - (0.0.0.0) - C:\Windows\AppPatch\AppPatch64\sysmain.sdb
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:08] - [0 Ko] - C:\Windows\AppPatch\Custom\Custom64
[MD5.C86E5B2104DA4E046B94BA7231A07952] - |A| - [02/04/2020 11:53:00] - (.-.) - [454.43 Ko] - (0.0.0.0) - C:\Windows\Temp\adobegc.log
[MD5.8D2DF8FD54397985C1EBDC20770464D9] - |A| - [07/04/2020 22:56:18] - (.-.) - [14.95 Ko] - (0.0.0.0) - C:\Windows\Temp\chrome_installer.log
[MD5.00000000000000000000000000000000] - |D| - [07/04/2020 22:56:18] - [0.04 Ko] - C:\Windows\Temp\Crashpad
[MD5.00000000000000000000000000000000] - |D| - [07/04/2020 22:56:18] - [2258.43 Ko] - C:\Windows\Temp\CR_CD5E6.tmp
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [09/04/2020 20:25:47] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\FXSAPIDebugLogFile.txt
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [09/04/2020 20:25:47] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\FXSTIFFDebugLogFile.txt
[MD5.D4A1F7716E6717A7A761E741F2AA853D] - |A| - [02/04/2020 22:46:15] - (.-.) - [2.62 Ko] - (0.0.0.0) - C:\Windows\Temp\lpksetup-20200402-224615-0.log
[MD5.9A8940810E5EB17D72C9398370EB9065] - |A| - [03/04/2020 11:29:31] - (.-.) - [2.62 Ko] - (0.0.0.0) - C:\Windows\Temp\lpksetup-20200403-112931-0.log
[MD5.F07BB538E73799D061F7FB7C7A850EA2] - |A| - [03/04/2020 12:14:58] - (.-.) - [2.62 Ko] - (0.0.0.0) - C:\Windows\Temp\lpksetup-20200403-121458-0.log
[MD5.788A5260B43D53133475171088A17A40] - |A| - [03/04/2020 21:23:48] - (.-.) - [2.62 Ko] - (0.0.0.0) - C:\Windows\Temp\lpksetup-20200403-212348-0.log
[MD5.D1FA6AABAB9BD4FA0C5249301079553B] - |A| - [04/04/2020 09:52:11] - (.-.) - [2.62 Ko] - (0.0.0.0) - C:\Windows\Temp\lpksetup-20200404-095211-0.log
[MD5.C47CF185CAE1913EE67A7269A7B859F6] - |A| - [04/04/2020 18:57:46] - (.-.) - [2.62 Ko] - (0.0.0.0) - C:\Windows\Temp\lpksetup-20200404-185746-0.log
[MD5.9043CBDE8FA92B9FF7A83D8B4DE4B014] - |A| - [04/04/2020 19:19:52] - (.-.) - [2.62 Ko] - (0.0.0.0) - C:\Windows\Temp\lpksetup-20200404-191952-0.log
[MD5.F539A592E91C9597F690C9779937AB62] - |A| - [05/04/2020 09:10:19] - (.-.) - [2.62 Ko] - (0.0.0.0) - C:\Windows\Temp\lpksetup-20200405-091019-0.log
[MD5.F9FBE8219BDD86C24E3F5EEDD9CDDC12] - |A| - [05/04/2020 15:59:53] - (.-.) - [2.62 Ko] - (0.0.0.0) - C:\Windows\Temp\lpksetup-20200405-155953-0.log
[MD5.CFED3B535F2F697F22EBFE6A64535327] - |A| - [05/04/2020 19:43:49] - (.-.) - [2.62 Ko] - (0.0.0.0) - C:\Windows\Temp\lpksetup-20200405-194349-0.log
[MD5.E1CC9FAB48F36160D51784A065E2CC09] - |A| - [06/04/2020 17:36:15] - (.-.) - [2.62 Ko] - (0.0.0.0) - C:\Windows\Temp\lpksetup-20200406-173615-0.log
[MD5.C2BEE710E1811FFFDF3F10098F3D9171] - |A| - [07/04/2020 10:58:08] - (.-.) - [2.62 Ko] - (0.0.0.0) - C:\Windows\Temp\lpksetup-20200407-105808-0.log
[MD5.34FA3A52B1C39877A64C618B998E0D63] - |A| - [07/04/2020 22:44:39] - (.-.) - [2.62 Ko] - (0.0.0.0) - C:\Windows\Temp\lpksetup-20200407-224439-0.log
[MD5.EC07C558FFAAA097FF0F81FC0D406FE5] - |A| - [08/04/2020 09:51:56] - (.-.) - [2.62 Ko] - (0.0.0.0) - C:\Windows\Temp\lpksetup-20200408-095156-0.log
[MD5.1FCAB57215938C0FF75615B6A78FBCFA] - |A| - [08/04/2020 20:57:41] - (.-.) - [2.62 Ko] - (0.0.0.0) - C:\Windows\Temp\lpksetup-20200408-205741-0.log
[MD5.6BB49FEA4CF1DB450C2BA010A60FEE58] - |A| - [09/04/2020 09:39:14] - (.-.) - [2.62 Ko] - (0.0.0.0) - C:\Windows\Temp\lpksetup-20200409-093914-0.log
[MD5.B36ED40C7D80EC82A5FF616D450FC273] - |A| - [09/04/2020 20:25:14] - (.-.) - [2.62 Ko] - (0.0.0.0) - C:\Windows\Temp\lpksetup-20200409-202514-0.log
[MD5.C6957F13CDE2AAA3D8E58AE9F8311F2C] - |A| - [10/04/2020 09:29:13] - (.-.) - [2.62 Ko] - (0.0.0.0) - C:\Windows\Temp\lpksetup-20200410-092913-0.log
[MD5.19A54E11E4371AED131D62CC51E94EE1] - |A| - [08/04/2020 21:32:29] - (.-.) - [24.62 Ko] - (0.0.0.0) - C:\Windows\Temp\mbamiservice.log
[MD5.00000000000000000000000000000000] - |D| - [08/04/2020 21:32:29] - [5339.08 Ko] - C:\Windows\Temp\MBInstallTemp
[MD5.78B4C4F82B12F42D1C27E06D42BD0C85] - |A| - [08/04/2020 21:32:45] - (.-.) - [0.06 Ko] - (0.0.0.0) - C:\Windows\Temp\mb_errors9656.log
[MD5.00CB7DC7DFCD7502DC322EC0C084E52B] - |A| - [08/04/2020 22:21:22] - (.-.) - [4.98 Ko] - (0.0.0.0) - C:\Windows\Temp\MpCmdRun.log
[MD5.7F520BBD573ABD0F30E0918BE92FC8EB] - |A| - [09/04/2020 09:46:27] - (.-.) - [7.3 Ko] - (0.0.0.0) - C:\Windows\Temp\MpSigStub.log
[MD5.C7BF6BCDC920A4C200B6D5A79D9A3113] - |A| - [08/04/2020 21:19:41] - (.-.) - [27.43 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI4c7e0.LOG
[MD5.89CB1C009E9B3E02F2F10A692FA30310] - |A| - [08/04/2020 21:19:41] - (.-.) - [28.02 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI4c7e1.LOG
[MD5.B203B6A15914BD8F0C15F3BC6AB2F5EE] - |A| - [08/04/2020 21:19:41] - (.-.) - [28.05 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI4c7e2.LOG
[MD5.9326CC14AD2A158C897C9C9972E79F69] - |A| - [08/04/2020 21:19:41] - (.-.) - [20.54 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI4c7e3.LOG
[MD5.91479BD6CE48AE61B6C6722EF45A4339] - |A| - [08/04/2020 21:19:42] - (.-.) - [12 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI4c7e4.LOG
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [09/04/2020 09:39:05] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\officeclicktorun.exe_streamserver(20200409093905D74).log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [10/04/2020 09:29:02] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\officeclicktorun.exe_streamserver(20200410092902113C).log
[MD5.1D88E093D41BE57B4873AB233518B835] - |A| - [02/04/2020 22:46:06] - (.-.) - [67.92 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200402-2246.log
[MD5.C2ABD4BBD37020B465E007A1F2615D2B] - |A| - [02/04/2020 22:51:04] - (.-.) - [15.58 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200402-2251.log
[MD5.B8B9161783979074B156D409BFF53B78] - |A| - [02/04/2020 22:51:57] - (.-.) - [110.49 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200402-2251a.log
[MD5.CD6218A71BABC485C5810D34405E776A] - |A| - [03/04/2020 11:29:19] - (.-.) - [12.83 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200403-1129.log
[MD5.607474342233D9994B0CD7FF68BD500F] - |A| - [03/04/2020 11:34:18] - (.-.) - [9.45 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200403-1134.log
[MD5.F0CA7B104CB0EEC03E2427C1F03CFE6A] - |A| - [03/04/2020 12:14:43] - (.-.) - [13.21 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200403-1214.log
[MD5.7CFB41FBEDA4C2BE605DA7AE77875FDC] - |A| - [03/04/2020 12:19:42] - (.-.) - [8.69 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200403-1219.log
[MD5.3633D75044176F0E8B4F1931FF6DBD16] - |A| - [03/04/2020 12:25:25] - (.-.) - [10.52 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200403-1225.log
[MD5.845862B128D7CB1B60DCF42A00912DA5] - |A| - [03/04/2020 21:23:41] - (.-.) - [12.83 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200403-2123.log
[MD5.D5553B99DF533D9F01C0675A7D069019] - |A| - [03/04/2020 21:28:39] - (.-.) - [9.41 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200403-2128.log
[MD5.3FDDB6FD7D73EC5ABEB5C7A8F9C332E9] - |A| - [04/04/2020 09:51:59] - (.-.) - [68.32 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200404-0951.log
[MD5.76DB9EE13B8C7E6526412C4E2FDA55E7] - |A| - [04/04/2020 09:56:57] - (.-.) - [16.3 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200404-0956.log
[MD5.70B8FCAD36C3BD397AF750D890E77BCC] - |A| - [04/04/2020 09:57:38] - (.-.) - [114.47 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200404-0957.log
[MD5.83D9DB294CB4DDDACB246E1DECE511E7] - |A| - [04/04/2020 18:37:19] - (.-.) - [10.77 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200404-1837.log
[MD5.A6C192A58B89E5F58A4EECA12C1263CC] - |A| - [04/04/2020 18:57:35] - (.-.) - [67.87 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200404-1857.log
[MD5.A1AA282F2E92FB355359C9C615AEE18B] - |A| - [04/04/2020 19:02:33] - (.-.) - [15.58 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200404-1902.log
[MD5.5EDCDBBAEB5DD5BCE32E193CF14D3860] - |A| - [04/04/2020 19:03:16] - (.-.) - [110.2 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200404-1903.log
[MD5.57822FB2CF7097C7B72C5FEB54F0754C] - |A| - [04/04/2020 19:19:40] - (.-.) - [13.21 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200404-1919.log
[MD5.E58B64166EB87740A677ACF7B504CDFD] - |A| - [04/04/2020 19:24:38] - (.-.) - [9.43 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200404-1924.log
[MD5.D7A60DF6095D0734B77DB000D6A5D7A0] - |A| - [04/04/2020 19:29:52] - (.-.) - [10.14 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200404-1929.log
[MD5.E3B37D8C4E95C216960233A365B0CFDE] - |A| - [05/04/2020 09:10:12] - (.-.) - [13.21 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200405-0910.log
[MD5.FC465CA104B8D0A2FE4BC8179387B088] - |A| - [05/04/2020 09:15:13] - (.-.) - [8.69 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200405-0915.log
[MD5.72A3575185FE5EC8912BD3DA51EDCDCB] - |A| - [05/04/2020 15:59:40] - (.-.) - [14.07 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200405-1559.log
[MD5.FDF3F884AD220FB62EA2CBFF7401430D] - |A| - [05/04/2020 16:04:38] - (.-.) - [8.67 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200405-1604.log
[MD5.44E4A05EA993FFD719517BA05A44808D] - |A| - [05/04/2020 16:09:52] - (.-.) - [2.89 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200405-1609.log
[MD5.C2B84DA2CD9BE7D50589CF7DC9FE18FE] - |A| - [05/04/2020 19:43:39] - (.-.) - [68.63 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200405-1943.log
[MD5.14A4F297054FAAD972D3EBC5248A4E62] - |A| - [05/04/2020 19:48:37] - (.-.) - [15.58 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200405-1948.log
[MD5.F88F3791D860F35203DD4BD4C4C99502] - |A| - [05/04/2020 19:49:21] - (.-.) - [108.78 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200405-1949.log
[MD5.0F3BC7B5C219535BFF2EF97A26427E9C] - |A| - [06/04/2020 17:36:01] - (.-.) - [26.25 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200406-1736.log
[MD5.E61B4FDB316EBE2669C848E49606167E] - |A| - [06/04/2020 17:41:00] - (.-.) - [8.69 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200406-1741.log
[MD5.25649F849064B9E9DCB85EBE11ED45FC] - |A| - [07/04/2020 10:48:57] - (.-.) - [11.52 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200407-1048.log
[MD5.BC9D14ADE3A57E94963064CA8965FE3E] - |A| - [07/04/2020 10:57:55] - (.-.) - [81.29 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200407-1057.log
[MD5.657D0A9595A425C205F6E0D4A56724E3] - |A| - [07/04/2020 11:02:54] - (.-.) - [16.33 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200407-1102.log
[MD5.C2A6F553C70681438776EF89E90BC4BC] - |A| - [07/04/2020 11:03:37] - (.-.) - [108.8 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200407-1103.log
[MD5.AE8FB527CE3A3764C38386C13B7632CC] - |A| - [07/04/2020 11:08:07] - (.-.) - [10.68 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200407-1108.log
[MD5.43B8FBEFD60E200E2A70180BEF199559] - |A| - [07/04/2020 22:44:26] - (.-.) - [13.21 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200407-2244.log
[MD5.70F5F00D95930C646F467F30504247CA] - |A| - [07/04/2020 22:49:25] - (.-.) - [8.69 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200407-2249.log
[MD5.BE7A8B0206FB69DB18C3E143A1C367DD] - |A| - [08/04/2020 09:51:47] - (.-.) - [12.83 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200408-0951.log
[MD5.7C7C4F8F4076101B93A91349D949B035] - |A| - [08/04/2020 09:56:46] - (.-.) - [8.67 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200408-0956.log
[MD5.6D5A39B4CAD96CD5F05B118E8C174F37] - |A| - [08/04/2020 20:57:32] - (.-.) - [83.51 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200408-2057.log
[MD5.BBD77871832C8108170185BEDE990976] - |A| - [08/04/2020 21:02:30] - (.-.) - [15.58 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200408-2102.log
[MD5.F80E420C81A11F8E93E45425C5AD8AC7] - |A| - [08/04/2020 21:03:17] - (.-.) - [111.82 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200408-2103.log
[MD5.88D6FE1F89C166FE96D10A5AC054E505] - |A| - [08/04/2020 21:07:32] - (.-.) - [10 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200408-2107.log
[MD5.F10F04C04D6B65DB54D78603AE6E2B23] - |A| - [09/04/2020 09:39:05] - (.-.) - [11.48 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200409-0939.log
[MD5.DFBD423D3D25E22D9B406D7D5437A898] - |A| - [09/04/2020 09:44:05] - (.-.) - [8.69 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200409-0944.log
[MD5.D354ACC49DCCACEEA21EB7D9B4733DF3] - |A| - [09/04/2020 09:49:47] - (.-.) - [2.88 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200409-0949.log
[MD5.6AA3F6D3E11F011C8B3699D9823F668F] - |A| - [09/04/2020 09:49:48] - (.-.) - [9.43 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200409-0949a.log
[MD5.3C9751F6B4A305B4B9E6C4720A4FCE94] - |A| - [09/04/2020 20:25:03] - (.-.) - [13.21 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200409-2025.log
[MD5.94BED753A79C3BED150228E59CE4F64E] - |A| - [09/04/2020 20:30:01] - (.-.) - [8.67 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200409-2030.log
[MD5.48EDBF6938B1CDA42A605796EE45984C] - |A| - [10/04/2020 09:29:02] - (.-.) - [81.75 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200410-0929.log
[MD5.B7ABEA9908BF07398F42947DB5CB533F] - |A| - [10/04/2020 09:34:01] - (.-.) - [15.58 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200410-0934.log
[MD5.8F76316718A25FBAD3EE218977CE15E0] - |A| - [10/04/2020 09:34:51] - (.-.) - [111.9 Ko] - (0.0.0.0) - C:\Windows\Temp\TOLUNQ-PC-20200410-0934a.log
[MD5.00000000000000000000000000000000] - |D| - [02/04/2020 11:53:06] - [0.21 Ko] - C:\Windows\Temp\xperiacompanion
[MD5.00000000000000000000000000000000] - |D| - [23/03/2020 19:55:07] - [0 Ko] - C:\Windows\Temp\{A74B8795-9DB3-4E60-9491-A2204995D5E0}
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [18/05/2017 13:20:15] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\System32\0
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1 Ko] - C:\Windows\System32\0401
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1 Ko] - C:\Windows\System32\0404
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\0405
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\0406
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\0407
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\0408
[MD5.00000000000000000000000000000000] - |D| - [12/04/2011 10:17:52] - [1.5 Ko] - C:\Windows\System32\0409
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\040A
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\040B
[MD5.00000000000000000000000000000000] - |D| - [18/04/2016 23:23:45] - [1.5 Ko] - C:\Windows\System32\040C
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\040D
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\040E
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\0410
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1 Ko] - C:\Windows\System32\0411
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1 Ko] - C:\Windows\System32\0412
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\0413
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\0414
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\0415
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\0416
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\0419
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\041B
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\041D
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\041E
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\041F
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\0424
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1 Ko] - C:\Windows\System32\0804
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\0816
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1 Ko] - C:\Windows\System32\0C04
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\0C0A
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 22:00:40] - [1.5 Ko] - C:\Windows\System32\2C0A
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |AH| - [14/07/2009 06:45:49] - (.-.) - [34.02 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |AH| - [14/07/2009 06:45:49] - (.-.) - [34.02 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[MD5.94AD7E2445C72B10E847A8319AE896C6] - |A| - [23/03/2020 14:56:43] - (.-.) - [115.9 Ko] - (0.0.0.0) - C:\Windows\System32\AcpiServiceVnA64.dll
[MD5.329BAF6F4B9FFA0852075E7DE21F70C9] - |A| - [08/07/2011 21:29:04] - (.© Asmedia Technology. - Asmedia AHCI Property Page.) - [47.59 Ko] - (1.0.0.1) - C:\Windows\System32\ahcipp64.dll
[MD5.D03124A92936B3B1D38AC31D9B5582F8] - |A| - [26/03/2019 23:31:35] - (.-.) - [49.92 Ko] - (0.0.0.0) - C:\Windows\System32\ambakdrv.sys
[MD5.4B10D8998C824DD84AD597F9E058F6F0] - |A| - [23/03/2020 17:04:03] - (.-.) - [171.53 Ko] - (0.0.0.0) - C:\Windows\System32\amde31a.dat
[MD5.92AA02920ADDAB9620AB064389F29D17] - |A| - [23/03/2020 17:04:03] - (.-.) - [223.5 Ko] - (0.0.0.0) - C:\Windows\System32\amdgfxinfo64.dll
[MD5.3138CAE93E07531AED348AA5E0F44E59] - |A| - [23/03/2020 17:04:03] - (.-.) - [822.27 Ko] - (0.0.0.0) - C:\Windows\System32\amdicdxx.dat
[MD5.605FC1C5EBB7A3B758490D341934C895] - |A| - [23/03/2020 17:04:03] - (.Copyright (C) 2013 AMD Inc. - Mantle driver, support for SI family and above.) - [6197 Ko] - (9.1.10.77) - C:\Windows\System32\amdmantle64.dll
[MD5.9AB9137EFDF1E11D9186F8CED3736FD8] - |A| - [23/03/2020 17:04:04] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MMOCL Universal Driver.) - [49.5 Ko] - (1.6.0.0) - C:\Windows\System32\amdmmcl6.dll
[MD5.C02F3E6BEE2D3FAA0AD9CE11D70D213A] - |A| - [23/03/2020 17:04:09] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD COMPILER OpenCL 1.1 Compiler.) - [26890.5 Ko] - (0.8.0.0) - C:\Windows\System32\amdocl12cl64.dll
[MD5.C59825A4EDEFE90CAD1F8B61233596D4] - |A| - [23/03/2020 17:04:10] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 2.0 Runtime.) - [46665.5 Ko] - (10.0.1800.12) - C:\Windows\System32\amdocl64.dll
[MD5.ECC9D68F5BEF5CD67BE2D2F758661980] - |A| - [23/03/2020 17:04:08] - (.-.) - [1159.51 Ko] - (0.0.0.0) - C:\Windows\System32\amdocl_as64.exe
[MD5.DD3E0FE46F9AB3F9A339F4DD3B2B2E4C] - |A| - [23/03/2020 17:04:09] - (.-.) - [1037.01 Ko] - (0.0.0.0) - C:\Windows\System32\amdocl_ld64.exe
[MD5.F0D299D155DB4FAFFD478BF1CA549BA5] - |A| - [23/03/2020 17:04:06] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [107.28 Ko] - (8.14.10.23) - C:\Windows\System32\amdpcom64.dll
[MD5.98B78382C46541F2FFBFFB4CB3C709A2] - |A| - [26/03/2019 23:31:35] - (.-.) - [167.92 Ko] - (0.0.0.0) - C:\Windows\System32\ammntdrv.sys
[MD5.D0C50C113FE59C21AD59932E6B9C202F] - |A| - [26/01/2020 12:08:59] - (.-.) - [37.42 Ko] - (0.0.0.0) - C:\Windows\System32\ampa.sys
[MD5.301167E69BDE24CE24FB53376C422B3B] - |A| - [26/03/2019 23:31:35] - (.-.) - [37.42 Ko] - (0.0.0.0) - C:\Windows\System32\amwrtdrv.sys
[MD5.00000000000000000000000000000000] - |D| - [01/08/2017 21:49:41] - [0 Ko] - C:\Windows\System32\appmgmt
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 13:12:20] - [2750.36 Ko] - C:\Windows\System32\appraiser
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [3105.5 Ko] - C:\Windows\System32\ar-SA
[MD5.4726149F26F34C18D39CF8B592232DBE] - |A| - [07/07/2010 03:16:06] - (.Copyright (C) 2008-2014 Advanced Micro Devices, Inc. - ADL.) - [1216 Ko] - (7.15.20.1301) - C:\Windows\System32\atiadlxx.dll
[MD5.D9D4C09479F6DBF2BB47C23861DFEC5E] - |A| - [23/03/2020 17:04:03] - (.-.) - [646.95 Ko] - (0.0.0.0) - C:\Windows\System32\atiapfxx.blb
[MD5.E994AA8BD1C16F1BC80D27C8479E4926] - |A| - [23/03/2020 17:04:08] - (.Copyright (C) 2009 Advanced Micro Devices, Inc. - atiapfxx Application.) - [376.5 Ko] - (6.14.10.1001) - C:\Windows\System32\atiapfxx.exe
[MD5.749584902AE80A53EFDA4F8FA03E1713] - |A| - [11/05/2009 23:35:28] - (.Copyright (C) 2008 Advanced Micro Devices, Inc. - ATIBRTMON.) - [116 Ko] - (2.0.0.0) - C:\Windows\System32\atibtmon.exe
[MD5.B3D8011BAE27D0AAAE6ECEFF9FD44FD3] - |A| - [23/03/2020 17:04:04] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [54.5 Ko] - (6.14.10.1848) - C:\Windows\System32\aticalcl64.dll
[MD5.B6E04488343FCA27D04729D4721EE779] - |A| - [23/03/2020 17:04:05] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [15348.5 Ko] - (6.14.10.1848) - C:\Windows\System32\aticaldd64.dll
[MD5.6B4F247B3722B05FCF6388F64D8DE46A] - |A| - [23/03/2020 17:04:05] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [61 Ko] - (6.14.10.1848) - C:\Windows\System32\aticalrt64.dll
[MD5.441149D3790FA7F313AC129E5DA862B6] - |A| - [07/07/2010 03:53:20] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx64.dll.) - [1414.35 Ko] - (8.17.10.1404) - C:\Windows\System32\aticfx64.dll
[MD5.B5619036902036CB01E9C26A7A214202] - |A| - [18/05/2017 21:55:35] - (.2002-2008 - Graphics DEM.) - [436 Ko] - (2.0.3839.37545) - C:\Windows\System32\ATIDEMGX.dll
[MD5.0AE079FE0765D6331859F6D61EDAA1AF] - |A| - [23/03/2020 17:04:05] - (.2002-2012 - Graphics DEM.) - [432 Ko] - (4.5.5743.36452) - C:\Windows\System32\atidemgy.dll
[MD5.4C2C6D7A4FD7ED1FACE88DFB9B3E5F32] - |A| - [07/07/2010 03:37:36] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx64.dll.) - [10894.64 Ko] - (8.17.10.625) - C:\Windows\System32\atidxx64.dll
[MD5.57B88B544F5C49FBF6DB175BD0A57861] - |A| - [23/03/2020 17:04:08] - (.-.) - [205.5 Ko] - (0.0.0.0) - C:\Windows\System32\atieah64.exe
[MD5.06BC0AABA34DA8335490A6A47283DE48] - |A| - [07/07/2010 03:51:26] - (.Copyright © 2008-2009 AMD - AMD External Events Client Module.) - [679.5 Ko] - (6.14.11.1199) - C:\Windows\System32\atieclxx.exe
[MD5.FAB68A6A1A3E30C1E1C5DD3D78AF3906] - |A| - [07/07/2010 03:49:10] - (.Copyright (c) ATI Technologies Inc. 2003-2009 - atiedu64.) - [58 Ko] - (6.14.10.2514) - C:\Windows\System32\atiedu64.dll
[MD5.34DCD8F08440BC1B47D977CD501FF9A3] - |A| - [07/07/2010 03:50:54] - (.Copyright © 2008-2009 AMD - AMD External Events Service Module.) - [289.5 Ko] - (6.14.11.1199) - C:\Windows\System32\atiesrxx.exe
[MD5.FF5E06590B32F591BA0325127FCB6728] - |A| - [23/03/2020 17:04:06] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [103 Ko] - (8.14.1.6463) - C:\Windows\System32\atig6pxx.dll
[MD5.476020A28B388698AAC0008465149728] - |A| - [23/03/2020 17:04:06] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [180.5 Ko] - (8.14.1.6463) - C:\Windows\System32\atig6txx.dll
[MD5.F5C54E550B496551917737E72EE6B003] - |A| - [23/03/2020 17:04:06] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [88.5 Ko] - (8.14.1.6463) - C:\Windows\System32\atiglpxx.dll
[MD5.079EFFD5BECB418FE6596229B28D7324] - |A| - [23/03/2020 17:04:03] - (.-.) - [720.13 Ko] - (0.0.0.0) - C:\Windows\System32\atiicdxx.dat
[MD5.F0D299D155DB4FAFFD478BF1CA549BA5] - |A| - [23/03/2020 17:04:06] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [107.28 Ko] - (8.14.10.23) - C:\Windows\System32\atimpc64.dll
[MD5.E1C62464C5AE294DFC1EE533968C879D] - |A| - [23/03/2020 17:04:06] - (.Copyright ? 2009 AMD - Multi-language DPPE DLL.) - [29 Ko] - (6.14.10.1002) - C:\Windows\System32\atimuixx.dll
[MD5.1CA71B94C3242E3EC35850BC5D16253D] - |A| - [23/03/2020 17:04:06] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [29831.5 Ko] - (6.14.10.13406) - C:\Windows\System32\atio6axx.dll
[MD5.A6BAAA6608A9B00220E9D5C023FC53D1] - |A| - [23/03/2020 17:04:08] - (.Copyright (C) 2008 - ATIODCLI Application.) - [50 Ko] - (1.0.0.1) - C:\Windows\System32\ATIODCLI.exe
[MD5.463FFBD3350E3EB57F7D5746EBD233CA] - |A| - [23/03/2020 17:04:08] - (.Copyright (C) 2008 - ATIODE Application.) - [325 Ko] - (1.0.0.1) - C:\Windows\System32\ATIODE.exe
[MD5.9E11B96A2051A336ACD6DBCCD918B5F4] - |A| - [18/05/2017 21:55:35] - (.-.) - [2.79 Ko] - (0.0.0.0) - C:\Windows\System32\atipblag.dat
[MD5.16187D99C4583B4318B70D5521ED913B] - |A| - [07/07/2010 03:49:36] - (.Copyright (c) ATI Technologies Inc. 2002-2009 - ATI Desktop CWDDEDI DLL.) - [411.5 Ko] - (6.14.10.2562) - C:\Windows\System32\atipdl64.dll
[MD5.F1B4640F3801DC7B967EC6ACF1E23C0D] - |A| - [23/03/2020 17:04:07] - (.Copy Right © 2012 Advanced Micro Devices, Inc - TMM Clone Control Module.) - [186.5 Ko] - (6.14.11.25) - C:\Windows\System32\atitmm64.dll
[MD5.8057A7A72CB74D031969BE766E2B59ED] - |A| - [07/07/2010 03:14:50] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [146.02 Ko] - (8.14.1.6463) - C:\Windows\System32\atiu9p64.dll
[MD5.5F27BD66A95DDB114EB7AAFE8E5B0C8E] - |A| - [07/07/2010 03:22:26] - (.Copyright (C) 1998-2011 AMD Inc. - atiumd64.dll.) - [8419.2 Ko] - (9.14.10.1128) - C:\Windows\System32\atiumd64.dll
[MD5.8337F29B192A44ADD30380E190BA72FF] - |A| - [23/03/2020 17:04:03] - (.-.) - [3357.06 Ko] - (0.0.0.0) - C:\Windows\System32\atiumd6a.cap
[MD5.B3A1074EACE1F875ACD10F25881515E5] - |A| - [07/07/2010 03:30:12] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [8617.83 Ko] - (8.14.10.513) - C:\Windows\System32\atiumd6a.dll
[MD5.1865D53778CFC5F7D9C0FC422ADD9CD8] - |A| - [07/07/2010 03:15:04] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [162.59 Ko] - (8.14.1.6463) - C:\Windows\System32\atiuxp64.dll
[MD5.EFA5E3D55F1CC185BC690B7D79D015A9] - |A| - [23/03/2020 17:04:03] - (.-.) - [98.45 Ko] - (0.0.0.0) - C:\Windows\System32\ativce02.dat
[MD5.B974290EEE645249EE212FF62DD0824A] - |A| - [23/03/2020 17:04:03] - (.-.) - [173.19 Ko] - (0.0.0.0) - C:\Windows\System32\ativce03.dat
[MD5.5EBC73A78E5903E7CE6F6B25E4A6BE8F] - |A| - [23/03/2020 17:04:03] - (.-.) - [228.93 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_cik.dat
[MD5.C55D2CBC17AAE1FBAC9135E7C31A4D31] - |A| - [23/03/2020 17:04:03] - (.-.) - [227.3 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_cik_nd.dat
[MD5.0770A5AB5218E6D3134A7A7239B9A216] - |A| - [23/03/2020 17:04:03] - (.-.) - [249.81 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_cz_nd.dat
[MD5.A81F68A0D3387A06182EFA3880D3F0BD] - |A| - [23/03/2020 17:04:03] - (.-.) - [245 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_FJ.dat
[MD5.7EE8F6853798F7A900DB15F3054A0277] - |A| - [23/03/2020 17:04:03] - (.-.) - [243.25 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_FJ_nd.dat
[MD5.11355CAC5334C8999211C09CAAE194EF] - |A| - [23/03/2020 17:04:03] - (.-.) - [315.3 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_vi.dat
[MD5.3544D6AF6E0C9783C2CF6FA9CE42D520] - |A| - [23/03/2020 17:04:03] - (.-.) - [313.67 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_vi_nd.dat
[MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [23/03/2020 17:04:03] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\Windows\System32\ativvsva.dat
[MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [23/03/2020 17:04:03] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\Windows\System32\ativvsvl.dat
[MD5.0DB5C44554FDDE3AA63DE0815310A4E7] - |A| - [23/03/2020 14:56:43] - (.ASUSTeK COMPUTER INC. - ASUS WMI Interface for Gaming DT/NB.) - [171.73 Ko] - (3.0.0.1) - C:\Windows\System32\ATKWMI.dll
[MD5.2D6D5E83E242B43376CCFCD69DB6D848] - |A| - [23/03/2020 14:56:43] - (.-.) - [102.92 Ko] - (0.0.0.0) - C:\Windows\System32\audioLibVc.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [173 Ko] - C:\Windows\System32\bg-BG
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [2591.88 Ko] - C:\Windows\System32\Boot
[MD5.E095C171DD0DC2AB7EECB20A654C6575] - |A| - [02/02/2019 14:08:08] - (.-.) - [5124.14 Ko] - (0.0.0.0) - C:\Windows\System32\BootMan.exe
[MD5.F02F93D5AEC524052E4A37C1BB7CCF31] - |A| - [14/07/2009 03:20:24] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother Multi Function CoInstaller.) - [19 Ko] - (1.0.0.20) - C:\Windows\System32\brcoinst.dll
[MD5.7D00FF6A4315FDF4ACAFBB4EF157EA9F] - |A| - [14/07/2009 02:07:04] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [91.5 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll
[MD5.00000000000000000000000000000000] - |HD| - [19/05/2017 21:02:29] - [2960.1 Ko] - C:\Windows\System32\CanonIJ Uninstaller Information
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [356278.95 Ko] - C:\Windows\System32\catroot
[MD5.00000000000000000000000000000000] - |D| - [28/12/2017 22:53:47] - [59202.22 Ko] - C:\Windows\System32\catroot2
[MD5.00000000000000000000000000000000] - |D| - [24/11/2017 13:52:29] - [22984.34 Ko] - C:\Windows\System32\Catroot2.bak
[MD5.00000000000000000000000000000000] - |D| - [19/05/2017 21:01:29] - [905.57 Ko] - C:\Windows\System32\CHM
[MD5.9BD395CC1D67306755EA7DC1D1EC4A4D] - |A| - [23/03/2020 17:04:09] - (.-.) - [229.5 Ko] - (0.0.0.0) - C:\Windows\System32\clinfo.exe
[MD5.89C31C1DAF056EDA5F54DCC4C42C0DFE] - |A| - [19/05/2017 21:02:27] - (.-.) - [12.5 Ko] - (0.0.0.0) - C:\Windows\System32\CNC173ED.TBL
[MD5.B7C13F529A726068B0EECAAC05063AB4] - |A| - [19/05/2017 21:02:27] - (.Copyright CANON INC. 2009 All Rights Reserved - WIA Scanner Driver 64-bit Edition.) - [1291 Ko] - (1.0.2.0) - C:\Windows\System32\CNC560C.dll
[MD5.41EAAC265B16CF94FE136B780F8DB312] - |A| - [19/05/2017 21:02:27] - (.Copyright CANON INC. 2009 All Rights Reserved - WIA Scanner Driver Image Enhancement dll 64-bit Edition.) - [90.5 Ko] - (1.0.2.0) - C:\Windows\System32\CNC560I.dll
[MD5.EB1DCDCD0EDE79D084E8E03CAFF44C50] - |A| - [19/05/2017 21:02:27] - (.Copyright CANON INC. 2009 All Rights Reserved - LLD.) - [320.5 Ko] - (1.0.2.0) - C:\Windows\System32\CNC560L.dll
[MD5.1F34F80B9BECFB28EB0D755FFB0CD6C8] - |A| - [03/06/2010 07:10:40] - (.Copyright (C) 2010 Canon Inc. - Canon WIA scanner co-installer 64bit Edition.) - [102 Ko] - (3.0.1.90) - C:\Windows\System32\CNC560O.dll
[MD5.493574E218AA18161D14EECFD572A0E8] - |A| - [19/05/2017 21:02:27] - (.Copyright CANON INC. 2007-2008 All Rights Reserved - Canon Device Dependent Informations for Scanner Library.) - [17.5 Ko] - (1.4.1.1) - C:\Windows\System32\CNHMCA6.dll
[MD5.936AA43A69EB7E0DA2CD5BDDB43E19BF] - |A| - [19/05/2017 21:02:07] - (.Copyright CANON INC. 2006-2009 All Rights Reserved - Canon IJ Driver Installer.) - [239 Ko] - (1.6.0.110) - C:\Windows\System32\CNMIUA0.DLL
[MD5.3353B667E1EF7898B1B936EE631D9FE0] - |A| - [20/05/2017 23:02:58] - (.Copyright CANON INC. 2000-2010 All Rights Reserved - IJ Language Monitor.) - [329 Ko] - (0.3.0.1) - C:\Windows\System32\CNMLMA0.DLL
[MD5.4DB7376155E964D49AE8296FA36F2290] - |A| - [19/05/2017 21:01:34] - (.Copyright CANON INC. 2003-2009 All Rights Reserved - Canon IJ Network 64bit comm Module.) - [329 Ko] - (2.6.0.150) - C:\Windows\System32\CNMN6PPM.DLL
[MD5.39307EC108EEA9AC2929A2860F924A4F] - |A| - [19/05/2017 21:01:35] - (.Copyright CANON INC. 2003-2009 All Rights Reserved - Canon IJ Network 64bit UI Module.) - [141 Ko] - (2.6.0.150) - C:\Windows\System32\CNMN6UI.DLL
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [22879.86 Ko] - C:\Windows\System32\CodeIntegrity
[MD5.945EFD0BFB5DC225FBBD6A27D5043260] - |A| - [18/05/2017 21:55:35] - (.AMD. - CoInstaller DLL.) - [54 Ko] - (1.0.2.1) - C:\Windows\System32\coinst.dll
[MD5.97F5921DA6DA9AD60684A2F66E468C6D] - |A| - [23/03/2020 17:04:10] - (.AMD. - CoInstaller DLL.) - [844.5 Ko] - (1.0.5.9) - C:\Windows\System32\coinst_15.20.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [357 Ko] - C:\Windows\System32\com
[MD5.00000000000000000000000000000000] - |SD| - [18/05/2017 13:12:20] - [5028.19 Ko] - C:\Windows\System32\CompatTel
[MD5.EB19E80EEF8DB449E1160E66D3A6E6E6] - |A| - [23/03/2020 14:56:43] - (.2013 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [119.54 Ko] - (1.0.0.4) - C:\Windows\System32\CONEQMSAPOGUILibrary.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [806400.7 Ko] - C:\Windows\System32\config
[MD5.00000000000000000000000000000000] - |D| - [01/11/2017 19:05:23] - [51.22 Ko] - C:\Windows\System32\Configuration
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [432 Ko] - C:\Windows\System32\cs-CZ
[MD5.59075B2A63DF6A568123218BF4DC2696] - |A| - [02/01/2018 23:01:02] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\Windows\System32\CustomModeApp.exe.config
[MD5.899E708E589C09700BFF1C73CB7D7002] - |A| - [02/01/2018 23:01:02] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\Windows\System32\CustomModeAppv2_0.exe.config
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [427.5 Ko] - C:\Windows\System32\da-DK
[MD5.00000000000000000000000000000000] - |D| - [23/03/2020 14:57:03] - [14122.32 Ko] - C:\Windows\System32\DAX2
[MD5.00000000000000000000000000000000] - |D| - [23/03/2020 14:57:03] - [9568.75 Ko] - C:\Windows\System32\DAX3
[MD5.2E843E11FC585B8BBFCFD66B160203A5] - |A| - [23/03/2020 14:56:43] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX APO Property Page.) - [1508.16 Ko] - (1.1.8.14) - C:\Windows\System32\DAX3APOProp.dll
[MD5.E5F21D54FF965D7C42E600ED703EAF2D] - |A| - [23/03/2020 14:56:43] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX APO.) - [1340.32 Ko] - (1.1.8.14) - C:\Windows\System32\DAX3APOv251.dll
[MD5.4E97E07BB15E0D6B8F8A9411DB7AB0E7] - |A| - [01/04/2020 14:20:52] - (.Dropbox, Inc. - Dropbox Service.) - [43.51 Ko] - (1.0.24.0) - C:\Windows\System32\DbxSvc.exe
[MD5.AAEAAA8825CF705C0EBF333D147AF994] - |A| - [23/03/2020 14:56:43] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [271.85 Ko] - (7.6.5.1) - C:\Windows\System32\DDPA64.dll
[MD5.B76EAAC516CBE5015B2B7D0A2AC96633] - |A| - [23/03/2020 14:56:43] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [308.68 Ko] - (7.6.7.2) - C:\Windows\System32\DDPA64F3.dll
[MD5.FAD0F040F9BA2EC0F2F1A6957EBF9390] - |A| - [23/03/2020 14:56:43] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1925.27 Ko] - (7.6.5.1) - C:\Windows\System32\DDPD64A.dll
[MD5.F8EF2DB874F876CFFF62BB5681FD4CBE] - |A| - [23/03/2020 14:56:43] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1919.2 Ko] - (7.6.7.2) - C:\Windows\System32\DDPD64AF3.dll
[MD5.A6116FA42A4AED765844DE4339728359] - |A| - [23/03/2020 14:56:43] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [325.3 Ko] - (7.6.5.1) - C:\Windows\System32\DDPO64A.dll
[MD5.71F03E12548E6C58EB48C2E3751638B1] - |A| - [23/03/2020 14:56:43] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [359.1 Ko] - (7.6.7.2) - C:\Windows\System32\DDPO64AF3.dll
[MD5.A61C8451BFC0A6093DC6775B815101DA] - |A| - [23/03/2020 14:56:43] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6935.38 Ko] - (7.6.5.1) - C:\Windows\System32\DDPP64A.dll
