--------------- QuickDiag | g3n-h@ckm@n | V7.182.21.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 01/07/2021 16:42:25 Updated 01/07/2021 | 14:40 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [jocelyn (Administrator)] - [JOBUREAU] (S-1-5-21-1042456299-3079880857-3127715329-1001) PC : FUJITSU ESPRIMO E920 x64-based PC System: Microsoft Windows 10 Professionnel - X64 - (10.0.19042) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (20H2) System: AutoReboot: False - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Professionnel|C:\Windows|\Device\Harddisk1\Partition2 Boot : Normal boot PC: ESPRIMO E920 - FUJITSU - IdNumber: YLQP028041 - UUID: 8CA23F65-8806-0E41-9042-51A1D527D936 Processor : Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz (GenuineIntel) - Clock Speed : 3301 - Socket : SOCKET 0 - Stauts : OK BIOS : FUJITSU // American Megatrends Inc. V4.6.5.4 R1.47.0 for D3222-A1x - SN : YLQP028041 - Status : OK - Version : FUJ - 1072009 - PrimaryBios : True - CurrentLanguage : en|US|iso8859-1 - OtherTargetOS : CoreTemp : 29.8 Celsius ----------| Quick ---------- | SoundDevice Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0671&SUBSYS_173411EB&REV_1000\4&1677BFC&0&0201 NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0093&SUBSYS_1043879D&REV_1001\5&287B24EA&0&0001 NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000 AnvSoft Virtual Sound Device - Status: OK - Manufacturer: AnvSoft Inc. - PNPDeviceID: ROOT\MEDIA\0000 ---------- | Video NVIDIA GeForce GTX 1650 - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_252e302997312800\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_252e302997312800\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_252e302997312800\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_252e302997312800\nvldumdx.dll - PNPDeviceID: PCI\VEN_10DE&DEV_1F0A&SUBSYS_879D1043&REV_A1\4&25880A4B&0&00E4 - AdapterCompatibility: NVIDIA - RAM: -1048576 Inegrated Video Chipset DeviceName: NVIDIA GeForce GTX 1650 - DriverVersion: 27.21.14.6231 - SpecificationVersion: 1025 ---------- | Codecs C:\Windows\system32\IMAADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 37440 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\MSRLE32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 18432 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\L3CODECA.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 93184 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK C:\Windows\system32\MSGSM32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42904 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\IYUV_32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\MSADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34600 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\MSG711.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25824 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\MSVIDC32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 39936 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\MSYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27648 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\TSBYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK ---------- | Memory Pagefile = Total (MB) : 10663 | Free (MB) : 4794 Virtual = Total (MB) : 4194 | Free (MB) : 3925 Physical Memory (MB) -------------------- Total: 8109 Available: 4452 Cached: 4383 Free: 662 System ------ Handles: 73339 Processes: 154 Threads: 2053 ---------- | SID Users Administrateur : [S-1-5-21-1042456299-3079880857-3127715329-500] DefaultAccount : [S-1-5-21-1042456299-3079880857-3127715329-503] Invité : [S-1-5-21-1042456299-3079880857-3127715329-501] jocelyn : [S-1-5-21-1042456299-3079880857-3127715329-1001] WDAGUtilityAccount : [S-1-5-21-1042456299-3079880857-3127715329-504] Administrateurs : [S-1-5-32-544] Administrateurs Hyper-V : [S-1-5-32-578] Duplicateurs : [S-1-5-32-552] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Opérateurs d'assistance de contrôle d'accès : [S-1-5-32-579] Opérateurs de chiffrement : [S-1-5-32-569] Opérateurs de configuration réseau : [S-1-5-32-556] Opérateurs de sauvegarde : [S-1-5-32-551] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs avec pouvoir : [S-1-5-32-547] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du Bureau à distance : [S-1-5-32-555] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] WinRMRemoteWMIUsers__ : [S-1-5-21-1042456299-3079880857-3127715329-1000] ---------- | Drives C:\ -> [Fixed] | [] | Total : 189.73 Go | Free : 89.71 Go -> NTFS (SSD) [SATA] D:\ -> [Fixed] | [] | Total : 286.51 Go | Free : 98.5 Go -> NTFS (SSD) [SATA] E:\ -> [Removable] | [code] | Total : 14.59 Go | Free : 10.26 Go -> NTFS [USB] H:\ -> [Fixed] | [Sauvegardes] | Total : 111.79 Go | Free : 94.69 Go -> NTFS (SSD) [SATA] Drive: 0 Cylinders: 14593 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 120034123776 bytes Drive: 1 Cylinders: 62260 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 512110190592 bytes Drive: 2 Cylinders: 1905 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 15669919744 bytes ---------- | Windows updates - Activation - License W.A.T : :) Test 1 : Windows Is Activated Test 2 : Windows Is Activated Test 3 : Windows Is Activated Volume License ---------- | Browsers IE : 11.0.19041.1 (© Microsoft Corporation. Tous droits réservés.) FF : 89.0.2.7843 (©Firefox and Mozilla Developers; available under the MPL 2 license.) Default : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" ---------- | FlashPlayer ---------- | Security AV : Malwarebytes Disabled AS : FW : Bitdefender Pare-feu Enabled WMI : OK WU: Windows Update Service [Manual(3)] = stopped AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 572 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.19041.964) = C:\Windows\System32\smss.exe [29/04/2021 16:04:33] CPU Usage:0 % 792 | [Owner : Système | Parent : 772() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.19041.546) = C:\Windows\System32\csrss.exe [02/11/2020 12:34:14] CPU Usage:0 % 884 | [Owner : Système | Parent : 772() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.19041.662) = C:\Windows\System32\wininit.exe [09/12/2020 17:17:34] CPU Usage:0 % 892 | [Owner : Système | Parent : 876() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.19041.546) = C:\Windows\System32\csrss.exe [02/11/2020 12:34:14] CPU Usage:0 % 956 | [Owner : Système | Parent : 884(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.19041.928) = C:\Windows\System32\services.exe [14/04/2021 16:41:19] CPU Usage:0 % 976 | [Owner : Système | Parent : 884(wininit.exe) | 17.8 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.19041.906) = C:\Windows\System32\lsass.exe [14/04/2021 16:41:20] CPU Usage:0 % 308 | [Owner : Système | Parent : 876() | 11.35 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.19041.906) = C:\Windows\System32\winlogon.exe [14/04/2021 16:41:27] CPU Usage:0 % 764 | [Owner : Système | Parent : 956(services.exe) | 25.44 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 1000 | [Owner : UMFD-1 | Parent : 308(winlogon.exe) | 14.76 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.19041.1081) = C:\Windows\System32\fontdrvhost.exe [27/06/2021 13:02:28] CPU Usage:0 % 1032 | [Owner : UMFD-0 | Parent : 884(wininit.exe) | 2.74 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.19041.1081) = C:\Windows\System32\fontdrvhost.exe [27/06/2021 13:02:28] CPU Usage:0 % 1120 | [Owner : SERVICE RÉSEAU | Parent : 956(services.exe) | 13.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 1168 | [Owner : Système | Parent : 956(services.exe) | 8.06 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 1236 | [Owner : DWM-1 | Parent : 308(winlogon.exe) | 65.79 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.19041.746) = C:\Windows\System32\dwm.exe [13/01/2021 11:39:09] CPU Usage:0 % 1364 | [Owner : Système | Parent : 956(services.exe) | 9.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 1396 | [Owner : Système | Parent : 956(services.exe) | 15 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 1416 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 11.47 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 1460 | [Owner : Système | Parent : 956(services.exe) | 6.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 1492 | [Owner : Système | Parent : 956(services.exe) | 13.52 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 1580 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 16.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 1604 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 5.78 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 1648 | [Owner : Système | Parent : 956(services.exe) | 359.76 Mo] - (.Bitdefender - bdservicehost.) - (25.0.7.28) = C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [20/04/2021 16:16:31] CPU Usage:0 % 1716 | [Owner : Système | Parent : 956(services.exe) | 9.62 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 1816 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 6.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 1844 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 7.91 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.19041.1) = C:\Windows\System32\WUDFHost.exe [07/12/2019 11:08:58] CPU Usage:0 % 1896 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 7.31 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 2028 | [Owner : SERVICE RÉSEAU | Parent : 956(services.exe) | 11.28 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 1568 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 6.77 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 2116 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 8.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 2136 | [Owner : Système | Parent : 956(services.exe) | 6.68 Mo] - (.Crystal Rich Ltd - USB Safely Remove assistant service.) - (6.4.2.1297) = C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [20/05/2021 09:12:58] CPU Usage:0 % 2200 | [Owner : Système | Parent : 956(services.exe) | 41.03 Mo] - (.Bitdefender - bdservicehost.) - (25.0.7.28) = C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [20/04/2021 16:16:31] CPU Usage:0 % 2208 | [Owner : Système | Parent : 956(services.exe) | 6.71 Mo] - (.Advanced Micro Devices, Inc. - AMD Crash Defender Service.) - (21.10.0.6) = C:\Windows\System32\amdfendrsr.exe [25/03/2021 13:35:56] CPU Usage:0 % 2220 | [Owner : Système | Parent : 956(services.exe) | 4.65 Mo] - (.AMD - AMD External Events Service Module.) - (6.14.11.1122) = C:\Windows\System32\atiesrxx.exe [13/01/2015 16:41:00] CPU Usage:0 % 2304 | [Owner : Système | Parent : 2220(atiesrxx.exe) | 8.78 Mo] - (.AMD - AMD External Events Client Module.) - (6.14.11.1122) = C:\Windows\System32\atieclxx.exe [13/01/2015 16:41:14] CPU Usage:0 % 2376 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 7.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 2384 | [Owner : Système | Parent : 956(services.exe) | 13.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 2392 | [Owner : Système | Parent : 956(services.exe) | 5.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 2604 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 7.01 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 2616 | [Owner : Système | Parent : 956(services.exe) | 7.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 2772 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 8.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 2848 | [Owner : Système | Parent : 956(services.exe) | 9.1 Mo] - (.Intel Corporation - igfxCUIService Module.) - (6.15.10.5171) = C:\Windows\System32\igfxCUIService.exe [16/04/2021 18:31:24] CPU Usage:0 % 2880 | [Owner : SERVICE RÉSEAU | Parent : 956(services.exe) | 9.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 2900 | [Owner : Système | Parent : 956(services.exe) | 7.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 2928 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 11.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 1216 | [Owner : Système | Parent : 956(services.exe) | 17.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 3456 | [Owner : Système | Parent : 956(services.exe) | 6.19 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 3504 | [Owner : SERVICE LOCAL | Parent : 3456(svchost.exe) | 8.22 Mo] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.19041.1) = C:\Windows\System32\dasHost.exe [07/12/2019 11:08:37] CPU Usage:0 % 3532 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 7.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 3908 | [Owner : jocelyn | Parent : 1716(svchost.exe) | 29.25 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.19041.746) = C:\Windows\System32\sihost.exe [13/01/2021 11:38:35] CPU Usage:0 % 3932 | [Owner : jocelyn | Parent : 956(services.exe) | 25.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 3964 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 19.74 Mo] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.9141) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe [02/11/2020 11:43:31] CPU Usage:0 % 3972 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 13.56 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 4068 | [Owner : jocelyn | Parent : 956(services.exe) | 30.93 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 2540 | [Owner : Système | Parent : 956(services.exe) | 14.39 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 3480 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 5.98 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 1948 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 8.84 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 4116 | [Owner : Système | Parent : 956(services.exe) | 12.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 4140 | [Owner : Système | Parent : 1396(svchost.exe) | 1.06 Mo] - (.Microsoft Corporation - Microsoft Edge Update.) - (1.3.127.15) = C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [05/07/2020 14:22:13] CPU Usage:0 % 4184 | [Owner : jocelyn | Parent : 1396(svchost.exe) | 28.87 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.19041.906) = C:\Windows\System32\taskhostw.exe [14/04/2021 16:41:30] CPU Usage:0 % 4304 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 19.15 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 4400 | [Owner : Système | Parent : 956(services.exe) | 16.69 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 4624 | [Owner : Système | Parent : 956(services.exe) | 14.07 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.19041.1052) = C:\Windows\System32\spoolsv.exe [16/06/2021 16:22:35] CPU Usage:0 % 4776 | [Owner : SERVICE RÉSEAU | Parent : 956(services.exe) | 7.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 5092 | [Owner : Système | Parent : 956(services.exe) | 10.36 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 5260 | [Owner : Système | Parent : 956(services.exe) | 8.93 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 5276 | [Owner : Système | Parent : 956(services.exe) | 14.92 Mo] - (.AOMEI International Network Limited - AOMEI Backupper Schedule task service.) - (6.1.0.0) = C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.1.0\ABService.exe [05/11/2020 11:52:21] CPU Usage:0 % 5308 | [Owner : Système | Parent : 956(services.exe) | ?????] - (.Bitdefender - bdservicehost.) - (25.0.7.28) = C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [20/04/2021 16:16:31] CPU Usage:0 % 5324 | [Owner : SERVICE RÉSEAU | Parent : 956(services.exe) | 15.13 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 5348 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 25.15 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 5356 | [Owner : Système | Parent : 956(services.exe) | 54.08 Mo] - (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - (16.0.11328.20156) = C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [26/06/2021 15:24:03] CPU Usage:0 % 5364 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 6.75 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 5392 | [Owner : Système | Parent : 956(services.exe) | 6.74 Mo] - (.FUJITSU CLIENT COMPUTING LIMITED - FUJ02E3 Device Driver - service.) - (4.3.0.0) = C:\Windows\System32\DriverStore\FileRepository\fuj02e3.inf_amd64_42f2ff7fcce64487\fuj02e3-utility.exe [29/06/2020 23:18:22] CPU Usage:0 % 5408 | [Owner : Système | Parent : 956(services.exe) | 7.68 Mo] - (.NVIDIA Corporation - NVIDIA GeForce Experience Service.) - (1.0.0.1) = C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [21/10/2020 18:46:31] CPU Usage:0 % 5420 | [Owner : Système | Parent : 956(services.exe) | 7.31 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 5488 | [Owner : Système | Parent : 956(services.exe) | 8.2 Mo] - (.Intel(R) Corporation - Intel(R) TPM Provisioning Service.) - (1.48.197.0) = C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [16/04/2021 18:29:37] CPU Usage:0 % 5556 | [Owner : Système | Parent : 956(services.exe) | ?????] - (.Malwarebytes - Malwarebytes Service.) - (3.2.0.970) = C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [25/12/2020 18:25:18] CPU Usage:0 % 5580 | [Owner : Système | Parent : 956(services.exe) | 9.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 5624 | [Owner : Système | Parent : 956(services.exe) | 12.53 Mo] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (4.0.1000.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21/10/2020 18:46:23] CPU Usage:0 % 5640 | [Owner : Système | Parent : 956(services.exe) | 16.13 Mo] - (.Bitdefender - Bitdefender Agent.) - (25.0.1.192) = C:\Program Files\Bitdefender Agent\ProductAgentService.exe [24/06/2021 09:20:01] CPU Usage:0 % 5664 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 6.23 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 5680 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 8.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 5692 | [Owner : Système | Parent : 956(services.exe) | 19.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 5744 | [Owner : Système | Parent : 956(services.exe) | 17.94 Mo] - (.Bitdefender - Bitdefender Update Service.) - (25.0.21.76) = C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [20/05/2021 10:58:05] CPU Usage:0 % 5776 | [Owner : Système | Parent : 956(services.exe) | 7.2 Mo] - (.Reason Software Company Inc. - Unchecky Service.) - (1.2.0.0) = C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [04/09/2019 16:22:37] CPU Usage:0 % 5792 | [Owner : Système | Parent : 956(services.exe) | 7.97 Mo] - (.Seed4.Me - Seed4.Me VPN Client.) - (1.0.68.0) = C:\Program Files\Seed4.Me VPN\bin\Seed4.Me_service.exe [15/03/2021 11:40:08] CPU Usage:0 % 6016 | [Owner : SERVICE RÉSEAU | Parent : 956(services.exe) | 6.92 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 6028 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 5.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 6544 | [Owner : Système | Parent : 956(services.exe) | 12.49 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 6628 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 24.44 Mo] - (.Microsoft Corporation - SMSvcHost.exe.) - (3.0.4506.9149) = C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [02/11/2020 21:10:16] CPU Usage:0 % 6652 | [Owner : Système | Parent : 956(services.exe) | 5.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 6720 | [Owner : jocelyn | Parent : 5776(unchecky_svc.exe) | 10.46 Mo] - (.Reason Software Company Inc. - Unchecky Background Process.) - (1.2.0.0) = C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe [04/09/2019 16:22:37] CPU Usage:0 % 6788 | [Owner : Système | Parent : 2200(bdservicehost.exe) | 16.03 Mo] - (.Bitdefender - Bitdefender Network OS Helper Process.) - (25.0.21.76) = C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe [20/05/2021 10:57:37] CPU Usage:0 % 7400 | [Owner : SERVICE RÉSEAU | Parent : 5624(nvstreamsvc.exe) | 11.46 Mo] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (4.0.1000.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21/10/2020 18:46:23] CPU Usage:0 % 7408 | [Owner : Système | Parent : 5624(nvstreamsvc.exe) | 16.18 Mo] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (4.0.1000.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21/10/2020 18:46:23] CPU Usage:0 % 7428 | [Owner : SERVICE RÉSEAU | Parent : 7400(nvstreamsvc.exe) | 5.47 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.19041.964) = C:\Windows\System32\conhost.exe [29/04/2021 16:04:32] CPU Usage:0 % 7436 | [Owner : Système | Parent : 7408(nvstreamsvc.exe) | 7.07 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.19041.964) = C:\Windows\System32\conhost.exe [29/04/2021 16:04:32] CPU Usage:0 % 8160 | [Owner : jocelyn | Parent : 8128() | 168.53 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.19041.1081) = C:\Windows\explorer.exe [27/06/2021 13:02:06] CPU Usage:0 % 1632 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 16.76 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 6536 | [Owner : jocelyn | Parent : 764(svchost.exe) | 7.08 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.19041.746) = C:\Windows\System32\SettingSyncHost.exe [13/01/2021 11:39:38] CPU Usage:0 % 6932 | [Owner : jocelyn | Parent : 956(services.exe) | 19.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 8592 | [Owner : jocelyn | Parent : 5556(MBAMService.exe) | 48.3 Mo] - (.Malwarebytes - Malwarebytes Tray Application.) - (4.0.0.1023) = C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [25/12/2020 18:25:18] CPU Usage:0 % 8696 | [Owner : jocelyn | Parent : 764(svchost.exe) | 48.34 Mo] - (.Microsoft Corporation -.) - (2001.22012.0.3530) = C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe [27/06/2021 13:02:53] CPU Usage:0 % 8736 | [Owner : jocelyn | Parent : 764(svchost.exe) | 67.37 Mo] - (.-.) - (0.0.0.0) = C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe [11/11/2020 10:34:46] CPU Usage:0 % 3240 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 9.52 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 9540 | [Owner : Système | Parent : 4176() | 0.29 Mo] - (.Google LLC - Google Crash Handler.) - (1.3.36.81) = C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe [30/06/2021 10:51:20] CPU Usage:0 % 9564 | [Owner : Système | Parent : 4176() | 0.25 Mo] - (.Google LLC - Google Crash Handler.) - (1.3.36.81) = C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe [30/06/2021 10:51:20] CPU Usage:0 % 9932 | [Owner : Système | Parent : 764(svchost.exe) | 11.03 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.19041.546) = C:\Windows\System32\dllhost.exe [02/11/2020 12:34:07] CPU Usage:0 % 3372 | [Owner : jocelyn | Parent : 8160(explorer.exe) | 19.47 Mo] - (.NVIDIA Corporation - NVIDIA Backend.) - (17.12.8.0) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [21/10/2020 18:46:18] CPU Usage:0 % 10004 | [Owner : jocelyn | Parent : 8160(explorer.exe) | 30.64 Mo] - (.- Rainlendar2.) - (2.15.4.0) = C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [31/03/2020 20:45:40] CPU Usage:0 % 10080 | [Owner : jocelyn | Parent : 8160(explorer.exe) | 18.15 Mo] - (.Crystal Rich Ltd - USB Safely Remove.) - (6.4.2.1297) = C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe [20/05/2021 09:12:58] CPU Usage:0 % 10064 | [Owner : jocelyn | Parent : 768() | 8.3 Mo] - (.Piriform Software Ltd - CCleaner.) - (5.82.0.8950) = C:\Program Files\CCleaner\CCleaner64.exe [17/06/2021 01:30:22] CPU Usage:0 % 2856 | [Owner : jocelyn | Parent : 8160(explorer.exe) | 22.07 Mo] - (.Seed4.Me - Seed4.Me VPN Client.) - (1.0.68.0) = C:\Program Files\Seed4.Me VPN\bin\Seed4.Me_VPN.exe [15/03/2021 11:40:12] CPU Usage:0 % 8572 | [Owner : jocelyn | Parent : 8160(explorer.exe) | 73.5 Mo] - (.Steganos Software GmbH - Steganos Password Manager.) - (20.0.10.12601) = C:\Program Files (x86)\Steganos Password Manager 20\PasswordManager.exe [09/03/2020 16:01:42] CPU Usage:0 % 9572 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 9860 | [Owner : jocelyn | Parent : 8572(PasswordManager.exe) | 6.69 Mo] - (.Steganos Software GmbH - Steganos Password Manager Chrome Autofill Relay.) - (20.0.10.12601) = C:\Program Files (x86)\Steganos Password Manager 20\passwordmanagercom.exe [09/03/2020 16:01:34] CPU Usage:0 % 3384 | [Owner : jocelyn | Parent : 8160(explorer.exe) | 63.99 Mo] - (.Microsoft Corporation - Gadgets du Bureau Windows.) - (6.2.8400.0) = C:\Program Files\Windows Sidebar\sidebar.exe [29/04/2021 17:01:14] CPU Usage:4 % 10256 | [Owner : Système | Parent : 956(services.exe) | 8.69 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 10384 | [Owner : jocelyn | Parent : 5380() | 23.96 Mo] - (.QFX Software Corporation - KeyScrambler.) - (3.15.0.0) = C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe [05/08/2020 02:08:42] CPU Usage:0 % 10528 | [Owner : jocelyn | Parent : 10384(KeyScrambler.exe) | 8.86 Mo] - (.QFX Software Corporation - KeyScrambler.) - (3.15.0.0) = C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe [05/08/2020 02:08:42] CPU Usage:0 % 11016 | [Owner : jocelyn | Parent : 10996() | 318.56 Mo] - (.Mozilla Corporation - Firefox.) - (89.0.2.7843) = C:\Program Files\Mozilla Firefox\firefox.exe [26/06/2021 23:09:26] CPU Usage:2 % 11140 | [Owner : jocelyn | Parent : 11016(firefox.exe) | 94.32 Mo] - (.Mozilla Corporation - Firefox.) - (89.0.2.7843) = C:\Program Files\Mozilla Firefox\firefox.exe [26/06/2021 23:09:26] CPU Usage:0 % 10468 | [Owner : jocelyn | Parent : 11016(firefox.exe) | 204 Mo] - (.Mozilla Corporation - Firefox.) - (89.0.2.7843) = C:\Program Files\Mozilla Firefox\firefox.exe [26/06/2021 23:09:26] CPU Usage:4 % 1388 | [Owner : jocelyn | Parent : 11016(firefox.exe) | 64.36 Mo] - (.Mozilla Corporation - Firefox.) - (89.0.2.7843) = C:\Program Files\Mozilla Firefox\firefox.exe [26/06/2021 23:09:26] CPU Usage:0 % 4996 | [Owner : jocelyn | Parent : 11016(firefox.exe) | 78.28 Mo] - (.Mozilla Corporation - Firefox.) - (89.0.2.7843) = C:\Program Files\Mozilla Firefox\firefox.exe [26/06/2021 23:09:26] CPU Usage:0 % 11152 | [Owner : jocelyn | Parent : 11016(firefox.exe) | 154.81 Mo] - (.Mozilla Corporation - Firefox.) - (89.0.2.7843) = C:\Program Files\Mozilla Firefox\firefox.exe [26/06/2021 23:09:26] CPU Usage:0 % 11448 | [Owner : jocelyn | Parent : 764(svchost.exe) | 8.64 Mo] - (.Microsoft Corporation - Component Package Support Server.) - (10.0.19041.746) = C:\Windows\System32\CompPkgSrv.exe [13/01/2021 11:37:54] CPU Usage:0 % 11484 | [Owner : jocelyn | Parent : 764(svchost.exe) | 7.49 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [13/01/2021 11:38:23] CPU Usage:0 % 11752 | [Owner : jocelyn | Parent : 1648(bdservicehost.exe) | 48.92 Mo] - (.Bitdefender - Bitdefender agent.) - (25.0.21.76) = C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [20/05/2021 10:57:34] CPU Usage:0 % 12272 | [Owner : jocelyn | Parent : 11016(firefox.exe) | 34.4 Mo] - (.Mozilla Corporation - Firefox.) - (89.0.2.7843) = C:\Program Files\Mozilla Firefox\firefox.exe [26/06/2021 23:09:26] CPU Usage:0 % 7804 | [Owner : Système | Parent : 956(services.exe) | 11.45 Mo] - (.Bitdefender - Bitdefender redline update.) - (1.0.1.42) = C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [18/09/2019 15:36:51] CPU Usage:0 % 10788 | [Owner : Système | Parent : 956(services.exe) | 11.68 Mo] - (.Bitdefender - Bitdefender redline update.) - (1.0.1.42) = C:\Program Files\Bitdefender Agent\redline\bdredline.exe [24/06/2021 09:20:00] CPU Usage:0 % 11344 | [Owner : Système | Parent : 956(services.exe) | ?????] - (.Microsoft Corporation - Service Broker du moniteur d'exécution System Guard.) - (10.0.19041.546) = C:\Windows\System32\SgrmBroker.exe [02/11/2020 12:36:17] CPU Usage:0 % 11640 | [Owner : Système | Parent : 956(services.exe) | 11.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 10248 | [Owner : Système | Parent : 956(services.exe) | 9.11 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 11156 | [Owner : SERVICE LOCAL | Parent : 956(services.exe) | 7.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 1952 | [Owner : Système | Parent : 956(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.18.1907.16384) = C:\Windows\System32\SecurityHealthService.exe [29/04/2021 16:04:32] CPU Usage:0 % 10244 | [Owner : jocelyn | Parent : 764(svchost.exe) | 72.41 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.19041.610) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [11/11/2020 10:36:12] CPU Usage:0 % 1628 | [Owner : jocelyn | Parent : 764(svchost.exe) | 25.52 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.19041.746) = C:\Windows\System32\ApplicationFrameHost.exe [13/01/2021 11:38:58] CPU Usage:0 % 1288 | [Owner : jocelyn | Parent : 8160(explorer.exe) | 238.68 Mo] - (.Mozilla Corporation - Thunderbird.) - (78.11.0.7818) = C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [14/06/2021 17:51:09] CPU Usage:0 % 3720 | [Owner : jocelyn | Parent : 956(services.exe) | 8.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 11980 | [Owner : jocelyn | Parent : 956(services.exe) | 16.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 7372 | [Owner : jocelyn | Parent : 1648(bdservicehost.exe) | 28.25 Mo] - (.Bitdefender - Bitdefender Wallet Agent.) - (25.0.21.76) = C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe [20/05/2021 10:57:41] CPU Usage:0 % 11324 | [Owner : SERVICE RÉSEAU | Parent : 956(services.exe) | 8.68 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 2988 | [Owner : jocelyn | Parent : 11016(firefox.exe) | 75.54 Mo] - (.Mozilla Corporation - Firefox.) - (89.0.2.7843) = C:\Program Files\Mozilla Firefox\firefox.exe [26/06/2021 23:09:26] CPU Usage:0 % 6352 | [Owner : Système | Parent : 956(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 2108 | [Owner : Système | Parent : 956(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [02/11/2020 12:34:06] CPU Usage:0 % 9212 | [Owner : jocelyn | Parent : 764(svchost.exe) | 37.73 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.19041.1052) = C:\Windows\System32\smartscreen.exe [16/06/2021 16:22:38] CPU Usage:0 % 2100 | [Owner : jocelyn | Parent : 8160(explorer.exe) | 59.91 Mo] - (.SosVirus - QuickDiag.) - (7.182.21.1) = C:\Users\jo\Desktop\QuickDiag_NoMSI.exe [01/07/2021 16:39:06] CPU Usage:0 % 10512 | [Owner : Système | Parent : 764(svchost.exe) | 10.33 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.19041.546) = C:\Windows\System32\wbem\WmiPrvSE.exe [02/11/2020 12:33:42] CPU Usage:0 % 10540 | [Owner : SERVICE RÉSEAU | Parent : 764(svchost.exe) | 11.4 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.19041.546) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [02/11/2020 12:35:13] CPU Usage:0 % ---------- | Locked Applications ---------- | Policy Restrictions ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\Windows\SYSTEM32\UMPDC.dll (..-..) - (0.0.0.0) -- C:\Windows\SYSTEM32\TextShaping.dll (.NVIDIA Corporation.-.NVIDIA Driver Loader, Version 462.31.) - (27.21.14.6231) -- C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_252e302997312800\nvldumdx.dll (.NVIDIA Corporation.-.NVIDIA D3D10 Driver, Version 462.31.) - (27.21.14.6231) -- C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_252e302997312800\nvwgf2umx_cfg.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\WindowManagementAPI.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\VirtualMonitorManager.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\Windows.Internal.UI.Shell.WindowTabManager.dll (.Helmut Buhler.-.This keeps sidebar.exe running in Windows 8 and 10 and manages 3rd-party gadgets.) - (1.0.0.0) -- C:\Program Files\Windows Sidebar\dwmapi.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellExperiences\TileControl.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellComponents\TaskFlowUI.dll (.Alexander Roshal.-.WinRAR shell extension.) - (6.2.0.0) -- C:\Program Files (x86)\WinRAR\rarext64.dll (.The ICU Project.-.ICU Combined Library.) - (64.2.0.0) -- C:\Windows\System32\icu.dll (.Malwarebytes.-.Malwarebytes.) - (3.0.0.79) -- C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll (.Bitdefender.-.BdShellExtensions Module.) - (25.0.14.54) -- C:\Program Files\Bitdefender\Bitdefender Security\bdshellext.dll (.Sysprogs OU.-.WinCDEmu Explorer context menu module.) - (4.0.0.0) -- C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll (.VS Revo Group.-.Revo Uninstaller Pro Extension.) - (1.0.0.5) -- C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll (.NVIDIA Corporation.-.NVIDIA Shell Extensions.) - (6.14.14.6231) -- C:\WINDOWS\system32\nv3dappshext.dll (.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 462.31.) - (27.21.14.6231) -- C:\Windows\SYSTEM32\nvapi64.dll ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\Windows\system32\UMPDC.dll ---------- | svchost.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- c:\windows\system32\UMPDC.dll (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.29.0.0) -- c:\windows\system32\winsqlite3.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\usocoreps.dll (.Bitdefender S.R.L. Bucharest, ROMANIA.-.Bitdefender Active Threat Control Usermode Filter.) - (1.40.291.0) -- C:\Program Files\Bitdefender\Bitdefender Security\atcuf\265268031422755445\atcuf64.dll ---------- | Windows Installer Installations (Microsoft Corporation) Microsoft XML Parser - Install. : 12/02/2021 - Package : C:\WINDOWS\Installer\5e8432d.msi (Microsoft Corporation) Contrôle d’intégrité du PC Windows - Install. : 29/06/2021 - Package : C:\Windows\Installer\3263ec0.msi (Microsoft Game Studios) MSXML4 Parser - Install. : 29/03/2021 - Package : C:\WINDOWS\Installer\7768.msi (Microsoft Corporation) Microsoft Application Error Reporting - Install. : 21/01/2021 - Package : C:\WINDOWS\Installer\1697f76d.msi (Microsoft Corporation) Microsoft Office SharePoint Designer 2010 - Install. : 27/05/2021 - Package : C:\WINDOWS\Installer\507bd.msi (Microsoft Corporation) Microsoft Office SharePoint Designer MUI (French) 2010 - Install. : 27/05/2021 - Package : C:\WINDOWS\Installer\50782.msi (Microsoft Corporation) Microsoft Office Office 64-bit Components 2010 - Install. : 27/05/2021 - Package : C:\WINDOWS\Installer\507b0.msi (Microsoft Corporation) Microsoft Office Shared 64-bit MUI (French) 2010 - Install. : 27/05/2021 - Package : C:\WINDOWS\Installer\50787.msi (Microsoft Corporation) Microsoft Office Proofing (French) 2010 - Install. : 27/05/2021 - Package : C:\WINDOWS\Installer\507aa.msi (Microsoft Corporation) Microsoft Office Shared MUI (French) 2010 - Install. : 27/05/2021 - Package : C:\WINDOWS\Installer\5077d.msi (Microsoft Corporation) Microsoft Office Proof (Arabic) 2010 - Install. : 27/05/2021 - Package : C:\WINDOWS\Installer\507a5.msi (Microsoft Corporation) Microsoft Office Proof (Dutch) 2010 - Install. : 27/05/2021 - Package : C:\WINDOWS\Installer\5078c.msi (Microsoft Corporation) Microsoft Office Proof (German) 2010 - Install. : 27/05/2021 - Package : C:\WINDOWS\Installer\50791.msi (Microsoft Corporation) Microsoft Office Proof (English) 2010 - Install. : 27/05/2021 - Package : C:\WINDOWS\Installer\507a0.msi (Microsoft Corporation) Microsoft Office Proof (Spanish) 2010 - Install. : 27/05/2021 - Package : C:\WINDOWS\Installer\50796.msi (Microsoft Corporation) Microsoft Office Proof (French) 2010 - Install. : 27/05/2021 - Package : C:\WINDOWS\Installer\5079b.msi (Microsoft Corporation) Office 16 Click-to-Run Extensibility Component - Install. : 26/06/2021 - Package : c:\Windows\Installer\159958.msi (Microsoft Corporation) Office 16 Click-to-Run Localization Component - Install. : 26/06/2021 - Package : c:\Windows\Installer\15997d.msi (Microsoft Corporation) Office 16 Click-to-Run Extensibility Component 64-bit Registration - Install. : 26/06/2021 - Package : c:\Windows\Installer\15995e.msi () Office 16 Click-to-Run Licensing Component - Install. : 20/05/2021 - Package : c:\WINDOWS\Installer\b3586.msi (Microsoft Corporation) Office 16 Click-to-Run Licensing Component - Install. : 26/06/2021 - Package : c:\Windows\Installer\159984.msi (Microsoft Corporation) Windows Live SOXE Definitions - Install. : 21/01/2021 - Package : C:\WINDOWS\Installer\1697f770.msi (Microsoft Corporation) Windows Live SOXE - Install. : 21/01/2021 - Package : C:\WINDOWS\Installer\1697f773.msi (Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - Install. : 01/12/2019 - Package : C:\WINDOWS\Installer\158fff4c.msi (Microsoft Corporation) Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 - Install. : 01/10/2019 - Package : C:\WINDOWS\Installer\45f0641.msi (Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 - Install. : 09/09/2019 - Package : C:\WINDOWS\Installer\ff5c009.msi (Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - Install. : 03/06/2020 - Package : C:\WINDOWS\Installer\4904c4f.msi (Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] - Install. : 21/01/2021 - Package : C:\WINDOWS\Installer\1697f785.msi (Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - Install. : 09/09/2019 - Package : C:\WINDOWS\Installer\ff5bffe.msi (Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - Install. : 30/05/2020 - Package : C:\WINDOWS\Installer\17ee1f.msi (Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.24.28127 - Install. : 24/01/2020 - Package : C:\WINDOWS\Installer\29b32167.msi (Cybelsoft) DriversCloud.com - Install. : 29/06/2021 - Package : C:\Windows\Installer\3b05275.msi (Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 - Install. : 01/10/2019 - Package : C:\WINDOWS\Installer\45f0623.msi (Microsoft Corporation) Windows Live Photo Common - Install. : 21/01/2021 - Package : C:\WINDOWS\Installer\1697f782.msi (Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Install. : 09/09/2019 - Package : C:\WINDOWS\Installer\ff5c049.msi (Microsoft Corporation) Microsoft Update Health Tools - Install. : 14/06/2021 - Package : C:\WINDOWS\Installer\b3594e.msi (Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime - Install. : 22/10/2020 - Package : C:\WINDOWS\Installer\3cf0211.msi (Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - Install. : 03/12/2019 - Package : C:\WINDOWS\Installer\5ca202.msi (Adobe Systems Incorporated) Adobe Refresh Manager - Install. : 12/02/2021 - Package : C:\WINDOWS\Installer\4d3938b.msi (Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA - Install. : 09/09/2019 - Package : C:\WINDOWS\Installer\ff5c069.msi (Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - Install. : 03/12/2019 - Package : C:\WINDOWS\Installer\5ca208.msi (Microsoft) D3DX10 - Install. : 21/01/2021 - Package : C:\WINDOWS\Installer\1697f77c.msi (Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 - Install. : 01/10/2019 - Package : C:\WINDOWS\Installer\45f05e9.msi (Microsoft Corporation) Windows Live Communications Platform - Install. : 21/01/2021 - Package : C:\WINDOWS\Installer\1697f776.msi (Oracle Corporation) Oracle VM VirtualBox 6.1.22 - Install. : 14/06/2021 - Package : C:\WINDOWS\Installer\10aec7.msi (Microsoft Corporation) Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 - Install. : 01/10/2019 - Package : C:\WINDOWS\Installer\45f0649.msi (Microsoft Corporation) Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.24.28127 - Install. : 24/01/2020 - Package : C:\WINDOWS\Installer\29b32151.msi (Microsoft) MSVCRT110 - Install. : 21/01/2021 - Package : C:\WINDOWS\Installer\1697f764.msi (Microsoft Corporation) Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.27.29112 - Install. : 25/03/2021 - Package : C:\WINDOWS\Installer\33833856.msi () - Install. : // - Package : (Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - Install. : 30/05/2020 - Package : C:\WINDOWS\Installer\17ee24.msi (Microsoft) MSVCRT - Install. : 21/01/2021 - Package : C:\WINDOWS\Installer\1697f761.msi (Microsoft Corporation) Windows Live PIMT Platform - Install. : 21/01/2021 - Package : C:\WINDOWS\Installer\1697f779.msi (Nero AG) ImagXpress - Install. : 23/12/2019 - Package : C:\WINDOWS\Installer\1015e97.msi (Microsoft Corporation) Photo Common - Install. : 21/01/2021 - Package : C:\WINDOWS\Installer\1697f794.msi (Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 - Install. : 01/10/2019 - Package : C:\WINDOWS\Installer\45f05f7.msi (Microsoft Corporation) Windows Live Installer - Install. : 21/01/2021 - Package : C:\WINDOWS\Installer\1697f76a.msi (Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - Install. : 24/12/2019 - Package : C:\WINDOWS\Installer\5d2659b.msi (Microsoft Corporation) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 - Install. : 01/10/2019 - Package : C:\WINDOWS\Installer\45f05e2.msi (8GadgetPack.net) 8GadgetPack - Install. : 29/04/2021 - Package : C:\WINDOWS\Installer\2fd5cd.msi (Microsoft Corporation) Windows Live - Install. : 21/01/2021 - Package : C:\WINDOWS\Installer\1697f791.msi (Microsoft Corporation) Windows Live UX Platform - Install. : 21/01/2021 - Package : C:\WINDOWS\Installer\1697f77f.msi (Microsoft Corporation) Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 - Install. : 01/10/2019 - Package : C:\WINDOWS\Installer\45f0603.msi (Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - Install. : 01/12/2019 - Package : C:\WINDOWS\Installer\158fff47.msi (Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.27.29112 - Install. : 25/03/2021 - Package : C:\WINDOWS\Installer\3383386c.msi (Microsoft Corporation) Microsoft Silverlight - Install. : 01/10/2019 - Package : C:\WINDOWS\Installer\45f05cf.msi (Microsoft Corporation) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 - Install. : 01/10/2019 - Package : C:\WINDOWS\Installer\45f05f0.msi (Microsoft Corporation) Windows Live UX Platform Language Pack - Install. : 21/01/2021 - Package : C:\WINDOWS\Installer\1697f78e.msi (Microsoft Corporation) Photo Gallery - Install. : 21/01/2021 - Package : C:\WINDOWS\Installer\1697f788.msi (Nero AG) neroxml - Install. : 23/12/2019 - Package : C:\WINDOWS\Installer\1015e92.msi (Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh - Install. : 11/03/2020 - Package : C:\WINDOWS\Installer\1c22b7c.msi (Microsoft) MSVCRT110_amd64 - Install. : 21/01/2021 - Package : C:\WINDOWS\Installer\1697f767.msi (Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) - Install. : 12/01/2020 - Package : C:\WINDOWS\Installer\a5fbd95.msi (Microsoft Corporation) Galerie de photos - Install. : 21/01/2021 - Package : C:\WINDOWS\Installer\1697f797.msi ---------- | Windows Updates KB5003537 - Installed On : 06/22/2021 - [Update] KB4562830 - Installed On : 12/09/2020 - [Update] KB4577266 - Installed On : 11/02/2020 - [Security Update] KB4577586 - Installed On : 05/27/2021 - [Update] KB4580325 - Installed On : 11/02/2020 - [Security Update] KB4586864 - Installed On : 11/11/2020 - [Security Update] KB4593175 - Installed On : 12/09/2020 - [Security Update] KB4598481 - Installed On : 01/13/2021 - [Security Update] KB5003690 - Installed On : 06/27/2021 - [Update] KB5003742 - Installed On : 06/27/2021 - [Security Update] ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up [HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[OneDriveSetup] : C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[OneDriveSetup] : C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup C:\Users\jo\AppAdata\Roaming\Microsoft\Start Menu\Programs\Startup\Sidebar723.lnk|Sidebar723 : Sidebar723.lnk [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Rainlendar2] : C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[CCleaner Smart Cleaning] : "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[USB Safely Remove] : "C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe" /startup [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Seed4Me] : "C:\Program Files\Seed4.Me VPN\bin\Seed4.Me_VPN.exe" [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[SPM20_PasswordManager_Agent] : "C:\Program Files (x86)\Steganos Password Manager 20\PasswordManager.exe" -agent [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[RoboForm] : "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[NvBackend] : "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[ShadowPlay] : C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[RTHDVCPL] : "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Rainlendar2"=C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [31/03/2020 20:45:40] "CCleaner Smart Cleaning"="C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR "USB Safely Remove"="C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe" /startup "Seed4Me"="C:\Program Files\Seed4.Me VPN\bin\Seed4.Me_VPN.exe" "SPM20_PasswordManager_Agent"="C:\Program Files (x86)\Steganos Password Manager 20\PasswordManager.exe" -agent "RoboForm"="C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "Rainlendar2"=0x020000000000000000000000 "antMR"=0x0300000020673BAD9F82D501 "DriverMax_RESTART"=0x03000000E0CFB3B19F82D501 "CCleaner Smart Cleaning"=0x020000000000000000000000 "RoboForm"=0x03000000E08A1EA825EFD501 "SharewareOnSale Notifier"=0x020000000000000000000000 "EPSON SX218 Series"=0x0300000000DF9BE35BC8D501 "NordVPN"=0x020000000000000000000000 "Seed4Me"=0x020000000000000000000000 "SPM20_PasswordManager_Agent"=0x020000000000000000000000 "USB Safely Remove"=0x020000000000000000000000 [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=EPSON SX218 Series,winspool,Ne02: "IsMRUEstablished"=1 "LegacyDefaultPrinterMode"=1 "MenuDropAlignment"=0 [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"=C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "SecurityHealth"=0x040000000000000000000000 "RTHDVCPL"=0x0300000090C8EF957B92D501 "NvBackend"=0x020000000000000000000000 "ShadowPlay"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "KeyScrambler"=0x020000000000000000000000 "SunJavaUpdateSched"=0x020000000000000000000000 "MalTray"=0x03000000E02019E05BC8D501 "OKAYFREEDOM Notifier"=0x030000005061BCDC5BC8D501 "SPM20 Notifier"=0x03000000F045E4DA5BC8D501 "SPM20 Chrome Autofill Relay"=0x030000005050C2D85BC8D501 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D76B43E5F263F2 [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "SPM20 Notifier"="C:\Program Files (x86)\Steganos Password Manager 20\Notifier.exe" "KeyScrambler"=C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Wininit.ini : [Rename] NUL=C:\Users\jo\AppData\Local\Temp\nseE47B.tmp\uac.dll NUL=C:\Users\jo\AppData\Local\Temp\nseE47B.tmp\ NUL=C:\Users\jo\AppData\Local\Temp\nseD239.tmp\uac.dll NUL=C:\Users\jo\AppData\Local\Temp\nseD239.tmp\ ---------- | Win.ini : ---------- | System.ini : ---------- | Config.sys : ---------- | Tasks List Adobe Acrobat Update Task AOMEI Synchronisation de Dossiers 2021-06-29, 11-49-47 Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C CCleaner Update CCleanerSkipUAC Driver Booster SkipUAC (jocelyn) eM Client Database Backup (S-1-5-21-1042456299-3079880857-3127715329-1001) GoogleUpdateTaskMachineCore GoogleUpdateTaskMachineUA MicrosoftEdgeUpdateTaskMachineCore MicrosoftEdgeUpdateTaskMachineCore1d6b13348368a36 MicrosoftEdgeUpdateTaskMachineUA OneDrive Standalone Update Task-S-1-5-21-1042456299-3079880857-3127715329-1001 Open URL by RoboForm Run RoboForm TaskBar Icon User_Feed_Synchronization-{B60A3D89-99FE-4DE1-8462-4DA45E93CE01} ---------- | Startings up registry ¦ Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=DeviceInstall UsoSvc gpsvc trustedinstaller "SvcHostSplitThresholdInKB"=3670016 "WaitToKillServiceTimeout"=2000 "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(2)partition(2) "FirmwareBootDevice"=multi(0)disk(0)rdisk(2)partition(3) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=14 "ServicesPipeTimeout"=180000 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [01/03/2015 11:01:37] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "LsaCfgFlagsDefault"=0 "LsaPid"=976 "ProductType"=6 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 "SecureBoot"=1 [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"= bddel.exe "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "GlobalFlag2"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "ResourceTimeoutCount"=150 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "AutoChkSkipSystemPartition"=0 [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "RailShowallNotifyIcons"=1 "RDPVGCInstalled"=1 "InstanceID"=342de12d-580a-4603-9db2-0ea9b95 "GlassSessionId"=1 ---------- | .LNK with Arguments ---------- | AppCertDlls ---------- | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretTimeout"=5000 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "ScreenSaveActive"=1 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "WallPaper"=D:\téléchargements\pcastuces.com\pca11492_fleurs_pourpres.jpg "AutoColorization"=0 "ImageColor"=2940843252 "LastUpdated"=4294967295 "MaxMonitorDimension"=1920 "MaxVirtualDesktopDimension"=1920 "Pattern Upgrade"=TRUE "TranscodedImageCache"=0x7AC3010098BA02008007000038040000876E66DFF0DCD50144003A005C007400E9006C00E9006300680061007200670065006D0065006E00740073005C007000630061007300740075006300650073002E0063006F006D005C00700063006100310031003400390032005F0066006C0065007500720073005F0070006F007500720070007200650073002E006A0070006700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "TranscodedImageCount"=1 "UserPreferencesMask"=0x9E1E078012000000 "Win8DpiScaling"=0 "DpiScalingVer"=4096 "WaitToKillAppTimeout"=2000 "PreferredUILanguages"=fr-FR "LockScreenAutoLockActive"=0 "WaitToKillServiceTimeout"=5000 "ScreenSaverIsSecure"=0 "ScreenSaveTimeOut"=60 "HungAppTimeout"=2000 [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoSimpleNetIDList"=1 "NoDriveTypeAutoRun"=145 "NoLowDiskSpaceChecks"=1 "NoDrives"=16 [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "EdgeDesktopShortcutCreated"=1 "ShellState"=0x240000003D28010000000000000000000000000001000000130000000000000062000000 "ExplorerStartupTraceRecorded"=1 "UserSignedIn"=1 "SlowContextMenuEntries"=0x9616C9474C89A146B1962C7CA1952F4560390000DC15552C7E2AFD4BB813CACC2B685EB76B3200001A58CE57B60C66429CA019364C90A0B314500000D530A6A26F033945BD997923AD830433CD890100CD1F90A9DFB4A143BD5D6C9F88679497C5570000 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "TelemetrySalt"=6 "GlobalAssocChangedCounter"=1142 "FirstRunTelemetryComplete"=1 "AppReadinessLogonComplete"=1 "PostAppInstallTasksCompleted"=1 "Browse For Folder Width"=347 "Browse For Folder Height"=350 "link"=0x1E000000 "ScreenshotIndex"=5 "ExcludedFromStableAnaheimDownloadPromotionSL"=1 [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "EnableStartMenu"=1 "Start_TrackProgs"=0 "StoreAppsOnTaskbar"=1 "ServerAdminUI"=0 "Hidden"=0 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "ListviewAlphaSelect"=0 "ListviewShadow"=1 "TaskbarAnimations"=0 "StartMenuInit"=13 "TaskbarStateLastRun"=0xC3D4D96000000000 "ShowCortanaButton"=0 "ReindexedProfile"=1 "TaskbarSmallIcons"=0 "ExtendedUIHoverTime"=0 "DesktopLivePreviewHoverTime"=0 "nonetcrawling"=1 "TaskbarSizeMove"=1 "DisablePreviewDesktop"=1 "TaskbarGlomLevel"=0 "EnableBalloonTips"=0 "ShowTaskViewButton"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "ConsentPromptBehaviorAdmin"=0 "PromptOnSecureDesktop"=0 "undockwithoutlogon"=1 "EnableLinkedConnections"=1 "DisableAutomaticRestartSignOn"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "AccessDeniedDialog"={100B4FC8-74C1-470F-B1B7-DD7B6BAE79BD} "SmartScreenEnabled"=Prompt "GlobalAssocChangedCounter"=25 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "ConsentPromptBehaviorAdmin"=0 "PromptOnSecureDesktop"=0 "undockwithoutlogon"=1 "EnableLinkedConnections"=1 "DisableAutomaticRestartSignOn"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "AccessDeniedDialog"={100B4FC8-74C1-470F-B1B7-DD7B6BAE79BD} "MaxCachedTiles20X"=NWSNLBHZQZOX44173 "GlobalAssocChangedCounter"=79 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=19042 "FirstLogon"=0 "PUUActive"=0x23E86B5701000C00EB006D041909240050C6240050C62400D200000001004C009D07698642380C018A6C43000551180084CA170079590000000000000000000000000000C78B35004AF60000B40C00005076D48F866ED70119092400000000000100000019092400614A000089450000E4C9490000000000 "DP"=0xD200E80088010C00EA00000023E86B578032300000000000DC80CF88806ED70108861B2E796ED701C57B320000000000000000000000000000000000000000004B6816000000000000000000000000000000000000000000000000000000F03F80510100D3390180A9218009E9258009D96200004220480043204808F1F0000010910011109100312DA000C012433168164371685DC4000001028A5225128B52CC0700008C2808328C6A283AEE5400C0490142344D416234D72500404206202862262028E2B200C01F24690C1F26690C658E008030840C2732968C27385B00000004B1640004B564 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "Userinit"=C:\WINDOWS\system32\userinit.exe, "LastLogOffEndTimePerfCounter"=645599510007 "ShutdownFlags"=2147483687 "AutoAdminLogon"=1 "DefaultDomainName"=JOBUREAU "DefaultUserName"=jocelyn "ShutdownWithoutLogon"=0 "DisableCad"=1 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-21-1042456299-3079880857-3127715329-1001 "LastUsedUsername"=jocelyn [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=userinit.exe "allocatecdroms"=1 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""="%SystemRoot%\system32\NOTEPAD.EXE" %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""="%SystemRoot%\system32\NOTEPAD.EXE" %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Firefox-E7CF176E110C211B\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\Firefox-E7CF176E110C211B\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [07/12/2019 16:51:18] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\Clients\StartMenuInternet\Microsoft Edge\Shell\open\Command] ""="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" [HKLM\Software\Clients\StartMenuInternet\Microsoft Edge\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-E7CF176E110C211B\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-E7CF176E110C211B\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [07/12/2019 16:51:18] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Microsoft Edge\Shell\open\Command] ""="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Microsoft Edge\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --make-default-browser ---------- | AppcompatFlags [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe"=33 "C:\Program Files (x86)\Realtek\NICDRV_8169\RTINSTALLER64.EXE"=1 [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Program Files (x86)\SoftChris\Finance 2003\Finance2003.exe"=0x5341435001000000000000000700000028000000003E2000000000000100000000000000000001056120000050BB64EDDDACD50100000000000000000200000028000000000000000000000000440000000000000000000000000000291A850000000000E6000000E6000000 "C:\Users\jo\AppData\Local\JDownloader 2.0\JDownloader2.exe"=0x534143500100000000000000070000002800000018690600E645070001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000009810E305000000004900000049000000 "SIGN.MEDIA=EB2BE8 Office\Setup64.exe"=0x534143500100000000000000070000002800000008F47400688D750001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000391E0600000000000100000001000000 "C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe"=0x5341435001000000000000000700000028000000C00307006FDA070001000000000000000000000A00210000631F6E6F0EDED4010000000000000000 "C:\Program Files\Bitdefender\Bitdefender Security\obk.exe"=0x5341435001000000000000000700000028000000E85B74002385740001000000000000000000000A00210000631F6E6F0EDED4010000000000000000 "C:\Program Files (x86)\EnveloppesEditor1.20\EnveloppesEditor120.exe"=0x534143500100000000000000070000002800000000D824000000000001000000000000000000000A6120000050BB64EDDDACD501000000000000000002000000280000000000000000000000100000000000000000000000000000001CE11000000000002800000028000000 "C:\Program Files (x86)\Folder Marker\FolderMarker.exe"=0x5341435001000000000000000700000028000000684B1000000F110001000000000000000000020600010000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000008000000000000000000000000460C0300000000000700000007000000 "C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe"=0x534143500100000000000000070000002800000000AF5400F5F7540001000000000000000000000A73200000631F6E6F0EDED40100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000ED310000000000000200000002000000 "C:\Program Files (x86)\Windows Media Player\wmplayer.exe"=0x5341435001000000000000000700000028000000008C0200FE01030001000000010000000000000A61220000631F6E6F0EDED4010000000000000000 "C:\Windows\twain_32\ESCNDV\escndv.exe"=0x5341435001000000000000000700000028000000183E03007A2E04000100000000000000000001067120000050BB64EDDDACD50100000000000000000200000028000000000000000000000048000000000000000000000000000000C09F2300000000002400000024000000 "C:\Program Files (x86)\ToomkyGames.com\Magic Farm\MagicFarm.exe"=0x5341435001000000000000000700000028000000501C1A00E3011B0001000000000000000000010671220000631F6E6F0EDED401000000000000000002000000280000000000000000000000000202000000000000000000000000004D030300000000000400000004000000 "C:\Program Files (x86)\ToomkyGames.com\Magic Farm\Game.exe"=0x5341435001000000000000000700000028000000501C6000EE46600001000000000000000000010671220000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000200000000000000000000000000A2550000000000000100000001000000 "C:\Program Files (x86)\ToomkyGames.com\Magic Farm\qjcbxjs.exe"=0x534143500100000000000000070000002800000048850C00D18B0C0001000000000000000000000671200000631F6E6F0EDED40100000000000000000200000028000000000000000000001000100000000000000000000000000000FD020000000000000200000002000000 "C:\Program Files (x86)\MyRealGames.com\Gardenscapes\game.exe"=0x534143500100000000000000070000002800000000303D000000000001000000000000000000000A71220000631F6E6F0EDED401000000000000000002000000280000000000000000000000000000000000000000000000000000005F3B0100000000000400000004000000 "C:\Program Files (x86)\Steganos Password Manager 20\PasswordManager.exe"=0x5341435001000000000000000700000028000000E8CF830053F0830001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000E1B06842000000003D0100003D010000 "C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe"=0x534143500100000000000000070000002800000000B833000000000001000000000000000000000A7322000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000085569832000000000A0000000A000000 "C:\Program Files\Internet Explorer\iexplore.exe"=0x5341435001000000000000000700000028000000987A0C001EDE0C0001000000010000000000000A00210000631F6E6F0EDED4010000000000000000 "D:\logiciels installés\GRAVEURS\Clone Cd + Serial\SetupCloneCD.exe"=0x5341435001000000000000000700000028000000BBD232000000000001000000000000000000010571000000631F6E6F0EDED4010000000000000000020000002800000000000000000800400000000000000000000000000000000075DC0000000000000200000002000000 "C:\Program Files\IM-Magic\Partition Resizer\dm.resizer.exe"=0x5341435001000000000000000700000028000000005CF0000000000001000000000000000000000A7322000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000088E90600000000000800000008000000 "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoAppBar.exe"=0x534143500100000000000000070000002800000028259500B4D0950001000000000000000000000A73220000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000FD2C0300000000000100000001000000 "SIGN.MEDIA=154B584 Driver Netgear Wireless\wn111v2_setup_3.1.exe"=0x534143500100000000000000070000002800000084B554010000000001000000000000000000000671020000631F6E6F0EDED401000000000000000002000000280000000000000000000040000000000000000000000000000000007E190100000000000200000002000000 "SIGN.MEDIA=44860 Driver clé wifi HERCULE\Setup.exe"=0x5341435001000000000000000700000028000000281602002E87020001000000000000000000000671220000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000E8AD8600000000000100000001000000 "C:\Users\jo\Desktop\Logiciels de téléchargement\BitTorrent.exe"=0x5341435001000000000000000700000028000000F8FD1C004B231D0001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000B993EF00000000000200000002000000 "D:\logiciels installés\Partition\AOMEI Partition-8.1.0\AOMEI Partition Assistant Technician 