--------------- QuickDiag | g3n-h@ckm@n | V4_31.08.18.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 23/11/2018 18:09:56 Updated 31/08/2018 | 22:20 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [colis (Administrator)] - [JC-10-01-2018] (S-1-5-21-1812020250-49885185-2009104261-1001) System: Microsoft Windows 10 Famille - - (10.0.17763) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (1809) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\WINDOWS|\Device\Harddisk0\Partition3 Boot : Normal boot PC: GL703VD - ASUSTeK COMPUTER INC. - IdNumber: HAN0CX13568341B - UUID: 304E4148-5843-3331-3536-383334314241 Processor : X64 - 2808 Mhz - Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz GL703VD.304 - - American Megatrends Inc. - S/N: HAN0CX13568341B - GL703VD.304 - _ASUS_ - 1072009 CoreTemp : 50 Celsius ----------| Quick ---------- | SoundDevice Son Intel(R) pour écrans - Status: OK - Manufacturer: Intel(R) Corporation - PNPDeviceID: HDAUDIO\FUNC_01&VEN_8086&DEV_280B&SUBSYS_80860101&REV_1000\4&32DCCF76&0&0201 Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0295&SUBSYS_10431BC0&REV_1000\4&32DCCF76&0&0001 NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000 ---------- | Video Intel(R) HD Graphics 630 - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_c9081e50bcffa972\igdumdim64.dll,C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_c9081e50bcffa972\igd10iumd64.dll,C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_c9081e50bcffa972\igd10iumd64.dll,C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_c9081e50bcffa972\igd12umd64.dll - PNPDeviceID: PCI\VEN_8086&DEV_591B&SUBSYS_1BC01043&REV_04\3&11583659&1&10 - AdapterCompatibility: Intel Corporation - RAM: 1073741824 NVIDIA GeForce GTX 1050 - Resolution: x - Colors: - RefreshRate: - Bits Per Pixel - DeviceID: VideoController2 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_9b1341e92276ee7c\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_9b1341e92276ee7c\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_9b1341e92276ee7c\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_9b1341e92276ee7c\nvldumdx.dll - PNPDeviceID: PCI\VEN_10DE&DEV_1C8D&SUBSYS_1BC01043&REV_A1\4&1C23A489&0&0008 - AdapterCompatibility: NVIDIA - RAM: -2147483648 Inegrated Video Chipset DeviceName: Intel(R) HD Graphics 630 - DriverVersion: 23.20.16.4973 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27648 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34800 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42904 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25824 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 36680 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 39424 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 92672 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK ---------- | CPU CPU #1 value:20 % CPU #2 value:14 % CPU #3 value:8 % CPU #4 value:8 % CPU #5 value:20 % CPU #6 value:26 % CPU #7 value:38 % CPU #8 value:2 % Total Overall CPU Usage value:17 % ---------- | Network Realtek PCIe GBE Family Controller : SENT:0 bytes/sec / RECVD:0 bytes/sec Intel[R] Dual Band Wireless-AC 8265 : SENT:4,989 bytes/sec / RECVD:4,989 bytes/sec Overall -> SEND Maxium:17 bytes/sec, / RECEIVE Maximum:4,989 bytes/sec Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 Realtek PCIe GBE Family Controller - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8168&SUBSYS_200F1043&REV_15\4&288024F7&0&00E0 Intel(R) Dual Band Wireless-AC 8265 - Ethernet 802.3 - Intel Corporation - Status: - PnPID : PCI\VEN_8086&DEV_24FD&SUBSYS_00108086&REV_78\4&2EAD3D69&0&00E6 Bluetooth Device (Personal Area Network) - Ethernet 802.3 - Microsoft - Status: - PnPID : BTH\MS_BTHPAN\6&161B2479&0&2 Microsoft Wi-Fi Direct Virtual Adapter #3 - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&48D7285&0&11 WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_SSTPMINIPORT WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_AGILEVPNMINIPORT WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_L2TPMINIPORT WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPTPMINIPORT WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPPOEMINIPORT WAN Miniport (IP) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIP WAN Miniport (IPv6) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIPV6 WAN Miniport (Network Monitor) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANBH Microsoft Wi-Fi Direct Virtual Adapter - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&48D7285&0&12 ---------- | Memory RAM = Total (MB) : 8270 | Free (MB) : 3044 Pagefile = Total (MB) : 10236 | Free (MB) : 3137 Virtual = Total (MB) : 4194 | Free (MB) : 3900 Physical Memory 0 : Capacity: 8589934592 - ChannelA-DIMM0 - Posit.: 0 - Manufacturer: SK Hynix - PartNumber: HMA81GS6AFR8N-UH - S/N: 29FB1E93 ---------- | SID Users Administrateur : [S-1-5-21-1812020250-49885185-2009104261-500] colis : [S-1-5-21-1812020250-49885185-2009104261-1001] DefaultAccount : [S-1-5-21-1812020250-49885185-2009104261-503] Invité : [S-1-5-21-1812020250-49885185-2009104261-501] WDAGUtilityAccount : [S-1-5-21-1812020250-49885185-2009104261-504] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [OS] | Total : 118.19 Go | Free : 11.27 Go -> NTFS (SSD) [RAID] D:\ -> [Fixed] | [DATA] | Total : 931.51 Go | Free : 75.69 Go -> NTFS [RAID] E:\ -> [CDROM] | [Rayman Legends] | Total : 4.62 Go | Free : 0 Go -> CDFS [FileBackedVirtual] F:\ -> [CDROM] | [Frostpunk The Fall of Winterhome] | Total : 5.74 Go | Free : 0 Go -> UDF [FileBackedVirtual] Disk Usage Information [2 total Physical Disks] Physical Drive #0 [C:] : Read:0 bytes/sec, Written:1,106,408 bytes/sec Max Read:0 bytes/sec, Max Write:1,106,408 bytes/sec Physical Drive #1 [D:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:0 bytes/sec, Write Maximum:1,106,408 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - SCSI - Fixed hard disk media - 3 Part. - PnPID : SCSI\DISK&VEN_HFS128G3&PROD_9TND-N210A\4&1AED6427&0&000000 DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - SCSI - Fixed hard disk media - 1 Part. - PnPID : SCSI\DISK&VEN_HGST&PROD_HTS721010A9E630\4&1AED6427&0&000200 ---------- | Windows updates - Activation - License W.A.T : :) Test 1 : Windows Is Activated Test 2 : Windows Is NOT Activated Volume License ---------- | Browsers IE : 11.0.17763.1 (© Microsoft Corporation. Tous droits réservés.) GC : 70.0.3538.102 (Copyright 2017 Google Inc.) Default : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" ---------- | FlashPlayer FlashPlayer ActiveX : 31.0.0.153 ---------- | Security AV : Windows Defender Enabled AS : Windows Defender Enabled FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Manual(3)] = Running AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 384 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.17763.1) = C:\Windows\System32\smss.exe [15/09/2018 08:28:45] CPU Usage:0 % 608 | [Owner : Système | Parent : 508() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.17763.1) = C:\Windows\System32\csrss.exe [15/09/2018 08:28:45] CPU Usage:0 % 708 | [Owner : Système | Parent : 508() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.17763.1) = C:\Windows\System32\wininit.exe [15/09/2018 08:28:45] CPU Usage:0 % 716 | [Owner : Système | Parent : 700() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.17763.1) = C:\Windows\System32\csrss.exe [15/09/2018 08:28:45] CPU Usage:0 % 780 | [Owner : Système | Parent : 708(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.17763.1) = C:\Windows\System32\services.exe [15/09/2018 08:28:45] CPU Usage:0 % 800 | [Owner : Système | Parent : 708(wininit.exe) | 17.15 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.17763.1) = C:\Windows\System32\lsass.exe [15/09/2018 08:28:46] CPU Usage:0 % 920 | [Owner : Système | Parent : 780(services.exe) | 3.49 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 944 | [Owner : Système | Parent : 780(services.exe) | 29.89 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 968 | [Owner : UMFD-0 | Parent : 708(wininit.exe) | 3.1 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.17763.1) = C:\Windows\System32\fontdrvhost.exe [15/09/2018 08:28:47] CPU Usage:0 % 88 | [Owner : SERVICE RÉSEAU | Parent : 780(services.exe) | 16.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 472 | [Owner : Système | Parent : 780(services.exe) | 8.09 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 844 | [Owner : Système | Parent : 700() | 8.71 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.17763.1) = C:\Windows\System32\winlogon.exe [15/09/2018 08:28:46] CPU Usage:0 % 1044 | [Owner : UMFD-1 | Parent : 844(winlogon.exe) | 11.14 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.17763.1) = C:\Windows\System32\fontdrvhost.exe [15/09/2018 08:28:47] CPU Usage:0 % 1128 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 9.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1120 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 9.33 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1168 | [Owner : Système | Parent : 780(services.exe) | 9.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1176 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 11 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1276 | [Owner : Système | Parent : 780(services.exe) | 6.85 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1292 | [Owner : Système | Parent : 780(services.exe) | 5.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1416 | [Owner : Système | Parent : 780(services.exe) | 11.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1524 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 17.27 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1636 | [Owner : DWM-1 | Parent : 844(winlogon.exe) | 88.95 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.17763.1) = C:\Windows\System32\dwm.exe [15/09/2018 08:28:44] CPU Usage:1 % 1660 | [Owner : Système | Parent : 780(services.exe) | 13.21 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.11.2431.7967) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [17/10/2017 06:56:16] CPU Usage:0 % 1668 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 11.35 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1712 | [Owner : Système | Parent : 780(services.exe) | 10.76 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1756 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 7.26 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1828 | [Owner : Système | Parent : 780(services.exe) | 9.44 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1884 | [Owner : Système | Parent : 780(services.exe) | 11.83 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1892 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 7.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1900 | [Owner : Système | Parent : 780(services.exe) | 5.37 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1912 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 6.37 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1040 | [Owner : Système | Parent : 780(services.exe) | 9.76 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1084 | [Owner : Système | Parent : 780(services.exe) | 5.27 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1624 | [Owner : SERVICE RÉSEAU | Parent : 780(services.exe) | 12.01 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2088 | [Owner : Système | Parent : 780(services.exe) | 14.99 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2172 | [Owner : Système | Parent : 780(services.exe) | 8.26 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2248 | [Owner : Système | Parent : 780(services.exe) | 14.92 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2256 | [Owner : Système | Parent : 780(services.exe) | 7.78 Mo] - (.Intel Corporation - igfxCUIService Module.) - (6.15.10.4973) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_c9081e50bcffa972\igfxCUIService.exe [17/04/2018 07:14:14] CPU Usage:0 % 2336 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 9.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2400 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 7.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2408 | [Owner : Système | Parent : 780(services.exe) | 7.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2584 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 10.18 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2720 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 12.27 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2828 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 6.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2836 | [Owner : SERVICE RÉSEAU | Parent : 780(services.exe) | 9.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2844 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 12.03 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3000 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 7.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3068 | [Owner : Système | Parent : 780(services.exe) | 12.98 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 2760 | [Owner : Système | Parent : 780(services.exe) | 13.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3084 | [Owner : Système | Parent : 780(services.exe) | 5.07 Mo] - (.ASUSTek Computer Inc. - ASLDR Service.) - (1.0.101.2) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [28/07/2017 11:26:02] CPU Usage:0 % 3096 | [Owner : Système | Parent : 3068(svchost.exe) | 13.65 Mo] - (.Microsoft Corporation - Infrastructure d’extensibilité pour les services réseau Windows sans fil 802.11.) - (10.0.17763.1) = C:\Windows\System32\wlanext.exe [15/09/2018 08:28:25] CPU Usage:0 % 3116 | [Owner : Système | Parent : 3096(wlanext.exe) | 4.7 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17763.1) = C:\Windows\System32\conhost.exe [15/09/2018 08:28:44] CPU Usage:0 % 3320 | [Owner : Système | Parent : 780(services.exe) | 13.59 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.17763.1) = C:\Windows\System32\spoolsv.exe [15/09/2018 08:28:24] CPU Usage:0 % 3372 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 19.82 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3408 | [Owner : SERVICE RÉSEAU | Parent : 780(services.exe) | 7.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3596 | [Owner : Système | Parent : 780(services.exe) | 4.62 Mo] - (.ASUSTek Computer Inc. - ASUS HID Access Service.) - (1.0.101.3) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [28/07/2017 11:25:56] CPU Usage:0 % 3604 | [Owner : Système | Parent : 780(services.exe) | 10.91 Mo] - (.ALLPLAN GmbH - AllplanUpdateLauncher.) - (1.803.5387.960) = C:\Program Files\Allplan\AllplanUpdateLauncher 2018\AllplanUpdateLauncher.exe [24/01/2018 21:31:39] CPU Usage:0 % 3612 | [Owner : Système | Parent : 780(services.exe) | 12.12 Mo] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - (19.60.0.0) = C:\Program Files\Intel\WiFi\bin\EvtEng.exe [21/03/2017 11:40:32] CPU Usage:0 % 3636 | [Owner : Système | Parent : 780(services.exe) | 25.18 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3628 | [Owner : Système | Parent : 780(services.exe) | 5.64 Mo] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.29.8644) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [13/08/2018 23:27:08] CPU Usage:0 % 3644 | [Owner : Système | Parent : 780(services.exe) | 17.39 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3656 | [Owner : Système | Parent : 780(services.exe) | 10.8 Mo] - (.Allplan GmbH - AllplanUpdateLauncher.) - (1.612.4762.555) = C:\Program Files\Nemetschek\AllplanUpdateLauncher 2016\AllplanUpdateLauncher.exe [30/01/2018 19:42:04] CPU Usage:0 % 3668 | [Owner : Système | Parent : 780(services.exe) | 6.26 Mo] - (.Intel Corporation - Intel HD Graphics Drivers for Windows(R).) - (23.20.16.4973) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_c9081e50bcffa972\IntelCpHDCPSvc.exe [17/04/2018 07:15:02] CPU Usage:0 % 3684 | [Owner : Système | Parent : 780(services.exe) | 4.49 Mo] - (.Intel Corporation - Intel(R) Wireless Bluetooth(R) iBtSiva Service.) - (19.60.0.3) = C:\Windows\System32\ibtsiva.exe [13/04/2017 17:50:36] CPU Usage:0 % 3692 | [Owner : Système | Parent : 780(services.exe) | 21.38 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.6.2250.7081) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [17/10/2017 06:57:02] CPU Usage:0 % 3700 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 23.01 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3708 | [Owner : SERVICE RÉSEAU | Parent : 780(services.exe) | 13.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3720 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 5.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3736 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 5.84 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3780 | [Owner : SERVICE RÉSEAU | Parent : 780(services.exe) | 12.93 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.4.2237.9333) = C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [17/10/2017 06:57:02] CPU Usage:0 % 3788 | [Owner : Système | Parent : 780(services.exe) | 19.89 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3800 | [Owner : Système | Parent : 780(services.exe) | 8.22 Mo] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - (19.60.0.0) = C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [21/03/2017 11:40:22] CPU Usage:0 % 3808 | [Owner : Système | Parent : 780(services.exe) | 17.28 Mo] - (.ASUSTeK COMPUTER INC. - ROGGamingCenterService.) - (2.1.4.1) = C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingCenterService.exe [17/08/2017 16:35:16] CPU Usage:0 % 3824 | [Owner : Système | Parent : 780(services.exe) | 5.33 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3840 | [Owner : Système | Parent : 780(services.exe) | 15.31 Mo] - (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Service.) - (19.60.0.0) = C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [21/03/2017 11:40:46] CPU Usage:0 % 3848 | [Owner : Système | Parent : 780(services.exe) | 37.46 Mo] - (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - (16.0.11001.20093) = C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [23/05/2018 20:44:17] CPU Usage:0 % 3860 | [Owner : Système | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.18.1810.5) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MsMpEng.exe [24/10/2018 17:44:07] CPU Usage:0 % 4048 | [Owner : Système | Parent : 780(services.exe) | 8.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 4152 | [Owner : Système | Parent : 780(services.exe) | 11.45 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 4216 | [Owner : Système | Parent : 780(services.exe) | 43.36 Mo] - (.Malwarebytes - Malwarebytes Service.) - (3.1.0.667) = C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [27/08/2018 20:11:17] CPU Usage:0 % 4296 | [Owner : Système | Parent : 780(services.exe) | 16.87 Mo] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - (6.50.2640.503) = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [12/09/2017 06:50:00] CPU Usage:0 % 4364 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 5.07 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 4404 | [Owner : Système | Parent : 780(services.exe) | 6.16 Mo] - (.Intel Corporation - IntelCpHeciSvc Executable.) - (9.1.1.1117) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_c9081e50bcffa972\IntelCpHeciSvc.exe [17/04/2018 07:15:04] CPU Usage:0 % 4492 | [Owner : Système | Parent : 780(services.exe) | 10.81 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 5388 | [Owner : SERVICE RÉSEAU | Parent : 780(services.exe) | 6.85 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 5732 | [Owner : Système | Parent : 944(svchost.exe) | 13.6 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17763.1) = C:\Windows\System32\wbem\WmiPrvSE.exe [15/09/2018 08:28:29] CPU Usage:0 % 5920 | [Owner : Système | Parent : 944(svchost.exe) | 6.48 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (10.0.17763.1) = C:\Windows\System32\wbem\unsecapp.exe [15/09/2018 08:28:25] CPU Usage:0 % 6316 | [Owner : Système | Parent : 1660(NVDisplay.Container.exe) | 25.69 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.11.2431.7967) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [17/10/2017 06:56:16] CPU Usage:0 % 6628 | [Owner : Système | Parent : 3084(AsLdrSrv.exe) | 8.5 Mo] - (.ASUSTek Computer Inc. - HControl.) - (1.0.101.2) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [28/07/2017 11:26:18] CPU Usage:0 % 6656 | [Owner : colis | Parent : 3692(nvcontainer.exe) | 37.72 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.6.2250.7081) = C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [17/10/2017 06:57:02] CPU Usage:0 % 6700 | [Owner : colis | Parent : 1040(svchost.exe) | 29.43 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.17763.1) = C:\Windows\System32\sihost.exe [15/09/2018 08:28:34] CPU Usage:0 % 6976 | [Owner : colis | Parent : 780(services.exe) | 25.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 6996 | [Owner : Système | Parent : 780(services.exe) | 32.21 Mo] - (.Intel(R) Corporation - XtuService.) - (6.2.0.27) = C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [11/05/2017 15:14:38] CPU Usage:0 % 7008 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 18.73 Mo] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.9034) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe [18/11/2018 20:12:08] CPU Usage:0 % 7060 | [Owner : colis | Parent : 780(services.exe) | 36.29 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 7148 | [Owner : colis | Parent : 2088(svchost.exe) | 1.88 Mo] - (.ASUSTek Computer Inc. - ROG Gaming Key.) - (2.1.0.8) = C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingKey.exe [17/08/2017 16:35:16] CPU Usage:0 % 7156 | [Owner : colis | Parent : 2088(svchost.exe) | 18.6 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.17763.1) = C:\Windows\System32\taskhostw.exe [15/09/2018 08:28:44] CPU Usage:0 % 5916 | [Owner : Système | Parent : 780(services.exe) | 19.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 6188 | [Owner : Système | Parent : 780(services.exe) | 7.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 6284 | [Owner : Système | Parent : 780(services.exe) | 10.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 6272 | [Owner : colis | Parent : 6188(svchost.exe) | 15.74 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.17763.1) = C:\Windows\System32\ctfmon.exe [15/09/2018 08:28:45] CPU Usage:0 % 2312 | [Owner : colis | Parent : 6236() | 135.16 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.17763.107) = C:\Windows\explorer.exe [29/10/2018 23:59:07] CPU Usage:0 % 7572 | [Owner : colis | Parent : 6772() | 6.71 Mo] - (.ASUSTek Computer Inc. - ATK Media.) - (2.0.29.2) = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [28/07/2017 11:26:10] CPU Usage:0 % 7588 | [Owner : colis | Parent : 6764() | 7.38 Mo] - (.ASUSTek Computer Inc. - ATKOSD2.) - (7.0.39.1) = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [28/03/2017 16:28:32] CPU Usage:0 % 7608 | [Owner : Système | Parent : 780(services.exe) | 7.85 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 7796 | [Owner : Système | Parent : 780(services.exe) | 6.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 7976 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 18.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 8064 | [Owner : colis | Parent : 7628() | 27.25 Mo] - (.Intel Corporation - igfxEM Module.) - (6.15.10.4973) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_c9081e50bcffa972\igfxEM.exe [17/04/2018 07:14:36] CPU Usage:0 % 8100 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 8.67 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 8140 | [Owner : colis | Parent : 780(services.exe) | 16.91 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 5956 | [Owner : colis | Parent : 944(svchost.exe) | 66.74 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.17763.1) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [15/09/2018 08:28:58] CPU Usage:0 % 4416 | [Owner : colis | Parent : 944(svchost.exe) | 102.62 Mo] - (.Microsoft Corporation - Microsoft.Notes.) - (3.0.120.0) = C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.0.120.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe [18/11/2018 16:49:38] CPU Usage:0 % 8212 | [Owner : Système | Parent : 780(services.exe) | 42.74 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.17763.1) = C:\Windows\System32\SearchIndexer.exe [15/09/2018 08:28:34] CPU Usage:0 % 8496 | [Owner : colis | Parent : 944(svchost.exe) | 31.52 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 08:28:29] CPU Usage:0 % 8760 | [Owner : colis | Parent : 944(svchost.exe) | 85.24 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.17763.1) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [15/09/2018 08:28:47] CPU Usage:0 % 8624 | [Owner : colis | Parent : 944(svchost.exe) | 42.96 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 08:28:29] CPU Usage:0 % 8840 | [Owner : Système | Parent : 780(services.exe) | 6.65 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 7196 | [Owner : colis | Parent : 944(svchost.exe) | 26.56 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 08:28:29] CPU Usage:0 % 9668 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 21.07 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 9864 | [Owner : colis | Parent : 944(svchost.exe) | 1.22 Mo] - (.-.) - (8.34.0.81) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe [21/11/2018 19:57:04] CPU Usage:0 % 9924 | [Owner : colis | Parent : 944(svchost.exe) | 9.6 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.17763.1) = C:\Windows\System32\SettingSyncHost.exe [15/09/2018 08:28:58] CPU Usage:0 % 9028 | [Owner : colis | Parent : 944(svchost.exe) | 23.4 Mo] - (.Microsoft Corporation - SkypeApp.) - (8.34.0.81) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeApp.exe [21/11/2018 19:57:04] CPU Usage:0 % 10356 | [Owner : colis | Parent : 944(svchost.exe) | 44.59 Mo] - (.Microsoft Corporation - LockApp.exe.) - (10.0.17763.1) = C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe [15/09/2018 08:28:52] CPU Usage:0 % 10600 | [Owner : colis | Parent : 944(svchost.exe) | 29.02 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 08:28:29] CPU Usage:0 % 10608 | [Owner : colis | Parent : 7196(RuntimeBroker.exe) | 11.08 Mo] - (.-.) - (0.0.0.0) = C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.0.120.0_x64__8wekyb3d8bbwe\Microsoft.Notes.DesktopBridge.exe [09/10/2018 17:42:06] CPU Usage:0 % 11256 | [Owner : colis | Parent : 4216(MBAMService.exe) | 38.33 Mo] - (.Malwarebytes - Malwarebytes Tray Application.) - (3.1.0.1594) = C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [27/08/2018 20:11:15] CPU Usage:0 % 11268 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Service.) - (4.18.1810.5) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\NisSrv.exe [24/10/2018 17:44:07] CPU Usage:0 % 11632 | [Owner : colis | Parent : 944(svchost.exe) | 12.03 Mo] - (.Microsoft Corporation - Office Hub Task Host.) - (16.0.10314.33875) = C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe [11/07/2018 15:45:53] CPU Usage:0 % 11624 | [Owner : Système | Parent : 3264() | 0.84 Mo] - (.Google Inc. - Google Crash Handler.) - (1.3.33.17) = C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe [17/05/2018 16:37:47] CPU Usage:0 % 12040 | [Owner : Système | Parent : 3264() | 0.74 Mo] - (.Google Inc. - Google Crash Handler.) - (1.3.33.17) = C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe [17/05/2018 16:37:47] CPU Usage:0 % 11956 | [Owner : colis | Parent : 780(services.exe) | 21.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 11516 | [Owner : colis | Parent : 944(svchost.exe) | 43.32 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.17763.1) = C:\Windows\System32\smartscreen.exe [15/09/2018 08:28:30] CPU Usage:0 % 12184 | [Owner : colis | Parent : 2312(explorer.exe) | 7.82 Mo] - (.Microsoft Corporation - Windows Security notification icon.) - (10.0.17763.1) = C:\Windows\System32\SecurityHealthSystray.exe [15/09/2018 08:28:39] CPU Usage:0 % 11396 | [Owner : Système | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.18.1807.16384) = C:\Windows\System32\SecurityHealthService.exe [15/09/2018 08:28:26] CPU Usage:0 % 11364 | [Owner : colis | Parent : 944(svchost.exe) | 22.02 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 08:28:29] CPU Usage:0 % 5908 | [Owner : colis | Parent : 944(svchost.exe) | 10.96 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 08:28:29] CPU Usage:0 % 8044 | [Owner : colis | Parent : 944(svchost.exe) | 17.16 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 08:28:29] CPU Usage:0 % 8468 | [Owner : colis | Parent : 2088(svchost.exe) | 2.83 Mo] - (.ASUSTeK COMPUTER INC. - Sonic Suite 3.) - (3.6.12.44173) = C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe [03/08/2017 15:45:26] CPU Usage:0 % 9288 | [Owner : colis | Parent : 944(svchost.exe) | 0.04 Mo] - (.-.) - (10.18082.1381.0) = C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe [23/10/2018 06:05:39] CPU Usage:0 % 12712 | [Owner : colis | Parent : 944(svchost.exe) | 25.16 Mo] - (.NVIDIA Corporation - NVIDIA Capture Server.) - (3.8.0.89) = C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe [17/10/2017 06:57:08] CPU Usage:0 % 12800 | [Owner : colis | Parent : 944(svchost.exe) | 9.41 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 08:28:29] CPU Usage:0 % 12940 | [Owner : colis | Parent : 3692(nvcontainer.exe) | 10.05 Mo] - (.NVIDIA Corporation - NVIDIA ShadowPlay Helper.) - (3.8.0.89) = C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe [17/10/2017 06:57:07] CPU Usage:0 % 12980 | [Owner : colis | Parent : 12712(nvspcaps64.exe) | 35.79 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (59.3071.1634.2) = C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [17/10/2017 06:57:06] CPU Usage:0 % 13140 | [Owner : colis | Parent : 13120() | 39.4 Mo] - (.Node.js - NVIDIA Web Helper Service.) - (6.9.5.0) = C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [17/10/2017 06:57:04] CPU Usage:0 % 13152 | [Owner : colis | Parent : 13140(NVIDIA Web Helper.exe) | 5.07 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17763.1) = C:\Windows\System32\conhost.exe [15/09/2018 08:28:44] CPU Usage:0 % 12692 | [Owner : colis | Parent : 12980(NVIDIA Share.exe) | 37.92 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (59.3071.1634.2) = C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [17/10/2017 06:57:06] CPU Usage:0 % 12876 | [Owner : colis | Parent : 8468(SS3Svc32.exe) | 1.14 Mo] - (.ASUSTeK COMPUTER INC. - Sonic Suite 3.) - (3.6.12.44173) = C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe [03/08/2017 15:49:08] CPU Usage:0 % 13168 | [Owner : colis | Parent : 2312(explorer.exe) | 32.31 Mo] - (.Disc Soft Ltd - DAEMON Tools Lite.) - (10.7.0.336) = C:\Program Files\DAEMON Tools Lite\DTAgent.exe [09/01/2018 11:45:32] CPU Usage:0 % 936 | [Owner : Système | Parent : 780(services.exe) | 12.9 Mo] - (.Disc Soft Ltd - Disc Soft Bus Service Lite.) - (10.7.0.336) = C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [09/01/2018 11:44:38] CPU Usage:0 % 1060 | [Owner : colis | Parent : 2312(explorer.exe) | 9.69 Mo] - (.ASUS - AuraCoreListen.) - (2.0.4.0) = C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.26.0_x86__qmba6cd70vzyy\AuraListen.exe [31/10/2018 22:13:34] CPU Usage:0 % 13336 | [Owner : colis | Parent : 2312(explorer.exe) | 14.94 Mo] - (.WIBU-SYSTEMS AG - CodeMeter Control Center.) - (6.50.2640.503) = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe [12/09/2017 06:50:00] CPU Usage:0 % 13440 | [Owner : colis | Parent : 13396() | 23.84 Mo] - (.-.) - (1.0.0.0) = C:\Program Files (x86)\Asus Espada Gaming Mouse\GT200AP4.exe [10/01/2018 23:02:31] CPU Usage:0 % 13460 | [Owner : colis | Parent : 1288() | 11.65 Mo] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.161.12) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [19/12/2017 19:06:16] CPU Usage:0 % 14408 | [Owner : colis | Parent : 2088(svchost.exe) | 0.88 Mo] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.278) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [17/10/2017 07:00:57] CPU Usage:0 % 14416 | [Owner : colis | Parent : 2088(svchost.exe) | 1.2 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.655.0) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [17/10/2017 07:00:57] CPU Usage:0 % 14504 | [Owner : Système | Parent : 780(services.exe) | 25.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 15180 | [Owner : colis | Parent : 14268() | 51.67 Mo] - (.GOG.com - GOG Galaxy.) - (1.2.47.67) = C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [20/05/2018 14:55:28] CPU Usage:0 % 9148 | [Owner : colis | Parent : 15180(GalaxyClient.exe) | 34.81 Mo] - (.GOG.com - GalaxyClient Helper Application.) - (1.2.47.67) = C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe [20/05/2018 14:55:28] CPU Usage:0 % 13884 | [Owner : colis | Parent : 15180(GalaxyClient.exe) | 65.08 Mo] - (.GOG.com - GalaxyClient Helper Application.) - (1.2.47.67) = C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe [20/05/2018 14:55:28] CPU Usage:3 % 7236 | [Owner : colis | Parent : 2088(svchost.exe) | 1.9 Mo] - (.ASUS - ACMON.) - (1.0.8.0) = C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [21/07/2017 15:56:26] CPU Usage:0 % 14140 | [Owner : colis | Parent : 15180(GalaxyClient.exe) | 45.67 Mo] - (.GOG.com - GOG Galaxy Notifications Renderer.) - (1.2.47.67) = C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe [20/05/2018 14:55:28] CPU Usage:0 % 5744 | [Owner : colis | Parent : 944(svchost.exe) | 10.22 Mo] - (.Intel Corporation - igfxext Module.) - (6.15.10.4973) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_c9081e50bcffa972\igfxext.exe [17/04/2018 07:14:44] CPU Usage:0 % 13776 | [Owner : colis | Parent : 944(svchost.exe) | 27.49 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.17763.1) = C:\Windows\System32\ApplicationFrameHost.exe [15/09/2018 08:28:39] CPU Usage:0 % 14952 | [Owner : colis | Parent : 944(svchost.exe) | 0.56 Mo] - (.Microsoft Corporation - Store.) - (11810.1001.12.0) = C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe [12/11/2018 12:26:40] CPU Usage:0 % 7784 | [Owner : colis | Parent : 944(svchost.exe) | 24.46 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 08:28:29] CPU Usage:0 % 3132 | [Owner : colis | Parent : 13700() | 13.78 Mo] - (.Disc Soft Ltd - DAEMON Tools Shell Extensions Helper.) - (10.7.0.336) = C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe [09/01/2018 11:45:22] CPU Usage:0 % 10000 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 6.87 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 10656 | [Owner : SERVICE RÉSEAU | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 14304 | [Owner : Système | Parent : 780(services.exe) | 9.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3776 | [Owner : Système | Parent : 780(services.exe) | 5.49 Mo] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (11.7.0.1028) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [06/06/2017 00:22:50] CPU Usage:0 % 13320 | [Owner : Système | Parent : 780(services.exe) | 10.11 Mo] - (.Intel Corporation - Intel(R) Local Management Service.) - (11.7.0.1028) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [06/06/2017 00:26:12] CPU Usage:0 % 3732 | [Owner : Système | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Service Broker du moniteur d'exécution System Guard.) - (10.0.17763.1) = C:\Windows\System32\SgrmBroker.exe [15/09/2018 08:29:13] CPU Usage:0 % 11716 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 1408 | [Owner : colis | Parent : 13460(jusched.exe) | 12.17 Mo] - (.Oracle Corporation - Java Update Checker.) - (2.8.161.12) = C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [19/12/2017 19:06:00] CPU Usage:0 % 1116 | [Owner : colis | Parent : 5304() | 70.62 Mo] - (.Valve Corporation - Steam Client Bootstrapper.) - (4.80.58.24) = C:\Program Files (x86)\Steam\Steam.exe [23/07/2016 00:36:30] CPU Usage:0 % 11980 | [Owner : colis | Parent : 1116(Steam.exe) | 39.82 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (4.80.58.24) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [03/09/2018 10:56:49] CPU Usage:0 % 10804 | [Owner : colis | Parent : 11980(steamwebhelper.exe) | 11.34 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (4.80.58.24) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [03/09/2018 10:56:49] CPU Usage:0 % 15104 | [Owner : Système | Parent : 780(services.exe) | 10.89 Mo] - (.Valve Corporation - Steam Client Service.) - (4.80.58.24) = C:\Program Files (x86)\Common Files\Steam\SteamService.exe [10/01/2018 22:11:53] CPU Usage:0 % 9772 | [Owner : colis | Parent : 11980(steamwebhelper.exe) | 33.31 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (4.80.58.24) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [03/09/2018 10:56:49] CPU Usage:0 % 7004 | [Owner : colis | Parent : 11980(steamwebhelper.exe) | 57.29 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (4.80.58.24) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [03/09/2018 10:56:49] CPU Usage:0 % 8692 | [Owner : colis | Parent : 11980(steamwebhelper.exe) | 30.36 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (4.80.58.24) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [03/09/2018 10:56:49] CPU Usage:0 % 9916 | [Owner : colis | Parent : 944(svchost.exe) | 2.64 Mo] - (.-.) - (2018.18091.17210.0) = C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe [16/11/2018 19:23:46] CPU Usage:0 % 11152 | [Owner : colis | Parent : 944(svchost.exe) | 27.67 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.17763.1) = C:\Windows\System32\RuntimeBroker.exe [15/09/2018 08:28:29] CPU Usage:0 % 2600 | [Owner : Système | Parent : 780(services.exe) | 19.58 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 10688 | [Owner : colis | Parent : 944(svchost.exe) | 10.46 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.17763.1) = C:\Windows\System32\dllhost.exe [15/09/2018 08:28:45] CPU Usage:0 % 14424 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 8.47 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 8812 | [Owner : Système | Parent : 780(services.exe) | 33.81 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 3488 | [Owner : colis | Parent : 944(svchost.exe) | 34.31 Mo] - (.Microsoft Corporation - WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe.) - (10.0.17763.1) = C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe [15/09/2018 08:28:40] CPU Usage:0 % 5820 | [Owner : Système | Parent : 780(services.exe) | 6.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 8676 | [Owner : colis | Parent : 944(svchost.exe) | 21.02 Mo] - (.Microsoft Corporation - System Settings Broker.) - (10.0.17763.1) = C:\Windows\System32\SystemSettingsBroker.exe [15/09/2018 08:28:25] CPU Usage:0 % 14892 | [Owner : colis | Parent : 2312(explorer.exe) | 206.73 Mo] - (.Google Inc. - Google Chrome.) - (70.0.3538.102) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 21:41:41] CPU Usage:0 % 11912 | [Owner : colis | Parent : 14892(chrome.exe) | 9.62 Mo] - (.Google Inc. - Google Chrome.) - (70.0.3538.102) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 21:41:41] CPU Usage:0 % 13904 | [Owner : colis | Parent : 14892(chrome.exe) | 9.91 Mo] - (.Google Inc. - Google Chrome.) - (70.0.3538.102) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 21:41:41] CPU Usage:0 % 4436 | [Owner : SERVICE LOCAL | Parent : 780(services.exe) | 5.45 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 13756 | [Owner : colis | Parent : 14892(chrome.exe) | 276.88 Mo] - (.Google Inc. - Google Chrome.) - (70.0.3538.102) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 21:41:41] CPU Usage:0 % 4504 | [Owner : colis | Parent : 14892(chrome.exe) | 101.65 Mo] - (.Google Inc. - Google Chrome.) - (70.0.3538.102) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 21:41:41] CPU Usage:0 % 15484 | [Owner : Système | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 16068 | [Owner : colis | Parent : 14892(chrome.exe) | 32.84 Mo] - (.Google Inc. - Google Chrome.) - (70.0.3538.102) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 21:41:41] CPU Usage:0 % 5300 | [Owner : colis | Parent : 14892(chrome.exe) | 280.1 Mo] - (.Google Inc. - Google Chrome.) - (70.0.3538.102) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 21:41:41] CPU Usage:1 % 6136 | [Owner : colis | Parent : 14892(chrome.exe) | 39.56 Mo] - (.Google Inc. - Google Chrome.) - (70.0.3538.102) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 21:41:41] CPU Usage:0 % 3472 | [Owner : colis | Parent : 13408() | 29.53 Mo] - (.Adobe Systems Incorporated - Adobe Acrobat Reader DC.) - (19.8.20081.46137) = C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe [06/11/2018 20:02:22] CPU Usage:0 % 2436 | [Owner : colis | Parent : 3472(AcroRd32.exe) | 147.24 Mo] - (.Adobe Systems Incorporated - Adobe Acrobat Reader DC.) - (19.8.20081.46137) = C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe [06/11/2018 20:02:22] CPU Usage:0 % 4560 | [Owner : colis | Parent : 3472(AcroRd32.exe) | 36.57 Mo] - (.Adobe Systems Incorporated - Adobe RdrCEF.) - (19.8.20080.44583) = C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe [19/10/2018 23:40:58] CPU Usage:0 % 11640 | [Owner : colis | Parent : 4560(RdrCEF.exe) | 64.06 Mo] - (.Adobe Systems Incorporated - Adobe RdrCEF.) - (19.8.20080.44583) = C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe [19/10/2018 23:40:58] CPU Usage:0 % 15940 | [Owner : colis | Parent : 4560(RdrCEF.exe) | 64 Mo] - (.Adobe Systems Incorporated - Adobe RdrCEF.) - (19.8.20080.44583) = C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe [19/10/2018 23:40:58] CPU Usage:0 % 15308 | [Owner : colis | Parent : 4560(RdrCEF.exe) | 63.85 Mo] - (.Adobe Systems Incorporated - Adobe RdrCEF.) - (19.8.20080.44583) = C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe [19/10/2018 23:40:58] CPU Usage:0 % 6392 | [Owner : colis | Parent : 4560(RdrCEF.exe) | 75.03 Mo] - (.Adobe Systems Incorporated - Adobe RdrCEF.) - (19.8.20080.44583) = C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe [19/10/2018 23:40:58] CPU Usage:0 % 11144 | [Owner : Système | Parent : 780(services.exe) | 5.