--------------- QuickDiag | g3n-h@ckm@n | V4_31.08.18.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 03/02/2019 19:53:40 Updated 31/08/2018 | 22:20 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Debjam (Administrator)] - [DEBJAM-PC] (S-1-5-21-334556959-3654049488-902140452-1000) System: Microsoft Windows 7 Édition Familiale Premium - Service Pack 1 - (6.1.7601) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> () System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 7 Édition Familiale Premium |C:\Windows|\Device\Harddisk0\Partition2 Boot : Normal boot PC: Inspiron N5110 - Dell Inc. - IdNumber: 4GBRGR1 - UUID: 4C4C4544-0047-4210-8052-B4C04F475231 Processor : X64 - 2494 Mhz - Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz BIOS Date: 09/30/11 14:31:19 Ver: 04.06.04 - eng - Dell Inc. - S/N: 4GBRGR1 - A09 - DELL - 1072009 CoreTemp : 66.5 Celsius ----------| Quick ---------- | SoundDevice NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000 Périphérique High Definition Audio - Status: OK - Manufacturer: Microsoft - PNPDeviceID: HDAUDIO\FUNC_01&VEN_111D&DEV_76D1&SUBSYS_102804B0&REV_1002\4&3B1D1C48&0&0001 ---------- | Video Intel(R) HD Graphics Family - Resolution: x - Colors: - RefreshRate: - Bits Per Pixel - DeviceID: VideoController1 - Drivers: igdumd64.dll,igd10umd64.dll,igd10umd64.dll,igdumdx32,igd10umd32,igd10umd32 - PNPDeviceID: PCI\VEN_8086&DEV_0126&SUBSYS_04CA1028&REV_09\3&11583659&0&10 - AdapterCompatibility: Intel Corporation - RAM: -1324326912 NVIDIA GeForce GT 525M - Resolution: 1366x768 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController2 - Drivers: nvd3dumx.dll,nvwgf2umx.dll,nvwgf2umx.dll,nvd3dum,nvwgf2um,nvwgf2um - PNPDeviceID: PCI\VEN_10DE&DEV_0DF5&SUBSYS_04CA1028&REV_A1\4&25B6F6E2&0&0008 - AdapterCompatibility: NVIDIA - RAM: 1073741824 Inegrated Video Chipset DeviceName: Intel(R) HD Graphics Family - DriverVersion: 8.15.10.2361 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16384 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 22016 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 29184 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 24064 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25600 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 81408 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK ---------- | CPU ---------- | Network WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : ROOT\MS_SSTPMINIPORT\0000 WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : ROOT\MS_AGILEVPNMINIPORT\0000 WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : ROOT\MS_L2TPMINIPORT\0000 WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : ROOT\MS_PPTPMINIPORT\0000 WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : ROOT\MS_PPPOEMINIPORT\0000 WAN Miniport (IPv6) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIPV6\0000 WAN Miniport (Network Monitor) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANBH\0000 WAN Miniport (IP) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIP\0000 Périphérique Bluetooth (réseau personnel) - Ethernet 802.3 - Microsoft - Status: - PnPID : BTH\MS_BTHPAN\7&22B56496&0&2 RAS Async Adapter - - - Status: - PnPID : Carte Microsoft ISATAP - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0000 Realtek PCIe FE Family Controller - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8136&SUBSYS_04B01028&REV_05\01000000364CE00000 Teredo Tunneling Pseudo-Interface - Tunnel - Microsoft - Status: - PnPID : ROOT\*TEREDO\0000 Carte Microsoft ISATAP #2 - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0001 Intel(R) Centrino(R) Wireless-N 1030 - Ethernet 802.3 - Intel Corporation - Status: - PnPID : PCI\VEN_8086&DEV_008A&SUBSYS_53258086&REV_34\4C8093FFFF46254900 Carte Microsoft ISATAP #4 - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0002 Carte Microsoft ISATAP - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0003 TunnelBear Adapter V9 - Ethernet 802.3 - TunnelBear Provider V9 - Status: - PnPID : ROOT\NET\0000 Carte Microsoft ISATAP #6 - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0004 ---------- | Memory RAM = Total (MB) : 6195 | Free (MB) : 2541 Pagefile = Total (MB) : 12389 | Free (MB) : 8877 Virtual = Total (MB) : 4194 | Free (MB) : 3981 Physical Memory 0 : Capacity: 4294967296 - DIMM_A - Posit.: 1 - Manufacturer: 80CE - PartNumber: M471B5273CH0-CH9 - S/N: 0047DC8E Physical Memory 1 : Capacity: 2147483648 - DIMM_B - Posit.: 2 - Manufacturer: 80CE - PartNumber: M471B5773DH0-CH9 - S/N: 00206867 ---------- | SID Users Administrateur : [S-1-5-21-334556959-3654049488-902140452-500] Debjam : [S-1-5-21-334556959-3654049488-902140452-1000] HomeGroupUser$ : [S-1-5-21-334556959-3654049488-902140452-1003] Invité : [S-1-5-21-334556959-3654049488-902140452-501] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Utilisateurs : [S-1-5-32-545] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] HomeUsers : [S-1-5-21-334556959-3654049488-902140452-1002] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [] | Total : 465.66 Go | Free : 362.86 Go -> NTFS [ATA] DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 2 Part. - PnPID : IDE\DISKTOSHIBA_MK5076GSX_______________________GS002D__\4&B2CB2C2&0&0.0.0 ---------- | Windows updates - Activation - License W.A.T : :) Last detection : 2019-02-03 08:59:45 Downloaded last ones : 2019-01-17 13:00:22 Installed last ones : 2019-01-17 13:00:15 Next search : 2019-02-04 06:01:07 Test 1 : Windows Is Activated Volume License ---------- | Browsers IE : 11.0.9600.19236 (© Microsoft Corporation. Tous droits réservés.) GC : 71.0.3578.98 (Copyright 2017 Google Inc.) Default : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "" ---------- | FlashPlayer ---------- | Security AV : Avast Antivirus Enabled AS : Avast Antivirus Enabled FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Auto(2)] = Running AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 424 | [Owner : Système | Parent : 4(System) | 1.35 Mo] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7601.24335) = C:\Windows\System32\smss.exe [09/01/2019 15:56:15] 532 | [Owner : Système | Parent : 504() | 5.26 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe [14/07/2009 00:19:49] 644 | [Owner : Système | Parent : 504() | 4.92 Mo] - (.Microsoft Corporation - Application de démarrage de Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe [14/07/2009 00:52:37] 668 | [Owner : Système | Parent : 652() | 19.65 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe [14/07/2009 00:19:49] 700 | [Owner : Système | Parent : 644(wininit.exe) | 11.12 Mo] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.1.7601.18829) = C:\Windows\System32\services.exe [13/05/2015 13:21:59] 740 | [Owner : Système | Parent : 652() | 8.08 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.1.7601.24000) = C:\Windows\System32\winlogon.exe [16/01/2018 22:47:36] 760 | [Owner : Système | Parent : 644(wininit.exe) | 14.15 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.24335) = C:\Windows\System32\lsass.exe [09/01/2019 15:56:11] 768 | [Owner : Système | Parent : 644(wininit.exe) | 4.84 Mo] - (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe [21/11/2010 04:23:53] 872 | [Owner : Système | Parent : 700(services.exe) | 11.26 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] 960 | [Owner : Système | Parent : 700(services.exe) | 8.56 Mo] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 355.60.) - (8.17.13.5560) = C:\Windows\System32\nvvsvc.exe [21/04/2011 20:35:40] 984 | [Owner : Système | Parent : 700(services.exe) | 6.2 Mo] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - (7.17.13.5560) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [27/08/2015 18:19:28] 124 | [Owner : SERVICE RÉSEAU | Parent : 700(services.exe) | 9.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] 600 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 20.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] 672 | [Owner : Système | Parent : 700(services.exe) | 206.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] 764 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 22.17 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] 832 | [Owner : Système | Parent : 700(services.exe) | 41.91 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] 1084 | [Owner : SERVICE LOCAL | Parent : 600(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (6.1.7601.23471) = C:\Windows\System32\audiodg.exe [12/10/2016 19:48:57] 1188 | [Owner : SERVICE RÉSEAU | Parent : 700(services.exe) | 36.33 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] 1264 | [Owner : Système | Parent : 960(nvvsvc.exe) | 22.4 Mo] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.5560) = C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe [21/04/2011 20:35:10] 1288 | [Owner : Système | Parent : 960(nvvsvc.exe) | 15.97 Mo] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 355.60.) - (8.17.13.5560) = C:\Windows\System32\nvvsvc.exe [21/04/2011 20:35:40] 1544 | [Owner : Debjam | Parent : 672(svchost.exe) | 72.58 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe [14/07/2009 00:37:38] 1552 | [Owner : Debjam | Parent : 1536() | 76.07 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.23537) = C:\Windows\explorer.exe [12/10/2016 19:48:29] 1632 | [Owner : Système | Parent : 700(services.exe) | 262.98 Mo] - (.AVAST Software - Avast Service.) - (19.1.4142.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe [07/01/2019 09:00:58] 1952 | [Owner : Debjam | Parent : 700(services.exe) | 14.5 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe [21/02/2013 16:27:09] 2004 | [Owner : Système | Parent : 700(services.exe) | 19.18 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.24000) = C:\Windows\System32\spoolsv.exe [16/01/2018 22:47:26] 2016 | [Owner : Debjam | Parent : 1552(explorer.exe) | 7.89 Mo] - (.Intel Corporation - igfxTray Module.) - (8.15.10.2361) = C:\Windows\System32\igfxtray.exe [20/02/2013 14:46:50] 2044 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 16.51 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] 1276 | [Owner : Debjam | Parent : 1552(explorer.exe) | 7.54 Mo] - (.Intel Corporation - hkcmd Module.) - (8.15.10.2361) = C:\Windows\System32\hkcmd.exe [20/02/2013 14:46:50] 1480 | [Owner : Debjam | Parent : 1552(explorer.exe) | 9.33 Mo] - (.Intel Corporation - persistence Module.) - (8.15.10.2361) = C:\Windows\System32\igfxpers.exe [20/02/2013 14:46:50] 2140 | [Owner : Debjam | Parent : 1552(explorer.exe) | 18.79 Mo] - (.NVIDIA Corporation - NVIDIA Backend.) - (20.0.14.0) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [27/08/2015 18:01:33] 2192 | [Owner : Système | Parent : 700(services.exe) | 4.46 Mo] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.29.8644) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [13/08/2018 23:27:08] 2500 | [Owner : Debjam | Parent : 1264(NvXDSync.exe) | 13.25 Mo] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.5560) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [21/04/2011 20:35:26] 2512 | [Owner : Système | Parent : 700(services.exe) | 10.97 Mo] - (.Apple Inc. - MobileDeviceService.) - (17.344.6.6) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [19/01/2015 23:30:38] 2520 | [Owner : Debjam | Parent : 1552(explorer.exe) | 11 Mo] - (.Corel Corporation - WinZip Update Notifier.) - (3.5.13036.0) = C:\Config.Msi\15a057.rbf [03/02/2019 19:10:19] 2560 | [Owner : Debjam | Parent : 2352() | 52.22 Mo] - (.AVAST Software - Avast Antivirus.) - (19.1.4142.454) = C:\Program Files\AVAST Software\Avast\AvastUI.exe [21/01/2019 17:02:03] 2628 | [Owner : Debjam | Parent : 1552(explorer.exe) | 14.02 Mo] - (.Hewlett-Packard Development Company, LP - ScanToPCActivationApp.) - (32.3.198.49673) = C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [21/07/2014 15:25:12] 2856 | [Owner : Système | Parent : 700(services.exe) | 6.46 Mo] - (.Apple Inc. - Bonjour Service.) - (3.0.0.10) = C:\Program Files\Bonjour\mDNSResponder.exe [30/08/2011 23:05:32] 2880 | [Owner : Système | Parent : 700(services.exe) | 12.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] 2952 | [Owner : Système | Parent : 700(services.exe) | 10.7 Mo] - (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) - (2.5.14.5) = C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [27/08/2015 18:01:40] 568 | [Owner : Debjam | Parent : 1552(explorer.exe) | 85.75 Mo] - (.The Chromium Authors - Chromium.) - (63.0.3236.0) = C:\Users\Debjam\AppData\Local\Chromium\Application\chrome.exe [03/02/2019 17:16:34] 2120 | [Owner : Debjam | Parent : 1552(explorer.exe) | 272.83 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28/07/2015 20:09:03] 2132 | [Owner : SERVICE LOCAL | Parent : 872(svchost.exe) | 13.42 Mo] - (.Microsoft Corporation - Print Filter Pipeline Host.) - (6.1.7600.16385) = C:\Windows\System32\printfilterpipelinesvc.exe [14/07/2009 01:41:08] 2292 | [Owner : Debjam | Parent : 2120(chrome.exe) | 7.81 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28/07/2015 20:09:03] 1400 | [Owner : Debjam | Parent : 2120(chrome.exe) | 8.24 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28/07/2015 20:09:03] 2980 | [Owner : Debjam | Parent : 2120(chrome.exe) | 131.72 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28/07/2015 20:09:03] 3148 | [Owner : Debjam | Parent : 2120(chrome.exe) | 57.29 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28/07/2015 20:09:03] 3176 | [Owner : Système | Parent : 700(services.exe) | 9.91 Mo] - (.NVIDIA Corporation - NVIDIA Network Service.) - (2.4.13.69) = C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [27/08/2015 18:01:29] 3188 | [Owner : Debjam | Parent : 2120(chrome.exe) | 70.78 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28/07/2015 20:09:03] 3624 | [Owner : Debjam | Parent : 3560() | 6.22 Mo] - (.Renesas Electronics Corporation - USB 3.0 Monitor.) - (2.0.28.0) = C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [17/11/2010 02:53:16] 3712 | [Owner : Debjam | Parent : 3560() | 23.69 Mo] - (.Intel Corporation - IAStorIcon.) - (10.1.0.1008) = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [20/02/2013 14:46:43] 3748 | [Owner : Debjam | Parent : 3560() | 5.04 Mo] - (.Hewlett-Packard - hpwuSchd Application.) - (80.1.1.0) = C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [30/05/2013 13:50:10] 3256 | [Owner : Debjam | Parent : 568(chrome.exe) | 6.94 Mo] - (.The Chromium Authors - Chromium.) - (63.0.3236.0) = C:\Users\Debjam\AppData\Local\Chromium\Application\chrome.exe [03/02/2019 17:16:34] 3764 | [Owner : Debjam | Parent : 2120(chrome.exe) | 201.52 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28/07/2015 20:09:03] 4140 | [Owner : Debjam | Parent : 2120(chrome.exe) | 265.44 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28/07/2015 20:09:03] 4792 | [Owner : Debjam | Parent : 568(chrome.exe) | 42.21 Mo] - (.The Chromium Authors - Chromium.) - (63.0.3236.0) = C:\Users\Debjam\AppData\Local\Chromium\Application\chrome.exe [03/02/2019 17:16:34] 5064 | [Owner : Debjam | Parent : 568(chrome.exe) | 40.79 Mo] - (.The Chromium Authors - Chromium.) - (63.0.3236.0) = C:\Users\Debjam\AppData\Local\Chromium\Application\chrome.exe [03/02/2019 17:16:34] 4108 | [Owner : Debjam | Parent : 2120(chrome.exe) | 56.72 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28/07/2015 20:09:03] 544 | [Owner : Système | Parent : 700(services.exe) | 11 Mo] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (4.1.1988.8932) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [27/08/2015 18:01:33] 1332 | [Owner : Système | Parent : 700(services.exe) | 5.02 Mo] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - (2.5.5.0) = C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [21/03/2018 22:35:10] 4616 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 10.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] 3680 | [Owner : Système | Parent : 700(services.exe) | 31.74 Mo] - (.TunnelBear - TunnelBear.Maintenance.) - (3.7.3.1) = C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [07/01/2019 21:05:20] 3972 | [Owner : SERVICE RÉSEAU | Parent : 544(NvStreamService.exe) | 11.95 Mo] - (.NVIDIA Corporation - NVIDIA Network Stream Service.) - (4.1.1989.3729) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [27/08/2015 18:01:33] 5260 | [Owner : Système | Parent : 544(NvStreamService.exe) | 15.02 Mo] - (.NVIDIA Corporation - NVIDIA Streamer User Agent.) - (4.1.1990.344) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe [27/08/2015 18:01:33] 5268 | [Owner : SERVICE RÉSEAU | Parent : 532(csrss.exe) | 3.79 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (6.1.7601.24335) = C:\Windows\System32\conhost.exe [09/01/2019 15:56:17] 5684 | [Owner : Système | Parent : 668(csrss.exe) | 5.38 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (6.1.7601.24335) = C:\Windows\System32\conhost.exe [09/01/2019 15:56:17] 3076 | [Owner : SERVICE RÉSEAU | Parent : 872(svchost.exe) | 19.3 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe [21/11/2010 04:24:15] 5608 | [Owner : Système | Parent : 700(services.exe) | 38.91 Mo] - (.AVAST Software - Avast Behavior Shield.) - (19.1.4.1587) = C:\Program Files\AVAST Software\Avast\aswidsagent.exe [07/01/2019 09:00:55] 6664 | [Owner : Système | Parent : 700(services.exe) | 19.64 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.24275) = C:\Windows\System32\SearchIndexer.exe [16/11/2018 15:28:33] 7116 | [Owner : Système | Parent : 872(svchost.exe) | 5.86 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) = C:\Windows\System32\wbem\unsecapp.exe [14/07/2009 00:47:12] 4976 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 10.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] 1948 | [Owner : SERVICE LOCAL | Parent : 700(services.exe) | 5.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] 6848 | [Owner : SERVICE RÉSEAU | Parent : 700(services.exe) | 6.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] 5884 | [Owner : Système | Parent : 700(services.exe) | 5.62 Mo] - (.Intel Corporation - Local Manageability Service.) - (7.0.0.1135) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [20/02/2013 14:42:41] 6524 | [Owner : SERVICE RÉSEAU | Parent : 700(services.exe) | 11.02 Mo] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe [21/11/2010 04:25:05] 8116 | [Owner : Debjam | Parent : 2120(chrome.exe) | 39.18 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28/07/2015 20:09:03] 6504 | [Owner : Debjam | Parent : 2120(chrome.exe) | 38.91 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28/07/2015 20:09:03] 8068 | [Owner : Debjam | Parent : 2120(chrome.exe) | 34.22 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28/07/2015 20:09:03] 5044 | [Owner : Debjam | Parent : 2120(chrome.exe) | 51.97 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28/07/2015 20:09:03] 6812 | [Owner : Système | Parent : 700(services.exe) | 8.1 Mo] - (.Intel Corporation - User Notification Service.) - (7.0.0.1135) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [20/02/2013 14:42:42] 7520 | [Owner : Debjam | Parent : 2120(chrome.exe) | 51.6 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28/07/2015 20:09:03] 7612 | [Owner : Debjam | Parent : 2120(chrome.exe) | 35.73 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28/07/2015 20:09:03] 7036 | [Owner : Debjam | Parent : 2120(chrome.exe) | 47.47 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28/07/2015 20:09:03] 7444 | [Owner : Debjam | Parent : 2120(chrome.exe) | 44.04 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28/07/2015 20:09:03] 7016 | [Owner : Debjam | Parent : 2120(chrome.exe) | 115.32 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28/07/2015 20:09:03] 5908 | [Owner : Debjam | Parent : 2120(chrome.exe) | 65.21 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28/07/2015 20:09:03] 5464 | [Owner : Système | Parent : 6664(SearchIndexer.exe) | 9.5 Mo] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7601.24275) = C:\Windows\System32\SearchProtocolHost.exe [16/11/2018 15:28:32] 6984 | [Owner : Système | Parent : 6664(SearchIndexer.exe) | 7.78 Mo] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.7601.24275) = C:\Windows\System32\SearchFilterHost.exe [16/11/2018 15:28:20] 4964 | [Owner : Debjam | Parent : 2120(chrome.exe) | 23.32 Mo] - (.Google Inc. - Google Chrome.) - (71.0.3578.98) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28/07/2015 20:09:03] 4252 | [Owner : Debjam | Parent : 2120(chrome.exe) | 38.56 Mo] - (.SosVirus - QuickDiag.) - (31.8.18.1) = C:\Users\Debjam\Pictures\QuickDiag.exe [03/02/2019 19:53:23] 6200 | [Owner : Système | Parent : 872(svchost.exe) | 7.46 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe [21/11/2010 04:24:15] 3600 | [Owner : SERVICE RÉSEAU | Parent : 872(svchost.exe) | 7.91 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [21/11/2010 04:24:27] 7960 | [Owner : SERVICE RÉSEAU | Parent : 700(services.exe) | 9.21 Mo] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe [21/11/2010 04:23:56] ---------- | Locked Applications ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (.NVIDIA Corporation.-.NVIDIA shim initialization dll, Version 355.60.) - (10.18.13.5560) -- C:\Windows\system32\nvinitx.dll (.AVAST Software.-.Avast Shell Extension.) - (19.1.4142.0) -- C:\Program Files\AVAST Software\Avast\ashShell.dll (.Intel Corporation.-.igfxres Module.) - (8.15.10.2361) -- C:\Windows\system32\igfxrFRA.lrc (.AVAST Software.-.Avast AAVM Remote Procedure Call Library.) - (19.1.4142.0) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll (.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 355.60.) - (10.18.13.5560) -- C:\Windows\system32\nvapi64.dll (.NVIDIA Corporation.-.NVIDIA French language resource library.) - (8.17.13.5560) -- C:\Windows\system32\Nv3DAppShExtR.dll ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) ---------- | svchost.exe Modules (Microsoft Files Whitelisted) (.Apple Inc..-.Bonjour Namespace Provider.) - (3.0.0.10) -- C:\Program Files\Bonjour\mdnsNSP.dll (.NVIDIA Corporation.-.NVIDIA shim initialization dll, Version 355.60.) - (10.18.13.5560) -- C:\Windows\system32\nvinitx.dll (.Hewlett-Packard.-.Hewlett-Packard WIA 2.0 scanner driver.) - (30.0.411.0) -- C:\Windows\system32\HPWia2_EN4500.dll (.Hewlett-Packard Co..-.HPScanTRDrv Module.) - (30.0.1044.40289) -- C:\Windows\system32\HPScanTRDrv_EN4500.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU HP ENVY 4500 series (NET) - ("C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN53722311060D:NW" -scfn "HP ENVY 4500 series (NET)" -AutoStart 1 [HKU\S-1-5-21-334556959-3654049488-902140452-1000\SOFTWARE\...\Run]) - User: Debjam-PC\Debjam Chromium - ("c:\users\debjam\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session [HKU\S-1-5-21-334556959-3654049488-902140452-1000\SOFTWARE\...\Run]) - User: Debjam-PC\Debjam GoogleChromeAutoLaunch_43C1391B7A0C619D77D2A1160E5DC621 - ("C:\Users\Debjam\AppData\Local\Chromium\Application\chrome.exe" --no-startup-window /prefetch:5 [HKU\S-1-5-21-334556959-3654049488-902140452-1000\SOFTWARE\...\Run]) - User: Debjam-PC\Debjam IgfxTray - (C:\Windows\system32\igfxtray.exe [HKLM\SOFTWARE\...\Run]) - User: Public HotKeysCmds - (C:\Windows\system32\hkcmd.exe [HKLM\SOFTWARE\...\Run]) - User: Public Persistence - (C:\Windows\system32\igfxpers.exe [HKLM\SOFTWARE\...\Run]) - User: Public NvBackend - ("C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [HKLM\SOFTWARE\...\Run]) - User: Public ShadowPlay - (C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [HKLM\SOFTWARE\...\Run]) - User: Public AvastUI.exe - ("C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Microsoft\Windows\CurrentVersion\Run] "HP ENVY 4500 series (NET)"="C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN53722311060D:NW" -scfn "HP ENVY 4500 series (NET)" -AutoStart 1 "Chromium"="c:\users\debjam\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session "GoogleChromeAutoLaunch_43C1391B7A0C619D77D2A1160E5DC621"="C:\Users\Debjam\AppData\Local\Chromium\Application\chrome.exe" --no-startup-window /prefetch:5 [HKU\S-1-5-21-334556959-3654049488-902140452-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=ApowerPDF Printer,winspool,Ne06: "UserSelectedDefault"=1 [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\Windows\system32\igfxtray.exe [20/02/2013 14:46:50] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [20/02/2013 14:46:50] "Persistence"=C:\Windows\system32\igfxpers.exe [20/02/2013 14:46:50] "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"=C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "IconServiceLib"=IconCodecService.dll "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "GDIProcessHandleQuota"=10000 "ShutdownWarningDialogTimeout"=4294967295 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 ""=mnmsrvc "DeviceNotSelectedTimeout"=15 "Spooler"=yes "TransmissionRetryTimeout"=90 "LoadAppInit_DLLs"=1 "AppInit_DLLs"=C:\Windows\system32\nvinitx.dll [20/02/2013 14:47:33] [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [20/02/2013 14:46:43] "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [30/05/2013 13:50:10] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] "IconServiceLib"=IconCodecService.dll "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "GDIProcessHandleQuota"=10000 "ShutdownWarningDialogTimeout"=4294967295 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 ""=mnmsrvc "DeviceNotSelectedTimeout"=15 "Spooler"=yes "TransmissionRetryTimeout"=90 "LoadAppInit_DLLs"=1 "AppInit_DLLs"=C:\Windows\SysWOW64\nvinit.dll [20/02/2013 14:47:33] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List Adobe Acrobat Update Task Avast Emergency Update GoogleUpdateTaskMachineCore GoogleUpdateTaskMachineUA Hotspot Shield VPN0 HPCustParticipation HP ENVY 4500 series ---------- | Startings up registry ? Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "PreshutdownOrder"=wuauserv gpsvc trustedinstaller "WaitToKillServiceTimeout"=200 "CurrentUser"=USERNAME "BootDriverFlags"=0 "ServiceControlManagerExtension"=%systemroot%\system32\scext.dll "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) [HKLM\System\CurrentControlSet\Control\lsa] "auditbaseobjects"=0 "auditbasedirectories"=0 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "Bounds"=0x0030000000200000 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=scecli "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u "Authentication Packages"=msv1_0 "LsaPid"=760 "SecureBoot"=1 "ProductType"=3 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "CriticalSectionTimeout"=2592000 "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "ProcessorControl"=2 "ResourceTimeoutCount"=648000 "BootExecute"=autocheck autochk * "ExcludeFromKnownDlls"= "ObjectDirectories"=\Windows \RPC Control "ProtectionMode"=1 "NumberOfInitialSessions"=2 "SetupExecute"= "PendingFileRenameOperations"=\??\C:\Config.Msi\15a057.rbf \??\C:\Config.Msi\15a080.rbf \??