8.1.0.exe"=0x5341435001000000000000000700000028000000F05F48010000000001000000000000000000000A00210000631F6E6F0EDED401000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000006B370000000000000100000001000000 "D:\logiciels installés\Partition\AOMEI Partition-6.5\PAssist_Tech.exe"=0x5341435001000000000000000700000028000000B818A7000CCFA70001000000000000000000010600010000631F6E6F0EDED4010000000000000000020000002800000000000000000000400000000000000000000000000000000064A30000000000000100000001000000 "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe"=0x5341435001000000000000000700000028000000780A7A018F6C7A0101000000000000000000000A7322000050BB64EDDDACD501000000000000000002000000280000000000000000000040040000100000000000000000000000009A1A9800000000005E0000005E000000 "D:\logiciels installés\PROTECTION DU PC et Bien nettoyer son pc\KeyScrambler\KeyScrambler_Setup.exe"=0x534143500100000000000000070000002800000070BB17001026180001000000000000000000000A00210000631F6E6F0EDED401000000000000000002000000280000000000000000000040000000000000000000000000000000000C86CF01000000000100000001000000 "C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe"=0x534143500100000000000000070000002800000090E00700B1AC080001000000000000000000000A7122000050BB64EDDDACD501000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000000C949442000000009600000096000000 "D:\logiciels installés\pwroff30 (Eteindre le pc)\poweroff.exe"=0x534143500100000000000000070000002800000000A002000000000001000000000000000000010571000000631F6E6F0EDED40100000000000000000200000028000000000000000000000000040000000000000000000000000000AB1A4200000000000200000002000000 "C:\Program Files (x86)\DearMob\DearMob iPhone Manager\StartDearMobWin.exe"=0x5341435001000000000000000700000028000000A8880300D83E040001000000000000000000000A7522000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000242DF90D000000000600000006000000 "D:\logiciels installés\Eteindre le PC\Wise Auto Shutdown\WiseAutoShutdown.exe"=0x534143500100000000000000070000002800000058AC2D00F6A42E0001000000000000000000000A0021000050BB64EDDDACD5010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000020033F02000000000800000008000000 "SIGN.MEDIA=1DC6482D LG_PC_Suite-5.exe"=0x534143500100000000000000070000002800000018679F02626F9F0201000000000000000000010600010000631F6E6F0EDED4010000000000000000020000002800000000000000000000400000000000000000000000000000000061170000000000000100000001000000 "C:\Program Files (x86)\GameTop.com\Rush for Gold California\game-shell.exe"=0x5341435001000000000000000700000028000000881D05001E64050001000000000000000000000A71220000631F6E6F0EDED401000000000000000002000000280000000000000000000000000000000000000000000000000000005D090200000000000200000002000000 "C:\Program Files (x86)\GameTop.com\Rush for Gold California\gold_rush_california.exe"=0x534143500100000000000000070000002800000000762E0081382F000100000000000000000003067122000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000889E4700000000000400000004000000 "D:\logiciels installés\RecoverMyFiles (Pour récupérer fichier formater ou supprimer)\RecoverMyFiles-Setup-French.exe"=0x5341435001000000000000000700000028000000208A71009EE5710001000000000000000000000A4122000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000F76E0000000000000100000001000000 "C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.1.0\Backupper.exe"=0x5341435001000000000000000700000028000000A8740901076B0A0101000000000000000000000A7122000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000003A448E00000000000A0000000A000000 "C:\Program Files (x86)\Unchecky\unchecky.exe"=0x534143500100000000000000070000002800000018651A0044DA1A0001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000019160000000000000100000001000000 "D:\logiciels installés\TOUT POUR LES MP3\logiciel pour télécharger musique\Streaming Audio Recorder 3.3.4+Code\streaming-audio-recorder.exe"=0x534143500100000000000000070000002800000068C9CA00FC38CB000100000000000000000003060021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000002AE60000000000000200000002000000 "C:\Program Files\Bitdefender\Bitdefender Security\bdtkexec.exe"=0x5341435001000000000000000700000028000000189606007121070001000000000000000000000A7322000050BB64EDDDACD5010000000000000000 "C:\Users\jo\Desktop\icones masques\TeamViewer_Setup.exe"=0x53414350010000000000000007000000280000003068C601A930C70101000000000000000000000A0021000050BB64EDDDACD5010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000039AE3300000000000B0000000B000000 "SIGN.MEDIA=6292E1C Setup1.exe"=0x5341435001000000000000000700000028000000304A8A012FA48A0101000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000002B610000000000000100000001000000 "C:\aida64extreme630\aida64.exe"=0x53414350010000000000000007000000280000009871BF00C56CC00001000000000000000000000A0021000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000B9730A00000000000100000001000000 "C:\Program Files (x86)\GameTop.com\The Island Castaway 2\game-shell.exe"=0x534143500100000000000000070000002800000088A50800CFF3080001000000000000000000000A7122000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000076300000000000000100000001000000 "C:\Program Files (x86)\GameTop.com\The Island Castaway 2\game.exe"=0x534143500100000000000000070000002800000088170600A6D7060001000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000028000000000000000000000008000000000000000000000000000000D2610100000000000300000003000000 "D:\logiciels installés\recupérer Clé Licence Win 10 et office\winfokeys-4.1.0.0\winfokeys\WinfoKeys.exe"=0x534143500100000000000000070000002800000000081300000000000100000000000000000001066122000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000D2A30000000000000100000001000000 "D:\logiciels installés\recupérer Clé Licence Win 10 et office\OemKey.exe"=0x534143500100000000000000070000002800000098241600DA0E170001000000000000000000000A7122000050BB64EDDDACD501000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000004B0B0000000000000200000002000000 "D:\logiciels installés\recupérer Clé Licence Win 10 et office\Advanced_Tokens_Manager\Advanced Tokens Manager v3.5 RC 5\Advanced Tokens Manager.exe"=0x534143500100000000000000070000002800000000241400000000000100000000000000000003060021000050BB64EDDDACD5010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000062360000000000000100000001000000 "D:\logiciels installés\recupérer Clé Licence Win 10 et office\opabackup342\opabackup342.exe"=0x534143500100000000000000070000002800000000D40400000000000100000000000000000003067520000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000B4380000000000000100000001000000 "C:\Program Files (x86)\Siber Systems\AI RoboForm\identities.exe"=0x53414350010000000000000007000000280000001065040034FC040001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000011050000000000000100000001000000 "C:\Program Files\VideoLAN\VLC\vlc.exe"=0x5341435001000000000000000700000028000000D8040F0033B90F000100000000000000000000060001000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000272B8401000000007700000077000000 "C:\Users\jo\AppData\Local\Programs\Rokkr\Rokkr.exe"=0x5341435001000000000000000700000028000000F0055C076EFE5C0701000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000021501100000000000300000003000000 "D:\logiciels installés\Watched et Rokkr TV\WATCHED 0.18.8 Film + Live Tv_TrucNet.com\WATCHED Setup 0.18.8.exe"=0x534143500100000000000000070000002800000058471805EDF6180501000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000316D0000000000000100000001000000 "C:\Users\jo\AppData\Local\Programs\WATCHED\WATCHED.exe"=0x5341435001000000000000000700000028000000B82A5B0726315B0701000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000041E86500000000001500000015000000 "C:\captvty-2.5\Captvty.exe"=0x5341435001000000000000000700000028000000002231000000000001000000000000000000000A7122000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000004879D900000000000800000008000000 "SIGN.MEDIA=25CF6D82 start.exe"=0x534143500100000000000000070000002800000000600400000000000100000000000000000001057120000050BB64EDDDACD50100000000000000000200000050000000000000000000000000041200000000000000100000000000843B030000000000020000000100000000000000800000000000000000000000000000000000000016270200000000000100000000000000010000000400000001000000 "SIGN.MEDIA=531 addon\start\start.exe"=0x534143500100000000000000070000002800000000800600000000000100000000000000000001056120000050BB64EDDDACD5010000000000000000020000002800000000000000000000000004000000000000000000000000000061020000000000000200000002000000 "SIGN.MEDIA=3DAB882F GARDEN.EXE"=0x53414350010000000000000007000000280000002F802600000000000100000000000000000001057120000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000060C0000000000000100000001000000 "SIGN.MEDIA=3DAB882F EDITDB.EXE"=0x534143500100000000000000070000002800000000FA1E00000000000100000000000000000001057120000050BB64EDDDACD50100000000000000000200000028000000000000000000000000060200000000000000000000000000A1140000000000000100000001000000 "SIGN.MEDIA=3524D7A0 start.exe"=0x5341435001000000000000000700000028000000E0030100726D01000100000000000000000000067102000050BB64EDDDACD5010000000000000000020000002800000000000000800000000000000000000000000000000000000078E00100000000000100000001000000 "SIGN.MEDIA=3524D7A0 setup.exe"=0x5341435001000000000000000700000028000000B0EA921A8AA3931A0100000000000000000000067122000050BB64EDDDACD5010000000000000000020000005000000000020006000000600000000000000000000000000000000014440C00000000000100000001000000000000000000004000000000000000000000000000000000FF210000000000000100000000000000 "SIGN.MEDIA=1DC6FE cdsample\autorun\autorun.exe"=0x534143500100000000000000070000002800000000E20E00000000000100000000000000000001057120000050BB64EDDDACD50100000000000000000200000028000000000000008000000000000000000000000000000000000000B20C0000000000000100000001000000 "SIGN.MEDIA=4D1A9AC AOEInst.Exe"=0x534143500100000000000000070000002800000041D00400000000000100000000000000000001057120000050BB64EDDDACD5010000000000000000050000001000000000000000000000000000000080080000010000000400000001000000020000005000000000020105A0000060000000000000000000000000000000001C050100000000000100000001000000000000008008004000860200000000000080000000000000E1190000000000000100000000000000 "SIGN.MEDIA=713DBC6 AOCSETUP.EXE"=0x534143500100000000000000070000002800000039500800000000000100000000000000000001057120000050BB64EDDDACD5010000000000000000050000001000000000000000000000000000000080080000020000002800000000000000800800401004000000000000000000000000000075B50000000000000400000004000000 "SIGN.MEDIA=3F1C880 AOESETUP.EXE"=0x53414350010000000000000007000000280000003EF00800000000000100000000000000000001057120000050BB64EDDDACD5010000000000000000020000002800000000000000800800400000000000000000000000000000000058080100000000000100000001000000 "SIGN.MEDIA=15FB490 AOEinst.Exe"=0x53414350010000000000000007000000280000003A500400F60A05000100000000000000000001057120000050BB64EDDDACD5010000000000000000050000001000000000000000000000000000000080080000010000000400000001000000020000005000000000020105A00000602000000000000000000000000000000008E30100000000000200000002000000000000008008004000860200000000000080000000000000B4110000000000000100000000000000 "C:\Users\jo\Desktop\Sécurité\adwcleaner_8.1.exe"=0x5341435001000000000000000700000028000000702381008373810001000000000000000000000A0021000050BB64EDDDACD501000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000006B1F0100000000000200000002000000 "C:\Program Files (x86)\WinCDEmu\vmnt64.exe"=0x5341435001000000000000000700000028000000583306005554060001000000000000000000000A7322000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000DD670100000000001F0000001F000000 "C:\Program Files\Oracle\VirtualBox\VirtualBox.exe"=0x534143500100000000000000070000002800000008A12400E48D250001000000000000000000000A7320000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000D3B03100000000000F0000000F000000 "C:\Program Files\Oracle\VirtualBox\VBoxExtPackHelperApp.exe"=0x534143500100000000000000070000002800000088010100437E010001000000000000000000000A7320000050BB64EDDDACD5010000000000000000020000002800000000000000000000C000000000000000000000000000000000310A0000000000000100000001000000 "C:\Users\jo\AppData\Roaming\BitTorrent\BitTorrent.exe"=0x5341435001000000000000000700000028000000289420003D9B200001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000E6F9B101000000003A0000003A000000 "SIGN.MEDIA=256C03A4 autorun.exe"=0x534143500100000000000000070000002800000000500F00E85D0F000100000000000000000001057120000050BB64EDDDACD501000000000000000005000000100000000000000000000000000000008008000002000000280000000000000080080040000000000000000000000000000000006CE40500000000000400000004000000 "SIGN.MEDIA=3F09B71A CDCheck.exe"=0x534143500100000000000000070000002800000000C00000DBA301000100000000000000000001057120000050BB64EDDDACD5010000000000000000 "SIGN.MEDIA=47149D2A CDCheck.exe"=0x534143500100000000000000070000002800000000C00000DBA301000100000000000000000001057120000050BB64EDDDACD5010000000000000000 "SIGN.MEDIA=256C03A4 install.exe"=0x534143500100000000000000070000002800000000E00300000000000100000000000000000001057120000050BB64EDDDACD501000000000000000002000000500000000003010520000060000000000000000000000000000000009F5C050000000000010000000100000000000A042000006000000000000000000000000000000000D3860000000000000100000000000000 "SIGN.MEDIA=11882040 SETUP.EXE"=0x534143500100000000000000070000002800000060900F00000000000100000000000000000001057120000050BB64EDDDACD501000000C100000000 "SIGN.MEDIA=1DF647CF autorun.exe"=0x53414350010000000000000007000000280000001854100088F610000100000000000000000000067122000050BB64EDDDACD50100000000000000000200000028000000000000008000000000000000000000000000000000000000B8C00500000000000100000001000000 "C:\Program Files\CCleaner\CCleaner64.exe"=0x53414350010000000000000007000000280000004822FA010097FA0101000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000091020000000000000100000001000000 "C:\Users\jo\Desktop\PDFCombiner.exe"=0x5341435001000000000000000700000028000000000E8D000000000001000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000A8340100000000000400000004000000 "SIGN.MEDIA=D19DB Setup.exe"=0x5341435001000000000000000700000028000000B08C0600BCBA060001000000000000000000000A0021000050BB64EDDDACD501000000D100000000 "SIGN.MEDIA=E78F78 Office\Setup32.exe"=0x5341435001000000000000000700000028000000283945001B7D450001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000FDE90100000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe"=0x5341435001000000000000000700000028000000B08079006D507A0001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000068212300000000000100000001000000 "C:\Users\jo\Desktop\Captvty\Captvty.exe"=0x534143500100000000000000070000002800000000BC38000000000001000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000A16D6C00000000000600000006000000 "C:\Program Files\Bitdefender\Bitdefender Security\seccenter.exe"=0x534143500100000000000000070000002800000058F8190013A81A0001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000099AE8506000000000300000003000000 "C:\Program Files\Windows Sidebar\sidebar.exe"=0x534143500100000000000000070000002800000000EE14002D0E15000100000000000000000002067302000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000007C441E18000000000100000001000000 "C:\Program Files (x86)\ScanPapyrus\ScanPapyrus.exe"=0x5341435001000000000000000700000028000000F8FE89008CD48A0001000000000000000000000A7122000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000078E60000000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe"=0x5341435001000000000000000700000028000000A08760016F06610101000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000017B40800000000000100000001000000 "C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe"=0x5341435001000000000000000700000028000000002A6C00FF836C0001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000A00000000000000000000000000000000089DE470F000000000300000003000000 "D:\logiciels installés\TOUT POUR LES DVD\VSO ConvertXtoDVD v4.1.10.348\vsoConvertXtoDVD4.exe"=0x534143500100000000000000070000002800000068E82B017A6B2C010100000000000000000001060021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000001FB40300000000000100000001000000 "C:\Program Files\Windows NT\Accessories\wordpad.exe"=0x534143500100000000000000070000002800000000B02E007D6A2F0001000000010000000000000A6322000050BB64EDDDACD5010000000000000000 "D:\logiciels installés\USB Safely Remove v6.4.2.1297\Usbsafelyremovesetup_6-4-2.exe"=0x534143500100000000000000070000002800000080783D00F96C3E0001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000D65C0000000000000100000001000000 "D:\logiciels installés\Microsoft office picture\SharePointDesigner(64).exe"=0x5341435001000000000000000700000028000000A0913914ADFC39140100000000000000000001067102000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000CBAC0300000000000200000002000000 "C:\Program Files (x86)\Microsoft Money 2005\MNYCoreFiles\msmoney.exe"=0x5341435001000000000000000700000028000000202B0100841D02000100000000000000000001057100000050BB64EDDDACD50100000000000000000200000028000000000000000000001000440000000000000000000000000000D6061700000000001100000011000000 "D:\logiciels installés\Microsoft office picture\SharePointDesigner 32.exe"=0x534143500100000000000000070000002800000008769612428596120100000000000000000001067102000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000075530200000000000100000001000000 "C:\Program Files (x86)\Microsoft Office\Office14\OIS.EXE"=0x5341435001000000000000000700000028000000682F0400F26F04000100000000000000000001067122000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000C90B0300000000000600000006000000 "C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"=0x5341435001000000000000000700000028000000B8E50500F727060001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000002811800000000000D0000000D000000 "SIGN.MEDIA=542EF setup.exe"=0x534143500100000000000000070000002800000010A10100CDF401000100000000000000000001067302000050BB64EDDDACD501000000C100000000 "C:\Program Files (x86)\WinRAR\Uninstall.exe"=0x534143500100000000000000070000002800000098C8050079B3060001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000BC000000000000000100000001000000 "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"=0x534143500100000000000000070000002800000098B5320051FD320001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000004A3A0000000000000100000001000000 "C:\Program Files (x86)\WinRAR\WinRAR.exe"=0x534143500100000000000000070000002800000098A02600566C270001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000AF4B0000000000000400000004000000 "C:\Users\jo\AppData\Local\RoboForm\_auto-update\RoboForm-Setup.exe"=0x5341435001000000000000000700000028000000C87C7201FBE7720101000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000BF290000000000000100000001000000 "C:\Users\jo\AppData\Local\Microsoft\OneDrive\21.083.0425.0003\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000788B0700B2FA070001000000000000000000000A0021000050BB64EDDDACD5010000000100000000 ---------- | IFEO ---------- | Mountpoints2 [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{276a8ede-2694-11e3-be66-806e6f6e6963}] : "L:\setup.exe" (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{321b27c6-9098-11eb-a873-6c626dc8eeae}] : "F:\autorun.exe" (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{321b27c6-9098-11eb-a873-6c626dc8eeae}] : F:\install.exe (setup) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{79069c14-a01a-11eb-a888-901b0e3922d3}] : "F:\OInstall.exe" (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{79069c14-a01a-11eb-a888-901b0e3922d3}] : F:\OInstall.exe (configure) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{79069c14-a01a-11eb-a888-901b0e3922d3}] : F:\OInstall.exe (install) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{dcb7b0de-80c1-11eb-a86e-6c626dc8eeae}] : F:\goodies\ar32f301.exe (ar32f301) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{dcb7b0de-80c1-11eb-a86e-6c626dc8eeae}] : "F:\aoeinst.exe" /autorun (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{dcb7b0de-80c1-11eb-a86e-6c626dc8eeae}] : F:\goodies\DirectX\dplay60a.exe (dplay) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{dcb7b0de-80c1-11eb-a86e-6c626dc8eeae}] : F:\goodies\DirectX\dxdiag.exe (dxdiag) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{dcb7b0de-80c1-11eb-a86e-6c626dc8eeae}] : F:\goodies\DirectX\dxinfo.exe (dxinfo) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{dcb7b0de-80c1-11eb-a86e-6c626dc8eeae}] : F:\goodies\DirectX\dx5test.exe (dxtest) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{dcb7b0de-80c1-11eb-a86e-6c626dc8eeae}] : F:\goodies\DirectX\dxtool.exe (dxtool) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{dcb7b0de-80c1-11eb-a86e-6c626dc8eeae}] : F:\goodies\msinfo\msinfo32.exe (msinfo) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{dcb7b0de-80c1-11eb-a86e-6c626dc8eeae}] : F:\Sampler\Sampler.exe (sampler) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{dcb7b0de-80c1-11eb-a86e-6c626dc8eeae}] : F:\aoeinst.exe /autorun (setup) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{df707c48-67c0-11eb-a869-6c626dc8eeae}] : "F:\start.exe" /checksection (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc543ba-7393-11eb-a86d-6c626dc8eeae}] : F:\goodies\ar32f301.exe (ar32f301) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc543ba-7393-11eb-a86d-6c626dc8eeae}] : "F:\AOEINST.EXE" /autorun (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc543ba-7393-11eb-a86d-6c626dc8eeae}] : F:\DirectX\dxsetup.exe (directx) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc543ba-7393-11eb-a86d-6c626dc8eeae}] : F:\DirectX\dplay60a.exe (dplay) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc543ba-7393-11eb-a86d-6c626dc8eeae}] : F:\DirectX\dxdiag.exe (dxdiag) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc543ba-7393-11eb-a86d-6c626dc8eeae}] : F:\DirectX\dxinfo.exe (dxinfo) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc543ba-7393-11eb-a86d-6c626dc8eeae}] : F:\goodies\DirectX\dx5test.exe (dxtest) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc543ba-7393-11eb-a86d-6c626dc8eeae}] : F:\goodies\DirectX\dxtool.exe (dxtool) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc543ba-7393-11eb-a86d-6c626dc8eeae}] : F:\goodies\msinfo\msinfo32.exe (msinfo) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc543ba-7393-11eb-a86d-6c626dc8eeae}] : F:\Sampler\Sampler.exe (sampler) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc543ba-7393-11eb-a86d-6c626dc8eeae}] : F:\AOEINST.EXE /autorun (setup) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc543ba-7393-11eb-a86d-6c626dc8eeae}] : F:\sampler\demos\zone\zoneA501.exe (zone) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54412-7393-11eb-a86d-6c626dc8eeae}] : F:\goodies\ar405fre.exe (adobe) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54412-7393-11eb-a86d-6c626dc8eeae}] : "F:\aocsetup.exe" /autorun (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54412-7393-11eb-a86d-6c626dc8eeae}] : F:\goodies\machine\machine.exe -l (log) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54412-7393-11eb-a86d-6c626dc8eeae}] : F:\goodies\machine\machine.exe (machine) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54412-7393-11eb-a86d-6c626dc8eeae}] : F:\aocsetup.exe /autorun (setup) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54412-7393-11eb-a86d-6c626dc8eeae}] : F:\goodies\mszone\zonea660.exe (zone) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54422-7393-11eb-a86d-6c626dc8eeae}] : "F:\aoesetup.exe" /autorun (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54422-7393-11eb-a86d-6c626dc8eeae}] : F:\DirectX\dxsetup.exe (directx) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54422-7393-11eb-a86d-6c626dc8eeae}] : F:\DirectX\dplay61a.exe (dplay) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54422-7393-11eb-a86d-6c626dc8eeae}] : F:\goodies\ar40fra.exe (dxdiag) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54422-7393-11eb-a86d-6c626dc8eeae}] : F:\goodies\DirectX\dxinfo.exe (dxinfo) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54422-7393-11eb-a86d-6c626dc8eeae}] : F:\DirectX\dxdiag.exe (dxtest) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54422-7393-11eb-a86d-6c626dc8eeae}] : F:\goodies\DirectX\dxtool.exe (dxtool) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54422-7393-11eb-a86d-6c626dc8eeae}] : F:\goodies\machine\machine.exe -l (log) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54422-7393-11eb-a86d-6c626dc8eeae}] : F:\goodies\machine\machine.exe (machine) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54422-7393-11eb-a86d-6c626dc8eeae}] : F:\aoesetup.exe /autorun (setup) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54422-7393-11eb-a86d-6c626dc8eeae}] : F:\goodies\mszone\zonea600.exe (zone) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54478-7393-11eb-a86d-6c626dc8eeae}] : F:\goodies\ar405fre.exe (adobe) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54478-7393-11eb-a86d-6c626dc8eeae}] : "F:\aocsetup.exe" /autorun (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54478-7393-11eb-a86d-6c626dc8eeae}] : F:\goodies\machine\machine.exe -l (log) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54478-7393-11eb-a86d-6c626dc8eeae}] : F:\goodies\machine\machine.exe (machine) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54478-7393-11eb-a86d-6c626dc8eeae}] : F:\aocsetup.exe /autorun (setup) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54478-7393-11eb-a86d-6c626dc8eeae}] : F:\goodies\mszone\zonea660.exe (zone) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc5452b-7393-11eb-a86d-6c626dc8eeae}] : "V:\aoesetup.exe" /autorun (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc5452b-7393-11eb-a86d-6c626dc8eeae}] : V:\DirectX\dxsetup.exe (directx) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc5452b-7393-11eb-a86d-6c626dc8eeae}] : V:\DirectX\dplay61a.exe (dplay) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc5452b-7393-11eb-a86d-6c626dc8eeae}] : V:\goodies\ar40fra.exe (dxdiag) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc5452b-7393-11eb-a86d-6c626dc8eeae}] : V:\goodies\DirectX\dxinfo.exe (dxinfo) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc5452b-7393-11eb-a86d-6c626dc8eeae}] : V:\DirectX\dxdiag.exe (dxtest) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc5452b-7393-11eb-a86d-6c626dc8eeae}] : V:\goodies\DirectX\dxtool.exe (dxtool) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc5452b-7393-11eb-a86d-6c626dc8eeae}] : V:\goodies\machine\machine.exe -l (log) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc5452b-7393-11eb-a86d-6c626dc8eeae}] : V:\goodies\machine\machine.exe (machine) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc5452b-7393-11eb-a86d-6c626dc8eeae}] : V:\aoesetup.exe /autorun (setup) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc5452b-7393-11eb-a86d-6c626dc8eeae}] : V:\goodies\mszone\zonea600.exe (zone) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54572-7393-11eb-a86d-6c626dc8eeae}] : V:\goodies\ar32f301.exe (ar32f301) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54572-7393-11eb-a86d-6c626dc8eeae}] : "V:\aoeinst.exe" /autorun (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54572-7393-11eb-a86d-6c626dc8eeae}] : V:\goodies\DirectX\dplay60a.exe (dplay) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54572-7393-11eb-a86d-6c626dc8eeae}] : V:\goodies\DirectX\dxdiag.exe (dxdiag) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54572-7393-11eb-a86d-6c626dc8eeae}] : V:\goodies\DirectX\dxinfo.exe (dxinfo) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54572-7393-11eb-a86d-6c626dc8eeae}] : V:\goodies\DirectX\dx5test.exe (dxtest) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54572-7393-11eb-a86d-6c626dc8eeae}] : V:\goodies\DirectX\dxtool.exe (dxtool) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54572-7393-11eb-a86d-6c626dc8eeae}] : V:\goodies\msinfo\msinfo32.exe (msinfo) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54572-7393-11eb-a86d-6c626dc8eeae}] : V:\Sampler\Sampler.exe (sampler) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{efc54572-7393-11eb-a86d-6c626dc8eeae}] : V:\aoeinst.exe /autorun (setup) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{f58cf2bf-8fe1-11eb-a872-6c626dc8eeae}] : "F:\autorun.exe" (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{f58cf2bf-8fe1-11eb-a872-6c626dc8eeae}] : F:\DirectX9\dxsetup.exe (directx) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{f58cf2bf-8fe1-11eb-a872-6c626dc8eeae}] : F:\install.exe (setup) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{f58cfbde-8fe1-11eb-a872-6c626dc8eeae}] : "F:\autorun.exe" (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{f58cfbde-8fe1-11eb-a872-6c626dc8eeae}] : F:\DirectX9\dxsetup.exe (directx) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{f58cfbde-8fe1-11eb-a872-6c626dc8eeae}] : F:\install.exe (setup) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{f58cfc34-8fe1-11eb-a872-6c626dc8eeae}] : "F:\CDCheck.exe" (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{f58cfc41-8fe1-11eb-a872-6c626dc8eeae}] : "F:\CDCheck.exe" (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{f58cfc71-8fe1-11eb-a872-6c626dc8eeae}] : "F:\autorun.exe" (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{f58cfc71-8fe1-11eb-a872-6c626dc8eeae}] : F:\DirectX9\dxsetup.exe (directx) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{f58cfc71-8fe1-11eb-a872-6c626dc8eeae}] : F:\install.exe (setup) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{f58cfe06-8fe1-11eb-a872-6c626dc8eeae}] : "F:\setup.exe" (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{f58cfe06-8fe1-11eb-a872-6c626dc8eeae}] : F:\setup.exe (setup) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{f58cfe2a-8fe1-11eb-a872-6c626dc8eeae}] : "F:\_aom.exe" (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0118c1-8d8c-11eb-a871-6c626dc8eeae}] : F:\goodies\ar405fre.exe (adobe) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0118c1-8d8c-11eb-a871-6c626dc8eeae}] : "F:\aocsetup.exe" /autorun (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0118c1-8d8c-11eb-a871-6c626dc8eeae}] : F:\goodies\machine\machine.exe -l (log) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0118c1-8d8c-11eb-a871-6c626dc8eeae}] : F:\goodies\machine\machine.exe (machine) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0118c1-8d8c-11eb-a871-6c626dc8eeae}] : F:\aocsetup.exe /autorun (setup) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0118c1-8d8c-11eb-a871-6c626dc8eeae}] : F:\goodies\mszone\zonea660.exe (zone) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0118ee-8d8c-11eb-a871-6c626dc8eeae}] : "F:\aoesetup.exe" /autorun (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0118ee-8d8c-11eb-a871-6c626dc8eeae}] : F:\DirectX\dxsetup.exe (directx) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0118ee-8d8c-11eb-a871-6c626dc8eeae}] : F:\DirectX\dplay61a.exe (dplay) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0118ee-8d8c-11eb-a871-6c626dc8eeae}] : F:\goodies\ar40fra.exe (dxdiag) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0118ee-8d8c-11eb-a871-6c626dc8eeae}] : F:\goodies\DirectX\dxinfo.exe (dxinfo) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0118ee-8d8c-11eb-a871-6c626dc8eeae}] : F:\DirectX\dxdiag.exe (dxtest) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0118ee-8d8c-11eb-a871-6c626dc8eeae}] : F:\goodies\DirectX\dxtool.exe (dxtool) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0118ee-8d8c-11eb-a871-6c626dc8eeae}] : F:\goodies\machine\machine.exe -l (log) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0118ee-8d8c-11eb-a871-6c626dc8eeae}] : F:\goodies\machine\machine.exe (machine) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0118ee-8d8c-11eb-a871-6c626dc8eeae}] : F:\aoesetup.exe /autorun (setup) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0118ee-8d8c-11eb-a871-6c626dc8eeae}] : F:\goodies\mszone\zonea600.exe (zone) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0118fd-8d8c-11eb-a871-6c626dc8eeae}] : "F:\autorun.exe" (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0118fd-8d8c-11eb-a871-6c626dc8eeae}] : F:\DirectX9\dxsetup.exe (directx) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0118fd-8d8c-11eb-a871-6c626dc8eeae}] : F:\install.exe (setup) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff011959-8d8c-11eb-a871-6c626dc8eeae}] : "F:\CDCheck.exe" (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff011960-8d8c-11eb-a871-6c626dc8eeae}] : "F:\CDCheck.exe" (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff011992-8d8c-11eb-a871-6c626dc8eeae}] : "F:\autorun.exe" (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff011992-8d8c-11eb-a871-6c626dc8eeae}] : F:\DirectX9\dxsetup.exe (directx) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff011992-8d8c-11eb-a871-6c626dc8eeae}] : F:\install.exe (setup) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0119c2-8d8c-11eb-a871-6c626dc8eeae}] : "F:\autorun.exe" (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0119c2-8d8c-11eb-a871-6c626dc8eeae}] : F:\DirectX9\dxsetup.exe (directx) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0119c2-8d8c-11eb-a871-6c626dc8eeae}] : F:\install.exe (setup) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff0119ff-8d8c-11eb-a871-6c626dc8eeae}] : "F:\CDCheck.exe" (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff011a24-8d8c-11eb-a871-6c626dc8eeae}] : "F:\CDCheck.exe" (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff011a33-8d8c-11eb-a871-6c626dc8eeae}] : "F:\autorun.exe" (AutoRun) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff011a33-8d8c-11eb-a871-6c626dc8eeae}] : F:\DirectX9\dxsetup.exe (directx) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ff011a33-8d8c-11eb-a871-6c626dc8eeae}] : F:\install.exe (setup) ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=132488076429022841 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=windowsdefender:// "DisableAntiSpyware"=1 "ProductType"=2 "InstallTime"=0xF95025F35962D501 "InstallLocation"=C:\Program Files\Windows Defender\ "ManagedDefenderProductType"=0 "OOBEInstallTime"=0x412EE0185B62D501 "DisableAntiVirus"=1 "ProductStatus"=0 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MsQuic] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcCtnrSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) ---------- | Hosts 127.0.0.1 localhost ::1 localhost # unchecky_begin # These rules were added by the Unchecky program in order to block advertising software modules 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 rp.yefeneri2.com 0.0.0.0 os.yefeneri2.com 0.0.0.0 os2.yefeneri2.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com [44] More lines ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [2a00:1450:4007:80e::200e] avec 32 octets de donn?es?: R?ponse de 2a00:1450:4007:80e::200e?: temps=33 ms R?ponse de 2a00:1450:4007:80e::200e?: temps=33 ms R?ponse de 2a00:1450:4007:80e::200e?: temps=32 ms R?ponse de 2a00:1450:4007:80e::200e?: temps=32 ms Statistiques Ping pour 2a00:1450:4007:80e::200e: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 32ms, Maximum = 33ms, Moyenne = 32ms ---------- | @ [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=Yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=%11%\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=https://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP "ImageStoreRandomFolder"=x1z8fa0 "NotifyDownloadComplete"=yes "IEWatsonDisabled"=1 "OperationalData"=12 "CompatibilityFlags"=0 "SearchBandMigrationVersion"=1 "FullScreen"=no "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2400000024000000D4040000C7020000 "Start Page_TIMESTAMP"=0x7E5F5E809120D601 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=0x01000000490000007019CFA11B66BF1919C92BC4E283D3045D4EFD95548870D46026D287F6E0363A51C0D5D66B5BE68F1B00A99A09A6BD4445F72AB0693DE3D683F72B0B6731B5AC64F53AFFF377B3912A020000001000000037375235555163652532627934253364 "IE10RunOnceLastShown"=1 "IE10RunOnceLastShown_TIMESTAMP"=0x6866226E4EACD601 "IE10TourShown"=1 "IE10TourShownTime"=0xF014CDD35F62D501 "Start Page Redirect Cache"=http://www.msn.com/fr-fr/?pc=UE01&ocid=UE01DHP "Start Page Redirect Cache_TIMESTAMP"=0xB11E568C9120D601 "Start Page Redirect Cache AcceptLangs"=fr-FR [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "CertificateRevocation"=1 "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "EnableNegotiate"=1 "MaxConnectionsPer1_0Server"=10 "MaxConnectionsPerServer"=10 "MigrateProxy"=1 "ProxyEnable"=0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "ZonesSecurityUpgrade"=0x876405A6FAB0D601 "WarnonZoneCrossing"=0 "LockDatabase"=132664025749860402 "EnableAutodial"=0x00000000 "NoNetAutodial"=1 "EnableHttp1_1"=1 "ProxyHttp1.1"=1 "ProxyOverride"=*.local "AutoConfigProxy"=wininet.dll [HKLM\Software\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Start Page"=about:blank [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings] "CallLegacyWCMPolicies"=0 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=about:blank "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\CurrentVersion\Internet Settings] "CallLegacyWCMPolicies"=0 ---------- | Proxy [HKLM\System\CurrentControlSet\Services\Iphlpsvc\Parameters\ProxyMgr\{B29376F8-585C-4CB2-8771-40A83F204E18}] "StaticProxy"=http=127.0.0.1:50278;https=127.0.0.1:50278;socks=127.0.0.1:50277 "ProxyBypass"= "LastUseTime"=132497546749120321 ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw] - {472083B0-C522-11CF-8763-00608CC02F24} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [13/01/2021 11:39:16] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81} -- %SystemRoot%\System32\cscui.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} "KnownProvidersUpgradeTime"=0xF014CDD35F62D501 "Version"=5 "UpgradeTime"=0xF014CDD35F62D501 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{724d43a0-0d85-11d4-9908-00400523e39a}"=0x00 "{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}"=0 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{724d43a0-0d85-11d4-9908-00400523e39a}"=0x00 "{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}"=0 [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{159ff5d5-55f1-4d2f-b706-767a55f77abb}] : () - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] : (Lync Click to Call) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F46}] : (Remplir les formulaires) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F49}] : (Enregistrer les formulaires) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{724d43aa-0d85-11d4-9908-00400523e39a}] : (Afficher la barre d'outils RoboForm) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{159ff5d5-55f1-4d2f-b706-767a55f77abb}] : () - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] : (Lync Click to Call) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F46}] : (Remplir les formulaires) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F49}] : (Enregistrer les formulaires) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{724d43aa-0d85-11d4-9908-00400523e39a}] : (Afficher la barre d'outils RoboForm) - [] ---------- | SearchScopes [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - https://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00 : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{159ff5d5-55f1-4d2f-b706-767a55f77abb}] -> (Bitdefender Trackers Blocking) : C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [20/05/2021 10:57:30] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}] -> (Bitdefender Wallet) : C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [20/05/2021 10:57:32] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}] -> (IEToEdge BHO) : C:\Program Files (x86)\Microsoft\Edge\Application\91.0.864.37\BHO\ie_to_edge_bho.dll [30/05/2021 22:20:58] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] -> (Skype for Business Browser Helper) : C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [26/06/2021 15:24:16] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}] -> (RoboForm Toolbar Helper) : C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [03/09/2019 19:55:20] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] -> () : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{159ff5d5-55f1-4d2f-b706-767a55f77abb}] -> (Bitdefender Trackers Blocking) : C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [20/05/2021 10:57:30] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}] -> (Bitdefender Wallet) : C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [20/05/2021 10:57:32] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}] -> (IEToEdge BHO) : C:\Program Files (x86)\Microsoft\Edge\Application\91.0.864.37\BHO\ie_to_edge_bho.dll [30/05/2021 22:20:58] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] -> (Skype for Business Browser Helper) : C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [26/06/2021 15:24:16] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}] -> (RoboForm Toolbar Helper) : C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [03/09/2019 19:55:20] ---------- | Chrome ---------- | Opera ---------- | Firefox [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] - (Office Authorization plug-in for NPAPI browsers) : C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.10] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.11] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.12] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.15] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.9.2] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0] - (Microsoft Lync Plug-in for Firefox) : C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] - (Office Authorization plug-in for NPAPI browsers) : C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.10] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.9.2] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=212.27.40.241 212.27.40.240 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{4e22b3fd-56a8-496d-b201-47ad3b227c2d}] "DhcpNameServer"=212.27.40.241 212.27.40.240 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{4e22b3fd-56a8-496d-b201-47ad3b227c2d}] "NameServer"=8.8.8.8,8.8.4.4 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{4e22b3fd-56a8-496d-b201-47ad3b227c2d}] "DhcpNameServer"=212.27.40.241 212.27.40.240 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{4e22b3fd-56a8-496d-b201-47ad3b227c2d}] "NameServer"=8.8.8.8,8.8.4.4 ---------- | Applications [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Classes\Applications\AcroRd32.exe] : "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "%1" [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Classes\Applications\BitTorrent.exe] : "C:\Users\jo\AppData\Roaming\BitTorrent\BitTorrent.exe" "%1" /SHELLASSOC [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Classes\Applications\msmoney.exe] : "C:\Program Files (x86)\Microsoft Money 2005\MNYCoreFiles\msmoney.exe" "%1" [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Classes\Applications\oisicon.exe] : "C:\Windows\Installer\{90140000-0017-0000-1000-0000000FF1CE}\oisicon.exe" "%1" [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Classes\Applications\SumatraPDF.exe] : "C:\Users\jo\AppData\Local\SumatraPDF\SumatraPDF.exe" "%1" %* [HKLM\SOFTWARE\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\MSOXMLED.EXE] : "C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\ois.exe] : C:\PROGRA~2\Microsoft Office\Office14\OIS.EXE /shellOpen "%1" [HKLM\SOFTWARE\Classes\Applications\SumatraPDF.exe] : "C:\Users\jo\AppData\Local\SumatraPDF\SumatraPDF.exe" "%1" %* [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\vmnt64.exe] : "C:\Program Files (x86)\WinCDEmu\vmnt64.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MSOXMLED.EXE] : "C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ois.exe] : C:\PROGRA~2\Microsoft Office\Office14\OIS.EXE /shellOpen "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\SumatraPDF.exe] : "C:\Users\jo\AppData\Local\SumatraPDF\SumatraPDF.exe" "%1" %* [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vmnt64.exe] : "C:\Program Files (x86)\WinCDEmu\vmnt64.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DcomLaunch SystemEventsBroker DeviceInstall "rdxgroup"=RetailDemo "Camera"=FrameS "LocalServiceNoNetworkFirewall"=BFE mpssvc "diagnostics"=DiagSvc "AarSvcGroup"=AarSvc "PrintWorkflow"=PrintWorkflowUserSvc "wusvcs"=WaaSMedicSvc "BcastDVRUserService"=BcastDVRUserService "GraphicsPerfSvcGroup"=GraphicsPerfSvc "autoTimeSvc"=autoTimeSvc "ClipboardSvcGroup"=cbdhsvc "BthAppGroup"=BluetoothUserService "smbsvcs"=lanmanserver browser "UdkSvcGroup"=UdkUserSvc "DevicesFlow"=DeviceAssociationBrokerSvc DevicesFlowUserSvc ConsentUxUserSvc DevicePickerUserSvc "PeerDist"=PeerDistSvc "AssignedAccessManagerSvc"=AssignedAccessManagerSvc "DialogBlockingService"=DialogBlockingService "iissvcs"=w3svc was [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=DcomLaunch DeviceInstall "PrintWorkflow"=PrintWorkflowUserSvc "AarSvcGroup"=AarSvc "DevicesFlow"=DeviceAssociationBrokerSvc "smbsvcs"=lanmanserver "iissvcs"=w3svc was ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\59be958b-3489-5514-924e-19665d448259] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\6811d8ec-23f6-5ad3-9bb7-0e515c178d2a] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\8GadgetPack] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Adobe] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\AI_RecycleBin] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Akeo Consulting] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Alawar] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Altap] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\AnvSoft] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\AnyPasswordReg] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\AOMEI] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\AppDataLow] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Apple Inc.] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\AppWork] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\ArcticLine] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\ASProtect] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\ATI] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\AvastAdSDK] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\AVS4YOU] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Big Fish Games] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Bitdefender] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\BitTorrent] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\BitTorrentPersist] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\BlackParrot] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\BlueStacksInstaller] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\BugSplat] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\CDDB] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Chromium] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Clients] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Cliqz] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\CocCoc] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\ComodoGroup] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Cygwin] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Datastead] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\DefaultCompany] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Dicomp] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Die Gute Fabrik] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Driver Magician] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\ej-technologies] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Enigma Protector] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\EPSON] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\FinalWire] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\giveawayoftheday.com] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Glarysoft] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\GOG.com] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Google] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Greatis] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Hercules] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\IM Providers] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Intel] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\JLF] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\kde.org] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Khronos] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Licenses] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Ligos] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\LittleWorlds] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\LogiShrd] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Macromedia] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Macrovision] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\MainConcept] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\MainConcept (Consumer)] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Malwarebytes] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Mirage] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Mirball] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Movavi] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Mozilla] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Mozilla Backup] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Nero] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Netscape] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\NVIDIA Corporation] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\nwjs] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\O&O] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\ODBC] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Opera Stable Offer] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Oracle] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Partition Assistant] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\PCWinSoft] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\PDFLinkEditor] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Piriform] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Policies] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Protect Software GmbH] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\QFX Software] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\QtProject] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\RealNetworks] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\RegisteredApplications] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\SafelyRemove] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Sahmon Games] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Seed Games LLP] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\ShamanGS] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Siber Systems] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Steganos] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Sysinternals] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\SysProgs] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\TAdvCheckList] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\TeamViewer] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Test3D] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\thief] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Thunder Lotus Games] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Thunderbird] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Trolltech] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Unchecky] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\VB and VBA Program Settings] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\VMware, Inc.] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\VS Revo Group] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\WinRAR] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\WinRAR SFX] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\WOW6432Node] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\YustasGameStudio] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\ZHP] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Accessibility] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Active Setup] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\ActiveMovie] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\ActiveSync] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\AppV] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Assistance] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\AuthCookies] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Avalon.Graphics] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Clipboard] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\CommsAPHost] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\ComPstUI] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Connection Manager] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Cryptography] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\CTF] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\DeviceDirectory] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\DirectInput] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\DirectPlayNATHelp] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\DirectX Diagnostic Tool] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\DusmSvc] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Ease of Access] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Edge] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\EdgeUpdate] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\EventSystem] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Exchange] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\F12] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\FamilyStore] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Fax] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Feeds] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\FTP] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\GameBar] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\GameBarApi] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Games] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\IdentityCRL] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\IME] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\IMEMIP] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Input] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\InputMethod] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\InputPersonalization] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Installer] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Internet Connection Wizard] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Internet Explorer] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Internet Mail and News] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Investor] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Keyboard] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\LanguageOverlay] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Lptr] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\MediaPlayer] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Messaging] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Microsoft Games] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Microsoft Management Console] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\MicrosoftEdge] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\MobilePC] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Money] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\MPEG2Demultiplexer] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\MS Design Tools] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\MSF] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Multimedia] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\MVA] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Narrator] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\NGC] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Notepad] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Office] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\OneDrive] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Osk] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\PeerNet] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Personalization] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Phone] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Pim] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\PlayToReceiver] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Poom] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\PowerShell] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\RAS AutoDial] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\RAS EAP] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\RAS Phonebook] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Remote Assistance] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\RPM] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\ScreenMagnifier] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Scrunch] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Sensors] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Shared] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Shared Tools] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Silverlight] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Siuf] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\SkyDrive] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Speech] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Speech Virtual] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Speech_OneCore] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Spelling] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\SQMClient] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\StorageLibrary] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Support and Recovery Assistant] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\SystemCertificates] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\TabletTip] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\TPG] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Tracing] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\UEV] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Unified Store] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Unistore] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\UserData] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\UserDataService] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\VBA] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Visual Basic] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\WAB] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\WcmSvc] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\wfs] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Windows] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Windows Defender Security Center] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Windows Live] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Windows Media] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Windows NT] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Windows Script] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Windows Script Host] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Windows Search] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Windows Security Health] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Windows Sidebar] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Wisp] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\Works Suite] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\XboxLive] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\AssignedAccessConfiguration] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\Roaming] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows\Winlogon] [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\] [HKLM\Software\AGEIA Technologies] [HKLM\Software\AMD] [HKLM\Software\AMDLOG] [HKLM\Software\ArcticLine] [HKLM\Software\ATI Technologies] [HKLM\Software\AVAST Software] [HKLM\Software\bdr_update] [HKLM\Software\BitDefender] [HKLM\Software\Bitdefender Agent] [HKLM\Software\BlueStacksInstaller] [HKLM\Software\Caphyon] [HKLM\Software\Chromium] [HKLM\Software\cl2021.upgrade] [HKLM\Software\Clients] [HKLM\Software\ComodoGroup] [HKLM\Software\CVSM] [HKLM\Software\Cybelsoft] [HKLM\Software\DefaultUserEnvironment] [HKLM\Software\Dolby] [HKLM\Software\DownloadHelper] [HKLM\Software\DRWNewTrial] [HKLM\Software\DTS] [HKLM\Software\EPSON] [HKLM\Software\Fortemedia] [HKLM\Software\Fujitsu] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\Ignis] [HKLM\Software\Intel] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\Knowles] [HKLM\Software\Logishrd] [HKLM\Software\Logitech] [HKLM\Software\Malwarebytes] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\mozilla.org] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nahimic] [HKLM\Software\Nuance] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\OpenSSH] [HKLM\Software\Oracle] [HKLM\Software\Partner] [HKLM\Software\PDF Architect 7] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RTLSetup] [HKLM\Software\Seed4.Me VPN] [HKLM\Software\SonicFocus] [HKLM\Software\SoundResearch] [HKLM\Software\SRS Labs] [HKLM\Software\SumatraPDF] [HKLM\Software\TAP-Windows] [HKLM\Software\VideoLAN] [HKLM\Software\Waterfox] [HKLM\Software\Waves Audio] [HKLM\Software\Windows] [HKLM\Software\WiseCleaner] [HKLM\Software\WOW6432Node] [HKLM\Software\Yamaha APO] [HKLM\SOFTWARE\Microsoft\.NETFramework] [HKLM\SOFTWARE\Microsoft\AccountsControl] [HKLM\SOFTWARE\Microsoft\Active Setup] [HKLM\SOFTWARE\Microsoft\ActiveSync] [HKLM\SOFTWARE\Microsoft\ADs] [HKLM\SOFTWARE\Microsoft\Advanced INF Setup] [HKLM\SOFTWARE\Microsoft\ALG] [HKLM\SOFTWARE\Microsoft\AllUserInstallAgent] [HKLM\SOFTWARE\Microsoft\AMSI] [HKLM\SOFTWARE\Microsoft\Analog] [HKLM\SOFTWARE\Microsoft\AOMEI] [HKLM\SOFTWARE\Microsoft\AppServiceProtocols] [HKLM\SOFTWARE\Microsoft\AppV] [HKLM\SOFTWARE\Microsoft\AppVISV] [HKLM\SOFTWARE\Microsoft\ASP.NET] [HKLM\SOFTWARE\Microsoft\Assistance] [HKLM\SOFTWARE\Microsoft\AuthHost] [HKLM\SOFTWARE\Microsoft\BidInterface] [HKLM\SOFTWARE\Microsoft\BitLockerCsp] [HKLM\SOFTWARE\Microsoft\CallAndMessagingEnhancement] [HKLM\SOFTWARE\Microsoft\Cellular] [HKLM\SOFTWARE\Microsoft\Chkdsk] [HKLM\SOFTWARE\Microsoft\Clipboard] [HKLM\SOFTWARE\Microsoft\ClipboardServer] [HKLM\SOFTWARE\Microsoft\CloudManagedUpdate] [HKLM\SOFTWARE\Microsoft\COM3] [HKLM\SOFTWARE\Microsoft\Command Processor] [HKLM\SOFTWARE\Microsoft\CommsAPHost] [HKLM\SOFTWARE\Microsoft\CoreShell] [HKLM\SOFTWARE\Microsoft\Cryptography] [HKLM\SOFTWARE\Microsoft\CTF] [HKLM\SOFTWARE\Microsoft\DataAccess] [HKLM\SOFTWARE\Microsoft\DataCollection] [HKLM\SOFTWARE\Microsoft\DataSharing] [HKLM\SOFTWARE\Microsoft\DDDS] [HKLM\SOFTWARE\Microsoft\DevDiv] [HKLM\SOFTWARE\Microsoft\Device Association Framework] [HKLM\SOFTWARE\Microsoft\DeviceReg] [HKLM\SOFTWARE\Microsoft\Dfrg] [HKLM\SOFTWARE\Microsoft\DFS] [HKLM\SOFTWARE\Microsoft\DiagnosticLogCSP] [HKLM\SOFTWARE\Microsoft\DirectDraw] [HKLM\SOFTWARE\Microsoft\DirectInput] [HKLM\SOFTWARE\Microsoft\DirectMusic] [HKLM\SOFTWARE\Microsoft\DirectPlay8] [HKLM\SOFTWARE\Microsoft\DirectPlayNATHelp] [HKLM\SOFTWARE\Microsoft\DirectShow] [HKLM\SOFTWARE\Microsoft\DirectX] [HKLM\SOFTWARE\Microsoft\DownloadManager] [HKLM\SOFTWARE\Microsoft\Driver Signing] [HKLM\SOFTWARE\Microsoft\DRM] [HKLM\SOFTWARE\Microsoft\DusmSvc] [HKLM\SOFTWARE\Microsoft\DVDNavigator] [HKLM\SOFTWARE\Microsoft\DVR] [HKLM\SOFTWARE\Microsoft\DXP] [HKLM\SOFTWARE\Microsoft\EAPSIMMethods] [HKLM\SOFTWARE\Microsoft\Edge] [HKLM\SOFTWARE\Microsoft\Enrollment] [HKLM\SOFTWARE\Microsoft\Enrollments] [HKLM\SOFTWARE\Microsoft\EnterpriseCertificates] [HKLM\SOFTWARE\Microsoft\EnterpriseDataProtection] [HKLM\SOFTWARE\Microsoft\EnterpriseResourceManager] [HKLM\SOFTWARE\Microsoft\EventSounds] [HKLM\SOFTWARE\Microsoft\EventSystem] [HKLM\SOFTWARE\Microsoft\F12] [HKLM\SOFTWARE\Microsoft\FamilyStore] [HKLM\SOFTWARE\Microsoft\Fax] [HKLM\SOFTWARE\Microsoft\FaxServer] [HKLM\SOFTWARE\Microsoft\Feeds] [HKLM\SOFTWARE\Microsoft\FilePicker] [HKLM\SOFTWARE\Microsoft\FilterDS] [HKLM\SOFTWARE\Microsoft\FingerKB] [HKLM\SOFTWARE\Microsoft\FTH] [HKLM\SOFTWARE\Microsoft\Function Discovery] [HKLM\SOFTWARE\Microsoft\Fusion] [HKLM\SOFTWARE\Microsoft\FuzzyDS] [HKLM\SOFTWARE\Microsoft\GameOverlay] [HKLM\SOFTWARE\Microsoft\HTMLHelp] [HKLM\SOFTWARE\Microsoft\Hvsi] [HKLM\SOFTWARE\Microsoft\IdentityCRL] [HKLM\SOFTWARE\Microsoft\IdentityStore] [HKLM\SOFTWARE\Microsoft\IHDS] [HKLM\SOFTWARE\Microsoft\ImageTimeSettings] [HKLM\SOFTWARE\Microsoft\IMAPI] [HKLM\SOFTWARE\Microsoft\IME] [HKLM\SOFTWARE\Microsoft\IMEJP] [HKLM\SOFTWARE\Microsoft\IMEKR] [HKLM\SOFTWARE\Microsoft\IMETC] [HKLM\SOFTWARE\Microsoft\InetStp] [HKLM\SOFTWARE\Microsoft\InProcLogger] [HKLM\SOFTWARE\Microsoft\Input] [HKLM\SOFTWARE\Microsoft\InputMethod] [HKLM\SOFTWARE\Microsoft\InputPersonalization] [HKLM\SOFTWARE\Microsoft\Internet Account Manager] [HKLM\SOFTWARE\Microsoft\Internet Domains] [HKLM\SOFTWARE\Microsoft\Internet Explorer] [HKLM\SOFTWARE\Microsoft\IsoBurn] [HKLM\SOFTWARE\Microsoft\KGL] [HKLM\SOFTWARE\Microsoft\LanguageOverlay] [HKLM\SOFTWARE\Microsoft\LexiconUpdate] [HKLM\SOFTWARE\Microsoft\Managed Desktop] [HKLM\SOFTWARE\Microsoft\MdmCommon] [HKLM\SOFTWARE\Microsoft\MdmDiagnostics] [HKLM\SOFTWARE\Microsoft\MediaEngine] [HKLM\SOFTWARE\Microsoft\MediaPlayer] [HKLM\SOFTWARE\Microsoft\MemoryDiagnostic] [HKLM\SOFTWARE\Microsoft\Messaging] [HKLM\SOFTWARE\Microsoft\MessengerService] [HKLM\SOFTWARE\Microsoft\Microsoft Camera Codec Pack] [HKLM\SOFTWARE\Microsoft\MiracastReceiver] [HKLM\SOFTWARE\Microsoft\MMC] [HKLM\SOFTWARE\Microsoft\Mobile] [HKLM\SOFTWARE\Microsoft\MpSigStub] [HKLM\SOFTWARE\Microsoft\MSBuild] [HKLM\SOFTWARE\Microsoft\MSDE] [HKLM\SOFTWARE\Microsoft\MSDRM] [HKLM\SOFTWARE\Microsoft\MSDTC] [HKLM\SOFTWARE\Microsoft\MSF] [HKLM\SOFTWARE\Microsoft\MSIME] [HKLM\SOFTWARE\Microsoft\MSLicensing] [HKLM\SOFTWARE\Microsoft\MSMQ] [HKLM\SOFTWARE\Microsoft\MSN Apps] [HKLM\SOFTWARE\Microsoft\MTF] [HKLM\SOFTWARE\Microsoft\MTFFuzzyFactors] [HKLM\SOFTWARE\Microsoft\MTFInputType] [HKLM\SOFTWARE\Microsoft\MTFKeyboardMappings] [HKLM\SOFTWARE\Microsoft\Multimedia] [HKLM\SOFTWARE\Microsoft\Multivariant] [HKLM\SOFTWARE\Microsoft\NET Framework Setup] [HKLM\SOFTWARE\Microsoft\NetSh] [HKLM\SOFTWARE\Microsoft\Network] [HKLM\SOFTWARE\Microsoft\Non-Driver Signing] [HKLM\SOFTWARE\Microsoft\Notepad] [HKLM\SOFTWARE\Microsoft\ODBC] [HKLM\SOFTWARE\Microsoft\OEM] [HKLM\SOFTWARE\Microsoft\Office] [HKLM\SOFTWARE\Microsoft\OfficeCSP] [HKLM\SOFTWARE\Microsoft\OfficeSoftwareProtectionPlatform] [HKLM\SOFTWARE\Microsoft\Ole] [HKLM\SOFTWARE\Microsoft\OnlineProviders] [HKLM\SOFTWARE\Microsoft\Outlook Express] [HKLM\SOFTWARE\Microsoft\Palm] [HKLM\SOFTWARE\Microsoft\PCHealth] [HKLM\SOFTWARE\Microsoft\Personalization] [HKLM\SOFTWARE\Microsoft\Phone] [HKLM\SOFTWARE\Microsoft\Photos] [HKLM\SOFTWARE\Microsoft\Pim] [HKLM\SOFTWARE\Microsoft\PLA] [HKLM\SOFTWARE\Microsoft\PlayReady] [HKLM\SOFTWARE\Microsoft\PlayToReceiver] [HKLM\SOFTWARE\Microsoft\PointOfService] [HKLM\SOFTWARE\Microsoft\Policies] [HKLM\SOFTWARE\Microsoft\PolicyManager] [HKLM\SOFTWARE\Microsoft\Poom] [HKLM\SOFTWARE\Microsoft\PowerShell] [HKLM\SOFTWARE\Microsoft\Print] [HKLM\SOFTWARE\Microsoft\Provisioning] [HKLM\SOFTWARE\Microsoft\PushRouter] [HKLM\SOFTWARE\Microsoft\RADAR] [HKLM\SOFTWARE\Microsoft\Ras] [HKLM\SOFTWARE\Microsoft\RAS AutoDial] [HKLM\SOFTWARE\Microsoft\RcsPresence] [HKLM\SOFTWARE\Microsoft\Reliability Analysis] [HKLM\SOFTWARE\Microsoft\Remediation] [HKLM\SOFTWARE\Microsoft\RemovalTools] [HKLM\SOFTWARE\Microsoft\RendezvousApps] [HKLM\SOFTWARE\Microsoft\Router] [HKLM\SOFTWARE\Microsoft\Rpc] [HKLM\SOFTWARE\Microsoft\SchedulingAgent] [HKLM\SOFTWARE\Microsoft\Schema Library] [HKLM\SOFTWARE\Microsoft\Security Center] [HKLM\SOFTWARE\Microsoft\SecurityManager] [HKLM\SOFTWARE\Microsoft\SEMgr] [HKLM\SOFTWARE\Microsoft\Sensors] [HKLM\SOFTWARE\Microsoft\ServerManager] [HKLM\SOFTWARE\Microsoft\Settings] [HKLM\SOFTWARE\Microsoft\Shared] [HKLM\SOFTWARE\Microsoft\Shared Tools] [HKLM\SOFTWARE\Microsoft\Shared Tools Location] [HKLM\SOFTWARE\Microsoft\Shell] [HKLM\SOFTWARE\Microsoft\SIH] [HKLM\SOFTWARE\Microsoft\Silverlight] [HKLM\SOFTWARE\Microsoft\Siuf] [HKLM\SOFTWARE\Microsoft\SMB1Uninstall] [HKLM\SOFTWARE\Microsoft\SoftGrid] [HKLM\SOFTWARE\Microsoft\Software] [HKLM\SOFTWARE\Microsoft\Speech] [HKLM\SOFTWARE\Microsoft\Speech_OneCore] [HKLM\SOFTWARE\Microsoft\SQMClient] [HKLM\SOFTWARE\Microsoft\StrongName] [HKLM\SOFTWARE\Microsoft\Sync Framework] [HKLM\SOFTWARE\Microsoft\Sysprep] [HKLM\SOFTWARE\Microsoft\SystemCertificates] [HKLM\SOFTWARE\Microsoft\SystemSettings] [HKLM\SOFTWARE\Microsoft\TableTextService] [HKLM\SOFTWARE\Microsoft\TabletTip] [HKLM\SOFTWARE\Microsoft\TaskFlowDataEngine] [HKLM\SOFTWARE\Microsoft\Tcpip] [HKLM\SOFTWARE\Microsoft\TelemetryClient] [HKLM\SOFTWARE\Microsoft\Terminal Server Client] [HKLM\SOFTWARE\Microsoft\TermServLicensing] [HKLM\SOFTWARE\Microsoft\TMM] [HKLM\SOFTWARE\Microsoft\TouchPrediction] [HKLM\SOFTWARE\Microsoft\TPG] [HKLM\SOFTWARE\Microsoft\Tpm] [HKLM\SOFTWARE\Microsoft\Tracing] [HKLM\SOFTWARE\Microsoft\Transaction Server] [HKLM\SOFTWARE\Microsoft\TV System Services] [HKLM\SOFTWARE\Microsoft\uDRM] [HKLM\SOFTWARE\Microsoft\UEV] [HKLM\SOFTWARE\Microsoft\Unified Store] [HKLM\SOFTWARE\Microsoft\UNP] [HKLM\SOFTWARE\Microsoft\UPnP Control Point] [HKLM\SOFTWARE\Microsoft\UPnP Device Host] [HKLM\SOFTWARE\Microsoft\UserData] [HKLM\SOFTWARE\Microsoft\UserManager] [HKLM\SOFTWARE\Microsoft\Virtual Machine] [HKLM\SOFTWARE\Microsoft\VisualStudio] [HKLM\SOFTWARE\Microsoft\W3SVC] [HKLM\SOFTWARE\Microsoft\WAB] [HKLM\SOFTWARE\Microsoft\Wallet] [HKLM\SOFTWARE\Microsoft\Wbem] [HKLM\SOFTWARE\Microsoft\WcmSvc] [HKLM\SOFTWARE\Microsoft\WIMMount] [HKLM\SOFTWARE\Microsoft\Windows] [HKLM\SOFTWARE\Microsoft\Windows Advanced Threat Protection] [HKLM\SOFTWARE\Microsoft\Windows Defender] [HKLM\SOFTWARE\Microsoft\Windows Defender Security Center] [HKLM\SOFTWARE\Microsoft\Windows Desktop Search] [HKLM\SOFTWARE\Microsoft\Windows Embedded] [HKLM\SOFTWARE\Microsoft\Windows Live] [HKLM\SOFTWARE\Microsoft\Windows Mail] [HKLM\SOFTWARE\Microsoft\Windows Media Device Manager] [HKLM\SOFTWARE\Microsoft\Windows Media Foundation] [HKLM\SOFTWARE\Microsoft\Windows Media Player NSS] [HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem] [HKLM\SOFTWARE\Microsoft\Windows NT] [HKLM\SOFTWARE\Microsoft\Windows Photo Viewer] [HKLM\SOFTWARE\Microsoft\Windows Portable Devices] [HKLM\SOFTWARE\Microsoft\Windows Script Host] [HKLM\SOFTWARE\Microsoft\Windows Search] [HKLM\SOFTWARE\Microsoft\Windows Security Health] [HKLM\SOFTWARE\Microsoft\WindowsRuntime] [HKLM\SOFTWARE\Microsoft\WindowsSelfHost] [HKLM\SOFTWARE\Microsoft\WindowsUpdate] [HKLM\SOFTWARE\Microsoft\Wisp] [HKLM\SOFTWARE\Microsoft\WlanSvc] [HKLM\SOFTWARE\Microsoft\Wlpasvc] [HKLM\SOFTWARE\Microsoft\Wow64] [HKLM\SOFTWARE\Microsoft\WSDAPI] [HKLM\SOFTWARE\Microsoft\WwanSvc] [HKLM\SOFTWARE\Microsoft\XAML] [HKLM\SOFTWARE\Microsoft\XboxLive] [HKLM\Software\Microsoft\Windows\AssignedAccessConfiguration] [HKLM\Software\Microsoft\Windows\AssignedAccessCsp] [HKLM\Software\Microsoft\Windows\Autopilot] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\Dwm] [HKLM\Software\Microsoft\Windows\DynamicManagement] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\Heat] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\NcsiUwpApp] [HKLM\Software\Microsoft\Windows\Notepad] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\UpdateApi] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AarSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\apphost] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AssignedAccessManagerSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\autotimesvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BcastDVRUserService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\btagservice] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BthAppGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ClipboardSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DialogBlockingService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\iissvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UdkSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] [HKLM\Software\WOW6432Node\8GadgetPack] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\Avanquest] [HKLM\Software\WOW6432Node\AVS4YOU] [HKLM\Software\WOW6432Node\Big Fish Games] [HKLM\Software\WOW6432Node\Bitdefender] [HKLM\Software\WOW6432Node\Bitdefender Agent] [HKLM\Software\WOW6432Node\ComodoGroup] [HKLM\Software\WOW6432Node\DearMob iPhone Manager] [HKLM\Software\WOW6432Node\EaseUS Disk Copy] [HKLM\Software\WOW6432Node\ej-technologies] [HKLM\Software\WOW6432Node\Elaborate Bytes] [HKLM\Software\WOW6432Node\EPSON] [HKLM\Software\WOW6432Node\Fujitsu] [HKLM\Software\WOW6432Node\GOG.com] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Greatis] [HKLM\Software\WOW6432Node\Hercules] [HKLM\Software\WOW6432Node\Hercules Technologies] [HKLM\Software\WOW6432Node\HP] [HKLM\Software\WOW6432Node\IM Providers] [HKLM\Software\WOW6432Node\InstallShield] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Licenses] [HKLM\Software\WOW6432Node\Lola] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Nero] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OpenAL] [HKLM\Software\WOW6432Node\OpenVPN] [HKLM\Software\WOW6432Node\Oracle] [HKLM\Software\WOW6432Node\PCWinSoft] [HKLM\Software\WOW6432Node\Piriform] [HKLM\Software\WOW6432Node\PoINT] [HKLM\Software\WOW6432Node\proDAD] [HKLM\Software\WOW6432Node\QFX Software] [HKLM\Software\WOW6432Node\Rainlendar2] [HKLM\Software\WOW6432Node\RealNetworks] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Siber Systems] [HKLM\Software\WOW6432Node\SRS Labs] [HKLM\Software\WOW6432Node\Steganos] [HKLM\Software\WOW6432Node\SyncIntegrationClients] [HKLM\Software\WOW6432Node\TeamViewer] [HKLM\Software\WOW6432Node\Unchecky] [HKLM\Software\WOW6432Node\UNREAL] [HKLM\Software\WOW6432Node\VMware, Inc.] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\Waterfox] [HKLM\Software\WOW6432Node\WinRAR] [HKLM\Software\WOW6432Node\Wow6432Node] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\.NETFramework] [HKLM\Software\WOW6432Node\Microsoft\Active Setup] [HKLM\Software\WOW6432Node\Microsoft\ADs] [HKLM\Software\WOW6432Node\Microsoft\Advanced INF Setup] [HKLM\Software\WOW6432Node\Microsoft\AMSI] [HKLM\Software\WOW6432Node\Microsoft\AOMEI] [HKLM\Software\WOW6432Node\Microsoft\AppServiceProtocols] [HKLM\Software\WOW6432Node\Microsoft\AppV] [HKLM\Software\WOW6432Node\Microsoft\ASP.NET] [HKLM\Software\WOW6432Node\Microsoft\ASP.NET MVC 4] [HKLM\Software\WOW6432Node\Microsoft\Assistance] [HKLM\Software\WOW6432Node\Microsoft\AudioCompressionManager] [HKLM\Software\WOW6432Node\Microsoft\AuthHost] [HKLM\Software\WOW6432Node\Microsoft\BidInterface] [HKLM\Software\WOW6432Node\Microsoft\BitLockerCsp] [HKLM\Software\WOW6432Node\Microsoft\ClipboardServer] [HKLM\Software\WOW6432Node\Microsoft\Command Processor] [HKLM\Software\WOW6432Node\Microsoft\Cryptography] [HKLM\Software\WOW6432Node\Microsoft\CTF] [HKLM\Software\WOW6432Node\Microsoft\DataAccess] [HKLM\Software\WOW6432Node\Microsoft\DevDiv] [HKLM\Software\WOW6432Node\Microsoft\Device Association Framework] [HKLM\Software\WOW6432Node\Microsoft\Direct3D] [HKLM\Software\WOW6432Node\Microsoft\DirectDraw] [HKLM\Software\WOW6432Node\Microsoft\DirectInput] [HKLM\Software\WOW6432Node\Microsoft\DirectMusic] [HKLM\Software\WOW6432Node\Microsoft\DirectPlay] [HKLM\Software\WOW6432Node\Microsoft\DirectPlay8] [HKLM\Software\WOW6432Node\Microsoft\DirectPlayNATHelp] [HKLM\Software\WOW6432Node\Microsoft\DirectShow] [HKLM\Software\WOW6432Node\Microsoft\DirectX] [HKLM\Software\WOW6432Node\Microsoft\DownloadManager] [HKLM\Software\WOW6432Node\Microsoft\DRM] [HKLM\Software\WOW6432Node\Microsoft\DVDNavigator] [HKLM\Software\WOW6432Node\Microsoft\DVR] [HKLM\Software\WOW6432Node\Microsoft\EAPSIMMethods] [HKLM\Software\WOW6432Node\Microsoft\Edge] [HKLM\Software\WOW6432Node\Microsoft\EdgeUpdate] [HKLM\Software\WOW6432Node\Microsoft\ENROLLMENTS] [HKLM\Software\WOW6432Node\Microsoft\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Exchange] [HKLM\Software\WOW6432Node\Microsoft\F12] [HKLM\Software\WOW6432Node\Microsoft\Fax] [HKLM\Software\WOW6432Node\Microsoft\Feeds] [HKLM\Software\WOW6432Node\Microsoft\FilePicker] [HKLM\Software\WOW6432Node\Microsoft\Function Discovery] [HKLM\Software\WOW6432Node\Microsoft\Fusion] [HKLM\Software\WOW6432Node\Microsoft\GameOverlay] [HKLM\Software\WOW6432Node\Microsoft\Games] [HKLM\Software\WOW6432Node\Microsoft\HTMLHelp] [HKLM\Software\WOW6432Node\Microsoft\IdentityCRL] [HKLM\Software\WOW6432Node\Microsoft\IdentityStore] [HKLM\Software\WOW6432Node\Microsoft\IMAPI] [HKLM\Software\WOW6432Node\Microsoft\IME] [HKLM\Software\WOW6432Node\Microsoft\IMEJP] [HKLM\Software\WOW6432Node\Microsoft\IMEKR] [HKLM\Software\WOW6432Node\Microsoft\IMETC] [HKLM\Software\WOW6432Node\Microsoft\InetStp] [HKLM\Software\WOW6432Node\Microsoft\InputMethod] [HKLM\Software\WOW6432Node\Microsoft\InputPersonalization] [HKLM\Software\WOW6432Node\Microsoft\Internet Account Manager] [HKLM\Software\WOW6432Node\Microsoft\Internet Domains] [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer] [HKLM\Software\WOW6432Node\Microsoft\IsoBurn] [HKLM\Software\WOW6432Node\Microsoft\Jet] [HKLM\Software\WOW6432Node\Microsoft\Lptr] [HKLM\Software\WOW6432Node\Microsoft\MediaEngine] [HKLM\Software\WOW6432Node\Microsoft\MediaPlayer] [HKLM\Software\WOW6432Node\Microsoft\MessengerService] [HKLM\Software\WOW6432Node\Microsoft\Microsoft Camera Codec Pack] [HKLM\Software\WOW6432Node\Microsoft\Microsoft Games] [HKLM\Software\WOW6432Node\Microsoft\Microsoft SQL Server Compact Edition] [HKLM\Software\WOW6432Node\Microsoft\MiracastReceiver] [HKLM\Software\WOW6432Node\Microsoft\MMC] [HKLM\Software\WOW6432Node\Microsoft\Money] [HKLM\Software\WOW6432Node\Microsoft\MSBuild] [HKLM\Software\WOW6432Node\Microsoft\MSDE] [HKLM\Software\WOW6432Node\Microsoft\MSDRM] [HKLM\Software\WOW6432Node\Microsoft\MSDTC] [HKLM\Software\WOW6432Node\Microsoft\MSF] [HKLM\Software\WOW6432Node\Microsoft\MSLicensing] [HKLM\Software\WOW6432Node\Microsoft\MSN Apps] [HKLM\Software\WOW6432Node\Microsoft\MSOSOAP] [HKLM\Software\WOW6432Node\Microsoft\MTF] [HKLM\Software\WOW6432Node\Microsoft\Multimedia] [HKLM\Software\WOW6432Node\Microsoft\NET Framework Setup] [HKLM\Software\WOW6432Node\Microsoft\NetSh] [HKLM\Software\WOW6432Node\Microsoft\Network] [HKLM\Software\WOW6432Node\Microsoft\Notepad] [HKLM\Software\WOW6432Node\Microsoft\ODBC] [HKLM\Software\WOW6432Node\Microsoft\OEM] [HKLM\Software\WOW6432Node\Microsoft\Office] [HKLM\Software\WOW6432Node\Microsoft\Office Server] [HKLM\Software\WOW6432Node\Microsoft\OfficeSoftwareProtectionPlatform] [HKLM\Software\WOW6432Node\Microsoft\OnlineProviders] [HKLM\Software\WOW6432Node\Microsoft\Outlook Express] [HKLM\Software\WOW6432Node\Microsoft\Palm] [HKLM\Software\WOW6432Node\Microsoft\PCHealth] [HKLM\Software\WOW6432Node\Microsoft\Personalization] [HKLM\Software\WOW6432Node\Microsoft\Photos] [HKLM\Software\WOW6432Node\Microsoft\PLA] [HKLM\Software\WOW6432Node\Microsoft\Policies] [HKLM\Software\WOW6432Node\Microsoft\PowerShell] [HKLM\Software\WOW6432Node\Microsoft\Print] [HKLM\Software\WOW6432Node\Microsoft\Provisioning] [HKLM\Software\WOW6432Node\Microsoft\RADAR] [HKLM\Software\WOW6432Node\Microsoft\RAS AutoDial] [HKLM\Software\WOW6432Node\Microsoft\RendezvousApps] [HKLM\Software\WOW6432Node\Microsoft\RFC1156Agent] [HKLM\Software\WOW6432Node\Microsoft\SchedulingAgent] [HKLM\Software\WOW6432Node\Microsoft\Schema Library] [HKLM\Software\WOW6432Node\Microsoft\Security Center] [HKLM\Software\WOW6432Node\Microsoft\Sensors] [HKLM\Software\WOW6432Node\Microsoft\ServerManager] [HKLM\Software\WOW6432Node\Microsoft\Shared] [HKLM\Software\WOW6432Node\Microsoft\Shared Tools] [HKLM\Software\WOW6432Node\Microsoft\Shared Tools Location] [HKLM\Software\WOW6432Node\Microsoft\Silverlight] [HKLM\Software\WOW6432Node\Microsoft\Software] [HKLM\Software\WOW6432Node\Microsoft\SPEECH] [HKLM\Software\WOW6432Node\Microsoft\Speech_OneCore] [HKLM\Software\WOW6432Node\Microsoft\SQMClient] [HKLM\Software\WOW6432Node\Microsoft\StrongName] [HKLM\Software\WOW6432Node\Microsoft\Sync Framework] [HKLM\Software\WOW6432Node\Microsoft\SystemSettings] [HKLM\Software\WOW6432Node\Microsoft\TableTextService] [HKLM\Software\WOW6432Node\Microsoft\TabletTip] [HKLM\Software\WOW6432Node\Microsoft\Tcpip] [HKLM\Software\WOW6432Node\Microsoft\Terminal Server Client] [HKLM\Software\WOW6432Node\Microsoft\TouchPrediction] [HKLM\Software\WOW6432Node\Microsoft\TPG] [HKLM\Software\WOW6432Node\Microsoft\Tpm] [HKLM\Software\WOW6432Node\Microsoft\Tracing] [HKLM\Software\WOW6432Node\Microsoft\TV System Services] [HKLM\Software\WOW6432Node\Microsoft\uDRM] [HKLM\Software\WOW6432Node\Microsoft\UEV] [HKLM\Software\WOW6432Node\Microsoft\Updates] [HKLM\Software\WOW6432Node\Microsoft\UPnP Control Point] [HKLM\Software\WOW6432Node\Microsoft\UPnP Device Host] [HKLM\Software\WOW6432Node\Microsoft\VisualStudio] [HKLM\Software\WOW6432Node\Microsoft\VSTA Runtime Setup] [HKLM\Software\WOW6432Node\Microsoft\VSTO Runtime Setup] [HKLM\Software\WOW6432Node\Microsoft\W3SVC] [HKLM\Software\WOW6432Node\Microsoft\WAB] [HKLM\Software\WOW6432Node\Microsoft\WBEM] [HKLM\Software\WOW6432Node\Microsoft\WIMMount] [HKLM\Software\WOW6432Node\Microsoft\Windows] [HKLM\Software\WOW6432Node\Microsoft\Windows Desktop Search] [HKLM\Software\WOW6432Node\Microsoft\Windows Live] [HKLM\Software\WOW6432Node\Microsoft\Windows Mail] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Device Manager] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Foundation] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Player NSS] [HKLM\Software\WOW6432Node\Microsoft\Windows Messaging Subsystem] [HKLM\Software\WOW6432Node\Microsoft\Windows NT] [HKLM\Software\WOW6432Node\Microsoft\Windows Photo Viewer] [HKLM\Software\WOW6432Node\Microsoft\Windows Portable Devices] [HKLM\Software\WOW6432Node\Microsoft\Windows Script Host] [HKLM\Software\WOW6432Node\Microsoft\WindowsRuntime] [HKLM\Software\WOW6432Node\Microsoft\WindowsUpdate] [HKLM\Software\WOW6432Node\Microsoft\Wisp] [HKLM\Software\WOW6432Node\Microsoft\WlanSvc] [HKLM\Software\WOW6432Node\Microsoft\Works] [HKLM\Software\WOW6432Node\Microsoft\WSDAPI] [HKLM\Software\WOW6432Node\Microsoft\XNA] [HKLM\Software\WOW6432Node\Microsoft\Cellular] [HKLM\Software\WOW6432Node\Microsoft\COM3] [HKLM\Software\WOW6432Node\Microsoft\DeviceReg] [HKLM\Software\WOW6432Node\Microsoft\DFS] [HKLM\Software\WOW6432Node\Microsoft\Driver Signing] [HKLM\Software\WOW6432Node\Microsoft\EnterpriseCertificates] [HKLM\Software\WOW6432Node\Microsoft\EventSystem] [HKLM\Software\WOW6432Node\Microsoft\FingerKB] [HKLM\Software\WOW6432Node\Microsoft\FuzzyDS] [HKLM\Software\WOW6432Node\Microsoft\Input] [HKLM\Software\WOW6432Node\Microsoft\LanguageOverlay] [HKLM\Software\WOW6432Node\Microsoft\Messaging] [HKLM\Software\WOW6432Node\Microsoft\MSMQ] [HKLM\Software\WOW6432Node\Microsoft\MTFFuzzyFactors] [HKLM\Software\WOW6432Node\Microsoft\MTFInputType] [HKLM\Software\WOW6432Node\Microsoft\MTFKeyboardMappings] [HKLM\Software\WOW6432Node\Microsoft\Non-Driver Signing] [HKLM\Software\WOW6432Node\Microsoft\Ole] [HKLM\Software\WOW6432Node\Microsoft\Phone] [HKLM\Software\WOW6432Node\Microsoft\Pim] [HKLM\Software\WOW6432Node\Microsoft\Poom] [HKLM\Software\WOW6432Node\Microsoft\Ras] [HKLM\Software\WOW6432Node\Microsoft\Rpc] [HKLM\Software\WOW6432Node\Microsoft\SecurityManager] [HKLM\Software\WOW6432Node\Microsoft\Semgr] [HKLM\Software\WOW6432Node\Microsoft\Shell] [HKLM\Software\WOW6432Node\Microsoft\SystemCertificates] [HKLM\Software\WOW6432Node\Microsoft\TermServLicensing] [HKLM\Software\WOW6432Node\Microsoft\Transaction Server] [HKLM\Software\WOW6432Node\Microsoft\Unified Store] [HKLM\Software\WOW6432Node\Microsoft\UserData] [HKLM\Software\WOW6432Node\Microsoft\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\XAML] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\Heat] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\UpdateApi] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\AarSvc] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\iissvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] ---------- | Drives D: E: H: ---------- | C: [29/12/2018 14:02:34] - |HD| - [183410] - C:\$GetCurrent [04/05/2017 13:19:31] - |SHD| - [1995279806] - C:\$RECYCLE.BIN [03/09/2019 14:32:12] - |HD| - [71168167] - C:\$SysReset [06/01/2021 20:54:38] - |HD| - [391417] - C:\$Windows.~WS [31/10/2020 14:00:18] - |HD| - [0] - C:\$WinREAgent [MD5.D41D8CD98F00B204E9800998ECF8427E] - [18/11/2015 13:56:43] - |AH| - (.-.) - [0] - (0.0.0.0) - C:\$WINRE_BACKUP_PARTITION.MARKER [09/03/2015 10:07:45] - |D| - [493801935] - C:\AdwCleaner [08/12/2020 16:52:31] - |D| - [85227816] - C:\aida64extreme630 [MD5.998518739126397FEA6A8E8ABC73628A] - [15/09/2020 18:52:09] - |H| - (.-.) - [1024] - (0.0.0.0) - C:\AMTAG.BIN [MD5.D41D8CD98F00B204E9800998ECF8427E] - [28/03/2017 18:48:25] - |AH| - (.-.) - [0] - (0.0.0.0) - C:\asc_rdflag [MD5.D41D8CD98F00B204E9800998ECF8427E] - [28/12/2013 15:17:39] - |A| - (.-.) - [0] - (0.0.0.0) - C:\autoexec.bat [MD5.402500066459088EFC9C3228CD41DB7D] - [07/05/2019 11:33:13] - |A| - (.-.) - [37155] - (0.0.0.0) - C:\bdlog.txt [MD5.C7FD70F69C7792256EED17FBDD83484F] - [02/12/2014 14:52:52] - |AH| - (.-.) - [3271472] - (0.0.0.0) - C:\bdr-bz01 [MD5.C7FD70F69C7792256EED17FBDD83484F] - [02/03/2015 15:04:06] - |AH| - (.-.) - [3271472] - (0.0.0.0) - C:\bdr-bz02 [MD5.C7FD70F69C7792256EED17FBDD83484F] - [27/08/2015 20:31:15] - |AH| - (.-.) - [3271472] - (0.0.0.0) - C:\bdr-bz03 [MD5.C7FD70F69C7792256EED17FBDD83484F] - [20/10/2015 18:53:11] - |AH| - (.-.) - [3271472] - (0.0.0.0) - C:\bdr-bz04 [MD5.C7FD70F69C7792256EED17FBDD83484F] - [03/01/2017 12:39:54] - |AH| - (.-.) - [3271472] - (0.0.0.0) - C:\bdr-bz05 [MD5.51174AF8DB76309C2835BB5A736C6071] - [02/12/2014 14:53:37] - |AH| - (.-.) - [684] - (0.0.0.0) - C:\bdr-cf01 [MD5.BB319F14536EC67C0A282F9C8ABF4B20] - [02/03/2015 15:07:55] - |AH| - (.-.) - [684] - (0.0.0.0) - C:\bdr-cf02 [MD5.DC296DDA2F6139DE2F76FFC932487262] - [27/08/2015 20:37:12] - |AH| - (.-.) - [684] - (0.0.0.0) - C:\bdr-cf03 [MD5.288CA654DDBECDA915C95815EBA7C506] - [20/10/2015 18:54:10] - |AH| - (.-.) - [684] - (0.0.0.0) - C:\bdr-cf04 [MD5.28D4A9003347507A525704C8E53944BD] - [03/01/2017 12:41:09] - |AH| - (.-.) - [684] - (0.0.0.0) - C:\bdr-cf05 [MD5.91DECAE7268AD708B276EE9A3DFEB4FC] - [02/12/2014 14:52:51] - |AH| - (.-.) - [49563064] - (0.0.0.0) - C:\bdr-im01.gz [MD5.91DECAE7268AD708B276EE9A3DFEB4FC] - [02/03/2015 15:04:05] - |AH| - (.-.) - [49563064] - (0.0.0.0) - C:\bdr-im02.gz [MD5.91DECAE7268AD708B276EE9A3DFEB4FC] - [27/08/2015 20:31:14] - |AH| - (.-.) - [49563064] - (0.0.0.0) - C:\bdr-im03.gz [MD5.D34B0B8AA91C481E5EC4F4AC8A9E40AC] - [20/10/2015 18:53:09] - |AH| - (.-.) - [49626058] - (0.0.0.0) - C:\bdr-im04.gz [MD5.13DB54E64CE7C37A2E6265C045D96CDA] - [03/01/2017 12:39:53] - |AH| - (.-.) - [49758588] - (0.0.0.0) - C:\bdr-im05.gz [MD5.8E83A0EAB3AD8599EA4CC21F18564B2D] - [02/12/2014 14:52:50] - |AH| - (.-.) - [253404] - (0.0.0.0) - C:\bdr-ld01 [MD5.0F6AA65A6E1037C915DD38A8109ACAFE] - [02/12/2014 14:52:52] - |AH| - (.-.) - [9216] - (0.0.0.0) - C:\bdr-ld01.mbr [MD5.5937A41AFB8F5CD8B1492F4AC8A3CC85] - [02/03/2015 15:04:05] - |AH| - (.-.) - [253404] - (0.0.0.0) - C:\bdr-ld02 [MD5.1DF1B278817BD0F0865C65D63682250F] - [02/03/2015 15:04:06] - |AH| - (.-.) - [9216] - (0.0.0.0) - C:\bdr-ld02.mbr [MD5.BE281EFBD143463151649D4A3D552524] - [27/08/2015 20:31:14] - |AH| - (.-.) - [253404] - (0.0.0.0) - C:\bdr-ld03 [MD5.2FF5E9F6C9AE0D2CB3C905913AA1210D] - [27/08/2015 20:31:15] - |AH| - (.-.) - [9216] - (0.0.0.0) - C:\bdr-ld03.mbr [MD5.624EFA151C36906B872EDC6A986C8A01] - [20/10/2015 18:53:09] - |AH| - (.-.) - [253404] - (0.0.0.0) - C:\bdr-ld04 [MD5.33B2BD6AF4A4D923224FBD47A40D08F0] - [20/10/2015 18:53:11] - |AH| - (.-.) - [9216] - (0.0.0.0) - C:\bdr-ld04.mbr [MD5.80E5A9E77BE19D3D260E7BABBC7F03F4] - [03/01/2017 12:39:53] - |AH| - (.-.) - [253404] - (0.0.0.0) - C:\bdr-ld05 [MD5.6E6E33041ACCDAF10E704C59DE549E39] - [03/01/2017 12:39:54] - |AH| - (.-.) - [9216] - (0.0.0.0) - C:\bdr-ld05.mbr [25/02/2018 11:38:27] - |D| - [231067] - C:\BigFishCache [13/11/2018 17:36:40] - |SHD| - [20412687] - C:\Boot [MD5.24858F947348F3BB871113A3300F069B] - [10/11/2018 18:13:51] - |H| - (.-.) - [467] - (0.0.0.0) - C:\Boot.BAK [MD5.24858F947348F3BB871113A3300F069B] - [10/11/2018 18:25:30] - |RH| - (.-.) - [467] - (0.0.0.0) - C:\boot.ini [MD5.24858F947348F3BB871113A3300F069B] - [10/11/2018 18:25:30] - |RASH| - (.-.) - [467] - (0.0.0.0) - C:\Boot.ini.saved [MD5.C37C1B3F6505BD3A7F5AAE8B71973902] - [14/04/2008 14:00:00] - |RASH| - (.-.) - [4952] - (0.0.0.0) - C:\Bootfont.bin [MD5.84F775A81360AEB1420E2A1D2C871654] - [16/06/2021 18:23:23] - |RASH| - (.-.) - [414020] - (0.0.0.0) - C:\bootmgr [MD5.93B885ADFE0DA089CDF634904FD59F71] - [16/06/2021 18:23:23] - |ASH| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT [MD5.34FED28E2AA5FA8E5DC206CBBB177760] - [14/04/2018 16:04:31] - |RASH| - (.-.) - [8192] - (0.0.0.0) - C:\BOOTSECT.BAK [MD5.639B40DB3CC91A056E253FBE2B9B7C53] - [26/05/2021 19:30:23] - |SH| - (.-.) - [112] - (0.0.0.0) - C:\bootTel.dat [05/12/2015 13:01:03] - |D| - [248957] - C:\Brother's Keeper 7 [25/10/2016 13:12:27] - |D| - [7340722123] - C:\captvty-2.5 [01/07/2021 15:45:37] - |D| - [269874] - C:\Clean_Dns [26/02/2015 15:59:11] - |SHD| - [1827000] - C:\Config.Msi [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/11/2018 17:39:06] - |A| - (.-.) - [0] - (0.0.0.0) - C:\CONFIG.SYS [MD5.D41D8CD98F00B204E9800998ECF8427E] - [24/08/2018 15:10:01] - |ASH| - (.-.) - [0] - (0.0.0.0) - C:\DkHyperbootSync [10/07/2015 14:21:38] - |SHD| - [0] - C:\Documents and Settings [27/02/2017 17:14:45] - |D| - [4034411] - C:\Données EuroSoft Software Development [MD5.D41D8CD98F00B204E9800998ECF8427E] - [02/11/2020 18:04:58] - |ASH| - (.-.) - [8192] - (0.0.0.0) - C:\DumpStack.log.tmp [05/01/2021 12:20:54] - |D| - [0] - C:\ESD [20/08/2018 16:37:22] - |SHD| - [45541] - C:\found.000 [26/05/2021 19:30:22] - |SHD| - [935211] - C:\found.001 [14/10/2017 09:03:23] - |AD| - [85380540] - C:\GiolSupport [MD5.D41D8CD98F00B204E9800998ECF8427E] - [25/05/2021 10:14:07] - |ASH| - (.-.) - [3401244672] - (0.0.0.0) - C:\hiberfil.sys [26/08/2020 14:21:16] - |D| - [154217] - C:\Icônes [26/06/2021 14:55:04] - |D| - [188539] - C:\inetpub [16/04/2021 18:28:28] - |D| - [209476] - C:\Intel [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/11/2018 17:39:06] - |RASH| - (.-.) - [0] - (0.0.0.0) - C:\IO.SYS [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/11/2018 17:39:06] - |RASH| - (.-.) - [0] - (0.0.0.0) - C:\MSDOS.SYS [20/05/2021 10:02:25] - |RHD| - [323094519] - C:\MSOCache [30/10/2017 10:53:42] - |D| - [0] - C:\MyDrivers [13/11/2020 16:21:21] - |SHD| - [13278648] - C:\Nsi.pending [MD5.B2DE3452DE03674C6CEC68B8C8CE7C78] - [14/04/2008 14:00:00] - |RASH| - (.-.) - [47564] - (0.0.0.0) - C:\NTDETECT.COM [MD5.7794C3221F670DE270586A2CF6E68383] - [14/04/2008 14:00:00] - |RASH| - (.-.) - [252240] - (0.0.0.0) - C:\ntldr [MD5.D41D8CD98F00B204E9800998ECF8427E] - [24/05/2021 21:20:53] - |ASH| - (.-.) - [2415919104] - (0.0.0.0) - C:\pagefile.sys [07/12/2019 11:14:52] - |D| - [0] - C:\PerfLogs [07/12/2019 11:14:52] - |RD| - [9102085105] - C:\Program Files [07/12/2019 11:14:52] - |RD| - [7654636192] - C:\Program Files (x86) [07/12/2019 11:14:52] - |HD| - [2003536394] - C:\ProgramData [01/07/2021 14:40:27] - |D| - [481] - C:\QuickDiag [MD5.9AD9BB5C89DE81C1B524C431B485EDDB] - [01/07/2021 16:42:25] - |A| - (.-.) - [249107] - (0.0.0.0) - C:\QuickDiag.txt [06/06/2018 19:50:55] - |SHD| - [1317] - C:\Recovery [13/11/2018 17:29:49] - |SHD| - [0] - C:\RECYCLER [06/06/2019 07:12:47] - |D| - [1187388] - C:\Rufus [03/03/2015 18:51:11] - |D| - [359480808] - C:\SmartSound Software [04/12/2019 15:56:31] - |D| - [0] - C:\SocketeQ [22/10/2018 21:35:12] - |D| - [766230491] - C:\SuperTuxKartPortable [MD5.D41D8CD98F00B204E9800998ECF8427E] - [29/12/2018 16:35:10] - |ASH| - (.-.) - [16777216] - (0.0.0.0) - C:\swapfile.sys [MD5.E1F69C32ED019124B8946C124912E5AF] - [29/06/2021 11:49:31] - |AH| - (.-.) - [1024] - (0.0.0.0) - C:\SYSTAG.BIN [26/09/2013 12:12:38] - |SHD| - [2736104840] - C:\System Volume Information [16/09/2016 09:24:43] - |D| - [2173597] - C:\System.sav [08/03/2018 04:12:45] - |D| - [3620660] - C:\Temp [07/12/2019 11:03:44] - |RD| - [40822743835] - C:\Users [05/12/2016 15:58:45] - |D| - [47634892] - C:\VeraGrypt [07/12/2019 11:03:44] - |D| - [34999266629] - C:\Windows ---------- | C:\Windows [04/06/2020 20:09:51] - |D| - [0] - C:\Windows\%LOCALAPPDATA% [09/11/2019 17:21:38] - |D| - [0] - C:\Windows\abylon SHAREDDRIVE (Adv. - PRIVATE LICENCE) [07/12/2019 16:51:43] - |D| - [802] - C:\Windows\addins [04/10/2019 14:32:59] - |D| - [39222] - C:\Windows\amlog [MD5.D41D8CD98F00B204E9800998ECF8427E] - [24/06/2021 16:06:17] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\ammark.tag [MD5.D41D8CD98F00B204E9800998ECF8427E] - [24/06/2021 16:06:17] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\ammark2.tag [MD5.DC0636DDBEC5EA24EBCA8B27C2CE3498] - [24/06/2021 16:06:17] - |A| - (.-.) - [464] - (0.0.0.0) - C:\Windows\ampa.ini [MD5.4B8CE628E373BE38C138BB1C350242CF] - [24/06/2021 15:58:29] - |A| - (.-.) - [262144] - (0.0.0.0) - C:\Windows\AOMEIBCD [07/12/2019 11:14:52] - |D| - [19534829] - C:\Windows\appcompat [07/12/2019 11:14:52] - |D| - [9894818] - C:\Windows\apppatch [07/12/2019 11:14:52] - |D| - [0] - C:\Windows\AppReadiness [07/12/2019 11:14:52] - |RSD| - [1257977677] - C:\Windows\assembly [MD5.611149ECD6E52335B18DEA7D436C9343] - [28/03/2012 22:45:34] - |A| - (.-.) - [38177] - (0.0.0.0) - C:\Windows\atiogl.xml [MD5.D41D8CD98F00B204E9800998ECF8427E] - [24/04/2021 16:53:24] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\ativpsrm.bin [07/12/2019 11:14:52] - |D| - [785153] - C:\Windows\bcastdvr [MD5.862251351EC170BB3BD59CB219491811] - [13/01/2021 11:37:54] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [77824] - (10.0.19041.746) - C:\Windows\bfsvc.exe [07/12/2019 16:53:51] - |SHD| - [578547] - C:\Windows\BitLockerDiscoveryVolumeContents [07/12/2019 11:14:52] - |D| - [40888098] - C:\Windows\Boot [MD5.51F5A40F129A394BD4DC0F6374B58D47] - [24/05/2021 21:21:28] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [07/12/2019 11:14:52] - |D| - [2450416] - C:\Windows\Branding [MD5.9130CCE19B5DB3D2E31F9F789263FC4A] - [03/09/2019 19:51:55] - |A| - (.Copyright (c) 1999-2006 Microsoft Corporation - CAPICOM Module.) - [511328] - (2.1.0.2) - C:\Windows\capicom.dll [07/12/2019 11:03:44] - |D| - [0] - C:\Windows\CbsTemp [07/12/2019 11:14:52] - |D| - [63932430] - C:\Windows\Containers [03/09/2019 15:51:15] - |D| - [0] - C:\Windows\CSC [07/12/2019 11:14:52] - |D| - [11501377] - C:\Windows\Cursors [07/12/2019 11:14:52] - |D| - [25086266] - C:\Windows\debug [MD5.289032072F811462DF9CE6A2EFA53B7A] - [02/11/2020 18:20:01] - |A| - (.-.) - [90393] - (0.0.0.0) - C:\Windows\diagerr.xml [07/12/2019 11:14:52] - |D| - [4308864] - C:\Windows\diagnostics [07/12/2019 11:14:52] - |D| - [1701843] - C:\Windows\DiagTrack [MD5.698029ED3CA80EA2C56FA0E8C8E7FD6E] - [02/11/2020 18:20:01] - |A| - (.-.) - [6820] - (0.0.0.0) - C:\Windows\diagwrn.xml [07/12/2019 16:50:20] - |D| - [0] - C:\Windows\DigitalLocker [MD5.EB6BB49BA51B7FBB4811325AFD36A510] - [21/05/2020 19:06:47] - |A| - (.-.) - [96] - (0.0.0.0) - C:\Windows\dm.dmap [30/05/2020 19:06:22] - |D| - [15213553] - C:\Windows\Downloaded Installations [07/12/2019 11:14:52] - |SD| - [65] - C:\Windows\Downloaded Program Files [07/12/2019 11:14:52] - |HD| - [66600] - C:\Windows\ELAMBKUP [07/12/2019 16:50:20] - |D| - [0] - C:\Windows\en-US [MD5.F5F440293374CFC8CDB014F10CAED5C9] - [19/10/2019 09:15:54] - |AH| - (.-.) - [1095] - (0.0.0.0) - C:\Windows\EPMBatch.ept [MD5.62022614D1D9290CD1069234F2A55CF8] - [27/06/2021 13:02:06] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4894336] - (10.0.19041.1081) - C:\Windows\explorer.exe [07/12/2019 11:14:52] - |RSD| - [424569482] - C:\Windows\Fonts [21/01/2021 19:50:50] - |D| - [117440] - C:\Windows\fr [07/12/2019 16:50:20] - |D| - [111616] - C:\Windows\fr-FR [07/12/2019 11:14:52] - |D| - [0] - C:\Windows\GameBarPresenceWriter [MD5.E5C6CCF40B9B6D89097E0E0F3F2908BC] - [24/06/2021 16:06:17] - |A| - (.-.) - [1152] - (0.0.0.0) - C:\Windows\GA_NT.dat [07/12/2019 11:14:52] - |D| - [57013073] - C:\Windows\Globalization [07/12/2019 11:14:52] - |D| - [1315831] - C:\Windows\Help [MD5.86AE3BE50DF246C646DA76E7223A968E] - [14/04/2021 16:42:10] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1076736] - (10.0.19041.906) - C:\Windows\HelpPane.exe [MD5.2C8FE78D53C8CA27523A71DFD2938241] - [07/12/2019 11:09:39] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.19041.1) - C:\Windows\hh.exe [07/12/2019 11:14:52] - |D| - [30327] - C:\Windows\IdentityCRL [07/12/2019 11:14:52] - |D| - [28822470] - C:\Windows\IME [07/12/2019 11:14:52] - |RD| - [8171533] - C:\Windows\ImmersiveControlPanel [MD5.290ED6C145D3AF95F4AE5103B8916746] - [16/05/2020 18:51:22] - |A| - (.-.) - [528] - (0.0.0.0) - C:\Windows\impr.lkeys [07/12/2019 11:13:02] - |D| - [146147385] - C:\Windows\INF [07/12/2019 11:14:52] - |D| - [38193580] - C:\Windows\InputMethod [07/12/2019 11:14:52] - |SHD| - [3410103047] - C:\Windows\Installer [MD5.97102B5FD8E4007908A9BC37564A0A17] - [23/12/2019 17:42:55] - |A| - (.-.) - [39] - (0.0.0.0) - C:\Windows\Irremote.ini [13/10/2019 10:01:14] - |D| - [451072] - C:\Windows\ISO Creator [07/12/2019 11:14:52] - |D| - [109650] - C:\Windows\L2Schemas [07/12/2019 11:14:52] - |HD| - [0] - C:\Windows\LanguageOverlayCache [07/12/2019 11:14:52] - |D| - [0] - C:\Windows\LiveKernelReports [07/12/2019 11:14:52] - |D| - [23701639] - C:\Windows\Logs [07/12/2019 11:14:52] - |RSD| - [20063519] - C:\Windows\Media [MD5.85A96C1385DB136CF7BCF9FCA113C263] - [12/02/2021 15:47:14] - |A| - (.-.) - [6525] - (0.0.0.0) - C:\Windows\mgxoschk.ini [MD5.23AF90D2355D8C83AA4567EF1763B467] - [07/12/2019 11:08:58] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [07/12/2019 11:14:52] - |RD| - [857413031] - C:\Windows\Microsoft.NET [07/12/2019 11:14:52] - |D| - [3323] - C:\Windows\Migration [MD5.690C0454CE67C15B287839285554FC59] - [24/06/2021 15:45:00] - |AT| - (.-.) - [42777] - (0.0.0.0) - C:\Windows\mnd9B27.diagerr.mdmp [07/12/2019 11:14:52] - |D| - [0] - C:\Windows\ModemLogs [MD5.1C1760ED4D19CDBECB2398216922628B] - [27/06/2021 13:02:03] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [211968] - (10.0.19041.1081) - C:\Windows\notepad.exe [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [24/04/2021 11:38:03] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\Windows\NvContainerRecovery.bat [07/12/2019 16:52:32] - |D| - [199472] - C:\Windows\OCR [07/12/2019 11:14:52] - |RD| - [65] - C:\Windows\Offline Web Pages [31/10/2020 15:27:41] - |DC| - [272191049] - C:\Windows\Panther [14/04/2021 12:58:42] - |D| - [0] - C:\Windows\PCHEALTH [07/12/2019 11:14:52] - |D| - [1011906] - C:\Windows\Performance [MD5.5C6713C57C68C4B8AD69397C39F42D2F] - [30/05/2020 18:13:36] - |A| - (.-.) - [534674] - (0.0.0.0) - C:\Windows\PFRO.log [07/12/2019 11:14:52] - |D| - [1136442] - C:\Windows\PLA [07/12/2019 11:14:52] - |D| - [7449748] - C:\Windows\PolicyDefinitions [02/11/2020 18:05:00] - |D| - [7417620] - C:\Windows\Prefetch [07/12/2019 11:14:52] - |RD| - [2234376] - C:\Windows\PrintDialog [MD5.C186EF70E6825D333E0077831C58BAAA] - [07/12/2019 16:54:16] - |A| - (.-.) - [30831] - (0.0.0.0) - C:\Windows\Professional.xml [07/12/2019 11:14:52] - |D| - [6067475] - C:\Windows\Provisioning [02/10/2019 16:03:07] - |D| - [110592] - C:\Windows\pss [MD5.999A30979F6195BF562068639FFC4426] - [13/01/2021 11:41:15] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [370176] - (10.0.19041.746) - C:\Windows\regedit.exe [07/12/2019 11:14:52] - |D| - [22588] - C:\Windows\registration [07/12/2019 16:53:51] - |D| - [0] - C:\Windows\RemotePackages [07/12/2019 11:14:52] - |D| - [16894032] - C:\Windows\rescache [07/12/2019 11:14:52] - |D| - [3607895] - C:\Windows\Resources [MD5.A095B3E67C8EB8F2137EAC63687F2F5B] - [21/10/2020 18:52:12] - |A| - (.Copyright (C) 2016 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2839520] - (1.0.7.0) - C:\Windows\RtlExUpd.dll [MD5.33A44B75003330D4CE0C274D87B0625F] - [09/11/2019 17:20:26] - |A| - (.-.) - [245] - (0.0.0.0) - C:\Windows\SADReg.ini [07/12/2019 11:14:52] - |D| - [0] - C:\Windows\SchCache [07/12/2019 11:14:52] - |D| - [195539] - C:\Windows\schemas [07/12/2019 11:14:52] - |D| - [5353941] - C:\Windows\security [02/11/2020 13:03:20] - |D| - [198456799] - C:\Windows\ServiceProfiles [07/12/2019 11:14:52] - |D| - [4096] - C:\Windows\ServiceState [07/12/2019 11:03:44] - |D| - [3386176656] - C:\Windows\servicing [07/12/2019 11:18:25] - |D| - [105730] - C:\Windows\Setup [07/12/2019 11:14:52] - |D| - [5500416] - C:\Windows\ShellComponents [07/12/2019 11:14:52] - |D| - [19058688] - C:\Windows\ShellExperiences [07/12/2019 11:14:52] - |D| - [3070736] - C:\Windows\SKB [03/09/2019 15:15:24] - |D| - [704588149] - C:\Windows\SoftwareDistribution [07/12/2019 11:14:52] - |D| - [86037697] - C:\Windows\Speech [07/12/2019 11:14:52] - |D| - [64508236] - C:\Windows\Speech_OneCore [MD5.A0AE654E51F5879CB114B7B99B48B283] - [16/06/2021 16:22:35] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [136192] - (10.0.19041.1052) - C:\Windows\splwow64.exe [07/12/2019 11:14:52] - |D| - [31039] - C:\Windows\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [03/09/2019 15:51:18] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [07/12/2019 11:03:44] - |D| - [10547380441] - C:\Windows\System32 [07/12/2019 11:14:52] - |D| - [148600620] - C:\Windows\SystemApps [07/12/2019 11:14:52] - |D| - [167758689] - C:\Windows\SystemResources [07/12/2019 11:14:52] - |D| - [1779932201] - C:\Windows\SysWOW64 [07/12/2019 11:14:52] - |D| - [0] - C:\Windows\TAPI [03/09/2019 15:51:16] - |D| - [6] - C:\Windows\Tasks [07/12/2019 11:14:52] - |D| - [3031286] - C:\Windows\Temp [03/09/2019 15:51:16] - |D| - [13787648] - C:\Windows\TextInput [07/12/2019 11:14:52] - |D| - [0] - C:\Windows\tracing [07/12/2019 11:14:52] - |D| - [19261039] - C:\Windows\twain_32 [MD5.AFE119DD4E17891B227684F38AA25D4D] - [07/12/2019 11:10:00] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [65024] - (1.7.1.3) - C:\Windows\twain_32.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - [13/01/2021 12:42:10] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\UV_LastPW.ini [MD5.68CBCFD265E29AF596A0437BBCBE912D] - [06/02/2021 16:14:20] - |A| - (.-.) - [52] - (0.0.0.0) - C:\Windows\videodeLuxe.INI [07/12/2019 11:14:52] - |D| - [12420] - C:\Windows\Vss [07/12/2019 11:14:52] - |D| - [33190] - C:\Windows\WaaS [07/12/2019 11:14:52] - |D| - [16568315] - C:\Windows\Web [MD5.23CF8138F49416231807E6DE371FB9E6] - [03/09/2019 15:51:18] - |A| - (.-.) - [92] - (0.0.0.0) - C:\Windows\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [07/12/2019 11:09:09] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.2CC83D93DD1DDE691158CF5E9882420B] - [28/06/2021 18:32:07] - |A| - (.-.) - [276] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.0629E6D130F226C009EA9AB329F37ACC] - [07/12/2019 11:10:00] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.19041.1) - C:\Windows\winhlp32.exe [MD5.505FD56C27A429DE9DA2ED2839F1F32D] - [15/09/2019 18:41:52] - |A| - (.-.) - [220] - (0.0.0.0) - C:\Windows\wininit.ini [07/12/2019 11:03:44] - |D| - [11029183436] - C:\Windows\WinSxS [MD5.907AE50A03DEEC4CFFDC70EA3D5AD4D8] - [31/03/2014 22:34:22] - |A| - (.© 2012 Microsoft Corporation. Tous droits réservés. - Écran de veille de la Galerie de photos.) - [322248] - (16.4.3528.331) - C:\Windows\WLXPGSS.SCR [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [07/12/2019 11:10:11] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.B947CCA7F485F6C1156F4D02E8C9874F] - [07/12/2019 16:52:57] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.19041.1) - C:\Windows\write.exe ---------- | C:\Windows\System32\GroupPolicy [MD5.EF8A89CF45DA340AEBC4C757B05AB041] - [04/09/2019 16:56:17] - |A| - (.-.) - [233] - (0.0.0.0) - C:\Windows\System32\GroupPolicy\gpt.ini [04/09/2019 16:56:17] - |D| - [290] - C:\Windows\System32\GroupPolicy\Machine [04/09/2019 16:56:17] - |D| - [784] - C:\Windows\System32\GroupPolicy\User ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [21/05/2020 18:16:51] - [1392640] - (.().-. - ()) - C:\Windows\Installer\13404393.msp [23/06/2020 11:36:08] - [9826304] - (.().-. - ()) - C:\Windows\Installer\1ecd4ff9.msp [16/08/2019 10:09:42] - [9814016] - (.().-. - ()) - C:\Windows\Installer\329fa93.msp [28/06/2013 04:36:48] - [11634176] - (.().-. - ()) - C:\Windows\Installer\391875c.msp [28/06/2013 04:44:04] - [2466304] - (.().-. - ()) - C:\Windows\Installer\39187ea.msp [28/06/2013 04:14:16] - [17591808] - (.().-. - ()) - C:\Windows\Installer\39187f1.msp [28/06/2013 03:45:06] - [15785984] - (.().-. - ()) - C:\Windows\Installer\3918809.msp [28/06/2013 04:33:14] - [1631744] - (.().-. - ()) - C:\Windows\Installer\3918810.msp [28/06/2013 03:52:32] - [1220096] - (.().-. - ()) - C:\Windows\Installer\3918817.msp [28/06/2013 04:24:56] - [15849472] - (.().-. - ()) - C:\Windows\Installer\391881e.msp [28/06/2013 04:42:24] - [15716864] - (.().-. - ()) - C:\Windows\Installer\3918825.msp [28/06/2013 04:04:24] - [5651456] - (.().-. - ()) - C:\Windows\Installer\391883c.msp [28/06/2013 04:31:54] - [6607872] - (.().-. - ()) - C:\Windows\Installer\3918843.msp [28/06/2013 04:31:26] - [11771392] - (.().-. - ()) - C:\Windows\Installer\391884a.msp [25/03/2020 20:01:12] - [9822208] - (.().-. - ()) - C:\Windows\Installer\40cf8508.msp [25/03/2020 20:01:20] - [9027584] - (.().-. - ()) - C:\Windows\Installer\40cf850f.msp [21/07/2011 12:34:34] - [3456000] - (.().-. - ()) - C:\Windows\Installer\53cc1c.msp [19/06/2011 23:28:52] - [18457088] - (.().-. - ()) - C:\Windows\Installer\53cc24.msp [26/10/2011 23:23:32] - [8821760] - (.().-. - ()) - C:\Windows\Installer\53cc30.msp [26/10/2011 23:22:30] - [1071616] - (.().-. - ()) - C:\Windows\Installer\53cc39.msp [16/10/2013 03:01:18] - [3461120] - (.().-. - ()) - C:\Windows\Installer\53cc46.msp [17/06/2015 15:23:30] - [432128] - (.().-. - ()) - C:\Windows\Installer\53cc4e.msp [12/07/2016 21:24:40] - [3458560] - (.().-. - ()) - C:\Windows\Installer\53cc9e.msp [16/03/2020 08:28:35] - [8130560] - (.().-. - ()) - C:\Windows\Installer\a053421.msp [24/10/2019 14:03:06] - [4616192] - (.().-. - ()) - C:\Windows\Installer\a5a9f4a.msp [15/05/2020 11:41:48] - [9830400] - (.().-. - ()) - C:\Windows\Installer\b220607.msp [24/07/2013 08:21:48] - [1097728] - (.().-. - ()) - C:\Windows\Installer\b3c344.msp [14/08/2013 02:37:10] - [390144] - (.().-. - ()) - C:\Windows\Installer\b3c351.msp [06/09/2013 23:07:02] - [11534336] - (.().-. - ()) - C:\Windows\Installer\b3c35e.msp [25/10/2013 17:42:58] - [1649664] - (.().-. - ()) - C:\Windows\Installer\b3c36b.msp [18/12/2013 18:07:20] - [2656256] - (.().-. - ()) - C:\Windows\Installer\b3c373.msp [18/12/2013 18:07:08] - [18188288] - (.().-. - ()) - C:\Windows\Installer\b3c37b.msp [17/04/2014 16:09:20] - [1133568] - (.().-. - ()) - C:\Windows\Installer\b3c388.msp [22/04/2014 16:01:10] - [6629376] - (.().-. - ()) - C:\Windows\Installer\b3c390.msp [12/11/2014 00:00:14] - [1543168] - (.().-. - ()) - C:\Windows\Installer\b3c39d.msp [11/11/2014 23:59:58] - [2994688] - (.().-. - ()) - C:\Windows\Installer\b3c3a5.msp [20/11/2014 10:09:16] - [2457088] - (.().-. - ()) - C:\Windows\Installer\b3c3b8.msp [17/02/2015 17:43:42] - [8855552] - (.().-. - ()) - C:\Windows\Installer\b3c3c4.msp [17/02/2015 17:43:02] - [1053696] - (.().-. - ()) - C:\Windows\Installer\b3c3cd.msp [24/06/2015 01:19:12] - [2925056] - (.().-. - ()) - C:\Windows\Installer\b3c3da.msp [16/07/2015 08:20:48] - [1110528] - (.().-. - ()) - C:\Windows\Installer\b3c3e7.msp [16/07/2015 08:19:40] - [387584] - (.().-. - ()) - C:\Windows\Installer\b3c3f4.msp [13/08/2015 06:16:46] - [298496] - (.().-. - ()) - C:\Windows\Installer\b3c409.msp [04/09/2015 23:34:10] - [6505984] - (.().-. - ()) - C:\Windows\Installer\b3c411.msp [04/09/2015 23:34:06] - [534016] - (.().-. - ()) - C:\Windows\Installer\b3c41e.msp [04/09/2015 23:32:46] - [5976064] - (.().-. - ()) - C:\Windows\Installer\b3c42c.msp [11/12/2015 15:05:58] - [978432] - (.().-. - ()) - C:\Windows\Installer\b3c447.msp [09/02/2016 22:44:16] - [5276160] - (.().-. - ()) - C:\Windows\Installer\b3c44f.msp [17/05/2016 17:56:42] - [2978304] - (.().-. - ()) - C:\Windows\Installer\b3c457.msp [12/07/2016 21:25:18] - [13164544] - (.().-. - ()) - C:\Windows\Installer\b3c45f.msp [05/06/2017 15:14:00] - [13250048] - (.().-. - ()) - C:\Windows\Installer\b3c466.msp [05/06/2017 15:14:14] - [13788160] - (.().-. - ()) - C:\Windows\Installer\b3c46d.msp [05/06/2017 15:14:30] - [6406656] - (.().-. - ()) - C:\Windows\Installer\b3c474.msp [05/06/2017 15:14:20] - [8766464] - (.().-. - ()) - C:\Windows\Installer\b3c47b.msp [05/06/2017 15:14:02] - [9611264] - (.().-. - ()) - C:\Windows\Installer\b3c482.msp [05/06/2017 15:13:24] - [4305408] - (.().-. - ()) - C:\Windows\Installer\b3c489.msp [25/08/2017 17:58:18] - [619008] - (.().-. - ()) - C:\Windows\Installer\b3c490.msp [27/08/2017 11:25:28] - [638976] - (.().-. - ()) - C:\Windows\Installer\b3c4a3.msp [31/12/2017 16:23:50] - [9728] - (.().-. - ()) - C:\Windows\Installer\b3c4aa.msp [17/05/2018 12:40:20] - [7991296] - (.().-. - ()) - C:\Windows\Installer\b3c4b7.msp [17/05/2018 12:40:10] - [3702784] - (.().-. - ()) - C:\Windows\Installer\b3c4bf.msp [27/06/2018 08:11:14] - [1417216] - (.().-. - ()) - C:\Windows\Installer\b3c4cc.msp [26/06/2018 12:14:54] - [2527232] - (.().-. - ()) - C:\Windows\Installer\b3c4e0.msp [30/07/2018 16:19:22] - [2936832] - (.().-. - ()) - C:\Windows\Installer\b3c4ed.msp [28/08/2018 15:08:26] - [237568] - (.().-. - ()) - C:\Windows\Installer\b3c4f9.msp [20/10/2018 14:18:40] - [774144] - (.().-. - ()) - C:\Windows\Installer\b3c506.msp [30/11/2018 13:32:46] - [2023424] - (.().-. - ()) - C:\Windows\Installer\b3c513.msp [18/12/2018 09:48:32] - [847872] - (.().-. - ()) - C:\Windows\Installer\b3c52a.msp [22/01/2019 16:39:00] - [7778304] - (.().-. - ()) - C:\Windows\Installer\b3c549.msp [22/01/2019 16:39:08] - [3702784] - (.().-. - ()) - C:\Windows\Installer\b3c551.msp [15/02/2019 16:37:00] - [2928640] - (.().-. - ()) - C:\Windows\Installer\b3c55e.msp [15/02/2019 16:37:42] - [1355776] - (.().-. - ()) - C:\Windows\Installer\b3c566.msp [18/06/2019 14:52:28] - [5652480] - (.().-. - ()) - C:\Windows\Installer\b3c571.msp [14/10/2020 13:21:08] - [1503232] - (.().-. - ()) - C:\Windows\Installer\b3c579.msp [16/12/2020 12:51:44] - [3485696] - (.().-. - ()) - C:\Windows\Installer\b3c594.msp [17/03/2021 11:36:30] - [524288] - (.().-. - ()) - C:\Windows\Installer\b3c5a1.msp [17/03/2021 13:59:32] - [1490944] - (.().-. - ()) - C:\Windows\Installer\b3c5a8.msp [17/03/2021 14:07:12] - [8855552] - (.().-. - ()) - C:\Windows\Installer\b3c5b4.msp [13/11/2019 13:16:36] - [1527808] - (.().-. - ()) - C:\Windows\Installer\b6e29cb.msp [22/08/2019 13:14:18] - [2002944] - (.().-. - ()) - C:\Windows\Installer\bec07.msp [19/12/2019 10:53:18] - [1863680] - (.().-. - ()) - C:\Windows\Installer\c0858.msp [09/02/2016 22:43:44] - [6601216] - (.().-. - ()) - C:\Windows\Installer\ff3de4d.msp [20/10/2018 14:20:26] - [9814016] - (.().-. - ()) - C:\Windows\Installer\ff3ded1.msp [03/09/2014 05:17:54] - [4028928] - (.().-. - ()) - C:\Windows\Installer\ff5bfff.msp [03/09/2014 05:17:54] - [4637184] - (.().-. - ()) - C:\Windows\Installer\ff5c00a.msp [12/07/2016 21:26:38] - [13926400] - (.().-. - ()) - C:\Windows\Installer\ff5c166.msp [17/05/2018 12:37:20] - [9027584] - (.().-. - ()) - C:\Windows\Installer\ff5c211.msp [05/06/2017 14:54:28] - [407040] - (.().-. - ()) - C:\Windows\Installer\ff5c240.msp ---------- | %System%\*.in* [07/12/2019 11:09:39] - [3329] - C:\Windows\System32\ieuinit.inf [20/03/2020 20:34:23] - [29494] - C:\Windows\System32\lvcoin64.ini [02/11/2020 18:18:19] - [2056286] - C:\Windows\System32\PerfStringBackup.INI [07/12/2019 11:09:05] - [60124] - C:\Windows\System32\tcpmon.ini [07/12/2019 11:08:46] - [2404] - C:\Windows\System32\WimBootCompress.ini [07/12/2019 11:10:00] - [3329] - C:\Windows\Syswow64\ieuinit.inf [01/12/2019 21:43:20] - [1990734] - C:\Windows\Syswow64\PerfStringBackup.INI [07/12/2019 11:09:22] - [2404] - C:\Windows\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\AppPatch\Custom\Custom64 [MD5.AFD68EFFB8DFEDA8CAFBB7ECF38F063D] - |A| - [02/10/2019 16:03:07] - (.-.) - [44 Ko] - (0.0.0.0) - C:\Windows\PSS\boot.backup [MD5.BE6658C44180C4D085F203A96D61AEF1] - |ASH| - [02/10/2019 16:03:07] - (.-.) - [64 Ko] - (0.0.0.0) - C:\Windows\PSS\boot.backup.LOG [MD5.D41D8CD98F00B204E9800998ECF8427E] - |ASH| - [02/10/2019 16:03:07] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\PSS\boot.backup.LOG1 [MD5.D41D8CD98F00B204E9800998ECF8427E] - |ASH| - [02/10/2019 16:03:07] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\PSS\boot.backup.LOG2 [MD5.F2A2DAFCA5B9DF5CD3DF361E8F33FC17] - |A| - [28/06/2021 18:32:18] - (.-.) - [64.66 Ko] - (0.0.0.0) - C:\Windows\Temp\.session64 [MD5.335BD57A851603430E14B7FFE6996556] - |A| - [30/06/2021 22:03:27] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-10316.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [28/06/2021 20:52:53] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-10708.log [MD5.6BD03BD339C70585448F3FD66A9F51E5] - |A| - [01/07/2021 08:59:23] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-10752.log [MD5.B02572D16A8D7679D2D8C672BF0C1865] - |A| - [30/06/2021 11:25:22] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-1104.log [MD5.6D4CB519FE4F0DCFF3706E885D5B7810] - |A| - [29/06/2021 15:23:09] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-11168.log [MD5.B46B4BE71E97E3CA15A51EF4FED7A55F] - |A| - [01/07/2021 12:41:23] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-11180.log [MD5.53E6E51B21355B94CA33FE981F519F73] - |A| - [01/07/2021 12:14:50] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-11300.log [MD5.B4A36C77CB16A8FBED56CE7265C838BA] - |A| - [28/06/2021 09:48:59] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-11412.log [MD5.B4731EE1B1D1BEBCF31321C1A66DB774] - |A| - [30/06/2021 17:50:24] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-1168.log [MD5.17CB8E2CB5F88552800AB784659D3497] - |A| - [30/06/2021 11:05:31] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-11960.log [MD5.5247C5FD490609B1D2F7CD594D84B3DF] - |A| - [30/06/2021 16:15:01] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-12044.log [MD5.5FF32E529B1E81EA239922B750FECC02] - |A| - [28/06/2021 10:06:32] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-12520.log [MD5.C5845E17DA3EF35636288EAC0E0CE837] - |A| - [28/06/2021 12:17:49] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-12584.log [MD5.96F8D8FBBEE57AE857F106D2D2F6B626] - |A| - [28/06/2021 13:15:11] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-12688.log [MD5.55D467B4E88D45919BAC3F67AE856B08] - |A| - [28/06/2021 11:24:12] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-13284.log [MD5.1DA613406D63C1B8593D2DDA5075FC2D] - |A| - [30/06/2021 10:43:30] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-13656.log [MD5.1F91FB74F5B87B4B61A2FAE740805A25] - |A| - [30/06/2021 14:53:59] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-13748.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [30/06/2021 18:21:02] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-14060.log [MD5.6025058D84652AD57F5769CD3AAA4CC1] - |A| - [29/06/2021 14:20:06] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-14236.log [MD5.26EFC0AF4FD38ED59C77ED39B8084343] - |A| - [28/06/2021 09:53:13] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-1736.log [MD5.7412E114395FDC38FE7605A33104A678] - |A| - [30/06/2021 11:39:45] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-2016.log [MD5.9B0784F87C31AA13FD3444EB9ADAFF53] - |A| - [30/06/2021 15:01:47] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-228.log [MD5.781D0661736539113087CA27119DD68F] - |A| - [01/07/2021 09:35:54] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-3052.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [30/06/2021 22:47:06] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-32.log [MD5.1ECA469432C2660731852F03757AEB89] - |A| - [29/06/2021 11:56:15] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-3220.log [MD5.2D5ECEC669B9F40BAAB5133F585FECAB] - |A| - [28/06/2021 18:37:07] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-3396.log [MD5.EB5F120759C8F2D2ED86E08E41D88015] - |A| - [29/06/2021 18:17:42] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-3600.log [MD5.3BFA7CDC5C457D16CE0DF63BAD66079E] - |A| - [01/07/2021 09:32:25] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-3680.log [MD5.69F1AA3C91448C7A951C0374994897CE] - |A| - [28/06/2021 18:32:07] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-3764.log [MD5.051102C490347F80D222CE31A34F85FB] - |A| - [28/06/2021 14:13:08] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-3820.log [MD5.B0E7865242DB32E64CF62B2C3D8F0F86] - |A| - [30/06/2021 21:17:31] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-3916.log [MD5.B8F37234A148224D69CA84EF97F08D97] - |A| - [29/06/2021 10:21:45] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-4040.log [MD5.09F8723F47EE8D23EC4852E850EEAB36] - |A| - [29/06/2021 12:16:21] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-4100.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [29/06/2021 17:40:07] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-4112.log [MD5.59DAE30A9DD32A0DEE7FDD2960077F99] - |A| - [29/06/2021 08:57:33] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-4140.log [MD5.09D9B37D7DB12269F5F897887C1EF114] - |A| - [29/06/2021 19:36:31] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-416.log [MD5.9D8416E082C4BF6BCE83D658F70F235C] - |A| - [27/06/2021 20:59:58] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-4200.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [29/06/2021 20:58:59] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-4352.log [MD5.FBDD99E5ECFA14F80C5FAC8F0BD5C145] - |A| - [30/06/2021 14:49:20] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-4580.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [28/06/2021 09:46:01] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-4616.log [MD5.E021828D52646F37C37B0FFD1525736E] - |A| - [01/07/2021 11:49:35] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-4804.log [MD5.81939C6A706590C58270922D9E95D07D] - |A| - [29/06/2021 16:58:22] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-4876.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [30/06/2021 21:22:05] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-4944.log [MD5.610BFAE193136954C1EE7464651A1D94] - |A| - [30/06/2021 10:43:30] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-5208.log [MD5.AB563DADF34BDC9BC74391AF8FF76F72] - |A| - [26/06/2021 17:31:48] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-5224.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [30/06/2021 21:58:27] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-5252.