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 16336 | [Owner : colis | Parent : 14892(chrome.exe) | 67.11 Mo] - (.Google Inc. - Google Chrome.) - (70.0.3538.102) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 21:41:41] CPU Usage:0 % 16348 | [Owner : colis | Parent : 14892(chrome.exe) | 113.49 Mo] - (.Google Inc. - Google Chrome.) - (70.0.3538.102) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 21:41:41] CPU Usage:0 % 16040 | [Owner : colis | Parent : 14892(chrome.exe) | 36.66 Mo] - (.Google Inc. - Google Chrome.) - (70.0.3538.102) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 21:41:41] CPU Usage:0 % 3152 | [Owner : colis | Parent : 14892(chrome.exe) | 78.42 Mo] - (.Google Inc. - Google Chrome.) - (70.0.3538.102) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 21:41:41] CPU Usage:0 % 14800 | [Owner : Système | Parent : 780(services.exe) | 15.56 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe [15/09/2018 08:28:45] CPU Usage:0 % 5116 | [Owner : SERVICE LOCAL | Parent : 2720(svchost.exe) | 17.44 Mo] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.17763.134) = C:\Windows\System32\audiodg.exe [21/11/2018 20:00:15] CPU Usage:0 % 15624 | [Owner : colis | Parent : 14892(chrome.exe) | 50.33 Mo] - (.SosVirus - QuickDiag.) - (31.8.18.1) = D:\Download\QuickDiag (2).exe [23/11/2018 18:09:34] CPU Usage:0 % 8792 | [Owner : colis | Parent : 14892(chrome.exe) | 69.7 Mo] - (.Google Inc. - Google Chrome.) - (70.0.3538.102) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 21:41:41] CPU Usage:0 % 5360 | [Owner : SERVICE RÉSEAU | Parent : 944(svchost.exe) | 9.94 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17763.1) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [15/09/2018 08:29:00] CPU Usage:0 % ---------- | Locked Applications ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\Windows\System32\InputHost.dll (.Intel Corporation.-.User Mode Driver for Intel(R) Graphics Technology.) - (23.20.16.4973) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_c9081e50bcffa972\igd10iumd64.dll (.Intel Corporation.-.Intel Graphics Shader Compiler for Intel(R) Graphics Accelerator.) - (23.20.16.4973) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_c9081e50bcffa972\igc64.dll (..-..) - (0.0.0.0) -- C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellExperiences\TileControl.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellComponents\TaskFlowUI.dll ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) ---------- | svchost.exe Modules (Microsoft Files Whitelisted) (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.23.2.0) -- c:\windows\system32\winsqlite3.dll (..-..) - (0.0.0.0) -- C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\InputHost.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU OneDrive - ("C:\Users\colis\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\...\Run]) - User: JC-10-01-2018\colis Steam - ("C:\Program Files (x86)\Steam\steam.exe" -silent [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\...\Run]) - User: JC-10-01-2018\colis DAEMON Tools Lite Automount - ("C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\...\Run]) - User: JC-10-01-2018\colis GalaxyClient - (C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\...\Run]) - User: JC-10-01-2018\colis CodeMeter Control Center - (C:\PROGRA~2\CODEME~1\Runtime\bin\CODEME~2.EXE [Common Startup]) - User: Public SecurityHealth - (%windir%\system32\SecurityHealthSystray.exe [HKLM\SOFTWARE\...\Run]) - User: Public ShadowPlay - ("C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [HKLM\SOFTWARE\...\Run]) - User: Public Sonic Studio 3 - ("C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe" /start SonicStudioSystray /silent [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\colis\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background "Steam"="C:\Program Files (x86)\Steam\steam.exe" -silent "DAEMON Tools Lite Automount"="C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun "GalaxyClient"=C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "DAEMON Tools Lite Automount"=0x020000000000000000000000 "OneDrive"=0x020000000000000000000000 "Steam"=0x020000000000000000000000 "GalaxyClient"= [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU] "a"=%appdata%\1 "MRUList"=a [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=HP DeskJet 2600 series,winspool,Ne03: "IsMRUEstablished"=1 "LegacyDefaultPrinterMode"=0 [HKLM\Software\Microsoft\Command Processor] "DefaultColor"=0 "EnableExtensions"=1 "CompletionChar"=64 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=%windir%\system32\SecurityHealthSystray.exe "ShadowPlay"="C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart "Sonic Studio 3"="C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe" /start SonicStudioSystray /silent [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "SecurityHealth"=0x060000000000000000000000 "ShadowPlay"=0x020000000000000000000000 "Sonic Studio 3"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "AsInstCD"=0x020000000000000000000000 "ASUS MG611U"=0x020000000000000000000000 "SunJavaUpdateSched"=0x020000000000000000000000 "vspdfprsrv.exe"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D44CC5B8389EF9 [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "ASUS MG611U"="C:\Program Files (x86)\Asus Espada Gaming Mouse\GT200St.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : VideoDevice2=@device:pnp:\\?\usb#vid_090c&pid_f37d&mi_00#6&14a44c2f&0&0000#{65e8773d-8f56-11d0-a3b9-00a0c9223196}\global AudioDevice2=@device:cm:{33D9A762-90C8-11D0-BD43-00A0C911CE86}\wave:{9E589298-EA66-49E3-9076-C5024340B327} ---------- | Tasks List Adobe Acrobat Update Task Adobe Flash Player PPAPI Notifier Adobe Flash Player Updater ASUS Live Update1 ASUS Live Update2 ASUS Splendid ACMON ATK Package 36D18D69AFC3 ATK Package A22126881260 AutoUpdate Allplan 2016 AutoUpdate Allplan 2018 GoogleUpdateTaskMachineCore GoogleUpdateTaskMachineUA HPCustParticipation HP DeskJet 2600 series Intel PTT EK Recertification NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} OneDrive Standalone Update Task-S-1-5-21-1812020250-49885185-2009104261-1001 Optimize Push Notification Data File-S-1-5-21-1812020250-49885185-2009104261-1001 ROG Gaming Center RtHDVBg_ListenToDevice RTKCPL Skype SS3svc32Run SS3svc64Run Update Checker User_Feed_Synchronization-{B9D83AF0-CEDC-427C-A03A-4B0134D827F4} ---------- | Startings up registry ? Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=DeviceInstall UsoSvc gpsvc trustedinstaller "SvcHostSplitThresholdInKB"=3670016 "WaitToKillServiceTimeout"=200 "SystemStartOptions"= NOEXECUTE=OPTIN NOVGA "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(3) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) "LastBootSucceeded"=1 "LastBootShutdown"=1 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [14/01/2018 20:03:43] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "LsaPid"=800 "ProductType"=3 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 "SecureBoot"=1 [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "GlobalFlag2"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "AutoChkSkipSystemPartition"=0 "ResourceTimeoutCount"=648000 [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=64ea6699-a3b3-432e-b604-28097d9 "GlassSessionId"=1 ---------- | .LNK with Arguments ---------- | AppCertDlls ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretTimeout"=5000 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "ScreenSaveActive"=1 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WheelScrollChars"=3 "WindowArrangementActive"=1 "WallPaper"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper [18/11/2018 21:58:07] "WallpaperStyle"=0 "WheelScrollLines"=5 "Win8DpiScaling"=0 "DpiScalingVer"=4096 "UserPreferencesMask"=0x9E1E078012000000 "MaxVirtualDesktopDimension"=1920 "MaxMonitorDimension"=1920 "TranscodedImageCount"=1 "LastUpdated"=0 "TranscodedImageCache"=0x7AC3010083FD0A00000A0000A00500002E7B7631BD9AD30144003A005C0046006F006E006400200064002700E9006300720061006E005C003600370038003600330031002E006A007000670000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "PreferredUILanguages"=fr-FR "WaitToKillAppTimeout"=200 "TranscodedImageCache_000"=0x7AC3010083FD0A00000A0000A00500002E7B7631BD9AD30144003A005C0046006F006E006400200064002700E9006300720061006E005C003600370038003600330031002E006A00700067000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005C005C003F005C0044004900530050004C004100590023004C004700440030003400450038002300340026003100300065003800630033006200610026003000260055004900440032003600350039003800380023007B00650036006600300037006200350066002D0065006500390037002D0034006100390030002D0062003000370036002D003300330066003500370062006600340065006100610037007D0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "HungAppTimeout"=200 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "EdgeDesktopShortcutCreated"=1 "ShellState"=0x240000003F2800000000000000000000000000000100000013000000000000006A000000 "ExplorerStartupTraceRecorded"=1 "UserSignedIn"=1 "SlowContextMenuEntries"=0x6024B221EA3A6910A2DC08002B30309D9D0000007B5D1B1DC90F2E45902C12BACD4FBC2072070000CEC429A936FD7042B4F534ECAC5BD63C480100000114020000000000C0000000000000465202000016EC7DE90DA5BB49AE24CF682282E08DB6010000 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "TelemetrySalt"=2 "GlobalAssocChangedCounter"=12 "FirstRunTelemetryComplete"=1 "AppReadinessLogonComplete"=1 "PostAppInstallTasksCompleted"=1 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=1 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=1 "SeparateProcess"=0 "AutoCheckSelect"=1 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "StoreAppsOnTaskbar"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=13 "TaskbarStateLastRun"=0x9CD2F15B00000000 "ReindexedProfile"=1 "SnapAssist"=0 "TaskbarSmallIcons"=0 "DisablePreviewDesktop"=0 "TaskbarBadges"=1 [HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableTaskMgr"=0 "DisableRegistryTools"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 "NoRun"=0 "NoFolderOptions"=0 "NoControlPanel"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{26afdb68-5aba-49cb-9207-f4b7fcdbc980}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{26afdb68-5aba-49cb-9207-f4b7fcdbc980}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableTaskMgr"=0 "DisableRegistryTools"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 "NoRun"=0 "NoFolderOptions"=0 "NoControlPanel"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=17763 "FirstLogon"=0 "PUUActive"=0x5B98CD3F0100000002000500711700009718000097180000D20000000200030059F231B2077506008A510000000F0000940E0000EF01000003000000E54D00008E000000090000005DB23AC74D83D4017117000000000000010000007117000063450000000000000000000000000000 "DP"=0xD200E80002000000020000005B98CD3F00000000000000005DB23AC74D83D4015DB23AC74D83D401000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000F03F80510100F20F0100082452091825D209A83401804B0070444B01714C97BB00002000201020002018B54B00803A8131407AA3354095C1008083401409A34014394F0900804402000044EA00071A4100800800110529041107B72801802A0220022A162216A3BB00C04070100440741004D73000C0682A0A19682B0A1F5F7A00808111043A8111043A [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "scremoveoption"=0 "LastLogOffEndTimePerfCounter"=2643119433218 "ShutdownFlags"=135 "Userinit"=C:\Windows\system32\userinit.exe, "DisableCad"=1 "DisableLockWorkstation"=0 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-21-1812020250-49885185-2009104261-1001 "LastUsedUsername"=colis [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [15/09/2018 17:39:44] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [15/09/2018 17:39:44] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe"=32 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"=0x53414350010000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000004C25A28A000000003F0000003F000000070000002800000078A30600ECAE060001000000000000000000000A0021000067077CBAC54CD4010000000000000000 "C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"=0x5341435001000000000000000200000028000000000000000000004000000000000000000000000000000000EE24A28A000000003F0000003F0000000700000028000000789303004D67040001000000000000000000000A0021000067077CBAC54CD4010000000000000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000787C03003765040001000000000000000000000A00210000E63F486B2AA0D2010000000100000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C89C0300B381040001000000000000000000000A71200000E63F486B2AA0D2010000000100000000 "C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"=0x534143500100000000000000070000002800000078F3290096F9290001000000000000000000000AF1220000BFA2139DEDD1D301000000800000000002000000280000000000000000000000000000000000000000000000000000000CBBE680000000008500000085000000 "C:\Users\colis\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\ChromeSetup.exe"=0x5341435001000000000000000700000028000000583D1100C0A5110001000000000000000000000A00210000E63F486B2AA0D2010000008100000000 "C:\Users\colis\AppData\Local\Temp\GUM6301.tmp\GoogleUpdateSetup.exe"=0x5341435001000000000000000700000028000000583D1100C0A5110001000000000000000000000A00210000E63F486B2AA0D20100000080000000000200000028000000000000000000004000000000000000000000000000000000987B0000000000000100000001000000 "C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.0.5.0_x86__qmba6cd70vzyy\ROG Aura Core\Aura.exe"=0x534143500100000000000000070000002800000078E18C0123628D0101000000000000000000000A00210000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000C26F0300000000000200000002000000 "C:\Users\colis\Downloads\DTLiteInstaller.exe"=0x5341435001000000000000000700000028000000A0140C00E3800C0001000000000000000000000A00210000E63F486B2AA0D201000000000000000002000000280000000000000000000040000000000000000000000000000000009FD90500000000000100000001000000 "C:\Users\colis\Downloads\wrar550fr.exe"=0x5341435001000000000000000700000028000000C8DC1F00C1EC1F0001000000000000000000000A00210000E63F486B2AA0D201000000800000000002000000280000000000000000000040000000000000000000000000000000003A610000000000000100000001000000 "C:\Users\colis\Downloads\SteamSetup.exe"=0x534143500100000000000000070000002800000088131600052B160001000000000000000000000A00210000E63F486B2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000882D0000000000000100000001000000 "C:\Program Files (x86)\WinRAR\WinRAR.exe"=0x534143500100000000000000020000002800000000000000000000000000000000000000000000000000000057699B00000000004B0000004B0000000700000028000000C8411700F3B9170001000000000000000000000A0021000067077CBAC54CD4010000000000000000 "C:\Program Files (x86)\McAfee\msc\mchlp32.exe"=0x534143500100000000000000070000002800000070F20B007ED70C0001000000000000000000000A00210000E63F486B2AA0D201000000000000000002000000280000000000000000000000000000000000000000000000000000002F000000000000000100000001000000 "C:\Program Files\mcafee\msc\mcuihost.exe"=0x534143500100000000000000070000002800000040931100100C120001000000000000000000000A00210000E78E163C2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000DD3F0C00000000000100000001000000 "C:\Users\colis\AppData\Local\Temp\Rar$EXa2116.41321\Asus Espada Gaming Mouse.exe"=0x53414350010000000000000007000000280000003687AE000000000001000000000000000000010600010000E63F486B2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000CAE80000000000000100000001000000 "C:\Users\colis\Desktop\They.Are.Billions.v0.5.3.5\They Are Billions\TheyAreBillions.exe"=0x5341435001000000000000000700000028000000002826000000000001000000000000000000000AF5220000E78E163C2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000033787200000000000400000004000000 "C:\Program Files\DAEMON Tools Lite\DTAgent.exe"=0x5341435001000000000000000700000028000000C04E5000AE2B510001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000073131500000000001100000011000000 "SIGN.MEDIA=5AC3F68A Setup.exe"=0x534143500100000000000000070000002800000000BC5F003410600001000000000000000000020671220000E63F486B2AA0D2010000000000000000 "C:\Program Files (x86)\Need for Speed Most Wanted 2012\NFS13.exe"=0x534143500100000000000000070000002800000000F0DD001A0CD10001000000000000000000020671220000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000099180000000000000300000003000000 "C:\Users\colis\Desktop\NFS13.exe"=0x534143500100000000000000070000002800000000F0DD001A0CD10001000000000000000000020671220000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000024070000000000000100000001000000 "C:\Users\colis\AppData\Roaming\.minecraft\minecraft launcher\Minecraft Launcher.exe"=0x534143500100000000000000070000002800000022A3190046D9000001000000000000000000010600010000BFA2139DEDD1D30100000000000000000200000028000000000000008000000000020000000000000000000000000000201B4700000000000C0000000C000000 "C:\Users\colis\Downloads\JavaSetup8u151.exe"=0x534143500100000000000000070000002800000040461C00D6281D0001000000000000000000000A71220000E63F486B2AA0D2010000000000000000020000002800000000000000000000400000000000000000000000000000000095610400000000000100000001000000 "C:\Program Files\Internet Explorer\iexplore.exe"=0x534143500100000000000000070000002800000040950C0053520D0001000000010000000000000A00210000E78E163C2AA0D2010000000000000000 "C:\Users\colis\Downloads\League of Legends installer EUW.exe"=0x5341435001000000000000000700000028000000C8AB5A04655D5B0401000000000000000000000A00210000E63F486B2AA0D2010000000000000000 "C:\Users\colis\Desktop\JEU\Forager\Forager.exe"=0x534143500100000000000000070000002800000000884A0040654B0001000000000000000000000A71220000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000A1B81400000000000100000001000000 "D:\Jeu\Assassins.Creed.Unity.v1.5.0.Inclu.ALL.DLC\Assassin's Creed - Unity\ACU.exe"=0x5341435001000000000000000700000028000000D89CD701657ED80101000000000000000000000A73220000E78E163C2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000E2400000000000000400000004000000 "D:\Jeu\Assassins.Creed.Unity.v1.5.0.Inclu.ALL.DLC\Assassin's Creed - Unity\GDF.exe"=0x5341435001000000000000000700000028000000D85A01003564010001000000000000000000010671000000E63F486B2AA0D20100000000000000000100000004000000010000000500000010000000000000000000000000000000000000000200000028000000000000000000000000002000000000000000200000000000CF1C0000000000000200000002000000 "D:\Jeu\Assassins.Creed.Unity.v1.5.0.Inclu.ALL.DLC\Assassin's Creed - Unity\GDFInstall.exe"=0x5341435001000000000000000700000028000000D8EE010047AE020001000000000000000000030671000000E63F486B2AA0D20100000000000000000500000010000000000000000000000000000000000800000200000028000000000000000008004000020000000000000000000000000000E4230000000000000100000001000000 "D:\Jeu\Assassins.Creed.Unity.v1.5.0.Inclu.ALL.DLC\Assassin's Creed - Unity\GDF_rem.exe"=0x5341435001000000000000000700000028000000D858010023D1010001000000000000000000010671000000E63F486B2AA0D201000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000020000000000000002000000000006B100000000000000100000001000000010000000400000001000000 "D:\Jeu\Tooth.and.Tail.v1.1.1.4\setup_tooth_and_tail_1.1.1.4_(17934).exe"=0x5341435001000000000000000700000028000000A8E7F02796B6F12701000000000000000000000A00210000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000075AF0100000000000100000001000000 "D:\Jeu\Tooth and Tail\ToothAndTail.exe"=0x534143500100000000000000070000002800000000F222000000000001000000000000000000000AF1220000E63F486B2AA0D20100000000000000000200000028000000000000001000002000000000000000000000000000000000F52D3800000000000100000001000000 "C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe"=0x5341435001000000000000000700000028000000F87DAA00CE6AAB0001000000000000000000000A00210000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000983D1000000000000100000001000000 "D:\Allplan\setup.exe"=0x534143500100000000000000070000002800000098471200FE2D130001000000000000000000000A00210000E63F486B2AA0D201000000000000000002000000280000000000000000000040000000000000000000000000000000007A78B200000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0A203006855040001000000000000000000000A71200000E63F486B2AA0D2010000000100000000 "D:\Download\Allplan 2018-0-2.exe"=0x5341435001000000000000000700000028000000306C118F6E9F118F01000000000000000000000A00210000E78E163C2AA0D2010000000000000000020000002800000000000000000000400000000000000000000000000000000077D01C00000000000100000001000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.72.117.0_x86__zpdnekdrzrea0\SpotifyMigrator.exe"=0x534143500100000000000000070000002800000090550C00B9290D0001000000000000000000000A00210000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000093868801000000000100000001000000 "D:\Allplan\Prg\nemstart.2018.exe"=0x5341435001000000000000000700000028000000981D080087F4080001000000000000000000000A00210000E78E163C2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000059EF0500000000000100000001000000 "D:\Allplan\Prg\Allplan_2018.exe"=0x5341435001000000000000000700000028000000986D5500D819560001000000000000000000030600010000E78E163C2AA0D20100000000000000000200000028000000000000000000000000000200000000000000000000000000483E8C00000000000100000001000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.72.117.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090E90B0093820C0001000000000000000000000A00210000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000EFB06605000000000200000002000000 "D:\Allplan\Prg\nemstart.2016.exe"=0x534143500100000000000000070000002800000098FD0400D247050001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000000E4E3F00000000000500000005000000 "D:\Allplan\Prg\Allplan_2016.exe"=0x5341435001000000000000000700000028000000989B3F00BF32400001000000000000000000030600010000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000200000000000000000000000000847C5C00000000000500000005000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090E90B006DFE0B0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000F3F9682C000000000800000008000000 "D:\Jeu\Slay.the.Spire.Patch.9\SlayTheSpire.exe"=0x534143500100000000000000070000002800000000B00500BFC7050001000000000000000000000A73220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000009C75BF00000000002800000028000000 "D:\Jeu\RimWorld.v0.18.1722\RimWorldWin.exe"=0x5341435001000000000000000700000028000000007615010000000001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000030A19B00000000000500000005000000 "D:\Jeu\Rogue Legacy by Nicomouk9\setup_rogue_legacy_2.2.0.10.exe"=0x5341435001000000000000000700000028000000900B2F0C01102F0C01000000000000000000010600010000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000908C0000000000000100000001000000 "D:\Jeu\Rogue Legacy by Nicomouk9\patch_rogue_legacy_2.2.1.11.exe"=0x5341435001000000000000000700000028000000A0D20E007D630F0001000000000000000000010600010000E63F486B2AA0D2010000008000000000020000002800000000000000000000000000000000000000000000000000000030270000000000000100000001000000 "D:\Jeu\Rogue Legacy\RogueLegacy.exe"=0x534143500100000000000000070000002800000000C6110000000000010000000000000000000206F1020000DB80FDAC2839D301000000000000000002000000280000000000000030000060000000000000000000000000000000005C96BA00000000000900000009000000 "SIGN.MEDIA=FD1BDF6C setup.exe"=0x5341435001000000000000000700000028000000BE7841000000000001000000000000000000010600010000E63F486B2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000B7070200000000000100000001000000 "D:\Jeu\Snake Pass\SnakePass.exe"=0x5341435001000000000000000700000028000000000607003AFA010001000000000000000000000A73200000E78E163C2AA0D201000000000000000005000000100000000000000000000000000000002000000002000000280000000000000020000060000000000000000000000000000000001E920A00000000000200000002000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\SpotifyMigrator.exe"=0x534143500100000000000000070000002800000090550C008AE20C0001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000005320A301000000000300000003000000 "D:\Jeu\Turmoil by Nicomouk9\TurmoilSteam.exe"=0x5341435001000000000000000700000028000000000E3700B1CA320001000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000001E073600000000000200000002000000 "D:\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe"=0x5341435001000000000000000700000028000000C0872E00DED82E0001000000000000000000000A71220000E63F486B2AA0D201000000000000000002000000280000000000000080000000000000000000000000000000000000002CBD0200000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\17.005.0107.0008\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0AC03001457040001000000000000000000000A71200000E63F486B2AA0D2010000000100000000 "D:\Download\winx-youtube-downloader.exe"=0x534143500100000000000000070000002800000008153301A780330101000000000000000000030600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000B8950000000000000100000001000000 "D:\Deezloader-win32-x64\Deezloader.exe"=0x53414350010000000000000007000000280000000058D8040000000001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000500000000000000000000040000000000000000000000000000000003F41000000000000010000000100000000000000000000000000000000000000000000000000000095CF0000000000000500000000000000 "D:\Jeu\Dragon Cliff\game.exe"=0x534143500100000000000000070000002800000000EE14010000000001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000065801500000000000300000003000000 "D:\Jeu\Aegis Defenders\AegisDefenders.exe"=0x5341435001000000000000000700000028000000007615010000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A88F3900000000000900000009000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.74.380.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090E90B0022F90B0001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000003D90F80F000000000500000005000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.74.380.0_x86__zpdnekdrzrea0\SpotifyMigrator.exe"=0x534143500100000000000000070000002800000090550C003B370D0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000 "C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE"=0x5341435001000000000000000700000028000000B06A1C00B9DD1C0001000000000000000000000A00210000DB80FDAC2839D3010000009100000000 "J:\office 2007\SETUP.EXE"=0x534143500100000000000000070000002800000030110700C7F8070001000000000000000000000671020000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000004D00300000000000100000001000000 "C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.8830.7600.0_x64__8wekyb3d8bbwe\Office16\OfficeHubWin32.exe"=0x5341435001000000000000000700000028000000A8381E0089FB1E0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000DF8C0000000000000100000001000000 "C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE"=0x5341435001000000000000000700000028000000301907002F59070001000000000000000000000671020000DB80FDAC2839D3010000000100000000 "C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE"=0x5341435001000000000000000700000028000000284D0500AAA8050001000000000000000000000671020000BFA2139DEDD1D3010000000100000000 "D:\Jeu\Into the Breach\Breach.exe"=0x5341435001000000000000000700000028000000002A3F000000000001000000000000000000000A71220000DB80FDAC2839D3010000000000000000020000002800000000000000100000200000000000000000000000000000000050677100000000000700000007000000 "C:\Program Files (x86)\Java\jre1.8.0_151\bin\javaw.exe"=0x534143500100000000000000070000002800000040EC0200B2B0030001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000467F0900000000000200000002000000 "D:\Prog\Deezer Downloader v3.2.3.exe"=0x5341435001000000000000000700000028000000421639009693000001000000000000000000000A71200000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000265F0700000000000100000001000000 "D:\Prog\Deezloader-win-64.exe"=0x5341435001000000000000000700000028000000B3275C020000000001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000044CC0100000000000100000001000000 "D:\Prog\Deezloader X64\DeezLoader.exe"=0x534143500100000000000000070000002800000000A2D3040000000001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000005000000000000000000000000000000000000000000000000000000001FF2100000000000E00000003000000000000000000004000000000000000000000000000000000A0C80000000000000200000000000000 "C:\Users\colis\AppData\Local\Temp\{94207815-20cd-4ee5-B240-596274AED21E}\{7B28E39C-883C-4f49-ABFB-5D16796F2DD9}\ISAdmin.exe"=0x5341435001000000000000000700000028000000C01B0D00EC3A0D0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000B3680200000000000100000001000000 "D:\Prog\PDF creator\vspdfprsrv.exe"=0x5341435001000000000000000700000028000000001A6E000000000001000000000000000000020671020000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000001820000000000000100000001000000 "D:\Download\PDFCreator-3_1_2-Setup.exe"=0x53414350010000000000000007000000280000003087F201D064F30101000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000FFF40000000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.025.0204.0009\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0AE0300F24D040001000000000000000000000A71200000DB80FDAC2839D3010000000100000000 "C:\Users\colis\Desktop\FTL.Advanced.Edition.v1.6.7\setup_ftl_-_advanced_edition_1.6.7_(18661).exe"=0x53414350010000000000000007000000280000009887660BA8C0660B01000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000087080100000000000100000001000000 "D:\Jeu\FTL - Advanced Edition\FTLGame.exe"=0x534143500100000000000000070000002800000000B6560035F756000100000000000000000003060001000067077CBAC54CD4010000000000000000020000002800000000000000100000200000000000000000000000000000000033DC7400000000001700000017000000 "D:\Jeu\FTL\FTL_v1.5.4_Install.exe"=0x5341435001000000000000000700000028000000694F420B0000000001000000000000000000020600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000022170000000000000100000001000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090F10B00E25E0C0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000BFF09A29000000000600000006000000 "C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLED.EXE"=0x534143500100000000000000070000002800000010E70000EEE0010001000000000000000000000671020000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000BD820000000000000100000001000000 "C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE"=0x534143500100000000000000070000002800000028FF1001D228110101000000000000000000000671020000BFA2139DEDD1D3010000000100000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\SpotifyMigrator.exe"=0x5341435001000000000000000700000028000000905D0C00A5580D0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000 "C:\Users\colis\AppData\Local\Temp\7zSC8A8F1F4\GenericSetup.exe"=0x5341435001000000000000000700000028000000F80A020026AB020001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000FBA30100000000000100000001000000 "SIGN.MEDIA=33B8494 OriginSetup.exe"=0x5341435001000000000000000700000028000000007067000000000001000000000000000000000A61200000DB80FDAC2839D3010000000000000000020000002800000000000000000800400000000000000000000000000000000096640A00000000000100000001000000 "C:\Program Files (x86)\Need For Speed Payback\NeedForSpeedPayback.exe"=0x534143500100000000000000070000002800000000065C0ABD6A5C0A01000000000000000000000A73220000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000CF160B00000000000400000004000000 "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"=0x5341435001000000000000000700000028000000C0271A0087351A0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000076E8670B000000000100000001000000 "D:\Download\jre-8u161-windows-x64.exe"=0x534143500100000000000000070000002800000040624004C712410401000000000000000000000A73220000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000F9440300000000000100000001000000 "SIGN.MEDIA=3BDF70EB setup.exe"=0x53414350010000000000000007000000280000008F2652000000000001000000000000000000010600010000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000000E380200000000000100000001000000 "D:\Games\Surviving Mars\MarsSteam.exe"=0x5341435001000000000000000700000028000000B8939800B05B990001000000000000000000000A73220000DB80FDAC2839D301000000000000000002000000280000000000000020000060000000000000000000000000000000007132AD00000000000B0000000B000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.044.0301.0006\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0BC0300204F040001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "C:\Users\colis\Desktop\SMLoadr-win-x64_v1.8.0.exe"=0x53414350010000000000000007000000280000008DB815020000000001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000741A5E00000000000100000001000000 "D:\Jeu\Minit\minit.exe"=0x534143500100000000000000070000002800000000E46D0658F76F0601000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000008001000000000000000000000000000000000000DBE26A00000000000500000005000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090F10B0018650C0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000091B59454000000000300000003000000 "C:\Users\colis\Desktop\smloader\SMLoadr-win-x64_v1.8.0.exe"=0x53414350010000000000000007000000280000008DB815020000000001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B0770000000000000100000001000000 "C:\Users\colis\Desktop\smloader\Nouveau dossier\SMLoader_GUI.exe"=0x5341435001000000000000000700000028000000002031000000000001000000000000000000000A73200000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000087280000000000000100000001000000 "C:\Users\colis\Desktop\smloader\Nouveau dossier\SMLoadr-win-x64_v1.9.0.exe"=0x53414350010000000000000007000000280000004CB629020000000001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000005691500000000000200000002000000 "D:\Jeu\Dead.Cells.v04.04.2018\deadcells.exe"=0x5341435001000000000000000700000028000000A8B68B00EB438C0001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000007DDB700000000000800000008000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\SpotifyMigrator.exe"=0x5341435001000000000000000700000028000000905D0C00BF2D0D0001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000004BBA0D01000000000300000003000000 "D:\Download\FreeConvertFLACToMP3Setup.exe"=0x5341435001000000000000000700000028000000A4DF59010000000001000000000000000000010600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000036FA2600000000000100000001000000 "C:\Program Files (x86)\4dots Software\Free Convert FLAC To MP3\FreeConvertFLACToMP3.exe"=0x5341435001000000000000000700000028000000009008000000000001000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000003B011000000000000400000004000000 "D:\Download\Setup_FreeAudioConverter.exe"=0x5341435001000000000000000700000028000000F02829002462290001000000000000000000010600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000042650000000000000100000001000000 "C:\Program Files (x86)\Kastor Free Mp3 M4a Wma Converter\FreeMp3M4aWmaConverter.exe"=0x534143500100000000000000070000002800000000C007000000000001000000000000000000010671200000DB80FDAC2839D30100000000000000000200000028000000000000000000000000100000000000000000000000000000902E1E00000000000300000003000000 "D:\Download\ovideocapture.exe"=0x5341435001000000000000000700000028000000F63D0A000000000001000000000000000000000A41220000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000281B0700000000000100000001000000 "D:\Jeu\NeonDS.exe"=0x534143500100000000000000070000002800000000E026000000000001000000000000000000000671200000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000BD890100000000000100000001000000 "D:\Jeu\DS\DeSmuME_0.9.10_x86.exe"=0x5341435001000000000000000700000028000000001610000000000001000000000000000000020671020000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000001C2C4300000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.065.0329.0002\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0E00300017A040001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "SIGN.MEDIA=5FEDE0C6 setup.exe"=0x5341435001000000000000000700000028000000922652000000000001000000000000000000010600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000034E10100000000000100000001000000 "D:\Games\Frostpunk\Frostpunk.exe"=0x53414350010000000000000007000000280000000090B2010000000001000000000000000000000A73220000DB80FDAC2839D30100000000000000000500000010000000000000000000000000000000200000000200000028000000000000002000006000000000000000000000000000000000F7909700000000000A0000000A000000 "C:\Users\colis\Desktop\smloader\SMLoadr-win-x64_v1.9.2.exe"=0x5341435001000000000000000700000028000000290D1E020000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000AAC75800000000000700000007000000 "C:\Users\colis\Desktop\smloader\GUI\SMLoader.exe"=0x5341435001000000000000000700000028000000002031000000000001000000000000000000000A73200000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A7490100000000000400000004000000 "C:\Program Files\Common Files\EAInstaller\Need for Speed Payback\Cleanup.exe"=0x5341435001000000000000000700000028000000E0270E007ED50E0001000000000000000000020600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000D51B0000000000000100000001000000 "C:\Program Files (x86)\Need for Speed Most Wanted 2012\unins000.exe"=0x534143500100000000000000070000002800000021020B000000000001000000000000000000020600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000020000000000000000000000000000A7130000000000000100000001000000 "C:\Riot Games\League of Legends\LeagueClient.exe"=0x534143500100000000000000070000002800000080E43400951A350001000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000000F336E00000000000200000002000000 "D:\Download\Endless.Legend.v1.5.7.S3.Incl.DLC\Endless.Legend.v1.5.7.S3.Incl.DLC\EndlessLegend.exe"=0x534143500100000000000000070000002800000000823B010000000001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000E69A5001000000000400000004000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.80.474.