[MD5.015FB540E6E6D50E0A179FCC8919F5EB] - |A| - [23/03/2020 14:56:43] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6123.32 Ko] - (7.6.7.2) - C:\Windows\System32\DDPP64AF3.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [457.5 Ko] - C:\Windows\System32\de-DE
[MD5.51255CE882F519DD11FDE9BDBE2D65E8] - |A| - [01/04/2016 02:31:54] - (.Advanced Micro Devices. - Delay Audio Processing Object.) - [110.74 Ko] - (1.0.0.1) - C:\Windows\System32\DelayAPO.dll
[MD5.079B8AEB4A55BF8493BD1EC70285D920] - |ASH| - [14/07/2009 06:57:09] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\Windows\System32\desktop.ini
[MD5.F7EDBFAC87591638F2AAF9AD8B0B4A36] - |A| - [15/12/2011 05:23:04] - (.-.) - [328.52 Ko] - (13.40.840.0) - C:\Windows\System32\DevManagerCore.dll
[MD5.0E2B7D35E3DDD21AF04FB4D98C2BCF7F] - |A| - [02/01/2018 23:01:02] - (.-.) - [308.83 Ko] - (0.0.0.0) - C:\Windows\System32\DisplayAudiox64.cab
[MD5.C0F1D0081348F299231BD0DE1B327313] - |A| - [23/03/2020 14:56:43] - (.© 2018 Dolby Laboratories, Inc. - Dolby DAX APO.) - [1573.3 Ko] - (3.20201.228.0) - C:\Windows\System32\DolbyAPOv251gm.dll
[MD5.D86620BAD9CC03E354A009ABFA4B9B4A] - |A| - [23/03/2020 14:56:43] - (.© 2018 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [1257.55 Ko] - (3.20201.228.0) - C:\Windows\System32\DolbyAPOvlldpgm.dll
[MD5.90B843D6A6EECB202B5E37386BD6EB22] - |A| - [23/03/2020 14:56:43] - (.© 2018 Dolby Laboratories, Inc. - Dolby DAX2 APO Property Page.) - [1132.1 Ko] - (0.8.8.33) - C:\Windows\System32\DolbyDAX2APOProp.dll
[MD5.B69D337965AC7FD3D31346EEC8614F9B] - |A| - [23/03/2020 14:56:43] - (.© 2018 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [2387.52 Ko] - (0.8.8.33) - C:\Windows\System32\DolbyDAX2APOv201.dll
[MD5.BAB23A326C4E029C9CF60DEC4BDD0363] - |A| - [23/03/2020 14:56:43] - (.© 2018 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [5221.77 Ko] - (0.8.8.33) - C:\Windows\System32\DolbyDAX2APOv211.dll
[MD5.F82A23968A7A60B1E4F1A3FA708B5193] - |A| - [23/03/2020 14:56:44] - (.© 2016 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [1230.31 Ko] - (1.6.1.53) - C:\Windows\System32\DolbyDAX2APOvlldp.dll
[MD5.59075B2A63DF6A568123218BF4DC2696] - |A| - [02/01/2018 23:01:02] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\Windows\System32\DPTopologyApp.exe.config
[MD5.899E708E589C09700BFF1C73CB7D7002] - |A| - [02/01/2018 23:01:02] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\Windows\System32\DPTopologyAppv2_0.exe.config
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [141997.03 Ko] - C:\Windows\System32\drivers
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [2417450.04 Ko] - C:\Windows\System32\DriverStore
[MD5.00000000000000000000000000000000] - |D| - [01/11/2017 19:05:24] - [158 Ko] - C:\Windows\System32\dsc
[MD5.A392FB2FCAFBE58516823CF389C2A5B1] - |A| - [23/03/2020 14:56:44] - (.(c) DTS. - DTS Bass Enhancement COM DLL.) - [733.8 Ko] - (1.0.0.1) - C:\Windows\System32\DTSBassEnhancementDLL64.dll
[MD5.566B21143FEB61565BDB03D29D7F96D2] - |A| - [23/03/2020 14:56:44] - (.(c) DTS. - DTS Boost COM DLL.) - [1480.84 Ko] - (1.0.0.1) - C:\Windows\System32\DTSBoostDLL64.dll
[MD5.A9DF8E44BB32F200D2220F9C452E9DC8] - |A| - [23/03/2020 14:56:44] - (.(c) DTS. - DTS Gain Compensator COM DLL.) - [438.2 Ko] - (1.0.0.1) - C:\Windows\System32\DTSGainCompensatorDLL64.dll
[MD5.4EEFDFD184BDB5889ABC64062ECDAE6A] - |A| - [23/03/2020 14:56:44] - (.(c) DTS. - DTS GFX APO.) - [255.22 Ko] - (1.0.0.3) - C:\Windows\System32\DTSGFXAPO64.dll
[MD5.5BF68981273BAC34EBE9060CEAC1163C] - |A| - [23/03/2020 14:56:44] - (.(c) DTS. - DTS GFX APO.) - [254.21 Ko] - (1.0.0.3) - C:\Windows\System32\DTSGFXAPONS64.dll
[MD5.D4FDDF9F8C8BA6143BB8EFFA947AF1DD] - |A| - [23/03/2020 14:56:44] - (.(c) DTS. - DTS LFX APO.) - [255.18 Ko] - (1.0.0.3) - C:\Windows\System32\DTSLFXAPO64.dll
[MD5.29C66FD48C51C6EEBDBC9F48E56F3117] - |A| - [23/03/2020 14:56:44] - (.(c) DTS. - DTS Limiter COM DLL.) - [442.23 Ko] - (1.0.0.1) - C:\Windows\System32\DTSLimiterDLL64.dll
[MD5.2FF33BCEF6FD88AC82AA6B584496B0B1] - |A| - [23/03/2020 14:56:44] - (.(c) DTS. - DTS NEO:PC COM DLL.) - [499.76 Ko] - (1.0.0.1) - C:\Windows\System32\DTSNeoPCDLL64.dll
[MD5.FAF5BDA053A44E2C080E3523B665DAFA] - |A| - [23/03/2020 14:56:44] - (.(c) DTS. - DTS Surround Sensation Headphone COM DLL.) - [1561.04 Ko] - (1.0.0.1) - C:\Windows\System32\DTSS2HeadphoneDLL64.dll
[MD5.7CA0991F83FD38959D3BBD6E9F23A468] - |A| - [23/03/2020 14:56:44] - (.(c) DTS. - DTS Surround Sensation Speaker COM DLL.) - [1746.16 Ko] - (1.0.0.1) - C:\Windows\System32\DTSS2SpeakerDLL64.dll
[MD5.6E230D39638714B12E2112FBC143A963] - |A| - [23/03/2020 14:56:44] - (.(c) DTS. - DTS Symmetry COM DLL.) - [717.66 Ko] - (1.0.0.1) - C:\Windows\System32\DTSSymmetryDLL64.dll
[MD5.390598E8F96AB1C8751AC39A377282E4] - |A| - [23/03/2020 14:56:44] - (.(c) DTS. - DTS Voice Clarity COM DLL.) - [698.98 Ko] - (1.0.0.1) - C:\Windows\System32\DTSVoiceClarityDLL64.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [457 Ko] - C:\Windows\System32\el-GR
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [3350.16 Ko] - C:\Windows\System32\en-US
[MD5.FFB025FE281E3DA533F8F6FB95B1531A] - |A| - [02/02/2019 14:08:08] - (.-.) - [24.45 Ko] - (0.0.0.0) - C:\Windows\System32\epmntdrv.sys
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [448 Ko] - C:\Windows\System32\es-ES
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [160.5 Ko] - C:\Windows\System32\et-EE
[MD5.A382029DE8567312E1497359124A2B3A] - |A| - [02/02/2019 14:08:08] - (.-.) - [18.14 Ko] - (0.0.0.0) - C:\Windows\System32\EuEpmGdi.dll
[MD5.08C997734B2CECE882656BB2855E6E76] - |A| - [02/02/2019 14:08:08] - (.-.) - [10.59 Ko] - (0.0.0.0) - C:\Windows\System32\EuGdiDrv.sys
[MD5.DFBDC24417B2EDE6513F5570E6CD24C8] - |A| - [06/07/2017 21:41:55] - (.Copyright (C) 2005-2011 CHENGDU YIWO Tech Development Co., Ltd. - EaseUS Todo Backup Application.) - [25.69 Ko] - (3.0.0.1) - C:\Windows\System32\fbnative.exe
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [430 Ko] - C:\Windows\System32\fi-FI
[MD5.FA05B07C883182FB7015D8FBEB2F7E18] - |A| - [14/07/2009 06:45:34] - (.-.) - [433.67 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT
[MD5.00000000000000000000000000000000] - |D| - [18/04/2016 23:23:45] - [1840 Ko] - C:\Windows\System32\fr
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [43274.45 Ko] - C:\Windows\System32\fr-FR
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\System32\FxsTmp
[MD5.2AE808CB0D9A667B0CF41EA74B3B9BAC] - |A| - [10/06/2009 22:36:24] - (.-.) - [39.6 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs
[MD5.12BCB2A86CB2570F3603D68AE695E970] - |A| - [14/03/2018 14:28:59] - (.-.) - [0.26 Ko] - (0.0.0.0) - C:\Windows\System32\GfxUI.exe.config
[MD5.899E708E589C09700BFF1C73CB7D7002] - |A| - [02/01/2018 23:01:02] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxv2_0.exe.config
[MD5.59075B2A63DF6A568123218BF4DC2696] - |A| - [02/01/2018 23:01:02] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxv4_0.exe.config
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\Windows\System32\GroupPolicy
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers
[MD5.5F40B80BF9A8CDF50E8E56413AD0DE13] - |A| - [23/03/2020 15:01:14] - (.Copyright (C) 2014 - GeneStor co-installer.) - [127.09 Ko] - (1.0.0.1) - C:\Windows\System32\GSCoinst.dll
[MD5.84FEEFB84AC26AE9D9A00124D11FDCFD] - |A| - [23/03/2020 14:56:44] - (.(c) 2016 Harman. - Harman APO Interface.) - [150.83 Ko] - (1.2.0.0) - C:\Windows\System32\HarmanAudioInterface.dll
[MD5.6CBB925A7F066DF7DB05B73D77E08EED] - |A| - [23/03/2020 14:56:44] - (.© 2018 Dolby Laboratories, Inc. - Dolby DAX2 HiFi API.) - [369.6 Ko] - (0.8.8.85) - C:\Windows\System32\HiFiDAX2API.dll
[MD5.E54D1AD8FD9F7489BFF2847E5196CA17] - |A| - [23/03/2020 14:56:44] - (.© 2016 Dolby Laboratories, Inc. - Dolby DAX2 HiFi API.) - [397.05 Ko] - (1.6.1.55) - C:\Windows\System32\HiFiDAX2APIPCLL.dll
[MD5.A7FFB65276D8A3D9AE926780CE1429F3] - |A| - [23/03/2020 14:56:44] - (.© Harman. - Audio by Harman APO.) - [352 Ko] - (1.4.0.0) - C:\Windows\System32\HMClariFi.dll
[MD5.6209461DFA283A4E02FA88F67856E371] - |A| - [23/03/2020 14:56:44] - (.© Harman. - Audio by Harman APO.) - [186.56 Ko] - (1.4.0.0) - C:\Windows\System32\HMEQ.dll
[MD5.82A840B239860974BB1463556577F8E2] - |A| - [23/03/2020 14:56:44] - (.© Harman. - Audio by Harman APO.) - [186.56 Ko] - (1.4.0.0) - C:\Windows\System32\HMEQ_Voice.dll
[MD5.9166F148AD0E82ABF33CF610746B9CD1] - |A| - [23/03/2020 14:56:44] - (.© Harman. - Audio by Harman APO.) - [199.16 Ko] - (1.4.0.0) - C:\Windows\System32\HMHVS.dll
[MD5.6BFBB04D54C9C34C5874F9054068ABEC] - |A| - [23/03/2020 14:56:44] - (.© Harman. - Audio by Harman APO.) - [175.49 Ko] - (1.4.0.0) - C:\Windows\System32\HMLimiter.dll
[MD5.792025F3147F91ACA5A4D0E4E452F7D5] - |A| - [23/03/2020 14:56:44] - (.?Harman. - Audio by Harman APO UI.) - [406.83 Ko] - (1.4.0.0) - C:\Windows\System32\HMUI.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [168 Ko] - C:\Windows\System32\hr-HR
[MD5.602D0208BD502433BC67B33629FD124D] - |A| - [23/03/2020 17:04:08] - (.-.) - [149 Ko] - (0.0.0.0) - C:\Windows\System32\hsa-thunk64.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [434.5 Ko] - C:\Windows\System32\hu-HU
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [5.36 Ko] - C:\Windows\System32\ias
[MD5.F37AD92D41AF4E12F2255623F3F39BD7] - |A| - [23/03/2020 14:54:53] - (.-.) - [100.39 Ko] - (0.0.0.0) - C:\Windows\System32\IccLibDll_x64.dll
[MD5.508119FAC587CE75654AC2686C3FB5D0] - |A| - [23/03/2020 14:56:44] - (.Copyright (c) 2018, ICEpower a/s - ICEpower ICEsound APO.) - [863.84 Ko] - (1.0.0.39) - C:\Windows\System32\ICEsoundAPO64.dll
[MD5.C6AC6E35D9B28E59E8612E35EEF78923] - |A| - [23/03/2020 14:56:40] - (.-.) - [197.45 Ko] - (0.0.0.0) - C:\Windows\System32\ICEsoundService.bin
[MD5.A37ABF7C30ECB61773B2B84350C1FE0E] - |A| - [23/03/2020 14:56:42] - (.Copyright (c) 2018, ICEpower a/s - ICEpower ICEsound APO service.) - [787.45 Ko] - (1.0.0.39) - C:\Windows\System32\ICEsoundService64.exe
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [36.27 Ko] - C:\Windows\System32\icsxml
[MD5.BF8BF9765B5F4D54A9DAF82B175BE37F] - |A| - [14/03/2018 14:29:00] - (.-.) - [736.96 Ko] - (0.0.0.0) - C:\Windows\System32\igcodeckrng700.bin
[MD5.B808AE1E4FF0F3EE874FCF7A2FD73399] - |A| - [23/03/2020 14:54:54] - (.-.) - [166.88 Ko] - (0.0.0.0) - C:\Windows\System32\igdail64.dll
[MD5.D839481A971DB877608E201B05ADAB4E] - |A| - [23/03/2020 14:54:54] - (.-.) - [224.39 Ko] - (0.0.0.0) - C:\Windows\System32\igdde64.dll
[MD5.2AFB3663F616F0C0BB0E852CCF935F52] - |A| - [23/03/2020 14:54:55] - (.Copyright (C) 2012-2013 - MDF(CM) Runtime DX11 Dynamic Link Library.) - [188.89 Ko] - (3.0.0.1284) - C:\Windows\System32\igfx11cmrt64.dll
[MD5.147AA4F8E9ADAEDF9A41D6FB6B492494] - |A| - [23/03/2020 14:54:55] - (.Copyright (C) 2010 - 2013 - MDF(CM) JIT Dynamic Link Library.) - [1987.89 Ko] - (3.0.0.1284) - C:\Windows\System32\igfxcmjit64.dll
[MD5.92387487D033577BDCD6A0A0E23553E4] - |A| - [23/03/2020 14:54:55] - (.Copyright (C) 2010 - 2013 - MDF(CM) Runtime Dynamic Link Library.) - [194.31 Ko] - (3.0.0.1284) - C:\Windows\System32\igfxcmrt64.dll
[MD5.4940C95694A4183E041E0372C86F890E] - |A| - [17/09/2012 16:24:18] - (.Copyright (C) 2009 - Intel(R) Graphics Media Accelerator Driver Coinstaller.) - [113.5 Ko] - (1.2.30.0) - C:\Windows\System32\igfxCoIn_v2857.dll
[MD5.DD4B6594C98E7175D996B29041801F7F] - |A| - [14/03/2018 14:29:01] - (.Copyright (C) 2009 - Intel(R) Graphics Media Accelerator Driver Coinstaller.) - [113.5 Ko] - (1.2.30.0) - C:\Windows\System32\igfxCoIn_v4229.dll
[MD5.F3BBEF1234B0BA4E25A42E933C0F30DC] - |A| - [23/03/2020 14:54:53] - (.-.) - [258.39 Ko] - (0.0.0.0) - C:\Windows\System32\igfxCPL.cpl
[MD5.8B0701C899355FB7E32EB63CCE072BBD] - |A| - [23/03/2020 14:54:55] - (.-.) - [92.89 Ko] - (0.0.0.0) - C:\Windows\System32\igfxCUIServicePS.dll
[MD5.47E5C775519F380F2A894FAFE4D2EAA0] - |A| - [23/03/2020 14:54:55] - (.-.) - [66.89 Ko] - (1.0.0.0) - C:\Windows\System32\igfxDHLib.dll
[MD5.F48EAD620C304F1568958174BCFD410A] - |A| - [23/03/2020 14:54:55] - (.-.) - [76.39 Ko] - (1.0.0.0) - C:\Windows\System32\igfxDHLibv2_0.dll
[MD5.81F5AC1BC4D7312DC14BE3BA4524089B] - |A| - [23/03/2020 14:54:55] - (.-.) - [18.89 Ko] - (1.0.0.0) - C:\Windows\System32\igfxDILib.dll
[MD5.9B4D2B8B0BF4E21127BC181236FD6204] - |A| - [23/03/2020 14:54:55] - (.-.) - [18.89 Ko] - (1.0.0.0) - C:\Windows\System32\igfxDILibv2_0.dll
[MD5.8242FEDE40C0EB678E909E8675079570] - |A| - [23/03/2020 14:54:55] - (.-.) - [18.39 Ko] - (1.0.0.0) - C:\Windows\System32\igfxEMLib.dll
[MD5.BCD4B1C885E670A95CCE3711F27DB3AB] - |A| - [23/03/2020 14:54:55] - (.-.) - [18.39 Ko] - (1.0.0.0) - C:\Windows\System32\igfxEMLibv2_0.dll
[MD5.6DE81BDA19F47EBB55E4A2E7C6B5A86D] - |A| - [23/03/2020 14:54:55] - (.-.) - [13.39 Ko] - (1.0.0.0) - C:\Windows\System32\igfxLHMLib.dll
[MD5.0930C150E51CB22733A085CAE0F3EFC6] - |A| - [23/03/2020 14:54:55] - (.-.) - [13.39 Ko] - (1.0.0.0) - C:\Windows\System32\igfxLHMLibv2_0.dll
[MD5.6C0F36ABFE80433B352FA7748ED887BF] - |A| - [02/01/2018 23:01:08] - (.-.) - [2748 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxa64.cpa
[MD5.2FCCF7939D4D3F392AB3C0F5F40039DD] - |A| - [02/01/2018 23:01:08] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxa64.vp
[MD5.B226B85123619EF1394339C1B5EB5A8D] - |A| - [02/01/2018 23:01:08] - (.-.) - [42.47 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxc64.vp
[MD5.55C71EDC47B57E5115B40095EEC9E205] - |A| - [02/01/2018 23:01:08] - (.-.) - [42.79 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxc64_dev.vp
[MD5.94ED4F871997E5DFC610DC1649C38911] - |A| - [02/01/2018 23:01:08] - (.-.) - [42.24 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxg64.vp
[MD5.04590E9E52E13EF34B2AA02C7EA2431B] - |A| - [02/01/2018 23:01:08] - (.-.) - [42.28 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxg64_dev.vp
[MD5.3B6EF4F03F2DE75A3B7DDF627A3EC146] - |A| - [02/01/2018 23:01:08] - (.-.) - [42.99 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxo64.vp
[MD5.715DBDBED4599E798F94EDF6003F75B6] - |A| - [02/01/2018 23:01:08] - (.-.) - [41.09 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxo64_dev.vp
[MD5.A912165E114BED09F07F2B056FC0D9B5] - |A| - [23/03/2020 14:54:53] - (.-.) - [2.51 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxs64.vp
[MD5.1BAF126D28AE79F5F2685166279FA216] - |A| - [14/03/2018 14:29:01] - (.-.) - [584.36 Ko] - (0.0.0.0) - C:\Windows\System32\igvpkrng700.bin
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [36875.94 Ko] - C:\Windows\System32\IME
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\Windows\System32\inetsrv
[MD5.AAA0C03BF54FC8A4E895B576861A9848] - |A| - [21/11/2010 05:07:41] - (.-.) - [29.12 Ko] - (0.0.0.0) - C:\Windows\System32\InstallPackage_ETW.Log
[MD5.B7BDD93D87FC1AB93111BB224FCE7EE5] - |A| - [23/03/2020 14:54:55] - (.Copyright © The Khronos Group Inc 2011 - OpenCL Client DLL.) - [70.89 Ko] - (1.2.11.0) - C:\Windows\System32\Intel_OpenCL_ICD64.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [452 Ko] - C:\Windows\System32\it-IT
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [365 Ko] - C:\Windows\System32\ja-JP
[MD5.48BA9C6110A5EBA910E7FB2E7D23CFC1] - |A| - [23/03/2020 19:54:40] - (.Copyright © Kaspersky Lab ZAO 1996-2012. - Filtering Platform Helper Class.) - [107.59 Ko] - (1.0.0.12) - C:\Windows\System32\klfphc.dll
[MD5.245B879A7E97618EE75F7BB941F513D5] - |A| - [17/10/2019 14:16:16] - (.© 2019 AO Kaspersky Lab. - System Interceptors PDK usermode service interceptor.) - [166.33 Ko] - (20.2.120.0) - C:\Windows\System32\klhkum.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [360 Ko] - C:\Windows\System32\ko-KR
[MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [14/07/2009 04:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\System32\korwbrkr.lex
[MD5.E89C001FB4D9E08CC7072CE774CDB999] - |A| - [21/11/2010 04:52:07] - (.-.) - [0.01 Ko] - (0.0.0.0) - C:\Windows\System32\LocalGroupAdminAdd.log
[MD5.563C3703A9B57CC9B370A76D6173D09C] - |A| - [21/11/2010 04:52:08] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\System32\Local_LLU.log
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [2591.89 Ko] - C:\Windows\System32\LogFiles
[MD5.A74E001559B7C171A6B1502C90B32A49] - |A| - [15/12/2011 05:23:04] - (.-.) - [10664.52 Ko] - (13.40.840.0) - C:\Windows\System32\LogiDPP.dll
[MD5.E8D7D7BE61B2078E849ED956E1B38C33] - |A| - [15/12/2011 05:23:04] - (.-.) - [102.02 Ko] - (13.40.840.0) - C:\Windows\System32\LogiDPPApp.exe
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [165 Ko] - C:\Windows\System32\lt-LT
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [166 Ko] - C:\Windows\System32\lv-LV
[MD5.0EB4037934303CC71CD34ED2DAE490C8] - |A| - [15/12/2011 05:15:22] - (.(c) 1996-2011 Logitech. - Logitech Co-Installer.) - [257.28 Ko] - (13.40.840.0) - C:\Windows\System32\lvco1340840.dll
[MD5.61BEEC0CD821B3DD85634C406366847F] - |A| - [15/12/2011 05:15:22] - (.(c) 1996-2011 Logitech. - Video Codec.) - [172.28 Ko] - (13.40.840.0) - C:\Windows\System32\lvcod64.dll
[MD5.BCD7159B6F32F03F394DFBC9F925398F] - |A| - [15/12/2011 05:08:20] - (.-.) - [27.75 Ko] - (0.0.0.0) - C:\Windows\System32\lvcoin64.ini
[MD5.BF5AA9B7344A2B9321409013121082E5] - |A| - [24/05/2017 22:56:13] - (.-.) - [26.53 Ko] - (0.0.0.0) - C:\Windows\System32\lvcoinst.log
[MD5.FA666191491071E54466B0515B3FD863] - |A| - [15/12/2011 05:15:42] - (.(c) 1996-2011 Logitech. - Logitech Camera Property Pages.) - [751.28 Ko] - (13.40.840.0) - C:\Windows\System32\LVUI64.dll
[MD5.980B3FD57CF5A548D044CAE1B75C458F] - |A| - [15/12/2011 05:15:42] - (.(c) 1996-2011 Logitech. - Logitech Camera Property Pages.) - [548.28 Ko] - (13.40.840.0) - C:\Windows\System32\LVUIRC64.dll
[MD5.00000000000000000000000000000000] - |D| - [30/11/2017 11:08:16] - [28606.43 Ko] - C:\Windows\System32\Macromed
[MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [13/07/2009 22:17:48] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\Windows\System32\manage-bde.wsf
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [1981.88 Ko] - C:\Windows\System32\manifeststore
[MD5.D435D7BBE4820BA2D414827C205EE01B] - |A| - [23/03/2020 17:04:08] - (.Copyright (C) 2013 AMD Inc. - Mantle loader.) - [139 Ko] - (9.1.10.77) - C:\Windows\System32\mantle64.dll
[MD5.38A0B64E3A99A8D3EC01A58ED87A0B4F] - |A| - [23/03/2020 17:04:08] - (.Copyright (C) 2013 AMD Inc. - Mantle extension library.) - [106.5 Ko] - (9.1.10.77) - C:\Windows\System32\mantleaxl64.dll
[MD5.75616F8DB5C092A8A50AFEC273859DD7] - |A| - [18/05/2017 12:35:16] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [311.34 Ko] - (2.2.9.0) - C:\Windows\System32\MaxxAudioAPO20.dll
[MD5.6C35ACAEF20D460E6DEA9A4286340364] - |A| - [18/05/2017 12:35:17] - (.Copyright (C) 2010-2012 - MaxxAudio APO Shell.) - [935.84 Ko] - (4.0.7.0) - C:\Windows\System32\MaxxAudioAPOShell64.dll
[MD5.350823AC8941C4F34ABC0FF7C8AE7CCA] - |A| - [18/05/2017 12:35:17] - (.Copyright © 1996-2011 -.) - [2081.34 Ko] - (4.0.3.1) - C:\Windows\System32\MaxxAudioEQ.dll
[MD5.CF8CE8E1CF73A91F339B67A259416B16] - |A| - [18/05/2017 12:35:17] - (.Copyright (c) 2006-2011 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [873.09 Ko] - (1.0.58.0) - C:\Windows\System32\MBAPO64.dll
[MD5.5C975E12A7ED0C7F31A72C28B029DBFD] - |A| - [18/05/2017 12:35:17] - (.Copyright (c) 2006-2011 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [611.59 Ko] - (1.0.15.159) - C:\Windows\System32\MBTHX64.dll
[MD5.7E6CA0FBCFDD2B6E2D99EDD8B673A192] - |A| - [18/05/2017 12:35:17] - (.Copyright (c) 2006-2010 Creative Technology Ltd. - Audio Processing Object Chaining Module.) - [79.09 Ko] - (1.0.0.180) - C:\Windows\System32\MBWrp64.dll
[MD5.39E801545FFF6230C80140E0F8A06629] - |A| - [14/07/2009 06:57:09] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\Windows\System32\migwiz.lnk
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [4148.28 Ko] - C:\Windows\System32\Msdtc
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [24.48 Ko] - C:\Windows\System32\MUI
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [422.5 Ko] - C:\Windows\System32\nb-NO
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [768 Ko] - C:\Windows\System32\NDF
[MD5.CD48AD912839B9FB6CCA5D4AA9B37500] - |A| - [14/07/2009 00:01:19] - (.-.) - [21.3 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [119 Ko] - C:\Windows\System32\NetworkList
[MD5.8E24A7BCAEF2045DA1FF29217622843E] - |A| - [21/11/2010 04:52:07] - (.-.) - [0.04 Ko] - (0.0.0.0) - C:\Windows\System32\Network_LLU.log
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [443.5 Ko] - C:\Windows\System32\nl-NL
[MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [14/07/2009 04:35:51] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\System32\noise.kor
[MD5.2901049544FDF863362FABA2363EB647] - |A| - [13/07/2009 22:24:21] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\Windows\System32\onlinesetup.cmd
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [13095.58 Ko] - C:\Windows\System32\oobe
[MD5.2AD7B4F3C8D2BB686D231EDFF404B7A4] - |A| - [23/03/2020 15:16:38] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [120.02 Ko] - (6.14.357.24) - C:\Windows\System32\OpenAL32.dll
[MD5.C9FE5FCBF9398026D6B4DEFEF17B9149] - |A| - [14/07/2009 04:36:59] - (.-.) - [11849.07 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat
[MD5.C322CF123ECF20785DA118251D00F80D] - |A| - [18/04/2016 23:23:50] - (.-.) - [13569.33 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00C.dat
[MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 22:33:35] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\System32\PerfCenterCpl.ico
[MD5.7AAA3E23CE4C7845B112F7A79B110E60] - |A| - [14/07/2009 04:36:59] - (.-.) - [30.81 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat
[MD5.07BA000B2E67565BDF112C35171865A5] - |A| - [18/04/2016 23:23:50] - (.-.) - [37.27 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00C.dat
[MD5.32576100FC0064EC8C9D73FD09578F14] - |A| - [14/07/2009 04:36:59] - (.-.) - [12888.75 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat
[MD5.4282C659872629313AE74DF6006BF0C9] - |A| - [18/04/2016 23:23:50] - (.-.) - [40973.6 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00C.dat
[MD5.D401555FCE0B9E1EC90CD04C15E165BB] - |A| - [15/05/2016 22:35:42] - (.-.) - [81153.91 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [439 Ko] - C:\Windows\System32\pl-PL
[MD5.1DD626FE4DE2D4B710DD1360F404A54F] - |A| - [16/09/2017 21:22:02] - (.Copyright (C) 2001 - Application PrintBrm.) - [70 Ko] - (1.0.0.0) - C:\Windows\System32\PrintBrmUi.exe
[MD5.00000000000000000000000000000000] - |D| - [12/04/2011 10:17:51] - [420.42 Ko] - C:\Windows\System32\Printing_Admin_Scripts
[MD5.007893E8374C766471239EB291BA8C17] - |A| - [01/11/2017 18:38:12] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\Windows\System32\psmodulediscoveryprovider.mof
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [436 Ko] - C:\Windows\System32\pt-BR
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [438.5 Ko] - C:\Windows\System32\pt-PT
[MD5.900AB524D0E7135058F8C69861751860] - |A| - [23/03/2020 14:56:44] - (.©2012 Dolby Laboratories. - Dolby PCEE4 ASL Analog x64.) - [136.58 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EEA64A.dll
[MD5.5D9CE1D4E719FF8A3CEE30B0AF2576A3] - |A| - [23/03/2020 14:56:44] - (.©2012 Dolby Laboratories. - Dolby PCEE4 COM DLL x64.) - [442.76 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EED64A.dll
[MD5.6E00C09ECEDD520EBB72E20D11423646] - |A| - [23/03/2020 14:56:44] - (.©2012 Dolby Laboratories. - Dolby PCEE4 GFX APO x64.) - [88.16 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EEG64A.dll
[MD5.80EEBB4E76ECA2D3DBEC1B32CF23482C] - |A| - [23/03/2020 14:56:44] - (.©2012 Dolby Laboratories. - Dolby PCEE4 LFX APO x64.) - [153.76 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EEL64A.dll
[MD5.65DEE43C44AE0BAF5AD260CB4F2E5144] - |A| - [23/03/2020 14:56:44] - (.©2012 Dolby Laboratories. - Dolby PCEE4 Control Panel x64.) - [7010.33 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EEP64A.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [23.75 Ko] - C:\Windows\System32\ras
[MD5.5C091172C852F2B41928C5961E3D3F46] - |A| - [15/12/2011 06:08:38] - (.-.) - [38.04 Ko] - (0.0.0.0) - C:\Windows\System32\Repository.reg
[MD5.7C47E200D9D049C49156A7D416586C4F] - |A| - [02/01/2018 23:01:12] - (.-.) - [161.58 Ko] - (0.0.0.0) - C:\Windows\System32\resARA.cui
[MD5.BB02E0907790B462282C099197F01A07] - |A| - [02/01/2018 23:01:12] - (.-.) - [146.02 Ko] - (0.0.0.0) - C:\Windows\System32\resCHS.cui
[MD5.2F6B4B08827D5B994B097C0D8A9F15C3] - |A| - [02/01/2018 23:01:12] - (.-.) - [146.88 Ko] - (0.0.0.0) - C:\Windows\System32\resCHT.cui
[MD5.971B2384427DD0133F9FD7B923F395DF] - |A| - [02/01/2018 23:01:12] - (.-.) - [152.96 Ko] - (0.0.0.0) - C:\Windows\System32\resCSY.cui
[MD5.D48CD2D59E5C72C187883320AFB5FE93] - |A| - [02/01/2018 23:01:12] - (.-.) - [149.91 Ko] - (0.0.0.0) - C:\Windows\System32\resDAN.cui
[MD5.82566CB31CEA7567BF8B45D832668439] - |A| - [02/01/2018 23:01:12] - (.-.) - [154.68 Ko] - (0.0.0.0) - C:\Windows\System32\resDEU.cui
[MD5.211F5776CF333B89D0BD361F92CB38C3] - |A| - [02/01/2018 23:01:12] - (.-.) - [179.72 Ko] - (0.0.0.0) - C:\Windows\System32\resELL.cui
[MD5.7CDD3D6A64BC621EB92E97ADBD7C0711] - |A| - [02/01/2018 23:01:12] - (.-.) - [148.6 Ko] - (0.0.0.0) - C:\Windows\System32\resENU.cui
[MD5.3C63073FF29B04706024E5678CF43CF8] - |A| - [02/01/2018 23:01:12] - (.-.) - [154.35 Ko] - (0.0.0.0) - C:\Windows\System32\resESN.cui
[MD5.E34147497C3346D48000124EC377A868] - |A| - [02/01/2018 23:01:12] - (.-.) - [152.32 Ko] - (0.0.0.0) - C:\Windows\System32\resFIN.cui
[MD5.6E29BB7D3A84B8ED2C398483CF037308] - |A| - [02/01/2018 23:01:12] - (.-.) - [156.44 Ko] - (0.0.0.0) - C:\Windows\System32\resFRA.cui
[MD5.342DC30F883BEA56448B60A2E1F0D432] - |A| - [02/01/2018 23:01:12] - (.-.) - [161.02 Ko] - (0.0.0.0) - C:\Windows\System32\resHEB.cui
[MD5.3E4404DF28CE437D634BF3EDFC9A10BE] - |A| - [02/01/2018 23:01:12] - (.-.) - [151.89 Ko] - (0.0.0.0) - C:\Windows\System32\resHRV.cui
[MD5.C4E050B32A65B326819AD20331AAB818] - |A| - [02/01/2018 23:01:12] - (.-.) - [156.5 Ko] - (0.0.0.0) - C:\Windows\System32\resHUN.cui
[MD5.2E9301D9FAFB38E6014BB850E3CC4FD6] - |A| - [02/01/2018 23:01:12] - (.-.) - [154.64 Ko] - (0.0.0.0) - C:\Windows\System32\resITA.cui
[MD5.75CF363FB4F974F7D037F1D1BD883E75] - |A| - [02/01/2018 23:01:12] - (.-.) - [161.08 Ko] - (0.0.0.0) - C:\Windows\System32\resJPN.cui
[MD5.5168626800CC0FAA332BF1A9E7942D05] - |A| - [02/01/2018 23:01:12] - (.-.) - [154.82 Ko] - (0.0.0.0) - C:\Windows\System32\resKOR.cui
[MD5.CA5A38DCA65C8540183DB5989B45971B] - |A| - [02/01/2018 23:01:12] - (.-.) - [153.64 Ko] - (0.0.0.0) - C:\Windows\System32\resNLD.cui
[MD5.E3ECBE665A85EDA30A7F3FEA0427FA3E] - |A| - [02/01/2018 23:01:12] - (.-.) - [150.39 Ko] - (0.0.0.0) - C:\Windows\System32\resNOR.cui
[MD5.A179BBDE67244C7413CC9DD94350575B] - |A| - [02/01/2018 23:01:12] - (.-.) - [153.96 Ko] - (0.0.0.0) - C:\Windows\System32\resPLK.cui
[MD5.5CCF59C6E0B3FB08FE2058533D448FDD] - |A| - [02/01/2018 23:01:12] - (.-.) - [153.04 Ko] - (0.0.0.0) - C:\Windows\System32\resPTB.cui
[MD5.82C21F51E2E9912158831CDFB0A206B6] - |A| - [02/01/2018 23:01:12] - (.-.) - [152.75 Ko] - (0.0.0.0) - C:\Windows\System32\resPTG.cui
[MD5.BEC45D17F77784FDE5FEE50B626F1BDC] - |A| - [02/01/2018 23:01:12] - (.-.) - [154.44 Ko] - (0.0.0.0) - C:\Windows\System32\resROM.cui
[MD5.EB9FF588AAF2E64CB52F6B6C3BD6BF1A] - |A| - [02/01/2018 23:01:12] - (.-.) - [175.61 Ko] - (0.0.0.0) - C:\Windows\System32\resRUS.cui
[MD5.CD28EBD732ECF7A0FAD7E7F334F04938] - |A| - [02/01/2018 23:01:12] - (.-.) - [153.8 Ko] - (0.0.0.0) - C:\Windows\System32\resSKY.cui
[MD5.6C1F10F831655D5AFA97FE16FB917067] - |A| - [02/01/2018 23:01:12] - (.-.) - [151.33 Ko] - (0.0.0.0) - C:\Windows\System32\resSLV.cui
[MD5.5782CEFEAEF7CA26BAE4CAA27E020F3C] - |A| - [02/01/2018 23:01:12] - (.-.) - [151.49 Ko] - (0.0.0.0) - C:\Windows\System32\resSVE.cui
[MD5.267A52FC1DC0DB12959A1F1E293A8E68] - |A| - [02/01/2018 23:01:12] - (.-.) - [186.99 Ko] - (0.0.0.0) - C:\Windows\System32\resTHA.cui
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0.07 Ko] - C:\Windows\System32\restore
[MD5.CD1ACAC2BEEFEB1684C975496AC7EDA8] - |A| - [02/01/2018 23:01:12] - (.-.) - [152.93 Ko] - (0.0.0.0) - C:\Windows\System32\resTRK.cui
[MD5.1C8311D25733D2B86794629F220CB42D] - |A| - [23/03/2020 14:56:44] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [319.7 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DAA64.dll
[MD5.AF5E85E6D38BF8F83BFF9823B3AC72F0] - |A| - [23/03/2020 14:56:44] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [319.7 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DHT64.dll
[MD5.4C747B0D72CF34513E12A703900B7265] - |A| - [23/03/2020 14:56:44] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [215.33 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEED64A.dll
[MD5.AFBBF99F868656C4584789C5486914F7] - |A| - [23/03/2020 14:56:44] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [91.8 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEG64A.dll
[MD5.70A68DD1DDEDFA5B1552401D5358A52F] - |A| - [23/03/2020 14:56:44] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [113.91 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEL64A.dll
[MD5.06C2331C45E7792277615CA13D646ED7] - |A| - [23/03/2020 14:56:44] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [383.77 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEP64A.dll
[MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [21/11/2010 05:24:25] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml
[MD5.A30D76B27391CC0E479C540A950DC8F4] - |A| - [16/03/2018 20:15:40] - (.© 2016 AO Kaspersky Lab. - System Interceptors PDK usermode service interceptor.) - [145.8 Ko] - (13.0.136.0) - C:\Windows\System32\SETE5CE.tmp
[MD5.00244B36255D1BC7042CEA01B3776B56] - |A| - [02/02/2019 14:08:08] - (.-.) - [129.14 Ko] - (0.0.0.0) - C:\Windows\System32\setupempdrvx64.exe
[MD5.F3CCF3C21556012CACA185A946A2D427] - |A| - [23/03/2020 14:56:44] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFAPO.DLL.) - [86.15 Ko] - (3.0.0.16) - C:\Windows\System32\SFAPO64.dll
[MD5.B47295AC4680DAE9D0551ED95E6ECBE7] - |A| - [23/03/2020 14:56:44] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFCOM.DLL.) - [88.68 Ko] - (3.0.0.16) - C:\Windows\System32\SFCOM64.dll
[MD5.7F85008DE29D019A63C85C085A3E34E3] - |A| - [23/03/2020 14:56:44] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFNHK.DLL.) - [226.38 Ko] - (3.0.0.16) - C:\Windows\System32\SFNHK64.dll
[MD5.7B66FA5713945A90079E20A37FF6B505] - |A| - [23/03/2020 14:56:44] - (.Copyright (C) 2018 DTS, Inc. - DTS Universal APO DLL.) - [971.27 Ko] - (3.5.17.0) - C:\Windows\System32\sl3apo64.dll
[MD5.5C1378CC0E4144FA61F218631CB88B3B] - |A| - [23/03/2020 14:56:44] - (.Copyright (C) 2018 DTS, Inc. - DTS APO Controller DLL.) - [3337.8 Ko] - (3.5.17.0) - C:\Windows\System32\slcnt64.dll
[MD5.FCBD64252AD6E3BADFAC715EDA930543] - |A| - [27/02/2020 18:07:03] - (.© 2020 IMI Kurwica. All Rights Reserved - IMI Kurwica SLC for ESU.) - [7 Ko] - (1.2.0.0) - C:\Windows\System32\sle.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2011 10:17:52] - [42.67 Ko] - C:\Windows\System32\slmgr
[MD5.96C2F15371BE5860FD70A78F7898FA33] - |A| - [23/03/2020 14:56:45] - (.TODO: (c) <Company name>. - TODO: <File description>.) - [260.41 Ko] - (1.0.0.1) - C:\Windows\System32\slprp64.dll
[MD5.041831F5F5D78E73E661294AEB9067F0] - |A| - [23/03/2020 14:56:45] - (.Copyright (C) 2018 DTS, Inc. - DTS APO Technology DLL.) - [3055.38 Ko] - (3.5.17.0) - C:\Windows\System32\sltech64.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [32358.02 Ko] - C:\Windows\System32\SMI
[MD5.C74D61FCA22F36791105D7878AF73572] - |A| - [10/06/2009 23:08:17] - (.-.) - [8.09 Ko] - (0.0.0.0) - C:\Windows\System32\spcinstrumentation.man
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [17378 Ko] - C:\Windows\System32\Speech
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [97213.68 Ko] - C:\Windows\System32\spool
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [2463.66 Ko] - C:\Windows\System32\spp
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [30.19 Ko] - C:\Windows\System32\sppui
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [170 Ko] - C:\Windows\System32\sr-Latn-CS
[MD5.2FDCCCFC0E667D479E9A6EC9AF50246F] - |A| - [23/03/2020 14:56:45] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRAPO.DLL.) - [456.3 Ko] - (4.0.0.59) - C:\Windows\System32\SRAPO64.dll
[MD5.2C5CBDEF922766BF9ADC01862A846DD5] - |A| - [23/03/2020 14:56:45] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [333.24 Ko] - (4.0.0.59) - C:\Windows\System32\SRCOM.dll
[MD5.F75615BE6541566B3F4BAC61A083E43D] - |A| - [23/03/2020 14:56:45] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [372.55 Ko] - (4.0.0.59) - C:\Windows\System32\SRCOM64.dll
[MD5.BA119B517592DC6BAF1D8649CD2C543F] - |A| - [23/03/2020 14:56:45] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRRPTR.DLL.) - [1401.59 Ko] - (4.0.0.59) - C:\Windows\System32\SRRPTR64.dll
[MD5.93E15F328D0E6017AA26757A052E5647] - |A| - [23/03/2020 14:56:45] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [213.24 Ko] - (1.1.0.0) - C:\Windows\System32\SRSHP64.dll
[MD5.27E3E4B020813158936552F7C2306C39] - |A| - [23/03/2020 14:56:45] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [225.38 Ko] - (1.1.4.0) - C:\Windows\System32\SRSTSH64.dll
[MD5.178DB9820BD8982CF231F7560E43C969] - |A| - [23/03/2020 14:56:45] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [528.52 Ko] - (3.2.0.0) - C:\Windows\System32\SRSTSX64.dll
[MD5.8ACB5D48841DB74C1DD92B606883097D] - |A| - [23/03/2020 14:56:45] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [170.93 Ko] - (1.1.3.0) - C:\Windows\System32\SRSWOW64.dll
[MD5.00000000000000000000000000000000] - |D| - [19/05/2017 21:01:35] - [76 Ko] - C:\Windows\System32\STRING
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [426.5 Ko] - C:\Windows\System32\sv-SE
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [137.92 Ko] - C:\Windows\System32\sysprep
