--------------- QuickDiag | g3n-h@ckm@n | V6.208.20.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 06/09/2020 13:30:00 Updated 26/07/2020 | 09:20 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Aoss (Administrator)] - [AOSS-PC] (S-1-5-21-3730808171-3672966121-1635917966-1000) System: Microsoft Windows 7 Édition Intégrale - Service Pack 1 - (6.1.7601) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> () System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 7 Édition Intégrale |C:\Windows|\Device\Harddisk0\Partition2 Boot : Normal boot PC: All Series - ASUS - IdNumber: System Serial Number - UUID: 5568F13A-1DF2-5709-D9A9-F0795994CDD3 Processor : X64 - 3400 Mhz - Intel(R) Pentium(R) CPU G3450 @ 3.40GHz BIOS Date: 10/24/14 09:54:42 Ver: 10.03 - fr|FR|iso8859-1 - American Megatrends Inc. - S/N: System Serial Number - 1003 - ALASKA - 1072009 CoreTemp : 29.8 Celsius ----------| Quick ---------- | SoundDevice Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0887&SUBSYS_10438576&REV_1003\4&29E4DF1&0&0001 ---------- | Video Intel(R) HD Graphics - Resolution: 1680x1050 - Colors: 4294967296 - RefreshRate: 59 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: igdumdim64.dll,igd10iumd64.dll,igd10iumd64.dll,igdumdim32,igd10iumd32,igd10iumd32 - PNPDeviceID: PCI\VEN_8086&DEV_0402&SUBSYS_85341043&REV_06\3&11583659&0&10 - AdapterCompatibility: Intel Corporation - RAM: 1877721088 Inegrated Video Chipset DeviceName: Intel(R) HD Graphics - DriverVersion: 10.18.10.3412 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16384 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 22016 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 29184 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 24064 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25600 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 81408 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK ---------- | Memory Pagefile = Total (MB) : 8119 | Free (MB) : 4938 Virtual = Total (MB) : 4194 | Free (MB) : 3963 Physical Memory (MB) -------------------- Total: 3965 Available: 1712 Cached: 1622 Free: 672 Kernel Memory (MB) ------------------ Paged: 467 Nonpaged: 205 System ------ Handles: 34333 Processes: 92 Threads: 1395 ---------- | SID Users Administrateur : [S-1-5-21-3730808171-3672966121-1635917966-500] Aoss : [S-1-5-21-3730808171-3672966121-1635917966-1000] HomeGroupUser$ : [S-1-5-21-3730808171-3672966121-1635917966-1002] Invité : [S-1-5-21-3730808171-3672966121-1635917966-501] Administrateurs : [S-1-5-32-544] Duplicateurs : [S-1-5-32-552] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Opérateurs de chiffrement : [S-1-5-32-569] Opérateurs de configuration réseau : [S-1-5-32-556] Opérateurs de sauvegarde : [S-1-5-32-551] Utilisateurs : [S-1-5-32-545] Utilisateurs avec pouvoir : [S-1-5-32-547] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du Bureau à distance : [S-1-5-32-555] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] HomeUsers : [S-1-5-21-3730808171-3672966121-1635917966-1001] ---------- | Drives C:\ -> [Fixed] | [] | Total : 931.41 Go | Free : 591.38 Go -> NTFS [SATA] D:\ -> [Fixed] | [Nanou,Cécé,Coco,Cameron] | Total : 225.25 Go | Free : 70.42 Go -> NTFS [SATA] E:\ -> [Fixed] | [Musique Aoss] | Total : 148.5 Go | Free : 139.15 Go -> NTFS [SATA] Drive: 0 Cylinders: 121601 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 1000204886016 bytes Drive: 1 Cylinders: 30401 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 250059350016 bytes Drive: 2 Cylinders: 20023 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 164696555520 bytes ---------- | Windows updates - Activation - License W.A.T : :) Last detection : 2020-09-05 17:34:00 Downloaded last ones : 2020-06-26 13:52:12 Installed last ones : 2020-06-27 01:01:37 Next search : 2020-09-06 14:11:03 Test 1 : Windows Is Activated Volume License ---------- | Browsers IE : 11.0.9600.19597 (© Microsoft Corporation. Tous droits réservés.) Default : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "" ---------- | FlashPlayer ---------- | Security FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Auto(2)] = Running AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 376 | [Owner : Système | Parent : 4(System) | 0.07 Mo] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7601.24545) = C:\Windows\System32\smss.exe [15/01/2020 14:41:03] CPU Usage:0 % 544 | [Owner : Système | Parent : 536() | 1.99 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe [14/07/2009 01:19:49] CPU Usage:0 % 632 | [Owner : Système | Parent : 624() | 36.16 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe [14/07/2009 01:19:49] CPU Usage:0 % 640 | [Owner : Système | Parent : 536() | 0.12 Mo] - (.Microsoft Corporation - Application de démarrage de Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe [14/07/2009 01:52:37] CPU Usage:0 % 680 | [Owner : Système | Parent : 624() | 2.01 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.1.7601.24514) = C:\Windows\System32\winlogon.exe [11/09/2019 14:57:57] CPU Usage:0 % 736 | [Owner : Système | Parent : 640(wininit.exe) | 7.2 Mo] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.1.7601.24537) = C:\Windows\System32\services.exe [11/12/2019 16:54:05] CPU Usage:0 % 744 | [Owner : Système | Parent : 640(wininit.exe) | 10.37 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.24545) = C:\Windows\System32\lsass.exe [15/01/2020 14:41:00] CPU Usage:0 % 756 | [Owner : Système | Parent : 640(wininit.exe) | 2.26 Mo] - (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe [21/11/2010 05:23:53] CPU Usage:0 % 856 | [Owner : Système | Parent : 736(services.exe) | 4.79 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 956 | [Owner : SERVICE RÉSEAU | Parent : 736(services.exe) | 5.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 308 | [Owner : SERVICE LOCAL | Parent : 736(services.exe) | 16.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 556 | [Owner : Système | Parent : 736(services.exe) | 163.13 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 596 | [Owner : SERVICE LOCAL | Parent : 736(services.exe) | 15.87 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 768 | [Owner : Système | Parent : 736(services.exe) | 28.84 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1192 | [Owner : SERVICE RÉSEAU | Parent : 736(services.exe) | 12.28 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1320 | [Owner : Système | Parent : 736(services.exe) | 185.02 Mo] - (.AVAST Software - Avast Service.) - (20.6.5495.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe [12/08/2020 17:54:15] CPU Usage:0 % 1468 | [Owner : Aoss | Parent : 556(svchost.exe) | 26.1 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe [14/07/2009 01:37:38] CPU Usage:4 % 1480 | [Owner : Aoss | Parent : 1460() | 46.72 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.23537) = C:\Windows\explorer.exe [13/10/2016 09:36:20] CPU Usage:0 % 1684 | [Owner : Aoss | Parent : 1480(explorer.exe) | 1.33 Mo] - (.Intel Corporation - igfxTray Module.) - (8.15.10.3412) = C:\Windows\System32\igfxtray.exe [03/06/2016 09:56:39] CPU Usage:0 % 1700 | [Owner : Aoss | Parent : 1480(explorer.exe) | 1.6 Mo] - (.Intel Corporation - hkcmd Module.) - (8.15.10.3412) = C:\Windows\System32\hkcmd.exe [03/06/2016 09:56:42] CPU Usage:0 % 1732 | [Owner : Aoss | Parent : 856(svchost.exe) | 3.57 Mo] - (.Intel Corporation - igfxsrvc Module.) - (8.15.10.3412) = C:\Windows\System32\igfxsrvc.exe [03/06/2016 09:56:39] CPU Usage:0 % 1740 | [Owner : Aoss | Parent : 1480(explorer.exe) | 3.43 Mo] - (.Intel Corporation - persistence Module.) - (8.15.10.3412) = C:\Windows\System32\igfxpers.exe [03/06/2016 09:56:39] CPU Usage:0 % 1800 | [Owner : Système | Parent : 736(services.exe) | 6.82 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.24000) = C:\Windows\System32\spoolsv.exe [08/01/2018 20:16:57] CPU Usage:0 % 1888 | [Owner : SERVICE LOCAL | Parent : 736(services.exe) | 11.39 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 808 | [Owner : Aoss | Parent : 736(services.exe) | 7.82 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe [05/06/2016 21:42:55] CPU Usage:0 % 1040 | [Owner : Aoss | Parent : 1480(explorer.exe) | 3.06 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.592.0) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [09/11/2016 10:48:54] CPU Usage:0 % 1212 | [Owner : Aoss | Parent : 1480(explorer.exe) | 2.8 Mo] - (.Apple Inc. - iTunesHelper.) - (12.10.7.3) = C:\Program Files\iTunes\iTunesHelper.exe [20/05/2020 12:36:52] CPU Usage:0 % 1344 | [Owner : Aoss | Parent : 1972() | 46.78 Mo] - (.AVAST Software - Avast Antivirus.) - (20.6.5495.0) = C:\Program Files\AVAST Software\Avast\AvastUI.exe [12/08/2020 17:54:29] CPU Usage:0 % 1368 | [Owner : Aoss | Parent : 1480(explorer.exe) | 11.55 Mo] - (.Apple Inc. - iCloud Services.) - (73.0.0.73) = C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [26/06/2018 16:10:08] CPU Usage:0 % 2112 | [Owner : Système | Parent : 736(services.exe) | 5.83 Mo] - (.Index Education -.) - (1.0.0.74) = C:\Program Files (x86)\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe [30/07/2019 10:00:34] CPU Usage:0 % 2140 | [Owner : Aoss | Parent : 1480(explorer.exe) | 4.12 Mo] - (.TP-Link Technologies Co., Ltd - TP-Link Wireless Adapter WPS Tool.) - (1.0.0.1) = C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\TWCU.exe [26/09/2019 12:01:57] CPU Usage:0 % 2212 | [Owner : Aoss | Parent : 1480(explorer.exe) | 2.04 Mo] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - (9.0.0.0) = C:\Windows\System32\spool\drivers\x64\3\E_YATINFE.EXE [22/09/2016 16:28:46] CPU Usage:0 % 2256 | [Owner : Aoss | Parent : 1480(explorer.exe) | 2.09 Mo] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - (9.0.0.0) = C:\Windows\System32\spool\drivers\x64\3\E_YATINFE.EXE [22/09/2016 16:28:46] CPU Usage:0 % 2348 | [Owner : Aoss | Parent : 1480(explorer.exe) | 2.74 Mo] - (.Adobe Systems Incorporated - Adobe Collaboration Synchronizer 20.12.) - (20.12.20043.3217) = C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [17/08/2020 23:45:10] CPU Usage:0 % 2440 | [Owner : Aoss | Parent : 1480(explorer.exe) | 0.67 Mo] - (.-.) - (1.1.24.1) = C:\Windows\SysWOW64\Codecs\TrayMenu.exe [08/11/2017 18:49:08] CPU Usage:0 % 2624 | [Owner : Aoss | Parent : 2372() | 1.13 Mo] - (.Intel Corporation - iusb3mon.) - (3.0.1.41) = C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [02/06/2016 16:54:51] CPU Usage:0 % 2724 | [Owner : Aoss | Parent : 2348(AdobeCollabSync.exe) | 5.9 Mo] - (.Adobe Systems Incorporated - Adobe Collaboration Synchronizer 20.12.) - (20.12.20043.3217) = C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [17/08/2020 23:45:10] CPU Usage:0 % 2756 | [Owner : Système | Parent : 736(services.exe) | 0.95 Mo] - (.Adobe Inc. - Adobe Acrobat Update Service.) - (1.824.39.564) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [08/07/2020 12:45:14] CPU Usage:0 % 2812 | [Owner : Système | Parent : 736(services.exe) | 6.62 Mo] - (.Apple Inc. - MobileDeviceService.) - (474.120.1.13) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [20/05/2020 10:33:46] CPU Usage:4 % 2824 | [Owner : Aoss | Parent : 2372() | 2.69 Mo] - (.SEIKO EPSON CORPORATION - EEventManager Application.) - (3.2.0.0) = C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe [20/01/2016 13:21:14] CPU Usage:0 % 2868 | [Owner : Aoss | Parent : 2392(svchost.exe) | 9.91 Mo] - (.Piriform Software Ltd - CCleaner.) - (5.68.0.7820) = C:\Program Files\CCleaner\CCleaner64.exe [17/06/2020 18:44:38] CPU Usage:0 % 1528 | [Owner : Système | Parent : 736(services.exe) | 1.82 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [07/02/2018 21:37:46] CPU Usage:0 % 2596 | [Owner : Système | Parent : 736(services.exe) | 3.12 Mo] - (.Apple Inc. - Bonjour Service.) - (3.1.0.1) = C:\Program Files\Bonjour\mDNSResponder.exe [12/08/2015 16:03:42] CPU Usage:0 % 2392 | [Owner : Système | Parent : 736(services.exe) | 7.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 3076 | [Owner : Système | Parent : 736(services.exe) | 0.99 Mo] - (.Seiko Epson Corporation - Epson Scanner Service (64bit).) - (1.1.0.1) = C:\Windows\System32\escsvc64.exe [22/09/2016 16:24:16] CPU Usage:0 % 3164 | [Owner : Système | Parent : 736(services.exe) | 0.98 Mo] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - (8.0.0.0) = C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [22/09/2016 16:33:03] CPU Usage:0 % 3212 | [Owner : Système | Parent : 736(services.exe) | 1.6 Mo] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.31.8.1) = C:\Program Files\Intel\iCLS Client\HeciServer.exe [27/08/2013 14:32:14] CPU Usage:0 % 3316 | [Owner : Système | Parent : 736(services.exe) | 2.62 Mo] - (.Seiko Epson Corporation - MyEpson Portal Service.) - (1.0.3.3) = C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe [28/06/2017 16:01:20] CPU Usage:0 % 3428 | [Owner : Aoss | Parent : 3316(mepService.exe) | 13.41 Mo] - (.Seiko Epson Corporation - MyEpson Portal.) - (1.1.3.2) = C:\Program Files (x86)\epson\MyEpson Portal\mep.exe [15/06/2020 19:40:00] CPU Usage:0 % 3436 | [Owner : SERVICE LOCAL | Parent : 736(services.exe) | 2.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 3980 | [Owner : Système | Parent : 736(services.exe) | 2.43 Mo] - (.Apple Inc. - iPod Service.) - (12.10.7.3) = C:\Program Files\iPod\bin\iPodService.exe [20/05/2020 12:36:54] CPU Usage:0 % 4072 | [Owner : Système | Parent : 736(services.exe) | 11.6 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.24542) = C:\Windows\System32\SearchIndexer.exe [15/01/2020 14:41:33] CPU Usage:0 % 4236 | [Owner : SERVICE RÉSEAU | Parent : 736(services.exe) | 3.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 4508 | [Owner : SERVICE LOCAL | Parent : 556(svchost.exe) | 1.1 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (6.2.9200.16384) = C:\Windows\System32\WUDFHost.exe [06/06/2016 11:20:11] CPU Usage:0 % 4576 | [Owner : Aoss | Parent : 856(svchost.exe) | 7.97 Mo] - (.Apple Inc. - Apple Push.) - (2.14.0.196) = C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [06/05/2020 23:13:20] CPU Usage:0 % 4780 | [Owner : SERVICE LOCAL | Parent : 556(svchost.exe) | 1.28 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (6.2.9200.16384) = C:\Windows\System32\WUDFHost.exe [06/06/2016 11:20:11] CPU Usage:0 % 5852 | [Owner : SERVICE RÉSEAU | Parent : 736(services.exe) | 14.62 Mo] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe [21/11/2010 05:25:05] CPU Usage:0 % 6908 | [Owner : Aoss | Parent : 1840() | 4.81 Mo] - (.Intel Corporation - IAStorIcon.) - (12.8.0.1016) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [07/08/2013 14:24:00] CPU Usage:0 % 7128 | [Owner : SERVICE LOCAL | Parent : 736(services.exe) | 7.75 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1664 | [Owner : SERVICE LOCAL | Parent : 736(services.exe) | 11.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 6064 | [Owner : Système | Parent : 736(services.exe) | 16.93 Mo] - (.McAfee, LLC - McAfee WebAdvisor.) - (4.1.1.148) = C:\Program Files\McAfee\WebAdvisor\servicehost.exe [05/06/2019 07:35:08] CPU Usage:0 % 5952 | [Owner : Aoss | Parent : 6064(servicehost.exe) | 7.59 Mo] - (.McAfee, LLC - McAfee WebAdvisor.) - (4.1.1.148) = C:\Program Files\McAfee\WebAdvisor\uihost.exe [05/06/2019 07:35:08] CPU Usage:0 % 7244 | [Owner : Système | Parent : 3012() | 0.95 Mo] - (.AVAST Software - Avast Browser Update.) - (1.4.136.333) = C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe [12/04/2018 03:23:00] CPU Usage:0 % 7812 | [Owner : Système | Parent : 3012() | 0.08 Mo] - (.AVAST Software - Avast Browser Update.) - (1.4.136.333) = C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe [12/04/2018 03:23:00] CPU Usage:0 % 7208 | [Owner : Système | Parent : 736(services.exe) | 13.8 Mo] - (.Intel Corporation - IAStorDataSvc.) - (12.8.0.1016) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [07/08/2013 14:24:00] CPU Usage:0 % 836 | [Owner : Système | Parent : 736(services.exe) | 1.19 Mo] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (9.5.12.1682) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [03/06/2016 10:30:38] CPU Usage:0 % 7584 | [Owner : Système | Parent : 736(services.exe) | 2.64 Mo] - (.Intel Corporation - Intel(R) Local Management Service.) - (9.5.10.1628) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [03/06/2016 10:29:45] CPU Usage:0 % 5276 | [Owner : Aoss | Parent : 768(svchost.exe) | 1.72 Mo] - (.Microsoft Corporation - Windows Update.) - (7.6.7601.24542) = C:\Windows\System32\wuauclt.exe [15/01/2020 14:41:10] CPU Usage:0 % 7792 | [Owner : Aoss | Parent : 1344(AvastUI.exe) | 2.97 Mo] - (.AVAST Software - Avast Antivirus.) - (20.6.5495.0) = C:\Program Files\AVAST Software\Avast\AvastUI.exe [12/08/2020 17:54:29] CPU Usage:0 % 3100 | [Owner : Aoss | Parent : 736(services.exe) | 10.18 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe [05/06/2016 21:42:55] CPU Usage:0 % 3208 | [Owner : Système | Parent : 736(services.exe) | 12.03 Mo] - (.Microsoft Corporation - Programme d’installation pour les modules Windows.) - (6.1.7601.17514) = C:\Windows\servicing\TrustedInstaller.exe [21/11/2010 05:24:03] CPU Usage:0 % 8160 | [Owner : SERVICE LOCAL | Parent : 308(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (6.1.7601.24523) = C:\Windows\System32\audiodg.exe [04/10/2019 16:14:53] CPU Usage:0 % 7292 | [Owner : Système | Parent : 736(services.exe) | 1.75 Mo] - (.Microsoft Corporation - Microsoft Compatibility Telemetry.) - (10.0.18362.1023) = C:\Windows\System32\CompatTelRunner.exe [11/12/2019 16:54:02] CPU Usage:0 % 8648 | [Owner : Système | Parent : 544(csrss.exe) | 3.53 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (6.1.7601.24545) = C:\Windows\System32\conhost.exe [15/01/2020 14:41:31] CPU Usage:0 % 5336 | [Owner : Système | Parent : 768(svchost.exe) | 5.82 Mo] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe [21/11/2010 05:24:27] CPU Usage:0 % 8684 | [Owner : Système | Parent : 7292(CompatTelRunner.exe) | 27.29 Mo] - (.Microsoft Corporation - Microsoft Compatibility Telemetry.) - (10.0.18362.1023) = C:\Windows\System32\CompatTelRunner.exe [11/12/2019 16:54:02] CPU Usage:0 % 3944 | [Owner : SERVICE RÉSEAU | Parent : 856(svchost.exe) | 16.23 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe [21/11/2010 05:24:15] CPU Usage:0 % 8196 | [Owner : Aoss | Parent : 7860() | 292.45 Mo] - (.Mozilla Corporation - Firefox.) - (80.0.1.7548) = C:\Program Files\Mozilla Firefox\firefox.exe [02/09/2020 21:23:09] CPU Usage:35 % 8352 | [Owner : Aoss | Parent : 8196(firefox.exe) | 76.84 Mo] - (.Mozilla Corporation - Firefox.) - (80.0.1.7548) = C:\Program Files\Mozilla Firefox\firefox.exe [02/09/2020 21:23:09] CPU Usage:0 % 8440 | [Owner : Aoss | Parent : 8196(firefox.exe) | 95.53 Mo] - (.Mozilla Corporation - Firefox.) - (80.0.1.7548) = C:\Program Files\Mozilla Firefox\firefox.exe [02/09/2020 21:23:09] CPU Usage:0 % 3724 | [Owner : Aoss | Parent : 8196(firefox.exe) | 334.75 Mo] - (.Mozilla Corporation - Firefox.) - (80.0.1.7548) = C:\Program Files\Mozilla Firefox\firefox.exe [02/09/2020 21:23:09] CPU Usage:8 % 9044 | [Owner : Aoss | Parent : 8196(firefox.exe) | 61.56 Mo] - (.Mozilla Corporation - Firefox.) - (80.0.1.7548) = C:\Program Files\Mozilla Firefox\firefox.exe [02/09/2020 21:23:09] CPU Usage:0 % 8884 | [Owner : Aoss | Parent : 8196(firefox.exe) | 46.88 Mo] - (.Mozilla Corporation - Firefox.) - (80.0.1.7548) = C:\Program Files\Mozilla Firefox\firefox.exe [02/09/2020 21:23:09] CPU Usage:0 % 2928 | [Owner : SERVICE RÉSEAU | Parent : 736(services.exe) | 10.33 Mo] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe [21/11/2010 05:23:56] CPU Usage:0 % 9008 | [Owner : Aoss | Parent : 8196(firefox.exe) | 37.78 Mo] - (.Mozilla Corporation - Firefox.) - (80.0.1.7548) = C:\Program Files\Mozilla Firefox\firefox.exe [02/09/2020 21:23:09] CPU Usage:0 % 8760 | [Owner : Aoss | Parent : 8196(firefox.exe) | 51.5 Mo] - (.SosVirus - QuickDiag.) - (6.208.20.1) = C:\Users\Aoss\Downloads\QuickDiag.exe [06/09/2020 13:29:19] CPU Usage:0 % 5476 | [Owner : Système | Parent : 856(svchost.exe) | 6.86 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe [21/11/2010 05:24:15] CPU Usage:0 % 5080 | [Owner : SERVICE RÉSEAU | Parent : 856(svchost.exe) | 7.45 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [21/11/2010 05:24:27] CPU Usage:0 % ---------- | Locked Applications ---------- | Policy Restrictions ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (.AVAST Software.