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090F10B00D0000C0001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000003ABDBF3B000000000600000006000000 "C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.18.0_x86__qmba6cd70vzyy\AuraListen.exe"=0x534143500100000000000000070000002800000000FA24000000000001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000DB000000000000000700000007000000 "D:\Jeu\Endless.Legend.v1.5.7.S3.Incl.DLC\Endless.Legend.v1.5.7.S3.Incl.DLC\EndlessLegend.exe"=0x534143500100000000000000070000002800000000823B010000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000FF91BC01000000000700000007000000 "D:\Prog\CASIO FA-124.exe"=0x534143500100000000000000070000002800000072A71F010000000001000000000000000000010600210000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000009F380100000000000100000001000000 "D:\Prog\Casio FA-124\FA124.exe"=0x5341435001000000000000000700000028000000006013000000000001000000000000000000000671200000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000200000000000000000000000000C4066D00000000000100000001000000 "D:\Jeu\Machiavillain.v1.01.GOG\machiavillain_v1.01_x64_setup.exe"=0x534143500100000000000000070000002800000038BD0B1A61090C1A01000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B7801E00000000000100000001000000 "D:\Jeu\MachiaVillain\MachiaVillain.exe"=0x534143500100000000000000070000002800000000E609000000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000010000020000000000000000000000000000000009A609500000000000300000003000000 "D:\Jeu\STAY.v1.0.2.4\stay.exe"=0x534143500100000000000000070000002800000000C209000000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000208D7D01000000000100000001000000 "D:\Jeu\Wizard of Legend\WizardOfLegend.exe"=0x534143500100000000000000070000002800000000585C010000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000010000020000000000000000000000000000000008EA03300000000000200000002000000 "C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\Office Setup Controller\SETUP.EXE"=0x534143500100000000000000070000002800000030B50600FF1E070003000000000000000000000671020000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000045A0400000000000200000002000000 "D:\Download\office-2016_16-0-7167-2060_fr_431791_64.exe"=0x5341435001000000000000000700000028000000385354005BA9540001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000001B9B1300000000000400000004000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe"=0x5341435001000000000000000700000028000000A8DA2E016B402F0101000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000076141300000000000100000001000000 "D:\Jeu\Graveyard.Keeper.Alpha.v0.669\Graveyard Keeper Alpha\Graveyard Keeper.exe"=0x534143500100000000000000070000002800000000B015010000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000559A6E00000000000500000005000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.091.0506.0003\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0E00300C327040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "D:\Download\readerdc_fr_xa_crd_install.exe"=0x5341435001000000000000000700000028000000F86D12000459130001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000066740300000000000100000001000000 "D:\Jeu\Asylamba.Influence\Influence\influence.exe"=0x53414350010000000000000007000000280000006475A2030000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A1004E00000000000200000002000000 "C:\Users\colis\Desktop\FTBLauncher_64bit.exe"=0x5341435001000000000000000700000028000000B31899000000000001000000000000000000000A73200000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B27D9001000000000700000007000000 "D:\Jeu\Cultist.Simulator\Cultist Simulator\cultistsimulator.exe"=0x534143500100000000000000070000002800000000C209000000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000009B6F2900000000000100000001000000 "D:\Jeu\Duskers\Duskers.exe"=0x5341435001000000000000000700000028000000003E00010000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B66E1E00000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.091.0506.0006\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0E00300534A040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE"=0x5341435001000000000000000700000028000000B09C1A03C5FA1A0301000000000000000000000A00210000BFA2139DEDD1D3010000009100000000 "D:\Download\Solibri-Model-Checker_v9_8_windows_64bit_9_8_30-20180504.exe"=0x5341435001000000000000000700000028000000501BB30F0000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000000D451600000000000100000001000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090ED0B003B9E0C0001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000009F123342000000000100000001000000 "SIGN.MEDIA=3629CB96 Install.exe"=0x5341435001000000000000000700000028000000AB68FD000000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000003B200300000000000100000001000000 "D:\Jeu\Egypt - Old Kingdom\win64\Egypt Old Kingdom.exe"=0x5341435001000000000000000700000028000000009A54010000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000005FB30B01000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.091.0506.0007\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A8E003002796040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Users\colis\AppData\Roaming\uTorrent\uTorrent.exe"=0x5341435001000000000000000700000028000000B8461E00E9041F0001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B83DEB0F000000000400000004000000 "SIGN.MEDIA=55AAAEAE SetFH3.exe"=0x534143500100000000000000070000002800000095101C000000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000500000010000000000000000000000000000000800000000200000028000000000000008000000000000000000000000000000000000000DF4C1C00000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.111.0603.0004\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0F603000E59040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files (x86)\Steam\bin\steamservice.exe"=0x53414350010000000000000007000000280000002089190036B9190001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000005FF20000000000000100000001000000 "D:\Jeu\Salt.and.Sanctuary.v1.0.0.7\salt.exe"=0x534143500100000000000000070000002800000000AC18000000000001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000025C6C422000000000100000001000000 "SIGN.MEDIA=45A8435F Win64\setup.exe"=0x5341435001000000000000000700000028000000754D73000000000001000000000000000000010600010000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000004C600100000000000100000001000000 "D:\Games\Slime Rancher The Little Big Storage\SlimeRancher.exe"=0x5341435001000000000000000700000028000000005A66010000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000020000060000000000000000000000000000000005C813000000000000100000001000000 "D:\Jeu\Death.Skid.Marks.v1.16\IGG-Death.Skid.Marks.v1.16\DeathSkidMarks.exe"=0x53414350010000000000000007000000280000001050E200F8D7DC0001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000011DE1600000000000200000002000000 "SIGN.MEDIA=A61FAC56 setup.exe"=0x5341435001000000000000000700000028000000E02652000000000001000000000000000000010600010000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000947F1300000000000100000001000000 "D:\Games\Crash Bandicoot N Sane Trilogy\CrashBandicootNSaneTrilogy.exe"=0x53414350010000000000000007000000280000005890C801EE33C90101000000000000000000000A73200000BFA2139DEDD1D30100000000000000000200000028000000000000002000006000000000000000000000000000000000CF691F00000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.111.0603.0006\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0F60300D140040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.22.0_x86__qmba6cd70vzyy\AuraListen.exe"=0x5341435001000000000000000700000028000000004C27000000000001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000DA630000000000000600000006000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090ED0B00CBC50C0001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000C4D95B14000000000200000002000000 "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"=0x5341435001000000000000000700000028000000182012004E9B120001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000029010000000000000100000001000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090D10B0093AD0C0001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000067E93F51000000000100000001000000 "D:\Jeu\Infectonator.3.Apocalypse.v1.3.2.2\Infectonator3.exe"=0x5341435001000000000000000700000028000000006C5C010000000001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000071875200000000000200000002000000 "D:\Jeu\Infectonator.Survivors.v1.1.2\Survivors.exe"=0x5341435001000000000000000700000028000000003A0200D308010001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000001A759200000000000100000001000000 "D:\Download\xp68-win-mp495-5_56-ea24.exe"=0x5341435001000000000000000700000028000000986C5C01F2315D0101000000000000000000010600010000BFA2139DEDD1D30100000000000000000200000028000000000000008000004000000000000000000000000000000000F0620000000000000100000001000000 "D:\Download\qm__-win-2_8_5-ea31_2.exe"=0x5341435001000000000000000700000028000000802E9100B53B910001000000000000000000010600010000BFA2139DEDD1D3010000000000000000020000002800000000000000800000400000000000000000000000000000000091430000000000000100000001000000 "C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE"=0x5341435001000000000000000700000028000000800A14003987140001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000002AFCA729000000000100000001000000 "C:\Program Files (x86)\Canon\Quick Menu\CNSEMAIN.EXE"=0x534143500100000000000000070000002800000098F405002EFB050001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000EE020000000000000100000001000000 "D:\Jeu\Star Traders Frontiers\StarTradersFrontiers.exe"=0x534143500100000000000000070000002800000000966D000000000001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A9030000000000000100000001000000 "D:\Jeu\Star Traders Frontiers\LAUNCHER_x64.exe"=0x5341435001000000000000000700000028000000002A04007CA4040001000000000000000000000A73220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000052BD7700000000000500000005000000 "D:\Download\DeezLoader-3.1.1-win-64&32-installer.exe"=0x5341435001000000000000000700000028000000E52066040000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000EF280100000000000200000002000000 "C:\Users\colis\AppData\Local\Programs\DeezLoader\DeezLoader.exe"=0x5341435001000000000000000700000028000000009409040000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000009C7A0700000000000100000001000000 "D:\Download\MP3 Loader Remix 4.1.2-Win64.exe"=0x534143500100000000000000070000002800000011F73E020000000001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000072500000000000000100000001000000 "C:\Users\colis\AppData\Local\Programs\Deezloader Remix\Deezloader Remix.exe"=0x5341435001000000000000000700000028000000006E08040000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000624A0B00000000000200000002000000 "D:\Download\DeezLoader Remaster Setup 5.0.2-ALPHA.exe"=0x5341435001000000000000000700000028000000B8DAE1040000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000002A5C0000000000000100000001000000 "C:\Users\colis\AppData\Local\Programs\DeezLoader Remaster\DeezLoader Remaster.exe"=0x5341435001000000000000000700000028000000002A0B040000000001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000054470100000000000100000001000000 "C:\Users\colis\AppData\Local\Programs\Deezloader Remix\Uninstall Deezloader Remix.exe"=0x5341435001000000000000000700000028000000C5E303000000000003000000000000000000000A00210000BFA2139DEDD1D30100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000130F0000000000000100000001000000 "C:\Users\colis\AppData\Local\Programs\DeezLoader Remaster\Uninstall DeezLoader Remaster.exe"=0x5341435001000000000000000700000028000000D25E07000000000003000000000000000000000A00210000BFA2139DEDD1D3010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000028300000000000000100000001000000 "C:\Users\colis\AppData\Local\Programs\DeezLoader\Uninstall DeezLoader.exe"=0x5341435001000000000000000700000028000000525E07000000000003000000000000000000000A00210000BFA2139DEDD1D3010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000037450000000000000100000001000000 "D:\Prog\Deezloader X64\Uninstall DeezLoader.exe"=0x5341435001000000000000000700000028000000795A07000000000003000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000575F0000000000000100000001000000 "C:\Users\colis\Documents\telegram\Deezloader Remix 4.1.2 - Setup.exe"=0x534143500100000000000000070000002800000011F73E020000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000FE4B0000000000000100000001000000 "C:\Program Files\Java\jre1.8.0_161\bin\javaw.exe"=0x534143500100000000000000070000002800000040280300E5A7030001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000459C3A00000000000200000002000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A80204003EA4040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.23.0_x86__qmba6cd70vzyy\AuraListen.exe"=0x5341435001000000000000000700000028000000005427000000000001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000F61C5524000000000100000001000000 "C:\Users\colis\Desktop\Nouveau dossier (3)\jarfix.exe"=0x534143500100000000000000070000002800000041FF00000000000001000000000000000000010600010000BFA2139DEDD1D3010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400002010000000000000000000000000053360000000000000100000001000000 "C:\Users\colis\Desktop\Nouveau dossier (3)\SkaiaCraft Launcher v2.0.exe"=0x534143500100000000000000070000002800000026D937003ED3010001000000000000000000000A71200000BFA2139DEDD1D30100000000000000000200000028000000000000008000000000000000000000000000000000000000C63F1100000000000100000001000000 "D:\Jeu\Minecraft\SkaiaCraft Launcher v2.0.exe"=0x534143500100000000000000070000002800000026D937003ED3010001000000000000000000000A71200000BFA2139DEDD1D301000000000000000002000000280000000000000080000000000000000000000000000000000000002C45F301000000001300000013000000 "D:\Download\Deezloader Remix\Deezloader Remix 4.1.3 Setup-x64.exe"=0x5341435001000000000000000700000028000000F31031020000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000002A830000000000000100000001000000 "D:\Download\Deezloader Remix\Deezloader Remix 4.1.3 Setup-x32.exe"=0x534143500100000000000000070000002800000005EEE0010000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000D3450000000000000100000001000000 "D:\Prog\Deezloader Remix\Deezloader Remix.exe"=0x53414350010000000000000007000000280000000082F4020000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B5CD1600000000000400000004000000 "D:\Download\Git-2.18.0-64-bit.exe"=0x5341435001000000000000000700000028000000108C73022039740201000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000356A0D00000000000100000001000000 "C:\Program Files\Git\git-bash.exe"=0x53414350010000000000000007000000280000001843020056A9020001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000F8370000000000000100000001000000 "D:\Jeu\The.Binding.of.Isaac.Afterbirth.Plus.Update.22\isaac-ng.exe"=0x5341435001000000000000000700000028000000705159000000000001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000032A8600000000002000000020000000 "D:\Download\UsbFix_11.002.exe"=0x5341435001000000000000000700000028000000A0C03D0056703E0001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000400000000000000000000000000000000078800700000000000100000001000000 "C:\Program Files (x86)\UsbFix\UsbFix.exe"=0x534143500100000000000000070000002800000090821E0017181F0001000000000000000000000A0021000067077CBAC54CD4010000000000000000020000002800000000000000000000400000000000000000000000000000000077569B04000000000400000004000000 "D:\Download\mb3-setup-consumer-3.5.1.2522-1.0.421-1.0.6511.exe"=0x53414350010000000000000007000000280000007831EB0435BEEB0401000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000006D810500000000000100000001000000 "C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe"=0x534143500100000000000000070000002800000050C77B0097507C0001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000081020000000000000100000001000000 "D:\Download\QuickDiag.exe"=0x5341435001000000000000000700000028000000981D4A0083494A0001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000086900700000000000200000002000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.151.0729.0006\FileSyncConfig.exe"=0x534143500100000000000000070000002800000020F80300EE6C040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "D:\Download\SumatraPDF-3.1.2-install.exe"=0x5341435001000000000000000700000028000000902A4A000C1C4B0001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000005C1D0000000000000100000001000000 "C:\Program Files (x86)\SumatraPDF\SumatraPDF.exe"=0x5341435001000000000000000700000028000000909619004C731A0001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000037561F00000000000100000001000000 "D:\Download\QuickDiag (1).exe"=0x534143500100000000000000070000002800000098214A00D8C84A0001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000000F6A0B00000000000300000003000000 "D:\Jeu\RimWorld.Beta.19\RimWorldWin64.exe"=0x534143500100000000000000070000002800000000905C010000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000CB469B00000000000800000008000000 "D:\Download\HPEasyStart_8_1_3713_2.exe"=0x5341435001000000000000000700000028000000F8C9660041AD670001000000000000000000010600010000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000E5FF1200000000000200000002000000 "D:\Jeu\RimWorld.Beta.19\RimWorldWin.exe"=0x534143500100000000000000070000002800000000A415010000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000008D070100000000000100000001000000 "C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe"=0x534143500100000000000000070000002800000020510E005E6E0E0001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000F8100000000000000400000004000000 "SIGN.MEDIA=55A2AE Tor Browser\Browser\firefox.exe"=0x534143500100000000000000070000002800000000E4040090F7040001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000E6180A00000000000100000001000000 "C:\Program Files\HP\HP DeskJet 2600 series\Bin\HP DeskJet 2600 series.exe"=0x534143500100000000000000070000002800000088E478008864790001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000051B60300000000000300000003000000 "SIGN.MEDIA=476F9DCF setup.exe"=0x53414350010000000000000007000000280000000B810A000000000001000000000000000000030600010000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A3E90700000000000100000001000000 "D:\Games\Rayman Legends\Rayman Legends.exe"=0x5341435001000000000000000700000028000000B0B4B8000CE2B80001000000000000000000030671020000BFA2139DEDD1D3010000000000000000020000005000000000000000000000000000000000000000000000000000000093CC5D000000000010000000080000000000000000000040000000000000000000000000000000003E220000000000000200000000000000 "D:\Download\UplayInstaller.exe"=0x534143500100000000000000070000002800000070A5240533FF240501000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000C3E40000000000000100000001000000 "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe"=0x5341435001000000000000000700000028000000582F0700FD44070001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000C6350000000000000100000001000000 "C:\Program Files (x86)\SumatraPDF\uninstall.exe"=0x534143500100000000000000070000002800000090A204001DEA040003000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000FA0D0000000000000100000001000000 "D:\Jeu\Just.One.Line\Just One Line\Just One Line.exe"=0x534143500100000000000000070000002800000000E0F6000000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A39E2400000000000100000001000000 "D:\Jeu\Hotline Miami by Nicomouk9\setup_hotline_miami_2.0.0.4.exe"=0x5341435001000000000000000700000028000000E845D60AEE40D70A01000000000000000000020600010000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B8950000000000000100000001000000 "D:\Jeu\Hotline Miami\HotlineMiami.exe"=0x5341435001000000000000000700000028000000F30D3B010000000001000000000000000000020661200000BFA2139DEDD1D3010000000000000000020000002800000000000000200000600000000000000000000000000000000015FC8000000000000100000001000000 "C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE"=0x5341435001000000000000000700000028000000180F1E00F1C41E0001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.151.0729.0012\FileSyncConfig.exe"=0x534143500100000000000000070000002800000020F30300A795040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "D:\Jeu\Tropico.5.Complete.Collection\setup_tropico5_2.0.0.4.exe"=0x53414350010000000000000007000000280000004866FC018369FC0101000000000000000000030600010000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000103C0300000000000100000001000000 "D:\Jeu\Tropico.5.Complete.Collection\setup_tropico5_complete_collection_dlc_2.0.0.4.exe"=0x5341435001000000000000000700000028000000C84D782714C4782701000000000000000000030600010000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000E5700100000000000100000001000000 "D:\Jeu\Tropico 5\Tropico5.exe"=0x534143500100000000000000070000002800000000CC5D001D3F5E0001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000001000002000000000000000000000000000000000A35BEF00000000000600000006000000 "D:\Jeu\Tropico 5\language_setup.exe"=0x534143500100000000000000070000002800000050422D008A282E0001000000000000000000000A71200000BFA2139DEDD1D30100000000000000000200000028000000000000002000006000000000000000000000000000000000830C0000000000000100000001000000 "C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.24.0_x86__qmba6cd70vzyy\AuraListen.exe"=0x5341435001000000000000000700000028000000005427000000000001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000604CAB018134AC0101000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileSyncConfig.exe"=0x53414350010000000000000007000000280000006010040082C7040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "D:\Games\Frostpunk\unins000.exe"=0x5341435001000000000000000700000028000000712518000000000001000000000000000000010600010000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000200000000000000000000000000000F3C0000000000000100000001000000 "SIGN.MEDIA=DDAE0EEC setup.exe"=0x5341435001000000000000000700000028000000C42652000000000001000000000000000000010600010000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000F5090300000000000100000001000000 "D:\Games\Frostpunk The Fall of Winterhome\Frostpunk.exe"=0x53414350010000000000000007000000280000000054C0010000000001000000000000000000000A73220000BFA2139DEDD1D301000000000000000002000000280000000000000020000060000000000000000000000000000000009FD24900000000000400000004000000 "D:\Jeu\Slay.the.Spire.Patch.45\SlayTheSpire.exe"=0x534143500100000000000000070000002800000000B00500BFC7050001000000000000000000000A73220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000EFD84B00000000000300000003000000 "C:\Program Files (x86)\Steam\Steam.exe"=0x534143500100000000000000070000002800000020F730004B01310001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000003E000000000000000400000004000000 "D:\Jeu\Graveyard.Keeper.v1.037\Graveyard Keeper.exe"=0x534143500100000000000000070000002800000000BC09000000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000008F5AAC00000000000400000004000000 "D:\Download\vlc-3.0.4-win64.exe"=0x5341435001000000000000000700000028000000400879026D56790201000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000EB1B0200000000000100000001000000 "C:\Program Files\VideoLAN\VLC\vlc.exe"=0x5341435001000000000000000700000028000000C80A0F00A7180F0001000000000000000000000600010000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000C3C76803000000000400000004000000 "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"=0x5341435001000000000000000700000028000000F0852500C3CA250001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000001000000000000000000000000000000000D92D0600000000000100000001000000 "D:\Download\flashplayer31pp_xa_install.exe"=0x5341435001000000000000000700000028000000F0691200255A130001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000002C80700000000000100000001000000 "C:\Users\colis\AppData\Local\Temp\jre-8u191-windows-au.exe"=0x534143500100000000000000070000002800000078E11C006A471D0001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000028930000000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"=0x534143500100000000000000070000002800000030C7AB01A084AC0101000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.192.0920.0015\FileSyncConfig.exe"=0x534143500100000000000000070000002800000060340400A607050001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"=0x5341435001000000000000000700000028000000583F180027AF180001000000000000000000000A0021000067077CBAC54CD4010000000100000000 "D:\Download\MediaCreationTool1809.exe"=0x5341435001000000000000000700000028000000E86925014527260101000000000000000000000A00210000BFA2139DEDD1D3010000000000000000 "C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_c9081e50bcffa972\igfxEM.exe"=0x5341435001000000000000000700000028000000B8A10D008D2C0E0001000000000000000000000A7322000067077CBAC54CD4010000000000000000 "C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.0.120.0_x64__8wekyb3d8bbwe\Microsoft.Notes.DesktopBridge.exe"=0x5341435001000000000000000700000028000000008802000000000001000000000000000000000A7322000067077CBAC54CD4010000000000000000 "C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.26.0_x86__qmba6cd70vzyy\AuraListen.exe"=0x5341435001000000000000000700000028000000005427000000000001000000000000000000000A7122000067077CBAC54CD4010000000000000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe"=0x5341435001000000000000000700000028000000208D93001C37940001000000000000000000000A0021000067077CBAC54CD401000000000000000002000000280000000000000000000000000000000000000000000000000000008C990100000000000200000002000000 "D:\Download\QuickDiag (2).exe"=0x534143500100000000000000070000002800000098214A00D8C84A0001000000000000000000000A0021000067077CBAC54CD4010000000000000000 ---------- | IFEO ---------- | Mountpoints2 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{04c18d52-f6f7-11e7-81e8-f894c282f0f4}] : "F:\setup.exe" (AutoRun) [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{d900ce8a-f67e-11e7-81e5-f894c282f0f4}] : "E:\setup.exe" (AutoRun) ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=131870428952399349 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "DisableAntiSpyware"=0 "TrustedImageIdentifier"={GL703VD0-0000-0000-0000-000000000000} "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "ProductType"=2 "InstallLocation"=C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\ "ProductStatus"=0 "InstallTime"=0x81ECCA640B47D301 "OOBEInstallTime"=0x18920D63817FD401 "DisableAntiVirus"=0 "LastEnabledTime"=0xAFB0C6FC5C8AD301 "ManagedDefenderProductType"=0 "BackupLocation"=C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) [HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002] : AF_UNIX [HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000002] : AF_UNIX [HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002] : AF_UNIX [HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000002] : AF_UNIX ---------- | Hosts ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [216.58.204.142] avec 32 octets de donn?es?: R?ponse de 10.6.72.1?: Impossible de joindre le port de destination. R?ponse de 10.6.72.1?: Impossible de joindre le port de destination. R?ponse de 10.6.72.1?: Impossible de joindre le port de destination. R?ponse de 10.6.72.1?: Impossible de joindre le port de destination. Statistiques Ping pour 216.58.204.142: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), ---------- | @ [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=%11%\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=about:blank "Default_Page_URL"=http://asus17win10.msn.com/?pc=ASTE "DisableFirstRunCustomize"=3 "ImageStoreRandomFolder"=fp1f8mf "OperationalData"=12 "CompatibilityFlags"=0 "SearchBandMigrationVersion"=1 "FullScreen"=no "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF530100004600000003060000E9020000 "Start Page_TIMESTAMP"=0xE2A955FA1E8BD301 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=0x010000000F00000039BB737F79F35E040F7106E633061C020000000E0000005A64584D744F4D4B6F4A41253364 "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0x6172CF28628AD301 "IE10RunOnceLastShown"=1 "IE10RunOnceLastShown_TIMESTAMP"=0xA65B21B818B7D301 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "CertificateRevocation"=1 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "ZonesSecurityUpgrade"=0x3154E1DA707FD401 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "WarnonZoneCrossing"=0 "LockDatabase"=131709318414158698 [HKLM\Software\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Start Page"=about:blank "TabProcGrowth"=Medium [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.SMC] "Progid"=Solibri Model Checker v9.8 ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [15/09/2018 08:28:50] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} "KnownProvidersUpgradeTime"=0x998513E0BEA5D301 "Version"=5 "UpgradeTime"=0x998513E0BEA5D301 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] : (Lync Click to Call) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] ---------- | SearchScopes [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] -> (Skype for Business Browser Helper) : C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [23/05/2018 20:56:35] ---------- | Chrome C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\bigefpfhnfcobdlfbedofhhaibnlghod = : Secure Cloud Storage - MEGA - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\cfhdojbkjhnklbpkdaibdccddilifddb = : __MSG_description__ - short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstorageunlimitedStoragenotifications] - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\clhhggbfdinjmjhajaheehoeibfljjno = : Telegram Web App.\nMore info & source code here: https://github.com/zhukov/webogram - short_name: Telegram - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo = : The world's most popular userscript manager - short_name: Tampermonkey - permissions:[notificationsunlimitedStoragetabsidlemanagementwebNavigationwebRequestwebRequestBlockingstoragecontextMenuschrome://favicon/clipboardWritecookies\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\fanagokoaogopceablgmpndejhedkjjb = : __MSG_desc__ - __MSG_name__ - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\femoooemgmjaebeodbbikbkmhlafenpl = : The games feature each level that is a scenario of stickmen going about their daily activities. Your job is to kill all of them. - http://causalitygame.com/chrome/ - short_name: Causality Games - [http://causalitygame.com/chrome/] - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\fjbdgmikfnklbopkafjgbcejoiipemkl = : Google & co - http://en.start.gamigo.com/cultures-online/?affiliateID=778 - Google & co - [http://play.cultures-online.gamigo.com/co/bin/index.php?affiliateID=778] - http://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\gdkfaieogniecdceabnnkfloeomailhg = : Le jeu de serpent renouvelé : palpitant comme jamais ! - http://www.snaky360.fr/ - Snaky 360 - [http://www.snaky360.fr/http://static.snaky360.fr/] - http://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\hfpeacgpdnhofhebmincihdelcemhagd = : Google & co - http://creaturesandcastles.hiive.com/? - Google & co - [http://creaturesandcastles.hiive.com/?] - http://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\hgoflmajhinnohnhkfeggflmmppiilck = : - Black blue shards - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\imkkdabijgkodinlhgncdfmghdcdacmg = : Google & co - short_name: D2NE - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\jlehaidnnmjjkhgbbiombcdifogolhap = : __MSG_bd_gamedesc_696_frameDescription_medium__ - https://www.skyrama.com/?aid=3306&utm_source=online&utm_medium=cws&utm_campaign=default - __MSG_bd_gameTitles_696__ - [https://www.skyrama.com/] - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\knkapnclbofjjgicpkfoagdjohlfjhpd = : A simple but addictive game. Start with four basic items and use them to find dinosaurs unicorns and spaceships! - http://littlealchemy.com/ - Little Alchemy - [*://littlealchemy.com/] - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\lcdhpokmalcfjnfkjlfncgekebcojinn = : Face off against increasingly deadly waves of enemies in this aerial strategy game. - http://www.steambirds.com/ - Steambirds: Survival - [http://www.steambirds.com/] - http://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\mhpdbcnfpodnaefldpdohoibdajcfabp = : Launch Arrows Hurl Fireballs And Swing A Mighty Axe! Explore the fantasy themed desktop and mobile MMO Pocket Legends for FREE! - https://account.spacetimestudios.com/pocketlegends - Pocket Legends - [https://account.spacetimestudios.com/pocketlegends] - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\poknhlcknimnnbfcombaooklofipaibk = : An experiment to render Free Rider tracks in HTML5. - http://canvasrider.com/tracks/featured - Canvas Rider - [http://canvasrider.com/] - https://clients2.google.com/service/update2/crx ---------- | Opera ---------- | Firefox [HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.161.2] - (Java™ Deployment Toolkit) : C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.161.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVision] - (NVIDIA stereo images plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] - (NVIDIA 3D Vision Streaming plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=10.1.1.254 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{0771dd91-7dc7-4264-8517-a9621d7c59f4}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{f7710695-4faa-4549-8e29-6ea5ef54c4f7}] "DhcpNameServer"=10.1.1.254 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{0771dd91-7dc7-4264-8517-a9621d7c59f4}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{f7710695-4faa-4549-8e29-6ea5ef54c4f7}] "DhcpNameServer"=10.1.1.254 ---------- | Applications [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Classes\Applications\POWERPNT.EXE] : "C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE" "%1" [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Classes\Applications\uTorrent.exe] : "C:\Users\colis\AppData\Roaming\uTorrent\uTorrent.exe" "%1" /SHELLASSOC [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\PDFEditor.exe] : D:\Prog\PDF creator\PDFEditor.exe "%1" [HKLM\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\PDFEditor.exe] : D:\Prog\PDF creator\PDFEditor.exe "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DcomLaunch SystemEventsBroker DeviceInstall "rdxgroup"=RetailDemo "Camera"=FrameS "LocalServiceNoNetworkFirewall"=BFE mpssvc "diagnostics"=DiagSvc "PrintWorkflow"=PrintWorkflowUserSvc "wusvcs"=WaaSMedicSvc "BcastDVRUserService"=BcastDVRUserService "GraphicsPerfSvcGroup"=GraphicsPerfSvc "ClipboardSvcGroup"=cbdhsvc "BthAppGroup"=BluetoothUserService "smbsvcs"=lanmanserver browser "DevicesFlow"=DevicesFlowUserSvc ConsentUxUserSvc DevicePickerUserSvc [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=DcomLaunch DeviceInstall "PrintWorkflow"=PrintWorkflowUserSvc "smbsvcs"=lanmanserver ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\8floor] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Adobe] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\AMPLITUDE Studios] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\AppDataLow] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Appnormals] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\ASUS] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\ASUS GT200 Gaming Mouse] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\ASUSTeKcomputer.Inc] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\BitTorrent] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Canon] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\CASIO] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Chromium] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Clarus Victoria] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Clever Endeavour Games] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Contingent99] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\DigitByteStudio] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Disc Soft] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\ej-technologies] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Epic Games] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Free Lives] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\GOG.com] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Google] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\GUTS Department] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Haemimont Games] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Hewlett-Packard] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\HP] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\IGA] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Imagination Technologies] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Intel] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\JavaSoft] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\JOL Studios] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Lazy Bear Games] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Local AppWizard-Generated Applications] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Logitech] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Ludeon Studios] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Malwarebytes] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Meta Interaction] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Misfits Attic] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Monomi Park] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Nahimic] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Nemetschek] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\NeonDS.com] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Netscape] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Node.js] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\NVIDIA Corporation] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\nwjs] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\ODBC] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\pdfforge] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Policies] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\QtProject] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Realtek] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\RegisteredApplications] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\SyncEngines] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\sysinternals] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Toge Productions] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Ubisoft] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Unity] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Valve] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Visan] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Weather Factory] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\WeirdBeard] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\WIBU-SYSTEMS] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Wild Factor] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\WinRAR] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\WinRAR SFX] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Wow6432Node] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\AssignedAccessConfiguration] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\Winlogon] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\4dots Software] [HKLM\Software\AGEIA Technologies] [HKLM\Software\Apple Inc.] [HKLM\Software\ASUS] [HKLM\Software\ASUSTeKcomputer.Inc] [HKLM\Software\Canon] [HKLM\Software\Clients] [HKLM\Software\DefaultUserEnvironment] [HKLM\Software\Disc Soft] [HKLM\Software\Dolby] [HKLM\Software\DTS] [HKLM\Software\EA Games] [HKLM\Software\ej-technologies] [HKLM\Software\Fortemedia] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\GitForWindows] [HKLM\Software\Google] [HKLM\Software\Hewlett-Packard] [HKLM\Software\HP] [HKLM\Software\Intel] [HKLM\Software\IPS] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\Knowles] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nahimic] [HKLM\Software\Nemetschek] [HKLM\Software\Node.js] [HKLM\Software\Nuance] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Oracle] [HKLM\Software\Partner] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RTLSetup] [HKLM\Software\Solibri] [HKLM\Software\SonicFocus] [HKLM\Software\SoundResearch] [HKLM\Software\SRS Labs] [HKLM\Software\SyncIntegrationClients] [HKLM\Software\sysinternals] [HKLM\Software\VideoLAN] [HKLM\Software\WIBU-SYSTEMS] [HKLM\Software\WOW6432Node] [HKLM\Software\Yamaha APO] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\Dwm] [HKLM\Software\Microsoft\Windows\DynamicManagement] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\Heat] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\UpdateApi] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BcastDVRUserService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\btagservice] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BthAppGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ClipboardSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\ASUS] [HKLM\Software\WOW6432Node\Avanquest] [HKLM\Software\WOW6432Node\Canon] [HKLM\Software\WOW6432Node\Codemasters] [HKLM\Software\WOW6432Node\Epic Games] [HKLM\Software\WOW6432Node\EpicGames] [HKLM\Software\WOW6432Node\GOG.com] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Hewlett-Packard] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Nemetschek] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OpenAL] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Riot Games, Inc] [HKLM\Software\WOW6432Node\RocketLife] [HKLM\Software\WOW6432Node\SplitmediaLabs] [HKLM\Software\WOW6432Node\SRS Labs] [HKLM\Software\WOW6432Node\Ubisoft] [HKLM\Software\WOW6432Node\UsbFix] [HKLM\Software\WOW6432Node\Valve] [HKLM\Software\WOW6432Node\Visan] [HKLM\Software\WOW6432Node\WIBU-SYSTEMS] [HKLM\Software\WOW6432Node\WinRAR] [HKLM\Software\WOW6432Node\WOW6432Node] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\Heat] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\UpdateApi] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] ---------- | Drives D: ---------- | C: [18/03/2017 22:03:28] - |SHD| - [387] - C:\$Recycle.Bin [18/11/2018 17:43:33] - |HD| - [36575029] - C:\$Windows.~WS [27/08/2018 19:50:50] - |D| - [2] - C:\autorun.inf [MD5.E715EBDAD90FDD5448677E924C3A6FDD] - [17/10/2017 07:58:51] - |AH| - (.-.) - [14261] - (0.0.0.0) - C:\devlist.txt [14/02/2018 00:27:57] - |SHD| - [0] - C:\Documents and Settings [18/11/2018 17:44:58] - |D| - [632709691] - C:\ESD [31/05/2017 11:08:39] - |D| - [4329549551] - C:\eSupport [MD5.01224851F19C9423A1D7E06F44DBFB6A] - [17/10/2017 07:58:51] - |AH| - (.-.) - [9] - (0.0.0.0) - C:\Finish.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [18/11/2018 20:25:04] - |ASH| - (.-.) - [3387301888] - (0.0.0.0) - C:\hiberfil.sys [17/10/2017 06:52:47] - |HD| - [903597] - C:\Intel [MD5.D41D8CD98F00B204E9800998ECF8427E] - [18/11/2018 20:20:18] - |ASH| - (.-.) - [2013265920] - (0.0.0.0) - C:\pagefile.sys [15/09/2018 08:33:50] - |D| - [0] - C:\PerfLogs [15/09/2018 08:33:50] - |RD| - [12299854932] - C:\Program Files [15/09/2018 08:33:50] - |RD| - [3433191436] - C:\Program Files (x86) [15/09/2018 08:33:50] - |HD| - [6396809762] - C:\ProgramData [30/08/2018 20:38:45] - |D| - [169385026] - C:\QuickDiag [MD5.09BE1C4558A15B4647BE58566D7B9002] - [23/11/2018 18:09:56] - |A| - (.-.) - [224854] - (0.0.0.0) - C:\QuickDiag.txt [MD5.A3417AC94889A8F2F871D11B6A621735] - [04/09/2018 20:43:38] - |RA| - (.-.) - [740366] - (0.0.0.0) - C:\QuickDiag_04_09_2018_21_43_38.txt [MD5.D319E39B7B1F9B70E0700200491DEF26] - [30/08/2018 20:46:54] - |RA| - (.-.) - [501653] - (0.0.0.0) - C:\QuickDiag_30_08_2018_21_46_54.txt [17/10/2017 15:45:37] - |HD| - [5215655281] - C:\Recovery [12/01/2018 21:03:55] - |D| - [11016916473] - C:\Riot Games [MD5.D41D8CD98F00B204E9800998ECF8427E] - [18/11/2018 20:20:18] - |ASH| - (.