\C:\Users\Debjam\AppData\Local\Temp\_iu14D2N.tmp [HKLM\System\CurrentControlSet\Control\Terminal Server] "RCDependentServices"=CertPropSvc SessionEnv "NotificationTimeOut"=0 "SnapshotMonitors"=1 "ProductVersion"=5.1 "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "fDenyTSConnections"=1 "StartRCM"=0 "TSAdvertise"=0 "DeleteTempDirsOnExit"=1 "fSingleSessionPerUser"=1 "PerSessionTempDir"=0 "TSUserEnabled"=0 "InstanceID"=532f5396-0583-42e7-bc2f-5a3eb87 "fCredentialLessLogonSupported"=1 "fCredentialLessLogonSupportedTSS"=1 "fCredentialLessLogonSupportedKMRDP"=1 ---------- | .LNK with Arguments ---------- | AppCertDlls ---------- | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Control Panel\Desktop] "ScreenSaveActive"=1 "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "UserPreferencesMask"=0x9E3E078012000000 "Wallpaper"=C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg [20/02/2013 13:40:07] "WaitToKillAppTimeout"=200 "HungAppTimeout"=200 [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003028000000000000000000000000000001000000120000000000000022000000 "CleanShutdown"=0 "Browse For Folder Width"=347 "Browse For Folder Height"=288 "link"=0x1E000000 [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=2 "ShowCompColor"=1 "HideFileExt"=1 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "SuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=4 "TaskbarSizeMove"=1 ""=0 [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery] "MRUListEx"=0x00000000FFFFFFFF "0"=0x7A0065006E000000 [HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=16 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=97 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin "BuildNumber"=7601 "FirstLogon"=0 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Userinit"=C:\Windows\System32\Userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "ShutdownWithoutLogon"=0 "WinStationsDisabled"=0 "DisableCAD"=1 "scremoveoption"=0 "ShutdownFlags"=7 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "DefaultDomainName"= "DefaultUserName"= "Userinit"=userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "allocatecdroms"=0 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] "PerceivedType"=text ""=htafile "Content Type"=application/hta [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" %* [HKLM\Software\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\system32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] "PerceivedType"=text ""=htafile "Content Type"=application/hta [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\system32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\WOW6432Node\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Chromium.7M52L57VABUEO6VZXNRCY7TVH4\Shell\open\Command] ""="C:\Users\Debjam\AppData\Local\Chromium\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Chromium.7M52L57VABUEO6VZXNRCY7TVH4\InstallInfo] "ReinstallCommand"="C:\Users\Debjam\AppData\Local\Chromium\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [09/01/2019 15:56:19] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Chromium.7M52L57VABUEO6VZXNRCY7TVH4\Shell\open\Command] ""="C:\Users\Debjam\AppData\Local\Chromium\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Chromium.7M52L57VABUEO6VZXNRCY7TVH4\InstallInfo] "ReinstallCommand"="C:\Users\Debjam\AppData\Local\Chromium\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [09/01/2019 15:56:19] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-334556959-3654049488-902140452-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "SIGN.MEDIA=A4C09 autoRcd.exe"=1 "D:\Driver\R292450\setup.exe"=1 "C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe"=33 "C:\Program Files (x86)\Realtek\NICDRV_8169\RTINSTALLER64.EXE"=1 "D:\Driver\R292473\Setup.exe"=1 "C:\Users\Debjam\Downloads\McAfeeSetup.exe"=1 "C:\Users\Debjam\Downloads\SkypeSetupFull.exe"=1 "C:\Users\Debjam\Downloads\PokerStarsInstallFR.exe"=1 "C:\Users\Debjam\Downloads\01net_Capturino.exe"=1 "C:\Users\Debjam\Downloads\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_fr.exe"=1 "C:\Users\Debjam\Downloads\avira_free_antivirus.exe"=1 "C:\Users\Debjam\Downloads\install_reader11_fr_mssa_aaa_aih.exe"=1 "C:\Users\Debjam\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_enUS.exe"=1 "C:\Users\Debjam\Downloads\openoffice setup.exe"=1 "C:\Users\Debjam\Downloads\the-gimp_2-8-10_fr_10178.exe"=1 "C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe"=1 "C:\Users\Debjam\Downloads\cdbxp_setup_4.5.3.4746.exe"=1 "C:\Users\Debjam\Downloads\GoogleEarthPluginSetup.exe"=1 "C:\Users\Debjam\Downloads\AdobeAIRInstaller.exe"=1 "SIGN.MEDIA=5F6D5440 Setup.exe"=1 "C:\Users\Debjam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WNYDA8FO\GeForce_Experience_v2.5.14.5.exe"=1 "C:\Users\Debjam\AppData\Local\Temp\HpUpdate\27429\FWUpdateEDO2_2136_40758_NW_VR2.exe"=1 "C:\Users\Debjam\AppData\Local\Temp\HpUpdate\28039\434179_DiagnosticAlert_000_000_019_000.exe"=1 "C:\Users\Debjam\AppData\Local\Temp\7zS6337.tmp\setup.exe"=1 "C:\Users\Debjam\AppData\Local\Temp\AIRBCA7.tmp\Adobe AIR Installer.exe"=1 "C:\Users\Debjam\Downloads\apowerpdf.exe"=1 "C:\Users\Debjam\Downloads\vlc-3.0.6-win32.exe"=1 "C:\Users\Debjam\Downloads\TunnelBear-Installer.exe"=1 "C:\Users\Debjam\Downloads\vlc-3.0.6-win64.exe"=1 "C:\Users\Debjam\Downloads\CherryPlayer-2.4.1-setup.exe"=1 "C:\Users\Debjam\Downloads\CherryPlayer-2.5.2-setup.exe"=1 "C:\Users\Debjam\Downloads\CherryPlayer-2.5.2-setup (1).exe"=1 "C:\Users\Debjam\Downloads\cherryplayer_1010686305.exe"=1 "C:\Users\Debjam\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.527-1.0.9082.exe"=1 ---------- | IFEO ---------- | Mountpoints2 [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{66abaa98-03a9-11e6-bcb7-4c809346254d}] : E:\autorun.exe (AutoRun) [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{8ef6bb0b-c204-11e2-8801-4c809346254d}] : E:\iStudio.exe (AutoRun) [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{c1e7c047-7b5a-11e2-8da6-806e6f6e6963}] : D:\autoRcd.exe (AutoRun) [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{cc1d2fef-0ea9-11e6-92d6-4c809346254d}] : E:\autorun.exe (AutoRun) ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=128920218544262440 "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=0 "ProductStatus"=0 "InstallTime"=0x27494EEE670FCE01 [HKLM\Software\WOW6432Node\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] ---------- | Winsock (Whitelist) ---------- | Hosts [39] More lines ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [172.217.18.206] avec 32 octets de donn?es?: R?ponse de 172.217.18.206?: octets=32 temps=33 ms TTL=55 R?ponse de 172.217.18.206?: octets=32 temps=47 ms TTL=55 R?ponse de 172.217.18.206?: octets=32 temps=41 ms TTL=55 R?ponse de 172.217.18.206?: octets=32 temps=45 ms TTL=55 Statistiques Ping pour 172.217.18.206: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 33ms, Maximum = 47ms, Moyenne = 41ms ---------- | @ [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\Windows\system32\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "XMLHTTP"=1 "NoUpdateCheck"=1 "UseClearType"=no "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE12&ocid=UE12DHP "Default_Page_URL"=www.google.com "DisableFirstRunCustomize"=1 "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF540000001C000000740300004C020000 "Use FormSuggest"=no "DisableScriptDebuggerIE"=yes "Use Search Asst"=no "DownloadWindowPlacement"=0x2C0000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3B01000055000000BB03000035020000 "OperationalData"=5 "Isolation"=PMIL "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "ImageStoreRandomFolder"=l3o7b2v "Start Page_TIMESTAMP"=0xD1F9502B031BD201 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"= "Start Page Redirect Cache_TIMESTAMP"=0x6999F1C3E0BBD401 "SearchBandRestoreBarCount"=2 "SearchBandMigrationVersion"=1 "Start Page Redirect Cache"=http://www.msn.com/fr-fr/?pc=UE12&ocid=UE12DHP "Start Page Redirect Cache AcceptLangs"=fr-FR [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "WarnOnPost"=0x01000000 "UrlEncoding"=0 "SecureProtocols"=2720 "PrivacyAdvanced"=0 "ZonesSecurityUpgrade"=0xE91E88C615EBCE01 "DisableCachingOfSSLPages"=0 "WarnonZoneCrossing"=0 "CertificateRevocation"=0 "EnableNegotiate"=1 "MigrateProxy"=1 "GlobalUserOffline"=0 "ProxyEnable"=0 [HKLM\Software\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://www.aartemis.com/web/?type=ds&ts=1385482422&from=s32&uid=TOSHIBAXMK5076GSX_23ALCWGPTXX23ALCWGPT&q={searchTerms} "Default_Page_URL"=www.google.com "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=www.google.com "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://www.aartemis.com/web/?type=ds&ts=1385482422&from=s32&uid=TOSHIBAXMK5076GSX_23ALCWGPTXX23ALCWGPT&q={searchTerms} "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Check_Associations"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://www.aartemis.com/web/?type=ds&ts=1385482422&from=s32&uid=TOSHIBAXMK5076GSX_23ALCWGPTXX23ALCWGPT&q={searchTerms} "Default_Page_URL"=www.google.com "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=www.google.com "Local Page"=C:\Windows\SysWOW64\blank.htm "Search Page"=http://www.aartemis.com/web/?type=ds&ts=1385482422&from=s32&uid=TOSHIBAXMK5076GSX_23ALCWGPTXX23ALCWGPT&q={searchTerms} "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Enable Browser Extensions"=yes "Use Search Asst"=no "Check_Associations"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] : igfxdev.dll ---------- | Execution FileExts ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw] - {472083B0-C522-11CF-8763-00608CC02F24} -- C:\Program Files\AVAST Software\Avast\ashShell.dll [07/01/2019 09:00:59] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- %SystemRoot%\system32\EhStorShell.dll [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} -- %SystemRoot%\system32\ntshrui.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- %SystemRoot%\system32\EhStorShell.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} -- %SystemRoot%\system32\ntshrui.dll [HKU\S-1-5-21-334556959-3654049488-902140452-1000\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-334556959-3654049488-902140452-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKU\S-1-5-21-334556959-3654049488-902140452-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "ITBar7Layout64"=0x13000000000000000000000020000000100001002D00000001000000000700005E01000006000000010300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000048BEBB0ED4BA4C4B8E5A516ABECAE0640000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ITBar7Height64"=22 "ITBar7Layout"=0x13000000000000000000000020000000100003003400000001000000000700005E01000006000000010300000000000007000000010100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000048BEBB0ED4BA4C4B8E5A516ABECAE0643AB931F50BB5F14F8288404C881AC4DA00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ITBar7Height"=0 [HKU\S-1-5-21-334556959-3654049488-902140452-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} "DownloadRetries"=0 "Version"=4 "UpgradeTime"=0x68E86E5C68C9D001 "KnownProvidersUpgradeTime"=0x4D6A84395726CF01 "ShowSearchSuggestionsInAddressGlobal"=1 "DefaultPackCorrection"=1 "DefaultPackNTCorrection"=1 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{22CC3EBD-C286-43aa-B8E6-06B115F74162}] : (HP Smart Print) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{22CC3EBD-C286-43aa-B8E6-06B115F74162}] : (HP Smart Print) - [] ---------- | SearchScopes [HKU\S-1-5-21-334556959-3654049488-902140452-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE14 : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : ---------- | Browser Helper Objects ---------- | Chrome C:\Users\Debjam\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Debjam\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\Debjam\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\Debjam\AppData\Local\Google\Chrome\User Data\Default\extensions\cfhdojbkjhnklbpkdaibdccddilifddb = : __MSG_description__ - short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstorageunlimitedStoragenotifications] - https://clients2.google.com/service/update2/crx C:\Users\Debjam\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf = : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx C:\Users\Debjam\AppData\Local\Google\Chrome\User Data\Default\extensions\efaidnbmnnnibpcajpcglclefindmkaj = : __MSG_web2pdfExtnDescription__ - __MSG_web2pdfExtnName__ - https://clients2.google.com/service/update2/crx C:\Users\Debjam\AppData\Local\Google\Chrome\User Data\Default\extensions\emnoomldgleagdjapdeckpmebokijail = : Wanteeed permet d'appliquer automatiquement les meilleures réductions sur internet pour des centaines de sites marchands - wanteeed - https://clients2.google.com/service/update2/crx C:\Users\Debjam\AppData\Local\Google\Chrome\User Data\Default\extensions\eofcbnmajmjmplflapaojjnihcjkigck = : __MSG_avastAppDesc__ - __MSG_avastAppShortName__ - https://clients2.google.com/service/update2/crx C:\Users\Debjam\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Debjam\AppData\Local\Google\Chrome\User Data\Default\extensions\gighmmpiobklfepjocnamgkkbiglidom = : __MSG_description__ - short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstorageunlimitedStoragenotificationsidlealarms] - https://clients2.google.com/service/update2/crx C:\Users\Debjam\AppData\Local\Google\Chrome\User Data\Default\extensions\gomekmidlodglbbmalcneegieacbdmki = : Avast Browser Security and Web Reputation Plugin. - Avast Online Security - matches:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\Debjam\AppData\Local\Google\Chrome\User Data\Default\extensions\kmhkepipobnjllejbafajoemahjejdcm = : __MSG_extension_description__ - __MSG_extension_name__ - https://clients2.google.com/service/update2/crx C:\Users\Debjam\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Debjam\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx C:\Users\Debjam\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki] ---------- | Opera ---------- | Firefox [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\MozillaPlugins\@stonetrip.com/ShiVaWebPlayer,version=1.8.1.0] - (ShiVa3D Plugin 1,8,1,0 for 3D real-time applications made with ShiVa Editor.) : C:\Users\Debjam\AppData\Roaming\..\LocalLow\StoneTrip\WebPlayer1.8.1\npShiVa3D_1.8.1.dll [HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.6] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin] - (Google Earth in your browser) : C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVision] - (NVIDIA stereo images plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] - (NVIDIA 3D Vision Streaming plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll C:\Users\Debjam\AppData\Roaming\Mozilla\Firefox\Profiles\10fokxwu.default\Prefs.js user_pref("browser.startup.homepage_override.buildID", "20190108160530"); user_pref("browser.startup.homepage_override.mstone", "64.0.2"); user_pref("extensions.blocklist.lastModified", "Mon, 28 Jan 2019 18:12:57 GMT"); user_pref("extensions.blocklist.pingCountTotal", 3); user_pref("extensions.blocklist.pingCountVersion", -1); user_pref("extensions.databaseSchema", 27); user_pref("extensions.e10s.rollout.blocklist", ""); user_pref("extensions.e10s.rollout.hasAddon", false); user_pref("extensions.e10s.rollout.policy", "50allmpc"); user_pref("extensions.e10sBlockedByAddons", false); user_pref("extensions.e10sMultiBlockedByAddons", false); user_pref("extensions.getAddons.cache.lastUpdate", 1548863345); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.hotfix.lastVersion", "20170302.01"); user_pref("extensions.lastAppBuildId", "20181001155545"); user_pref("extensions.lastAppVersion", "64.0.2"); user_pref("extensions.lastPlatformVersion", "64.0.2"); user_pref("extensions.pendingOperations", false); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}"); user_pref("extensions.webcompat.perform_injections", true); user_pref("extensions.webcompat.perform_ua_overrides", true); user_pref("extensions.webextensions.uuids", "{\"wrc@avast.com\":\"840fc106-a730-45a0-abe0-100085220135\",\"sp@avast.com\":\"a6f38c85-92e8-41ea-9b8e-5eb6c5e505f2\",\"screenshots@mozilla.org\":\"b436e541-1297-4731-86e3-5a8714356be6\",\"webcompat@mozilla.org\":\"5591bf72-9b09-45f7-b875-ad6ccbc1dcba\",\"formautofill@mozilla.org\":\"ee6c4048-8097-4d39-8655-00656e10cb43\",\"webcompat-reporter@mozilla.org\":\"98c2060f-d514-4903-a0ed-38b58aa3ec71\"}"); [Profile0] - Name=default -> Profiles/10fokxwu.default ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.254 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{69E1C3F3-2B03-4E37-B2DF-584AADC28D71}] "DhcpNameServer"=192.168.1.254 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{78EFEA9F-09EF-401A-8E3F-BBFE4494CE93}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{DDE0EDB5-D24F-4FD8-BC4F-B73E88BE3A0F}] "NameServer"=10.0.4.0 10.0.4.1 10.4.0.1 172.17.1.1 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{69E1C3F3-2B03-4E37-B2DF-584AADC28D71}] "DhcpNameServer"=192.168.1.254 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{78EFEA9F-09EF-401A-8E3F-BBFE4494CE93}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{DDE0EDB5-D24F-4FD8-BC4F-B73E88BE3A0F}] "NameServer"=10.0.4.0 10.0.4.1 10.4.0.1 172.17.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{69E1C3F3-2B03-4E37-B2DF-584AADC28D71}] "DhcpNameServer"=192.168.1.254 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{78EFEA9F-09EF-401A-8E3F-BBFE4494CE93}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{DDE0EDB5-D24F-4FD8-BC4F-B73E88BE3A0F}] "NameServer"=10.0.4.0 10.0.4.1 10.4.0.1 172.17.1.1 ---------- | Applications [HKU\S-1-5-21-334556959-3654049488-902140452-1000\SOFTWARE\Classes\Applications\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_fr.exe] : "C:\Users\Debjam\Downloads\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_fr.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "regsvc"=RemoteRegistry "DcomLaunch"=Power PlugPlay DcomLaunch "secsvcs"=WinDefend "bthsvcs"=bthserv [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power PlugPlay DcomLaunch ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\43628InstEnd] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Adobe] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\ApowerPDF] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Apowersoft] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\AppDataLow] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Apple Computer, Inc.] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Apple Inc.] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Avast Software] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Browser Cleanup] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Canneverbe Limited] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\CeWe Color] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Chromium] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Citrix] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Clients] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Conduit] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\csastats] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Dell Computer Corporation] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\g3n-h@ckm@n] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Google] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Hewlett-Packard] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\HP] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\IM Providers] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Intel] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Malwarebytes] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\MCAFEE] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Microsoft] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Mozilla] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\MozillaPlugins] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Netscape] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\NVIDIA Corporation] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\OpenOffice] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\PDF Labs] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Policies] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\PTECH] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\QtProject] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\RegisteredApplications] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Skype] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\sysinternals] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Trolltech] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\TunnelBear] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\undefined] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Unibet.fr] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Valve] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\VB and VBA Program Settings] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Visan] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Wajam] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Wow6432Node] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\SOFTWARE\AppDataLow\Software\Smartbar] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\SOFTWARE\AppDataLow\Software\Stonetrip] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\AGEIA Technologies] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\ATI Technologies] [HKLM\Software\AVAST Software] [HKLM\Software\CBSTEST] [HKLM\Software\Clients] [HKLM\Software\Dell Computer Corporation] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\GEAR Software] [HKLM\Software\Google] [HKLM\Software\Hewlett-Packard] [HKLM\Software\HP] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\McAfee] [HKLM\Software\McAfee.com] [HKLM\Software\mcafeeupdater] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\mozilla.org] [HKLM\Software\MozillaPlugins] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\RegisteredApplications] [HKLM\Software\RTLSetup] [HKLM\Software\SAMSUNG] [HKLM\Software\SiteAdvisor] [HKLM\Software\Sonic] [HKLM\Software\sysinternals] [HKLM\Software\VideoLAN] [HKLM\Software\Wow6432Node] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\AVAST Software] [HKLM\Software\WOW6432Node\Canneverbe Limited] [HKLM\Software\WOW6432Node\Citrix] [HKLM\Software\WOW6432Node\Conduit] [HKLM\Software\WOW6432Node\Dell Computer Corporation] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Hewlett-Packard] [HKLM\Software\WOW6432Node\HPS] [HKLM\Software\WOW6432Node\InstallShield] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\McAfee.com] [HKLM\Software\WOW6432Node\mcafeeupdater] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OpenOffice] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\RocketLife] [HKLM\Software\WOW6432Node\Skype] [HKLM\Software\WOW6432Node\sports interactive ltd] [HKLM\Software\WOW6432Node\TunnelBear] [HKLM\Software\WOW6432Node\Uniblue] [HKLM\Software\WOW6432Node\Valve] [HKLM\Software\WOW6432Node\Visan] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ---------- | Drives ---------- | C: [14/07/2009 04:18:56] - |SHD| - [21900691] - C:\$Recycle.Bin [09/08/2015 13:24:13] - |HD| - [147231848] - C:\$Windows.~BT [26/11/2013 17:24:37] - |SHD| - [5523582] - C:\Config.Msi [20/02/2013 14:44:35] - |D| - [133070701] - C:\dell [14/07/2009 06:08:56] - |SHD| - [0] - C:\Documents and Settings [20/02/2013 13:40:06] - |D| - [281775] - C:\Drivers [MD5.D41D8CD98F00B204E9800998ECF8427E] - [07/03/2013 17:08:08] - |A| - (.-.) - [0] - (0.0.0.0) - C:\end [MD5.E7832D67AD190A920970CB5ADFC6D5D1] - [02/11/2015 11:28:48] - |A| - (.-.) - [383] - (0.0.0.0) - C:\ftconfig.ini [MD5.D41D8CD98F00B204E9800998ECF8427E] - [20/02/2013 13:40:57] - |ASH| - (.-.) - [4757950464] - (0.0.0.0) - C:\hiberfil.sys [20/02/2013 13:40:06] - |D| - [6988502] - C:\Hotfix [20/02/2013 14:41:39] - |D| - [640108] - C:\Intel [MD5.D41D8CD98F00B204E9800998ECF8427E] - [20/02/2013 13:40:59] - |ASH| - (.-.) - [6343933952] - (0.0.0.0) - C:\pagefile.sys [14/07/2009 04:20:08] - |D| - [0] - C:\PerfLogs [01/08/2014 19:17:37] - |D| - [0] - C:\Poker [14/07/2009 04:20:08] - |RD| - [3400313556] - C:\Program Files [14/07/2009 04:20:08] - |RD| - [2234635041] - C:\Program Files (x86) [14/07/2009 04:20:08] - |HD| - [1852289754] - C:\ProgramData [03/02/2019 18:21:32] - |D| - [68686] - C:\QuickDiag [MD5.1835FE9B66276530F1FF31F274D75F40] - [03/02/2019 18:31:57] - |A| - (.-.) - [115876] - (0.0.0.0) - C:\QuickDiag.txt [20/02/2013 13:50:38] - |SHD| - [196205383] - C:\Recovery [20/02/2013 13:40:57] - |SHD| - [0] - C:\System Volume Information [14/07/2009 04:20:08] - |RD| - [42863796943] - C:\Users [14/07/2009 04:20:08] - |D| - [46734139056] - C:\Windows ---------- | C:\Windows [14/07/2009 06:32:38] - |D| - [802] - C:\Windows\addins [14/07/2009 04:20:08] - |D| - [26798121] - C:\Windows\AppCompat [14/07/2009 04:20:08] - |D| - [10991246] - C:\Windows\AppPatch [14/07/2009 04:20:08] - |RSD| - [2398414484] - C:\Windows\assembly [MD5.317CD1CE327B6520BF4EE007BCD39E61] - [21/11/2010 04:24:22] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [71168] - (6.1.7601.17514) - C:\Windows\bfsvc.exe [14/07/2009 04:20:09] - |D| - [29189358] - C:\Windows\Boot [MD5.267E34717E46C3BBF4E2BC6948FD2551] - [14/07/2009 06:38:36] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [14/07/2009 04:20:09] - |D| - [3233280] - C:\Windows\Branding [MD5.16D25267ED172C00DA9903FF0473FD30] - [20/02/2013 13:40:06] - |RA| - (.-.) - [13] - (0.0.0.0) - C:\Windows\csup.txt [14/07/2009 04:20:09] - |D| - [2113488] - C:\Windows\Cursors [14/07/2009 05:45:54] - |D| - [1512842] - C:\Windows\debug [14/07/2009 06:32:38] - |D| - [3044378] - C:\Windows\diagnostics [14/07/2009 06:37:46] - |D| - [0] - C:\Windows\DigitalLocker [MD5.944099E58124E66FC40797F14DB0DF22] - [21/11/2013 02:00:13] - |A| - (.-.) - [10047] - (0.0.0.0) - C:\Windows\DirectX.log [14/07/2009 06:32:38] - |D| - [65] - C:\Windows\Downloaded Program Files [MD5.8DB064D089169F6E22116D0BD13D1674] - [14/07/2009 05:46:06] - |A| - (.-.) - [2790] - (0.0.0.0) - C:\Windows\DtcInstall.log [21/11/2010 07:29:32] - |D| - [118084593] - C:\Windows\ehome [14/07/2009 06:37:46] - |D| - [0] - C:\Windows\en-US [MD5.38AE1B3C38FAEF56FE4907922F0385BA] - [12/10/2016 19:48:29] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3229696] - (6.1.7601.23537) - C:\Windows\explorer.exe [14/07/2009 04:20:09] - |RSD| - [369790447] - C:\Windows\Fonts [21/11/2010 07:19:00] - |D| - [142336] - C:\Windows\fr-FR [MD5.92BB2E9AA28542C685C59EFCBAC2490B] - [14/07/2009 00:22:13] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de chiffrement de lecteur BitLocker.) - [15360] - (6.1.7600.16385) - C:\Windows\fveupdate.exe [14/07/2009 04:20:09] - |D| - [21741460] - C:\Windows\Globalization [14/07/2009 04:20:09] - |D| - [107050352] - C:\Windows\Help [MD5.A66E522F3CBFB8709EA37844922A002E] - [14/06/2017 10:19:14] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [733696] - (6.1.7601.23834) - C:\Windows\HelpPane.exe [MD5.12589371C087A76B6E8E152939E59E98] - [08/05/2018 19:25:55] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [16896] - (6.1.7601.24134) - C:\Windows\hh.exe [MD5.1AEB4967A760D6EC21A3270F1B004AC1] - [21/11/2010 07:30:23] - |A| - (.-.) - [48265] - (0.0.0.0) - C:\Windows\HomePremium.xml [MD5.9D7D8C0F550C4A9F3F0D41529685A552] - [05/11/2013 10:26:25] - |A| - (.-.) - [10471] - (0.0.0.0) - C:\Windows\IE10_main.log [MD5.4D445FC814E0851B3BE6D4F6E1FE4758] - [27/11/2013 03:00:43] - |A| - (.-.) - [10277] - (0.0.0.0) - C:\Windows\IE11_main.log [MD5.ADDE84A599B10E0BA24CA734D974E2CD] - [22/02/2013 01:13:09] - |A| - (.-.) - [4135] - (0.0.0.0) - C:\Windows\IE9_main.log [14/07/2009 04:20:09] - |D| - [143547244] - C:\Windows\IME [14/07/2009 04:20:10] - |D| - [152724672] - C:\Windows\inf [20/02/2013 14:05:23] - |SHD| - [2378273210] - C:\Windows\Installer [MD5.E1C2E2B63FB1602CA97DA60110176043] - [03/02/2019 16:55:46] - |A| - (.-.) - [1568] - (0.0.0.0) - C:\Windows\KB893803v2.log [14/07/2009 04:20:10] - |D| - [48371] - C:\Windows\L2Schemas [14/07/2009 04:20:10] - |D| - [495510] - C:\Windows\LiveKernelReports [14/07/2009 04:20:10] - |D| - [76908636] - C:\Windows\Logs [14/07/2009 04:20:10] - |RSD| - [13327133] - C:\Windows\Media [MD5.D340259576038BE6CAB24F1436B39DF9] - [09/06/2015 06:27:26] - |A| - (.-.) - [621452619] - (0.0.0.0) - C:\Windows\MEMORY.DMP [MD5.23AF90D2355D8C83AA4567EF1763B467] - [14/07/2009 01:10:29] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [14/07/2009 04:20:10] - |D| - [1039057259] - C:\Windows\Microsoft.NET [26/02/2014 11:01:11] - |D| - [4398] - C:\Windows\Migration [09/06/2015 06:27:35] - |D| - [786432] - C:\Windows\Minidump [14/07/2009 04:20:10] - |D| - [0] - C:\Windows\ModemLogs [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 03:35:42] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\Windows\msdfmap.ini [MD5.B32189BDFF6E577A92BAA61AD49264E6] - [12/08/2015 16:21:09] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [193536] - (6.1.7601.18917) - C:\Windows\notepad.exe [MD5.99A337EFEAB409E8C5DD275D7E466B0F] - [26/08/2015 20:21:41] - |A| - (.-.) - [261824] - (0.0.0.0) - C:\Windows\ntbtlog.txt [14/07/2009 06:32:38] - |D| - [65] - C:\Windows\Offline Web Pages [20/02/2013 13:40:39] - |D| - [2578432] - C:\Windows\Panther [14/07/2009 06:32:38] - |D| - [62706248] - C:\Windows\Performance [MD5.75FFE55DCC1123662B9957D23C535AFB] - [21/11/2010 04:47:07] - |A| - (.-.) - [415414] - (0.0.0.0) - C:\Windows\PFRO.log [14/07/2009 04:20:10] - |D| - [1124149] - C:\Windows\PLA [14/07/2009 04:20:10] - |D| - [2953035] - C:\Windows\PolicyDefinitions [20/02/2013 13:41:42] - |D| - [46687831] - C:\Windows\Prefetch [MD5.2E2C937846A0B8789E5E91739284D17A] - [14/07/2009 00:27:10] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [427008] - (6.1.7600.16385) - C:\Windows\regedit.exe [14/07/2009 04:20:10] - |D| - [22588] - C:\Windows\Registration [14/07/2009 04:20:10] - |D| - [6487649] - C:\Windows\rescache [14/07/2009 04:20:10] - |D| - [1674534] - C:\Windows\Resources [14/07/2009 04:20:10] - |D| - [0] - C:\Windows\SchCache [14/07/2009 04:20:10] - |D| - [58021] - C:\Windows\schemas [14/07/2009 04:20:10] - |D| - [7201278] - C:\Windows\security [14/07/2009 05:45:47] - |D| - [135377779] - C:\Windows\ServiceProfiles [14/07/2009 04:20:10] - |D| - [342889820] - C:\Windows\servicing [14/07/2009 05:45:50] - |D| - [4038] - C:\Windows\Setup [MD5.C479A0A262B4C6AD38382480944DDAC3] - [14/07/2009 05:51:00] - |A| - (.-.) - [104909] - (0.0.0.0) - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/07/2009 05:51:00] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log [20/02/2013 13:43:52] - |D| - [1358027980] - C:\Windows\SoftwareDistribution [14/07/2009 04:20:10] - |D| - [70579144] - C:\Windows\Speech [MD5.127AA81343A7C6F665C22CB1293B0A90] - [21/02/2013 16:25:14] - |A| - (.© Microsoft Corporation. - Print driver host for 32bit applications.) - [67072] - (6.1.7601.17777) - C:\Windows\splwow64.exe [MD5.9060C3C745E7B2D8E1A81DD061021546] - [14/07/2009 06:28:38] - |A| - (.-.) - [48201] - (0.0.0.0) - C:\Windows\Starter.xml [14/07/2009 04:20:10] - |D| - [0] - C:\Windows\system [MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 03:34:57] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [14/07/2009 04:20:10] - |D| - [4859259954] - C:\Windows\System32 [14/07/2009 04:20:14] - |D| - [1469764432] - C:\Windows\SysWOW64 [14/07/2009 04:20:14] - |D| - [15] - C:\Windows\TAPI [14/07/2009 04:20:14] - |D| - [32502] - C:\Windows\Tasks [14/07/2009 04:20:14] - |D| - [895167802] - C:\Windows\Temp [14/07/2009 04:20:14] - |D| - [0] - C:\Windows\tracing [MD5.5BBECD5D426D1D8CBD2E434BA0E3C5EA] - [20/02/2013 13:44:14] - |A| - (.-.) - [1355] - (0.0.0.0) - C:\Windows\TSSysprep.log [MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/06/2009 22:41:17] - |A| - (.- Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\Windows\twain.dll [14/07/2009 06:32:38] - |D| - [5105388] - C:\Windows\twain_32 [MD5.163A95975E1D8819E653AA3E961371CA] - [21/11/2010 04:25:10] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\Windows\twain_32.dll [MD5.F36A271706EDD23C94956AFB56981184] - [13/07/2009 23:47:26] - |A| - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\Windows\twunk_16.exe [MD5.0BD6E68F3EA0DD62CD86283D86895381] - [14/07/2009 01:14:40] - |A| - (.- Twain.dll Client's 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\Windows\twunk_32.exe [MD5.6DDEAC7F76CCAEF12BB645ECE83F3549] - [20/02/2013 13:40:07] - |RAH| - (.-.) - [28] - (0.0.0.0) - C:\Windows\version [14/07/2009 04:20:14] - |D| - [12420] - C:\Windows\Vss [14/07/2009 04:20:14] - |D| - [44155055] - C:\Windows\Web [MD5.162904DAA5412143F5403233E77F787E] - [14/07/2009 03:34:57] - |A| - (.-.) - [403] - (0.0.0.0) - C:\Windows\win.ini [MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [14/07/2009 05:54:24] - |RAH| - (.-.) - [749] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.906E50D8F913B5F40EAAAB28464D4E43] - [20/02/2013 13:43:51] - |A| - (.-.) - [1282244] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.1D420D66250BCAAAED05724FB34008CF] - [14/07/2009 01:12:29] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [9728] - (6.1.7600.16385) - C:\Windows\winhlp32.exe [14/07/2009 04:20:14] - |D| - [29895926279] - C:\Windows\winsxs [MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [10/06/2009 21:52:44] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.F8ED3B4B209E2CB49028E36CF06CA851] - [14/07/2009 00:56:28] - |A| - (.© Microsoft Corporation. - Windows Write.) - [10240] - (6.1.7600.16385) - C:\Windows\write.exe ---------- | C:\Windows\System32\GroupPolicy ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [20/12/2018 13:34:32] - C:\Windows\Installer\10861947.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/05/2007 16:28:12] - C:\Windows\Installer\12ac49.msi : (Dell Resource CD - Dell Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/06/2018 06:34:30] - C:\Windows\Installer\17cee0c4.msi : (Adobe AIR Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/02/2013 13:14:12] - C:\Windows\Installer\19577b0.msi : ([ProductName] Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/02/2013 13:15:38] - C:\Windows\Installer\19577ba.msi : (Apple Software Update Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/12/2013 00:12:11] - C:\Windows\Installer\21d6e.msi : (Skype - Skype Technologies S.A.