-.Avast Shell Extension.) - (20.6.5495.0) -- C:\Program Files\AVAST Software\Avast\ashShell.dll (.Fraunhofer Institut Integrierte Schaltungen IIS.-.MPEG Layer-3 Audio Codec for MSACM.) - (1.9.0.401) -- C:\Windows\System32\l3codeca.acm ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) ---------- | svchost.exe Modules (Microsoft Files Whitelisted) (.Realtek Semiconductor Corp..-.Realtek(r) LFX/GFX DSP component.) - (11.0.6000.536) -- C:\Windows\system32\RltkAPO64.dll (.Apple Inc..-.Bonjour Namespace Provider.) - (3.1.0.1) -- C:\Program Files\Bonjour\mdnsNSP.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU GigaTribe - (GigaTribe.lnk [Startup]) - User: Aoss-PC\Aoss iCloudServices - ("C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\...\Run]) - User: Aoss-PC\Aoss CCleaner Smart Cleaning - ("C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\...\Run]) - User: Aoss-PC\Aoss EPLTarget\P0000000000000002 - (C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINFE.EXE /EPT "EPLTarget\P0000000000000002" /M "XP-225 Series" [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\...\Run]) - User: Aoss-PC\Aoss AvastBrowserAutoLaunch_8631E2535E55138CCBCF7DAB046B6797 - ("C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\...\Run]) - User: Aoss-PC\Aoss WPSTool - (C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\TWCU.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\...\Run]) - User: Aoss-PC\Aoss EPLTarget\P0000000000000000 - (C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINFE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-225 Series" [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\...\Run]) - User: Aoss-PC\Aoss EPLTarget\P0000000000000001 - (C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINFE.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-225 Series" [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\...\Run]) - User: Aoss-PC\Aoss Adobe Reader Synchronizer - ("C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\...\Run]) - User: Aoss-PC\Aoss CodecPackTrayMenu - (C:\Windows\SysWOW64\Codecs\TrayMenu.exe [Common Startup]) - User: Public IgfxTray - ("C:\Windows\system32\igfxtray.exe" [HKLM\SOFTWARE\...\Run]) - User: Public HotKeysCmds - ("C:\Windows\system32\hkcmd.exe" [HKLM\SOFTWARE\...\Run]) - User: Public Persistence - ("C:\Windows\system32\igfxpers.exe" [HKLM\SOFTWARE\...\Run]) - User: Public IAStorIcon - ("C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [HKLM\SOFTWARE\...\Run]) - User: Public AvastUI.exe - ("C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui [HKLM\SOFTWARE\...\Run]) - User: Public RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s [HKLM\SOFTWARE\...\Run]) - User: Public iTunesHelper - ("C:\Program Files\iTunes\iTunesHelper.exe" [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 [03/06/2018 18:27:06] "PathCompletionChar"=9 [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Run] "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "CCleaner Smart Cleaning"="C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR "EPLTarget\P0000000000000002"=C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINFE.EXE /EPT "EPLTarget\P0000000000000002" /M "XP-225 Series" "AvastBrowserAutoLaunch_8631E2535E55138CCBCF7DAB046B6797"="C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" "WPSTool"=C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\TWCU.exe [26/09/2019 12:01:57] "EPLTarget\P0000000000000000"=C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINFE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-225 Series" "EPLTarget\P0000000000000001"=C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINFE.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-225 Series" "Adobe Reader Synchronizer"="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "UserSelectedDefault"=1 [03/06/2018 18:27:06] "Device"=XP-225 Series(Réseau),winspool,Ne03: [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 [03/06/2018 18:27:06] "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "IconServiceLib"=IconCodecService.dll "DdeSendTimeout"=0 "DesktopHeapLogging"=1 [03/06/2018 18:27:06] "GDIProcessHandleQuota"=10000 "ShutdownWarningDialogTimeout"=4294967295 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 ""=mnmsrvc "DeviceNotSelectedTimeout"=15 "Spooler"=yes "TransmissionRetryTimeout"=90 "AppInit_DLLs"= "LoadAppInit_DLLs"=0 [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 [03/06/2018 18:27:06] "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true "Codec Settings UAC Manager"="C:\Windows\system32\Codecs\CodecUACManager.exe" "EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] "IconServiceLib"=IconCodecService.dll "DdeSendTimeout"=0 "DesktopHeapLogging"=1 [03/06/2018 18:27:06] "GDIProcessHandleQuota"=10000 "ShutdownWarningDialogTimeout"=4294967295 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 ""=mnmsrvc "DeviceNotSelectedTimeout"=15 "Spooler"=yes "TransmissionRetryTimeout"=90 "AppInit_DLLs"= "LoadAppInit_DLLs"=0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List Adobe Acrobat Update Task AdobeAAMUpdater-1.0-Aoss-PC-Aoss AdobeGCInvoker-1.0 Avast Emergency Update Avast Secure Browser Heartbeat Task (Hourly) Avast Secure Browser Heartbeat Task (Logon) AvastUpdateTaskMachineCore AvastUpdateTaskMachineUA CCleaner Update CCleanerSkipUAC EPSON XP-225 Series Update {02477507-3FA4-45DD-998B-D4B846DCC969} EPSON XP-225 Series Update {21B56D48-0957-4FCF-A937-95D7BE86C954} EPSON XP-225 Series Update {39EE5E50-1FB8-419A-B7CC-153A35699E9B} EPSON XP-225 Series Update {E05ECC79-D1F2-4356-85B2-5C11E3287484} Selection Tools Update {0B4AE017-FFD2-4CC5-86D9-BCC5AED7BBAC} {3E471522-1FC0-4BB9-A7E9-FD31CA12AA2E} {9557689C-0638-470B-BA97-8628202F59B8} {C4B4E0CB-948F-4D7D-97C6-49120FA0D8DE} {F88984A5-7702-485D-A27D-15B1B0F87E95} ---------- | Startings up registry ¦ Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "PreshutdownOrder"=wuauserv gpsvc trustedinstaller "WaitToKillServiceTimeout"=2000 "CurrentUser"=USERNAME "BootDriverFlags"=0 "ServiceControlManagerExtension"=%systemroot%\system32\scext.dll "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) "ServicesPipeTimeout"=60000 [HKLM\System\CurrentControlSet\Control\lsa] "auditbaseobjects"=0 "auditbasedirectories"=0 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "Bounds"=0x0030000000200000 "LimitBlankPasswordUse"=1 [03/06/2018 18:27:06] "NoLmHash"=1 [03/06/2018 18:27:06] "Notification Packages"=scecli "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u "Authentication Packages"=msv1_0 "LsaPid"=744 "SecureBoot"=1 [03/06/2018 18:27:06] "ProductType"=1 [03/06/2018 18:27:06] "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 [03/06/2018 18:27:06] [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "CriticalSectionTimeout"=2592000 "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "ProcessorControl"=2 "ResourceTimeoutCount"=648000 "BootExecute"=autocheck autochk * "ExcludeFromKnownDlls"= "ObjectDirectories"=\Windows \RPC Control "ProtectionMode"=1 [03/06/2018 18:27:06] "NumberOfInitialSessions"=2 "SetupExecute"= "PendingFileRenameOperations"=\??\C:\Program Files\McAfee\WebAdvisor\O00DC4A.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00DC9F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01DCA0.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00DC6B.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O01DCA2.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01DD80.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00DC7E.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00DC7F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00DD82.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00DEAD.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00DEAE.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00DEAF.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00DEBF.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00DC7C.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00DC7D.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O01DD7D.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O01DE9C.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O01DED2.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O01DED3.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00DD7F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00DEC0.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00DD81.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00DEF6.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00DEC1.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01DCA1.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01DF09.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00DC4B.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00DF07.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00DD7E.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00DEF5.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01DF19.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00DF08.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00DF1A.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00DF1D.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01DF1E.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00DF1F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00DF31.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00DF32.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00DF1C.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00DF33.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01DF20.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01DFA2.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00DF1B.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O01DED4.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00DF34.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O01DED5.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00DFB4.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O01DFC4.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00DFC6.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00DFC5.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00DFD8.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00DFF8.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01DFA3.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01DFFB.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01DFFC.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01DFFD.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01DFFE.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O01DFC7.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E01E.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O01E01F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E020.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00DFF9.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00DFFA.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E021.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E042.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E041.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E054.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E053.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E056.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E067.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E068.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E069.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E06A.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E055.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E07A.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E07B.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E07C.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E07D.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E07E.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E091.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E0FF.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E100.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E101.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E16F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E170.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E171.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E090.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E08F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E182.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E184.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E183.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E194.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E196.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E195.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1A7.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E1A8.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E1A9.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1AA.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1AB.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E1AD.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1AE.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E1AF.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E1AC.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1B0.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E1B2.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1B3.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E1B4.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1B5.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1B7.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E1B6.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1C8.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E1C9.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1CA.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1CB.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E1CC.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1CD.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E1CE.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1CF.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1D1.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1E1.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1E2.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1E3.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1E4.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1E5.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1E6.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1E7.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1E8.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1E9.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1FA.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1FB.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1FC.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1FD.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1FE.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E1FF.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E200.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E210.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E211.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E212.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E213.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E224.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E225.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E226.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E227.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E228.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E229.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E259.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E269.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E26A.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E26B.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E26C.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E27D.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E27E.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E27F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E290.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E291.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E292.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E293.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E294.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E2A4.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E2B5.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E2C5.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E2C6.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E2C7.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E2C8.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E356.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E1D0.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E4AE.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E4BF.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E4C0.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E1B1.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E510.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E520.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E561.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E560.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E571.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E4C1.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E573.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E572.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E5E1.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E5E2.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E5F3.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E826.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E867.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E827.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E828.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00E878.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00EB29.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E879.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01EB2B.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00EB28.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01EB3C.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01EB4D.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01EBDB.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01EBDC.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00EB2A.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00EB4C.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01EBDD.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01EC0D.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01ED27.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01ED49.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01ED59.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01ED5A.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01ED7A.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01ED8B.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01ED8C.