-.) - [16777216] - (0.0.0.0) - C:\swapfile.sys [17/10/2017 06:46:57] - |SHD| - [0] - C:\System Volume Information [15/09/2018 07:09:26] - |RD| - [55715642480] - C:\Users [15/09/2018 07:09:26] - |AD| - [31260261993] - C:\Windows [18/11/2018 20:19:56] - |D| - [16438813309] - C:\Windows.old ---------- | C:\WINDOWS [15/09/2018 08:33:50] - |D| - [802] - C:\WINDOWS\addins [15/09/2018 08:33:50] - |D| - [13995210] - C:\WINDOWS\appcompat [15/09/2018 08:33:50] - |D| - [8439500] - C:\WINDOWS\apppatch [15/09/2018 08:33:50] - |D| - [0] - C:\WINDOWS\AppReadiness [MD5.F3B25701FE362EC84616A93A45CE9998] - [17/10/2017 15:45:10] - |A| - (.-.) - [2] - (0.0.0.0) - C:\WINDOWS\AsCDProc.log [MD5.E429B09E589DF973E89EE3DDC544262E] - [29/08/2017 09:02:30] - |A| - (.-.) - [24] - (0.0.0.0) - C:\WINDOWS\AsDCDVer.txt [MD5.4DF8E3492AA7D08F93997F4CB546DEC5] - [31/05/2017 11:08:39] - |A| - (.-.) - [28] - (0.0.0.0) - C:\WINDOWS\AsHDIVer.txt [MD5.FFFC81F77E2E26AA5F281FB2E52B7A44] - [20/02/2017 04:08:32] - |A| - (.-.) - [80] - (0.0.0.0) - C:\WINDOWS\ASOFSVer.txt [MD5.3BB2F5C9A68B59B1B6F2EEB1E03103D1] - [17/10/2017 15:45:42] - |A| - (.-.) - [96] - (0.0.0.0) - C:\WINDOWS\AsPEToolVer.txt [MD5.858ED80087AB0CA7FDC94017BC333F37] - [17/10/2017 15:45:20] - |A| - (.-.) - [65] - (0.0.0.0) - C:\WINDOWS\AsProcKitVer.txt [15/09/2018 08:33:50] - |RD| - [1111335314] - C:\WINDOWS\assembly [MD5.C7A13F5302AD240C0E3D0DEF4EB383EB] - [17/10/2017 15:45:42] - |A| - (.-.) - [55] - (0.0.0.0) - C:\WINDOWS\AsToolCDVer.txt [31/05/2017 11:08:39] - |AD| - [336574511] - C:\WINDOWS\ASUS [15/09/2018 08:33:50] - |D| - [740161] - C:\WINDOWS\bcastdvr [MD5.49D0AD393AE0B1EE7F3A3DD81B54BFBF] - [15/09/2018 08:28:22] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [78848] - (10.0.17763.1) - C:\WINDOWS\bfsvc.exe [15/09/2018 08:33:50] - |D| - [39057998] - C:\WINDOWS\Boot [MD5.CFE6BEA5E447FF00887C5F8CB4471108] - [18/11/2018 20:14:12] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [15/09/2018 08:33:50] - |D| - [2449912] - C:\WINDOWS\Branding [15/09/2018 08:23:35] - |D| - [0] - C:\WINDOWS\CbsTemp [MD5.A05828FE00BD5CE94848594670EE8423] - [18/11/2018 20:25:27] - |A| - (.-.) - [26099] - (0.0.0.0) - C:\WINDOWS\comsetup.log [15/09/2018 08:33:50] - |D| - [26634412] - C:\WINDOWS\Containers [MD5.1F334AC7713E228137147CBFBB7BC9AA] - [15/09/2018 17:41:43] - |A| - (.-.) - [33951] - (0.0.0.0) - C:\WINDOWS\Core.xml [MD5.F471CF70EE6D49C5650A4D5295531435] - [20/03/2017 04:43:33] - |A| - (.-.) - [34390] - (0.0.0.0) - C:\WINDOWS\CoreSingleLanguage.xml [24/01/2018 20:02:54] - |D| - [2866688] - C:\WINDOWS\Crystal [MD5.098A3BBE38D28D0378074EAD5729E2EF] - [31/05/2017 11:33:39] - |A| - (.-.) - [10] - (0.0.0.0) - C:\WINDOWS\csup.txt [15/09/2018 08:33:50] - |D| - [11482410] - C:\WINDOWS\Cursors [MD5.0E9C5C5D2B44DF5B3577BBA113F42737] - [14/05/2018 16:27:41] - |A| - (.-.) - [2714] - (0.0.0.0) - C:\WINDOWS\DDACLSys.log [15/09/2018 08:33:50] - |D| - [1286] - C:\WINDOWS\debug [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [18/11/2018 20:27:52] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [15/09/2018 08:33:50] - |D| - [4241520] - C:\WINDOWS\diagnostics [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [18/11/2018 20:27:52] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [15/09/2018 17:39:05] - |D| - [0] - C:\WINDOWS\DigitalLocker [MD5.EB347D503131224273E2680887EAAEB7] - [19/01/2018 10:04:04] - |A| - (.-.) - [83304] - (0.0.0.0) - C:\WINDOWS\DirectX.log [15/09/2018 08:33:50] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files [MD5.92219C3ADC5DDFBF60B85A73E5A23BE6] - [17/10/2017 07:02:35] - |A| - (.-.) - [57156] - (0.0.0.0) - C:\WINDOWS\DPINST.LOG [MD5.587B47BAB4B90B57A8693DBECBD1C8F9] - [29/08/2017 08:55:42] - |A| - (.-.) - [7810] - (0.0.0.0) - C:\WINDOWS\DriverCD_Template.txt [MD5.FD518727D2F50453393A8B05686FA713] - [15/09/2018 08:36:09] - |A| - (.-.) - [1625] - (0.0.0.0) - C:\WINDOWS\DtcInstall.log [15/09/2018 08:33:50] - |HD| - [46584] - C:\WINDOWS\ELAMBKUP [15/09/2018 17:39:05] - |D| - [0] - C:\WINDOWS\en-US [MD5.D033CC75DD4CC0856E89B2A87559C2CC] - [29/10/2018 23:59:07] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4245280] - (10.0.17763.107) - C:\WINDOWS\explorer.exe [15/09/2018 08:33:50] - |RSD| - [415768376] - C:\WINDOWS\Fonts [15/09/2018 17:39:05] - |D| - [110080] - C:\WINDOWS\fr-FR [15/09/2018 08:33:50] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter [15/09/2018 08:33:50] - |D| - [83876454] - C:\WINDOWS\Globalization [15/09/2018 08:33:50] - |D| - [71837628] - C:\WINDOWS\Help [MD5.860149040BEF4711189158FE4505E6C6] - [15/09/2018 08:29:17] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1065472] - (10.0.17763.1) - C:\WINDOWS\HelpPane.exe [MD5.1CECEE8D02A8E9B19D3A1A65C7A2B249] - [15/09/2018 08:29:18] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.17763.1) - C:\WINDOWS\hh.exe [15/05/2018 23:41:12] - |D| - [2630960] - C:\WINDOWS\IAStorAfsService [15/09/2018 08:33:50] - |D| - [29869] - C:\WINDOWS\IdentityCRL [15/09/2018 08:33:50] - |D| - [28822422] - C:\WINDOWS\IME [15/09/2018 08:33:50] - |RD| - [8775009] - C:\WINDOWS\ImmersiveControlPanel [15/09/2018 08:31:55] - |D| - [93841973] - C:\WINDOWS\INF [12/04/2018 00:38:21] - |D| - [0] - C:\WINDOWS\InfusedApps [15/09/2018 08:33:50] - |D| - [38126462] - C:\WINDOWS\InputMethod [MD5.5DDE0C07FC98DC505FCC484D78D2C28F] - [17/10/2017 06:49:14] - |A| - (.-.) - [1572648] - (0.0.0.0) - C:\WINDOWS\Inst.log [15/09/2018 08:33:50] - |HDC| - [1404714239] - C:\WINDOWS\Installer [MD5.8A4031ADC6DBDB241F1CE0483127E33F] - [17/10/2017 07:36:36] - |A| - (.-.) - [696] - (0.0.0.0) - C:\WINDOWS\Inst_AsModelCopy.log [MD5.F291D415A9A4A06C8F5AFA4375498744] - [17/10/2017 06:50:45] - |A| - (.-.) - [18840] - (0.0.0.0) - C:\WINDOWS\Inst_CMD.log [MD5.53FAB06BC2923D11041AC1851CC29275] - [17/10/2017 06:52:01] - |A| - (.-.) - [3248234] - (0.0.0.0) - C:\WINDOWS\Inst_Device.log [15/09/2018 08:33:50] - |D| - [94163] - C:\WINDOWS\L2Schemas [15/09/2018 08:33:50] - |HD| - [0] - C:\WINDOWS\LanguageOverlayCache [15/09/2018 08:33:50] - |D| - [0] - C:\WINDOWS\LiveKernelReports [31/05/2017 11:08:39] - |D| - [112520624] - C:\WINDOWS\Log [15/09/2018 07:09:30] - |D| - [17379373] - C:\WINDOWS\Logs [15/09/2018 08:33:50] - |RSD| - [20517644] - C:\WINDOWS\media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [15/09/2018 08:28:57] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [15/09/2018 08:33:50] - |RD| - [830839986] - C:\WINDOWS\Microsoft.NET [15/09/2018 08:33:50] - |D| - [3135] - C:\WINDOWS\Migration [15/09/2018 08:33:50] - |D| - [0] - C:\WINDOWS\ModemLogs [MD5.782877B30735ABD1EAE241F13145F664] - [15/09/2018 08:28:56] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [254464] - (10.0.17763.1) - C:\WINDOWS\notepad.exe [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [17/10/2017 06:56:16] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\WINDOWS\NvContainerRecovery.bat [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [17/10/2017 06:57:02] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\WINDOWS\NvTelemetryContainerRecovery.bat [15/09/2018 17:40:22] - |D| - [419226] - C:\WINDOWS\OCR [15/09/2018 08:33:50] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [18/11/2018 19:46:56] - |DC| - [391429178] - C:\WINDOWS\Panther [15/09/2018 08:33:50] - |D| - [495430] - C:\WINDOWS\Performance [MD5.41488FD9EE2292AB2A1D81F7F7BAB2FF] - [17/10/2017 06:46:57] - |A| - (.-.) - [104826] - (0.0.0.0) - C:\WINDOWS\PFRO.log [15/09/2018 08:33:50] - |D| - [1136442] - C:\WINDOWS\PLA [15/09/2018 08:33:50] - |D| - [2882721] - C:\WINDOWS\PolicyDefinitions [18/11/2018 20:20:25] - |D| - [3021481] - C:\WINDOWS\Prefetch [15/09/2018 08:33:50] - |RD| - [1910255] - C:\WINDOWS\PrintDialog [15/09/2018 08:33:50] - |D| - [5414458] - C:\WINDOWS\Provisioning [MD5.393E54C64CB60AC1DCA6EBACAA6C30AD] - [15/09/2018 08:29:21] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [358400] - (10.0.17763.1) - C:\WINDOWS\regedit.exe [15/09/2018 08:33:50] - |D| - [1117876] - C:\WINDOWS\Registration [15/09/2018 08:33:50] - |D| - [4617672] - C:\WINDOWS\rescache [15/09/2018 08:33:50] - |D| - [4056938] - C:\WINDOWS\Resources [MD5.0DD3698CBEE8CB6ACEC3379A813F62C1] - [17/10/2017 07:01:50] - |A| - (.Copyright (C) Realtek Semiconductor Corp. - RtCRU.) - [4332032] - (1.13.0.0) - C:\WINDOWS\RtCRU64.exe [MD5.A095B3E67C8EB8F2137EAC63687F2F5B] - [17/10/2017 07:00:55] - |A| - (.Copyright (C) 2016 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2839520] - (1.0.7.0) - C:\WINDOWS\RtlExUpd.dll [15/09/2018 08:33:50] - |D| - [0] - C:\WINDOWS\SchCache [15/09/2018 08:33:50] - |D| - [122082] - C:\WINDOWS\schemas [15/09/2018 08:33:50] - |D| - [7045542] - C:\WINDOWS\security [18/11/2018 20:13:38] - |D| - [9061156536] - C:\WINDOWS\ServiceProfiles [15/09/2018 08:33:50] - |D| - [0] - C:\WINDOWS\ServiceState [15/09/2018 07:09:26] - |D| - [122605822] - C:\WINDOWS\servicing [15/09/2018 08:36:53] - |D| - [10115] - C:\WINDOWS\Setup [MD5.E88E3CFA38B87B1376F1DCBA0D1583DF] - [18/11/2018 20:22:02] - |A| - (.-.) - [5608] - (0.0.0.0) - C:\WINDOWS\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [18/11/2018 20:22:02] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\setuperr.log [15/09/2018 08:33:50] - |D| - [6752256] - C:\WINDOWS\ShellComponents [15/09/2018 08:33:50] - |D| - [52920320] - C:\WINDOWS\ShellExperiences [15/09/2018 08:33:50] - |D| - [6828144] - C:\WINDOWS\SKB [17/10/2017 06:50:06] - |D| - [264188139] - C:\WINDOWS\SoftwareDistribution [15/09/2018 08:33:50] - |D| - [86038209] - C:\WINDOWS\Speech [15/09/2018 08:33:50] - |D| - [98152814] - C:\WINDOWS\Speech_OneCore [MD5.A5F344522764898F2086DBE32464C334] - [15/09/2018 08:28:24] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [132096] - (10.0.17763.1) - C:\WINDOWS\splwow64.exe [15/09/2018 08:33:50] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [18/03/2017 22:03:33] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [15/09/2018 07:09:26] - |D| - [7094444815] - C:\WINDOWS\System32 [15/09/2018 08:33:50] - |D| - [203851288] - C:\WINDOWS\SystemApps [15/09/2018 08:33:51] - |D| - [26481055] - C:\WINDOWS\SystemResources [15/09/2018 07:09:31] - |D| - [1482266989] - C:\WINDOWS\SysWOW64 [15/09/2018 08:33:51] - |D| - [0] - C:\WINDOWS\TAPI [18/03/2017 22:03:29] - |D| - [6] - C:\WINDOWS\Tasks [15/09/2018 08:33:51] - |D| - [4569144] - C:\WINDOWS\Temp [15/09/2018 08:33:51] - |D| - [14424064] - C:\WINDOWS\TextInput [15/09/2018 08:33:51] - |D| - [0] - C:\WINDOWS\tracing [15/09/2018 08:33:51] - |D| - [34407160] - C:\WINDOWS\twain_32 [MD5.4B8ED4EF819DC87A2DC108EF60504FE9] - [15/09/2018 08:29:28] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [64512] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [10/01/2018 21:26:28] - |SD| - [0] - C:\WINDOWS\UpdateAssistantV2 [15/09/2018 08:33:51] - |D| - [12420] - C:\WINDOWS\Vss [15/09/2018 07:09:29] - |D| - [32684] - C:\WINDOWS\WaaS [15/09/2018 08:33:51] - |D| - [15729830] - C:\WINDOWS\Web [MD5.1C7127EA2BC3B2D8713FB0DE8BDCF962] - [18/03/2017 22:03:33] - |A| - (.-.) - [463] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [15/09/2018 08:28:58] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.2CC83D93DD1DDE691158CF5E9882420B] - [17/10/2017 06:50:06] - |A| - (.-.) - [276] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.351FDCE5B7CDE5009C768FFDA64B5E57] - [15/09/2018 08:29:27] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.17763.1) - C:\WINDOWS\winhlp32.exe [15/09/2018 07:09:26] - |D| - [7554876520] - C:\WINDOWS\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [15/09/2018 08:38:26] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.10F2BC4209233AB34BDA602967D0F798] - [15/09/2018 08:29:24] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.17763.1) - C:\WINDOWS\write.exe ---------- | C:\WINDOWS\System32\GroupPolicy ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [09/05/2017 11:07:18] - C:\WINDOWS\Installer\1468d.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/04/2017 11:53:28] - C:\WINDOWS\Installer\14692.msi : (Intel® WiFi - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/03/2017 15:53:48] - C:\WINDOWS\Installer\14697.msi : (Intel® WiFi - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/07/2017 09:08:49] - C:\WINDOWS\Installer\17b24.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/01/2018 12:40:51] - C:\WINDOWS\Installer\1c15c2fb.msi : (Install/UnInstall PhysX Driver + Engines: 2.7.1/3/4/5/6; 2.8.0/1/3 - NVIDIA Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 15:48:44] - C:\WINDOWS\Installer\23468.msi : (NahimicSettingsConfigurator - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 15:48:34] - C:\WINDOWS\Installer\2346d.msi : (AudioCaptureNotificationConfigurator - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 15:48:30] - C:\WINDOWS\Installer\23472.msi : (DeviceRoutingConfigurator - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 16:05:00] - C:\WINDOWS\Installer\23477.msi : (SonicStudio3Setup - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 16:04:30] - C:\WINDOWS\Installer\2347c.msi : (ProfileSwitcherCleanup - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 15:45:56] - C:\WINDOWS\Installer\24e68.msi : (ApoDispatchConfigurator - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 15:49:22] - C:\WINDOWS\Installer\24e6d.msi : (ProductDaemonSetup - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 15:58:58] - C:\WINDOWS\Installer\24e72.msi : (SonicRadar3Setup - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 15:59:02] - C:\WINDOWS\Installer\24e77.msi : (SonicMapperConfigurator - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/01/2018 20:04:50] - C:\WINDOWS\Installer\288f7375.msi : (Epic Games Launcher - Epic Games, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/11/2015 10:56:58] - C:\WINDOWS\Installer\28a283d6.msi : (Epic Games Launcher Prerequisites (x64) - Epic Games, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [02/10/2017 15:00:28] - C:\WINDOWS\Installer\2931c84a.msi : (CodeMeter Runtime Installer - WIBU-SYSTEMS AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/07/2017 07:46:42] - C:\WINDOWS\Installer\2931c84f.msi : (Intel(R) C++ Redistributables on Intel(R) 64 - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/03/2015 09:41:29] - C:\WINDOWS\Installer\295cd832.msi : ( - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/04/2018 19:30:01] - C:\WINDOWS\Installer\30d3a7.msi : (HP DeskJet 2600 series Basic Device Software - HP Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/04/2018 19:30:10] - C:\WINDOWS\Installer\30d3ac.msi : (HP Scan Dropbox destination plugin - HP) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/04/2018 19:30:11] - C:\WINDOWS\Installer\30d3b1.msi : (HP Scan EmailSMTP destination plugin - HP) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/04/2018 19:30:11] - C:\WINDOWS\Installer\30d3b6.msi : (HP Scan FTP destination plugin - HP) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/04/2018 19:30:11] - C:\WINDOWS\Installer\30d3bb.msi : (HP Scan Google Drive destination plugin - HP) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/04/2018 19:30:12] - C:\WINDOWS\Installer\30d3c0.msi : (HP Scan OneDrive destination plugin - HP) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/04/2018 19:30:12] - C:\WINDOWS\Installer\30d3c5.msi : (HP Scan SharePoint destination plugin - HP) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/04/2018 19:30:13] - C:\WINDOWS\Installer\30d3cb.msi : (HP DeskJet 2600 series Get product specific help to easily troubleshoot and fix problems. - HP) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/04/2018 19:30:06] - C:\WINDOWS\Installer\30d3d1.msi : (Product Improvement Study for HP DeskJet 2600 series - HP Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/03/2018 12:29:32] - C:\WINDOWS\Installer\35b2720a.msi : (Java SE Runtime Environment 8 Update 161 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/03/2018 12:32:55] - C:\WINDOWS\Installer\35b27308.msi : (Java Auto Updater - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/12/2017 11:08:00] - C:\WINDOWS\Installer\38374b21.msi : (Install the system files needed for Allplan - Nemetschek Allplan GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/12/2017 11:08:44] - C:\WINDOWS\Installer\38374b27.msi : (Install the system files needed for Allplan - Nemetschek Allplan GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/06/2017 03:56:16] - C:\WINDOWS\Installer\3a3ae.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/08/2017 09:52:30] - C:\WINDOWS\Installer\3a3b3.msi : ( - ASUSTeK COMPUTER INC.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/06/2016 14:08:30] - C:\WINDOWS\Installer\4b8e456.msi : (Install the system files needed for Allplan - Nemetschek Allplan GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/06/2016 14:09:04] - C:\WINDOWS\Installer\4b8e45b.msi : (Install the system files needed for Allplan - Nemetschek Allplan GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/11/2016 05:04:32] - C:\WINDOWS\Installer\6115d.msi : (Device Setup - ASUSTek COMPUTER INC.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/04/2017 16:30:40] - C:\WINDOWS\Installer\6313.msi : (Intel(R) Chipset Device Software - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/05/2018 20:30:45] - C:\WINDOWS\Installer\66dff41.msi : (CASIO FA-124 - CASIO COMPUTER CO., LTD.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/05/2017 04:45:40] - C:\WINDOWS\Installer\694d.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/04/2017 06:33:34] - C:\WINDOWS\Installer\697c.msi : (Intel(R) ME UninstallLegacy - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/06/2017 00:34:10] - C:\WINDOWS\Installer\6981.msi : (Intel(R) Management Engine Components - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/06/2017 00:33:12] - C:\WINDOWS\Installer\6986.msi : (Microsoft VC++ redistributables repacked. - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/06/2017 00:33:22] - C:\WINDOWS\Installer\698b.msi : (Microsoft VC++ redistributables repacked. - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/06/2017 00:33:56] - C:\WINDOWS\Installer\6990.msi : (Intel(R) Management Engine Components - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/04/2017 16:06:34] - C:\WINDOWS\Installer\6995.msi : (Intel(R) Trusted Connect Service Client - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/06/2017 10:30:52] - C:\WINDOWS\Installer\699a.msi : (Intel(R) Serial IO - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/04/2017 03:01:30] - C:\WINDOWS\Installer\6b12.msi : (Intel(R) Wireless Bluetooth(R) Patch/Audio Package Installation - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/07/2017 04:31:42] - C:\WINDOWS\Installer\6b17.msi : ( - ASUSTeK COMPUTER INC.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/08/2016 07:31:14] - C:\WINDOWS\Installer\6b41.msi : ( - ASUSTeK COMPUTER INC.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/06/2017 12:55:28] - C:\WINDOWS\Installer\6b46.msi : (XSplit Gamecaster - SplitmediaLabs) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/06/2017 20:02:44] - C:\WINDOWS\Installer\6b9e.msi : (Intel(R) Rapid Storage Technology - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/05/2018 16:37:47] - C:\WINDOWS\Installer\6c762c0.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/08/2018 20:53:10] - C:\WINDOWS\Installer\aaadc88.msi : (Node.js - Node.js Foundation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/09/2018 19:05:51] - C:\WINDOWS\Installer\e9b907b.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [15/09/2018 08:29:16] - [3329] - C:\WINDOWS\System32\ieuinit.inf [18/11/2018 20:30:03] - [1771406] - C:\WINDOWS\System32\PerfStringBackup.INI [15/09/2018 08:28:56] - [60124] - C:\WINDOWS\System32\tcpmon.ini [15/09/2018 08:28:42] - [2404] - C:\WINDOWS\System32\WimBootCompress.ini [15/09/2018 08:29:28] - [3329] - C:\WINDOWS\Syswow64\ieuinit.inf [15/09/2018 08:29:07] - [2404] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.00ED6A71F6F78BB8ED5281945D4152E5] - |A| - [18/11/2018 20:23:03] - (.-.) - [0.93 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\ASPNETSetup_00000.log [MD5.85D31A7FF1DAA38694B2ED172BE4AE7E] - |A| - [18/11/2018 20:23:04] - (.-.) - [0.94 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\ASPNETSetup_00001.log [MD5.8973E6DCA2B07A83CC6F54873307D0A2] - |A| - [18/11/2018 20:27:47] - (.-.) - [2.52 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\chrome_installer.log [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:27:47] - [0.04 Ko] - C:\WINDOWS\Temp\Crashpad [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 21:50:40] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_alternativeTrace [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 21:50:40] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_aot [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 21:50:40] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_diag [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 21:50:40] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_miniTrace [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [18/11/2018 20:24:51] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DMI4514.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [18/11/2018 20:24:51] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DMI4555.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [18/11/2018 20:24:51] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DMI4577.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [18/11/2018 20:24:51] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DMI459A.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [18/11/2018 20:24:52] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DMI4629.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [18/11/2018 20:24:51] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\FXSAPIDebugLogFile.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [18/11/2018 20:24:51] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\FXSTIFFDebugLogFile.txt [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:21:39] - [0 Ko] - C:\WINDOWS\Temp\intel-gfx-installer-C3D9886E-5DDF-48BC-AD93-09E28F54964A [MD5.917ABFC8862FF791D09A3EDB5F9B85E8] - |A| - [18/11/2018 20:25:17] - (.-.) - [107.37 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20181118-2025.log [MD5.B5E9EB60183ED1E3D3A5CDDDC1C2B107] - |A| - [18/11/2018 20:38:33] - (.-.) - [11.77 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20181118-2038.log [MD5.01D9CCC3EFCFA523896A2F1875D7EBDB] - |A| - [21/11/2018 19:49:06] - (.-.) - [10.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20181121-1949.log [MD5.49AEC0A6CB634E6782FAE7C485BC32D9] - |A| - [21/11/2018 19:49:06] - (.-.) - [16.15 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20181121-1949a.log [MD5.6FE47FE8BF04E6FEDBCB54C3E08D8BAC] - |A| - [21/11/2018 19:49:44] - (.-.) - [61.55 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20181121-1949b.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [21/11/2018 20:31:54] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20181121-2031.log [MD5.3A4D0867F240CB9CC96615EB7E8155CB] - |A| - [21/11/2018 21:00:48] - (.-.) - [10.28 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20181121-2100.log [MD5.4AEAADA74538FAD4E1CE61E4EBCB5EC4] - |A| - [21/11/2018 21:50:40] - (.-.) - [86.66 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20181121-2150.log [MD5.E59C3CEB17AC68A6B466A0895AAC0CA4] - |A| - [21/11/2018 21:55:47] - (.-.) - [10.66 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20181121-2155.log [MD5.B31542CF124CDE0CF9538D5D935DCA96] - |A| - [21/11/2018 22:04:01] - (.-.) - [10.13 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20181121-2204.log [MD5.567A290649C5FDB73B3AFD2596C936B6] - |A| - [22/11/2018 00:02:42] - (.-.) - [3.53 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20181122-0002.log [MD5.935321D8890636441C01D72306D4C4C4] - |A| - [23/11/2018 17:58:44] - (.-.) - [9.93 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20181123-1758.log [MD5.7C0ACAD221FE245BCCE1D72B524EFF3B] - |A| - [23/11/2018 18:01:36] - (.-.) - [16.32 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20181123-1801.log [MD5.CAC519A3813DC05D7CE4076243DFB687] - |A| - [23/11/2018 18:01:36] - (.-.) - [23.94 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20181123-1801a.log [MD5.836E844492EECEC6C6F3498108845E58] - |A| - [18/11/2018 20:28:34] - (.-.) - [2.59 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20181118-202834-0.log [MD5.9768A416B22B5DC71D1C4F9002EB8837] - |A| - [21/11/2018 21:50:46] - (.-.) - [2.59 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20181121-215046-0.log [MD5.5E677E4DC41E40FA84AE2DE60366668F] - |A| - [18/11/2018 20:28:14] - (.-.) - [11.95 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpCmdRun.log [MD5.46A148ED9BFB2CBB8580E1A427D2C9B6] - |A| - [21/11/2018 19:50:07] - (.-.) - [12.92 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpSigStub.log [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:22:13] - [3674.25 Ko] - C:\WINDOWS\Temp\NvidiaLogging [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [21/11/2018 21:50:40] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\officeclicktorun.exe_streamserver(20181121215040F08).log [MD5.B321EFC0192A86BDF9DA4F098DA1B573] - |A| - [21/11/2018 19:54:11] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.00D57B0F-01FA-B79F-08D6-878ED20C4C9B_5__.Public.AppUpdate.dat [MD5.1D913C0D7050AD18EEB8436B3D58AB70] - |A| - [21/11/2018 19:54:11] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.0116DC02-781B-D1D1-FC1C-C80195511E17_5__.Public.AppUpdate.dat [MD5.8BE68D5D35B14C0D8006B2B9D603BB65] - |A| - [21/11/2018 19:54:12] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.0251D65D-E887-28BD-A226-3ECD72FB59C6_5__.Public.AppUpdate.dat [MD5.B88751FC3031923CA2E623ABB25599DE] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.72 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.0862A72D-A96C-83E5-AD0F-78B6AA06F9C6_5__.Public.AppUpdate.dat [MD5.08EDB1C093B905E88857AF24454B2FB4] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.0C8CF327-9D17-CCDE-18AF-DFF4F20070E5_5__.Public.AppUpdate.dat [MD5.88F7575A81CC694372BF425A5C0D1B70] - |A| - [21/11/2018 19:54:11] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.18DDC675-D472-0DB4-9563-7DF7C34F512C_5__.Public.AppUpdate.dat [MD5.CF6EAB6183B2D1745C93CE1EAF62EAEB] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.1F63B8C3-2D48-9497-0A0A-2CBD462EDE76_5__.Public.AppUpdate.dat [MD5.01A655D7EF3F0B453B5CCA6760908A3B] - |A| - [21/11/2018 19:54:11] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.1FE89C0B-9BED-CC5D-7426-9E4025D6BDD9_5__.Public.AppUpdate.dat [MD5.51600292FADB80FD88AE2945378AF7EF] - |A| - [21/11/2018 19:54:12] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.29CC2B0A-897F-1900-95D7-2966BD72E071_5__.Public.AppUpdate.dat [MD5.15805E4002E91CD055984F9DC6EB8E68] - |A| - [21/11/2018 19:54:11] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.32AD62FB-8C4F-BF5A-B766-338FBAED9953_5__.Public.AppUpdate.dat [MD5.686AC0B95CE067631269C3875AB5EA18] - |A| - [21/11/2018 19:54:11] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.3BFD26C9-8DA9-B940-F638-55890012AAB4_5__.Public.AppUpdate.dat [MD5.23556BAAC09D111085D0BF941718CAA7] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.3CF9160F-CCF1-E617-30D1-4DE901F28363_5__.Public.AppUpdate.dat [MD5.8CECE6C79003FE0DC3C1561A1A417B7C] - |A| - [21/11/2018 19:54:12] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.42493DE9-7734-949C-AD90-1D11F59F45CB_5__.Public.AppUpdate.dat [MD5.68CD8CD20F25F3A6B7B4565345C5585F] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.49F33C48-B2DE-F82A-56F2-64425F298B84_5__.Public.AppUpdate.dat [MD5.FF508AC5622324298A8070745EA5BAC1] - |A| - [21/11/2018 19:54:12] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.4AF301E9-F5E0-C8BF-6B7C-938BDDDF84D5_5__.Public.AppUpdate.dat [MD5.0D94E6879FCA836CB2E70ECC659404B9] - |A| - [21/11/2018 19:54:11] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.50611331-FE19-D366-B049-694B8AC9D758_5__.Public.AppUpdate.dat [MD5.7E299D53108F107361FF636F3178AC6E] - |A| - [21/11/2018 19:54:11] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.557EA3BB-623E-ADD9-4DFB-629A8648A038_5__.Public.AppUpdate.dat [MD5.F5E84E28053023CE99FD5B3BE0428620] - |A| - [21/11/2018 19:54:11] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.558F5D32-0827-EB7B-6AD6-D5DB4138B3AA_5__.Public.AppUpdate.dat [MD5.A9773A9813B38B834AA2FE8AE2B5B072] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.5D967502-CACE-3F7B-F464-8E7AF2DC2C5F_5__.Public.AppUpdate.dat [MD5.2E1C9D4977A5B367A0377FFA34403235] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.62B49C0A-499E-A02D-EBCB-EB168E148E52_5__.Public.AppUpdate.dat [MD5.DB337D00949B9450028E5129E2962F68] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.64BBA36A-A7AF-A911-6075-21097AE9C591_5__.Public.AppUpdate.dat [MD5.AD62717DDA29041EBA8DCD4CE3E3CF12] - |A| - [21/11/2018 19:54:11] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.664AA17A-2D25-0823-3315-3708FE16147A_5__.Public.AppUpdate.dat [MD5.3BF6242EB24F4A7F9502678B8B0217CD] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.674C4C14-7BAA-F782-E214-956DC3BEDF39_5__.Public.AppUpdate.dat [MD5.69C64CE75A9E89421D9E772F0531B2B5] - |A| - [21/11/2018 19:54:11] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.68BC3251-2D8B-A604-92BA-893638CA72EA_5__.Public.AppUpdate.dat [MD5.18000F5D17CBDD88DF7E0EA0743F16AD] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.69F3BCAB-8975-C526-30F5-39FA70C77AD9_5__.Public.AppUpdate.dat [MD5.712DB93E76B2EEE4932FE169156891AC] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.6D151227-6BD9-726D-B30E-A8A018DCC82B_5__.Public.AppUpdate.dat [MD5.FE569B95CD7137C4A723B8C35BAFAB8C] - |A| - [21/11/2018 19:54:11] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.6DA3D5C0-A460-4E4E-3B2A-8530BC7CAFDA_5__.Public.AppUpdate.dat [MD5.ED9E71D6D0B941B6D65B6A60C9D5B239] - |A| - [21/11/2018 19:54:11] - (.-.) - [0.81 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.6EA6FC2E-9305-586B-3411-02826D151533_5__.Public.AppUpdate.dat [MD5.9AA70E6F0CDDBF8B49D5656187E523A2] - |A| - [21/11/2018 19:54:11] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.6F5A9E8F-F920-1658-72FF-16C1448402F9_5__.Public.AppUpdate.dat [MD5.D3046EF1CB7C7216C70EFA64A5B6E861] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.70BC17F8-0AA7-CB35-CEE0-EF1B47A0FD3E_5__.Public.AppUpdate.dat [MD5.7FE9392CC2729699B61D7D817F6BFFAF] - |A| - [21/11/2018 19:54:12] - (.-.) - [0.73 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.754078EB-3A78-B444-5FC2-70DFE84EC4E5_5__.Public.AppUpdate.dat [MD5.F7EB1572E4030D16035F95ED3F343732] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.7583E141-6210-5A36-BB89-80D0397C4721_5__.Public.AppUpdate.dat [MD5.4B87DC70501251926CDE9961AD0E71F0] - |A| - [21/11/2018 19:54:11] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.97612282-D1E8-1D6A-9E92-C271E7F177EF_5__.Public.AppUpdate.dat [MD5.DB1F0C9FB2A1C868A6633E265AEFD8C1] - |A| - [21/11/2018 19:54:11] - (.-.) - [0.75 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.9D4DED89-CABC-F4FB-8133-BC5EDB1C7EDA_5__.Public.AppUpdate.dat [MD5.9585EE6E62D329860B19E68CB89D8708] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.A0D50492-A769-FCE9-8C5B-6DC60312B8E4_5__.Public.AppUpdate.dat [MD5.73F73D5B06CE9D43E452E68DDF0783A1] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.A715D489-C343-F20B-B22E-F8D749061B0C_5__.Public.AppUpdate.dat [MD5.A8D8686E95977E5175BD09ED8B11665F] - |A| - [21/11/2018 19:54:12] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.A8EA082C-1D8D-8EB4-4FB0-5516ED51695C_5__.Public.AppUpdate.dat [MD5.F6A06B7E355B50D3F21270B806A4006D] - |A| - [21/11/2018 19:54:11] - (.-.) - [0.72 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.A90B8400-D36D-8235-8BF2-A21A53D3FB65_5__.Public.AppUpdate.dat [MD5.3297A2F5782CE1D4ED95EF28A3979462] - |A| - [21/11/2018 19:54:12] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.ADA26212-6E65-2F41-08F6-8A8E88987557_5__.Public.AppUpdate.dat [MD5.63A9146F02E81DBD35345E26C4D8790C] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.B623E411-ED12-7193-B6D4-8A5ACF622D5E_5__.Public.AppUpdate.dat [MD5.3D51B6539F12ECBB2C7485A74FAFC515] - |A| - [21/11/2018 19:54:11] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.BAA0F9E7-E2C2-C973-EABD-02BBF7402934_5__.Public.AppUpdate.dat [MD5.1D4500A53F6811BF2E350BE49BC04969] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.75 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.BBFD7549-71AE-D8FD-9F58-2EF4C874B21C_5__.Public.AppUpdate.dat [MD5.C28D33FD3387D894BD624B10445A0F7F] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.BCBCED21-3B71-5C75-130E-57B80FDCEE20_5__.Public.AppUpdate.dat [MD5.3F868970749AE01FDEF5C5468301BB8B] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.BF47C4B0-4575-0BC2-9E18-C208BF1393C0_5__.Public.AppUpdate.dat [MD5.802E5F84184EF2266F08F4A309496FC8] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.DFBE09D0-1F22-A9C0-2D3D-3F4C6351E58F_5__.Public.AppUpdate.dat [MD5.D3A8C9D9D308379CE86B308BE4CDB93C] - |A| - [21/11/2018 19:54:12] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.E336BB8F-16ED-7CBE-AFEE-971DD3041585_5__.Public.AppUpdate.dat [MD5.37A36238B1A78D174B3FC7680FA2F21B] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.72 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.E6658C19-4221-2EBE-763A-F0493FBA2BB0_5__.Public.AppUpdate.dat [MD5.E12B200050058219FB0098A54DE91D08] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.E6D3B497-80AF-7F14-F9E6-9606EE369FC3_5__.Public.AppUpdate.dat [MD5.E32CE48AEF8896F9A1D497D38731467E] - |A| - [21/11/2018 19:54:12] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.EEE53744-2BB9-BCA2-A50A-C6A1C5B0A0ED_5__.Public.AppUpdate.dat [MD5.2B36D91D76F5742CFBAAC0010B575F29] - |A| - [21/11/2018 19:54:11] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.FACF9DDE-1FF1-B57D-4D1D-CE479FDD42AF_5__.Public.AppUpdate.dat [MD5.AD27CD1B91148D140BD5249B942F1327] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.FB06EF95-BC48-1A6A-26FB-4450CE9A5906_5__.Public.AppUpdate.dat [MD5.0F485B616F6570BD0D9A5507C47C98F1] - |A| - [21/11/2018 19:54:10] - (.-.) - [0.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\sa.FC8D4DCB-7F29-F014-2169-BDE1CE675801_5__.Public.AppUpdate.dat [MD5.B13AF738AA8BE55154B2752979D76827] - |A| - [18/11/2018 20:20:47] - (.-.) - [0.2 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tem8A1F.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 22:04:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2fd0-22d8-c6aee.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 22:04:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2fd0-22d8-c6b0f.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 22:04:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2fd0-22d8-c6b21.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 22:04:03] - [0 Ko] - C:\WINDOWS\Temp\tw-2fd0-22d8-c6b32.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 22:04:04] - [0 Ko] - C:\WINDOWS\Temp\tw-2fd0-22d8-c6b34.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 22:04:04] - [0 Ko] - C:\WINDOWS\Temp\tw-2fd0-22d8-c6b46.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 22:04:04] - [0 Ko] - C:\WINDOWS\Temp\tw-2fd0-22d8-c6b58.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 22:04:04] - [0 Ko] - C:\WINDOWS\Temp\tw-2fd0-22d8-c6b69.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 22:04:04] - [0 Ko] - C:\WINDOWS\Temp\tw-2fd0-22d8-c6b6b.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 22:04:04] - [0 Ko] - C:\WINDOWS\Temp\tw-2fd0-22d8-c6b9c.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 22:04:04] - [0 Ko] - C:\WINDOWS\Temp\tw-2fd0-22d8-c6bae.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 22:04:04] - [0 Ko] - C:\WINDOWS\Temp\tw-2fd0-22d8-c6bbf.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 22:04:04] - [0 Ko] - C:\WINDOWS\Temp\tw-2fd0-22d8-c6bc1.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 22:04:04] - [0 Ko] - C:\WINDOWS\Temp\tw-2fd0-22d8-c6bd3.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 22:04:04] - [0 Ko] - C:\WINDOWS\Temp\tw-2fd0-22d8-c6bd5.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 22:04:04] - [0 Ko] - C:\WINDOWS\Temp\tw-2fd0-22d8-c6bd7.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 22:04:04] - [0 Ko] - C:\WINDOWS\Temp\tw-2fd0-22d8-c6bf8.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 22:04:04] - [0 Ko] - C:\WINDOWS\Temp\tw-2fd0-22d8-c6c0a.tmp [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:27:46] - [0 Ko] - C:\WINDOWS\Temp\tw-550-554-28695.tmp [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:27:46] - [0 Ko] - C:\WINDOWS\Temp\tw-550-554-286a6.tmp [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:27:46] - [0 Ko] - C:\WINDOWS\Temp\tw-550-554-286a8.tmp [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:27:46] - [0 Ko] - C:\WINDOWS\Temp\tw-550-554-286aa.tmp [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:27:46] - [0 Ko] - C:\WINDOWS\Temp\tw-550-554-286ac.tmp [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:27:46] - [0 Ko] - C:\WINDOWS\Temp\tw-550-554-286ae.tmp [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:27:46] - [0 Ko] - C:\WINDOWS\Temp\tw-550-554-286b0.tmp [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:27:46] - [0 Ko] - C:\WINDOWS\Temp\tw-550-554-286b2.tmp [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:27:46] - [0 Ko] - C:\WINDOWS\Temp\tw-550-554-286c4.tmp [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:27:46] - [0 Ko] - C:\WINDOWS\Temp\tw-550-554-286c6.tmp [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:27:46] - [0 Ko] - C:\WINDOWS\Temp\tw-550-554-286c8.tmp [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:27:46] - [0 Ko] - C:\WINDOWS\Temp\tw-550-554-286ca.tmp [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:27:46] - [0 Ko] - C:\WINDOWS\Temp\tw-550-554-286cc.tmp [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:27:46] - [0 Ko] - C:\WINDOWS\Temp\tw-550-554-286ce.tmp [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:27:46] - [0 Ko] - C:\WINDOWS\Temp\tw-550-554-286d0.tmp [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:27:46] - [0 Ko] - C:\WINDOWS\Temp\tw-550-554-286e2.tmp [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:27:46] - [0 Ko] - C:\WINDOWS\Temp\tw-550-554-286e4.tmp [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:27:46] - [0 Ko] - C:\WINDOWS\Temp\tw-550-554-286e6.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 20:33:54] - [0 Ko] - C:\WINDOWS\Temp\tw-a14-960-f7b36ec.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 20:33:54] - [0 Ko] - C:\WINDOWS\Temp\tw-a14-960-f7b36fd.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 20:33:54] - [0 Ko] - C:\WINDOWS\Temp\tw-a14-960-f7b36ff.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 20:33:54] - [0 Ko] - C:\WINDOWS\Temp\tw-a14-960-f7b3711.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 20:33:54] - [0 Ko] - C:\WINDOWS\Temp\tw-a14-960-f7b3713.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 20:33:54] - [0 Ko] - C:\WINDOWS\Temp\tw-a14-960-f7b3715.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 20:33:54] - [0 Ko] - C:\WINDOWS\Temp\tw-a14-960-f7b3727.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 20:33:54] - [0 Ko] - C:\WINDOWS\Temp\tw-a14-960-f7b3729.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 20:33:54] - [0 Ko] - C:\WINDOWS\Temp\tw-a14-960-f7b373a.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 20:33:54] - [0 Ko] - C:\WINDOWS\Temp\tw-a14-960-f7b374c.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 20:33:54] - [0 Ko] - C:\WINDOWS\Temp\tw-a14-960-f7b374e.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 20:33:54] - [0 Ko] - C:\WINDOWS\Temp\tw-a14-960-f7b3760.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 20:33:54] - [0 Ko] - C:\WINDOWS\Temp\tw-a14-960-f7b3762.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 20:33:54] - [0 Ko] - C:\WINDOWS\Temp\tw-a14-960-f7b3764.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 20:33:54] - [0 Ko] - C:\WINDOWS\Temp\tw-a14-960-f7b3775.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 20:33:54] - [0 Ko] - C:\WINDOWS\Temp\tw-a14-960-f7b3787.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 20:33:54] - [0 Ko] - C:\WINDOWS\Temp\tw-a14-960-f7b3798.tmp [MD5.00000000000000000000000000000000] - |D| - [21/11/2018 20:33:54] - [0 Ko] - C:\WINDOWS\Temp\tw-a14-960-f7b379a.tmp [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:21:40] - [33.88 Ko] - C:\WINDOWS\Temp\VulkanRT [MD5.2468CB10FB3A2B83005621940FB6F7B1] - |A| - [18/11/2018 20:24:25] - (.-.) - [0.24 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\wmsetup.log [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:22:39] - [0 Ko] - C:\WINDOWS\Temp\{523CD644-A110-43AA-B07F-CA42DFF8B625} [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:05] - [0 Ko] - C:\WINDOWS\System32\0409 [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [15/09/2018 08:28:43] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [15/09/2018 08:28:42] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [15/09/2018 08:28:30] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@BackgroundAccessToastIcon.png [MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [15/09/2018 08:28:50] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@bitlockertoastimage.