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/10/2013 21:09:12] - C:\Windows\Installer\27420d0c.msi : (Google Earth - Google) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/03/2015 16:12:03] - C:\Windows\Installer\2fb770fe.msi : (Apple Application Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/03/2015 16:17:20] - C:\Windows\Installer\2fb7712d.msi : (Apple Application Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/03/2015 16:19:40] - C:\Windows\Installer\2fb7716e.msi : (Apple Mobile Device Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/09/2013 13:13:38] - C:\Windows\Installer\34b1eb60.msi : (OpenOffice 4.0.1 - OpenOffice) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/12/2010 03:02:12] - C:\Windows\Installer\369cef.msi : (USB 3.0 Host Controller Driver - Renesas Electronics Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/07/2011 02:51:04] - C:\Windows\Installer\369cf9.msi : (TI USB3 Host Controller Driver - Texas Instruments Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/09/2018 13:04:09] - C:\Windows\Installer\42ff121.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/01/2019 21:07:36] - C:\Windows\Installer\4bb599b.msi : (TunnelBear - TunnelBear) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/03/2015 09:41:29] - C:\Windows\Installer\613352d5.msi : ( - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/11/2014 19:59:27] - C:\Windows\Installer\7316b2ec.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [31/10/2012 15:10:06] - C:\Windows\Installer\868f5a.msi : ( - McAfee) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/07/2014 01:48:49] - C:\Windows\Installer\c6636.msi : (HP ENVY 4500 series Basic Device Software - Hewlett-Packard Co.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/07/2014 01:50:45] - C:\Windows\Installer\c663c.msi : (Product Improvement Study for HP ENVY 4500 series - Hewlett-Packard Co.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/06/2013 20:29:12] - C:\Windows\Installer\c6642.msi : (HP Update - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/01/2013 07:25:19] - C:\Windows\Installer\c6648.msi : (HP ENVY 4500 series Get product specific help to easily troubleshoot and fix problems. - Hewlett Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2013 09:58:06] - C:\Windows\Installer\e87587b.msi : (HP FWUpdateEDO2 - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [14/07/2009 05:57:09] - [73] - C:\Windows\System32\desktop.ini [25/04/2015 10:05:02] - [16303] - C:\Windows\System32\ieuinit.inf [14/07/2009 06:13:15] - [6264] - C:\Windows\System32\PerfStringBackup.INI [10/06/2009 22:01:25] - [60124] - C:\Windows\System32\tcpmon.ini [25/04/2015 10:05:17] - [16303] - C:\Windows\Syswow64\ieuinit.inf [14/07/2009 05:55:01] - [535] - C:\Windows\Syswow64\mapisvc.inf [26/02/2014 11:03:03] - [1644724] - C:\Windows\Syswow64\PerfStringBackup.INI ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.24D74F8C075676C22E0AD0C5E4548A29] - |A| - [12/09/2018 17:44:55] - (.-.) - [124.99 Ko] - (0.0.0.0) - C:\Windows\AppPatch\AppPatch64\sysmain.sdb [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:08] - [0 Ko] - C:\Windows\AppPatch\Custom\Custom64 [MD5.00000000000000000000000000000000] - |D| - [26/05/2016 10:58:14] - [5597 Ko] - C:\Windows\Temp\10E57D52-B4CC-4FD2-9598-30FF17364896 [MD5.00000000000000000000000000000000] - |D| - [12/03/2016 10:03:23] - [5597 Ko] - C:\Windows\Temp\1F53340C-1DBB-4EBD-B9BE-11E86604FA5A [MD5.00000000000000000000000000000000] - |D| - [14/03/2016 05:34:47] - [5597 Ko] - C:\Windows\Temp\5946F073-B5B9-439D-9407-F3E86907D615 [MD5.00000000000000000000000000000000] - |D| - [06/07/2016 07:13:46] - [5597 Ko] - C:\Windows\Temp\68AD7F9A-B065-4047-9220-C83BDE7A7BC2 [MD5.EC69AE1135C4D1086B1332B58F79B7AB] - |A| - [12/09/2013 20:40:54] - (.-.) - [53.88 Ko] - (0.0.0.0) - C:\Windows\Temp\AdobeARM.log [MD5.CCF539728D75A6DDCD0E686257D92750] - |A| - [08/06/2017 16:22:50] - (.-.) - [0.17 Ko] - (0.0.0.0) - C:\Windows\Temp\AdobeARM_NotLocked.log [MD5.00000000000000000000000000000000] - |D| - [22/04/2016 07:08:12] - [5597 Ko] - C:\Windows\Temp\AF1D768E-D7C1-4951-979B-2CBE3DA4F6C3 [MD5.54E4984F7B3D3DBB04DBB1596B9F9195] - |A| - [16/10/2014 09:31:33] - (.-.) - [258.58 Ko] - (0.0.0.0) - C:\Windows\Temp\AppAndDeviceInventory.log [MD5.864C22FB9A1C0670EDF01C6ED3E4FBE4] - |A| - [08/06/2017 16:21:17] - (.-.) - [251.88 Ko] - (0.0.0.0) - C:\Windows\Temp\ArmUI.ini [MD5.022EFEEC82B7469177F628E89E6BF2FB] - |A| - [26/02/2014 11:02:46] - (.-.) - [4.03 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00000.log [MD5.2EAD0A7C6702040E119D6CE3D3F38A36] - |A| - [26/02/2014 11:02:57] - (.-.) - [2.9 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00001.log [MD5.358DDFE058859C2410DF0F797EB676AD] - |A| - [27/02/2014 10:06:58] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00002.log [MD5.520241457C912667453168756FEB1413] - |A| - [27/02/2014 10:07:23] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00003.log [MD5.7EB0D830C7AE25163C77639CA4A2695D] - |A| - [27/02/2014 10:08:02] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00004.log [MD5.9CF0E8B921DF863FF74C11813D1A4383] - |A| - [27/02/2014 10:08:06] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00005.log [MD5.062E48DE86D82C2C1B7E1CADD8D437D0] - |A| - [15/09/2014 11:33:21] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00006.log [MD5.F104351353240037C4473ADAEB85B0C2] - |A| - [15/09/2014 11:33:29] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00007.log [MD5.6E0DC24697F37B36F4C1A5C70E8BD292] - |A| - [25/04/2015 08:12:07] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00008.log [MD5.CD19C366E7D231411116B54D01E6192D] - |A| - [25/04/2015 08:12:14] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00009.log [MD5.70F74CCB0DC3C08145A385DEEC368D88] - |A| - [04/09/2015 11:00:25] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00010.log [MD5.16C5DFE42C2B9E0A38F5602CE09383A7] - |A| - [04/09/2015 11:00:32] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00011.log [MD5.9BD5B784501F8FC252E7E373ACABECAA] - |A| - [03/12/2015 19:49:11] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00012.log [MD5.572A0AA9B023FBF7C05746AAAE23BE18] - |A| - [03/12/2015 19:49:17] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00013.log [MD5.C3DB201ECD91B3D3264E6CDD3991F21E] - |A| - [20/12/2015 20:12:19] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00014.log [MD5.101C8747CEDD01ABA4245B454E5145B6] - |A| - [20/12/2015 20:12:24] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00015.log [MD5.290239CDD919ABCA7C0A28326FA26863] - |A| - [02/04/2016 10:55:02] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00016.log [MD5.0C724794ECC521C6ACB2CD477D33C78E] - |A| - [02/04/2016 10:55:10] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00017.log [MD5.DC3070367CC9C1511156FBA10229456F] - |A| - [30/04/2016 07:58:35] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00018.log [MD5.ECC397D3E5684B26688C557B91D48D82] - |A| - [30/04/2016 07:58:56] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00019.log [MD5.164AA4821186BB344D1AE4708DCBC57D] - |A| - [16/12/2016 08:56:36] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00020.log [MD5.9BAB5875C941EB9012B90E617689D4E1] - |A| - [16/12/2016 08:56:44] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00021.log [MD5.2FD85074B330F82F40BD16E0994D3B41] - |A| - [13/04/2017 08:12:41] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00022.log [MD5.C1C4F60C0543F2B80D312CF8EF33E36A] - |A| - [13/04/2017 08:12:56] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00023.log [MD5.0061A710B85FA789856AB6B377584CDC] - |A| - [11/05/2017 08:05:13] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00024.log [MD5.A76DE49884ED3D2FA11BC091023FD11A] - |A| - [11/05/2017 08:05:19] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00025.log [MD5.AA87B2509EF5074A5B0288822DBF7D6A] - |A| - [25/06/2017 06:53:41] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00026.log [MD5.A7910ADD843CFFB2505895E4238DC70E] - |A| - [25/06/2017 06:53:54] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00027.log [MD5.1B45E45FF4F88F48CEF97AD7D09EED06] - |A| - [26/07/2017 09:49:45] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00028.log [MD5.31163D8E49BF5537F1114B0AE986B107] - |A| - [26/07/2017 09:50:01] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00029.log [MD5.2C4C59E5BA65FE40F0E25D661493329F] - |A| - [17/09/2017 06:54:54] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00030.log [MD5.B4772E43E1EF645C6A5260C86A1669A1] - |A| - [17/09/2017 06:55:07] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00031.log [MD5.DBF678A3918FCE58FF21CBDE0477279E] - |A| - [12/10/2017 07:17:16] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00032.log [MD5.71DFD5B15A26E8B5EF26A40ED240B65B] - |A| - [12/10/2017 07:17:24] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00033.log [MD5.79A85486B78A9639BC1307BFE937182A] - |A| - [17/11/2017 08:01:03] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00034.log [MD5.138FEF5D240601B6DC5B5330CD504D7C] - |A| - [17/11/2017 08:01:15] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00035.log [MD5.6B800DC7455C6E981BA1515EF7DF207F] - |A| - [20/01/2018 10:40:08] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00036.log [MD5.85CB219D630527034AF7F973D236677D] - |A| - [20/01/2018 10:40:18] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00037.log [MD5.DC0811318A20D8C8395E88071796E44B] - |A| - [16/02/2018 11:47:42] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00038.log [MD5.60A1A4C85B3E69BEE93DB1129AC5ED6A] - |A| - [16/02/2018 11:47:51] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00039.log [MD5.06BD73F8C8F523ADD3D4EB4472D0CAC6] - |A| - [20/02/2018 15:46:42] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00040.log [MD5.87584CB71EACB0A0DB41EC316E37C5AD] - |A| - [20/02/2018 15:46:54] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00041.log [MD5.0DBCE7EAF5E1F988A49BFD0A69255340] - |A| - [05/03/2018 08:25:56] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00042.log [MD5.79D316313E3F62CDC0E51B8B78EB5929] - |A| - [05/03/2018 08:26:26] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00043.log [MD5.6E00704A484E26B4F53430A3BC47E778] - |A| - [09/05/2018 18:47:41] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00044.log [MD5.CA549BB7C1A29ABBCB6C6C215B8CA28C] - |A| - [09/05/2018 18:47:50] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00045.log [MD5.B18115745B3F3CDFAC8045EC96D85947] - |A| - [12/07/2018 07:38:30] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00046.log [MD5.17DB13BA75244E2097372057E81E01E7] - |A| - [12/07/2018 07:38:38] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00047.log [MD5.04A407906D2D6899DD4DFAE374D33648] - |A| - [25/07/2018 06:45:01] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00048.log [MD5.0C1D7A25DF3B6843C829931AE9EE82B6] - |A| - [25/07/2018 06:45:09] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00049.log [MD5.38EF206103D669526CFF406C3A44C5FC] - |A| - [16/08/2018 13:18:25] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00050.log [MD5.55E02639875837B0A0AEC2CDB76ABB98] - |A| - [16/08/2018 13:18:31] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00051.log [MD5.FCBAE81AC425FEDF90D21DD3B453E16B] - |A| - [13/09/2018 12:23:57] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00052.log [MD5.D760570B8C8D2084690C6827D1D8E339] - |A| - [13/09/2018 12:24:11] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00053.log [MD5.D74FF1005E7721F861BEA19576C5455E] - |A| - [13/09/2018 12:27:22] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00054.log [MD5.68303FC962E48C7406B6D6DCB5A5AC04] - |A| - [13/09/2018 12:27:28] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00055.log [MD5.7C565992DAC64BAC3C09BE6A809934CD] - |A| - [11/10/2018 12:41:57] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00056.log [MD5.9B06A49CE5246277D69E143688F4EB16] - |A| - [11/10/2018 12:42:31] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00057.log [MD5.20733722DE4C173E1D3A112C657E484A] - |A| - [17/11/2018 07:28:24] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00058.log [MD5.D25A842FEE349ED6F89202CB9B636DEC] - |A| - [17/11/2018 07:28:30] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00059.log [MD5.2542AB9503B2619AA9D17F35E5D8310D] - |A| - [13/12/2018 13:24:53] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00060.log [MD5.A8B8BBC210BBAB7A78BC7C5B54D8DD5E] - |A| - [13/12/2018 13:25:06] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00061.log [MD5.465955B9F1E11F48EE59D8B0EB9A5078] - |A| - [10/01/2019 15:03:02] - (.-.) - [4.69 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00062.log [MD5.FDDD694ABF24C4F83F08E99C4FB64E20] - |A| - [10/01/2019 15:03:09] - (.-.) - [3.12 Ko] - (0.0.0.0) - C:\Windows\Temp\ASPNETSetup_00063.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |AT| - [08/09/2018 15:09:34] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\asw-cdfff712-a987-400a-9ff0-be26319fbe57.tmp [MD5.00000000000000000000000000000000] - |D| - [15/01/2018 18:48:29] - [357.03 Ko] - C:\Windows\Temp\avast_ash2 [MD5.494B7315D1575E37B1D470C8B79123A3] - |A| - [26/08/2014 22:36:32] - (.-.) - [13.96 Ko] - (0.0.0.0) - C:\Windows\Temp\Avira_20140826233632.log [MD5.99224A78B9E1C00819465D573971DF36] - |A| - [26/08/2014 22:36:36] - (.-.) - [623.23 Ko] - (0.0.0.0) - C:\Windows\Temp\Avira_20140826233632_1_Id.Avira.OE.Setup.Msi.log [MD5.DCC68A528926A6B7337750725AFE2549] - |A| - [26/08/2014 22:37:27] - (.-.) - [8.64 Ko] - (0.0.0.0) - C:\Windows\Temp\Avira_20140826233727.log [MD5.145C3BAD196DE2E72E33CFFE2E36C259] - |A| - [16/09/2014 11:47:38] - (.-.) - [13.94 Ko] - (0.0.0.0) - C:\Windows\Temp\Avira_20140916124738.log [MD5.BD80BF5F8F51E56042E2308A8D994749] - |A| - [16/09/2014 11:47:40] - (.-.) - [647.55 Ko] - (0.0.0.0) - C:\Windows\Temp\Avira_20140916124738_1_Id.Avira.OE.Setup.Msi.log [MD5.52FF6DCDF9E210331827FC781826682D] - |A| - [16/09/2014 11:47:57] - (.-.) - [8.61 Ko] - (0.0.0.0) - C:\Windows\Temp\Avira_20140916124757.log [MD5.B66485A843CFE1CEB20DC6914591E5D9] - |A| - [15/10/2014 17:28:58] - (.-.) - [14.32 Ko] - (0.0.0.0) - C:\Windows\Temp\Avira_20141015182858.log [MD5.E849E7AD03D7427555C7EC488AF13945] - |A| - [15/10/2014 17:29:00] - (.-.) - [690.19 Ko] - (0.0.0.0) - C:\Windows\Temp\Avira_20141015182858_1_Id.Avira.OE.Setup.Msi.log [MD5.E10A7D657F4C764FA349BEF55379B8FB] - |A| - [15/10/2014 17:30:14] - (.-.) - [8.61 Ko] - (0.0.0.0) - C:\Windows\Temp\Avira_20141015183014.log [MD5.7EF2D9523A4360173A42AF7C7B39F028] - |A| - [21/06/2015 19:40:21] - (.-.) - [75.01 Ko] - (0.0.0.0) - C:\Windows\Temp\BootClean.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [24/12/2013 12:46:18] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\C29A.tmp [MD5.194537DF655D5271A1B94A297D80A89C] - |A| - [20/12/2015 22:41:02] - (.-.) - [3199.06 Ko] - (0.0.0.0) - C:\Windows\Temp\cab_6696_2 [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/12/2015 22:41:02] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\cab_6696_3 [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/12/2015 22:41:02] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\cab_6696_4 [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/12/2015 22:41:02] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\cab_6696_5 [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/12/2015 22:41:02] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\cab_6696_6 [MD5.C688DE602A2AA87BE89C80FC366BBB38] - |A| - [23/02/2013 14:26:08] - (.-.) - [436.68 Ko] - (0.0.0.0) - C:\Windows\Temp\chrome_installer.log [MD5.00000000000000000000000000000000] - |D| - [20/02/2013 14:39:06] - [0.12 Ko] - C:\Windows\Temp\CitrixLogs [MD5.00000000000000000000000000000000] - |D| - [14/05/2014 11:22:30] - [2645.44 Ko] - C:\Windows\Temp\CompatTelemetryLogs [MD5.70D09276FE2AAA808813399245A2F493] - |A| - [26/06/2013 19:10:23] - (.© McAfee, Inc. - McAfee Scanner Content Installer.) - [1506.54 Ko] - (3.0.110.1) - C:\Windows\Temp\contentDATs.exe [MD5.00000000000000000000000000000000] - |SHD| - [20/02/2013 14:39:06] - [32.12 Ko] - C:\Windows\Temp\Cookies [MD5.00000000000000000000000000000000] - |D| - [02/05/2016 20:41:33] - [0.04 Ko] - C:\Windows\Temp\Crashpad [MD5.00000000000000000000000000000000] - |D| - [18/12/2018 18:35:14] - [2544.61 Ko] - C:\Windows\Temp\CR_ADBEC.tmp [MD5.C61D85DAEA270DEFC390C059C06D68AE] - |A| - [26/04/2014 13:52:44] - (.-.) - [55.56 Ko] - (0.0.0.0) - C:\Windows\Temp\dat4FAF.tmp [MD5.8652745947B62F03147B76CD5DB508FB] - |A| - [26/04/2014 13:52:44] - (.-.) - [55.75 Ko] - (0.0.0.0) - C:\Windows\Temp\dat4FCF.tmp [MD5.AA3E258B656E50BDB81E8C677113B2B1] - |A| - [24/02/2013 02:37:12] - (.-.) - [47.32 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_clwireg.txt [MD5.AA112701E1BEDD83D236C8913016E9FD] - |A| - [22/02/2013 16:59:08] - (.-.) - [1.16 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_dotNetFx40LP_Client_x86_x64fr_decompression_log.txt [MD5.3A03ABBDCFBD47801FCF7C6415C20C27] - |A| - [22/02/2013 16:53:01] - (.-.) - [1.18 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_dotNetFx40_Client_x86_x64_decompression_log.txt [MD5.90ED68114BBD26528B63B7A4A577AE8D] - |A| - [24/02/2013 02:54:05] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP40-KB2468871-v2-x64_decompression_log.txt [MD5.358B94C9415B36851AE602785BA846C8] - |A| - [15/09/2014 11:32:38] - (.-.) - [1.19 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP45-KB2894854-v2-x64_decompression_log.txt [MD5.7BBDE3DF3E2594702ADFC5043454CCD6] - |A| - [27/02/2014 10:08:59] - (.-.) - [1.14 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP45-KB2898869-x64_decompression_log.txt [MD5.DFCD39FACB1CB526B48A023A269B39C3] - |A| - [27/02/2014 10:07:36] - (.-.) - [1.15 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP45-KB2901126-x64_decompression_log.txt [MD5.A5EF7F11FB763A6043F65E02C5B1CBE9] - |A| - [15/05/2014 12:42:19] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP45-KB2931368-x64_decompression_log.txt [MD5.A8BBD67B960C9847844D8377D7E5AE2D] - |A| - [16/10/2014 08:37:43] - (.-.) - [1.18 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP45-KB2972107-x64_decompression_log.txt [MD5.53331855096C2391176C1E8F5A749654] - |A| - [15/09/2014 11:36:09] - (.-.) - [1.13 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP45-KB2972216-x64_decompression_log.txt [MD5.B40D5DDC6FC7E2718270FE263BCCDE78] - |A| - [14/11/2014 09:03:25] - (.-.) - [1.13 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP45-KB2978128-x64_decompression_log.txt [MD5.871D44AB5368AFAE8C0E69B4D05FD8F6] - |A| - [16/10/2014 08:36:22] - (.-.) - [1.15 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP45-KB2979578-v2-x64_decompression_log.txt [MD5.69D92BADAA23E5AEE080DC6253BBC0A0] - |A| - [15/05/2015 16:28:28] - (.-.) - [1.16 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP45-KB3023224-x64_decompression_log.txt [MD5.0F2AB8DFBF5534CF6302C732A29E5F08] - |A| - [15/05/2015 16:31:24] - (.-.) - [1.15 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP45-KB3035490-x64_decompression_log.txt [MD5.5F4C52164018474C3BE7ED85F6010C30] - |A| - [25/04/2015 08:11:12] - (.-.) - [1.13 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP45-KB3037581-x64_decompression_log.txt [MD5.43EBB5E05817E7E2662FE89F8DA61B22] - |A| - [10/09/2015 17:38:02] - (.-.) - [1.14 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP45-KB3074230-x64_decompression_log.txt [MD5.E36F628BF4FDF75F35C222EDEB89D6C0] - |A| - [10/09/2015 17:45:46] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_ndp45-kb3074550-x64_decompression_log.txt [MD5.DB8299EBAC1A6BA6FCD4C5E2BAA8EE0D] - |A| - [03/12/2015 19:57:19] - (.-.) - [1.18 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_ndp45-kb3097996-x64_decompression_log.txt [MD5.F6744028CA2EDF6E61BBA389E4267EBA] - |A| - [03/12/2015 19:48:23] - (.-.) - [1.14 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_ndp45-kb3098781-x64_decompression_log.txt [MD5.E8EB2B18048F825F4B62F69132B108F7] - |A| - [13/02/2016 09:54:06] - (.-.) - [1.14 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_ndp45-kb3122656-x64_decompression_log.txt [MD5.C5A2590E4784307221AA1956FC2A3CA3] - |A| - [13/02/2016 02:41:45] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_ndp45-kb3127229-x64_decompression_log.txt [MD5.CE054C169EDD44907337B041227C66C1] - |A| - [11/03/2016 11:37:24] - (.-.) - [1.16 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_ndp45-kb3135996-x64_decompression_log.txt [MD5.65F0C9DE445124C53B4CAC5D25A84128] - |A| - [26/02/2014 10:59:34] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP451-KB2858725-x86-x64-ENU_decompression_log.txt [MD5.B7C4899DDE56A78BABD904667C40CAF8] - |A| - [27/02/2014 10:05:25] - (.-.) - [1.18 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP451-KB2858725-x86-x64-FRA_decompression_log.txt [MD5.AC453AE2D667B00C0621736599196377] - |A| - [04/09/2015 10:57:31] - (.-.) - [1.19 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_ndp452-kb2901983-x86-x64-enu_decompression_log.txt [MD5.52CD393BA76F8919BD3D8705B2005E65] - |A| - [20/12/2015 20:11:33] - (.-.) - [1.22 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_ndp452-kb2901983-x86-x64-fra_decompression_log.txt [MD5.3FDB49CAC003F4505ED1625534C306BE] - |A| - [03/04/2016 13:35:28] - (.-.) - [1.13 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_ndp46-kb3122661-x64_decompression_log.txt [MD5.F21E231FD640B83F102C7A7465EFF3A5] - |A| - [03/04/2016 13:37:56] - (.-.) - [1.12 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_ndp46-kb3127233-x64_decompression_log.txt [MD5.C243D02F1E8898A6D8AAD9D78205C12E] - |A| - [17/05/2016 15:30:18] - (.-.) - [1.16 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_ndp46-kb3136000-v2-x64_decompression_log.txt [MD5.686DF217EC6E31A61B1B69AF9381C589] - |A| - [03/04/2016 13:38:52] - (.-.) - [1.12 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_ndp46-kb3136000-x64_decompression_log.txt [MD5.FFA859E0B7D19E19BAE852A6CC47A4BC] - |A| - [12/05/2016 09:28:10] - (.-.) - [1.16 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_ndp46-kb3142037-x64_decompression_log.txt [MD5.1FD8F4B814381E73606D73FAB7B1ECA0] - |A| - [15/04/2016 09:25:26] - (.-.) - [1.14 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_ndp46-kb3143693-x64_decompression_log.txt [MD5.41DC9338297ACE54E5B8C56A9CB6F982] - |A| - [26/09/2016 08:05:11] - (.-.) - [1.12 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_ndp46-kb3164025-x64_decompression_log.txt [MD5.4B6C7376ED1A0EA5591E01D23A23E227] - |A| - [16/12/2016 08:53:51] - (.-.) - [1.15 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP46-KB3210136-x64_decompression_log.txt [MD5.DB7BAEC0D6FEDCF2FBF008C02A58684E] - |A| - [11/05/2017 08:03:31] - (.-.) - [1.12 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP46-KB4014511-x64_decompression_log.txt [MD5.417EA84F296CD5406FDC97E2A17BAB9A] - |A| - [13/04/2017 08:08:56] - (.-.) - [1.15 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP46-KB4014553-x64_decompression_log.txt [MD5.8A67718C7E665A550C49E1828870F9AB] - |A| - [17/09/2017 06:51:26] - (.-.) - [1.13 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_ndp46-kb4040973-x64_decompression_log.txt [MD5.3A8C1F578EFAFA47EE20504023307833] - |A| - [17/11/2017 07:59:28] - (.-.) - [1.15 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP46-KB4041778-x64_decompression_log.txt [MD5.90DF2854198B0AC0E4019F08FC6D031C] - |A| - [12/10/2017 07:16:05] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP46-KB4043764-x64_decompression_log.txt [MD5.69AF3C65819CD08AE7795582C2E84A7E] - |A| - [12/07/2018 07:36:49] - (.-.) - [1.13 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP46-KB4338420-x64_decompression_log.txt [MD5.0CF85064A56B72FD23505256765DD440] - |A| - [16/08/2018 13:16:48] - (.-.) - [1.14 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP46-KB4344146-x64_decompression_log.txt [MD5.A725924A1F9E5342F9D2621582822EEF] - |A| - [11/10/2018 12:39:06] - (.-.) - [1.18 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP46-KB4457016-x64_decompression_log.txt [MD5.F0AAD381F51210EACC858AD84AC1FB00] - |A| - [13/09/2018 12:25:39] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP46-KB4457035-x64_decompression_log.txt [MD5.7ED65A5987FB267000F6EB7A55845265] - |A| - [17/11/2018 07:27:19] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP46-KB4459942-x64_decompression_log.txt [MD5.D33198A069B9C8E5DA0AC74D7CFD155B] - |A| - [13/12/2018 13:24:01] - (.-.) - [1.16 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_ndp46-kb4470640-x64_decompression_log.txt [MD5.E1C0D0F5DB37E7362DCD2310A401F68D] - |A| - [10/01/2019 15:01:31] - (.-.) - [1.13 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP46-KB4480055-x64_decompression_log.txt [MD5.4EDC03BB3786B763D6831C1186B5E8E1] - |A| - [02/04/2016 10:50:56] - (.-.) - [1.18 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_ndp461-kb3102433-x86-x64-enu_decompression_log.txt [MD5.5081FC6C90BEC45E8B4A8BD49A78ACD3] - |A| - [30/04/2016 07:55:39] - (.-.) - [1.19 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP461-KB3102436-x86-x64-AllOS-FRA_decompression_log.txt [MD5.4FF92A086CC26311A4E2647E921EDE6F] - |A| - [25/06/2017 06:49:05] - (.-.) - [1.16 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP47-KB3186495-x86-x64-ENU_decompression_log.txt [MD5.E46636B70F4AEA3582FAFF67EDCDA109] - |A| - [26/07/2017 09:46:11] - (.-.) - [1.2 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP47-KB3186497-x86-x64-AllOS-FRA_decompression_log.txt [MD5.F9EC8C044ADF59A5E4EAD4FFBAA48EE5] - |A| - [16/02/2018 11:45:27] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP47-KB4054981-x64_decompression_log.txt [MD5.42F7458B34ED4794F680BD4997DA218D] - |A| - [20/01/2018 10:37:06] - (.-.) - [1.16 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP47-KB4074880-x64_decompression_log.txt [MD5.9115F8E4CED32B49A7A33A72C17B4892] - |A| - [09/05/2018 18:44:22] - (.-.) - [1.15 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP47-KB4096418-x64_decompression_log.txt [MD5.845E5FB665A294A6E7961FDB19B6CFAE] - |A| - [20/02/2018 15:39:05] - (.-.) - [1.19 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP471-KB4033341-x86-x64-ENU_decompression_log.txt [MD5.F900B3E25B426EFDC8FDE95D9EC2DAB9] - |A| - [05/03/2018 08:22:23] - (.-.) - [1.18 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP471-KB4033342-x86-x64-AllOS-FRA_decompression_log.txt [MD5.3D0EBE1207D8BA423E469D4884AC7252] - |A| - [20/02/2018 15:51:09] - (.-.) - [1.15 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP471-KB4054852-x64_decompression_log.txt [MD5.81E80DBFA7A4B412318CC28F4940F76A] - |A| - [13/09/2018 12:22:34] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_NDP472-KB4054530-x86-x64-AllOS-FRA_decompression_log.txt [MD5.E9015D17C947916C936DECF5DF62F9ED] - |A| - [25/07/2018 06:39:49] - (.-.) - [1.2 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_ndp472-kb4054541-x86-x64-enu_decompression_log.txt [MD5.35934A02D7BFDFB47BBD90E4EBEE2EAF] - |A| - [25/07/2018 16:01:37] - (.-.) - [1.16 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_ndp472-kb4087364-x64_decompression_log.txt [MD5.BEAA66DD355CAF1108690F7A62E0F465] - |A| - [22/02/2013 16:53:24] - (.-.) - [3.76 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_SetupUtility.txt [MD5.BE903C9C64AB2A9123331B304BF2869E] - |A| - [26/02/2014 11:02:28] - (.-.) - [7.03 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20140226_100228_400.txt [MD5.E5B604928EEC295DCD993FC93BEAA103] - |A| - [26/02/2014 11:02:40] - (.-.) - [2.68 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20140226_100240_035.txt [MD5.8E0E45CEAF3669CCD666FFF53033A2E7] - |A| - [15/09/2014 11:36:35] - (.-.) - [4.59 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20140915_103635_552.txt [MD5.C00AD1FA20E1F54A308ED3F26A7E7583] - |A| - [15/09/2014 11:36:37] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20140915_103637_610.txt [MD5.E5C464E30913436F4432BED42A019A29] - |A| - [04/09/2015 11:00:12] - (.-.) - [4.59 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20150904_100012_138.txt [MD5.44A259AEBE7FFF72C15F4DCE2077A263] - |A| - [04/09/2015 11:00:20] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20150904_100020_250.txt [MD5.1D6502051B56EAE0C510528D12CEF7C2] - |A| - [02/04/2016 10:54:47] - (.-.) - [4.57 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20160402_095447_398.txt [MD5.D810ACF5BE24815894C9A81005C7E75F] - |A| - [02/04/2016 10:54:51] - (.-.) - [2.63 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20160402_095451_294.txt [MD5.1A13CBD1048F58FD87C6F50AB5AC9A83] - |A| - [16/12/2016 08:56:19] - (.-.) - [4.59 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20161216_075619_075.txt [MD5.05303F19EE3EAB6FAB2C5EFB47B87B08] - |A| - [16/12/2016 08:56:24] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20161216_075624_708.txt [MD5.8A33FBE8DC474298541C07D8BB2D905A] - |A| - [13/04/2017 08:12:25] - (.-.) - [4.59 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20170413_071225_730.txt [MD5.1288FA8F03E29BD61072DF0A4F729282] - |A| - [13/04/2017 08:12:28] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20170413_071228_911.txt [MD5.C2B78D1F3EEFC7F0709BA441EE302088] - |A| - [11/05/2017 08:05:02] - (.-.) - [4.59 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20170511_070502_667.txt [MD5.F7767DE02A941531DE76D24C81BFF9BC] - |A| - [11/05/2017 08:05:09] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20170511_070509_003.txt [MD5.AAB166B01ED7A811DA06B2EE8F865672] - |A| - [25/06/2017 06:53:30] - (.-.) - [4.59 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20170625_055330_879.txt [MD5.C4DB551327392E5F83BA5877BA6E93C9] - |A| - [25/06/2017 06:53:33] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20170625_055333_798.txt [MD5.FFB99F2B398B6094C2039604820B5384] - |A| - [17/09/2017 06:54:27] - (.-.) - [4.59 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20170917_055427_597.txt [MD5.B080E8A39AB3B18B2B8C8D1FC9D3F3A0] - |A| - [17/09/2017 06:54:35] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20170917_055435_258.txt [MD5.D250AFC39A00F35739E9C15BBC6D8517] - |A| - [12/10/2017 07:17:03] - (.-.) - [4.59 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20171012_061703_515.txt [MD5.EBB025AA45B3259E6AD0FA73A905CC95] - |A| - [12/10/2017 07:17:08] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20171012_061708_550.txt [MD5.A05C02627C8BE8266D627907FEFF5110] - |A| - [17/11/2017 08:00:54] - (.-.) - [4.59 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20171117_070054_008.txt [MD5.3C258F373802372DDD3AAF6C5DBD2623] - |A| - [17/11/2017 08:00:56] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20171117_070056_602.txt [MD5.9EB2E33BD1AB2EF48798D327841EA200] - |A| - [20/01/2018 10:39:50] - (.-.) - [4.59 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20180120_093950_811.txt [MD5.57648BF8481239EBADD93E3249FE0BEA] - |A| - [20/01/2018 10:39:56] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20180120_093956_931.txt [MD5.BFFE50E65D2274CDE08282181402560D] - |A| - [16/02/2018 11:47:28] - (.