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01ED8D.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01ED8E.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01ED9F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01EDA0.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01EDB0.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01EDC1.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01EDC2.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01EDC3.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01EDC4.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00ED26.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01EDD4.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00ED48.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00EDD6.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01EDE7.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01EDE9.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01EDFA.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00EDD5.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00EDE8.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01EDFB.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01EDFC.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01EE1E.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00EE1D.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00EDFD.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F540.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F561.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F582.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F583.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F584.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F585.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F562.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F560.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F75B.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F586.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F75C.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F81A.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F75D.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F83B.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F83C.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F83E.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F83F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F840.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F83D.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F81B.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F851.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F852.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F853.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F854.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F855.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F856.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F857.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F858.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F841.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F859.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F85A.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F85C.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F85B.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F85D.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F86E.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F870.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F86F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F872.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F871.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F873.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F884.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F885.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F887.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F886.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F888.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F889.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F88A.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F88B.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F88C.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F88D.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F89D.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F89E.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F89F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8A0.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8A2.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F8A1.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8A3.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F8A4.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F8A5.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8A6.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F8A7.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8A8.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8A9.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F8AA.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8AB.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F8AC.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8AD.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8AF.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F8AE.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8C0.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8C2.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8D2.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8D3.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8D4.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8D5.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8D6.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8D7.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8D8.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8D9.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8DA.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8DB.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8EC.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8ED.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8EE.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8EF.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8F0.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F8F1.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F8C1.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F93F.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F940.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F941.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F942.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F943.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F944.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F954.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F955.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F956.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F957.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F958.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F959.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F95A.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F95B.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F95C.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F95D.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F95E.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F95F.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F970.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F971.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F973.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F974.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F975.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F976.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F977.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F978.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F979.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F972.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F97A.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F9BA.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F9CB.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01F9DC.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FA69.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FA7A.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F9B9.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FA7B.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FA7C.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00FA8C.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00FA8D.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FA8E.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FAA0.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FAB0.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FAB1.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FAB2.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FAC3.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FAC4.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FAD5.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FAD6.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FAD7.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FAE7.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FAE8.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FAE9.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FAEA.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FAEB.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FAEC.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FAED.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FAFE.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FAFF.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB00.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB01.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB11.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB12.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB13.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB14.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB15.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB16.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB17.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB28.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB29.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB2A.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB2B.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB2C.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB2D.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB2E.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB2F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB40.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB41.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB42.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB52.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB63.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB64.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB65.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB66.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB67.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB68.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB69.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB6A.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB6B.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB6C.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB7C.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB7D.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB7E.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB7F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB80.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB81.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FB82.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00FA9F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FC00.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FC12.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00FC11.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FC22.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FC44.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FC54.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00FC43.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FC65.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FC66.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00FC67.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FC68.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FD92.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00FD91.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FD93.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FD94.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00FDD4.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FDE5.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FEE0.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00FDD5.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00FEE2.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FEE1.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01FF51.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01E.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O019D.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O009E.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0111B.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0111D.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O0011C.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0112E.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O0013F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01140.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00150.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01151.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01164.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01175.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00176.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01187.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01189.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0119A.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0119B.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0119C.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00188.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0119D.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O0019E.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0119F.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O001A0.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O001A1.tmp \??\C:\Program Files\McAfee\WebAdvisor\O011B1.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O001B2.tmp \??\C:\Program Files\McAfee\WebAdvisor\O011B3.tmp \??\C:\Program Files\McAfee\WebAdvisor\O011B5.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O001B4.tmp \??\C:\Program Files\McAfee\WebAdvisor\O011C6.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O001C7.tmp \??\C:\Program Files\McAfee\WebAdvisor\O011C8.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O001C9.tmp \??\C:\Program Files\McAfee\WebAdvisor\O011CA.tmp \??\C:\Program Files\McAfee\WebAdvisor\O011CB.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O001DB.tmp \??\C:\Program Files\McAfee\WebAdvisor\O011DD.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O001DC.tmp \??\C:\Program Files\McAfee\WebAdvisor\O011EE.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O001EF.tmp \??\C:\Program Files\McAfee\WebAdvisor\O011F0.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O001F1.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01202.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00203.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01204.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01215.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00205.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01216.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00217.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01237.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01238.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0124A.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00249.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0124B.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O0024C.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0124D.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O0025E.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0125F.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00260.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01261.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01263.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00262.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01273.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00274.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01275.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01277.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01288.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00276.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01289.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0128A.tmp \??\C:\Program Files\McAfee\WebAdvisor\O012AB.tmp \??\C:\Program Files\McAfee\WebAdvisor\O012AC.tmp \??\C:\Program Files\McAfee\WebAdvisor\O012AD.tmp \??\C:\Program Files\McAfee\WebAdvisor\O012CD.tmp \??\C:\Program Files\McAfee\WebAdvisor\O012CE.tmp \??\C:\Program Files\McAfee\WebAdvisor\O012CF.tmp \??\C:\Program Files\McAfee\WebAdvisor\O012D0.tmp \??\C:\Program Files\McAfee\WebAdvisor\O012D1.tmp \??\C:\Program Files\McAfee\WebAdvisor\O012D2.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O0029A.tmp \??\C:\Program Files\McAfee\WebAdvisor\O012D3.tmp \??\C:\Program Files\McAfee\WebAdvisor\O012E4.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O002E5.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O002F6.tmp \??\C:\Program Files\McAfee\WebAdvisor\O012E6.tmp \??\C:\Program Files\McAfee\WebAdvisor\O012F8.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01309.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0130A.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0130B.tmp \??\C:\Program Files\McAfee\WebAdvisor\O014E0.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O002F7.tmp \??\C:\Program Files\McAfee\WebAdvisor\O014E1.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01502.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01561.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01571.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00501.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01572.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01583.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01595.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01596.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01597.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01598.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00584.tmp \??\C:\Program Files\McAfee\WebAdvisor\O015A8.tmp \??\C:\Program Files\McAfee\WebAdvisor\O015AA.tmp \??\C:\Program Files\McAfee\WebAdvisor\O015BB.tmp \??\C:\Program Files\McAfee\WebAdvisor\O015BC.tmp \??\C:\Program Files\McAfee\WebAdvisor\O015CC.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O005A9.tmp \??\C:\Program Files\McAfee\WebAdvisor\O015CD.tmp \??\C:\Program Files\McAfee\WebAdvisor\O015CE.tmp \??\C:\Program Files\McAfee\WebAdvisor\O015E0.tmp \??\C:\Program Files\McAfee\WebAdvisor\O015E1.tmp \??