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [15/09/2018 08:28:51] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@EnrollmentToastIcon.png [MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [15/09/2018 08:28:53] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@language_notification_icon.png [MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [15/09/2018 08:29:21] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@optionalfeatures.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [15/09/2018 08:28:56] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@VpnToastIcon.png [MD5.7AC3EA1A5175106ED6467FF0C5315541] - |A| - [15/09/2018 08:28:26] - (.-.) - [14.75 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WiFiNotificationIcon.png [MD5.79166EAF65485F1432DD72B72870026B] - |A| - [15/09/2018 08:29:13] - (.-.) - [190.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@windows-hello-V4.1.gif [MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [15/09/2018 08:29:13] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsHelloFaceToastIcon.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-black.png [MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-white.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [15/09/2018 08:29:14] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WirelessDisplayToast.png [MD5.D0FCF781D0801ABF5F74B54E98076A5B] - |A| - [15/09/2018 08:28:36] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanNotificationIcon.png [MD5.85D91E478AF18125007C531227FF6E59] - |A| - [15/09/2018 08:28:36] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanSimLockIcon.png [MD5.6BB3F65282D9162F188C66D22EAC9D9E] - |A| - [17/10/2017 07:00:56] - (.-.) - [115.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AcpiServiceVnA64.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 07:09:30] - [2819.03 Ko] - C:\WINDOWS\System32\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\af-ZA [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [5.97 Ko] - C:\WINDOWS\System32\am-et [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [0 Ko] - C:\WINDOWS\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [2599.31 Ko] - C:\WINDOWS\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [354.5 Ko] - C:\WINDOWS\System32\ar-SA [MD5.FE6D792232F609743EABF2C089033651] - |A| - [15/09/2018 08:29:14] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [607.5 Ko] - (3.3.2.0) - C:\WINDOWS\System32\archiveint.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\as-IN [MD5.26129D1FB6104D78DE299AC9EFBEC78C] - |A| - [17/10/2017 07:00:56] - (.-.) - [102.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\audioLibVc.dll [MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [15/09/2018 08:28:22] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AverageRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\be-BY [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [347.5 Ko] - C:\WINDOWS\System32\bg-BG [MD5.705628497C0012302212A46ADD463E6E] - |A| - [15/09/2018 08:28:22] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-black.png [MD5.F63C615733A3337BF2BEA96C6EE9B568] - |A| - [15/09/2018 08:28:22] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-high.png [MD5.705628497C0012302212A46ADD463E6E] - |A| - [15/09/2018 08:28:22] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-white.png [MD5.DAF1DCB4AEE839A1965F4CC160C49A53] - |A| - [15/09/2018 08:28:22] - (.-.) - [8.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.png [MD5.28ECA83D7F9D10D69E969675D1FF6725] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.contrast-white.png [MD5.A620186FF1CDE4EE117FC4CAD648B9CC] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\bn-BD [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\bn-IN [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [5654.98 Ko] - C:\WINDOWS\System32\Boot [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\bs-Latn-BA [MD5.FF8455531929A7067F8A6267B34D2DB8] - |A| - [15/09/2018 08:28:42] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [181.5 Ko] - (1.0.0.1) - C:\WINDOWS\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [0.1 Ko] - C:\WINDOWS\System32\Bthprops [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ca-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ca-ES-valencia [MD5.00000000000000000000000000000000] - |HD| - [20/01/2018 17:19:53] - [4487.05 Ko] - C:\WINDOWS\System32\CanonIJ Uninstaller Information [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 07:09:26] - [57772.65 Ko] - C:\WINDOWS\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [25722.67 Ko] - C:\WINDOWS\System32\catroot2 [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\chr-CHER-US [MD5.CADD2A28BAE455036E9B85E2920F472D] - |A| - [25/07/2018 12:37:15] - (.Copyright CANON INC. 2007-2011 All Rights Reserved - IJ Language Monitor.) - [376 Ko] - (0.3.0.1) - C:\WINDOWS\System32\CNMXLMA9.DLL [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [11.19 Ko] - C:\WINDOWS\System32\CodeIntegrity [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [369.5 Ko] - C:\WINDOWS\System32\com [MD5.535884123FABC2C15AA7DEC9834B55D4] - |A| - [15/09/2018 08:28:22] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.contrast-white.png [MD5.89F92266DFC6F93961DFFBB2D6C61A15] - |A| - [15/09/2018 08:28:22] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.png [MD5.A797B0B9070744F439340B5DE54E83BB] - |A| - [17/10/2017 07:00:56] - (.2013 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [119.45 Ko] - (1.0.0.4) - C:\WINDOWS\System32\CONEQMSAPOGUILibrary.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 07:09:26] - [272917.96 Ko] - C:\WINDOWS\System32\config [MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 08:33:50] - [53.11 Ko] - C:\WINDOWS\System32\Configuration [MD5.B7D618A243BB6835F0CC131FFCBD39F7] - |A| - [17/04/2018 03:54:34] - (.-.) - [739.68 Ko] - (0.0.0.0) - C:\WINDOWS\System32\cp_resources.bin [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [405 Ko] - C:\WINDOWS\System32\cs-CZ [MD5.BDEBD2FC4927DA00EEA263AF9CF8F7ED] - |A| - [15/09/2018 08:29:14] - (.© 1996 - 2017 Daniel Stenberg, . - The curl executable.) - [414.5 Ko] - (7.55.1.0) - C:\WINDOWS\System32\curl.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\cy-GB [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [400.5 Ko] - C:\WINDOWS\System32\da-DK [MD5.EA9E2D370555A40721D492DD039C1F32] - |A| - [15/09/2018 08:28:26] - (.-.) - [145 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DataStoreCacheDumpTool.exe [MD5.00000000000000000000000000000000] - |D| - [17/10/2017 07:01:12] - [14664.75 Ko] - C:\WINDOWS\System32\DAX2 [MD5.00000000000000000000000000000000] - |D| - [17/10/2017 07:01:12] - [7069.54 Ko] - C:\WINDOWS\System32\DAX3 [MD5.1066F597FB3B01BCFA79584D3314FD2A] - |A| - [17/10/2017 07:00:56] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX APO Property Page.) - [1518.16 Ko] - (1.1.3.10) - C:\WINDOWS\System32\DAX3APOProp.dll [MD5.3FB5CE5E7990DEBBD2D5869A1D507F90] - |A| - [17/10/2017 07:00:56] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX APO.) - [1295.34 Ko] - (1.1.3.10) - C:\WINDOWS\System32\DAX3APOv251.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [240.31 Ko] - C:\WINDOWS\System32\DDFs [MD5.245DDFDAB6B9CC680D459E548074122C] - |A| - [17/10/2017 07:00:56] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [266.32 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPA64.dll [MD5.3A218313ECF3027B84E300F6420C8A24] - |A| - [17/10/2017 07:00:56] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [303.14 Ko] - (7.6.7.2) - C:\WINDOWS\System32\DDPA64F3.dll [MD5.E0E1648A5451BD2C23C8ED88DAFFC614] - |A| - [17/10/2017 07:00:56] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1919.73 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPD64A.dll [MD5.C04061A1B5E5C08923DBAB3292111738] - |A| - [17/10/2017 07:00:56] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1913.67 Ko] - (7.6.7.2) - C:\WINDOWS\System32\DDPD64AF3.dll [MD5.57AF362CD9AC1A09CDED9F8C2ED2D9DC] - |A| - [17/10/2017 07:00:56] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [319.78 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPO64A.dll [MD5.BBB2AD353DC5CC8DF1BC5013CFC71C11] - |A| - [17/10/2017 07:00:56] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [353.56 Ko] - (7.6.7.2) - C:\WINDOWS\System32\DDPO64AF3.dll [MD5.7BEB2D5A9CC83F7EAACED62734F5A13D] - |A| - [17/10/2017 07:00:56] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6929.87 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPP64A.dll [MD5.EB09D2160EA25ECAB83E27C4608C86ED] - |A| - [17/10/2017 07:00:56] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6117.8 Ko] - (7.6.7.2) - C:\WINDOWS\System32\DDPP64AF3.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [455.5 Ko] - C:\WINDOWS\System32\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [15/09/2018 08:28:30] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultAccountTile.png [MD5.618BA9E529EAB7E11DBA43469481835F] - |A| - [15/09/2018 08:28:22] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [15/09/2018 08:31:36] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultQuestions.json [MD5.851A9305E14B348CA0D9C7FB75391FDB] - |A| - [15/09/2018 08:28:39] - (.-.) - [272.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DesktopKeepOnToastImg.gif [MD5.4A6FA3C0EFD237F104E09A22883D9388] - |A| - [15/09/2018 08:28:44] - (.-.) - [3.85 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DetailedReading-Default.xml [MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 08:33:50] - [925 Ko] - C:\WINDOWS\System32\DiagSvcs [MD5.BE6BCD1A0D8F8F8072996900200D4CF8] - |A| - [15/09/2018 08:28:38] - (.-.) - [82.01 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 07:09:28] - [9542.32 Ko] - C:\WINDOWS\System32\Dism [MD5.6AB2B935BF38EB13CFCB9506223FD6E7] - |A| - [15/09/2018 08:28:22] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.contrast-white.png [MD5.FF004E0B30E5E4EC747B3D8EF6E3B89E] - |A| - [15/09/2018 08:28:22] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.png [MD5.9C1F0EE9215B2CF8072FD7C03956AB86] - |A| - [17/10/2017 07:00:56] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX2 APO Property Page.) - [1132.02 Ko] - (0.8.4.32) - C:\WINDOWS\System32\DolbyDAX2APOProp.dll [MD5.50396D8271278EEEEE0A02CACCD42B20] - |A| - [17/10/2017 07:00:56] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [2387.39 Ko] - (0.8.4.32) - C:\WINDOWS\System32\DolbyDAX2APOv201.dll [MD5.256AB6D153CC9E006F28BBE7BAC9F295] - |A| - [17/10/2017 07:00:56] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [5221.67 Ko] - (0.8.4.32) - C:\WINDOWS\System32\DolbyDAX2APOv211.dll [MD5.C290C360E32A38B01C4717AA3C80EB46] - |A| - [17/10/2017 07:00:56] - (.© 2016 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [1143.43 Ko] - (1.6.0.47) - C:\WINDOWS\System32\DolbyDAX2APOvlldp.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 07:09:28] - [2418.7 Ko] - C:\WINDOWS\System32\downlevel [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:12] - [144232.78 Ko] - C:\WINDOWS\System32\drivers [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [0 Ko] - C:\WINDOWS\System32\DriverState [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 07:09:26] - [3012699.9 Ko] - C:\WINDOWS\System32\DriverStore [MD5.2D4956F501C2DEBBF520BD1334FA3635] - |A| - [15/09/2018 08:29:13] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth1.bin [MD5.7B5E60EF879E30FD999F0F5BDB61A52B] - |A| - [15/09/2018 08:29:13] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth2.bin [MD5.FCA3FA27539CFF2863448CCAF07F0F5E] - |A| - [15/09/2018 08:29:13] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth3.bin [MD5.2F5C6925DC58C904AB553D5FB49F2DD0] - |A| - [15/09/2018 08:29:13] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth4.bin [MD5.F83A32D9E99788D1798C44B0FA4180DD] - |A| - [15/09/2018 08:29:13] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth5.bin [MD5.0D070A4D45A2C027CA55AF4F514A0069] - |A| - [15/09/2018 08:29:13] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth6.bin [MD5.18482889E9C8F882896C98D757CF1B5F] - |A| - [15/09/2018 08:29:13] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth7.bin [MD5.240138ED4016885FBF8C81D5CDCFD173] - |A| - [15/09/2018 08:29:13] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth8.bin [MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 08:33:50] - [161.5 Ko] - C:\WINDOWS\System32\dsc [MD5.1C1C5BA02FEC449DDB79170F336FC6F4] - |A| - [17/10/2017 07:00:56] - (.(c) DTS. - DTS Bass Enhancement COM DLL.) - [726.52 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSBassEnhancementDLL64.dll [MD5.C312BAC9FA677A8659044FCFC9F9C4A7] - |A| - [17/10/2017 07:00:56] - (.(c) DTS. - DTS Boost COM DLL.) - [1473.56 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSBoostDLL64.dll [MD5.8DCB34E8DC1FDF221FCC448B2DFD7296] - |A| - [17/10/2017 07:00:56] - (.(c) DTS. - DTS Gain Compensator COM DLL.) - [430.92 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSGainCompensatorDLL64.dll [MD5.EB6DA5FBB498F96021FE64829CF65CBD] - |A| - [17/10/2017 07:00:56] - (.(c) DTS. - DTS GFX APO.) - [247.95 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSGFXAPO64.dll [MD5.27CEEA2F09A659C786D89275E93DB8CD] - |A| - [17/10/2017 07:00:56] - (.(c) DTS. - DTS GFX APO.) - [246.95 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSGFXAPONS64.dll [MD5.553B28568222DF25D1ED502F8EF55961] - |A| - [17/10/2017 07:00:56] - (.(c) DTS. - DTS LFX APO.) - [247.91 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSLFXAPO64.dll [MD5.B4CCFC91F00037CD41603854A57F54CA] - |A| - [17/10/2017 07:00:56] - (.(c) DTS. - DTS Limiter COM DLL.) - [434.96 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSLimiterDLL64.dll [MD5.94E1F7565FD49FC915BAD5F1EFDD9798] - |A| - [17/10/2017 07:00:56] - (.(c) DTS. - DTS NEO:PC COM DLL.) - [492.48 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSNeoPCDLL64.dll [MD5.ED1CCF259A2E783CF91A1B77FC15ECF6] - |A| - [17/10/2017 07:00:56] - (.(c) DTS. - DTS Surround Sensation Headphone COM DLL.) - [1553.77 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSS2HeadphoneDLL64.dll [MD5.7707F85938B67602EB1B7BB6EA5A4E3E] - |A| - [17/10/2017 07:00:56] - (.(c) DTS. - DTS Surround Sensation Speaker COM DLL.) - [1738.88 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSS2SpeakerDLL64.dll [MD5.7246D90C88D4CE99796A946EF3AD78C3] - |A| - [17/10/2017 07:00:56] - (.(c) DTS. - DTS Symmetry COM DLL.) - [710.38 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSSymmetryDLL64.dll [MD5.7506FC08AE9330B0986B01B8005A3AC5] - |A| - [17/10/2017 07:00:56] - (.(c) DTS. - DTS Voice Clarity COM DLL.) - [691.7 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSVoiceClarityDLL64.dll [MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [15/09/2018 08:28:22] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicLong.bin [MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [15/09/2018 08:28:22] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicMedium.bin [MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [15/09/2018 08:28:22] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicShort.bin [MD5.08C33E4AB904EC0960B0781ED26AE039] - |A| - [15/09/2018 08:28:20] - (.-.) - [2.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\edgehtmlpluginpolicy.bin [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [460 Ko] - C:\WINDOWS\System32\el-GR [MD5.6E53EB28313CC6BDADC3191CF63CECE8] - |A| - [14/02/2018 00:26:32] - (.-.) - [22.66 Ko] - (0.0.0.0) - C:\WINDOWS\System32\emptyregdb.dat [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:05] - [0 Ko] - C:\WINDOWS\System32\en [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [890.11 Ko] - C:\WINDOWS\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [2301.38 Ko] - C:\WINDOWS\System32\en-US [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [435 Ko] - C:\WINDOWS\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [360.5 Ko] - C:\WINDOWS\System32\es-MX [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [319.5 Ko] - C:\WINDOWS\System32\et-EE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\eu-ES [MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 08:33:50] - [16905.14 Ko] - C:\WINDOWS\System32\F12 [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\fa-IR [MD5.4DED57BD7ACB9B0EBBE82034EC44645A] - |A| - [15/09/2018 08:28:26] - (.-.) - [43.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastBulldogImg.png [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [405.5 Ko] - C:\WINDOWS\System32\fi-FI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\fil-PH [MD5.BD67E760D3ACABB87EB95E05B37B0CCD] - |A| - [18/11/2018 20:20:18] - (.-.) - [447.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:05] - [3403.5 Ko] - C:\WINDOWS\System32\fr [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [370.5 Ko] - C:\WINDOWS\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [46537.1 Ko] - C:\WINDOWS\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [0 Ko] - C:\WINDOWS\System32\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ga-IE [MD5.41FD64AE28A0C932CA7B2A250993D675] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.contrast-white.png [MD5.6DC77FD8B062264AF1C6DA325ABB7010] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.png [MD5.2E6AF4D5BF6E31E728F409984C3045D4] - |A| - [15/09/2018 08:29:23] - (.-.) - [86.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\gatherNetworkInfo.vbs [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\gd-GB [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [17/10/2017 06:53:35] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GfxValDisplayLog.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\gl-ES [MD5.00000000000000000000000000000000] - |D| - [18/03/2017 22:03:29] - [0 Ko] - C:\WINDOWS\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [18/03/2017 22:03:29] - [0 Ko] - C:\WINDOWS\System32\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\gu-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ha-Latn-NG [MD5.EA99A87E98D995DE6E280CF85CEAD413] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.contrast-white.png [MD5.B8E586ED92DB703FFA480E254996160E] - |A| - [15/09/2018 08:28:22] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.png [MD5.109BE7608A886F64B1BE78E93A257684] - |A| - [17/10/2017 07:00:56] - (.(c) 2016 Harman. - Harman APO Interface.) - [150.74 Ko] - (1.2.0.0) - C:\WINDOWS\System32\HarmanAudioInterface.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [329 Ko] - C:\WINDOWS\System32\he-IL [MD5.6E9E9D56B192B2995493E529CFF2BBFE] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.contrast-white.png [MD5.7F1E9502267F778F3A8139C35A352190] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.png [MD5.202A07E4526B050E22624328E64E0470] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.contrast-white.png [MD5.1892ACC10CAC009BCAC146AD650ABA58] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.png [MD5.031713BFD5F30E63336D3CA5D2767BE9] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.contrast-white.png [MD5.C1BD7976C99830E33A713D02374054EC] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.png [MD5.9270BD94661CE72F98F5B0BB9D184D15] - |A| - [15/09/2018 08:28:34] - (.-.) - [256.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\hi-IN [MD5.E39CB90645A15503E701E460D4612C0D] - |A| - [17/10/2017 07:00:57] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX2 HiFi API.) - [369.52 Ko] - (0.8.4.82) - C:\WINDOWS\System32\HiFiDAX2API.dll [MD5.B68453B63EEAA6E55FBD5411B779E4F5] - |A| - [17/10/2017 07:00:57] - (.© 2016 Dolby Laboratories, Inc. - Dolby DAX2 HiFi API.) - [396.92 Ko] - (1.6.0.47) - C:\WINDOWS\System32\HiFiDAX2APIPCLL.dll [MD5.0C41F1B45371B9CE83DFC0BA77A9CF74] - |A| - [17/10/2017 07:00:57] - (.© Harman. - Audio by Harman APO.) - [351.9 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMClariFi.dll [MD5.E111D8A64187D7186E507FD4AD93F07A] - |A| - [17/10/2017 07:00:57] - (.© Harman. - Audio by Harman APO.) - [186.46 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMEQ.dll [MD5.CB9C417F9CD6B4A382509425D2B6C3E1] - |A| - [17/10/2017 07:00:57] - (.© Harman. - Audio by Harman APO.) - [186.45 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMEQ_Voice.dll [MD5.F739A3E7E9C8EAD418A80715C765EB41] - |A| - [17/10/2017 07:00:57] - (.© Harman. - Audio by Harman APO.) - [199.06 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMHVS.dll [MD5.C4CDBA5B592882476FEDA2A2056E86CB] - |A| - [17/10/2017 07:00:57] - (.© Harman. - Audio by Harman APO.) - [175.38 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMLimiter.dll [MD5.D74F25DE979F40AD4E47ECF8B7BC34F1] - |A| - [17/10/2017 07:00:57] - (.?Harman. - Audio by Harman APO UI.) - [406.74 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMUI.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [336.5 Ko] - C:\WINDOWS\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [412.5 Ko] - C:\WINDOWS\System32\hu-HU [MD5.E092D70A1D2D6E2CE75071A0A12EC06C] - |A| - [15/09/2018 08:29:24] - (.-.) - [37.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HvSocket.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\hy-AM [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:40:58] - [160.64 Ko] - C:\WINDOWS\System32\hydrogen [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [5.36 Ko] - C:\WINDOWS\System32\ias [MD5.9FD9E3896EF9ACE30AEB559CB158FB30] - |A| - [17/10/2017 07:00:57] - (.Copyright (c) 2017, ICEpower a/s - ICEpower ICEsound APO.) - [664.6 Ko] - (1.0.0.29) - C:\WINDOWS\System32\ICEsoundAPO64.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [36.27 Ko] - C:\WINDOWS\System32\icsxml [MD5.4E8DC385E4272D240107F7FAAA5AFB6D] - |RA| - [15/09/2018 08:28:36] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1812.5 Ko] - (61.1.0.0) - C:\WINDOWS\System32\icuin.dll [MD5.18FDD8D8C5BFA9B1767C2BFE97E74090] - |RA| - [15/09/2018 08:28:36] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1315.5 Ko] - (61.1.0.0) - C:\WINDOWS\System32\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\id-ID [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ig-NG [MD5.A7E93F47E4B9A9D3C196CAFAE135990D] - |A| - [17/04/2018 07:14:12] - (.-.) - [271.95 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igfxCPL.cpl [MD5.5C75F3B35EB158BF27B87A5920B77A3E] - |A| - [15/09/2018 08:28:22] - (.-.) - [195 Ko] - (0.0.0.0) - C:\WINDOWS\System32\IHDS.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [25900.42 Ko] - C:\WINDOWS\System32\IME [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [0 Ko] - C:\WINDOWS\System32\inetsrv [MD5.437B8732902A8DF6E14101AA963A5D4F] - |A| - [15/09/2018 08:28:36] - (.-.) - [814.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [6841.5 Ko] - C:\WINDOWS\System32\InputMethod [MD5.8DE9AE82152650C178BF1E24014E8503] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.contrast-white.png [MD5.0B9FBD6F3ED617CD36D042D3422F1C2B] - |A| - [15/09/2018 08:28:22] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.png [MD5.3CFF1D6A891D9B3B1F662E312254AFE4] - |A| - [17/04/2018 07:15:16] - (.Copyright © The Khronos Group Inc 2016 - OpenCL Client DLL.) - [141.45 Ko] - (2.1.1.0) - C:\WINDOWS\System32\Intel_OpenCL_ICD64.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [0 Ko] - C:\WINDOWS\System32\Ipmi [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\is-IS [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [434 Ko] - C:\WINDOWS\System32\it-IT [MD5.23AC7515B6D8A794BCC01B582F044078] - |A| - [15/09/2018 08:28:22] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.contrast-white.png [MD5.3DF873E16CCEA9B42857FB5FA085CB00] - |A| - [15/09/2018 08:28:22] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\kk-KZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\km-KH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\kn-IN [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [297.5 Ko] - C:\WINDOWS\System32\ko-KR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\kok-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ku-Arab-IQ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ky-KG [MD5.9451D4436E2EA67EB33FCC764E4AABED] - |A| - [15/09/2018 08:28:39] - (.-.) - [186.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LaptopPlugInToastImg.gif [MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [15/09/2018 08:28:22] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LargeRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\lb-LU [MD5.157FB82D7141B18624FF2D42190C97E1] - |A| - [15/09/2018 17:39:53] - (.-.) - [1572 Ko] - (2.6.5.1) - C:\WINDOWS\System32\libcrypto.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [625.17 Ko] - C:\WINDOWS\System32\Licenses [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\lo-LA [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [5383.71 Ko] - C:\WINDOWS\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [334.5 Ko] - C:\WINDOWS\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [333 Ko] - C:\WINDOWS\System32\lv-LV [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [62320.46 Ko] - C:\WINDOWS\System32\Macromed [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:40:28] - [32.68 Ko] - C:\WINDOWS\System32\MailContactsCalendarSync [MD5.162681E1AABA50C46DDAF4FD9C5EC50B] - |A| - [15/09/2018 08:28:57] - (.-.) - [839 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MBR2GPT.EXE [MD5.F23EB28468FC8B62AF941308EC30387F] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.contrast-white.png [MD5.6E27512E38D598E0A60F8E5ADCF032CD] - |A| - [15/09/2018 08:28:22] - (.-.) - [0.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.png [MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [15/09/2018 08:28:22] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediumRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\mi-NZ [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:13:38] - [1111.82 Ko] - C:\WINDOWS\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [5212.88 Ko] - C:\WINDOWS\System32\migration [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [47434.35 Ko] - C:\WINDOWS\System32\migwiz [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\mk-MK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ml-IN [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [15/09/2018 08:31:36] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\mmc.exe.config [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\mn-MN [MD5.B43E43FFFDD0F06A6925C7C89594042B] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.contrast-white.png [MD5.5D2F0D3E50BF1129D260AC1405FF2A18] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\mr-IN [MD5.00000000000000000000000000000000] - |D| - [11/01/2018 00:16:53] - [0 Ko] - C:\WINDOWS\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ms-MY [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [45.5 Ko] - C:\WINDOWS\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [4292.28 Ko] - C:\WINDOWS\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\mt-MT [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [20.55 Ko] - C:\WINDOWS\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [34.35 Ko] - C:\WINDOWS\System32\my-mm [MD5.505D4334EE8AA8205C6BA4835263F43D] - |A| - [17/10/2017 07:00:57] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [5462.51 Ko] - (6.3.9600.17246) - C:\WINDOWS\System32\NAHIMICAPOlfx.dll [MD5.DDCEB99B7BE4FA07C5BC56151E371264] - |A| - [17/10/2017 07:00:57] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO Settings Communication Dll.) - [980.33 Ko] - (1.0.0.14866) - C:\WINDOWS\System32\NahimicAPONSControl.dll [MD5.FA5300E74175A469924DC5E901B3CB1F] - |A| - [17/10/2017 07:00:57] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [5799.72 Ko] - (6.3.9600.17246) - C:\WINDOWS\System32\NAHIMICV2apo.dll [MD5.B8112CA86B0E387C1A004914B4ACFFE0] - |A| - [17/10/2017 07:00:57] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [6311.68 Ko] - (10.0.10011.16384) - C:\WINDOWS\System32\NAHIMICV3apo.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [396 Ko] - C:\WINDOWS\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [896 Ko] - C:\WINDOWS\System32\NDF [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ne-NP [MD5.4B76CF89D9A7C58D1216BAA609AF5349] - |A| - [14/02/2018 00:21:01] - (.-.) - [129.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetSetupMig.log [MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [15/09/2018 08:29:23] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [51 Ko] - C:\WINDOWS\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [431 Ko] - C:\WINDOWS\System32\nl-NL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\nn-NO [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\nso-ZA [MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 08:33:50] - [3781.5 Ko] - C:\WINDOWS\System32\Nui [MD5.A5B61A97393620007C04D6510ED440C0] - |A| - [17/10/2017 06:56:33] - (.-.) - [8135 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvcoproc.bin [MD5.DEF07D5AA963F5601E5C709DE7625D88] - |A| - [15/10/2018 00:18:36] - (.-.) - [43.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvinfo.pb [MD5.D73A30E4A19CEF650E5D596EF05EC059] - |A| - [17/10/2017 06:57:08] - (.-.) - [118.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NvRtmpStreamer64.dll [MD5.7F3D6C958422727C4EA7C247E4743C8F] - |A| - [15/09/2018 17:40:58] - (.-.) - [17.14 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OEMDefaultAssociations.xml [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-black.png [MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-white.png [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.png [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [43887.31 Ko] - C:\WINDOWS\System32\oobe [MD5.5C1765B680946C80B670E023AC55437C] - |A| - [17/01/2018 21:16:55] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [130.5 Ko] - (6.14.357.22) - C:\WINDOWS\System32\OpenAL32.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:53] - [3554.5 Ko] - C:\WINDOWS\System32\OpenSSH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\or-IN [MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [15/09/2018 08:28:22] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OutdoorAudioEnvironment.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\pa-IN [MD5.B0126264FAD9BFE883A2783EC00A69CF] - |A| - [04/03/2018 16:51:20] - (.Copyright (c) by pdfforge - pdfcmon.) - [114.5 Ko] - (0.9.7.0) - C:\WINDOWS\System32\pdfcmon.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [1123.97 Ko] - C:\WINDOWS\System32\PerceptionSimulation [MD5.C792B7C77A79E6754F3E99A96DC3EEAF] - |A| - [15/09/2018 08:35:59] - (.-.) - [130.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc009.dat [MD5.C17D08851ECA34237EC58D21464C98E5] - |A| - [15/09/2018 17:39:07] - (.-.) - [146.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc00C.dat [MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [15/09/2018 08:35:59] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd009.dat [MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [15/09/2018 17:39:07] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd00C.dat [MD5.FF28BB171C89BF057918C74794D9C879] - |A| - [15/09/2018 08:35:59] - (.-.) - [685.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh009.dat [MD5.95DF6B49378AFA71C71F3EE4A510FDB4] - |A| - [15/09/2018 17:39:07] - (.-.) - [774.42 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh00C.dat [MD5.9294296826EC488DB263C8625BC48530] - |A| - [18/11/2018 20:30:03] - (.-.) - [1729.89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerfStringBackup.INI [MD5.79D34E3B62076D4C875C748F5BE71ECA] - |A| - [15/09/2018 08:28:22] - (.-.) - [2.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.contrast-white.png [MD5.4D9495349D00D9AD907F227FF51F289F] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.92 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [428.5 Ko] - C:\WINDOWS\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [437 Ko] - C:\WINDOWS\System32\PointOfService [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:06] - [420.74 Ko] - C:\WINDOWS\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [0 Ko] - C:\WINDOWS\System32\ProximityToast [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\prs-AF [MD5.007893E8374C766471239EB291BA8C17] - |A| - [15/09/2018 08:28:29] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [423.5 Ko] - C:\WINDOWS\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [426 Ko] - C:\WINDOWS\System32\pt-PT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\quz-PE [MD5.55B45FEE7A438A02F4F8B6CC27F328B4] - |A| - [17/10/2017 07:00:57] - (.©2012 Dolby Laboratories. - Dolby PCEE4 ASL Analog x64.) - [131.05 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEA64A.dll [MD5.0539085EF080CA20DD4F9AA7151B81CA] - |A| - [17/10/2017 07:00:57] - (.©2012 Dolby Laboratories. - Dolby PCEE4 COM DLL x64.) - [437.23 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EED64A.dll [MD5.404CD5690F7C80253F71E42478B6902D] - |A| - [17/10/2017 07:00:57] - (.©2012 Dolby Laboratories. - Dolby PCEE4 GFX APO x64.) - [82.63 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEG64A.dll [MD5.CC0C47305E06B0501275CFF0441F7049] - |A| - [17/10/2017 07:00:57] - (.©2012 Dolby Laboratories. - Dolby PCEE4 LFX APO x64.) - [148.23 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEL64A.dll [MD5.DAB0E081FB7954C6C2CBAB66F90AD958] - |A| - [17/10/2017 07:00:57] - (.©2012 Dolby Laboratories. - Dolby PCEE4 Control Panel x64.) - [7004.8 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEP64A.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [23.75 Ko] - C:\WINDOWS\System32\ras [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [0 Ko] - C:\WINDOWS\System32\RasToast [MD5.B855C50767A4959A128D7171E0FCD107] - |A| - [15/09/2018 08:29:21] - (.-.) - [1955 Ko] - (1.0.1808.22001) - C:\WINDOWS\System32\rdpnano.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [2.17 Ko] - C:\WINDOWS\System32\Recovery [MD5.826549DF7B1333179BA8CA939B12DAD3] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.contrast-white.png [MD5.B4DEEC96F9DF6961D5DE054F11BF9C2B] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.png [MD5.93915F385A4EED6C0FBEE364EA90CE56] - |A| - [15/09/2018 08:29:25] - (.-.) - [9.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageList [MD5.93915F385A4EED6C0FBEE364EA90CE56] - |A| - [15/09/2018 08:29:25] - (.-.) - [9.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageListLowCost [MD5.39A2449AFF6ABAD80B97EA7C7CEB3F8E] - |A| - [15/09/2018 08:29:25] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageList [MD5.39A2449AFF6ABAD80B97EA7C7CEB3F8E] - |A| - [15/09/2018 08:29:25] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageListLowCost [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-black.png [MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-white.png [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.png [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [0 Ko] - C:\WINDOWS\System32\restore [MD5.8CAF138F79802DFB5C706A635CD1886B] - |A| - [17/10/2017 06:54:27] - (.-.) - [18.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\results.xml [MD5.D7655D9340FDA6B57357FB939EA58CF8] - |A| - [17/10/2017 07:00:57] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [314.17 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DAA64.dll [MD5.32260EFF8A94E7E8FEC662F7D553130C] - |A| - [17/10/2017 07:00:57] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [314.17 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DHT64.dll [MD5.D7CFCE6811519582690065C21088E9A5] - |A| - [17/10/2017 07:01:50] - (.Copyright (C) 2014 - RtCRX.) - [82.5 Ko] - (1.11.9600.0) - C:\WINDOWS\System32\RtCRX64.dll [MD5.4C0DFD347298C13E9C4EB91FE471AC9E] - |A| - [17/10/2017 07:00:57] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [209.79 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEED64A.dll [MD5.62D32BE0719AEE69D016FE48D127C1FA] - |A| - [17/10/2017 07:00:57] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [86.27 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEG64A.dll [MD5.8038A49784B0294B7E7844E66236D760] - |A| - [17/10/2017 07:00:57] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [108.38 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEL64A.dll [MD5.61C4D0E48ABF0BD4E80F24A3712B0CD1] - |A| - [17/10/2017 07:00:57] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [378.23 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEP64A.dll [MD5.8AA05F502FCF586AFEA8E5C4AFB19AEB] - |A| - [15/09/2018 08:28:46] - (.-.) - [56.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\runexehelper.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\rw-RW [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [15/09/2018 08:29:46] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScavengeSpace.xml [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-black.png [MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-white.png [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\sd-Arab-PK [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [15/09/2018 08:28:26] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\settings.dat [MD5.EF474B7A3B4B8C40B86192FD65004E81] - |A| - [17/10/2017 07:00:58] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFAPO.DLL.) - [86.25 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFAPO64.dll [MD5.8B42C01130BBF605A06BC1E2466845B3] - |A| - [17/10/2017 07:00:58] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFCOM.DLL.) - [88.78 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFCOM64.dll [MD5.F5CA54A81ED662A059634DE647E8CF88] - |A| - [17/10/2017 07:00:58] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFNHK.DLL.) - [226.48 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFNHK64.dll [MD5.0757600B4BF3B1F0A06F2E5879571859] - |A| - [17/10/2017 07:00:58] - (.Copyright (C) 2016 DTS, Inc. - DTS Universal APO DLL.) - [961.83 Ko] - (3.5.14.0) - C:\WINDOWS\System32\sl3apo64.dll [MD5.8A8B4BA563A7F278752E12CA91834AAD] - |A| - [17/10/2017 07:00:58] - (.Copyright (C) 2016 DTS, Inc. - DTS APO Controller DLL.) - [3330.89 Ko] - (3.5.14.0) - C:\WINDOWS\System32\slcnt64.dll [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:20:19] - [1319.75 Ko] - C:\WINDOWS\System32\SleepStudy [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:06] - [52.14 Ko] - C:\WINDOWS\System32\slmgr [MD5.940F2A7A8B5F39B0F8F3D29208B5914F] - |A| - [17/10/2017 07:00:58] - (.TODO: (c) . - TODO: .) - [252.79 Ko] - (1.0.0.1) - C:\WINDOWS\System32\slprp64.dll [MD5.ED32C43AF9F2B05F0999C3F2867BFDE4] - |A| - [17/10/2017 07:00:58] - (.Copyright (C) 2016 DTS, Inc. - DTS APO Technology DLL.) - [3049.47 Ko] - (3.5.14.0) - C:\WINDOWS\System32\sltech64.dll [MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [15/09/2018 08:28:22] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 07:09:26] - [17423.02 Ko] - C:\WINDOWS\System32\SMI [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-black.png [MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-white.png [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [15/09/2018 08:28:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.png [MD5.DE3EAAF17BC934C77C4FC0C626EEA03B] - |A| - [15/09/2018 08:28:22] - (.-.) - [1.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.contrast-white.png [MD5.3308374DB8D20CFDA4D4204E2B5E559E] - |A| - [15/09/2018 08:28:22] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.png [MD5.D7C806511EE5CD3E3F9FB0D26957EBED] - |A| - [15/09/2018 08:29:24] - (.-.) - [37.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpectrumSyncClient.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [7564.02 Ko] - C:\WINDOWS\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [12348.76 Ko] - C:\WINDOWS\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [170767.93 Ko] - C:\WINDOWS\System32\spool [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [9520.95 Ko] - C:\WINDOWS\System32\spp [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [23.61 Ko] - C:\WINDOWS\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\sq-AL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\sr-Cyrl-BA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\sr-Cyrl-RS [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [338.5 Ko] - C:\WINDOWS\System32\sr-Latn-RS [MD5.5EE466CEA36221A08D9989254B8C8509] - |A| - [17/10/2017 07:00:58] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRAPO.DLL.) - [456.21 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRAPO64.dll [MD5.7E8325A957FE497119D9C81190687FB8] - |A| - [17/10/2017 07:00:58] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [333.16 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRCOM.dll [MD5.43A5B7A78E00F134E931650D14D3B111] - |A| - [17/10/2017 07:00:58] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [372.47 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRCOM64.dll [MD5.2E00E08420875FAE0B173C6A34C2A575] - |A| - [15/09/2018 08:29:25] - (.-.) - [18.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms-apr.dat [MD5.4FD560E994EDF0353835F3F9F506A62C] - |A| - [15/09/2018 08:29:22] - (.-.) - [57.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms.dat [MD5.8057B51847C9BBE19A22B00DFA93E0F6] - |A| - [17/10/2017 07:00:58] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRRPTR.DLL.) - [1401.51 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRRPTR64.dll [MD5.099B3C6101E6A306DE8C8B9B46E59399] - |A| - [17/10/2017 07:00:58] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [204.62 Ko] - (1.1.0.0) - C:\WINDOWS\System32\SRSHP64.dll [MD5.886407B08A658AABB3DD3E99CA5B4DAD] - |A| - [17/10/2017 07:00:58] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [216.77 Ko] - (1.1.4.0) - C:\WINDOWS\System32\SRSTSH64.dll [MD5.55E8B1ED3859D732330799800D0E1210] - |A| - [17/10/2017 07:00:58] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [519.9 Ko] - (3.2.0.0) - C:\WINDOWS\System32\SRSTSX64.dll [MD5.8852D4A8097509C174C4F5B58D1F698F] - |A| - [17/10/2017 07:00:58] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [162.3 Ko] - (1.1.3.0) - C:\WINDOWS\System32\SRSWOW64.