-.) - [4.59 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20180216_104728_573.txt [MD5.7A399D3FC2E17E92BFA5C20D77EFD406] - |A| - [16/02/2018 11:47:31] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20180216_104731_794.txt [MD5.791A56BE588003D47CC6ADC711BCCB15] - |A| - [20/02/2018 15:46:14] - (.-.) - [4.59 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20180220_144613_884.txt [MD5.610E410A4A3C0CB1D3741920B7E5AC27] - |A| - [20/02/2018 15:46:19] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20180220_144619_789.txt [MD5.6A1929399C0E4D4D671DF993EE50479A] - |A| - [09/05/2018 18:47:28] - (.-.) - [4.59 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20180509_174728_891.txt [MD5.11F6145403C29FC1E9736A08813F7643] - |A| - [09/05/2018 18:47:33] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20180509_174733_410.txt [MD5.7AAFC0E3CE047C3837FFF4C04AA8C31D] - |A| - [12/07/2018 07:38:20] - (.-.) - [4.59 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20180712_063820_507.txt [MD5.A3193F67C19FF7A8EEA7EB284D1BDE60] - |A| - [12/07/2018 07:38:26] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20180712_063826_428.txt [MD5.E6972379526312B8F70A248AA7F8CA2D] - |A| - [25/07/2018 06:44:44] - (.-.) - [4.59 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20180725_054444_621.txt [MD5.B9A3848C2125DF7847C6B80CADFE0FFE] - |A| - [25/07/2018 06:44:49] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20180725_054449_762.txt [MD5.E70CE228B207AA457F6035647F9F58B2] - |A| - [16/08/2018 13:18:14] - (.-.) - [4.59 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20180816_121814_359.txt [MD5.DAF4EB1C67BE594D9781B8333C702305] - |A| - [16/08/2018 13:18:16] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20180816_121816_908.txt [MD5.9B9AEEADF43057A3EDB2740DF08C1B07] - |A| - [13/09/2018 12:27:12] - (.-.) - [4.59 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20180913_112712_460.txt [MD5.9C4118BD551314756DDC56226FFB7539] - |A| - [13/09/2018 12:27:17] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20180913_112717_497.txt [MD5.07B20B76C466CF8C63E9F15FEEEC272C] - |A| - [11/10/2018 12:41:45] - (.-.) - [4.59 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20181011_114145_532.txt [MD5.43C829D88C6CD86A3413FC1D157F0F7A] - |A| - [11/10/2018 12:41:48] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20181011_114148_225.txt [MD5.DCB2F07D79940B68DA170BAA22EC21B7] - |A| - [17/11/2018 07:28:14] - (.-.) - [4.59 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20181117_062814_982.txt [MD5.DC8D1F221E71C2DCB526067F5E253320] - |A| - [17/11/2018 07:28:18] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20181117_062818_120.txt [MD5.839AE03264305832512B0BF30A8A5CFF] - |A| - [13/12/2018 13:24:43] - (.-.) - [4.59 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20181213_122443_736.txt [MD5.DBE91FBFA500FB52F63D3DC9096945D8] - |A| - [13/12/2018 13:24:47] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20181213_122447_439.txt [MD5.5702EB57CDD2AF778E9A3B6E242702DB] - |A| - [10/01/2019 15:02:50] - (.-.) - [4.59 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20190110_140250_258.txt [MD5.FE0658B513291F64CCE0BC6385DC12EC] - |A| - [10/01/2019 15:02:54] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_wcf_CA_smci_20190110_140254_505.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/02/2013 13:43:15] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\DMI382F.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/02/2013 13:43:20] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\DMI4C0C.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/02/2013 13:43:28] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\DMI6DDF.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/02/2013 13:43:33] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\DMI7E81.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/02/2013 13:43:35] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\DMI896A.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/02/2013 13:43:40] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\DMI9C3E.tmp [MD5.00000000000000000000000000000000] - |D| - [20/02/2013 15:14:48] - [0 Ko] - C:\Windows\Temp\dmiwu [MD5.00000000000000000000000000000000] - |D| - [19/04/2016 15:41:19] - [0 Ko] - C:\Windows\Temp\EA76A63BF1570934EA358AAC49392682-Sigs [MD5.00000000000000000000000000000000] - |SHD| - [20/02/2013 14:39:06] - [32.33 Ko] - C:\Windows\Temp\Fichiers Internet temporaires [MD5.FB806B84D239F7B160AA929B720B8FE4] - |A| - [20/02/2013 15:52:22] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile00.sqm [MD5.98ADDF41A4349A558F7C2C04F6A61152] - |A| - [20/02/2013 19:34:41] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile01.sqm [MD5.3F123311D928B8936A5AFEB486F19C31] - |A| - [21/02/2013 16:49:03] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile02.sqm [MD5.C7A319D303EFA5092A048ED43B469E34] - |A| - [22/02/2013 16:46:59] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile03.sqm [MD5.58260634EBFD1CFEEE6947A78563DBA3] - |A| - [22/02/2013 17:14:08] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile04.sqm [MD5.A758CC02077E79F55520643CBD806E01] - |A| - [23/02/2013 13:32:11] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile05.sqm [MD5.1906357A957551A2414D9EC1CA01A669] - |A| - [24/02/2013 14:12:18] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile06.sqm [MD5.1C096EBD8281F4EF541E177A16D649A5] - |A| - [25/02/2013 14:38:25] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile07.sqm [MD5.083E6250892B6417F5648A2FCD2E4E3B] - |A| - [26/02/2013 15:28:06] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile08.sqm [MD5.4013AE4732CCF64CB6348DE336465FA2] - |A| - [27/02/2013 15:26:04] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile09.sqm [MD5.3FAFE7351697C68E85A903253F025859] - |A| - [28/02/2013 11:15:30] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile10.sqm [MD5.C789A5D09350EB14AB32AF5A890562B9] - |A| - [28/02/2013 23:41:10] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile11.sqm [MD5.F7447A630266B0C1E4A8E230F68E1C7B] - |A| - [01/03/2013 13:18:40] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile12.sqm [MD5.0F0A98DFEF9FDFACDBC2E5BD2744EAF2] - |A| - [01/03/2013 15:34:09] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile13.sqm [MD5.6BFCF938A50DE5AD524F04A81911F4F6] - |A| - [02/03/2013 18:13:05] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile14.sqm [MD5.E2EECEC35635729B64FA4EBDCD9D48A9] - |A| - [03/03/2013 13:33:32] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile15.sqm [MD5.7987959EE9DD1D919026EBDB6523D90D] - |A| - [04/03/2013 13:49:00] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile16.sqm [MD5.C7A2BFD45260A9B36F34DBCD259C708A] - |A| - [05/03/2013 14:18:35] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile17.sqm [MD5.9C5DD4A7FC01BAE648E842A1479ABB25] - |A| - [06/03/2013 14:59:42] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile18.sqm [MD5.28E6786DE79354353775FB1C85ABBA28] - |A| - [07/03/2013 14:15:28] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile19.sqm [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/02/2013 13:43:11] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\FXSAPIDebugLogFile.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/02/2013 13:43:10] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\FXSTIFFDebugLogFile.txt [MD5.00000000000000000000000000000000] - |SHD| - [20/02/2013 14:39:06] - [16.14 Ko] - C:\Windows\Temp\History [MD5.00000000000000000000000000000000] - |D| - [03/06/2015 19:34:57] - [3277.94 Ko] - C:\Windows\Temp\HP [MD5.00000000000000000000000000000000] - |D| - [27/11/2013 03:00:27] - [1824.42 Ko] - C:\Windows\Temp\IE7C8E.tmp [MD5.00000000000000000000000000000000] - |D| - [05/11/2013 10:26:20] - [2109.62 Ko] - C:\Windows\Temp\IE8578.tmp [MD5.00000000000000000000000000000000] - |D| - [05/11/2013 10:26:21] - [11519.43 Ko] - C:\Windows\Temp\IE88F1.tmp [MD5.00000000000000000000000000000000] - |D| - [05/11/2013 10:26:21] - [1457.11 Ko] - C:\Windows\Temp\IE899D.tmp [MD5.00000000000000000000000000000000] - |D| - [04/11/2013 13:10:02] - [653.11 Ko] - C:\Windows\Temp\InstallHelp [MD5.00000000000000000000000000000000] - |D| - [24/02/2013 02:54:11] - [0 Ko] - C:\Windows\Temp\KB2468871v2_10.0.30319 [MD5.1B4A0F1055423671AEBFABAA3F06F94F] - |A| - [24/02/2013 02:54:13] - (.-.) - [14202.9 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2468871v2_20130224_025411713-Microsoft .NET Framework 4 Client Profile-MSP0.txt [MD5.BC0DE75E5BEEE2FF64B4651C8D66BF44] - |A| - [24/02/2013 02:54:10] - (.-.) - [53.9 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2468871v2_20130224_025411713.html [MD5.00000000000000000000000000000000] - |D| - [24/02/2013 02:41:12] - [0 Ko] - C:\Windows\Temp\KB2533523_10.0.30319 [MD5.1F45FEFD711BBB05DF5DA6106183003E] - |A| - [24/02/2013 02:41:14] - (.-.) - [8905.09 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2533523_20130224_024112850-Microsoft .NET Framework 4 Client Profile-MSP0.txt [MD5.7391804C9D09D414A57CC33B97C944AB] - |A| - [24/02/2013 02:41:12] - (.-.) - [54.99 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2533523_20130224_024112850.html [MD5.00000000000000000000000000000000] - |D| - [24/02/2013 02:37:17] - [0 Ko] - C:\Windows\Temp\KB2600217_10.0.30319 [MD5.7BE2286936A7AE6E5F4A8E6C305877D6] - |A| - [24/02/2013 02:37:19] - (.-.) - [8374.44 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2600217_20130224_023717586-Microsoft .NET Framework 4 Client Profile-MSP0.txt [MD5.2FEFBCEFBE21C6C3284FEBC5B3AACA9C] - |A| - [24/02/2013 02:37:16] - (.-.) - [57.13 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2600217_20130224_023717586.html [MD5.00000000000000000000000000000000] - |D| - [24/02/2013 02:45:42] - [0 Ko] - C:\Windows\Temp\KB2604121_10.0.30319 [MD5.57BDF3E655D1B80DA61E25D0CD315741] - |A| - [24/02/2013 02:45:43] - (.-.) - [10293.11 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2604121_20130224_024542652-Microsoft .NET Framework 4 Client Profile-MSP0.txt [MD5.C18A8F359E58C3BD26336869C2E726FD] - |A| - [24/02/2013 02:45:42] - (.-.) - [57.45 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2604121_20130224_024542652.html [MD5.00000000000000000000000000000000] - |D| - [24/02/2013 02:44:13] - [0 Ko] - C:\Windows\Temp\KB2656351_10.0.30319 [MD5.244A89819FE0FFFF678D1B14BBEC1576] - |A| - [24/02/2013 02:44:14] - (.-.) - [9529.23 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2656351_20130224_024413701-Microsoft .NET Framework 4 Client Profile-MSP0.txt [MD5.D3284093B2E38F8D6E09807C38A114B4] - |A| - [24/02/2013 02:44:13] - (.-.) - [57.29 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2656351_20130224_024413701.html [MD5.00000000000000000000000000000000] - |D| - [24/02/2013 02:48:31] - [0 Ko] - C:\Windows\Temp\KB2729449_10.0.30319 [MD5.86FB36DAE8429B9C24CFC2D4DEB95677] - |A| - [24/02/2013 02:48:32] - (.-.) - [10903.02 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2729449_20130224_024831273-Microsoft .NET Framework 4 Client Profile-MSP0.txt [MD5.1DCA49E606FF645CC1FCCC484AA70593] - |A| - [24/02/2013 02:48:30] - (.-.) - [57.29 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2729449_20130224_024831273.html [MD5.00000000000000000000000000000000] - |D| - [24/02/2013 02:52:16] - [0 Ko] - C:\Windows\Temp\KB2737019_10.0.30319 [MD5.7322DF8F2DD237D1559AA20316B9D0AF] - |A| - [24/02/2013 02:52:17] - (.-.) - [12115.15 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2737019_20130224_025216616-Microsoft .NET Framework 4 Client Profile-MSP0.txt [MD5.54F1534EF439A98FA42C06130631D4BB] - |A| - [24/02/2013 02:52:16] - (.-.) - [57.54 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2737019_20130224_025216616.html [MD5.00000000000000000000000000000000] - |D| - [24/02/2013 02:56:51] - [0 Ko] - C:\Windows\Temp\KB2742595_10.0.30319 [MD5.76D28FE28721F39F2E5E17CCBA3BE401] - |A| - [24/02/2013 02:56:53] - (.-.) - [15194.63 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2742595_20130224_025651784-Microsoft .NET Framework 4 Client Profile-MSP0.txt [MD5.EEE8035337944C316FAFD754D9F533E4] - |A| - [24/02/2013 02:56:51] - (.-.) - [57.45 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2742595_20130224_025651784.html [MD5.00000000000000000000000000000000] - |D| - [24/02/2013 02:50:56] - [0 Ko] - C:\Windows\Temp\KB2789642_10.0.30319 [MD5.AA6CC6ED11F3C799D0DD03039F578B95] - |A| - [24/02/2013 02:50:57] - (.-.) - [11427.47 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2789642_20130224_025056556-Microsoft .NET Framework 4 Client Profile-MSP0.txt [MD5.16418CDE2399AA76CE544ADA78EF316A] - |A| - [24/02/2013 02:50:56] - (.-.) - [63.53 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2789642_20130224_025056556.html [MD5.00000000000000000000000000000000] - |D| - [15/05/2013 23:30:55] - [0 Ko] - C:\Windows\Temp\KB2804576_10.0.30319 [MD5.D6851C3AB06BAFAA751A3B466C138501] - |A| - [15/05/2013 23:30:57] - (.-.) - [15921.09 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2804576_20130516_003055568-Microsoft .NET Framework 4 Client Profile-MSP0.txt [MD5.9B240BE15816938D8C396E3D44D386BA] - |A| - [15/05/2013 23:30:55] - (.-.) - [63.63 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2804576_20130516_003055568.html [MD5.00000000000000000000000000000000] - |D| - [10/07/2013 20:03:18] - [0 Ko] - C:\Windows\Temp\KB2835393_10.0.30319 [MD5.9AE1E7C36B97F43EFD503D155798C58B] - |A| - [10/07/2013 20:03:20] - (.-.) - [17755.97 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2835393_20130710_210318423-Microsoft .NET Framework 4 Client Profile-MSP0.txt [MD5.E8A9C9CCFC935A69063BC263AEB44FB3] - |A| - [10/07/2013 20:03:18] - (.-.) - [63.8 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2835393_20130710_210318423.html [MD5.00000000000000000000000000000000] - |D| - [05/11/2013 10:17:12] - [0 Ko] - C:\Windows\Temp\KB2836939v3_10.0.30319 [MD5.C12329165DA1240E90345AFFEDDAA89E] - |A| - [05/11/2013 10:17:14] - (.-.) - [20297.96 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2836939v3_20131105_101712879-Microsoft .NET Framework 4 Client Profile-MSP0.txt [MD5.678C0B6423DACF4BE59EB77165E2A300] - |A| - [05/11/2013 10:17:12] - (.-.) - [63.98 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2836939v3_20131105_101712879.html [MD5.00000000000000000000000000000000] - |D| - [07/07/2013 09:33:07] - [0 Ko] - C:\Windows\Temp\KB2836939_10.0.30319 [MD5.732A0E53B42CB7A0F4E797F04975FB9C] - |A| - [07/07/2013 09:33:10] - (.-.) - [16809.86 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2836939_20130707_103307827-Microsoft .NET Framework 4 Client Profile-MSP0.txt [MD5.125AA1F4611BFD5E5F6D3D24B17BCD34] - |A| - [07/07/2013 09:33:07] - (.-.) - [63.34 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2836939_20130707_103307827.html [MD5.00000000000000000000000000000000] - |D| - [20/08/2013 13:10:56] - [0 Ko] - C:\Windows\Temp\KB2840628v2_10.0.30319 [MD5.ED7EDD1BEB87345BCFA371EB1D487834] - |A| - [20/08/2013 13:10:58] - (.-.) - [19527.5 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2840628v2_20130820_141056745-Microsoft .NET Framework 4 Client Profile-MSP0.txt [MD5.3363164336D6C602AA1353AF621A8783] - |A| - [20/08/2013 13:10:55] - (.-.) - [63.59 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2840628v2_20130820_141056745.html [MD5.00000000000000000000000000000000] - |D| - [10/07/2013 20:09:31] - [0 Ko] - C:\Windows\Temp\KB2840628_10.0.30319 [MD5.63D16FF3C8CD81E1C6296DF98BDAB4AA] - |A| - [10/07/2013 20:09:33] - (.-.) - [18651.61 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2840628_20130710_210931892-Microsoft .NET Framework 4 Client Profile-MSP0.txt [MD5.9CE85072DC4B3700DDFAD53C5FAF48B8] - |A| - [10/07/2013 20:09:31] - (.-.) - [63.41 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2840628_20130710_210931892.html [MD5.00000000000000000000000000000000] - |D| - [05/11/2013 10:22:28] - [0 Ko] - C:\Windows\Temp\KB2858302v2_10.0.30319 [MD5.973ADEA83E21FB9B24EA229B92C6EEE1] - |A| - [05/11/2013 10:22:29] - (.-.) - [21190.92 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2858302v2_20131105_102228296-Microsoft .NET Framework 4 Client Profile-MSP0.txt [MD5.FD9020B6428F412FE8592CDBF0571506] - |A| - [05/11/2013 10:22:28] - (.-.) - [63.66 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2858302v2_20131105_102228296.html [MD5.7DEDC33045AD32D29A418CAE4705B41C] - |A| - [15/09/2014 11:32:48] - (.-.) - [6754.75 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2894854_20140915_123241724-Microsoft .NET Framework 4.5.1-MSP0.txt [MD5.D23A9324ABC751C8C3D43DE6037EA9EF] - |A| - [15/09/2014 11:32:40] - (.-.) - [87.15 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2894854_20140915_123241724.html [MD5.00000000000000000000000000000000] - |D| - [14/02/2014 09:44:13] - [0 Ko] - C:\Windows\Temp\KB2898855v2_10.0.30319 [MD5.670B2EA24A268DAE4700BA7893C44782] - |A| - [14/02/2014 09:44:17] - (.-.) - [28894.98 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2898855v2_20140214_094413455-Microsoft .NET Framework 4 Client Profile-MSP0.txt [MD5.D70D0B4C9FF848129F2B0A301E00D092] - |A| - [14/02/2014 09:44:12] - (.-.) - [63.71 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2898855v2_20140214_094413455.html [MD5.8FF4D1C69DF3A495E6C995C31B739149] - |A| - [27/02/2014 10:09:03] - (.-.) - [4341.96 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2898869_20140227_100902698-Microsoft .NET Framework 4.5.1-MSP0.txt [MD5.8D5CE3E82ABFD963299DC10C1363E682] - |A| - [27/02/2014 10:09:02] - (.-.) - [77.12 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2898869_20140227_100902698.html [MD5.00000000000000000000000000000000] - |D| - [14/02/2014 09:49:14] - [0 Ko] - C:\Windows\Temp\KB2901110v2_10.0.30319 [MD5.E60342107FE6F3270AFF6B387350AEE4] - |A| - [14/02/2014 09:49:16] - (.-.) - [29981.23 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2901110v2_20140214_094914653-Microsoft .NET Framework 4 Client Profile-MSP0.txt [MD5.ED5D87ED238A93B3385552EB5B1BB1A7] - |A| - [14/02/2014 09:49:14] - (.-.) - [63.54 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2901110v2_20140214_094914653.html [MD5.66B2DB3EA15D91CBF6D5F3DD3E9B0151] - |A| - [27/02/2014 10:07:39] - (.-.) - [3373.09 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2901126_20140227_100738190-Microsoft .NET Framework 4.5.1-MSP0.txt [MD5.907075B7EA61C34E64BCD686FC9F5769] - |A| - [27/02/2014 10:07:37] - (.-.) - [76.9 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2901126_20140227_100738190.html [MD5.8844935FADA4812FA5C4DA4B489E15E8] - |A| - [15/05/2014 12:42:28] - (.-.) - [2226.47 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2931368_20140515_134224325-Microsoft .NET Framework 4.5.1-MSP0.txt [MD5.9439B1293E5641D06338B45F17022C64] - |A| - [15/05/2014 12:42:22] - (.-.) - [82.07 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2931368_20140515_134224325.html [MD5.108FAFC797BD14B7EA7FFA4202D357CC] - |A| - [16/10/2014 08:37:45] - (.-.) - [4342.39 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2972107_20141016_093744485-Microsoft .NET Framework 4.5.1-MSP0.txt [MD5.5D54118017E5856E01A121ED74F101BE] - |A| - [16/10/2014 08:37:44] - (.-.) - [90.27 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2972107_20141016_093744485.html [MD5.99D8CCB2FF01515CA3C83EF81986E895] - |A| - [15/09/2014 11:36:12] - (.-.) - [8219.38 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2972216_20140915_123611414-Microsoft .NET Framework 4.5.1-MSP0.txt [MD5.FC484DD073D2EBBB520B9C7317438BAD] - |A| - [15/09/2014 11:36:11] - (.-.) - [91.58 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2972216_20140915_123611414.html [MD5.664B26428A6AF6D4891A0887BAB9D966] - |A| - [14/11/2014 09:03:49] - (.-.) - [2649.33 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2978128_20141114_090328341-Microsoft .NET Framework 4.5.1-MSP0.txt [MD5.51EAE26B7717C73F5EC0BDDA826968D7] - |A| - [14/11/2014 09:03:27] - (.-.) - [89.3 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2978128_20141114_090328341.html [MD5.1362AC413EEBDE3366FD05B320A4D84C] - |A| - [16/10/2014 08:36:38] - (.-.) - [4118.73 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2979578_20141016_093635641-Microsoft .NET Framework 4.5.1-MSP0.txt [MD5.42C501FB8E1F656CCDC12B7221EBB300] - |A| - [16/10/2014 08:36:23] - (.-.) - [89.86 Ko] - (0.0.0.0) - C:\Windows\Temp\KB2979578_20141016_093635641.html [MD5.00ED14F99BBAEF2B18E36737C6511ECF] - |A| - [15/05/2015 16:28:56] - (.-.) - [4953.34 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3023224_20150515_172854147-Microsoft .NET Framework 4.5.1-MSP0.txt [MD5.EDCFCE8813A2C5AEB01B08D2C6C83E77] - |A| - [15/05/2015 16:28:29] - (.-.) - [98.03 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3023224_20150515_172854147.html [MD5.26C2BFB4F4D06AC25149A13CD6103960] - |A| - [15/05/2015 16:31:28] - (.-.) - [5181.33 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3035490_20150515_173126379-Microsoft .NET Framework 4.5.1-MSP0.txt [MD5.E3591D057A8E8D48058934138FA61C9A] - |A| - [15/05/2015 16:31:25] - (.-.) - [97.86 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3035490_20150515_173126379.html [MD5.546B07806CA08951C8E44B205AFD9E84] - |A| - [25/04/2015 08:11:39] - (.-.) - [8168.64 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3037581_20150425_091116817-Microsoft .NET Framework 4.5.1-MSP0.txt [MD5.F1CCA3E2CC6E622DC81DDB3B7D4D4A44] - |A| - [25/04/2015 08:11:15] - (.-.) - [99.17 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3037581_20150425_091116817.html [MD5.EBE0AB08DBEC82A4402E3F478E8E956D] - |A| - [10/09/2015 17:38:07] - (.-.) - [3083.98 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3074230_20150910_183804150-Microsoft .NET Framework 4.5.2-MSP0.txt [MD5.A75A4E851664F3FE14BDAEC3DA52FEF5] - |A| - [10/09/2015 17:38:03] - (.-.) - [100.67 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3074230_20150910_183804150.html [MD5.0B03BA2BBEDE341F63BBF6AA45E5A56B] - |A| - [10/09/2015 17:45:48] - (.-.) - [3290.7 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3074550_20150910_184547221-Microsoft .NET Framework 4.5.2-MSP0.txt [MD5.40C3A5CBC657597C4D7E09B232A7DD82] - |A| - [10/09/2015 17:45:46] - (.-.) - [103.19 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3074550_20150910_184547221.html [MD5.416E3DFB06F321A36B6CDE46006A8D49] - |A| - [03/12/2015 19:57:22] - (.-.) - [3698.74 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3097996_20151203_195721015-Microsoft .NET Framework 4.5.2-MSP0.txt [MD5.668F07425D093BFBA44651ADE96B7CA1] - |A| - [03/12/2015 19:57:20] - (.-.) - [106.3 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3097996_20151203_195721015.html [MD5.C1720B709A5AF7B52EA35DCDB612434E] - |A| - [03/12/2015 19:48:53] - (.-.) - [6405.89 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3098781_20151203_194847555-Microsoft .NET Framework 4.5.2-MSP0.txt [MD5.066AAF88D8B591D2B04E3C2657EA8E71] - |A| - [03/12/2015 19:48:24] - (.-.) - [108.08 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3098781_20151203_194847555.html [MD5.F323E221AAFDBEFEB6186B2E9B78506F] - |A| - [13/02/2016 09:54:08] - (.-.) - [4183.18 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3122656_20160213_095407488-Microsoft .NET Framework 4.5.2-MSP0.txt [MD5.28D41835821BD5B70E1444B9E119341B] - |A| - [13/02/2016 09:54:07] - (.-.) - [106.63 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3122656_20160213_095407488.html [MD5.433A985A12BA260A00ECA80A3546F355] - |A| - [03/04/2016 13:35:40] - (.-.) - [3236.59 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3122661_20160403_143535741-Microsoft .NET Framework 4.6.1-MSP0.txt [MD5.62C95EAB0394FF29F5778CA30F5BF600] - |A| - [03/04/2016 13:35:34] - (.-.) - [76.68 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3122661_20160403_143535741.html [MD5.85008DD5C4E3514BDB99D808639A2AF0] - |A| - [13/02/2016 09:48:18] - (.-.) - [3891.62 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3127229_20160213_094807022-Microsoft .NET Framework 4.5.2-MSP0.txt [MD5.9606DFE9EF448374EBFA56FED7FB55F4] - |A| - [13/02/2016 09:47:42] - (.-.) - [108.6 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3127229_20160213_094807022.html [MD5.9E8BD0E5D442B5B05A3278220EDD10F3] - |A| - [03/04/2016 13:38:00] - (.-.) - [3367.77 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3127233_20160403_143758949-Microsoft .NET Framework 4.6.1-MSP0.txt [MD5.30C92AA517C83DE291DC49022CBB8F6F] - |A| - [03/04/2016 13:37:57] - (.-.) - [76.58 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3127233_20160403_143758949.html [MD5.55941733E468A8444356B73AF1E913A0] - |A| - [11/03/2016 11:37:40] - (.-.) - [7653.67 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3135996_20160311_113730296-Microsoft .NET Framework 4.5.2-MSP0.txt [MD5.66C3070265C8204A557C50CB0B1888B9] - |A| - [11/03/2016 11:37:27] - (.-.) - [113.13 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3135996_20160311_113730296.html [MD5.BB5735928A2AEDFCABE15F1A7098EE6E] - |A| - [03/04/2016 13:38:58] - (.-.) - [6520.72 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3136000_20160403_143857059-Microsoft .NET Framework 4.6.1-MSP0.txt [MD5.7273574E9A325628C9B542AA86E31E71] - |A| - [03/04/2016 13:38:55] - (.-.) - [78.13 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3136000_20160403_143857059.html [MD5.55D3FC3AB5A714971F99E8E0E03F3847] - |A| - [17/05/2016 15:30:58] - (.-.) - [7331.08 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3136000_20160517_163054851-Microsoft .NET Framework 4.6.1-MSP0.txt [MD5.AC85FB936E608EE4BB6B809C0AC52CDF] - |A| - [17/05/2016 15:30:20] - (.-.) - [79.22 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3136000_20160517_163054851.html [MD5.A99668EB3420B2294E348B180019EEAF] - |A| - [12/05/2016 09:29:22] - (.-.) - [3961.97 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3142037_20160512_102907135-Microsoft .NET Framework 4.6.1-MSP0.txt [MD5.46871E7DE308ADBC99F32B4BC3DDDC56] - |A| - [12/05/2016 09:28:31] - (.-.) - [77.2 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3142037_20160512_102907135.html [MD5.A34D425E955680CAD3BE5C7545CC98BC] - |A| - [15/04/2016 09:25:32] - (.-.) - [4592.14 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3143693_20160415_102530469-Microsoft .NET Framework 4.6.1-MSP0.txt [MD5.7BE3A3D2F186F2CB909CD545AD1118A0] - |A| - [15/04/2016 09:25:29] - (.-.) - [78.01 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3143693_20160415_102530469.html [MD5.829333FAD3AD948CE2C6213806D4BB91] - |A| - [26/09/2016 08:05:38] - (.-.) - [6509.61 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3164025_20160926_090525526-Microsoft .NET Framework 4.6.1-MSP0.txt [MD5.630735C60E34A85E2DC95568CCBF9B8A] - |A| - [26/09/2016 08:05:12] - (.-.) - [77.96 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3164025_20160926_090525526.html [MD5.F587CF74821771B1D0CFEAA2D05E5D31] - |A| - [16/12/2016 08:54:21] - (.-.) - [16792.45 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3210136_20161216_085410187-Microsoft .NET Framework 4.6.1-MSP0.txt [MD5.507C09590D38C193E270FE0C16B7D19E] - |A| - [16/12/2016 08:53:58] - (.-.) - [78.13 Ko] - (0.0.0.0) - C:\Windows\Temp\KB3210136_20161216_085410187.html [MD5.03D7B3B27F88AEE0BE52F65DE0E567DC] - |A| - [11/05/2017 08:03:55] - (.-.) - [17393.2 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4014511_20170511_090342454-Microsoft .NET Framework 4.6.1-MSP0.txt [MD5.503669AD5D7A0003BEABCF32773396A4] - |A| - [11/05/2017 08:03:41] - (.-.) - [77.44 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4014511_20170511_090342454.html [MD5.49F3876E72BCBB2C26E9B8C366EAD24E] - |A| - [13/04/2017 08:10:14] - (.-.) - [16717.8 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4014553_20170413_090934881-Microsoft .NET Framework 4.6.1-MSP0.txt [MD5.1D3A3B7EF2A678BCEEDBF9E7375148CB] - |A| - [13/04/2017 08:09:14] - (.-.) - [77.92 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4014553_20170413_090934881.html [MD5.B5EBE7895AB72DCC034EB61845E94145] - |A| - [17/09/2017 06:51:58] - (.-.) - [8384.1 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4040973_20170917_075139628-Microsoft .NET Framework 4.7-MSP0.txt [MD5.0D1CDBBE19941CFC3EEA8D8919AADB3F] - |A| - [17/09/2017 06:51:37] - (.-.) - [96.77 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4040973_20170917_075139628.html [MD5.2623F1C15A7CAD47E06AD6580F44BF75] - |A| - [17/11/2017 07:59:52] - (.-.) - [9209.41 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4041778_20171117_075941700-Microsoft .NET Framework 4.7-MSP0.txt [MD5.9F5B18D6EECD65DD88538913C46D1FD4] - |A| - [17/11/2017 07:59:37] - (.-.) - [97.31 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4041778_20171117_075941700.html [MD5.E085927E5B1123FB623D86C6C98EE506] - |A| - [12/10/2017 07:16:20] - (.-.) - [8720.68 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4043764_20171012_081613925-Microsoft .NET Framework 4.7-MSP0.txt [MD5.E8BDC0C45AA956D5F5D14572401A7B20] - |A| - [12/10/2017 07:16:11] - (.-.) - [97.78 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4043764_20171012_081613925.html [MD5.AD9BC5CD724B34B885BC0F2874EC987E] - |A| - [20/02/2018 15:51:16] - (.-.) - [6628.53 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4054852_20180220_155114076-Microsoft .NET Framework 4.7.1-MSP0.txt [MD5.3EF5855044B69CBE723AF4CF698FAA35] - |A| - [20/02/2018 15:51:13] - (.-.) - [76.78 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4054852_20180220_155114076.html [MD5.3672F126C65ABB029DEC00D03150F584] - |A| - [16/02/2018 11:46:40] - (.-.) - [10166.13 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4054981_20180216_114631357-Microsoft .NET Framework 4.7-MSP0.txt [MD5.8D99CFC241233D946C93EBA531884227] - |A| - [16/02/2018 11:45:37] - (.-.) - [96.87 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4054981_20180216_114631357.html [MD5.C6110A0984A72E8BF29877E77290E1BF] - |A| - [20/01/2018 10:38:27] - (.-.) - [9759.56 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4074880_20180120_103815534-Microsoft .NET Framework 4.7-MSP0.txt [MD5.5D49077AFAE7F675B813A6D3190CECA1] - |A| - [20/01/2018 10:37:21] - (.-.) - [96.87 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4074880_20180120_103815534.html [MD5.6E4CE0D5958C176F7A3936DF2C62F8EB] - |A| - [25/07/2018 16:01:54] - (.-.) - [3833.53 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4087364_20180725_170150996-Microsoft .NET Framework 4.7.2-MSP0.txt [MD5.02FECB8B74C461239FBC99FB52EC448C] - |A| - [25/07/2018 16:01:46] - (.-.) - [75.74 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4087364_20180725_170150996.html [MD5.80D75EB93777972B226E3853F05F5B49] - |A| - [09/05/2018 18:45:36] - (.-.) - [9058.4 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4096418_20180509_194506271-Microsoft .NET Framework 4.7.1-MSP0.txt [MD5.0B683E653844CAEE597041CCA5ABED3D] - |A| - [09/05/2018 18:44:45] - (.