\C:\Program Files\McAfee\WebAdvisor\O015E2.tmp \??\C:\Program Files\McAfee\WebAdvisor\O015E3.tmp \??\C:\Program Files\McAfee\WebAdvisor\O015E4.tmp \??\C:\Program Files\McAfee\WebAdvisor\O015F5.tmp \??\C:\Program Files\McAfee\WebAdvisor\O015F6.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O005CF.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01606.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00617.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01618.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01657.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00668.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01669.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0166B.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0167B.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0167C.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0167D.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0167E.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0167F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01690.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01691.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01692.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01693.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01694.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01695.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016A6.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016A7.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016A8.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016B8.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016B9.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016BA.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016BB.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016BC.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016BD.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016BE.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016BF.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016C0.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016C1.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O0066A.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016C2.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O006D3.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016D4.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016D6.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O006D5.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016D7.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O006D8.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016D9.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O006DA.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016DB.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O006DC.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016DD.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O006DE.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016DF.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O006E0.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O006E1.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016F1.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O006F3.tmp \??\C:\Program Files\McAfee\WebAdvisor\O016F2.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00704.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01705.tmp \??\C:\Program Files\McAfee\WebAdvisor\MFW\O00706.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01707.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01708.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01709.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0170A.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0170B.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0171C.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0171D.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0172D.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0172E.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0172F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01730.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01731.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01742.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01743.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01744.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01745.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01746.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01747.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01748.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01749.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0174A.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0175A.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0175B.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0177C.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0177D.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0177E.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0177F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O018E6.tmp \??\C:\Program Files\McAfee\WebAdvisor\O018E7.tmp \??\C:\Program Files\McAfee\WebAdvisor\O018F8.tmp \??\C:\Program Files\McAfee\WebAdvisor\O018F9.tmp \??\C:\Program Files\McAfee\WebAdvisor\O018FA.tmp \??\C:\Program Files\McAfee\WebAdvisor\O018FB.tmp \??\C:\Program Files\McAfee\WebAdvisor\O018FC.tmp \??\C:\Program Files\McAfee\WebAdvisor\O018FD.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0190E.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0190F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01910.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01911.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01912.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01913.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01914.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01924.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01925.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01926.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01927.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01928.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01929.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0192A.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0192B.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0192C.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0192D.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0192E.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0192F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01940.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01941.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01951.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01952.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01953.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01954.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01955.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01956.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01957.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01968.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01969.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0196A.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0196B.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0196C.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0196D.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0196E.tmp \??\C:\Program Files\McAfee\WebAdvisor\O0197F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01980.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01981.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01991.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01992.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01993.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01994.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01995.tmp \??\C:\Program Files\McAfee\WebAdvisor\O009D5.tmp \??\C:\Program Files\McAfee\WebAdvisor\O009E5.tmp \??\C:\Program Files\McAfee\WebAdvisor\O009F6.tmp \??\C:\Program Files\McAfee\WebAdvisor\O009F7.tmp \??\C:\Program Files\McAfee\WebAdvisor\O01A0C.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00A0B.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00A09.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00A08.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00A20.tmp \??\C:\Program Files\McAfee\WebAdvisor\O009F8.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00A31.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00A0E.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00A0A.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00A0D.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00A0F.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00AAF.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00AB0.tmp \??\C:\Program Files\McAfee\WebAdvisor\O00A9F.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00AE0.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00AE1.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00AE2.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00AE3.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00AF4.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00AF5.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00AF6.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00AF7.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00AF8.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00AF9.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00AFA.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00AFB.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00AFC.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00AFD.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00AFE.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00AFF.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00B0F.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00B10.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00B11.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00B22.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00B23.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00B24.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00B25.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00B26.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00C4F.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00C60.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00C71.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00C81.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00C93.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00C94.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00C95.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00C96.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00C97.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00C98.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00CA8.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00CA9.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00CBA.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00CBB.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00D39.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00D49.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00D5A.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00DD8.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00DD9.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00DE9.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00DEA.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00DFB.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00E0C.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00E0D.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00E0E.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00E0F.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00E1F.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00E6E.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00E7F.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00E80.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00E81.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00E91.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00EB2.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00EC2.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00EC3.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00EC4.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00ED5.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00ED6.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00ED7.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00ED8.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00EE8.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00EE9.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00F29.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00F39.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00F3A.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00F3B.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00F5C.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00F9B.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00F9C.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00FBC.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00FCD.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00FED.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00FFE.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00100E.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O0015CA.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O0015DA.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O0015EB.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O0015FB.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00160C.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00160D.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00161E.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00161F.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00163F.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O00164F.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O001650.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O001651.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O001662.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O0016A1.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O0016A2.tmp \??\C:\Program Files\McAfee\WebAdvisor\telemetry\O0016D2.tmp [HKLM\System\CurrentControlSet\Control\Terminal Server] "RCDependentServices"=CertPropSvc SessionEnv "NotificationTimeOut"=0 "SnapshotMonitors"=1 [03/06/2018 18:27:06] "ProductVersion"=5.1 "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "fDenyTSConnections"=1 [03/06/2018 18:27:06] "StartRCM"=0 "TSAdvertise"=0 "DeleteTempDirsOnExit"=1 [03/06/2018 18:27:06] "fSingleSessionPerUser"=1 [03/06/2018 18:27:06] "PerSessionTempDir"=0 "TSUserEnabled"=0 "InstanceID"=020e4819-d3b3-4935-9379-0816ffd "RailShowallNotifyIcons"=1 [03/06/2018 18:27:06] "RDPVGCInstalled"=1 [03/06/2018 18:27:06] "fCredentialLessLogonSupported"=1 [03/06/2018 18:27:06] "fCredentialLessLogonSupportedTSS"=1 [03/06/2018 18:27:06] "fCredentialLessLogonSupportedKMRDP"=1 [03/06/2018 18:27:06] ---------- | .LNK with Arguments ---------- | AppCertDlls ---------- | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Control Panel\Desktop] "ScreenSaveActive"=1 [03/06/2018 18:27:06] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 [03/06/2018 18:27:06] "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 [03/06/2018 18:27:06] "DragFromMaximize"=1 [03/06/2018 18:27:06] "DragFullWindows"=1 [03/06/2018 18:27:06] "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 [03/06/2018 18:27:06] "FocusBorderWidth"=1 [03/06/2018 18:27:06] "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 [03/06/2018 18:27:06] "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "PaintDesktopVersion"=0 "RightOverlapChars"=3 "SnapSizing"=1 [03/06/2018 18:27:06] "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 [03/06/2018 18:27:06] "UserPreferencesMask"=0x9E3E078012000000 "Wallpaper"=C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg [31/05/2016 10:40:16] "ScreenSaveTimeOut"=900 "ScreenSaverIsSecure"=0 "Pattern Upgrade"=TRUE "WaitToKillAppTimeout"=2000 "HungAppTimeout"=2000 [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveTypeAutoRun"=145 [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 [03/06/2018 18:27:06] "ShellState"=0x240000003028000000000000000000000000000001000000120000000000000022000000 "CleanShutdown"=0 "link"=0x1A000000 "Browse For Folder Width"=347 "Browse For Folder Height"=336 [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=2 "ShowCompColor"=1 [03/06/2018 18:27:06] "HideFileExt"=1 [03/06/2018 18:27:06] "DontPrettyPath"=0 "ShowInfoTip"=1 [03/06/2018 18:27:06] "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 [03/06/2018 18:27:06] "Filter"=0 "SuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 [03/06/2018 18:27:06] "ListviewAlphaSelect"=1 [03/06/2018 18:27:06] "ListviewShadow"=1 [03/06/2018 18:27:06] "TaskbarAnimations"=1 [03/06/2018 18:27:06] "StartMenuInit"=4 ""=0 "TaskbarSizeMove"=1 [03/06/2018 18:27:06] "DisablePreviewDesktop"=0 "TaskbarSmallIcons"=0 "TaskbarGlomLevel"=0 [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery] "MRUListEx"=0x16000000140000001500000013000000080000001200000011000000100000000F0000000E0000000D0000000C0000000B0000000A000000090000000700000006000000050000000400000003000000020000000100000000000000FFFFFFFF "0"=0x63006F006E000000 "1"=0x63007600200032003000310037000000 "2"=0x6B00610073007300610076000000 "3"=0x640061006300740079006C006F000000 "4"=0x63006F00720061006C00690065002E0061006700720069006F0064006F0073000000 "5"=0x640069006E006F000000 "6"=0x75006E000000 "7"=0x69006D0067000000 "9"=0x6F007300740065000000 "10"=0x69000000 "11"=0x70006F0069006E0063006F006E006E00650074000000 "12"=0x5200490042000000 "13"=0x7300630061006E000000 "14"=0x6600650076000000 "15"=0x50004800410053004500200032000000 "16"=0x64006A0020006C0069006E006B006F00660066000000 "17"=0x64006A0020006C0069006E006B006F0066006600200073006F0075006E0064000000 "18"=0x63006F0072006200650069006C006C0065000000 "8"=0x63006E0069000000 "19"=0x630079006E0064000000 "21"=0x730068006500720077006F006F0064000000 "20"=0x63006F00720061006C00690065000000 "22"=0x69006D0070006F00740073000000 [HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 [03/06/2018 18:27:06] "EnableLUA"=1 [03/06/2018 18:27:06] "EnableSecureUIAPaths"=1 [03/06/2018 18:27:06] "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 [03/06/2018 18:27:06] "PromptOnSecureDesktop"=1 [03/06/2018 18:27:06] "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 [03/06/2018 18:27:06] "undockwithoutlogon"=1 [03/06/2018 18:27:06] "FilterAdministratorToken"=0 "SoftwareSASGeneration"=1 [03/06/2018 18:27:06] [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 [03/06/2018 18:27:06] "NoActiveDesktopChanges"=1 [03/06/2018 18:27:06] "ForceActiveDesktopOn"=0 "NoDriveTypeAutoRun"=221 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 [03/06/2018 18:27:06] "NoComponents"=1 [03/06/2018 18:27:06] [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [03/06/2018 18:27:06] "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 [03/06/2018 18:27:06] "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 [03/06/2018 18:27:06] "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 [03/06/2018 18:27:06] "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 [03/06/2018 18:27:06] "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 [03/06/2018 18:27:06] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 [03/06/2018 