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [4504 Ko] - C:\WINDOWS\System32\sru [MD5.DE63BBC4AF740A7D0C379A9D758FBCE9] - |A| - [15/09/2018 08:28:22] - (.-.) - [439 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [403 Ko] - C:\WINDOWS\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\sw-KE [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 07:09:28] - [1389.14 Ko] - C:\WINDOWS\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [955.28 Ko] - C:\WINDOWS\System32\SystemResetPlatform [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [10.73 Ko] - C:\WINDOWS\System32\ta-in [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [10.73 Ko] - C:\WINDOWS\System32\ta-lk [MD5.0B8821B257EEE9C01CD29C62AE9D3EF9] - |A| - [15/09/2018 08:29:16] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [49.5 Ko] - (3.3.2.0) - C:\WINDOWS\System32\tar.exe [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [668.65 Ko] - C:\WINDOWS\System32\Tasks [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 00:38:21] - [650.52 Ko] - C:\WINDOWS\System32\Tasks_Migrated [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [15/09/2018 08:28:56] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\te-IN [MD5.7453519C9ECF84B289EA22FAEA5913B7] - |A| - [17/10/2017 07:00:58] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Audio Source Filtering APO.) - [832.16 Ko] - (2.1.1.0) - C:\WINDOWS\System32\tosasfapo64.dll [MD5.2869853985A50E0A26EBE0CF388F7886] - |A| - [17/10/2017 07:00:58] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Earphone Audio Enhancement APO.) - [436.7 Ko] - (2.1.0.0) - C:\WINDOWS\System32\toseaeapo64.dll [MD5.F495509A51F727FF64BEA54ADF0FDD23] - |A| - [17/10/2017 07:00:58] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Speaker Audio Enhancement APO.) - [1306.28 Ko] - (2.1.1.0) - C:\WINDOWS\System32\tossaeapo64.dll [MD5.1D19B542DA59E33A893F7B97AB1B1C5B] - |A| - [17/10/2017 07:00:58] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Speaker Audio Enhancement Maximizer.) - [590.63 Ko] - (1.1.2.0) - C:\WINDOWS\System32\tossaemaxapo64.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [393.5 Ko] - C:\WINDOWS\System32\tr-TR [MD5.B88B8D017386A00D7724519F475317A0] - |A| - [15/09/2018 08:28:26] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [15/09/2018 08:28:26] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlanCredentials.xslt [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\tt-RU [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ug-CN [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [336.5 Ko] - C:\WINDOWS\System32\uk-UA [MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 08:33:50] - [1930.5 Ko] - C:\WINDOWS\System32\UNP [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\ur-PK [MD5.F729741D514ED13EF6AFCB1B568987A9] - |A| - [15/09/2018 08:28:38] - (.-.) - [44.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UsbPmApi.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\uz-Latn-UZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\vi-VN [MD5.52D61488A2A692ED61CF69CAA7708001] - |A| - [04/03/2018 16:44:30] - (.Copyright (C) Visagesoft 1998,2009 - Visagesoft Printer Port Monitor.) - [26.45 Ko] - (0.3.0.0) - C:\WINDOWS\System32\vsmon1.dll [MD5.4EC0C222BEB7088B9264B5132F20CDBF] - |A| - [25/02/2017 00:23:14] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [524.28 Ko] - (1.0.42.0) - C:\WINDOWS\System32\vulkan-1-1-0-42-0.dll [MD5.5450A69087D2F6955A253CB2BF86503C] - |A| - [08/12/2017 23:24:44] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [906.8 Ko] - (1.0.65.1) - C:\WINDOWS\System32\vulkan-1-1-0-65-1.dll [MD5.AC97F59AAF23E9F6BAF6D29D6241ADF3] - |A| - [20/06/2018 20:58:08] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [944.3 Ko] - (1.1.77.0) - C:\WINDOWS\System32\vulkan-1-999-0-0-0.dll [MD5.AC97F59AAF23E9F6BAF6D29D6241ADF3] - |A| - [20/06/2018 20:58:08] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [944.3 Ko] - (1.1.77.0) - C:\WINDOWS\System32\vulkan-1.dll [MD5.CE8DFEB11053404DC17B2782176F816D] - |A| - [25/02/2017 00:23:10] - (.-.) - [248.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo-1-1-0-42-0.exe [MD5.95253BF8F996BEA19BFA974F61277E87] - |A| - [08/12/2017 23:24:32] - (.-.) - [577.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo-1-1-0-65-1.exe [MD5.E127D369C4C8D9790B4094679480FBDF] - |A| - [20/06/2018 20:58:24] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [250.8 Ko] - (1.1.77.0) - C:\WINDOWS\System32\vulkaninfo-1-999-0-0-0.exe [MD5.E127D369C4C8D9790B4094679480FBDF] - |A| - [20/06/2018 20:58:24] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [250.8 Ko] - (1.1.77.0) - C:\WINDOWS\System32\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [89585.65 Ko] - C:\WINDOWS\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:06] - [0 Ko] - C:\WINDOWS\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [102921.43 Ko] - C:\WINDOWS\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [15/09/2018 08:28:44] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WdsUnattendTemplate.xml [MD5.957484C05356018083D72546EF8CDEDE] - |A| - [12/09/2017 06:50:00] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library.) - [935.46 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.dll [MD5.AA897370830C506856ADCC5D98E0A2C4] - |A| - [12/09/2017 14:25:10] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, ±¾µØ»¯/ÖÐÎÄ£¨¼òÌ壩.) - [21.5 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.lcn [MD5.97501C87CEE81AB9E937309053C1925A] - |A| - [12/09/2017 14:25:12] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, Sprachmodul/Deutsch.) - [49 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.lde [MD5.90E15B5FBA33BAC3ACB5F7121BC2198B] - |A| - [12/09/2017 14:25:12] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library.) - [48.5 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.les [MD5.FBF9C2D23A76B0EBDAFD8555EA2FF4C9] - |A| - [12/09/2017 14:25:12] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, Langue/Français.) - [47.5 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.lfr [MD5.8B3FD30AEBA7A19774B888EFCCD10446] - |A| - [12/09/2017 14:25:04] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, Localizzazione/Italiano.) - [49 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.lit [MD5.2C3717E5B8E6A6A246DCC016881C511B] - |A| - [12/09/2017 14:25:12] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, ƒ[ƒJƒ‰ƒCƒ[ƒCƒVƒ‡ƒ“/“ú–{Œê.) - [29.5 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.ljp [MD5.DA13CECBAF3CFDEEA0BFA31A2DC0A00D] - |A| - [12/09/2017 14:25:10] - (.-.) - [44 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.lru [MD5.E9F64666E96C6BE8B48F08B4B98F7F72] - |A| - [12/09/2017 06:50:00] - (.Copyright (C) 2004-2017 by WIBU-SYSTEMS AG - CodeMeter Java Calling Driver.) - [219.51 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\wibucmJNI64.dll [MD5.E3E7143A462E809F29F15FC5C6AD1CD2] - |A| - [12/09/2017 06:50:00] - (.Copyright (C) 2005-2017 by WIBU-SYSTEMS AG - WIBU AxProtector Java.) - [1344.98 Ko] - (10.0.2640.503) - C:\WINDOWS\System32\WibuXpm4J64.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [1.12 Ko] - C:\WINDOWS\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [48376.89 Ko] - C:\WINDOWS\System32\WinBioPlugIns [MD5.E7DB98F5E56D795193A48C4D07EC92BD] - |A| - [24/03/2018 12:30:28] - (.Copyright © 2017 - Java(TM) Platform SE binary.) - [107.56 Ko] - (8.0.1610.12) - C:\WINDOWS\System32\WindowsAccessBridge-64.dll [MD5.89539DF69CB40A7D214B9EC799EF5CAA] - |A| - [15/09/2018 08:28:34] - (.-.) - [122.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [10216.28 Ko] - C:\WINDOWS\System32\WindowsPowerShell [MD5.28E98ED0B6B08B7F1D163FFD184B28AF] - |A| - [15/09/2018 08:28:26] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsSecurityIcon.png [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [42156 Ko] - C:\WINDOWS\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:50] - [6006.72 Ko] - C:\WINDOWS\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:06] - [107.53 Ko] - C:\WINDOWS\System32\winrm [MD5.00000000000000000000000000000000] - |HD| - [17/10/2017 07:06:37] - [0.05 Ko] - C:\WINDOWS\System32\WLANProfiles [MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [15/09/2018 08:28:24] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcmon.png [MD5.69FEC1494F4C454E994D27CA6750832B] - |A| - [15/09/2018 08:28:46] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpr.config.xml [MD5.CF35457AF69AB659F75FF9089D452188] - |A| - [17/01/2018 21:16:55] - (.Copyright © 2007 - OpenAL32.) - [410 Ko] - (2.1.8.1) - C:\WINDOWS\System32\wrap_oal.dll [MD5.CD70FD75FDAF5B66A3F0FD38513DA636] - |A| - [15/09/2018 08:28:30] - (.-.) - [95 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\System32\xh-ZA [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [15/09/2018 08:29:07] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [15/09/2018 08:29:07] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [15/09/2018 08:29:08] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [15/09/2018 08:29:12] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@VpnToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [15/09/2018 08:29:27] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@WirelessDisplayToast.png [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 07:09:31] - [1963.8 Ko] - C:\WINDOWS\SysWOW64\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\af-ZA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\am-ET [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [228.5 Ko] - C:\WINDOWS\SysWOW64\ar-SA [MD5.30196C11BFB7FC2F4DD2A289AFFD8A84] - |A| - [15/09/2018 08:29:27] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [521 Ko] - (3.3.2.0) - C:\WINDOWS\SysWOW64\archiveint.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\as-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\be-BY [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [206.5 Ko] - C:\WINDOWS\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\bn-BD [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\bn-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\bs-Latn-BA [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0.1 Ko] - C:\WINDOWS\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ca-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [31 Ko] - C:\WINDOWS\SysWOW64\ca-ES-valencia [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [23 Ko] - C:\WINDOWS\SysWOW64\chr-CHER-US [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [317.5 Ko] - C:\WINDOWS\SysWOW64\com [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [4.48 Ko] - C:\WINDOWS\SysWOW64\config [MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 08:33:51] - [53.11 Ko] - C:\WINDOWS\SysWOW64\Configuration [MD5.831DE1258836FBCFB465E59EA10C26D6] - |A| - [24/01/2018 20:02:54] - (.Copyright (c) 1991-1998 Seagate Software, Inc. - CPEAUT DLL.) - [403.5 Ko] - (7.0.0.17) - C:\WINDOWS\SysWOW64\cpeaut32.dll [MD5.A2E5A1A2DAF532C48498414F8FFD87BB] - |A| - [24/01/2018 20:02:54] - (.Copyright (c) 1991-1998 Seagate Software, Inc. - Seagate Crystal Reports Print Engine.) - [663.5 Ko] - (7.0.0.191) - C:\WINDOWS\SysWOW64\cr2c70de.dll [MD5.771DE190EE645A909B7072B7FDC673A2] - |A| - [24/01/2018 20:02:54] - (.Copyright © 1996 Seagate Software, Inc. - Crystal Reports Text Object Support DLL.) - [179 Ko] - (5.0.0.1) - C:\WINDOWS\SysWOW64\crpaig32.dll [MD5.F3A584E79D2D61C591786C12FE664EA5] - |A| - [24/01/2018 20:02:54] - (.Copyright (c) 1991-1998 Seagate Software, Inc. - Seagate Crystal Reports Print Engine.) - [5225.5 Ko] - (7.0.0.193) - C:\WINDOWS\SysWOW64\crpe32.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [263 Ko] - C:\WINDOWS\SysWOW64\cs-CZ [MD5.A13ED3466516D2B60AC4EE4373ECE977] - |A| - [15/09/2018 08:29:27] - (.© 1996 - 2017 Daniel Stenberg, . - The curl executable.) - [377.5 Ko] - (7.55.1.0) - C:\WINDOWS\SysWOW64\curl.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\cy-GB [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [263.5 Ko] - C:\WINDOWS\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [290.5 Ko] - C:\WINDOWS\SysWOW64\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [15/09/2018 08:29:03] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\DefaultAccountTile.png [MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 08:33:51] - [202.5 Ko] - C:\WINDOWS\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [7548.49 Ko] - C:\WINDOWS\SysWOW64\Dism [MD5.769E43B83880DEFF6898933F13A4888A] - |A| - [17/10/2017 06:59:39] - (.-.) - [22.66 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gms.log [MD5.1E91815C329345AD54FE08BF7A98F749] - |A| - [15/09/2018 17:39:50] - (.Copyright (C) 2017 - Gracenote SDK component.) - [4073.5 Ko] - (3.10.5.5585) - C:\WINDOWS\SysWOW64\gnsdk_fp.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\gu-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ha-Latn-NG [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [217.5 Ko] - C:\WINDOWS\SysWOW64\he-IL [MD5.2E2FE36B09077A3EEBF713F3257514FC] - |A| - [15/09/2018 08:29:03] - (.-.) - [200.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\hi-IN [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [200.5 Ko] - C:\WINDOWS\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [270.5 Ko] - C:\WINDOWS\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\hy-AM [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [36.27 Ko] - C:\WINDOWS\SysWOW64\icsxml [MD5.141C1ED35D36A4294BED57F1F3830B6F] - |RA| - [15/09/2018 08:29:03] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1578 Ko] - (61.1.0.0) - C:\WINDOWS\SysWOW64\icuin.dll [MD5.178E3B2D395F3ADA56B7CED48C9BD6D4] - |RA| - [15/09/2018 08:29:03] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1128 Ko] - (61.1.0.0) - C:\WINDOWS\SysWOW64\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\id-ID [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ig-NG [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [21854.52 Ko] - C:\WINDOWS\SysWOW64\IME [MD5.0A0324A4282DF0F2C3129E5BD84077BC] - |A| - [24/01/2018 20:02:55] - (.- Implode Application.) - [18.5 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\implode.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\inetsrv [MD5.1E07A331F632AB18AC1598B45D74DEB7] - |A| - [15/09/2018 08:29:05] - (.-.) - [577.97 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [219 Ko] - C:\WINDOWS\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [1160 Ko] - C:\WINDOWS\SysWOW64\InstallShield [MD5.23D93DFCC0D3F870FEABC8F99C6C8EEE] - |A| - [17/04/2018 07:15:12] - (.Copyright © The Khronos Group Inc 2016 - OpenCL Client DLL.) - [116.95 Ko] - (2.1.1.0) - C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\Ipmi [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\is-IS [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [275.5 Ko] - C:\WINDOWS\SysWOW64\it-IT [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [15/09/2018 08:31:37] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\mmc.exe.config [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\mn-MN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\mr-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ms-MY [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [45.5 Ko] - C:\WINDOWS\SysWOW64\MSDRM [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [52.28 Ko] - C:\WINDOWS\SysWOW64\Msdtc [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\mt-MT [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [20.55 Ko] - C:\WINDOWS\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [262 Ko] - C:\WINDOWS\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ne-NP [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [51 Ko] - C:\WINDOWS\SysWOW64\networklist [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [275.5 Ko] - C:\WINDOWS\SysWOW64\nl-NL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\nn-NO [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\nso-ZA [MD5.00000000000000000000000000000000] - |SD| - [15/09/2018 08:33:51] - [3781.5 Ko] - C:\WINDOWS\SysWOW64\Nui [MD5.B3B9C8925432FDA674ACCA908FE3CFDE] - |A| - [15/09/2018 08:40:49] - (.-.) - [36.79 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\OneDrive.ico [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [685.91 Ko] - C:\WINDOWS\SysWOW64\oobe [MD5.CE0CDC5459EAA1D574AF781DDB8F2685] - |A| - [17/01/2018 21:16:55] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [108 Ko] - (6.14.357.22) - C:\WINDOWS\SysWOW64\OpenAL32.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\or-IN [MD5.B12F1D285305F5E15DFA0E1C554FB97A] - |A| - [24/01/2018 20:02:55] - (.Copyright(c) 1991-1998 Seagate Software, Inc. - Active Data Reporting DLL for Seagate Crystal Reports..) - [167.5 Ko] - (6.0.0.46) - C:\WINDOWS\SysWOW64\P2smon.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [28.5 Ko] - C:\WINDOWS\SysWOW64\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\pa-IN [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [68 Ko] - C:\WINDOWS\SysWOW64\PerceptionSimulation [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [275 Ko] - C:\WINDOWS\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:06] - [420.74 Ko] - C:\WINDOWS\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\prs-AF [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [273 Ko] - C:\WINDOWS\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [275.5 Ko] - C:\WINDOWS\SysWOW64\pt-PT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [32.5 Ko] - C:\WINDOWS\SysWOW64\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\quz-PE [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [23.75 Ko] - C:\WINDOWS\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\RasToast [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0.82 Ko] - C:\WINDOWS\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\restore [MD5.7E8325A957FE497119D9C81190687FB8] - |A| - [17/10/2017 07:00:58] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [333.16 Ko] - (4.0.0.59) - C:\WINDOWS\SysWOW64\SRCOM.dll [MD5.2E00E08420875FAE0B173C6A34C2A575] - |A| - [15/09/2018 08:29:33] - (.-.) - [18.28 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\srms-apr.dat [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\sru [MD5.2A9EB39951763761E55D46BFEB595AEB] - |A| - [15/09/2018 08:29:00] - (.-.) - [319.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [264.5 Ko] - C:\WINDOWS\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\sw-KE [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:06] - [0 Ko] - C:\WINDOWS\SysWOW64\sysprep [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ta-IN [MD5.8E49D76E21295D010FF0803D65928F5A] - |A| - [15/09/2018 08:29:28] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [42.5 Ko] - (3.3.2.0) - C:\WINDOWS\SysWOW64\tar.exe [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [0 Ko] - C:\WINDOWS\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\te-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\tg-Cyrl-TJ [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [185 Ko] - C:\WINDOWS\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [22.5 Ko] - C:\WINDOWS\SysWOW64\ti-ET [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\tk-TM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\tn-ZA [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [257.5 Ko] - C:\WINDOWS\SysWOW64\tr-TR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\tt-RU [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ug-CN [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [202.5 Ko] - C:\WINDOWS\SysWOW64\uk-UA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\ur-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\uz-Latn-UZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\vi-VN [MD5.59377F8A6F735CB0A30C53C4DC13BC22] - |A| - [25/02/2017 00:23:24] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [513.28 Ko] - (1.0.42.0) - C:\WINDOWS\SysWOW64\vulkan-1-1-0-42-0.dll [MD5.ECAD282D3035068CFB021D159C91B514] - |A| - [08/12/2017 23:25:12] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [779.8 Ko] - (1.0.65.1) - C:\WINDOWS\SysWOW64\vulkan-1-1-0-65-1.dll [MD5.3140C410C9D67F9BDF19C82A65ACD7DF] - |A| - [20/06/2018 20:58:08] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [814.3 Ko] - (1.1.77.0) - C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll [MD5.3140C410C9D67F9BDF19C82A65ACD7DF] - |A| - [20/06/2018 20:58:08] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [814.3 Ko] - (1.1.77.0) - C:\WINDOWS\SysWOW64\vulkan-1.dll [MD5.382786C3F38DF50A085C4A577663F553] - |A| - [25/02/2017 00:23:20] - (.-.) - [228.28 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-42-0.exe [MD5.35065D5FFEFB6886F77AA6A7E5DF901B] - |A| - [08/12/2017 23:25:00] - (.-.) - [479.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-65-1.exe [MD5.B147E64F63584C2FF33E0BC8CDB64895] - |A| - [20/06/2018 20:58:22] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [226.8 Ko] - (1.1.77.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe [MD5.B147E64F63584C2FF33E0BC8CDB64895] - |A| - [20/06/2018 20:58:22] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [226.8 Ko] - (1.1.77.0) - C:\WINDOWS\SysWOW64\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [15713.44 Ko] - C:\WINDOWS\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:06] - [0 Ko] - C:\WINDOWS\SysWOW64\WCN [MD5.9ED1A6EA6C2F35F2302B81052F7C95D3] - |A| - [12/09/2017 06:50:00] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library.) - [775.96 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.dll [MD5.A60EDBFD0EE56801814B829096D3EB11] - |A| - [12/09/2017 13:59:50] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, ±¾µØ»¯/ÖÐÎÄ£¨¼òÌ壩.) - [21 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.lcn [MD5.2CAE7B6C33302323A07B2AA158924DA2] - |A| - [12/09/2017 13:59:50] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, Sprachmodul/Deutsch.) - [48.5 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.lde [MD5.54B90C2CF8C1BDDE5423E6CE2C59341B] - |A| - [12/09/2017 13:59:52] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library.) - [48 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.les [MD5.61A557E68DD0D87F78149E77C9C7EE45] - |A| - [12/09/2017 13:59:50] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, Langue/Français.) - [47 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.lfr [MD5.0DEAE80D2135F79B503AFE8DCAF54564] - |A| - [12/09/2017 13:59:50] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, Localizzazione/Italiano.) - [48.5 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.lit [MD5.887B91915F51EE6A940C37426B465921] - |A| - [12/09/2017 13:59:52] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, ƒ[ƒJƒ‰ƒCƒ[ƒCƒVƒ‡ƒ“/“ú–{Œê.) - [29 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.ljp [MD5.09191A4950157A1CFF9BB2A5C806B744] - |A| - [12/09/2017 13:59:50] - (.-.) - [43.5 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.lru [MD5.9853B752EA37B7B70FF476B39901A871] - |A| - [12/09/2017 06:50:00] - (.Copyright (C) 2004-2017 by WIBU-SYSTEMS AG - CodeMeter Java Calling Driver.) - [183.51 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\wibucmJNI.dll [MD5.E5985524EAE97B96C023264E9054B248] - |A| - [12/09/2017 06:50:00] - (.Copyright (C) 2005-2017 by WIBU-SYSTEMS AG - WIBU AxProtector Java.) - [1072.48 Ko] - (10.0.2640.503) - C:\WINDOWS\SysWOW64\WibuXpm4J32.dll [MD5.E7DB98F5E56D795193A48C4D07EC92BD] - |A| - [24/03/2018 12:32:22] - (.Copyright © 2017 - Java(TM) Platform SE binary.) - [107.56 Ko] - (8.0.1610.12) - C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll [MD5.F884B2B3047C6A61B21540CEAACC53BC] - |A| - [15/09/2018 08:29:03] - (.-.) - [104.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [9099.86 Ko] - C:\WINDOWS\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [6004.44 Ko] - C:\WINDOWS\SysWOW64\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 17:39:06] - [107.53 Ko] - C:\WINDOWS\SysWOW64\winrm [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\wo-SN [MD5.9C24ED831DDFA8319382B2BFD9691AA9] - |A| - [17/01/2018 21:16:55] - (.Copyright © 2007 - OpenAL32.) - [404 Ko] - (2.1.8.1) - C:\WINDOWS\SysWOW64\wrap_oal.dll [MD5.4CC6C2D85CE89C54905BAEFCA1A0AA95] - |A| - [15/09/2018 08:29:03] - (.-.) - [62 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\xh-ZA [MD5.00000000000000000000000000000000] - |D| - [18/11/2018 20:12:17] - [10.14 Ko] - C:\WINDOWS\SysWOW64\XPSViewer [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\yo-NG [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [179 Ko] - C:\WINDOWS\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 08:33:51] - [180 Ko] - C:\WINDOWS\SysWOW64\zh-TW [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 17:22:49] - [0 Ko] - C:\WINDOWS\SysWOW64\zu-ZA ---------- | Shell Folders [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "!Do not use this registry key"=Use the SHGetFolderPath or SHGetKnownFolderPath function instead "AppData"=C:\Users\colis\AppData\Roaming [18/11/2018 20:23:17] "Local AppData"=C:\Users\colis\AppData\Local [18/11/2018 20:23:17] "CD Burning"=C:\Users\colis\AppData\Local\Microsoft\Windows\Burn\Burn [18/11/2018 21:59:24] "{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Libraries [10/01/2018 21:33:54] "My Video"=C:\Users\colis\Videos [10/01/2018 21:31:01] "My Pictures"=C:\Users\colis\Pictures [10/01/2018 21:31:01] "Desktop"=C:\Users\colis\Desktop [10/01/2018 21:31:01] "History"=C:\Users\colis\AppData\Local\Microsoft\Windows\History [10/01/2018 21:31:01] "NetHood"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Network Shortcuts [18/11/2018 20:23:17] "{56784854-C6CB-462B-8169-88E350ACB882}"=C:\Users\colis\Contacts [10/01/2018 21:33:54] "{00BCFC5A-ED94-4E48-96A1-3F6217F21990}"=C:\Users\colis\AppData\Local\Microsoft\Windows\RoamingTiles [10/01/2018 21:33:54] "Cookies"=C:\Users\colis\AppData\Local\Microsoft\Windows\INetCookies [10/01/2018 21:31:01] "Favorites"=C:\Users\colis\Favorites [10/01/2018 21:31:01] "SendTo"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\SendTo [10/01/2018 21:31:01] "Start Menu"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu [10/01/2018 21:31:01] "My Music"=C:\Users\colis\Music [10/01/2018 21:31:01] "Programs"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [10/01/2018 21:31:01] "Recent"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Recent [10/01/2018 21:31:01] "PrintHood"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Printer Shortcuts [18/11/2018 20:23:17] "{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"=C:\Users\colis\Searches [10/01/2018 21:33:54] "{374DE290-123F-4565-9164-39C4925E467B}"=C:\Users\colis\Downloads [10/01/2018 21:31:01] "{A520A1A4-1780-4FF6-BD18-167343C5AF16}"=C:\Users\colis\AppData\LocalLow [10/01/2018 21:31:01] "Startup"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [10/01/2018 21:33:54] "Administrative Tools"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [10/01/2018 21:33:54] "Personal"=C:\Users\colis\Documents [10/01/2018 21:31:01] "{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"=C:\Users\colis\Links [10/01/2018 21:31:01] "Cache"=C:\Users\colis\AppData\Local\Microsoft\Windows\INetCache [18/11/2018 20:23:17] "Templates"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Templates [18/11/2018 20:23:17] "{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"=C:\Users\colis\Saved Games [10/01/2018 21:31:01] "Fonts"=C:\WINDOWS\Fonts [15/09/2018 08:33:50] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "AppData"=%USERPROFILE%\AppData\Roaming "Cache"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCache "Cookies"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCookies "Desktop"=%USERPROFILE%\Desktop "Favorites"=%USERPROFILE%\Favorites "History"=%USERPROFILE%\AppData\Local\Microsoft\Windows\History "Local AppData"=%USERPROFILE%\AppData\Local "My Music"=%USERPROFILE%\Music "My Pictures"=%USERPROFILE%\Pictures "My Video"=%USERPROFILE%\Videos "NetHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts "Personal"=%USERPROFILE%\Documents "PrintHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts "Programs"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs "Recent"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent "SendTo"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo "Start Menu"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu "Startup"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup "Templates"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates "{374DE290-123F-4565-9164-39C4925E467B}"=%USERPROFILE%\Downloads [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [15/09/2018 08:33:50] "Common AppData"=C:\ProgramData [15/09/2018 08:33:50] "Common Desktop"=C:\Users\Public\Desktop [18/03/2017 22:03:29] "Common Documents"=C:\Users\Public\Documents [18/03/2017 22:03:29] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [15/09/2018 08:33:50] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [15/09/2018 08:33:50] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [15/09/2018 08:33:50] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [18/03/2017 22:03:29] "CommonMusic"=C:\Users\Public\Music [18/03/2017 22:03:29] "CommonPictures"=C:\Users\Public\Pictures [18/03/2017 22:03:29] "CommonVideo"=C:\Users\Public\Videos [18/03/2017 22:03:29] "OEM Links"=C:\ProgramData\OEM\Links [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [15/09/2018 08:33:50] "Common AppData"=C:\ProgramData [15/09/2018 08:33:50] "Common Desktop"=C:\Users\Public\Desktop [18/03/2017 22:03:29] "Common Documents"=C:\Users\Public\Documents [18/03/2017 22:03:29] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [15/09/2018 08:33:50] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [15/09/2018 08:33:50] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [15/09/2018 08:33:50] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [18/03/2017 22:03:29] "CommonMusic"=C:\Users\Public\Music [18/03/2017 22:03:29] "CommonPictures"=C:\Users\Public\Pictures [18/03/2017 22:03:29] "CommonVideo"=C:\Users\Public\Videos [18/03/2017 22:03:29] "OEM Links"=C:\ProgramData\OEM\Links [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads ---------- | [colis] [26/08/2018 20:56:12] - |D| - [110] - C:\Users\colis\.config [26/08/2018 20:57:43] - |D| - [50704269] - C:\Users\colis\.electron [08/06/2018 12:24:41] - |D| - [4180] - C:\Users\colis\.solibri [14/02/2018 00:34:54] - |RD| - [298] - C:\Users\colis\3D Objects [14/01/2018 22:36:48] - |D| - [0] - C:\Users\colis\ansel [18/11/2018 20:23:17] - |HD| - [9986918454] - C:\Users\colis\AppData [18/11/2018 20:23:18] - |SHD| - [0] - C:\Users\colis\Application Data [10/01/2018 21:33:54] - |RD| - [412] - C:\Users\colis\Contacts [18/11/2018 20:23:18] - |SHD| - [0] - C:\Users\colis\Cookies [10/01/2018 21:31:01] - |RD| - [11583813704] - C:\Users\colis\Desktop [10/01/2018 21:31:01] - |RD| - [289828509] - C:\Users\colis\Documents [10/01/2018 21:31:01] - |RD| - [137954154] - C:\Users\colis\Downloads [10/01/2018 21:31:01] - |RD| - [914] - C:\Users\colis\Favorites [10/01/2018 21:33:53] - |SHD| - [25308] - C:\Users\colis\IntelGraphicsProfiles [10/01/2018 21:31:01] - |RD| - [1953] - C:\Users\colis\Links [18/11/2018 20:23:18] - |SHD| - [0] - C:\Users\colis\Local Settings [18/11/2018 20:23:18] - |SHD| - [0] - C:\Users\colis\Menu Démarrer [18/11/2018 20:23:18] - |SHD| - [0] - C:\Users\colis\Mes documents [14/02/2018 00:35:12] - |HD| - [4751769] - C:\Users\colis\MicrosoftEdgeBackups [18/11/2018 20:23:18] - |SHD| - [0] - C:\Users\colis\Modèles [10/01/2018 21:31:01] - |RD| - [27031570826] - C:\Users\colis\Music [18/11/2018 20:23:17] - |AH| - [7340032] - C:\Users\colis\NTUSER.DAT [18/11/2018 20:23:18] - |ASH| - [1998848] - C:\Users\colis\ntuser.dat.LOG1 [18/11/2018 20:23:18] - |ASH| - [1835008] - C:\Users\colis\ntuser.dat.LOG2 [18/11/2018 20:23:18] - |ASH| - [65536] - C:\Users\colis\NTUSER.DAT{1c3790b4-b8ad-11e8-aa21-e41d2d101530}.TM.blf [18/11/2018 20:23:18] - |ASH| - [524288] - C:\Users\colis\NTUSER.DAT{1c3790b4-b8ad-11e8-aa21-e41d2d101530}.TMContainer00000000000000000001.regtrans-ms [18/11/2018 20:23:18] - |ASH| - [524288] - C:\Users\colis\NTUSER.DAT{1c3790b4-b8ad-11e8-aa21-e41d2d101530}.TMContainer00000000000000000002.regtrans-ms [18/11/2018 21:57:57] - |SH| - [20] - C:\Users\colis\ntuser.ini [10/01/2018 21:35:53] - |RAD| - [1067535] - C:\Users\colis\OneDrive [10/01/2018 21:31:01] - |RD| - [884] - C:\Users\colis\Pictures [18/11/2018 20:23:18] - |SHD| - [0] - C:\Users\colis\Recent [16/05/2018 09:06:11] - |D| - [0] - C:\Users\colis\Roaming [10/01/2018 21:31:01] - |RD| - [282] - C:\Users\colis\Saved Games [10/01/2018 21:33:54] - |RD| - [1872] - C:\Users\colis\Searches [18/11/2018 20:23:18] - |SHD| - [0] - C:\Users\colis\SendTo [08/06/2018 12:25:16] - |D| - [4840] - C:\Users\colis\Solibri [10/01/2018 21:31:01] - |RD| - [694] - C:\Users\colis\Videos [18/11/2018 20:23:18] - |SHD| - [0] - C:\Users\colis\Voisinage d'impression [18/11/2018 20:23:18] - |SHD| - [0] - C:\Users\colis\Voisinage réseau [18/11/2018 20:23:17] - |D| - [5086864491] - C:\Users\colis\AppData\Local [10/01/2018 21:31:01] - |D| - [119430776] - C:\Users\colis\AppData\LocalLow [18/11/2018 20:23:17] - |D| - [4780623187] - C:\Users\colis\AppData\Roaming [16/04/2018 17:35:02] - |D| - [1162] - C:\Users\colis\AppData\Local\A [31/05/2018 21:27:42] - |D| - [1854692] - C:\Users\colis\AppData\Local\Adobe [24/01/2018 21:31:39] - |D| - [1572] - C:\Users\colis\AppData\Local\Allplan [18/11/2018 20:23:18] - |SHD| - [0] - C:\Users\colis\AppData\Local\Application Data [10/01/2018 22:18:06] - |D| - [2097208] - C:\Users\colis\AppData\Local\CEF [10/01/2018 21:35:52] - |D| - [28013083] - C:\Users\colis\AppData\Local\Comms [10/01/2018 21:33:52] - |D| - [1796041] - C:\Users\colis\AppData\Local\ConnectedDevicesPlatform [15/01/2018 20:59:47] - |D| - [6568122] - C:\Users\colis\AppData\Local\CrashDumps [03/08/2018 16:16:57] - |D| - [0] - C:\Users\colis\AppData\Local\CrashRpt [23/05/2018 20:35:43] - |D| - [137032] - C:\Users\colis\AppData\Local\D3DSCache [15/01/2018 20:59:27] - |D| - [0] - C:\Users\colis\AppData\Local\DBG [03/09/2018 11:12:26] - |D| - [0] - C:\Users\colis\AppData\Local\Diagnostics [11/01/2018 21:33:12] - |D| - [2506] - C:\Users\colis\AppData\Local\Disc_Soft_Ltd [26/08/2018 20:58:29] - |D| - [50698934] - C:\Users\colis\AppData\Local\electron [26/08/2018 20:58:52] - |D| - [32433237] - C:\Users\colis\AppData\Local\electron-builder [13/04/2018 17:22:32] - |D| - [0] - C:\Users\colis\AppData\Local\ElevatedDiagnostics [21/01/2018 20:05:36] - |D| - [17491737] - C:\Users\colis\AppData\Local\EpicGamesLauncher [15/01/2018 20:32:55] - |D| - [189970] - C:\Users\colis\AppData\Local\Forager [31/01/2018 19:49:03] - |D| - [613329] - C:\Users\colis\AppData\Local\FortniteGame [08/03/2018 22:28:46] - |A| - [92008] - C:\Users\colis\AppData\Local\GDIPFONTCACHEV1.DAT [20/05/2018 14:56:45] - |D| - [2355] - C:\Users\colis\AppData\Local\GOG.com [10/01/2018 21:41:07] - |D| - [1013168430] - C:\Users\colis\AppData\Local\Google [18/11/2018 20:23:18] - |SHD| - [0] - C:\Users\colis\AppData\Local\Historique [05/09/2018 13:32:30] - |D| - [128059] - C:\Users\colis\AppData\Local\HP [21/11/2018 21:50:00] - |AH| - [21466] - C:\Users\colis\AppData\Local\IconCache.db [02/06/2018 14:40:45] - |D| - [20654277] - C:\Users\colis\AppData\Local\influence [10/10/2018 05:55:26] - |D| - [9041539] - C:\Users\colis\AppData\Local\Intel [27/08/2018 20:11:46] - |D| - [0] - C:\Users\colis\AppData\Local\mbam [18/11/2018 20:23:17] - |D| - [421459086] - C:\Users\colis\AppData\Local\Microsoft [27/02/2018 21:02:33] - |D| - [0] - C:\Users\colis\AppData\Local\Microsoft Help [10/01/2018 21:35:54] - |D| - [73646] - C:\Users\colis\AppData\Local\MicrosoftEdge [04/08/2018 16:53:24] - |D| - [9628] - C:\Users\colis\AppData\Local\Microsoft_Corporation [04/04/2018 15:57:09] - |D| - [304076] - C:\Users\colis\AppData\Local\minit [24/01/2018 21:31:39] - |D| - [1020583] - C:\Users\colis\AppData\Local\Nemetschek [14/01/2018 12:43:06] - |D| - [33343] - C:\Users\colis\AppData\Local\nuclearthrone [18/03/2018 17:42:55] - |D| - [170746660] - C:\Users\colis\AppData\Local\NVIDIA [10/01/2018 21:35:53] - |D| - [30474043] - C:\Users\colis\AppData\Local\NVIDIA Corporation [05/09/2018 12:52:02] - |D| - [0] - C:\Users\colis\AppData\Local\OneDrive [04/08/2018 16:54:09] - |D| - [174256] - C:\Users\colis\AppData\Local\PackageManagement [14/02/2018 00:23:41] - |D| - [3006303842] - C:\Users\colis\AppData\Local\Packages [19/01/2018 10:04:45] - |D| - [145471] - C:\Users\colis\AppData\Local\PAYDAY 2 [04/03/2018 16:51:21] - |D| - [1640] - C:\Users\colis\AppData\Local\PDFCreator [11/03/2018 20:06:15] - |D| - [0] - C:\Users\colis\AppData\Local\PlaceholderTileLogoFolder [11/01/2018 21:36:23] - |D| - [0] - C:\Users\colis\AppData\Local\Programs [10/01/2018 21:33:56] - |D| - [679199] - C:\Users\colis\AppData\Local\Publishers [13/04/2018 14:05:04] - |D| - [2299] - C:\Users\colis\AppData\Local\SMLoader [10/02/2018 09:48:35] - |D| - [11275] - C:\Users\colis\AppData\Local\SnakeSimulator [16/04/2018 11:07:40] - |D| - [2820] - C:\Users\colis\AppData\Local\speech [03/08/2018 16:17:09] - |D| - [2156059] - C:\Users\colis\AppData\Local\StarTradersFrontiers [10/01/2018 22:18:06] - |D| - [254638641] - C:\Users\colis\AppData\Local\Steam [18/11/2018 20:23:17] - |D| - [1069125] - C:\Users\colis\AppData\Local\Temp [18/11/2018 20:23:18] - |SHD| - [0] - C:\Users\colis\AppData\Local\Temporary Internet Files [10/01/2018 21:33:52] - |D| - [12058339] - C:\Users\colis\AppData\Local\TileDataLayer [12/02/2018 13:27:47] - |D| - [491022] - C:\Users\colis\AppData\Local\TurmoilSteam [09/09/2018 13:40:11] - |D| - [2598] - C:\Users\colis\AppData\Local\Ubisoft Game Launcher [21/01/2018 20:05:36] - |D| - [81] - C:\Users\colis\AppData\Local\UnrealEngine [21/01/2018 20:05:38] - |D| - [0] - C:\Users\colis\AppData\Local\UnrealEngineLauncher [10/01/2018 21:33:53] - |D| - [0] - C:\Users\colis\AppData\Local\VirtualStore [09/06/2018 11:39:23] - |D| - [1498] - C:\Users\colis\AppData\LocalLow\8floor [31/05/2018 21:31:40] - |D| - [4664689] - C:\Users\colis\AppData\LocalLow\Adobe [08/05/2018 11:50:46] - |D| - [0] - C:\Users\colis\AppData\LocalLow\AMPLITUDE Studios [20/05/2018 14:57:16] - |D| - [976308] - C:\Users\colis\AppData\LocalLow\Appnormals [16/06/2018 12:10:25] - |D| - [2583036] - C:\Users\colis\AppData\LocalLow\Clarus Victoria [31/01/2018 20:24:54] - |D| - [189104] - C:\Users\colis\AppData\LocalLow\Clever Endeavour Games [20/05/2018 21:58:27] - |D| - [28563] - C:\Users\colis\AppData\LocalLow\Contingent99 [15/02/2018 12:57:00] - |D| - [32529] - C:\Users\colis\AppData\LocalLow\GUTS Department [14/09/2018 21:00:38] - |D| - [17112] - C:\Users\colis\AppData\LocalLow\JOL Studios [28/05/2018 14:14:41] - |D| - [9467971] - C:\Users\colis\AppData\LocalLow\Lazy Bear Games [06/02/2018 21:33:32] - |D| - [97102512] - C:\Users\colis\AppData\LocalLow\Ludeon Studios [15/02/2018 12:13:32] - |D| - [268213] - C:\Users\colis\AppData\LocalLow\Meta Interaction [10/01/2018 21:33:55] - |SD| - [204010] - C:\Users\colis\AppData\LocalLow\Microsoft [07/07/2018 15:11:27] - |D| - [1453435] - C:\Users\colis\AppData\LocalLow\Monomi Park [12/11/2018 15:40:26] - |D| - [0] - C:\Users\colis\AppData\LocalLow\Oracle [11/01/2018 21:57:44] - |D| - [246463] - C:\Users\colis\AppData\LocalLow\Sun [18/07/2018 19:48:10] - |D| - [183544] - C:\Users\colis\AppData\LocalLow\Toge Productions [12/11/2018 13:51:40] - |D| - [49152] - C:\Users\colis\AppData\LocalLow\uTorrent [03/06/2018 19:28:50] - |D| - [1948559] - C:\Users\colis\AppData\LocalLow\Weather Factory [20/10/2018 13:48:02] - |D| - [582] - C:\Users\colis\AppData\LocalLow\WeirdBeard [18/05/2018 16:57:47] - |D| - [13496] - C:\Users\colis\AppData\LocalLow\Wild Factor [08/06/2018 12:25:15] - |D| - [80] - C:\Users\colis\AppData\Roaming\.hO8SJqaX [11/01/2018 21:50:50] - |D| - [3848028656] - C:\Users\colis\AppData\Roaming\.minecraft [28/05/2018 14:14:43] - |D| - [0] - C:\Users\colis\AppData\Roaming\.mono [08/06/2018 12:24:41] - |D| - [0] - C:\Users\colis\AppData\Roaming\.zwebernative [29/04/2018 18:20:12] - |D| - [416] - C:\Users\colis\AppData\Roaming\11bitstudios [10/01/2018 21:33:53] - |D| - [50286] - C:\Users\colis\AppData\Roaming\Adobe [05/07/2018 15:57:38] - |D| - [15084] - C:\Users\colis\AppData\Roaming\Arrowhead [02/06/2018 14:40:46] - |D| - [3139] - C:\Users\colis\AppData\Roaming\asylamba [25/07/2018 12:46:17] - |D| - [5754] - C:\Users\colis\AppData\Roaming\Canon [12/04/2018 20:14:54] - |D| - [74] - C:\Users\colis\AppData\Roaming\com.retrogamecrunch.Launcher [12/04/2018 20:15:28] - |D| - [4405] - C:\Users\colis\AppData\Roaming\com.retrogamecrunch.SuperClewLand [19/07/2018 15:09:25] - |D| - [1694] - C:\Users\colis\AppData\Roaming\com.togeproductions.survivors [10/01/2018 22:12:42] - |D| - [85] - C:\Users\colis\AppData\Roaming\DAEMON Tools Lite [08/07/2018 10:32:49] - |D| - [4194620] - C:\Users\colis\AppData\Roaming\DeathSkidMarks [04/08/2018 17:52:13] - |D| - [1006] - C:\Users\colis\AppData\Roaming\DeezerDownloader [14/02/2018 15:36:36] - |D| - [88332023] - C:\Users\colis\AppData\Roaming\Deezloader [04/08/2018 17:27:55] - |D| - [94022530] - C:\Users\colis\AppData\Roaming\DeezLoader