[MD5.5EC92F0EAE3CA59F647C3CA5AA7CB053] - |A| - [21/11/2010 05:24:36] - (.-.) - [339.75 Ko] - (0.0.0.0) - C:\Windows\System32\systemsf.ebd
[MD5.47F22CAD4A16BB40153555D631546B94] - |A| - [10/06/2009 23:01:25] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini
[MD5.B170F8C524FB83E1509D252C71E01083] - |A| - [23/03/2020 14:56:45] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Audio Source Filtering APO.) - [832.25 Ko] - (2.1.1.0) - C:\Windows\System32\tosasfapo64.dll
[MD5.DB0305DD39E93E814E8BBB0EB62BE8EC] - |A| - [23/03/2020 14:56:45] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Earphone Audio Enhancement APO.) - [436.78 Ko] - (2.1.0.0) - C:\Windows\System32\toseaeapo64.dll
[MD5.5888C315AB99A24CAC625318CEEA0014] - |A| - [23/03/2020 14:56:45] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Speaker Audio Enhancement APO.) - [1306.38 Ko] - (2.1.1.0) - C:\Windows\System32\tossaeapo64.dll
[MD5.41450B938141142D37969FBDB05B31B2] - |A| - [23/03/2020 14:56:45] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Speaker Audio Enhancement Maximizer.) - [590.71 Ko] - (1.1.2.0) - C:\Windows\System32\tossaemaxapo64.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [424 Ko] - C:\Windows\System32\tr-TR
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [166.5 Ko] - C:\Windows\System32\uk-UA
[MD5.05F9840831C29F5BE93AD8BE810D5614] - |A| - [14/07/2009 06:45:37] - (.-.) - [18 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup.etl
[MD5.F736AA948D0C3CBCE212B7B2CB0EF115] - |A| - [14/07/2009 06:45:37] - (.-.) - [45 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup000.etl
[MD5.180F0A5DAE24EB87B94E9AC5683E04CD] - |N| - [22/01/2019 19:56:57] - (.-.) - [1706.04 Ko] - (0.0.0.0) - C:\Windows\System32\WacomTablet.znc
[MD5.60E4C6C76827772C2561CC6BA0EEFE45] - |A| - [22/01/2019 19:56:06] - (.-.) - [0.12 Ko] - (0.0.0.0) - C:\Windows\System32\WacomTabletUserDefaults.xml
[MD5.8E91C848C5CE0D73E58B9F57BFAA8CB3] - |A| - [18/05/2017 12:35:19] - (.Copyright © 1996-2011 - General Library for Plug-Ins.) - [2542.84 Ko] - (4.0.3.1) - C:\Windows\System32\WavesGUILib.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [59618.88 Ko] - C:\Windows\System32\wbem
[MD5.00000000000000000000000000000000] - |D| - [12/04/2011 10:17:51] - [47.61 Ko] - C:\Windows\System32\WCN
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [104894.45 Ko] - C:\Windows\System32\wdi
[MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [13/07/2009 23:54:15] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\System32\wfp
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\System32\WinBioDatabase
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [73.5 Ko] - C:\Windows\System32\WinBioPlugIns
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [4545.64 Ko] - C:\Windows\System32\WindowsPowerShell
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [120656 Ko] - C:\Windows\System32\winevt
[MD5.00000000000000000000000000000000] - |D| - [12/04/2011 10:17:52] - [107.53 Ko] - C:\Windows\System32\winrm
[MD5.7C0357D183EC210DA38346D5D6351818] - |A| - [18/05/2017 12:16:46] - (.-.) - [2.37 Ko] - (0.0.0.0) - C:\Windows\System32\WinToolkit_RunOnce_Log.log
[MD5.8265CD5C67D0A35DFC40F3D1A8AC994C] - |A| - [10/04/2020 09:29:03] - (.Copyright © 2005-2010 CACE Technologies - packet.dll (Vista) Dynamic Link Library.) - [92.44 Ko] - (4.1.2.2002) - C:\Windows\System32\WPRO_41_2001woem.tmp
[MD5.549347BCD4AACD63243D78E8F869DBB1] - |A| - [23/03/2020 15:16:38] - (.Copyright © 2008 - OpenAL32.) - [455.52 Ko] - (2.2.0.5) - C:\Windows\System32\wrap_oal.dll
[MD5.00000000000000000000000000000000] - |D| - [22/01/2019 19:56:29] - [2651.86 Ko] - C:\Windows\System32\WTablet
[MD5.CB136B267569A62EF63D798BC90ABD5A] - |A| - [15/03/2018 16:36:45] - (.-.) - [0.14 Ko] - (0.0.0.0) - C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[MD5.9F45771914360A925252A1B7226EC7EC] - |A| - [15/03/2018 16:18:20] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\Windows\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
[MD5.00000000000000000000000000000000] - |D| - [18/04/2016 23:23:46] - [0 Ko] - C:\Windows\SysWOW64\040C
[MD5.25C051133E8D31AC40E814E7BA1A1434] - |A| - [26/03/2019 23:42:07] - (.-.) - [0.1 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\AbBakConfig.dat
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [2258.5 Ko] - C:\Windows\SysWOW64\AdvancedInstallers
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [18/05/2017 12:51:58] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\agent.log
[MD5.32240EEECCD7280B2EDB8DA9AB87E464] - |A| - [23/03/2020 17:04:03] - (.-.) - [196.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\amdgfxinfo32.dll
[MD5.0F999FEEA0515AA1832A92955F2D771B] - |A| - [23/03/2020 17:04:03] - (.Copyright (C) 2013 AMD Inc. - Mantle driver, support for SI family and above.) - [5009.5 Ko] - (9.1.10.77) - C:\Windows\SysWOW64\amdmantle32.dll
[MD5.4B18BC7758A296BFC32EE138D80F4E74] - |A| - [23/03/2020 17:04:04] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MMOCL Universal Driver.) - [37.5 Ko] - (1.6.0.0) - C:\Windows\SysWOW64\amdmmcl.dll
[MD5.1AAD72436E1A7387A8899054C730DA8E] - |A| - [23/03/2020 17:04:09] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 2.0 Runtime.) - [38782 Ko] - (10.0.1800.12) - C:\Windows\SysWOW64\amdocl.dll
[MD5.951B906AD47722B82FE00DB54597EF72] - |A| - [23/03/2020 17:04:09] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD COMPILER OpenCL 1.1 Compiler.) - [21795.5 Ko] - (0.8.0.0) - C:\Windows\SysWOW64\amdocl12cl.dll
[MD5.56B986D13C74903FE27B71BA85C76037] - |A| - [23/03/2020 17:04:08] - (.-.) - [972.01 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\amdocl_as32.exe
[MD5.28F4F5BAC73505F71B8AEC95B7FBE1DD] - |A| - [23/03/2020 17:04:09] - (.-.) - [780.01 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\amdocl_ld32.exe
[MD5.18A672C97B1DD7D3CCE357365F852EA7] - |A| - [23/03/2020 17:04:06] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [90.16 Ko] - (8.14.10.23) - C:\Windows\SysWOW64\amdpcom32.dll
[MD5.D0C50C113FE59C21AD59932E6B9C202F] - |A| - [26/01/2020 12:08:59] - (.-.) - [37.42 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ampa.sys
[MD5.3D12928FB232641DC0563B973CAE84B7] - |A| - [23/03/2020 20:07:42] - (.-.) - [12 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\antimalware.patch_management.product_registry.kvdb
[MD5.01CA972E92D62EEF3118736D7E0F38BE] - |A| - [23/03/2020 20:07:42] - (.-.) - [32 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\antimalware.patch_management.product_registry.kvdb-shm
[MD5.E7B4596060B0F51E12DC6E6867CF2E17] - |A| - [23/03/2020 20:07:42] - (.-.) - [40.27 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\antimalware.patch_management.product_registry.kvdb-wal
[MD5.3D12928FB232641DC0563B973CAE84B7] - |A| - [23/03/2020 20:07:42] - (.-.) - [12 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\antimalware.unwanted_products.browser_extension_registry.kvdb
[MD5.B7C14EC6110FA820CA6B65F5AEC85911] - |A| - [23/03/2020 20:07:42] - (.-.) - [32 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\antimalware.unwanted_products.browser_extension_registry.kvdb-shm
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [23/03/2020 20:07:42] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\antimalware.unwanted_products.browser_extension_registry.kvdb-wal
[MD5.3D12928FB232641DC0563B973CAE84B7] - |A| - [23/03/2020 20:07:35] - (.-.) - [12 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\antimalware.unwanted_products.product_registry.kvdb
[MD5.B7C14EC6110FA820CA6B65F5AEC85911] - |A| - [23/03/2020 20:07:35] - (.-.) - [32 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\antimalware.unwanted_products.product_registry.kvdb-shm
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [23/03/2020 20:07:35] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\antimalware.unwanted_products.product_registry.kvdb-wal
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [3080 Ko] - C:\Windows\SysWOW64\ar-SA
[MD5.1E20BAED1552F8C64FB0F8E43EA9F889] - |A| - [07/07/2010 03:49:06] - (.Copyright (c) ATI Technologies Inc. 2003-2009 - ati2edxx.) - [42.5 Ko] - (6.14.10.2514) - C:\Windows\SysWOW64\ati2edxx.dll
[MD5.F3AFE76FB7EE6C4359125F5CDE3F1980] - |A| - [23/03/2020 17:04:04] - (.Copyright (C) 2008-2014 Advanced Micro Devices, Inc. - ADL.) - [913.5 Ko] - (7.15.20.1301) - C:\Windows\SysWOW64\atiadlxx.dll
[MD5.F3AFE76FB7EE6C4359125F5CDE3F1980] - |A| - [23/03/2020 17:04:04] - (.Copyright (C) 2008-2014 Advanced Micro Devices, Inc. - ADL.) - [913.5 Ko] - (7.15.20.1301) - C:\Windows\SysWOW64\atiadlxy.dll
[MD5.D9D4C09479F6DBF2BB47C23861DFEC5E] - |A| - [23/03/2020 17:04:03] - (.-.) - [646.95 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atiapfxx.blb
[MD5.66E02C6525ACB0500661019C79F14EBB] - |A| - [23/03/2020 17:04:04] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [48 Ko] - (6.14.10.1848) - C:\Windows\SysWOW64\aticalcl.dll
[MD5.D483FA3079019B575DFA19E2E9B3EDB7] - |A| - [23/03/2020 17:04:04] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [13967 Ko] - (6.14.10.1848) - C:\Windows\SysWOW64\aticaldd.dll
[MD5.2B61FB0BC858155A7751C7C40E3098D5] - |A| - [23/03/2020 17:04:05] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [51 Ko] - (6.14.10.1848) - C:\Windows\SysWOW64\aticalrt.dll
[MD5.ED5B14C3902843BAD98471C1EBB5DE8E] - |A| - [07/07/2010 03:54:08] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx32.dll.) - [1166.92 Ko] - (8.17.10.1404) - C:\Windows\SysWOW64\aticfx32.dll
[MD5.AA7B3C996F011AE8F3A4E7E31C505AE3] - |A| - [07/07/2010 03:46:26] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx32.dll.) - [9246.53 Ko] - (8.17.10.625) - C:\Windows\SysWOW64\atidxx32.dll
[MD5.786779B28E8173731C9A4903528904EE] - |A| - [23/03/2020 17:04:08] - (.-.) - [185 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atieah32.exe
[MD5.5BC691A9FF769ABB95D735CB7CD51B7C] - |A| - [23/03/2020 17:04:06] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [154.5 Ko] - (8.14.1.6463) - C:\Windows\SysWOW64\atigktxx.dll
[MD5.F5C54E550B496551917737E72EE6B003] - |A| - [23/03/2020 17:04:06] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [88.5 Ko] - (8.14.1.6463) - C:\Windows\SysWOW64\atiglpxx.dll
[MD5.18A672C97B1DD7D3CCE357365F852EA7] - |A| - [23/03/2020 17:04:06] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [90.16 Ko] - (8.14.10.23) - C:\Windows\SysWOW64\atimpc32.dll
[MD5.5A0295F2820DA02EAAA56111231C4C67] - |A| - [23/03/2020 17:04:06] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [24465 Ko] - (6.14.10.13406) - C:\Windows\SysWOW64\atioglxx.dll
[MD5.9E11B96A2051A336ACD6DBCCD918B5F4] - |A| - [18/05/2017 21:55:35] - (.-.) - [2.79 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atipblag.dat
[MD5.FB540E20A1D98D16C9603F469809A3D6] - |A| - [07/07/2010 03:49:28] - (.Copyright (c) ATI Technologies Inc. 2002-2009 - ATI Desktop CWDDEDI DLL.) - [348 Ko] - (6.14.10.2562) - C:\Windows\SysWOW64\atipdlxx.dll
[MD5.DE48EC406C01C3212F3DAA1BD0FD5EAA] - |A| - [07/07/2010 03:14:44] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [120.35 Ko] - (8.14.1.6463) - C:\Windows\SysWOW64\atiu9pag.dll
[MD5.DF176E07852F3766B49D6F8820AC45C8] - |A| - [07/07/2010 03:28:20] - (.Copyright (C) 1998-2011 AMD Inc. - atiumdag.dll.) - [6999.43 Ko] - (9.14.10.1128) - C:\Windows\SysWOW64\atiumdag.dll
[MD5.F8F2CCFDD016DC47F2F627FB840EF673] - |A| - [23/03/2020 17:04:03] - (.-.) - [3390.02 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atiumdva.cap
[MD5.C2AB4B09CD75500F230C60E68716D7BA] - |A| - [07/07/2010 03:23:14] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [7708.03 Ko] - (8.14.10.513) - C:\Windows\SysWOW64\atiumdva.dll
[MD5.BFACEFEB154AEA68B6DE39FED4B7E76C] - |A| - [07/07/2010 03:14:58] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [133.42 Ko] - (8.14.1.6463) - C:\Windows\SysWOW64\atiuxpag.dll
[MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [23/03/2020 17:04:03] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ativvsva.dat
[MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [23/03/2020 17:04:03] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ativvsvl.dat
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [173 Ko] - C:\Windows\SysWOW64\bg-BG
[MD5.5E00AAF36A245706F6F93C7DA76E10A3] - |A| - [02/02/2019 14:08:08] - (.-.) - [3468.14 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\BootMan.exe
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot2
[MD5.B170B3580F533CAAF7EC9A98D10CC0BC] - |A| - [04/05/2008 18:08:49] - (.-.) - [676 Ko] - (2.0.0.0) - C:\Windows\SysWOW64\ciaResSvr20.dll
[MD5.8AEEB361FB2944B8B5F663656A847183] - |A| - [04/05/2008 18:08:49] - (.<none> - Subclassing Server.) - [40 Ko] - (1.0.0.18) - C:\Windows\SysWOW64\ciaSubClsSvr.dll
[MD5.F351E02E6ADE0FBB13F8D3DCF0A336EC] - |A| - [04/05/2008 18:08:49] - (.© 2001-2004 CIA, The Company -.) - [124 Ko] - (2.16.0.2) - C:\Windows\SysWOW64\ciaXPFrame20.ocx
[MD5.82AFD2854FAD5D1211FD569D050FB80E] - |A| - [27/08/2008 15:29:43] - (.© 2001-2003 CIA, The Company -.) - [72 Ko] - (2.15.0.1) - C:\Windows\SysWOW64\ciaXPImage20.ocx
[MD5.9EAF506EDB27F28585903A5E7F4FDD3B] - |A| - [04/05/2008 18:08:49] - (.-.) - [52 Ko] - (2.0.0.0) - C:\Windows\SysWOW64\ciaXPRegSvr20.dll
[MD5.6DF0542D66CAD4D05BFA3DBC21450062] - |A| - [04/05/2008 18:08:49] - (.© 2001-2003 CIA, The Company -.) - [304 Ko] - (2.13.0.1) - C:\Windows\SysWOW64\ciaXPStatusBar20.ocx
[MD5.89C31C1DAF056EDA5F54DCC4C42C0DFE] - |A| - [19/05/2017 21:02:27] - (.-.) - [12.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\CNC173ED.TBL
[MD5.91BBA91FC550A18FFACB8F82E9D6C837] - |A| - [19/05/2017 21:02:27] - (.Copyright CANON INC. 2009 All Rights Reserved - LLD.) - [296 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\CNC560L.dll
[MD5.BB13EBC7467DAA8D39188CC6B107AE99] - |A| - [19/05/2017 21:02:27] - (.Copyright CANON INC. 2009 All Rights Reserved - Scanner Driver.) - [104 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\CNC560U.dll
[MD5.D16CF34B17899F90A8FCF2A3F77B4A27] - |A| - [19/05/2017 21:02:27] - (.Copyright CANON INC. 2007-2008 All Rights Reserved - Canon Device Dependent Informations for Scanner Library.) - [15.5 Ko] - (1.4.1.1) - C:\Windows\SysWOW64\CNHMCA.dll
[MD5.D8D2F54F39A7B26CEF7B8455976D89C3] - |A| - [03/04/2009 18:51:02] - (.Copyright CANON INC. 2003-2009 All Rights Reserved - Canon IJ Network 32bit comm Module.) - [345.5 Ko] - (2.6.0.150) - C:\Windows\SysWOW64\CNMNPPM.DLL
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [302.5 Ko] - C:\Windows\SysWOW64\com
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [159349.13 Ko] - C:\Windows\SysWOW64\config
[MD5.00000000000000000000000000000000] - |D| - [01/11/2017 19:05:24] - [51.22 Ko] - C:\Windows\SysWOW64\Configuration
[MD5.EC8CE3B1CBDE8F12AE6782787C8D34C0] - |A| - [04/05/2008 18:08:49] - (.-.) - [20 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\CPUINFO2.DLL
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [427.5 Ko] - C:\Windows\SysWOW64\cs-CZ
[MD5.F2A1B71072E64F3CBF1045CDA048C945] - |A| - [18/05/2017 12:51:33] - (.Copyright  2011 - CSVer.) - [52 Ko] - (9.3.0.1019) - C:\Windows\SysWOW64\CSVer.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [422.5 Ko] - C:\Windows\SysWOW64\da-DK
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [452 Ko] - C:\Windows\SysWOW64\de-DE
[MD5.F7EDBFAC87591638F2AAF9AD8B0B4A36] - |A| - [15/12/2011 05:23:04] - (.-.) - [328.52 Ko] - (13.40.840.0) - C:\Windows\SysWOW64\DevManagerCore.dll
[MD5.00000000000000000000000000000000] - |D| - [14/08/2018 19:53:17] - [95.01 Ko] - C:\Windows\SysWOW64\directx
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [4162.5 Ko] - C:\Windows\SysWOW64\Dism
[MD5.0902754B4F3041FD31673CB63B34012D] - |A| - [22/07/2017 21:05:05] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\dllhost.exe.config
[MD5.893B10A0D0E737AFC68B21643F1A2564] - |A| - [02/02/2019 14:08:08] - (.-.) - [21.64 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\EuEpmGdi.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [425 Ko] - C:\Windows\SysWOW64\fi-FI
[MD5.00000000000000000000000000000000] - |D| - [18/04/2016 23:23:45] - [1680 Ko] - C:\Windows\SysWOW64\fr
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [39061.51 Ko] - C:\Windows\SysWOW64\fr-FR
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\SysWOW64\FxsTmp
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicy
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicyUsers
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [191.5 Ko] - C:\Windows\SysWOW64\he-IL
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [168 Ko] - C:\Windows\SysWOW64\hr-HR
[MD5.9BF13868AC9D211AC65BEC5A003E2BCE] - |A| - [23/03/2020 17:04:08] - (.-.) - [139.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\hsa-thunk.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [429 Ko] - C:\Windows\SysWOW64\hu-HU
[MD5.D5C72DB063AA73B94946D1EFA6093217] - |A| - [04/05/2008 18:08:49] - (.(c) 2001-2003 Merrion Computing Ltd -.) - [76 Ko] - (1.0.0.5) - C:\Windows\SysWOW64\hxphk.ocx
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [36.27 Ko] - C:\Windows\SysWOW64\icsxml
[MD5.BF8BF9765B5F4D54A9DAF82B175BE37F] - |A| - [14/03/2018 14:29:00] - (.-.) - [736.96 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\igcodeckrng700.bin
[MD5.A4558118CE24EB6FE1F517FACADBED3E] - |A| - [23/03/2020 14:54:54] - (.-.) - [148.89 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\igdail32.dll
[MD5.1BAF126D28AE79F5F2685166279FA216] - |A| - [14/03/2018 14:29:01] - (.-.) - [584.36 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\igvpkrng700.bin
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [34097.44 Ko] - C:\Windows\SysWOW64\IME
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\inetsrv
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1160 Ko] - C:\Windows\SysWOW64\InstallShield
[MD5.05B036BA47B84160460AD0DB624E4A9C] - |A| - [23/03/2020 14:54:55] - (.Copyright © The Khronos Group Inc 2011 - OpenCL Client DLL.) - [67.39 Ko] - (1.2.11.0) - C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [447 Ko] - C:\Windows\SysWOW64\it-IT
[MD5.2CB7EF22466AC884915D854E0F7889C0] - |A| - [19/06/2012 18:52:42] - (.-.) - [1.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IusEventLog.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [361 Ko] - C:\Windows\SysWOW64\ja-JP
[MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [14/07/2009 04:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\korwbrkr.lex
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [18/05/2017 12:50:38] - (.-.) - [0.02 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\log.txt
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\SysWOW64\LogFiles
[MD5.A74E001559B7C171A6B1502C90B32A49] - |A| - [15/12/2011 05:23:04] - (.-.) - [10664.52 Ko] - (13.40.840.0) - C:\Windows\SysWOW64\LogiDPP.dll
[MD5.E8D7D7BE61B2078E849ED956E1B38C33] - |A| - [15/12/2011 05:23:04] - (.-.) - [102.02 Ko] - (13.40.840.0) - C:\Windows\SysWOW64\LogiDPPApp.exe
[MD5.1A7EB63F7300E93159021F635E3D33B6] - |A| - [14/11/2013 11:50:23] - (.Copyright © 2010-2012 Logitech. All Rights Reserved - Logitech Download Assistant.) - [1391.8 Ko] - (1.10.77.0) - C:\Windows\SysWOW64\LogiLDA.DLL
[MD5.06257A999D19DDC494A276430CEEB335] - |A| - [26/03/2019 23:31:46] - (.-.) - [0.21 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\LogInfo.log
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [165 Ko] - C:\Windows\SysWOW64\lt-LT
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [166 Ko] - C:\Windows\SysWOW64\lv-LV
[MD5.D66560DA67A1824EDDCC4496D01F2D0D] - |A| - [15/12/2011 05:23:30] - (.(c) 1996-2011 Logitech. - Video Codec.) - [300.28 Ko] - (13.40.840.0) - C:\Windows\SysWOW64\lvcodec2.dll
[MD5.ACBE313A5BE88CD44A5A8F7224002358] - |A| - [15/12/2011 05:23:54] - (.(c) 1996-2011 Logitech. - Logitech Camera Property Pages.) - [532.28 Ko] - (13.40.840.0) - C:\Windows\SysWOW64\LVUI2.dll
[MD5.6379C5E84EB2D7CBEF602F7D009CEC7F] - |A| - [15/12/2011 05:23:54] - (.(c) 1996-2011 Logitech. - Logitech Camera Property Pages.) - [528.28 Ko] - (13.40.840.0) - C:\Windows\SysWOW64\LVUI2RC.dll
[MD5.00000000000000000000000000000000] - |D| - [30/11/2017 11:08:15] - [22567.48 Ko] - C:\Windows\SysWOW64\Macromed
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1968.26 Ko] - C:\Windows\SysWOW64\manifeststore
[MD5.1D5B6088E7E1DDFBDB960DB4A596DE43] - |A| - [23/03/2020 17:04:08] - (.Copyright (C) 2013 AMD Inc. - Mantle loader.) - [115 Ko] - (9.1.10.77) - C:\Windows\SysWOW64\mantle32.dll
[MD5.647D9F3D8E086DCDF66AB05771801081] - |A| - [23/03/2020 17:04:08] - (.Copyright (C) 2013 AMD Inc. - Mantle extension library.) - [87.5 Ko] - (9.1.10.77) - C:\Windows\SysWOW64\mantleaxl32.dll
[MD5.98071B6EE16AA76DABFF377A5DC69C86] - |A| - [14/07/2009 06:55:01] - (.-.) - [0.52 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mapisvc.inf
[MD5.95ACD7ADED94CCFA85A6FB9192471723] - |A| - [18/05/2017 12:35:17] - (.Copyright (c) 2006-2011 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [733.09 Ko] - (1.0.58.0) - C:\Windows\SysWOW64\MBAPO32.dll
[MD5.A5BCEA007E4CFBFAF99F68DB3789DCD1] - |A| - [18/05/2017 12:35:17] - (.Copyright (c) 2006-2011 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [548.59 Ko] - (1.0.15.159) - C:\Windows\SysWOW64\MBTHX32.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [3450.27 Ko] - C:\Windows\SysWOW64\migration
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [32763.45 Ko] - C:\Windows\SysWOW64\migwiz
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [52.28 Ko] - C:\Windows\SysWOW64\Msdtc
[MD5.4DC9752BA6418BBAC12852BBCF0374CB] - |A| - [04/05/2008 18:08:49] - (.Copyright © 1995, - MSGHOOK OLE Control DLL.) - [28 Ko] - (2.0.0.0) - C:\Windows\SysWOW64\MSGHOO32.OCX
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [24.48 Ko] - C:\Windows\SysWOW64\MUI
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [418 Ko] - C:\Windows\SysWOW64\nb-NO
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\NDF
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [51 Ko] - C:\Windows\SysWOW64\NetworkList
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [438.5 Ko] - C:\Windows\SysWOW64\nl-NL
[MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [14/07/2009 04:35:50] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\noise.kor
[MD5.59899EEF36C27001B044EBBCAAA82CC1] - |A| - [07/07/2010 03:49:18] - (.Copyright (C) 2000-2009 ATI Technologies Inc. - ATI Driver Interface DLL.) - [272 Ko] - (6.15.6.6) - C:\Windows\SysWOW64\Oemdspif.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [2566.05 Ko] - C:\Windows\SysWOW64\oobe
[MD5.235355A8DD26903E75D5E812ECF50E53] - |A| - [23/03/2020 15:16:38] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [106.52 Ko] - (6.14.357.24) - C:\Windows\SysWOW64\OpenAL32.dll
[MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 23:17:19] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfCenterCpl.ico
[MD5.4FF74CF8E56752AB5CBFA01D4AD590FC] - |A| - [15/05/2016 22:35:42] - (.-.) - [72475.06 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfStringBackup.INI
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [434 Ko] - C:\Windows\SysWOW64\pl-PL
[MD5.00000000000000000000000000000000] - |D| - [12/04/2011 10:17:52] - [420.42 Ko] - C:\Windows\SysWOW64\Printing_Admin_Scripts
[MD5.D2A96B401F8D07C06E42E177A462EED5] - |A| - [08/01/2014 18:37:06] - (.Copyright (C) 2008-2010 - Video-Codec by proDAD.) - [494.45 Ko] - (1.0.14.0) - C:\Windows\SysWOW64\prodad-codec.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [431 Ko] - C:\Windows\SysWOW64\pt-BR
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [433 Ko] - C:\Windows\SysWOW64\pt-PT
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [23.75 Ko] - C:\Windows\SysWOW64\ras
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0.64 Ko] - C:\Windows\SysWOW64\Recovery
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\SysWOW64\restore
[MD5.B569692BB32DBB069512F65E131CA7BD] - |AH| - [19/05/2017 19:08:18] - (.-.) - [0.06 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1246_4988.freespace.log
[MD5.B569692BB32DBB069512F65E131CA7BD] - |AH| - [23/02/2018 15:19:48] - (.-.) - [0.06 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_1244.freespace.log
[MD5.D2626A940599CDC52280F5BEA009B8A8] - |AH| - [15/03/2018 16:42:00] - (.-.) - [0.09 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_1328.freespace.log
[MD5.B569692BB32DBB069512F65E131CA7BD] - |AH| - [09/03/2018 14:14:56] - (.-.) - [0.06 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_1584.freespace.log
[MD5.871A69F78C437730E2958239D303C0BF] - |AH| - [15/03/2018 16:46:35] - (.-.) - [0.46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_2624.freespace.log
[MD5.A14CB8534E29C3EDF3C6F23DFCF4550C] - |A| - [15/03/2018 16:46:35] - (.-.) - [76819.65 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_2624.full.dmp
[MD5.66F27B0F266F76FFC8252E2430528D0A] - |A| - [15/03/2018 16:46:35] - (.-.) - [733.83 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_2624.mini.dmp
[MD5.0493EFFD1CD8CA8DA8B540DA6093266A] - |A| - [15/03/2018 16:46:35] - (.-.) - [173.61 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_2624.tiny.dmp
[MD5.80E801F2F74E6F0B56CF7644B3919E64] - |AH| - [15/03/2018 16:47:13] - (.-.) - [0.46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_3416.freespace.log
[MD5.BDF75C661AFC7C1E4534F3679E65365A] - |A| - [15/03/2018 16:47:14] - (.-.) - [76310.65 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_3416.full.dmp
[MD5.8945CDBE2E162ABD8C39A27FDC73CBF7] - |A| - [15/03/2018 16:47:14] - (.-.) - [731.65 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_3416.mini.dmp
[MD5.A4C1288E8E909F0C289E8D5E66B2D433] - |A| - [15/03/2018 16:47:13] - (.-.) - [171.42 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_3416.tiny.dmp
[MD5.D2626A940599CDC52280F5BEA009B8A8] - |AH| - [15/03/2018 16:43:11] - (.-.) - [0.09 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_4008.freespace.log
[MD5.D2626A940599CDC52280F5BEA009B8A8] - |AH| - [15/03/2018 16:41:09] - (.-.) - [0.09 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_420.freespace.log
[MD5.D2626A940599CDC52280F5BEA009B8A8] - |AH| - [27/02/2018 19:38:18] - (.-.) - [0.09 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_4944.freespace.log
[MD5.1DB86509C85D5E54267B540385AE309F] - |AH| - [15/03/2018 16:48:02] - (.-.) - [0.46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_5000.freespace.log
[MD5.160C3151F2D50C9D87FBA7A1EA801959] - |A| - [15/03/2018 16:48:02] - (.-.) - [77492.16 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_5000.full.dmp
[MD5.7B21F8454FCF0356570834712E9A6773] - |A| - [15/03/2018 16:48:02] - (.-.) - [736.08 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_5000.mini.dmp
[MD5.12397D076766B81033E5D68945BBF1FE] - |A| - [15/03/2018 16:48:02] - (.-.) - [175.86 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_5000.tiny.dmp
[MD5.D2626A940599CDC52280F5BEA009B8A8] - |AH| - [15/03/2018 16:39:25] - (.-.) - [0.09 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_6060.freespace.log
[MD5.5686983EE316785C71263E8BA85A3A92] - |AH| - [23/02/2018 15:16:05] - (.-.) - [0.14 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_6212.freespace.log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |AH| - [15/03/2018 16:44:43] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_6252.freespace.log
[MD5.D2626A940599CDC52280F5BEA009B8A8] - |AH| - [27/02/2018 19:36:01] - (.-.) - [0.09 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_6312.freespace.log
[MD5.EE776803A2E2B6A2A4674C5CA2C28868] - |AH| - [15/03/2018 16:50:31] - (.-.) - [0.46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_6344.freespace.log
[MD5.9FA47588299361BD6F557F34CF0F556E] - |A| - [15/03/2018 16:50:31] - (.-.) - [76934.74 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_6344.full.dmp
[MD5.F6A351E1DD2BDD90238838FAF4207B1F] - |A| - [15/03/2018 16:50:31] - (.-.) - [731.14 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_6344.mini.dmp
[MD5.E7B56F30C9134A545F31725663BBA96F] - |A| - [15/03/2018 16:50:31] - (.-.) - [170.92 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_6344.tiny.dmp
[MD5.A26BD4F214A97C918046F4DEB160B337] - |AH| - [15/03/2018 16:45:07] - (.-.) - [0.46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_6572.freespace.log
[MD5.C2B76C40EDF653C14EE64EE7D379E26A] - |A| - [15/03/2018 16:45:07] - (.-.) - [76358.57 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_6572.full.dmp
[MD5.AEC7196948EDAA3FED9A394240DBD884] - |A| - [15/03/2018 16:45:07] - (.-.) - [728.88 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_6572.mini.dmp
[MD5.7E5F040087269DA954AA840800B0DF69] - |A| - [15/03/2018 16:45:07] - (.-.) - [168.66 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_6572.tiny.dmp
[MD5.67A6AB474621BA2AF01C123FE9543D73] - |AH| - [15/03/2018 16:45:49] - (.-.) - [0.46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_6688.freespace.log
[MD5.90A997D898B930910F72D4C402FF0EC8] - |A| - [15/03/2018 16:45:49] - (.-.) - [78018.85 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_6688.full.dmp
[MD5.D9D7A5BDA6E66B0D01422722A3A0D1C9] - |A| - [15/03/2018 16:45:49] - (.-.) - [730.62 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_6688.mini.dmp
[MD5.15C6B0839FE6B64F8938EEBEA0037F90] - |A| - [15/03/2018 16:45:49] - (.-.) - [170.4 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_6688.tiny.dmp
[MD5.D2626A940599CDC52280F5BEA009B8A8] - |AH| - [23/02/2018 19:24:11] - (.-.) - [0.09 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_7504.freespace.log
[MD5.B569692BB32DBB069512F65E131CA7BD] - |AH| - [16/03/2018 19:35:20] - (.-.) - [0.06 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\RMVR-SRVC-.1.0.0.1275_8336.freespace.log
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [169 Ko] - C:\Windows\SysWOW64\ro-RO
[MD5.00000000000000000000000000000000] - |D| - [18/05/2017 12:35:22] - [2214.79 Ko] - C:\Windows\SysWOW64\RTCOM
[MD5.D8285609CBAB9BE206FEFF5E085FFFA9] - |A| - [04/05/2008 18:08:49] - (.-.) - [5.97 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\SHELLLNK.TLB
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [169.5 Ko] - C:\Windows\SysWOW64\sk-SK
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [166 Ko] - C:\Windows\SysWOW64\sl-SI
[MD5.00000000000000000000000000000000] - |D| - [12/04/2011 10:17:52] - [42.67 Ko] - C:\Windows\SysWOW64\slmgr
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [2803 Ko] - C:\Windows\SysWOW64\Speech
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1191.84 Ko] - C:\Windows\SysWOW64\spp
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [30.19 Ko] - C:\Windows\SysWOW64\sppui
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [170 Ko] - C:\Windows\SysWOW64\sr-Latn-CS
[MD5.2C5CBDEF922766BF9ADC01862A846DD5] - |A| - [23/03/2020 14:56:45] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [333.24 Ko] - (4.0.0.59) - C:\Windows\SysWOW64\SRCOM.dll
[MD5.57D1A8F481B16751F5A5DBC072E4B882] - |A| - [07/02/2012 17:42:52] - (.Copyright © 1993 - 1997, Sheridan Software - Data Widgets OCX - DataGrid/Combo/DropDown Control.) - [830.27 Ko] - (3.1.1.5) - C:\Windows\SysWOW64\ssdw3b32.ocx
[MD5.17C320235F40CF460D0DC9F031A7E9C2] - |A| - [04/05/2008 18:08:49] - (.Copyright © 1998-2004, Steve McMahon, Marzo Sette Torres, Bruce McKinney. - Subclassing and Timer Assistant, modified to use ASM Thunk with configurable message response, multi control support and bug fixed for timer errors..) - [52 Ko] - (2.0.0.0) - C:\Windows\SysWOW64\SSubTmr6.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [421.5 Ko] - C:\Windows\SysWOW64\sv-SE
[MD5.00000000000000000000000000000000] - |D| - [12/04/2011 10:17:52] - [0 Ko] - C:\Windows\SysWOW64\sysprep
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\Tasks
[MD5.AA0CD882D20B5B43AC0C4F0B0AAF2A24] - |A| - [14/03/2019 18:01:36] - (.Copyright c 1995-2003 David Berneda. Portions Copyright c 1997-2003 David Berneda and Marc Meumann - TeeChart Pro Activex v5.) - [2553 Ko] - (5.0.5.0) - C:\Windows\SysWOW64\TeeChart5.ocx
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [157 Ko] - C:\Windows\SysWOW64\th-TH
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [419 Ko] - C:\Windows\SysWOW64\tr-TR
[MD5.636F3B4CDE6165A5201E7AEB76570C65] - |A| - [04/05/2008 18:08:49] - (.-.) - [52 Ko] - (1.0.0.0) - C:\Windows\SysWOW64\tslicc.ocx
[MD5.A4C12DA98539552F241DEDC38D7E26FB] - |A| - [04/05/2008 18:08:49] - (.-.) - [6.01 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\txp4.cpl
[MD5.7588D2BFF29B7A6FBC7EF7C96B7BDDBA] - |A| - [04/05/2008 18:08:49] - (.(C) 2002-2003 by Totalidea Software, Germany, New Zealand - CPL Launcher for Tweak-XP Pro.) - [24 Ko] - (3.0.0.0) - C:\Windows\SysWOW64\TXPstart.exe
[MD5.1B5755EC1AFCC2C47E438776497E0CEA] - |A| - [04/05/2008 18:08:49] - (.-.) - [80 Ko] - (1.0.0.0) - C:\Windows\SysWOW64\txptabs.ocx
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [166.5 Ko] - C:\Windows\SysWOW64\uk-UA
[MD5.15BD0F8D507546F512EE5D73C3721FA8] - |A| - [14/07/2009 04:35:41] - (.Copyright © 2000 - vfpodbc.) - [20.05 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\vfpodbc.dll
[MD5.86209CF199A6BF08A1DB7980E682F9BD] - |A| - [26/03/2019 23:32:29] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\winsevr.dat
[MD5.D494267BC169604FAC5E3679B9A97FED] - |A| - [23/03/2020 15:16:38] - (.Copyright © 2008 - OpenAL32.) - [434.52 Ko] - (2.2.0.5) - C:\Windows\SysWOW64\wrap_oal.dll
[MD5.00000000000000000000000000000000] - |D| - [23/03/2020 15:16:10] - [137.65 Ko] - C:\Windows\SysWOW64\xlive
[MD5.340292C12C3533CE83BDC694D27A261E] - |A| - [09/04/2011 19:55:28] - (.-.) - [175.06 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xlive.dll.cat
[MD5.00000000000000000000000000000000] - |D| - [18/04/2016 23:23:45] - [10.16 Ko] - C:\Windows\SysWOW64\XPSViewer
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [333.5 Ko] - C:\Windows\SysWOW64\zh-CN
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [255.5 Ko] - C:\Windows\SysWOW64\zh-HK
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [334 Ko] - C:\Windows\SysWOW64\zh-TW