-.) - [98.78 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4096418_20180509_194506271.html [MD5.57B7E2AC55EA813BC640FACEA551AF0B] - |A| - [12/07/2018 07:37:42] - (.-.) - [9516.31 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4338420_20180712_083735526-Microsoft .NET Framework 4.7.1-MSP0.txt [MD5.F27F6D69416237603E1D1602541D802B] - |A| - [12/07/2018 07:36:55] - (.-.) - [98.61 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4338420_20180712_083735526.html [MD5.C35BCBEC1F85A4D356DDAC7DB65510C0] - |A| - [16/08/2018 13:17:42] - (.-.) - [8923.45 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4344146_20180816_141735422-Microsoft .NET Framework 4.7.2-MSP0.txt [MD5.68BE2A19AF388640333841AA28D61D52] - |A| - [16/08/2018 13:16:54] - (.-.) - [100.63 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4344146_20180816_141735422.html [MD5.E44046F3F5EE5D7A71AAEC8669D9A4C2] - |A| - [11/10/2018 12:39:59] - (.-.) - [10013.21 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4457016_20181011_133931453-Microsoft .NET Framework 4.7.2-MSP0.txt [MD5.CD7FE86370E574FC08EFA24AC2BB7CDB] - |A| - [11/10/2018 12:39:24] - (.-.) - [101.73 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4457016_20181011_133931453.html [MD5.BA125EF955BE7CBECA1AF9023E65FE38] - |A| - [13/09/2018 12:25:56] - (.-.) - [9514.74 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4457035_20180913_132552243-Microsoft .NET Framework 4.7.2-MSP0.txt [MD5.5D276FCD7DB194188B5F606C83704C78] - |A| - [13/09/2018 12:25:48] - (.-.) - [101.04 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4457035_20180913_132552243.html [MD5.AD2EC21576EB598B59805A3044C5B882] - |A| - [17/11/2018 07:27:35] - (.-.) - [10514.18 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4459942_20181117_072726543-Microsoft .NET Framework 4.7.2-MSP0.txt [MD5.61D944F409D8C98A265C71791360684E] - |A| - [17/11/2018 07:27:25] - (.-.) - [101.13 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4459942_20181117_072726543.html [MD5.44A5212D3B9AC31DA2EC843FAEEFD388] - |A| - [13/12/2018 13:24:12] - (.-.) - [10943.44 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4470640_20181213_132408618-Microsoft .NET Framework 4.7.2-MSP0.txt [MD5.72D3461E01349500452C984475A6C5EF] - |A| - [13/12/2018 13:24:07] - (.-.) - [101.68 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4470640_20181213_132408618.html [MD5.D7D775B61D44D0DD3E6001FF70620651] - |A| - [10/01/2019 15:02:25] - (.-.) - [11400.39 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4480055_20190110_150217674-Microsoft .NET Framework 4.7.2-MSP0.txt [MD5.37F11CAA350AFEADA1CDAD3D6C458743] - |A| - [10/01/2019 15:01:39] - (.-.) - [99.25 Ko] - (0.0.0.0) - C:\Windows\Temp\KB4480055_20190110_150217674.html [MD5.8FAD3A22AE9D44B691CD3B0CBD79FA53] - |AT| - [22/02/2013 00:28:49] - (.-.) - [2 Ko] - (0.0.0.0) - C:\Windows\Temp\mcafee_47TKCig8jWbeWNa [MD5.8FAD3A22AE9D44B691CD3B0CBD79FA53] - |AT| - [26/04/2013 19:24:59] - (.-.) - [2 Ko] - (0.0.0.0) - C:\Windows\Temp\mcafee_IKbzUkfUdPznd08 [MD5.8FAD3A22AE9D44B691CD3B0CBD79FA53] - |AT| - [20/02/2013 15:49:22] - (.-.) - [2 Ko] - (0.0.0.0) - C:\Windows\Temp\mcafee_S9drARiPTx6UYft [MD5.8B347750F5D233BC53BB9B59D5251894] - |A| - [22/02/2013 16:53:25] - (.-.) - [7071.62 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4 Client Profile Setup_20130222_165316852-MSI_netfx_Core_x64.msi.txt [MD5.1BFEE9CDC25A6D85B8EEF92117816904] - |A| - [22/02/2013 16:53:10] - (.-.) - [556.6 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4 Client Profile Setup_20130222_165316852.html [MD5.00000000000000000000000000000000] - |D| - [22/02/2013 16:53:20] - [0 Ko] - C:\Windows\Temp\Microsoft .NET Framework 4 Client Profile Setup_4.0.30319 [MD5.B71E5BB12A90CDB07711E24601FC7953] - |A| - [27/02/2014 10:05:46] - (.-.) - [3986.23 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.5.1 (FRA) Setup_20140227_100541655-MSI_netfx_FullLP_GDR_x64.msi.txt [MD5.A4B68E0820F71A08C4014B97F97683DA] - |A| - [27/02/2014 10:05:30] - (.-.) - [495.11 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.5.1 (FRA) Setup_20140227_100541655.html [MD5.AAC7DFCD6C81F05754EECE80E04E9152] - |A| - [26/02/2014 11:00:23] - (.-.) - [16610.36 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.5.1 Setup_20140226_110017996-MSI_netfx_Full_GDR_x64.msi.txt [MD5.0806509265227E1AF638ACA84285363D] - |A| - [26/02/2014 10:59:59] - (.-.) - [1150.97 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.5.1 Setup_20140226_110017996.html [MD5.8146073364233454D21985B5F6B2511A] - |A| - [20/12/2015 20:11:37] - (.-.) - [5679.59 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.5.2 (FRA) Setup_20151220_201135954-MSI_netfx_FullLP_GDR_x64.msi.txt [MD5.9D642BEDEF2FFF66A03881665C60608E] - |A| - [20/12/2015 20:11:35] - (.-.) - [537.96 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.5.2 (FRA) Setup_20151220_201135954.html [MD5.C3A6E0E2BE9942D6120B0D6118A03B42] - |A| - [04/09/2015 10:58:03] - (.-.) - [17113.37 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.5.2 Setup_20150904_115754139-MSI_netfx_Full_GDR_x64.msi.txt [MD5.34F0A5408DEA1B07F3DE4AA5B028E4DB] - |A| - [04/09/2015 10:57:46] - (.-.) - [1124.38 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.5.2 Setup_20150904_115754139.html [MD5.FAEB3ECD361BE4B90AF05FE42E7532A9] - |A| - [30/04/2016 07:56:51] - (.-.) - [5693.4 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.6.1 (FRA) Setup_20160430_085647349-MSI_netfx_FullLP_x64.msi.txt [MD5.5D48DC4E91B20F2E29BD17431484A059] - |A| - [30/04/2016 07:55:49] - (.-.) - [407.33 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.6.1 (FRA) Setup_20160430_085647349.html [MD5.7898E58AEABD9643CA4CE82A59A7D6EB] - |A| - [02/04/2016 10:51:45] - (.-.) - [17180.57 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.6.1 Setup_20160402_115140853-MSI_netfx_Full_x64.msi.txt [MD5.29FC83B6BD0743C15049E06E57545B9D] - |A| - [02/04/2016 10:51:06] - (.-.) - [716.95 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.6.1 Setup_20160402_115140853.html [MD5.0C482DE242833F9BBF038256E19D09D6] - |A| - [26/07/2017 09:48:30] - (.-.) - [5701.06 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.7 (FRA) Setup_20170726_104820374-MSI_netfx_FullLP_x64.msi.txt [MD5.E7F4A8B07604CD1EC310D30BCCEC58A1] - |A| - [26/07/2017 09:46:30] - (.-.) - [402.09 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.7 (FRA) Setup_20170726_104820374.html [MD5.94B8B519C2821AFF275E6CFD5942D005] - |A| - [25/06/2017 06:50:42] - (.-.) - [16819.34 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.7 Setup_20170625_075029636-MSI_netfx_Full_x64.msi.txt [MD5.8E2300B33DF3D53188308492ECCF9777] - |A| - [25/06/2017 06:49:37] - (.-.) - [646.28 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.7 Setup_20170625_075029636.html [MD5.6B259F4523F4719B05692851750345ED] - |A| - [05/03/2018 08:24:09] - (.-.) - [5685.96 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.7.1 (FRA) Setup_20180305_082405847-MSI_netfx_FullLP_x64.msi.txt [MD5.821DBFCDD032EC8E963ED02BBE15F465] - |A| - [05/03/2018 08:22:43] - (.-.) - [379.92 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.7.1 (FRA) Setup_20180305_082405847.html [MD5.740BD52508E30F1C5431257E53B26F4B] - |A| - [20/02/2018 15:41:39] - (.-.) - [17148.06 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.7.1 Setup_20180220_154130649-MSI_netfx_Full_x64.msi.txt [MD5.D553A65A46F91BA249EE087BFFB31F78] - |A| - [20/02/2018 15:39:47] - (.-.) - [639 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.7.1 Setup_20180220_154130649.html [MD5.8C6A914C2F9BA8CEE3437A76000B71DA] - |A| - [13/09/2018 12:22:54] - (.-.) - [5685.73 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.7.2 (FRA) Setup_20180913_132250162-MSI_netfx_FullLP_x64.msi.txt [MD5.20454D7C3AFD5B20FC888643521102D5] - |A| - [13/09/2018 12:22:48] - (.-.) - [427.19 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.7.2 (FRA) Setup_20180913_132250162.html [MD5.13702D6FF7F9DEC9337392D2E9020E01] - |A| - [25/07/2018 06:41:45] - (.-.) - [17331.61 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.7.2 Setup_20180725_074134797-MSI_netfx_Full_x64.msi.txt [MD5.D0D265DBD61B6F27B4F5EAD61D2E5BAC] - |A| - [25/07/2018 06:40:22] - (.-.) - [637.58 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework 4.7.2 Setup_20180725_074134797.html [MD5.EB9CAB1700436A10C2BDAA916D134A99] - |A| - [22/02/2013 16:59:11] - (.-.) - [2097.9 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework Client Profile Language Pack Setup_20130222_165910364-MSI_netfx_CoreLP_x64.msi.txt [MD5.973898F3E359AB95C3CD3ACF5F9C9249] - |A| - [22/02/2013 16:59:09] - (.-.) - [244.63 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft .NET Framework Client Profile Language Pack Setup_20130222_165910364.html [MD5.00000000000000000000000000000000] - |D| - [22/02/2013 16:59:10] - [0 Ko] - C:\Windows\Temp\Microsoft .NET Framework Client Profile Language Pack Setup_4.0.30319 [MD5.00000000000000000000000000000000] - |D| - [11/03/2016 11:41:00] - [0 Ko] - C:\Windows\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.30319 [MD5.6263AFA45B0BD2505D78DD08C4354B33] - |A| - [11/03/2016 11:41:05] - (.-.) - [302.7 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20160311_114100173-Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-MSP0.txt [MD5.66FAE6191E6FCB05AD0A248366302C52] - |A| - [11/03/2016 11:41:01] - (.-.) - [335.59 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20160311_114100173-MSI_vc_red.msi.txt [MD5.47C1880044082A4B4DAD6BAE4B10BBD2] - |A| - [11/03/2016 11:40:59] - (.-.) - [96.95 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20160311_114100173.html [MD5.00000000000000000000000000000000] - |D| - [08/12/2013 10:50:39] - [0 Ko] - C:\Windows\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219 [MD5.1186B330BBE5DCC6A633EA8B931D710B] - |A| - [08/12/2013 10:50:41] - (.-.) - [373.44 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20131208_105039509-Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-MSP0.txt [MD5.2B322DA3E5A168E8469F51A5ACB3294F] - |A| - [08/12/2013 10:50:38] - (.-.) - [77.05 Ko] - (0.0.0.0) - C:\Windows\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20131208_105039509.html [MD5.F8D3995004DEDEAB2DD14DECF809E673] - |A| - [23/02/2013 21:00:19] - (.-.) - [993.76 Ko] - (0.0.0.0) - C:\Windows\Temp\MpCmdRun.log [MD5.00000000000000000000000000000000] - |D| - [09/06/2013 14:54:28] - [0 Ko] - C:\Windows\Temp\MPInstrumentation [MD5.B6B7D46FFE9FA2A24E9102B0C55FD9DD] - |A| - [13/05/2013 19:54:04] - (.-.) - [320.42 Ko] - (0.0.0.0) - C:\Windows\Temp\MpSigStub.log [MD5.00000000000000000000000000000000] - |D| - [20/08/2013 14:11:45] - [0 Ko] - C:\Windows\Temp\MPTelemetrySubmit [MD5.4F109CC50739BCB1CF4C97AEF29D4332] - |A| - [11/04/2014 10:32:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\Windows\Temp\nsc4A4B.tmp [MD5.67CE43BCA42A7D308827A81AAAF10394] - |A| - [31/08/2014 22:38:46] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\Windows\Temp\nsd73EA.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [10/07/2014 00:15:35] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nse4C1A.tmp [MD5.C871AD2D69D8BE2371417CAF4EE55D13] - |A| - [24/12/2013 12:45:56] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\Windows\Temp\nse6AD7.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [12/05/2014 16:46:00] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nse965C.tmp [MD5.43ECEA2921CB6BB68B570119344E6DE2] - |A| - [10/07/2014 13:24:42] - (.-.) - [0.56 Ko] - (0.0.0.0) - C:\Windows\Temp\nsgC00F.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [11/04/2014 10:32:48] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsh6D27.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [02/06/2014 22:47:49] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsi707D.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [31/08/2014 22:38:47] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsi784E.tmp [MD5.4F109CC50739BCB1CF4C97AEF29D4332] - |A| - [14/04/2014 18:20:22] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\Windows\Temp\nsi9337.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [11/04/2014 10:33:05] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsiB169.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [14/04/2014 18:20:34] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsiC224.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [14/04/2014 18:20:45] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsiEEA1.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [16/03/2014 18:15:02] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsj1ED9.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [24/12/2013 12:46:00] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsj7C07.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [24/12/2013 12:46:01] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsj7D8E.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [10/07/2014 13:25:10] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsl2ECA.tmp [MD5.CBFBF18718D26BB2774D130B88165012] - |A| - [16/01/2014 21:03:56] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\Windows\Temp\nslFFEC.tmp [MD5.B6301C145B0F675FCE72FFE55A8D6EA7] - |A| - [19/05/2014 16:23:33] - (.-.) - [0.42 Ko] - (0.0.0.0) - C:\Windows\Temp\nsm417D.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [19/05/2014 16:23:35] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsm465E.tmp [MD5.6315B46E064ED3BD00E6F25606919B09] - |A| - [20/08/2014 17:48:11] - (.-.) - [0.75 Ko] - (0.0.0.0) - C:\Windows\Temp\nsn43B6.tmp [MD5.4F109CC50739BCB1CF4C97AEF29D4332] - |A| - [11/04/2014 10:32:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\Windows\Temp\nsn49EE.tmp [MD5.4F109CC50739BCB1CF4C97AEF29D4332] - |A| - [16/03/2014 18:15:01] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\Windows\Temp\nso1B01.tmp [MD5.B6301C145B0F675FCE72FFE55A8D6EA7] - |A| - [12/05/2014 16:45:58] - (.-.) - [0.42 Ko] - (0.0.0.0) - C:\Windows\Temp\nso9033.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [31/08/2014 22:39:03] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsoB475.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [10/07/2014 00:15:46] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsp7702.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [16/01/2014 21:04:29] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsq81D9.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [19/05/2014 16:23:44] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsr6B0E.tmp [MD5.4F109CC50739BCB1CF4C97AEF29D4332] - |A| - [15/02/2014 10:12:22] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\Windows\Temp\nss2FD9.tmp [MD5.4F109CC50739BCB1CF4C97AEF29D4332] - |A| - [15/02/2014 10:12:22] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\Windows\Temp\nss3111.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [11/04/2014 10:32:50] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nss7504.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [11/04/2014 10:33:12] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nssCCC5.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [02/06/2014 22:47:36] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nst3CEF.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/08/2014 17:48:12] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nst47CD.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [24/12/2013 12:46:01] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nst7F9E.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [24/12/2013 12:46:23] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nstD408.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [16/01/2014 21:03:58] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsv72D.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [10/07/2014 13:24:59] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsw376.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [15/02/2014 10:12:23] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsx3611.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [15/02/2014 10:12:24] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsx36FB.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [15/02/2014 10:12:48] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsx96A8.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [15/02/2014 10:13:11] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsxF03C.tmp [MD5.B6301C145B0F675FCE72FFE55A8D6EA7] - |A| - [02/06/2014 22:47:35] - (.-.) - [0.42 Ko] - (0.0.0.0) - C:\Windows\Temp\nsy387B.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/08/2014 17:48:24] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsy785F.tmp [MD5.43ECEA2921CB6BB68B570119344E6DE2] - |A| - [10/07/2014 00:15:29] - (.-.) - [0.56 Ko] - (0.0.0.0) - C:\Windows\Temp\nsz3436.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [16/03/2014 18:15:27] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nsz7E48.tmp [MD5.6B106EE1BEE0DD0F48A00EF98F54AAB1] - |A| - [24/12/2013 12:46:02] - (.-.) - [0.01 Ko] - (0.0.0.0) - C:\Windows\Temp\nsz805B.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [12/05/2014 16:46:13] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\nszCBDE.tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [16/08/2018 13:18:26] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI1805.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [16/08/2018 13:18:26] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI1805.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [12/07/2018 07:38:32] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI2559.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [12/07/2018 07:38:32] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI2559.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [25/06/2017 06:53:46] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI272D.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [25/06/2017 06:53:46] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI272D.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [11/10/2018 12:42:16] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI32B9.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [11/10/2018 12:42:16] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI32B9.tmp-tmp [MD5.1CDD0CF8D778AD74BE6D4E2A4ADC5B48] - |A| - [20/12/2015 20:12:20] - (.-.) - [10.16 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI3A41.tmp [MD5.72D6921FB1170EA371B02443F8D8531E] - |A| - [20/12/2015 20:12:20] - (.-.) - [8.73 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI3A41.tmp-tmp [MD5.BF1AED82F7BA35A8D1D075FF6FED7C89] - |A| - [27/02/2014 10:07:16] - (.-.) - [10.13 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI47CA.tmp [MD5.6F430C55AEC23BC128397127F8E31B19] - |A| - [27/02/2014 10:07:16] - (.-.) - [8.7 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI47CA.tmp-tmp [MD5.1CDD0CF8D778AD74BE6D4E2A4ADC5B48] - |A| - [15/09/2014 11:33:24] - (.-.) - [10.16 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI4A5D.tmp [MD5.72D6921FB1170EA371B02443F8D8531E] - |A| - [15/09/2014 11:33:24] - (.-.) - [8.73 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI4A5D.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [17/09/2017 06:55:01] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI5376.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [17/09/2017 06:55:01] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI5376.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [05/03/2018 08:26:12] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI8C3D.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [05/03/2018 08:26:12] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI8C3D.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [17/11/2018 07:28:26] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI8E45.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [17/11/2018 07:28:26] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI8E45.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [13/09/2018 12:24:01] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI9449.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [13/09/2018 12:24:01] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGI9449.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [20/02/2018 15:46:46] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIA0C2.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [20/02/2018 15:46:46] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIA0C2.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [26/07/2017 09:49:54] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIA98F.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [26/07/2017 09:49:54] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIA98F.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [13/09/2018 12:27:24] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIACE7.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [13/09/2018 12:27:24] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIACE7.tmp-tmp [MD5.1CDD0CF8D778AD74BE6D4E2A4ADC5B48] - |A| - [03/12/2015 19:49:13] - (.-.) - [10.16 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIB27E.tmp [MD5.72D6921FB1170EA371B02443F8D8531E] - |A| - [03/12/2015 19:49:13] - (.-.) - [8.73 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIB27E.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [25/07/2018 06:45:03] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIB77F.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [25/07/2018 06:45:03] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIB77F.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [20/01/2018 10:40:10] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIBF5B.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [20/01/2018 10:40:10] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIBF5B.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [16/02/2018 11:47:45] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIC415.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [16/02/2018 11:47:45] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIC415.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [12/10/2017 07:17:18] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIC6C7.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [12/10/2017 07:17:18] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIC6C7.tmp-tmp [MD5.CFE2F1194768EBE8914C07C57CBADA52] - |A| - [26/02/2014 11:02:50] - (.-.) - [10.1 Ko] - (0.0.0.0) - C:\Windows\Temp\RGICA49.tmp [MD5.6F430C55AEC23BC128397127F8E31B19] - |A| - [26/02/2014 11:02:50] - (.-.) - [8.7 Ko] - (0.0.0.0) - C:\Windows\Temp\RGICA49.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [16/12/2016 08:56:39] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGICB4E.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [16/12/2016 08:56:39] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGICB4E.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [02/04/2016 10:55:05] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGICDB8.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [02/04/2016 10:55:05] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGICDB8.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [11/05/2017 08:05:14] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGID2C6.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [11/05/2017 08:05:14] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGID2C6.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [30/04/2016 07:58:43] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGID3FF.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [30/04/2016 07:58:43] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGID3FF.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [10/01/2019 15:03:04] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGID50.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [10/01/2019 15:03:04] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGID50.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [09/05/2018 18:47:43] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIDC7E.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [09/05/2018 18:47:43] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIDC7E.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [17/11/2017 08:01:06] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIE827.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [17/11/2017 08:01:06] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIE827.tmp-tmp [MD5.1CDD0CF8D778AD74BE6D4E2A4ADC5B48] - |A| - [04/09/2015 11:00:27] - (.-.) - [10.16 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIEAD6.tmp [MD5.72D6921FB1170EA371B02443F8D8531E] - |A| - [04/09/2015 11:00:27] - (.-.) - [8.73 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIEAD6.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [13/12/2018 13:24:55] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIFA48.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [13/12/2018 13:24:55] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIFA48.tmp-tmp [MD5.BF1AED82F7BA35A8D1D075FF6FED7C89] - |A| - [27/02/2014 10:08:02] - (.-.) - [10.13 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIFBDD.tmp [MD5.6F430C55AEC23BC128397127F8E31B19] - |A| - [27/02/2014 10:08:02] - (.-.) - [8.7 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIFBDD.tmp-tmp [MD5.1CDD0CF8D778AD74BE6D4E2A4ADC5B48] - |A| - [25/04/2015 08:12:09] - (.-.) - [10.16 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIFC0C.tmp [MD5.72D6921FB1170EA371B02443F8D8531E] - |A| - [25/04/2015 08:12:09] - (.-.) - [8.73 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIFC0C.tmp-tmp [MD5.13CD2799AF29E35E7536BE89B4482574] - |A| - [13/04/2017 08:12:46] - (.-.) - [10.22 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIFE20.tmp [MD5.4AAE089D3731C3F9DCA27587E61CC4A2] - |A| - [13/04/2017 08:12:46] - (.-.) - [8.79 Ko] - (0.0.0.0) - C:\Windows\Temp\RGIFE20.tmp-tmp [MD5.00000000000000000000000000000000] - |D| - [25/08/2013 12:28:14] - [32.62 Ko] - C:\Windows\Temp\scoped_dir_5836_12596 [MD5.00000000000000000000000000000000] - |D| - [25/08/2013 12:28:14] - [34.01 Ko] - C:\Windows\Temp\scoped_dir_5836_12704 [MD5.00000000000000000000000000000000] - |D| - [25/08/2013 12:28:14] - [7.79 Ko] - C:\Windows\Temp\scoped_dir_5836_14838 [MD5.00000000000000000000000000000000] - |D| - [25/08/2013 12:28:14] - [27.08 Ko] - C:\Windows\Temp\scoped_dir_5836_24184 [MD5.00000000000000000000000000000000] - |D| - [25/08/2013 12:28:13] - [2495.53 Ko] - C:\Windows\Temp\scoped_dir_5836_31734 [MD5.00000000000000000000000000000000] - |D| - [25/08/2013 12:28:14] - [33.83 Ko] - C:\Windows\Temp\scoped_dir_5836_4329 [MD5.00000000000000000000000000000000] - |D| - [25/08/2013 12:28:13] - [317.22 Ko] - C:\Windows\Temp\scoped_dir_5836_7862 [MD5.00000000000000000000000000000000] - |D| - [25/08/2013 12:28:14] - [55.74 Ko] - C:\Windows\Temp\scoped_dir_5836_9790 [MD5.654E04B84D36BF482EA27A4386B81A07] - |A| - [03/02/2019 17:22:28] - (.-.) - [149.21 Ko] - (0.0.0.0) - C:\Windows\Temp\sd_4D8B.tmp [MD5.F73AB642D21256290BA0564A1168A1C1] - |A| - [03/02/2019 17:22:09] - (.-.) - [149.11 Ko] - (0.0.0.0) - C:\Windows\Temp\sd_C1.tmp [MD5.D9B885BAACBEEDFD2FAF4C341B8BDC2D] - |A| - [26/06/2013 19:09:53] - (.� McAfee, Inc. - McAfee Security Scan Plus Installer.) - [11378.48 Ko] - (3.11.667.1) - C:\Windows\Temp\SecurityScan_Release.exe [MD5.483EBCA2AD89B2146E89609F27E7B2E3] - |A| - [14/03/2014 09:11:33] - (.-.) - [2.44 Ko] - (0.0.0.0) - C:\Windows\Temp\Silverlight0.log [MD5.F8119B1C01EA0D5E60820531920D172E] - |A| - [14/03/2014 09:11:36] - (.-.) - [5119.48 Ko] - (0.0.0.0) - C:\Windows\Temp\SilverlightMSI.log [MD5.00000000000000000000000000000000] - |D| - [20/02/2013 16:27:26] - [0 Ko] - C:\Windows\Temp\SiteAdvisor{992B3052-D535-4885-A8F5-3EF0C7681304} [MD5.00000000000000000000000000000000] - |D| - [21/02/2013 00:31:45] - [0 Ko] - C:\Windows\Temp\SiteAdvisor{FB9D5E78-560D-4BA9-ACA1-60B4C60B3610} [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [23/05/2015 23:45:26] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\SKY17B7.tmp [MD5.1F9FF408A1395458FE75D9F1DBCD7CA4] - |A| - [26/07/2017 09:50:16] - (.-.) - [3.19 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR183.tmp [MD5.B13E1A6B78B2EEFA3FDC656BA272CC3E] - |A| - [12/10/2017 07:19:53] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR22A2.tmp [MD5.ECC7A4AE112562A5783DA5F063ED161C] - |A| - [17/09/2017 06:58:06] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR276D.tmp [MD5.CE690064A68282B6CE2D1637B6AD97D2] - |A| - [09/05/2018 18:50:13] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR2796.tmp [MD5.FDA4662BCD7D1C32B1C15DC47FEA20A3] - |A| - [13/09/2018 12:30:06] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR2872.tmp [MD5.6107ECCB25B897CBA6F16538E393B91C] - |A| - [03/04/2016 13:37:50] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR2DF4.tmp [MD5.44944F874AB985925B198A9418090BBE] - |A| - [20/02/2018 15:53:58] - (.-.) - [1.72 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR36BF.tmp [MD5.CD14C5F5EABD367302879591D1D414BE] - |A| - [11/05/2017 08:07:54] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR4117.tmp [MD5.12D52594DB1CE707EB7A3BED36BF88B4] - |A| - [13/09/2018 12:24:50] - (.-.) - [1.3 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR54DE.tmp [MD5.48BA361BC35DB0B80312B7C21974098C] - |A| - [17/05/2016 15:33:50] - (.-.) - [1.72 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR58CB.tmp [MD5.635614C07E9CF96A9B1B86143B40221E] - |A| - [25/06/2017 06:57:59] - (.-.) - [11.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR5AF.tmp [MD5.25F90700BF73DB62172C18169D181728] - |A| - [11/10/2018 12:49:01] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR5EEC.tmp [MD5.E50DDB63DFA9F1AECEC79A07AF396064] - |A| - [05/03/2018 08:27:09] - (.-.) - [1.3 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR6919.tmp [MD5.346FF46BFDC4E742D752906434288F2B] - |A| - [17/11/2017 08:03:53] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR7435.tmp [MD5.995E4F725D60B9A3825967CBBAA2FE08] - |A| - [16/02/2018 11:49:36] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR753F.tmp [MD5.C68EB7199C7F339C4955E5B5E48441D7] - |A| - [16/08/2018 13:22:07] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR765F.tmp [MD5.2AB04D9239DD824482218ADCFD116DD6] - |A| - [12/07/2018 07:41:04] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR77F0.tmp [MD5.98D700BC67D2851BC31BB9F5F75D7E7A] - |A| - [20/02/2018 15:50:58] - (.