Remaster [04/08/2018 17:44:20] - |D| - [44175329] - C:\Users\colis\AppData\Roaming\Deezloader Remix [14/02/2018 15:26:27] - |D| - [14824840] - C:\Users\colis\AppData\Roaming\Digiarty [26/08/2018 21:01:49] - |D| - [0] - C:\Users\colis\AppData\Roaming\Electron [04/03/2018 16:43:53] - |D| - [0] - C:\Users\colis\AppData\Roaming\Expert PDF 9 [16/04/2018 17:35:08] - |D| - [5482] - C:\Users\colis\AppData\Roaming\Free Audio Converter 4dots [10/07/2018 14:28:25] - |D| - [266987] - C:\Users\colis\AppData\Roaming\Game [10/01/2018 21:46:12] - |D| - [0] - C:\Users\colis\AppData\Roaming\Google [10/01/2018 23:02:38] - |D| - [118785] - C:\Users\colis\AppData\Roaming\GT200Driver [05/09/2018 13:30:17] - |D| - [102720] - C:\Users\colis\AppData\Roaming\HP_Easy_Start [10/01/2018 21:33:52] - |D| - [1164] - C:\Users\colis\AppData\Roaming\Intel [11/01/2018 22:00:14] - |D| - [0] - C:\Users\colis\AppData\Roaming\java [16/04/2018 23:01:33] - |D| - [485132] - C:\Users\colis\AppData\Roaming\KastorFreeAudioConverter [15/01/2018 20:56:51] - |D| - [69321] - C:\Users\colis\AppData\Roaming\LOVE [10/01/2018 21:35:49] - |D| - [717] - C:\Users\colis\AppData\Roaming\Macromedia [18/11/2018 20:23:17] - |SD| - [36696766] - C:\Users\colis\AppData\Roaming\Microsoft [21/01/2018 23:09:30] - |D| - [187] - C:\Users\colis\AppData\Roaming\Nemetschek [26/08/2018 20:54:36] - |D| - [0] - C:\Users\colis\AppData\Roaming\npm [26/08/2018 20:56:13] - |D| - [43959820] - C:\Users\colis\AppData\Roaming\npm-cache [04/08/2018 16:54:45] - |D| - [97] - C:\Users\colis\AppData\Roaming\NuGet [15/01/2018 22:01:34] - |D| - [0] - C:\Users\colis\AppData\Roaming\NVIDIA [04/03/2018 16:48:36] - |D| - [2383] - C:\Users\colis\AppData\Roaming\PDF Pro 10 9 [10/02/2018 08:46:39] - |D| - [699] - C:\Users\colis\AppData\Roaming\Rogue Legacy [23/05/2018 21:05:02] - |D| - [77] - C:\Users\colis\AppData\Roaming\Skype [03/08/2018 16:17:07] - |D| - [86] - C:\Users\colis\AppData\Roaming\SmartSteamEmu [10/01/2018 21:34:53] - |A| - [219] - C:\Users\colis\AppData\Roaming\sp_data.sys [03/09/2018 11:31:31] - |D| - [1570] - C:\Users\colis\AppData\Roaming\SumatraPDF [11/01/2018 21:57:40] - |D| - [0] - C:\Users\colis\AppData\Roaming\Sun [27/03/2018 12:33:37] - |D| - [496705118] - C:\Users\colis\AppData\Roaming\Surviving Mars [14/01/2018 22:37:13] - |D| - [1612237] - C:\Users\colis\AppData\Roaming\The Witness [21/01/2018 00:49:05] - |D| - [54300] - C:\Users\colis\AppData\Roaming\ToothAndTail [30/09/2018 14:20:20] - |D| - [95331513] - C:\Users\colis\AppData\Roaming\Tropico 5 [18/03/2018 12:04:22] - |D| - [11455481] - C:\Users\colis\AppData\Roaming\uTorrent [28/10/2018 20:41:49] - |D| - [91917] - C:\Users\colis\AppData\Roaming\vlc [10/01/2018 22:15:50] - |D| - [388] - C:\Users\colis\AppData\Roaming\WinRAR [10/01/2018 21:33:54] - |SH| - [174] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [18/11/2018 20:23:18] - |SHD| - [0] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [10/01/2018 21:31:01] - |RD| - [34431] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [18/03/2018 12:04:22] - |A| - [878] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk [18/11/2018 20:23:17] - |RD| - [3888] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [18/11/2018 20:23:17] - |RD| - [2927] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [10/01/2018 21:33:54] - |RD| - [174] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [04/08/2018 17:37:17] - |D| - [2853] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome [04/08/2018 17:44:21] - |A| - [981] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Deezloader Remix.lnk [18/11/2018 20:23:17] - |SH| - [264] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [10/01/2018 23:17:47] - |A| - [1049] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fonctionnalités optionnelles.lnk [18/11/2018 20:23:17] - |D| - [170] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [18/11/2018 20:23:17] - |A| - [1105] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [05/02/2018 21:18:14] - |A| - [969] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SlayTheSpire.lnk [10/01/2018 21:33:54] - |RD| - [174] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [18/11/2018 20:23:17] - |RD| - [4913] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [09/09/2018 13:40:11] - |D| - [2705] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft [18/11/2018 20:23:17] - |RD| - [7754] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [10/01/2018 22:09:42] - |D| - [4505] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [10/01/2018 21:33:54] - |SH| - [174] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] [17/10/2017 06:48:59] - |RHD| - [196] - C:\Users\Public\AccountPictures [31/01/2018 19:52:40] - |AHD| - [0] - C:\Users\Public\AppData [18/03/2017 22:03:29] - |RHD| - [30149] - C:\Users\Public\Desktop [15/09/2018 08:31:35] - |ASH| - [174] - C:\Users\Public\desktop.ini [18/03/2017 22:03:29] - |RD| - [169964094] - C:\Users\Public\Documents [18/03/2017 22:03:29] - |RD| - [174] - C:\Users\Public\Downloads [15/09/2018 08:33:50] - |RHD| - [1135] - C:\Users\Public\Libraries [31/01/2018 19:52:39] - |A| - [235] - C:\Users\Public\Libraries.ini [18/03/2017 22:03:29] - |RD| - [380] - C:\Users\Public\Music [18/03/2017 22:03:29] - |RD| - [1263209] - C:\Users\Public\Pictures [17/10/2017 07:06:19] - |D| - [0] - C:\Users\Public\Roaming [08/06/2018 12:23:57] - |D| - [49106191] - C:\Users\Public\Solibri [18/03/2017 22:03:29] - |RD| - [380] - C:\Users\Public\Videos ---------- | C:\ProgramData [31/05/2018 21:28:33] - |D| - [285858340] - C:\ProgramData\Adobe [18/11/2018 20:28:19] - |SHD| - [0] - C:\ProgramData\Application Data [17/10/2017 07:22:20] - |D| - [782093] - C:\ProgramData\ASUS [04/03/2018 16:43:52] - |D| - [2405] - C:\ProgramData\Avanquest [14/02/2018 00:27:57] - |SHD| - [0] - C:\ProgramData\Bureau [20/01/2018 17:18:33] - |HD| - [22157668] - C:\ProgramData\CanonBJ [25/07/2018 12:39:17] - |D| - [83731] - C:\ProgramData\CanonIJWSpt [21/11/2018 21:50:40] - |AH| - [4] - C:\ProgramData\cm-lock [17/01/2018 21:16:59] - |D| - [4096] - C:\ProgramData\Codemasters [21/01/2018 23:02:43] - |D| - [2546293] - C:\ProgramData\CodeMeter [10/01/2018 22:10:17] - |D| - [3494] - C:\ProgramData\DAEMON Tools Lite [18/11/2018 20:28:19] - |SHD| - [0] - C:\ProgramData\Documents [17/10/2017 07:01:14] - |A| - [0] - C:\ProgramData\DP45977C.lfl [21/01/2018 20:05:27] - |D| - [53243300] - C:\ProgramData\Epic [04/03/2018 16:43:52] - |D| - [0] - C:\ProgramData\Expert PDF 9 [04/03/2018 16:43:52] - |D| - [0] - C:\ProgramData\Expert PDF Jobs [26/08/2018 20:42:59] - |D| - [178] - C:\ProgramData\Git [21/01/2018 00:38:59] - |D| - [318507805] - C:\ProgramData\GOG.com [05/09/2018 13:30:21] - |D| - [15295059] - C:\ProgramData\HP [05/09/2018 13:44:58] - |D| - [2765761] - C:\ProgramData\HP Photo Creations [17/10/2017 06:58:08] - |D| - [78690114] - C:\ProgramData\Intel [27/08/2018 20:11:15] - |D| - [303264677] - C:\ProgramData\Malwarebytes [14/02/2018 00:27:57] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [15/09/2018 08:33:50] - |SD| - [2993767138] - C:\ProgramData\Microsoft [27/02/2018 21:02:32] - |D| - [65254] - C:\ProgramData\Microsoft Help [18/11/2018 21:59:41] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [14/02/2018 00:27:57] - |SHD| - [0] - C:\ProgramData\Modèles [24/01/2018 19:30:48] - |D| - [1087140251] - C:\ProgramData\Nemetschek [17/10/2017 06:56:16] - |D| - [3732751] - C:\ProgramData\NVIDIA [17/10/2017 06:56:06] - |D| - [964359584] - C:\ProgramData\NVIDIA Corporation [11/01/2018 21:57:28] - |D| - [84063042] - C:\ProgramData\Oracle [09/09/2018 13:44:09] - |D| - [0] - C:\ProgramData\Orbit [17/10/2017 06:52:03] - |D| - [178957724] - C:\ProgramData\Package Cache [13/06/2018 19:02:36] - |D| - [436224] - C:\ProgramData\Packages [15/09/2018 08:33:50] - |D| - [4218] - C:\ProgramData\regid.1991-06.com.microsoft [12/01/2018 21:04:05] - |D| - [39] - C:\ProgramData\Riot Games [17/10/2017 07:06:19] - |D| - [0] - C:\ProgramData\Roaming [15/09/2018 08:33:50] - |D| - [0] - C:\ProgramData\SoftwareDistribution [17/10/2017 07:13:20] - |D| - [0] - C:\ProgramData\SplitMediaLabs [17/10/2017 07:33:07] - |D| - [228514] - C:\ProgramData\SS3 [15/02/2018 12:57:03] - |D| - [5186] - C:\ProgramData\Steam [15/09/2018 08:33:50] - |D| - [13589] - C:\ProgramData\USOPrivate [18/11/2018 20:23:18] - |D| - [794624] - C:\ProgramData\USOShared [05/09/2018 13:44:58] - |D| - [44887] - C:\ProgramData\Visan [15/09/2018 17:40:58] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [15/09/2018 08:31:34] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [14/02/2018 00:27:57] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [15/09/2018 08:33:50] - |RD| - [198532] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [23/05/2018 21:04:38] - |A| - [2474] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk [15/09/2018 08:33:50] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [15/09/2018 08:33:50] - |RD| - [14299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [31/05/2018 21:28:57] - |A| - [2457] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [15/09/2018 08:33:50] - |RD| - [22954] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [24/01/2018 21:32:38] - |D| - [2116] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allplan [17/10/2017 07:10:04] - |D| - [6602] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS [10/01/2018 23:02:32] - |D| - [3650] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asus Espada Gaming Mouse [20/01/2018 17:19:54] - |D| - [2966] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP495 series [25/07/2018 12:39:19] - |D| - [2120] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [15/05/2018 20:31:47] - |D| - [1681] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CASIO [21/01/2018 23:02:43] - |D| - [10497] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter [10/07/2018 14:21:31] - |D| - [1747] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crash Bandicoot N Sane Trilogy [10/01/2018 22:12:42] - |D| - [946] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [15/09/2018 08:31:34] - |ASH| - [530] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [14/02/2018 15:26:30] - |D| - [1452] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty [21/01/2018 20:05:31] - |A| - [789] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk [23/05/2018 21:04:38] - |A| - [2447] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk [14/10/2018 22:33:22] - |D| - [1702] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frostpunk The Fall of Winterhome [06/03/2018 21:18:55] - |D| - [1794] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FTL - Advanced Edition [GOG.com] [17/01/2018 18:53:00] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [26/08/2018 20:42:59] - |D| - [5344] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git [20/05/2018 14:56:44] - |D| - [1136] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com [10/01/2018 21:41:41] - |A| - [2301] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [15/09/2018 15:31:55] - |D| - [1531] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotline Miami [GOG.com] [05/09/2018 13:44:40] - |D| - [6947] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [15/09/2018 08:29:46] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [28/02/2018 17:25:58] - |D| - [1553] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Into the Breach [GOG.com] [11/01/2018 21:57:38] - |D| - [6427] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [16/04/2018 23:01:33] - |D| - [2657] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kastor Free Mp3 M4a Wma Converter [12/01/2018 21:03:59] - |D| - [1846] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends [18/05/2018 16:57:42] - |D| - [1552] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MachiaVillain [GOG.com] [15/09/2018 08:33:50] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [27/08/2018 20:11:22] - |D| - [3900] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes [30/01/2018 19:43:21] - |D| - [2116] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nemetschek [26/08/2018 20:54:36] - |D| - [3090] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js [17/10/2017 06:57:07] - |D| - [1501] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [23/05/2018 21:04:38] - |A| - [2447] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk [17/04/2018 19:49:55] - |D| - [5369] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open Video Capture [04/10/2018 12:51:22] - |D| - [5103] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office [23/05/2018 21:04:38] - |A| - [2435] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk [04/03/2018 16:44:29] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Pro 10 [04/03/2018 16:51:18] - |D| - [5672] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator [23/05/2018 21:04:38] - |A| - [2474] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk [23/05/2018 21:04:38] - |A| - [2397] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk [17/10/2017 07:01:18] - |D| - [1959] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek [10/02/2018 08:45:43] - |D| - [2075] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rogue Legacy [GOG.com] [06/07/2018 10:34:17] - |D| - [1763] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Slime Rancher The Little Big Storage [10/02/2018 09:45:04] - |D| - [1414] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snake Pass [08/06/2018 12:24:06] - |D| - [2031] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solibri [17/10/2017 07:26:38] - |A| - [2453] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonic Radar 3.lnk [17/10/2017 07:33:14] - |A| - [2465] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonic Studio 3.lnk [15/09/2018 08:33:50] - |RD| - [2460] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [10/01/2018 22:11:52] - |D| - [1110] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [24/03/2018 13:26:40] - |D| - [1441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Surviving Mars [15/09/2018 08:33:50] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [21/01/2018 00:38:59] - |D| - [1692] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tooth and Tail [GOG.com] [30/09/2018 14:17:01] - |D| - [2293] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tropico 5 [GOG.com] [09/09/2018 13:32:32] - |D| - [1507] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft [28/10/2018 20:40:08] - |D| - [5862] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [18/11/2018 20:24:25] - |A| - [1576] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [10/01/2018 22:09:42] - |D| - [4433] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [20/05/2018 14:56:41] - |D| - [1732] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wizard of Legend [GOG.com] [23/05/2018 21:04:38] - |A| - [2457] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk [17/10/2017 07:13:20] - |D| - [1197] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [21/01/2018 23:02:45] - |A| - [2286] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [15/09/2018 08:31:34] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [31/05/2018 21:28:48] - |D| - [333731405] - C:\Program Files (x86)\Adobe [19/01/2018 10:04:42] - |D| - [0] - C:\Program Files (x86)\AGEIA Technologies [31/05/2017 02:52:47] - |D| - [51265340] - C:\Program Files (x86)\ASUS [10/01/2018 23:02:30] - |AD| - [23879229] - C:\Program Files (x86)\Asus Espada Gaming Mouse [17/10/2017 07:22:19] - |D| - [37557850] - C:\Program Files (x86)\ASUSTeK COMPUTER INC [25/07/2018 12:39:16] - |D| - [20080606] - C:\Program Files (x86)\Canon [21/01/2018 23:02:43] - |AD| - [41727351] - C:\Program Files (x86)\CodeMeter [15/09/2018 08:33:50] - |D| - [225805547] - C:\Program Files (x86)\Common Files [15/09/2018 08:31:34] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [20/05/2018 14:55:27] - |D| - [153910417] - C:\Program Files (x86)\GOG Galaxy [10/01/2018 21:41:10] - |D| - [438439150] - C:\Program Files (x86)\Google [05/09/2018 13:44:31] - |D| - [92809844] - C:\Program Files (x86)\HP [05/09/2018 13:44:58] - |D| - [350060] - C:\Program Files (x86)\HP Photo Creations [17/10/2017 07:00:56] - |HD| - [127778849] - C:\Program Files (x86)\InstallShield Installation Information [17/10/2017 06:53:36] - |D| - [46632500] - C:\Program Files (x86)\Intel [15/09/2018 08:33:50] - |D| - [1983699] - C:\Program Files (x86)\Internet Explorer [16/04/2018 23:01:33] - |D| - [7670189] - C:\Program Files (x86)\Kastor Free Mp3 M4a Wma Converter [21/01/2018 23:08:15] - |D| - [1568369] - C:\Program Files (x86)\Microsoft SDKs [21/01/2018 23:08:15] - |D| - [384000] - C:\Program Files (x86)\Microsoft SQL Server [17/10/2017 07:20:32] - |AD| - [3242367] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [17/10/2017 07:20:33] - |D| - [343335] - C:\Program Files (x86)\Microsoft Synchronization Services [10/02/2018 08:45:45] - |D| - [6076507] - C:\Program Files (x86)\Microsoft XNA [15/09/2018 08:33:50] - |D| - [8175999] - C:\Program Files (x86)\Microsoft.NET [18/11/2018 20:12:16] - |D| - [25757] - C:\Program Files (x86)\MSBuild [11/01/2018 21:36:32] - |AD| - [14544896] - C:\Program Files (x86)\Need for Speed Most Wanted 2012 [17/10/2017 06:56:16] - |D| - [468155705] - C:\Program Files (x86)\NVIDIA Corporation [17/01/2018 21:16:55] - |D| - [782336] - C:\Program Files (x86)\OpenAL [17/04/2018 19:49:55] - |D| - [1416175] - C:\Program Files (x86)\OpenVideoCapture [17/10/2017 07:00:56] - |D| - [24119970] - C:\Program Files (x86)\Realtek [18/11/2018 20:12:16] - |D| - [38458625] - C:\Program Files (x86)\Reference Assemblies [17/10/2017 07:13:20] - |D| - [227064281] - C:\Program Files (x86)\SplitmediaLabs [10/01/2018 22:11:52] - |D| - [811392151] - C:\Program Files (x86)\Steam [17/10/2017 07:00:56] - |HD| - [0] - C:\Program Files (x86)\Temp [09/09/2018 13:40:09] - |D| - [176552567] - C:\Program Files (x86)\Ubisoft [14/02/2018 00:22:35] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [27/08/2018 19:47:25] - |D| - [17544869] - C:\Program Files (x86)\UsbFix [17/10/2017 06:53:36] - |D| - [3717765] - C:\Program Files (x86)\VulkanRT [15/09/2018 08:33:50] - |D| - [1719928] - C:\Program Files (x86)\Windows Defender [15/09/2018 08:33:50] - |D| - [625152] - C:\Program Files (x86)\Windows Mail [15/09/2018 17:40:58] - |D| - [3256173] - C:\Program Files (x86)\Windows Media Player [15/09/2018 17:40:58] - |D| - [40432] - C:\Program Files (x86)\Windows Multimedia Platform [15/09/2018 08:33:50] - |D| - [7557464] - C:\Program Files (x86)\windows nt [15/09/2018 17:40:58] - |D| - [5325328] - C:\Program Files (x86)\Windows Photo Viewer [15/09/2018 17:40:58] - |D| - [40432] - C:\Program Files (x86)\Windows Portable Devices [15/09/2018 08:33:50] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [15/09/2018 08:33:50] - |D| - [2250695] - C:\Program Files (x86)\WindowsPowerShell [10/01/2018 22:09:31] - |AD| - [5187948] - C:\Program Files (x86)\WinRAR ---------- | C:\Program Files [24/01/2018 21:31:39] - |D| - [24219] - C:\Program Files\Allplan [17/10/2017 07:21:48] - |D| - [92389] - C:\Program Files\ASUS [17/10/2017 07:25:34] - |D| - [41041291] - C:\Program Files\ASUSTeKcomputer.Inc [25/07/2018 12:37:11] - |HD| - [13417634] - C:\Program Files\CanonBJ [21/01/2018 23:02:43] - |D| - [4259816] - C:\Program Files\CodeMeter [15/09/2018 08:33:50] - |D| - [176477250] - C:\Program Files\Common Files [10/01/2018 22:12:39] - |D| - [52204959] - C:\Program Files\DAEMON Tools Lite [15/09/2018 08:31:34] - |ASH| - [174] - C:\Program Files\desktop.ini [17/10/2017 07:02:35] - |D| - [1049560] - C:\Program Files\DIFX [14/02/2018 00:27:57] - |SHD| - [0] - C:\Program Files\Fichiers communs [26/08/2018 20:42:38] - |D| - [552519643] - C:\Program Files\Git [05/09/2018 13:44:31] - |D| - [165381691] - C:\Program Files\HP [17/10/2017 06:52:05] - |AD| - [399489210] - C:\Program Files\Intel [15/09/2018 08:33:50] - |D| - [2637862] - C:\Program Files\internet explorer [24/03/2018 12:29:48] - |D| - [198484658] - C:\Program Files\Java [27/08/2018 20:11:15] - |D| - [169301439] - C:\Program Files\Malwarebytes [17/10/2017 07:14:03] - |D| - [2824] - C:\Program Files\mcafee [17/10/2017 07:38:08] - |AD| - [3097163617] - C:\Program Files\Microsoft Office [23/05/2018 20:44:18] - |D| - [8837712] - C:\Program Files\Microsoft Office 15 [21/01/2018 23:08:15] - |AD| - [169056] - C:\Program Files\Microsoft SQL Server [17/10/2017 07:20:41] - |AD| - [4421503] - C:\Program Files\Microsoft SQL Server Compact Edition [17/10/2017 07:20:41] - |D| - [343335] - C:\Program Files\Microsoft Synchronization Services [18/11/2018 20:12:16] - |D| - [25757] - C:\Program Files\MSBuild [30/01/2018 19:42:04] - |D| - [24749] - C:\Program Files\Nemetschek [26/08/2018 20:54:36] - |D| - [44463341] - C:\Program Files\nodejs [17/10/2017 06:54:40] - |D| - [2235347067] - C:\Program Files\NVIDIA Corporation [04/03/2018 16:51:15] - |D| - [45385822] - C:\Program Files\PDFCreator [17/10/2017 07:01:09] - |D| - [55094760] - C:\Program Files\Realtek [18/11/2018 20:12:16] - |D| - [36859049] - C:\Program Files\Reference Assemblies [12/01/2018 20:39:10] - |AD| - [7804646] - C:\Program Files\rempl [31/05/2017 02:44:09] - |HD| - [0] - C:\Program Files\Uninstall Information [28/10/2018 20:39:53] - |D| - [172381366] - C:\Program Files\VideoLAN [21/01/2018 23:02:45] - |D| - [2942209] - C:\Program Files\WIBU-SYSTEMS [15/09/2018 08:33:50] - |D| - [15109582] - C:\Program Files\Windows Defender [15/09/2018 08:33:50] - |D| - [636416] - C:\Program Files\Windows Mail [15/09/2018 17:40:58] - |D| - [4737937] - C:\Program Files\Windows Media Player [15/09/2018 17:40:58] - |D| - [47512] - C:\Program Files\Windows Multimedia Platform [15/09/2018 08:33:50] - |D| - [7888728] - C:\Program Files\windows nt [15/09/2018 17:40:58] - |D| - [6135112] - C:\Program Files\Windows Photo Viewer [15/09/2018 17:40:58] - |D| - [47512] - C:\Program Files\Windows Portable Devices [15/09/2018 08:33:50] - |D| - [110373] - C:\Program Files\Windows Security [15/09/2018 08:33:50] - |SHD| - [0] - C:\Program Files\Windows Sidebar [15/09/2018 08:33:50] - |HD| - [4774946657] - C:\Program Files\WindowsApps [15/09/2018 08:33:50] - |D| - [2546495] - C:\Program Files\WindowsPowerShell ---------- | C:\Program Files (x86)\Common Files [31/05/2018 21:28:48] - |D| - [23540404] - C:\Program Files (x86)\Common Files\Adobe [31/01/2018 19:48:48] - |D| - [13942800] - C:\Program Files (x86)\Common Files\BattlEye [17/10/2017 06:53:32] - |D| - [123703489] - C:\Program Files (x86)\Common Files\Intel [24/03/2018 12:32:56] - |D| - [1946184] - C:\Program Files (x86)\Common Files\Java [15/09/2018 08:33:50] - |D| - [40071829] - C:\Program Files (x86)\Common Files\microsoft shared [24/01/2018 21:28:57] - |D| - [940228] - C:\Program Files (x86)\Common Files\Nemetschek [17/10/2017 06:59:38] - |D| - [205532] - C:\Program Files (x86)\Common Files\PostureAgent [15/09/2018 08:33:50] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [10/01/2018 22:11:53] - |D| - [5674848] - C:\Program Files (x86)\Common Files\Steam [15/09/2018 08:33:50] - |D| - [15777531] - C:\Program Files (x86)\Common Files\system ---------- | C:\Program Files\Common files [24/10/2018 17:45:16] - |D| - [23832] - C:\Program Files\Common files\DESIGNER [18/03/2018 17:32:45] - |HD| - [992182] - C:\Program Files\Common files\EAInstaller [17/10/2017 07:06:12] - |D| - [2303008] - C:\Program Files\Common files\Intel [15/09/2018 08:33:50] - |D| - [162859835] - C:\Program Files\Common files\microsoft shared [15/09/2018 08:33:50] - |D| - [2702] - C:\Program Files\Common files\Services [15/09/2018 08:33:50] - |D| - [10295691] - C:\Program Files\Common files\system ---------- | Tasks [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [18/11/2018 20:28:14] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.1FE62AB8EF8841220FD7A086F0DC4772] - [18/11/2018 20:28:14] - |A| - [3482] - C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.F3D9A262A700A3E55600561A78D31D96] - [18/11/2018 20:28:14] - |A| - [4768] - C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier : C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_pepper.exe [MD5.95BC539F2135975C6114DF61C1911F88] - [18/11/2018 20:28:14] - |A| - [4594] - C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater : C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.00000000000000000000000000000000] - [18/11/2018 20:28:14] - |D| - [2472] - C:\WINDOWS\System32\Tasks\ASUS [MD5.B268EAF1E5F3CDE31DB23A89DC471A8C] - [18/11/2018 20:28:14] - |A| - [2834] - C:\WINDOWS\System32\Tasks\ASUS Live Update1 : "C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe" [MD5.8710FD27E2FF711B7BE68A7A23B17661] - [18/11/2018 20:28:14] - |A| - [2824] - C:\WINDOWS\System32\Tasks\ASUS Live Update2 : "C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe" [MD5.9A20A7869600CE9181547D8463C6AF0C] - [18/11/2018 20:28:14] - |A| - [2302] - C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON : C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [MD5.AEDC8E22D7F58845F9132CC2B36C1E1A] - [18/11/2018 20:28:14] - |A| - [2924] - C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3 : "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe" [MD5.A4C90D430197DE626B28A0D0B60C8981] - [18/11/2018 20:28:14] - |A| - [2214] - C:\WINDOWS\System32\Tasks\ATK Package A22126881260 : "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe" [MD5.933A22C81C9468E93C42C662CB3B0D1F] - [18/11/2018 20:28:14] - |A| - [2934] - C:\WINDOWS\System32\Tasks\AutoUpdate Allplan 2016 : D:\Allplan\Prg\NemDownloadHandler.exe [MD5.46CC33305FFF15500836BF96441E0AC1] - [18/11/2018 20:28:14] - |A| - [2934] - C:\WINDOWS\System32\Tasks\AutoUpdate Allplan 2018 : D:\Allplan\Prg\NemDownloadHandler.exe [MD5.8ABE81B72875E397BD88C5112C2ADACE] - [18/11/2018 20:28:14] - |A| - [3292] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.013CD832F7D21004C377A1D588F2C43A] - [18/11/2018 20:28:14] - |A| - [3516] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.CB3AFC374B310A61CC333C87050634F5] - [18/11/2018 20:28:14] - |A| - [2646] - C:\WINDOWS\System32\Tasks\HPCustParticipation HP DeskJet 2600 series : "C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPCustPartic.exe" [MD5.00000000000000000000000000000000] - [18/11/2018 20:28:14] - |D| - [0] - C:\WINDOWS\System32\Tasks\Intel [MD5.09650088CE3965E8EB34EB949C199736] - [18/11/2018 20:28:14] - |A| - [3118] - C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification : "C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe" [MD5.00000000000000000000000000000000] - [15/09/2018 08:33:50] - |D| - [585726] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.B8829EC3A8CBF26A2D943B2E73CDB5ED] - [18/11/2018 20:28:14] - |A| - [3398] - C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [MD5.D271B57C704ED9FE8F7BDF6C46E504F6] - [18/11/2018 20:28:14] - |A| - [3176] - C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe" [MD5.B8FC6CCCF9BB0C866D8776CB00C01F1C] - [18/11/2018 20:28:14] - |A| - [2968] - C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [MD5.6A92F775294AA925AE9716569E86EC50] - [18/11/2018 20:28:14] - |A| - [2984] - C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.A416713998B405C15DF29DC980393AF6] - [18/11/2018 20:28:14] - |A| - [2744] - C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.1A919F03C70ACB361EBE07E705BA7845] - [18/11/2018 20:28:14] - |A| - [2838] - C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [MD5.9173F2CE9E5535610FEDA93AA2FBA706] - [18/11/2018 20:28:14] - |A| - [2786] - C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [MD5.EE8DBEA1DB853C947F2E0FAA4155E164] - [18/11/2018 20:28:14] - |A| - [2956] - C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [MD5.99FBBD02D8FC07AFCD70EF5111FA5ED1] - [18/11/2018 20:28:14] - |A| - [2852] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1812020250-49885185-2009104261-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.7CFACCA3D40F1CFA014EC6F3FD638D10] - [18/11/2018 20:28:14] - |A| - [3268] - C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1812020250-49885185-2009104261-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.7C857680AB2806B7D3BBA67F1C97AF29] - [18/11/2018 20:28:14] - |A| - [2552] - C:\WINDOWS\System32\Tasks\ROG Gaming Center : "C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingKey.exe" [MD5.C4DEFE179456697578CC4A86444DE4F5] - [18/11/2018 20:28:14] - |A| - [2346] - C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice : "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" [MD5.4C6CC4303327A6B6000033C426FAA5C8] - [18/11/2018 20:28:14] - |A| - [2282] - C:\WINDOWS\System32\Tasks\RTKCPL : "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" [MD5.00000000000000000000000000000000] - [18/11/2018 20:28:14] - |D| - [3020] - C:\WINDOWS\System32\Tasks\S-1-5-21-1812020250-49885185-2009104261-1001 [MD5.9DA212F7D7C3042F0A5CB84FD9E047BA] - [18/11/2018 20:28:14] - |A| - [2398] - C:\WINDOWS\System32\Tasks\SS3svc32Run : "C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe" [MD5.AA7FBB93EB228B06AF5147CB3A6A413F] - [18/11/2018 20:28:14] - |A| - [2406] - C:\WINDOWS\System32\Tasks\SS3svc64Run : "C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3svc64.exe" [MD5.7CAA1271FFD5EEE7EF486DFE13C5A125] - [18/11/2018 20:28:14] - |A| - [2972] - C:\WINDOWS\System32\Tasks\Update Checker : "C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe" [MD5.2541F5739A1E6C79E8E70E0E7CE14254] - [18/11/2018 20:28:14] - |A| - [4170] - C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B9D83AF0-CEDC-427C-A03A-4B0134D827F4} : C:\Windows\system32\msfeedssync.exe [MD5.00000000000000000000000000000000] - [15/09/2018 08:33:51] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "WiFiDirect-KM-Driver-In-TCP"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-TCP"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-UDP"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-UDP"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "DeliveryOptimization-TCP-In"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "Netlogon-NamedPipe-In"=v2.29|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.29|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Infra-In-TCP"=v2.29|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "{B3B48D64-0DF3-46DB-952C-499B141E41FE}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox Game bar|Desc=Xbox Game bar|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1823635404-1364722122-2170562666-1762391777-2399050872-3465541734-3732476201|EmbedCtxt=Xbox Game bar|Platform=2:6:2|Platform2=GTEQ| "{683CEB44-B9CA-41D3-9200-CAE9156D7BC9}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{A7EDCBC3-247F-41B4-A322-13A5E677B6F8}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{86266F75-3B3C-42AF-B637-8B7FDC0FCAC1}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{A278AB0D.MarchofEmpires_3.6.2.3_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|Desc=@{A278AB0D.MarchofEmpires_3.6.2.3_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-792116756-2163651165-1029707900-2144380252-3717869303-3061844081-355238664|EmbedCtxt=@{A278AB0D.MarchofEmpires_3.6.2.3_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|Platform=2:6:2|Platform2=GTEQ| "{80D7DF48-A799-417D-B4E6-1EBC74AA9737}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=@{A278AB0D.MarchofEmpires_3.6.2.3_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|Desc=@{A278AB0D.MarchofEmpires_3.6.2.3_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-792116756-2163651165-1029707900-2144380252-3717869303-3061844081-355238664|EmbedCtxt=@{A278AB0D.MarchofEmpires_3.6.2.3_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|Platform=2:6:2|Platform2=GTEQ| "{42FF61C3-FB09-4AAB-A81F-ADD311E0CEA0}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Spotify Music|Desc=Spotify Music|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-557819504-3144503769-3460048582-2468406004-2969798954-3397036932-4166026031|EmbedCtxt=Spotify Music|Platform=2:6:2|Platform2=GTEQ| "{2CC0FDF4-CC3D-45AB-A535-7FE7182FAA0E}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{E5914012-EE27-43C0-B649-BED8B2638C44}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{7BF9A651-7FD3-4D7B-94D7-4A4B88EA5379}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=57621-57631|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{1C1B226B-1701-40A3-B89A-A7C2374310D0}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=57621|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{7988C918-9F25-4179-8B5F-89850D2638FC}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{DEAC1197-723C-4F9B-94FE-3CFD1E685AAB}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{0737FC2C-E56F-422F-9785-B5E0F0F9E05D}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4381-4389|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{195F6157-FFC0-4859-AD72-B09EA297C604}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4371-4379|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{7733384B-872C-47C4-8317-280D2D226939}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Autodesk SketchBook|Desc=Autodesk SketchBook|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1047515161-358678321-1182485124-675918906-21415711-1529155774-789380781|EmbedCtxt=Autodesk SketchBook|Platform=2:6:2|Platform2=GTEQ| "{EA79939A-CD60-4559-AD30-294726C9D63A}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Autodesk SketchBook|Desc=Autodesk SketchBook|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1047515161-358678321-1182485124-675918906-21415711-1529155774-789380781|EmbedCtxt=Autodesk SketchBook|Platform=2:6:2|Platform2=GTEQ| "{1CF170AA-59FB-4C45-8A9B-93DA0621E069}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "{BCEEB0F4-BD5C-46B0-BC03-10023501DE0A}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Name=HP Smart|Desc=HP Smart|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-744533573-2444454674-265863901-3215465728-4115286053-1341080355-789689510|EmbedCtxt=HP Smart|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{47094A9E-E3DA-4AE3-A616-637E821A9ECB}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=HP Smart|Desc=HP Smart|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-744533573-2444454674-265863901-3215465728-4115286053-1341080355-789689510|EmbedCtxt=HP Smart|Platform=2:6:2|Platform2=GTEQ| "{89255210-30C4-4BCE-9C7D-7AD4BA73F436}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=3D Builder|Desc=3D Builder|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3995430443-3719053022-3339397951-2895237338-2437516106-1575886070-2755610054|EmbedCtxt=3D Builder|Platform=2:6:2|Platform2=GTEQ| "{23BDE3BA-20DD-4A6C-8104-8A317DA0635F}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{718594C5-430F-4582-A728-0A67759E3807}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{23C1A200-A68F-4C64-BDA9-0FE0DF93C004}"=v2.28|Action=Allow|Active=TRUE|Dir=In|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPNetworkCommunicatorCom.exe|Name=Communicateur réseau COM HP (HP DeskJet 2600 series)|Edge=TRUE| "{E6B05F29-A13F-4A8B-9F3F-3912D266FD84}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=5357|Name=Port TCP WS-Eventing 5357| "{D82595A3-4A80-4557-A34A-F139B879F115}"=v2.28|Action=Allow|Active=TRUE|Dir=In|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\HP\HP DeskJet 2600 series\Bin\DeviceSetup.exe|Name=Configuration du périphérique HP (HP DeskJet 2600 series)|Edge=TRUE| "{E66BA191-1D88-490F-B4A1-8966C878DE7B}"=v2.28|Action=Allow|Active=TRUE|Dir=In|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\HP\HP DeskJet 2600 series\bin\DigitalWizards.exe|Name=HP DeskJet 2600 series DigitalWizards|Edge=TRUE| "{3DF3D155-4115-490F-95AB-D0B2F9C40B63}"=v2.28|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\colis\AppData\Local\Temp\7zS068C\HP.EasyStart.exe|Name=HP EasyStart|Desc=Allow HP EasyStart| "{3A29C925-812B-4A2A-B826-711237615B78}"=v2.28|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\colis\AppData\Local\Temp\7zS04A5\HP.EasyStart.exe|Name=HP EasyStart|Desc=Allow HP EasyStart| "{6FB172AD-E68C-4C9E-9F17-BC6549DFFA49}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{9F4BA847-8C11-4F89-B53C-6FC2161418AC}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "UDP Query User{D296FF68-D40D-4857-88F7-DE685D552200}C:\users\colis\desktop\deezloaderremix\node_modules\electron\dist\electron.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\colis\desktop\deezloaderremix\node_modules\electron\dist\electron.exe|Name=electron.exe|Desc=electron.exe|Defer=User| "TCP Query User{3ACC1CC6-F073-4F53-A7CA-74FADAE9042C}C:\users\colis\desktop\deezloaderremix\node_modules\electron\dist\electron.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\colis\desktop\deezloaderremix\node_modules\electron\dist\electron.exe|Name=electron.exe|Desc=electron.exe|Defer=User| "UDP Query User{E247D99A-88EC-4E53-82A9-DE72ADF7AA32}D:\prog\deezloader remix\deezloader remix.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=D:\prog\deezloader remix\deezloader remix.exe|Name=Deezloader Remix|Desc=Deezloader Remix|Defer=User| "TCP Query User{DB919BB6-EA3C-414D-BA74-EE5BB121CDF0}D:\prog\deezloader remix\deezloader remix.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=D:\prog\deezloader remix\deezloader remix.exe|Name=Deezloader Remix|Desc=Deezloader Remix|Defer=User| "UDP Query User{FF3605C3-382C-42FD-B4B8-5A51530C5E9E}C:\program files\java\jre1.8.0_161\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\java\jre1.8.0_161\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "TCP Query User{6750B161-60D6-4B35-9D40-10BC32A05071}C:\program files\java\jre1.8.0_161\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\java\jre1.8.0_161\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "{5BB8E3EE-E291-41D2-85C1-A443A558E687}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{2D407C5A-82DF-4A03-83B8-0541E0090484}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "UDP Query User{86813A21-4EE6-4ACE-879F-648B109BAC11}C:\users\colis\appdata\local\programs\deezloader remix\deezloader remix.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\colis\appdata\local\programs\deezloader remix\deezloader remix.exe|Name=deezloader remix.exe|Desc=deezloader remix.exe|Defer=User| "TCP Query User{D86E7C9B-846D-4B2F-91B8-09F037357E18}C:\users\colis\appdata\local\programs\deezloader remix\deezloader remix.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\colis\appdata\local\programs\deezloader remix\deezloader remix.exe|Name=deezloader remix.exe|Desc=deezloader remix.exe|Defer=User| "UDP Query User{4D79E8B3-00C5-40BC-B2D2-DCDEDE171C66}C:\users\colis\appdata\local\programs\deezloader\deezloader.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\colis\appdata\local\programs\deezloader\deezloader.exe|Name=deezloader.exe|Desc=deezloader.exe|Defer=User| "TCP Query User{E9A96DF8-98C9-4C06-AACF-4CD66F5CDAC9}C:\users\colis\appdata\local\programs\deezloader\deezloader.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\colis\appdata\local\programs\deezloader\deezloader.exe|Name=deezloader.exe|Desc=deezloader.exe|Defer=User| "{2C4886D6-B2EE-404C-8575-ED02BD998ED5}"=v2.28|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeu\star traders frontiers\startradersfrontiers.exe|Name=startradersfrontiers|Desc=startradersfrontiers| "{952C963A-4168-4909-8FF6-025B6F551D62}"=v2.28|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeu\star traders frontiers\startradersfrontiers.exe|Name=startradersfrontiers|Desc=startradersfrontiers| "UDP Query User{D3155A38-DEB1-4AE0-B735-EC37889096E9}D:\jeu\star traders frontiers\startradersfrontiers.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\jeu\star traders frontiers\startradersfrontiers.exe|Name=startradersfrontiers|Desc=startradersfrontiers|Defer=User| "TCP Query User{DFC3E5C6-40BE-4079-9507-9E01BE7836E0}D:\jeu\star traders frontiers\startradersfrontiers.