---------- | [Public]

[23/12/2017 23:30:56] - |D| - [0] - C:\Users\Public\AppData
[14/07/2009 05:20:08] - |RHD| - [4851] - C:\Users\Public\Desktop
[14/07/2009 06:54:24] - |ASH| - [174] - C:\Users\Public\desktop.ini
[14/07/2009 05:20:08] - |RD| - [6199286693] - C:\Users\Public\Documents
[14/07/2009 05:20:08] - |RD| - [174] - C:\Users\Public\Downloads
[14/07/2009 05:20:08] - |RHD| - [0] - C:\Users\Public\Favorites
[14/07/2009 05:20:08] - |RHD| - [3978] - C:\Users\Public\Libraries
[14/07/2009 05:20:08] - |RD| - [24711419] - C:\Users\Public\Music
[18/05/2017 22:15:21] - |A| - [262144] - C:\Users\Public\ntuser.dat
[18/05/2017 22:15:21] - |ASH| - [5120] - C:\Users\Public\ntuser.dat.LOG1
[18/05/2017 22:15:21] - |ASH| - [0] - C:\Users\Public\ntuser.dat.LOG2
[18/05/2017 22:15:21] - |ASH| - [65536] - C:\Users\Public\ntuser.dat{3949dfbf-3c03-11e7-8956-00030d000001}.TM.blf
[18/05/2017 22:15:21] - |ASH| - [524288] - C:\Users\Public\ntuser.dat{3949dfbf-3c03-11e7-8956-00030d000001}.TMContainer00000000000000000001.regtrans-ms
[18/05/2017 22:15:21] - |ASH| - [524288] - C:\Users\Public\ntuser.dat{3949dfbf-3c03-11e7-8956-00030d000001}.TMContainer00000000000000000002.regtrans-ms
[18/05/2017 22:15:38] - |ASH| - [65536] - C:\Users\Public\ntuser.dat{3949dfd5-3c03-11e7-8956-00030d000001}.TM.blf
[18/05/2017 22:15:38] - |ASH| - [524288] - C:\Users\Public\ntuser.dat{3949dfd5-3c03-11e7-8956-00030d000001}.TMContainer00000000000000000001.regtrans-ms
[18/05/2017 22:15:38] - |ASH| - [524288] - C:\Users\Public\ntuser.dat{3949dfd5-3c03-11e7-8956-00030d000001}.TMContainer00000000000000000002.regtrans-ms
[14/07/2009 05:20:08] - |RD| - [20278729] - C:\Users\Public\Pictures
[12/04/2011 10:28:15] - |RD| - [9699328] - C:\Users\Public\Recorded TV
[14/07/2009 05:20:08] - |RD| - [193586223] - C:\Users\Public\Videos
[23/12/2017 23:30:56] - |D| - [0] - C:\Users\Public\AppData\Local
[23/12/2017 23:30:56] - |D| - [0] - C:\Users\Public\AppData\Local\temp