-.) - [4.93 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR789F.tmp [MD5.7F76E62FF527CF3BE7CBC4F6C8669FA2] - |A| - [13/04/2017 08:16:34] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR795C.tmp [MD5.CADCEDD08839310BD2C61F014CB25771] - |A| - [13/12/2018 13:28:45] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR7A54.tmp [MD5.FDE3853107DE3D299CD2C9B933D6E3D8] - |A| - [20/01/2018 10:49:43] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR7C67.tmp [MD5.C5254FF8A6BD9300A741AE7425F5C1B4] - |A| - [25/07/2018 16:04:05] - (.-.) - [1.72 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR8410.tmp [MD5.6ACA2F413EB258FC62BB75282FCC092D] - |A| - [03/04/2016 13:38:46] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR8B8.tmp [MD5.EED796BB87121CC68826F4F9B12AA06F] - |A| - [26/09/2016 08:07:01] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFR9AB4.tmp [MD5.2F72E7F8E1CB97CC19FA40FF775EEC75] - |A| - [16/12/2016 08:58:40] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFRA4A0.tmp [MD5.6DCBD25BE8B611D4D80F65589004D8CB] - |A| - [15/04/2016 09:27:42] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFRA8A2.tmp [MD5.6D1BDE37D8F507267587658894546659] - |A| - [03/04/2016 13:40:38] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFRBAF6.tmp [MD5.3AF79574C1A53A6F3736A2E8622FBD96] - |A| - [30/04/2016 07:59:42] - (.-.) - [4.67 Ko] - (0.0.0.0) - C:\Windows\Temp\TFRBAF8.tmp [MD5.682FBE322009169315116F42ECD393EB] - |A| - [17/11/2018 07:30:52] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFRC80F.tmp [MD5.3E44B3D0282DA63DD5A44FFB4DF66B6C] - |A| - [25/07/2018 12:47:55] - (.-.) - [2.95 Ko] - (0.0.0.0) - C:\Windows\Temp\TFREE24.tmp [MD5.4260FD6AE091260A1C4155544A02D816] - |A| - [10/01/2019 15:07:19] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFRF4E5.tmp [MD5.F4683F4E818F8FB63E5522A58C6A38CF] - |A| - [12/05/2016 09:33:50] - (.-.) - [1.71 Ko] - (0.0.0.0) - C:\Windows\Temp\TFRF751.tmp [MD5.D8EBF527E959B0D6C848394CBDF862D2] - |A| - [02/04/2016 10:57:27] - (.-.) - [10.84 Ko] - (0.0.0.0) - C:\Windows\Temp\TFRFAF4.tmp [MD5.59071590099D21DD439896592338BF95] - |AT| - [29/01/2016 20:01:16] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP000000115B5CE2F8F3EF019D [MD5.59071590099D21DD439896592338BF95] - |AT| - [13/12/2014 21:26:02] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP000000157292291E6098038B [MD5.59071590099D21DD439896592338BF95] - |AT| - [02/02/2015 13:19:38] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP0000001BE07881C1AA2EDA1D [MD5.59071590099D21DD439896592338BF95] - |AT| - [13/03/2016 04:24:50] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP0000001D0FB87792A475FDF7 [MD5.59071590099D21DD439896592338BF95] - |AT| - [14/10/2016 07:15:16] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP000000236AA2D2B0D93DF96C [MD5.59071590099D21DD439896592338BF95] - |AT| - [22/05/2016 15:07:40] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP00000029DC23540FC7D07169 [MD5.59071590099D21DD439896592338BF95] - |AT| - [14/03/2014 23:41:23] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP00000033878AE4160BB964B2 [MD5.59071590099D21DD439896592338BF95] - |AT| - [16/04/2016 09:00:42] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP0000003FE7A2C3E9903965AB [MD5.59071590099D21DD439896592338BF95] - |AT| - [12/05/2016 23:13:00] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP00000041D22834CEF4A55232 [MD5.59071590099D21DD439896592338BF95] - |AT| - [03/06/2016 20:23:20] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP00000041FC252D6B30762312 [MD5.59071590099D21DD439896592338BF95] - |AT| - [25/04/2015 23:16:16] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP0000004CCF1E08A038C40B1D [MD5.F7491CF6C0D7FF9AC1091DC4847A0A5E] - |AT| - [25/04/2015 23:16:20] - (.-.) - [7162 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP0000004D040C6F1820245907 [MD5.59071590099D21DD439896592338BF95] - |AT| - [09/12/2013 10:40:01] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP000000C09BEAA715454810A1 [MD5.59071590099D21DD439896592338BF95] - |AT| - [16/11/2013 11:40:37] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP000000F4BACD2B57E236C56D [MD5.59071590099D21DD439896592338BF95] - |AT| - [27/11/2013 03:06:31] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP000001A73A3802095A78DDB5 [MD5.59071590099D21DD439896592338BF95] - |AT| - [07/09/2017 09:02:14] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP02F1A958BACA1FBB [MD5.59071590099D21DD439896592338BF95] - |AT| - [21/07/2017 08:05:03] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP143BC122A05547EE [MD5.59071590099D21DD439896592338BF95] - |AT| - [16/08/2017 20:07:43] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP15153BBB1615E5C8 [MD5.59071590099D21DD439896592338BF95] - |AT| - [14/12/2017 20:06:29] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP46CD8499D0FDFB7B [MD5.2AFB9576593A2E529CA29B4217D16034] - |A| - [17/07/2015 21:51:15] - (.-.) - [448 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_2379.tmp [MD5.FF7B5DA6737D6551A02C606C18A1D9F2] - |A| - [07/05/2014 07:48:55] - (.-.) - [256 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_277C.tmp [MD5.60264EBE8BDA439DF3DBEF059901101D] - |A| - [04/09/2015 11:47:48] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_2F78.tmp [MD5.AC8FCC087F0D3AF48CFDBFE8F728B3BC] - |A| - [07/05/2014 07:48:58] - (.-.) - [256 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_3091.tmp [MD5.1062463CFB644B81618030BEA3B648C0] - |A| - [22/02/2013 16:48:34] - (.-.) - [256 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_391C.tmp [MD5.CACC1009D991E7865F3F9A2A903BD5BB] - |A| - [04/09/2015 11:47:55] - (.-.) - [384 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_499D.tmp [MD5.D8F58B6E03D985C7970FE85277ABB0AB] - |A| - [20/02/2013 13:44:29] - (.-.) - [256 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_5B98.tmp [MD5.D9DD6EDDDBDDD77E7DDCBD686EEBA80A] - |A| - [18/07/2015 07:53:20] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_5CAE.tmp [MD5.50022444C0E276FCBDF768B6B41F4127] - |A| - [16/05/2014 10:21:34] - (.-.) - [128 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_5F10.tmp [MD5.585312FE8DC67F8A97D3DCA6850DA55B] - |A| - [05/12/2015 15:36:57] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_6048.tmp [MD5.B39668AAF6DBD841DD61A1DFA057D94C] - |A| - [20/02/2013 13:44:31] - (.-.) - [448 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_62BA.tmp [MD5.1144673114A2995D1BDA8C3C907CFDC1] - |A| - [18/07/2015 07:53:22] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_643D.tmp [MD5.D6556478D08D67064B391E3E018F475F] - |A| - [18/07/2015 07:53:23] - (.-.) - [256 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_66ED.tmp [MD5.8D08D69B9AB75B49BC3B9E45724CF6A6] - |A| - [16/05/2014 10:21:37] - (.-.) - [320 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_6A47.tmp [MD5.31A34260E05E118D511C5443185E4B3F] - |A| - [20/02/2013 13:44:33] - (.-.) - [256 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_6BEE.tmp [MD5.24AAFA85B41DEFCD2F5A01BEBBB54F42] - |A| - [18/07/2015 07:53:25] - (.-.) - [256 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_6D54.tmp [MD5.A4BCE0FCEB480544427EC6194BEE6664] - |A| - [06/04/2015 16:40:21] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_6E48.tmp [MD5.38B8D0C14DDA46A4EA6C13FE94FCF49A] - |A| - [18/07/2015 07:53:25] - (.-.) - [128 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_6E6D.tmp [MD5.C124CCFC53F2590539A836EF8FE303A5] - |A| - [20/02/2013 13:44:34] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_6F59.tmp [MD5.61A02202FF1D3C35818D1A53C2B0FE0E] - |A| - [20/02/2013 13:44:35] - (.-.) - [704 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_71E9.tmp [MD5.6AEA8903BF21FF5D6A81053535AF6C47] - |A| - [18/07/2015 07:53:26] - (.-.) - [128 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_72D2.tmp [MD5.6E8FF8B9D3EC9995A033F49CB5D873B0] - |A| - [06/04/2015 16:40:22] - (.-.) - [256 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_72DB.tmp [MD5.2B234C2F035A36B04BE380D00DAE92AB] - |A| - [06/04/2015 16:40:22] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_74FE.tmp [MD5.2225836309B483D92A0E0831C48FD970] - |A| - [05/12/2015 15:37:04] - (.-.) - [320 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_7ACB.tmp [MD5.B4CF347EB4CE24F68C07DA8A99D06949] - |A| - [09/07/2014 15:31:30] - (.-.) - [128 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_7B66.tmp [MD5.9BE10B77BEE53F632A479A690C443F1C] - |A| - [06/04/2015 16:40:24] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_7BC2.tmp [MD5.DBE176AAB6FE2F40467C2E8C281B1682] - |A| - [20/02/2013 13:44:39] - (.-.) - [256 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_82DB.tmp [MD5.EB6F45F8FB9CD62F2C44142ABC5665F5] - |A| - [20/02/2013 13:44:41] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_8B35.tmp [MD5.41111F34B63AC361E646B1EE621A85E6] - |A| - [09/07/2014 15:31:34] - (.-.) - [320 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_8BBC.tmp [MD5.E74FF31E74EBE2295356887833CB60C3] - |A| - [13/12/2014 21:29:15] - (.-.) - [128 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_92DC.tmp [MD5.9BD549D896EE0F871CC029F70B17E735] - |A| - [17/07/2015 21:51:09] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_962.tmp [MD5.45B8DFE2B65149F6CEF529C5AF4058D2] - |A| - [05/11/2013 14:55:56] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_9BE3.tmp [MD5.93BB9065E5D1D062552F93B49149BBD8] - |A| - [05/11/2013 14:55:56] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_9D6A.tmp [MD5.0CE3936738CFD9266230C15962CDBC16] - |A| - [20/02/2013 13:44:46] - (.-.) - [320 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_9DEB.tmp [MD5.853511703A5D73BB6535250F250B3DF0] - |A| - [13/12/2014 21:29:23] - (.-.) - [384 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_B136.tmp [MD5.B3A0AC9468CBE27546953AEE20795936] - |A| - [13/10/2016 06:55:31] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_B14.tmp [MD5.0E06A1A4772A5585DEC84BA75C2FB0D0] - |A| - [04/06/2015 07:46:05] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_B5F3.tmp [MD5.7A5D9A7A08A3FD39C60842B37D702E61] - |A| - [04/06/2015 07:46:08] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_BFB4.tmp [MD5.D1083964FF492FF6F59EC9E2A6E01DFF] - |A| - [04/06/2015 07:46:08] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_C1F7.tmp [MD5.02C3BE4EDF2EDBB925661D62B5A9031A] - |A| - [04/06/2015 07:46:08] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_C2B3.tmp [MD5.B3CF29EED73F796DB198666D81BA846F] - |A| - [04/06/2015 07:46:09] - (.-.) - [256 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_C488.tmp [MD5.7C253FF404CEFF1B93686CDAA88E3B10] - |A| - [04/06/2015 07:46:09] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_C582.tmp [MD5.67C811662DA15AE6E9524C2C59FB28B6] - |A| - [13/02/2015 10:06:40] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_C58F.tmp [MD5.2DAF163757651CAB074A7F6AB6F79EB0] - |A| - [08/05/2016 09:20:23] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_DA40.tmp [MD5.B7954DD4521565D47A2181CF49040A16] - |A| - [08/05/2016 09:20:24] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_DD2E.tmp [MD5.C7724CB01C03FD91D0BF162834DA95DF] - |A| - [08/05/2016 09:20:24] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_DE38.tmp [MD5.A84716898C6672D7E534C7E3899EDA39] - |A| - [12/06/2015 08:31:32] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_DF46.tmp [MD5.0A91DC06D1F98B555467ADCD80FBF777] - |A| - [08/05/2016 09:20:24] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_DF62.tmp [MD5.B5691086F133734BDC531FAB25A979C1] - |A| - [13/10/2016 06:55:20] - (.-.) - [256 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_E01B.tmp [MD5.74B1430043856CCFE1989C813B66CB8A] - |A| - [08/05/2016 09:20:25] - (.-.) - [256 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_E108.tmp [MD5.AAA7E322A5AA021A5F12FFE8C69856F3] - |A| - [13/10/2016 06:55:31] - (.-.) - [256 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_E21.tmp [MD5.8F36C47B601C381A853C40208AAFCD3C] - |A| - [08/05/2016 09:20:25] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_E33A.tmp [MD5.DAAFDEFBEFA906C6C4D80075ECA760C2] - |A| - [08/05/2016 09:20:26] - (.-.) - [128 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_E57D.tmp [MD5.25CA1C8BCCCD1E5AE8A98D1DA0940027] - |A| - [13/10/2016 06:55:21] - (.-.) - [256 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_E589.tmp [MD5.14B1EFBE3F27789DB68C9991D177193E] - |A| - [08/05/2016 09:20:26] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_E6E4.tmp [MD5.10D076256742AD97138C30F41CE77CF0] - |A| - [13/02/2015 10:06:49] - (.-.) - [320 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_E733.tmp [MD5.9619DB13D29AF8166B4CE9A3DD14E5A2] - |A| - [08/05/2016 09:20:26] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_E86B.tmp [MD5.2F26771A5236939BA82B82C9316CAB75] - |A| - [13/10/2016 06:55:22] - (.-.) - [320 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_E98F.tmp [MD5.7845492BC026EF1875AB82453E0A124F] - |A| - [12/06/2015 08:31:38] - (.-.) - [384 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_F74A.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [04/01/2019 21:57:53] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\WERFE06.tmp.appcompat.txt [MD5.00000000000000000000000000000000] - |D| - [15/01/2018 18:47:50] - [2.38 Ko] - C:\Windows\Temp\_avast_ [MD5.00000000000000000000000000000000] - |D| - [19/04/2017 08:02:18] - [0 Ko] - C:\Windows\Temp\{05C76D91-343E-4A92-9B0E-4E0919FC6215} [MD5.00000000000000000000000000000000] - |D| - [01/12/2017 14:58:31] - [0 Ko] - C:\Windows\Temp\{6E6B3E6B-430C-4702-8BFA-1D6B61BF3DED} [MD5.00000000000000000000000000000000] - |D| - [16/05/2017 06:43:18] - [0 Ko] - C:\Windows\Temp\{EBDBDD57-EF9B-4FAA-96C4-75DDC9D1047A} [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 07:18:58] - [0 Ko] - C:\Windows\System32\040C [MD5.D41D8CD98F00B204E9800998ECF8427E] - |AH| - [14/07/2009 05:45:49] - (.-.) - [27.86 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [MD5.D41D8CD98F00B204E9800998ECF8427E] - |AH| - [14/07/2009 05:45:49] - (.-.) - [27.86 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [4987.5 Ko] - C:\Windows\System32\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [13/12/2014 21:26:47] - [2598.96 Ko] - C:\Windows\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [201.5 Ko] - C:\Windows\System32\ar-SA [MD5.C90A8DB8F7F4B8828DB9C5B6A787C4C9] - |A| - [07/01/2019 09:01:25] - (.Copyright (c) 2018 AVAST Software - Avast start-up scanner.) - [352.88 Ko] - (19.1.4142.0) - C:\Windows\System32\aswBoot.exe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [173 Ko] - C:\Windows\System32\bg-BG [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [2592.76 Ko] - C:\Windows\System32\Boot [MD5.F02F93D5AEC524052E4A37C1BB7CCF31] - |A| - [14/07/2009 02:20:24] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother Multi Function CoInstaller.) - [19 Ko] - (1.0.0.20) - C:\Windows\System32\brcoinst.dll [MD5.7D00FF6A4315FDF4ACAFBB4EF157EA9F] - |A| - [14/07/2009 01:07:04] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [91.5 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll [MD5.6794D9D442E31DC5E95BDF65F37E4386] - |A| - [14/07/2009 00:56:54] - (.Copyright (C) 2006 - CardGames Resources.) - [6068.5 Ko] - (1.0.0.1) - C:\Windows\System32\CardGames.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [214741.53 Ko] - C:\Windows\System32\catroot [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [34837.79 Ko] - C:\Windows\System32\catroot2 [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [23822.05 Ko] - C:\Windows\System32\CodeIntegrity [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [357 Ko] - C:\Windows\System32\com [MD5.00000000000000000000000000000000] - |SD| - [07/05/2014 07:48:48] - [4945.69 Ko] - C:\Windows\System32\CompatTel [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [411996.76 Ko] - C:\Windows\System32\config [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [432 Ko] - C:\Windows\System32\cs-CZ [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [427.5 Ko] - C:\Windows\System32\da-DK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [457.5 Ko] - C:\Windows\System32\de-DE [MD5.079B8AEB4A55BF8493BD1EC70285D920] - |ASH| - [14/07/2009 05:57:09] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\Windows\System32\desktop.ini [MD5.9591E9EACD1117EF90C7C54734403347] - |A| - [20/02/2013 14:46:50] - (.-.) - [175.77 Ko] - (0.0.0.0) - C:\Windows\System32\difx64.exe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [5335 Ko] - C:\Windows\System32\Dism [MD5.D2E144A5E91E6BFBDF3DF7C057F99630] - |A| - [14/07/2009 05:45:34] - (.-.) - [287.73 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 07:18:58] - [1840 Ko] - C:\Windows\System32\fr [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [41369.75 Ko] - C:\Windows\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:32:38] - [0 Ko] - C:\Windows\System32\FxsTmp [MD5.2AE808CB0D9A667B0CF41EA74B3B9BAC] - |A| - [10/06/2009 21:36:24] - (.-.) - [39.6 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs [MD5.D545C69E27AE29CBA35EA1E53965472C] - |A| - [20/02/2013 14:46:50] - (.-.) - [152.4 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.ar-SA.resources [MD5.FB800EB7720F3060B9D430A2FDE46E6C] - |A| - [20/02/2013 14:46:50] - (.-.) - [130.12 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.cs-CZ.resources [MD5.2EA9BDC345E080F6C706E2EDB90908F8] - |A| - [20/02/2013 14:46:50] - (.-.) - [125.4 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.da-DK.resources [MD5.6809AAF0B8E584F5F5864B403DEB391B] - |A| - [20/02/2013 14:46:50] - (.-.) - [134.48 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.de-DE.resources [MD5.5A6C8C4FB9820CB8994D4C4093DB17D8] - |A| - [20/02/2013 14:46:50] - (.-.) - [193.26 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.el-GR.resources [MD5.81BA9CEFCFF771E320A4534F71434534] - |A| - [20/02/2013 14:46:50] - (.-.) - [121.02 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.en-US.resources [MD5.2941795F09D779C54BC30F6540E42C28] - |A| - [20/02/2013 14:46:50] - (.-.) - [134.28 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.es-ES.resources [MD5.539CB161ED53DED6A2B1A39BE09A2CD6] - |A| - [20/02/2013 14:46:50] - (.-.) - [129.64 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.fi-FI.resources [MD5.D51E32E9B505A94C6EA48E8A622F55B8] - |A| - [20/02/2013 14:46:50] - (.-.) - [132.34 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.fr-FR.resources [MD5.1F28F7E3FB72EFB8E36910A9B315C579] - |A| - [20/02/2013 14:46:50] - (.-.) - [145.36 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.he-IL.resources [MD5.32D3B703C8CEF0FEE20291AE8796A655] - |A| - [20/02/2013 14:46:50] - (.-.) - [128.62 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.hr-HR.resources [MD5.04E179AB8557050B797273EC34882C0B] - |A| - [20/02/2013 14:46:50] - (.-.) - [131.09 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.hu-HU.resources [MD5.84441568760121C2B26149A27E1993BF] - |A| - [20/02/2013 14:46:50] - (.-.) - [136.79 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.it-IT.resources [MD5.1ED3308CD38DFC99ABB8C296D4510865] - |A| - [20/02/2013 14:46:50] - (.-.) - [149.41 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.ja-JP.resources [MD5.18DF8FD3FFA0D8FEE3DCBC06C872C0D1] - |A| - [20/02/2013 14:46:50] - (.-.) - [135.32 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.ko-KR.resources [MD5.934D05FFAF106F8A8D70DCBD04426B59] - |A| - [20/02/2013 14:46:50] - (.-.) - [125.65 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.nb-NO.resources [MD5.7301ACB8AE6475E7C714BA15795761F6] - |A| - [20/02/2013 14:46:50] - (.-.) - [131.13 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.nl-NL.resources [MD5.FC3BFDBD8C767503815FCFCE451DC0DE] - |A| - [20/02/2013 14:46:50] - (.-.) - [129.9 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.pl-PL.resources [MD5.650945D127EEEC0214793619C323F2B4] - |A| - [20/02/2013 14:46:50] - (.-.) - [131.53 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.pt-BR.resources [MD5.FB27546F0E11DC8C135DCB0A7FB9B405] - |A| - [20/02/2013 14:46:50] - (.-.) - [130.42 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.pt-PT.resources [MD5.8F1BA4E29000A72838B5D71876237C60] - |A| - [20/02/2013 14:46:50] - (.-.) - [133.25 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.ro-RO.resources [MD5.992F28689F92841F91A09FD39AF31C76] - |A| - [20/02/2013 14:46:50] - (.-.) - [178.24 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.ru-RU.resources [MD5.D8E1F9377D4D823914B2E27681F490DE] - |A| - [20/02/2013 14:46:50] - (.-.) - [129.54 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.sk-SK.resources [MD5.14F6E5B66983FC1244B47C721BD5FD1B] - |A| - [20/02/2013 14:46:50] - (.-.) - [125.84 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.sl-SI.resources [MD5.96BDDF55F334243D540A1DC17A631ED4] - |A| - [20/02/2013 14:46:50] - (.-.) - [130.57 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.sv-SE.resources [MD5.8D9DC81FC08FC0E17963763FCB293227] - |A| - [20/02/2013 14:46:50] - (.-.) - [206.13 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.th-TH.resources [MD5.E4BC996CA2D464EEE89A5CDDF09A4CED] - |A| - [20/02/2013 14:46:50] - (.-.) - [132.05 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.tr-TR.resources [MD5.E61A57C7193BB1B2A1BB628AB0AD62BB] - |A| - [20/02/2013 14:46:50] - (.-.) - [113.51 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.zh-CN.resources [MD5.72669B94C297C1BEE82230A8DEA428F6] - |A| - [20/02/2013 14:46:50] - (.-.) - [114.77 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.zh-TW.resources [MD5.FFB49EE58EF3E271AA25F847D3299047] - |A| - [20/02/2013 14:46:49] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\Windows\System32\GfxUI.exe.config [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [0 Ko] - C:\Windows\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers [MD5.105CFE016CCB20175BEACEC146F175AB] - |A| - [20/02/2013 14:46:49] - (.-.) - [92 Ko] - (0.0.0.0) - C:\Windows\System32\IccLibDll_x64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [36.27 Ko] - C:\Windows\System32\icsxml [MD5.481F6E1CD63E09F0516B5E78B35D333E] - |A| - [20/02/2013 14:46:49] - (.-.) - [142.39 Ko] - (0.0.0.0) - C:\Windows\System32\igcompkrng600.bin [MD5.D1F02A18DA95C6B3D667F39B56FC08BD] - |A| - [20/02/2013 14:46:50] - (.-.) - [74 Ko] - (0.0.0.0) - C:\Windows\System32\igdde64.dll [MD5.155F4CBCEE52D4E46FA0DA233C2FFD22] - |A| - [20/02/2013 14:46:50] - (.-.) - [213.19 Ko] - (0.0.0.0) - C:\Windows\System32\igfcg600m.bin [MD5.D952020CC54C79AC7FDDC47A22860E71] - |A| - [20/02/2013 14:46:50] - (.Copyright (C) 2010 - CM Runtime Dynamic Link Library.) - [133.5 Ko] - (1.0.0.1007) - C:\Windows\System32\igfxcmrt64.dll [MD5.1F0C16037E9005A0B629A36E2268009A] - |A| - [20/02/2013 14:46:49] - (.Copyright (C) 2009 - Intel(R) Graphics Media Accelerator Driver Coinstaller.) - [88 Ko] - (1.2.30.0) - C:\Windows\System32\igfxCoIn_v2361.dll [MD5.74A4BB8FB397202691C861BC85DD4035] - |A| - [20/02/2013 14:46:50] - (.-.) - [4 Ko] - (1.0.0.0) - C:\Windows\System32\IGFXDEVLib.dll [MD5.2DAE8EF56FA66F1A76A628CF7B039596] - |A| - [20/02/2013 14:46:50] - (.-.) - [940.54 Ko] - (0.0.0.0) - C:\Windows\System32\igkrng600.bin [MD5.40DFD4CFB98AB5E4666B0F607CB64921] - |A| - [20/02/2013 14:46:49] - (.-.) - [1935.25 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxa64.cpa [MD5.828C46F74BB7248FF401471D072BB751] - |A| - [10/04/2011 03:40:34] - (.-.) - [1.05 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxa64.vp [MD5.585CBA361053B0703C5682DFB86141FD] - |A| - [20/02/2013 14:46:49] - (.-.) - [57.68 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxc64.vp [MD5.E0B85045105247B03B4C25F8421B1F84] - |A| - [20/02/2013 14:46:49] - (.-.) - [57.79 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxg64.vp [MD5.5C4EA9837E5E5CB27C3C74D46AA7BC43] - |A| - [20/02/2013 14:46:49] - (.-.) - [57.85 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxo64.vp [MD5.16ADFD83BBCA9D14E67BB6ABE447671A] - |A| - [20/02/2013 14:46:49] - (.-.) - [16.87 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxs64.vp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [36875.94 Ko] - C:\Windows\System32\IME [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [0 Ko] - C:\Windows\System32\inetsrv [MD5.AAA0C03BF54FC8A4E895B576861A9848] - |A| - [21/11/2010 04:07:41] - (.-.) - [29.12 Ko] - (0.0.0.0) - C:\Windows\System32\InstallPackage_ETW.Log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [452 Ko] - C:\Windows\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [365 Ko] - C:\Windows\System32\ja-JP [MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [14/07/2009 03:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\System32\korwbrkr.lex [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [16/01/2019 16:07:36] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\System32\last.dump [MD5.E89C001FB4D9E08CC7072CE774CDB999] - |A| - [21/11/2010 03:52:07] - (.-.) - [0.01 Ko] - (0.0.0.0) - C:\Windows\System32\LocalGroupAdminAdd.log [MD5.563C3703A9B57CC9B370A76D6173D09C] - |A| - [21/11/2010 03:52:08] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\System32\Local_LLU.log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [3339.41 Ko] - C:\Windows\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [165 Ko] - C:\Windows\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [166 Ko] - C:\Windows\System32\lv-LV [MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [13/07/2009 21:17:48] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\Windows\System32\manage-bde.wsf [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [1981.88 Ko] - C:\Windows\System32\manifeststore [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 05:45:42] - [1129.43 Ko] - C:\Windows\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [3465.43 Ko] - C:\Windows\System32\migration [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [37856.93 Ko] - C:\Windows\System32\migwiz [MD5.39E801545FFF6230C80140E0F8A06629] - |A| - [14/07/2009 05:57:09] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\Windows\System32\migwiz.lnk [MD5.00000000000000000000000000000000] - |D| - [17/07/2013 23:02:38] - [0 Ko] - C:\Windows\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [4148.28 Ko] - C:\Windows\System32\Msdtc [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [24.48 Ko] - C:\Windows\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [422.5 Ko] - C:\Windows\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [384 Ko] - C:\Windows\System32\NDF [MD5.CD48AD912839B9FB6CCA5D4AA9B37500] - |A| - [13/07/2009 23:01:19] - (.-.) - [21.3 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml [MD5.8E24A7BCAEF2045DA1FF29217622843E] - |A| - [21/11/2010 03:52:07] - (.-.) - [0.04 Ko] - (0.0.0.0) - C:\Windows\System32\Network_LLU.log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [443.5 Ko] - C:\Windows\System32\nl-NL [MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [14/07/2009 03:35:51] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\System32\noise.kor [MD5.00000000000000000000000000000000] - |D| - [27/08/2015 18:21:54] - [2304.23 Ko] - C:\Windows\System32\NV [MD5.D312415896845D7DE180AAC217C9217B] - |A| - [21/04/2011 20:35:38] - (.-.) - [5013.39 Ko] - (0.0.0.0) - C:\Windows\System32\nvcoproc.bin [MD5.45AF72FC3FB67EF536C2E348885EF321] - |A| - [20/02/2013 14:47:45] - (.-.) - [32.28 Ko] - (0.0.0.0) - C:\Windows\System32\nvinfo.pb [MD5.2901049544FDF863362FABA2363EB647] - |A| - [13/07/2009 21:24:21] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\Windows\System32\onlinesetup.cmd [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [14293.75 Ko] - C:\Windows\System32\oobe [MD5.8B2085821B90A88B2D2B07A2E156D4BB] - |A| - [14/07/2009 03:36:59] - (.-.) - [327.98 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat [MD5.6CC362BA20236EF52BCD9D0FCC7E16B7] - |A| - [21/11/2010 07:19:09] - (.-.) - [385.35 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00C.dat [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 21:33:35] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\System32\PerfCenterCpl.ico [MD5.7AAA3E23CE4C7845B112F7A79B110E60] - |A| - [14/07/2009 03:36:59] - (.-.) - [30.81 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat [MD5.07BA000B2E67565BDF112C35171865A5] - |A| - [21/11/2010 07:19:09] - (.-.) - [37.27 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00C.dat [MD5.A06A2AC42BB5BDF38DF49E90DD00FAEF] - |A| - [14/07/2009 03:36:59] - (.-.) - [857.01 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat [MD5.0AEDD17B6F4B9C082F3CCEA8A9C89183] - |A| - [21/11/2010 07:19:09] - (.-.) - [1438.97 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00C.dat [MD5.CA8A4187211185C88505C233CB8D73E1] - |A| - [14/07/2009 06:13:15] - (.-.) - [6.12 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [439 Ko] - C:\Windows\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 07:18:58] - [420.42 Ko] - C:\Windows\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [436 Ko] - C:\Windows\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [438.5 Ko] - C:\Windows\System32\pt-PT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [23.75 Ko] - C:\Windows\System32\ras [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [0.78 Ko] - C:\Windows\System32\Recovery [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:32:38] - [0.07 Ko] - C:\Windows\System32\restore [MD5.2D8528E2BDA568B72FE4CDB131D03938] - |A| - [20/02/2013 16:16:55] - (.-.) - [15.48 Ko] - (0.0.0.0) - C:\Windows\System32\results.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [169 Ko] - C:\Windows\System32\ro-RO [MD5.92C704590FCEDDA971B7A77945DCCDA4] - |A| - [20/02/2013 14:17:50] - (.- About Page.) - [72.53 Ko] - (1.2.0.3) - C:\Windows\System32\RtNicProp64.dll [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [21/11/2010 04:24:25] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [169.5 Ko] - C:\Windows\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [166 Ko] - C:\Windows\System32\sl-SI [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 07:18:58] - [42.67 Ko] - C:\Windows\System32\slmgr [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [37826.02 Ko] - C:\Windows\System32\SMI [MD5.C74D61FCA22F36791105D7878AF73572] - |A| - [10/06/2009 22:08:17] - (.-.) - [8.09 Ko] - (0.0.0.0) - C:\Windows\System32\spcinstrumentation.man [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [17378 Ko] - C:\Windows\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [125182.51 Ko] - C:\Windows\System32\spool [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [1959.75 Ko] - C:\Windows\System32\spp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [30.19 Ko] - C:\Windows\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [170 Ko] - C:\Windows\System32\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [426.5 Ko] - C:\Windows\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [137.88 Ko] - C:\Windows\System32\sysprep [MD5.5EC92F0EAE3CA59F647C3CA5AA7CB053] - |A| - [21/11/2010 04:24:36] - (.