18:27:06] "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 [03/06/2018 18:27:06] "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [03/06/2018 18:27:06] [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [03/06/2018 18:27:06] [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 [03/06/2018 18:27:06] "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=38 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 [03/06/2018 18:27:06] "EnableLUA"=1 [03/06/2018 18:27:06] "EnableSecureUIAPaths"=1 [03/06/2018 18:27:06] "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 [03/06/2018 18:27:06] "PromptOnSecureDesktop"=1 [03/06/2018 18:27:06] "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 [03/06/2018 18:27:06] "undockwithoutlogon"=1 [03/06/2018 18:27:06] "FilterAdministratorToken"=0 "SoftwareSASGeneration"=1 [03/06/2018 18:27:06] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 [03/06/2018 18:27:06] "NoActiveDesktopChanges"=1 [03/06/2018 18:27:06] "ForceActiveDesktopOn"=0 "NoDriveTypeAutoRun"=221 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 [03/06/2018 18:27:06] "NoComponents"=1 [03/06/2018 18:27:06] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [03/06/2018 18:27:06] "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 [03/06/2018 18:27:06] "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 [03/06/2018 18:27:06] "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 [03/06/2018 18:27:06] "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 [03/06/2018 18:27:06] "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 [03/06/2018 18:27:06] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 [03/06/2018 18:27:06] "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 [03/06/2018 18:27:06] "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [03/06/2018 18:27:06] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [03/06/2018 18:27:06] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 [03/06/2018 18:27:06] "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=136 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin "BuildNumber"=7601 "FirstLogon"=0 "ParseAutoexec"=1 [03/06/2018 18:27:06] [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 [03/06/2018 18:27:06] "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Userinit"=C:\Windows\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 [03/06/2018 18:27:06] "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "ShutdownWithoutLogon"=0 "WinStationsDisabled"=0 "DisableCAD"=1 [03/06/2018 18:27:06] "scremoveoption"=0 "ShutdownFlags"=43 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 [03/06/2018 18:27:06] "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "DefaultDomainName"= "DefaultUserName"= "Userinit"=userinit.exe "VMApplet"=SystemPropertiesPerformance.exe /pagefile ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] "PerceivedType"=text ""=htafile "Content Type"=application/hta [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" %* [HKLM\Software\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] "PerceivedType"=text ""=htafile "Content Type"=application/hta [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\WOW6432Node\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\Clients\StartMenuInternet\Avast Secure Browser\Shell\open\Command] ""="C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" [HKLM\Software\Clients\StartMenuInternet\Avast Secure Browser\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""= [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"= [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=iexplore.exe [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Avast Secure Browser\Shell\open\Command] ""="C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Avast Secure Browser\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""= [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"= [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=iexplore.exe [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "SIGN.MEDIA=1C9A6D3A Setup.exe"=1 "C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe"=33 "C:\Program Files (x86)\REALTEK\NICDRV_8169\RTINSTALLER64.EXE"=1 "SIGN.MEDIA=3F9BC200 Setup.exe"=1 "SIGN.MEDIA=4962FC Drivers\Audio\AsusSetup.exe"=1 "SIGN.MEDIA=6F8100 Bin\ASSETUP.exe"=1 "SIGN.MEDIA=6E51DC Drivers\Audio\Driver\Setup.exe"=1 "C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNRUD.EXE"=1 "C:\Users\Aoss\Downloads\epson379214eu.EXE"=1 "C:\Users\Aoss\Downloads\ADE_4.5_Installer.exe"=1 "E:\Axel\Ciel_Auto-entrepreneur_Standard_6.10\Ciel_Auto-entrepreneur_Standard_6.10.exe"=1 "C:\Users\Aoss\Downloads\camtasia-studio-8-4-1-es-en-fr-de-win.exe"=1 "C:\Users\Aoss\Downloads\QuickTimeInstaller.exe"=1 "C:\Users\Aoss\Downloads\flstudio_12.5.1.5.exe"=1 "C:\Program Files\Steinberg\Cubase LE AI Elements 9\Cubase LE AI Elements 9.exe"=512 "C:\Users\Aoss\Desktop\Sony ACID Pro 7.0c+DI-KeyGen_(diMi)\acidpro70c.exe"=1 "C:\Users\Aoss\Downloads\FreeMP4VideoConverter_5.0.111.215_s.exe"=1 "C:\Users\Aoss\Downloads\camtasia.exe"=1 "C:\Users\Aoss\Downloads\camtasia-studio-8-4-1-es-en-fr-de-win (1).exe"=1 "C:\Users\Aoss\Downloads\MovaviVideoConverterSetupC.exe"=1 "C:\Users\Aoss\Downloads\iCloudSetup (1).exe"=1 "C:\Users\Aoss\Downloads\Audition_Set-Up.exe"=1 "C:\Users\Aoss\Downloads\flstudio_win_20.0.5.681.exe"=1 "C:\Users\Aoss\Downloads\media.player.codec.pack.v4.5.1.setup.exe"=1 "C:\Users\Aoss\Downloads\Epson_XP-225_Series_EA_11_Web (1).EXE"=1 "C:\Users\Aoss\Downloads\Install_PRNclient_FR_2019.0.2.2_win64.exe"=1 "SIGN.MEDIA=2977C10 TL-WN823N\Setup.exe"=1 "C:\Users\Aoss\Downloads\Epson_XP-225_Series_EA_11_Web (4).EXE"=1 "E:\photoshop\Uninstal.exe"=1 "C:\Program Files (x86)\Adobe\PhotoShop\CS6\Uninstal.exe"=1 "C:\Users\Aoss\Downloads\ccsetup568.exe"=1 "C:\Users\Aoss\Downloads\Firefox Installer.exe"=1 ---------- | IFEO ---------- | Mountpoints2 [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{5078c5f9-2709-11e6-8203-806e6f6e6963}] : F:\Bin\ASSETUP.exe (AutoRun) [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{cfbdb4d0-2969-11e6-932e-806e6f6e6963}] : F:\Bin\ASSETUP.exe (AutoRun) ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=128920218544262440 "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=0 "ProductStatus"=0 "InstallTime"=0x10C3137F16BBD101 [HKLM\Software\WOW6432Node\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] ---------- | Winsock (Whitelist) ---------- | Hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com [42] More lines ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [172.217.22.142] avec 32 octets de donn?es?: R?ponse de 172.217.22.142?: octets=32 temps=11 ms TTL=121 R?ponse de 172.217.22.142?: octets=32 temps=12 ms TTL=121 R?ponse de 172.217.22.142?: octets=32 temps=13 ms TTL=121 R?ponse de 172.217.22.142?: octets=32 temps=11 ms TTL=121 Statistiques Ping pour 172.217.22.142: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 11ms, Maximum = 13ms, Moyenne = 11ms ---------- | @ [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\Windows\system32\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "XMLHTTP"=1 "NoUpdateCheck"=1 "UseClearType"=no "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-9828ecc2 "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDC0100002A000000F6050000BA020000 "Start Page Redirect Cache_TIMESTAMP"=0x99D1385D1CBBD101 "Start Page Redirect Cache AcceptLangs"=fr "IE8RunOnceLastShown"=1 "IE8RunOnceLastShown_TIMESTAMP"=0x1C9BDDC4A7BDD101 "IE8TourShown"=1 "IE8TourShownTime"=0xDDA9CA621CBBD101 "Check_Associations"=yes "DisableScriptDebuggerIE"=yes "OperationalData"=5 "ImageStoreRandomFolder"=5tpjrhk "IE10RunOnceLastShown"=1 "IE10RunOnceLastShown_TIMESTAMP"=0xA7F18DA43147D201 "IE10TourShown"=1 "IE10TourShownTime"=0xAB762EC760EDD101 "Start Page_TIMESTAMP"=0x755F1F0649EED101 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"= "SearchBandRestoreBarCount"=3 "SearchBandMigrationVersion"=1 "DoNotTrack"=1 "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0x214258849F5CD301 "DownloadWindowPlacement"=0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "WarnOnPost"=0x01000000 "UrlEncoding"=0 "SecureProtocols"=2688 "PrivacyAdvanced"=0 "ZonesSecurityUpgrade"=0xD997B203F1BFD101 "DisableCachingOfSSLPages"=0 "WarnonZoneCrossing"=0 "CertificateRevocation"=1 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "ProxyOverride"=*.local "EnableAutodial"=0 "NoNetAutodial"=0 [HKLM\Software\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-9828ecc2 "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-9828ecc2 "Local Page"=C:\Windows\SysWOW64\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Check_Associations"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] : igfxdev.dll ---------- | Execution FileExts [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amv] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bdmv] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ccf] "Progid"=JDownloader2 2 [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.divx] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dlc] "Progid"=JDownloader2 [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dv] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.evo] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.f4v] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flv] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ifo] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jdc] "Progid"=JDownloader2 1 [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2p] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2T] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2TS] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.metalink] "Progid"=JDownloader2 4 [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpls] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv4] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MTS] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mxf] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogm] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogv] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ram] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rec] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rm] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmvb] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsdf] "Progid"=JDownloader2 3 [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tp] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tps] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.trp] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vob] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webm] "Application"=wmplayer.exe [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv] "Application"=wmplayer.exe ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco1] - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco2] - {853B7E05-C47D-4985-909A-D0DC5C6D7303} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco3] - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw] - {472083B0-C522-11CF-8763-00608CC02F24} -- C:\Program Files\AVAST Software\Avast\ashShell.dll [12/08/2020 17:54:17] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast] - {472083B0-C522-11CF-8763-00608CC02F24} -- C:\Program Files\AVAST Software\Avast\ashShell.dll [12/08/2020 17:54:17] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- %SystemRoot%\system32\EhStorShell.dll [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81} -- %SystemRoot%\System32\cscui.dll [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} -- %SystemRoot%\system32\ntshrui.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- %SystemRoot%\system32\EhStorShell.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} -- %SystemRoot%\system32\ntshrui.dll [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [03/06/2018 18:27:06] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "ITBar7Height"=0 [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} "DownloadRetries"=0 "DefaultPackCorrection"=1 [03/06/2018 18:27:06] "DefaultPackNTCorrection"=1 [03/06/2018 18:27:06] "KnownProvidersUpgradeTime"=0x3E643DB4D209D201 "Version"=4 "UpgradeTime"=0xF98F2FB5D209D201 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{9421DD08-935F-4701-A9CA-22DF90AC4EA6}"=EPTBL [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}"=E-Web Print [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{48A61126-9A19-4C50-A214-FF08CB94995C}] : (McAfee WebAdvisor) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{48A61126-9A19-4C50-A214-FF08CB94995C}] : (McAfee WebAdvisor) - [] ---------- | SearchScopes [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 : [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{26080cad-4adc-49ac-8c63-eda16e595cbd}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Search Provided by Bing) - https://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-9828ecc2&q={searchTerms} : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{26080cad-4adc-49ac-8c63-eda16e595cbd}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6586d803-df30-46d3-a89a-4136c8571d45}] - (@ieframe.dll,-12512) - http://www.palikan.com/results.php?f=4&a=plk_cmi_16_22&cd=2XzuyEtN2Y1L1QzutDtD0EtDyCtDtCyBtD0E0C0Dzzzyzz0DtN0D0Tzu0StCyCtCyEtN1L2XzutAtFtCzytFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyDzz0EyE0E0AtCtCtGtBtDzz0AtG0FzztAtBtGtD0CyDyDtGzzzyyD0EtC0ByBzz0A0A0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyDtB0C0F0E0BtCtG0C0D0C0BtGyE0DyCyDtG0B0AtBtCtGyEtC0CyD0DzytD0B0CtC0F0C2QtN0A0LzuyE&cr=1509391258&ir=&q={searchTerms} : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Search Provided by Bing) - https://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-9828ecc2&q={searchTerms} : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{26080cad-4adc-49ac-8c63-eda16e595cbd}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] -> (McAfee WebAdvisor) : C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [05/06/2019 07:35:11] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}] -> (E-Web Print) : C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [27/11/2014 12:38:00] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] -> (McAfee WebAdvisor) : C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [05/06/2019 07:35:11] ---------- | Chrome C:\Users\Aoss\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Aoss\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Aoss\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\Aoss\AppData\Local\Google\Chrome\User Data\Default\extensions\cfhdojbkjhnklbpkdaibdccddilifddb = : __MSG_description__ - short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstorageunlimitedStoragenotifications] - https://clients2.google.com/service/update2/crx C:\Users\Aoss\AppData\Local\Google\Chrome\User Data\Default\extensions\eedlgdlajadkbbjoobobefphmfkcchfk = : __MSG_store_shortdesc_new__ - __MSG_store_title_new__ - https://clients2.google.com/service/update2/crx C:\Users\Aoss\AppData\Local\Google\Chrome\User Data\Default\extensions\efaidnbmnnnibpcajpcglclefindmkaj = : __MSG_web2pdfExtnDescription__ - __MSG_web2pdfExtnName__ - https://clients2.google.com/service/update2/crx C:\Users\Aoss\AppData\Local\Google\Chrome\User Data\Default\extensions\eofcbnmajmjmplflapaojjnihcjkigck = : __MSG_avastAppDesc__ - __MSG_avastAppShortName__ - https://clients2.google.com/service/update2/crx C:\Users\Aoss\AppData\Local\Google\Chrome\User Data\Default\extensions\fbcohnmimjicjdomonkcbcpbpnhggkip = : __MSG_extensionDescription__ - short_name: MyJDownloader - permissions:[tabsstoragewebRequestwebRequestBlockingcontextMenus\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\Aoss\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Aoss\AppData\Local\Google\Chrome\User Data\Default\extensions\fkepacicchenbjecpbpbclokcabebhah = : __MSG_extDescription__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Aoss\AppData\Local\Google\Chrome\User Data\Default\extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp = : __MSG_PRODUCT_DESCRIPTION__ - __MSG_PRODUCT_NAME__ - optional_permissions:[\u003Call_urls>] - 45833509441-41flc5qj3bha53cs0luji5vt7e4n8i4f.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Aoss\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Aoss\AppData\Local\Google\Chrome\User Data\Default\extensions\gighmmpiobklfepjocnamgkkbiglidom = : __MSG_description__ - short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstorageunlimitedStoragenotificationsidlealarms] - https://clients2.google.com/service/update2/crx C:\Users\Aoss\AppData\Local\Google\Chrome\User Data\Default\extensions\gomekmidlodglbbmalcneegieacbdmki = : Google & co - Google & co - matches:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\Aoss\AppData\Local\Google\Chrome\User Data\Default\extensions\hpiejkakkohpfdaiicfkepgkagcdijll = : Une extension pour faciliter le téléchargement de toutes les images que vous voyez sur votre navigateur - Download image - matches:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\Aoss\AppData\Local\Google\Chrome\User Data\Default\extensions\kmhkepipobnjllejbafajoemahjejdcm = : __MSG_extension_description__ - __MSG_extension_name__ - https://clients2.google.com/service/update2/crx C:\Users\Aoss\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Aoss\AppData\Local\Google\Chrome\User Data\Default\extensions\phdjkciidgipjdbnpiaoppajlbjbggpc = : 2386 Modèles de lettre lettre de motivation et CV type - Lettres - https://clients2.google.com/service/update2/crx C:\Users\Aoss\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail - Google & co - [*://mail.google.com/mail] - https://clients2.google.com/service/update2/crx C:\Users\Aoss\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx [HKLM\Software\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki] ---------- | Opera ---------- | Firefox [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "e-webprint@epson.com"=C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect] - () : C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5] - (Intel IPT WebApi plugin) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] - (This plugin updates Intel WebAPI component) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [HKLM\Software\WOW6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect] - () : C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll C:\Users\Aoss\AppData\Roaming\Mozilla\Firefox\Profiles\t4eh7vpm.default-release\Prefs.js user_pref("browser.startup.homepage_override.buildID", "20200831163820"); user_pref("browser.startup.homepage_override.mstone", "80.0.1"); user_pref("extensions.activeThemeID", "default-theme@mozilla.org"); user_pref("extensions.blocklist.pingCountVersion", 0); user_pref("extensions.databaseSchema", 32); user_pref("extensions.getAddons.cache.lastUpdate", 1599392356); user_pref("extensions.getAddons.databaseSchema", 6); user_pref("extensions.incognito.migrated", true); user_pref("extensions.lastAppBuildId", "20200831163820"); user_pref("extensions.lastAppVersion", "80.0.1"); user_pref("extensions.lastPlatformVersion", "80.0.1"); user_pref("extensions.pendingOperations", false); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}"); user_pref("extensions.webcompat.perform_injections", true); user_pref("extensions.webcompat.perform_ua_overrides", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.screenshots@mozilla.org", true); user_pref("extensions.webextensions.uuids", "{\"doh-rollout@mozilla.org\":\"f3b33481-d002-4bd1-9cba-c52eed6143e5\",\"formautofill@mozilla.org\":\"6983bf50-f20f-4a83-9a82-d27fcea70503\",\"screenshots@mozilla.org\":\"a5bc15b7-b783-4ec1-bcfb-b559bbc4d684\",\"webcompat-reporter@mozilla.org\":\"f6cc55df-134b-429b-9fa2-962d9b97ce22\",\"webcompat@mozilla.org\":\"434fc8b4-200f-470c-bd83-015004451fd1\",\"default-theme@mozilla.org\":\"5757f65a-2720-4390-8b16-eea6d703ee2b\",\"google@search.mozilla.org\":\"c22c587f-f246-4bfd-80b2-c716f7af58d0\",\"wikipedia@search.mozilla.org\":\"ec9bd913-4509-4e98-896c-dfddce0b83e2\",\"bing@search.mozilla.org\":\"6ed1c3fd-3db9-460a-8436-2cc0b6e8abe7\",\"amazon@search.mozilla.org\":\"9222716a-b6e9-4cca-983c-fa14cfdf4846\",\"ddg@search.mozilla.org\":\"d318ffab-2cc9-49ef-8759-c23e2f892715\",\"ebay@search.mozilla.org\":\"f8c2e99d-6264-44ef-891b-aa7eedbdbb8a\",\"qwant@search.mozilla.org\":\"ea4515c4-a41e-4d29-9653-2b5b06b28586\",\"firefox-compact-light@mozilla.org\":\"cd067f94-324f-417f-a695-4884dda0aa67\"}"); [Profile0] - Name=default-release -> Profiles/t4eh7vpm.default-release ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.0.254 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{6A209608-36B6-42B0-B72F-646D94884B24}] "DhcpNameServer"=192.168.0.254 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7C8EC761-6EB3-4F42-9B2B-B8917885F0F5}] "DhcpNameServer"=172.20.10.