---------- | [tolunq]

[22/07/2017 21:04:42] - |D| - [2732] - C:\Users\tolunq\.android
[18/05/2017 13:14:01] - |A| - [0] - C:\Users\tolunq\agent.log
[18/05/2017 12:21:04] - |HD| - [11635138071] - C:\Users\tolunq\AppData
[18/05/2017 12:21:04] - |SHD| - [0] - C:\Users\tolunq\Application Data
[17/01/2020 09:32:37] - |A| - [1028] - C:\Users\tolunq\bureau win7.lnk
[08/11/2018 14:02:13] - |A| - [10384] - C:\Users\tolunq\chien.jpg
[18/05/2017 12:21:14] - |RD| - [68787] - C:\Users\tolunq\Contacts
[18/05/2017 12:21:04] - |SHD| - [0] - C:\Users\tolunq\Cookies
[18/05/2017 12:21:04] - |RD| - [7509816635] - C:\Users\tolunq\Desktop
[03/01/2018 22:36:19] - |RD| - [2673] - C:\Users\tolunq\Documents
[18/05/2017 12:21:04] - |RD| - [584534884] - C:\Users\tolunq\Downloads
[18/07/2019 20:54:42] - |RD| - [246509575] - C:\Users\tolunq\Dropbox
[18/05/2017 12:21:04] - |RD| - [784] - C:\Users\tolunq\Favorites
[23/07/2017 21:42:25] - |RD| - [187] - C:\Users\tolunq\Google Drive
[15/03/2018 16:18:21] - |SHD| - [24444] - C:\Users\tolunq\IntelGraphicsProfiles
[18/05/2017 12:21:04] - |RD| - [8215] - C:\Users\tolunq\Links
[18/05/2017 12:21:04] - |SHD| - [0] - C:\Users\tolunq\Local Settings
[18/05/2017 12:48:48] - |D| - [91079] - C:\Users\tolunq\Lucidlogix
[18/05/2017 12:21:04] - |SHD| - [0] - C:\Users\tolunq\Menu Démarrer
[18/05/2017 12:21:04] - |SHD| - [0] - C:\Users\tolunq\Mes documents
[18/05/2017 12:21:04] - |SHD| - [0] - C:\Users\tolunq\Modèles
[18/05/2017 12:21:04] - |RD| - [489273778] - C:\Users\tolunq\Music
[18/05/2017 12:21:04] - |AH| - [5505024] - C:\Users\tolunq\ntuser.dat
[18/05/2017 12:21:04] - |ASH| - [262144] - C:\Users\tolunq\ntuser.dat.LOG1
[18/05/2017 12:21:04] - |ASH| - [0] - C:\Users\tolunq\ntuser.dat.LOG2
[18/05/2017 12:21:04] - |ASH| - [65536] - C:\Users\tolunq\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[18/05/2017 12:21:04] - |ASH| - [524288] - C:\Users\tolunq\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[18/05/2017 12:21:04] - |ASH| - [524288] - C:\Users\tolunq\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[01/03/2020 21:53:01] - |ASH| - [65536] - C:\Users\tolunq\ntuser.dat{3a06dca6-5bf6-11ea-969a-bc5ff45af7c4}.TM.blf
[01/03/2020 21:53:01] - |ASH| - [524288] - C:\Users\tolunq\ntuser.dat{3a06dca6-5bf6-11ea-969a-bc5ff45af7c4}.TMContainer00000000000000000001.regtrans-ms
[01/03/2020 21:53:01] - |ASH| - [524288] - C:\Users\tolunq\ntuser.dat{3a06dca6-5bf6-11ea-969a-bc5ff45af7c4}.TMContainer00000000000000000002.regtrans-ms
[04/04/2020 18:57:32] - |ASH| - [65536] - C:\Users\tolunq\ntuser.dat{4e6676f7-7695-11ea-999f-bc5ff45af7c4}.TM.blf
[04/04/2020 18:57:32] - |ASH| - [524288] - C:\Users\tolunq\ntuser.dat{4e6676f7-7695-11ea-999f-bc5ff45af7c4}.TMContainer00000000000000000001.regtrans-ms
[04/04/2020 18:57:32] - |ASH| - [524288] - C:\Users\tolunq\ntuser.dat{4e6676f7-7695-11ea-999f-bc5ff45af7c4}.TMContainer00000000000000000002.regtrans-ms
[27/01/2019 23:34:42] - |ASH| - [65536] - C:\Users\tolunq\NTUSER.DAT{53a552b8-227b-11e9-bb9c-bc5ff45af7c4}.TM.blf
[27/01/2019 23:34:42] - |ASH| - [524288] - C:\Users\tolunq\NTUSER.DAT{53a552b8-227b-11e9-bb9c-bc5ff45af7c4}.TMContainer00000000000000000001.regtrans-ms
[27/01/2019 23:34:42] - |ASH| - [524288] - C:\Users\tolunq\NTUSER.DAT{53a552b8-227b-11e9-bb9c-bc5ff45af7c4}.TMContainer00000000000000000002.regtrans-ms
[23/01/2019 21:54:02] - |ASH| - [65536] - C:\Users\tolunq\NTUSER.DAT{99dd1556-1f48-11e9-98a3-bc5ff45af7c4}.TM.blf
[23/01/2019 21:54:02] - |ASH| - [524288] - C:\Users\tolunq\NTUSER.DAT{99dd1556-1f48-11e9-98a3-bc5ff45af7c4}.TMContainer00000000000000000001.regtrans-ms
[23/01/2019 21:54:02] - |ASH| - [524288] - C:\Users\tolunq\NTUSER.DAT{99dd1556-1f48-11e9-98a3-bc5ff45af7c4}.TMContainer00000000000000000002.regtrans-ms
[07/04/2020 10:57:53] - |ASH| - [65536] - C:\Users\tolunq\ntuser.dat{cc099238-78ad-11ea-bcf9-bc5ff45af7c4}.TM.blf
[07/04/2020 10:57:53] - |ASH| - [524288] - C:\Users\tolunq\ntuser.dat{cc099238-78ad-11ea-bcf9-bc5ff45af7c4}.TMContainer00000000000000000001.regtrans-ms
[07/04/2020 10:57:53] - |ASH| - [524288] - C:\Users\tolunq\ntuser.dat{cc099238-78ad-11ea-bcf9-bc5ff45af7c4}.TMContainer00000000000000000002.regtrans-ms
[18/05/2017 12:21:04] - |SH| - [20] - C:\Users\tolunq\ntuser.ini
[22/07/2017 19:45:01] - |RD| - [0] - C:\Users\tolunq\OneDrive
[18/05/2017 12:21:04] - |D| - [124004] - C:\Users\tolunq\Pictures
[18/05/2017 12:21:04] - |SHD| - [0] - C:\Users\tolunq\Recent
[18/05/2017 12:21:04] - |RD| - [1539] - C:\Users\tolunq\Saved Games
[18/05/2017 12:21:20] - |RD| - [1020] - C:\Users\tolunq\Searches
[18/05/2017 12:21:04] - |SHD| - [0] - C:\Users\tolunq\SendTo
[28/05/2017 14:15:45] - |A| - [731] - C:\Users\tolunq\Sti_Trace.log
[26/03/2018 20:30:12] - |D| - [0] - C:\Users\tolunq\temp
[08/11/2018 14:02:34] - |ASH| - [14336] - C:\Users\tolunq\Thumbs.db
[22/05/2017 21:12:23] - |D| - [401408] - C:\Users\tolunq\Tracing
[18/05/2017 12:21:04] - |SHD| - [0] - C:\Users\tolunq\Voisinage d'impression
[18/05/2017 12:21:04] - |SHD| - [0] - C:\Users\tolunq\Voisinage réseau
[18/05/2017 12:21:04] - |D| - [6342446718] - C:\Users\tolunq\AppData\Local
[18/05/2017 12:21:04] - |D| - [12514665] - C:\Users\tolunq\AppData\LocalLow
[18/05/2017 12:21:04] - |D| - [5280176688] - C:\Users\tolunq\AppData\Roaming
[16/02/2020 20:07:10] - |D| - [1623] - C:\Users\tolunq\AppData\Local\AC2
[25/05/2017 09:43:21] - |D| - [47187304] - C:\Users\tolunq\AppData\Local\Adobe
[30/05/2019 21:30:09] - |D| - [26] - C:\Users\tolunq\AppData\Local\AdvinstAnalytics
[25/09/2017 10:16:53] - |D| - [659] - C:\Users\tolunq\AppData\Local\Alternate
[25/03/2020 14:41:04] - |D| - [372996] - C:\Users\tolunq\AppData\Local\AMD
[18/05/2017 12:21:04] - |SHD| - [0] - C:\Users\tolunq\AppData\Local\Application Data
[10/01/2018 17:35:29] - |D| - [0] - C:\Users\tolunq\AppData\Local\Apps
[28/05/2017 17:49:49] - |D| - [22916400] - C:\Users\tolunq\AppData\Local\assembly
[18/05/2017 22:23:25] - |D| - [70468] - C:\Users\tolunq\AppData\Local\ATI
[26/10/2018 11:31:14] - |D| - [0] - C:\Users\tolunq\AppData\Local\Audacity
[21/05/2017 22:19:34] - |D| - [10493] - C:\Users\tolunq\AppData\Local\AxCrypt
[01/11/2019 20:26:37] - |D| - [3976] - C:\Users\tolunq\AppData\Local\BeyondEnemyLines2
[29/01/2020 18:05:42] - |D| - [45287988] - C:\Users\tolunq\AppData\Local\bitwarden-updater
[08/04/2020 21:33:36] - |D| - [53105] - C:\Users\tolunq\AppData\Local\cache
[25/05/2017 09:50:49] - |D| - [446642] - C:\Users\tolunq\AppData\Local\CEF
[21/05/2017 22:20:49] - |D| - [0] - C:\Users\tolunq\AppData\Local\CrashDumps
[22/05/2017 20:11:00] - |D| - [23] - C:\Users\tolunq\AppData\Local\CrashRpt
[28/08/2019 11:03:55] - |D| - [6561933] - C:\Users\tolunq\AppData\Local\Dashlane
[23/12/2017 12:35:08] - |A| - [3584] - C:\Users\tolunq\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[09/02/2020 21:39:29] - |D| - [7314818] - C:\Users\tolunq\AppData\Local\DeepL_GmbH
[24/09/2019 16:34:41] - |D| - [13021] - C:\Users\tolunq\AppData\Local\DeskShare Data
[25/08/2017 09:51:55] - |D| - [0] - C:\Users\tolunq\AppData\Local\Diagnostics
[18/12/2017 20:47:03] - |D| - [118539264] - C:\Users\tolunq\AppData\Local\Downloaded Installations
[18/07/2019 20:52:39] - |D| - [16878842] - C:\Users\tolunq\AppData\Local\Dropbox
[02/08/2017 00:31:26] - |D| - [0] - C:\Users\tolunq\AppData\Local\ElevatedDiagnostics
[17/08/2019 11:36:58] - |D| - [277185618] - C:\Users\tolunq\AppData\Local\ESET
[10/01/2018 21:58:15] - |D| - [1251] - C:\Users\tolunq\AppData\Local\factormystic.net
[06/11/2018 21:30:15] - |D| - [22280] - C:\Users\tolunq\AppData\Local\FileZilla
[18/02/2019 18:58:13] - |D| - [80] - C:\Users\tolunq\AppData\Local\Garmin
[18/02/2019 18:58:15] - |D| - [2323] - C:\Users\tolunq\AppData\Local\Garmin_Ltd._or_its_subsid
[18/05/2017 12:21:06] - |A| - [134128] - C:\Users\tolunq\AppData\Local\GDIPFONTCACHEV1.DAT
[26/05/2019 21:33:16] - |D| - [2007] - C:\Users\tolunq\AppData\Local\GOG.com
[19/05/2017 22:32:55] - |D| - [114014433] - C:\Users\tolunq\AppData\Local\Google
[18/05/2017 12:21:04] - |SHD| - [0] - C:\Users\tolunq\AppData\Local\Historique
[06/07/2019 13:01:45] - |AH| - [4664470] - C:\Users\tolunq\AppData\Local\IconCache.db
[07/01/2018 14:40:24] - |AH| - [1468196] - C:\Users\tolunq\AppData\Local\IconCache.db old
[23/03/2020 20:02:04] - |D| - [5089272] - C:\Users\tolunq\AppData\Local\Kaspersky Lab
[24/05/2017 22:48:30] - |D| - [250880] - C:\Users\tolunq\AppData\Local\KeePass
[28/09/2017 12:30:54] - |D| - [5166268] - C:\Users\tolunq\AppData\Local\Kobo
[04/06/2017 11:00:02] - |D| - [1184596] - C:\Users\tolunq\AppData\Local\Logitech
[22/12/2017 23:45:32] - |D| - [0] - C:\Users\tolunq\AppData\Local\LooksBuilder
[26/01/2020 13:04:45] - |D| - [7091] - C:\Users\tolunq\AppData\Local\LumaEmu_SteamCloud
[30/11/2017 11:41:45] - |D| - [0] - C:\Users\tolunq\AppData\Local\Macromedia
[08/04/2020 21:33:34] - |D| - [885396] - C:\Users\tolunq\AppData\Local\mbam
[28/03/2020 12:05:11] - |D| - [278148] - C:\Users\tolunq\AppData\Local\mbamtray
[31/07/2017 10:11:57] - |D| - [4769746] - C:\Users\tolunq\AppData\Local\Mega Limited
[30/01/2020 21:56:13] - |D| - [73962176] - C:\Users\tolunq\AppData\Local\MEGAsync
[24/12/2018 12:58:16] - |D| - [3191380] - C:\Users\tolunq\AppData\Local\Mephisto
[18/05/2017 12:21:04] - |D| - [4219924365] - C:\Users\tolunq\AppData\Local\Microsoft
[19/05/2017 20:53:35] - |D| - [218728] - C:\Users\tolunq\AppData\Local\Microsoft Help
[26/05/2019 12:06:10] - |D| - [237148860] - C:\Users\tolunq\AppData\Local\Molotov
[18/05/2017 13:04:07] - |D| - [17996018] - C:\Users\tolunq\AppData\Local\Mozilla
[30/04/2018 20:22:44] - |D| - [1350840] - C:\Users\tolunq\AppData\Local\Nero
[28/09/2018 11:40:31] - |A| - [0] - C:\Users\tolunq\AppData\Local\oobelibMkey.log
[29/09/2018 22:49:18] - |D| - [947144695] - C:\Users\tolunq\AppData\Local\Packages
[22/12/2017 21:46:29] - |D| - [7010553] - C:\Users\tolunq\AppData\Local\Pinnacle
[26/03/2018 20:22:54] - |D| - [17329363] - C:\Users\tolunq\AppData\Local\Pinnacle_Studio_21
[22/05/2017 20:23:47] - |D| - [0] - C:\Users\tolunq\AppData\Local\Programs
[22/12/2019 20:11:17] - |D| - [98512] - C:\Users\tolunq\AppData\Local\RadeonInstaller
[28/12/2018 22:28:50] - |D| - [22965088] - C:\Users\tolunq\AppData\Local\RawTherapee
[19/05/2017 21:31:28] - |D| - [0] - C:\Users\tolunq\AppData\Local\Skype
[26/05/2019 21:33:13] - |D| - [3150986] - C:\Users\tolunq\AppData\Local\Sniper Elite V2 Remastered
[17/08/2017 20:54:44] - |D| - [0] - C:\Users\tolunq\AppData\Local\Sony
[24/09/2019 16:32:29] - |D| - [16] - C:\Users\tolunq\AppData\Local\Spoon
[26/05/2019 12:05:06] - |D| - [18955] - C:\Users\tolunq\AppData\Local\SquirrelTemp
[18/05/2017 12:21:04] - |D| - [1395712] - C:\Users\tolunq\AppData\Local\Temp
[18/05/2017 12:21:04] - |SHD| - [0] - C:\Users\tolunq\AppData\Local\Temporary Internet Files
[20/07/2019 10:51:51] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign001f661812109bc0
[21/06/2019 14:53:13] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign00acb4057bcc7394
[14/04/2019 12:04:56] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign022ecc9a01e5a0eb
[26/09/2019 09:26:39] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign02b84f497d4c4a03
[06/04/2019 12:22:33] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign03b72f6e081fb658
[20/07/2019 09:17:43] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign03f8a2d9c302172e
[07/12/2019 17:43:23] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign04b21ba339a058c7
[03/09/2019 11:43:15] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign05be99db8cb2aa93
[25/04/2019 11:11:49] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign082f0a551f5b9379
[18/08/2019 10:53:57] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign0c05bb1bbdf0ccde
[06/04/2019 12:22:48] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign0e2aff5c88f678d5
[26/09/2019 09:40:10] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign0e79846275d463f1
[31/05/2019 15:06:16] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign0ea4d730c0f1dece
[22/07/2019 11:48:51] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign0f12b344424f4639
[04/12/2019 21:22:37] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign129b2c64d5fbef6a
[04/12/2019 21:55:21] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign12df4809ff81d16e
[06/04/2019 12:22:33] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign15af8aab4080cd71
[24/07/2019 13:12:18] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign16d7009a6788cb6d
[10/05/2019 10:33:30] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign16da98f056997b44
[12/01/2020 20:06:37] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign1942b9e4b0da5ced
[07/12/2019 17:42:57] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign20575c7f54d00aad
[27/07/2019 19:03:37] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign2169a690a999dce0
[31/05/2019 15:07:59] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign2647adc5e047fee2
[23/11/2019 19:48:49] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign2709112c3015f2f6
[02/09/2019 09:41:13] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign2b7855300e84eb85
[06/04/2019 12:26:14] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign2bc691c69895b695
[07/12/2019 17:42:57] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign2e36e250a2313b57
[26/03/2020 11:33:29] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign2fca3679eed5b7a5
[03/09/2019 11:41:29] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign318665b89adfcff1
[27/07/2019 12:33:03] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign33837b75a1c6697b
[29/03/2020 19:05:01] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign350d63aa860e1ad9
[04/04/2020 11:52:19] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign35736e66f1119c90
[18/11/2019 19:18:08] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign35db91afc9a1613e
[31/07/2019 09:13:41] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign36bb39f8c8168f08
[27/07/2019 19:03:37] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign36e289e1df3c2aec
[20/11/2019 11:55:28] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign37de53d057bc2193
[30/06/2019 10:59:59] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign3936fc0b7e2b5b4e
[21/07/2019 19:15:14] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign3b6fc1aab1f3ef36
[14/04/2019 11:45:28] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign3f43600788523d26
[29/09/2019 11:10:15] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign3f7c3f79958c335f
[12/01/2020 20:07:21] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign4000eb60d2aa16fe
[20/08/2019 13:34:21] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign404d4b9f4c54f04f
[24/06/2019 13:18:55] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign410bfd0f370a986a
[04/12/2019 21:48:34] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign41e28c22aba4f989
[06/04/2019 13:28:01] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign45aa6ce09fdf106d
[30/03/2020 09:34:13] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign469c4860acc1a2bf
[10/05/2019 09:30:20] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign46a4c0bc8dabf68c
[20/08/2019 12:35:30] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign46d60df57b96a1bf
[21/06/2019 14:06:40] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign4b529c7894fd8781
[01/04/2020 17:09:18] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign4b6849c232927518
[17/07/2019 22:53:58] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign4bf56c8d64a83517
[05/04/2020 12:48:01] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign4c26ac4d0c011d68
[25/03/2020 14:41:06] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign4d9d8a2d949c4046
[20/07/2019 09:12:16] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign4da60172cc33eba4
[24/11/2019 21:20:10] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign4ddc78944b6fe699
[18/11/2019 18:12:11] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign4eaea0a574c0fa33
[12/01/2020 20:06:37] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign50fc2b0dc7ecdd7c
[21/06/2019 14:38:51] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign519b7dff2272e0d3
[04/04/2020 11:46:55] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign529431f6548a6c5b
[13/04/2019 18:55:59] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign54d71bc722337c77
[20/07/2019 09:10:19] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign5aca9c5623326ffe
[24/11/2019 21:22:40] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign5bbb41467f119232
[30/06/2019 10:55:02] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign5bd84ece193d5442
[20/11/2019 11:55:26] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign5d0dc0cf208bef3d
[21/06/2019 14:38:51] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign5f98f80a49212470
[19/01/2020 22:30:46] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign610764f3a88e0927
[26/06/2019 10:39:01] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign621a3302b323b9d4
[20/11/2019 11:55:26] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign644c1c0769883000
[05/03/2020 12:08:57] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign66079160fa4d6d55
[05/04/2020 12:51:06] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign676f7254422a0b4a
[09/04/2020 20:40:09] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign679ce98e8fd5b11b
[11/10/2019 10:42:50] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign68072a3930931088
[25/04/2019 10:56:24] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign688de118d06fee35
[20/07/2019 09:18:02] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign69dec698d95d9c8d
[18/11/2019 19:03:23] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign6aa887f14b70b788
[10/03/2020 12:52:18] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign6d1ddd8b373ead0d
[17/07/2019 22:43:19] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign6e4e56cc0ed68eaf
[27/06/2019 13:35:52] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign6f78519f6ed70888
[26/06/2019 10:39:01] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign6ffb01a2beb4ba89
[30/03/2020 09:34:16] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign71c5b4e4cf9d52b6
[04/12/2019 21:19:02] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign7284818d030cc475
[24/07/2019 13:12:15] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign741526b1d8ad3c51
[08/04/2019 11:44:56] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign76b2d65473074fa2
[23/11/2019 19:18:36] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign7d5fdb8ec28d0833
[18/11/2019 12:49:35] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign7dfd7411b29f2cb7
[18/11/2019 18:12:11] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign7e2e1eb086f2f26a
[18/11/2019 12:43:08] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign7eea29414d745402
[02/12/2019 21:11:11] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign80e4ab73c1680884
[26/11/2019 19:30:33] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign813a4d7d777c5d18
[24/11/2019 22:51:18] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign816df9eb216a16af
[25/04/2019 10:56:51] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign81990c608370666f
[24/11/2019 22:38:23] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign82883c9e91b6c78d
[27/07/2019 10:16:35] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign8327f67664523ed2
[22/06/2019 13:44:29] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign8329bd638b0117a6
[04/12/2019 21:19:02] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign840d80b0804a707b
[26/11/2019 19:29:50] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign8624403a995d6059
[20/07/2019 09:10:54] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign867d09679db65823
[04/12/2019 21:56:54] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign86c1fe605b0550b7
[05/03/2020 12:04:47] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign87d2130eff3fe935
[08/04/2019 11:44:06] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign87ff867166f60d57
[21/08/2019 17:02:09] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign894875e7ff75a801
[22/06/2019 13:43:47] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign897366c2e4c607ec
[22/07/2019 11:29:13] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign8a5f63f73ae1f3b4
[20/07/2019 09:12:16] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign8a83202fc82923e2
[27/06/2019 13:35:52] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign8b76ac75294f9c4e
[11/10/2019 10:42:45] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign8c60d6884e737567
[01/04/2020 17:09:18] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign8cc7df04ecf77b39
[27/07/2019 10:21:41] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign8e85f5ac13cec338
[14/04/2019 12:00:57] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign92e10a0e074b6e8f
[31/05/2019 15:06:16] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign94dd734944c64b28
[10/05/2019 09:30:20] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign9589be8570cf086b
[25/04/2019 10:56:24] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign95d1cf94db771229
[17/07/2019 22:43:19] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign9619eff540d20415
[23/11/2019 19:18:36] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign96de8306f0881746
[25/11/2019 12:35:46] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign979dcd71b468a6db
[02/12/2019 21:11:11] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign98b88c517839527c
[29/03/2020 19:05:01] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign98bde51c288684bf
[11/02/2020 12:45:03] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign999abee38c82c3b0
[21/08/2019 17:02:09] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign99dc0d1c2f5c4b1b
[18/08/2019 10:53:57] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign9a2c8431b5130f62
[18/11/2019 19:03:23] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign9a3a6635f5dadbd5
[22/07/2019 11:29:13] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign9aafd785f612588a
[11/02/2020 12:44:26] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign9cb14121fe523520
[31/07/2019 09:42:55] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign9d673c38c7651917
[25/06/2019 16:46:45] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign9e40b677bf43abf9
[04/04/2020 11:46:55] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsign9f9c0f8b3f7f104f
[04/12/2019 21:37:47] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigna0e15209d66ed8cd
[26/03/2020 11:33:29] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigna2348f8e6a0c41cd
[06/04/2019 13:27:21] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigna23acdf91a19d83b
[18/11/2019 12:43:08] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigna2d696f3630a6c2e
[18/11/2019 12:44:50] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigna440393dbcd810d6
[23/07/2019 19:08:20] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigna54d16941a28e791
[30/03/2020 09:34:13] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigna631395ac434635b
[08/04/2019 11:44:06] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigna6e24b9c92224603
[20/07/2019 09:12:57] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigna8ae420eb023edb1
[27/07/2019 12:33:03] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignaa6458e90191e108
[13/04/2019 18:51:24] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignabe3721503eb320e
[03/09/2019 11:41:29] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignac718bde76dc73e7
[10/03/2020 12:51:17] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignada7c4eb2a9d5797
[31/07/2019 09:13:41] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignaf0ae6a66d33aa2e
[25/06/2019 16:46:04] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignb0ad21ac8fda62b3
[25/03/2020 14:41:13] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignb1298a70a11b7f60
[04/12/2019 21:22:37] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignb2723a8c79fb6a26
[25/09/2019 12:34:00] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignb5061c9ebd350251
[24/11/2019 22:51:18] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignb65e82bdec1ce093
[24/11/2019 22:48:41] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignb75c46a4f2332d98
[29/09/2019 11:09:17] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignb8a0c492e64da980
[14/04/2019 11:46:31] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignb9379381a8b34f1d
[30/01/2020 15:12:00] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignb9b66dfc675a18eb
[14/04/2019 12:00:57] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignbb749e024dfe9df1
[29/09/2019 11:09:17] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignbbb20d3d15a6c7f1
[23/07/2019 19:14:36] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignbd0c9397e490ae44
[31/07/2019 09:42:55] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignbd1ae5b783cdddc5
[23/07/2019 19:12:25] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignc0edccd5a4eaa896
[09/04/2020 20:40:09] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignc120d6746d1b5821
[21/07/2019 19:15:14] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignc1c91a0ea3df50d6
[20/06/2019 10:25:56] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignc24a022574e25782
[30/01/2020 15:15:57] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignc4873861dd00cdde
[23/07/2019 19:13:24] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignc59e4ec0f4f35eb1
[29/07/2019 21:06:23] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignc6e13304cc4a8661
[05/09/2019 21:31:09] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignc769cf767f674f0c
[25/09/2019 12:34:00] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignc872e1217106c1db
[29/11/2017 15:20:26] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignc8c601a8360e309a
[25/06/2019 16:46:04] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigncd44eba9110cbc35
[20/08/2019 12:35:30] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigncdd854e24642d8d9
[20/07/2019 10:51:53] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigncfad7a32dd14734f
[27/06/2019 13:47:53] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigncfbd6dbeea7c3a11
[18/11/2019 18:12:13] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignd01ce54efdefe3b5
[27/07/2019 12:36:30] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignd0b5286c81262ae0
[11/02/2020 12:44:26] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignd2d23039bf9830ad
[08/12/2018 18:35:16] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignd4c5be1eaa536099
[01/04/2020 17:09:52] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignd5842f29eee82c47
[02/12/2019 21:11:39] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignd7767302600a105b
[04/12/2019 21:55:43] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignd95cf706817ca162
[24/07/2019 13:12:15] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignda7df6d3b3c280fa
[20/07/2019 10:51:51] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignddd850e37f3a30d1
[26/11/2019 19:29:50] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignde08679a2e3bc2f7
[27/07/2019 19:06:42] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignde08b2bbe8254227
[10/03/2020 12:51:17] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigndecabe7c518169c0
[20/07/2019 09:10:19] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigndf68938de1ef7229
[05/04/2020 12:48:01] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigne0a8e2a7d7ef8b3a
[06/04/2019 13:27:21] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigne102995e35c46a94
[23/07/2019 19:08:20] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigne14403079e05cb6f
[21/06/2019 14:06:40] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigne2781ad5b932394c
[24/11/2019 21:20:10] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigne2aa4f60f89fccdc
[18/11/2019 12:44:09] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigne2ac273e670a0ce3
[18/11/2019 19:05:25] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigne2f941eaec307d11
[27/07/2019 10:16:35] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigne3484e3fac3b7be6
[05/09/2019 21:31:09] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigne43e7647e77acfa8
[11/10/2019 10:42:45] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigne4459ba5959c4883
[19/01/2020 22:30:10] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigne8a196ab3e791532
[21/06/2019 14:25:21] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigne96461b1f668b22a
[13/04/2019 18:51:24] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigneb0cd63fce6f3228
[30/06/2019 10:55:02] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsigneec240d60861866c
[29/07/2019 22:01:02] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignf10b022018c08d61
[24/11/2019 22:38:23] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignf16ca9908f7e1dcf
[24/11/2019 22:51:21] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignf24c12c2f33f922a
[25/11/2019 12:35:43] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignf29f9dc16a35b1b5
[06/04/2019 12:22:47] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignf877d488beb304eb
[29/07/2019 21:06:23] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignf884c172d00764f7
[20/06/2019 10:25:56] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignfacaa4320adbf102
[02/09/2019 09:11:47] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignfaf0ca4d7bfae6b1
[20/07/2019 09:17:42] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignfb80918dc4697e3d
[18/11/2019 12:44:50] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignfcb75ebe8f59eeb4
[02/12/2019 21:11:39] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignfe2355870b94f943
[04/12/2019 21:55:43] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignfe62a31867eeda65
[04/12/2019 21:19:26] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignff10079290a65443
[04/12/2019 21:48:34] - |D| - [0] - C:\Users\tolunq\AppData\Local\Tempzxpsignff4b944c92912ebd
[24/08/2018 22:32:42] - |D| - [81784939] - C:\Users\tolunq\AppData\Local\TomTom
[09/12/2018 10:29:51] - |D| - [0] - C:\Users\tolunq\AppData\Local\Univers photo Pixum
[01/11/2019 20:26:36] - |D| - [54] - C:\Users\tolunq\AppData\Local\UnrealEngine
[18/05/2017 12:21:13] - |D| - [9390] - C:\Users\tolunq\AppData\Local\VirtualStore
[19/05/2017 21:59:02] - |D| - [32768] - C:\Users\tolunq\AppData\Local\Windows Live
[19/05/2017 23:04:29] - |D| - [648363] - C:\Users\tolunq\AppData\Local\Windows Live Writer
[23/03/2020 13:06:00] - |D| - [25488185] - C:\Users\tolunq\AppData\Local\WinZip
[15/07/2017 19:23:24] - |D| - [874] - C:\Users\tolunq\AppData\Local\Wondershare
[03/08/2017 15:00:30] - |D| - [786550] - C:\Users\tolunq\AppData\Local\ZHP
[25/05/2017 09:55:00] - |D| - [2675006] - C:\Users\tolunq\AppData\LocalLow\Adobe
[15/03/2019 14:12:16] - |D| - [3528] - C:\Users\tolunq\AppData\LocalLow\Dashlane
[10/04/2020 09:43:04] - |D| - [0] - C:\Users\tolunq\AppData\LocalLow\IGDump
[28/05/2017 16:37:57] - |D| - [833] - C:\Users\tolunq\AppData\LocalLow\IObit
[18/05/2017 12:44:55] - |D| - [9835298] - C:\Users\tolunq\AppData\LocalLow\Microsoft
[18/05/2017 13:04:13] - |D| - [0] - C:\Users\tolunq\AppData\LocalLow\Mozilla
[01/11/2019 22:00:50] - |D| - [0] - C:\Users\tolunq\AppData\LocalLow\Netopsystems
[05/12/2018 14:52:04] - |D| - [0] - C:\Users\tolunq\AppData\Roaming\Acronis
[18/05/2017 12:21:21] - |D| - [121270798] - C:\Users\tolunq\AppData\Roaming\Adobe
[23/07/2017 18:42:34] - |D| - [257275562] - C:\Users\tolunq\AppData\Roaming\ashampoo
[18/05/2017 22:23:25] - |D| - [0] - C:\Users\tolunq\AppData\Roaming\ATI
[26/10/2018 11:01:44] - |D| - [54600] - C:\Users\tolunq\AppData\Roaming\Audacity
[29/01/2020 19:43:55] - |D| - [558435] - C:\Users\tolunq\AppData\Roaming\Bitwarden
[17/08/2017 21:11:44] - |D| - [7342885] - C:\Users\tolunq\AppData\Roaming\BSD Concept
[30/05/2019 21:30:09] - |D| - [0] - C:\Users\tolunq\AppData\Roaming\ByClick
[28/05/2017 14:15:39] - |D| - [102718590] - C:\Users\tolunq\AppData\Roaming\Canon
[18/02/2018 14:36:08] - |D| - [7453528] - C:\Users\tolunq\AppData\Roaming\Cavomatic Free
[28/03/2020 17:23:15] - |D| - [405] - C:\Users\tolunq\AppData\Roaming\DAEMON Tools Lite
[15/03/2019 14:11:48] - |D| - [1143783414] - C:\Users\tolunq\AppData\Roaming\Dashlane
[18/07/2019 20:52:54] - |D| - [386904] - C:\Users\tolunq\AppData\Roaming\Dropbox
[19/12/2017 19:29:56] - |D| - [203] - C:\Users\tolunq\AppData\Roaming\dvdcss
[06/11/2018 21:30:15] - |D| - [41660] - C:\Users\tolunq\AppData\Roaming\FileZilla
[25/08/2017 10:27:15] - |D| - [474] - C:\Users\tolunq\AppData\Roaming\fos_nacl_log
[17/08/2017 20:52:05] - |D| - [619] - C:\Users\tolunq\AppData\Roaming\Guitar Pro 6
[08/04/2020 11:58:31] - |D| - [4148] - C:\Users\tolunq\AppData\Roaming\HD Tune Pro
[18/05/2017 12:21:15] - |D| - [0] - C:\Users\tolunq\AppData\Roaming\Identities
[18/05/2017 12:40:03] - |D| - [0] - C:\Users\tolunq\AppData\Roaming\InstallShield
[18/05/2017 13:15:28] - |D| - [0] - C:\Users\tolunq\AppData\Roaming\Intel Corporation
[23/05/2017 22:37:04] - |D| - [4670] - C:\Users\tolunq\AppData\Roaming\KeePass
[12/10/2017 13:07:01] - |D| - [7295] - C:\Users\tolunq\AppData\Roaming\KlimaLoggPro
[04/06/2017 10:58:02] - |D| - [9161] - C:\Users\tolunq\AppData\Roaming\Logishrd
[04/06/2017 10:58:02] - |D| - [0] - C:\Users\tolunq\AppData\Roaming\Logitech
[30/11/2017 11:08:19] - |D| - [2199] - C:\Users\tolunq\AppData\Roaming\Macromedia
[22/12/2017 17:19:18] - |D| - [336] - C:\Users\tolunq\AppData\Roaming\MAGIX
[18/05/2017 12:21:04] - |D| - [0] - C:\Users\tolunq\AppData\Roaming\Media Center Programs
[18/05/2017 12:21:04] - |SD| - [98769297] - C:\Users\tolunq\AppData\Roaming\Microsoft
[26/05/2019 12:05:11] - |D| - [6733326] - C:\Users\tolunq\AppData\Roaming\Molotov
[18/05/2017 13:04:07] - |D| - [131106369] - C:\Users\tolunq\AppData\Roaming\Mozilla
[16/01/2020 23:10:37] - |D| - [60] - C:\Users\tolunq\AppData\Roaming\muvee Technologies
[26/08/2017 19:06:30] - |D| - [38315950] - C:\Users\tolunq\AppData\Roaming\myIPCLog
[16/08/2019 12:04:55] - |D| - [269915] - C:\Users\tolunq\AppData\Roaming\Nero
[28/05/2017 16:44:05] - |D| - [0] - C:\Users\tolunq\AppData\Roaming\Obsidium
[28/05/2017 16:38:03] - |D| - [27775] - C:\Users\tolunq\AppData\Roaming\ProductData
[19/05/2017 21:31:27] - |D| - [124047641] - C:\Users\tolunq\AppData\Roaming\Skype
[10/01/2018 14:39:06] - |D| - [653662] - C:\Users\tolunq\AppData\Roaming\SolidDocuments
[17/08/2017 20:54:44] - |D| - [0] - C:\Users\tolunq\AppData\Roaming\Sony
[26/03/2018 20:29:48] - |A| - [598] - C:\Users\tolunq\AppData\Roaming\TOLUNQ-PC.MTBF.txt
[24/08/2018 22:32:42] - |D| - [30091791] - C:\Users\tolunq\AppData\Roaming\TomTom
[20/09/2018 17:51:26] - |D| - [2133784] - C:\Users\tolunq\AppData\Roaming\USBSafelyRemove
[18/05/2017 13:10:58] - |D| - [126165] - C:\Users\tolunq\AppData\Roaming\vlc
[19/05/2017 23:04:29] - |D| - [295] - C:\Users\tolunq\AppData\Roaming\Windows Live Writer
[19/05/2017 20:33:08] - |D| - [12] - C:\Users\tolunq\AppData\Roaming\WinRAR
[20/08/2019 10:58:44] - |D| - [0] - C:\Users\tolunq\AppData\Roaming\Wondershare
[22/01/2019 19:57:07] - |D| - [16742] - C:\Users\tolunq\AppData\Roaming\WTablet
[30/05/2019 21:32:53] - |D| - [5265] - C:\Users\tolunq\AppData\Roaming\YouTubeByClick
[03/08/2017 15:00:30] - |D| - [3206962155] - C:\Users\tolunq\AppData\Roaming\ZHP
[18/05/2017 12:21:20] - |ASH| - [174] - C:\Users\tolunq\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
[18/05/2017 12:21:04] - |SHD| - [0] - C:\Users\tolunq\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
[18/05/2017 12:21:04] - |RD| - [33633] - C:\Users\tolunq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
[18/05/2017 12:21:04] - |RD| - [14666] - C:\Users\tolunq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[18/05/2017 12:21:20] - |RD| - [174] - C:\Users\tolunq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[15/03/2019 14:11:48] - |D| - [0] - C:\Users\tolunq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane
[15/03/2019 14:12:14] - |A| - [1747] - C:\Users\tolunq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane.lnk
[18/05/2017 12:21:20] - |ASH| - [338] - C:\Users\tolunq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
[17/08/2017 19:06:06] - |D| - [296] - C:\Users\tolunq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[18/05/2017 12:21:21] - |A| - [1456] - C:\Users\tolunq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[18/05/2017 12:21:04] - |RD| - [580] - C:\Users\tolunq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[30/01/2020 21:56:15] - |D| - [4134] - C:\Users\tolunq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
[19/05/2017 22:22:37] - |A| - [2206] - C:\Users\tolunq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
[26/05/2019 12:05:11] - |D| - [2240] - C:\Users\tolunq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Molotov
[15/03/2018 16:33:09] - |D| - [1117] - C:\Users\tolunq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry Trash Keys Finder
[28/03/2020 11:36:42] - |RD| - [174] - C:\Users\tolunq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[19/05/2017 20:32:55] - |D| - [4505] - C:\Users\tolunq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[28/03/2020 11:36:42] - |SH| - [174] - C:\Users\tolunq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

---------- | C:\ProgramData

[03/07/2017 10:32:35] - |D| - [13746758] - C:\ProgramData\Acronis
[16/12/2018 19:20:58] - |D| - [0] - C:\ProgramData\Acronis Mobile Backup Data
[18/05/2017 22:01:36] - |D| - [1770792636] - C:\ProgramData\Adobe
[25/09/2017 10:16:53] - |D| - [195] - C:\ProgramData\Alternate
[22/12/2019 20:11:17] - |D| - [2191] - C:\ProgramData\AMD
[26/03/2019 23:42:07] - |D| - [104] - C:\ProgramData\Aomei
[26/03/2019 23:31:57] - |D| - [1551] - C:\ProgramData\AomeiBR
[03/07/2017 10:33:46] - |D| - [5041152] - C:\ProgramData\Apple
[14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Application Data
[23/07/2017 18:40:02] - |D| - [0] - C:\ProgramData\Ashampoo
[18/05/2017 22:23:25] - |D| - [1265149] - C:\ProgramData\ATI
[18/05/2017 12:20:14] - |SHD| - [0] - C:\ProgramData\Bureau
[19/05/2017 21:02:34] - |HD| - [21337232] - C:\ProgramData\CanonBJ
[24/01/2018 14:56:52] - |HD| - [114] - C:\ProgramData\CanonIJEGV
[28/05/2017 14:15:45] - |HD| - [2197] - C:\ProgramData\CanonIJScan
[30/05/2019 21:31:21] - |D| - [15391448] - C:\ProgramData\Caphyon
[18/12/2017 19:16:03] - |D| - [15200185] - C:\ProgramData\Corel
[28/03/2020 17:23:15] - |D| - [1368] - C:\ProgramData\DAEMON Tools Lite
[24/09/2019 16:32:31] - |D| - [347] - C:\ProgramData\DeskShare
[14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Desktop
[14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Documents
[18/05/2017 22:00:14] - |D| - [3225478] - C:\ProgramData\Downloaded Installations
[23/03/2020 14:57:07] - |AH| - [0] - C:\ProgramData\DP45977C.lfl
[16/02/2020 20:28:11] - |D| - [2139506] - C:\ProgramData\DriversCloud.com
[18/07/2019 20:52:39] - |D| - [526400] - C:\ProgramData\Dropbox
[18/05/2017 12:20:14] - |SHD| - [0] - C:\ProgramData\Favoris
[14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Favorites
[18/02/2019 18:58:13] - |D| - [89452685] - C:\ProgramData\Garmin
[31/03/2020 18:48:37] - |D| - [0] - C:\ProgramData\GenesysLogic
[20/08/2019 10:56:58] - |D| - [80] - C:\ProgramData\GraphicsType
[17/08/2017 20:52:05] - |D| - [0] - C:\ProgramData\Guitar Pro 6
[09/12/2018 10:29:46] - |D| - [3352109] - C:\ProgramData\hps
[18/05/2017 12:36:37] - |D| - [6107938] - C:\ProgramData\Intel
[21/03/2018 18:43:55] - |D| - [2408] - C:\ProgramData\IObit
[16/03/2018 19:32:29] - |D| - [6484142480] - C:\ProgramData\Kaspersky Lab
[12/03/2018 18:45:05] - |D| - [2527729] - C:\ProgramData\Kaspersky Lab Setup Files
[18/05/2017 22:23:21] - |RASHD| - [1024] - C:\ProgramData\Key-Base
[12/10/2017 13:07:03] - |A| - [41943040] - C:\ProgramData\KlimaLoggServiceDataStore
[28/05/2017 13:40:11] - |A| - [3118] - C:\ProgramData\license.conf
[04/06/2017 11:00:03] - |D| - [255] - C:\ProgramData\LogiShrd
[04/06/2017 11:27:55] - |D| - [1200380] - C:\ProgramData\Logitech
[04/07/2017 19:10:14] - |D| - [83051] - C:\ProgramData\Macrium
[22/12/2017 17:19:18] - |D| - [268] - C:\ProgramData\MAGIX
[28/03/2020 12:04:58] - |D| - [95050318] - C:\ProgramData\Malwarebytes
[30/11/2017 11:08:21] - |D| - [418] - C:\ProgramData\McAfee
[18/05/2017 12:20:14] - |SHD| - [0] - C:\ProgramData\Menu Démarrer
[14/07/2009 05:20:08] - |SD| - [3831974406] - C:\ProgramData\Microsoft
[19/05/2017 20:53:34] - |D| - [59390] - C:\ProgramData\Microsoft Help
[19/05/2017 22:22:33] - |D| - [0] - C:\ProgramData\Microsoft OneDrive
[29/08/2019 18:12:53] - |D| - [2561] - C:\ProgramData\Microsoft Toolkit
[18/05/2017 12:20:14] - |SHD| - [0] - C:\ProgramData\Modèles
[05/02/2019 19:44:20] - |D| - [41302] - C:\ProgramData\Mozilla
[26/03/2018 19:28:53] - |D| - [902730029] - C:\ProgramData\MyDVD
[18/05/2017 22:15:21] - |A| - [262144] - C:\ProgramData\ntuser.dat
[18/05/2017 22:15:21] - |ASH| - [5120] - C:\ProgramData\ntuser.dat.LOG1
[18/05/2017 22:15:21] - |ASH| - [0] - C:\ProgramData\ntuser.dat.LOG2
[18/05/2017 22:15:21] - |ASH| - [65536] - C:\ProgramData\ntuser.dat{3949dfb8-3c03-11e7-8956-00030d000001}.TM.blf
[18/05/2017 22:15:21] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{3949dfb8-3c03-11e7-8956-00030d000001}.TMContainer00000000000000000001.regtrans-ms
[18/05/2017 22:15:21] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{3949dfb8-3c03-11e7-8956-00030d000001}.TMContainer00000000000000000002.regtrans-ms
[18/05/2017 22:15:38] - |ASH| - [65536] - C:\ProgramData\ntuser.dat{3949dfce-3c03-11e7-8956-00030d000001}.TM.blf
[18/05/2017 22:15:38] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{3949dfce-3c03-11e7-8956-00030d000001}.TMContainer00000000000000000001.regtrans-ms
[18/05/2017 22:15:38] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{3949dfce-3c03-11e7-8956-00030d000001}.TMContainer00000000000000000002.regtrans-ms
[18/05/2017 22:32:46] - |D| - [270498537] - C:\ProgramData\Package Cache
[18/12/2017 19:16:03] - |D| - [1524538] - C:\ProgramData\Pinnacle
[18/12/2017 19:13:40] - |D| - [85520309] - C:\ProgramData\Pinnacle Log Files
[22/12/2017 21:45:56] - |D| - [0] - C:\ProgramData\Pinnacle Studio Plus
[22/12/2017 21:46:27] - |D| - [204930] - C:\ProgramData\Pinnacle Studio Ultimate Collection
[19/12/2017 10:48:45] - |D| - [4512160202] - C:\ProgramData\PinnacleStudio21
[28/05/2017 16:37:54] - |D| - [1044] - C:\ProgramData\ProductData
[22/07/2017 21:25:58] - |D| - [0] - C:\ProgramData\ProductFeatures
[25/05/2017 09:50:45] - |D| - [3402] - C:\ProgramData\regid.1986-12.com.adobe
[03/08/2017 20:42:28] - |D| - [323104] - C:\ProgramData\RogueKiller
[15/05/2018 12:06:24] - |D| - [235070] - C:\ProgramData\Roxio
[18/12/2017 19:47:25] - |D| - [11936934] - C:\ProgramData\Roxio Log Files
[09/03/2018 14:23:34] - |D| - [0] - C:\ProgramData\s1rg
[27/02/2018 19:50:46] - |D| - [0] - C:\ProgramData\s2io
[27/02/2018 19:48:05] - |D| - [0] - C:\ProgramData\s2tg
[09/03/2018 14:14:28] - |D| - [0] - C:\ProgramData\s33c
[14/03/2018 10:04:27] - |D| - [0] - C:\ProgramData\s3jo
[09/03/2018 14:14:28] - |D| - [0] - C:\ProgramData\s3q4
[09/03/2018 14:23:34] - |D| - [0] - C:\ProgramData\s48c
[09/03/2018 14:25:12] - |D| - [0] - C:\ProgramData\s4c4
[09/03/2018 14:14:28] - |D| - [0] - C:\ProgramData\s528
[14/03/2018 10:03:14] - |D| - [0] - C:\ProgramData\s5ic
[27/02/2018 19:46:41] - |D| - [0] - C:\ProgramData\s63o
[14/03/2018 10:04:27] - |D| - [0] - C:\ProgramData\s65g
[27/02/2018 19:46:41] - |D| - [0] - C:\ProgramData\s65k
[27/02/2018 19:46:41] - |D| - [0] - C:\ProgramData\s670
[14/03/2018 10:03:14] - |D| - [0] - C:\ProgramData\s6cg
[27/02/2018 19:48:05] - |D| - [0] - C:\ProgramData\s6f4
[14/03/2018 10:07:29] - |D| - [0] - C:\ProgramData\s6ho
[14/03/2018 10:03:14] - |D| - [0] - C:\ProgramData\s6i0
[03/07/2017 10:43:36] - |D| - [134723754] - C:\ProgramData\Samsung
[17/08/2017 22:34:14] - |D| - [258] - C:\ProgramData\Scrabble2009
[19/05/2017 21:31:05] - |D| - [87052688] - C:\ProgramData\Skype
[14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Start Menu
[22/12/2017 21:45:56] - |D| - [5666491788] - C:\ProgramData\Studio 15
[02/02/2019 14:08:19] - |D| - [4176] - C:\ProgramData\SystemAcCrux
[29/12/2017 18:50:32] - |D| - [0] - C:\ProgramData\TEMP
[14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Templates
[09/12/2018 10:29:45] - |D| - [142154] - C:\ProgramData\tmp
[15/05/2018 12:26:32] - |D| - [6657478] - C:\ProgramData\Uninstall
[25/05/2017 17:18:56] - |D| - [0] - C:\ProgramData\UniqueId
[20/09/2018 17:50:27] - |D| - [2320779] - C:\ProgramData\USBSRService
[28/02/2020 13:05:25] - |D| - [567767] - C:\ProgramData\Vsk5Online
[17/08/2017 21:07:30] - |D| - [73] - C:\ProgramData\WinAncetre
[25/05/2017 17:18:26] - |D| - [8506] - C:\ProgramData\WinZip
[20/08/2019 10:56:32] - |D| - [72870127] - C:\ProgramData\Wondershare
[20/08/2019 10:56:49] - |D| - [53] - C:\ProgramData\Wondershare MediaServer
[03/06/2019 10:48:22] - |D| - [190435] - C:\ProgramData\YTD Video Downloader
[01/06/2019 23:18:47] - |D| - [190435] - C:\ProgramData\YTD Video Downloader-BackupByYTDPortable
[22/12/2017 23:47:34] - |A| - [1956] - C:\ProgramData\__wdump.txt
[23/03/2020 14:12:31] - |D| - [0] - C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}