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2021 15:54:49] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-5356.log [MD5.A04522E8B4918E354EFD082DC52F8818] - |A| - [01/07/2021 12:51:30] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-5816.log [MD5.1AAE211541B3DF417EBE77F2577796DE] - |A| - [28/06/2021 09:49:36] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-5820.log [MD5.8A987E94DEA2DF04F25655A3AF78EDA1] - |A| - [30/06/2021 21:27:05] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-6312.log [MD5.757F1FC56C970FC4A71E689DEBB6E01D] - |A| - [29/06/2021 08:54:40] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-6500.log [MD5.9F143A32DE964B52627425424F597749] - |A| - [28/06/2021 09:52:24] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-6652.log [MD5.DA0C26899C71905AF408F4524DF876C1] - |A| - [28/06/2021 09:48:59] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-7736.log [MD5.109DE51CEFC4241298BA858FD3B4CF93] - |A| - [01/07/2021 13:21:06] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-7876.log [MD5.F2CBD49141DFB5A16B837AE0060D6C21] - |A| - [30/06/2021 10:40:37] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-7964.log [MD5.01D6A5C3C081161A6CC4365DA44AB1C7] - |A| - [30/06/2021 18:25:07] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-8860.log [MD5.50C41BCF078EDD74E051D53609D0688E] - |A| - [29/06/2021 17:45:08] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-8952.log [MD5.4160E20631A86F5FEA67942907E732AC] - |A| - [01/07/2021 09:02:19] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-9204.log [MD5.5C6BFDB179D9EED8715AA33080C83C1D] - |A| - [01/07/2021 11:12:54] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-9252.log [MD5.60D426B0431938768BDA87ADFD90FD23] - |A| - [29/06/2021 15:09:05] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-9316.log [MD5.4A6D617827B7F4088A90BF25AE0E7080] - |A| - [28/06/2021 09:51:01] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-9476.log [MD5.35C32726DE2EF2BCDEB60F249B944C00] - |A| - [28/06/2021 11:54:33] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-9564.log [MD5.BC1A483DB1E0BE44A6423105E10746BF] - |A| - [28/06/2021 19:14:45] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-9600.log [MD5.539EDF53046B10D13E89FA250E67D5D2] - |A| - [01/07/2021 15:59:49] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\Temp\aria-debug-9616.log [MD5.00000000000000000000000000000000] - |D| - [30/06/2021 10:52:56] - [0.04 Ko] - C:\Windows\Temp\Crashpad [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [28/06/2021 10:35:27] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\FXSAPIDebugLogFile.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [28/06/2021 10:35:27] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\FXSTIFFDebugLogFile.txt [MD5.796116D2978D7073403997EA21217A7E] - |A| - [26/06/2021 17:31:53] - (.-.) - [41.13 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210626-1731.log [MD5.E98FD798798F78FBEA5F0A86B3BECFBF] - |A| - [27/06/2021 21:00:04] - (.-.) - [21.27 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210627-2100.log [MD5.2159C371F3091E04338A6BDAE4E153C1] - |A| - [28/06/2021 09:46:06] - (.-.) - [375.82 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210628-0946.log [MD5.C59D1AFDE5C5EDA4735409A0201E2109] - |A| - [28/06/2021 09:49:00] - (.-.) - [12.87 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210628-0949.log [MD5.12AB3CA1572816F09097692298D2DBD0] - |A| - [28/06/2021 09:49:04] - (.-.) - [15.73 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210628-0949a.log [MD5.9C23B8E5B7B0D363798751B5E2C10A99] - |A| - [28/06/2021 09:49:41] - (.-.) - [197.02 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210628-0949b.log [MD5.9C57E1F573D2587821459BA2205004E1] - |A| - [28/06/2021 09:51:06] - (.-.) - [8.93 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210628-0951.log [MD5.A7A9FD3AC59E92368755680092570A80] - |A| - [28/06/2021 09:52:30] - (.-.) - [13.61 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210628-0952.log [MD5.F91ECF9355F9EB3A06BB8991A22DF82F] - |A| - [28/06/2021 09:53:18] - (.-.) - [27.75 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210628-0953.log [MD5.6FC69C73F01D8DFA825EE469543A1C0D] - |A| - [28/06/2021 10:06:38] - (.-.) - [209.16 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210628-1006.log [MD5.851614084F6A1517574F4D08107A8C27] - |A| - [28/06/2021 11:24:17] - (.-.) - [14.96 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210628-1124.log [MD5.968AA4CBE88AA666284BF3A316D04442] - |A| - [28/06/2021 11:54:38] - (.-.) - [14.5 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210628-1154.log [MD5.B2308948DFF5B7DB54A161926C84689F] - |A| - [28/06/2021 12:17:54] - (.-.) - [11.59 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210628-1217.log [MD5.8969EF65A75E4991FB1F01CC85340AF7] - |A| - [28/06/2021 13:15:16] - (.-.) - [11.6 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210628-1315.log [MD5.3218976FCD2A32CFFF273CCF6F9B9D33] - |A| - [28/06/2021 14:13:13] - (.-.) - [11.56 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210628-1413.log [MD5.D75B1B097C8B647AA4023C15FC090A7D] - |A| - [28/06/2021 18:32:12] - (.-.) - [162.25 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210628-1832.log [MD5.C7289DD28080C71EA6470700EEC88F7F] - |A| - [28/06/2021 18:37:12] - (.-.) - [14.4 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210628-1837.log [MD5.F7C3FCFB1088F1A51D4DA3B7D49CD746] - |A| - [28/06/2021 19:14:50] - (.-.) - [11.6 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210628-1914.log [MD5.C3853FD47A6FE81498B22EEAA95967D4] - |A| - [29/06/2021 08:54:40] - (.-.) - [8.5 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210629-0854.log [MD5.682B6F4E6623845EF9134DDAE94DCBDD] - |A| - [29/06/2021 08:57:33] - (.-.) - [201.11 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210629-0857.log [MD5.FDE4A0E6E46F49E60BC37E0B589430D0] - |A| - [29/06/2021 10:21:50] - (.-.) - [18.53 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210629-1021.log [MD5.49A1B82CD4BEE99B677A3C21C52B5BCF] - |A| - [29/06/2021 11:56:20] - (.-.) - [13.84 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210629-1156.log [MD5.44D671069B5D00EAB3E2458A265A6B4F] - |A| - [29/06/2021 12:16:26] - (.-.) - [11.57 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210629-1216.log [MD5.7443322F5B85E0132F78DD83E86434B0] - |A| - [29/06/2021 14:20:11] - (.-.) - [14.97 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210629-1420.log [MD5.88AC2618D188747242227C90F874C4F0] - |A| - [29/06/2021 15:09:10] - (.-.) - [11.59 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210629-1509.log [MD5.8E0A5D3406EB9B7DC4749DF6032C80E9] - |A| - [29/06/2021 15:23:15] - (.-.) - [11.59 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210629-1523.log [MD5.0643CC4B90E71319A39E79DEDB51D1E9] - |A| - [29/06/2021 16:58:27] - (.-.) - [10.53 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210629-1658.log [MD5.66FD0FA1C15392F7CC83A161916438B6] - |A| - [29/06/2021 17:40:12] - (.-.) - [162.6 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210629-1740.log [MD5.78AEF6F91060AFDEAE873DA7E45D7C33] - |A| - [29/06/2021 17:45:13] - (.-.) - [14.98 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210629-1745.log [MD5.0DDF2C020EACF4B1B4CC528DB9CB8465] - |A| - [29/06/2021 18:17:47] - (.-.) - [11.03 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210629-1817.log [MD5.A164A387225C61BEE41683930F507FCC] - |A| - [29/06/2021 19:36:36] - (.-.) - [11.54 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210629-1936.log [MD5.8A90E4275F05F403747B0E0ABD32450F] - |A| - [30/06/2021 10:40:37] - (.-.) - [12.87 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210630-1040.log [MD5.349E60437E2C5763C737556417A5BDE8] - |A| - [30/06/2021 10:43:31] - (.-.) - [8.51 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210630-1043.log [MD5.7E9067E7D4392CF9CE96B65D7C3714FB] - |A| - [30/06/2021 10:43:36] - (.-.) - [15.74 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210630-1043a.log [MD5.7D76743A128F064B902F3D8E53E189E1] - |A| - [30/06/2021 11:05:36] - (.-.) - [10.48 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210630-1105.log [MD5.79C24832FEE990A132E9EF47330A4CF8] - |A| - [30/06/2021 11:25:28] - (.-.) - [11.52 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210630-1125.log [MD5.4673D12C5042CB6A331123C4A955E4A5] - |A| - [30/06/2021 11:39:50] - (.-.) - [11.56 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210630-1139.log [MD5.4E6ADDD929509358AA67D43EB7BE1E85] - |A| - [30/06/2021 14:49:25] - (.-.) - [21.8 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210630-1449.log [MD5.C302C092B80EF59072E40662D97D19D4] - |A| - [30/06/2021 14:54:04] - (.-.) - [11.06 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210630-1454.log [MD5.8BF18FBC0108E433DE25F5D4E75DF559] - |A| - [30/06/2021 15:01:53] - (.-.) - [11 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210630-1501.log [MD5.0186001F42385F3E142414026242AF0F] - |A| - [30/06/2021 16:15:06] - (.-.) - [14.4 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210630-1615.log [MD5.E171F1352AF61BD07008A82F6EE756A4] - |A| - [30/06/2021 17:50:29] - (.-.) - [11.57 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210630-1750.log [MD5.AFF328964CE88445492A55027EC1D035] - |A| - [30/06/2021 18:21:07] - (.-.) - [5.28 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210630-1821.log [MD5.8A457CFA281D6D4755611D11995FA23A] - |A| - [30/06/2021 18:25:13] - (.-.) - [8.93 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210630-1825.log [MD5.1F8C5E51D580398D0A17427D7C1F0B41] - |A| - [30/06/2021 21:17:36] - (.-.) - [11.57 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210630-2117.log [MD5.9E6438D4692E35CE613EFF6A43F27A65] - |A| - [30/06/2021 21:22:10] - (.-.) - [17.34 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210630-2122.log [MD5.4F04D3BC9F1D491C1D189456D14507EF] - |A| - [30/06/2021 21:27:10] - (.-.) - [14.96 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210630-2127.log [MD5.DB0039611F513D1A5AC0756E74FB2DC4] - |A| - [30/06/2021 21:58:32] - (.-.) - [153.09 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210630-2158.log [MD5.4F4E4BB5194164D83AB7AD210CB7CC2D] - |A| - [30/06/2021 22:03:32] - (.-.) - [18.75 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210630-2203.log [MD5.F4828567DDF3B0469F9A02890FAED510] - |A| - [30/06/2021 22:47:11] - (.-.) - [8.6 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210630-2247.log [MD5.D10C0B363F29A8737186756ED0B03C41] - |A| - [01/07/2021 08:59:24] - (.-.) - [8.5 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210701-0859.log [MD5.FF48445CB3B5ECED7472BD0B07D00A5F] - |A| - [01/07/2021 09:02:24] - (.-.) - [11.04 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210701-0902.log [MD5.F2A47E0CA40A6B700620E317BA7B3A1A] - |A| - [01/07/2021 09:32:30] - (.-.) - [11.56 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210701-0932.log [MD5.232B460989A36DCB6DA273BCC3F2B30C] - |A| - [01/07/2021 09:35:54] - (.-.) - [10.8 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210701-0935.log [MD5.EC83E97C0121C16C0EF9A66007A6552F] - |A| - [01/07/2021 11:12:59] - (.-.) - [19.13 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210701-1112.log [MD5.B0883A9BD60DBC91C6265261F2689219] - |A| - [01/07/2021 11:49:40] - (.-.) - [11.05 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210701-1149.log [MD5.DC5BA70959CA41D6F5F36C0466EF9BF6] - |A| - [01/07/2021 12:14:55] - (.-.) - [11.58 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210701-1214.log [MD5.BD31DB2C7B6FCFB608EC0A46191104DF] - |A| - [01/07/2021 12:41:28] - (.-.) - [11.6 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210701-1241.log [MD5.58405004C6AD62EED500E3D69C5F30DE] - |A| - [01/07/2021 12:51:35] - (.-.) - [11.52 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210701-1251.log [MD5.8CCFF5366548C8334E242E47D93A707D] - |A| - [01/07/2021 13:21:11] - (.-.) - [11.6 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210701-1321.log [MD5.5D7B319E673446CE7215B64C5C0AFCE0] - |A| - [01/07/2021 15:54:54] - (.-.) - [16.7 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210701-1554.log [MD5.D7C95FBA5D86F4981F8C7024FF707CB8] - |A| - [01/07/2021 15:59:54] - (.-.) - [82.28 Ko] - (0.0.0.0) - C:\Windows\Temp\JOBUREAU-20210701-1559.log [MD5.979AA6969671D5314AB337944B88DD69] - |A| - [01/07/2021 15:29:30] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\Windows\Temp\jusched.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [28/06/2021 11:46:56] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\mat-debug-12212.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [29/06/2021 12:46:57] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\mat-debug-13520.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [30/06/2021 14:28:02] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\mat-debug-14172.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2021 15:46:56] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\mat-debug-14544.log [MD5.24012855A97E3D4BCD8887D071BF02A6] - |A| - [06/04/2021 10:08:09] - (.-.) - [169.61 Ko] - (0.0.0.0) - C:\Windows\Temp\MpCmdRun.log [MD5.00000000000000000000000000000000] - |D| - [28/06/2021 09:49:33] - [0 Ko] - C:\Windows\Temp\OfficeC2R491D5E86-D65B-4EA0-B72F-CADD3B0C81A6 [MD5.00000000000000000000000000000000] - |D| - [30/06/2021 10:44:05] - [0 Ko] - C:\Windows\Temp\OfficeC2R6C7230FA-A04F-4E83-A315-8FF53CBFC3FF [MD5.00000000000000000000000000000000] - |D| - [01/07/2021 11:13:28] - [0 Ko] - C:\Windows\Temp\OfficeC2RBF61BBD0-DB2D-4D8C-A735-DD75C1F3AD55 [MD5.00000000000000000000000000000000] - |D| - [29/06/2021 10:22:19] - [0 Ko] - C:\Windows\Temp\OfficeC2RF3F7F3A4-E275-4F1D-B68C-5FBDB41048F9 [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [28/06/2021 09:46:01] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\officeclicktorun.exe_streamserver(202106280946011208).log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [29/06/2021 17:40:08] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\officeclicktorun.exe_streamserver(202106291740081010).log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [30/06/2021 21:22:05] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\officeclicktorun.exe_streamserver(202106302122051350).log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [30/06/2021 21:58:27] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\officeclicktorun.exe_streamserver(202106302158271484).log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/07/2021 15:54:49] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\officeclicktorun.exe_streamserver(2021070115544914EC).log [MD5.A3327F6DA580137204DF75ABB6474591] - |A| - [27/06/2021 21:00:02] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_5870.tmp [MD5.B9323F3D2D28D2F91E1CBF86DC61FA99] - |A| - [27/06/2021 21:00:17] - (.-.) - [256 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_9106.tmp [MD5.00000000000000000000000000000000] - |D| - [30/06/2021 18:21:03] - [0 Ko] - C:\Windows\Temp\WinSAT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:21] - [0 Ko] - C:\Windows\System32\0409 [MD5.C652A5EA6545C98CE71684018E0640E7] - |A| - [07/12/2019 11:09:00] - (.-.) - [3.1 Ko] - (0.0.0.0) - C:\Windows\System32\@AdvancedKeySettingsNotification.png [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [07/12/2019 11:08:44] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\Windows\System32\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [07/12/2019 11:08:45] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\Windows\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [07/12/2019 11:08:21] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\Windows\System32\@BackgroundAccessToastIcon.png [MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [07/12/2019 11:08:52] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\Windows\System32\@bitlockertoastimage.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [07/12/2019 11:08:52] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\Windows\System32\@EnrollmentToastIcon.png [MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [07/12/2019 11:08:58] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\Windows\System32\@language_notification_icon.png [MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [07/12/2019 11:09:45] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\Windows\System32\@optionalfeatures.png [MD5.A3437673F5766635A8378F67645B81C0] - |A| - [07/12/2019 11:09:37] - (.-.) - [0.35 Ko] - (0.0.0.0) - C:\Windows\System32\@StorageSenseToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [07/12/2019 11:09:07] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\Windows\System32\@VpnToastIcon.png [MD5.79166EAF65485F1432DD72B72870026B] - |A| - [07/12/2019 11:09:32] - (.-.) - [190.86 Ko] - (0.0.0.0) - C:\Windows\System32\@windows-hello-V4.1.gif [MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [07/12/2019 11:09:32] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsHelloFaceToastIcon.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.contrast-black.png [MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.contrast-white.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [07/12/2019 11:08:19] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\Windows\System32\@WirelessDisplayToast.png [MD5.147B047B46B79A91CC34499D4F89119E] - |A| - [07/12/2019 11:09:05] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\Windows\System32\@WLOGO_48x48.png [MD5.AC061A915A87A6E10C4BBCAECE9226EE] - |A| - [03/03/2021 18:22:28] - (.-.) - [115.71 Ko] - (0.0.0.0) - C:\Windows\System32\AcpiServiceVnA64.dll [MD5.31A16C523B62500F83C82217F056A538] - |A| - [07/12/2019 11:08:39] - (.-.) - [8.13 Ko] - (0.0.0.0) - C:\Windows\System32\ActiveHours.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2786.8 Ko] - C:\Windows\System32\AdvancedInstallers [MD5.A49C26AA0CADD994DE158F51CB7EEFBC] - |A| - [29/04/2021 16:04:17] - (.-.) - [13 Ko] - (0.0.0.0) - C:\Windows\System32\agentactivationruntimestarter.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5.97 Ko] - C:\Windows\System32\am-et [MD5.D03124A92936B3B1D38AC31D9B5582F8] - |A| - [05/11/2020 11:52:31] - (.-.) - [49.92 Ko] - (0.0.0.0) - C:\Windows\System32\ambakdrv.sys [MD5.00000000000000000000000000000000] - |D| - [19/06/2021 12:46:57] - [0 Ko] - C:\Windows\System32\AMD [MD5.390376AE42E7449C79C377D061DBB220] - |A| - [25/03/2021 13:35:56] - (.Copyright (C) 2020 Advanced Micro Devices, Inc. - AMD Crash Defender Service.) - [505.43 Ko] - (21.10.0.6) - C:\Windows\System32\amdfendrsr.exe [MD5.E76C5B99193514CC8CC75389F7ED1ABA] - |A| - [13/01/2015 17:47:02] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [61 Ko] - (8.14.10.23) - C:\Windows\System32\amdpcom64.dll [MD5.BA087137CA633C68B85EC58974A3A95D] - |A| - [13/01/2015 16:49:36] - (.Copyright (C) 2010 - amdverag Dynamic Link Library.) - [52 Ko] - (1.421.167.773) - C:\Windows\System32\amdverag.dll [MD5.98B78382C46541F2FFBFFB4CB3C709A2] - |A| - [05/11/2020 11:52:31] - (.-.) - [167.92 Ko] - (0.0.0.0) - C:\Windows\System32\ammntdrv.sys [MD5.A0A0DDB4093498D250FEC2C9ADC14282] - |A| - [09/12/2019 17:14:12] - (.-.) - [1058.03 Ko] - (0.0.0.0) - C:\Windows\System32\AmRdrIco.icl [MD5.301167E69BDE24CE24FB53376C422B3B] - |A| - [05/11/2020 11:52:31] - (.-.) - [37.42 Ko] - (0.0.0.0) - C:\Windows\System32\amwrtdrv.sys [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2808.41 Ko] - C:\Windows\System32\appraiser [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 16:53:51] - [287.49 Ko] - C:\Windows\System32\AppV [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [356 Ko] - C:\Windows\System32\ar-SA [MD5.C9486151C26D64A4933B95BA10BF730A] - |A| - [07/12/2019 11:09:34] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [614 Ko] - (3.3.2.0) - C:\Windows\System32\archiveint.dll [MD5.C4E526D30AA8F2534BBCEDA89D8F9820] - |A| - [09/03/2021 12:00:31] - (.-.) - [469 Ko] - (0.0.0.0) - C:\Windows\System32\AssignedAccessCsp.dll [MD5.2059EA19A24D3FEAEA78A230096D09E7] - |A| - [13/01/2015 16:20:58] - (.Copyright (C) 2008-2011 Advanced Micro Devices, Inc. - ADL.) - [523 Ko] - (6.14.10.1104) - C:\Windows\System32\atiadlxx.dll [MD5.B077E31C9D0B2838F8FB8B25612F01CC] - |A| - [13/01/2015 16:42:54] - (.-.) - [240.19 Ko] - (0.0.0.0) - C:\Windows\System32\atiapfxx.blb [MD5.E2F22EA6F5FDE687F63030EFBEADA205] - |A| - [13/01/2015 16:42:54] - (.Copyright (C) 2009 Advanced Micro Devices, Inc. - atiapfxx Application.) - [156 Ko] - (6.14.10.1001) - C:\Windows\System32\atiapfxx.exe [MD5.749584902AE80A53EFDA4F8FA03E1713] - |A| - [11/05/2009 21:35:30] - (.Copyright (C) 2008 Advanced Micro Devices, Inc. - ATIBRTMON.) - [116 Ko] - (2.0.0.0) - C:\Windows\System32\atibtmon.exe [MD5.CF4F51F3A8311D037F96534597655AE1] - |A| - [13/01/2015 16:26:38] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [43.5 Ko] - (6.14.10.1734) - C:\Windows\System32\aticalcl64.dll [MD5.B454E7672F37396A293F3DFE269A59DE] - |A| - [13/01/2015 16:26:32] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [15456.5 Ko] - (6.14.10.1734) - C:\Windows\System32\aticaldd64.dll [MD5.FECD61EBB8846F05E073F4F9CBE590B9] - |A| - [13/01/2015 16:26:40] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [50 Ko] - (6.14.10.1734) - C:\Windows\System32\aticalrt64.dll [MD5.C2EB05F7AD7EAE630EB242793CC756C5] - |A| - [13/01/2015 17:45:56] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx64.dll.) - [1068.38 Ko] - (8.17.10.1129) - C:\Windows\System32\aticfx64.dll [MD5.8D39CBFCB57AE2EE978FFDB9CD665368] - |A| - [13/01/2015 16:41:14] - (.2002-2012 - Graphics DEM.) - [432 Ko] - (2.0.5491.21036) - C:\Windows\System32\ATIDEMGX.dll [MD5.BBE2F5B836A4E8B1404E8F07FDB75E46] - |A| - [13/01/2015 17:45:48] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx64.dll.) - [7391.73 Ko] - (8.17.10.436) - C:\Windows\System32\atidxx64.dll [MD5.0594DCF055A1F567CAFF49B780BA0399] - |A| - [13/01/2015 16:41:14] - (.Copyright © 2008-2009 AMD - AMD External Events Client Module.) - [502 Ko] - (6.14.11.1122) - C:\Windows\System32\atieclxx.exe [MD5.6802962C8FDE1849DCE9E6DBE26DDC9B] - |A| - [13/01/2015 16:40:28] - (.Copyright (c) ATI Technologies Inc. 2003-2009 - atiedu64.) - [58 Ko] - (6.14.10.2514) - C:\Windows\System32\atiedu64.dll [MD5.7FE59496114A48A64E98E3218664A3E6] - |A| - [13/01/2015 16:41:00] - (.Copyright © 2008-2009 AMD - AMD External Events Service Module.) - [232.5 Ko] - (6.14.11.1122) - C:\Windows\System32\atiesrxx.exe [MD5.1E158EB3AB01407FBC84B7D657D1E5F2] - |A| - [13/01/2015 16:20:52] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [17.5 Ko] - (8.14.1.6264) - C:\Windows\System32\atig6pxx.dll [MD5.77FEF97F6F9FDD94F8E16E416D16E806] - |A| - [13/01/2015 16:20:50] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [41 Ko] - (8.14.1.6264) - C:\Windows\System32\atig6txx.dll [MD5.A7CB20638E8A29E0B96979DD069D43A7] - |A| - [13/01/2015 16:20:50] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [14.5 Ko] - (8.14.1.6264) - C:\Windows\System32\atiglpxx.dll [MD5.B0081A234F487A125AC131C11ADAA421] - |A| - [06/03/2012 17:59:32] - (.-.) - [604.32 Ko] - (0.0.0.0) - C:\Windows\System32\atiicdxx.dat [MD5.E76C5B99193514CC8CC75389F7ED1ABA] - |A| - [13/01/2015 17:47:02] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [61 Ko] - (8.14.10.23) - C:\Windows\System32\atimpc64.dll [MD5.9E28C9376B673EFA76CC9CF5D8786F1E] - |A| - [13/01/2015 16:40:30] - (.Copyright ? 2009 AMD - Multi-language DPPE DLL.) - [21 Ko] - (6.14.10.1002) - C:\Windows\System32\atimuixx.dll [MD5.3B081EE80C34082C27A003E156A780DE] - |A| - [13/01/2015 16:46:26] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [25407.5 Ko] - (6.14.10.11672) - C:\Windows\System32\atio6axx.dll [MD5.A6BAAA6608A9B00220E9D5C023FC53D1] - |A| - [22/06/2009 15:34:36] - (.Copyright (C) 2008 - ATIODCLI Application.) - [50 Ko] - (1.0.0.1) - C:\Windows\System32\ATIODCLI.exe [MD5.463FFBD3350E3EB57F7D5746EBD233CA] - |A| - [27/08/2010 18:33:08] - (.Copyright (C) 2008 - ATIODE Application.) - [325 Ko] - (1.0.0.1) - C:\Windows\System32\ATIODE.exe [MD5.64A0869F18560CD529120ADE00155C3E] - |A| - [12/09/2011 22:06:18] - (.-.) - [3.83 Ko] - (0.0.0.0) - C:\Windows\System32\atipblag.dat [MD5.C83158D2F7FD58C0835703F28B945AF8] - |A| - [13/01/2015 16:40:34] - (.Copyright 2006 - TMM Clone Control Module.) - [117.5 Ko] - (6.14.11.23) - C:\Windows\System32\atitmm64.dll [MD5.CE1EFB5068B709D54791F3F411B69C07] - |A| - [13/01/2015 17:46:00] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [49.95 Ko] - (8.14.1.6264) - C:\Windows\System32\atiu9p64.dll [MD5.6EE34F9CEEC4E465EF6A1E7DE61E6374] - |A| - [13/01/2015 17:45:22] - (.Copyright (C) 1998-2011 AMD Inc. - atiumdag.dll.) - [7363.56 Ko] - (7.14.10.911) - C:\Windows\System32\atiumd64.dll [MD5.D1D2669795A3201D600538F73800C098] - |A| - [13/01/2015 16:25:00] - (.-.) - [2752.72 Ko] - (0.0.0.0) - C:\Windows\System32\atiumd6a.cap [MD5.C2121AB45C156BED6F53AB71B7202063] - |A| - [13/01/2015 17:45:26] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [4191.59 Ko] - (8.14.10.359) - C:\Windows\System32\atiumd6a.dll [MD5.30C489D972541A8AEADB826D4334F831] - |A| - [13/01/2015 17:46:44] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [1040.74 Ko] - (7.14.10.184) - C:\Windows\System32\atiumd6v.dll [MD5.6671893C21AF1D53448FF5759671DCBA] - |A| - [13/01/2015 17:46:36] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [60.02 Ko] - (8.14.1.6264) - C:\Windows\System32\atiuxp64.dll [MD5.A3843B5810BE3B314D5D5E3B93E82AA7] - |A| - [13/01/2015 16:25:00] - (.-.) - [26.3 Ko] - (0.0.0.0) - C:\Windows\System32\ativvsnl.dat [MD5.CFBA17101E04BBCDA5E50CC8A92CEBB0] - |A| - [13/01/2015 16:25:00] - (.-.) - [0.02 Ko] - (0.0.0.0) - C:\Windows\System32\ativvsny.dat [MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [13/01/2015 16:25:00] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\Windows\System32\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [13/01/2015 16:25:00] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\Windows\System32\ativvsvl.dat [MD5.0A73290AB48EA9AAAED59B28B450573C] - |A| - [03/03/2021 18:22:32] - (.ASUSTeK COMPUTER INC. - ASUS WMI Interface for Gaming DT/NB.) - [163.1 Ko] - (3.0.0.1) - C:\Windows\System32\ATKWMI.dll [MD5.BDE5B2487D8BAD9F01E98A261F258BB1] - |A| - [03/03/2021 18:22:32] - (.-.) - [102.73 Ko] - (0.0.0.0) - C:\Windows\System32\audioLibVc.dll [MD5.5B50F9DC86238ABDBDFF550525217C18] - |A| - [03/03/2021 18:22:32] - (.(c) Audyssey Labs. - Audyssey Efx Apo.) - [2921.95 Ko] - (1.1.0.6) - C:\Windows\System32\AudysseyEfx.dll [MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [07/12/2019 11:08:07] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\Windows\System32\AverageRoom.bin [MD5.00000000000000000000000000000000] - |D| - [26/06/2021 14:55:04] - [71.57 Ko] - C:\Windows\System32\BestPractices [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [347.5 Ko] - C:\Windows\System32\bg-BG [MD5.705628497C0012302212A46ADD463E6E] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothPairingSystemToastIcon.contrast-black.png [MD5.F63C615733A3337BF2BEA96C6EE9B568] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothPairingSystemToastIcon.contrast-high.png [MD5.705628497C0012302212A46ADD463E6E] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothPairingSystemToastIcon.contrast-white.png [MD5.DAF1DCB4AEE839A1965F4CC160C49A53] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.34 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothPairingSystemToastIcon.png [MD5.28ECA83D7F9D10D69E969675D1FF6725] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.29 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothSystemToastIcon.contrast-white.png [MD5.A620186FF1CDE4EE117FC4CAD648B9CC] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.2 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5938.6 Ko] - C:\Windows\System32\Boot [MD5.3149A16CF39B9A49BD9A1EF98A1C527B] - |A| - [13/01/2021 11:39:03] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [186.5 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.1 Ko] - C:\Windows\System32\Bthprops [MD5.936CCC6EADD4831CDE23393AFCD850FB] - |A| - [21/10/2020 18:56:07] - (.(c) Conexant System, Inc. - CAFAPI.) - [112.42 Ko] - (3.0.0.1) - C:\Windows\System32\Caf64api.dll [MD5.F0D9E4A750746EB291D15798AA925D9D] - |A| - [21/10/2020 18:56:07] - (.©Conexant Systems, Inc. - Conexant Audio Processing Objects, (x64).) - [595.11 Ko] - (2.51.0.0) - C:\Windows\System32\CAF64APO2.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [135267.16 Ko] - C:\Windows\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [59716.91 Ko] - C:\Windows\System32\catroot2 [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [20.62 Ko] - C:\Windows\System32\CodeIntegrity [MD5.6426767D45A47CCC18BBBD6863680774] - |A| - [13/01/2015 16:33:12] - (.AMD. - CoInstaller DLL.) - [68 Ko] - (1.0.4.5) - C:\Windows\System32\coinst_8.97.100.9001.dll [MD5.64430E214B5B229D426D2D35538C402D] - |A| - [16/04/2021 18:31:23] - (.-.) - [366.38 Ko] - (0.0.0.0) - C:\Windows\System32\ColorImageEnhancement.wmv [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [377.5 Ko] - C:\Windows\System32\Com [MD5.535884123FABC2C15AA7DEC9834B55D4] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\Windows\System32\ComputerToastIcon.contrast-white.png [MD5.89F92266DFC6F93961DFFBB2D6C61A15] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\Windows\System32\ComputerToastIcon.png [MD5.9900B5A150F2D9361D1CEE3D14412E48] - |A| - [03/03/2021 18:22:40] - (.2013 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [119.37 Ko] - (1.0.0.4) - C:\Windows\System32\CONEQMSAPOGUILibrary.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [296025.09 Ko] - C:\Windows\System32\config [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [53.11 Ko] - C:\Windows\System32\Configuration [MD5.C113EC3ABF481A1B41F99BD721B513C3] - |A| - [14/04/2021 16:41:01] - (.-.) - [225.83 Ko] - (0.0.0.0) - C:\Windows\System32\containerdevicemanagement.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.34 Ko] - C:\Windows\System32\ContainerSettingsProviders [MD5.A41C1754A956E37B5E7D06D5167548E7] - |A| - [16/06/2021 16:22:31] - (.-.) - [280.5 Ko] - (0.0.0.0) - C:\Windows\System32\CoreMas.dll [MD5.82DF5576BDD96CE8DF5A06C0571EA463] - |A| - [16/04/2021 18:31:23] - (.-.) - [499.28 Ko] - (0.0.0.0) - C:\Windows\System32\cp_resources.bin [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [410 Ko] - C:\Windows\System32\cs-CZ [MD5.1C3645EBDDBE2DA6A32A5F9FB43A3C23] - |A| - [07/12/2019 11:09:34] - (.© 1996 - 2017 Daniel Stenberg, . - The curl executable.) - [411.5 Ko] - (7.55.1.0) - C:\Windows\System32\curl.exe [MD5.707DBFA069D1A078D5FC6CB57A9BB707] - |A| - [21/10/2020 18:56:07] - (.©Conexant Systems Inc. - Conexant APO.) - [1578.79 Ko] - (1.74.0.0) - C:\Windows\System32\CX64APO.dll [MD5.42403C608F1EB6A3A003ED8949C3CE04] - |A| - [21/10/2020 18:56:07] - (.©Conexant Systems Inc. - Conexant MFX APO Proxy.) - [1493.3 Ko] - (1.2.0.0) - C:\Windows\System32\CX64Proxy.dll [MD5.2B4C3D9F114EE40FEAD6A86395F2FC89] - |A| - [21/10/2020 18:56:07] - (.-.) - [5.47 Ko] - (0.0.0.0) - C:\Windows\System32\cxapo.lncs [MD5.7C5FD3EEC5147A5C2060B080AF7604D2] - |A| - [21/10/2020 18:56:07] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\Windows\System32\cxapo.prop [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [413.5 Ko] - C:\Windows\System32\da-DK [MD5.C071699F4F21B82606C72BAE2A430E1D] - |A| - [29/04/2021 16:04:21] - (.-.) - [162 Ko] - (0.0.0.0) - C:\Windows\System32\DataStoreCacheDumpTool.exe [MD5.00000000000000000000000000000000] - |D| - [01/10/2019 15:21:15] - [12756.74 Ko] - C:\Windows\System32\DAX2 [MD5.00000000000000000000000000000000] - |D| - [01/10/2019 15:21:16] - [10395.12 Ko] - C:\Windows\System32\DAX3 [MD5.A5004F78778AF628119AABEF39FDE538] - |A| - [03/03/2021 18:22:36] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX APO Property Page.) - [1507.95 Ko] - (1.1.8.14) - C:\Windows\System32\DAX3APOProp.dll [MD5.053D88E8A5AD3674F981C2B2F580ED06] - |A| - [03/03/2021 18:22:38] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX APO.) - [1340.14 Ko] - (1.1.8.14) - C:\Windows\System32\DAX3APOv251.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [271.02 Ko] - C:\Windows\System32\DDFs [MD5.502B7CC6B744832F0DCD284CEB7E74D9] - |A| - [03/03/2021 18:22:38] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [271.67 Ko] - (7.6.5.1) - C:\Windows\System32\DDPA64.dll [MD5.050DD462F0101A13DB3A9D8B34F72F6B] - |A| - [03/03/2021 18:22:40] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [308.49 Ko] - (7.6.7.2) - C:\Windows\System32\DDPA64F3.dll [MD5.5AE9E5815F98971D83BF528B5CBFE12A] - |A| - [03/03/2021 18:22:42] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1925.06 Ko] - (7.6.5.1) - C:\Windows\System32\DDPD64A.dll [MD5.A6AAAF453C6511A027526CB056E9D52E] - |A| - [03/03/2021 18:22:42] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1919.02 Ko] - (7.6.7.2) - C:\Windows\System32\DDPD64AF3.dll [MD5.C6A6E626B65FD1B020B4515E27BE7BD5] - |A| - [03/03/2021 18:22:44] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [325.13 Ko] - (7.6.5.1) - C:\Windows\System32\DDPO64A.dll [MD5.C7BAA30CCE3499E9C40C28A8C4FE8C03] - |A| - [03/03/2021 18:22:46] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [358.91 Ko] - (7.6.7.2) - C:\Windows\System32\DDPO64AF3.dll [MD5.4BCB02C183395C2E111BFE2D3052A479] - |A| - [03/03/2021 18:22:44] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6935.22 Ko] - (7.6.5.1) - C:\Windows\System32\DDPP64A.dll [MD5.03D749B96C5F2C1A13019F6AC5B33B52] - |A| - [03/03/2021 18:22:46] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6123.16 Ko] - (7.6.7.2) - C:\Windows\System32\DDPP64AF3.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [461.5 Ko] - C:\Windows\System32\de-DE [MD5.C1684AACAAD62889ACFCA988AA46562D] - |A| - [07/12/2019 11:08:21] - (.-.) - [28.83 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultAccountTile.png [MD5.057C75B5735EEF2A75ABF8F6770BCA34] - |A| - [02/11/2020 12:31:59] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [07/12/2019 11:14:56] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultQuestions.json [MD5.041A7B079E9776721847031A7CF533E1] - |A| - [07/12/2019 11:09:34] - (.-.) - [15.97 Ko] - (0.0.0.0) - C:\Windows\System32\DeliveryOptimizationMIProv.mof [MD5.59D5500F74109D59522F5A9457B8D9A2] - |A| - [07/12/2019 11:09:34] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\Windows\System32\DeliveryOptimizationMIProvUninstall.mof [MD5.B924F1A7DE5ED8331B3375A778B3FE38] - |A| - [07/12/2019 11:08:52] - (.-.) - [35.5 Ko] - (0.0.0.0) - C:\Windows\System32\deploymentcsphelper.exe [MD5.851A9305E14B348CA0D9C7FB75391FDB] - |A| - [07/12/2019 11:08:39] - (.-.) - [272.34 Ko] - (0.0.0.0) - C:\Windows\System32\DesktopKeepOnToastImg.gif [MD5.4A6FA3C0EFD237F104E09A22883D9388] - |A| - [07/12/2019 11:08:43] - (.-.) - [3.85 Ko] - (0.0.0.0) - C:\Windows\System32\DetailedReading-Default.xml [MD5.3B5BFF2D6826956AB7D71D61FBA8EC48] - |A| - [07/12/2019 11:10:18] - (.-.) - [131.5 Ko] - (0.0.0.0) - C:\Windows\System32\DeviceUpdateCenterCsp.dll [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [882 Ko] - C:\Windows\System32\DiagSvcs [MD5.037DF43BCC9F9A4DF6548FED8F4503AF] - |A| - [07/12/2019 11:08:37] - (.-.) - [82.96 Ko] - (0.0.0.0) - C:\Windows\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [9891.79 Ko] - C:\Windows\System32\Dism [MD5.254D1F4D191CE37B4A0FE4E042AF59F6] - |A| - [16/04/2021 18:31:23] - (.-.) - [811.4 Ko] - (0.0.0.0) - C:\Windows\System32\DisplayAudiox64.cab [MD5.6AB2B935BF38EB13CFCB9506223FD6E7] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\System32\DisplaySystemToastIcon.contrast-white.png [MD5.FF004E0B30E5E4EC747B3D8EF6E3B89E] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\Windows\System32\DisplaySystemToastIcon.png [MD5.00068E4CA72B23D8F697F8E68811B50A] - |A| - [03/03/2021 18:22:48] - (.© 2018 Dolby Laboratories, Inc. - Dolby DAX APO.) - [1573.13 Ko] - (3.20201.228.0) - C:\Windows\System32\DolbyAPOv251gm.dll [MD5.94BD9F8C7796123EBE50F7E78FB87DB6] - |A| - [03/03/2021 18:22:52] - (.© 2018 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [1257.34 Ko] - (3.20201.228.0) - C:\Windows\System32\DolbyAPOvlldpgm.dll [MD5.7C58B4661E5E76E802D0350579C0BB8D] - |A| - [03/03/2021 18:22:52] - (.© 2018 Dolby Laboratories, Inc. - Dolby DAX2 APO Property Page.) - [1131.94 Ko] - (0.8.8.33) - C:\Windows\System32\DolbyDAX2APOProp.dll [MD5.35180B976735567D9D015961C5B53FAA] - |A| - [03/03/2021 18:22:52] - (.© 2018 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [2387.28 Ko] - (0.8.8.33) - C:\Windows\System32\DolbyDAX2APOv201.dll [MD5.7D6AF06D3EE7B5018AB4B53704BBFC57] - |A| - [03/03/2021 18:22:54] - (.© 2018 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [5221.59 Ko] - (0.8.8.33) - C:\Windows\System32\DolbyDAX2APOv211.dll [MD5.DBE342B6163451138905E660F1AF9BE4] - |A| - [03/03/2021 18:22:56] - (.© 2016 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [1230.13 Ko] - (1.6.1.53) - C:\Windows\System32\DolbyDAX2APOvlldp.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2435.36 Ko] - C:\Windows\System32\downlevel [MD5.60E6C68CB0B797EDD0386A68526935A4] - |A| - [16/04/2021 18:31:23] - (.-.) - [0.91 Ko] - (0.0.0.0) - C:\Windows\System32\DPTopologyApp.exe.config [MD5.899E708E589C09700BFF1C73CB7D7002] - |A| - [16/04/2021 18:31:23] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\Windows\System32\DPTopologyAppv2_0.exe.config [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:17] - [189170.52 Ko] - C:\Windows\System32\drivers [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\DriverState [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [5799288.64 Ko] - C:\Windows\System32\DriverStore [MD5.4B3986DA7DAF912AFEB8B9F6F161A0A0] - |A| - [27/06/2021 13:02:40] - (.-.) - [11.07 Ko] - (0.0.0.0) - C:\Windows\System32\DrtmAuthTxt.wim [MD5.00000000000000000000000000000000] - |DC| - [01/10/2019 15:26:00] - [1236.17 Ko] - C:\Windows\System32\DRVSTORE [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [161.5 Ko] - C:\Windows\System32\dsc [MD5.E93A6EA083112B344F14506A6EB4D29F] - |A| - [03/03/2021 18:22:56] - (.(c) DTS. - DTS Bass Enhancement COM DLL.) - [733.61 Ko] - (1.0.0.1) - C:\Windows\System32\DTSBassEnhancementDLL64.dll [MD5.D3F0F371873BCD38B4937FEB39763193] - |A| - [03/03/2021 18:22:58] - (.(c) DTS. - DTS Boost COM DLL.) - [1480.65 Ko] - (1.0.0.1) - C:\Windows\System32\DTSBoostDLL64.dll [MD5.AEF2D6CAA39E8F1A449B03999E5C547A] - |A| - [03/03/2021 18:23:00] - (.(c) DTS. - DTS Gain Compensator COM DLL.) - [438.01 Ko] - (1.0.0.1) - C:\Windows\System32\DTSGainCompensatorDLL64.dll [MD5.845C0BA1839AF48955754D628CC27799] - |A| - [03/03/2021 18:23:02] - (.(c) DTS. - DTS GFX APO.) - [255.03 Ko] - (1.0.0.3) - C:\Windows\System32\DTSGFXAPO64.dll [MD5.1491893CCFD12CE7DB09FC363B1E2D3A] - |A| - [03/03/2021 18:23:02] - (.(c) DTS. - DTS GFX APO.) - [254.03 Ko] - (1.0.0.3) - C:\Windows\System32\DTSGFXAPONS64.dll [MD5.BE19DEA64C7493F752EFEB150CFCC724] - |A| - [03/03/2021 18:23:04] - (.(c) DTS. - DTS LFX APO.) - [254.98 Ko] - (1.0.0.3) - C:\Windows\System32\DTSLFXAPO64.dll [MD5.481B91977DEFAD8E6C897D7309D66668] - |A| - [03/03/2021 18:23:06] - (.(c) DTS. - DTS Limiter COM DLL.) - [442.02 Ko] - (1.0.0.1) - C:\Windows\System32\DTSLimiterDLL64.dll [MD5.31B52984713D8E30308F2C4B31116EA9] - |A| - [03/03/2021 18:23:06] - (.(c) DTS. - DTS NEO:PC COM DLL.) - [499.55 Ko] - (1.0.0.1) - C:\Windows\System32\DTSNeoPCDLL64.dll [MD5.79DD5F8713BB69260964A5FEF127EE9C] - |A| - [03/03/2021 18:23:12] - (.(c) DTS. - DTS Surround Sensation Headphone COM DLL.) - [1560.83 Ko] - (1.0.0.1) - C:\Windows\System32\DTSS2HeadphoneDLL64.dll [MD5.0DD95A55154B5FC7D692470B17352764] - |A| - [03/03/2021 18:23:12] - (.(c) DTS. - DTS Surround Sensation Speaker COM DLL.) - [1745.95 Ko] - (1.0.0.1) - C:\Windows\System32\DTSS2SpeakerDLL64.dll [MD5.72355827DD68B7221AB5D9AF441AC225] - |A| - [03/03/2021 18:23:14] - (.(c) DTS. - DTS Symmetry COM DLL.) - [717.45 Ko] - (1.0.0.1) - C:\Windows\System32\DTSSymmetryDLL64.dll [MD5.B692F28F37DEFAA40086C2F347207BEE] - |A| - [21/10/2020 18:56:09] - (.(c) DTS. - DTS GFX APO.) - [488.82 Ko] - (2.1.1.0) - C:\Windows\System32\DTSU2PGFX64.dll [MD5.7505A31B570656C12AE138B3B015BF20] - |A| - [21/10/2020 18:56:09] - (.(c) DTS. - DTS LFX APO.) - [502.46 Ko] - (2.1.1.0) - C:\Windows\System32\DTSU2PLFX64.dll [MD5.A0C71F41AF8714B176E1B671A0451EAE] - |A| - [21/10/2020 18:56:09] - (.(c) DTS. - DTS LFX APO.) - [418.19 Ko] - (2.1.1.0) - C:\Windows\System32\DTSU2PREC64.dll [MD5.5B1E9E579725828F7BEA9CEA8C9385F4] - |A| - [03/03/2021 18:23:14] - (.(c) DTS. - DTS Voice Clarity COM DLL.) - [698.77 Ko] - (1.0.0.1) - C:\Windows\System32\DTSVoiceClarityDLL64.dll [MD5.64E652DC979CB9EF1AEE91DBD4F8C624] - |A| - [13/01/2021 11:39:09] - (.-.) - [2201.5 Ko] - (0.0.0.0) - C:\Windows\System32\dwmscene.dll [MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [07/12/2019 11:08:07] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicLong.bin [MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [07/12/2019 11:08:07] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicMedium.bin [MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [07/12/2019 11:08:07] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicShort.bin [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [467 Ko] - C:\Windows\System32\el-GR [MD5.00000000000000000000000000000000] - |D| - [03/09/2019 19:52:08] - [22.42 Ko] - C:\Windows\System32\elambkup [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:21] - [0 Ko] - C:\Windows\System32\en [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [326.5 Ko] - C:\Windows\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1667 Ko] - C:\Windows\System32\en-US [MD5.1D0A840D731A2C1F2E1FB5B8596B4C34] - |A| - [13/01/2021 11:39:01] - (.-.) - [148.5 Ko] - (0.0.0.0) - C:\Windows\System32\EoAExperiences.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [441.5 Ko] - C:\Windows\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [361.5 Ko] - C:\Windows\System32\es-MX [MD5.BAC5074667751F72A9CE48CDC31BAC48] - |A| - [23/01/2018 19:55:50] - (.Copyright (C) 2007 SEIKO EPSON CORP. - E_GCINST.) - [10.5 Ko] - (1.0.0.6) - C:\Windows\System32\E_GCINST.DLL [MD5.225B67EE62F582B3BEFC5DAF72E8FAA2] - |A| - [23/01/2018 19:55:49] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2009. - ECBTEGB AMD64.) - [86 Ko] - (3.1.0.0) - C:\Windows\System32\E_IBCBGDE.DLL [MD5.059B16DB7FD14D38B7F4E312D793B972] - |A| - [23/01/2018 19:55:49] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2008. - EPSON Bi-directional Monitor AMD64.) - [116 Ko] - (3.0.0.0) - C:\Windows\System32\E_ILMGDE.DLL [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [16718.64 Ko] - C:\Windows\System32\F12 [MD5.4DED57BD7ACB9B0EBBE82034EC44645A] - |A| - [07/12/2019 11:08:41] - (.-.) - [43.22 Ko] - (0.0.0.0) - C:\Windows\System32\FeatureToastBulldogImg.png [MD5.7F65C93283F31EB39E311DDDC00DFBA6] - |A| - [02/11/2020 12:34:06] - (.-.) - [16.54 Ko] - (0.0.0.0) - C:\Windows\System32\FeatureToastDlpImg.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7.11 Ko] - C:\Windows\System32\ff-Adlm-SN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [419 Ko] - C:\Windows\System32\fi-FI [MD5.A08B87CC51FB774ED45FDF4284B1974F] - |A| - [16/04/2021 18:31:23] - (.-.) - [626.49 Ko] - (0.0.0.0) - C:\Windows\System32\FilmModeDetection.wmv [MD5.92FE23D343C3A9131DD2C34F90410258] - |A| - [02/11/2020 18:05:02] - (.-.) - [500.98 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:21] - [3490.5 Ko] - C:\Windows\System32\fr [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [372 Ko] - C:\Windows\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [48504.51 Ko] - C:\Windows\System32\fr-FR [MD5.F5CA01AB732F8723CEB0118923F1AD32] - |A| - [29/04/2021 16:04:50] - (.-.) - [684.5 Ko] - (0.0.0.0) - C:\Windows\System32\FsNVSDeviceSource.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:51:43] - [0 Ko] - C:\Windows\System32\FxsTmp [MD5.41FD64AE28A0C932CA7B2A250993D675] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\System32\GameSystemToastIcon.contrast-white.png [MD5.6DC77FD8B062264AF1C6DA325ABB7010] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\Windows\System32\GameSystemToastIcon.png [MD5.2E6AF4D5BF6E31E728F409984C3045D4] - |A| - [07/12/2019 11:09:48] - (.-.) - [86.7 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs [MD5.899E708E589C09700BFF1C73CB7D7002] - |A| - [16/04/2021 18:31:23] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxv2_0.exe.config [MD5.60E6C68CB0B797EDD0386A68526935A4] - |A| - [16/04/2021 18:31:23] - (.-.) - [0.91 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxv4_0.exe.config [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [24/04/2021 15:58:29] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\System32\GfxValDisplayLog.bin [MD5.0DF0C9B3F7EF17319600CBCCAC2D8082] - |A| - [20/01/2020 12:11:44] - (.Kerish Products 2005-2018. - GPU Info Library.) - [60.12 Ko] - (1.3.0.0) - C:\Windows\System32\GPUTemp.dll [MD5.00000000000000000000000000000000] - |HD| - [03/09/2019 15:51:16] - [1.28 Ko] - C:\Windows\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [03/09/2019 15:51:16] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers [MD5.EA99A87E98D995DE6E280CF85CEAD413] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\Windows\System32\HandwritingSystemToastIcon.contrast-white.png [MD5.B8E586ED92DB703FFA480E254996160E] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\Windows\System32\HandwritingSystemToastIcon.png [MD5.0BF2969C5B3F9F770E194B4F8D632CF0] - |A| - [03/03/2021 18:23:04] - (.(c) 2016 Harman. - Harman APO Interface.) - [150.64 Ko] - (1.2.0.0) - C:\Windows\System32\HarmanAudioInterface.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [329.5 Ko] - C:\Windows\System32\he-IL [MD5.6E9E9D56B192B2995493E529CFF2BBFE] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.43 Ko] - (0.0.0.0) - C:\Windows\System32\HeadphoneSystemToastIcon.contrast-white.png [MD5.7F1E9502267F778F3A8139C35A352190] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.09 Ko] - (0.0.0.0) - C:\Windows\System32\HeadphoneSystemToastIcon.png [MD5.202A07E4526B050E22624328E64E0470] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\Windows\System32\HeadsetSystemToastIcon.contrast-white.png [MD5.1892ACC10CAC009BCAC146AD650ABA58] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\Windows\System32\HeadsetSystemToastIcon.png [MD5.031713BFD5F30E63336D3CA5D2767BE9] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.79 Ko] - (0.0.0.0) - C:\Windows\System32\HealthSystemToastIcon.contrast-white.png [MD5.C1BD7976C99830E33A713D02374054EC] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.62 Ko] - (0.0.0.0) - C:\Windows\System32\HealthSystemToastIcon.png [MD5.6D2BA2902199292D57806E3C53C587BF] - |A| - [13/01/2021 11:38:31] - (.-.) - [299.5 Ko] - (0.0.0.0) - C:\Windows\System32\HeatCore.dll [MD5.B88B830F3D0D93FDA6F6DB791B5AEA75] - |A| - [03/03/2021 18:23:10] - (.© 2018 Dolby Laboratories, Inc. - Dolby DAX2 HiFi API.) - [369.41 Ko] - (0.8.8.85) - C:\Windows\System32\HiFiDAX2API.dll [MD5.FA5DE30CC3973CB4A07273F555F1F2F0] - |A| - [03/03/2021 18:23:16] - (.© 2016 Dolby Laboratories, Inc. - Dolby DAX2 HiFi API.) - [396.82 Ko] - (1.6.1.55) - C:\Windows\System32\HiFiDAX2APIPCLL.dll [MD5.C49D32095C294ACA8083C5CBDF9AF79D] - |A| - [03/03/2021 18:23:18] - (.© Harman. - Audio by Harman APO.) - [351.8 Ko] - (1.4.0.0) - C:\Windows\System32\HMClariFi.dll [MD5.FCB2575C6E9015971F1AA9CB7F925CA5] - |A| - [03/03/2021 18:23:22] - (.© Harman. - Audio by Harman APO.) - [186.35 Ko] - (1.4.0.0) - C:\Windows\System32\HMEQ.dll [MD5.568C79113E05562EF102F9D278E7C035] - |A| - [03/03/2021 18:23:22] - (.© Harman. - Audio by Harman APO.) - [186.35 Ko] - (1.4.0.0) - C:\Windows\System32\HMEQ_Voice.dll [MD5.1789EF12BE53825A26FEEF9F2C1E78C9] - |A| - [03/03/2021 18:23:24] - (.© Harman. - Audio by Harman APO.) - [198.95 Ko] - (1.4.0.0) - C:\Windows\System32\HMHVS.dll [MD5.FE7096F47E5BC994E139C68E209397AC] - |A| - [03/03/2021 18:23:26] - (.© Harman. - Audio by Harman APO.) - [175.28 Ko] - (1.4.0.0) - C:\Windows\System32\HMLimiter.dll [MD5.8673358A3AED73B9A3A2A5CAC0A97B7D] - |A| - [03/03/2021 18:23:12] - (.?Harman. - Audio by Harman APO UI.) - [406.64 Ko] - (1.4.0.0) - C:\Windows\System32\HMUI.dll [MD5.B6037A4AD99A567A34F7A014F8B42069] - |A| - [13/01/2021 11:42:03] - (.-.) - [134.82 Ko] - (0.0.0.0) - C:\Windows\System32\HvsiManagementApi.dll [MD5.871CA2345825E86D1D2D2A2E9E475D4F] - |A| - [02/11/2020 12:36:49] - (.-.) - [44.8 Ko] - (0.0.0.0) - C:\Windows\System32\HvSocket.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:53:51] - [149.55 Ko] - C:\Windows\System32\Hydrogen [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5.36 Ko] - C:\Windows\System32\ias [MD5.F444AF0FF83798744FCF252940AE4C27] - |A| - [03/03/2021 18:23:30] - (.Copyright (c) 2019, ICEpower A/S - ICEpower ICEsound APO.) - [626.59 Ko] - (2.0.0.9) - C:\Windows\System32\ICEsoundAPO64.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [36.27 Ko] - C:\Windows\System32\icsxml [MD5.947D07FA32ABB13DB520016769EB901B] - |A| - [16/06/2021 16:22:42] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Combined Library.) - [2207.5 Ko] - (64.2.0.0) - C:\Windows\System32\icu.dll [MD5.A7B574704574F326B92DCEA872F1E9E1] - |A| - [02/11/2020 12:33:20] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N Forwarder DLL.) - [24.5 Ko] - (64.2.0.0) - C:\Windows\System32\icuin.dll [MD5.4A85A9DEA3D47D95CEF5525586756EA6] - |A| - [02/11/2020 12:33:20] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common Forwarder DLL.) - [29 Ko] - (64.2.0.0) - C:\Windows\System32\icuuc.dll [MD5.AB2D50B6F3C665B55C8E5A049D59E7CC] - |A| - [17/11/2016 14:25:44] - (.-.) - [5663.46 Ko] - (0.0.0.0) - C:\Windows\System32\igdclbif.bin [MD5.795082C1751F5F7E40AF98A9CA5DAC95] - |A| - [16/04/2021 18:31:28] - (.Copyright (C) 2012-2015 - MDF(CM) Runtime DX11 Dynamic Link Library.) - [168.52 Ko] - (5.0.0.1148) - C:\Windows\System32\igfx11cmrt64.dll [MD5.F5C52FAAED53FF77E66954A15931F74B] - |A| - [16/04/2021 18:31:28] - (.Copyright (C) 2010 - 2015 - MDF(CM) JIT Dynamic Link Library.) - [1544.9 Ko] - (5.0.0.1148) - C:\Windows\System32\igfxcmjit64.dll [MD5.4363604B798969DBFCE0326E0543BCE3] - |A| - [16/04/2021 18:31:28] - (.Copyright (C) 2010 - 2015 - MDF(CM) Runtime Dynamic Link Library.) - [169.52 Ko] - (5.0.0.1148) - C:\Windows\System32\igfxcmrt64.dll [MD5.3986947630D83BD2984AC8551DF457BE] - |A| - [16/04/2021 18:31:23] - (.-.) - [258.4 Ko] - (0.0.0.0) - C:\Windows\System32\igfxCPL.cpl [MD5.06C45A03EDB8D2767B2E1E878A1E7D7E] - |A| - [16/04/2021 18:31:28] - (.-.) - [92.4 Ko] - (0.0.0.0) - C:\Windows\System32\igfxCUIServicePS.dll [MD5.634183CAEEC6076BED33120073878B72] - |A| - [16/04/2021 18:31:28] - (.-.) - [74.4 Ko] - (1.0.0.0) - C:\Windows\System32\igfxDHLib.dll [MD5.2399EBE0672FB9E141E261B68E8798B8] - |A| - [16/04/2021 18:31:28] - (.-.) - [84.4 Ko] - (1.0.0.0) - C:\Windows\System32\igfxDHLibv2_0.dll [MD5.4AFB8E1D3C0830F48C0F61270E360496] - |A| - [16/04/2021 18:31:28] - (.-.) - [19.9 Ko] - (1.0.0.0) - C:\Windows\System32\igfxDILib.dll [MD5.95322C5C0783C123DF8423CD5301B559] - |A| - [16/04/2021 18:31:28] - (.-.) - [19.9 Ko] - (1.0.0.0) - C:\Windows\System32\igfxDILibv2_0.dll [MD5.C8E50DBA3943C412BF0D016A442FA7C1] - |A| - [16/04/2021 18:31:28] - (.-.) - [18.4 Ko] - (1.0.0.0) - C:\Windows\System32\igfxEMLib.dll [MD5.7C4AAED1FE3D5F08A77602E37AFC0BE1] - |A| - [16/04/2021 18:31:28] - (.-.) - [18.4 Ko] - (1.0.0.0) - C:\Windows\System32\igfxEMLibv2_0.dll [MD5.1040AA193DDC23278D80B06812ED1B3C] - |A| - [16/04/2021 18:31:28] - (.-.) - [13.4 Ko] - (1.0.0.0) - C:\Windows\System32\igfxLHMLib.dll [MD5.8DE54EA0677F7DBECC2FA6608A57E9BC] - |A| - [16/04/2021 18:31:28] - (.-.) - [13.4 Ko] - (1.0.0.0) - C:\Windows\System32\igfxLHMLibv2_0.dll [MD5.B1D0ACB9199272E5209A18144557936A] - |A| - [16/04/2021 18:31:24] - (.-.) - [989.86 Ko] - (0.0.0.0) - C:\Windows\System32\igfxSDK.exe [MD5.9E2B6B46DD29F2B63168629E0017DE33] - |A| - [16/04/2021 18:31:28] - (.-.) - [89.9 Ko] - (1.0.0.0) - C:\Windows\System32\igfxSDKLib.dll [MD5.23BEDEE5074EF44B7A51F01C1D602858] - |A| - [16/04/2021 18:31:28] - (.-.) - [100.4 Ko] - (1.0.0.0) - C:\Windows\System32\igfxSDKLibv2_0.dll [MD5.3E553991D1811C097ACF259F883D8AC6] - |A| - [16/04/2021 18:31:24] - (.-.) - [382.36 Ko] - (0.0.0.0) - C:\Windows\System32\igfxTray.exe [MD5.8AC373F4A5A8E34E97F0C2B54E227574] - |A| - [16/04/2021 18:31:23] - (.-.) - [1344 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxa64.cpa [MD5.AB07C2EDD36510773CCB2CDE86961461] - |A| - [16/04/2021 18:31:23] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxa64.vp [MD5.4E967268EC80FF454D7391D598BA5E10] - |A| - [16/04/2021 18:31:23] - (.-.) - [43.16 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxc64.vp [MD5.5F8C37E8469B67AC76C2AD6050AE6513] - |A| - [16/04/2021 18:31:23] - (.-.) - [42.2 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxc64_dev.vp [MD5.2A8578240F878F098205E1DC75DF4834] - |A| - [16/04/2021 18:31:23] - (.-.) - [42.73 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxg64.vp [MD5.6485A3A7D87E7D49D55E3E814290BA26] - |A| - [16/04/2021 18:31:23] - (.-.) - [42.71 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxg64_dev.vp [MD5.392AF7118598E658B41C4716642B7D4B] - |A| - [16/04/2021 18:31:23] - (.-.) - [41.52 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxo64.vp [MD5.828CF0AA3495A32D1DADF9CB56BFCDEA] - |A| - [16/04/2021 18:31:23] - (.-.) - [42.13 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxo64_dev.vp [MD5.8A577D0DBA95425E45FEED6DFB20C85B] - |A| - [16/04/2021 18:31:23] - (.-.) - [4.74 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxs64.vp [MD5.388BE35F952EC7F057CDD79E8EDF9A18] - |A| - [11/11/2020 10:34:26] - (.-.) - [193 Ko] - (0.0.0.0) - C:\Windows\System32\IHDS.dll [MD5.905B872A39FEDA81895E005F12C7EF3E] - |A| - [16/05/2020 18:56:39] - (.-.) - [713.9 Ko] - (0.0.0.0) - C:\Windows\System32\im-fre.exe [MD5.3ED204C864E5CC3C78D3DBB707D102D1] - |A| - [16/04/2021 18:31:23] - (.-.) - [394.21 Ko] - (0.0.0.0) - C:\Windows\System32\ImageStabilization.wmv [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [26862.43 Ko] - C:\Windows\System32\IME [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5454.98 Ko] - C:\Windows\System32\inetsrv [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6943 Ko] - C:\Windows\System32\InputMethod [MD5.8DE9AE82152650C178BF1E24014E8503] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\Windows\System32\InputSystemToastIcon.contrast-white.png [MD5.0B9FBD6F3ED617CD36D042D3422F1C2B] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\Windows\System32\InputSystemToastIcon.png [MD5.8AD25A38320BD6187910262D262FE904] - |A| - [16/04/2021 18:31:24] - (.Copyright (C) 2015 - IntelCpHDCPSvc Executable.) - [399.86 Ko] - (1.0.0.1) - C:\Windows\System32\IntelCpHDCPSvc.exe [MD5.EB8F3A17114474C69DB570B2EAA8E6C4] - |A| - [16/04/2021 18:31:28] - (.Copyright © The Khronos Group Inc 2014 - OpenCL Client DLL.) - [88.9 Ko] - (2.0.2.0) - C:\Windows\System32\Intel_OpenCL_ICD64.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\Ipmi [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [442 Ko] - C:\Windows\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [331.34 Ko] - C:\Windows\System32\ja-jp [MD5.4B50A976673054965C8D75832DD01FB6] - |A| - [21/10/2020 18:56:11] - (.© Knowles Electronics. - Knowles HD Audio APO.) - [603.7 Ko] - (4.1105.6000.53) - C:\Windows\System32\KAAPORT64.dll [MD5.23AC7515B6D8A794BCC01B582F044078] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\Windows\System32\KeyboardSystemToastIcon.contrast-white.png [MD5.3DF873E16CCEA9B42857FB5FA085CB00] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\Windows\System32\KeyboardSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10192.95 Ko] - C:\Windows\System32\Keywords [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [302.5 Ko] - C:\Windows\System32\ko-KR [MD5.9451D4436E2EA67EB33FCC764E4AABED] - |A| - [07/12/2019 11:08:39] - (.-.) - [186.29 Ko] - (0.0.0.0) - C:\Windows\System32\LaptopPlugInToastImg.gif [MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [07/12/2019 11:08:07] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\Windows\System32\LargeRoom.bin [MD5.C15D2C94E3C94CEFE8DE6A9D36C35FD1] - |A| - [13/10/2016 21:55:18] - (.(C) 1991-2012 Logitech. - LDA Component Extensions (UNICODE).) - [2410.45 Ko] - (1.10.77.0) - C:\Windows\System32\LdaCx2.dll [MD5.14BE6A1C21780D85AD3F1D09283C56DA] - |A| - [29/04/2021 16:05:00] - (.-.) - [1647.5 Ko] - (3.0.2.0) - C:\Windows\System32\libcrypto.dll [MD5.4ED18CFCF82A31185E47338357910917] - |A| - [06/09/2019 14:37:30] - (.© 1996 - 2017 Daniel Stenberg, . - libcurl Shared Library.) - [569.57 Ko] - (7.58.0.0) - C:\Windows\System32\LIBCURL.DLL [MD5.1D8215F7F8CD02A553499B534CCFB4D5] - |A| - [13/09/2020 09:59:10] - (.2002-2009 S. Meyer; 2010 T. Robinson - libusb-win32 - DLL.) - [74.59 Ko] - (1.2.6.0) - C:\Windows\System32\libusb0.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [625.17 Ko] - C:\Windows\System32\Licenses [MD5.6FCFAF52ABBDB229A123A7402B2BC3E3] - |A| - [02/09/2019 14:44:07] - (.(C) 1998-2018 Logitech. - Logitech KMDF Co-Installer (UNICODE).) - [1810.62 Ko] - (5.92.28.0) - C:\Windows\System32\LkmdfCoInst.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [48867.22 Ko] - C:\Windows\System32\LogFiles [MD5.1F1E9FBB7FE7A39A84A061F6EF7003B4] - |A| - [13/10/2016 21:55:24] - (.Copyright © 2010-2012 Logitech. All Rights Reserved - Logitech Download Assistant.) - [3850.45 Ko] - (1.10.77.0) - C:\Windows\System32\LogiLDA.DLL [MD5.00000000000000000000000000000000] - |D| - [01/10/2020 20:00:38] - [512 Ko] - C:\Windows\System32\Logs [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [335.5 Ko] - C:\Windows\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [333.5 Ko] - C:\Windows\System32\lv-LV [MD5.4D4248F6D008D86D5575EE5B154971AE] - |A| - [20/03/2020 20:34:23] - (.(c) 1996-2012 Logitech. - Logitech Co-Installer.) - [256.28 Ko] - (13.80.853.0) - C:\Windows\System32\lvco1380853.dll [MD5.1A8AE8A66B6C289046276453768EF270] - |A| - [20/03/2020 20:34:23] - (.-.) - [28.8 Ko] - (0.0.0.0) - C:\Windows\System32\lvcoin64.ini [MD5.685B394B461478CF9F864A5CC6E80277] - |A| - [26/04/2020 09:29:20] - (.-.) - [0.45 Ko] - (0.0.0.0) - C:\Windows\System32\lvcoinst.log [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [59.06 Ko] - C:\Windows\System32\Macromed [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:52:40] - [32.68 Ko] - C:\Windows\System32\MailContactsCalendarSync [MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [07/12/2019 11:10:41] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\Windows\System32\manage-bde.wsf [MD5.6C3157FD2E850739EDEA659D40D0977D] - |A| - [21/10/2020 18:56:11] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [322.8 Ko] - (2.2.9.0) - C:\Windows\System32\MaxxAudioAPO20.dll [MD5.84E57F29ADF92B001C5EB4DB2AB2F7B1] - |A| - [21/10/2020 18:56:11] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [662.28 Ko] - (3.6.0.0) - C:\Windows\System32\MaxxAudioAPO30.dll [MD5.963A8F89B0CC40B14F27FCAD30BE8CA3] - |A| - [21/10/2020 18:56:11] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1138.82 Ko] - (4.5.8.0) - C:\Windows\System32\MaxxAudioAPO4064.dll [MD5.CD896175B887ACCD27F789A2998D0774] - |A| - [21/10/2020 18:56:11] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1185.21 Ko] - (5.6.5.0) - C:\Windows\System32\MaxxAudioAPO5064.dll [MD5.CBDFB5557D482AD114B501A3FE4541BF] - |A| - [21/10/2020 18:56:11] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1389.57 Ko] - (6.1.17.0) - C:\Windows\System32\MaxxAudioAPO6064.dll [MD5.B48DE64266518A9CD20B826F595ED469] - |A| - [21/10/2020 18:56:11] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [2237.6 Ko] - (7.0.24.0) - C:\Windows\System32\MaxxAudioAPO7064.dll [MD5.8DD9C5774067C9BE2D3A0E935D135420] - |A| - [21/10/2020 18:56:11] - (.Copyright (C) 2010-2013 - MaxxAudio APO Shell.) - [909.78 Ko] - (4.10.8.0) - C:\Windows\System32\MaxxAudioAPOShell64.dll [MD5.811ADFEF0647CF13888082F76868C16D] - |A| - [21/10/2020 18:56:11] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [24031.52 Ko] - (4.5.4.0) - C:\Windows\System32\MaxxAudioCapture64.dll [MD5.82244FEFCFEB8B4D7CBC8212A614AB5A] - |A| - [21/10/2020 18:56:12] - (.Copyright © 1996-2014 -.) - [2002.13 Ko] - (4.1.1.0) - C:\Windows\System32\MaxxAudioEQ64.dll [MD5.1076EC14B45D3AC6E2A0194844C9EFDD] - |A| - [21/10/2020 18:56:12] - (.Copyright © 1996-2013 -.) - [13727.78 Ko] - (4.4.10.0) - C:\Windows\System32\MaxxAudioRealtek64.dll [MD5.CBBF1E407F1157AFDDF90C48C19C4894] - |A| - [21/10/2020 18:56:12] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [23207.41 Ko] - (7.5.5.0) - C:\Windows\System32\MaxxAudioRender64.dll [MD5.7347AD6DECABD5936EA7B65F9B3D8AAD] - |A| - [21/10/2020 18:56:12] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [23303.76 Ko] - (7.5.5.0) - C:\Windows\System32\MaxxAudioRenderAVX64.dll [MD5.D5F1490A24F91E838C1ECBD601619D4F] - |A| - [21/10/2020 18:56:13] - (.