-.) - [339.75 Ko] - (0.0.0.0) - C:\Windows\System32\systemsf.ebd [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [293.09 Ko] - C:\Windows\System32\Tasks [MD5.47F22CAD4A16BB40153555D631546B94] - |A| - [10/06/2009 22:01:25] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [157 Ko] - C:\Windows\System32\th-TH [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [424 Ko] - C:\Windows\System32\tr-TR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [166.5 Ko] - C:\Windows\System32\uk-UA [MD5.05F9840831C29F5BE93AD8BE810D5614] - |A| - [14/07/2009 05:45:37] - (.-.) - [18 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup.etl [MD5.F736AA948D0C3CBCE212B7B2CB0EF115] - |A| - [14/07/2009 05:45:37] - (.-.) - [45 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup000.etl [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [13/07/2009 22:54:15] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [80 Ko] - C:\Windows\System32\wfp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:32:38] - [0 Ko] - C:\Windows\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:32:38] - [73.5 Ko] - C:\Windows\System32\WinBioPlugIns [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:32:38] - [9124.89 Ko] - C:\Windows\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [110816 Ko] - C:\Windows\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 07:18:59] - [106.26 Ko] - C:\Windows\System32\winrm [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [336.5 Ko] - C:\Windows\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [258.5 Ko] - C:\Windows\System32\zh-HK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [337 Ko] - C:\Windows\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 07:18:59] - [0 Ko] - C:\Windows\SysWOW64\040C [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [2258.5 Ko] - C:\Windows\SysWOW64\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [201.5 Ko] - C:\Windows\SysWOW64\ar-SA [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [173 Ko] - C:\Windows\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot2 [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [302.5 Ko] - C:\Windows\SysWOW64\com [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [720.22 Ko] - C:\Windows\SysWOW64\config [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [427.5 Ko] - C:\Windows\SysWOW64\cs-CZ [MD5.846B03F22587A13AAF419096F9684F6E] - |RA| - [20/02/2013 14:42:11] - (.Copyright 2008 - CSVer.) - [52 Ko] - (9.2.0.1019) - C:\Windows\SysWOW64\CSVer.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [422.5 Ko] - C:\Windows\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [452 Ko] - C:\Windows\SysWOW64\de-DE [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [4156 Ko] - C:\Windows\SysWOW64\Dism [MD5.481F6E1CD63E09F0516B5E78B35D333E] - |A| - [20/02/2013 14:46:49] - (.-.) - [142.39 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\igcompkrng600.bin [MD5.155F4CBCEE52D4E46FA0DA233C2FFD22] - |A| - [20/02/2013 14:46:50] - (.-.) - [213.19 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\igfcg600m.bin [MD5.2DAE8EF56FA66F1A76A628CF7B039596] - |A| - [20/02/2013 14:46:50] - (.-.) - [940.54 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\igkrng600.bin [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [34097.44 Ko] - C:\Windows\SysWOW64\IME [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [0 Ko] - C:\Windows\SysWOW64\inetsrv [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [1160 Ko] - C:\Windows\SysWOW64\InstallShield [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [447 Ko] - C:\Windows\SysWOW64\it-IT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [361 Ko] - C:\Windows\SysWOW64\ja-JP [MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [14/07/2009 03:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\korwbrkr.lex [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [18/04/2018 13:53:28] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\last.dump [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/02/2013 14:42:44] - (.-.) - [0.02 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\log.txt [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:32:38] - [0 Ko] - C:\Windows\SysWOW64\LogFiles [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [165 Ko] - C:\Windows\SysWOW64\lt-LT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [166 Ko] - C:\Windows\SysWOW64\lv-LV [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [1968.26 Ko] - C:\Windows\SysWOW64\manifeststore [MD5.98071B6EE16AA76DABFF377A5DC69C86] - |A| - [14/07/2009 05:55:01] - (.-.) - [0.52 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mapisvc.inf [MD5.00000000000000000000000000000000] - |SD| - [21/02/2018 08:04:13] - [0 Ko] - C:\Windows\SysWOW64\Microsoft [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [3178.93 Ko] - C:\Windows\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [32763.45 Ko] - C:\Windows\SysWOW64\migwiz [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [52.28 Ko] - C:\Windows\SysWOW64\Msdtc [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [24.48 Ko] - C:\Windows\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [418 Ko] - C:\Windows\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [0 Ko] - C:\Windows\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [51 Ko] - C:\Windows\SysWOW64\NetworkList [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [438.5 Ko] - C:\Windows\SysWOW64\nl-NL [MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [14/07/2009 03:35:50] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\noise.kor [MD5.00000000000000000000000000000000] - |D| - [27/08/2015 18:21:54] - [1966.69 Ko] - C:\Windows\SysWOW64\NV [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 22:17:19] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfCenterCpl.ico [MD5.AC3EC5E2A5334AEBF6BB31265EC79934] - |A| - [26/02/2014 11:03:03] - (.-.) - [1606.18 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [434 Ko] - C:\Windows\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 07:18:59] - [420.42 Ko] - C:\Windows\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [431 Ko] - C:\Windows\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [433 Ko] - C:\Windows\SysWOW64\pt-PT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [23.75 Ko] - C:\Windows\SysWOW64\ras [MD5.9747DA2D74F5C510713D4FCCF8695AA8] - |A| - [24/08/2006 12:49:24] - (.Copyright © 2002 - Dell ResourceCD Utility Module.) - [172 Ko] - (1.2.0.0) - C:\Windows\SysWOW64\rcdscan.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [0.64 Ko] - C:\Windows\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:32:38] - [0 Ko] - C:\Windows\SysWOW64\restore [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [169 Ko] - C:\Windows\SysWOW64\ro-RO [MD5.48C35ED0A09855B29D43F11485F8423B] - |A| - [04/06/2004 05:38:30] - (.Copyright(c) 1991-1999 Sheridan Software Systems, Inc. - ActiveThreed Controls.) - [320.78 Ko] - (3.0.0.34) - C:\Windows\SysWOW64\ssa3d30.ocx [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [421.5 Ko] - C:\Windows\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 07:18:59] - [0 Ko] - C:\Windows\SysWOW64\sysprep [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [0 Ko] - C:\Windows\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [157 Ko] - C:\Windows\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [419 Ko] - C:\Windows\SysWOW64\tr-TR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [166.5 Ko] - C:\Windows\SysWOW64\uk-UA [MD5.AC512BDB1888BCED3BE80C97CAC24EC0] - |A| - [07/03/2013 17:10:04] - (.EnAppSys Ltd -.) - [232 Ko] - (0.5.0.24) - C:\Windows\SysWOW64\vbXML.dll [MD5.36B9BB235CB85582F1D18BC63F7FAE6B] - |A| - [07/03/2013 17:10:04] - (.EnAppSys Ltd - An ActiveX object implementing a client for XML-RPC written in Visual Basic v6 SP5..) - [148 Ko] - (0.9.0.42) - C:\Windows\SysWOW64\vbXMLRPC.dll [MD5.15BD0F8D507546F512EE5D73C3721FA8] - |A| - [14/07/2009 03:35:41] - (.Copyright © 2000 - vfpodbc.) - [20.05 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\vfpodbc.dll [MD5.00000000000000000000000000000000] - |D| - [20/02/2013 14:05:47] - [58.07 Ko] - C:\Windows\SysWOW64\vmm32 [MD5.00000000000000000000000000000000] - |D| - [22/02/2013 16:45:59] - [237.33 Ko] - C:\Windows\SysWOW64\Wat [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [9059.73 Ko] - C:\Windows\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 07:18:59] - [47.61 Ko] - C:\Windows\SysWOW64\WCN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [101.23 Ko] - C:\Windows\SysWOW64\wdi [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:32:38] - [9079.89 Ko] - C:\Windows\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 07:19:00] - [106.26 Ko] - C:\Windows\SysWOW64\winrm [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 07:18:59] - [10.16 Ko] - C:\Windows\SysWOW64\XPSViewer [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [333.5 Ko] - C:\Windows\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [255.5 Ko] - C:\Windows\SysWOW64\zh-HK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [334 Ko] - C:\Windows\SysWOW64\zh-TW [MD5.E6D4D80B37B41A69EB8237C1FF890B87] - |A| - [23/11/2013 21:45:25] - (.-.) - [103663.24 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\???? ---------- | Shell Folders [HKU\S-1-5-21-334556959-3654049488-902140452-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "!Do not use this registry key"=Use the SHGetFolderPath or SHGetKnownFolderPath function instead "AppData"=C:\Users\Debjam\AppData\Roaming [20/02/2013 13:50:48] "Local AppData"=C:\Users\Debjam\AppData\Local [20/02/2013 13:50:48] "My Video"=C:\Users\Debjam\Videos [20/02/2013 13:50:48] "{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"=C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Libraries [20/02/2013 13:51:16] "My Pictures"=C:\Users\Debjam\Pictures [20/02/2013 13:50:48] "Desktop"=C:\Users\Debjam\Desktop [20/02/2013 13:50:48] "History"=C:\Users\Debjam\AppData\Local\Microsoft\Windows\History [20/02/2013 13:50:48] "NetHood"=C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Network Shortcuts [20/02/2013 13:50:48] "{56784854-C6CB-462B-8169-88E350ACB882}"=C:\Users\Debjam\Contacts [20/02/2013 13:51:04] "Cookies"=C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Cookies [20/02/2013 13:50:48] "Favorites"=C:\Users\Debjam\Favorites [20/02/2013 13:50:48] "SendTo"=C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\SendTo [20/02/2013 13:50:48] "Start Menu"=C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Start Menu [20/02/2013 13:50:48] "My Music"=C:\Users\Debjam\Music [20/02/2013 13:50:48] "Programs"=C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [20/02/2013 13:50:48] "Recent"=C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Recent [20/02/2013 13:50:48] "CD Burning"=C:\Users\Debjam\AppData\Local\Microsoft\Windows\Burn\Burn [20/02/2013 13:51:26] "PrintHood"=C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Printer Shortcuts [20/02/2013 13:50:48] "{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"=C:\Users\Debjam\Searches [20/02/2013 13:51:16] "{374DE290-123F-4565-9164-39C4925E467B}"=C:\Users\Debjam\Downloads [20/02/2013 13:50:48] "{A520A1A4-1780-4FF6-BD18-167343C5AF16}"=C:\Users\Debjam\AppData\LocalLow [20/02/2013 13:50:49] "Startup"=C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [20/02/2013 13:51:16] "Administrative Tools"=C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [20/02/2013 13:51:16] "Personal"=C:\Users\Debjam\Documents [20/02/2013 13:50:48] "{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"=C:\Users\Debjam\Links [20/02/2013 13:50:48] "Cache"=C:\Users\Debjam\AppData\Local\Microsoft\Windows\Temporary Internet Files [20/02/2013 13:50:48] "Templates"=C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Templates [20/02/2013 13:50:48] "{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"=C:\Users\Debjam\Saved Games [20/02/2013 13:50:48] "Fonts"=C:\Windows\Fonts [14/07/2009 04:20:09] [HKU\S-1-5-21-334556959-3654049488-902140452-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "AppData"=%USERPROFILE%\AppData\Roaming "Cache"=%USERPROFILE%\AppData\Local\Microsoft\Windows\Temporary Internet Files "Cookies"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Cookies "Desktop"=%USERPROFILE%\Desktop "Favorites"=%USERPROFILE%\Favorites "History"=%USERPROFILE%\AppData\Local\Microsoft\Windows\History "Local AppData"=%USERPROFILE%\AppData\Local "My Music"=%USERPROFILE%\Music "My Pictures"=%USERPROFILE%\Pictures "My Video"=%USERPROFILE%\Videos "NetHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts "Personal"=%USERPROFILE%\Documents "Programs"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs "Recent"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent "SendTo"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo "Startup"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup "Start Menu"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu "Templates"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates "{374DE290-123F-4565-9164-39C4925E467B}"=%USERPROFILE%\Downloads "PrintHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Desktop"=C:\Users\Public\Desktop [14/07/2009 04:20:08] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 04:20:08] "CommonVideo"=C:\Users\Public\Videos [14/07/2009 04:20:08] "CommonPictures"=C:\Users\Public\Pictures [14/07/2009 04:20:08] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 04:20:08] "CommonMusic"=C:\Users\Public\Music [14/07/2009 04:20:08] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [14/07/2009 06:32:38] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 04:20:08] "Common Documents"=C:\Users\Public\Documents [14/07/2009 04:20:08] "OEM Links"=C:\ProgramData\OEM Links "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [14/07/2009 04:20:08] "Common AppData"=C:\ProgramData [14/07/2009 04:20:08] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "CommonPictures"=%PUBLIC%\Pictures "CommonMusic"=%PUBLIC%\Music "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common AppData"=%ProgramData% "Common Templates"=%ProgramData%\Microsoft\Windows\Templates [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Desktop"=C:\Users\Public\Desktop [14/07/2009 04:20:08] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 04:20:08] "CommonVideo"=C:\Users\Public\Videos [14/07/2009 04:20:08] "CommonPictures"=C:\Users\Public\Pictures [14/07/2009 04:20:08] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 04:20:08] "CommonMusic"=C:\Users\Public\Music [14/07/2009 04:20:08] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [14/07/2009 06:32:38] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 04:20:08] "Common Documents"=C:\Users\Public\Documents [14/07/2009 04:20:08] "OEM Links"=C:\ProgramData\OEM Links "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [14/07/2009 04:20:08] "Common AppData"=C:\ProgramData [14/07/2009 04:20:08] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "CommonPictures"=%PUBLIC%\Pictures "CommonMusic"=%PUBLIC%\Music "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common AppData"=%ProgramData% "Common Templates"=%ProgramData%\Microsoft\Windows\Templates ---------- | [Debjam] [21/03/2018 22:31:04] - |D| - [2420] - C:\Users\Debjam\.android [16/03/2014 21:07:39] - |D| - [407686] - C:\Users\Debjam\.gimp-2.8 [16/03/2014 21:09:19] - |D| - [273626] - C:\Users\Debjam\.thumbnails [20/02/2013 13:50:48] - |HD| - [16200487610] - C:\Users\Debjam\AppData [20/02/2013 13:50:49] - |SHD| - [0] - C:\Users\Debjam\Application Data [20/02/2013 13:51:04] - |RD| - [45009] - C:\Users\Debjam\Contacts [20/02/2013 13:50:49] - |SHD| - [0] - C:\Users\Debjam\Cookies [20/02/2013 13:50:48] - |RD| - [169623265] - C:\Users\Debjam\Desktop [20/02/2013 13:50:48] - |RD| - [6781391] - C:\Users\Debjam\Documents [20/02/2013 13:50:48] - |RD| - [966932755] - C:\Users\Debjam\Downloads [20/02/2013 13:50:48] - |RD| - [4342] - C:\Users\Debjam\Favorites [20/02/2013 13:50:48] - |RD| - [2372] - C:\Users\Debjam\Links [20/02/2013 13:50:49] - |SHD| - [0] - C:\Users\Debjam\Local Settings [20/02/2013 13:50:49] - |SHD| - [0] - C:\Users\Debjam\Menu Démarrer [20/02/2013 13:50:49] - |SHD| - [0] - C:\Users\Debjam\Mes documents [20/02/2013 13:50:49] - |SHD| - [0] - C:\Users\Debjam\Modèles [20/02/2013 13:50:48] - |RD| - [105678] - C:\Users\Debjam\Music [20/02/2013 13:50:48] - |ASH| - [3932160] - C:\Users\Debjam\NTUSER.DAT [20/02/2013 13:50:49] - |ASH| - [262144] - C:\Users\Debjam\ntuser.dat.LOG1 [20/02/2013 13:50:49] - |ASH| - [0] - C:\Users\Debjam\ntuser.dat.LOG2 [20/02/2013 13:50:49] - |ASH| - [65536] - C:\Users\Debjam\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [20/02/2013 13:50:49] - |ASH| - [524288] - C:\Users\Debjam\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [20/02/2013 13:50:49] - |ASH| - [524288] - C:\Users\Debjam\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [14/10/2016 07:18:30] - |ASH| - [65536] - C:\Users\Debjam\NTUSER.DAT{a7aaa240-91d5-11e6-bbe3-4c809346254d}.TM.blf [14/10/2016 07:18:30] - |ASH| - [524288] - C:\Users\Debjam\NTUSER.DAT{a7aaa240-91d5-11e6-bbe3-4c809346254d}.TMContainer00000000000000000001.regtrans-ms [14/10/2016 07:18:30] - |ASH| - [524288] - C:\Users\Debjam\NTUSER.DAT{a7aaa240-91d5-11e6-bbe3-4c809346254d}.TMContainer00000000000000000002.regtrans-ms [20/02/2013 13:50:49] - |SH| - [20] - C:\Users\Debjam\ntuser.ini [20/02/2013 13:50:48] - |RD| - [10546527712] - C:\Users\Debjam\Pictures [20/02/2013 13:50:49] - |SHD| - [0] - C:\Users\Debjam\Recent [20/02/2013 13:50:48] - |RD| - [365] - C:\Users\Debjam\Saved Games [20/02/2013 13:51:16] - |RD| - [1020] - C:\Users\Debjam\Searches [20/02/2013 13:50:49] - |SHD| - [0] - C:\Users\Debjam\SendTo [22/06/2015 19:29:47] - |D| - [106496] - C:\Users\Debjam\Tracing [20/02/2013 13:50:48] - |RD| - [13095724059] - C:\Users\Debjam\Videos [20/02/2013 13:50:49] - |SHD| - [0] - C:\Users\Debjam\Voisinage d'impression [20/02/2013 13:50:49] - |SHD| - [0] - C:\Users\Debjam\Voisinage réseau [20/02/2013 13:50:48] - |D| - [4197182551] - C:\Users\Debjam\AppData\Local [20/02/2013 13:50:49] - |D| - [26932086] - C:\Users\Debjam\AppData\LocalLow [20/02/2013 13:50:48] - |D| - [11976372973] - C:\Users\Debjam\AppData\Roaming [03/02/2019 17:14:41] - |D| - [1554215] - C:\Users\Debjam\AppData\Local\5c349ee41c3a24a8d [24/06/2013 18:39:57] - |D| - [23400278] - C:\Users\Debjam\AppData\Local\Adobe [06/05/2013 23:34:43] - |D| - [196012] - C:\Users\Debjam\AppData\Local\APN [15/03/2013 20:11:42] - |D| - [0] - C:\Users\Debjam\AppData\Local\Apple [15/03/2013 20:13:52] - |D| - [17456293] - C:\Users\Debjam\AppData\Local\Apple Computer [20/02/2013 13:50:49] - |SHD| - [0] - C:\Users\Debjam\AppData\Local\Application Data [20/02/2013 14:24:01] - |D| - [1627381] - C:\Users\Debjam\AppData\Local\Apps [25/07/2018 16:13:31] - |D| - [12624] - C:\Users\Debjam\AppData\Local\AVAST Software [14/04/2017 20:46:55] - |D| - [0] - C:\Users\Debjam\AppData\Local\CEF [03/02/2019 16:57:36] - |D| - [248] - C:\Users\Debjam\AppData\Local\CherryPlayer [21/11/2013 02:03:30] - |D| - [560541274] - C:\Users\Debjam\AppData\Local\Chromium [20/02/2013 14:38:53] - |D| - [2095419] - C:\Users\Debjam\AppData\Local\Citrix [20/02/2013 14:24:01] - |D| - [0] - C:\Users\Debjam\AppData\Local\Deployment [20/02/2013 14:12:07] - |D| - [0] - C:\Users\Debjam\AppData\Local\Diagnostics [06/04/2016 15:10:42] - |D| - [0] - C:\Users\Debjam\AppData\Local\ElevatedDiagnostics [21/05/2014 15:07:08] - |SHD| - [0] - C:\Users\Debjam\AppData\Local\EmieSiteList [21/05/2014 15:07:08] - |SHD| - [0] - C:\Users\Debjam\AppData\Local\EmieUserList [16/03/2014 21:07:40] - |D| - [1482836] - C:\Users\Debjam\AppData\Local\fontconfig [20/02/2013 14:24:01] - |A| - [64024] - C:\Users\Debjam\AppData\Local\GDIPFONTCACHEV1.DAT [16/03/2014 21:07:39] - |D| - [660] - C:\Users\Debjam\AppData\Local\gegl-0.2 [20/02/2013 14:24:54] - |D| - [2332691701] - C:\Users\Debjam\AppData\Local\Google [16/03/2014 21:09:21] - |D| - [202] - C:\Users\Debjam\AppData\Local\gtk-2.0 [20/02/2013 13:50:49] - |SHD| - [0] - C:\Users\Debjam\AppData\Local\Historique [03/06/2015 19:36:55] - |D| - [62325] - C:\Users\Debjam\AppData\Local\HP [27/08/2015 18:20:37] - |AH| - [2586816] - C:\Users\Debjam\AppData\Local\IconCache.db [21/03/2018 22:28:27] - |D| - [342] - C:\Users\Debjam\AppData\Local\iMobie_Inc [30/01/2019 17:19:45] - |D| - [3288] - C:\Users\Debjam\AppData\Local\IsolatedStorage [03/02/2019 17:41:06] - |D| - [776360] - C:\Users\Debjam\AppData\Local\mbam [03/02/2019 17:40:46] - |D| - [235676] - C:\Users\Debjam\AppData\Local\mbamtray [20/02/2013 13:50:48] - |D| - [150912104] - C:\Users\Debjam\AppData\Local\Microsoft [11/06/2015 10:20:49] - |D| - [317498] - C:\Users\Debjam\AppData\Local\Microsoft Games [06/07/2017 20:28:07] - |D| - [20053064] - C:\Users\Debjam\AppData\Local\Mozilla [27/08/2015 18:02:20] - |D| - [119826776] - C:\Users\Debjam\AppData\Local\NVIDIA [27/08/2015 18:02:31] - |D| - [0] - C:\Users\Debjam\AppData\Local\NVIDIA Corporation [25/02/2013 16:40:18] - |D| - [441091] - C:\Users\Debjam\AppData\Local\PokerStars.FR [07/03/2013 17:08:54] - |D| - [0] - C:\Users\Debjam\AppData\Local\Programs [10/10/2015 20:53:25] - |A| - [2397] - C:\Users\Debjam\AppData\Local\recently-used.xbel [08/04/2014 11:42:34] - |D| - [5534392] - C:\Users\Debjam\AppData\Local\Skype [21/11/2013 02:01:02] - |D| - [0] - C:\Users\Debjam\AppData\Local\Sports Interactive [20/02/2013 13:50:48] - |D| - [956948268] - C:\Users\Debjam\AppData\Local\Temp [20/02/2013 13:50:49] - |SHD| - [0] - C:\Users\Debjam\AppData\Local\Temporary Internet Files [20/02/2013 13:51:01] - |D| - [0] - C:\Users\Debjam\AppData\Local\VirtualStore [31/08/2013 20:34:07] - |D| - [9477489] - C:\Users\Debjam\AppData\LocalLow\Adobe [24/05/2014 01:20:48] - |D| - [13056305] - C:\Users\Debjam\AppData\LocalLow\Google [20/02/2013 14:10:56] - |D| - [2239636] - C:\Users\Debjam\AppData\LocalLow\Microsoft [06/07/2017 20:28:15] - |D| - [0] - C:\Users\Debjam\AppData\LocalLow\Mozilla [11/04/2013 23:56:54] - |D| - [2158656] - C:\Users\Debjam\AppData\LocalLow\StoneTrip [07/03/2013 17:09:46] - |D| - [0] - C:\Users\Debjam\AppData\LocalLow\Temp [31/08/2013 20:34:07] - |D| - [5180595] - C:\Users\Debjam\AppData\Roaming\Adobe [17/12/2018 18:51:55] - |D| - [1996] - C:\Users\Debjam\AppData\Roaming\ApowerPDF [17/12/2018 17:33:36] - |D| - [100387] - C:\Users\Debjam\AppData\Roaming\Apowersoft [15/03/2013 20:13:52] - |D| - [11628607616] - C:\Users\Debjam\AppData\Roaming\Apple Computer [15/01/2018 18:48:18] - |D| - [6425894] - C:\Users\Debjam\AppData\Roaming\AVAST Software [07/05/2014 09:29:57] - |D| - [1606] - C:\Users\Debjam\AppData\Roaming\Canneverbe Limited [07/03/2013 17:09:24] - |D| - [799] - C:\Users\Debjam\AppData\Roaming\Capturino [28/04/2017 09:34:41] - |D| - [0] - C:\Users\Debjam\AppData\Roaming\Google [03/06/2015 19:39:52] - |D| - [74741] - C:\Users\Debjam\AppData\Roaming\HpUpdate [20/02/2013 13:51:06] - |D| - [0] - C:\Users\Debjam\AppData\Roaming\Identities [21/03/2018 22:28:24] - |D| - [65116176] - C:\Users\Debjam\AppData\Roaming\iMobie [20/02/2013 14:42:25] - |D| - [0] - C:\Users\Debjam\AppData\Roaming\InstallShield [20/02/2013 16:17:11] - |D| - [0] - C:\Users\Debjam\AppData\Roaming\Intel Corporation [12/02/2015 18:27:56] - |D| - [57911] - C:\Users\Debjam\AppData\Roaming\Macromedia [20/02/2013 13:50:48] - |D| - [0] - C:\Users\Debjam\AppData\Roaming\Media Center Programs [20/02/2013 13:50:48] - |SD| - [3110403] - C:\Users\Debjam\AppData\Roaming\Microsoft [07/03/2013 17:09:10] - |D| - [46634822] - C:\Users\Debjam\AppData\Roaming\Mozilla [26/11/2013 17:26:31] - |D| - [26873122] - C:\Users\Debjam\AppData\Roaming\OpenOffice [11/04/2013 21:06:21] - |D| - [12995552] - C:\Users\Debjam\AppData\Roaming\OpenOffice.org [06/07/2017 15:55:36] - |D| - [42] - C:\Users\Debjam\AppData\Roaming\PDF Labs [20/02/2013 15:46:49] - |D| - [23350102] - C:\Users\Debjam\AppData\Roaming\Skype [21/11/2013 02:01:02] - |D| - [26350259] - C:\Users\Debjam\AppData\Roaming\Sports Interactive [11/04/2013 23:56:54] - |D| - [112755295] - C:\Users\Debjam\AppData\Roaming\StoneTrip [30/01/2019 17:19:45] - |D| - [145385] - C:\Users\Debjam\AppData\Roaming\TunnelBear [05/05/2014 20:38:41] - |D| - [18491831] - C:\Users\Debjam\AppData\Roaming\uTorrent [28/01/2019 18:40:25] - |D| - [98439] - C:\Users\Debjam\AppData\Roaming\vlc [20/02/2013 13:51:16] - |SH| - [174] - C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [20/02/2013 13:50:49] - |SHD| - [0] - C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [20/02/2013 13:50:48] - |RD| - [19735] - C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [20/02/2013 13:50:48] - |RD| - [14639] - C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [20/02/2013 13:51:16] - |RD| - [174] - C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [03/02/2019 17:16:38] - |A| - [2263] - C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk [20/02/2013 13:51:16] - |SH| - [476] - C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [20/02/2013 13:51:18] - |A| - [1429] - C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [20/02/2013 13:50:48] - |RD| - [580] - C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [20/02/2013 13:51:16] - |RD| - [174] - C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [11/04/2013 23:56:54] - |D| - [0] - C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StoneTrip [20/02/2013 13:51:16] - |SH| - [174] - C:\Users\Debjam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] [14/07/2009 04:20:08] - |RHD| - [21766] - C:\Users\Public\Desktop [14/07/2009 05:54:24] - |ASH| - [174] - C:\Users\Public\desktop.ini [14/07/2009 04:20:08] - |RD| - [278] - C:\Users\Public\Documents [14/07/2009 04:20:08] - |RD| - [174] - C:\Users\Public\Downloads [14/07/2009 04:20:08] - |RHD| - [0] - C:\Users\Public\Favorites [14/07/2009 04:20:08] - |RHD| - [3970] - C:\Users\Public\Libraries [14/07/2009 04:20:08] - |RD| - [380] - C:\Users\Public\Music [11/05/2013 12:30:04] - |A| - [262144] - C:\Users\Public\NTUSER.DAT [11/05/2013 12:30:04] - |ASH| - [5120] - C:\Users\Public\NTUSER.DAT.LOG1 [11/05/2013 12:30:04] - |ASH| - [0] - C:\Users\Public\NTUSER.DAT.LOG2 [11/05/2013 12:30:04] - |ASH| - [65536] - C:\Users\Public\NTUSER.DAT{59deb0e5-ba29-11e2-8fa2-4c809346254d}.TM.blf [11/05/2013 12:30:04] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{59deb0e5-ba29-11e2-8fa2-4c809346254d}.TMContainer00000000000000000001.regtrans-ms [11/05/2013 12:30:04] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{59deb0e5-ba29-11e2-8fa2-4c809346254d}.TMContainer00000000000000000002.regtrans-ms [09/07/2013 18:43:13] - |ASH| - [65536] - C:\Users\Public\NTUSER.DAT{7f67c6cc-e8bb-11e2-8afa-4c809346254d}.TM.blf [09/07/2013 18:43:16] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{7f67c6cc-e8bb-11e2-8afa-4c809346254d}.TMContainer00000000000000000001.regtrans-ms [09/07/2013 18:43:19] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{7f67c6cc-e8bb-11e2-8afa-4c809346254d}.TMContainer00000000000000000002.regtrans-ms [14/07/2009 04:20:08] - |RD| - [2618837] - C:\Users\Public\Pictures [21/11/2010 07:29:25] - |RD| - [9699579] - C:\Users\Public\Recorded TV [14/07/2009 04:20:08] - |RD| - [380] - C:\Users\Public\Videos ---------- | C:\ProgramData [07/06/2014 17:09:42] - |D| - [5862] - C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [24/06/2013 18:42:27] - |D| - [361019629] - C:\ProgramData\Adobe [03/06/2015 19:38:02] - |A| - [57] - C:\ProgramData\Ament.ini [15/03/2013 20:10:38] - |D| - [294877869] - C:\ProgramData\Apple [15/03/2013 20:12:34] - |D| - [208975] - C:\ProgramData\Apple Computer [14/07/2009 06:08:56] - |SHD| - [0] - C:\ProgramData\Application Data [15/01/2018 18:45:06] - |D| - [149069855] - C:\ProgramData\AVAST Software [06/05/2013 23:34:13] - |D| - [135198] - C:\ProgramData\Avira [20/02/2013 13:50:38] - |SHD| - [0] - C:\ProgramData\Bureau [07/05/2014 09:30:08] - |D| - [0] - C:\ProgramData\Canneverbe Limited [20/02/2013 14:39:36] - |D| - [7945] - C:\ProgramData\Citrix [14/07/2009 06:08:56] - |SHD| - [0] - C:\ProgramData\Desktop [14/07/2009 06:08:56] - |SHD| - [0] - C:\ProgramData\Documents [14/03/2015 16:30:07] - |D| - [8522] - C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 [20/02/2013 13:50:38] - |SHD| - [0] - C:\ProgramData\Favoris [14/07/2009 06:08:56] - |SHD| - [0] - C:\ProgramData\Favorites [31/08/2013 20:34:12] - |D| - [74100] - C:\ProgramData\Hewlett-Packard [03/06/2015 19:39:25] - |D| - [10532235] - C:\ProgramData\HP [03/06/2015 19:40:07] - |D| - [2888338] - C:\ProgramData\HP Photo Creations [08/03/2016 18:18:09] - |D| - [4856665] - C:\ProgramData\hps [20/02/2013 14:55:12] - |D| - [513713] - C:\ProgramData\McAfee [20/02/2013 13:50:38] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [14/07/2009 04:20:08] - |SD| - [487271835] - C:\ProgramData\Microsoft [20/02/2013 13:50:38] - |SHD| - [0] - C:\ProgramData\Modèles [20/02/2013 14:48:40] - |D| - [77436012] - C:\ProgramData\NVIDIA [20/02/2013 14:47:59] - |D| - [276662198] - C:\ProgramData\NVIDIA Corporation [21/08/2014 09:03:17] - |D| - [87630516] - C:\ProgramData\Package Cache [21/03/2018 22:32:10] - |D| - [330200] - C:\ProgramData\Samsung [20/02/2013 15:46:25] - |D| - [98098040] - C:\ProgramData\Skype [14/07/2009 06:08:56] - |SHD| - [0] - C:\ProgramData\Start Menu [14/07/2009 06:08:56] - |SHD| - [0] - C:\ProgramData\Templates [08/03/2016 18:18:10] - |D| - [566610] - C:\ProgramData\tmp [03/06/2015 19:40:07] - |D| - [95268] - C:\ProgramData\Visan ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 06:01:14] - |A| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk [14/07/2009 05:49:40] - |ASH| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [20/02/2013 13:50:38] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [14/07/2009 04:20:08] - |RD| - [156866] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 05:49:40] - |A| - [1266] - C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 04:20:08] - |RD| - [43882] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [12/06/2017 08:47:12] - |A| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [31/05/2017 06:24:45] - |A| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [14/07/2009 06:32:38] - |RD| - [18363] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [17/12/2018 17:33:35] - |D| - [2434] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft [15/03/2013 20:11:38] - |A| - [2519] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [15/01/2018 18:47:49] - |D| - [1940] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software [07/03/2013 17:10:05] - |D| - [3891] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Capturino 2.41 [07/05/2014 09:29:57] - |A| - [1899] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk [14/07/2009 05:54:23] - |SH| - [1130] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [06/07/2017 20:28:02] - |A| - [936] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk [14/07/2009 06:32:38] - |RD| - [6112] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [28/07/2015 20:09:03] - |A| - [2222] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [24/05/2014 01:17:01] - |D| - [1910] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [03/06/2015 19:39:41] - |D| - [21331] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [21/03/2018 22:28:05] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie [20/02/2013 14:46:54] - |RD| - [1600] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [14/07/2009 04:20:08] - |RD| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [20/02/2013 13:44:44] - |A| - [1345] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [27/01/2015 19:11:17] - |D| - [2265] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [20/02/2013 16:17:26] - |D| - [6239] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [26/11/2013 17:25:41] - |SD| - [6144] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 [06/07/2017 15:55:16] - |D| - [2961] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFtk - The PDF Toolkit [20/02/2013 14:45:03] - |D| - [2577] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics [14/07/2009 05:57:08] - |A| - [1330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk [14/07/2009 04:20:08] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [30/01/2019 17:18:50] - |D| - [2149] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear [02/02/2019 15:08:49] - |D| - [5580] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [14/07/2009 05:57:09] - |A| - [1352] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk [20/02/2013 13:44:34] - |A| - [1326] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [14/07/2009 05:54:59] - |A| - [1210] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk [14/07/2009 05:57:06] - |A| - [1547] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [14/07/2009 05:57:08] - |A| - [1246] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 05:54:23] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [24/06/2013 18:42:42] - |D| - [336594898] - C:\Program Files (x86)\Adobe [17/12/2018 17:33:33] - |D| - [34203013] - C:\Program Files (x86)\Apowersoft [15/03/2013 20:11:37] - |D| - [2428606] - C:\Program Files (x86)\Apple Software Update [06/05/2013 23:34:13] - |D| - [0] - C:\Program Files (x86)\Avira [15/03/2013 20:10:55] - |D| - [631113] - C:\Program Files (x86)\Bonjour [07/03/2013 17:10:00] - |D| - [3352863] - C:\Program Files (x86)\CapturinoV24 [07/05/2014 09:29:56] - |D| - [19873105] - C:\Program Files (x86)\CDBurnerXP [20/02/2013 14:39:01] - |D| - [0] - C:\Program Files (x86)\Citrix [14/07/2009 04:20:08] - |D| - [246665603] - C:\Program Files (x86)\Common Files [07/03/2013 17:09:52] - |D| - [0] - C:\Program Files (x86)\Conduit [20/02/2013 14:05:47] - |D| - [0] - C:\Program Files (x86)\Dell [14/07/2009 05:54:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [20/02/2013 14:24:56] - |D| - [564047295] - C:\Program Files (x86)\Google [03/06/2015 19:40:09] - |D| - [1771958] - C:\Program Files (x86)\Hewlett-Packard [03/06/2015 19:39:25] - |D| - [13858399] - C:\Program Files (x86)\HP [03/06/2015 19:40:07] - |D| - [451059] - C:\Program Files (x86)\HP Photo Creations [21/03/2018 22:28:02] - |D| - [0] - C:\Program Files (x86)\iMobie [20/02/2013 14:17:44] - |HD| - [32076497] - C:\Program Files (x86)\InstallShield Installation Information [20/02/2013 14:42:11] - |D| - [34296166] - C:\Program Files (x86)\Intel [14/07/2009 04:20:08] - |D| - [10537481] - C:\Program Files (x86)\Internet Explorer [04/09/2015 10:54:27] - |D| - [1670519] - C:\Program Files (x86)\Microsoft ASP.NET [27/01/2015 19:11:14] - |D| - [42894550] - C:\Program Files (x86)\Microsoft Silverlight [22/02/2013 16:54:05] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [06/07/2017 20:28:01] - |D| - [356249] - C:\Program Files (x86)\Mozilla Maintenance Service [14/07/2009 06:32:38] - |D| - [25757] - C:\Program Files (x86)\MSBuild [20/02/2013 14:47:57] - |D| - [249200812] - C:\Program Files (x86)\NVIDIA Corporation [26/11/2013 17:25:14] - |D| - [339065504] - C:\Program Files (x86)\OpenOffice 4 [11/04/2013 21:05:20] - |D| - [0] - C:\Program Files (x86)\OpenOffice.org 3 [06/07/2017 15:55:15] - |D| - [13387960] - C:\Program Files (x86)\PDFtk [25/02/2013 16:40:06] - |D| - [210240] - C:\Program Files (x86)\PokerStars.FR [20/02/2013 14:17:46] - |D| - [13506559] - C:\Program Files (x86)\Realtek [14/07/2009 06:32:38] - |D| - [39191809] - C:\Program Files (x86)\Reference Assemblies [20/02/2013 14:45:01] - |D| - [1032067] - C:\Program Files (x86)\Renesas Electronics [20/02/2013 14:51:07] - |D| - [1111344] - C:\Program Files (x86)\Texas Instruments Inc [30/01/2019 17:18:50] - |D| - [197639379] - C:\Program Files (x86)\TunnelBear [14/07/2009 05:57:06] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [28/01/2019 18:39:29] - |D| - [0] - C:\Program Files (x86)\VideoLAN [14/07/2009 06:32:38] - |D| - [524800] - C:\Program Files (x86)\Windows Defender [14/07/2009 04:20:08] - |D| - [6181376] - C:\Program Files (x86)\Windows Mail [14/07/2009 06:32:38] - |D| - [5024017] - C:\Program Files (x86)\Windows Media Player [14/07/2009 04:20:08] - |D| - [12197556] - C:\Program Files (x86)\Windows NT [14/07/2009 06:32:38] - |D| - [4417800] - C:\Program Files (x86)\Windows Photo Viewer [14/07/2009 06:32:38] - |D| - [189952] - C:\Program Files (x86)\Windows Portable Devices [14/07/2009 06:32:38] - |D| - [5994626] - C:\Program Files (x86)\Windows Sidebar ---------- | C:\Program Files [15/01/2018 18:45:30] - |D| - [1382229883] - C:\Program Files\AVAST Software [15/03/2013 20:10:55] - |D| - [613967] - C:\Program Files\Bonjour [14/07/2009 04:20:08] - |D| - [207106081] - C:\Program Files\Common Files [14/07/2009 05:54:24] - |ASH| - [174] - C:\Program Files\desktop.ini [14/07/2009 06:32:38] - |D| - [90256404] - C:\Program Files\DVD Maker [20/02/2013 13:50:38] - |SHD| - [0] - C:\Program Files\Fichiers communs [03/06/2015 19:39:25] - |D| - [146965677] - C:\Program Files\HP [14/07/2009 04:20:08] - |D| - [30576284] - C:\Program Files\Internet Explorer [14/07/2009 06:32:38] - |D| - [149237810] - C:\Program Files\Microsoft Games [27/01/2015 19:11:14] - |D| - [55728894] - C:\Program Files\Microsoft Silverlight [08/03/2016 18:11:39] - |D| - [0] - C:\Program Files\Mon LIVRE PHOTO CEWE [06/07/2017 20:27:56] - |D| - [180787947] - C:\Program Files\Mozilla Firefox [14/07/2009 06:32:38] - |D| - [25757] - C:\Program Files\MSBuild [20/02/2013 14:46:52] - |D| - [862341284] - C:\Program Files\NVIDIA Corporation [14/07/2009 06:32:38] - |D| - [36850857] - C:\Program Files\Reference Assemblies [21/03/2018 22:34:00] - |D| - [38522750] - C:\Program Files\SAMSUNG [14/07/2009 06:09:26] - |HD| - [0] - C:\Program Files\Uninstall Information [02/02/2019 15:08:04] - |D| - [174855255] - C:\Program Files\VideoLAN [03/02/2019 17:15:24] - |D| - [387408] - C:\Program Files\WebBarMedia [14/07/2009 06:32:38] - |D| - [4039680] - C:\Program Files\Windows Defender [14/07/2009 04:20:08] - |D| - [6667776] - C:\Program Files\Windows Mail [14/07/2009 06:32:38] - |D| - [7687085] - C:\Program Files\Windows Media Player [14/07/2009 04:20:08] - |D| - [12627636] - C:\Program Files\Windows NT [14/07/2009 06:32:38] - |D| - [5516056] - C:\Program Files\Windows Photo Viewer [14/07/2009 06:32:38] - |D| - [244736] - C:\Program Files\Windows Portable Devices [14/07/2009 06:32:38] - |D| - [7044767] - C:\Program Files\Windows Sidebar [03/02/2019 17:22:20] - |D| - [-1] - C:\Program Files\WinZip ---------- | C:\Program Files (x86)\Common Files [24/06/2013 18:42:42] - |D| - [23543988] - C:\Program Files (x86)\Common Files\Adobe [12/02/2015 18:29:30] - |D| - [28553756] - C:\Program Files (x86)\Common Files\Adobe AIR [15/03/2013 20:10:38] - |D| - [111395781] - C:\Program Files (x86)\Common Files\Apple [20/02/2013 14:47:05] - |D| - [14249105] - C:\Program Files (x86)\Common Files\Intel [14/07/2009 04:20:08] - |D| - [16847057] - C:\Program Files (x86)\Common Files\microsoft shared [20/02/2013 14:42:41] - |D| - [161212] - C:\Program Files (x86)\Common Files\postureAgent [14/07/2009 04:20:08] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [14/07/2009 04:20:08] - |D| - [41103783] - C:\Program Files (x86)\Common Files\SpeechEngines [07/11/2013 18:29:50] - |D| - [566696] - C:\Program Files (x86)\Common Files\Steam [14/07/2009 04:20:08] - |D| - [10241523] - C:\Program Files (x86)\Common Files\System ---------- | C:\Program Files\Common files [15/03/2013 20:11:11] - |D| - [126978753] - C:\Program Files\Common files\Apple [15/01/2018 18:47:38] - |D| - [1952368] - C:\Program Files\Common files\Avast Software [20/02/2013 14:47:07] - |D| - [15724382] - C:\Program Files\Common files\Intel [14/07/2009 04:20:08] - |D| - [49648913] - C:\Program Files\Common files\Microsoft Shared [14/07/2009 04:20:08] - |D| - [2702] - C:\Program Files\Common files\Services [14/07/2009 04:20:08] - |D| - [608768] - C:\Program Files\Common files\SpeechEngines [14/07/2009 04:20:08] - |D| - [12190195] - C:\Program Files\Common files\System ---------- | Tasks [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [14/07/2009 06:08:49] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.3361F6E47FE49D82AA5760448FAF0FF7] - [14/07/2009 06:08:49] - |A| - [32496] - C:\Windows\Tasks\SCHEDLGU.TXT [MD5.5F5A8363DD62CF9B3978C8A882427801] - [25/01/2015 19:00:44] - |A| - [4476] - C:\Windows\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.00000000000000000000000000000000] - [15/03/2013 20:11:42] - |D| - [3382] - C:\Windows\System32\Tasks\Apple [MD5.9781409B5F03F7088312D8550B2BEEC0] - [15/01/2018 18:47:31] - |A| - [4168] - C:\Windows\System32\Tasks\Avast Emergency Update : C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [MD5.00000000000000000000000000000000] - [15/01/2018 18:47:39] - |D| - [4004] - C:\Windows\System32\Tasks\Avast Software [MD5.A0714754AC583D14E9F53465F377BE0B] - [20/02/2013 14:24:58] - |A| - [3374] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.3E57FAD6C7AE157FCC27567DD6EDB9D6] - [20/02/2013 14:24:59] - |A| - [3502] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.E2CDB46B7AB59FE64800F604FF0BBEA6] - [03/02/2019 17:14:01] - |A| - [3440] - C:\Windows\System32\Tasks\Hotspot Shield VPN0 : C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe [MD5.F5E443C9639471A21C8B823A53656CF4] - [03/06/2015 19:39:51] - |A| - [3614] - C:\Windows\System32\Tasks\HPCustParticipation HP ENVY 4500 series : "C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe" [MD5.00000000000000000000000000000000] - [14/07/2009 04:20:13] - |D| - [265686] - C:\Windows\System32\Tasks\Microsoft [MD5.00000000000000000000000000000000] - [14/07/2009 06:09:57] - |D| - [4478] - C:\Windows\System32\Tasks\WPD [MD5.00000000000000000000000000000000] - [14/07/2009 04:20:14] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "Netlogon-NamedPipe-In"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "{41C83EDE-F715-45D1-B414-EF30B5A208C1}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe|Name=McAfee Shared Service Host| "{02397DCE-0894-4E88-BF12-57A939B37D6E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe|Name=McAfee Shared Service Host| "{139BD5C8-6D32-4393-8B9B-90452D7AAB42}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{1923CAF8-CCC3-43A9-89DA-DCD8B182C838}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{D475D343-4AFF-4F31-9DAC-6A54BBB16709}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{1424713B-AE6E-418E-A7C7-9DF10DCF587A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{827BE7C7-55A8-474E-AC23-508D060E89E1}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002| "{40AF9427-A006-4404-9CF0-DAF91A7BEA79}"=v2.10|Action=Allow|Active=TRUE|Dir=In|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe|Name=Configuration du périphérique HP (HP ENVY 4500 series)|Edge=TRUE| "{685D5D35-02B9-46E7-AC9D-30FE23BAC791}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=5357|Name=Port TCP WS-Eventing 5357| "{E20AE9BB-A8F8-461F-9AD0-FA131F0A2F59}"=v2.10|Action=Allow|Active=TRUE|Dir=In|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe|Name=Communicateur réseau COM HP (HP ENVY 4500 series)|Edge=TRUE| "{2FB991CB-9A8E-46F2-AE99-C79CBE25DD09}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "{F200E2F8-2596-4B39-8B27-574D5558C8DB}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe|Name=Avast Emergency Update| "{551817C1-D1FC-45EC-B90B-651E7D2625C3}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe|Name=Avast Emergency Update| "TCP Query User{1880836E-C067-4090-BFDB-56E3F9002844}C:\program files (x86)\videolan\vlc\vlc.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\videolan\vlc\vlc.exe|Name=VLC media player|Desc=VLC media player|Edge=TRUE|Defer=App| "UDP Query User{9230B7D3-06EB-40D9-AB00-D1DB500632AB}C:\program files (x86)\videolan\vlc\vlc.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\videolan\vlc\vlc.exe|Name=VLC media player|Desc=VLC media player|Edge=TRUE|Defer=App| "{9338EDE9-2E77-43E3-B6D5-E4418673F750}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Users\Debjam\AppData\Local\Chromium\Application\chrome.exe|Name=Chromium (mDNS-In)|Desc=Règle de trafic entrant pour Chromium autorisant le trafic mDNS|EmbedCtxt=Chromium| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (igfx) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{183B8616-640E-4183-AED3-E3BAEFA3C927}] : (nvkflt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3F966BD9-FA04-4EC5-991C-D326973B5128}] : (AndroidUsbDeviceClass) [] -> @oem57.inf,%ClassName%;SAMSUNG Android Phone [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}] : (IPMIDRV) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4532C9EB-FEF9-43AC-83DA-D5DE1F9A2BFF}] : (nvpciflt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] : (Display) [] -> @DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) [] -> @mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}] : (Monitor) [] -> @Montr_CI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}] : (MTD) [] -> @SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}] : (Net) [] -> @NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}] : (NetClient) [] -> @NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}] : (NetService) [] -> @NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}] : (NetTrans) [] -> @NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) [] -> @StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175D334-C371-4806-B3BA-71FD53C9258D}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53D29EF7-377C-4D14-864B-EB3A85769359}] : (BiometricDevice) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{59F44B03-CCD2-460B-ACD8-53CBF375D174}] : (GEARAspiWDM) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) [] -> @NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (igfx) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) [] -> @%SystemRoot%\system32\batt.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) [] -> @hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990A2BD7-E738-46C7-B26F-1CF8FB9F1391}] : (SmartCard) [] -> @sccls.dll,-300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}] : (SideShow) [] -> @%systemroot%\system32\AuxiliaryDisplayClassInstaller.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}] : (Transfer Cable) [] -> @%SystemRoot%\System32\migwiz\migres.dll,-20 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C30ECEA0-11EF-4EF9-B02E-6AF81E6E65C0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;Fournisseur d’impression WSD [HKLM\SYSTEM\CurrentControlSet\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}] : (XnaComposite) [] -> @%SystemRoot%\system32\XInput9_1_0.dll,-1000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{DB4F6DDD-9C0E-45E4-9597-78DBBAD0F412}] : (SmartCardFilter) [] -> @sccls.dll,-301 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}] : (WPD) [] -> @wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [27/08/2015 18:16:43] - (10.18.13.5560) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 355.60) - C:\Windows\system32\DRIVERS\nvpciflt.sys [27/08/2015 18:16:42] - (10.18.13.5560) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 355.60) - C:\Windows\system32\DRIVERS\nvkflt.sys [27/08/2015 18:16:42] - (10.18.13.5560) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 355.60) - C:\Windows\system32\DRIVERS\nvlddmkm.sys [20/07/2011 07:21:50] - (1.12.14.0) - (Texas Instruments Incorporated - TI XHCI Host Controller Driver) - C:\Windows\system32\DRIVERS\tixhci.sys [31/07/2018 16:27:20] - (9.0.0.9) - (The OpenVPN Project - TAP-Windows Virtual Network Driver) - C:\Windows\system32\DRIVERS\tap-tb-0901.sys [27/08/2015 18:01:21] - (1.2.31.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\Windows\system32\drivers\nvvad64v.sys [20/07/2011 07:21:50] - (1.12.14.0) - (Texas Instruments Incorporated - TI USB3 Hub Driver) - C:\Windows\system32\DRIVERS\tihub3.sys [12/12/2018 17:30:22] - (5.1.2.253) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\Windows\System32\ATMFD.DLL [27/08/2015 18:01:33] - (4.1.1980.539) - (NVIDIA Corporation - Nvidia Streaming Kernel Service) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service R0 - [Kernel Driver] - ACPI (Pilote ACPI Microsoft) -> system32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - amdxata () -> system32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - aswArDisk (aswArDisk) -> system32\drivers\aswArDisk.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - aswbidsh (aswbidsh) -> system32\drivers\aswbidsh.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - aswblog (aswblog) -> system32\drivers\aswblog.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - aswbuniv (aswbuniv) -> system32\drivers\aswbuniv.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - aswRvrt (aswRvrt) -> system32\drivers\aswRvrt.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - aswVmm (aswVmm) -> system32\drivers\aswVmm.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - atapi (Canal IDE) -> system32\drivers\atapi.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Compbatt (Pilote de batterie composite Microsoft) -> system32\DRIVERS\compbatt.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Disk (Pilote de disque) -> system32\drivers\disk.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iaStor (Intel AHCI Controller) -> system32\DRIVERS\iaStor.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msahci () -> system32\drivers\msahci.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> system32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - nvpciflt () -> system32\DRIVERS\nvpciflt.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (Pilote de bus PCI) -> system32\drivers\pci.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - spldr (Security Processor Loader Driver) -> (?) - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (Pilote d’énumérateur de lecteur virtuel Microsoft) -> system32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgr (Pilote du Gestionnaire de volume) -> system32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (Volumes de stockage) -> system32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswArPot (aswArPot) -> system32\drivers\aswArPot.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswbidsdriver (aswbidsdriver) -> system32\drivers\aswbidsdriver.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswHdsKe (aswHdsKe) -> system32\drivers\aswHdsKe.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswKbd (aswKbd) -> system32\drivers\aswKbd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswRdr (aswRdr) -> system32\drivers\aswRdr2.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswSnx (aswSnx) -> system32\drivers\aswSnx.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswSP (aswSP) -> system32\drivers\aswSP.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - blbdrive () -> system32\DRIVERS\blbdrive.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (Pilote de CD-ROM) -> system32\DRIVERS\cdrom.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (Pilote BIOS de gestion de systèmes Microsoft) -> \SystemRoot\system32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nvkflt () -> system32\DRIVERS\nvkflt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - TermDD (Pilote de périphérique terminal) -> \SystemRoot\system32\drivers\termdd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - VgaSave () -> \SystemRoot\System32\drivers\vga.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (Virtual WiFi Filter Driver) -> system32\DRIVERS\vwififlt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - aswMonFlt (aswMonFlt) -> system32\drivers\aswMonFlt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - aswStm (aswStm) -> system32\drivers\aswStm.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) [HKU\S-1-5-21-334556959-3654049488-902140452-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\eb1921b8ebca49d84b34884bdbf0b276] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0DF7096B-715A-4233-8633-C7A16ED6D616}] : (Apple Application Support (64 bits).-.Apple Inc.) -> MsiExec.exe /I{0DF7096B-715A-4233-8633-C7A16ED6D616} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}] : (Bonjour.-.Apple Inc.) -> MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9A9B64A8-A9E8-4588-B924-D1898D3E6355}] : (Logiciel de base du périphérique HP ENVY 4500 series.-.Hewlett-Packard Co.) -> MsiExec.exe /I{9A9B64A8-A9E8-4588-B924-D1898D3E6355} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 355.60.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus] : (NVIDIA Optimus Update 2.5.14.5.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (Mises à jour NVIDIA 2.5.14.5.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer] : (NVIDIA LED Visualizer 1.0.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (SHIELD Streaming.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService] : (NVIDIA GeForce Experience Service.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service] : (NVIDIA Network Service.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 2.5.14.5.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 1.2.31.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C4123106-B685-48E6-B9BD-E4F911841EB4}] : (Apple Mobile Device Support.-.Apple Inc.) -> MsiExec.exe /I{C4123106-B685-48E6-B9BD-E4F911841EB4} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CBCCA175-DA19-424B-9D9F-5343140C884F}] : (Étude pour l'amélioration du produit HP ENVY 4500 series.-.Hewlett-Packard Co.) -> MsiExec.exe /I{CBCCA175-DA19-424B-9D9F-5343140C884F} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{EF79C448-6946-4D71-8134-03407888C054}] : (Shared C Run-time for x64.-.McAfee) -> MsiExec.exe /I{EF79C448-6946-4D71-8134-03407888C054} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DSK74TDSPW2AA] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wajam] : (Wajam.-.Wajam) -> C:\Program Files (x86)\Wajam\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}] : (HP FWUpdateEDO2.-.Hewlett-Packard) -> MsiExec.exe /I{415FA9AD-DA10-4ABE-97B6-5051D4795C90} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{42929F0F-CE14-47AF-9FC7-FF297A603021}] : (Dell Resource CD.-.Nom de votre société) -> MsiExec.exe /X{42929F0F-CE14-47AF-9FC7-FF297A603021} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{447CDCE5-F555-429B-BFA6-642C3C6D684F}] : (Apple Application Support (32 bits).-.Apple Inc.) -> MsiExec.exe /I{447CDCE5-F555-429B-BFA6-642C3C6D684F} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}] : (OpenOffice 4.0.1.-.Apache Software Foundation) -> MsiExec.exe /I{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}] : (Google Earth Plug-in.-.Google) -> MsiExec.exe /X{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5442DAB8-7177-49E1-8B22-09A049EA5996}] : (Renesas Electronics USB 3.0 Host Controller Driver.-.Renesas Electronics Corporation) -> MsiExec.exe /X{5442DAB8-7177-49E1-8B22-09A049EA5996} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}] : (Apple Software Update.-.Apple Inc.) -> MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7D5344C9-E173-4148-93EC-6137D797835A}] : (Adobe AIR.-.Adobe Systems Incorporated) -> MsiExec.exe /I{7D5344C9-E173-4148-93EC-6137D797835A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}] : (HP Update.-.Hewlett-Packard) -> MsiExec.exe /X{912D30CF-F39E-4B31-AD9A-123C6B794EE2} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824298644}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824298644} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}] : (Adobe Acrobat Reader DC - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AC0F074E4100} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}] : (TI USB3 Host Driver.-.Texas Instruments Inc.) -> MsiExec.exe /X{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BAF28CCD-121D-4C6C-B29D-4F7B51B2D1B4}] : (HP ENVY 4500 series Aide.-.Hewlett Packard) -> MsiExec.exe /I{BAF28CCD-121D-4C6C-B29D-4F7B51B2D1B4} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C65EA7B8-FC21-4896-AD44-9CE952BB1255}_is1] : (PDFtk - The PDF Toolkit version 2.02.-.PDF Labs) -> "C:\Program Files (x86)\PDFtk\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EF79C448-6946-4D71-8134-03407888C054}] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F962AFDB-43C2-4B76-BFB4-1F98090C66DA}] : (TunnelBear.-.TunnelBear) -> MsiExec.exe /I{F962AFDB-43C2-4B76-BFB4-1F98090C66DA} ---------- | Ports ---------- | Installer [HKCR\Installer\Products\11F45BA4C8F23E110BF98BCAF6798BE8] : Google Earth Plug-in -> C:\Windows\Installer\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2B0163E6D0340BE4183EB2758E9BEDD8] : Bonjour -> C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\Bonjour.ico [HKCR\Installer\Products\46B5A9879DD95AB419A50FCFA0B1B7EF] : Apple Software Update -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico [HKCR\Installer\Products\571ACCBC91ADB424D9F9353441C088F4] : Étude pour l'amélioration du produit HP ENVY 4500 series -> C:\Windows\Installer\{CBCCA175-DA19-424B-9D9F-5343140C884F}\ARP_Icon [HKCR\Installer\Products\5ECDC744555FB924FB6A46C2C3D686F4] : Apple Application Support (32 bits) -> C:\Windows\Installer\{447CDCE5-F555-429B-BFA6-642C3C6D684F}\WinInstall.ico [HKCR\Installer\Products\6013214C586B6E849BDB4E9F1148E14B] : Apple Mobile Device Support -> C:\Windows\Installer\{C4123106-B685-48E6-B9BD-E4F911841EB4}\Installer.ico [HKCR\Installer\Products\68AB67CA408033019195008142926844] : Adobe Refresh Manager -> C:\Windows\Installer\{AC76BA86-0804-1033-1959-001824298644}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA76301B744CAF070E41400] : Adobe Acrobat Reader DC - Français -> C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico [HKCR\Installer\Products\844C97FE649617D41843300487880C45] : Shared C Run-time for x64 [HKCR\Installer\Products\8A46B9A98E9A88549B421D98D8E33655] : Logiciel de base du périphérique HP ENVY 4500 series -> C:\Windows\Installer\{9A9B64A8-A9E8-4588-B924-D1898D3E6355}\ARP_Icon [HKCR\Installer\Products\8BAD244577171E94B822900A94AE9569] : Renesas Electronics USB 3.0 Host Controller Driver -> C:\Windows\Installer\{5442DAB8-7177-49E1-8B22-09A049EA5996}\ARPPRODUCTICON.exe [HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper [HKCR\Installer\Products\9C4435D7371E841439CE16737D7938A5] : Adobe AIR [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\AD064F74EB1D58D4D82FAAF1133D44F5] : OpenOffice 4.0.1 -> C:\Windows\Installer\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}\soffice.ico [HKCR\Installer\Products\B6907FD0A517332468337C1AE66D6D61] : Apple Application Support (64 bits) -> C:\Windows\Installer\{0DF7096B-715A-4233-8633-C7A16ED6D616}\WinInstall.ico [HKCR\Installer\Products\BDFA269F2C3467B4FB4BF18990C066AD] : TunnelBear [HKCR\Installer\Products\DCC82FABD121C6C42BD9F4B7152B1D4B] : HP ENVY 4500 series Aide -> C:\Windows\Installer\{BAF28CCD-121D-4C6C-B29D-4F7B51B2D1B4}\ARP_Icon [HKCR\Installer\Products\FC03D219E93F13B4DAA921C3B697E42E] : HP Update -> C:\Windows\Installer\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}\ARPPRODUCTICON.exe [HKCR\Installer\Products\FFF7BE1B44E68D3468D97BE844DCE3F0] : TI USB3 Host Driver -> C:\Windows\Installer\{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}\ARPPRODUCTICON.exe ---------- | ADS ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Nom de l’application défaillante svchost.exe_stisvc, version : 6.1.7600.16385, horodatage : 0x4a5bc3c1 Nom du module défaillant : HPWia2_EN4500.dll, version : 30.0.411.0, horodatage : 0x505b7712 Code d’exception : 0x40000015 Décalage d’erreur : 0x00000000000324ad ID du processus défaillant : 0x1c4 Heure de début de l’application défaillante : 0x01d4bbe3abfbcc81 Chemin d’accès de l’application défaillante : C:\Windows\system32\svchost.exe Chemin d’accès du module défaillant: C:\Windows\system32\HPWia2_EN4500.dll ID de rapport : 04cf0981-27d7-11e9-8eb2-4c809346254d ------------ Le programme IEXPLORE.EXE version 11.0.9600.19236 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 1edc Heure de début : 01d4bbe07eda953e Heure de fin : 5 Chemin d’accès de l’application : C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE ID de rapport : ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ ------------ ------------ Le programme vlc.exe version 3.0.6.0 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 1bf4 Heure de début : 01d4bbd94cf8153a Heure de fin : 17 Chemin d’accès de l’application : C:\Program Files\VideoLAN\VLC\vlc.exe ID de rapport : bc4d0d98-27cc-11e9-a62b-4c809346254d ------------ ------------ Le programme vlc.exe version 3.0.6.0 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 180c Heure de début : 01d4bbd40fb8e7c3 Heure de fin : 24 Chemin d’accès de l’application : C:\Program Files\VideoLAN\VLC\vlc.exe ID de rapport : 89e09283-27c7-11e9-a62b-4c809346254d ------------ Task Scheduling Error: m->NextScheduledSPRetry 1061 ------------ Task Scheduling Error: m->NextScheduledEvent 1061 ------------ Task Scheduling Error: Continuously busy for more than a second ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Le déchargement des chaînes de compteurs de performances pour le service WmiApRpl (WmiApRpl) a échoué. Le premier DWORD de la section Data contient le code d’erreur. ------------ Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données. ------------ Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données. ------------ Task Scheduling Error: m->NextScheduledSPRetry 13120 ------------ Task Scheduling Error: m->NextScheduledEvent 13120 ------------ ----------( EOF)---------- - 3836 | 19:59:50