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\jeu\star traders frontiers\startradersfrontiers.exe|Name=startradersfrontiers|Desc=startradersfrontiers|Defer=User| "{C995E955-1AB3-4D9A-B4F8-04953297C8BC}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=4380|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{3CB1E63C-AF0C-4C8F-8BA5-257AA6712AC2}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=4370|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{0A1F0067-6D68-453B-9D1A-372CCCAD1292}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{818A99D1-2178-4924-95B3-4A1E0464218B}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{3AA8BEE1-61C7-4C68-A657-BAFCE50A4AD1}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=57621-57631|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{B6B309F3-30BD-47DA-98C1-A9AE5BFD543A}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=57621|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{12806CC3-61D8-4CBF-89F1-F9E8D4128717}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{BAF16D55-BDB2-46E7-964C-5AE0BA629E58}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{9446202F-6EC8-4F96-BEE0-6E773B8C7C90}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4381-4389|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{B9B4DB66-FBDA-467A-9DA3-A04D75DEE51B}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4371-4379|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{7C638194-8501-4A9C-8B0E-1D1353F2CADE}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=4380|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{40489335-1846-4391-9F6B-89DC04F3B279}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=4370|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{5D360568-CAF1-4ED0-AC0E-9DD04AA6BE57}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{49532257-B7BA-456A-BC9F-4A776EFF9891}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{D9952207-D912-4EA1-BB83-8B772C7C6A53}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=57621-57631|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{D2917D37-DAE0-4BE3-8755-FC078BF45CD6}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=57621|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{23B333E8-CF34-4E26-8BAB-79BB6C759BFC}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{EF756E4A-9DD1-4844-B02B-81EBBB5694CD}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{12C25D28-860B-4226-8A6F-30A18751A521}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4381-4389|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{D7C482EC-8333-491E-826A-1A04A7E309DD}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4371-4379|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{ABFF0A04-43C6-4123-8030-45614CB37EA4}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=4380|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{C28D1ADA-DA18-4FE6-9CDF-337CB7124F13}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=4370|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{F9EF3BC2-7A7E-4AED-886C-04FDB2936A2F}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{CA14C6B8-197F-4F01-803F-FA06870F61F5}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{BA4EC6A3-20F5-45B6-A3BC-A6B4A371EA3B}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=57621-57631|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{0E0D2E18-2391-4A2A-BACC-350E09067B60}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=57621|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{2D295717-9335-4FC5-8641-43211B969F71}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{DC659083-80F4-4F04-89F1-304856674916}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{7AE91DEA-6E4D-4BEA-8509-FE94056C1E8A}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4381-4389|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{5170C638-862F-4533-9EBA-F80157C29F70}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4371-4379|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "UDP Query User{BB7E1B08-723B-4250-91B7-7C4D14A7E5C1}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe|Name=crashbandicootnsanetrilogy|Desc=crashbandicootnsanetrilogy| "TCP Query User{18B21336-92EB-4510-8E22-008B01D64A21}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe|Name=crashbandicootnsanetrilogy|Desc=crashbandicootnsanetrilogy| "{21A624C1-A61C-4043-8BA8-58A95C01FFED}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ| "{09322C75-EC0F-4979-BD92-A8D87073F10A}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Name=Forza Horizon 3|Desc=Forza Horizon 3|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1493781645-1295257613-1020008276-2987759984-4279079501-2993282854-2167006054|EmbedCtxt=Forza Horizon 3|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{CA38AC2A-76FC-4876-854D-A52D3E69E82C}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Name=Forza Horizon 3|Desc=Forza Horizon 3|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1493781645-1295257613-1020008276-2987759984-4279079501-2993282854-2167006054|EmbedCtxt=Forza Horizon 3|Platform=2:6:2|Platform2=GTEQ| "UDP Query User{DA2E058E-7CD9-4F7F-8D76-7D631C97FBC0}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe|Name=Fortnite|Desc=Fortnite|Defer=User| "TCP Query User{D2B46B21-551D-4735-8370-46A03AA154AF}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe|Name=Fortnite|Desc=Fortnite|Defer=User| "{8A01F12A-1FD0-4A6B-882E-E423D87D0600}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe|Name=CodeMeter Runtime Server| "{2B1ADD13-317E-4507-85BE-0E0D0ADE0C61}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe|Name=CodeMeter Runtime Server| "{E46279FF-9C1E-4D07-B331-F585BD241F81}"=v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe|Name=CodeMeterFWEx1|Edge=TRUE| "UDP Query User{0932908F-8D6F-4DAE-B7A0-F1EFF208B451}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "TCP Query User{8E3CE4E8-781F-4BCC-8B64-E00593BFD10C}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "UDP Query User{C35F683E-9F07-49D8-8327-CC2BFCE56536}D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "TCP Query User{FBB6749A-8BFA-4790-8D08-883823B3C22F}D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "UDP Query User{B65F812B-8BE5-4434-B604-21EFDC4E379C}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "TCP Query User{61040785-A896-49EA-BFF7-26F09216A2CD}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "{28FD410C-589E-45C0-BAA7-B8A03E3A84A9}"=v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe|Name=DAEMON Tools Lite Service|Desc=The DAEMON Tools Lite mandatory service is responsible for remote devices.| "{E2987319-6DC8-465D-92C3-DB798F0E674C}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Name=Plex|Desc=Plex|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-663319984-3691977918-1341348298-2599563705-1202581887-3444832810-199907587|EmbedCtxt=Plex|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{5CDB7114-09D5-4219-A95C-825137795926}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Plex|Desc=Plex|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-663319984-3691977918-1341348298-2599563705-1202581887-3444832810-199907587|EmbedCtxt=Plex|Platform=2:6:2|Platform2=GTEQ| "{3C1D665B-EB0C-4BDE-BFA7-234C0B4F74BC}"=v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGCAndroidService.exe|Name=ROG Gaming Center|Desc=ROG Gaming Center| "{7DAC8318-D578-4095-8498-FC1248184093}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe|Name=XSplit Helper Process| "{71A865DE-C0C2-4BE0-9B3C-E7A0005F848D}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe|Name=XSplit Helper Process| "{4DAE71CA-FB4F-47B0-901A-5424149F80CA}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe|Name=XSplit Gamecaster| "{7F06F2C9-E66C-4906-9658-CC8BB933DEE8}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe|Name=XSplit Gamecaster| "{E0809A8D-152D-446D-9544-8F3C123FF905}"=v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe|Name=Wireless PAN DHCP Server|EmbedCtxt=MyWiFiDHCPDNS| "{7B15BB70-6838-41CE-AE52-806D037735BE}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-1812020250-49885185-2009104261-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{070DF23B-BBDC-42C9-AA57-492AA81B629C}D:\deezloader-win32-x64\deezloader.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=D:\deezloader-win32-x64\deezloader.exe|Name=Electron|Desc=Electron|Defer=User| "UDP Query User{B2F2D89B-EB00-416C-A3E3-1AAF1D423E91}D:\deezloader-win32-x64\deezloader.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=D:\deezloader-win32-x64\deezloader.exe|Name=Electron|Desc=Electron|Defer=User| "TCP Query User{3AE06EE3-C0B6-41E7-9D90-2ADF0FC46372}D:\jeu\into the breach\breach.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeu\into the breach\breach.exe|Name=breach|Desc=breach| "UDP Query User{43DFBD79-8849-4445-8739-24101C7D2593}D:\jeu\into the breach\breach.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeu\into the breach\breach.exe|Name=breach|Desc=breach| "TCP Query User{BEA58634-5D59-4E33-80E8-718972551225}D:\prog\deezloader x64\deezloader.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\prog\deezloader x64\deezloader.exe|Name=DeezLoader|Desc=DeezLoader|Defer=User| "UDP Query User{3576479C-42E5-4FF4-8197-216D24C3850E}D:\prog\deezloader x64\deezloader.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\prog\deezloader x64\deezloader.exe|Name=DeezLoader|Desc=DeezLoader|Defer=User| "{B58EEF18-816C-406D-8072-DD6C253128A3}"=v2.27|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\prog\deezloader x64\deezloader.exe|Name=DeezLoader|Desc=DeezLoader| "{900DA586-A009-4FDC-A24C-9A68C1B3DC6E}"=v2.27|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\prog\deezloader x64\deezloader.exe|Name=DeezLoader|Desc=DeezLoader| "{412A0A3F-68C0-46D6-94B1-97A7B1F2A944}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Démineur|Desc=Démineur|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-4069314316-2345327562-3386779030-140461310-710259185-931951545-1379755714|EmbedCtxt=Démineur|Platform=2:6:2|Platform2=GTEQ| "{E96BBE56-92DA-4B49-B7DB-C6871AC08C97}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=@{26720RandomSaladGamesLLC.CheckersDeluxe_3.1.10.0_x64__kx24dqmazqk8j?ms-resource://26720RandomSaladGamesLLC.CheckersDeluxe/Resources/ApplicationTitle}|Desc=@{26720RandomSaladGamesLLC.CheckersDeluxe_3.1.10.0_x64__kx24dqmazqk8j?ms-resource://26720RandomSaladGamesLLC.CheckersDeluxe/Resources/ApplicationTitle}|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3683675459-3773291521-1484585779-411256776-3272641875-4180025570-632422423|EmbedCtxt=@{26720RandomSaladGamesLLC.CheckersDeluxe_3.1.10.0_x64__kx24dqmazqk8j?ms-resource://26720RandomSaladGamesLLC.CheckersDeluxe/Resources/ApplicationTitle}|Platform=2:6:2|Platform2=GTEQ| "{B5D6EDCD-5652-4036-BECE-9CBD9CED5A72}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{26720RandomSaladGamesLLC.CheckersDeluxe_3.1.10.0_x64__kx24dqmazqk8j?ms-resource://26720RandomSaladGamesLLC.CheckersDeluxe/Resources/ApplicationTitle}|Desc=@{26720RandomSaladGamesLLC.CheckersDeluxe_3.1.10.0_x64__kx24dqmazqk8j?ms-resource://26720RandomSaladGamesLLC.CheckersDeluxe/Resources/ApplicationTitle}|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3683675459-3773291521-1484585779-411256776-3272641875-4180025570-632422423|EmbedCtxt=@{26720RandomSaladGamesLLC.CheckersDeluxe_3.1.10.0_x64__kx24dqmazqk8j?ms-resource://26720RandomSaladGamesLLC.CheckersDeluxe/Resources/ApplicationTitle}|Platform=2:6:2|Platform2=GTEQ| "{FB9D9381-822D-4994-B03D-A8F876B99DDA}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Users\colis\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (TCP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| "{4263F197-B5F0-4E5C-9615-D8973B25336F}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Users\colis\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (UDP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| "TCP Query User{9C88E2A7-C102-4C86-B269-EF2A789A910A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe|Name=League of Legends|Desc=League of Legends|Defer=User| "UDP Query User{6520CBDB-5D28-456D-A3D6-03B802ED1E98}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe|Name=League of Legends|Desc=League of Legends|Defer=User| "{92A24681-7BB8-4D87-A9CE-2F168FB8BF7D}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{91C12A20-C561-48BF-BCF3-3A0C52FDDE8A}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{E6D8CA6C-0E21-4416-B632-C7D7FE1EAFAB}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{94323446-F28A-4439-8E85-870D842B0712}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Pay|Desc=Microsoft Pay|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Microsoft Pay|Platform=2:6:2|Platform2=GTEQ| "{0197ED33-88EE-44A5-B643-3C417F2086A0}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=ROG Aura Core|Desc=ROG Aura Core|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-10927153-1522685288-2564656178-3927128220-888402560-2649467744-146267535|EmbedCtxt=ROG Aura Core|Platform=2:6:2|Platform2=GTEQ| "{74B467E9-3D6E-48B4-A023-AE43B9C9B995}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ| "{CBA73FF2-3BD0-4787-B72A-53B94C5FB349}"=v2.29|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{CE5AFC51-E2D2-4D6E-B1AC-26E190B1B5F2}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Shell Input Application|Desc=Shell Input Application|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3945102849-3632965805-3846928828-240845225-3300287824-62672950-817265009|EmbedCtxt=Shell Input Application|Platform=2:6:2|Platform2=GTEQ| [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\domainprofile\authorizedapplications\list] "C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ee986ed-9d81-43b3-b9ea-30686e6f4219}] : (PSM) [] -> @oem6.inf,%ClassName%;Intel® Power Sharing Manager [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3f966bd9-fa04-4ec5-991c-d326973b5128}] : (AndroidUsbDeviceClass) [] -> @oem26.inf,%ClassName%;SAMSUNG Android Phone [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b2728d24-ac56-42db-9e02-8edaf5db652f}] : (RDCamera) [] -> @rdcameradriver.inf,%ClassName%;Remote Desktop Camera devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e6f1aa1c-7f3b-4473-b2e8-c97d8ac71d53}] : (UCM) [] -> @c_ucm.inf,%ClassDesc%;USB Connector Managers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f72fe0d4-cbcb-407d-8814-9ed673d0dd6b}] : (USB) [] -> @oem61.inf,%ClassName%;ADB Interface [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [08/05/2015 10:07:06] - (1.0.6.1) - (ASUSTek Computer Inc. - ATK WMIACPI Utility) - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [15/10/2018 00:37:52] - (24.21.13.9924) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 399.24) - C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_9b1341e92276ee7c\nvlddmkm.sys [29/08/2017 08:59:46] - (1.0.0.7) - (ASUS - HID minidriver for ASUS Wireless Radio Control) - C:\WINDOWS\System32\drivers\AsRadioControl.sys [17/10/2017 06:54:59] - (3.90.1.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\WINDOWS\system32\drivers\nvvad64v.sys [18/03/2018 17:59:15] - (202.0.0.0) - (NVIDIA Corporation - Virtual USB Host Controller driver) - C:\WINDOWS\System32\drivers\nvvhci.sys [10/01/2018 22:13:08] - (3.4.0.0) - (Disc Soft Ltd - DAEMON Tools Lite Virtual USB Bus Driver) - C:\WINDOWS\System32\drivers\dtliteusbbus.sys [10/01/2018 22:12:46] - (5.28.0.0) - (Disc Soft Ltd - DAEMON Tools Lite Virtual SCSI Bus Driver) - C:\WINDOWS\System32\drivers\dtlitescsibus.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - bttflt (@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter) -> System32\drivers\bttflt.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - cht4iscsi () -> System32\drivers\cht4sx64.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - iaStorA (@oem65.inf,%iaStorA.DeviceDesc%;Intel Chipset SATA RAID Controller) -> System32\drivers\iaStorA.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - iaStorAVC (@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller) -> System32\drivers\iaStorAVC.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-101) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - ItSas35i () -> System32\drivers\ItSas35i.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - MBAMSwissArmy (MBAMSwissArmy) -> System32\Drivers\mbamswissarmy.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas35i () -> System32\drivers\megasas35i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;Pilote de bus PCI) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> system32\DRIVERS\ramdisk.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - SgrmAgent (@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001) -> system32\drivers\SgrmAgent.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SmartSAMD () -> System32\drivers\SmartSAMD.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> system32\drivers\wd\WdBoot.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> system32\drivers\wd\WdFilter.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - afunix (afunix) -> \SystemRoot\system32\drivers\afunix.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ATKWMIACPIIO (ATKWMIACPI Driver) -> \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - bam (@%SystemRoot%\system32\drivers\bam.sys,-100) -> system32\drivers\bam.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> system32\drivers\cldflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - iocbios2 (iocbios2) -> \??\C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\5315-4114-3937-2165] : (Solibri Model Checker v9.8.-.Solibri Inc) -> "D:\Prog\Solibri\SMCv9.8\uninstall Solibri Model Checker v9.8.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Free Convert FLAC To MP3] : (Free Convert FLAC To MP3 (remove only).-.4dots Software) -> C:\Program Files (x86)\4dots Software\Free Convert FLAC To MP3\Uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Git_is1] : (Git version 2.18.0.-.The Git Development Community) -> "C:\Program Files\Git\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Intel Security Software Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{04C5CE55-7F32-4D2D-AEA2-FDC03E8F65CC}] : (AudioCaptureNotificationConfigurator.-.ASUSTeKcomputer.Inc) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0C21BBE5-F4B4-42E2-AE4B-BE210BB1B8AB}] : (Intel(R) Serial IO.-.Intel Corporation) -> MsiExec.exe /I{0C21BBE5-F4B4-42E2-AE4B-BE210BB1B8AB} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{12B536BF-B66A-4A2B-AA65-1A90BF027961}] : (Étude pour l'amélioration du produit HP DeskJet 2600 series.-.HP Inc.) -> MsiExec.exe /I{12B536BF-B66A-4A2B-AA65-1A90BF027961} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1B31F1CC-7C8B-4760-91B1-3DF6873EDC2D}] : (ProfileSwitcherCleanup.-.ASUSTeKcomputer.Inc) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2159D6A2-CFFE-51F3-0017-A53F85A727E3}] : (General Runtime Files for Allplan 2016-1-7 x64.-.Nemetschek Allplan Systems GmbH) -> MsiExec.exe /I{2159D6A2-CFFE-51F3-0017-A53F85A727E3} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F64180161F0}] : (Java 8 Update 161 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180161F0} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{36606417-B1C4-42C2-B5C1-67972DA63DAB}] : (ProductDaemonSetup.-.ASUSTeKcomputer.Inc) -> MsiExec.exe /I{36606417-B1C4-42C2-B5C1-67972DA63DAB} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3CF43809-BA72-4BC7-B936-1308CE57C6E6}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{3CF43809-BA72-4BC7-B936-1308CE57C6E6} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4FEB3307-A0EF-4385-9C8F-4B4C1503311C}] : (ApoDispatchConfigurator.-.ASUSTeKcomputer.Inc) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{60130678-813A-4D4B-97E7-284F27516561}] : (Intel® PROSet/Wireless WiFi Software.-.Intel Corporation) -> MsiExec.exe /I{60130678-813A-4D4B-97E7-284F27516561} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{66C5838F-B854-4A55-89E6-A6138747A4DF}] : (Epic Games Launcher Prerequisites (x64).-.Epic Games, Inc.) -> MsiExec.exe /X{66C5838F-B854-4A55-89E6-A6138747A4DF} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{67133B16-3310-4E5A-91DC-F4E8527A2A9C}] : (SonicMapperConfigurator.-.ASUSTeKcomputer.Inc) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7c6a2125-4d2d-4244-916f-0ea498b7c952}] : (Intel(R) PRO/Wireless Driver.-.Intel Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{81FDC114-BADF-47AA-8A08-B03661FB4991}] : (Node.js.-.Node.js Foundation) -> MsiExec.exe /I{81FDC114-BADF-47AA-8A08-B03661FB4991} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{88001CF1-7D5B-4BCC-9AF1-F7F4AD2BC488}] : (SonicRadar3Setup.-.ASUSTeKcomputer.Inc) -> MsiExec.exe /I{88001CF1-7D5B-4BCC-9AF1-F7F4AD2BC488} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}] : (Intel(R) Chipset Device Software.-.Intel Corporation) -> MsiExec.exe /I{94E05108-3E4E-4F2E-AC5F-33A1B22B779C} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9B8ADE33-5DE8-4EE2-9EF4-E1EA65A37F32}] : (Microsoft VC++ redistributables repacked..-.Intel Corporation) -> MsiExec.exe /I{9B8ADE33-5DE8-4EE2-9EF4-E1EA65A37F32} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{ABDC630D-DC10-4991-9965-D683C8F4885D}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> MsiExec.exe /I{ABDC630D-DC10-4991-9965-D683C8F4885D} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AC306567-A1B7-4208-8FED-97CF535050BC}] : (DeviceRoutingConfigurator.-.ASUSTeKcomputer.Inc) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel] : (NVIDIA Ansel.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 399.24.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus] : (NVIDIA Optimus Update 27.1.0.0.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (NVIDIA Update 27.1.0.0.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer] : (DisplayDriverAnalyzer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (NVIDIA SHIELD Streaming.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend] : (NVIDIA Backend.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer] : (NVIDIA Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem] : (NVIDIA LocalSystem Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus] : (NVIDIA Message Bus for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService] : (NVIDIA NetworkService Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session] : (NVIDIA Session Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User] : (NVIDIA User Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer] : (NVIDIA Display Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS] : (NVIDIA Display Container LS.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog] : (NVIDIA Display Watchdog Plugin.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer] : (NVIDIA Display Session Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs] : (NVIDIA NodeJS.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog] : (NVIDIA Watchdog Plugin for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry] : (NVIDIA Telemetry Client.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer] : (NVIDIA Telemetry Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci] : (NVIDIA Virtual Host Controller.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC] : (Nvidia Share.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 3.8.0.89.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (NVIDIA SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 3.90.1.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C1520A55-D4B2-43D4-8520-3C5683C94DC8}] : (NahimicSettingsConfigurator.-.ASUSTeKcomputer.Inc) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D515AD5F-004D-4B21-80BD-5F21DD33C039}] : (Logiciel de base du périphérique HP DeskJet 2600 series.-.HP Inc.) -> MsiExec.exe /I{D515AD5F-004D-4B21-80BD-5F21DD33C039} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D894441F-8A5E-48A0-8894-7FA739C1A33A}] : (SonicStudio3Setup.-.ASUSTeKcomputer.Inc) -> MsiExec.exe /I{D894441F-8A5E-48A0-8894-7FA739C1A33A} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E0E25843-D0D2-4947-A2C2-CFBABB4FCBDE}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{E0E25843-D0D2-4947-A2C2-CFBABB4FCBDE} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}] : (Intel(R) ME UninstallLegacy.-.Intel Corporation) -> MsiExec.exe /I{E9B9A1A5-6398-4C99-8FDE-10794F6505C5} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F6AA7E43-41A4-4304-BA96-A495C5788231}] : (Intel(R) Trusted Connect Service Client.-.Intel Corporation) -> MsiExec.exe /I{F6AA7E43-41A4-4304-BA96-A495C5788231} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F97C940B-7821-4DF7-917C-3EEA95D6091F}] : (CodeMeter Runtime Kit v6.50c.-.WIBU-SYSTEMS AG) -> MsiExec.exe /I{F97C940B-7821-4DF7-917C-3EEA95D6091F} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F9E85A10-B115-B8CC-553E-36C7FF42B05B}] : (General Runtime Files for Allplan 2018-0-2 x64.-.Nemetschek Allplan Systems GmbH) -> MsiExec.exe /I{F9E85A10-B115-B8CC-553E-36C7FF42B05B} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\1207659102_is1] : (FTL: Advanced Edition.-.GOG.com) -> "D:\Jeu\FTL - Advanced Edition\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\1436885062_is1] : (Tropico 5.-.GOG.com) -> "D:\Jeu\Tropico 5\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\1455998221_is1] : (MachiaVillain.-.GOG.com) -> "D:\Jeu\MachiaVillain\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\1620157881_is1] : (Tooth and Tail.-.GOG.com) -> "D:\Jeu\Tooth and Tail\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\2004253604_is1] : (Into the Breach.-.GOG.com) -> "D:\Jeu\Into the Breach\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\2061814323_is1] : (Wizard of Legend.-.GOG.com) -> "D:\Jeu\Wizard of Legend\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Crash Bandicoot N Sane Trilogy_is1] : (Crash Bandicoot N Sane Trilogy.-.) -> "D:\Games\Crash Bandicoot N Sane Trilogy\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Free Mp3 M4a Wma Converter_is1] : (Free Mp3 M4a Wma Converter V 1.6.-.KastorSoft) -> "C:\Program Files (x86)\Kastor Free Mp3 M4a Wma Converter\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Frostpunk The Fall of Winterhome_is1] : (Frostpunk The Fall of Winterhome.-.) -> "D:\Games\Frostpunk The Fall of Winterhome\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\GOGPACKHOTLINEMIAMI_is1] : (Hotline Miami.-.GOG.com) -> "D:\Jeu\Hotline Miami\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\GOGPACKROGUELEGACY_is1] : (Rogue Legacy.-.GOG.com) -> "D:\Jeu\Rogue Legacy\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Open Video Capture_is1] : (Open Video Capture version 1.1.-.) -> "C:\Program Files (x86)\OpenVideoCapture\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Snake Pass_is1] : (Snake Pass.-.) -> "D:\Jeu\Snake Pass\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Surviving Mars_is1] : (Surviving Mars.-.) -> "D:\Games\Surviving Mars\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Tropico 5 Complete Collection Upgrade_is1] : (Tropico 5 Complete Collection Upgrade.-.GOG.com) -> "D:\Jeu\Tropico 5\unins001.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WinX YouTube Downloader_is1] : (WinX YouTube Downloader 4.0.9.-.Digiarty Software, Inc.) -> "D:\WinX_YouTube_Downloader\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}] : (ASUS Splendid Video Enhancement Technology.-.ASUS) -> MsiExec.exe /X{0969AF05-4FF6-4C00-9406-43599238DE0D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1192D531-A1D5-4BBB-89B7-2304ABB3E3E1}] : (HP Google Drive Plugin.-.HP) -> MsiExec.exe /I{1192D531-A1D5-4BBB-89B7-2304ABB3E3E1} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{231B68C6-EDD8-4EA5-9860-1A8C4DB51FDA}] : (HP FTP Plugin.-.HP) -> MsiExec.exe /I{231B68C6-EDD8-4EA5-9860-1A8C4DB51FDA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3EAD50AC-63AD-4356-9B1E-A65B054F690F}] : (HP DeskJet 2600 series Aide.-.HP) -> MsiExec.exe /I{3EAD50AC-63AD-4356-9B1E-A65B054F690F} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{43CB5D1B-3C09-4065-A665-72FC2765B430}] : (HP Dropbox Plugin.-.HP) -> MsiExec.exe /I{43CB5D1B-3C09-4065-A665-72FC2765B430} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{559FA847-377D-4926-80A3-ED9E014D363A}] : (Intel(R) Wireless Bluetooth(R).-.Intel Corporation) -> MsiExec.exe /I{559FA847-377D-4926-80A3-ED9E014D363A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{582876EC-A178-44D4-9823-C10D6C62EAFF}] : (.-.) -> MsiExec /X{8B922CF8-8A6C-41CE-A858-F1755D7F5D29} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}] : (Realtek Card Reader.-.Realtek Semiconductor Corp.) -> C:\WINDOWS\RtCRU64.exe /u [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5CE6E3CD-1AD8-4DA3-9BE7-CADE10583498}] : (HP EmailSMTP Plugin.-.HP) -> MsiExec.exe /I{5CE6E3CD-1AD8-4DA3-9BE7-CADE10583498} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6599C1AB-394E-4CB0-ADCE-53A0E5E8873E}] : (Microsoft VC++ redistributables repacked..-.Intel Corporation) -> MsiExec.exe /I{6599C1AB-394E-4CB0-ADCE-53A0E5E8873E} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7535C402-1670-31E0-F0D0-52DC6D50AB76}] : (General Runtime Files for Allplan 2018-0-2.-.Nemetschek Allplan Systems GmbH) -> MsiExec.exe /I{7535C402-1670-31E0-F0D0-52DC6D50AB76} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}] : (ASUS PTP Driver.-.ASUS) -> MsiExec.exe /I{7618E419-9124-4E6C-9AF4-487A6DDEC1C5} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}] : (NVIDIA PhysX.-.NVIDIA Corporation) -> MsiExec.exe /I{8B922CF8-8A6C-41CE-A858-F1755D7F5D29} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8D6B05E0-F457-408C-9D13-549334D8FAE1}] : (Device Setup.-.ASUSTek COMPUTER INC.) -> MsiExec.exe /I{8D6B05E0-F457-408C-9D13-549334D8FAE1} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8F21291E-0444-4B1D-B9F9-4370A73E346D}] : (WinFlash.-.ASUSTeK COMPUTER INC.) -> MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A39B5969-9683-49F9-AA69-F40EF0D91441}] : (XSplit Gamecaster.-.SplitmediaLabs) -> MsiExec.exe /X{A39B5969-9683-49F9-AA69-F40EF0D91441} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AA67D612-0BE5-44D6-9A91-592958F754A1}] : (Intel(R) C++ Redistributables on Intel(R) 64.-.Intel Corporation) -> MsiExec.exe /X{AA67D612-0BE5-44D6-9A91-592958F754A1} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}] : (ATK Package (ASUS Keyboard Hotkeys).-.ASUSTeK COMPUTER INC.) -> MsiExec.exe /X{AB5C933E-5C7D-4D30-B314-9C83A49B94BE} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824298644}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824298644} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}] : (Adobe Acrobat Reader DC - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AC0F074E4100} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ACF41228-28D2-497C-AD8F-19005413E49D}] : (Epic Games Launcher.-.Epic Games, Inc.) -> MsiExec.exe /X{ACF41228-28D2-497C-AD8F-19005413E49D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B6E7A310-B63A-4ED9-B2EE-9FB31B4373F0}] : (HP SharePoint Plugin.-.HP) -> MsiExec.exe /I{B6E7A310-B63A-4ED9-B2EE-9FB31B4373F0} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EEB4B0A5-E468-3D72-FE16-C1C202B3E314}] : (General Runtime Files for Allplan 2016-1-7.-.Nemetschek Allplan Systems GmbH) -> MsiExec.exe /I{EEB4B0A5-E468-3D72-FE16-C1C202B3E314} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F719B6C1-B1AD-4CFE-A5A1-8125BA7837F3}] : (HP OneDrive Plugin.-.HP) -> MsiExec.exe /I{F719B6C1-B1AD-4CFE-A5A1-8125BA7837F3} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}] : (ASUS Live Update.-.ASUS) -> MsiExec.exe /X{FA540E67-095C-4A1B-97BA-4D547DEC9AF4} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FB47E710-6249-4EFA-BE36-E922B0612AF4}] : (CASIO FA-124.-.CASIO COMPUTER CO., LTD.) -> MsiExec.exe /X{FB47E710-6249-4EFA-BE36-E922B0612AF4} ---------- | Ports ---------- | Installer [HKCR\Installer\Products\00006109C80000000100000000F01FEC] : Office 16 Click-to-Run Extensibility Component [HKCR\Installer\Products\00006109C800C0400100000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109E70000000100000000F01FEC] : Office 16 Click-to-Run Licensing Component [HKCR\Installer\Products\013A7E6BA36B9DE42BEEF93BB134370F] : HP SharePoint Plugin -> C:\WINDOWS\Installer\{B6E7A310-B63A-4ED9-B2EE-9FB31B4373F0}\HPScan.ico [HKCR\Installer\Products\017E74BF9426AFE4EB639E220B16A24F] : CASIO FA-124 -> C:\WINDOWS\Installer\{FB47E710-6249-4EFA-BE36-E922B0612AF4}\ARPPRODUCTICON.exe [HKCR\Installer\Products\01A58E9F511BCC8B55E3637CFF240BB5] : General Runtime Files for Allplan 2018-0-2 x64 [HKCR\Installer\Products\0E50B6D8754FC804D9314539438DAF1E] : Device Setup -> C:\Windows\Installer\{8D6B05E0-F457-408C-9D13-549334D8FAE1}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\135D29115D1ABBB4987B3240BA3B3E1E] : HP Google Drive Plugin -> C:\WINDOWS\Installer\{1192D531-A1D5-4BBB-89B7-2304ABB3E3E1}\HPScan.ico [HKCR\Installer\Products\1C6B917FDA1BEFC45A1A1852AB87733F] : HP OneDrive Plugin -> C:\WINDOWS\Installer\{F719B6C1-B1AD-4CFE-A5A1-8125BA7837F3}\HPScan.ico [HKCR\Installer\Products\1FC10088B5D7CCB4A91F7F4FDAB24C88] : SonicRadar3Setup [HKCR\Installer\Products\204C535707610E130F0D25CDD605BA67] : General Runtime Files for Allplan 2018-0-2 [HKCR\Installer\Products\216D76AA5EB06D44A9199592857F451A] : Intel(R) C++ Redistributables on Intel(R) 64 [HKCR\Installer\Products\2A6D9512EFFC3F1500715AF3587A723E] : General Runtime Files for Allplan 2016-1-7 x64 [HKCR\Installer\Products\34852E0E2D0D74942A2CFCABBBF4BCED] : Intel(R) Management Engine Components [HKCR\Installer\Products\34E7AA6F4A144034AB694A595C872813] : Intel(R) Trusted Connect Service Client [HKCR\Installer\Products\411CDF18FDABAA74A8800B6316BF9419] : Node.js -> C:\WINDOWS\Installer\{81FDC114-BADF-47AA-8A08-B03661FB4991}\NodeIcon [HKCR\Installer\Products\4EA42A62D9304AC4784BF2468110160F] : Java 8 Update 161 (64-bit) -> C:\Program Files\Java\jre1.8.0_161\\bin\javaws.exe [HKCR\Installer\Products\50FA96906FF400C4496034952983EDD0] : ASUS Splendid Video Enhancement Technology -> C:\Windows\Installer\{0969AF05-4FF6-4C00-9406-43599238DE0D}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\5212A6C7D2D4442419F6E04A897B9C25] : Intel(R) PRO/Wireless Driver -> C:\Windows\Installer\{7C6A2125-4D2D-4244-916F-0EA498B7C952}\ARPPRODUCTICON.exe [HKCR\Installer\Products\55A0251C2B4D4D345802C365389CD48C] : NahimicSettingsConfigurator [HKCR\Installer\Products\55EC5C4023F7D2D4EA2ADF0CE3F856CC] : AudioCaptureNotificationConfigurator [HKCR\Installer\Products\5A0B4BEE864E27D3EF611C2C203B3E41] : General Runtime Files for Allplan 2016-1-7 [HKCR\Installer\Products\5A1A9B9E893699C4F8ED0197F456505C] : Intel(R) ME UninstallLegacy [HKCR\Installer\Products\5EBB12C04B4F2E24EAB4EB12B01B8BBA] : Intel(R) Serial IO [HKCR\Installer\Products\61B331760133A5E419CD4F8E25A7A2C9] : SonicMapperConfigurator [HKCR\Installer\Products\68AB67CA408033019195008142926844] : Adobe Refresh Manager -> C:\WINDOWS\Installer\{AC76BA86-0804-1033-1959-001824298644}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA76301B744CAF070E41400] : Adobe Acrobat Reader DC - Français -> C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico [HKCR\Installer\Products\6C86B1328DDE5AE48906A1C8D45BF1AD] : HP FTP Plugin -> C:\WINDOWS\Installer\{231B68C6-EDD8-4EA5-9860-1A8C4DB51FDA}\HPScan.ico [HKCR\Installer\Products\7033BEF4FE0A5834C9F8B4C4513013C1] : ApoDispatchConfigurator [HKCR\Installer\Products\714606634C1B2C245B1C7679D26AD3BA] : ProductDaemonSetup [HKCR\Installer\Products\748AF955D7736294083ADEE910D463A3] : Intel(R) Wireless Bluetooth(R) -> C:\Windows\Installer\{559FA847-377D-4926-80A3-ED9E014D363A}\IntelBluetooth.ico [HKCR\Installer\Products\765603CA7B1A8024F8DE79FC350505CB] : DeviceRoutingConfigurator [HKCR\Installer\Products\76E045AFC590B1A479ABD445D7CEA94F] : ASUS Live Update -> C:\Windows\Installer\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}\MyIcon2 [HKCR\Installer\Products\7DEDDF5C7CED4B84FA8DFD8B0ADF91A9] : Update for Windows 10 for x64-based Systems (KB4023057) [HKCR\Installer\Products\80150E49E4E3E2F4CAF5331A2BB277C9] : Intel(R) Chipset Device Software [HKCR\Installer\Products\82214FCA2D82C794DAF8910045314ED9] : Epic Games Launcher -> C:\Windows\Installer\{ACF41228-28D2-497C-AD8F-19005413E49D}\Installer.ico [HKCR\Installer\Products\87603106A318B4D4797E82F472155616] : Intel® PROSet/Wireless WiFi Software -> C:\Windows\Installer\{60130678-813A-4D4B-97E7-284F27516561}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8FC229B8C6A8EC148A851F57D5F7D592] : NVIDIA PhysX -> C:\Windows\Installer\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}\icon.ico [HKCR\Installer\Products\90834FC327AB7CB49B633180EC756C6E] : Intel(R) Management Engine Components [HKCR\Installer\Products\914E81674219C6E4A94F84A7D6ED1C5C] : ASUS PTP Driver -> C:\Windows\Installer\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\9695B93A38699F94AA964FE00F9D4114] : XSplit Gamecaster -> C:\Windows\Installer\{A39B5969-9683-49F9-AA69-F40EF0D91441}\XSplit.Gamecaster.exe [HKCR\Installer\Products\99E80CA9B0328e74791254777B1F42AE] : [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\B049C79F12877FD419C7E3AE596D90F1] : CodeMeter Runtime Kit v6.50c -> C:\Windows\Installer\{F97C940B-7821-4DF7-917C-3EEA95D6091F}\CodeMeter.ico [HKCR\Installer\Products\B1D5BC3490C356046A5627CF72564B03] : HP Dropbox Plugin -> C:\WINDOWS\Installer\{43CB5D1B-3C09-4065-A665-72FC2765B430}\HPScan.ico [HKCR\Installer\Products\BD683D90B42318E4D812A51F34E36D00] : ROG Gaming Center Core [HKCR\Installer\Products\CA05DAE3DA366534B9E16AB550F496F0] : HP DeskJet 2600 series Aide -> C:\WINDOWS\Installer\{3EAD50AC-63AD-4356-9B1E-A65B054F690F}\ARP_Icon [HKCR\Installer\Products\CC1F13B1B8C70674191BD36F78E3CDD2] : ProfileSwitcherCleanup [HKCR\Installer\Products\D036CDBA01CD199499566D388C4F88D5] : Intel(R) Rapid Storage Technology [HKCR\Installer\Products\DC3E6EC58DA13AD4B97EACED01854389] : HP EmailSMTP Plugin -> C:\WINDOWS\Installer\{5CE6E3CD-1AD8-4DA3-9BE7-CADE10583498}\HPScan.ico [HKCR\Installer\Products\E19212F84440D1B49B9F34077AE343D6] : WinFlash -> C:\Windows\Installer\{8F21291E-0444-4B1D-B9F9-4370A73E346D}\MyIcon [HKCR\Installer\Products\E339C5BAD7C503D43B41C9384AB949EB] : ATK Package (ASUS Keyboard Hotkeys) -> C:\Windows\Installer\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\F144498DE5A80A848849F77A931C3AA3] : SonicStudio3Setup [HKCR\Installer\Products\F5DA515DD40012B408DBF512DD330C93] : Logiciel de base du périphérique HP DeskJet 2600 series -> C:\WINDOWS\Installer\{D515AD5F-004D-4B21-80BD-5F21DD33C039}\ARP_Icon [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\F8385C66458B55A4986E6A3178744AFD] : Epic Games Launcher Prerequisites (x64) -> C:\Windows\Installer\{66C5838F-B854-4A55-89E6-A6138747A4DF}\UnrealEngineLauncher.ico [HKCR\Installer\Products\FB635B21A66BB2A4AA56A109FB209716] : Étude pour l'amélioration du produit HP DeskJet 2600 series -> C:\WINDOWS\Installer\{12B536BF-B66A-4A2B-AA65-1A90BF027961}\ARP_Icon [HKCR\Installer\Products\FBD281CC76CF97F49903A662286EB0DD] : ROG Gaming Center -> C:\Windows\Installer\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}\_853F67D554F05449430E7E.exe ---------- | ADS ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Le fournisseur d’événements IntelWLANEventProvider a tenté d’inscrire dans l’espace de noms //./root/DEFAULT la requête « select * from CIntelQosEvent » dont la classe cible « CIntelQosEvent » n’existe pas. La requête sera ignorée. ------------ Le fournisseur d’événements IntelWLANEventProvider a tenté d’inscrire dans l’espace de noms //./root/DEFAULT la requête « select * from CIntelDot1xEvent » dont la classe cible « CIntelDot1xEvent » n’existe pas. La requête sera ignorée. ------------ Le fournisseur d’événements IntelWLANEventProvider a tenté d’inscrire dans l’espace de noms //./root/DEFAULT la requête « select * from CIntelWLANEvent » dont la classe cible « CIntelWLANEvent » n’existe pas. La requête sera ignorée. ------------ Le fournisseur d’événements a tenté d’inscrire dans l’espace de noms //./root/DEFAULT la requête « select * from CIntelQosEvent » dont la classe cible « CIntelQosEvent » n’existe pas. La requête sera ignorée. ------------ Le fournisseur d’événements a tenté d’inscrire dans l’espace de noms //./root/DEFAULT la requête « select * from CIntelDot1xEvent » dont la classe cible « CIntelDot1xEvent » n’existe pas. La requête sera ignorée. ------------ Le fournisseur d’événements a tenté d’inscrire dans l’espace de noms //./root/DEFAULT la requête « select * from CIntelWLANEvent » dont la classe cible « CIntelWLANEvent » n’existe pas. La requête sera ignorée. ------------ Échec de lecture de l'état du nœud de cluster : . Le code d'erreur retourné est : 0x8007085A ------------ Échec de lecture de l'état du nœud de cluster : . Le code d'erreur retourné est : 0x8007085A ------------ Échec de lecture de l'état du nœud de cluster : . Le code d'erreur retourné est : 0x8007085A ------------ Échec de lecture de l'état du nœud de cluster : . Le code d'erreur retourné est : 0x8007085A ------------ Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80073D02 : 9PG5Q8NSF0ZC-B9ECED6F.ROGAuraCore. ------------ Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} et l’APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} au SID JC-10-01-2018\colis de l’utilisateur (S-1-5-21-1812020250-49885185-2009104261-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. ------------ Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} et l’APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} au SID JC-10-01-2018\colis de l’utilisateur (S-1-5-21-1812020250-49885185-2009104261-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. ------------ Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} et l’APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} au SID JC-10-01-2018\colis de l’utilisateur (S-1-5-21-1812020250-49885185-2009104261-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. ------------ Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} et l’APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} au SID JC-10-01-2018\colis de l’utilisateur (S-1-5-21-1812020250-49885185-2009104261-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. ------------ Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} et l’APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} au SID JC-10-01-2018\colis de l’utilisateur (S-1-5-21-1812020250-49885185-2009104261-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. ------------ Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} et l’APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} au SID JC-10-01-2018\colis de l’utilisateur (S-1-5-21-1812020250-49885185-2009104261-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. ------------ Le service Steam Client Service n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. ------------ Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Steam Client Service. ------------ ----------( EOF)---------- - 4766 | 18:17:28