---------- | C:\ProgramData\Microsoft\Windows\Start Menu

[14/07/2009 07:01:14] - |A| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
[14/07/2009 06:49:40] - |SH| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini
[18/05/2017 12:20:14] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
[14/07/2009 05:20:08] - |RD| - [402666] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs
[19/01/2020 23:25:51] - |A| - [2000] - C:\ProgramData\Microsoft\Windows\Start Menu\Tweak-XP Pro v4.lnk
[31/03/2020 09:53:18] - |A| - [1006] - C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk
[14/07/2009 06:49:40] - |A| - [1266] - C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk

---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs

[14/07/2009 05:20:08] - |RD| - [47063] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[16/12/2018 19:20:51] - |D| - [16955] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
[16/12/2018 19:20:51] - |A| - [1272] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image for Crucial.lnk
[23/07/2017 18:46:47] - |D| - [1950] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ Partition Recovery
[14/07/2009 07:32:38] - |RD| - [18416] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[26/06/2019 13:08:00] - |A| - [2104] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
[26/06/2019 13:08:00] - |A| - [2453] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
[26/06/2019 13:08:00] - |A| - [2265] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
[25/05/2017 09:49:36] - |A| - [1055] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
[26/03/2019 23:31:46] - |D| - [1835] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper
[18/05/2017 12:38:06] - |D| - [3804] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology
[18/05/2017 12:49:35] - |D| - [3282] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
[18/05/2017 22:33:29] - |D| - [2812] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistant de signalisation de problèmes AMD
[26/10/2018 11:01:40] - |A| - [555] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[23/05/2017 13:11:44] - |D| - [1453] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Axantum AxCrypt
[23/07/2017 21:41:21] - |D| - [7450] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
[29/01/2020 18:05:43] - |A| - [963] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitwarden.lnk
[12/07/2019 17:39:12] - |D| - [872] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BMI Flight Simulator
[19/05/2017 21:02:29] - |D| - [2831] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP560 series
[19/05/2017 21:02:48] - |D| - [3630] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP560 series Manual
[19/05/2017 21:03:09] - |D| - [12066] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[18/05/2017 21:56:00] - |D| - [10533] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[31/07/2017 13:36:11] - |D| - [6085] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codemasters
[30/01/2020 19:03:36] - |A| - [731] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike WaRzOnE.lnk
[12/01/2020 19:07:57] - |D| - [3652] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[19/05/2017 19:07:38] - |D| - [2524] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link
[14/07/2009 06:54:23] - |SH| - [1292] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
[16/02/2020 20:28:11] - |D| - [2846] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com
[04/04/2020 19:10:42] - |D| - [1168] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
[02/02/2019 14:08:16] - |D| - [2586] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 13.0
[06/07/2017 21:42:38] - |D| - [129] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup 10.5
[19/05/2017 21:03:39] - |D| - [4194] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enregistrement utilisateur de Canon MP560 series
[06/11/2018 21:30:13] - |D| - [1301] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[18/05/2017 13:04:02] - |A| - [951] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
[12/07/2019 17:38:19] - |D| - [942] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flying Model Simulator
[24/09/2019 22:59:37] - |D| - [5326] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FOSCAM
[16/08/2017 23:11:48] - |D| - [1123] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FoscamVMS
[14/07/2009 07:32:38] - |RD| - [5851] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[06/05/2019 21:00:30] - |D| - [1831] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
[23/03/2020 19:35:00] - |A| - [2273] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[20/11/2017 19:38:41] - |D| - [1341] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GretagMacbeth
[08/04/2020 11:58:24] - |D| - [6741] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro
[25/05/2017 16:30:47] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Human Anatomy Atlas
[18/05/2017 12:36:35] - |RD| - [5838] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[24/09/2019 16:32:28] - |A| - [1410] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IP Camera Viewer 4.lnk
[30/08/2018 17:27:59] - |D| - [1140] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPCWebComponents
[22/07/2017 14:58:23] - |D| - [50] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jihosoft File Recovery
[23/03/2020 19:55:48] - |D| - [6883] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager
[23/03/2020 19:54:52] - |D| - [6002] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
[23/03/2020 19:54:45] - |D| - [5357] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
[23/05/2017 22:36:24] - |A| - [1172] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
[12/10/2017 13:07:01] - |D| - [1249] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KlimaLogg Pro
[28/09/2017 12:30:50] - |D| - [1006] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kobo
[04/06/2017 10:59:26] - |D| - [3080] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[05/07/2017 11:53:39] - |D| - [2507] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium
[14/07/2009 05:20:08] - |RD| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
[08/04/2020 21:32:59] - |D| - [1595] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[18/05/2017 12:16:43] - |A| - [1345] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[24/12/2018 13:39:30] - |D| - [1183] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mephisto
[23/03/2020 15:16:09] - |D| - [1296] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[19/05/2017 20:55:04] - |D| - [32803] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[19/05/2017 21:30:53] - |D| - [2278] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[22/12/2017 21:46:15] - |D| - [18750] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 15
[23/12/2017 00:44:21] - |D| - [2261] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 16
[26/03/2018 19:28:02] - |D| - [12453] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 21
[03/08/2017 21:29:09] - |D| - [3446] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
[26/02/2018 20:59:17] - |D| - [3426] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[15/07/2017 19:36:55] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software
[28/03/2020 11:36:48] - |D| - [1423] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
[31/07/2017 12:58:17] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\sensible world of soccer
[14/07/2009 06:57:08] - |A| - [1330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[24/03/2020 18:01:10] - |D| - [1379] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[26/05/2019 21:28:47] - |D| - [1393] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sniper Elite V2 Remastered
[07/11/2019 13:50:05] - |D| - [2274] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[01/11/2017 23:15:56] - |D| - [939] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[14/07/2009 05:20:08] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[22/12/2017 22:29:11] - |D| - [5502] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Studio Plugins
[22/12/2017 23:46:53] - |D| - [3224] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SureThing Express Labeler
[22/01/2019 19:57:03] - |RD| - [11093] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablette Wacom
[25/08/2018 11:53:51] - |D| - [6941] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
[19/01/2020 23:25:51] - |D| - [7692] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweak-XP Pro 4
[09/12/2018 10:29:44] - |D| - [2933] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Univers photo Pixum
[20/09/2018 17:50:27] - |D| - [8099] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Safely Remove
[19/05/2017 20:45:19] - |D| - [1951] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB-set
[18/05/2017 13:10:51] - |D| - [5874] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[28/02/2020 13:04:24] - |D| - [1771] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vsk5Online
[01/08/2017 20:38:13] - |D| - [879] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
[14/07/2009 06:57:09] - |A| - [1352] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[18/05/2017 12:16:42] - |A| - [1326] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[14/07/2009 06:54:59] - |A| - [1210] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[21/05/2017 22:43:57] - |RD| - [2456] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[21/05/2017 22:43:54] - |A| - [1479] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[14/07/2009 06:57:06] - |A| - [1547] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[19/05/2017 20:32:55] - |D| - [4433] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[23/03/2020 13:06:03] - |D| - [1677] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[25/05/2017 17:18:24] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 21.0
[15/06/2019 09:49:28] - |A| - [1663] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip.lnk
[14/07/2009 06:57:08] - |A| - [1246] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk

---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

[14/07/2009 06:54:23] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

---------- | C:\Program Files (x86)

[03/07/2017 10:33:01] - |D| - [358722784] - C:\Program Files (x86)\Acronis
[18/05/2017 22:02:05] - |D| - [1778843467] - C:\Program Files (x86)\Adobe
[18/05/2017 12:38:04] - |D| - [2329930] - C:\Program Files (x86)\ASM104xUSB3
[18/05/2017 12:41:19] - |D| - [111477] - C:\Program Files (x86)\ASM106xSATA
[18/05/2017 21:55:06] - |D| - [93215258] - C:\Program Files (x86)\ATI Technologies
[03/07/2017 10:33:46] - |D| - [631134] - C:\Program Files (x86)\Bonjour
[19/05/2017 21:00:24] - |D| - [99714427] - C:\Program Files (x86)\Canon
[31/07/2017 13:11:47] - |D| - [184959358] - C:\Program Files (x86)\Codemasters
[14/07/2009 05:20:08] - |D| - [1696266436] - C:\Program Files (x86)\Common Files
[26/03/2018 19:28:15] - |D| - [13840938] - C:\Program Files (x86)\Corel
[19/05/2017 19:07:10] - |D| - [21867223] - C:\Program Files (x86)\D-Link
[15/03/2019 14:12:13] - |D| - [29264] - C:\Program Files (x86)\Dashlane
[24/09/2019 16:32:26] - |D| - [66416956] - C:\Program Files (x86)\Deskshare
[14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini
[18/07/2019 20:52:41] - |D| - [404319432] - C:\Program Files (x86)\Dropbox
[24/09/2019 22:59:36] - |D| - [24759198] - C:\Program Files (x86)\FOSCAM
[16/08/2017 23:11:42] - |D| - [150750164] - C:\Program Files (x86)\FoscamVMS
[18/02/2019 18:57:37] - |D| - [678969] - C:\Program Files (x86)\Garmin
[19/05/2017 22:32:53] - |D| - [547603980] - C:\Program Files (x86)\Google
[20/11/2017 19:38:31] - |D| - [85304740] - C:\Program Files (x86)\GretagMacbeth
[08/04/2020 11:58:24] - |D| - [4495580] - C:\Program Files (x86)\HD Tune Pro
[18/05/2017 12:35:13] - |HD| - [23730279] - C:\Program Files (x86)\InstallShield Installation Information
[18/05/2017 12:40:04] - |D| - [290333820] - C:\Program Files (x86)\Intel
[14/07/2009 05:20:08] - |D| - [10774154] - C:\Program Files (x86)\Internet Explorer
[24/08/2017 23:21:35] - |D| - [9676125] - C:\Program Files (x86)\IPCWebComponents
[23/03/2020 19:54:31] - |D| - [522328038] - C:\Program Files (x86)\Kaspersky Lab
[23/05/2017 22:36:23] - |D| - [7510935] - C:\Program Files (x86)\KeePass Password Safe 2
[12/10/2017 13:07:00] - |D| - [50882597] - C:\Program Files (x86)\KlimaLoggPro
[28/09/2017 12:20:48] - |D| - [89295832] - C:\Program Files (x86)\Kobo
[26/10/2018 11:49:19] - |D| - [1615213] - C:\Program Files (x86)\Lame For Audacity
[04/06/2017 11:27:55] - |D| - [113672] - C:\Program Files (x86)\Logitech
[22/12/2017 22:29:10] - |D| - [15667987] - C:\Program Files (x86)\LooksBuilderSE
[17/12/2017 21:53:27] - |D| - [257396942] - C:\Program Files (x86)\Microsoft
[19/05/2017 20:53:39] - |D| - [39848379] - C:\Program Files (x86)\Microsoft Analysis Services
[23/03/2020 15:16:08] - |D| - [9362570] - C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[19/05/2017 20:53:34] - |D| - [712798283] - C:\Program Files (x86)\Microsoft Office
[19/05/2017 22:22:37] - |D| - [26435280] - C:\Program Files (x86)\Microsoft OneDrive
[19/05/2017 21:30:20] - |D| - [42894550] - C:\Program Files (x86)\Microsoft Silverlight
[23/03/2020 17:01:20] - |D| - [11254757] - C:\Program Files (x86)\Microsoft XNA
[19/05/2017 20:54:53] - |D| - [8175999] - C:\Program Files (x86)\Microsoft.NET
[18/05/2017 13:04:02] - |D| - [624487] - C:\Program Files (x86)\Mozilla Maintenance Service
[14/07/2009 07:32:38] - |D| - [25757] - C:\Program Files (x86)\MSBuild
[24/12/2017 00:20:34] - |D| - [0] - C:\Program Files (x86)\MSXML 4.0
[27/12/2018 16:22:56] - |D| - [203719991] - C:\Program Files (x86)\MyDrive Connect
[08/08/2018 20:31:27] - |D| - [589536] - C:\Program Files (x86)\NewFolderEx
[30/12/2017 22:29:04] - |D| - [173555] - C:\Program Files (x86)\NirSoft
[23/03/2020 15:16:38] - |D| - [809496] - C:\Program Files (x86)\OpenAL
[22/12/2017 21:20:20] - |D| - [1432868290] - C:\Program Files (x86)\Pinnacle
[18/05/2017 12:35:13] - |D| - [3365625] - C:\Program Files (x86)\Realtek
[14/07/2009 07:32:38] - |D| - [39212289] - C:\Program Files (x86)\Reference Assemblies
[18/05/2017 22:00:39] - |D| - [860259] - C:\Program Files (x86)\Renesas Electronics
[07/11/2019 13:50:02] - |D| - [196638058] - C:\Program Files (x86)\Sony
[22/12/2017 23:46:53] - |D| - [13787653] - C:\Program Files (x86)\SureThing Express Labeler
[22/01/2019 19:56:06] - |D| - [19181897] - C:\Program Files (x86)\Tablet
[22/01/2019 19:57:03] - |D| - [772707] - C:\Program Files (x86)\TabletPlugins
[18/05/2017 12:35:11] - |HD| - [0] - C:\Program Files (x86)\Temp
[25/08/2018 11:53:43] - |D| - [52874870] - C:\Program Files (x86)\TomTom HOME 2
[25/08/2018 11:53:47] - |D| - [22486] - C:\Program Files (x86)\TomTom International B.V
[19/01/2020 23:25:49] - |D| - [5137491] - C:\Program Files (x86)\Tweak-XP Pro 4
[14/07/2009 06:57:06] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information
[20/09/2018 17:50:26] - |D| - [23813331] - C:\Program Files (x86)\USB Safely Remove
[19/05/2017 20:45:19] - |D| - [1275773] - C:\Program Files (x86)\USB-set
[26/01/2018 20:35:18] - |D| - [0] - C:\Program Files (x86)\Western Digital Corporation
[14/07/2009 07:32:38] - |D| - [524800] - C:\Program Files (x86)\Windows Defender
[19/05/2017 22:00:00] - |D| - [68567910] - C:\Program Files (x86)\Windows Live
[14/07/2009 05:20:08] - |D| - [6181376] - C:\Program Files (x86)\Windows Mail
[14/07/2009 07:32:38] - |D| - [5024017] - C:\Program Files (x86)\Windows Media Player
[14/07/2009 05:20:08] - |D| - [12197556] - C:\Program Files (x86)\Windows NT
[14/07/2009 07:32:38] - |D| - [4417800] - C:\Program Files (x86)\Windows Photo Viewer
[14/07/2009 07:32:38] - |D| - [189952] - C:\Program Files (x86)\Windows Portable Devices
[14/07/2009 07:32:38] - |D| - [5994626] - C:\Program Files (x86)\Windows Sidebar
[01/11/2017 19:05:23] - |D| - [1697141] - C:\Program Files (x86)\WindowsPowerShell
[20/08/2019 10:58:51] - |D| - [0] - C:\Program Files (x86)\WondershareUpdate
[20/11/2017 20:04:20] - |D| - [863974] - C:\Program Files (x86)\X-Rite

---------- | C:\Program Files

[25/05/2017 09:49:05] - |D| - [1849358557] - C:\Program Files\Adobe
[18/05/2017 22:32:02] - |D| - [183633711] - C:\Program Files\AMD
[18/05/2017 12:49:35] - |D| - [1413426] - C:\Program Files\ASRock Utility
[18/05/2017 21:54:55] - |D| - [37023] - C:\Program Files\ATI
[18/05/2017 21:54:00] - |D| - [28] - C:\Program Files\ATI Technologies
[23/05/2017 13:11:44] - |D| - [2789035] - C:\Program Files\Axantum
[03/07/2017 10:33:46] - |D| - [613967] - C:\Program Files\Bonjour
[18/05/2017 12:42:25] - |D| - [534162] - C:\Program Files\Broadcom
[19/05/2017 21:03:08] - |D| - [5186468] - C:\Program Files\Canon
[19/05/2017 21:01:52] - |HD| - [16252041] - C:\Program Files\CanonBJ
[14/07/2009 05:20:08] - |D| - [836233757] - C:\Program Files\Common Files
[15/05/2018 12:26:38] - |D| - [73427453] - C:\Program Files\Corel
[12/01/2020 19:07:57] - |D| - [14735870] - C:\Program Files\CrystalDiskInfo
[14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files\desktop.ini
[18/02/2019 18:57:38] - |D| - [707464] - C:\Program Files\DIFX
[16/02/2020 20:28:11] - |D| - [20038891] - C:\Program Files\DriversCloud.com
[14/07/2009 07:32:38] - |D| - [90256404] - C:\Program Files\DVD Maker
[18/05/2017 12:20:14] - |SHD| - [0] - C:\Program Files\Fichiers communs
[18/05/2017 12:36:33] - |D| - [46901796] - C:\Program Files\Intel
[14/07/2009 05:20:08] - |D| - [30947701] - C:\Program Files\Internet Explorer
[04/06/2017 11:27:54] - |D| - [54719406] - C:\Program Files\Logitech
[04/06/2017 10:59:14] - |D| - [280752061] - C:\Program Files\Logitech Gaming Software
[02/08/2017 09:23:04] - |D| - [72098220] - C:\Program Files\Macrium
[24/09/2017 18:27:19] - |D| - [3668163] - C:\Program Files\Malwarebytes
[19/05/2017 20:53:47] - |D| - [6722569] - C:\Program Files\Microsoft Office
[19/01/2020 22:18:10] - |D| - [8972640] - C:\Program Files\Microsoft Office 15
[15/03/2019 18:34:14] - |D| - [55728894] - C:\Program Files\Microsoft Silverlight
[15/05/2016 22:35:41] - |D| - [23935] - C:\Program Files\Microsoft.NET
[05/04/2020 09:18:19] - |D| - [203265369] - C:\Program Files\Mozilla Firefox
[14/07/2009 07:32:38] - |D| - [25757] - C:\Program Files\MSBuild
[26/03/2018 19:27:25] - |D| - [2394885871] - C:\Program Files\Pinnacle
[15/05/2018 12:06:24] - |D| - [141438849] - C:\Program Files\Pinnacle Studio 21
[18/05/2017 12:35:22] - |D| - [60268112] - C:\Program Files\Realtek
[14/07/2017 14:17:49] - |D| - [10929473] - C:\Program Files\Recuva
[14/07/2009 07:32:38] - |D| - [36875433] - C:\Program Files\Reference Assemblies
[24/07/2017 13:13:45] - |D| - [38253024] - C:\Program Files\SAMSUNG
[07/11/2019 13:50:07] - |D| - [2548675] - C:\Program Files\Sony
[01/11/2017 23:15:55] - |D| - [15516312] - C:\Program Files\Speccy
[24/08/2018 11:36:31] - |D| - [0] - C:\Program Files\tomtom home2
[14/07/2009 07:09:26] - |HD| - [0] - C:\Program Files\Uninstall Information
[18/05/2017 13:10:50] - |D| - [176869892] - C:\Program Files\VideoLAN
[26/02/2018 20:59:17] - |D| - [20286475] - C:\Program Files\VS Revo Group
[31/03/2020 09:53:16] - |D| - [33851360] - C:\Program Files\VueScan
[01/08/2017 20:38:12] - |D| - [13365442] - C:\Program Files\WhoCrashed
[14/07/2009 07:32:38] - |D| - [4039680] - C:\Program Files\Windows Defender
[21/05/2017 22:43:48] - |D| - [52928] - C:\Program Files\Windows Live
[14/07/2009 05:20:08] - |D| - [6667776] - C:\Program Files\Windows Mail
[14/07/2009 07:32:38] - |D| - [7687085] - C:\Program Files\Windows Media Player
[14/07/2009 05:20:08] - |D| - [12627636] - C:\Program Files\Windows NT
[14/07/2009 07:32:38] - |D| - [5516056] - C:\Program Files\Windows Photo Viewer
[14/07/2009 07:32:38] - |D| - [244736] - C:\Program Files\Windows Portable Devices
[14/07/2009 07:32:38] - |D| - [7044767] - C:\Program Files\Windows Sidebar
[01/11/2017 19:05:25] - |D| - [1697141] - C:\Program Files\WindowsPowerShell
[19/05/2017 20:32:45] - |D| - [8595936] - C:\Program Files\WinRAR

---------- | C:\Program Files (x86)\Common Files

[05/12/2018 14:49:34] - |D| - [305472224] - C:\Program Files (x86)\Common Files\Acronis
[18/05/2017 22:02:05] - |D| - [902413458] - C:\Program Files (x86)\Common Files\Adobe
[18/05/2017 21:56:03] - |D| - [97032] - C:\Program Files (x86)\Common Files\ATI Technologies
[19/05/2017 21:22:17] - |D| - [99992] - C:\Program Files (x86)\Common Files\DESIGNER
[18/05/2017 12:35:09] - |D| - [7185670] - C:\Program Files (x86)\Common Files\InstallShield
[15/03/2018 16:15:38] - |D| - [106830197] - C:\Program Files (x86)\Common Files\Intel
[14/07/2017 11:52:56] - |D| - [193969] - C:\Program Files (x86)\Common Files\Intel Corporation
[21/03/2018 18:44:44] - |D| - [100] - C:\Program Files (x86)\Common Files\IObit
[23/03/2020 19:54:31] - |D| - [1948657] - C:\Program Files (x86)\Common Files\Kaspersky Lab
[24/05/2017 22:56:13] - |D| - [1121746] - C:\Program Files (x86)\Common Files\logishrd
[28/03/2020 18:34:34] - |D| - [44015] - C:\Program Files (x86)\Common Files\Microsoft Games
[14/07/2009 05:20:08] - |D| - [220498901] - C:\Program Files (x86)\Common Files\microsoft shared
[22/12/2017 21:45:56] - |D| - [401408] - C:\Program Files (x86)\Common Files\Pegasus Imaging
[22/12/2017 22:06:46] - |D| - [1461434] - C:\Program Files (x86)\Common Files\Pinnacle
[18/05/2017 12:50:03] - |D| - [193596] - C:\Program Files (x86)\Common Files\postureAgent
[14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services
[14/07/2009 05:20:08] - |D| - [41103783] - C:\Program Files (x86)\Common Files\SpeechEngines
[22/12/2017 23:46:53] - |D| - [249856] - C:\Program Files (x86)\Common Files\SureThing Shared
[14/07/2009 05:20:08] - |D| - [10867187] - C:\Program Files (x86)\Common Files\System
[23/12/2017 01:08:03] - |D| - [2276788] - C:\Program Files (x86)\Common Files\TerraTec
[19/05/2017 21:59:01] - |D| - [93486874] - C:\Program Files (x86)\Common Files\Windows Live
[22/12/2017 21:45:56] - |D| - [316847] - C:\Program Files (x86)\Common Files\Yahoo!

---------- | C:\Program Files\Common files

[25/05/2017 09:49:06] - |D| - [108737748] - C:\Program Files\Common files\Adobe
[18/05/2017 21:55:40] - |D| - [6054584] - C:\Program Files\Common files\ATI Technologies
[18/05/2017 22:16:26] - |D| - [3088190] - C:\Program Files\Common files\AV
[19/05/2017 21:03:37] - |D| - [560] - C:\Program Files\Common files\CANON
[10/03/2019 19:28:10] - |HD| - [1012139] - C:\Program Files\Common files\EAInstaller
[24/05/2017 22:56:13] - |D| - [1338010] - C:\Program Files\Common files\logishrd
[14/07/2009 05:20:08] - |D| - [703200861] - C:\Program Files\Common files\Microsoft Shared
[14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files\Common files\Services
[14/07/2009 05:20:08] - |D| - [608768] - C:\Program Files\Common files\SpeechEngines
[14/07/2009 05:20:08] - |D| - [12190195] - C:\Program Files\Common files\System

---------- | Tasks

[MD5.5F1771D24EB34FC0611F97BC7EC1AD91] - [18/07/2019 20:52:42] - |A| - [1182] - C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
[MD5.AF4812F68D9DDBA77E5F643D96726D00] - [18/07/2019 20:52:42] - |A| - [1186] - C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
[MD5.00000000000000000000000000000000] - [28/05/2017 16:38:28] - |D| - [0] - C:\Windows\Tasks\ImCleanDisabled
[MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [14/07/2009 07:08:49] - |AH| - [6] - C:\Windows\Tasks\SA.DAT
[MD5.82CC77D7962696C5E6902637402FD0A8] - [14/07/2009 07:08:49] - |A| - [32496] - C:\Windows\Tasks\SCHEDLGU.TXT
[MD5.5F5A8363DD62CF9B3978C8A882427801] - [15/08/2017 18:57:35] - |A| - [4476] - C:\Windows\System32\Tasks\Adobe Acrobat Update Task         :   C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[MD5.CE22ED4FA43177915FD6D308C485BA7A] - [23/03/2020 17:02:21] - |A| - [4454] - C:\Windows\System32\Tasks\Adobe Flash Player Updater         :   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.D834EDAEC022639CD64142BD07929800] - [25/05/2017 09:50:45] - |A| - [3506] - C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-tolunq-PC-tolunq         :   C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
[MD5.511E57C4FC857F579FC69B33573F7F7A] - [03/10/2019 18:24:25] - |A| - [3446] - C:\Windows\System32\Tasks\AdobeGCInvoker-1.0         :   C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
[MD5.DDDA009809BFC0E04538245F7BDCEA6D] - [18/05/2017 22:33:29] - |A| - [4238] - C:\Windows\System32\Tasks\AMD Updater         :   "C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe"
[MD5.E14A6598292BD1426863CE384133659B] - [26/03/2018 19:28:16] - |A| - [3320] - C:\Windows\System32\Tasks\CorelUpdateHelperTaskCore         :   C:\Program Files (x86)\Corel\CUH\v2\CUH.exe
[MD5.88A38B8BB8A4B4EA7DDB371D38CF2FBF] - [18/07/2019 20:52:42] - |A| - [3930] - C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore         :   C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
[MD5.807EAA85596F1258B624D3061CF1A080] - [18/07/2019 20:52:42] - |A| - [4182] - C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA         :   C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
[MD5.34FAC35A0BFF13B1572C4BE248E03A4A] - [17/08/2019 12:16:26] - |A| - [3730] - C:\Windows\System32\Tasks\EOSv3 Scheduler onLogOn         :   G:\telechargement au 29 09 17\esetonlinescanner_fra.exe
[MD5.E13ABDD2AF1CE6FDEA74CB8C3A067F7B] - [17/08/2019 12:16:26] - |A| - [3290] - C:\Windows\System32\Tasks\EOSv3 Scheduler onTime         :   G:\telechargement au 29 09 17\esetonlinescanner_fra.exe
[MD5.274FCE51CEE9DABEFB99BD2885EE13EB] - [18/02/2019 18:57:33] - |A| - [3530] - C:\Windows\System32\Tasks\GarminUpdaterTask         :   I:\garmin\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
[MD5.1935A41FEE5B313CFE1ACCC145FAC4CA] - [19/05/2017 22:32:57] - |A| - [3376] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore         :   C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.B18A3C62179C078E9F23DCC03C953092] - [19/05/2017 22:32:57] - |A| - [3504] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA         :   C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.765642F975FD5F739FBF24D58B5CFDCC] - [18/05/2017 12:50:53] - |A| - [3494] - C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d         :   C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
[MD5.9A865C07CF92081F1A2A766661354667] - [18/05/2017 12:50:53] - |A| - [3190] - C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon         :   C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
[MD5.00000000000000000000000000000000] - [29/12/2017 12:34:17] - |D| - [3650] - C:\Windows\System32\Tasks\MEGA
[MD5.00000000000000000000000000000000] - [14/07/2009 05:20:13] - |D| - [309732] - C:\Windows\System32\Tasks\Microsoft
[MD5.00000000000000000000000000000000] - [19/05/2017 20:54:22] - |D| - [4392] - C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
[MD5.426CE9BDC623054F31D54A4E795F5FC1] - [26/07/2017 23:59:35] - |A| - [3178] - C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2440877392-4245707990-3840087772-1000         :   %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
[MD5.16E8CE4B6D4AAEFA13753F525DD2863A] - [05/04/2020 15:35:36] - |A| - [3028] - C:\Windows\System32\Tasks\Patch WU ESU         :   %SystemRoot%\WuEsu\PatchWU.cmd
[MD5.00000000000000000000000000000000] - [02/07/2017 21:33:04] - |D| - [0] - C:\Windows\System32\Tasks\Safer-Networking
[MD5.5E61174C66E6F0B44FCFDA9BC5AB906D] - [10/01/2020 22:15:09] - |A| - [3196] - C:\Windows\System32\Tasks\SamsungMagician         :   "f:\Samsung\Samsung Magician\SamsungMagician.exe"
[MD5.00000000000000000000000000000000] - [14/07/2009 07:09:57] - |D| - [4482] - C:\Windows\System32\Tasks\WPD
[MD5.8A7387128867C254340E39866CB016D7] - [18/03/2018 20:27:32] - |A| - [3178] - C:\Windows\System32\Tasks\{AB5A0C61-4553-4280-9400-3DA68DB8D1B2}         :   C:\Windows\system32\pcalua.exe
[MD5.0D010153E0348BE11570686633BD6520] - [22/12/2019 11:12:19] - |A| - [3042] - C:\Windows\System32\Tasks\{EC93F6F6-B5BC-485A-AB95-B709870C5E14}         :   C:\Windows\system32\pcalua.exe
[MD5.00000000000000000000000000000000] - [14/07/2009 05:20:14] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft

---------- | Firewall

[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules]
"Netlogon-NamedPipe-In"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010|
"{6DFA971F-38C1-4FBE-B290-6749AF5EDD10}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002|
"{399646D4-A7EF-495A-ABCE-73EF0ACBC76D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe|Name=Windows Live Communications Platform|Edge=TRUE|
"{D3B84CCC-1D07-469A-8DB3-B8A696D7AC95}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (UPnP)|
"{D2C7096D-E8B0-4CEE-8119-B9CDB4A987E8}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (SSDP)|
"TCP Query User{58B9843C-34D3-4EDE-94FE-1367F70CC23F}C:\program files\logitech gaming software\lcore.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\logitech gaming software\lcore.exe|Name=Logitech Gaming Framework|Desc=Logitech Gaming Framework|Defer=User|
"UDP Query User{BE46BDCC-64B6-4C0E-9E15-88A8AEA704F7}C:\program files\logitech gaming software\lcore.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\logitech gaming software\lcore.exe|Name=Logitech Gaming Framework|Desc=Logitech Gaming Framework|Defer=User|
"TCP Query User{E6A4F61A-84B5-40B5-A6AD-618DC8201729}C:\program files\logitech gaming software\lcore.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\logitech gaming software\lcore.exe|Name=Logitech Gaming Framework|Desc=Logitech Gaming Framework|Defer=User|
"UDP Query User{D8819F9F-84F6-4BCE-8E07-50DCE53BC5C4}C:\program files\logitech gaming software\lcore.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\logitech gaming software\lcore.exe|Name=Logitech Gaming Framework|Desc=Logitech Gaming Framework|Defer=User|
"{5D295AF7-204E-4869-BA74-10BF87C40A4B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{0A432754-2C24-4ADC-A06A-BC42107A68D0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{FC54AC9D-F002-4CB5-AA3E-3ECADBD74CCA}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{BAAD6662-39C5-488D-920B-273EA6DD4960}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"TCP Query User{DEA5E8AA-2AF4-4BEC-BBB1-FB7755E6A73A}C:\program files (x86)\foscamvms\apache2.4\bin\httpd.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\foscamvms\apache2.4\bin\httpd.exe|Name=Apache HTTP Server|Desc=Apache HTTP Server|Defer=User|
"UDP Query User{7172B8F4-3800-44BC-9C48-092EFC0BFCD2}C:\program files (x86)\foscamvms\apache2.4\bin\httpd.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\foscamvms\apache2.4\bin\httpd.exe|Name=Apache HTTP Server|Desc=Apache HTTP Server|Defer=User|
"{C13DFF97-CCDF-4305-AA5B-BB0BA5261B58}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=E:0\NeroPortable\App\Nero\Nero Burning ROM\nero.exe|Name=Nero Burning ROM Portable|
"{CDFB5F94-84A1-4158-910E-DDFD57913B93}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=E:0\NeroPortable\App\Nero\Nero Burning ROM\nero.exe|Name=Nero Burning ROM Portable|
"{CE825EE6-391F-46FD-98D3-3D1F2135902E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe|Name=Render Manager|
"{70049689-37E5-4DD6-BD9E-386333AE2E76}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe|Name=Render Manager|
"{CFBF8C3D-600F-4EA8-81B8-BE1EA2151068}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe|Name=Studio|
"{DA3A7A92-024B-4204-A201-DBE79FF88BE7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe|Name=Studio|
"{B8BBB486-3820-4AF1-A98F-4E56EA88FDC3}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe|Name=umi|
"{91306A8B-772E-46AE-9D4C-9B16A5464B3E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe|Name=umi|
"TCP Query User{B031DD3C-3782-411A-A29D-DCB14A480719}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe|Name=Visual Basic Command Line Compiler|Desc=Visual Basic Command Line Compiler|Defer=User|
"UDP Query User{C6622B3A-9CF6-48A7-A0AB-829C25AF0951}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe|Name=Visual Basic Command Line Compiler|Desc=Visual Basic Command Line Compiler|Defer=User|
"{572E0ABE-318D-4F09-84CB-E619A82784B7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Pinnacle\Studio 21\programs\RM.exe|Name=Render Manager|
"{F7CC6A3B-812E-42A4-B853-7BDF466CCD33}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Pinnacle\Studio 21\programs\RM.exe|Name=Render Manager|
"{1328852E-EFAE-4402-8885-0AAA77AE9FC5}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Pinnacle\Studio 21\programs\NGStudio.exe|Name=NGStudio|
"{D1432A1B-8FAB-4719-8F9E-1CAB0F2F500D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Pinnacle\Studio 21\programs\NGStudio.exe|Name=NGStudio|
"{3517D269-6768-440B-BEC0-AB02AFFCBF48}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Pinnacle\Studio 21\programs\UMI.exe|Name=umi|
"{BC13D7F2-4EE7-4A2B-9BCB-F16CAB94C5E6}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Pinnacle\Studio 21\programs\UMI.exe|Name=umi|
"{F5EA6CC3-C240-44F6-A6B6-08020EBA0323}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=I:\NeroPortable\App\Nero\Nero Burning ROM\nero.exe|Name=Nero Burning ROM Portable|
"{6BE7CCFD-115E-4099-9F9F-DE4BC39FE66E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=I:\NeroPortable\App\Nero\Nero Burning ROM\nero.exe|Name=Nero Burning ROM Portable|
"{C0784496-3EA4-4584-A0BB-6C006C43D41C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe|Name=Acronis True Image OEM|Desc=Acronis True Image OEM|
"{A9689E1E-D1B6-48C4-BA5C-3982C5FE23F7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe|Name=TrueImageMonitor.exe|Desc=TrueImageMonitor.exe|
"{71840E44-0216-47F6-8B62-B970A7B807E4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe|Name=TrueImageTools.exe|Desc=TrueImageTools.exe|
"{504F2503-C876-4DC7-B577-CD0696925AB5}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe|Name=TrueImageHomeService.exe|Desc=TrueImageHomeService.exe|
"{E1F10255-805F-4089-BA1D-467FC3219638}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe|Name=Acronis Media Builder|Desc=Acronis Media Builder|
"{6733BF1C-190D-41EB-B73A-BF745E8C6E64}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe|Name=Acronis System Report|Desc=Acronis System Report|
"{E06382DC-1FF9-4CF8-ADE8-37DF31978F45}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe|Name=Serveur de sauvegarde mobile Acronis|Desc=Serveur de sauvegarde mobile Acronis|
"{3957904A-4C1E-4005-8380-365AE05C10A4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe|Name=Serveur de statut de sauvegarde mobile Acronis|Desc=Serveur de statut de sauvegarde mobile Acronis|
"{F46FC14E-591F-429A-95A6-6594CBF1BBE0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe|Name=ga_service.exe|Desc=ga_service.exe|
"{E826F5D5-796D-4E3D-8544-FDC319906D51}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Profile=Private|App=C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe|Name=TomTom MyDrive Connect|
"{7FF595E6-55DB-4508-AB1A-33B8894A7042}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=I:\AOMEI Backupper\ABService.exe|Name=AOMEI BACKUPPER SERVICE|
"{CAC39911-1CC0-44CC-A3E5-1B4AD747343B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=I:\AOMEI Backupper\ABService.exe|Name=AOMEI BACKUPPER SERVICE|
"{9BF0B8B3-63C1-4F5B-9E0A-F1627EA526B4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=I:\AOMEI Backupper\ABService.exe|Name=AOMEI BACKUPPER SERVICE|
"{27509590-7855-4CCF-8F68-C274E3F85171}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=I:\AOMEI Backupper\ABService.exe|Name=AOMEI BACKUPPER SERVICE|
"{63CB9707-0154-4BB8-816B-537C82D88C7A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Deskshare\IP Camera Viewer 4\IP Camera Viewer.exe|Name=IP Camera Viewer|
"{4B113F14-9CD0-475C-9A9A-92330E46B4A9}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Deskshare\IP Camera Viewer 4\IP Camera Viewer.exe|Name=IP Camera Viewer|
"{0158BC93-7FF2-4E4C-9CB7-406D1F0830DA}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe|Name=Xperia Companion|Edge=TRUE|
"{116C0505-B848-4B03-A466-625B8501AA6C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=F:\Games\Counter-Strike WaRzOnE\hl.exe|Name=Half-Life|
"{7B624D40-171D-4AD5-B322-D7A49100821B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=F:\Games\Counter-Strike WaRzOnE\hl.exe|Name=Half-Life|
"{31C4051F-31D6-4CDC-A522-6764FC190EF2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\DriversCloud.exe|Name=DriversCloud|
"{BCF8B634-BA30-44E1-9B8E-5F8CF6E44789}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\DriversCloud.exe|Name=DriversCloud|
"{F092D631-7ED7-4E55-B718-7E5F2E56BC75}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\VueScan\vuescan.exe|Name=VueScan (mDNS-In)|Desc=Inbound rule for VueScan to allow searching network for scanners using mDNS.|
"{7B02FE28-27FE-4772-B501-54DB4D14D616}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=8612|App=C:\Program Files\VueScan\vuescan.exe|Name=VueScan (canon-bjnp2-In)|Desc=Inbound rule for VueScan to allow searching network for legacy Canon scanners.|
"{70729F3E-02AE-4D66-8A3A-8B1CDAC10E25}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe|Name=Dropbox|
"{50A758F1-018B-4C86-BB8B-144600E05591}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome|





---------- | Control\Class

[HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (amdkmdap) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3F966BD9-FA04-4EC5-991C-D326973B5128}] : (AndroidUsbDeviceClass) [] -> @oem23.inf,%ClassName%;SAMSUNG Android Phone
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}] : (IPMIDRV) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] : (Display) [] -> @DispCI.dll,-3100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) [] -> @mmci.dll,-3000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}] : (Monitor) [] -> @Montr_CI.dll,-3100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}] : (MTD) [] -> @SysClass.Dll,-3021
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}] : (Net) [] -> @NetCfgx.dll,-1502
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}] : (NetClient) [] -> @NetCfgx.dll,-1504
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}] : (NetService) [] -> @NetCfgx.dll,-1505
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}] : (NetTrans) [] -> @NetCfgx.dll,-1503
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) [] -> @StorProp.dll,-17002
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175D334-C371-4806-B3BA-71FD53C9258D}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53D29EF7-377C-4D14-864B-EB3A85769359}] : (BiometricDevice) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) [] -> @NetCfgx.dll,-1501
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (amdkmdap) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) [] -> @%SystemRoot%\system32\batt.dll,-100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) [] -> @hid.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8496E87E-C0A1-4102-9D8D-BD9A9B8B07A9}] : (WDC_SAM) [] -> @oem19.inf,%WDC_SAM_ClassName%;WD Drive Management devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{990A2BD7-E738-46C7-B26F-1CF8FB9F1391}] : (SmartCard) [] -> @sccls.dll,-300
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}] : (SideShow) [] -> @%systemroot%\system32\AuxiliaryDisplayClassInstaller.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{9D3039DD-CCA5-4B4D-B33D-E2DDC8A8C52E}] : (dtsoftbus01) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}] : (Transfer Cable) [] -> @%SystemRoot%\System32\migwiz\migres.dll,-20
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{D0142122-F525-4E76-86B3-E8AFD91364F2}] : () [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}] : (XnaComposite) [] -> @%SystemRoot%\system32\XInput9_1_0.dll,-1000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{D76B962B-F0B8-41F2-8590-6605FE4EA312}] : (Bluetooth) [] -> @oem27.inf,%btnetBusClassName%;Bluetooth Device
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{DB4F6DDD-9C0E-45E4-9597-78DBBAD0F412}] : (SmartCardFilter) [] -> @sccls.dll,-301
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{E004269C-D387-4461-B955-25A64CFE23CE}] : (amdkmdag) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}] : (WPD) [] -> @wpd_ci.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{F12D3CF8-B11D-457E-8641-BE2AF2D6D204}] : (Bluetooth) [] -> @oem22.inf,%BTUSBClassName%;Bluetooth USB
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.)

---------- | Loaded modules (whitelist)

[18/03/2019 12:13:42] - (30.0.3790.0) - (AO Kaspersky Lab - Updatable component loader [fre_win7_x64]) - C:\Windows\system32\DRIVERS\kl1.sys
[16/02/2019 06:57:30] - (30.0.3419.1) - (AO Kaspersky Lab - Cryptographic Module Driver x86 (56 bit)) - C:\Windows\system32\DRIVERS\cm_km.sys
[09/02/2020 08:02:24] - (30.255.110.0) - (AO Kaspersky Lab - Backup Disk Filter [fre_win7_amd64]) - C:\Windows\system32\DRIVERS\klbackupdisk.sys
[21/09/2011 17:56:24] - (1.3.1.0) - (Asmedia Technology - Asmedia 106x SATA Host Controller Driver) - C:\Windows\system32\DRIVERS\asahci64.sys
[16/12/2018 19:20:57] - (1.1.0.2420) - (Acronis International GmbH - File tracker minifilter driver) - C:\Windows\system32\DRIVERS\file_tracker.sys
[05/12/2018 14:49:39] - (1.3.0.2299) - (Acronis International GmbH - Acronis Storage Filter Management Driver) - C:\Windows\system32\DRIVERS\fltsrv.sys
[05/12/2018 14:49:39] - (1.0.0.1192) - (Acronis International GmbH - Acronis Backup Archive Explorer) - C:\Windows\system32\DRIVERS\tib.sys
[19/03/2018 11:21:45] - (15.0.27.10) - (Avira Operations GmbH & Co. KG - Avira USB Filter Driver) - C:\Windows\System32\Drivers\avusbflt.sys
[16/12/2018 19:20:56] - (1.1.0.2279) - (Acronis International GmbH - Acronis Volume Tracker Driver) - C:\Windows\system32\DRIVERS\volume_tracker.sys
[16/12/2018 19:20:52] - (4.7.0.2558) - (Acronis International GmbH - Acronis Snapshot API) - C:\Windows\system32\DRIVERS\snapman.sys
[06/07/2017 21:42:38] - (0.0.0.0) - ( -) - C:\Windows\system32\drivers\EUBKMON.sys
[06/07/2017 21:42:39] - (1.0.1.0) - (CHENGDU YIWO Tech Development Co., Ltd - Disk Backup Driver) - C:\Windows\system32\drivers\eubakup.sys
[02/02/2019 14:08:08] - (6.0.6001.18000) - (Windows (R) Codename Longhorn DDK provider - Disk Performance Driver) - C:\Windows\System32\drivers\EPMVolFlt.sys
[26/08/2009 11:16:44] - (6.2.55.159) - (IVT Corporation. - Bluetooth HID BUS Driver) - C:\Windows\System32\Drivers\BtHidBus.sys
[09/03/2018 14:58:17] - (15.0.27.10) - (Avira Operations GmbH & Co. KG - Avira USB Feature Driver) - C:\Windows\system32\DRIVERS\avdevprot.sys
[23/03/2020 15:42:40] - (3.1.8.0) - (Asmedia Technology - Asmedia 106x SATA Host Controller Driver) - C:\Windows\system32\DRIVERS\asstor64.sys
[26/03/2019 23:31:35] - (0.0.0.0) - ( -) - C:\Windows\system32\ambakdrv.sys
[17/07/2016 17:19:57] - (4.45.1.275) - (DT Soft Ltd - DAEMON Tools Virtual Bus Driver) - C:\Windows\system32\DRIVERS\dtsoftbus01.sys
[09/02/2020 08:02:24] - (30.255.134.0) - (AO Kaspersky Lab - Backup File Filter [fre_win7_amd64]) - C:\Windows\system32\DRIVERS\klbackupflt.sys
[23/03/2020 19:54:26] - (30.112.90.0) - (AO Kaspersky Lab - Filter Core [fre_win7_amd64]) - C:\Windows\system32\DRIVERS\klflt.sys
[24/01/2020 05:36:16] - (20.3.63.0) - (AO Kaspersky Lab - klhk [fre_win7_x64]) - C:\Windows\system32\DRIVERS\klhk.sys
[23/03/2020 19:54:26] - (30.255.73.0) - (AO Kaspersky Lab - Core System Interceptors [fre_win7_amd64]) - C:\Windows\system32\DRIVERS\klif.sys
[13/03/2019 02:45:02] - (30.0.3731.0) - (AO Kaspersky Lab - Format Recognizer [fre_win7_amd64]) - C:\Windows\system32\DRIVERS\klpd.sys
[27/01/2020 08:42:52] - (20.3.54.0) - (AO Kaspersky Lab - Security Extender [fre_win7_x64]) - C:\Windows\system32\DRIVERS\klgse.sys
[05/03/2019 03:00:32] - (18.0.5.0) - (AO Kaspersky Lab - WFP Network Filter [fre_win7_x64]) - C:\Windows\system32\DRIVERS\klwfp.sys
[09/02/2020 08:02:24] - (30.147.71.0) - (AO Kaspersky Lab - WFP Network Connection Filter Driver [fre_win7_amd64]) - C:\Windows\system32\DRIVERS\klwtp.sys
[19/03/2019 08:21:06] - (30.0.3724.0) - (AO Kaspersky Lab - Packet Network Filter [fre_win7_amd64]) - C:\Windows\system32\DRIVERS\klim6.sys
[19/03/2019 03:31:38] - (30.0.3731.0) - (AO Kaspersky Lab - Network Processor [fre_win7_amd64]) - C:\Windows\system32\DRIVERS\kneps.sys
[13/03/2019 00:23:26] - (30.0.3731.0) - (AO Kaspersky Lab - Virtual Disk [fre_win7_amd64]) - C:\Windows\system32\DRIVERS\kldisk.sys
[23/03/2020 14:14:25] - (7.0.7.29) - (IObit - IMFCameraProtect) - C:\Windows\system32\drivers\IMFCameraProtect.sys
[23/03/2020 14:06:06] - (8.98.0.0) - (REALiX(tm) - HWiNFO AMD64 Kernel Driver) - C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
[06/07/2017 21:42:39] - (1.0.0.1) - (CHENGDU YIWO Tech Development Co., Ltd - Disk Backup Image Preview Driver) - C:\Windows\system32\drivers\EuFdDisk.sys
[06/07/2017 21:42:39] - (1.2.0.1) - (CHENGDU YIWO Tech Development Co., Ltd - Disk Access Driver) - C:\Windows\system32\drivers\eudskacs.sys
[09/03/2018 14:58:17] - (15.0.25.81) - (Avira Operations GmbH & Co. KG - Avira Manager Driver) - C:\Windows\system32\DRIVERS\avkmgr.sys
[18/05/2017 12:49:35] - (6.1.7600.16385) - (Windows (R) Win 7 DDK provider - ASRock App Charger Driver) - C:\Windows\system32\DRIVERS\AsrAppCharger.sys
[27/08/2012 19:51:00] - (3.0.23.0) - (Renesas Electronics Corporation - USB 3.0 Host Controller Driver) - C:\Windows\system32\DRIVERS\rusb3xhc.sys
[13/12/2006 12:34:04] - (2.0.19.0) - (Pinnacle Systems - Pinnacle Bender Series Driver) - C:\Windows\system32\drivers\bender64.sys
[04/03/2011 16:00:14] - (1.10.1.0) - (ASMedia Technology Inc - ASMEDIA XHCI Host Controller Driver) - C:\Windows\system32\DRIVERS\asmtxhci.sys
[23/03/2020 15:25:05] - (1.1.0.0) - ( - Intel(R) Smart Connect Technology Device Driver) - C:\Windows\system32\DRIVERS\ISCTD.sys
[22/01/2019 19:56:35] - (2.9.2.4) - (Wacom Technology - Virtual Hid Device) - C:\Windows\system32\DRIVERS\wacomvhid.sys
[16/03/2018 16:54:24] - (9.0.0.23) - (The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6.0)) - C:\Windows\system32\DRIVERS\kltap.sys
[23/09/2005 23:18:34] - (2.1.29.0) - (Pinnacle Systems GmbH - Pinnacle Marvin Discrete Bus Enumerator) - C:\Windows\system32\DRIVERS\MarvinBus64.sys
[22/01/2019 19:56:46] - (1.2.2.0) - (Wacom Technology - Wacom Mouse Filter Driver) - C:\Windows\system32\DRIVERS\wacommousefilter.sys
[18/03/2019 02:50:34] - (30.0.3716.0) - (AO Kaspersky Lab - Mouse Device Filter [fre_win7_amd64]) - C:\Windows\system32\DRIVERS\klmouflt.sys
[27/08/2012 19:50:58] - (3.0.23.0) - (Renesas Electronics Corporation - USB 3.0 Hub Driver) - C:\Windows\system32\DRIVERS\rusb3hub.sys
[04/03/2011 16:00:14] - (1.10.1.0) - (ASMedia Technology Inc - ASMedia USB3 Hub Driver) - C:\Windows\system32\DRIVERS\asmthub3.sys
[18/03/2019 03:11:30] - (30.0.3716.0) - (AO Kaspersky Lab - Keyboard Device Filter [fre_win7_amd64]) - C:\Windows\system32\DRIVERS\klkbdflt.sys
[09/02/2012 16:24:14] - (1.0.2.0) - ( - Intel Keyboard Class Upper Filter Driver) - C:\Windows\system32\DRIVERS\ikbevent.sys
[11/12/2019 12:36:28] - (5.1.2.254) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\Windows\System32\ATMFD.DLL
[16/12/2018 19:20:56] - (2.0.0.2416) - (Acronis International GmbH - Acronis Virtual File) - C:\Windows\system32\DRIVERS\virtual_file.sys
[26/03/2019 23:31:35] - (0.0.0.0) - ( -) - C:\Windows\system32\ammntdrv.sys
[26/03/2019 23:31:35] - (0.0.0.0) - ( -) - C:\Windows\system32\amwrtdrv.sys
[09/03/2018 14:58:17] - (15.0.25.81) - (Avira Operations GmbH & Co. KG - Avira WFP Network Driver) - C:\Windows\system32\DRIVERS\avnetflt.sys
[16/12/2018 19:20:56] - (5.0.0.2592) - (Acronis International GmbH - Acronis TIB Mounter Driver) - C:\Windows\system32\DRIVERS\tib_mounter.sys
[18/05/2017 12:36:38] - (0.0.0.0) - ( -) - C:\Windows\system32\drivers\WPRO_41_2001.sys

---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service

R0 - [Kernel Driver] - ACPI (Pilote ACPI Microsoft) -> system32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - ambakdrv (ambakdrv) -> system32\ambakdrv.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - amdxata () -> system32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - asahci64 () -> system32\DRIVERS\asahci64.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - asstor64 () -> system32\DRIVERS\asstor64.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - atapi (Canal IDE) -> system32\drivers\atapi.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - avdevprot (avdevprot) -> system32\DRIVERS\avdevprot.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - avusbflt (avusbflt) -> System32\Drivers\avusbflt.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - BtHidBus (Bluetooth HID Bus Service) -> System32\Drivers\BtHidBus.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - cm_km (AO Kaspersky Lab Cryptographic Module x64 (56 bit)) -> system32\DRIVERS\cm_km.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - Disk (Pilote de disque) -> system32\drivers\disk.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - EUBAKUP (EUBAKUP) -> system32\drivers\eubakup.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - EUBKMON (EUBKMON) -> system32\drivers\EUBKMON.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - file_tracker (Acronis File Tracker Driver) -> system32\DRIVERS\file_tracker.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - fltsrv (Acronis Storage Filter Management) -> system32\DRIVERS\fltsrv.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - iaStorA () -> system32\DRIVERS\iaStorA.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - iaStorF () -> system32\DRIVERS\iaStorF.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - iusb3hcs (Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0) -> system32\DRIVERS\iusb3hcs.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - kl1 (kl1) -> system32\DRIVERS\kl1.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - klbackupdisk (Kaspersky Lab klbackupdisk) -> system32\DRIVERS\klbackupdisk.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - msahci () -> system32\drivers\msahci.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - msisadrv () -> system32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pci (Pilote de bus PCI) -> system32\drivers\pci.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - snapman (Acronis Snapshots Manager) -> system32\DRIVERS\snapman.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - spldr (Security Processor Loader Driver) -> (?) - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - storflt (@%SystemRoot%\system32\vmstorfltres.dll,-1000) -> system32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - tib (Acronis TIB Manager) -> system32\DRIVERS\tib.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - vdrvroot (Pilote d’énumérateur de lecteur virtuel Microsoft) -> system32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volmgr (Pilote du Gestionnaire de volume) -> system32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volsnap (Volumes de stockage) -> system32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volume_tracker (Acronis Volume Tracker) -> system32\DRIVERS\volume_tracker.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - AsrAppCharger (AsrAppCharger) -> system32\DRIVERS\AsrAppCharger.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - avkmgr (avkmgr) -> system32\DRIVERS\avkmgr.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - blbdrive () -> system32\DRIVERS\blbdrive.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - cdrom (Pilote de CD-ROM) -> system32\DRIVERS\cdrom.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - CSC (@%systemroot%\system32\cscsvc.dll,-202) -> system32\drivers\csc.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - dtsoftbus01 (DAEMON Tools Virtual Bus Driver) -> system32\DRIVERS\dtsoftbus01.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - EUDSKACS (EUDSKACS) -> \??\C:\Windows\system32\drivers\eudskacs.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - EUFDDISK (EUFDDISK) -> \??\C:\Windows\system32\drivers\EuFdDisk.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - HWiNFO32 (HWiNFO32/64 Kernel Driver) -> \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - IMFCameraProtect (IMFCameraProtect) -> \??\C:\Windows\system32\drivers\IMFCameraProtect.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - klbackupflt (Kaspersky Lab klbackupflt) -> system32\DRIVERS\klbackupflt.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - kldisk (kldisk) -> system32\DRIVERS\kldisk.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - klgse (Kaspersky Lab Security Extender Driver) -> system32\DRIVERS\klgse.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - klhk (Kaspersky Lab service driver) -> system32\DRIVERS\klhk.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - KLIF (Kaspersky Lab Driver) -> system32\DRIVERS\klif.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - klim6 (Kaspersky Anti-Virus NDIS 6 Filter) -> system32\DRIVERS\klim6.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - klpd (Kaspersky Lab format recognizer driver) -> system32\DRIVERS\klpd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - klwfp (klwfp) -> system32\DRIVERS\klwfp.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - klwtp (KLwtp - WFP callout traffic inspector) -> system32\DRIVERS\klwtp.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - kneps (kneps) -> system32\DRIVERS\kneps.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - mssmbios (Pilote BIOS de gestion de systèmes Microsoft) -> \SystemRoot\system32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Serial (Pilote de port série) -> system32\DRIVERS\serial.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - TermDD (Pilote de périphérique terminal) -> \SystemRoot\system32\drivers\termdd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - VgaSave () -> \SystemRoot\System32\drivers\vga.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - vwififlt (Virtual WiFi Filter Driver) -> system32\DRIVERS\vwififlt.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - ws2ifsl (@%systemroot%\System32\drivers\ws2ifsl.sys,-1000) -> \SystemRoot\system32\drivers\ws2ifsl.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - ESProtectionDriver (Malwarebytes Anti-Exploit) -> \??\C:\Windows\system32\drivers\mbae64.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - ammntdrv (ammntdrv) -> \??\C:\Windows\system32\ammntdrv.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - amwrtdrv (amwrtdrv) -> \??\C:\Windows\system32\amwrtdrv.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - avnetflt (avnetflt) -> system32\DRIVERS\avnetflt.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - LGCoreTemp (Logitech CPU Core Tempurature) -> \??\C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - MBAMChameleon (MBAMChameleon) -> \SystemRoot\System32\Drivers\MbamChameleon.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - tib_mounter (Acronis TIB Mounter) -> system32\DRIVERS\tib_mounter.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - virtual_file (Acronis Virtual File Driver) -> system32\DRIVERS\virtual_file.sys - AcceptPause: False - AcceptStop: True

---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted)

[MD5.26C43960C99EE861A5D0EDC4DCF3B1C3] - [16/06/2017 19:33:49] - (.© Malwarebytes Corporation. - Malwarebytes Anti-Malware.) - [126.71 Ko] - (0.2.13.0) - C:\Windows\System32\Drivers\12BB4DCA.sys
[MD5.EF558A02D734A1403583E95CCEEC2487] - [23/03/2020 14:06:06] - (.Copyright (c)1999-2015 Martin Malík - REALiX - HWiNFO AMD64 Kernel Driver.) - [26.91 Ko] - (8.98.0.0) - C:\Windows\Syswow64\Drivers\HWiNFO64A.SYS

---------- | Uninstall (Whitelist)