© Waves Audio Ltd. - MaxxSpeech APO.) - [1303.1 Ko] - (1.1.4.0) - C:\Windows\System32\MaxxSpeechAPO64.dll [MD5.CFE357DBB63E9B936E88253A2BA99326] - |A| - [21/10/2020 18:56:13] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [976.41 Ko] - (2.6.2.0) - C:\Windows\System32\MaxxVoiceAPO2064.dll [MD5.B820ED6498F8246F8BB1D4496A80EA8D] - |A| - [21/10/2020 18:56:14] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [12815.02 Ko] - (3.1.14.0) - C:\Windows\System32\MaxxVoiceAPO3064.dll [MD5.76E6BD12233C8CD59524A2B5685D46BD] - |A| - [21/10/2020 18:56:14] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [12683.92 Ko] - (4.0.19.0) - C:\Windows\System32\MaxxVoiceAPO4064.dll [MD5.ADFBDA58D830421CBF456CAAED17BBAD] - |A| - [21/10/2020 18:56:14] - (.© Waves Audio Ltd. - MaxxVolumeSD APO.) - [661.78 Ko] - (3.6.0.0) - C:\Windows\System32\MaxxVolumeSDAPO.dll [MD5.65735234BE6F70E5BA10F12364B1041B] - |A| - [29/04/2021 16:04:39] - (.-.) - [1136.5 Ko] - (0.0.0.0) - C:\Windows\System32\MBR2GPT.EXE [MD5.CF17A39BA7D1D1E386FD0C1303642B91] - |A| - [16/05/2020 18:56:39] - (.-.) - [20.71 Ko] - (0.0.0.0) - C:\Windows\System32\MDA_NTDRV.sys [MD5.F23EB28468FC8B62AF941308EC30387F] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\Windows\System32\MediaSystemToastIcon.contrast-white.png [MD5.6E27512E38D598E0A60F8E5ADCF032CD] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.83 Ko] - (0.0.0.0) - C:\Windows\System32\MediaSystemToastIcon.png [MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [07/12/2019 11:08:07] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\Windows\System32\MediumRoom.bin [MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [07/12/2019 11:10:11] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\Windows\System32\MixedRealityRuntime.json [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [07/12/2019 11:14:56] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\Windows\System32\mmc.exe.config [MD5.B43E43FFFDD0F06A6925C7C89594042B] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.35 Ko] - (0.0.0.0) - C:\Windows\System32\MouseSystemToastIcon.contrast-white.png [MD5.5D2F0D3E50BF1129D260AC1405FF2A18] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\Windows\System32\MouseSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [06/09/2019 08:55:59] - [0 Ko] - C:\Windows\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45.5 Ko] - C:\Windows\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [4148.28 Ko] - C:\Windows\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [21.37 Ko] - C:\Windows\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45.64 Ko] - C:\Windows\System32\my-mm [MD5.A5F6BAD51954412EA3466982F152390D] - |A| - [21/10/2020 19:31:25] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [5462.41 Ko] - (6.3.9600.17246) - C:\Windows\System32\NAHIMICAPOlfx.dll [MD5.B83705EEB9854460FA851032B2406226] - |A| - [21/10/2020 19:31:25] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO Settings Communication Dll.) - [980.22 Ko] - (1.0.0.14866) - C:\Windows\System32\NahimicAPONSControl.dll [MD5.695F2F1363FC3744EA858D615E56AE5E] - |A| - [21/10/2020 19:31:25] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [5799.61 Ko] - (6.3.9600.17246) - C:\Windows\System32\NAHIMICV2apo.dll [MD5.FDB46F3504C40F6ED9739BC2ED0E7A9C] - |A| - [21/10/2020 19:31:25] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [6312.27 Ko] - (3.5.292.58785) - C:\Windows\System32\NAHIMICV3apo.dll [MD5.74FDEEAC0C0C0F62F4D0D484A36DA23A] - |A| - [07/12/2019 11:08:44] - (.-.) - [30.09 Ko] - (0.0.0.0) - C:\Windows\System32\NarratorControlTemplates.xml [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [408.5 Ko] - C:\Windows\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [640 Ko] - C:\Windows\System32\NDF [MD5.29AAAFF7673A269E214A6878FA3F105D] - |A| - [02/11/2020 18:05:05] - (.-.) - [58.14 Ko] - (0.0.0.0) - C:\Windows\System32\NetSetupMig.log [MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [07/12/2019 11:09:48] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml [MD5.0E2D5DA1C7A1A97E46172AC33AD354EC] - |A| - [07/12/2019 11:09:48] - (.-.) - [70.5 Ko] - (0.0.0.0) - C:\Windows\System32\nettraceex.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [51 Ko] - C:\Windows\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [436.5 Ko] - C:\Windows\System32\nl-NL [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [3781.5 Ko] - C:\Windows\System32\Nui [MD5.C87478087BFE8E9A292439354E1DFB78] - |A| - [03/09/2019 15:07:51] - (.-.) - [9303.79 Ko] - (0.0.0.0) - C:\Windows\System32\nvcoproc.bin [MD5.4C384A7B16DDB0D1A3472F410D781BE9] - |A| - [01/06/2021 11:42:34] - (.-.) - [59.88 Ko] - (0.0.0.0) - C:\Windows\System32\nvinfo.pb [MD5.899151C9FD2B15F0E2446C6A4CD106A6] - |A| - [01/06/2021 11:43:10] - (.-.) - [662.77 Ko] - (0.0.0.0) - C:\Windows\System32\nvofapi64.dll [MD5.D55B689DF6269B40E170EAFBCC0C34C4] - |A| - [02/11/2020 12:44:19] - (.-.) - [20.42 Ko] - (0.0.0.0) - C:\Windows\System32\OEMDefaultAssociations.xml [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.contrast-black.png [MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.contrast-white.png [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [25735.88 Ko] - C:\Windows\System32\oobe [MD5.00000000000000000000000000000000] - |D| - [04/11/2019 16:14:17] - [0.03 Ko] - C:\Windows\System32\oodag [MD5.2AD7B4F3C8D2BB686D231EDFF404B7A4] - |A| - [01/10/2019 15:30:35] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [120.02 Ko] - (6.14.357.24) - C:\Windows\System32\OpenAL32.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:51:31] - [3625 Ko] - C:\Windows\System32\OpenSSH [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [3.81 Ko] - C:\Windows\System32\osa-Osge-001 [MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [07/12/2019 11:08:07] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\Windows\System32\OutdoorAudioEnvironment.bin [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1724.83 Ko] - C:\Windows\System32\PerceptionSimulation [MD5.2CC316B147F912B89CF8A1BFBA433FEA] - |A| - [07/12/2019 11:17:25] - (.-.) - [163.43 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat [MD5.ADE4BA6E5177FEEDB357DBC641316C42] - |A| - [07/12/2019 16:50:23] - (.-.) - [188.88 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00C.dat [MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [07/12/2019 11:17:25] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat [MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [07/12/2019 16:50:23] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00C.dat [MD5.036CD477965546ECF38B6C9ADBEF1969] - |A| - [07/12/2019 11:17:25] - (.-.) - [776.43 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat [MD5.7348BD80E91CC76EBF2908CC3C170F5F] - |A| - [07/12/2019 16:50:23] - (.-.) - [878.94 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00C.dat [MD5.9EBAB23B549EEDBA66BBFC4844C4531B] - |A| - [02/11/2020 18:18:19] - (.-.) - [2008.09 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI [MD5.79D34E3B62076D4C875C748F5BE71ECA] - |A| - [07/12/2019 11:08:05] - (.-.) - [2.21 Ko] - (0.0.0.0) - C:\Windows\System32\PhoneSystemToastIcon.contrast-white.png [MD5.4D9495349D00D9AD907F227FF51F289F] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.92 Ko] - (0.0.0.0) - C:\Windows\System32\PhoneSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [436 Ko] - C:\Windows\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [456 Ko] - C:\Windows\System32\PointOfService [MD5.686E760C5AEA12E78A85B617B76D99A9] - |A| - [14/01/2021 15:26:55] - (.-.) - [3776.41 Ko] - (0.0.0.0) - C:\Windows\System32\PortChanger.exe [MD5.7700A1F5ECACFB07A92C5960448AFAB8] - |A| - [07/12/2019 11:08:28] - (.-.) - [43 Ko] - (0.0.0.0) - C:\Windows\System32\pospaymentsworker.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:21] - [420.74 Ko] - C:\Windows\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\ProximityToast [MD5.007893E8374C766471239EB291BA8C17] - |A| - [07/12/2019 11:08:19] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\Windows\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [430 Ko] - C:\Windows\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [432 Ko] - C:\Windows\System32\pt-PT [MD5.920166B5E924E9F69CF61A49E03F5EF4] - |A| - [03/03/2021 18:23:34] - (.©2012 Dolby Laboratories. - Dolby PCEE4 ASL Analog x64.) - [136.4 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EEA64A.dll [MD5.2BFF246A8ADE9B8D8BBD6E5A83A32B84] - |A| - [03/03/2021 18:23:34] - (.©2012 Dolby Laboratories. - Dolby PCEE4 COM DLL x64.) - [442.57 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EED64A.dll [MD5.C3FC3AD460E0C978A8D5BF85C412A629] - |A| - [03/03/2021 18:23:36] - (.©2012 Dolby Laboratories. - Dolby PCEE4 GFX APO x64.) - [87.95 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EEG64A.dll [MD5.A731698B8D748161A01BF4D3994C05BA] - |A| - [03/03/2021 18:23:38] - (.©2012 Dolby Laboratories. - Dolby PCEE4 LFX APO x64.) - [153.58 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EEL64A.dll [MD5.0657F3EBBB927A6BF459219F65587313] - |A| - [03/03/2021 18:23:18] - (.©2012 Dolby Laboratories. - Dolby PCEE4 Control Panel x64.) - [7010.12 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EEP64A.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.75 Ko] - C:\Windows\System32\ras [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\RasToast [MD5.7852D37790807E55BD71A65183E0F1ED] - |A| - [27/06/2021 13:02:44] - (.-.) - [2315.5 Ko] - (1.0.2104.14003) - C:\Windows\System32\rdpnano.dll [MD5.42577ED1BA5199ADD53E1186EC4E28A4] - |A| - [13/01/2021 11:37:54] - (.-.) - [72.5 Ko] - (0.0.0.0) - C:\Windows\System32\rdsxvmaudio.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2.14 Ko] - C:\Windows\System32\Recovery [MD5.826549DF7B1333179BA8CA939B12DAD3] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.58 Ko] - (0.0.0.0) - C:\Windows\System32\RemoteSystemToastIcon.contrast-white.png [MD5.B4DEEC96F9DF6961D5DE054F11BF9C2B] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\Windows\System32\RemoteSystemToastIcon.png [MD5.C6CA43573C21CA6392F57F238C8391FC] - |A| - [20/03/2020 20:34:23] - (.-.) - [39.45 Ko] - (0.0.0.0) - C:\Windows\System32\Repository.reg [MD5.19B5EEEC29F044451D5E8E89B1BE6F5E] - |A| - [07/12/2019 11:09:33] - (.-.) - [110.5 Ko] - (0.0.0.0) - C:\Windows\System32\ResBParser.dll [MD5.31924C8E78CDBD81DA7905E87B185387] - |A| - [07/12/2019 11:09:54] - (.-.) - [9.35 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriHMImageList [MD5.5504F7F27D0AB178346D643D444A612C] - |A| - [07/12/2019 11:09:54] - (.-.) - [8.98 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriHMImageListLowCost [MD5.85CF16AF388AE12AAE3E48A883C17A06] - |A| - [07/12/2019 11:09:54] - (.-.) - [8.77 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriImageList [MD5.1391FB4E005C208A35E77DF6F3F055E2] - |A| - [07/12/2019 11:09:54] - (.-.) - [8.49 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriImageListLowCost [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.contrast-black.png [MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.contrast-white.png [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.png [MD5.AE9FE55FED83149715734CB83339055A] - |A| - [07/12/2019 11:08:39] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\Windows\System32\RestartTonight_80.png [MD5.AE9FE55FED83149715734CB83339055A] - |A| - [07/12/2019 11:08:39] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\Windows\System32\RestartTonight_80_contrast-black.png [MD5.891AD355AB777A95695FC8A8A623A614] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.98 Ko] - (0.0.0.0) - C:\Windows\System32\RestartTonight_80_contrast-white.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.07 Ko] - C:\Windows\System32\restore [MD5.732EC42ECE25A1B15E2A800A43603B0D] - |A| - [03/03/2021 18:23:42] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [319.52 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DAA64.dll [MD5.4119FF12683B5FCEC712ED1DC319DA6E] - |A| - [03/03/2021 18:23:44] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [319.52 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DHT64.dll [MD5.C2F6AA705F07EA3093DC8900FAFCCC76] - |A| - [03/03/2021 18:23:58] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [215.14 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEED64A.dll [MD5.64D1587E968E492BCF67FBB7389778A8] - |A| - [03/03/2021 18:24:00] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [91.63 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEG64A.dll [MD5.EC1E63FACD0DBE669A6C85E08DFA01F1] - |A| - [03/03/2021 18:24:02] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [113.73 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEL64A.dll [MD5.1CEECE2D86A505716A3BE444770295FD] - |A| - [03/03/2021 18:24:02] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [383.56 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEP64A.dll [MD5.FF82597A4B863A46083998B955772DD1] - |A| - [27/06/2021 13:02:26] - (.-.) - [59.5 Ko] - (0.0.0.0) - C:\Windows\System32\runexehelper.exe [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [07/12/2019 11:10:32] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.contrast-black.png [MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.contrast-white.png [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.png [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [07/12/2019 11:08:41] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\System32\settings.dat [MD5.0E2EF15B745C8D8A742A9C56DD3CB763] - |A| - [03/03/2021 18:24:32] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFAPO.DLL.) - [86.14 Ko] - (3.0.0.16) - C:\Windows\System32\SFAPO64.dll [MD5.3C7092EBCD1F2580F67FAFFD6A973D9E] - |A| - [03/03/2021 18:24:36] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFCOM.DLL.) - [88.68 Ko] - (3.0.0.16) - C:\Windows\System32\SFCOM64.dll [MD5.4CEAB2D497CC0C681D4DE613B7B7642A] - |A| - [03/03/2021 18:24:42] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFNHK.DLL.) - [226.4 Ko] - (3.0.0.16) - C:\Windows\System32\SFNHK64.dll [MD5.373DE6F8293CF420CBA9579137F98B48] - |A| - [03/03/2021 18:24:48] - (.Copyright (C) 2018 DTS, Inc. - DTS Universal APO DLL.) - [1084.08 Ko] - (3.5.18.0) - C:\Windows\System32\sl3apo64.dll [MD5.25DD801A5E1052655D78075788A57B68] - |A| - [03/03/2021 18:24:50] - (.Copyright (C) 2018 DTS, Inc. - DTS APO Controller DLL.) - [3364.88 Ko] - (3.5.18.0) - C:\Windows\System32\slcnt64.dll [MD5.00000000000000000000000000000000] - |D| - [02/11/2020 18:05:03] - [19898.67 Ko] - C:\Windows\System32\SleepStudy [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:21] - [52.14 Ko] - C:\Windows\System32\slmgr [MD5.8BCFFEBD11A93EF5E9B1037A90F1A458] - |A| - [03/03/2021 18:23:42] - (.TODO: (c) . - TODO: .) - [260.22 Ko] - (1.0.0.1) - C:\Windows\System32\slprp64.dll [MD5.49AC73533EC648A06708ADCF224C27C2] - |A| - [03/03/2021 18:25:02] - (.Copyright (C) 2018 DTS, Inc. - DTS APO Technology DLL.) - [3094.02 Ko] - (3.5.18.0) - C:\Windows\System32\sltech64.dll [MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [07/12/2019 11:08:07] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\Windows\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [16692.02 Ko] - C:\Windows\System32\SMI [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.contrast-black.png [MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.contrast-white.png [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.png [MD5.DE3EAAF17BC934C77C4FC0C626EEA03B] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.48 Ko] - (0.0.0.0) - C:\Windows\System32\SpeakersSystemToastIcon.contrast-white.png [MD5.3308374DB8D20CFDA4D4204E2B5E559E] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\Windows\System32\SpeakersSystemToastIcon.png [MD5.6DB032025BD266E5A3A52259F57F9247] - |A| - [07/12/2019 11:09:51] - (.-.) - [40 Ko] - (0.0.0.0) - C:\Windows\System32\SpectrumSyncClient.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7625.3 Ko] - C:\Windows\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [12470.18 Ko] - C:\Windows\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [98074.63 Ko] - C:\Windows\System32\spool [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [29314.43 Ko] - C:\Windows\System32\spp [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.6 Ko] - C:\Windows\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [339 Ko] - C:\Windows\System32\sr-Latn-RS [MD5.F7B392B6137AE5E8B5A580943D2BB8D5] - |A| - [03/03/2021 18:25:08] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRAPO.DLL.) - [456.1 Ko] - (4.0.0.59) - C:\Windows\System32\SRAPO64.dll [MD5.2A9F1167596FD3940C00559F2BF9CEFD] - |A| - [03/03/2021 18:25:10] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [333.05 Ko] - (4.0.0.59) - C:\Windows\System32\SRCOM.dll [MD5.7BCF94BCFCB0D8CA7D3E506956B68BF3] - |A| - [03/03/2021 18:25:14] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [372.36 Ko] - (4.0.0.59) - C:\Windows\System32\SRCOM64.dll [MD5.BA7D4E5FAE64BD0403C7F7E91CD93F77] - |A| - [07/12/2019 11:09:54] - (.-.) - [11.03 Ko] - (0.0.0.0) - C:\Windows\System32\srms-apr-v.dat [MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [07/12/2019 11:09:54] - (.-.) - [19.03 Ko] - (0.0.0.0) - C:\Windows\System32\srms-apr.dat [MD5.67894C70461ABD4EF6C116637EBB218A] - |A| - [07/12/2019 11:09:45] - (.-.) - [58.16 Ko] - (0.0.0.0) - C:\Windows\System32\srms.dat [MD5.2E6F11EC908A05921E6FBC857BE3D92A] - |A| - [03/03/2021 18:25:16] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRRPTR.DLL.) - [1401.4 Ko] - (4.0.0.59) - C:\Windows\System32\SRRPTR64.dll [MD5.C482859169811ADB89AD3B0C99645343] - |A| - [03/03/2021 18:25:16] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [213.05 Ko] - (1.1.0.0) - C:\Windows\System32\SRSHP64.dll [MD5.91D389C64C6F214CFEF7AB5219574716] - |A| - [03/03/2021 18:25:18] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [225.19 Ko] - (1.1.4.0) - C:\Windows\System32\SRSTSH64.dll [MD5.3E8CA06D787A2F6733F1B33FB0D3338C] - |A| - [03/03/2021 18:25:20] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [528.33 Ko] - (3.2.0.0) - C:\Windows\System32\SRSTSX64.dll [MD5.12457FB4F8E89BE1D4BCCCA8EC4BF8E1] - |A| - [03/03/2021 18:25:22] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [170.73 Ko] - (1.1.3.0) - C:\Windows\System32\SRSWOW64.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [33368 Ko] - C:\Windows\System32\sru [MD5.862E9C75593E9BB1A90961975276F7FE] - |A| - [13/01/2021 11:37:50] - (.-.) - [444.5 Ko] - (0.0.0.0) - C:\Windows\System32\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [415 Ko] - C:\Windows\System32\sv-SE [MD5.20C4FE2B130D9F0C92D7629E71AFBB66] - |A| - [07/12/2019 11:10:18] - (.-.) - [1.68 Ko] - (0.0.0.0) - C:\Windows\System32\SyncAppvPublishingServer.vbs [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1435.49 Ko] - C:\Windows\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [938.28 Ko] - C:\Windows\System32\SystemResetPlatform [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [8.16 Ko] - C:\Windows\System32\ta-in [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10.73 Ko] - C:\Windows\System32\ta-lk [MD5.4D188B08E9274E1360062B22E88A2F3F] - |A| - [07/12/2019 11:09:34] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [52 Ko] - (3.3.2.0) - C:\Windows\System32\tar.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [731.16 Ko] - C:\Windows\System32\Tasks [MD5.00000000000000000000000000000000] - |D| - [03/09/2019 15:51:16] - [649.79 Ko] - C:\Windows\System32\Tasks_Migrated [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [07/12/2019 11:09:05] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini [MD5.518F44081E6F4B3236CBF4FB17E41F9B] - |A| - [27/06/2021 13:02:18] - (.-.) - [2208 Ko] - (0.0.0.0) - C:\Windows\System32\TextInputMethodFormatter.dll [MD5.74B20E14C597763501A603ED2DA2AD65] - |A| - [14/03/2021 20:14:34] - (.-.) - [690.45 Ko] - (0.0.0.0) - C:\Windows\System32\TextShaping.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [318.5 Ko] - C:\Windows\System32\th-TH [MD5.CF7677327BE3C6395B9F3333CC0F1C15] - |A| - [09/12/2020 17:17:33] - (.-.) - [1.34 Ko] - (0.0.0.0) - C:\Windows\System32\ThirdPartyNoticesBySHS.txt [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5.97 Ko] - C:\Windows\System32\ti-et [MD5.7C0C26F888AAA61DB3C69E9FD4612AF1] - |A| - [03/03/2021 18:25:28] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Audio Source Filtering APO.) - [832.06 Ko] - (2.1.1.0) - C:\Windows\System32\tosasfapo64.dll [MD5.2A6C4212F84EE445CBFB8D448EA350A5] - |A| - [03/03/2021 18:25:30] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Earphone Audio Enhancement APO.) - [436.59 Ko] - (2.1.0.0) - C:\Windows\System32\toseaeapo64.dll [MD5.6AD0EB960155BE1AC3DD063533333B66] - |A| - [03/03/2021 18:25:30] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Speaker Audio Enhancement APO.) - [1306.19 Ko] - (2.1.1.0) - C:\Windows\System32\tossaeapo64.dll [MD5.AE78FF3956B522481A5FFEED4C1C2B61] - |A| - [03/03/2021 18:25:32] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Speaker Audio Enhancement Maximizer.) - [590.52 Ko] - (1.1.2.0) - C:\Windows\System32\tossaemaxapo64.dll [MD5.DD2C06FF7F8B7014B105ECE968BB8114] - |A| - [16/06/2021 16:22:35] - (.-.) - [266 Ko] - (0.0.0.0) - C:\Windows\System32\TpmTool.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [398.5 Ko] - C:\Windows\System32\tr-TR [MD5.B88B8D017386A00D7724519F475317A0] - |A| - [07/12/2019 11:08:13] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\Windows\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [07/12/2019 11:08:13] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\Windows\System32\TransformPPSToWlanCredentials.xslt [MD5.D200497DD3A24F138123F0EB6C385D1D] - |A| - [07/12/2019 11:10:19] - (.-.) - [0.14 Ko] - (0.0.0.0) - C:\Windows\System32\UevAppMonitor.exe.config [MD5.4AAEE8D86EC81DA2A1514ABC77E71F57] - |A| - [07/12/2019 11:10:19] - (.-.) - [3.34 Ko] - (0.0.0.0) - C:\Windows\System32\UevCustomActionTypes.tlb [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [337 Ko] - C:\Windows\System32\uk-UA [MD5.8CDD866E0707A71952FBA8BE899B7512] - |A| - [02/11/2020 12:32:07] - (.-.) - [63.04 Ko] - (0.0.0.0) - C:\Windows\System32\umpdc.dll [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [2196.59 Ko] - C:\Windows\System32\UNP [MD5.8ADD5935D83D0A425C39E369520C4095] - |A| - [07/12/2019 11:08:37] - (.-.) - [48 Ko] - (0.0.0.0) - C:\Windows\System32\UsbPmApi.dll [MD5.46A6DF60907700A148D42CCF1219522E] - |A| - [07/12/2019 11:08:39] - (.-.) - [38.5 Ko] - (0.0.0.0) - C:\Windows\System32\usocoreps.dll [MD5.8F2BB1C3E83DC8A2FEB8D00025F36CAE] - |A| - [29/04/2021 16:04:55] - (.-.) - [150 Ko] - (0.0.0.0) - C:\Windows\System32\uwfcfgmgmt.dll [MD5.F10D7687066575AA6947720F4EDCCB2A] - |A| - [29/04/2021 16:04:55] - (.-.) - [153.5 Ko] - (0.0.0.0) - C:\Windows\System32\uwfcsp.dll [MD5.C2C9BB5DD8F2A32DEE6CCA87447DDD67] - |A| - [07/12/2019 11:10:21] - (.-.) - [31 Ko] - (0.0.0.0) - C:\Windows\System32\uwfservicingapi.dll [MD5.1E630731AFDFC63DEC4074301D342E4B] - |A| - [07/12/2019 11:08:09] - (.-.) - [36.5 Ko] - (0.0.0.0) - C:\Windows\System32\VhfUm.dll [MD5.A10725A4632FFFEAE250E09ADA553F94] - |A| - [13/01/2021 11:42:24] - (.-.) - [93.5 Ko] - (0.0.0.0) - C:\Windows\System32\VirtualMonitorManager.dll [MD5.1F1FE19BC54C75E568646327F6D99C1A] - |A| - [04/04/2020 18:59:01] - (.Copyright © 1998-2019 VMware, Inc. - VSockets Library.) - [45.3 Ko] - (9.8.16.0) - C:\Windows\System32\vsocklib.dll [MD5.3FBDF161CEE5BD62FED19BFAFD6915EC] - |A| - [01/06/2021 11:42:34] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [1069.23 Ko] - (1.2.162.0) - C:\Windows\System32\vulkan-1-999-0-0-0.dll [MD5.3FBDF161CEE5BD62FED19BFAFD6915EC] - |A| - [01/06/2021 11:42:34] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [1069.23 Ko] - (1.2.162.0) - C:\Windows\System32\vulkan-1.dll [MD5.C2FE68B91C42410EF4348A17523F0EAB] - |A| - [01/06/2021 11:42:32] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1811.71 Ko] - (1.2.162.0) - C:\Windows\System32\vulkaninfo-1-999-0-0-0.exe [MD5.C2FE68B91C42410EF4348A17523F0EAB] - |A| - [01/06/2021 11:42:32] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1811.71 Ko] - (1.2.162.0) - C:\Windows\System32\vulkaninfo.exe [MD5.2A2446E35A9747E2CD9AF1552F876281] - |A| - [21/10/2020 18:56:19] - (.Copyright © 1996-2012 - General Library for Plug-Ins.) - [2061.13 Ko] - (4.4.5.0) - C:\Windows\System32\WavesGUILib64.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [129039.04 Ko] - C:\Windows\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:22] - [0 Ko] - C:\Windows\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [103781.7 Ko] - C:\Windows\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [07/12/2019 11:08:46] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml [MD5.1D64ACF3675288CC086E6361EAC748C4] - |A| - [07/12/2019 11:08:52] - (.-.) - [144.51 Ko] - (0.0.0.0) - C:\Windows\System32\Win32AppSettingsProvider.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1.12 Ko] - C:\Windows\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [50263.29 Ko] - C:\Windows\System32\WinBioPlugIns [MD5.3F376202BE6A0EC0C866D97ED2E0F16D] - |A| - [16/06/2021 16:22:40] - (.-.) - [642.05 Ko] - (0.0.0.0) - C:\Windows\System32\WindowManagementAPI.dll [MD5.E9CA21D71E952448B75C45B2467E4DE7] - |A| - [07/12/2019 11:08:27] - (.-.) - [123 Ko] - (0.0.0.0) - C:\Windows\System32\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [11890.52 Ko] - C:\Windows\System32\WindowsPowerShell [MD5.28E98ED0B6B08B7F1D163FFD184B28AF] - |A| - [07/12/2019 11:08:41] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\Windows\System32\WindowsSecurityIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [245576 Ko] - C:\Windows\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6278.84 Ko] - C:\Windows\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:22] - [107.56 Ko] - C:\Windows\System32\winrm [MD5.1B46E2E85D401A629966A8F62D9B0775] - |A| - [07/12/2019 11:08:12] - (.-.) - [9.91 Ko] - (0.0.0.0) - C:\Windows\System32\wpcatltoast.png [MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [07/12/2019 11:08:12] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\Windows\System32\wpcmon.png [MD5.69FEC1494F4C454E994D27CA6750832B] - |A| - [07/12/2019 11:08:49] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\Windows\System32\wpr.config.xml [MD5.549347BCD4AACD63243D78E8F869DBB1] - |A| - [01/10/2019 15:30:35] - (.Copyright © 2008 - OpenAL32.) - [455.52 Ko] - (2.2.0.5) - C:\Windows\System32\wrap_oal.dll [MD5.C8A7EAA0B83E05DDD11F37A833F754AC] - |A| - [07/12/2019 11:08:21] - (.-.) - [83 Ko] - (0.0.0.0) - C:\Windows\System32\xboxgipsynthetic.dll [MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.61 Ko] - (0.0.0.0) - C:\Windows\System32\X_80.contrast-black.png [MD5.6FF92221AF9D6CDF0966C4E44C367975] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.57 Ko] - (0.0.0.0) - C:\Windows\System32\X_80.contrast-white.png [MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.61 Ko] - (0.0.0.0) - C:\Windows\System32\X_80.png [MD5.5C5A797761421CF9B72087F3BC8A5259] - |A| - [01/07/2021 15:54:48] - (.-.) - [0.18 Ko] - (0.0.0.0) - C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat [MD5.1373F6562D5E4C715D5D3583E350093E] - |A| - [24/04/2021 15:58:29] - (.-.) - [0.2 Ko] - (0.0.0.0) - C:\Windows\System32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat [MD5.CB34082AFF4A730C070F2AEF8876095E] - |A| - [04/12/2019 18:56:35] - (.-.) - [1 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\%TMP% [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:22] - [0 Ko] - C:\Windows\SysWOW64\0409 [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [07/12/2019 11:09:21] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [07/12/2019 11:09:21] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [07/12/2019 11:09:26] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [07/12/2019 11:09:32] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@VpnToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [07/12/2019 11:09:15] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@WirelessDisplayToast.png [MD5.4AA5BC316BA4BD02D3754F241B95C6E5] - |A| - [25/10/2019 14:29:24] - (.-.) - [2.03 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\AbBakConfig.dat [MD5.14305F7451C6C8B8DB354314EFDB0776] - |A| - [12/02/2021 15:48:41] - (.-.) - [87.22 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\acedrv08.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1864.83 Ko] - C:\Windows\SysWOW64\AdvancedInstallers [MD5.E556115BD4E751178310F842E457CA22] - |A| - [09/12/2020 17:18:01] - (.-.) - [10.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\agentactivationruntimestarter.exe [MD5.F340ACEFDE6977E5543E010DA30358E4] - |A| - [13/01/2015 17:46:56] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [61.5 Ko] - (8.14.10.23) - C:\Windows\SysWOW64\amdpcom32.dll [MD5.D0C50C113FE59C21AD59932E6B9C202F] - |A| - [06/05/2021 10:15:11] - (.-.) - [37.42 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ampa.sys [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [174 Ko] - C:\Windows\SysWOW64\ar-SA [MD5.DDE41441FE1A8A540354DA849E3FBC79] - |A| - [07/12/2019 11:09:57] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [519.5 Ko] - (3.3.2.0) - C:\Windows\SysWOW64\archiveint.dll [MD5.CBF72628D880D56840307C223198910D] - |A| - [13/01/2015 16:40:28] - (.Copyright (c) ATI Technologies Inc. 2003-2009 - ati2edxx.) - [42.5 Ko] - (6.14.10.2514) - C:\Windows\SysWOW64\ati2edxx.dll [MD5.A4A01BBE4D19A54DE508F1FA039BFFF0] - |A| - [13/01/2015 16:20:56] - (.Copyright (C) 2008-2011 Advanced Micro Devices, Inc. - ADL.) - [356 Ko] - (6.14.10.1104) - C:\Windows\SysWOW64\atiadlxy.dll [MD5.B077E31C9D0B2838F8FB8B25612F01CC] - |A| - [13/01/2015 16:42:54] - (.-.) - [240.19 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atiapfxx.blb [MD5.28793DA7FD344392A06A5A9E08F51C1F] - |A| - [13/01/2015 16:26:36] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [43.5 Ko] - (6.14.10.1734) - C:\Windows\SysWOW64\aticalcl.dll [MD5.4C6CBFF17DCDFE47A74DD4D102FDDBE9] - |A| - [13/01/2015 16:24:46] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [13088 Ko] - (6.14.10.1734) - C:\Windows\SysWOW64\aticaldd.dll [MD5.4E997BB404F3E7B50B6E9EF23867327F] - |A| - [13/01/2015 16:26:40] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [45 Ko] - (6.14.10.1734) - C:\Windows\SysWOW64\aticalrt.dll [MD5.A12C44B6411B9A3F433D9E87DC308330] - |A| - [13/01/2015 17:45:54] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx32.dll.) - [907.95 Ko] - (8.17.10.1129) - C:\Windows\SysWOW64\aticfx32.dll [MD5.CB4F561B62637E1B60F0B698EFDB38D8] - |A| - [13/01/2015 17:45:46] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx32.dll.) - [6692.65 Ko] - (8.17.10.436) - C:\Windows\SysWOW64\atidxx32.dll [MD5.AB4F17D81B4F7A7B9A2F4C3C5D9D54B2] - |A| - [13/01/2015 16:20:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [32.5 Ko] - (8.14.1.6264) - C:\Windows\SysWOW64\atigktxx.dll [MD5.A7CB20638E8A29E0B96979DD069D43A7] - |A| - [13/01/2015 16:20:50] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [14.5 Ko] - (8.14.1.6264) - C:\Windows\SysWOW64\atiglpxx.dll [MD5.F340ACEFDE6977E5543E010DA30358E4] - |A| - [13/01/2015 17:46:56] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [61.5 Ko] - (8.14.10.23) - C:\Windows\SysWOW64\atimpc32.dll [MD5.F43E3F2184163EDF1B21421908C15C1E] - |A| - [13/01/2015 16:39:54] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [19125.5 Ko] - (6.14.10.11672) - C:\Windows\SysWOW64\atioglxx.dll [MD5.64A0869F18560CD529120ADE00155C3E] - |A| - [12/09/2011 22:06:18] - (.-.) - [3.83 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atipblag.dat [MD5.5C0BABCEB99AEDFB2E52DEF43C26AF9F] - |A| - [13/01/2015 17:45:58] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [37.86 Ko] - (8.14.1.6264) - C:\Windows\SysWOW64\atiu9pag.dll [MD5.D73596C02376DF4350C9D233439F3030] - |A| - [13/01/2015 17:45:32] - (.Copyright (C) 1998-2011 AMD Inc. - atiumdag.dll.) - [6135.37 Ko] - (7.14.10.911) - C:\Windows\SysWOW64\atiumdag.dll [MD5.37B421E9F13F66B589100015A74747E7] - |A| - [13/01/2015 17:46:42] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [1931.88 Ko] - (7.14.10.184) - C:\Windows\SysWOW64\atiumdmv.dll [MD5.A1DBE1B3A9C5F38306BD68B008ADDCA3] - |A| - [13/01/2015 16:22:32] - (.-.) - [2785.63 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atiumdva.cap [MD5.67375135E87DE6803CE53D75F79CCBBB] - |A| - [13/01/2015 17:45:38] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [4670.86 Ko] - (8.14.10.359) - C:\Windows\SysWOW64\atiumdva.dll [MD5.6530C048C609AC7B5FFD1DD121EE53B9] - |A| - [13/01/2015 17:46:34] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [47.41 Ko] - (8.14.1.6264) - C:\Windows\SysWOW64\atiuxpag.dll [MD5.A3843B5810BE3B314D5D5E3B93E82AA7] - |A| - [13/01/2015 16:25:00] - (.-.) - [26.3 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ativvsnl.dat [MD5.CFBA17101E04BBCDA5E50CC8A92CEBB0] - |A| - [13/01/2015 16:25:00] - (.-.) - [0.02 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ativvsny.dat [MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [13/01/2015 16:25:00] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [13/01/2015 16:25:00] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ativvsvl.dat [MD5.00000000000000000000000000000000] - |D| - [26/06/2021 14:55:04] - [0 Ko] - C:\Windows\SysWOW64\BestPractices [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [147.5 Ko] - C:\Windows\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.1 Ko] - C:\Windows\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\catroot [MD5.6A021B290D913525F2F7225462172690] - |A| - [02/11/2019 12:43:58] - (.(c)1998-2011 Codejock Software, - Xtreme Suite ActiveX Control Module.) - [1837.99 Ko] - (15.0.1.0) - C:\Windows\SysWOW64\Codejock.Controls.v15.0.1.ocx [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [316.5 Ko] - C:\Windows\SysWOW64\Com [MD5.6545DE4EF5217AA2FFC7FFD27725A971] - |A| - [09/12/2020 17:18:01] - (.-.) - [235 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\CoreMas.dll [MD5.143E8397FADA79F10389711B08A5BA43] - |A| - [06/02/2021 18:28:58] - (.-.) - [19.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\cpuinf32.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [206 Ko] - C:\Windows\SysWOW64\cs-CZ [MD5.4329254E74AD91D047E3CEDCC7C138C3] - |A| - [07/12/2019 11:09:57] - (.© 1996 - 2017 Daniel Stenberg, . - The curl executable.) - [377.5 Ko] - (7.55.1.0) - C:\Windows\SysWOW64\curl.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [207 Ko] - C:\Windows\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [229 Ko] - C:\Windows\SysWOW64\de-DE [MD5.C1684AACAAD62889ACFCA988AA46562D] - |A| - [07/12/2019 11:09:15] - (.-.) - [28.83 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\DefaultAccountTile.png [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [188 Ko] - C:\Windows\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7599.52 Ko] - C:\Windows\SysWOW64\Dism [MD5.7775978DA5DC07CCCAA79B1FB712C780] - |A| - [12/02/2021 15:46:56] - (.© PoINT Software & Systems GmbH 1994-2006 - API of PoINT CD/DVD Audio/Video SDK.) - [476 Ko] - (6.0.0.108) - C:\Windows\SysWOW64\DLLAV32.dll [MD5.B542E1BBB193304986A2782E96919D3C] - |A| - [12/02/2021 15:46:56] - (.-.) - [13.85 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\DLLAV32.lib [MD5.3CF5D6F462D385BF3A26BA60A0459F67] - |A| - [12/02/2021 15:46:56] - (.© PoINT Software & Systems GmbH 1994-2002 - API of PoINT CDarchive.) - [112 Ko] - (3.3.0.70) - C:\Windows\SysWOW64\DLLCDA32.dll [MD5.435EBFA51632D4ACC7368F751597A86C] - |A| - [12/02/2021 15:46:56] - (.Copyright © PoINT Software & Systems GmbH 1994-2002 - PoINT Shared DLL.) - [60 Ko] - (3.0.0.24) - C:\Windows\SysWOW64\DLLCDF32.dll [MD5.5E2532A48ABB83BAA9D19E3500B45380] - |A| - [12/02/2021 15:46:56] - (.© PoINT Software & Systems GmbH 1994-2006 - PoINT Shared DLL.) - [92 Ko] - (3.7.0.136) - C:\Windows\SysWOW64\DLLCPY32.dll [MD5.6AC20E21984B912F6982FFEF8EBBEB13] - |A| - [12/02/2021 15:46:56] - (.© PoINT Software & Systems GmbH 1994-2006 - PoINT Shared DLL.) - [160 Ko] - (3.7.0.254) - C:\Windows\SysWOW64\DLLDEV32.dll [MD5.9B108B6A630027763CD9EB28AB06992B] - |A| - [12/02/2021 15:46:56] - (.© PoINT Software & Systems GmbH 1994-2001 - PoINT Shared DLL.) - [32 Ko] - (3.0.0.10) - C:\Windows\SysWOW64\DLLDIR32.dll [MD5.3B588D13B0C68F4AD341342B8B244725] - |A| - [12/02/2021 15:46:56] - (.© PoINT Software & Systems GmbH 1994-2006 - PoINT Shared DLL.) - [148 Ko] - (3.7.0.332) - C:\Windows\SysWOW64\DLLDRV32.dll [MD5.1903B46D93ED6E1ED5A41954FA21870F] - |A| - [12/02/2021 15:46:56] - (.Copyright © PoINT Software & Systems GmbH 1994-2001 - PoINT Shared DLL.) - [44 Ko] - (3.0.0.10) - C:\Windows\SysWOW64\DLLIMG32.dll [MD5.A7CC0D4909C673704484EA735642DBA8] - |A| - [12/02/2021 15:46:56] - (.© PoINT Software & Systems GmbH 1994-2006 - PoINT Shared DLL.) - [52 Ko] - (3.1.0.86) - C:\Windows\SysWOW64\DLLIO32.dll [MD5.D41CD97D3A7B3DAF632C9335710162A0] - |A| - [12/02/2021 15:46:56] - (.Copyright © PoINT Software & Systems GmbH 1994-2002 - PoINT Shared DLL.) - [32 Ko] - (3.0.0.11) - C:\Windows\SysWOW64\DLLISO32.dll [MD5.82D1CAC671A80EB542B4428F072D7548] - |A| - [12/02/2021 15:46:56] - (.© PoINT Software & Systems GmbH 1995-2000 - PoINT Shared DLL.) - [24 Ko] - (3.0.0.7) - C:\Windows\SysWOW64\DLLIX.dll [MD5.69C3A42D62622DC14200D2F0531B7171] - |A| - [12/02/2021 15:46:56] - (.© PoINT Software & Systems GmbH 1995-2000 - PoINT Shared DLL.) - [32 Ko] - (3.0.0.11) - C:\Windows\SysWOW64\DLLMSC32.dll [MD5.C6CC1155A6CDAE463E9085727383C6D6] - |A| - [12/02/2021 15:46:56] - (.Copyright © PoINT Software & Systems GmbH 1994-2005 - PoINT Shared DLL.) - [36 Ko] - (3.0.0.44) - C:\Windows\SysWOW64\DLLPNT32.dll [MD5.32D596876B43B44FC4A2BFCC379CE6D2] - |A| - [12/02/2021 15:46:56] - (.© PoINT Software & Systems GmbH 1994-2002 - PoINT Shared DLL.) - [48 Ko] - (3.1.0.34) - C:\Windows\SysWOW64\DLLPRF32.dll [MD5.B4455EF6F773C790ECBAAD93F719C1FE] - |A| - [12/02/2021 15:46:56] - (.Copyright © PoINT Software & Systems GmbH 1994-2001 - PoINT Shared DLL.) - [52 Ko] - (3.0.0.17) - C:\Windows\SysWOW64\DLLPRJ32.dll [MD5.BE5E9E3646D1EC21B9CD75895FE90B36] - |A| - [12/02/2021 15:46:56] - (.Copyright © PoINT Software & Systems GmbH 1994-2002 - PoINT Shared DLL.) - [64 Ko] - (3.0.0.23) - C:\Windows\SysWOW64\DLLPTL32.dll [MD5.8EF0C1253D47A158D3023F1292A5E293] - |A| - [12/02/2021 15:46:56] - (.© PoINT Software & Systems GmbH 1994-2003 - PoINT CDread API.) - [40 Ko] - (2.1.0.104) - C:\Windows\SysWOW64\DLLRD32.dll [MD5.63E34A8666D80101F6DC8CC9CC61685A] - |A| - [12/02/2021 15:46:56] - (.PoINT Software & Systems GmbH 1994-2006 - PoINT Shared DLL.) - [184 Ko] - (3.0.0.143) - C:\Windows\SysWOW64\DLLRES32.dll [MD5.B2BCA1AAACFD7C7656F58ECF5C6569AC] - |A| - [12/02/2021 15:46:56] - (.Copyright © PoINT Software & Systems GmbH 1994-2002 - PoINT Shared DLL.) - [56 Ko] - (3.1.0.31) - C:\Windows\SysWOW64\DLLTPO32.dll [MD5.34229AF74E5E3942CB114B408285F6E4] - |A| - [09/12/2019 17:14:33] - (.Copyright (C) 2017 - GL Icon Dll.) - [3108.72 Ko] - (1.0.0.0) - C:\Windows\SysWOW64\GLCRIcon.dll [MD5.B873A5ABCFBC42B1BAC9EBE8741C6162] - |A| - [07/12/2019 16:51:24] - (.Copyright (C) 2019 - Gracenote SDK component.) - [244 Ko] - (3.9.511.0) - C:\Windows\SysWOW64\gnsdk_fp.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.01 Ko] - C:\Windows\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [166 Ko] - C:\Windows\SysWOW64\he-IL [MD5.DF0C9C776F8367E213210FB256AC30EC] - |A| - [13/01/2021 11:40:13] - (.-.) - [230 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [142.5 Ko] - C:\Windows\SysWOW64\hr-HR [MD5.AD15BB3A8973A1118386B87289E22322] - |A| - [13/01/2021 11:42:08] - (.-.) - [99.32 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\HvsiManagementApi.dll [MD5.8226A1A91F01432A0CB10CAABF1B9C6D] - |A| - [16/06/2021 16:23:03] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Combined Library.) - [1820.5 Ko] - (64.2.0.0) - C:\Windows\SysWOW64\icu.dll [MD5.FB475B41189AACF1C607C1E9DC0EBB0B] - |RA| - [07/12/2019 11:09:18] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N Forwarder DLL.) - [24 Ko] - (64.2.0.0) - C:\Windows\SysWOW64\icuin.dll [MD5.B17445D0DF2C22C924899B5DF8E84475] - |RA| - [07/12/2019 11:09:18] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common Forwarder DLL.) - [28.5 Ko] - (64.2.0.0) - C:\Windows\SysWOW64\icuuc.dll [MD5.08040E0BBF8CE1E9CFA7DC99AFFEBB7F] - |A| - [12/02/2021 15:46:42] - (.Copyright © 1997-1998 Blue Sky Software - INETWH32.) - [48 Ko] - (7.0.133.0) - C:\Windows\SysWOW64\INETWH32.dll [MD5.C1CCDE650BF91A3B1D07DC5494D4276F] - |A| - [20/01/2020 12:03:39] - (.Freeware - inpout32/64.) - [96 Ko] - (1.5.0.0) - C:\Windows\SysWOW64\inpout32.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [215 Ko] - C:\Windows\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1160 Ko] - C:\Windows\SysWOW64\InstallShield [MD5.8C01DAE6A063115149B6EAACB09163F7] - |A| - [16/04/2021 18:31:28] - (.Copyright © The Khronos Group Inc 2014 - OpenCL Client DLL.) - [92.9 Ko] - (2.0.2.0) - C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\Ipmi [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [216.5 Ko] - C:\Windows\SysWOW64\it-IT [MD5.A33A845BE0995C660E591778A3DB5B26] - |N| - [20/02/2021 18:43:37] - (.-.) - [55.5 Ko] - (1.20.15.1) - C:\Windows\SysWOW64\iyvu9_32.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [154 Ko] - C:\Windows\SysWOW64\ja-JP [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10192.95 Ko] - C:\Windows\SysWOW64\Keywords [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [154.5 Ko] - C:\Windows\SysWOW64\ko-KR [MD5.535779909A40B42F4F3E48598F5778A5] - |A| - [13/09/2020 09:59:10] - (.2002-2009 S. Meyer; 2010 T. Robinson - libusb-win32 - DLL.) - [66.09 Ko] - (1.2.6.0) - C:\Windows\SysWOW64\libusb0.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [625.17 Ko] - C:\Windows\SysWOW64\Licenses [MD5.1F552EC27C24A82850A568107E376E7A] - |A| - [12/02/2021 15:46:56] - (.-.) - [27.16 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mgxcdr.txt [MD5.90E2A01B74EB1FDCCB4384F6CF2B6FF1] - |A| - [12/02/2021 15:47:14] - (.Copyright © 2003-2006 MAGIX AG - mgxoschk.) - [648 Ko] - (1.33.0.187) - C:\Windows\SysWOW64\mgxoschk.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [3167.94 Ko] - C:\Windows\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [816.8 Ko] - C:\Windows\SysWOW64\migwiz [MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [07/12/2019 11:10:14] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\MixedRealityRuntime.json [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [07/12/2019 11:15:00] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mmc.exe.config [MD5.A9A368F6C0E443012C7D423B683C508B] - |A| - [12/02/2021 15:46:56] - (.Copyright (C) 2006 - MAGIX Restore.) - [420 Ko] - (2.0.5.9) - C:\Windows\SysWOW64\MXRestore.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [205.5 Ko] - C:\Windows\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [51 Ko] - C:\Windows\SysWOW64\networklist [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [215.5 Ko] - C:\Windows\SysWOW64\nl-NL [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [3781.5 Ko] - C:\Windows\SysWOW64\Nui [MD5.8D0B0B7C8F0AADAA66DA453121B618F1] - |A| - [01/06/2021 11:42:54] - (.-.) - [533.28 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\nvofapi.dll [MD5.B3B9C8925432FDA674ACCA908FE3CFDE] - |A| - [07/12/2019 11:10:14] - (.-.) - [36.79 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\OneDrive.ico [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [761.33 Ko] - C:\Windows\SysWOW64\oobe [MD5.235355A8DD26903E75D5E812ECF50E53] - |A| - [01/10/2019 15:30:35] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [106.52 Ko] - (6.14.357.24) - C:\Windows\SysWOW64\OpenAL32.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [79.5 Ko] - C:\Windows\SysWOW64\PerceptionSimulation [MD5.5F9864D93F405B368C38817EEE506423] - |A| - [01/12/2019 21:43:20] - (.-.) - [1944.08 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [217 Ko] - C:\Windows\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:22] - [420.74 Ko] - C:\Windows\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [17/05/2020 10:53:15] - [0 Ko] - C:\Windows\SysWOW64\Profiles [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [215 Ko] - C:\Windows\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [215.5 Ko] - C:\Windows\SysWOW64\pt-PT [MD5.00000000000000000000000000000000] - |D| - [21/01/2021 19:24:21] - [179.5 Ko] - C:\Windows\SysWOW64\QuickTime [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.75 Ko] - C:\Windows\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\RasToast [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.82 Ko] - C:\Windows\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\restore [MD5.AEEE52A9962AE32A0AE59B6D3CC4993B] - |A| - [07/06/2020 16:49:28] - (.-.) - [0.2 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\secustat.dat [MD5.2A9F1167596FD3940C00559F2BF9CEFD] - |A| - [03/03/2021 18:25:10] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [333.05 Ko] - (4.0.0.59) - C:\Windows\SysWOW64\SRCOM.dll [MD5.BA7D4E5FAE64BD0403C7F7E91CD93F77] - |A| - [07/12/2019 11:10:05] - (.-.) - [11.03 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\srms-apr-v.dat [MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [07/12/2019 11:10:05] - (.-.) - [19.03 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\srms-apr.dat [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\sru [MD5.BDC53957962AFBEBE6A25EF941C261B3] - |A| - [13/01/2021 11:39:49] - (.-.) - [323 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ssdm.dll [MD5.B331F90A8198EBC93AFB6511D76891F4] - |A| - [12/02/2021 15:46:56] - (.© PoINT Software & Systems GmbH 1994-2005 - PoINT Shared DLL.) - [32 Ko] - (3.0.0.20) - C:\Windows\SysWOW64\STRING32.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [207.5 Ko] - C:\Windows\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:22] - [0 Ko] - C:\Windows\SysWOW64\sysprep [MD5.4B26D4CD5CD5F7B074E31793979F17C5] - |A| - [07/12/2019 11:09:57] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [42.5 Ko] - (3.3.2.0) - C:\Windows\SysWOW64\tar.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\Tasks [MD5.5C678F08A307A26636D2A00E49E76FF3] - |A| - [13/01/2021 11:40:18] - (.-.) - [1302.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\TextInputMethodFormatter.dll [MD5.9CEDDB7AB658F4AC4C4F1757098278C3] - |A| - [14/03/2021 20:14:43] - (.-.) - [597.61 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\TextShaping.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [129 Ko] - C:\Windows\SysWOW64\th-TH [MD5.F6F4828A0DAF74F06AB2AC749267FD84] - |A| - [16/06/2021 16:22:58] - (.-.) - [218.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\TpmTool.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [201 Ko] - C:\Windows\SysWOW64\tr-TR [MD5.1DA32728F808D41F380193B6B21B14C2] - |A| - [12/02/2021 15:46:56] - (.Copyright © PoINT Software & Systems GmbH 1994-2000 - PoINT Shared DLL.) - [24 Ko] - (3.0.0.2) - C:\Windows\SysWOW64\TTI32.dll [MD5.AB024EFED92D5A91DDCC9577FD5A3A9C] - |A| - [12/02/2021 15:46:56] - (.Copyright © PoINT Software & Systems GmbH 1994-2000 - PoINT Shared DLL.) - [24 Ko] - (3.0.0.2) - C:\Windows\SysWOW64\TTIC32.dll [MD5.01E96A85B337B702AE2BC7F838AE7B65] - |A| - [07/12/2019 11:10:22] - (.-.) - [3.34 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\UevCustomActionTypes.tlb [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [145 Ko] - C:\Windows\SysWOW64\uk-UA [MD5.7E0273A51BDD51DFB58F905C8F501061] - |A| - [02/11/2020 12:35:41] - (.-.) - [46.36 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\umpdc.dll [MD5.1779D3BA6CC66F222281FB1B86DBC64C] - |A| - [04/04/2020 18:59:01] - (.Copyright © 1998-2019 VMware, Inc. - VSockets Library.) - [41.3 Ko] - (9.8.16.0) - C:\Windows\SysWOW64\vsocklib.dll [MD5.382A52458F0A9DA235E484EB099D4269] - |A| - [01/06/2021 11:43:20] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [926.71 Ko] - (1.2.162.0) - C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll [MD5.382A52458F0A9DA235E484EB099D4269] - |A| - [01/06/2021 11:43:20] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [926.71 Ko] - (1.2.162.0) - C:\Windows\SysWOW64\vulkan-1.dll [MD5.3502E7967EC64681BB8EDB186698C966] - |A| - [01/06/2021 11:42:54] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1402.21 Ko] - (1.2.162.0) - C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe [MD5.3502E7967EC64681BB8EDB186698C966] - |A| - [01/06/2021 11:42:54] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1402.21 Ko] - (1.2.162.0) - C:\Windows\SysWOW64\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [17015.27 Ko] - C:\Windows\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:22] - [0 Ko] - C:\Windows\SysWOW64\WCN [MD5.A22B636328327A4EA6F6AB3F48A5B5B1] - |A| - [16/06/2021 16:23:03] - (.-.) - [457.46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\WindowManagementAPI.dll [MD5.BEDEDB102316C696D36F0D4331E1C2AE] - |A| - [07/12/2019 11:09:17] - (.-.) - [104.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10793.84 Ko] - C:\Windows\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6278.98 Ko] - C:\Windows\SysWOW64\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:22] - [107.56 Ko] - C:\Windows\SysWOW64\winrm [MD5.9B97988EE4B35896EB4673C8F9329643] - |A| - [05/11/2020 11:54:43] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\winsevr.dat [MD5.D494267BC169604FAC5E3679B9A97FED] - |A| - [01/10/2019 15:30:35] - (.Copyright © 2008 - OpenAL32.) - [434.52 Ko] - (2.2.0.5) - C:\Windows\SysWOW64\wrap_oal.dll [MD5.7A015A6F199516A06C5AFB56FEE7AC51] - |A| - [07/12/2019 11:09:17] - (.-.) - [59 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xboxgipsynthetic.dll [MD5.69EB905EEDE8BB7995BCD337B511C153] - |A| - [16/12/2019 21:20:08] - (.-.) - [108.01 Ko] - (1.3.2.15) - C:\Windows\SysWOW64\xcdsfx32.bin [MD5.47086109DF33378A73E15E25EE6A2D20] - |A| - [16/12/2019 21:20:08] - (.Copyright © 2001-2003 Xceed Software Inc. - Xceed Encryption Library.) - [513.85 Ko] - (1.1.108.0) - C:\Windows\SysWOW64\XceedCry.dll [MD5.044BEBA65BA31E1CA1FFC8CBBEF78F3E] - |A| - [16/12/2019 21:20:08] - (.Copyright © 1996-2003 Xceed Software Inc. - Xceed Zip Compression Library.) - [445.84 Ko] - (5.1.5062.0) - C:\Windows\SysWOW64\XCEEDZIP.DLL [MD5.00000000000000000000000000000000] - |D| - [02/11/2020 11:45:15] - [10.16 Ko] - C:\Windows\SysWOW64\XPSViewer [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [135.5 Ko] - C:\Windows\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [136 Ko] - C:\Windows\SysWOW64\zh-TW ---------- | [.android] [04/12/2019 16:23:01] - |A| - [1704] - C:\Users\jo\.android\adbkey [04/12/2019 16:23:01] - |A| - [716] - C:\Users\jo\.android\adbkey.pub [12/02/2021 19:03:19] - |AH| - [16] - C:\Users\jo\.android\mxfilerelatedcache.mxc2 ---------- | [.config] [12/02/2021 19:03:19] - |AH| - [16] - C:\Users\jo\.config\mxfilerelatedcache.mxc2 [06/01/2014 17:35:43] - |D| - [1576] - C:\Users\jo\.config\QLandkarteGT ---------- | [.FNativeWebEngineExe] [12/02/2021 19:03:19] - |AH| - [16] - C:\Users\jo\.FNativeWebEngineExe\mxfilerelatedcache.mxc2 ---------- | [.fontconfig] [23/12/2013 15:55:15] - |A| - [1980896] - C:\Users\jo\.fontconfig\dd1fc1c4fa558a2b7330b3c9303add26-le32d8.cache-3 [12/02/2021 19:03:19] - |AH| - [16] - C:\Users\jo\.fontconfig\mxfilerelatedcache.mxc2 ---------- | [.LdVirtualBox] [12/02/2021 19:03:19] - |AH| - [16] - C:\Users\jo\.LdVirtualBox\mxfilerelatedcache.mxc2 [04/12/2019 16:20:33] - |A| - [141828] - C:\Users\jo\.LdVirtualBox\VBoxSVC.log ---------- | [.oracle_jre_usage] [21/08/2015 18:39:01] - |A| - [56] - C:\Users\jo\.oracle_jre_usage\48ac84126bcac2aa.timestamp [21/10/2015 13:00:56] - |A| - [56] - C:\Users\jo\.oracle_jre_usage\48ac84126bcac2af.timestamp [06/11/2015 09:55:18] - |A| - [56] - C:\Users\jo\.oracle_jre_usage\48ac84126bcac2b0.timestamp [20/01/2016 18:57:44] - |A| - [56] - C:\Users\jo\.oracle_jre_usage\48ac84126bcac2ca.timestamp [10/02/2016 22:41:05] - |A| - [56] - C:\Users\jo\.oracle_jre_usage\48ac84126bcac2cc.timestamp [22/02/2016 10:03:34] - |A| - [56] - C:\Users\jo\.oracle_jre_usage\48ac84126bcac2cd.timestamp [25/03/2016 09:45:22] - |A| - [56] - C:\Users\jo\.oracle_jre_usage\48ac84126bcac2d0.timestamp [21/04/2016 14:35:02] - |A| - [56] - C:\Users\jo\.oracle_jre_usage\48ac84126bcac308.timestamp [28/04/2016 09:06:10] - |A| - [56] - C:\Users\jo\.oracle_jre_usage\48ac84126bcac309.timestamp [24/07/2016 09:39:13] - |A| - [57] - C:\Users\jo\.oracle_jre_usage\cce3fe3b0d8d8002.timestamp [12/02/2021 19:03:19] - |AH| - [16] - C:\Users\jo\.oracle_jre_usage\mxfilerelatedcache.mxc2 ---------- | [.QtWebEngineProcess] [12/02/2021 19:03:19] - |AH| - [16] - C:\Users\jo\.QtWebEngineProcess\mxfilerelatedcache.mxc2 ---------- | [.rainlendar2] [25/06/2021 15:24:24] - |A| - [2667] - C:\Users\jo\.rainlendar2\alarms.ini [24/05/2016 21:12:34] - |D| - [160861] - C:\Users\jo\.rainlendar2\backups [28/05/2020 17:53:04] - |A| - [878] - C:\Users\jo\.rainlendar2\categories.ini [25/06/2021 15:24:25] - |A| - [55515] - C:\Users\jo\.rainlendar2\Default.ics [12/02/2021 19:03:19] - |AH| - [16] - C:\Users\jo\.rainlendar2\mxfilerelatedcache.mxc2 [01/07/2021 15:55:08] - |A| - [6484] - C:\Users\jo\.rainlendar2\rainlendar2.ini [24/05/2016 21:12:32] - |A| - [6978] - C:\Users\jo\.rainlendar2\rainlendar2.log [28/05/2020 17:51:02] - |A| - [35727] - C:\Users\jo\.rainlendar2\skincache.ini [31/03/2018 10:02:19] - |D| - [0] - C:\Users\jo\.rainlendar2\skins [26/06/2021 10:05:07] - |A| - [623] - C:\Users\jo\.rainlendar2\windows.ini ---------- | [.VirtualBox] [22/04/2020 17:13:19] - |A| - [427] - C:\Users\jo\.VirtualBox\HostInterfaceNetworking-VirtualBox Host-Only Ethernet Adapter-Dhcpd.leases [22/04/2020 17:12:26] - |A| - [427] - C:\Users\jo\.VirtualBox\HostInterfaceNetworking-VirtualBox Host-Only Ethernet Adapter-Dhcpd.leases-prev [21/04/2020 17:31:35] - |A| - [4565] - C:\Users\jo\.VirtualBox\HostInterfaceNetworking-VirtualBox Host-Only Ethernet Adapter-Dhcpd.log [12/02/2021 19:03:19] - |AH| - [16] - C:\Users\jo\.VirtualBox\mxfilerelatedcache.mxc2 [14/06/2021 16:51:23] - |A| - [11133865] - C:\Users\jo\.VirtualBox\Oracle_VM_VirtualBox_Extension_Pack-6.1.22.vbox-extpack [16/06/2021 14:35:10] - |A| - [888] - C:\Users\jo\.VirtualBox\selectorwindow.log [14/06/2021 16:51:18] - |A| - [1455] - C:\Users\jo\.VirtualBox\selectorwindow.log.1 [21/04/2021 14:03:24] - |A| - [2884] - C:\Users\jo\.VirtualBox\selectorwindow.log.10 [14/06/2021 16:45:23] - |A| - [887] - C:\Users\jo\.VirtualBox\selectorwindow.log.2 [28/05/2021 12:12:47] - |A| - [1886] - C:\Users\jo\.VirtualBox\selectorwindow.log.3 [05/05/2021 13:53:11] - |A| - [959] - C:\Users\jo\.VirtualBox\selectorwindow.log.4 [05/05/2021 13:48:25] - |A| - [887] - C:\Users\jo\.VirtualBox\selectorwindow.log.5 [05/05/2021 13:48:11] - |A| - [887] - C:\Users\jo\.VirtualBox\selectorwindow.log.6 [30/04/2021 15:09:41] - |A| - [887] - C:\Users\jo\.VirtualBox\selectorwindow.log.7 [23/04/2021 16:13:38] - |A| - [959] - C:\Users\jo\.VirtualBox\selectorwindow.log.8 [23/04/2021 15:44:02] - |A| - [1527] - C:\Users\jo\.VirtualBox\selectorwindow.log.9 [15/10/2019 18:11:32] - |A| - [214007] - C:\Users\jo\.VirtualBox\vbox-ssl-cacertificate.crt [16/06/2021 14:35:10] - |A| - [4368] - C:\Users\jo\.VirtualBox\VBoxSVC.log [14/06/2021 16:51:18] - |A| - [8807] - C:\Users\jo\.VirtualBox\VBoxSVC.log.1 [21/04/2021 13:58:11] - |A| - [4578] - C:\Users\jo\.VirtualBox\VBoxSVC.log.10 [14/06/2021 16:45:23] - |A| - [4766] - C:\Users\jo\.VirtualBox\VBoxSVC.log.2 [28/05/2021 12:12:47] - |A| - [7128] - C:\Users\jo\.VirtualBox\VBoxSVC.log.3 [05/05/2021 13:53:11] - |A| - [6501] - C:\Users\jo\.VirtualBox\VBoxSVC.log.4 [05/05/2021 13:48:11] - |A| - [4490] - C:\Users\jo\.VirtualBox\VBoxSVC.log.5 [30/04/2021 15:09:41] - |A| - [5481] - C:\Users\jo\.VirtualBox\VBoxSVC.log.6 [23/04/2021 16:13:38] - |A| - [5514] - C:\Users\jo\.VirtualBox\VBoxSVC.log.7 [23/04/2021 15:44:02] - |A| - [9890] - C:\Users\jo\.VirtualBox\VBoxSVC.log.8 [21/04/2021 14:03:24] - |A| - [15450] - C:\Users\jo\.VirtualBox\VBoxSVC.log.9 [16/06/2021 14:35:14] - |A| - [4384] - C:\Users\jo\.VirtualBox\VirtualBox.xml [16/06/2021 14:35:14] - |A| - [4237] - C:\Users\jo\.VirtualBox\VirtualBox.xml-prev ---------- | [3D Objects] [16/09/2015 09:46:19] - |A| - [192654] - C:\Users\jo\3D Objects\Bulldozer.3mf [16/09/2015 09:46:20] - |A| - [227638] - C:\Users\jo\3D Objects\Caboose car.3mf [16/09/2015 09:46:21] - |A| - [158247] - C:\Users\jo\3D Objects\Chess Set.3mf [16/09/2015 09:46:21] - |A| - [23039] - C:\Users\jo\3D Objects\Cone Shape.3mf [16/09/2015 09:46:21] - |A| - [9079] - C:\Users\jo\3D Objects\Cube Shape.3mf [16/09/2015 09:46:21] - |A| - [22750] - C:\Users\jo\3D Objects\Cylinder Shape.3mf [16/09/2015 09:46:19] - |ASH| - [298] - C:\Users\jo\3D Objects\desktop.ini [16/09/2015 09:46:20] - |A| - [189582] - C:\Users\jo\3D Objects\Gift Box.3mf [16/09/2015 09:46:20] - |A| - [305981] - C:\Users\jo\3D Objects\Gimble Keychain.3mf [16/09/2015 09:46:22] - |A| - [8239] - C:\Users\jo\3D Objects\Hexagon Shape.3mf [16/09/2015 09:46:20] - |A| - [53141] - C:\Users\jo\3D Objects\Keychain.3mf [16/09/2015 09:46:20] - |A| - [176493] - C:\Users\jo\3D Objects\Left Curve Track.3mf [30/01/2020 16:06:22] - |A| - [715] - C:\Users\jo\3D Objects\Musique - Raccourci.lnk [12/02/2021 19:03:19] - |AH| - [16] - C:\Users\jo\3D Objects\mxfilerelatedcache.mxc2 [16/09/2015 09:46:21] - |A| - [4721] - C:\Users\jo\3D Objects\Pyramid Shape.3mf [16/09/2015 09:46:20] - |A| - [147058] - C:\Users\jo\3D Objects\Right Curve Track.3mf [16/09/2015 09:46:20] - |A| - [119010] - C:\Users\jo\3D Objects\Ship in a Bottle.3mf [16/09/2015 09:46:20] - |A| - [211318] - C:\Users\jo\3D Objects\Space Shuttle.3mf [16/09/2015 09:46:21] - |A| - [136391] - C:\Users\jo\3D Objects\Sphere Shape.3mf [16/09/2015 09:46:20] - |A| - [236858] - C:\Users\jo\3D Objects\Split Track.3mf [16/09/2015 09:46:21] - |A| - [295552] - C:\Users\jo\3D Objects\Star Trophy.3mf [16/09/2015 09:46:20] - |A| - [128970] - C:\Users\jo\3D Objects\Straight Track.3mf [13/12/2015 10:47:08] - |A| - [17897] - C:\Users\jo\3D Objects\Tetrahedron Shape.3mf [16/09/2015 09:46:22] - |A| - [245346] - C:\Users\jo\3D Objects\Torus Shape.3mf [16/09/2015 09:46:21] - |A| - [169424] - C:\Users\jo\3D Objects\Track Connector.3mf [16/09/2015 09:46:20] - |A| - [306363] - C:\Users\jo\3D Objects\Train Engine.3mf [16/09/2015 09:46:21] - |A| - [232957] - C:\Users\jo\3D Objects\Trophy Cylinder.3mf [16/09/2015 09:46:22] - |A| - [5951] - C:\Users\jo\3D Objects\Wedge Shape.3mf [16/09/2015 09:46:20] - |A| - [117514] - C:\Users\jo\3D Objects\Windmill.3mf ---------- | [AppData] [02/11/2020 13:08:20] - |D| - [4495002914] - C:\Users\jo\AppData\Local [01/03/2015 11:03:47] - |D| - [78344979] - C:\Users\jo\AppData\LocalLow [12/02/2021 19:03:19] - |AH| - [16] - C:\Users\jo\AppData\mxfilerelatedcache.mxc2 [02/11/2020 13:08:20] - |D| - [21769269001] - C:\Users\jo\AppData\Roaming [02/12/2014 23:02:09] - |A| - [385] - C:\Users\jo\AppData\Roaminguser_gensett.xml [26/11/2014 10:04:36] - |D| - [1338] - C:\Users\jo\AppData\Temp ---------- | [Application Data] ---------- | [Compressed] [23/02/2020 