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{8BD3A21F-F596-4225-8DBF-56CAFFD1005E}] "DhcpNameServer"=172.20.10.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{C40837F8-D8E2-43A9-B0DE-669370011C08}] "DhcpNameServer"=192.168.0.254 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{6A209608-36B6-42B0-B72F-646D94884B24}] "DhcpNameServer"=192.168.0.254 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7C8EC761-6EB3-4F42-9B2B-B8917885F0F5}] "DhcpNameServer"=172.20.10.1 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{8BD3A21F-F596-4225-8DBF-56CAFFD1005E}] "DhcpNameServer"=172.20.10.1 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{C40837F8-D8E2-43A9-B0DE-669370011C08}] "DhcpNameServer"=192.168.0.254 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{6A209608-36B6-42B0-B72F-646D94884B24}] "DhcpNameServer"=192.168.0.254 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7C8EC761-6EB3-4F42-9B2B-B8917885F0F5}] "DhcpNameServer"=172.20.10.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{8BD3A21F-F596-4225-8DBF-56CAFFD1005E}] "DhcpNameServer"=172.20.10.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{C40837F8-D8E2-43A9-B0DE-669370011C08}] "DhcpNameServer"=192.168.0.254 ---------- | Applications [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Classes\Applications\soffice.exe] : "C:\Program Files (x86)\LibreOffice 5\program\soffice.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\Adobe Audition CC.exe] : "C:\Program Files\Adobe\Adobe Audition CC 2018\Adobe Audition CC.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\iTunes.exe] : "C:\Program Files\iTunes\iTunes.exe" /open "%L" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Adobe Audition CC.exe] : "C:\Program Files\Adobe\Adobe Audition CC 2018\Adobe Audition CC.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iTunes.exe] : "C:\Program Files\iTunes\iTunes.exe" /open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "regsvc"=RemoteRegistry "DcomLaunch"=Power PlugPlay DcomLaunch "secsvcs"=WinDefend "bthsvcs"=bthserv "PeerDist"=PeerDistSvc [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power PlugPlay DcomLaunch ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\4kdownload.com] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Adobe] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\AppDataLow] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Apple Computer, Inc.] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Apple Inc.] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\ASIO] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\ASIO4ALL v2 by Wuschel] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\ASUS] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\AVAST Software] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\AVS4YOU] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Browser Cleanup] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Canneverbe Limited] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\CDDB] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Chromium] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Clients] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\csastats] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\DirectShow] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\DVDVideoSoft] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\ej-technologies] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\EPSON] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\EPSON Software Updater] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Free Devis Factures] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Gabest] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\GNU] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Google] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Haali] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Icaros] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Image-Line] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Intel] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\JavaSoft] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\LAV] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\MainConcept] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\MAP-DN] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\McAfee] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Media Player - Codec Pack] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\MOVAVI] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Mozilla] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\MozillaPlugins] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\MPC-HC] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Netscape] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Nosibay] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Open Media LLC] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Opendisc] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\paint.net] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\PC SOFT] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Piriform] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Policies] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\ProductSetup] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\QtProject] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Realtek] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Seiko Epson Corporation] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\ShalSoft] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\SoftVoice] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Sony Creative Software] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Steinberg] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Steinberg Media Technologies GmbH] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Store] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\TechSmith] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Tencent] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\The Document Foundation] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Trolltech] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\WajIEnhance] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\WinRAR] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\WinRAR SFX] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Wow6432Node] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\WTools] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\{B2CB09FF-2453-4f85-9F40-21C05BE4CBA8}] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Active Setup] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\ActiveMovie] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\AntiPhishing] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Assistance] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Calc] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Command Processor] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\ComPstUI] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\CTF] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Direct3D] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\DirectInput] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Edge] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\EdgeUpdate] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\EpsonEasyPhotoScan] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\EventSystem] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\F12] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Fax] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Feeds] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\FTP] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\GDIPlus] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\GWX] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\IAM] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\idsc] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\IME] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\IMEJP] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Installer] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Internet Connection Wizard] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Internet Explorer] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Keyboard] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\MediaPlayer] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Microsoft Management Console] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\MM20] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\MPEG2Demultiplexer] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\MSF] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Multimedia] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Notepad] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\otut] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\PeerNet] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Protected Storage System Provider] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\RAS AutoDial] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\RAS Phonebook] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Remote Assistance] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\SideShow] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Speech] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\SQMClient] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\SystemCertificates] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\TelemetryClient] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\TPG] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\WAB] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\wfs] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Windows] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Windows Mail] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Windows Media] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Windows NT] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Windows Photo Viewer] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Windows Script] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Windows Script Host] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Windows Search] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Windows Sidebar] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\Wisp] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\XPSViewer] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\zone.com] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\RestartManager] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\ASIO] [HKLM\Software\ATI Technologies] [HKLM\Software\AVAST Software] [HKLM\Software\CBSTEST] [HKLM\Software\Clients] [HKLM\Software\cybelsoft] [HKLM\Software\Dolby] [HKLM\Software\DTS] [HKLM\Software\ej-technologies] [HKLM\Software\EPSON] [HKLM\Software\EpsonNet] [HKLM\Software\Fortemedia] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\GEAR Software] [HKLM\Software\Google] [HKLM\Software\HaaliMkx] [HKLM\Software\Icaros] [HKLM\Software\Image-Line] [HKLM\Software\Intel] [HKLM\Software\IPS] [HKLM\Software\JavaSoft] [HKLM\Software\Khronos] [HKLM\Software\Knowles] [HKLM\Software\McAfee] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\mozilla.org] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nahimic] [HKLM\Software\Nuance] [HKLM\Software\ODBC] [HKLM\Software\paint.net] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Propellerhead Software] [HKLM\Software\Realtek] [HKLM\Software\Reason] [HKLM\Software\RegisteredApplications] [HKLM\Software\RTLSetup] [HKLM\Software\Socia2Sear Browser Enhancer] [HKLM\Software\SoftVoice] [HKLM\Software\Solvusoft Corporation] [HKLM\Software\Sonic] [HKLM\Software\SonicFocus] [HKLM\Software\SoundResearch] [HKLM\Software\SRS Labs] [HKLM\Software\Waves Audio] [HKLM\Software\WinRAR] [HKLM\Software\Wow6432Node] [HKLM\Software\Yamaha APO] [HKLM\SOFTWARE\Microsoft\.NETFramework] [HKLM\SOFTWARE\Microsoft\Active Setup] [HKLM\SOFTWARE\Microsoft\ADs] [HKLM\SOFTWARE\Microsoft\Advanced INF Setup] [HKLM\SOFTWARE\Microsoft\ALG] [HKLM\SOFTWARE\Microsoft\AMSI] [HKLM\SOFTWARE\Microsoft\ASP.NET] [HKLM\SOFTWARE\Microsoft\Assistance] [HKLM\SOFTWARE\Microsoft\AudioCompressionManager] [HKLM\SOFTWARE\Microsoft\BidInterface] [HKLM\SOFTWARE\Microsoft\COM3] [HKLM\SOFTWARE\Microsoft\Command Processor] [HKLM\SOFTWARE\Microsoft\Connect to a Network Projector] [HKLM\SOFTWARE\Microsoft\Cryptography] [HKLM\SOFTWARE\Microsoft\CTF] [HKLM\SOFTWARE\Microsoft\DataAccess] [HKLM\SOFTWARE\Microsoft\DataFactory] [HKLM\SOFTWARE\Microsoft\DevDiv] [HKLM\SOFTWARE\Microsoft\Dfrg] [HKLM\SOFTWARE\Microsoft\DFS] [HKLM\SOFTWARE\Microsoft\Direct3D] [HKLM\SOFTWARE\Microsoft\DirectDraw] [HKLM\SOFTWARE\Microsoft\DirectInput] [HKLM\SOFTWARE\Microsoft\DirectMusic] [HKLM\SOFTWARE\Microsoft\DirectPlay8] [HKLM\SOFTWARE\Microsoft\DirectPlayNATHelp] [HKLM\SOFTWARE\Microsoft\DirectShow] [HKLM\SOFTWARE\Microsoft\DirectX] [HKLM\SOFTWARE\Microsoft\DownloadManager] [HKLM\SOFTWARE\Microsoft\Driver Signing] [HKLM\SOFTWARE\Microsoft\DRM] [HKLM\SOFTWARE\Microsoft\DVR] [HKLM\SOFTWARE\Microsoft\DXP] [HKLM\SOFTWARE\Microsoft\Edge] [HKLM\SOFTWARE\Microsoft\EnterpriseCertificates] [HKLM\SOFTWARE\Microsoft\EventSystem] [HKLM\SOFTWARE\Microsoft\F12] [HKLM\SOFTWARE\Microsoft\Fax] [HKLM\SOFTWARE\Microsoft\Feeds] [HKLM\SOFTWARE\Microsoft\FlashConfig] [HKLM\SOFTWARE\Microsoft\FTH] [HKLM\SOFTWARE\Microsoft\Function Discovery] [HKLM\SOFTWARE\Microsoft\Fusion] [HKLM\SOFTWARE\Microsoft\GPUPipeline] [HKLM\SOFTWARE\Microsoft\HTMLHelp] [HKLM\SOFTWARE\Microsoft\IdentityCRL] [HKLM\SOFTWARE\Microsoft\IdentityStore] [HKLM\SOFTWARE\Microsoft\IMAPI] [HKLM\SOFTWARE\Microsoft\IMEJP] [HKLM\SOFTWARE\Microsoft\IMEKR] [HKLM\SOFTWARE\Microsoft\IMETC] [HKLM\SOFTWARE\Microsoft\Internet Account Manager] [HKLM\SOFTWARE\Microsoft\Internet Domains] [HKLM\SOFTWARE\Microsoft\Internet Explorer] [HKLM\SOFTWARE\Microsoft\IsoBurn] [HKLM\SOFTWARE\Microsoft\MediaCenterPeripheral] [HKLM\SOFTWARE\Microsoft\MediaPlayer] [HKLM\SOFTWARE\Microsoft\MessengerService] [HKLM\SOFTWARE\Microsoft\MigWiz] [HKLM\SOFTWARE\Microsoft\MMC] [HKLM\SOFTWARE\Microsoft\Mobile] [HKLM\SOFTWARE\Microsoft\MpSigStub] [HKLM\SOFTWARE\Microsoft\MSBuild] [HKLM\SOFTWARE\Microsoft\MSDE] [HKLM\SOFTWARE\Microsoft\MSDTC] [HKLM\SOFTWARE\Microsoft\MSF] [HKLM\SOFTWARE\Microsoft\MSLicensing] [HKLM\SOFTWARE\Microsoft\MSMQ] [HKLM\SOFTWARE\Microsoft\MSN Apps] [HKLM\SOFTWARE\Microsoft\MSSQLServer] [HKLM\SOFTWARE\Microsoft\Multimedia] [HKLM\SOFTWARE\Microsoft\NapServer] [HKLM\SOFTWARE\Microsoft\NET Framework Setup] [HKLM\SOFTWARE\Microsoft\NetSh] [HKLM\SOFTWARE\Microsoft\Network] [HKLM\SOFTWARE\Microsoft\NetworkAccessProtection] [HKLM\SOFTWARE\Microsoft\Non-Driver Signing] [HKLM\SOFTWARE\Microsoft\Notepad] [HKLM\SOFTWARE\Microsoft\ODBC] [HKLM\SOFTWARE\Microsoft\Office] [HKLM\SOFTWARE\Microsoft\Ole] [HKLM\SOFTWARE\Microsoft\Outlook Express] [HKLM\SOFTWARE\Microsoft\PLA] [HKLM\SOFTWARE\Microsoft\PlayReady] [HKLM\SOFTWARE\Microsoft\PowerShell] [HKLM\SOFTWARE\Microsoft\Print] [HKLM\SOFTWARE\Microsoft\RADAR] [HKLM\SOFTWARE\Microsoft\Ras] [HKLM\SOFTWARE\Microsoft\RAS AutoDial] [HKLM\SOFTWARE\Microsoft\Reliability Analysis] [HKLM\SOFTWARE\Microsoft\RemovalTools] [HKLM\SOFTWARE\Microsoft\RendezvousApps] [HKLM\SOFTWARE\Microsoft\RFC1156Agent] [HKLM\SOFTWARE\Microsoft\Router] [HKLM\SOFTWARE\Microsoft\Rpc] [HKLM\SOFTWARE\Microsoft\SchedulingAgent] [HKLM\SOFTWARE\Microsoft\Security Center] [HKLM\SOFTWARE\Microsoft\Sensors] [HKLM\SOFTWARE\Microsoft\Shared Tools] [HKLM\SOFTWARE\Microsoft\Shared Tools Location] [HKLM\SOFTWARE\Microsoft\SideShow] [HKLM\SOFTWARE\Microsoft\Software] [HKLM\SOFTWARE\Microsoft\Speech] [HKLM\SOFTWARE\Microsoft\SQMClient] [HKLM\SOFTWARE\Microsoft\Sync Framework] [HKLM\SOFTWARE\Microsoft\Sysprep] [HKLM\SOFTWARE\Microsoft\SystemCertificates] [HKLM\SOFTWARE\Microsoft\TableTextService] [HKLM\SOFTWARE\Microsoft\TabletTip] [HKLM\SOFTWARE\Microsoft\Tcpip] [HKLM\SOFTWARE\Microsoft\Terminal Server Client] [HKLM\SOFTWARE\Microsoft\TermServLicensing] [HKLM\SOFTWARE\Microsoft\TIP Shared] [HKLM\SOFTWARE\Microsoft\TMM] [HKLM\SOFTWARE\Microsoft\TPG] [HKLM\SOFTWARE\Microsoft\Tpm] [HKLM\SOFTWARE\Microsoft\Tracing] [HKLM\SOFTWARE\Microsoft\Transaction Server] [HKLM\SOFTWARE\Microsoft\TV System Services] [HKLM\SOFTWARE\Microsoft\uDRM] [HKLM\SOFTWARE\Microsoft\Updates] [HKLM\SOFTWARE\Microsoft\UPnP Device Host] [HKLM\SOFTWARE\Microsoft\Virtual Machine] [HKLM\SOFTWARE\Microsoft\VisualStudio] [HKLM\SOFTWARE\Microsoft\WAB] [HKLM\SOFTWARE\Microsoft\WBEM] [HKLM\SOFTWARE\Microsoft\WIMMount] [HKLM\SOFTWARE\Microsoft\Windows] [HKLM\SOFTWARE\Microsoft\Windows Defender] [HKLM\SOFTWARE\Microsoft\Windows Desktop Search] [HKLM\SOFTWARE\Microsoft\Windows Mail] [HKLM\SOFTWARE\Microsoft\Windows Media Device Manager] [HKLM\SOFTWARE\Microsoft\Windows Media Foundation] [HKLM\SOFTWARE\Microsoft\Windows Media Player NSS] [HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem] [HKLM\SOFTWARE\Microsoft\Windows NT] [HKLM\SOFTWARE\Microsoft\Windows Photo Viewer] [HKLM\SOFTWARE\Microsoft\Windows Portable Devices] [HKLM\SOFTWARE\Microsoft\Windows Script Host] [HKLM\SOFTWARE\Microsoft\Windows Search] [HKLM\SOFTWARE\Microsoft\Wisp] [HKLM\SOFTWARE\Microsoft\Wlansvc] [HKLM\SOFTWARE\Microsoft\Workspaces] [HKLM\SOFTWARE\Microsoft\WwanSvc] [HKLM\SOFTWARE\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\Software\WOW6432Node\8169Diag] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\Adobee] [HKLM\Software\WOW6432Node\Apple Computer, Inc.] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\ASIO] [HKLM\Software\WOW6432Node\ASIO4ALL] [HKLM\Software\WOW6432Node\ASUS] [HKLM\Software\WOW6432Node\Avast] [HKLM\Software\WOW6432Node\AVAST Software] [HKLM\Software\WOW6432Node\AVS4YOU] [HKLM\Software\WOW6432Node\CDBurnerXP.axp] [HKLM\Software\WOW6432Node\CDBurnerXP.dxp] [HKLM\Software\WOW6432Node\CDBurnerXP.iso] [HKLM\Software\WOW6432Node\CDDB] [HKLM\Software\WOW6432Node\DigitalWave] [HKLM\Software\WOW6432Node\DVDVideoSoft] [HKLM\Software\WOW6432Node\EPSON] [HKLM\Software\WOW6432Node\EpsonNet] [HKLM\Software\WOW6432Node\ePUBee DRM Removal] [HKLM\Software\WOW6432Node\Gabest] [HKLM\Software\WOW6432Node\GNU] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\HaaliMkx] [HKLM\Software\WOW6432Node\HighCriteria] [HKLM\Software\WOW6432Node\Icaros] [HKLM\Software\WOW6432Node\Image-Line] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\LAV] [HKLM\Software\WOW6432Node\LibreOffice] [HKLM\Software\WOW6432Node\MAP-DN] [HKLM\Software\WOW6432Node\McAfee NGI] [HKLM\Software\WOW6432Node\Media Player - Codec Pack] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\Propellerhead Software] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Sage] [HKLM\Software\WOW6432Node\ShalSoft] [HKLM\Software\WOW6432Node\Socia2Sear Browser Enhancer] [HKLM\Software\WOW6432Node\SoftVoice] [HKLM\Software\WOW6432Node\Sony Corporation] [HKLM\Software\WOW6432Node\Sony Creative Software] [HKLM\Software\WOW6432Node\Sony Media Software] [HKLM\Software\WOW6432Node\SRS Labs] [HKLM\Software\WOW6432Node\Steinberg Media Technologies GmbH] [HKLM\Software\WOW6432Node\TechSmith] [HKLM\Software\WOW6432Node\Tencent] [HKLM\Software\WOW6432Node\The Document Foundation] [HKLM\Software\WOW6432Node\TP-Link] [HKLM\Software\WOW6432Node\VideoLAN] [HKLM\Software\WOW6432Node\VST] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\.NETFramework] [HKLM\Software\WOW6432Node\Microsoft\Active Setup] [HKLM\Software\WOW6432Node\Microsoft\ADs] [HKLM\Software\WOW6432Node\Microsoft\Advanced INF Setup] [HKLM\Software\WOW6432Node\Microsoft\AMSI] [HKLM\Software\WOW6432Node\Microsoft\ASP.NET] [HKLM\Software\WOW6432Node\Microsoft\Assistance] [HKLM\Software\WOW6432Node\Microsoft\AudioCompressionManager] [HKLM\Software\WOW6432Node\Microsoft\BidInterface] [HKLM\Software\WOW6432Node\Microsoft\Command Processor] [HKLM\Software\WOW6432Node\Microsoft\Cryptography] [HKLM\Software\WOW6432Node\Microsoft\CTF] [HKLM\Software\WOW6432Node\Microsoft\DataAccess] [HKLM\Software\WOW6432Node\Microsoft\DataFactory] [HKLM\Software\WOW6432Node\Microsoft\DevDiv] [HKLM\Software\WOW6432Node\Microsoft\Direct3D] [HKLM\Software\WOW6432Node\Microsoft\DirectDraw] [HKLM\Software\WOW6432Node\Microsoft\DirectInput] [HKLM\Software\WOW6432Node\Microsoft\DirectMusic] [HKLM\Software\WOW6432Node\Microsoft\DirectPlay] [HKLM\Software\WOW6432Node\Microsoft\DirectPlay8] [HKLM\Software\WOW6432Node\Microsoft\DirectPlayNATHelp] [HKLM\Software\WOW6432Node\Microsoft\DirectShow] [HKLM\Software\WOW6432Node\Microsoft\DirectX] [HKLM\Software\WOW6432Node\Microsoft\DownloadManager] [HKLM\Software\WOW6432Node\Microsoft\DRM] [HKLM\Software\WOW6432Node\Microsoft\DVR] [HKLM\Software\WOW6432Node\Microsoft\Edge] [HKLM\Software\WOW6432Node\Microsoft\EdgeUpdate] [HKLM\Software\WOW6432Node\Microsoft\Exchange] [HKLM\Software\WOW6432Node\Microsoft\Fax] [HKLM\Software\WOW6432Node\Microsoft\Feeds] [HKLM\Software\WOW6432Node\Microsoft\FlashConfig] [HKLM\Software\WOW6432Node\Microsoft\FTH] [HKLM\Software\WOW6432Node\Microsoft\Function Discovery] [HKLM\Software\WOW6432Node\Microsoft\Fusion] [HKLM\Software\WOW6432Node\Microsoft\HTMLHelp] [HKLM\Software\WOW6432Node\Microsoft\IdentityCRL] [HKLM\Software\WOW6432Node\Microsoft\IdentityStore] [HKLM\Software\WOW6432Node\Microsoft\IMAPI] [HKLM\Software\WOW6432Node\Microsoft\IMEJP] [HKLM\Software\WOW6432Node\Microsoft\IMEKR] [HKLM\Software\WOW6432Node\Microsoft\IMETC] [HKLM\Software\WOW6432Node\Microsoft\Internet Account Manager] [HKLM\Software\WOW6432Node\Microsoft\Internet Domains] [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer] [HKLM\Software\WOW6432Node\Microsoft\IsoBurn] [HKLM\Software\WOW6432Node\Microsoft\Jet] [HKLM\Software\WOW6432Node\Microsoft\MediaCenterPeripheral] [HKLM\Software\WOW6432Node\Microsoft\MediaPlayer] [HKLM\Software\WOW6432Node\Microsoft\MessengerService] [HKLM\Software\WOW6432Node\Microsoft\Migwiz] [HKLM\Software\WOW6432Node\Microsoft\MMC] [HKLM\Software\WOW6432Node\Microsoft\Mobile] [HKLM\Software\WOW6432Node\Microsoft\MSBuild] [HKLM\Software\WOW6432Node\Microsoft\MSDE] [HKLM\Software\WOW6432Node\Microsoft\MSDTC] [HKLM\Software\WOW6432Node\Microsoft\MSF] [HKLM\Software\WOW6432Node\Microsoft\MSLicensing] [HKLM\Software\WOW6432Node\Microsoft\MSN Apps] [HKLM\Software\WOW6432Node\Microsoft\Multimedia] [HKLM\Software\WOW6432Node\Microsoft\NapServer] [HKLM\Software\WOW6432Node\Microsoft\NET Framework Setup] [HKLM\Software\WOW6432Node\Microsoft\NetSh] [HKLM\Software\WOW6432Node\Microsoft\Network] [HKLM\Software\WOW6432Node\Microsoft\NetworkAccessProtection] [HKLM\Software\WOW6432Node\Microsoft\Notepad] [HKLM\Software\WOW6432Node\Microsoft\ODBC] [HKLM\Software\WOW6432Node\Microsoft\Office] [HKLM\Software\WOW6432Node\Microsoft\Outlook Express] [HKLM\Software\WOW6432Node\Microsoft\PLA] [HKLM\Software\WOW6432Node\Microsoft\PowerShell] [HKLM\Software\WOW6432Node\Microsoft\Print] [HKLM\Software\WOW6432Node\Microsoft\RADAR] [HKLM\Software\WOW6432Node\Microsoft\Reliability Analysis] [HKLM\Software\WOW6432Node\Microsoft\RendezvousApps] [HKLM\Software\WOW6432Node\Microsoft\SchedulingAgent] [HKLM\Software\WOW6432Node\Microsoft\Security Center] [HKLM\Software\WOW6432Node\Microsoft\Sensors] [HKLM\Software\WOW6432Node\Microsoft\Shared Tools] [HKLM\Software\WOW6432Node\Microsoft\Shared Tools Location] [HKLM\Software\WOW6432Node\Microsoft\SideShow] [HKLM\Software\WOW6432Node\Microsoft\Silverlight] [HKLM\Software\WOW6432Node\Microsoft\Software] [HKLM\Software\WOW6432Node\Microsoft\Speech] [HKLM\Software\WOW6432Node\Microsoft\SQMClient] [HKLM\Software\WOW6432Node\Microsoft\Sync Framework] [HKLM\Software\WOW6432Node\Microsoft\TableTextService] [HKLM\Software\WOW6432Node\Microsoft\TabletTip] [HKLM\Software\WOW6432Node\Microsoft\Tcpip] [HKLM\Software\WOW6432Node\Microsoft\Terminal Server Client] [HKLM\Software\WOW6432Node\Microsoft\TIP Shared] [HKLM\Software\WOW6432Node\Microsoft\TPG] [HKLM\Software\WOW6432Node\Microsoft\Tpm] [HKLM\Software\WOW6432Node\Microsoft\Tracing] [HKLM\Software\WOW6432Node\Microsoft\TV System Services] [HKLM\Software\WOW6432Node\Microsoft\uDRM] [HKLM\Software\WOW6432Node\Microsoft\Updates] [HKLM\Software\WOW6432Node\Microsoft\UPnP Device Host] [HKLM\Software\WOW6432Node\Microsoft\VisualStudio] [HKLM\Software\WOW6432Node\Microsoft\WAB] [HKLM\Software\WOW6432Node\Microsoft\WBEM] [HKLM\Software\WOW6432Node\Microsoft\WIMMount] [HKLM\Software\WOW6432Node\Microsoft\Windows] [HKLM\Software\WOW6432Node\Microsoft\Windows Defender] [HKLM\Software\WOW6432Node\Microsoft\Windows Desktop Search] [HKLM\Software\WOW6432Node\Microsoft\Windows Mail] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Device Manager] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Foundation] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Player NSS] [HKLM\Software\WOW6432Node\Microsoft\Windows Messaging Subsystem] [HKLM\Software\WOW6432Node\Microsoft\Windows NT] [HKLM\Software\WOW6432Node\Microsoft\Windows Photo Viewer] [HKLM\Software\WOW6432Node\Microsoft\Windows Portable Devices] [HKLM\Software\WOW6432Node\Microsoft\Windows Script Host] [HKLM\Software\WOW6432Node\Microsoft\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Workspaces] [HKLM\Software\WOW6432Node\Microsoft\COM3] [HKLM\Software\WOW6432Node\Microsoft\DFS] [HKLM\Software\WOW6432Node\Microsoft\Driver Signing] [HKLM\Software\WOW6432Node\Microsoft\EnterpriseCertificates] [HKLM\Software\WOW6432Node\Microsoft\EventSystem] [HKLM\Software\WOW6432Node\Microsoft\MSMQ] [HKLM\Software\WOW6432Node\Microsoft\Non-Driver Signing] [HKLM\Software\WOW6432Node\Microsoft\Ole] [HKLM\Software\WOW6432Node\Microsoft\Ras] [HKLM\Software\WOW6432Node\Microsoft\Rpc] [HKLM\Software\WOW6432Node\Microsoft\SystemCertificates] [HKLM\Software\WOW6432Node\Microsoft\TermServLicensing] [HKLM\Software\WOW6432Node\Microsoft\Transaction Server] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ---------- | Drives D: E: ---------- | C: [02/11/2017 09:46:47] - |HD| - [208896] - C:\$AV_ASW [27/05/2016 12:56:18] - |HD| - [835209807] - C:\$INPLACE.~TR [14/07/2009 05:18:56] - |SHD| - [258] - C:\$Recycle.Bin [31/05/2016 17:14:28] - |HD| - [411826] - C:\$WINDOWS.~BT [27/05/2016 12:59:36] - |HD| - [1251550029] - C:\$WINDOWS.~Q [31/05/2016 15:55:25] - |HD| - [398274] - C:\$Windows.~WS [02/06/2016 19:15:22] - |D| - [0] - C:\00e21270a3f05e5c5c [MD5.558CBA0BA49B7DBCD64BD4AE01CA6450] - [31/05/2016 12:11:13] - |AH| - (.-.) - [112] - (0.0.0.0) - C:\0DCE9118471E [03/06/2016 09:28:05] - |D| - [248949265] - C:\49d65c8781e99b86c29f [03/06/2016 13:59:00] - |D| - [1240302] - C:\4e73bc4ddb13ace160444bdf0360eb [MD5.F8C6B07B2A5EB4F948D981A974491173] - [31/05/2016 12:11:13] - |AH| - (.-.) - [40] - (0.0.0.0) - C:\8EF7978DB483 [MD5.01CED90478E6CB985CD65D110173D7D5] - [23/08/2015 03:01:46] - |A| - (.-.) - [206] - (0.0.0.0) - C:\audio.log [03/06/2016 09:54:37] - |D| - [340547] - C:\c0f830b703f39103e2 [03/06/2016 09:30:10] - |D| - [5084307] - C:\cce74c4ab74226a0fc6a05bc2d [MD5.7B2F5E98C889D2CBAB9E953B168C63E1] - [26/09/2019 12:03:00] - |A| - (.-.) - [153] - (0.0.0.0) - C:\config.ini [28/05/2016 08:02:50] - |SHD| - [1595392] - C:\Config.Msi [06/02/2017 18:41:25] - |D| - [4049275] - C:\Cubase 5 [14/07/2009 07:08:56] - |SHD| - [0] - C:\Documents and Settings [24/08/2015 21:21:34] - |D| - [7241088] - C:\Données Ciel [31/05/2016 17:11:12] - |D| - [3625882658] - C:\ESD [28/10/2017 11:00:39] - |D| - [53766408] - C:\Free Devis Factures 2 [MD5.01DB078CCD76856178F4FE301CF2380C] - [06/02/2017 18:46:50] - |A| - (.© Steinberg Media Technologies 2007 - VST 2.4 Plug-In.) - [16138240] - (1.1.0.457) - C:\HALionOne.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/05/2016 12:39:24] - |ASH| - (.-.) - [3118571520] - (0.0.0.0) - C:\hiberfil.sys [23/08/2015 01:43:09] - |D| - [3088820] - C:\Intel [MD5.800B746FDC4D80469AFC7E5E9B510C9C] - [01/12/2006 23:37:14] - |A| - (.© Microsoft Corporation. - Microsoft® Debug Information Accessor.) - [904704] - (8.0.50727.762) - C:\msdia80.dll [13/09/2015 11:11:46] - |D| - [0] - C:\My Shared Folder [MD5.D41D8CD98F00B204E9800998ECF8427E] - [22/08/2015 23:59:15] - |ASH| - (.-.) - [4158095360] - (0.0.0.0) - C:\pagefile.sys [14/07/2009 05:20:08] - |D| - [0] - C:\PerfLogs [14/07/2009 05:20:08] - |RD| - [4295989622] - C:\Program Files [14/07/2009 05:20:08] - |D| - [5841096146] - C:\Program Files (x86) [14/07/2009 05:20:08] - |D| - [12705809660] - C:\ProgramData [06/09/2020 13:29:51] - |D| - [68687] - C:\QuickDiag [MD5.6B6F3204162972B747DB6F4ED18853C3] - [06/09/2020 13:30:00] - |A| - (.-.) - [191272] - (0.0.0.0) - C:\QuickDiag.txt [23/08/2015 00:04:18] - |SHD| - [346515094] - C:\Recovery [03/11/2016 16:44:48] - |D| - [3882] - C:\Spacekace [22/08/2015 23:59:15] - |SHD| - [7090339258] - C:\System Volume Information [17/04/2016 18:47:51] - |D| - [2216952] - C:\Temp [29/05/2016 20:57:47] - |D| - [176] - C:\uninst [14/07/2009 05:20:08] - |RD| - [261553403174] - C:\Users [05/04/2016 16:54:26] - |HD| - [96704] - C:\VTRoot [14/07/2009 05:20:08] - |D| - [42043076308] - C:\Windows [31/05/2016 20:15:31] - |D| - [151271166076] - C:\Windows.old ---------- | C:\Windows [14/07/2009 07:32:38] - |D| - [802] - C:\Windows\addins [14/07/2009 05:20:08] - |D| - [21983894] - C:\Windows\AppCompat [14/07/2009 05:20:08] - |D| - [11283684] - C:\Windows\AppPatch [MD5.D41D8CD98F00B204E9800998ECF8427E] - [03/06/2016 09:54:54] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\Ascd_err.ini [MD5.AAB5EC52F7E8CB6EC8F8E36365DC902F] - [03/06/2016 09:54:54] - |A| - (.-.) - [55413] - (0.0.0.0) - C:\Windows\Ascd_log.ini [MD5.D374AC650ADE54047A0EF5ED9C7E821C] - [03/06/2016 09:32:50] - |A| - (.-.) - [39505] - (0.0.0.0) - C:\Windows\Ascd_tmp.ini [14/07/2009 05:20:08] - |RSD| - [2263618245] - C:\Windows\assembly [MD5.9FCFE78AFBA95C1F3AD8E3F99C5C4636] - [03/06/2016 09:33:53] - |A| - (.Copyright (C) 2009 - AsTaskSchedule.) - [16896] - (0.1.0.4) - C:\Windows\AsTaskSched.dll [03/06/2016 10:00:03] - |D| - [14344696] - C:\Windows\AsusInstAll [MD5.12EBDA58437CD1EA7066FCB6455241D2] - [09/09/2016 16:05:43] - |A| - (.Copyright (c) 2014 AVAST Software - avast! Screen Saver stub.) - [53208] - (12.3.3154.0) - C:\Windows\avastSS.scr [MD5.317CD1CE327B6520BF4EE007BCD39E61] - [21/11/2010 05:24:22] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [71168] - (6.1.7601.17514) - C:\Windows\bfsvc.exe [12/04/2011 10:28:09] - |SHD| - [553227] - C:\Windows\BitLockerDiscoveryVolumeContents [14/07/2009 05:20:09] - |D| - [29323416] - C:\Windows\Boot [MD5.D016E0FFA7CD13F347DF24E3DEB8A62E] - [14/07/2009 07:38:36] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [14/07/2009 05:20:09] - |D| - [3236352] - C:\Windows\Branding [03/06/2016 09:43:48] - |D| - [43247482] - C:\Windows\Chipset [12/04/2011 10:28:09] - |D| - [0] - C:\Windows\CSC [14/07/2009 05:20:09] - |D| - [2113488] - C:\Windows\Cursors [14/07/2009 06:45:54] - |D| - [257418] - C:\Windows\debug [MD5.D1E75542EC8D1B4851765A57AC63618E] - [31/05/2016 17:14:24] - |A| - (.-.) - [1908] - (0.0.0.0) - C:\Windows\diagerr.xml [14/07/2009 07:32:38] - |D| - [3258577] - C:\Windows\diagnostics [MD5.D1E75542EC8D1B4851765A57AC63618E] - [31/05/2016 17:14:24] - |A| - (.-.) - [1908] - (0.0.0.0) - C:\Windows\diagwrn.xml [14/07/2009 07:37:46] - |D| - [0] - C:\Windows\DigitalLocker [14/07/2009 07:32:38] - |D| - [65] - C:\Windows\Downloaded Program Files [12/04/2011 10:28:10] - |D| - [119121973] - C:\Windows\ehome [14/07/2009 07:37:46] - |D| - [110080] - C:\Windows\en-US [MD5.38AE1B3C38FAEF56FE4907922F0385BA] - [13/10/2016 09:36:20] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3229696] - (6.1.7601.23537) - C:\Windows\explorer.exe [14/07/2009 05:20:09] - |RSD| - [415464743] - C:\Windows\Fonts [18/06/2015 11:44:23] - |D| - [142336] - C:\Windows\fr-FR [MD5.92BB2E9AA28542C685C59EFCBAC2490B] - [14/07/2009 01:22:13] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de chiffrement de lecteur BitLocker.) - [15360] - (6.1.7600.16385) - C:\Windows\fveupdate.exe [14/07/2009 05:20:09] - |D| - [34181371] - C:\Windows\Globalization [14/07/2009 05:20:09] - |D| - [71743504] - C:\Windows\Help [MD5.A66E522F3CBFB8709EA37844922A002E] - [14/06/2017 16:47:34] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [733696] - (6.1.7601.23834) - C:\Windows\HelpPane.exe [MD5.12589371C087A76B6E8E152939E59E98] - [09/05/2018 13:02:19] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [16896] - (6.1.7601.24134) - C:\Windows\hh.exe [14/07/2009 05:20:09] - |D| - [143543300] - C:\Windows\IME [14/07/2009 05:20:10] - |D| - [136787349] - C:\Windows\inf [31/05/2016 11:24:01] - |SHD| - [2557751625] - C:\Windows\Installer [14/07/2009 05:20:10] - |D| - [48371] - C:\Windows\L2Schemas [MD5.718FECF22BF4BD4FC05B79AA4BEC75D0] - [03/06/2016 09:26:47] - |A| - (.-.) - [1769] - (0.0.0.0) - C:\Windows\Language_trs.ini [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\LiveKernelReports [14/07/2009 05:20:10] - |D| - [68025887] - C:\Windows\Logs [14/07/2009 05:20:10] - |RSD| - [13327133] - C:\Windows\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [14/07/2009 02:10:29] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [14/07/2009 05:20:10] - |D| - [995930522] - C:\Windows\Microsoft.NET [06/06/2016 12:16:23] - |D| - [4924] - C:\Windows\Migration [22/01/2017 15:41:15] - |D| - [0] - C:\Windows\Minidump [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\ModemLogs [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 04:35:42] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\Windows\msdfmap.ini [MD5.B32189BDFF6E577A92BAA61AD49264E6] - [05/06/2016 21:47:06] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [193536] - (6.1.7601.18917) - C:\Windows\notepad.exe [14/07/2009 07:32:38] - |D| - [65] - C:\Windows\Offline Web Pages [31/05/2016 20:25:37] - |D| - [862058] - C:\Windows\Panther [14/07/2009 07:32:38] - |D| - [62364246] - C:\Windows\Performance [MD5.A223B5E8182C95ACF1C98D3DDD054B15] - [25/02/2018 21:08:17] - |A| - (.-.) - [6841190] - (0.0.0.0) - C:\Windows\PFRO.log [14/07/2009 05:20:10] - |D| - [1271749] - C:\Windows\PLA [14/07/2009 05:20:10] - |D| - [7351929] - C:\Windows\PolicyDefinitions [31/05/2016 10:27:03] - |D| - [33120353] - C:\Windows\Prefetch [MD5.2E2C937846A0B8789E5E91739284D17A] - [14/07/2009 01:27:10] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [427008] - (6.1.7600.16385) - C:\Windows\regedit.exe [14/07/2009 05:20:10] - |D| - [22588] - C:\Windows\registration [12/04/2011 10:28:09] - |D| - [0] - C:\Windows\RemotePackages [14/07/2009 05:20:10] - |D| - [12063109] - C:\Windows\rescache [14/07/2009 05:20:10] - |D| - [1802022] - C:\Windows\Resources [MD5.51254CE041C5D011944C3E11D5A00608] - [02/06/2016 17:25:22] - |A| - (.Copyright (C) 2016 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2838232] - (1.0.6.8) - C:\Windows\RtlExUpd.dll [MD5.7A5A148AAA991931AAA22F524F57052A] - [03/06/2016 09:54:55] - |A| - (.-.) - [438] - (0.0.0.0) - C:\Windows\scd.ini [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\SchCache [14/07/2009 05:20:10] - |D| - [58021] - C:\Windows\schemas [14/07/2009 05:20:10] - |D| - [5281068] - C:\Windows\security [14/07/2009 06:45:47] - |D| - [496073722] - C:\Windows\ServiceProfiles [14/07/2009 05:20:10] - |D| - [444179640] - C:\Windows\servicing [14/07/2009 06:45:50] - |D| - [42] - C:\Windows\Setup [MD5.D74E3C688AA4F552EB9F55CB8EA67170] - [05/09/2020 19:24:24] - |A| - (.-.) - [56] - (0.0.0.0) - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [05/09/2020 19:24:24] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log [31/05/2016 10:29:09] - |D| - [1806361598] - C:\Windows\SoftwareDistribution [14/07/2009 05:20:10] - |D| - [251548646] - C:\Windows\Speech [MD5.D01628AF9F7FB3F415B357D446FBE6D9] - [21/11/2010 05:24:16] - |A| - (.© Microsoft Corporation. - Print driver host for 32bit applications.) - [67072] - (6.1.7601.17514) - C:\Windows\splwow64.exe [MD5.9060C3C745E7B2D8E1A81DD061021546] - [14/07/2009 07:28:38] - |A| - (.-.) - [48201] - (0.0.0.0) - C:\Windows\Starter.xml [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\system [MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 04:34:57] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [14/07/2009 05:20:10] - |D| - [5247281348] - C:\Windows\System32 [14/07/2009 05:20:14] - |D| - [1388554274] - C:\Windows\SysWOW64 [14/07/2009 05:20:14] - |D| - [15] - C:\Windows\TAPI [MD5.0DB37CA6A6F529C1A81C4E6FC9BA731E] - [01/06/2016 10:33:30] - |A| - (.-.) - [73216] - (0.0.0.0) - C:\Windows\taskmgr.exe [14/07/2009 05:20:14] - |D| - [36154] - C:\Windows\Tasks [14/07/2009 05:20:14] - |D| - [396] - C:\Windows\Temp [14/07/2009 05:20:14] - |D| - [0] - C:\Windows\tracing [MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/06/2009 23:41:17] - |A| - (.- Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\Windows\twain.dll [14/07/2009 07:32:38] - |D| - [43077596] - C:\Windows\twain_32 [MD5.163A95975E1D8819E653AA3E961371CA] - [21/11/2010 05:25:10] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\Windows\twain_32.dll [MD5.F36A271706EDD23C94956AFB56981184] - [14/07/2009 00:47:26] - |A| - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\Windows\twunk_16.exe [MD5.0BD6E68F3EA0DD62CD86283D86895381] - [14/07/2009 02:14:40] - |A| - (.- Twain.dll Client's 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\Windows\twunk_32.exe [MD5.BE9ABBA239905C914B050195978E4D02] - [12/04/2011 10:28:47] - |A| - (.-.) - [51867] - (0.0.0.0) - C:\Windows\Ultimate.xml [14/07/2009 05:20:14] - |D| - [12420] - C:\Windows\Vss [14/07/2009 05:20:14] - |D| - [40681427] - C:\Windows\Web [MD5.162904DAA5412143F5403233E77F787E] - [14/07/2009 04:34:57] - |A| - (.-.) - [403] - (0.0.0.0) - C:\Windows\win.ini [MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [14/07/2009 06:54:24] - |RAH| - (.-.) - [749] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.351270244A33613DC658A803CEC871F6] - [31/05/2016 10:29:08] - |A| - (.-.) - [1167583] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.1D420D66250BCAAAED05724FB34008CF] - [14/07/2009 02:12:29] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [9728] - (6.1.7600.16385) - C:\Windows\winhlp32.exe [14/07/2009 05:20:14] - |D| - [25235044747] - C:\Windows\winsxs [MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [10/06/2009 22:52:44] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.F8ED3B4B209E2CB49028E36CF06CA851] - [14/07/2009 01:56:28] - |A| - (.© Microsoft Corporation. - Windows Write.) - [10240] - (6.1.7600.16385) - C:\Windows\write.exe [MD5.D41D8CD98F00B204E9800998ECF8427E] - [03/06/2016 13:59:00] - |AHT| - (.