[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Cavomatic Free] : (Cavomatic.-.) -> "j:\Cavomatic Free\WDUNINST.EXE" /REG="Cavomatic Free"
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Dashlane] : (Dashlane.-.Dashlane, Inc.) -> C:\Users\tolunq\AppData\Roaming\Dashlane\6.2013.0.33804\bin\DashlaneUninstall.exe
[HKU\S-1-5-21-2440877392-4245707990-3840087772-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Molotov] : (Molotov.-.Molotov) -> "C:\Users\tolunq\AppData\Local\Molotov\Update.exe" --uninstall
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AMD Catalyst Install Manager] : (AMD Software.-.Advanced Micro Devices, Inc.) -> "C:\Program Files\AMD\CIM\Bin64\RadeonInstaller.exe" /EXPRESS_UNINSTALL /IGNORE_UPGRADE /ON_REBOOT_MESSAGE:NO
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\ASRock App Charger_is1] : (ASRock App Charger v1.0.6.-.ASRock Inc.) -> "C:\Program Files\ASRock Utility\AsrAppCharger\unins000.exe"
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CrystalDiskInfo_is1] : (CrystalDiskInfo 8.4.2.-.Crystal Dew World) -> "C:\Program Files\CrystalDiskInfo\unins000.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2] : (Package de pilotes Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1).-.Silicon Labs Software) -> rundll32.exe C:\Program Files\DIFX\4CBAA680AB78144E\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\usb_ant_siusbxp_3_1.inf_amd64_neutral_a786cf555bc1afd4\usb_ant_siusbxp_3_1.inf
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46] : (Package de pilotes Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201).-.Dynastream Innovations, Inc.) -> rundll32.exe C:\Program Files\DIFX\4CBAA680AB78144E\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\ant_libusb.inf_amd64_neutral_54173307afc55815\ant_libusb.inf
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Logitech Gaming Software] : (Logitech - Assistant pour jeux vidéo 8.92.-.Logitech Inc.) -> C:\Program Files\Logitech Gaming Software\uninstallhlpr.exe /bitness=x64 /silentmode=off /langid=FRA /downgrade=no /firstRun=yes
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MacriumReflect] : (Macrium Reflect Professional Edition.-.Paramount Software (UK) Ltd.) -> C:\Program Files\Macrium\Reflect\xReflect.exe
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 74.0.1 (x64 fr)] : (Mozilla Firefox 74.0.1 (x64 fr).-.Mozilla) -> "C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\RawTherapee5.5_is1] : (RawTherapee version 5.5.-.rawtherapee.com) -> "i:\RawTherapee\5.5\unins000.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Recuva] : (Recuva.-.Piriform) -> "C:\Program Files\Recuva\uninst.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Speccy] : (Speccy.-.Piriform) -> "C:\Program Files\Speccy\uninst.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VLC media player] : (VLC media player.-.VideoLAN) -> "C:\Program Files\VideoLAN\VLC\uninstall.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VueScan x64] : (VueScan x64.-.) -> "C:\Program Files\VueScan\vuescan.exe" /remove
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WhoCrashed_is1] : (WhoCrashed 5.54.-.Resplendence Software Projects Sp.) -> "C:\Program Files\WhoCrashed\unins000.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 5.71 (64-bit).-.win.rar GmbH) -> C:\Program Files\WinRAR\uninstall.exe
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{070CF190-681A-4c62-A0C1-B0B1CFD13A88}_is1] : (BMI Flight Simulator 0.2.1.-.BMI nv/sa) -> "i:\BMI Flight Simulator\unins000.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series] : (Canon MP560 series MP Drivers.-.) -> "C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series\DelDrv64.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1489ABFD-DD1C-4FD5-84F3-B331486CF0FE}] : (AxCrypt 1.7.2067.0.-.Axantum Software AB) -> MsiExec.exe /I{1489ABFD-DD1C-4FD5-84F3-B331486CF0FE}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{173a9bac-6f0d-50c4-8202-4744c69d091a}] : (Bitwarden.-.8bit Solutions LLC) -> "f:\Bitwarden\Uninstall Bitwarden.exe" /allusers
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{178B916E-BCCA-464A-82B1-16FBCE86E30B}] : (AMD Settings - Branding.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /I{178B916E-BCCA-464A-82B1-16FBCE86E30B}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{203DE003-C392-FF19-BCA2-3F775477BC94}] : (AMD Drag and Drop Transcoding.-.ATI Technologies Inc.) -> MsiExec.exe /X{203DE003-C392-FF19-BCA2-3F775477BC94}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{28075128-C115-45CB-888A-4491A138A510}] : (Pinnacle MyDVD.-.Nom de votre société) -> MsiExec.exe /I{28075128-C115-45CB-888A-4491A138A510}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{29A188EB-3381-478D-B3C1-C852B3AA2B54}] : (Pinnacle Studio 21 - Standard Content Pack.-.Corel Corporation) -> MsiExec.exe /I{29A188EB-3381-478D-B3C1-C852B3AA2B54}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{33A49BF2-CB4F-5E54-D7F5-25502CAB6B70}] : (ATI AVIVO64 Codecs.-.ATI Technologies Inc.) -> MsiExec.exe /X{33A49BF2-CB4F-5E54-D7F5-25502CAB6B70}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1] : (Malwarebytes version 4.1.0.56.-.Malwarebytes) -> "f:\Malwarebytes\Anti-Malware\mbuns.exe" /Uninstall /uselocalisvc MB
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{41C196DB-9ED2-449E-A056-20E67255BFC8}] : (Pinnacle Studio 21.-.Corel Corporation) -> MsiExec.exe /I{41C196DB-9ED2-449E-A056-20E67255BFC8}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4DB1F777-A654-9D99-5665-72C85CEF9682}] : (AMD Problem Report Wizard.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{4DB1F777-A654-9D99-5665-72C85CEF9682}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{520B76DA-291C-D57B-65D8-7517CDDD136B}] : (AMD Software.-.Advanced Micro Devices, Inc.) -> msiexec /q/x{520B76DA-291C-D57B-65D8-7517CDDD136B} REBOOT=ReallySuppress
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6513E16C-7FC9-4DE6-930F-B62E588673C0}] : (Intel(R) Smart Connect Technology 2.0 x64.-.Intel) -> MsiExec.exe /X{6513E16C-7FC9-4DE6-930F-B62E588673C0}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6AE0802A-390F-4A82-B58B-A7F37F1FD82E}] : (ANT Drivers Installer x64.-.Garmin Ltd or its subsidiaries) -> MsiExec.exe /I{6AE0802A-390F-4A82-B58B-A7F37F1FD82E}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6CC95B76-D380-46B2-9022-9353938E48BA}] : (Logitech GamePanel Software 3.03.133.-.Logitech Inc.) -> MsiExec.exe /X{6CC95B76-D380-46B2-9022-9353938E48BA}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6DE721A5-5E89-4D74-994C-652BB3C0672E}] : (Pilote vidéo Pinnacle.-.Pinnacle Systems) -> MsiExec.exe /X{6DE721A5-5E89-4D74-994C-652BB3C0672E}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}] : (Bonjour.-.Apple Inc.) -> MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6FAF2C9C-BC59-4D36-9C33-1C7902F04D22}] : (Pinnacle 3D Title Editor.-.Corel Corporation) -> MsiExec.exe /I{6FAF2C9C-BC59-4D36-9C33-1C7902F04D22}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7250F238-58CB-40E0-BD27-79D5343119D2}] : (Macrium Reflect Professional Edition.-.Paramount Software (UK) Ltd.) -> MsiExec.exe /I{7250F238-58CB-40E0-BD27-79D5343119D2}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{752CCAEE-8E33-DE50-9454-B377A2205193}] : (ccc-utility64.-.ATI) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8215FA76-B532-49CB-B40B-CDC4781C1765}] : (Pinnacle Hollywood FX Volumes 1-3.-.Corel Corporation) -> MsiExec.exe /X{8215FA76-B532-49CB-B40B-CDC4781C1765}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{88033906-A6D4-453C-8685-2A6110B1AC72}] : (Pinnacle NewBlue Effects.-.Corel Corporation) -> MsiExec.exe /I{88033906-A6D4-453C-8685-2A6110B1AC72}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8A8EF2C9-3FD5-41A3-B652-5EE95544971C}] : (Pinnacle ScoreFitter Volumes 1-2.-.Corel Corporation) -> MsiExec.exe /X{8A8EF2C9-3FD5-41A3-B652-5EE95544971C}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}] : (Intel® Trusted Connect Service Client.-.Intel Corporation) -> MsiExec.exe /I{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1] : (Revo Uninstaller 2.0.4.-.VS Revo Group, Ltd.) -> "C:\Program Files\VS Revo Group\Revo Uninstaller\unins000.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BD4AC883-4AF5-40BB-91F0-31A061F9588E}] : (DriversCloud.com (64 bits).-.Cybelsoft) -> MsiExec.exe /X{BD4AC883-4AF5-40BB-91F0-31A061F9588E}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}] : (Broadcom NetLink Controller.-.Broadcom Corporation) -> MsiExec.exe /X{C91DCB72-F5BB-410D-A91A-314F5D1B4284}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CD95F661-A5C4-44F5-A6AA-ECDD91C24127}] : (WinZip 24.0.-.Corel Corporation) -> MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C24127}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}] : (SAMSUNG USB Driver for Mobile Phones.-.SAMSUNG Electronics Co., Ltd.) -> C:\Program Files\SAMSUNG\USB Drivers\Uninstall.exe
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DCFE1E33-F24D-4DE4-A25C-D58DB7565973}] : (Pinnacle Creative Pack Volume 1.-.Corel Corporation) -> MsiExec.exe /I{DCFE1E33-F24D-4DE4-A25C-D58DB7565973}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E41065E8-67E2-448F-940C-FF9D7C51E4E3}] : (Service Xperia Companion.-.Sony) -> MsiExec.exe /I{E41065E8-67E2-448F-940C-FF9D7C51E4E3}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F92FBC75-02F0-4D54-8986-46E91BEFF5C5}] : (Pinnacle Title Extreme.-.Corel Corporation) -> MsiExec.exe /X{F92FBC75-02F0-4D54-8986-46E91BEFF5C5}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] : (Adobe Flash Player 32 ActiveX.-.Adobe) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_ActiveX.exe -maintain activex
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AOMEI Backupper] : (.-.) -> I:\AOMEI Backupper\unins000.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Audacity_is1] : (Audacity 2.3.1.-.Audacity Team) -> "i:\Audacity\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\CanonMyPrinter] : (Canon Utilities My Printer.-.) -> C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini uinstrsc.dll
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DebugMode Wink] : (DebugMode Wink.-.) -> "j:\Wink\uninst.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Dropbox] : (Dropbox.-.Dropbox, Inc.) -> "C:\Program Files (x86)\Dropbox\Client\DropboxUninstaller.exe" /InstallType:MACHINE
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Enregistrement utilisateur de Canon MP560 series] : (Enregistrement utilisateur de Canon MP560 series.-.) -> C:\Program Files (x86)\Canon\IJEREG\MP560 series\UNINST.EXE
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Eye-One Match_is1] : (Eye-One Match 3.6.2.-.GretagMacbeth) -> "C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FileZilla Client] : (FileZilla Client 3.38.1.-.Tim Kosse) -> "i:\FileZilla FTP Client\uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google LLC) -> "C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\setup.exe" --uninstall --system-level --verbose-logging
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Half-Life: Source Quadrilogy_is1] : (Half-Life: Source Quadrilogy.-.) -> "F:\Half-Life - Source Quadrilogy\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\HD Tune Pro_is1] : (HD Tune Pro 5.75.-.EFD Software) -> "C:\Program Files (x86)\HD Tune Pro\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\i1_driver_installer_utility_i1Match_is1] : (i1_driver_installer_utility_i1Match version 1.0.-.X-Rite) -> "C:\Program Files (x86)\X-Rite\i1_driver_installer_utility\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}] : (Renesas Electronics USB 3.0 Host Controller Driver.-.Renesas Electronics Corporation) -> "C:\Program Files (x86)\InstallShield Installation Information\{17528CE4-C333-48FB-A9E4-D841E795CDCE}\setup.exe" -runfromtemp -l0x040c -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallWIX_{145AE349-477A-45E5-A57C-5F5BF2BB5775}] : (Kaspersky Secure Connection.-.Kaspersky) -> MsiExec.exe /I{145AE349-477A-45E5-A57C-5F5BF2BB5775} REMOVE=ALL
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}] : (Kaspersky Password Manager.-.Kaspersky Lab) -> MsiExec.exe /I{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611} REMOVE=ALL
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}] : (Kaspersky Total Security.-.Kaspersky) -> MsiExec.exe /I{D891550B-ACFE-4797-B368-BCFC434BBEB1} REMOVE=ALL
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IP Camera Viewer_is1] : (IP Camera Viewer 4.-.DeskShare Inc.) -> "C:\Program Files (x86)\Deskshare\IP Camera Viewer 4\unins001.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\KeePassPasswordSafe2_is1] : (KeePass Password Safe 2.44.-.Dominik Reichl) -> "C:\Program Files (x86)\KeePass Password Safe 2\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\KlimaLogg Pro_is1] : (KlimaLogg Pro.-.TFA Dostmann) -> "j:\KlimaLoggPro\uninst\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Knoll Light Factory EZ Studio 15] : (Knoll Light Factory EZ Studio 15.-.) -> C:\Windows\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 15\Plugins\RTFx\klfezstudio.log
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Kobo] : (Kobo.-.Rakuten Kobo Inc.) -> "C:\Program Files (x86)\Kobo\uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\LAME_is1] : (LAME v3.99.3 (for Windows).-.) -> "C:\Program Files (x86)\Lame For Audacity\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Magic Bullet Looks Studio 15] : (Magic Bullet Looks Studio 15.-.) -> C:\Windows\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 15\Plugins\RTFx\mblooksstudio15.log
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MEGAsync] : (MEGAsync.-.Mega Limited) -> C:\Users\tolunq\AppData\Local\MEGAsync\uninst.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MP Navigator EX 3.0] : (Canon MP Navigator EX 3.0.-.) -> "C:\Program Files (x86)\Canon\MP Navigator EX 3.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 3.0\uninst.ini
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MyDriveConnect] : (TomTom MyDrive Connect 4.2.7.3966.-.TomTom) -> C:\Program Files (x86)\MyDrive Connect\Uninstall TomTom MyDrive Connect.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\NewFolderEx] : (NewFolderEx (remove only).-.) -> "C:\Program Files (x86)\NewFolderEx\uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\NirSoft ProduKey] : (NirSoft ProduKey.-.) -> "C:\Program Files (x86)\NirSoft\ProduKey\uninst.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\OpenAL] : (OpenAL.-.) -> "C:\Program Files (x86)\OpenAL\oalinst.exe" /U
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Red Giant ToonIt Studio 15] : (Red Giant ToonIt Studio 15.-.) -> C:\Windows\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 15\Plugins\RTFx\rgtoonitstudio.log
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Skype_is1] : (Skype version 8.58.-.Skype Technologies S.A.) -> "C:\Program Files (x86)\Microsoft\Skype for Desktop\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Sniper Elite V2 Remastered_is1] : (Sniper Elite V2 Remastered.-.) -> "I:\Sniper Elite V2 Remastered\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\stax-Pinnacle_is1] : (SureThing Express Labeler.-.MicroVision Development, Inc.) -> "C:\Program Files (x86)\SureThing Express Labeler\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\TERRATEC Grabby] : (TERRATEC Grabby V5.09.1202.00.-.) -> "C:\Program Files (x86)\Common Files\TerraTec\DriverInstall\TERRATEC_Grabby\uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Trapcode 3DStroke Studio 15] : (Trapcode 3DStroke Studio 15.-.) -> C:\Windows\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 15\Plugins\RTFx\tc3dstrokestudio.log
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Trapcode Particular Studio] : (Trapcode Particular Studio.-.) -> C:\Windows\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 15\Plugins\RTFx\tcparticularstudio.log
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Trapcode Shine Studio 15] : (Trapcode Shine Studio 15.-.) -> C:\Windows\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 15\Plugins\RTFx\tcshinestudio.log
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Tweak-XP Pro 4] : (Tweak-XP Pro 4.-.) -> C:\Windows\iun6002.exe "C:\Program Files (x86)\Tweak-XP Pro 4\irunin.ini"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Univers photo Pixum] : (Univers photo Pixum.-.CEWE Stiftung u Co. KGaA) -> "j:\Pixum\Univers photo Pixum\uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\USB Safely Remove_is1] : (USB Safely Remove 6.2.-.SafelyRemove.com) -> "C:\Program Files (x86)\USB Safely Remove\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Vsk5Online_is1] : (Vsk5Online.-.Nadeo) -> "f:\Vsk5Online\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wacom Tablet Driver] : (Tablette Wacom.-.Wacom Technology Corp.) -> C:\Program Files (x86)\Tablet\Wacom\Remove.exe /u
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wacom WebTabletPlugin for IE] : (WebTablet IE Plugin.-.Wacom Technology Corp.) -> "C:\Program Files (x86)\TabletPlugins\ieUninstall.exe" /S
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wacom WebTabletPlugin for Netscape] : (WebTablet Netscape Plugin.-.Wacom Technology Corp.) -> "C:\Program Files (x86)\TabletPlugins\npUninstall.exe" /S
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{00FE2654-4377-8F53-55F4-83B70EE44C73}] : (CCC Help Dutch.-.ATI) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{01DD9D3D-FA8A-E148-008D-5CDF1BE8911F}] : (CCC Help Korean.-.ATI) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{02F5BD83-B529-37E3-B5DF-32ABC7EC63C4}] : (ccc-core-static.-.Nom de votre société) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{072224C5-0C98-0902-9A71-89D4A8F3E810}] : (CCC Help Thai.-.ATI) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{099218A5-A723-43DC-8DB5-6173656A1E94}] : (Dropbox Update Helper.-.Dropbox, Inc.) -> MsiExec.exe /I{099218A5-A723-43DC-8DB5-6173656A1E94}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1229D58B-9185-4F85-71B2-4B34EBF8AD17}] : (CCC Help Italian.-.ATI) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}] : (Pinnacle Studio 15.-.Pinnacle Systems) -> MsiExec.exe /I{1362E602-9625-42D3-B57F-CDA9D26F9DA8}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{145AE349-477A-45E5-A57C-5F5BF2BB5775}] : (Kaspersky Secure Connection.-.Kaspersky) -> MsiExec.exe /I{145AE349-477A-45E5-A57C-5F5BF2BB5775}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{17528CE4-C333-48FB-A9E4-D841E795CDCE}] : (Renesas Electronics USB 3.0 Host Controller Driver.-.Renesas Electronics Corporation) -> MsiExec.exe /X{17528CE4-C333-48FB-A9E4-D841E795CDCE}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{27C6CB2E-415B-6020-91FC-BA5CE3B912AC}] : (CCC Help Russian.-.ATI) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{28075128-C115-45CB-888A-4491A138A510}] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{29656550-8463-258C-55BA-5C4F7950DBDE}] : (CCC Help Portuguese.-.ATI) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1] : (Samsung Magician.-.Samsung Electronics) -> "f:\Samsung\Samsung Magician\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2F9D6E60-CCDA-4761-A947-74AB500CFB0D}] : (Sensible Soccer 2006 Demo.-.Codemasters) -> RunDll32 C:\Program Files (x86)\Common Files\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2F9D6E60-CCDA-4761-A947-74AB500CFB0D}\setup.exe" -l0x40c -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{321C85DB-F528-4B49-B6AB-82547D03DAF6}] : (D-Link DWA-582 - V1.00.-.D-Link) -> C:\Program Files (x86)\InstallShield Installation Information\{321C85DB-F528-4B49-B6AB-82547D03DAF6}\setup.exe -runfromtemp -l0x040c -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3A6DDDF3-4A04-47A4-A644-B9F489989750}] : (Pinnacle MyDVD.-.Pinnacle) -> C:\ProgramData\Uninstall\{3A6DDDF3-4A04-47A4-A644-B9F489989750}\setup.exe /x {3A6DDDF3-4A04-47A4-A644-B9F489989750}  {lang}=FRA
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{41B21B1F-950E-13FC-57C7-2AC44B196223}] : (Catalyst Control Center Graphics Previews Vista.-.ATI) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4740E1B2-51CF-4083-8976-D6B3B5A5064F}_is1] : (IPCWebComponents 5.0.0.3.-.FOSCAM) -> "C:\Program Files (x86)\IPCWebComponents\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{48348C5E-1EBD-44A9-B074-0137A738B8A5}] : (Pinnacle Studio for Dazzle - Install Manager.-.Corel Corporation) -> MsiExec.exe /X{48348C5E-1EBD-44A9-B074-0137A738B8A5}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{486DCE02-1FB0-4962-9CB3-4265F2D49126}] : (Elevated Installer.-.Garmin Ltd or its subsidiaries) -> MsiExec.exe /I{486DCE02-1FB0-4962-9CB3-4265F2D49126}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{48D5DBBA-7B60-B832-59DB-BE252C2E5A23}] : (CCC Help Finnish.-.ATI) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{490F45FA-738D-5D4A-6B9D-DC1373ACF794}] : (CCC Help Polish.-.ATI) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4E99D34D-1CF8-45FA-BB4D-FBF30EA6E2FE}] : (Backup and Sync from Google.-.Google, Inc.) -> MsiExec.exe /X{4E99D34D-1CF8-45FA-BB4D-FBF30EA6E2FE}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{53AFCE35-1653-91F4-8991-900731F32111}] : (CCC Help Norwegian.-.ATI) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}] : (GetDataBack for NTFS.-.Runtime Software) -> "d:\Runtime Software\GetDataBack for NTFS\Uninstall.exe" "d:\Runtime Software\GetDataBack for NTFS\install.log" -u
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{568EF3B9-C672-E82A-BCD4-A88072578521}] : (CCC Help Swedish.-.ATI) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5792A551-3E28-456E-8902-8DF4F2285F30}_is1] : (FoscamVMS version 1.1.4.9.-.Foscam) -> "i:\FoscamVMS\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5b7c1b25-5fb6-442c-a1b5-cb8dfc2267bf}] : (Xperia Companion.-.Sony) -> "C:\ProgramData\Package Cache\{5b7c1b25-5fb6-442c-a1b5-cb8dfc2267bf}\XperiaCompanionBundle.exe"  /uninstall
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google LLC) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}] : (Asmedia ASM106x SATA Host Controller Driver.-.Asmedia Technology) -> MsiExec.exe /X{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{654733F2-22EC-776F-9C2D-CF3C4F578768}] : (CCC Help Danish.-.ATI) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{66EABD35-6233-4926-9AB1-AB31CC6BC7D9}] : (Xperia Companion.-.Sony) -> MsiExec.exe /X{66EABD35-6233-4926-9AB1-AB31CC6BC7D9}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{67ABC7E8-A241-F90D-0B04-5BB03428AF96}] : (CCC Help Greek.-.ATI) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6AA30800-F713-BB43-EDA2-1C380FE7FD63}] : (Catalyst Control Center Localization All.-.ATI) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6F235FE4-8EC6-3FAB-1739-A434BFE76E27}] : (CCC Help Chinese Standard.-.ATI) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{85090727-99E2-F1DC-1589-83D5AC986F3E}] : (CCC Help Spanish.-.ATI) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{855F84C1-2C2C-4A1C-838C-1912D77FF879}_is1] : (Assetto Corsa Competizione.-.Kunos Simulazioni) -> "f:\Assetto Corsa Competizione\uninstall\unins000.exe"
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{87323561-58BA-4D5B-BADA-A791B69D1705}] : (Catalyst Control Center - Branding.-.ATI) -> MsiExec.exe /I{87323561-58BA-4D5B-BADA-A791B69D1705}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}] : (TomTom HOME Visual Studio Merge Modules.-.TomTom International B.V.) -> MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9F1953B3-B0EE-402C-A29F-A8AB775A6D1D}] : (TomTom HOME.-.Nom de votre société) -> MsiExec.exe /I{9F1953B3-B0EE-402C-A29F-A8AB775A6D1D}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9F9CDA0B-2291-4061-85C4-441A75BE6713}] : (FOSCAM Client.-.FOSCAM) -> MsiExec.exe /I{9F9CDA0B-2291-4061-85C4-441A75BE6713}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A05A8CFE-F458-4731-BD47-01C675E8944C}] : (Garmin Express.-.Garmin Ltd or its subsidiaries) -> MsiExec.exe /I{A05A8CFE-F458-4731-BD47-01C675E8944C}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A05EF3DC-AAFA-6903-433D-0F383F5F4EC3}] : (CCC Help German.-.ATI) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A317EF8E-66FB-94B6-C4FA-96A0AED1AB2F}] : (CCC Help Chinese Traditional.-.ATI) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A6C48A9F-694A-4234-B3AA-62590B668927}] : (Intel(R) Manageability Engine Firmware Recovery Agent.-.Intel Corporation) -> MsiExec.exe /X{A6C48A9F-694A-4234-B3AA-62590B668927}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1] : (AOMEI Backupper Professionel.-.AOMEI Technology Co., Ltd.) -> "I:\AOMEI Backupper\unins000.exe"
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824311644}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824311644}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-1033-FFFF-7760-000000000006}] : (Adobe Acrobat XI Pro.-.Adobe Systems) -> MsiExec.exe /I{AC76BA86-1033-FFFF-7760-000000000006}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ADCF7AE3-8E36-4B80-9460-66B74B56927F}] : (MyDVD Content Pack 1.-.Corel Corporation) -> MsiExec.exe /I{ADCF7AE3-8E36-4B80-9460-66B74B56927F}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B2AF5585-FACF-7760-5C68-F2DC6BBACE47}] : (CCC Help Czech.-.ATI) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}] : (Kaspersky Password Manager.-.Kaspersky Lab) -> MsiExec.exe /X{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{b347cf7c-d07d-417b-b26a-8d6a851f696d}] : (Garmin Express.-.Garmin Ltd or its subsidiaries) -> "C:\ProgramData\Package Cache\{b347cf7c-d07d-417b-b26a-8d6a851f696d}\GarminExpressInstaller.exe"  /uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B8665FEA-4EE1-4A7F-B987-A506F54F2222}] : (Backup and Sync from Google.-.Google, Inc.) -> MsiExec.exe /X{B8665FEA-4EE1-4A7F-B987-A506F54F2222}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B92B952E-4459-480F-A500-60D87F6F527F}_is1] : (USB-set 1.4.1.-.Infoadom 38) -> "C:\Program Files (x86)\USB-set\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B9987701-F119-46FA-BFF1-A8B593BFAF9E}] : (MyDVD Content Pack 2.-.Corel Corporation) -> MsiExec.exe /I{B9987701-F119-46FA-BFF1-A8B593BFAF9E}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BA3D52FE-CC65-4DEC-ACF6-D423A8A2A73A}] : (Acronis True Image for Crucial.-.Acronis) -> MsiExec.exe /X{BA3D52FE-CC65-4DEC-ACF6-D423A8A2A73A}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BC7BED89-618B-4E89-8ADF-75D47F276223}] : (Pinnacle Studio 15 Ultimate Collection Plugins.-.Pinnacle Systems) -> MsiExec.exe /I{BC7BED89-618B-4E89-8ADF-75D47F276223}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BCA434F2-A541-F63E-890C-F5D14E5B33D0}] : (CCC Help English.-.ATI) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C4406DB6-A28D-8047-7704-94A8DE7F6A68}] : (CCC Help Hungarian.-.ATI) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D79E2563-3FDD-0A62-187A-5BE5F920F317}] : (CCC Help Turkish.-.ATI) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D891550B-ACFE-4797-B368-BCFC434BBEB1}] : (Kaspersky Total Security.-.Kaspersky) -> MsiExec.exe /I{D891550B-ACFE-4797-B368-BCFC434BBEB1}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}] : (Asmedia ASM104x USB 3.0 Host Controller Driver.-.Asmedia Technology) -> MsiExec.exe /X{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E789702E-A3B1-41AE-89C1-0F8CF1E5DF8A}] : (Pinnacle Premium Pack Volumes 1-2.-.Corel Corporation) -> MsiExec.exe /X{E789702E-A3B1-41AE-89C1-0F8CF1E5DF8A}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}] : (Intel(R) Processor Graphics.-.Intel Corporation) -> "C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\igxpin.exe" -uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> "C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe" -r -m -nrg2709
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F538505D-D29C-6259-682C-E607D659B4B4}] : (Catalyst Control Center Graphics Previews Common.-.ATI) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F820F894-EC5F-D52A-F862-5B472EAFE69A}] : (CCC Help French.-.ATI) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}] : (Dazzle Video Capture DVC100 X64 Driver 1.08.-.Pinnacle) -> MsiExec.exe /X{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FB8387EF-D663-4152-A13E-6B963AC1052A}] : (Corel Update Manager.-.Corel corporation) -> MsiExec.exe /X{FB8387EF-D663-4152-A13E-6B963AC1052A}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FC030CB5-46A6-4229-AD6E-0AC869F509C8}] : (Pinnacle Studio Bonus Content.-.Pinnacle Systems) -> MsiExec.exe /I{FC030CB5-46A6-4229-AD6E-0AC869F509C8}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}] : (Intel(R) SDK for OpenCL - CPU Only Runtime Package.-.Intel Corporation) -> C:\Program Files (x86)\Intel\OpenCL SDK\2.0\Uninstall\setup.exe -uninstall
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FFB4E67D-DEF9-30BC-39F6-E9C1B05539F9}] : (CCC Help Japanese.-.ATI) -> 

---------- | Ports 


---------- | Installer

[HKCR\Installer\Products\00803AA6317F34BBDE2AC183F07EDF36] : Catalyst Control Center Localization All -> C:\Windows\Installer\{6AA30800-F713-BB43-EDA2-1C380FE7FD63}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\055656923648C85255ABC5F49705BDED] : CCC Help Portuguese -> C:\Windows\Installer\{29656550-8463-258C-55BA-5C4F7950DBDE}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\1077899B911FAF64FB1F8A5B39FBFAE9] : MyDVD Content Pack 2 -> C:\Windows\Installer\{B9987701-F119-46FA-BFF1-A8B593BFAF9E}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\16532378AB85B5D4ABAD7A196BD97150] : Catalyst Control Center - Branding -> C:\Windows\Installer\{87323561-58BA-4D5B-BADA-A791B69D1705}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\166F59DC4C5A5F446AAACEDD192C1472] : WinZip 24.0 -> C:\Windows\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C24127}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\206E263152693D245BF7DC9A2DF6D98A] : Pinnacle Studio 15 -> C:\Windows\Installer\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}\Studio.exe
[HKCR\Installer\Products\20ECD6840BF12694C93B24562F4D1962] : Elevated Installer -> C:\Windows\Installer\{486DCE02-1FB0-4962-9CB3-4265F2D49126}\express.ico
[HKCR\Installer\Products\27BCD19CBB5FD0149AA113F4D5B12448] : Broadcom NetLink Controller -> C:\Windows\Installer\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\2B0163E6D0340BE4183EB2758E9BEDD8] : Bonjour -> C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\Bonjour.ico
[HKCR\Installer\Products\2F337456CE22F677C9D2FCC3F4757886] : CCC Help Danish -> C:\Windows\Installer\{654733F2-22EC-776F-9C2D-CF3C4F578768}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\2F434ACB145AE36F98C05F1DE4B5330D] : CCC Help English -> C:\Windows\Installer\{BCA434F2-A541-F63E-890C-F5D14E5B33D0}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\2FB94A33F4BC45E57D5F5205C2BAB607] : ATI AVIVO64 Codecs -> C:\Windows\Installer\{33A49BF2-CB4F-5E54-D7F5-25502CAB6B70}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\300ED302293C91FFCB2AF3774577CB49] : AMD Drag and Drop Transcoding -> C:\Windows\Installer\{203DE003-C392-FF19-BCA2-3F775477BC94}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\3652E97DDDF326A081A7B55E9F023F71] : CCC Help Turkish -> C:\Windows\Installer\{D79E2563-3FDD-0A62-187A-5BE5F920F317}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\388CA4DB5FA4BB04190F130A169F85E8] : DriversCloud.com (64 bits) -> C:\Windows\Installer\{BD4AC883-4AF5-40BB-91F0-31A061F9588E}\maconfico
[HKCR\Installer\Products\38DB5F20925B3E735BFD23BA7CCE364C] : ccc-core-static -> C:\Windows\Installer\{02F5BD83-B529-37E3-B5DF-32ABC7EC63C4}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\3B3591F9EE0BC2042AF98ABA77A5D6D1] : TomTom HOME -> C:\Windows\Installer\{9F1953B3-B0EE-402C-A29F-A8AB775A6D1D}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\3EA7FCDA63E808B44906667BB46529F7] : MyDVD Content Pack 1 -> C:\Windows\Installer\{ADCF7AE3-8E36-4B80-9460-66B74B56927F}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\4562EF00773435F8554F387BE04EC437] : CCC Help Dutch -> C:\Windows\Installer\{00FE2654-4377-8F53-55F4-83B70EE44C73}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\498F028FF5CEA25D8F26B574E2FA6EA9] : CCC Help French -> C:\Windows\Installer\{F820F894-EC5F-D52A-F862-5B472EAFE69A}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\4EC82571333CBF849A4E8D147E59DCEC] : Renesas Electronics USB 3.0 Host Controller Driver -> C:\Windows\Installer\{17528CE4-C333-48FB-A9E4-D841E795CDCE}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\4EF532F66CE8BAF371934A43FB7EE672] : CCC Help Chinese Standard -> C:\Windows\Installer\{6F235FE4-8EC6-3FAB-1739-A434BFE76E27}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\52744B0D6663D294EB6F85A741DBB99D] : MSVCRT_amd64
[HKCR\Installer\Products\53DBAE6633266294A91BBA13CCB67C9D] : Xperia Companion -> C:\Windows\Installer\{66EABD35-6233-4926-9AB1-AB31CC6BC7D9}\CompanionIcon.ico
[HKCR\Installer\Products\53ECFA3535614F1998190970133F1211] : CCC Help Norwegian -> C:\Windows\Installer\{53AFCE35-1653-91F4-8991-900731F32111}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\57CBF29F0F2045D49868649EB1FE5F5C] : Pinnacle Title Extreme -> C:\Windows\Installer\{F92FBC75-02F0-4D54-8986-46E91BEFF5C5}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\5855FA2BFCAF0677C5862FCDB6ABEC74] : CCC Help Czech -> C:\Windows\Installer\{B2AF5585-FACF-7760-5C68-F2DC6BBACE47}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\5A812990327ACD34D85B163756A6E149] : Dropbox Update Helper
[HKCR\Installer\Products\5BC030CF6A649224DAE6A08C965F908C] : Pinnacle Studio Bonus Content -> C:\Windows\Installer\{FC030CB5-46A6-4229-AD6E-0AC869F509C8}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\5C13C3F8A3C98AA4E8AF1792A0A75D33] : TomTom HOME Visual Studio Merge Modules
[HKCR\Installer\Products\5C42227089C02090A917984D8A3F8E01] : CCC Help Thai -> C:\Windows\Installer\{072224C5-0C98-0902-9A71-89D4A8F3E810}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\5FE249168DC24D7468C9E2A9B80B581F] : Asmedia ASM106x SATA Host Controller Driver -> C:\Windows\Installer\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\6030E61781384634B8F8C04C9E73B6CA] : Analyseur et SDK MSXML 4.0 SP2
[HKCR\Installer\Products\609330884D6AC3546858A216011BCA27] : Pinnacle NewBlue Effects -> C:\Windows\Installer\{88033906-A6D4-453C-8685-2A6110B1AC72}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\67AF5128235BBC944BB0DC4C87C17156] : Pinnacle Hollywood FX Volumes 1-3 -> C:\Windows\Installer\{8215FA76-B532-49CB-B40B-CDC4781C1765}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\67B59CC6083D2B640922393539E884AB] : Logitech GamePanel Software 3.03.133 -> C:\Windows\Installer\{6CC95B76-D380-46B2-9022-9353938E48BA}\LGDCoreIco
[HKCR\Installer\Products\68AB67CA3301FFFF7706000000000060] : Adobe Acrobat XI Pro -> C:\Windows\Installer\{AC76BA86-1033-FFFF-7760-000000000006}\_SC_Acrobat.ico
[HKCR\Installer\Products\68AB67CA408033019195008142136144] : Adobe Refresh Manager -> C:\Windows\Installer\{AC76BA86-0804-1033-1959-001824311644}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\6BD6044CD82A74087740498AEDF7A686] : CCC Help Hungarian -> C:\Windows\Installer\{C4406DB6-A28D-8047-7704-94A8DE7F6A68}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\6E8A266FCD4F2A1409E1C8110F44DBCE] : MSXML 4.0 SP2 (KB973688)
[HKCR\Installer\Products\727090582E99CD1F5198385DCA89F6E3] : CCC Help Spanish -> C:\Windows\Installer\{85090727-99E2-F1DC-1589-83D5AC986F3E}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\777F1BD4456A99D96556278CC5FE6928] : AMD Problem Report Wizard -> C:\Windows\Installer\{4DB1F777-A654-9D99-5665-72C85CEF9682}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\7BD4C90EC03660F46A13E87A329932FA] : D3DX10
[HKCR\Installer\Products\807E9EB00CD53694C9DFA05A9190E097] : Junk Mail filter update
[HKCR\Installer\Products\82157082511CBC5488A844191A835A01] : Pinnacle MyDVD -> C:\Windows\Installer\{28075128-C115-45CB-888A-4491A138A510}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\832F0527BC850E04DB72975D4313912D] : Macrium Reflect Professional Edition -> C:\Windows\Installer\{7250F238-58CB-40E0-BD27-79D5343119D2}\Reflect.ico
[HKCR\Installer\Products\8CDD41E806AE81E43B3E917301D4B5AD] : MSVCRT110
[HKCR\Installer\Products\8E56014E2E76F84449C0FFD9C7154E3E] : Service Xperia Companion
[HKCR\Installer\Products\8E7CBA76142AD09FB040B50B4382FA69] : CCC Help Greek -> C:\Windows\Installer\{67ABC7E8-A241-F90D-0B04-5BB03428AF96}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\93B0BF4E199C7EE459DDA1A187753DD3] : Asmedia ASM104x USB 3.0 Host Controller Driver -> C:\Windows\Installer\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper
[HKCR\Installer\Products\943EA541A7745E545AC7F5B52FBB7557] : Kaspersky Secure Connection -> C:\Windows\Installer\{145AE349-477A-45E5-A57C-5F5BF2BB5775}\arp.ico
[HKCR\Installer\Products\98DEB7CBB81698E4A8FD574DF7722632] : Pinnacle Studio 15 Ultimate Collection Plugins -> C:\Windows\Installer\{BC7BED89-618B-4E89-8ADF-75D47F276223}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\9B3FE865276CA28ECB4D8A0827755812] : CCC Help Swedish -> C:\Windows\Installer\{568EF3B9-C672-E82A-BCD4-A88072578521}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\9BE9B4BF2B8624C4C8836BF5F85E5AAC] : Dazzle Video Capture DVC100 X64 Driver 1.08 -> C:\Windows\Installer\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\9C2FE8A85DF33A146B25E59E554479C1] : Pinnacle ScoreFitter Volumes 1-2 -> C:\Windows\Installer\{8A8EF2C9-3FD5-41A3-B652-5EE95544971C}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper
[HKCR\Installer\Products\A2080EA6F09328A45BB87A3FF7F18DE2] : ANT Drivers Installer x64
[HKCR\Installer\Products\A6C64DD86500CEF47BA082BB611A1FF1] : MSVCRT
[HKCR\Installer\Products\ABBD5D8406B7238B95BDEB52C2E2A532] : CCC Help Finnish -> C:\Windows\Installer\{48D5DBBA-7B60-B832-59DB-BE252C2E5A23}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\AD67B025C192B75D568D5771DCDD31B6] : AMD Software -> C:\Windows\Installer\{520B76DA-291C-D57B-65D8-7517CDDD136B}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\AEF5668B1EE4F7A49B785A605FF42222] : Backup and Sync from Google -> C:\Windows\Installer\{B8665FEA-4EE1-4A7F-B987-A506F54F2222}\DriveIcon
[HKCR\Installer\Products\AF54F094D837A4D5B6D9CD3137CA7F49] : CCC Help Polish -> C:\Windows\Installer\{490F45FA-738D-5D4A-6B9D-DC1373ACF794}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\B055198DEFCA79743B86CBCF34B4EB1B] : Kaspersky Total Security -> C:\Windows\Installer\{D891550B-ACFE-4797-B368-BCFC434BBEB1}\arp.ico
[HKCR\Installer\Products\B0ADC9F919221604584C44A157EB7631] : FOSCAM Client
[HKCR\Installer\Products\B85D9221581958F4172BB443BE8FDA71] : CCC Help Italian -> C:\Windows\Installer\{1229D58B-9185-4F85-71B2-4B34EBF8AD17}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\B9FB157332F56794AA26B14F7D19CDEF] : Photo Common
[HKCR\Installer\Products\BD691C142DE9E9440A65026E2755FB8C] : Pinnacle Studio 21 -> C:\Windows\Installer\{41C196DB-9ED2-449E-A056-20E67255BFC8}\ARPPRODUCTICON.exe1
[HKCR\Installer\Products\C61E31569CF76ED439F06BE28568370C] : Intel(R) Smart Connect Technology 2.0 x64 -> C:\Windows\Installer\{6513E16C-7FC9-4DE6-930F-B62E588673C0}\Appl.ico
[HKCR\Installer\Products\C9C2FAF695CB63D4C933C197200FD422] : Pinnacle 3D Title Editor -> C:\Windows\Installer\{6FAF2C9C-BC59-4D36-9C33-1C7902F04D22}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\CD3FE50AAFAA309634D3F083F3F5E43C] : CCC Help German -> C:\Windows\Installer\{A05EF3DC-AAFA-6903-433D-0F383F5F4EC3}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\D3D9DD10A8AF841E00D8C5FDB18E19F1] : CCC Help Korean -> C:\Windows\Installer\{01DD9D3D-FA8A-E148-008D-5CDF1BE8911F}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\D43D99E48FC1AF54BBD4BF3FE06A2EEF] : Backup and Sync from Google -> C:\Windows\Installer\{4E99D34D-1CF8-45FA-BB4D-FBF30EA6E2FE}\DriveIcon
[HKCR\Installer\Products\D505835FC92D952686C26E706D954B4B] : Catalyst Control Center Graphics Previews Common -> C:\Windows\Installer\{F538505D-D29C-6259-682C-E607D659B4B4}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\D76E4BFF9FEDCB03936F9E1C0B55939F] : CCC Help Japanese -> C:\Windows\Installer\{FFB4E67D-DEF9-30BC-39F6-E9C1B05539F9}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\DDA39468D428E8B4DB27C8D5DC5CA217] : MSXML 4.0 SP2 (KB954430)
[HKCR\Installer\Products\DFBA9841C1DD5DF4483F3B1384C60FEF] : AxCrypt 1.7.2067.0 -> C:\Windows\Installer\{1489ABFD-DD1C-4FD5-84F3-B331486CF0FE}\axcrypt.ico
[HKCR\Installer\Products\E207987E1B3AEA14981CF0C81F5EFDA8] : Pinnacle Premium Pack Volumes 1-2 -> C:\Windows\Installer\{E789702E-A3B1-41AE-89C1-0F8CF1E5DF8A}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\E2BC6C72B514020619CFABC53E9B21CA] : CCC Help Russian -> C:\Windows\Installer\{27C6CB2E-415B-6020-91FC-BA5CE3B912AC}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\E3337F2BD8C64994AA4CEF8CBEFB6911] : Kaspersky Password Manager -> C:\Windows\Installer\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}\product.ico
[HKCR\Installer\Products\E5C84384DBE19A440B4710737A838B5A] : Pinnacle Studio for Dazzle - Install Manager -> C:\Windows\Installer\{48348C5E-1EBD-44A9-B074-0137A738B8A5}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\E619B871ACCBA464281B61BFEC683EB0] : AMD Settings - Branding -> C:\Windows\Installer\{178B916E-BCCA-464A-82B1-16FBCE86E30B}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\E8FE713ABF666B494CAF690AEA1DBAF2] : CCC Help Chinese Traditional -> C:\Windows\Installer\{A317EF8E-66FB-94B6-C4FA-96A0AED1AB2F}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\EEACC25733E805ED49453B772A021539] : ccc-utility64 -> C:\Windows\Installer\{752CCAEE-8E33-DE50-9454-B377A2205193}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\EF25D3AB56CCCED4CA6F4D328A2A7AA3] : Acronis True Image for Crucial -> C:\Windows\Installer\{BA3D52FE-CC65-4DEC-ACF6-D423A8A2A73A}\product.ico
[HKCR\Installer\Products\EFC8A50A854F1374DB74106C578E49C4] : Garmin Express
[HKCR\Installer\Products\F187AF9E08E3993428A5DAE3112CC877] : MSVCRT110_amd64
[HKCR\Installer\Products\F1B12B14E059CF31757CA24CB4912632] : Catalyst Control Center Graphics Previews Vista -> C:\Windows\Installer\{41B21B1F-950E-13FC-57C7-2AC44B196223}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\F9A84C6AA49643243BAA2695B0669872] : Intel(R) Manageability Engine Firmware Recovery Agent -> C:\Windows\Installer\{A6C48A9F-694A-4234-B3AA-62590B668927}\AppIcon
[HKCR\Installer\Products\FBA1D77998047AC4AB33CC5708B8A7EC] : Intel® Trusted Connect Service Client
[HKCR\Installer\Products\FE7838BF366D25141AE3B669A31C50A2] : Corel Update Manager -> C:\Windows\Installer\{FB8387EF-D663-4152-A13E-6B963AC1052A}\ARPPRODUCTICON.exe

---------- | ADS


---------- | Drives


---------- | MBR


64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin

---------- | 20 LastEventLog

Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème n’est pas corrigé.
------------


------------

Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème n’est pas corrigé.
------------


------------

Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème n’est pas corrigé.
------------


------------

Nom de l’application défaillante wmiprvse.exe, version : 10.0.14409.1005, horodatage : 0x584a2dda
Nom du module défaillant : KERNELBASE.dll, version : 6.1.7601.24549, horodatage : 0x5e44cdcc
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000000b87d
ID du processus défaillant : 0xf4c
Heure de début de l’application défaillante : 0x01d60dd795ef76ce
Chemin d’accès de l’application défaillante : C:\Windows\system32\wbem\wmiprvse.exe
Chemin d’accès du module défaillant: C:\Windows\system32\KERNELBASE.dll
ID de rapport : e5fd98e0-79cd-11ea-a485-bc5ff45af7c4
------------

Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème n’est pas corrigé.
------------


------------


------------


------------


------------


------------

Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème n’est pas corrigé.
------------


------------

Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème n’est pas corrigé.
------------


------------

Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème n’est pas corrigé.
------------


------------


----------( EOF)---------- - 5452 | 10:13:58