16:42:22] - |A| - [107288636] - C:\Users\jo\Compressed\Auto.P.1642.rar [12/02/2021 19:03:19] - |AH| - [16] - C:\Users\jo\Compressed\mxfilerelatedcache.mxc2 ---------- | [Contacts] [01/03/2015 11:06:18] - |ASH| - [412] - C:\Users\jo\Contacts\desktop.ini [12/02/2021 19:03:19] - |AH| - [16] - C:\Users\jo\Contacts\mxfilerelatedcache.mxc2 ---------- | [Cookies] ---------- | [Desktop] [07/02/2021 12:59:15] - |A| - [244] - C:\Users\jo\Desktop\(1) Débloquer toutes les applications??du monde entier sur une smart tv Samsung smart hub store - YouTube.URL [02/07/2019 19:03:45] - |A| - [244] - C:\Users\jo\Desktop\(2) - Rakuten - Boutique de Dinad- - Produits - Achat et vente d'occasion ou neuf - DVD, VHS, Jeux Vidéo, Consoles, PC, CD, .URL [30/03/2021 11:31:11] - |A| - [115593] - C:\Users\jo\Desktop\adresse montage pneux.docx [15/11/2020 12:34:05] - |D| - [73852208] - C:\Users\jo\Desktop\album [06/05/2021 09:56:34] - |A| - [1383] - C:\Users\jo\Desktop\Any Video Converter Ultimate.lnk [01/07/2021 13:34:31] - |A| - [2574722] - C:\Users\jo\Desktop\backup-restore-0.95-portable.zip [30/06/2020 09:29:23] - |A| - [1470] - C:\Users\jo\Desktop\BitTorrent - Raccourci.lnk [04/03/2021 17:58:34] - |D| - [158091101] - C:\Users\jo\Desktop\Captvty [21/03/2021 21:42:42] - |A| - [561] - C:\Users\jo\Desktop\Ccleaner.txt [27/11/2019 21:18:22] - |A| - [424] - C:\Users\jo\Desktop\Ce PC - Raccourci.lnk [14/06/2021 16:08:34] - |D| - [1735256] - C:\Users\jo\Desktop\Changer lettre disque [07/01/2020 17:20:34] - |D| - [96806250] - C:\Users\jo\Desktop\Chez nous [01/07/2021 15:43:16] - |A| - [3279600] - C:\Users\jo\Desktop\Clean_Dns.exe [01/04/2018 11:32:40] - |A| - [2845462] - C:\Users\jo\Desktop\coin de pêche La Clère.docx [10/06/2015 19:23:12] - |A| - [12214] - C:\Users\jo\Desktop\courses et matériels week end enfants.docx [08/01/2020 15:49:39] - |A| - [2370] - C:\Users\jo\Desktop\Créer point de restauration.lnk [26/09/2013 13:24:27] - |SH| - [1242] - C:\Users\jo\Desktop\desktop.ini [07/12/2020 17:05:48] - |D| - [16] - C:\Users\jo\Desktop\dossier scan [10/10/2019 09:04:15] - |A| - [728] - C:\Users\jo\Desktop\dossiers - Raccourci.lnk [18/12/2019 11:33:51] - |A| - [50] - C:\Users\jo\Desktop\Driver booster pour 6 mois.txt [23/12/2019 15:08:21] - |A| - [60764] - C:\Users\jo\Desktop\Egaliser volume avec VLC.docx [16/04/2021 18:36:19] - |A| - [382] - C:\Users\jo\Desktop\Ethernet.lnk [18/10/2020 09:48:55] - |A| - [513] - C:\Users\jo\Desktop\Filet insecte de jardin de protection des plantes 2x10m Durable Prévention-CHE - Achat Vente paillage - voile Filet insecte .URL [15/04/2020 13:22:07] - |A| - [12324] - C:\Users\jo\Desktop\film.docx [10/10/2019 08:59:20] - |A| - [1237] - C:\Users\jo\Desktop\Folder Marker.lnk [06/09/2019 14:26:34] - |A| - [242] - C:\Users\jo\Desktop\Fontaines-Doix - accueil.URL [30/06/2021 21:04:08] - |D| - [81444] - C:\Users\jo\Desktop\forum [18/04/2021 09:26:27] - |A| - [286] - C:\Users\jo\Desktop\FUJITSU D3222-A12 GS2 Intel Q87 Mainboard Micro ATX Sockel 1150 #127378 - EUR 69,00 PicClick FR.URL [25/10/2020 11:24:04] - |A| - [1438] - C:\Users\jo\Desktop\gold_rush_california.exe - Raccourci.lnk [28/09/2013 14:28:59] - |RD| - [29800923] - C:\Users\jo\Desktop\icones masques [24/07/2018 16:12:57] - |D| - [6309] - C:\Users\jo\Desktop\Icones URL [16/05/2020 18:56:33] - |A| - [1071] - C:\Users\jo\Desktop\IM-Magic Partition Resizer Free.lnk [28/09/2020 13:09:24] - |A| - [281] - C:\Users\jo\Desktop\Inscriptions en ligne 1ère phase 20202021 - Google Sheets.URL [22/03/2021 09:40:35] - |A| - [12689] - C:\Users\jo\Desktop\IObit Driver Booster 8 à vie.docx [09/07/2020 15:04:09] - |A| - [25] - C:\Users\jo\Desktop\jeu.fr.txt [28/12/2019 10:58:47] - |A| - [1581911] - C:\Users\jo\Desktop\jeu.pdf [23/01/2016 11:55:15] - |RD| - [26420] - C:\Users\jo\Desktop\jeux [19/09/2019 15:09:58] - |D| - [919] - C:\Users\jo\Desktop\levure et sel nutritif [16/02/2020 11:34:13] - |D| - [1502] - C:\Users\jo\Desktop\Lien pour jeux [20/05/2020 16:05:15] - |RD| - [1902270] - C:\Users\jo\Desktop\Logiciels de téléchargement [27/02/2021 20:05:00] - |A| - [307] - C:\Users\jo\Desktop\Maître Frank THELOT et VENDEE ENCHERES - FRANK THELOT, Commissaires-Priseurs Interencheres.com.URL [31/01/2020 12:41:29] - |A| - [2257] - C:\Users\jo\Desktop\Mettre en veille.lnk [21/06/2021 15:23:11] - |A| - [1037] - C:\Users\jo\Desktop\Movavi Video Editor Plus 2021.lnk [11/12/2020 12:47:51] - |A| - [1294] - C:\Users\jo\Desktop\Mozilla Thunderbird.lnk [12/02/2021 19:03:19] - |AH| - [16] - C:\Users\jo\Desktop\mxfilerelatedcache.mxc2 [24/09/2019 17:54:48] - |A| - [391] - C:\Users\jo\Desktop\Panneau de configuration - Raccourci.lnk [14/01/2020 11:27:50] - |A| - [253] - C:\Users\jo\Desktop\PC Astuces - Lancer des applications Android sur PC ou Mac.URL [05/02/2021 12:49:31] - |A| - [275] - C:\Users\jo\Desktop\PC Astuces - Libérer de l'espace sous Android.URL [04/04/2021 10:41:44] - |A| - [257] - C:\Users\jo\Desktop\PC Savegames - Télécharger des Sauvegardes pour jeux PC.URL [08/04/2021 09:11:07] - |A| - [9244160] - C:\Users\jo\Desktop\PDFCombiner.exe [05/04/2017 10:55:09] - |A| - [759] - C:\Users\jo\Desktop\photos jo.lnk [03/12/2018 16:23:31] - |A| - [13247] - C:\Users\jo\Desktop\pour connecter box IPTV.docx [01/07/2021 16:39:06] - |A| - [4542704] - C:\Users\jo\Desktop\QuickDiag_NoMSI.exe [03/09/2019 19:44:17] - |A| - [2006] - C:\Users\jo\Desktop\Rainlendar2.lnk [07/11/2019 10:41:24] - |A| - [111620] - C:\Users\jo\Desktop\restaurer thunderbird.docx [22/06/2021 12:15:32] - |A| - [60] - C:\Users\jo\Desktop\revouninstaller ( 1 an).txt [24/01/2021 19:50:46] - |A| - [481780] - C:\Users\jo\Desktop\rillettes de poulet.docx [03/02/2021 11:31:55] - |A| - [2186] - C:\Users\jo\Desktop\Rokkr.lnk [28/09/2013 15:02:12] - |D| - [8228] - C:\Users\jo\Desktop\sauve ccleaner [16/04/2020 18:39:11] - |D| - [1084885822] - C:\Users\jo\Desktop\Scrap [13/11/2020 13:13:09] - |A| - [12045] - C:\Users\jo\Desktop\serial bibliotheque.docx [21/08/2020 14:26:16] - |A| - [1449] - C:\Users\jo\Desktop\serial KeyScrambler.txt [12/06/2020 14:46:35] - |A| - [2889498] - C:\Users\jo\Desktop\statuts.pdf [01/07/2021 15:49:50] - |A| - [2056] - C:\Users\jo\Desktop\SumatraPDF.lnk [17/04/2019 13:21:18] - |A| - [14370] - C:\Users\jo\Desktop\Supprimer définitivement les applications préinstallées sur Android.docx [20/05/2020 16:03:30] - |RD| - [8466140] - C:\Users\jo\Desktop\Sécurité [19/04/2021 16:55:40] - |A| - [918] - C:\Users\jo\Desktop\Tennis de table - Raccourci.lnk [19/04/2021 17:28:59] - |A| - [754] - C:\Users\jo\Desktop\Tennis de table.cpf - Raccourci (2).lnk [14/02/2020 21:57:32] - |D| - [3327746885] - C:\Users\jo\Desktop\toomky [22/04/2018 12:21:35] - |A| - [129970] - C:\Users\jo\Desktop\tuto gps 2008.docx [03/09/2019 19:53:23] - |A| - [751] - C:\Users\jo\Desktop\Téléchargements -.lnk [28/09/2013 14:24:41] - |A| - [738] - C:\Users\jo\Desktop\téléchargements.lnk [20/05/2021 09:12:58] - |A| - [1192] - C:\Users\jo\Desktop\USB Safely Remove.lnk [20/08/2018 22:28:00] - |A| - [936] - C:\Users\jo\Desktop\Vidéos - Raccourci.lnk [16/05/2020 19:03:49] - |RD| - [1116] - C:\Users\jo\Desktop\VPN [03/02/2021 16:43:30] - |A| - [2258] - C:\Users\jo\Desktop\WATCHED lancer sans internet.lnk [08/07/2020 12:15:26] - |A| - [77] - C:\Users\jo\Desktop\WinToHDD Professional.txt [13/04/2021 09:54:47] - |A| - [222] - C:\Users\jo\Desktop\Wish - Acheter en s'amusant.URL [30/06/2021 22:01:28] - |A| - [3472536] - C:\Users\jo\Desktop\ZHPSuite.exe [30/06/2021 22:02:07] - |A| - [862] - C:\Users\jo\Desktop\ZHPSuite.lnk ---------- | [Documents] [08/09/2016 17:52:07] - |A| - [34735] - C:\Users\jo\Documents\2010-11-21 Noces rubis Annie et Jojo 041.jpg [09/11/2019 17:20:39] - |D| - [12380] - C:\Users\jo\Documents\abylonsoft [08/06/2019 16:29:37] - |D| - [804536] - C:\Users\jo\Documents\ANNO 2070 [12/02/2021 16:25:55] - |D| - [0] - C:\Users\jo\Documents\Any Video Converter Ultimate [03/02/2021 19:59:00] - |D| - [0] - C:\Users\jo\Documents\Apowersoft [19/01/2021 19:37:32] - |D| - [0] - C:\Users\jo\Documents\Audacity [02/09/2017 16:40:38] - |D| - [274051] - C:\Users\jo\Documents\Camtasia Studio [15/09/2020 14:34:34] - |D| - [0] - C:\Users\jo\Documents\DearMobiPhoneManager [26/09/2013 13:24:27] - |ASH| - [498] - C:\Users\jo\Documents\desktop.ini [06/11/2013 21:29:53] - |D| - [103338] - C:\Users\jo\Documents\Fax [18/12/2018 16:23:34] - |D| - [0] - C:\Users\jo\Documents\Freemake [15/09/2016 18:24:48] - |D| - [64083] - C:\Users\jo\Documents\HpReg_Backup [20/04/2018 21:07:48] - |D| - [32014] - C:\Users\jo\Documents\JeuxDeCartes [22/03/2020 13:31:41] - |D| - [0] - C:\Users\jo\Documents\Lara Croft and the Temple of Osiris [02/11/2020 13:08:21] - |SHD| - [0] - C:\Users\jo\Documents\Ma musique [12/02/2021 15:48:03] - |D| - [0] - C:\Users\jo\Documents\MAGIX Téléchargements [15/12/2014 17:48:17] - |D| - [1510927] - C:\Users\jo\Documents\maxibox [02/11/2020 13:08:21] - |SHD| - [0] - C:\Users\jo\Documents\Mes images [30/03/2014 10:34:45] - |SD| - [5166] - C:\Users\jo\Documents\Mes sources de données [02/11/2020 13:08:21] - |SHD| - [0] - C:\Users\jo\Documents\Mes vidéos [26/06/2021 15:09:20] - |RD| - [130] - C:\Users\jo\Documents\Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe!App [04/11/2017 15:41:29] - |D| - [0] - C:\Users\jo\Documents\Modèles Office personnalisés [12/02/2021 19:03:01] - |AH| - [16] - C:\Users\jo\Documents\mxfilerelatedcache.mxc2 [30/08/2019 11:36:37] - |SHD| - [0] - C:\Users\jo\Documents\My Music [30/08/2019 11:36:37] - |SHD| - [0] - C:\Users\jo\Documents\My Pictures [27/09/2013 19:07:14] - |D| - [0] - C:\Users\jo\Documents\My RoboForm Data [30/08/2019 11:36:37] - |SHD| - [0] - C:\Users\jo\Documents\My Videos [14/10/2013 20:30:16] - |RD| - [548043] - C:\Users\jo\Documents\Notes [23/02/2018 10:35:46] - |D| - [0] - C:\Users\jo\Documents\Password Depot [06/05/2021 10:10:58] - |D| - [940] - C:\Users\jo\Documents\PcSetup [05/11/2017 12:48:58] - |D| - [38490076] - C:\Users\jo\Documents\PCSX2 [08/11/2019 16:14:34] - |A| - [48] - C:\Users\jo\Documents\Playlist.spl [06/09/2018 16:19:02] - |D| - [0] - C:\Users\jo\Documents\Projets VideoPad [25/09/2020 15:02:53] - |D| - [0] - C:\Users\jo\Documents\RCT3 [30/09/2013 11:09:20] - |D| - [4440711] - C:\Users\jo\Documents\RegRun2 [01/04/2021 10:42:56] - |A| - [57344] - C:\Users\jo\Documents\Sauvegarde EasyBCD (2021-04-01).bcd [23/01/2018 19:22:04] - |RD| - [516505] - C:\Users\jo\Documents\Scanned Documents [08/11/2019 16:14:34] - |A| - [1148] - C:\Users\jo\Documents\settings.dat [01/11/2020 12:26:20] - |D| - [0] - C:\Users\jo\Documents\Shamanville_EarthHeart [08/11/2019 16:14:34] - |A| - [60] - C:\Users\jo\Documents\SingerPlaylist.spl [17/03/2016 20:04:14] - |SD| - [360] - C:\Users\jo\Documents\Sticky Passwords [10/12/2017 17:16:00] - |D| - [0] - C:\Users\jo\Documents\Streaming Audio Recorder [05/02/2018 10:52:30] - |D| - [48416184] - C:\Users\jo\Documents\Studio-Scrap [26/12/2020 19:26:52] - |A| - [247486] - C:\Users\jo\Documents\Transférer le disque dur d'installation de Windows sur un autre ordinateur ou pas .docx [08/11/2019 21:51:47] - |A| - [1189] - C:\Users\jo\Documents\updates.dat [18/12/2015 22:50:08] - |D| - [488] - C:\Users\jo\Documents\WonderFox Soft [02/02/2021 16:15:49] - |D| - [3569] - C:\Users\jo\Documents\Wondershare ---------- | [Downloads] [06/04/2021 08:51:41] - |A| - [782000] - C:\Users\jo\Downloads\2732_supprimer_applications_preinstallees.pdf [14/12/2019 18:45:22] - |D| - [820681024] - C:\Users\jo\Downloads\Android avec virtual box [20/05/2021 08:58:50] - |A| - [346636] - C:\Users\jo\Downloads\BDC Coop Chez Vous Mai-Sept 2021.pdf [07/11/2015 10:36:46] - |ASH| - [282] - C:\Users\jo\Downloads\desktop.ini [07/09/2020 10:12:54] - |D| - [188699200] - C:\Users\jo\Downloads\entretien 2008 [09/04/2021 10:32:57] - |A| - [2652816] - C:\Users\jo\Downloads\Ile D'yeu.pdf [11/11/2020 15:41:40] - |A| - [108811] - C:\Users\jo\Downloads\Mise à jour GPS.pdf [21/01/2021 18:19:26] - |D| - [40663428] - C:\Users\jo\Downloads\mp3 [12/02/2021 19:03:01] - |AH| - [16] - C:\Users\jo\Downloads\mxfilerelatedcache.mxc2 [01/05/2021 15:00:18] - |A| - [725307] - C:\Users\jo\Downloads\Notice_de_pose_Cloture_En_Kit.pdf [10/07/2020 18:36:41] - |A| - [40854] - C:\Users\jo\Downloads\PMASS_Assurances SMACL_Offre ASA_Tableau de Garanties(crédit agricole).pdf [31/03/2021 13:26:04] - |A| - [20251] - C:\Users\jo\Downloads\Pneuxonline.pdf [01/07/2021 15:31:43] - |A| - [9380520] - C:\Users\jo\Downloads\SumatraPDF-3.2-64-install.exe [26/12/2020 19:33:43] - |A| - [247489] - C:\Users\jo\Downloads\Transférer le disque dur d'installation de Windows sur un autre ordinateur ou pas .docx [17/04/2021 20:56:04] - |A| - [401179] - C:\Users\jo\Downloads\tuto carte mere bureau.pdf [08/04/2019 18:36:54] - |A| - [508596] - C:\Users\jo\Downloads\tuto pour mise à jour gps citroen smeg rt6.pdf [13/04/2020 09:24:48] - |A| - [1213126] - C:\Users\jo\Downloads\windows 10 32bits 64bits.pdf ---------- | [dwhelper] [11/03/2018 20:20:30] - |A| - [3882862] - C:\Users\jo\dwhelper\Greffe en fente d'un cerisier - YouTube-1.mkv [11/03/2018 20:28:01] - |A| - [34773222] - C:\Users\jo\dwhelper\Greffe en fente d'un cerisier - YouTube.mp4 [12/02/2021 19:03:01] - |AH| - [16] - C:\Users\jo\dwhelper\mxfilerelatedcache.mxc2 ---------- | [Favorites] [14/11/2017 10:46:19] - |D| - [4739] - C:\Users\jo\Favorites\Achat [14/11/2017 10:46:18] - |A| - [140] - C:\Users\jo\Favorites\Activation RoboForm.url [14/11/2017 10:46:18] - |A| - [131] - C:\Users\jo\Favorites\Ameli.url [14/11/2017 10:46:20] - |D| - [189] - C:\Users\jo\Favorites\belote [01/03/2015 11:06:14] - |A| - [208] - C:\Users\jo\Favorites\Bing.url [14/11/2017 10:46:18] - |A| - [213] - C:\Users\jo\Favorites\Bitdefender.url [14/11/2017 10:46:18] - |A| - [219] - C:\Users\jo\Favorites\Ca-prestations-sante.url [14/11/2017 10:46:18] - |A| - [137] - C:\Users\jo\Favorites\Contact Info.url [14/11/2017 10:46:18] - |A| - [128] - C:\Users\jo\Favorites\Creditmutuel.url [14/11/2017 10:46:18] - |A| - [116] - C:\Users\jo\Favorites\Deezer.url [26/09/2013 13:24:27] - |ASH| - [402] - C:\Users\jo\Favorites\desktop.ini [14/11/2017 10:46:19] - |A| - [114] - C:\Users\jo\Favorites\Doctolib jo.url [14/11/2017 10:46:20] - |D| - [345] - C:\Users\jo\Favorites\Débrideurs [14/11/2017 10:46:19] - |A| - [110] - C:\Users\jo\Favorites\E-leclerc.url [14/11/2017 10:46:19] - |A| - [160] - C:\Users\jo\Favorites\Edf.url [14/11/2017 10:46:19] - |A| - [106] - C:\Users\jo\Favorites\Enedis.url [19/12/2015 15:45:29] - |A| - [57] - C:\Users\jo\Favorites\Game Giveaway of the Day.url [30/09/2013 11:09:46] - |A| - [56] - C:\Users\jo\Favorites\Giveaway of the Day.url [14/11/2017 10:46:19] - |A| - [121] - C:\Users\jo\Favorites\Gpsunderground.url [14/11/2017 10:46:19] - |A| - [147] - C:\Users\jo\Favorites\gîte de france.url [14/11/2017 10:46:19] - |A| - [243] - C:\Users\jo\Favorites\Impots.url [14/11/2017 10:46:19] - |A| - [125] - C:\Users\jo\Favorites\Laboconnect jo.url [14/11/2017 10:46:19] - |A| - [159] - C:\Users\jo\Favorites\Lassuranceretraite Annie.url [14/11/2017 10:46:19] - |A| - [115] - C:\Users\jo\Favorites\Leboncoin.url [18/11/2015 14:43:12] - |RD| - [80] - C:\Users\jo\Favorites\Links [14/11/2017 10:46:20] - |D| - [1059] - C:\Users\jo\Favorites\Mail [14/11/2017 10:46:19] - |A| - [119] - C:\Users\jo\Favorites\Meteo.url [14/11/2017 10:46:19] - |A| - [104] - C:\Users\jo\Favorites\Mgen.url [12/02/2021 19:03:03] - |AH| - [16] - C:\Users\jo\Favorites\mxfilerelatedcache.mxc2 [14/11/2017 10:46:20] - |D| - [279] - C:\Users\jo\Favorites\Ouest france [14/11/2017 10:46:19] - |A| - [148] - C:\Users\jo\Favorites\Paypal.url [14/11/2017 10:46:19] - |A| - [122] - C:\Users\jo\Favorites\Photo-leclerc-cewe.url [14/11/2017 10:46:19] - |A| - [139] - C:\Users\jo\Favorites\Planet-series.url [14/11/2017 10:46:19] - |A| - [135] - C:\Users\jo\Favorites\Swoggi.url [14/11/2017 10:46:20] - |D| - [2781] - C:\Users\jo\Favorites\telechargements [14/11/2017 10:46:21] - |D| - [612] - C:\Users\jo\Favorites\TomTom [14/11/2017 10:46:19] - |A| - [107] - C:\Users\jo\Favorites\Trust.url [14/11/2017 10:46:19] - |A| - [193] - C:\Users\jo\Favorites\Vikings_ War of Clans.url [14/11/2017 10:46:19] - |A| - [123] - C:\Users\jo\Favorites\Xlabs-Annie.url [14/11/2017 10:46:19] - |A| - [123] - C:\Users\jo\Favorites\Xlabs-Jo.url ---------- | [jeu Assassin] [12/02/2021 19:03:03] - |AH| - [16] - C:\Users\jo\jeu Assassin\mxfilerelatedcache.mxc2 ---------- | [Links] [26/09/2013 13:24:28] - |SH| - [580] - C:\Users\jo\Links\desktop.ini [01/03/2015 11:06:19] - |A| - [521] - C:\Users\jo\Links\Desktop.lnk [16/10/2015 14:40:00] - |A| - [978] - C:\Users\jo\Links\Downloads.lnk [12/02/2021 19:03:03] - |AH| - [16] - C:\Users\jo\Links\mxfilerelatedcache.mxc2 [26/09/2013 13:24:28] - |A| - [383] - C:\Users\jo\Links\RecentPlaces.lnk ---------- | [Local Settings] ---------- | [Menu Démarrer] ---------- | [Mes documents] ---------- | [MicrosoftEdgeBackups] [08/12/2017 00:00:46] - |D| - [5255022] - C:\Users\jo\MicrosoftEdgeBackups\backups [12/02/2021 19:03:03] - |AH| - [16] - C:\Users\jo\MicrosoftEdgeBackups\mxfilerelatedcache.mxc2 ---------- | [Modèles] ---------- | [Music] [11/12/2017 15:32:50] - |D| - [0] - C:\Users\jo\Music\Apowersoft [15/09/2020 14:34:34] - |D| - [0] - C:\Users\jo\Music\DearMobiPhoneManager [18/11/2015 14:43:24] - |ASH| - [504] - C:\Users\jo\Music\desktop.ini [13/09/2020 10:21:51] - |D| - [3072] - C:\Users\jo\Music\iMobie [09/11/2019 14:32:19] - |D| - [0] - C:\Users\jo\Music\KantoPlayer [12/02/2021 19:03:01] - |AH| - [16] - C:\Users\jo\Music\mxfilerelatedcache.mxc2 [25/09/2020 15:02:53] - |D| - [0] - C:\Users\jo\Music\RCT3 ---------- | [My Drivers] [12/02/2021 19:03:01] - |AH| - [16] - C:\Users\jo\My Drivers\mxfilerelatedcache.mxc2 ---------- | [OneDrive] [06/06/2018 20:12:19] - |SH| - [93] - C:\Users\jo\OneDrive\desktop.ini [12/02/2021 19:03:01] - |AH| - [16] - C:\Users\jo\OneDrive\mxfilerelatedcache.mxc2 ---------- | [Pictures] [13/09/2020 10:21:50] - |D| - [16] - C:\Users\jo\Pictures\AnyTrans [14/01/2020 11:24:44] - |D| - [16] - C:\Users\jo\Pictures\BlueStacks [20/09/2015 09:23:29] - |RD| - [206] - C:\Users\jo\Pictures\Camera Roll [15/09/2020 14:34:34] - |D| - [16] - C:\Users\jo\Pictures\DearMobiPhoneManager [29/10/2013 19:54:32] - |ASH| - [504] - C:\Users\jo\Pictures\desktop.ini [12/02/2021 19:02:50] - |D| - [16] - C:\Users\jo\Pictures\Mes albums photos [01/03/2018 18:53:06] - |AH| - [101539] - C:\Users\jo\Pictures\Miniatures.dat [12/02/2021 19:02:56] - |AH| - [56756] - C:\Users\jo\Pictures\mxfilerelatedcache.mxc2 [19/11/2013 16:43:01] - |A| - [6049792] - C:\Users\jo\Pictures\P1000752.JPG [19/11/2013 16:43:02] - |A| - [5916160] - C:\Users\jo\Pictures\P1000755.JPG [19/11/2013 16:43:02] - |A| - [6113280] - C:\Users\jo\Pictures\P1000756.JPG [19/11/2013 16:43:02] - |A| - [5898240] - C:\Users\jo\Pictures\P1000758.JPG [19/11/2013 16:43:02] - |A| - [6411264] - C:\Users\jo\Pictures\P1000759.JPG [19/11/2013 16:43:02] - |A| - [6033920] - C:\Users\jo\Pictures\P1000760.JPG [19/11/2013 16:43:03] - |A| - [2196100] - C:\Users\jo\Pictures\P1000762.JPG [19/11/2013 16:43:03] - |A| - [6383616] - C:\Users\jo\Pictures\P1000763.JPG [19/11/2013 16:43:03] - |A| - [6302208] - C:\Users\jo\Pictures\P1000764.JPG [19/11/2013 16:43:03] - |A| - [6404096] - C:\Users\jo\Pictures\P1000765.JPG [19/11/2013 16:43:03] - |A| - [6528000] - C:\Users\jo\Pictures\P1000766.JPG [19/11/2013 16:43:04] - |A| - [6311424] - C:\Users\jo\Pictures\P1000768.JPG [19/11/2013 16:43:04] - |A| - [5974528] - C:\Users\jo\Pictures\P1000770.JPG [19/11/2013 16:43:05] - |A| - [2494603] - C:\Users\jo\Pictures\P1000771.JPG [19/11/2013 16:43:05] - |A| - [5254144] - C:\Users\jo\Pictures\P1000772.JPG [19/11/2013 16:43:06] - |A| - [6295552] - C:\Users\jo\Pictures\P1000773.JPG [25/09/2020 15:02:53] - |D| - [16] - C:\Users\jo\Pictures\RCT3 [20/09/2015 09:23:29] - |RD| - [206] - C:\Users\jo\Pictures\Saved Pictures [27/11/2020 18:47:53] - |RD| - [5145539] - C:\Users\jo\Pictures\Screenshots [19/04/2019 19:22:12] - |D| - [16] - C:\Users\jo\Pictures\Uplay ---------- | [Recent] ---------- | [Saved Games] [01/03/2015 11:06:19] - |ASH| - [282] - C:\Users\jo\Saved Games\desktop.ini [23/04/2018 08:39:27] - |D| - [203574] - C:\Users\jo\Saved Games\Flood Light Games [08/02/2020 17:16:48] - |D| - [3] - C:\Users\jo\Saved Games\mif2000's Hamlet [12/02/2021 19:03:03] - |AH| - [16] - C:\Users\jo\Saved Games\mxfilerelatedcache.mxc2 [28/04/2015 16:44:35] - |D| - [101348] - C:\Users\jo\Saved Games\Sandlot Games ---------- | [Searches] [03/09/2019 15:25:54] - |ASH| - [524] - C:\Users\jo\Searches\desktop.ini [03/09/2019 15:25:54] - |RAH| - [248] - C:\Users\jo\Searches\Everywhere.search-ms [03/09/2019 15:25:54] - |RAH| - [248] - C:\Users\jo\Searches\Indexed Locations.search-ms [12/02/2021 19:03:03] - |AH| - [16] - C:\Users\jo\Searches\mxfilerelatedcache.mxc2 [03/09/2019 15:28:27] - |A| - [859] - C:\Users\jo\Searches\winrt--{S-1-5-21-1042456299-3079880857-3127715329-1001}-.searchconnector-ms ---------- | [SendTo] ---------- | [Tracing] [12/02/2021 19:03:04] - |AH| - [16] - C:\Users\jo\Tracing\mxfilerelatedcache.mxc2 [14/01/2016 11:32:50] - |D| - [1335296] - C:\Users\jo\Tracing\WPPMedia ---------- | [Videos] [06/05/2021 10:01:37] - |D| - [806918676] - C:\Users\jo\Videos\Any Video Converter Ultimate [07/06/2019 11:46:28] - |D| - [0] - C:\Users\jo\Videos\AnyDesk [24/03/2020 11:28:48] - |RD| - [10413] - C:\Users\jo\Videos\Captures [15/09/2020 14:34:34] - |D| - [0] - C:\Users\jo\Videos\DearMobiPhoneManager [18/11/2015 14:43:24] - |ASH| - [504] - C:\Users\jo\Videos\desktop.ini [05/09/2019 15:23:02] - |D| - [0] - C:\Users\jo\Videos\Enregistrements Lync [22/11/2019 15:23:54] - |D| - [0] - C:\Users\jo\Videos\Mirror Videos [14/02/2021 21:47:04] - |D| - [635256099] - C:\Users\jo\Videos\Movavi Video Editor [13/02/2021 21:41:42] - |D| - [194382048] - C:\Users\jo\Videos\Movavi Video Editor Partner Edition [12/02/2021 19:03:04] - |AH| - [16] - C:\Users\jo\Videos\mxfilerelatedcache.mxc2 [25/09/2020 15:02:53] - |D| - [0] - C:\Users\jo\Videos\RCT3 ---------- | [VirtualBox VMs] [12/02/2021 19:03:04] - |AH| - [16] - C:\Users\jo\VirtualBox VMs\mxfilerelatedcache.mxc2 ---------- | [Voisinage d'impression] ---------- | [Voisinage réseau] ---------- | C:\ProgramData [03/05/2020 15:35:58] - |ASH| - [41] - C:\ProgramData\.zreglib [17/05/2020 10:53:04] - |D| - [0] - C:\ProgramData\1AVCenter [13/11/2020 17:09:27] - |D| - [0] - C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4 [04/09/2019 16:35:10] - |D| - [5853986] - C:\ProgramData\Adobe [18/09/2019 15:25:11] - |A| - [106548] - C:\ProgramData\agent.1568813104.bdinstall.v2.bin [03/09/2020 17:48:16] - |A| - [62684] - C:\ProgramData\agent.1599148096.11140.v2.bin [24/06/2021 09:20:07] - |A| - [153380] - C:\ProgramData\agent.update.1624519192.bdinstall.v2.bin [15/09/2019 18:40:42] - |D| - [0] - C:\ProgramData\Alawar [25/10/2020 10:43:43] - |D| - [6432560] - C:\ProgramData\AlawarWrapper [25/10/2019 14:29:24] - |D| - [2392] - C:\ProgramData\Aomei [06/09/2019 11:07:12] - |D| - [22870435] - C:\ProgramData\AomeiBR [09/11/2019 17:21:06] - |D| - [0] - C:\ProgramData\APM [13/09/2020 09:59:21] - |D| - [9771] - C:\ProgramData\Apple [02/11/2020 18:20:55] - |SHD| - [0] - C:\ProgramData\Application Data [18/09/2019 15:37:15] - |D| - [0] - C:\ProgramData\Atc [01/10/2019 15:21:15] - |D| - [19808] - C:\ProgramData\Audyssey Labs [04/12/2019 16:03:27] - |D| - [832] - C:\ProgramData\AVAST Software [16/01/2020 21:13:18] - |D| - [0] - C:\ProgramData\AVS4YOU [03/09/2019 19:52:08] - |D| - [0] - C:\ProgramData\BDLogging [15/09/2019 18:32:29] - |D| - [102080351] - C:\ProgramData\Big Fish [18/09/2019 15:36:12] - |D| - [30160739] - C:\ProgramData\Bitdefender [18/09/2019 15:25:04] - |D| - [0] - C:\ProgramData\Bitdefender Agent [18/09/2019 15:39:46] - |D| - [0] - C:\ProgramData\Bitdefender Device Management [03/09/2019 15:17:57] - |SHD| - [0] - C:\ProgramData\Bureau [25/11/2019 15:31:25] - |D| - [0] - C:\ProgramData\Caphyon [18/09/2019 15:37:47] - |A| - [801100] - C:\ProgramData\cl.1568813742.bdinstall.v2.bin [18/09/2019 15:37:47] - |A| - [97984] - C:\ProgramData\cl.kit.1568813739.bdinstall.v2.bin [14/02/2020 21:52:32] - |D| - [0] - C:\ProgramData\com.gamehouse.acid [13/12/2019 15:08:33] - |D| - [0] - C:\ProgramData\dbg [02/11/2020 18:20:55] - |SHD| - [0] - C:\ProgramData\Desktop [13/11/2020 17:11:27] - |A| - [82452] - C:\ProgramData\dm.uninstall.1605280250.bdinstall.v2.bin [16/08/2020 08:33:36] - |A| - [150164] - C:\ProgramData\dm.update.1597559396.bdinstall.v2.bin [02/11/2020 18:20:55] - |SHD| - [0] - C:\ProgramData\Documents [01/10/2019 15:21:29] - |AH| - [0] - C:\ProgramData\DP45977C.lfl [26/01/2021 12:09:07] - |D| - [2478166] - C:\ProgramData\DriversCloud.com [13/09/2020 09:59:01] - |D| - [188] - C:\ProgramData\EMM [05/09/2019 14:48:28] - |D| - [8473405] - C:\ProgramData\EPSON [27/04/2020 18:44:50] - |D| - [36652] - C:\ProgramData\FarmFrenzy_Rome [25/10/2020 11:01:27] - |D| - [13672] - C:\ProgramData\Gametop [03/09/2019 19:55:39] - |D| - [0] - C:\ProgramData\Gemma [14/09/2019 16:28:26] - |D| - [15062316] - C:\ProgramData\GlarySoft [25/11/2019 19:19:25] - |D| - [729696] - C:\ProgramData\GOG.com [14/01/2021 15:36:05] - |D| - [234] - C:\ProgramData\HP [16/04/2021 18:29:40] - |D| - [8999587] - C:\ProgramData\Intel [08/04/2021 09:11:16] - |D| - [2832] - C:\ProgramData\IsolatedStorage [14/02/2021 21:33:48] - |A| - [12604] - C:\ProgramData\juutbubq.wrj [13/02/2021 21:39:48] - |A| - [4992] - C:\ProgramData\jvjtbxzx.qhq [17/04/2020 15:47:34] - |D| - [355148501] - C:\ProgramData\Malwarebytes [03/09/2019 15:17:57] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [07/12/2019 11:14:52] - |SD| - [1272528959] - C:\ProgramData\Microsoft [05/09/2019 14:34:11] - |D| - [49216] - C:\ProgramData\Microsoft Help [02/11/2020 18:24:57] - |D| - [25] - C:\ProgramData\Microsoft OneDrive [01/06/2021 14:05:48] - |A| - [16] - C:\ProgramData\mntemp [03/09/2019 15:17:57] - |SHD| - [0] - C:\ProgramData\Modèles [03/09/2019 15:41:27] - |D| - [38072] - C:\ProgramData\Mozilla [23/12/2019 17:40:59] - |D| - [528] - C:\ProgramData\Nero [30/05/2020 19:06:27] - |D| - [15149] - C:\ProgramData\NETGEAR [07/01/2021 12:45:43] - |RASH| - [572] - C:\ProgramData\ntuser.pol [03/09/2019 15:07:53] - |D| - [1416378] - C:\ProgramData\NVIDIA [03/09/2019 15:07:35] - |D| - [25990923] - C:\ProgramData\NVIDIA Corporation [04/11/2019 16:13:28] - |D| - [49383152] - C:\ProgramData\OO Software [06/09/2019 15:02:38] - |D| - [0] - C:\ProgramData\Oracle [24/09/2019 18:20:25] - |D| - [63764220] - C:\ProgramData\Package Cache [03/09/2019 15:26:44] - |D| - [49152] - C:\ProgramData\Packages [18/12/2019 11:36:09] - |D| - [477] - C:\ProgramData\ProductData [19/09/2019 15:23:31] - |D| - [104] - C:\ProgramData\QFX Software [02/06/2020 15:32:23] - |D| - [31872] - C:\ProgramData\Real [07/12/2019 11:14:52] - |D| - [5316] - C:\ProgramData\regid.1991-06.com.microsoft [03/09/2019 19:55:23] - |D| - [128] - C:\ProgramData\RoboForm [07/12/2019 11:14:52] - |D| - [0] - C:\ProgramData\SoftwareDistribution [02/11/2020 12:48:38] - |D| - [0] - C:\ProgramData\ssh [02/11/2020 18:20:55] - |SHD| - [0] - C:\ProgramData\Start Menu [15/09/2019 18:33:06] - |AD| - [0] - C:\ProgramData\TEMP [02/11/2020 18:20:55] - |SHD| - [0] - C:\ProgramData\Templates [13/09/2020 10:17:44] - |D| - [133] - C:\ProgramData\Thunder Network [12/02/2020 19:35:01] - |D| - [3453313] - C:\ProgramData\Trymedia [04/09/2019 16:22:37] - |D| - [31610] - C:\ProgramData\Unchecky [17/09/2019 18:22:52] - |A| - [27397] - C:\ProgramData\uninstalltool.1568737372.2964.bin [17/09/2019 18:22:53] - |A| - [596] - C:\ProgramData\uninstalltool.1568737372.8380.bin [20/05/2021 09:13:00] - |D| - [216313] - C:\ProgramData\USBSRService [07/12/2019 11:14:52] - |D| - [12316672] - C:\ProgramData\USOPrivate [07/12/2019 11:14:52] - |D| - [11517952] - C:\ProgramData\USOShared [15/10/2019 18:11:30] - |D| - [20834] - C:\ProgramData\VirtualBox [01/12/2019 21:43:09] - |D| - [2765217] - C:\ProgramData\VMware [04/09/2019 16:18:38] - |D| - [65894] - C:\ProgramData\VS Revo Group [07/12/2019 16:53:51] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [07/12/2019 11:14:54] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [01/03/2015 11:01:02] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [07/12/2019 11:14:52] - |RD| - [226344] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [29/04/2021 17:01:12] - |D| - [2975] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack [28/06/2021 09:53:05] - |A| - [2522] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk [07/12/2019 11:14:52] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [07/12/2019 11:14:52] - |RD| - [15703] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [07/12/2019 11:14:52] - |RD| - [25497] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [06/05/2021 09:56:34] - |D| - [3944] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft [05/11/2020 11:53:33] - |D| - [3999] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper [18/09/2019 15:36:41] - |D| - [4382] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security [21/03/2021 21:22:41] - |D| - [965] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [15/09/2020 14:34:21] - |D| - [3689] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DearMob iPhone Manager [27/06/2021 13:04:45] - |SH| - [113] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [17/01/2016 20:47:14] - |D| - [75] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty [29/06/2021 11:43:29] - |D| - [4318] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com [01/03/2015 11:21:44] - |D| - [4807] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [28/06/2021 09:53:05] - |A| - [2495] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk [26/06/2021 23:09:28] - |A| - [1238] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk [10/10/2019 08:59:20] - |D| - [4774] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Marker [12/04/2020 17:48:29] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [25/10/2020 11:01:07] - |D| - [5579] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameTop.com [01/09/2019 11:04:43] - |D| - [1230] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gnumz - Masters of Defense [30/06/2021 10:53:03] - |A| - [2323] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [07/12/2019 11:10:31] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [27/10/2020 17:15:34] - |D| - [197] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit [25/02/2018 11:12:10] - |D| - [1406] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Katy and Bob - Safari Cafe Edition Collector [19/09/2019 15:21:37] - |D| - [4750] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler [07/12/2019 11:14:52] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [31/05/2021 20:57:20] - |A| - [2041] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk [20/02/2021 18:43:41] - |D| - [13688] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games [20/05/2021 10:03:44] - |D| - [5486] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [01/10/2019 15:35:11] - |D| - [2302] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [05/10/2017 17:43:12] - |D| - [1019] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows AIK [13/05/2017 11:58:07] - |D| - [21788] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com [28/06/2021 09:53:05] - |D| - [18422] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office [28/06/2021 09:53:05] - |A| - [2483] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk [28/06/2021 09:53:05] - |A| - [2522] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk [02/02/2021 16:02:47] - |D| - [446] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\proDAD [28/06/2021 09:53:05] - |A| - [2445] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk [07/06/2019 11:51:31] - |D| - [6095] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainlendar2 [13/07/2019 17:34:02] - |D| - [3550] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro [02/03/2015 16:56:22] - |D| - [16016] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm [14/06/2021 16:25:15] - |A| - [1021] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seed4.Me.lnk [28/06/2021 09:53:05] - |A| - [2596] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Entreprise.lnk [02/03/2015 16:50:02] - |D| - [2195] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftChris [07/12/2019 11:14:52] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [22/08/2020 08:54:47] - |HD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup- [11/03/2020 11:38:30] - |D| - [2292] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steganos Password Manager 20 [01/07/2021 15:49:50] - |A| - [2098] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk [07/12/2019 11:14:52] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [27/12/2016 11:00:19] - |D| - [1941] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom [21/03/2016 12:59:41] - |D| - [2232] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky [20/02/2021 18:37:24] - |D| - [1078] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCDEmu [07/12/2019 16:53:04] - |RD| - [2800] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [31/07/2020 18:14:27] - |D| - [4537] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [28/06/2021 09:53:05] - |A| - [2505] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk [25/10/2020 10:18:40] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zylom ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [07/12/2019 11:14:54] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [02/02/2021 16:02:47] - |D| - [35023918] - C:\Program Files (x86)\AdorageI-GfxDatas [02/02/2021 16:02:47] - |D| - [2850540] - C:\Program Files (x86)\AdorageI-SAL [06/05/2021 09:56:26] - |D| - [119117535] - C:\Program Files (x86)\AnvSoft [05/11/2020 11:52:17] - |D| - [450533893] - C:\Program Files (x86)\AOMEI [30/05/2020 19:08:22] - |D| - [671917] - C:\Program Files (x86)\Atheros [15/09/2019 18:32:27] - |D| - [14779922] - C:\Program Files (x86)\bfgclient [07/12/2019 11:14:52] - |D| - [843886770] - C:\Program Files (x86)\Common Files [22/11/2019 15:17:43] - |D| - [155427834] - C:\Program Files (x86)\DearMob [07/12/2019 11:14:54] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [11/02/2021 10:47:11] - |D| - [15570] - C:\Program Files (x86)\Donemax [11/12/2019 12:30:17] - |D| - [226318] - C:\Program Files (x86)\EaseUS [03/05/2020 15:21:19] - |D| - [0] - C:\Program Files (x86)\Elaborate Bytes [30/09/2019 17:20:48] - |D| - [46085754] - C:\Program Files (x86)\EnveloppesEditor1.20 [05/09/2019 15:10:41] - |D| - [8411011] - C:\Program Files (x86)\epson [27/10/2020 12:46:11] - |A| - [4286] - C:\Program Files (x86)\FalcoGo.ico [27/10/2020 12:46:11] - |A| - [44] - C:\Program Files (x86)\FalcoGo.url [27/10/2020 12:46:11] - |A| - [4286] - C:\Program Files (x86)\FalconLine.ico [27/10/2020 12:46:11] - |A| - [47] - C:\Program Files (x86)\FalconLine.url [27/10/2020 12:46:11] - |A| - [4286] - C:\Program Files (x86)\FalcoSpace.ico [27/10/2020 12:46:11] - |A| - [47] - C:\Program Files (x86)\FalcoSpace.url [10/10/2019 08:59:15] - |D| - [10063902] - C:\Program Files (x86)\Folder Marker [25/10/2020 11:00:18] - |D| - [779121302] - C:\Program Files (x86)\GameTop.com [05/10/2019 16:39:50] - |D| - [0] - C:\Program Files (x86)\Genesyslogic [14/09/2019 16:28:00] - |D| - [0] - C:\Program Files (x86)\Glarysoft [07/12/2020 18:17:38] - |D| - [84898432] - C:\Program Files (x86)\Google [14/01/2021 15:35:41] - |D| - [16157294] - C:\Program Files (x86)\HP [27/11/2019 18:25:19] - |HD| - [25505395] - C:\Program Files (x86)\InstallShield Installation Information [16/04/2021 18:28:39] - |D| - [3825024] - C:\Program Files (x86)\Intel [07/12/2019 11:14:52] - |D| - [1984071] - C:\Program Files (x86)\Internet Explorer [19/09/2019 15:21:34] - |D| - [5157553] - C:\Program Files (x86)\KeyScrambler [05/07/2020 14:22:10] - |D| - [854589458] - C:\Program Files (x86)\Microsoft [22/10/2020 12:44:48] - |D| - [1670519] - C:\Program Files (x86)\Microsoft ASP.NET [20/02/2021 18:43:20] - |D| - [0] - C:\Program Files (x86)\Microsoft Games [03/09/2019 15:35:15] - |D| - [74424110] - C:\Program Files (x86)\Microsoft Money 2005 [20/05/2021 10:02:31] - |D| - [2714130653] - C:\Program Files (x86)\Microsoft Office [01/10/2019 15:32:52] - |D| - [42894550] - C:\Program Files (x86)\Microsoft Silverlight [21/01/2021 19:50:33] - |D| - [1829877] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [11/03/2020 19:56:15] - |D| - [6076507] - C:\Program Files (x86)\Microsoft XNA [07/12/2019 11:14:52] - |D| - [8175999] - C:\Program Files (x86)\Microsoft.NET [02/02/2021 16:02:47] - |D| - [2496937] - C:\Program Files (x86)\Movie Maker [28/06/2020 12:07:23] - |D| - [312320] - C:\Program Files (x86)\MozBackup [01/07/2021 14:15:46] - |D| - [209779860] - C:\Program Files (x86)\Mozilla Firefox [03/09/2019 15:41:30] - |D| - [342246] - C:\Program Files (x86)\Mozilla Maintenance Service [28/06/2020 11:13:04] - |D| - [211447325] - C:\Program Files (x86)\Mozilla Thunderbird [02/11/2020 11:45:10] - |D| - [25757] - C:\Program Files (x86)\MSBuild [15/02/2020 19:05:01] - |D| - [146218207] - C:\Program Files (x86)\MyRealGames.com [30/05/2020 19:06:58] - |D| - [0] - C:\Program Files (x86)\NETGEAR [01/10/2019 15:40:57] - |D| - [248252246] - C:\Program Files (x86)\NVIDIA Corporation [08/12/2019 18:28:13] - |D| - [11] - C:\Program Files (x86)\OkayFreedom [14/02/2020 21:52:21] - |D| - [628851] - C:\Program Files (x86)\Online Games Manager [01/10/2019 15:30:35] - |D| - [809496] - C:\Program Files (x86)\OpenAL [22/09/2019 21:40:31] - |D| - [0] - C:\Program Files (x86)\PDF Link Editor [03/09/2019 19:44:08] - |D| - [88358383] - C:\Program Files (x86)\Rainlendar2 [27/11/2019 18:25:21] - |D| - [11416708] - C:\Program Files (x86)\Realtek [02/11/2020 11:45:10] - |D| - [38479105] - C:\Program Files (x86)\Reference Assemblies [30/04/2021 12:11:59] - |D| - [68110794] - C:\Program Files (x86)\ScanPapyrus [03/09/2019 19:54:19] - |D| - [92453864] - C:\Program Files (x86)\Siber Systems [03/09/2019 19:46:19] - |D| - [2364461] - C:\Program Files (x86)\SoftChris [06/12/2019 20:26:22] - |D| - [50598683] - C:\Program Files (x86)\Steganos Password Manager 20 [08/01/2020 16:18:29] - |HD| - [0] - C:\Program Files (x86)\Temp [12/01/2020 15:48:01] - |D| - [68514294] - C:\Program Files (x86)\ToomkyGames.com [04/09/2019 16:22:37] - |D| - [5239468] - C:\Program Files (x86)\Unchecky [03/09/2019 15:07:50] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [20/05/2021 09:12:57] - |D| - [15437794] - C:\Program Files (x86)\USB Safely Remove [11/04/2020 09:14:39] - |D| - [0] - C:\Program Files (x86)\VideoLAN [01/12/2019 21:48:13] - |D| - [0] - C:\Program Files (x86)\VMware [20/02/2021 18:37:23] - |D| - [4370760] - C:\Program Files (x86)\WinCDEmu [07/12/2019 11:14:52] - |D| - [1823008] - C:\Program Files (x86)\Windows Defender [21/01/2021 19:49:46] - |D| - [26067221] - C:\Program Files (x86)\Windows Live [07/12/2019 11:14:52] - |D| - [625664] - C:\Program Files (x86)\Windows Mail [07/12/2019 16:53:51] - |D| - [3237741] - C:\Program Files (x86)\Windows Media Player [07/12/2019 16:53:51] - |D| - [40232] - C:\Program Files (x86)\Windows Multimedia Platform [07/12/2019 11:14:52] - |D| - [6058840] - C:\Program Files (x86)\Windows NT [07/12/2019 16:53:51] - |D| - [5261760] - C:\Program Files (x86)\Windows Photo Viewer [07/12/2019 16:53:51] - |D| - [40232] - C:\Program Files (x86)\Windows Portable Devices [07/12/2019 11:14:52] - |SD| - [29492908] - C:\Program Files (x86)\Windows Sidebar [07/12/2019 11:14:52] - |D| - [2250695] - C:\Program Files (x86)\WindowsPowerShell [11/09/2019 14:33:03] - |D| - [6531523] - C:\Program Files (x86)\WinRAR ---------- | C:\Program Files [17/09/2019 18:34:03] - |D| - [720876781] - C:\Program Files\Bitdefender [18/09/2019 15:25:04] - |D| - [58924328] - C:\Program Files\Bitdefender Agent [21/03/2021 21:22:39] - |D| - [798493875] - C:\Program Files\CCleaner [07/12/2019 11:14:52] - |D| - [1308675365] - C:\Program Files\Common Files [29/06/2021 11:43:29] - |D| - [23586423] - C:\Program Files\Cybelsoft [07/12/2019 11:14:54] - |ASH| - [174] - C:\Program Files\desktop.ini [04/12/2019 16:13:15] - |D| - [107090960] - C:\Program Files\dnplayerext2 [12/01/2020 17:12:01] - |D| - [0] - C:\Program Files\Epic Games [03/09/2019 15:17:57] - |SHD| - [0] - C:\Program Files\Fichiers communs [30/06/2021 10:52:56] - |D| - [512310480] - C:\Program Files\Google [16/05/2020 18:51:00] - |D| - [18264672] - C:\Program Files\IM-Magic [16/04/2021 18:28:25] - |D| - [53503561] - C:\Program Files\Intel [07/12/2019 11:14:52] - |D| - [2661458] - C:\Program Files\Internet Explorer [17/04/2020 15:34:59] - |D| - [233608828] - C:\Program Files\Malwarebytes [05/09/2019 14:34:11] - |D| - [4196240] - C:\Program Files\Microsoft Office [26/06/2021 15:24:05] - |D| - [8726672] - C:\Program Files\Microsoft Office 15 [01/10/2019 15:32:52] - |D| - [55728894] - C:\Program Files\Microsoft Silverlight [01/10/2020 20:00:38] - |D| - [2041880] - C:\Program Files\Microsoft Update Health Tools [07/12/2019 11:14:52] - |D| - [0] - C:\Program Files\ModifiableWindowsApps [26/06/2021 23:09:25] - |D| - [220343394] - C:\Program Files\Mozilla Firefox [02/11/2020 11:45:09] - |D| - [25757] - C:\Program Files\MSBuild [07/06/2020 16:06:38] - |D| - [93971508] - C:\Program Files\net.downloadhelper.coapp [03/09/2019 15:07:28] - |D| - [1271141290] - C:\Program Files\NVIDIA Corporation [15/10/2019 18:11:01] - |D| - [270945828] - C:\Program Files\Oracle [21/10/2020 18:57:31] - |D| - [62473096] - C:\Program Files\Realtek [02/11/2020 11:45:09] - |D| - [36883625] - C:\Program Files\Reference Assemblies [14/06/2021 16:25:12] - |D| - [28262653] - C:\Program Files\Seed4.Me VPN [04/01/2021 16:47:33] - |D| - [272409] - C:\Program Files\TAP-Windows [13/11/2020 14:11:21] - |HD| - [0] - C:\Program Files\Uninstall Information [29/05/2020 20:00:02] - |D| - [16384000] - C:\Program Files\UNP [25/10/2020 10:38:34] - |D| - [178078375] - C:\Program Files\VideoLAN [04/09/2019 16:18:37] - |D| - [67566276] - C:\Program Files\VS Revo Group [07/12/2019 11:14:52] - |D| - [13852894] - C:\Program Files\Windows Defender [07/12/2019 16:53:51] - |D| - [20574776] - C:\Program Files\Windows Defender Advanced Threat Protection [07/12/2019 11:14:52] - |D| - [639488] - C:\Program Files\Windows Mail [07/12/2019 16:53:51] - |D| - [4601233] - C:\Program Files\Windows Media Player [07/12/2019 16:53:51] - |D| - [48536] - C:\Program Files\Windows Multimedia Platform [07/12/2019 11:14:52] - |D| - [6403928] - C:\Program Files\Windows NT [07/12/2019 16:53:51] - |D| - [6179784] - C:\Program Files\Windows Photo Viewer [07/12/2019 16:53:51] - |D| - [48528] - C:\Program Files\Windows Portable Devices [07/12/2019 11:14:52] - |D| - [111709] - C:\Program Files\Windows Security [07/12/2019 11:14:52] - |SD| - [7120162] - C:\Program Files\Windows Sidebar [07/12/2019 11:14:52] - |HD| - [2884918786] - C:\Program Files\WindowsApps [07/12/2019 11:14:52] - |D| - [2545983] - C:\Program Files\WindowsPowerShell [13/11/2020 17:59:23] - |D| - [496] - C:\Program Files\WinRAR ---------- | C:\Program Files (x86)\Common Files [16/01/2020 21:10:27] - |D| - [0] - C:\Program Files (x86)\Common Files\AVSMedia [27/05/2021 17:28:32] - |D| - [131840] - C:\Program Files (x86)\Common Files\DESIGNER [28/03/2021 17:52:57] - |D| - [3355095] - C:\Program Files (x86)\Common Files\InstallShield [16/04/2021 18:28:23] - |D| - [67886987] - C:\Program Files (x86)\Common Files\Intel [12/02/2021 15:42:42] - |D| - [1570387] - C:\Program Files (x86)\Common Files\MAGIX Shared [07/12/2019 11:14:52] - |D| - [169229928] - C:\Program Files (x86)\Common Files\Microsoft Shared [23/12/2019 17:40:59] - |D| - [0] - C:\Program Files (x86)\Common Files\Nero [07/12/2019 11:14:52] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [22/03/2020 11:58:53] - |D| - [2508359] - C:\Program Files (x86)\Common Files\Steam [06/12/2019 20:26:23] - |D| - [3367] - C:\Program Files (x86)\Common Files\Steganos [07/12/2019 11:14:52] - |D| - [9573259] - C:\Program Files (x86)\Common Files\System [01/12/2019 21:43:09] - |D| - [476028928] - C:\Program Files (x86)\Common Files\VMware [21/01/2021 19:40:05] - |D| - [113595918] - C:\Program Files (x86)\Common Files\Windows Live ---------- | C:\Program Files\Common files [04/12/2019 16:06:37] - |D| - [1790184] - C:\Program Files\Common files\AVAST Software [17/09/2019 18:32:00] - |D| - [1136215201] - C:\Program Files\Common files\Bitdefender [05/09/2019 14:48:32] - |D| - [294912] - C:\Program Files\Common files\EPSON [20/03/2020 20:34:25] - |D| - [684392] - C:\Program Files\Common files\logishrd [07/12/2019 11:14:52] - |D| - [159106075] - C:\Program Files\Common files\microsoft shared [07/12/2019 11:14:52] - |D| - [2702] - C:\Program Files\Common files\Services [07/12/2019 11:14:52] - |D| - [10581899] - C:\Program Files\Common files\System ---------- | Links to files C:\$RECYCLE.BIN\S-1-5-21-1042456299-3079880857-3127715329-1001\$RB5U8KZ\IObit Driver Booster\IObit Driver Booster.lnk -> C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe - Status : OK C:\$RECYCLE.BIN\S-1-5-21-1042456299-3079880857-3127715329-1001\$RB5U8KZ\IObit Driver Booster\Uninstall.lnk -> C:\Program Files (x86)\IObit\Driver Booster\unins000.exe - Status : OK C:\Program Files\Common Files\microsoft shared\ClickToRun\.LNK -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE - Status : OK C:\Program Files (x86)\Microsoft Money 2005\Microsoft Money.lnk -> C:\Program Files (x86)\Microsoft Money 2005\MNYCoreFiles\msmoney.exe - Status : OK C:\Program Files (x86)\Microsoft Office\root\vfs\Common Programs\Access.lnk -> C:\Program Files\Microsoft Office\Office16\MSACCESS.EXE - Status : OK C:\Program Files (x86)\Microsoft Office\root\vfs\Common Programs\Excel.lnk -> C:\Program Files\Microsoft Office\Office16\EXCEL.EXE - Status : OK C:\Program Files (x86)\Microsoft Office\root\vfs\Common Programs\Microsoft Office Tools\Database Compare.lnk -> C:\Program Files\Microsoft Office\Office16\DCF\DATABASECOMPARE.EXE - Status : OK C:\Program Files (x86)\Microsoft Office\root\vfs\Common Programs\Microsoft Office Tools\Office Language Preferences.lnk -> C:\Program Files\Microsoft Office\Office16\SETLANG.EXE - Status : OK C:\Program Files (x86)\Microsoft Office\root\vfs\Common Programs\Microsoft Office Tools\Office Upload Center.lnk -> C:\Program Files\Microsoft Office\Office16\MSOUC.EXE - Status : OK C:\Program Files (x86)\Microsoft Office\root\vfs\Common Programs\Microsoft Office Tools\Skype for Business Recording Manager.lnk -> C:\Program Files\Microsoft Office\Office16\OcPubMgr.exe - Status : OK C:\Program Files (x86)\Microsoft Office\root\vfs\Common Programs\Microsoft Office Tools\Spreadsheet Compare.lnk -> C:\Program Files\Microsoft Office\Office16\DCF\SPREADSHEETCOMPARE.EXE - Status : OK C:\Program Files (x86)\Microsoft Office\root\vfs\Common Programs\Microsoft Office Tools\Telemetry Dashboard for Office.lnk -> C:\Program Files\Microsoft Office\Office16\msotd.exe - Status : OK C:\Program Files (x86)\Microsoft Office\root\vfs\Common Programs\Microsoft Office Tools\Telemetry Log for Office.lnk -> C:\Program Files\Microsoft Office\Office16\msoev.exe - Status : OK C:\Program Files (x86)\Microsoft Office\root\vfs\Common Programs\Outlook.lnk -> C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE - Status : OK C:\Program Files (x86)\Microsoft Office\root\vfs\Common Programs\PowerPoint.lnk -> C:\Program Files\Microsoft Office\Office16\POWERPNT.EXE - Status : OK C:\Program Files (x86)\Microsoft Office\root\vfs\Common Programs\Publisher.lnk -> C:\Program Files\Microsoft Office\Office16\MSPUB.EXE - Status : OK C:\Program Files (x86)\Microsoft Office\root\vfs\Common Programs\Skype for Business.lnk -> C:\Program Files\Microsoft Office\Office16\lync.exe - Status : OK C:\Program Files (x86)\Microsoft Office\root\vfs\Common Programs\Word.lnk -> C:\Program Files\Microsoft Office\Office16\WINWORD.EXE - Status : OK C:\Program Files (x86)\Rainlendar2\Debug Rainlendar2.lnk -> C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe - Status : OK C:\Program Files (x86)\Siber Systems\AI RoboForm\Désinstaller.lnk -> C:\Program Files (x86)\Siber Systems\AI RoboForm\rfwipeout.exe - Status : OK C:\ProgramData\Bitdefender\Desktop\PrivAppsCache\a95409755f2c0ec7.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\GameExplorer\{E01EABFD-10ED-44C0-9218-CA00C72FF383}\PlayTasks\0\Age of Empires III - The Asian Dynasties.lnk -> C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe - Status : OK C:\ProgramData\Microsoft\Windows\GameExplorer\{E01EABFD-10ED-44C0-9218-CA00C72FF383}\PlayTasks\1\Age of Empires III - The Asian Dynasties (pas de vidéo).lnk -> C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe - Status : OK C:\ProgramData\Microsoft\Windows\GameExplorer\{E01EABFD-10ED-44C0-9218-CA00C72FF383}\PlayTasks\2\Age of Empires III - The Asian Dynasties (pas de son).lnk -> C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe - Status : OK C:\ProgramData\Microsoft\Windows\GameExplorer\{E01EABFD-10ED-44C0-9218-CA00C72FF383}\SupportTasks\0\Communauté Age.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\GameExplorer\{E01EABFD-10ED-44C0-9218-CA00C72FF383}\SupportTasks\1\Age of Empires III - The Asian Dynasties sur Internet.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\GameExplorer\{E01EABFD-10ED-44C0-9218-CA00C72FF383}\SupportTasks\2\Ensemble Studios sur le Web.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\GameExplorer\{E01EABFD-10ED-44C0-9218-CA00C72FF383}\SupportTasks\3\Microsoft Games Studios - Age of Empires III - The Asian Dynasties sur Internet.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\GameExplorer\{E01EABFD-10ED-44C0-9218-CA00C72FF383}\SupportTasks\4\Assistance.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack\8GadgetPack Tools.lnk -> C:\Program Files (x86)\Windows Sidebar\8GadgetPack.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack\Gadgets.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack\Uninstall 8GadgetPack.lnk -> C:\Windows\System32\msiexec.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack\Website.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\system32\notepad.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\system32\mspaint.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\system32\quickassist.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\system32\mstsc.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\system32\SnippingTool.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\system32\psr.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\system32\charmap.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\system32\xpsrchvw.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\system32\comexp.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\system32\dfrgui.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\system32\cleanmgr.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\system32\eventvwr.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\system32\iscsicpl.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\system32\MdSched.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\syswow64\odbcad32.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\system32\odbcad32.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\system32\perfmon.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\system32\printmanagement.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\system32\RecoveryDrive.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\system32\perfmon.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\system32\secpol.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\system32\services.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\system32\msconfig.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\system32\msinfo32.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\system32\taskschd.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\system32\WF.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter Ultimate\Any Video Converter Ultimate.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter Ultimate\AVCUltimate.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter Ultimate\Désinstaller Any Video Converter Ultimate.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter Ultimate\unins000.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter Ultimate\Page d'accueil de Any Video Converter Ultimate.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter Ultimate\AVCUltimate.url - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper\AOMEI Backupper 6.1.lnk -> C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.1.0\Backupper.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper\Uninstall AOMEI Backupper.lnk -> C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.1.0\unins000.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper\User Manual (PDF).lnk -> C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.1.0\UserManual.pdf - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security\Bitdefender Safepay.lnk -> C:\Program Files\Bitdefender\Bitdefender Security\obk.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security\Bitdefender.lnk -> C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DearMob iPhone Manager\DearMob iPhone Manager.lnk -> C:\Program Files (x86)\DearMob\DearMob iPhone Manager\StartDearMobWin.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DearMob iPhone Manager\Uninstall DearMob iPhone Manager.lnk -> C:\Program Files (x86)\DearMob\DearMob iPhone Manager\uninstaller.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com\DriversCloud.com - Démarrer la détection.lnk -> C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloud.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com\DriversCloud.com.lnk -> C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloud.html - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com\Désinstaller DriversCloud.com 11.0.2.0.lnk -> C:\Windows\SysWOW64\msiexec.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Scan\EPSON Scan.lnk -> C:\Windows\twain_32\ESCNDV\escndv.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON SX218 Series\Désinstallation du pilote d'impression EPSON.lnk -> C:\Windows\System32\spool\drivers\x64\3\E_IINSGDE.EXE - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON SX218 Series\Mise à jour du pilote.lnk -> C:\Windows\System32\spool\drivers\x64\3\E_GUPA30.EXE - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON SX218 Series\Support technique.lnk -> C:\Windows\System32\rundll32.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Marker\Folder Marker Help.lnk -> C:\Program Files (x86)\Folder Marker\FOLDERMARKER.chm - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Marker\Folder Marker.lnk -> C:\Program Files (x86)\Folder Marker\FolderMarker.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Marker\Go To Folder Marker's Website.lnk -> C:\Program Files (x86)\Folder Marker\FolderMarkerWebsite.url - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Marker\Uninstall Folder Marker.lnk -> C:\Program Files (x86)\Folder Marker\unins000.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameTop.com\Rush for Gold California\Rush for Gold California.lnk -> C:\Program Files (x86)\GameTop.com\Rush for Gold California\game-shell.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameTop.com\Rush for Gold California\Uninstall Rush for Gold California.lnk -> C:\Program Files (x86)\GameTop.com\Rush for Gold California\unins000.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameTop.com\The Island Castaway 2\The Island Castaway 2.lnk -> C:\Program Files (x86)\GameTop.com\The Island Castaway 2\game-shell.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameTop.com\The Island Castaway 2\Uninstall The Island Castaway 2.lnk -> C:\Program Files (x86)\GameTop.com\The Island Castaway 2\unins000.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gnumz - Masters of Defense\Encore plus de jeux.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\Control.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Katy and Bob - Safari Cafe Edition Collector\Encore plus de jeux.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler\Getting Started.lnk -> C:\Program Files (x86)\KeyScrambler\getting_started.html - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler\KeyScrambler Options.lnk -> C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler\KeyScrambler.lnk -> C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler\Uninstall KeyScrambler.lnk -> C:\Program Files (x86)\KeyScrambler\Uninstall.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires Gold\Age of Empires Expansion.lnk -> C:\Program Files (x86)\Microsoft Games\Age of Empires\EMPIRESX.EXE - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires Gold\Désinstaller Age of Empires Gold.lnk -> C:\Program Files (x86)\Microsoft Games\Age of Empires\Désinst.Exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires Gold\Lisez-moi d'Age of Empires.lnk -> C:\Program Files (x86)\Microsoft Games\Age of Empires\LisezMoi.doc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires Gold\Lisez-moi de Rise of Rome.lnk -> C:\Program Files (x86)\Microsoft Games\Age of Empires\LisezMox.doc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires II - The Conquerors Expansion\Age of Empires II - The Conquerors Expansion Lisezmoi.lnk -> C:\Program Files (x86)\Microsoft Games\Age of Empires II\Lisezmox.rtf - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires II - The Conquerors Expansion\Désinstallation de Age of Empires II - The Conquerors Expansion.lnk -> C:\Program Files (x86)\Microsoft Games\Age of Empires II\UNINSTALX.EXE - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Outils Microsoft Office 2010\Microsoft Office 2010 Centre de téléchargement.lnk -> C:\WINDOWS\Installer\{90140000-0017-0000-0000-0000000FF1CE}\msouc.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Outils Microsoft Office 2010\Microsoft Office Picture Manager.lnk -> C:\WINDOWS\Installer\{90140000-0017-0000-0000-0000000FF1CE}\oisicon.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\Silverlight.Configuration.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows AIK\Invite de commande des outils de déploiement.lnk -> C:\Windows\System32\cmd.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com\Alex Hunter - Lord of the Mind\MyPlayCity Games.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com\Alex Hunter - Lord of the Mind\Play Online Games.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com\Incredible Dracula III - Family Secret\MyPlayCity Games.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com\Incredible Dracula III - Family Secret\Play Online Games.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com\Magic Encyclopedia - First Story\MyPlayCity Games.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com\Magic Encyclopedia - First Story\Play Online Games.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com\MyPlayCity Games.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com\Play Online Games.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com\Rescue Team 2\MyPlayCity Games.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com\Rescue Team 2\Play Online Games.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com\Rescue Team 3\MyPlayCity Games.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com\Rescue Team 3\Play Online Games.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com\Secret Diaries - Florence Ashford\MyPlayCity Games.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com\Secret Diaries - Florence Ashford\Play Online Games.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com\Snark Busters - High Society\MyPlayCity Games.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com\Snark Busters - High Society\Play Online Games.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office\Centre de téléchargement Office.lnk -> C:\Program Files (x86)\Microsoft Office\root\Client\AppVLP.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office\Database Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\Client\AppVLP.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office\Gestionnaire d’enregistrements Skype Entreprise.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OcPubMgr.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office\Journal de télémétrie pour Office.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msoev.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office\Préférences linguistiques d’Office.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office\Spreadsheet Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\Client\AppVLP.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office\Tableau de bord de télémétrie pour Office.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msotd.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\proDAD\Adorage Online.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\proDAD\Adorage Video Effects for Movie Maker.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainlendar2\Rainlendar2 Options.lnk -> C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainlendar2\Rainlendar2.lnk -> C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainlendar2\Remove Rainlendar2.lnk -> C:\Program Files (x86)\Rainlendar2\uninst.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Désinstaller Revo Uninstaller Pro.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro Help.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller Pro\Revo Uninstaller Pro Help.pdf - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm\Boîte de de Recherche.lnk -> C:\Program Files (x86)\Siber Systems\AI RoboForm\identities.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm\Générer des mots de passe.lnk -> C:\Program Files (x86)\Siber Systems\AI RoboForm\passwordgenerator.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm\Icône de la barre des tâches.lnk -> C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm\Page d’accueil RoboForm.lnk -> C:\Program Files (x86)\Siber Systems\AI RoboForm\identities.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm\Rechercher des fichiers.lnk -> C:\Program Files (x86)\Siber Systems\AI RoboForm\identities.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm\Vérifier si une nouvelle version est disponible.lnk -> C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm\Éditeur RoboForm.lnk -> C:\Program Files (x86)\Siber Systems\AI RoboForm\identities.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seed4.Me.lnk -> C:\Program Files\Seed4.Me VPN\bin\Seed4.Me_VPN.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Entreprise.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftChris\Finance 2003.lnk -> C:\Program Files (x86)\SoftChris\Finance 2003\Finance2003.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steganos Password Manager 20\Désinstaller Steganos Password Manager 20.lnk -> C:\Program Files (x86)\Steganos Password Manager 20\uninstall.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steganos Password Manager 20\Gestionnaire de mots de passe.lnk -> C:\Program Files (x86)\Steganos Password Manager 20\PasswordManager.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk -> C:\Users\jo\AppData\Local\SumatraPDF\SumatraPDF.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom\NewShortcut3.lnk -> C:\Windows\SysWOW64\msiexec.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky\Unchecky.lnk -> C:\Program Files (x86)\Unchecky\unchecky.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky\Uninstall.lnk -> C:\Program Files (x86)\Unchecky\uninstall.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCDEmu\WinCDEmu Settings.lnk -> C:\Program Files (x86)\WinCDEmu\vmnt64.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files (x86)\WinRAR\Rar.txt - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files (x86)\WinRAR\WhatsNew.txt - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files (x86)\WinRAR\winrar.chm - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE - Status : OK C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> - Status : OK C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\system32\diskmgmt.msc - Status : OK C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> - Status : OK C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> - Status : OK C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\system32\eventvwr.exe - Status : OK C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> - Status : OK C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\system32\mblctr.exe - Status : OK C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> - Status : OK C:\Users\Administrateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> - Status : OK C:\Users\Administrateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> - Status : OK C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\SendTo\Destinataire de télécopie.lnk -> C:\Windows\System32\WFS.exe - Status : OK C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\system32\osk.exe - Status : OK C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe - Status : OK C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> - Status : OK C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> - Status : OK C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> - Status : OK C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> - Status : OK C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\Administrateur\Links\RecentPlaces.lnk -> - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\system32\diskmgmt.msc - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\system32\eventvwr.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\system32\mblctr.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\system32\osk.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\jo\3D Objects\Musique - Raccourci.lnk -> C:\Users\jo\Music - Status : OK C:\Users\jo\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\system32\diskmgmt.msc - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\system32\eventvwr.exe - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\system32\mblctr.exe - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Control_System.gadget\Hibernate.lnk -> C:\Windows\System32\rundll32.exe - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Control_System.gadget\Logoff.lnk -> C:\Windows\System32\shutdown.exe - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Control_System.gadget\Restart.lnk -> C:\Windows\System32\shutdown.exe - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Control_System.gadget\Shutdown.lnk -> C:\Windows\System32\shutdown.exe - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Control_System.gadget\Standby.lnk -> C:\Windows\System32\rundll32.exe - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\LaunchControl.gadget\links\Show Desktop.lnk -> - Status : OK C:\Users\jo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\LaunchControl.gadget\links\Window Switcher.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DearMob iPhone Manager.lnk -> C:\Program Files (x86)\DearMob\DearMob iPhone Manager\StartDearMobWin.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gestionnaire de mots de passe.lnk -> C:\Program Files (x86)\Steganos Password Manager 20\PasswordManager.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gestionnaire de mots de passe.lnk -> C:\Program Files (x86)\Steganos Password Manager 20\PasswordManager.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Money.lnk -> C:\Program Files (x86)\Microsoft Money 2005\MNYCoreFiles\msmoney.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk -> C:\Windows\system32\notepad.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Run.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Tombstones\Word 2016 (3).lnk -> C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Office\Recent\Adhérants ping .LNK -> D:\Dossiers\Tennis de table\Adhérants ping .xls - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Office\Recent\Adhérants ping .xls.LNK -> D:\Dossiers\Tennis de table\Adhérants ping .xls - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Office\Recent\Adhérants ping 1 .LNK -> D:\Dossiers\Tennis de table\Adhérants ping 1 .xls - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Office\Recent\Bilans financiers Guillaume.LNK -> D:\Dossiers\Tennis de table\Bilans financiers Guillaume.ods - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Office\Recent\Bilans financiers Guillaume.ods.LNK -> D:\Dossiers\Tennis de table\Bilans financiers Guillaume.ods - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Office\Recent\Bilans financiers pour sub.commune.LNK -> C:\Users\jo\Desktop\Documents\Bilans financiers pour sub.commune.ods - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Office\Recent\CA20210630_143217.xlsx.LNK -> D:\téléchargements\CA20210630_143217.xlsx - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Office\Recent\codes Age of empire gold edition.LNK -> O:\Users\jo\Desktop\3 Age of empire 2 (The Age Of Kings)\codes Age of empire gold edition.doc - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Office\Recent\comptes.xlsm.LNK -> D:\téléchargements\comptes.xlsm - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Office\Recent\Courses vacances et matériels.doc (2).LNK -> D:\dossiers\dossier word\Courses vacances et matériels.doc - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Office\Recent\Etiquette Pinot.doc (2).LNK -> D:\dossiers\dossier word\Etiquette Pinot.doc - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Office\Recent\Jardin.LNK -> D:\Dossiers\Jardin - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Office\Recent\Liste des adhérents 2020-2021.LNK -> C:\Users\jo\Downloads\Liste des adhérents 2020-2021.xls - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Office\Recent\rillettes de poulet.docx.LNK -> C:\Users\jo\Desktop\rillettes de poulet.docx - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Office\Recent\Transférer le disque dur d'installation de Windows sur un autre ordinateur ou pas .docx.LNK -> C:\Users\jo\Downloads\Transférer le disque dur d'installation de Windows sur un autre ordinateur ou pas .docx - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Office\Recent\VPN.LNK -> F:\Mots de passe\VPN - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\1.jpg.lnk -> C:\Users\jo\Desktop\forum\1.jpg - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\2.jpg.lnk -> C:\Users\jo\Desktop\forum\2.jpg - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\3.jpg.lnk -> C:\Users\jo\Desktop\forum\3.jpg - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\4.jpg.lnk -> C:\Users\jo\Desktop\forum\4.jpg - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\5.txt.lnk -> C:\Users\jo\Desktop\forum\5.txt - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\6.txt.lnk -> C:\Users\jo\Desktop\forum\6.txt - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\A lire.txt.lnk -> H:\A lire.txt - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Adhérants ping .xls.lnk -> D:\Dossiers\Tennis de table\Adhérants ping .xls - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\adresse montage pneux.docx.lnk -> C:\Users\jo\Desktop\adresse montage pneux.docx - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Age empire 3.lnk -> C:\Users\jo\Desktop\Age empire 3 - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\age of empire 2 gold edition (2).lnk -> C:\Users\jo\Desktop\age of empire 2 gold edition - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\age of empire 2 gold edition.lnk -> C:\Users\jo\Desktop\age of empire 2 gold edition - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\All Quiet On The Western Front 1930 FRENCH BRRiP XviD-S V.lnk -> D:\téléchargements\films\All Quiet On The Western Front 1930 FRENCH BRRiP XviD-S V - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\All.Inclusive.2019.FRENCH.WEBRip.XviD.AC3-NoTag.lnk -> D:\téléchargements\All.Inclusive.2019.FRENCH.WEBRip.XviD.AC3-NoTag.torrent - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Android.lnk -> D:\Android - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Arcos.lnk -> C:\Users\jo\Desktop\Arcos - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Assurance Groupama.lnk -> D:\Dossiers\Tennis de table\Assurance Groupama - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Avis_d_impot_2020_sur_les_revenus_2019.pdf.lnk -> D:\téléchargements\Avis_d_impot_2020_sur_les_revenus_2019.pdf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\backup-restore-0.95-portable.zip.lnk -> C:\Users\jo\Desktop\backup-restore-0.95-portable.zip - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Banques (2).lnk -> D:\dossiers\Banques - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Banques.lnk -> D:\dossiers\Papiers\Banques - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Barcelone.lnk -> D:\photos jo\Voyages\3 Costa Brava (Espagne octobre 2020)\Barcelone - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\bdlog.txt.lnk -> C:\bdlog.txt - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Bilans financiers Guillaume.ods.lnk -> D:\Dossiers\Tennis de table\Bilans financiers Guillaume.ods - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Bilans financiers.xlsx.lnk -> D:\Dossiers\Tennis de table\Bilans financiers.xlsx - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\bulletin_demande_catalogue_sev(1).pdf.lnk -> D:\téléchargements\bulletin_demande_catalogue_sev(1).pdf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\bulletin_demande_catalogue_sev(2).pdf.lnk -> D:\téléchargements\bulletin_demande_catalogue_sev(2).pdf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\bulletin_demande_catalogue_sev.pdf.lnk -> D:\téléchargements\bulletin_demande_catalogue_sev.pdf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Bureau.lnk -> C:\Users\jo\Desktop - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\CA20210531_121542.lnk -> D:\téléchargements\CA20210531_121542.xlsx - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\CA20210615_111554.lnk -> D:\téléchargements\CA20210615_111554.xlsx - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\CA20210615_111616.lnk -> D:\téléchargements\CA20210615_111616.xlsx - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\CA20210630_143201.xlsx.lnk -> D:\téléchargements\CA20210630_143201.xlsx - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\CA20210630_143217.xlsx.lnk -> D:\téléchargements\CA20210630_143217.xlsx - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Ce PC.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Centre Réseau et partage.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Clara_et_moi.DvdRip.FR.2004.Xvid.mp3.lnk -> D:\téléchargements\Clara_et_moi.DvdRip.FR.2004.Xvid.mp3.avi - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\coin de pêche La Clère.docx.lnk -> C:\Users\jo\Desktop\coin de pêche La Clère.docx - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\comment ça marche.net.txt.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Compte Chèque n° 19268602001.pdf.lnk -> D:\téléchargements\Compte Chèque n° 19268602001.pdf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Compte Chèque n° 192686020011.pdf.lnk -> D:\dossiers\Papiers\Banques\crédit Agricole\Compte Chèque n° 192686020011.pdf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\comptes.xlsm.lnk -> D:\téléchargements\comptes.xlsm - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Conditions générales 1.lnk -> D:\Dossiers\Papiers\Banques\Crédit Mutuel\Conditions générales 1.pdf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Config.txt.lnk -> C:\Users\jo\Desktop\Config.txt - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\connection.jpg.lnk -> C:\Users\jo\Desktop\connection.jpg - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\crédit Agricole.lnk -> D:\Dossiers\Papiers\Banques\crédit Agricole - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Crédit Mutuel.lnk -> D:\Dossiers\Papiers\Banques\Crédit Mutuel - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Disque local (C).lnk -> C:\ - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Disque local (D) (2).lnk -> D:\ - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Disque local (D).lnk -> D:\ - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Docs.lnk -> D:\téléchargements\Docs.zip - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Document tennis de table.lnk -> D:\Dossiers\Tennis de table\Document tennis de table - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\dossiers.lnk -> D:\dossiers - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Downton Abbey - S01E01 VF.lnk -> D:\téléchargements\Downton Abbey Saison 1 S01 VF HDTV\Downton Abbey - S01E01 VF.avi - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Désinstaller un programme (2).lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Désinstaller un programme.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Euro2020.lnk -> D:\téléchargements\Euro2020.zip - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Evolution_convention_de_compte_Particuliers_20210624_1324010140_GgIpWfVr.pdf.lnk -> D:\téléchargements\Evolution_convention_de_compte_Particuliers_20210624_1324010140_GgIpWfVr.pdf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\extrait de compte 1.lnk -> D:\Dossiers\Papiers\Banques\Crédit Mutuel\extrait de compte 1.pdf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\extrait de compte.lnk -> D:\téléchargements\extrait de compte.pdf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Facture et billet d'achat pour garantie.lnk -> D:\Dossiers\Facture et billet d'achat pour garantie - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\feedback-hub---tabid=2&categoryid=1&contextid=286.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\films.lnk -> D:\téléchargements\films - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Finances 2003.lnk -> D:\Dossiers\Finances 2003 - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\forum.lnk -> C:\Users\jo\Desktop\forum - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Gestionnaire de périphériques (2).lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Gestionnaire de périphériques (3).lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Gestionnaire de périphériques (4).lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Gestionnaire de périphériques (5).lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Gestionnaire de périphériques.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\gmail.com(google drive et play).lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\hosts (2).lnk -> C:\Users\jo\Desktop\hosts - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\hosts.lnk -> C:\Windows\System32\drivers\etc\hosts - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\https--account.microsoft.com-ref=settings&Platform=Windows10 (2).lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\https--account.microsoft.com-ref=settings&Platform=Windows10.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\https--genhackmantools.wordpress.com-quickdiag-.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\https--www.amazon.fr-gp-product-B0899RMM1K-ref=ppx_yo_dt_b_asin_title_o00_s00ie=UTF8&psc=1.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\https--www.ancv.com-seniors-tarifs-et-aides-de-lancv.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\https--www.wish.com-.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\icons8-année-du-tigre-100.png.lnk -> D:\téléchargements\icons8-année-du-tigre-100.png - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Internet.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\J accuse 1919 - 1080p FR x264 ac3 mHDgz.lnk -> D:\téléchargements\films\J accuse 1919 - 1080p FR x264 ac3 mHDgz\J accuse 1919 - 1080p FR x264 ac3 mHDgz.mkv - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\L (2).lnk -> D:\Dossiers\Facture et billet d'achat pour garantie\L - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\L.lnk -> D:\Dossiers\Facture et billet d'achat pour garantie\L - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Lampe UV ( 21 06 2024).lnk -> D:\dossiers\Facture et billet d'achat pour garantie\L\Lampe UV ( 21 06 2024) - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Lampe UV.lnk -> D:\Dossiers\Facture et billet d'achat pour garantie\L\Lampe UV - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\livret A.lnk -> D:\dossiers\Papiers\Banques\livret A.pdf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Livret D' Epargne Populaire n° 73955262295.pdf.lnk -> D:\dossiers\Papiers\Banques\crédit Agricole\Livret D' Epargne Populaire n° 73955262295.pdf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Liés pour la vie _H264.1080p.AAC_Manneken-Pis.mkv.lnk -> D:\téléchargements\Liés pour la vie _H264.1080p.AAC_Manneken-Pis.mkv.torrent - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\logiciels installés.lnk -> D:\logiciels installés - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\microsoft-edgehttps--www.bing.com-searchq=pilote%20de%20carte%20r%C3%A9seau%20Windows%2010&form=B00032&ocid=SettingsHAQ-BingIA&mkt=fr-FR.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\microsoft-edgehttps--www.bing.com-searchq=se%20connecter%20au%20compte%20Microsoft%20Windows%2010&form=B00032&ocid=SettingsHAQ-BingIA&mkt=fr-FR.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Mise à jour des conditions générales de banque à distance 90640000010656 au 2021-06-15.lnk -> D:\dossiers\Papiers\Banques\Crédit Mutuel\Mise à jour des conditions générales de banque à distance 90640000010656 au 2021-06-15.pdf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\mot de passe Annie.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Mots de passe.lnk -> F:\Mots de passe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Movavi Video Editor Plus 2021 (à vie).lnk -> D:\logiciels installés\TOUT POUR LES VIDEOS\Movavi Video Editor Plus 2021 (à vie) - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Mozilla Firefox 2021626234.backup.lnk -> D:\Mozilla Firefox 2021626234.backup - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Mozilla Firefox 20216291532.backup.lnk -> D:\Mozilla Firefox 20216291532.backup - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Mozilla Thunderbird 2021627818.backup.lnk -> D:\Mozilla Thunderbird 2021627818.backup - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\mp3 (2).lnk -> C:\Users\jo\Downloads\mp3 - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\ms-settingsnetwork (2).lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\ms-settingsnetwork.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\ms-settingswindowsupdate.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\ms-settingsyourinfo.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Notice_de_pose_Cloture_En_Kit.lnk -> C:\Users\jo\Downloads\Notice_de_pose_Cloture_En_Kit.pdf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Nouveau compte bitedefender.txt.lnk -> C:\Users\jo\Desktop\Nouveau compte bitedefender.txt - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Nouveau dossier (10).lnk -> C:\Users\jo\Downloads\Nouveau dossier - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Nouveau dossier (11).lnk -> C:\Users\jo\Desktop\Nouveau dossier - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Nouveau dossier (12).lnk -> C:\Users\jo\Desktop\Nouveau dossier - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Nouveau dossier (2).lnk -> D:\logiciels installés\PROTECTION DU PC et Bien nettoyer son pc\antivirus\Avast\Nouveau dossier - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Nouveau dossier (3).lnk -> C:\Users\jo\Desktop\Nouveau dossier - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Nouveau dossier (4).lnk -> C:\Users\jo\Desktop\Nouveau dossier - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Nouveau dossier (5).lnk -> C:\Users\jo\Desktop\age-of-empires\Nouveau dossier - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Nouveau dossier (6).lnk -> C:\Users\jo\Desktop\Nouveau dossier - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Nouveau dossier (7).lnk -> C:\Users\jo\Desktop\Nouveau dossier - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Nouveau dossier (8).lnk -> C:\Users\jo\Downloads\Nouveau dossier - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Nouveau dossier (9).lnk -> C:\Users\jo\Desktop\Nouveau dossier - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Nouveau dossier.lnk -> C:\Users\jo\Desktop\Nouveau dossier - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Office 2013 pro retail plus 64(acheter) (2).lnk -> D:\logiciels installés\Logiciels achetés\Office 2013 pro retail plus 64(acheter) - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Office 2016(activation gratuite).lnk -> D:\logiciels installés\Logiciels achetés\Office 2016(activation gratuite) - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Office 2019 pro plus.lnk -> D:\logiciels installés\Logiciels achetés\Office 2019 pro plus - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Office 2019 pro plus.txt.lnk -> D:\logiciels installés\Logiciels achetés\Office 2019 pro plus\Office 2019 pro plus.txt - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\OFFICE VL 64 chatongo.lnk -> D:\logiciels installés\Logiciels achetés\Office 2013 pro retail plus 64(acheter)\OFFICE VL 64 chatongo - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\page firefox.jpg.lnk -> C:\Users\jo\Desktop\page firefox.jpg - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\pain et brioche machine.lnk -> D:\dossiers\Recettes\pain et brioche machine.docx - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\parents Sauvegarde.lnk -> F:\parents Sauvegarde.mbf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\PC astuces.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\pca11492_fleurs_pourpres.jpg.lnk -> D:\téléchargements\pcastuces.com\pca11492_fleurs_pourpres.jpg - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\pca11875_barques.lnk -> D:\téléchargements\pca11875_barques.zip - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\pca11889_skogafoss.lnk -> D:\téléchargements\pca11889_skogafoss.zip - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\pca11896_crater_lake.lnk -> D:\téléchargements\pca11896_crater_lake.zip - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\pcastuces.com.lnk -> D:\téléchargements\pcastuces.com - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\PHOTOS (H).lnk -> H:\ - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\pile litium ion (2).lnk -> D:\dossiers\Facture et billet d'achat pour garantie\L\Lampe UV ( 21 06 2024)\pile litium ion.jpg - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\pile litium ion.lnk -> D:\Dossiers\Facture et billet d'achat pour garantie\L\Lampe UV ( 21 06 2024)\pile litium ion.pdf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\pinterest.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\pour connecter box IPTV.docx.lnk -> C:\Users\jo\Desktop\pour connecter box IPTV.docx - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Pour faire sauvegarde mozilla et Thunderbird.lnk -> D:\logiciels installés\Pour faire sauvegarde mozilla et Thunderbird - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\pour mises à jour.lnk -> D:\logiciels installés\TOUT POUR LES VIDEOS\Movavi Video Editor Plus 2021 (à vie)\pour mises à jour.txt - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\ProfessionalRetail.img.lnk -> D:\logiciels installés\Logiciels achetés\Office 2016(activation gratuite)\ProfessionalRetail.img - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Programmes et fonctionnalités.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\ProPlus2019Retail.img.lnk -> D:\logiciels installés\Logiciels achetés\Office 2019 pro plus\ProPlus2019Retail.img - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Recettes.lnk -> D:\dossiers\Recettes - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Releve_n_002_du_28_06_2021_1324196111_Gcm2sJh8.pdf.lnk -> D:\dossiers\Papiers\Banques\crédit Agricole\Releve_n_002_du_28_06_2021_1324196111_Gcm2sJh8.pdf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Releve_n_006_du_28_06_2021_1324195594_G3bY9XUF.pdf.lnk -> D:\dossiers\Papiers\Banques\crédit Agricole\Releve_n_006_du_28_06_2021_1324195594_G3bY9XUF.pdf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\revouninstaller ( 1 an).lnk -> C:\Users\jo\Desktop\revouninstaller ( 1 an).txt - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\RIB crédit agricole.lnk -> D:\Dossiers\R.I.B\RIB crédit agricole.docx - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\rillettes de poulet.docx.lnk -> C:\Users\jo\Desktop\rillettes de poulet.docx - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Rise Of Legends Cdkey.lnk -> C:\Users\jo\Desktop\Rise of Légende\Rise Of Legends Cdkey.txt - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Rise Of nation throne and patriots Image.lnk -> D:\téléchargements\Rise Of nation throne and patriots Image.torrent - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Rise of Nations - Extended Edition.lnk -> D:\téléchargements\Rise of Nations - Extended Edition.torrent - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Rise of Nations 2 Rise Of Legends CD1-4.lnk -> C:\Users\jo\Desktop\Rise of Légende\Rise of Nations 2 Rise Of Legends CD1-4.iso - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Rise of Nations 2 Rise Of Legends CD2-4.lnk -> C:\Users\jo\Desktop\Rise of Légende\Rise of Nations 2 Rise Of Legends CD2-4.iso - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Rise of Nations 2 Rise Of Legends CD3-4.lnk -> C:\Users\jo\Desktop\Rise of Légende\Rise of Nations 2 Rise Of Legends CD3-4.iso - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Rise of Nations 2 Rise Of Legends CD4-4.lnk -> C:\Users\jo\Desktop\Rise of Légende\Rise of Nations 2 Rise Of Legends CD4-4.iso - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\roboform et keepass.lnk -> F:\Mots de passe\roboform et keepass.txt - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Réseau et Internet.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Sans titre.jpg.lnk -> C:\Users\jo\Desktop\Sans titre.jpg - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\sauve ccleaner.lnk -> C:\Users\jo\Desktop\sauve ccleaner - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\sauvegarde Steganos password Manager.lnk -> D:\Dossiers\sauvegarde Steganos password Manager - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Sauvegardes (H).lnk -> H:\ - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\seed4.me 25 avril 2097.lnk -> F:\Mots de passe\VPN\Pour reconnection\seed4me\seed4.me 25 avril 2097.txt - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\tempete-solaire.vf.Dvdrip.zone-telechargement.ws.lnk -> D:\téléchargements\tempete-solaire.vf.Dvdrip.zone-telechargement.ws.MP4 - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Tennis de table.cpf.lnk -> D:\Dossiers\Finances 2003\Tennis de table.cpf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Tennis de table.lnk -> D:\Dossiers\Tennis de table - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\The Queen's Gambit S01E01 Ouvertures.lnk -> D:\téléchargements\films\The.Queen's.Gambit.S01.Multi.Web-DL.1080p.x265-SN2P\The Queen's Gambit S01E01 Ouvertures.mkv - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\The.Queen's.Gambit.S01.Multi.Web-DL.1080p.x265-SN2P.lnk -> D:\téléchargements\The.Queen's.Gambit.S01.Multi.Web-DL.1080p.x265-SN2P.torrent - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\The.Queens.Gambit.S01E01.Openings.720p.10bit.WEBRip.2CH.x265.HEVC.lnk -> F:\The.Queen's.Gambit.S01.VOSTFR.720p.10bit.WEBRip.2CH.x265.HEVC\The.Queens.Gambit.S01E01.Openings.720p.10bit.WEBRip.2CH.x265.HEVC.mkv - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\tirexo.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Tour de repas.txt.lnk -> D:\dossiers\Tour de repas.txt - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\TOUT POUR LES VIDEOS (2).lnk -> D:\logiciels installés\TOUT POUR LES VIDEOS - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Toutes les tâches.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Transférer le disque dur d'installation de Windows sur un autre ordinateur ou pas .docx.lnk -> C:\Users\jo\Downloads\Transférer le disque dur d'installation de Windows sur un autre ordinateur ou pas .docx - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\tuto carte mere bureau.pdf.lnk -> C:\Users\jo\Downloads\tuto carte mere bureau.pdf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\tuto installation Rise of Nation et Throne and Patriots.lnk -> C:\Users\jo\Desktop\tuto installation Rise of Nation et Throne and Patriots.txt - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\tuto Rise of Nations (extented édition).lnk -> C:\Users\jo\Desktop\tuto Rise of Nations (extented édition).txt - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Téléchargement.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Téléchargements (2).lnk -> C:\Users\jo\Downloads - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Téléchargements (3).lnk -> C:\Users\jo\Downloads - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Téléchargements (4).lnk -> C:\Users\jo\Downloads - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Téléchargements (5).lnk -> C:\Users\jo\Downloads - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\téléchargements (6).lnk -> D:\téléchargements - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Téléchargements (7).lnk -> C:\Users\jo\Downloads - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Téléchargements.lnk -> C:\Users\jo\Downloads - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\vendée tennis de table.pdf.lnk -> C:\Users\jo\Desktop\vendée tennis de table.pdf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\windows 10 32bits 64bits.pdf.lnk -> C:\Users\jo\Downloads\windows 10 32bits 64bits.pdf - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Windows 7 Ultimate Astralis By Nicky.iso.torrent.lnk -> D:\téléchargements\Windows 7 Ultimate Astralis By Nicky.iso.torrent - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\Windows 7 Ultimate Astralis By Nicky.lnk -> D:\téléchargements\Windows 7 Ultimate Astralis By Nicky.iso - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\windows-feedbackcontextid=117.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\windowsdefender--appbrowser-.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\windowsdefender--Network- (2).lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\windowsdefender--network-.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Recent\windowsdefender--threat-.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\SendTo\Destinataire de télécopie.lnk -> C:\Windows\System32\WFS.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\SendTo\Transfert de fichiers Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\MyPlayCity Games.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\system32\osk.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bureau.lnk -> C:\Users\jo\Desktop - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ce PC.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IM-Magic Partition Resizer Free\IM-Magic Partition Resizer Free.lnk -> C:\Program Files\IM-Magic\Partition Resizer\dm.resizer.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IM-Magic Partition Resizer Free\Uninstall.lnk -> C:\Program Files\IM-Magic\Partition Resizer\uninst.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IM-Magic Partition Resizer Free\Website.lnk -> C:\Program Files\IM-Magic\Partition Resizer\Website.url - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Uninstaller.lnk -> C:\Users\jo\AppData\Local\JDownloader 2.0\Uninstall JDownloader.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Update & Rescue.lnk -> C:\Users\jo\AppData\Local\JDownloader 2.0\JDownloader2Update.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2.lnk -> C:\Users\jo\AppData\Local\JDownloader 2.0\JDownloader2.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Video Editor Plus 2021\Désinstallation de Movavi Video Editor Plus 2021.lnk -> C:\Users\jo\AppData\Roaming\Movavi Video Editor Plus 2021\uninst.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Video Editor Plus 2021\Movavi Video Editor Plus 2021.lnk -> C:\Users\jo\AppData\Roaming\Movavi Video Editor Plus 2021\VideoEditorPlus.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Video Editor Plus 2021\Site Web - Movavi Video Editor Plus 2021.lnk -> C:\Users\jo\AppData\Roaming\Movavi Video Editor Plus 2021\Movavi Video Editor Plus 2021.url - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\jo\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ordinateur.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Panneau de configuration.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk -> C:\Users\jo\AppData\Local\PCHealthCheck\PCHealthCheck.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rokkr.lnk -> C:\Users\jo\AppData\Local\Programs\Rokkr\Rokkr.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\Sidebar723.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk -> C:\Users\jo\AppData\Local\SumatraPDF\SumatraPDF.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WATCHED.lnk -> C:\Users\jo\AppData\Local\Programs\WATCHED\WATCHED.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files (x86)\WinRAR\Rar.txt - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files (x86)\WinRAR\WhatsNew.txt - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files (x86)\WinRAR\winrar.chm - Status : OK C:\Users\jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.exe - Status : OK C:\Users\jo\Desktop\Any Video Converter Ultimate.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter Ultimate\AVCUltimate.exe - Status : OK C:\Users\jo\Desktop\BitTorrent - Raccourci.lnk -> C:\Users\jo\AppData\Roaming\BitTorrent\BitTorrent.exe - Status : OK C:\Users\jo\Desktop\Ce PC - Raccourci.lnk -> - Status : OK C:\Users\jo\Desktop\Créer point de restauration.lnk -> C:\Windows\System32\cmd.exe - Status : OK C:\Users\jo\Desktop\dossiers - Raccourci.lnk -> D:\dossiers - Status : OK C:\Users\jo\Desktop\Ethernet.lnk -> - Status : OK C:\Users\jo\Desktop\Folder Marker.lnk -> C:\Program Files (x86)\Folder Marker\FolderMarker.exe - Status : OK C:\Users\jo\Desktop\gold_rush_california.exe - Raccourci.lnk -> C:\Program Files (x86)\GameTop.com\Rush for Gold California\gold_rush_california.exe - Status : OK C:\Users\jo\Desktop\icones masques\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe - Status : OK C:\Users\jo\Desktop\icones masques\aida64.exe - Raccourci.lnk -> C:\aida64extreme630\aida64.exe - Status : OK C:\Users\jo\Desktop\icones masques\AOMEI Backupper Sur le disque i.lnk -> C:\Program Files (x86)\AOMEI Backupper\Backupper.exe - Status : OK C:\Users\jo\Desktop\icones masques\DearMob iPhone Manager.lnk -> C:\Program Files (x86)\DearMob\DearMob iPhone Manager\StartDearMobWin.exe - Status : OK C:\Users\jo\Desktop\icones masques\EnveloppesEditor120.exe - Raccourci.lnk -> C:\Program Files (x86)\EnveloppesEditor1.20\EnveloppesEditor120.exe - Status : OK C:\Users\jo\Desktop\icones masques\Finance 2003.lnk -> C:\Program Files (x86)\SoftChris\Finance 2003\Finance2003.exe - Status : OK C:\Users\jo\Desktop\icones masques\KeyScrambler - Raccourci.lnk -> C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe - Status : OK C:\Users\jo\Desktop\icones masques\LiberKey.lnk -> D:\Dossiers\LiberKey\LiberKey.exe - Status : OK C:\Users\jo\Desktop\icones masques\Microsoft Money.lnk -> C:\Program Files (x86)\Microsoft Money 2005\MNYCoreFiles\msmoney.exe - Status : OK C:\Users\jo\Desktop\icones masques\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90140000-0017-0000-1000-0000000FF1CE}\oisicon.exe - Status : OK C:\Users\jo\Desktop\icones masques\MozBackup.lnk -> C:\Program Files (x86)\MozBackup\MozBackup.exe - Status : OK C:\Users\jo\Desktop\icones masques\Paint.lnk -> C:\Windows\system32\mspaint.exe - Status : OK C:\Users\jo\Desktop\icones masques\Tous les Panneaux de configuration.lnk -> - Status : OK C:\Users\jo\Desktop\icones masques\Unchecky.lnk -> C:\Program Files (x86)\Unchecky\unchecky.exe - Status : OK C:\Users\jo\Desktop\IM-Magic Partition Resizer Free.lnk -> C:\Program Files\IM-Magic\Partition Resizer\dm.resizer.exe - Status : OK C:\Users\jo\Desktop\jeux\The Island Castaway 2.lnk -> C:\Program Files (x86)\GameTop.com\The Island Castaway 2\game.exe - Status : OK C:\Users\jo\Desktop\Logiciels de téléchargement\JDownloader 2.lnk -> C:\Users\jo\AppData\Local\JDownloader 2.0\JDownloader2.exe - Status : OK C:\Users\jo\Desktop\Mettre en veille.lnk -> C:\Windows\System32\rundll32.exe - Status : OK C:\Users\jo\Desktop\Movavi Video Editor Plus 2021.lnk -> C:\Users\jo\AppData\Roaming\Movavi Video Editor Plus 2021\VideoEditorPlus.exe - Status : OK C:\Users\jo\Desktop\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe - Status : OK C:\Users\jo\Desktop\Panneau de configuration - Raccourci.lnk -> - Status : OK C:\Users\jo\Desktop\photos jo.lnk -> D:\photos jo - Status : OK C:\Users\jo\Desktop\Rainlendar2.lnk -> C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe - Status : OK C:\Users\jo\Desktop\Rokkr.lnk -> C:\Users\jo\AppData\Local\Programs\Rokkr\Rokkr.exe - Status : OK C:\Users\jo\Desktop\SumatraPDF.lnk -> C:\Users\jo\AppData\Local\SumatraPDF\SumatraPDF.exe - Status : OK C:\Users\jo\Desktop\Sécurité\Bitdefender.lnk -> C:\Program Files\Bitdefender\Bitdefender Security\seccenter.exe - Status : OK C:\Users\jo\Desktop\Sécurité\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe - Status : OK C:\Users\jo\Desktop\Tennis de table - Raccourci.lnk -> D:\Dossiers\Tennis de table - Status : OK C:\Users\jo\Desktop\Tennis de table.cpf - Raccourci (2).lnk -> D:\Dossiers\Finances 2003\Tennis de table.cpf - Status : OK C:\Users\jo\Desktop\Téléchargements -.lnk -> C:\Users\jo\Downloads - Status : OK C:\Users\jo\Desktop\téléchargements.lnk -> D:\téléchargements - Status : OK C:\Users\jo\Desktop\USB Safely Remove.lnk -> C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe - Status : OK C:\Users\jo\Desktop\Vidéos - Raccourci.lnk -> C:\captvty-2.5\Vidéos - Status : OK C:\Users\jo\Desktop\VPN\Seed4.Me.lnk -> C:\Program Files\Seed4.Me VPN\bin\Seed4.Me_VPN.exe - Status : OK C:\Users\jo\Desktop\WATCHED lancer sans internet.lnk -> C:\Users\jo\AppData\Local\Programs\WATCHED\WATCHED.exe - Status : OK C:\Users\jo\Desktop\ZHPSuite.lnk -> C:\Users\jo\AppData\Roaming\ZHP\ZHPSuite.exe - Status : OK C:\Users\jo\Links\Desktop.lnk -> C:\Users\jo\Desktop - Status : OK C:\Users\jo\Links\Downloads.lnk -> C:\Users\jo\Downloads - Status : OK C:\Users\jo\Links\RecentPlaces.lnk -> - Status : OK C:\Users\Public\Desktop\AOMEI Backupper 6.1.lnk -> C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.1.0\Backupper.exe - Status : OK C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe - Status : OK C:\Users\Public\Desktop\DriversCloud.com - Démarrer la détection.lnk -> C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloud.exe - Status : OK C:\Users\Public\Desktop\EPSON Scan.lnk -> C:\Windows\twain_32\ESCNDV\escndv.exe - Status : OK C:\Users\Public\Desktop\Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe - Status : OK C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe - Status : OK C:\Users\Public\Desktop\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe - Status : OK C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.exe - Status : OK C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe - Status : OK C:\Users\Public\Desktop\ScanPapyrus.lnk -> C:\Program Files (x86)\ScanPapyrus\ScanPapyrus.exe - Status : OK C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\system32\diskmgmt.msc - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\system32\eventvwr.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\system32\mblctr.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\SendTo\Destinataire de télécopie.lnk -> C:\Windows\System32\WFS.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\system32\osk.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\system32\diskmgmt.msc - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\system32\eventvwr.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\system32\mblctr.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\SendTo\Destinataire de télécopie.lnk -> C:\Windows\System32\WFS.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\system32\osk.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe - Status : OK C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\jo\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK C:\Windows\WinSxS\amd64_eventviewersettings_31bf3856ad364e35_10.0.19041.1_none_aae8e58aa310aa7d\Event Viewer.lnk -> C:\Windows\system32\eventvwr.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-hyper-v-management-clients_31bf3856ad364e35_10.0.19041.1_none_a87cce111f2d21d5\Hyper-V Manager.lnk -> C:\Windows\System32\mmc.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-a..roblemstepsrecorder_31bf3856ad364e35_10.0.19041.746_none_b8eadbf8a9c907b3\Steps Recorder.lnk -> C:\Windows\system32\psr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-advancedtaskmanager_31bf3856ad364e35_10.0.19041.844_none_8cde26fe4a506084\Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-c..-disposableclientvm_31bf3856ad364e35_10.0.19041.985_none_c3639a9e3ab1a351\Windows Sandbox.lnk -> C:\Windows\system32\WindowsSandbox.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-c..s-admin-compsvclink_31bf3856ad364e35_10.0.19041.1_none_88835f4d79d6a242\Component Services.lnk -> C:\Windows\system32\comexp.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-c..termanagementsnapin_31bf3856ad364e35_10.0.19041.746_none_290f6af7d5263efa\Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-charmap_31bf3856ad364e35_10.0.19041.1_none_a84acae243b8ad63\Character Map.lnk -> C:\Windows\system32\charmap.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_10.0.19041.906_none_4b68c4a9bc3aa082\Disk Cleanup.lnk -> C:\Windows\system32\cleanmgr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-commandprompt-shortcut_31bf3856ad364e35_10.0.19041.1_none_efaf63248e6d4479\Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-d..-tools-mmc-adsiedit_31bf3856ad364e35_10.0.19041.746_none_911fb46a38a61421\ADSIEdit.lnk -> C:\Windows\system32\adsiedit.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-d..mc-sitesandservices_31bf3856ad364e35_10.0.19041.746_none_7d35d325c812757b\Active Directory Sites and Services.lnk -> C:\Windows\system32\dssite.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-d..services-adam-setup_31bf3856ad364e35_10.0.19041.746_none_1a1e8292dcf10728\ADAM Install.lnk -> C:\Windows\ADAM\adaminstall.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-defrag-adminui_31bf3856ad364e35_10.0.19041.746_none_770f598aef14382e\dfrgui.lnk -> C:\Windows\system32\dfrgui.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-e..er-server-shortcuts_31bf3856ad364e35_10.0.19041.1_none_5e85a7ed6f490164\Administrative Tools.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\01 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\01a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\02 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\02a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\03 - Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\04 - Disk Management.lnk -> C:\Windows\system32\diskmgmt.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\04-1 - NetworkStatus.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\05 - Device Manager.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\06 - SystemAbout.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\07 - Event Viewer.lnk -> C:\Windows\system32\eventvwr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\08 - PowerAndSleep.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\09 - Mobility Center.lnk -> C:\Windows\system32\mblctr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\1 - Desktop.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\1 - Run.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\10 - AppsAndFeatures.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\2 - Search.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\4 - Control Panel.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\5 - Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\computer.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\Control Panel.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\File Explorer.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\Run.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\Shows Desktop.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\Window Switcher.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-f..client-applications_31bf3856ad364e35_10.0.19041.746_none_56f2f7338735a9a6\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-f..client-applications_31bf3856ad364e35_10.0.19041.746_none_56f2f7338735a9a6\Windows Fax and Scan.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-i..ntrolpanel.appxmain_31bf3856ad364e35_10.0.19041.1023_none_8f95c0f64c2c2e80\Immersive Control Panel.lnk -> C:\Windows\System32\Control.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-i..ntrolpanel.appxmain_31bf3856ad364e35_10.0.19041.1081_none_8f9bf0424c269348\Immersive Control Panel.lnk -> C:\Windows\System32\Control.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-i..ntrolpanel.appxmain_31bf3856ad364e35_10.0.19041.964_none_f89fb894f5e906bf\Immersive Control Panel.lnk -> C:\Windows\System32\Control.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-iis-clientshortcuts_31bf3856ad364e35_10.0.19041.1_none_9f9e4023b60d2433\IIS Client Manager.lnk -> C:\Windows\system32\inetsrv\InetMgr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-iis-legacysnapin_31bf3856ad364e35_10.0.19041.906_none_5f45625010b4cd19\IIS6 Manager.lnk -> C:\Windows\system32\inetsrv\InetMgr6.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-iis-managementconsole_31bf3856ad364e35_10.0.19041.906_none_65f82ba919c64b11\IIS Manager.lnk -> C:\Windows\system32\inetsrv\InetMgr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-iscsi_initiator_ui_31bf3856ad364e35_10.0.19041.1_none_8ddc3834fb6f659f\iSCSI Initiator.lnk -> C:\Windows\system32\iscsicpl.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-m..-odbc-administrator_31bf3856ad364e35_10.0.19041.1_none_fa40f4e1dd1492a8\ODBC Data Sources (64-bit).lnk -> C:\Windows\system32\odbcad32.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-m..diagnostic-schedule_31bf3856ad364e35_10.0.19041.1_none_49c7a9c019150ac4\Memory Diagnostics Tool.lnk -> C:\Windows\system32\MdSched.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-magnify_31bf3856ad364e35_10.0.19041.1023_none_e3058dfa4dd44bcb\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-magnify_31bf3856ad364e35_10.0.19041.746_none_4c272238f77f2488\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-mediaplayer-shortcut_31bf3856ad364e35_10.0.19041.1_none_64c27fc7ed12e401\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-msconfig-exe_31bf3856ad364e35_10.0.19041.1_none_906b4c073d1d970c\System Configuration.lnk -> C:\Windows\system32\msconfig.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-msinfo32-exe_31bf3856ad364e35_10.0.19041.1_none_61cd745a990bcfb3\System Information.lnk -> C:\Windows\system32\msinfo32.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-mspaint_31bf3856ad364e35_10.0.19041.746_none_6c16d1714d60fddf\Paint.lnk -> C:\Windows\system32\mspaint.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-narrator_31bf3856ad364e35_10.0.19041.789_none_9beee4eb02a5f8c7\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-nfs-adminmmc_31bf3856ad364e35_10.0.19041.1_none_9da8f6be034114e3\Services For Network File System.lnk -> C:\Windows\system32\nfsmgmt.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-notepad_31bf3856ad364e35_10.0.19041.1081_none_e3f87355251e8c43\Notepad.lnk -> C:\Windows\system32\notepad.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-notepad_31bf3856ad364e35_10.0.19041.746_none_4d13d847cecf0038\Notepad.lnk -> C:\Windows\system32\notepad.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-osk_31bf3856ad364e35_10.0.19041.1_none_60ade0eff94c37fc\On-Screen Keyboard.lnk -> C:\Windows\system32\osk.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-p..erandprintui-pmcppc_31bf3856ad364e35_10.0.19041.1_none_c1594f70200f2c03\Print Management.lnk -> C:\Windows\system32\printmanagement.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.19041.746_none_7a0308f7ffc334d5\Performance Monitor.lnk -> C:\Windows\system32\perfmon.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.19041.746_none_7a0308f7ffc334d5\Resource Monitor.lnk -> C:\Windows\system32\perfmon.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-powershell-ise_31bf3856ad364e35_10.0.19041.1_none_1ed6cb15a1b51b10\Windows PowerShell ISE (x86).lnk -> C:\Windows\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-powershell-ise_31bf3856ad364e35_10.0.19041.1_none_1ed6cb15a1b51b10\Windows PowerShell ISE.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-quickassist_31bf3856ad364e35_10.0.19041.964_none_dbe27aa7cda42a65\Quick Assist.lnk -> C:\Windows\system32\quickassist.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-recoverydrive_31bf3856ad364e35_10.0.19041.746_none_068bfbddea7cb9b4\RecoveryDrive.lnk -> C:\Windows\system32\RecoveryDrive.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_10.0.19041.746_none_d22800313aa7eb5c\Registry Editor.lnk -> C:\Windows\regedit.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-s..ment-policytools-ex_31bf3856ad364e35_10.0.19041.1_none_0f506321e073254e\Security Configuration Management.lnk -> C:\Windows\system32\secpol.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_10.0.19041.1_none_8554f027e5186b5e\services.lnk -> C:\Windows\system32\services.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-snippingtool-app_31bf3856ad364e35_10.0.19041.746_none_77bd4cfbe87238a7\Snipping Tool.lnk -> C:\Windows\system32\SnippingTool.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-speech-userexperience_31bf3856ad364e35_10.0.19041.746_none_fa033ad7aa9be481\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-t..etpc-mathinputpanel_31bf3856ad364e35_10.0.19041.746_none_a89acde4afbab635\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_10.0.19041.746_none_2bd598617fe6d4c3\Remote Desktop Connection.lnk -> C:\Windows\system32\mstsc.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-wordpad_31bf3856ad364e35_10.0.19041.1052_none_a29547672207232d\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-wordpad_31bf3856ad364e35_10.0.19041.844_none_0bb1c551cbb693ff\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-xpsreachviewer_31bf3856ad364e35_10.0.19041.1052_none_89f621b403591ffa\XPS Viewer.lnk -> C:\Windows\system32\xpsrchvw.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-xpsreachviewer_31bf3856ad364e35_10.0.19041.746_none_f3149e4cad06c653\XPS Viewer.lnk -> C:\Windows\system32\xpsrchvw.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft.windows.powershell.common_31bf3856ad364e35_10.0.19041.1_none_e6d05ddbba96a35b\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft.windows.powershell.common_31bf3856ad364e35_10.0.19041.1_none_e6d05ddbba96a35b\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\WinSxS\amd64_multipoint-logcollector_31bf3856ad364e35_10.0.19041.1_none_56138d203a7fc4cf\MultiPoint Log Collector.lnk -> C:\Program Files\Windows MultiPoint Server\LogCollector.exe - Status : OK C:\Windows\WinSxS\amd64_multipoint-wmsmanager_31bf3856ad364e35_10.0.19041.1_none_d1ffdc3927836528\MultiPoint Manager.lnk -> C:\Program Files\Windows MultiPoint Server\WmsManager.exe - Status : OK C:\Windows\WinSxS\amd64_networking-mpssvc-shortcut_31bf3856ad364e35_10.0.19041.1_none_3b48028dac22b3be\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\system32\WF.msc - Status : OK C:\Windows\WinSxS\amd64_taskschedulersettings_31bf3856ad364e35_10.0.19041.1_none_00dc114da3ba6b01\Task Scheduler.lnk -> C:\Windows\system32\taskschd.msc - Status : OK C:\Windows\WinSxS\msil_hyperv-ux-ui-vmcreate_31bf3856ad364e35_10.0.19041.1_none_8d387dde0a6c6d14\VMCreate.lnk -> C:\Program Files\Hyper-V\VMCreate.exe - Status : OK C:\Windows\WinSxS\msil_multipoint-wmsdashboard_31bf3856ad364e35_10.0.19041.1_none_061d84508b376f80\MultiPoint Dashboard.lnk -> C:\Program Files\Windows MultiPoint Server\WmsDashboard.exe - Status : OK C:\Windows\WinSxS\wow64_microsoft-windows-m..-odbc-administrator_31bf3856ad364e35_10.0.19041.1_none_04959f34117554a3\ODBC Data Sources (32-bit).lnk -> C:\Windows\syswow64\odbcad32.exe - Status : OK C:\Windows\WinSxS\wow64_microsoft-windows-onedrive-setup_31bf3856ad364e35_10.0.19041.1_none_e585f901f9ce93e6\OneDrive.lnk -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK D:\Nouveau dossier\Connexion au réseau local - Raccourci.lnk -> - Status : OK D:\Nouveau dossier\IObit Driver Booster.lnk -> C:\Users\jo\Desktop\Driver booster\Driver Booster\DriverBoosterPortable.exe - Status : OK D:\Nouveau dossier\Ordinateur - Raccourci.lnk -> - Status : OK D:\Nouveau dossier\Revo Uninstaller Pro.lnk -> C:\Users\jo\Desktop\Revo uninstaller\Revo Uninstaller Pro\RevoUninstallerProPortable.exe - Status : OK D:\Photos Jo\VACANCES hiver, été , Week end\week end copines\2 octobre 2009 barbâtre\IMG_1618.lnk -> H:\DCIM\100CANON\IMG_1618.JPG - Status : OK D:\Photos Jo\VACANCES hiver, été , Week end\week end copines\2 octobre 2009 barbâtre\IMG_1621.lnk -> H:\DCIM\100CANON\IMG_1621.JPG - Status : OK ---------- | Tasks [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [02/11/2020 18:20:42] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.C756F5C145C93AB8EDB372B4708B1DCB] - [14/06/2021 16:14:51] - |A| - [4562] - C:\Windows\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.00000000000000000000000000000000] - [05/05/2021 11:01:40] - |D| - [2614] - C:\Windows\System32\Tasks\Agent Activation Runtime [MD5.6B42C369719D0489FE000A4FD84F08AE] - [29/06/2021 11:51:10] - |A| - [3630] - C:\Windows\System32\Tasks\AOMEI Synchronisation de Dossiers 2021-06-29, 11-49-47 : C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.1.0 [MD5.00000000000000000000000000000000] - [02/11/2020 18:20:41] - |D| - [3134] - C:\Windows\System32\Tasks\Avast Software [MD5.583EB1D14EB2E2039D24F287A91AEB53] - [02/11/2020 18:20:41] - |A| - [3846] - C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 : C:\Program Files\Bitdefender Agent\25.0.1.192\WatchDog.exe [MD5.556918F0169143521728BFED4FFE8E7B] - [02/11/2020 18:20:41] - |A| - [2404] - C:\Windows\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C : C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [MD5.780C79D3A831C0EEEBEA0B745B391ACF] - [18/06/2021 15:56:49] - |A| - [4210] - C:\Windows\System32\Tasks\CCleaner Update : C:\Program Files\CCleaner\CCUpdate.exe [MD5.A5E49C69393917C3203915ED89B37397] - [21/03/2021 21:22:45] - |A| - [2878] - C:\Windows\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.264131D6B6E81FBE7C0E183E71D667E2] - [30/06/2021 10:51:21] - |A| - [3464] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.7C39FDFF2AB290306C0EE265CBEFA570] - [30/06/2021 10:51:21] - |A| - [3588] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [07/12/2019 11:14:52] - |D| - [671520] - C:\Windows\System32\Tasks\Microsoft [MD5.25A00CD6B5759A1F4E72ADC5E4FCDC97] - [02/11/2020 18:20:42] - |A| - [3338] - C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore : C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [MD5.094AE573999FF79059F4045F05B5C728] - [25/11/2020 12:12:15] - |A| - [3540] - C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b13348368a36 : C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [MD5.C2000446C5B6C537A24E41F6EBD113DD] - [02/11/2020 18:20:42] - |A| - [3634] - C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA : C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [MD5.00000000000000000000000000000000] - [26/06/2021 23:09:29] - |D| - [9716] - C:\Windows\System32\Tasks\Mozilla [MD5.00000000000000000000000000000000] - [02/11/2020 18:20:42] - |D| - [3776] - C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform [MD5.8B044DC14E19CF6B7BD0191D300777C5] - [30/05/2021 22:23:03] - |A| - [3370] - C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1042456299-3079880857-3127715329-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.3C5079FD5BC8957EC84A2D0C18D48F37] - [19/06/2021 08:39:05] - |A| - [4498] - C:\Windows\System32\Tasks\Open URL by RoboForm : C:\WINDOWS\system32\rundll32.exe [MD5.8C27762A91C431B817EB49CA6D2DE03C] - [19/06/2021 08:39:05] - |A| - [3790] - C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon : C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [MD5.00000000000000000000000000000000] - [02/11/2020 18:20:42] - |D| - [3032] - C:\Windows\System32\Tasks\S-1-5-21-1042456299-3079880857-3127715329-1001 [MD5.18E3C3A2B30A3E2F9ECB6B952E41326E] - [01/04/2021 10:42:54] - |A| - [4168] - C:\Windows\System32\Tasks\User_Feed_Synchronization-{B60A3D89-99FE-4DE1-8462-4DA45E93CE01} : C:\WINDOWS\system32\msfeedssync.exe [MD5.00000000000000000000000000000000] - [07/12/2019 11:14:52] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "WCF-NetTcpActivator-In-TCP-64bit"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=808|App=%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe|Svc=NetTcpActivator|Name=@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelEvents.dll,-2000|Desc=@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelEvents.dll,-2001|EmbedCtxt=@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelEvents.dll,-2002| "Netlogon-TCP-RPC-In"=v2.30|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-NamedPipe-In"=v2.30|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-Infra-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "WirelessDisplay-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "DeliveryOptimization-UDP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-TCP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "WiFiDirect-KM-Driver-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "{EB69717E-7202-4B28-A4F2-99F0C6808040}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.1.0\ABService.exe|Name=AOMEI Backupper Service| "{5D5303DF-5308-4EA7-993C-81DEB3A91197}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.1.0\ABService.exe|Name=AOMEI Backupper Service| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760f-a5c8-4bfe-b314-d56a7b44a362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2ea9b43f-3045-43b5-80f2-fd06c55fbb90}] : (vhdmp) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163c566-d381-4467-87bc-a65a18d5b648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163c566-d381-4467-87bc-a65a18d5b649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3d1b53f5-c26e-427d-9562-34b2290f159e}] : (KeyScrambler) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @c_media.inf,%ClassDesc%;Sound, video and game controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6fae73b7-b735-4b50-a0da-0dc2484b1f1a}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{773109f2-d8fd-4a1c-abe9-722335804623}] : (EhStorClass) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81c87465-de07-4efc-9d93-61e891d52fd2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a3e32dba-ba89-4f17-8386-2d0127fbd4cc}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a73c93f1-9727-4d1d-ace1-0e333ba4e7db}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b2728d24-ac56-42db-9e02-8edaf5db652f}] : (RDCamera) [] -> @rdcameradriver.inf,%ClassName%;Remote Desktop Camera devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e004269c-d387-4461-b955-25a64cfe23ce}] : (amdkmdag) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e6f1aa1c-7f3b-4473-b2e8-c97d8ac71d53}] : (UCM) [] -> @c_ucm.inf,%ClassDesc%;USB Connector Managers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f01a9d53-3ff6-48d2-9f97-c8a7004be10c}] : (ComputeAccelerator) [] -> @c_computeaccelerator.inf,%ClassDesc%;Compute accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [24/03/2021 19:59:45] - (2.5.3.41) - (Bitdefender - Trufos Kernel Module) - C:\Windows\system32\DRIVERS\trufos.sys [13/11/2020 16:51:35] - (2.0.0.129) - (BitDefender LLC - BitDefender Gonzales FileSystem Driver) - C:\Windows\system32\DRIVERS\gzflt.sys [28/04/2021 16:33:22] - (1.0.23.52) - (© Bitdefender SRL - privacy Filter Driver) - C:\Windows\system32\DRIVERS\bdprivmon.sys [05/11/2020 11:52:31] - (0.0.0.0) - ( -) - C:\Windows\system32\ambakdrv.sys [24/03/2021 20:02:10] - (1.40.288.0) - (Bitdefender S.R.L. Bucharest, ROMANIA - Bitdefender Active Threat Control Filesystem Minifilter) - C:\Windows\system32\DRIVERS\atc.sys [27/06/2021 13:02:19] - (0.0.0.0) - ( -) - C:\Windows\System32\Drivers\CimFS.SYS [01/10/2008 16:44:06] - (1.0.0.50) - (Atheros Communications, Inc. - Atheros Security NDIS 6.0 Filter Driver) - C:\Windows\system32\DRIVERS\jswpslwfx.sys [28/04/2021 14:26:54] - (6.1.22.44080) - (Oracle Corporation - VirtualBox NDIS 6.0 Lightweight Filter Driver) - C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [14/06/2021 16:50:43] - (6.1.22.44080) - (Oracle Corporation - VirtualBox USB Monitor Driver) - C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [14/06/2021 16:50:43] - (6.1.22.44080) - (Oracle Corporation - VirtualBox Support Driver) - C:\Windows\system32\DRIVERS\VBoxDrv.sys [18/12/2019 11:35:24] - (8.98.0.0) - (REALiX(tm) - HWiNFO AMD64 Kernel Driver) - C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [28/05/2020 16:03:06] - (13.1.1.7) - (BitDefender - FileVault Disk Driver) - C:\Windows\system32\DRIVERS\bdvedisk.sys [12/02/2021 15:48:41] - (0.0.0.0) - ( -) - C:\WINDOWS\system32\drivers\acedrv08.sys [27/03/2021 11:31:27] - (0.10.0.0) - (WireGuard LLC - Wintun Driver) - C:\Windows\system32\DRIVERS\wintun.sys [21/04/2016 11:10:04] - (9.0.0.21) - (The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6.0)) - C:\Windows\System32\drivers\tap0901.sys [28/04/2021 14:26:50] - (6.1.22.44080) - (Oracle Corporation - VirtualBox NDIS 6.0 Host-Only Network Adapter Driver) - C:\Windows\System32\drivers\VBoxNetAdp6.sys [01/06/2021 11:42:46] - (27.21.14.6231) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 462.31) - C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_252e302997312800\nvlddmkm.sys [29/06/2020 23:18:24] - (4.3.0.0) - (FUJITSU CLIENT COMPUTING LIMITED - Fujitsu FUJ02E3 Device Driver) - C:\Windows\System32\DriverStore\FileRepository\fuj02e3.inf_amd64_42f2ff7fcce64487\fuj02e3.sys [05/01/2021 16:04:12] - (19.5.19.75) - (Synaptics Incorporated - Synaptics SMBus Driver) - C:\Windows\System32\drivers\Smb_driver_Intel.sys [01/06/2021 17:07:10] - (4.16.0.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\Windows\system32\drivers\nvvad64v.sys [12/02/2017 02:28:36] - (4.1.0.0) - (Sysprogs OU - WinCDEmu virtual CDROM bus) - C:\Windows\System32\drivers\BazisVirtualCDBus.sys [12/02/2021 16:24:56] - (1.2.0.0) - (AnvSoft Inc. - AnvSoft Virtual Audio Device) - C:\Windows\system32\drivers\anvsnddrv.sys [29/12/2020 16:35:20] - (1.3.38.40) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\Windows\system32\drivers\nvhda64v.sys [28/01/2021 22:25:42] - (10.0.19042.31267) - (Realsil Semiconductor Corporation - RTS USB READER Driver) - C:\Windows\system32\Drivers\RtsUer.sys [19/09/2019 15:21:36] - (3.12.0.0) - (QFX Software Corporation - KeyScrambler Keyboard Encryption Driver) - C:\Windows\System32\drivers\keyscrambler.sys [01/10/2019 15:27:31] - (3.0.0.0) - (Christian Gulden - Pluralinput Mouse Driver) - C:\Windows\System32\drivers\pimou.sys [14/12/2020 18:26:19] - (2.3.0.95) - (Bitdefender - IGNIS filter driver) - C:\Windows\system32\DRIVERS\ignis.sys [05/11/2020 11:52:31] - (0.0.0.0) - ( -) - C:\WINDOWS\system32\ammntdrv.sys [05/11/2020 11:52:31] - (0.0.0.0) - ( -) - C:\WINDOWS\system32\amwrtdrv.sys [20/04/2021 16:17:12] - (3.7.11.129) - (Bitdefender - BDDCI filter driver) - C:\Windows\system32\DRIVERS\bddci.sys [20/01/2020 12:03:41] - (1.2.0.0) - (Highresolution Enterprises [www.highrez.co.uk] - Kernel level port access driver) - C:\Windows\System32\Drivers\inpoutx64.sys [04/12/2019 16:13:35] - (5.2.30.30462) - (Oracle Corporation - VirtualBox Support Driver) - C:\Program Files\dnplayerext2\LdBoxDrv.sys [21/10/2020 18:46:23] - (1.0.0.0) - (NVIDIA Corporation - Nvidia Streaming Kernel Service) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20/04/2021 16:16:42] - (1.29.105.0) - (BitDefender S.R.L. Bucharest, ROMANIA - BitDefender Generic Exploit Mitigation for Mainstream Applications Filesystem Minifilter) - C:\Windows\system32\DRIVERS\gemma.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware (3ware) -> C:\Windows\system32\drivers\3ware.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - ACPI (Pilote ACPI Microsoft) -> C:\Windows\system32\drivers\ACPI.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> C:\Windows\system32\Drivers\acpiex.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - ADP80XX (ADP80XX) -> C:\Windows\system32\drivers\ADP80XX.SYS - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - ambakdrv (ambakdrv) -> C:\Windows\system32\ambakdrv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - amdsata (amdsata) -> C:\Windows\system32\drivers\amdsata.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - amdsbs (amdsbs) -> C:\Windows\system32\drivers\amdsbs.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - amdxata (amdxata) -> C:\Windows\system32\drivers\amdxata.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - arcsas (Pilote miniport Storport Adaptec SAS/SATA-II RAID) -> C:\Windows\system32\drivers\arcsas.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - atapi (Canal IDE) -> C:\Windows\system32\drivers\atapi.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - b06bdrv (Carte réseau QLogic VBD) -> C:\Windows\system32\drivers\bxvbda.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - bdelam (bdelam) -> C:\Windows\system32\drivers\bdelam.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [File System Driver] - bdprivmon (bdprivmon) -> C:\Windows\system32\DRIVERS\bdprivmon.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - bttflt (Filtre Microsoft Hyper-V VHDPMEM BTT) -> C:\Windows\system32\drivers\bttflt.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - cht4iscsi (cht4iscsi) -> C:\Windows\system32\drivers\cht4sx64.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - CLFS (Common Log (CLFS)) -> C:\Windows\system32\drivers\CLFS.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - CNG (CNG) -> C:\Windows\system32\Drivers\cng.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - disk (Pilote de disque) -> C:\Windows\system32\drivers\disk.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - ebdrv (Carte QLogic 10 Gigabit Ethernet VBD) -> C:\Windows\system32\drivers\evbda.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - EhStorClass (Enhanced Storage Filter Driver) -> C:\Windows\system32\drivers\EhStorClass.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - EhStorTcgDrv (Pilote Microsoft pour dispositif de stockage prenant en charge les protocoles IEEE 1667 et TCG) -> C:\Windows\system32\drivers\EhStorTcgDrv.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [File System Driver] - FileInfo (File Information FS MiniFilter) -> C:\Windows\system32\drivers\fileinfo.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [File System Driver] - FltMgr (FltMgr) -> C:\Windows\system32\drivers\fltmgr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - fvevol (Pilote de filtre de chiffrement de lecteur BitLocker) -> C:\Windows\system32\DRIVERS\fvevol.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [File System Driver] - Gemma (Gemma) -> C:\Windows\system32\DRIVERS\gemma.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [File System Driver] - gzflt (gzflt) -> C:\Windows\system32\DRIVERS\gzflt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - HpSAMD (HpSAMD) -> C:\Windows\system32\drivers\HpSAMD.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - hwpolicy (Hardware Policy Driver) -> C:\Windows\system32\drivers\hwpolicy.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - iaStorAVC (Contrôleur RAID SATA de circuit microprogrammé Intel) -> C:\Windows\system32\drivers\iaStorAVC.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - iaStorE (iaStorE) -> C:\Windows\system32\drivers\iaStorE.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - iaStorV (Contrôleur RAID Intel Windows 7) -> C:\Windows\system32\drivers\iaStorV.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - intelide (intelide) -> C:\Windows\system32\drivers\intelide.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - intelpep (Pilote de plug-in du moteur d’alimentation Intel(R)) -> C:\Windows\system32\drivers\intelpep.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - iorate (Pilote du filtre du taux d’E/S du disque) -> C:\Windows\system32\drivers\iorate.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - isapnp (isapnp) -> C:\Windows\system32\drivers\isapnp.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - ItSas35i (ItSas35i) -> C:\Windows\system32\drivers\ItSas35i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - KSecDD (KSecDD) -> C:\Windows\system32\Drivers\ksecdd.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - KSecPkg (KSecPkg) -> C:\Windows\system32\Drivers\ksecpkg.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - LSI_SAS (LSI_SAS) -> C:\Windows\system32\drivers\lsi_sas.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - LSI_SAS2i (LSI_SAS2i) -> C:\Windows\system32\drivers\lsi_sas2i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - LSI_SAS3i (LSI_SAS3i) -> C:\Windows\system32\drivers\lsi_sas3i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - LSI_SSS (LSI_SSS) -> C:\Windows\system32\drivers\lsi_sss.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - MbamElam (MbamElam) -> C:\Windows\system32\DRIVERS\MbamElam.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - megasas (megasas) -> C:\Windows\system32\drivers\megasas.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - megasas2i (megasas2i) -> C:\Windows\system32\drivers\MegaSas2i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - megasas35i (megasas35i) -> C:\Windows\system32\drivers\megasas35i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - megasr (megasr) -> C:\Windows\system32\drivers\megasr.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - mountmgr (Gestionnaire des points de montage) -> C:\Windows\system32\drivers\mountmgr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - msisadrv (msisadrv) -> C:\Windows\system32\drivers\msisadrv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - MsSecFlt (Minifiltre du composant Événements de sécurité de Microsoft) -> C:\Windows\system32\drivers\mssecflt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [File System Driver] - Mup (Mup) -> C:\Windows\system32\Drivers\mup.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - mvumis (mvumis) -> C:\Windows\system32\drivers\mvumis.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - NDIS (Pilote système NDIS) -> C:\Windows\system32\drivers\ndis.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - nvdimm (Pilote de périphérique NVDIMM Microsoft) -> C:\Windows\system32\drivers\nvdimm.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - nvraid (nvraid) -> C:\Windows\system32\drivers\nvraid.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - nvstor (nvstor) -> C:\Windows\system32\drivers\nvstor.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - partmgr (Gestionnaire de partitions) -> C:\Windows\system32\drivers\partmgr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - pci (Pilote de bus PCI) -> C:\Windows\system32\drivers\pci.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - pciide (pciide) -> C:\Windows\system32\drivers\pciide.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - pcmcia (pcmcia) -> C:\Windows\system32\drivers\pcmcia.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> C:\Windows\system32\drivers\pcw.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - pdc (CDP) -> C:\Windows\system32\drivers\pdc.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - percsas2i (percsas2i) -> C:\Windows\system32\drivers\percsas2i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - percsas3i (percsas3i) -> C:\Windows\system32\drivers\percsas3i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - pmem (Pilote de disque de mémoire persistante Microsoft) -> C:\Windows\system32\drivers\pmem.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> C:\Windows\system32\DRIVERS\ramdisk.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> C:\Windows\system32\drivers\rdyboost.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - sbp2port (Pilote de bus de transport/protocole SBP-2) -> C:\Windows\system32\drivers\sbp2port.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - scmbus (Pilote de bus de mémoire de classe stockage Microsoft) -> C:\Windows\system32\drivers\scmbus.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - SgrmAgent (System Guard Runtime Monitor Agent) -> C:\Windows\system32\drivers\SgrmAgent.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - SiSRaid2 (SiSRaid2) -> C:\Windows\system32\drivers\SiSRaid2.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - SiSRaid4 (SiSRaid4) -> C:\Windows\system32\drivers\sisraid4.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - SmartSAMD (SmartSAMD) -> C:\Windows\system32\drivers\SmartSAMD.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - spaceport (Pilote des espaces de stockage) -> C:\Windows\system32\drivers\spaceport.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - stexstor (stexstor) -> C:\Windows\system32\drivers\stexstor.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - storahci (Lecteur AHCI SATA Microsoft standard) -> C:\Windows\system32\drivers\storahci.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - storflt (Accélérateur de stockage Microsoft Hyper-V) -> C:\Windows\system32\drivers\vmstorfl.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - stornvme (Pilote NVM Express standard de Microsoft) -> C:\Windows\system32\drivers\stornvme.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - storufs (Pilote Universal Flash Storage (UFS) Microsoft) -> C:\Windows\system32\drivers\storufs.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - storvsc (storvsc) -> C:\Windows\system32\drivers\storvsc.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - Tcpip (Pilote pour protocole TCP/IP) -> C:\Windows\system32\drivers\tcpip.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - Telemetry (Service de télémétrie Intel(R)) -> C:\Windows\system32\drivers\IntelTA.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [File System Driver] - trufos (trufos) -> C:\Windows\system32\DRIVERS\trufos.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - vdrvroot (Énumérateur de lecteur virtuel Microsoft) -> C:\Windows\system32\drivers\vdrvroot.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - vmbus (Bus VMBus) -> C:\Windows\system32\drivers\vmbus.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - volmgr (Pilote du gestionnaire de volumes) -> C:\Windows\system32\drivers\volmgr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - volmgrx (Gestionnaire de volumes dynamiques) -> C:\Windows\system32\drivers\volmgrx.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - volsnap (Pilote de cliché instantané du volume) -> C:\Windows\system32\drivers\volsnap.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - volume (Pilote de volume) -> C:\Windows\system32\drivers\volume.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - vpci (Bus PCI virtuel Microsoft Hyper-V) -> C:\Windows\system32\drivers\vpci.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - vsmraid (vsmraid) -> C:\Windows\system32\drivers\vsmraid.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - VSTXRAID (Pilote Windows du contrôleur RAID de stockage VIA StorX) -> C:\Windows\system32\drivers\vstxraid.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - Wdf01000 (Service Infrastructure de pilote en mode noyau) -> C:\Windows\system32\drivers\Wdf01000.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - WFPLWFS (Plateforme de filtrage Microsoft Windows) -> C:\Windows\system32\drivers\wfplwfs.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> C:\Windows\system32\drivers\WindowsTrustedRT.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - WindowsTrustedRTProxy (Service sécurisé d'exécution approuvée Microsoft Windows) -> C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> C:\Windows\system32\drivers\Wof.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - acedrv08 (acedrv08) -> \??\C:\WINDOWS\system32\drivers\acedrv08.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - AFD (Pilote de fonction connexe pour Winsock) -> C:\Windows\system32\drivers\afd.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - afunix (afunix) -> C:\Windows\system32\drivers\afunix.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - ahcache (Application Compatibility Cache) -> C:\Windows\system32\DRIVERS\ahcache.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - atc (atc) -> C:\Windows\system32\DRIVERS\atc.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - bam (Background Activity Moderator Driver) -> C:\Windows\system32\drivers\bam.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - BasicDisplay (BasicDisplay) -> C:\Windows\system32\DriverStore\FileRepository\basicdisplay.inf_amd64_65ab9a260dbf7467\BasicDisplay.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - BasicRender (BasicRender) -> C:\Windows\system32\DriverStore\FileRepository\basicrender.inf_amd64_df49c4daa6251397\BasicRender.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - BDVEDISK (BDVEDISK) -> C:\Windows\system32\DRIVERS\bdvedisk.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - Beep (Beep) -> C:\Windows\system32\drivers\Beep.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - cdrom (Pilote de CD-ROM) -> C:\Windows\system32\drivers\cdrom.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - CimFS (CimFS) -> C:\Windows\system32\drivers\CimFS.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - CSC (Pilote Fichiers hors connexion) -> C:\Windows\system32\drivers\csc.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S1 - [Kernel Driver] - dam (Desktop Activity Moderator Driver) -> C:\Windows\system32\drivers\dam.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R1 - [File System Driver] - Dfsc (Pilote du client de l’espace de noms DFS) -> C:\Windows\system32\Drivers\dfsc.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> C:\Windows\system32\drivers\dxgkrnl.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - FileCrypt (FileCrypt) -> C:\Windows\system32\drivers\filecrypt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - GpuEnergyDrv (GPU Energy Driver) -> C:\Windows\system32\drivers\gpuenergydrv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - HWiNFO32 (HWiNFO32/64 Kernel Driver) -> \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - JSWPSLWF (JumpStart Wireless Filter Driver) -> C:\Windows\system32\DRIVERS\jswpslwfx.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - Msfs (Msfs) -> C:\Windows\system32\drivers\Msfs.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - mssmbios (Microsoft System Management BIOS Driver) -> C:\Windows\system32\drivers\mssmbios.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - NdisCap (Capture NDIS Microsoft) -> C:\Windows\system32\drivers\ndiscap.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - NetBIOS (NetBIOS Interface) -> C:\Windows\system32\drivers\netbios.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - NetBT (NetBT) -> C:\Windows\system32\DRIVERS\netbt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - Npfs (Npfs) -> C:\Windows\system32\drivers\Npfs.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - npsvctrig (Named pipe service trigger provider) -> C:\Windows\system32\drivers\npsvctrig.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - nsiproxy (NSI Proxy Service Driver) -> C:\Windows\system32\drivers\nsiproxy.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - Null (Null) -> C:\Windows\system32\drivers\Null.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - Psched (Planificateur de paquets QoS) -> C:\Windows\system32\drivers\pacer.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - rdbss (Sous-système de mise en mémoire tampon redirigée) -> C:\Windows\system32\DRIVERS\rdbss.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - tdx (Pilote de prise en charge TDI héritée NetIO) -> C:\Windows\system32\DRIVERS\tdx.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - VBoxDrv (VirtualBox Service) -> C:\Windows\system32\DRIVERS\VBoxDrv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - VBoxNetLwf (VirtualBox NDIS6 Bridged Networking Service) -> C:\Windows\system32\DRIVERS\VBoxNetLwf.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - VBoxUSBMon (VirtualBox USB Monitor Service) -> C:\Windows\system32\DRIVERS\VBoxUSBMon.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - Vid (Vid) -> C:\Windows\system32\drivers\Vid.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - vwififlt (Virtual WiFi Filter Driver) -> C:\Windows\system32\drivers\vwififlt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - AMD Crash Defender Service (AMD Crash Defender Service) -> C:\Windows\system32\amdfendrsr.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - AMD External Events Utility (AMD External Events Utility) -> C:\Windows\system32\atiesrxx.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - AppHostSvc (Application Host Helper Service) -> C:\Windows\system32\svchost.exe -k apphost - AcceptPause : True - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - AudioEndpointBuilder (Générateur de points de terminaison du service Audio Windows) -> C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Audiosrv (Audio Windows) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Backupper Service (AOMEI Backupper Scheduler Service) -> "C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.1.0\ABService.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - BDAuxSrv (Bitdefender Auxiliary Service) -> "C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe" "settings/services/configs/bdauxsrv_config.json" - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Own Process] - BDProtSrv (Bitdefender Protected Service) -> "C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe" "settings\services\configs\bdprotsrv_config.json" - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Own Process] - bdredline (Bitdefender RedLine Service) -> "C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe" - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Own Process] - bdredline_agent (Bitdefender Agent RedLine Service) -> "C:\Program Files\Bitdefender Agent\redline\bdredline.exe" - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - BFE (Moteur de filtrage de base) -> C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - BrokerInfrastructure (Service d’infrastructure des tâches en arrière-plan) -> C:\Windows\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - CDPSvc (Service de plateforme des appareils connectés) -> C:\Windows\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - ClickToRunSvc (Service Microsoft Office « Démarrer en un clic ») -> "C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - CoreMessagingRegistrar (CoreMessaging) -> C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - CryptSvc (Services de chiffrement) -> C:\Windows\system32\svchost.exe -k NetworkService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - DcomLaunch (Lanceur de processus serveur DCOM) -> C:\Windows\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - DeviceAssociationService (Service d’association de périphérique) -> C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - Dhcp (Client DHCP) -> C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - DispBrokerDesktopSvc (Service de stratégie d'affichage) -> C:\Windows\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - Dnscache (Client DNS) -> C:\Windows\system32\svchost.exe -k NetworkService -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - DPS (Service de stratégie de diagnostic) -> C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - DusmSvc (Consommation des données) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False S2 - [Own Process] - edgeupdate (Service Mise à jour de Microsoft Edge (edgeupdate)) -> "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - EventLog (Journal d’événements Windows) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - EventSystem (Système d’événement COM+) -> C:\Windows\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - fdPHost (Hôte du fournisseur de découverte de fonctions) -> C:\Windows\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - FontCache (Service de cache de police Windows) -> C:\Windows\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Fuj02e3DriverUtilityService (Fujitsu FUJ02E3 Device Driver - Utility Service) -> C:\Windows\System32\DriverStore\FileRepository\fuj02e3.inf_amd64_42f2ff7fcce64487\fuj02e3-utility.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - GfExperienceService (NVIDIA GeForce Experience Service) -> "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False S2 - [Share Process] - gpsvc (Client de stratégie de groupe) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Own Process] - igfxCUIService2.0.0.0 (Intel(R) HD Graphics Control Panel Service) -> C:\Windows\system32\igfxCUIService.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - IKEEXT (Modules de génération de clés IKE et AuthIP) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) -> "C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - LanmanWorkstation (Station de travail) -> C:\Windows\System32\svchost.exe -k NetworkService -p - AcceptPause : True - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - LSM (Gestionnaire de session locale) -> C:\Windows\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Own Process] - MBAMService (Malwarebytes Service) -> "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - mpssvc (Pare-feu Windows Defender) -> C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False S2 - [Share Process] - Netlogon (Netlogon) -> C:\Windows\system32\lsass.exe - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - NetPipeActivator (Adaptateur d’écouteur Net.Pipe) -> C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe - AcceptPause : True - AcceptStop : True - DesktopInteract : False S2 - [Share Process] - NetTcpActivator (Adaptateur d'écouteur Net.Tcp) -> C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - NlaSvc (Connaissance des emplacements réseau) -> C:\Windows\System32\svchost.exe -k NetworkService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - nsi (Service Interface du magasin réseau) -> C:\Windows\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - NvStreamSvc (NVIDIA Streamer Service) -> "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - Power (Alimentation) -> C:\Windows\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Own Process] - ProductAgentService (ProductAgentService) -> "C:\Program Files\Bitdefender Agent\ProductAgentService.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - ProfSvc (Service de profil utilisateur) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - RasMan (Gestionnaire des connexions d’accès à distance) -> C:\Windows\System32\svchost.exe -k netsvcs - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - RpcEptMapper (Mappeur de point de terminaison RPC) -> C:\Windows\system32\svchost.exe -k RPCSS -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - RpcSs (Appel de procédure distante (RPC)) -> C:\Windows\system32\svchost.exe -k rpcss -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - SamSs (Gestionnaire de comptes de sécurité) -> C:\Windows\system32\lsass.exe - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - Schedule (Planificateur de tâches) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Seed4.Me Service (Seed4.Me Service) -> C:\Program Files\Seed4.Me VPN\bin\Seed4.Me_service.exe - AcceptPause : True - AcceptStop : True - DesktopInteract : True R2 - [Share Process] - SENS (Service de notification d’événements système) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - SgrmBroker (Service Broker du moniteur d'exécution System Guard) -> C:\Windows\system32\SgrmBroker.exe - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - ShellHWDetection (Détection matériel noyau) -> C:\Windows\System32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Spooler (Spouleur d’impression) -> C:\Windows\System32\spoolsv.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : True S2 - [Own Process] - sppsvc (Protection logicielle) -> C:\Windows\system32\sppsvc.exe - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Own Process] - stisvc (Acquisition d’image Windows (WIA)) -> C:\Windows\system32\svchost.exe -k imgsvc - AcceptPause : True - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - StorSvc (Service de stockage) -> C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - SysMain (SysMain) -> C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - SystemEventsBroker (Service Broker des événements système) -> C:\Windows\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - Themes (Thèmes) -> C:\Windows\System32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - unchecky (unchecky) -> "C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - UPDATESRV (Bitdefender Desktop Update Service) -> "C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe" /service - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Own Process] - USBSafelyRemoveService (USB Safely Remove Assistant) -> "C:\Program Files (x86)\USB Safely Remove\USBSRService.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - UserManager (Gestionnaire des utilisateurs) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - UsoSvc (Mettre à jour le service Orchestrator) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - VSSERV (Bitdefender Virus Shield) -> "C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe" "settings/services/configs/bdshieldsrv_config.json" - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - W32Time (Temps Windows) -> C:\Windows\system32\svchost.exe -k LocalService - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - W3SVC (Service de publication World Wide Web) -> C:\Windows\system32\svchost.exe -k iissvcs - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - ammntdrv (ammntdrv) -> \??\C:\WINDOWS\system32\ammntdrv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - amwrtdrv (amwrtdrv) -> \??\C:\WINDOWS\system32\amwrtdrv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - BdDci (BdDci Service) -> C:\Windows\system32\DRIVERS\bddci.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [File System Driver] - bindflt (Windows Bind Filter Driver) -> C:\Windows\system32\drivers\bindflt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> C:\Windows\system32\drivers\cldflt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Wcmsvc (Gestionnaire des connexions Windows) -> C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - Winmgmt (Infrastructure de gestion Windows) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : True - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - WpnService (Service du système de notifications Push Windows) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - wscsvc (Centre de sécurité) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - Ignis (Ignis Service) -> C:\Windows\system32\DRIVERS\ignis.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - inpoutx64 (inpoutx64) -> C:\Windows\system32\Drivers\inpoutx64.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - LdBoxDrv (LdBoxDrv) -> \??\C:\Program Files\dnplayerext2\LdBoxDrv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - lltdio (Pilote E/S de mappage de découverte de topologie de la couche de liaison) -> C:\Windows\system32\drivers\lltdio.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [File System Driver] - luafv (Virtualisation de fichier UAC) -> C:\Windows\system32\drivers\luafv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [File System Driver] - MBAMChameleon (MBAMChameleon) -> C:\Windows\system32\Drivers\MbamChameleon.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Unknown] - CDPUserSvc_48ecd (CDPUserSvc_48ecd) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Unknown] - WpnUserService_48ecd (WpnUserService_48ecd) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - MMCSS (Multimedia Class Scheduler) -> C:\Windows\system32\drivers\mmcss.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [File System Driver] - mrxsmb10 (Mini-redirecteur SMB 1.x) -> C:\Windows\system32\DRIVERS\mrxsmb10.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - MsLldp (Protocole LLDP (Link Layer Discovery Protocol) Microsoft) -> C:\Windows\system32\drivers\mslldp.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> C:\Windows\system32\drivers\peauth.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - rspndr (Répondeur de découverte de la topologie de la couche de liaison) -> C:\Windows\system32\drivers\rspndr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [File System Driver] - srv (Pilote de serveur SMB 1.xxx) -> C:\Windows\system32\DRIVERS\srv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [File System Driver] - storqosflt (Pilote de filtre de qualité de service de stockage) -> C:\Windows\system32\drivers\storqosflt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> C:\Windows\system32\drivers\tcpipreg.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - wanarp (Pilote ARP IP d’accès à distance) -> C:\Windows\system32\DRIVERS\wanarp.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [File System Driver] - wcifs (Windows Container Isolation) -> C:\Windows\system32\drivers\wcifs.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\59be958b-3489-5514-924e-19665d448259] : (Rokkr 1.1.2.-.Rokkr AG) -> "C:\Users\jo\AppData\Local\Programs\Rokkr\Uninstall Rokkr.exe" /currentuser [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\6811d8ec-23f6-5ad3-9bb7-0e515c178d2a] : (WATCHED 0.18.8.-.WATCHED AG) -> "C:\Users\jo\AppData\Local\Programs\WATCHED\Uninstall WATCHED.exe" /currentuser [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\BitTorrent] : (BitTorrent.-.BitTorrent Inc.) -> "C:\Users\jo\AppData\Roaming\BitTorrent\BitTorrent.exe" /UNINSTALL [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Movavi Video Editor Plus 2021] : (Movavi Video Editor Plus 2021.-.Movavi) -> "C:\Users\jo\AppData\Roaming\Movavi Video Editor Plus 2021\uninst.exe" [HKU\S-1-5-21-1042456299-3079880857-3127715329-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SaRA] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Bitdefender] : (Bitdefender Internet Security.-.Bitdefender) -> C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-24-1C3D6ED2-311A-444C-8E04-614C1C0B42E7\installer.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Bitdefender Agent] : (Bitdefender Agent.-.Bitdefender) -> C:\Program Files\Bitdefender Agent\25.0.1.192\installer\installer.exe /uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe" ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\EPSON SX218 Series] : (EPSON SX218 Series Printer Uninstall.-.SEIKO EPSON Corporation) -> C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IINSGDE.EXE /R /APD /P:"EPSON SX218 Series" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Folder Marker Home (GAOTD Edition)_is1] : (Folder Marker Home (GAOTD Edition).-.ArcticLine Software) -> "C:\Program Files (x86)\Folder Marker\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Microsoft Edge] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 89.0.2 (x64 fr)] : (Mozilla Firefox 89.0.2 (x64 fr).-.Mozilla) -> "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Seed4.Me VPN] : (Seed4.Me VPN 1.0.68.-.Seed4.me) -> C:\Program Files\Seed4.Me VPN\Uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SumatraPDF] : (SumatraPDF.-.Krzysztof Kowalczyk) -> "C:\Users\jo\AppData\Local\SumatraPDF\SumatraPDF.exe" -uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\TAP-Windows] : (TAP-Windows 9.21.2.-.) -> C:\Program Files\TAP-Windows\Uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VLC media player] : (VLC media player.-.VideoLAN) -> "C:\Program Files\VideoLAN\VLC\uninstall.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\weh-iss-net.downloadhelper.coapp_is1] : (VdhCoApp 1.5.0.-.DownloadHelper) -> "C:\Program Files\net.downloadhelper.coapp\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{17B87034-AD42-4C66-8715-B1C19135DD31}] : (DriversCloud.com.-.Cybelsoft) -> MsiExec.exe /I{17B87034-AD42-4C66-8715-B1C19135DD31} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1] : (Malwarebytes version 4.4.0.117.-.Malwarebytes) -> "C:\Program Files\Malwarebytes\Anti-Malware\mbuns.exe" /Uninstall ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{66C5838F-B854-4A55-89E6-A6138747A4DF}] : (Epic Games Launcher Prerequisites (x64).-.Epic Games, Inc.) -> MsiExec.exe /X{66C5838F-B854-4A55-89E6-A6138747A4DF} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1] : (Revo Uninstaller Pro 4.3.3.-.VS Revo Group, Ltd.) -> "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel] : (NVIDIA Ansel.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 462.31.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience] : (NVIDIA GeForce Experience 2.2.2.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB] : (NVIDIA Pilote du contrôleur 3D Vision 340.50.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NVIRUSB [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] : (NVIDIA Logiciel système PhysX 9.19.0218.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (Mises à jour NVIDIA 17.12.8.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer] : (NVIDIA LED Visualizer 1.0.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (SHIELD Streaming.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService] : (NVIDIA GeForce Experience Service.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service] : (NVIDIA Network Service.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvDisplay.MessageBus] : (NVIDIA Display MessageBus.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer] : (NVIDIA Display Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS] : (NVIDIA Display Container LS.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog] : (NVIDIA Display Watchdog Plugin.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer] : (NVIDIA Display Session Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 17.12.8.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 1.2.27.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C4CEFA18-904B-44A4-ABA7-47492E4DC9F9}] : (Oracle VM VirtualBox 6.1.22.-.Oracle Corporation) -> MsiExec.exe /I{C4CEFA18-904B-44A4-ABA7-47492E4DC9F9} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AI RoboForm] : (RoboForm 9-1-5-5 (All Users).-.Siber Systems) -> "C:\Program Files (x86)\Siber Systems\AI RoboForm\rfwipeout.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Any Video Converter Ultimate_is1] : (Any Video Converter Ultimate 5.7.2.-.Any-Video-Converter.com) -> "C:\Program Files (x86)\AnvSoft\Any Video Converter Ultimate\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DearMob iPhone Manager] : (DearMob iPhone Manager.-.DearMob & Digiarty, Inc.) -> C:\Program Files (x86)\DearMob\DearMob iPhone Manager\uninstaller.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EnveloppesEditor1.20_is1] : (EnveloppesEditor1.20.-.J.L.F.) -> "C:\Program Files (x86)\EnveloppesEditor1.20\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EPSON Scanner] : (EPSON Scan.-.Seiko Epson Corporation) -> C:\Program Files (x86)\epson\escndv\setup\setup.exe /r [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Finance 2003_is1] : (Finance 2003 version 10.03.-.) -> "C:\Program Files (x86)\SoftChris\Finance 2003\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google LLC) -> "C:\Program Files\Google\Chrome\Application\91.0.4472.124\Installer\setup.exe" --uninstall --channel --system-level --verbose-logging [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IM_Magic_PR] : (IM-Magic Partition Resizer Free 2018.-.IM-Magic Inc.) -> C:\Program Files\IM-Magic\Partition Resizer\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\jdownloader2] : (JDownloader 2.-.AppWork GmbH) -> "C:\Users\jo\AppData\Local\JDownloader 2.0\Uninstall JDownloader.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\KeyScrambler] : (KeyScrambler.-.QFX Software Corporation) -> C:\Program Files (x86)\KeyScrambler\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Microsoft Edge Update] : (Microsoft Edge Update.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 89.0.2 (x86 fr)] : (Mozilla Firefox 89.0.2 (x86 fr).-.Mozilla) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Thunderbird 78.11.0 (x86 fr)] : (Mozilla Thunderbird 78.11.0 (x86 fr).-.Mozilla) -> "C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Online Games Manager] : (Online Games Manager v1.50.-.Real Networks, Inc.) -> C:\Program Files (x86)\Online Games Manager\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\OpenAL] : (OpenAL.-.) -> "C:\Program Files (x86)\OpenAL\oalinst.exe" /U [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Rainlendar2] : (Rainlendar2 (remove only).-.Rainy) -> "C:\Program Files (x86)\Rainlendar2\uninst.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Rush for Gold California_is1] : (Rush for Gold California.-.GameTop Pte. Ltd.) -> "C:\Program Files (x86)\GameTop.com\Rush for Gold California\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\The Island Castaway 2_is1] : (The Island Castaway 2.-.GameTop Pte. Ltd.) -> "C:\Program Files (x86)\GameTop.com\The Island Castaway 2\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Unchecky] : (Unchecky v1.2.-.Reason Software Company Inc.) -> "C:\Program Files (x86)\Unchecky\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\USB Safely Remove_is1] : (USB Safely Remove 6.4.-.SafelyRemove.com) -> "C:\Program Files (x86)\USB Safely Remove\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WinCDEmu] : (WinCDEmu.-.Sysprogs) -> C:\Program Files (x86)\WinCDEmu\uninstall64.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 6.02 (32-bit).-.win.rar GmbH) -> C:\Program Files (x86)\WinRAR\uninstall.exe ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}] : (WN111v2.-.NETGEAR) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2C6DC07C-5D68-4E32-B6C6-EF5F24DA9FDF}] : (8GadgetPack.-.8GadgetPack.net) -> MsiExec.exe /X{2C6DC07C-5D68-4E32-B6C6-EF5F24DA9FDF} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}] : (neroxml.-.Nero AG) -> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{815B8D4F-8710-4C0F-B3CA-CA370CD5F4F9}] : (Steganos Password Manager 20.-.Steganos Software GmbH) -> C:\Program Files (x86)\Steganos Password Manager 20\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] : (Realtek Ethernet Controller Driver.-.Realtek) -> "C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe" -runfromtemp -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1] : (AOMEI Backupper 6.1.-.AOMEI Technology Co., Ltd.) -> "C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.1.0\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}] : (ImagXpress.-.Nero AG) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}] : (Launcher Prerequisites (x64).-.Epic Games, Inc.) -> "C:\ProgramData\Package Cache\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}\LauncherPrereqSetup_x64.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D243A198-99BB-42A0-828E-98AE3F01D215}_is1] : (ScanPapyrus.-.ScanPapyrus Team) -> "C:\Program Files (x86)\ScanPapyrus\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E452E727-86B8-4233-8CC3-41FD817AFAFF}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> "C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe" -r -m -nrg2709 ---------- | Ports ---------- | Installer [HKCR\Installer\Products\00006109C80000000000000000F01FEC] : Office 16 Click-to-Run Extensibility Component [HKCR\Installer\Products\00006109C800C0400000000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109DD0000000100000000F01FEC] : Office 16 Click-to-Run Extensibility Component 64-bit Registration [HKCR\Installer\Products\00006109E70000000100000000F01FEC] : Office 16 Click-to-Run Licensing Component [HKCR\Installer\Products\00006109F80000000100000000F01FEC] : Office 16 Click-to-Run Licensing Component [HKCR\Installer\Products\43078B7124DA66C478511B1C1953DD13] : DriversCloud.com -> C:\Windows\Installer\{17B87034-AD42-4C66-8715-B1C19135DD31}\DriversCloud.exe [HKCR\Installer\Products\68AB67CA408033019195001028441267] : Adobe Refresh Manager -> C:\WINDOWS\Installer\{AC76BA86-0804-1033-1959-000182442176}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7BD4C90EC03660F46A13E87A329932FA] : D3DX10 [HKCR\Installer\Products\81AFEC4CB4094A44BA7A7494E2D49C9F] : Oracle VM VirtualBox 6.1.22 -> C:\WINDOWS\Installer\{C4CEFA18-904B-44A4-ABA7-47492E4DC9F9}\IconVirtualBox [HKCR\Installer\Products\8CDD41E806AE81E43B3E917301D4B5AD] : MSVCRT110 [HKCR\Installer\Products\99E80CA9B0328e74791254777B1F42AE] : [HKCR\Installer\Products\A6C64DD86500CEF47BA082BB611A1FF1] : MSVCRT [HKCR\Installer\Products\B9802F8A97F16FB43B582A2C0B9B7AD4] : ImagXpress [HKCR\Installer\Products\B9FB157332F56794AA26B14F7D19CDEF] : Photo Common [HKCR\Installer\Products\C70CD6C286D523E46B6CFEF542ADF9FD] : 8GadgetPack -> C:\WINDOWS\Installer\{2C6DC07C-5D68-4E32-B6C6-EF5F24DA9FDF}\ProductIcon [HKCR\Installer\Products\E66BAA708174D2242981A4BFC329A217] : Photo Gallery [HKCR\Installer\Products\EB940C659E972054EB7A79453A6EF0B9] : neroxml [HKCR\Installer\Products\F187AF9E08E3993428A5DAE3112CC877] : MSVCRT110_amd64 [HKCR\Installer\Products\F8385C66458B55A4986E6A3178744AFD] : Epic Games Launcher Prerequisites (x64) -> C:\WINDOWS\Installer\{66C5838F-B854-4A55-89E6-A6138747A4DF}\UnrealEngineLauncher.ico [HKCR\Installer\Products\FF43B934E47F70845B2EB4575815ADB6] : Galerie de photos ---------- | UserSettings [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e]~[Description] : @%SystemRoot%\system32\powrprof.dll,-14,Automatically balances performance with energy consumption on capable hardware. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-15,Balanced (recommended) [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\3af9B8d9-7c97-431d-ad78-34a8bfea439f]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1400,Favor performance instead of energy savings. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\3af9B8d9-7c97-431d-ad78-34a8bfea439f]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1401,High Performance Overlay [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c]~[Description] : @%SystemRoot%\system32\powrprof.dll,-12,Favors performance, but may use more energy. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-13,High Performance [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\961cc777-2547-4f9d-8174-7d86181b8a7a]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1404,Favor energy savings over performance. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\961cc777-2547-4f9d-8174-7d86181b8a7a]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1405,Better Battery-life Overlay [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\a1841308-3541-4fab-bc81-f71556f20b4a]~[Description] : @%SystemRoot%\system32\powrprof.dll,-10,Saves energy by reducing your computer performance where possible. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\a1841308-3541-4fab-bc81-f71556f20b4a]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-11,Power Saver [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\ded574b5-45a0-4f42-8737-46345c09c238]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1402,Maximize bias towards performance instead of energy savings. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\ded574b5-45a0-4f42-8737-46345c09c238]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1403,Max Performance Overlay [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\e9a42b02-d5df-448d-aa00-03f14749eb61]~[Description] : @%SystemRoot%\system32\powrprof.dll,-18,Provides ultimate performance on higher end PCs. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\e9a42b02-d5df-448d-aa00-03f14749eb61]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-19,Ultimate Performance [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e]~[Description] : @%SystemRoot%\system32\powrprof.dll,-14,Automatically balances performance with energy consumption on capable hardware. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-15,Balanced (recommended) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\3af9B8d9-7c97-431d-ad78-34a8bfea439f]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1400,Favor performance instead of energy savings. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\3af9B8d9-7c97-431d-ad78-34a8bfea439f]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1401,High Performance Overlay [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c]~[Description] : @%SystemRoot%\system32\powrprof.dll,-12,Favors performance, but may use more energy. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-13,High Performance [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\961cc777-2547-4f9d-8174-7d86181b8a7a]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1404,Favor energy savings over performance. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\961cc777-2547-4f9d-8174-7d86181b8a7a]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1405,Better Battery-life Overlay [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\a1841308-3541-4fab-bc81-f71556f20b4a]~[Description] : @%SystemRoot%\system32\powrprof.dll,-10,Saves energy by reducing your computer performance where possible. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\a1841308-3541-4fab-bc81-f71556f20b4a]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-11,Power Saver [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\ded574b5-45a0-4f42-8737-46345c09c238]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1402,Maximize bias towards performance instead of energy savings. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\ded574b5-45a0-4f42-8737-46345c09c238]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1403,Max Performance Overlay [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\e9a42b02-d5df-448d-aa00-03f14749eb61]~[Description] : @%SystemRoot%\system32\powrprof.dll,-18,Provides ultimate performance on higher end PCs. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\e9a42b02-d5df-448d-aa00-03f14749eb61]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-19,Ultimate Performance ---------- | ADS Detected : C:\ProgramData\Temp:059167AF Detected : C:\ProgramData\Temp:0CE7F3C9 Detected : C:\ProgramData\Temp:0E22C5DB Detected : C:\ProgramData\Temp:12A012A1 Detected : C:\ProgramData\Temp:1B9E79B3 Detected : C:\ProgramData\Temp:2CB9631F Detected : C:\ProgramData\Temp:2D78CEB3 Detected : C:\ProgramData\Temp:309E3827 Detected : C:\ProgramData\Temp:38DE6D05 Detected : C:\ProgramData\Temp:39EDBD33 Detected : C:\ProgramData\Temp:3A4676D7 Detected : C:\ProgramData\Temp:4149A170 Detected : C:\ProgramData\Temp:4A10AFB7 Detected : C:\ProgramData\Temp:699EFEED Detected : C:\ProgramData\Temp:74091520 Detected : C:\ProgramData\Temp:7DB56DCB Detected : C:\ProgramData\Temp:940AB15D Detected : C:\ProgramData\Temp:9DB6A08C Detected : C:\ProgramData\Temp:A43B789A Detected : C:\ProgramData\Temp:B1CD2545 Detected : C:\ProgramData\Temp:DCF5E5D4 Detected : C:\ProgramData\Temp:E70FD81B Detected : C:\ProgramData\Temp:ED6B6C83 Detected : C:\ProgramData\Temp:F3591DDB Detected : C:\ProgramData\Temp:F46F6011 Detected : C:\ProgramData\Temp:F888E36D ---------- | 20 LastEventLog ------------ ------------ Le marshaleur standard COM n'est pas parvenu à corriger la différence entre l'IID {618736E0-3C3D-11CF-810C-00AA00389B71} fourni par le serveur et l'IID {00020400-0000-0000-C000-000000000046} demandé par le client, avec le gestionnaire CLSID {FFFFFFFE-646A-55C5-D8EC-4F0391392073}. Le code d'erreur était 0x800401fd. ------------ ------------ ------------ ------------ ------------ Impossible de lire les données de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code d’état, les quatre octets suivants contiennent l’état d’IOSB et les quatre octets suivants contiennent les informations d’IOSB. ------------ Impossible de lire les données de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code d’état, les quatre octets suivants contiennent l’état d’IOSB et les quatre octets suivants contiennent les informations d’IOSB. ------------ Windows ne peut pas charger la DLL de compteur extensible « C:\Windows\system32\sysmain.dll » (code d'erreur Win32 Le module spécifié est introuvable.). ------------ Impossible de lire les données de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code d’état, les quatre octets suivants contiennent l’état d’IOSB et les quatre octets suivants contiennent les informations d’IOSB. ------------ La collecte des données des compteurs de performance a été désactivée à partir du service « ASP.NET_64_2.0.50727 » car la bibliothèque de compteurs de performance pour ce service a généré une ou plusieurs erreurs. Les erreurs à l’origine de cette action ont été écrites dans le journal des événements des applications. Corrigez les erreurs avant d’activer les compteurs de performance pour ce service. ------------ Windows ne peut pas ouvrir la DLL de compteur extensible 64 bits C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_perf.dll dans un environnement 32 bits (code d'erreur Win32 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_perf.dll n’est pas une application Win32 valide.). Contactez le fournisseur du fichier pour obtenir une version 32 bits. Si vous exécutez un environnement natif 64 bits, vous pouvez également ouvrir la DLL de compteur extensible 64 bits en utilisant la version 64 bits de l’Analyseur de performances. Pour utiliser cet outil, ouvrez le dossier Windows, puis le dossier System32 et démarrez Perfmon.exe. ------------ L’optimiseur de stockage n’a pas pu terminer réoptimisation sur code (E:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A) ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL » à la ligne 1. L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé. La référence est UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". La définition est UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ ------------ ------------ Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . ------------ Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours. ] ------------ ----------( EOF)---------- - 6968 | 16:48:38