-.) - [0] - (0.0.0.0) - C:\Windows\wusa.lock ---------- | C:\Windows\System32\GroupPolicy [01/06/2016 10:33:17] - |D| - [2442] - C:\Windows\System32\GroupPolicy\Adm [MD5.D26A84A237A8085A2E9FF12AFA5C153F] - [01/06/2016 10:33:17] - |A| - (.-.) - [268] - (0.0.0.0) - C:\Windows\System32\GroupPolicy\gpt.ini [01/06/2016 10:33:17] - |D| - [1846] - C:\Windows\System32\GroupPolicy\Machine [01/06/2016 10:33:17] - |D| - [0] - C:\Windows\System32\GroupPolicy\User ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [08/08/2019 05:51:00] - C:\Windows\Installer\1102ab74.msi : (Epson Software Updater - Seiko Epson Corporation) [Header ok : D0CF11E0A1B11AE10000000000000000] [06/06/2019 09:41:24] - C:\Windows\Installer\1102ab83.msi : (EPSON Manuals - Seiko Epson Corporation) [Header ok : D0CF11E0A1B11AE10000000000000000] [25/03/2019 15:52:00] - C:\Windows\Installer\1102ae2f.msi : (Easy Photo Scan - Seiko Epson Corporation) [Header ok : D0CF11E0A1B11AE10000000000000000] [24/10/2019 18:56:28] - C:\Windows\Installer\1102ae35.msi : (Epson Printer Connection Checker - Seiko Epson Corporation) [Header ok : D0CF11E0A1B11AE10000000000000000] [01/06/2016 09:28:31] - C:\Windows\Installer\110c60.msi : (CDBurnerXP 4.5.6.6053 Windows Installer - Canneverbe Limited) [Header ok : D0CF11E0A1B11AE10000000000000000] [08/03/2016 15:40:18] - C:\Windows\Installer\110c78.msi : ([ProductName] Installer - Apple Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [30/07/2019 10:01:04] - C:\Windows\Installer\158da6.msi : (Blank Project Template - InstallShield) [Header ok : D0CF11E0A1B11AE10000000000000000] [31/07/2018 19:41:50] - C:\Windows\Installer\1ad44fa6.msi : (iCloud for Windows installer - Apple Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [23/02/2016 15:47:08] - C:\Windows\Installer\1ad9e60.msi : (Hardware Detection DriversCloud.com - Cybelsoft) [Header ok : D0CF11E0A1B11AE10000000000000000] [12/03/2015 11:35:12] - C:\Windows\Installer\1c38c66.msi : (Intel(R) Chipset Device Software - Intel Corporation) [Header ok : D0CF11E0A1B11AE10000000000000000] [07/07/2020 13:37:07] - C:\Windows\Installer\1f704eca.msi : (Apple Application Support Installer - Apple Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [07/07/2020 13:37:17] - C:\Windows\Installer\1f7052bc.msi : (Apple Application Support Installer - Apple Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [07/07/2020 13:37:17] - C:\Windows\Installer\1f7053ff.msi : (Apple Software Update Installer - Apple Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [07/07/2020 13:45:29] - C:\Windows\Installer\1f70544a.msi : (Apple Mobile Device Support Installer - Apple Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [14/09/2016 15:43:32] - C:\Windows\Installer\240f4470.msi : (EpsonNet Print - SEIKO EPSON Corporation) [Header ok : D0CF11E0A1B11AE10000000000000000] [17/03/2015 10:41:29] - C:\Windows\Installer\31b1f1c5.msi : ( - Adobe Systems Incorporated) [Header ok : D0CF11E0A1B11AE10000000000000000] [21/07/2017 03:05:18] - C:\Windows\Installer\3a6f34c.msi : ( - dotPDN LLC) [Header ok : D0CF11E0A1B11AE10000000000000000] [11/08/2020 11:34:08] - C:\Windows\Installer\475fc67e.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [Header ok : D0CF11E0A1B11AE10000000000000000] [04/04/2018 17:48:06] - C:\Windows\Installer\4cb246d.msi : (4K Video Downloader 4.4 Installer - Open Media LLC) [Header ok : D0CF11E0A1B11AE10000000000000000] [14/12/2016 21:10:36] - C:\Windows\Installer\55e2fca.msi : (Steinberg Upload Manager 1.0.2 - Steinberg Media Technologies GmbH) [Header ok : D0CF11E0A1B11AE10000000000000000] [14/12/2016 21:39:40] - C:\Windows\Installer\55e33ec.msi : (Steinberg Groove Agent SE 64bit 4.2.30 - Steinberg Media Technologies GmbH) [Header ok : D0CF11E0A1B11AE10000000000000000] [14/12/2016 21:25:40] - C:\Windows\Installer\55e3e35.msi : (Steinberg HALion Sonic SE 64bit 2.0.2 - Steinberg Media Technologies GmbH) [Header ok : D0CF11E0A1B11AE10000000000000000] [15/12/2015 15:18:36] - C:\Windows\Installer\565f72.msi : (QuickTime Installer - Apple Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [25/10/2016 18:37:04] - C:\Windows\Installer\56ab5e5.msi : (Steinberg Generic Lower Latency ASIO Driver 64bit 1.0.10 - Steinberg Media Technologies GmbH) [Header ok : D0CF11E0A1B11AE10000000000000000] [07/07/2014 08:12:28] - C:\Windows\Installer\61647c8.msi : (Steinberg Cubase 5.0.0 - Steinberg Media Technologies GmbH) [Header ok : D0CF11E0A1B11AE10000000000000000] [16/09/2013 12:17:36] - C:\Windows\Installer\7c5d4.msi : (Intel(R) Trusted Connect Service Client - Intel Corporation) [Header ok : D0CF11E0A1B11AE10000000000000000] [07/08/2013 14:26:32] - C:\Windows\Installer\7c5db.msi : (Intel(R) Rapid Storage Technology - Intel Corporation) [Header ok : D0CF11E0A1B11AE10000000000000000] [25/03/2014 10:31:02] - C:\Windows\Installer\7c5e2.msi : (ASUS Product Register Program - ASUSTek Computer Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [12/04/2018 03:22:59] - C:\Windows\Installer\7fe52.msi : (Avast Update Helper - AVAST Software) [Header ok : D0CF11E0A1B11AE10000000000000000] [29/01/2016 13:09:58] - C:\Windows\Installer\94ce086.msi : (Epson Event Manager - Seiko Epson Corporation) [Header ok : D0CF11E0A1B11AE10000000000000000] [01/04/2016 13:20:00] - C:\Windows\Installer\94ce08e.msi : (MyEpson Portal Setup - SEIKO EPSON CORPORATION) [Header ok : D0CF11E0A1B11AE10000000000000000] [27/05/2015 09:45:36] - C:\Windows\Installer\94ce09e.msi : (Epson E-Web Print - SEIKO EPSON CORPORATION) [Header ok : D0CF11E0A1B11AE10000000000000000] [07/04/2009 22:41:35] - C:\Windows\Installer\e72a551.msi : (ACID Pro 7.0 - Pictures Digital Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [08/08/2019 06:10:46] - [33751040] - (.().-. - ()) - C:\Windows\Installer\117d718e.msp [10/12/2016 19:37:36] - [23813120] - (.().-. - ()) - C:\Windows\Installer\13e50a3.msp [25/07/2019 10:34:08] - [34856960] - (.().-. - ()) - C:\Windows\Installer\2377cd9.msp [19/08/2020 13:46:52] - [2781184] - (.().-. - ()) - C:\Windows\Installer\2820dd3a.msp [06/07/2020 14:20:53] - [5853184] - (.().-. - ()) - C:\Windows\Installer\292e96d5.msp [26/07/2019 21:14:58] - [33325056] - (.().-. - ()) - C:\Windows\Installer\2b2bd3be.msp [11/12/2019 09:34:20] - [35799040] - (.().-. - ()) - C:\Windows\Installer\30628ee.msp [21/05/2020 18:16:51] - [1392640] - (.().-. - ()) - C:\Windows\Installer\31d6d754.msp [02/06/2020 14:40:08] - [3026944] - (.().-. - ()) - C:\Windows\Installer\34217daf.msp [30/11/2016 00:00:44] - [34881536] - (.().-. - ()) - C:\Windows\Installer\56ab5d0.msp [28/06/2011 21:27:28] - [4028928] - (.().-. - ()) - C:\Windows\Installer\75e1e.msp [28/06/2011 21:21:32] - [4637184] - (.().-. - ()) - C:\Windows\Installer\7a423.msp [31/07/2020 05:39:02] - [70844416] - (.().-. - ()) - C:\Windows\Installer\b06c4.msp [25/11/2019 12:48:02] - [35319808] - (.().-. - ()) - C:\Windows\Installer\bf438c8.msp [21/02/2017 14:33:51] - [12845056] - (.().-. - ()) - C:\Windows\Installer\f48863f.msp ---------- | %System%\*.in* [14/07/2009 06:57:09] - [73] - C:\Windows\System32\desktop.ini [07/06/2016 09:51:28] - [16303] - C:\Windows\System32\ieuinit.inf [26/09/2019 11:56:58] - [213322] - C:\Windows\System32\netrtwlanu.inf [26/09/2019 11:56:58] - [220666] - C:\Windows\System32\netrtwlanu_COINST.inf [14/07/2009 07:13:15] - [1671678] - C:\Windows\System32\PerfStringBackup.INI [10/06/2009 23:01:25] - [60124] - C:\Windows\System32\tcpmon.ini [24/02/2013 18:51:26] - [236] - C:\Windows\Syswow64\Formats.ini [07/06/2016 09:51:29] - [16303] - C:\Windows\Syswow64\ieuinit.inf [14/07/2009 06:55:01] - [535] - C:\Windows\Syswow64\mapisvc.inf [03/06/2016 10:17:19] - [1645810] - C:\Windows\Syswow64\PerfStringBackup.INI ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.6712E83EA2BF4FB46A316EEEF51E8101] - |A| - [13/03/2019 19:06:08] - (.-.) - [124.99 Ko] - (0.0.0.0) - C:\Windows\AppPatch\AppPatch64\sysmain.sdb [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:08] - [0 Ko] - C:\Windows\AppPatch\Custom\Custom64 [MD5.00000000000000000000000000000000] - |D| - [05/09/2020 19:27:47] - [0.35 Ko] - C:\Windows\Temp\avast_ash2 [MD5.00000000000000000000000000000000] - |D| - [02/09/2020 21:23:56] - [0 Ko] - C:\Windows\Temp\bcltmpFRxkv [MD5.00000000000000000000000000000000] - |D| - [02/09/2020 21:33:54] - [0.04 Ko] - C:\Windows\Temp\Crashpad [MD5.00000000000000000000000000000000] - |D| - [31/05/2016 11:28:16] - [0 Ko] - C:\Windows\Temp\_avast_ [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 10:17:52] - [0 Ko] - C:\Windows\System32\0409 [MD5.00000000000000000000000000000000] - |D| - [18/06/2015 11:43:28] - [0 Ko] - C:\Windows\System32\040C [MD5.D41D8CD98F00B204E9800998ECF8427E] - |AH| - [14/07/2009 06:45:49] - (.-.) - [35.89 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [MD5.D41D8CD98F00B204E9800998ECF8427E] - |AH| - [14/07/2009 06:45:49] - (.-.) - [35.89 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [MD5.2C34424A3C441F9F628C9323F7DF75F0] - |A| - [09/11/2016 10:45:48] - (.-.) - [115.81 Ko] - (0.0.0.0) - C:\Windows\System32\AcpiServiceVnA64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [4987.5 Ko] - C:\Windows\System32\AdvancedInstallers [MD5.BA9D989AB9F2A966F32ED9D29DD8B4FF] - |A| - [12/08/2020 17:54:53] - (.Copyright (c) 2020 AVAST Software - Avast Antivirus start-up scanner.) - [328.09 Ko] - (20.6.5495.0) - C:\Windows\System32\aswBoot.exe [MD5.753C67A7466648E95ADE9408A76079CF] - |A| - [09/11/2016 10:46:00] - (.-.) - [102.84 Ko] - (0.0.0.0) - C:\Windows\System32\audioLibVc.dll [MD5.A49329F8E92DC85B7648A8AB991ED203] - |A| - [22/09/2018 21:18:30] - (.Copyright (C) 2000-2018 FFmpeg Project - FFmpeg codec library.) - [10698 Ko] - (58.30.100.0) - C:\Windows\System32\avcodec-ics-58.dll [MD5.E8D2B16F6D834C49089C3316EFAA438D] - |A| - [11/10/2018 11:31:48] - (.Copyright (C) 2000-2018 FFmpeg Project - FFmpeg codec library.) - [14050.18 Ko] - (58.30.100.0) - C:\Windows\System32\avcodec-lav-58.dll [MD5.49FBD3AE8B10613CCB14FAE7D7A9DF98] - |A| - [11/10/2018 11:31:52] - (.Copyright (C) 2000-2018 FFmpeg Project - FFmpeg audio/video filtering library.) - [202.18 Ko] - (7.29.100.0) - C:\Windows\System32\avfilter-lav-7.dll [MD5.DA2EFBBF29D861A3806498ADB777EFBA] - |A| - [22/09/2018 21:18:30] - (.Copyright (C) 2000-2018 FFmpeg Project - FFmpeg container format library.) - [1248.5 Ko] - (58.18.100.0) - C:\Windows\System32\avformat-ics-58.dll [MD5.03F0A06E9FA0921C9B9D7B5A7EB00EE1] - |A| - [11/10/2018 11:31:54] - (.Copyright (C) 2000-2018 FFmpeg Project - FFmpeg container format library.) - [1680.68 Ko] - (58.18.100.0) - C:\Windows\System32\avformat-lav-58.dll [MD5.FA0112B5BCA397AC6988846027B7A92D] - |A| - [17/12/2013 03:28:18] - (.-.) - [119.5 Ko] - (0.0.0.0) - C:\Windows\System32\avi.x64.dll [MD5.D540458BDC4305C5F02BF2956D3F2EB7] - |A| - [11/10/2018 11:31:58] - (.Copyright (C) 2000-2018 FFmpeg Project - Libav audio resampling library.) - [163.68 Ko] - (4.0.0.0) - C:\Windows\System32\avresample-lav-4.dll [MD5.687CCADC1A7F9488538E06218ED4C4C1] - |A| - [22/09/2018 21:18:30] - (.Copyright (C) 2000-2018 FFmpeg Project - FFmpeg utility library.) - [482 Ko] - (56.19.101.0) - C:\Windows\System32\avutil-ics-56.dll [MD5.FDB46E2B55D2E0A73487B3B4119C1DFC] - |A| - [11/10/2018 11:32:00] - (.Copyright (C) 2000-2018 FFmpeg Project - FFmpeg utility library.) - [494.68 Ko] - (56.19.101.0) - C:\Windows\System32\avutil-lav-56.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [173 Ko] - C:\Windows\System32\bg-BG [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [2721.59 Ko] - C:\Windows\System32\Boot [MD5.F02F93D5AEC524052E4A37C1BB7CCF31] - |A| - [14/07/2009 03:20:24] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother Multi Function CoInstaller.) - [19 Ko] - (1.0.0.20) - C:\Windows\System32\brcoinst.dll [MD5.7D00FF6A4315FDF4ACAFBB4EF157EA9F] - |A| - [14/07/2009 02:07:04] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [91.5 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll [MD5.6794D9D442E31DC5E95BDF65F37E4386] - |A| - [14/07/2009 01:56:54] - (.Copyright (C) 2006 - CardGames Resources.) - [6068.5 Ko] - (1.0.0.1) - C:\Windows\System32\CardGames.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [278749.81 Ko] - C:\Windows\System32\catroot [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [50690.95 Ko] - C:\Windows\System32\catroot2 [MD5.DAD91F9C3C741BCDBF248C491007BD76] - |A| - [16/07/2017 19:51:32] - (.Copyright © 2002-2017 all contributors, see Authors.txt - CDXA Reader Filter.) - [408.23 Ko] - (1.7.13.0) - C:\Windows\System32\cdxareader.ax [MD5.00000000000000000000000000000000] - |D| - [30/11/2018 18:17:12] - [188.58 Ko] - C:\Windows\System32\Codecs [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [31072.41 Ko] - C:\Windows\System32\CodeIntegrity [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [361 Ko] - C:\Windows\System32\com [MD5.00000000000000000000000000000000] - |SD| - [08/06/2016 03:28:32] - [5028.19 Ko] - C:\Windows\System32\CompatTel [MD5.80CA342AFE5C3C9C2E311B664FA4A385] - |A| - [09/11/2016 10:46:10] - (.2013 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [119.45 Ko] - (1.0.0.4) - C:\Windows\System32\CONEQMSAPOGUILibrary.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [474190.15 Ko] - C:\Windows\System32\config [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [432 Ko] - C:\Windows\System32\cs-CZ [MD5.3C3838E598E2DBC295311FB1B36989DB] - |A| - [17/12/2013 03:28:10] - (.-.) - [4.72 Ko] - (0.0.0.0) - C:\Windows\System32\cue2xml.js [MD5.60E6C68CB0B797EDD0386A68526935A4] - |A| - [03/06/2016 09:56:45] - (.-.) - [0.91 Ko] - (0.0.0.0) - C:\Windows\System32\CustomModeApp.exe.config [MD5.EE08F5423F26DEDFBAF654D11DB83120] - |A| - [09/11/2016 10:59:08] - (.©Conexant Systems Inc. - Conexant APO.) - [1580.84 Ko] - (1.66.0.0) - C:\Windows\System32\CX64APO.dll [MD5.669D559D2B8A4BA1ACA0EB885A34875C] - |A| - [09/11/2016 10:59:12] - (.©Conexant Systems Inc. - Conexant MFX APO Proxy.) - [1493.3 Ko] - (1.2.0.0) - C:\Windows\System32\CX64Proxy.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [427.5 Ko] - C:\Windows\System32\da-DK [MD5.00000000000000000000000000000000] - |D| - [02/06/2016 17:27:24] - [11762.97 Ko] - C:\Windows\System32\DAX2 [MD5.C8E0A7DCD4D4489BDFD8FF01D63E5E61] - |A| - [09/11/2016 10:59:14] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [266.33 Ko] - (7.6.5.1) - C:\Windows\System32\DDPA64.dll [MD5.C5BBF7DEB61040466BCDDCE33412757C] - |A| - [09/11/2016 10:59:18] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [303.15 Ko] - (7.6.7.2) - C:\Windows\System32\DDPA64F3.dll [MD5.E992A50C5A58C9E84FD1A1ADDEE17D97] - |A| - [09/11/2016 10:39:58] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1919.74 Ko] - (7.6.5.1) - C:\Windows\System32\DDPD64A.dll [MD5.89A7BD1DF6361C31F9CFC7F92CC70634] - |A| - [09/11/2016 10:39:58] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1913.68 Ko] - (7.6.7.2) - C:\Windows\System32\DDPD64AF3.dll [MD5.9BBF685C61B9DCB37058BBBB3B6B0A31] - |A| - [09/11/2016 10:59:28] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [319.78 Ko] - (7.6.5.1) - C:\Windows\System32\DDPO64A.dll [MD5.D96C4A3BCD9375182C5D1BCF4E21862C] - |A| - [09/11/2016 10:59:30] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [353.57 Ko] - (7.6.7.2) - C:\Windows\System32\DDPO64AF3.dll [MD5.BFC97B2066D05CE637CB5750FAB5305C] - |A| - [09/11/2016 10:46:32] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6929.88 Ko] - (7.6.5.1) - C:\Windows\System32\DDPP64A.dll [MD5.B7D10A98EBC0691336BE19FC8D95702D] - |A| - [09/11/2016 10:46:40] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6117.81 Ko] - (7.6.7.2) - C:\Windows\System32\DDPP64AF3.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [457.5 Ko] - C:\Windows\System32\de-DE [MD5.079B8AEB4A55BF8493BD1EC70285D920] - |ASH| - [14/07/2009 06:57:09] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\Windows\System32\desktop.ini [MD5.113F0C053FC905441290B0B9935D6523] - |A| - [09/11/2016 10:46:44] - (.© 2016 Dolby Laboratories, Inc. - Dolby DAX2 APO Property Page.) - [1107.02 Ko] - (0.7.5.31) - C:\Windows\System32\DolbyDAX2APOProp.dll [MD5.0876FB6AB0D7B71B0ECFFCFD25EADB21] - |A| - [09/11/2016 10:59:36] - (.© 2016 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [2387.4 Ko] - (0.7.5.31) - C:\Windows\System32\DolbyDAX2APOv201.dll [MD5.049A3B9F6D4055B6225A98F3BA8AB6BD] - |A| - [09/11/2016 10:59:44] - (.© 2016 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [5221.69 Ko] - (0.7.5.31) - C:\Windows\System32\DolbyDAX2APOv211.dll [MD5.60E6C68CB0B797EDD0386A68526935A4] - |A| - [03/06/2016 09:56:45] - (.-.) - [0.91 Ko] - (0.0.0.0) - C:\Windows\System32\DPTopologyApp.exe.config [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [83272.87 Ko] - C:\Windows\System32\drivers [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [1866153.19 Ko] - C:\Windows\System32\DriverStore [MD5.00000000000000000000000000000000] - |DC| - [22/10/2016 16:50:18] - [0 Ko] - C:\Windows\System32\DRVSTORE [MD5.D33E43C54B66CB178A21934E86C26F43] - |A| - [17/12/2013 03:27:52] - (.-.) - [132.5 Ko] - (0.0.0.0) - C:\Windows\System32\dsmux.x64.exe [MD5.7D515F2895D78FFEAF955F6FABAC9B62] - |A| - [09/11/2016 10:59:54] - (.(c) DTS. - DTS Bass Enhancement COM DLL.) - [726.53 Ko] - (1.0.0.1) - C:\Windows\System32\DTSBassEnhancementDLL64.dll [MD5.D9554BC8CEDF1AB3120ADBE62D0E5DE3] - |A| - [09/11/2016 11:00:00] - (.(c) DTS. - DTS Boost COM DLL.) - [1473.57 Ko] - (1.0.0.1) - C:\Windows\System32\DTSBoostDLL64.dll [MD5.DB3C952957A7CD0506EBCA5244FBF221] - |A| - [09/11/2016 11:00:04] - (.(c) DTS. - DTS Gain Compensator COM DLL.) - [430.93 Ko] - (1.0.0.1) - C:\Windows\System32\DTSGainCompensatorDLL64.dll [MD5.3E2096637958815AB1B2C1EA7474B870] - |A| - [09/11/2016 11:00:06] - (.(c) DTS. - DTS GFX APO.) - [247.95 Ko] - (1.0.0.3) - C:\Windows\System32\DTSGFXAPO64.dll [MD5.E01ECA4C6D4348873C0E1ADD8FFBA68E] - |A| - [09/11/2016 11:00:08] - (.(c) DTS. - DTS GFX APO.) - [246.95 Ko] - (1.0.0.3) - C:\Windows\System32\DTSGFXAPONS64.dll [MD5.F569CE738F99BBC41D7017420E658A99] - |A| - [09/11/2016 11:00:12] - (.(c) DTS. - DTS LFX APO.) - [247.91 Ko] - (1.0.0.3) - C:\Windows\System32\DTSLFXAPO64.dll [MD5.D4B8A0D569ABE11E049F41DA4D15CD03] - |A| - [09/11/2016 11:00:16] - (.(c) DTS. - DTS Limiter COM DLL.) - [434.96 Ko] - (1.0.0.1) - C:\Windows\System32\DTSLimiterDLL64.dll [MD5.83AA81D91BCA1E66AB2FE17CF1197544] - |A| - [09/11/2016 11:00:20] - (.(c) DTS. - DTS NEO:PC COM DLL.) - [492.49 Ko] - (1.0.0.1) - C:\Windows\System32\DTSNeoPCDLL64.dll [MD5.36A8F23E6AED4117B025759A789E29D9] - |A| - [09/11/2016 11:00:26] - (.(c) DTS. - DTS Surround Sensation Headphone COM DLL.) - [1553.77 Ko] - (1.0.0.1) - C:\Windows\System32\DTSS2HeadphoneDLL64.dll [MD5.89CD7B854B2787DFF3777C8148493632] - |A| - [09/11/2016 11:00:34] - (.(c) DTS. - DTS Surround Sensation Speaker COM DLL.) - [1738.89 Ko] - (1.0.0.1) - C:\Windows\System32\DTSS2SpeakerDLL64.dll [MD5.82EE1938B8951B7B3C2331E562515DFC] - |A| - [09/11/2016 11:00:38] - (.(c) DTS. - DTS Symmetry COM DLL.) - [710.39 Ko] - (1.0.0.1) - C:\Windows\System32\DTSSymmetryDLL64.dll [MD5.383F107B8A01B7220FE4399015B3818F] - |A| - [09/11/2016 11:00:40] - (.(c) DTS. - DTS GFX APO.) - [488.83 Ko] - (2.1.1.0) - C:\Windows\System32\DTSU2PGFX64.dll [MD5.820CDAA2C683B7E681ACDEA8E16E6B0C] - |A| - [09/11/2016 11:00:44] - (.(c) DTS. - DTS LFX APO.) - [502.47 Ko] - (2.1.1.0) - C:\Windows\System32\DTSU2PLFX64.dll [MD5.E5383C20F853283F4C91AB88A3E0ED9C] - |A| - [09/11/2016 10:40:00] - (.(c) DTS. - DTS LFX APO.) - [418.2 Ko] - (2.1.1.0) - C:\Windows\System32\DTSU2PREC64.dll [MD5.DB74D48218EE04667B09A48C7B838830] - |A| - [09/11/2016 11:00:50] - (.(c) DTS. - DTS Voice Clarity COM DLL.) - [691.71 Ko] - (1.0.0.1) - C:\Windows\System32\DTSVoiceClarityDLL64.dll [MD5.DCE858C6D929EBF0DA9582A4E0B46F95] - |A| - [17/12/2013 03:27:50] - (.-.) - [324.5 Ko] - (0.0.0.0) - C:\Windows\System32\dxr.x64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [457 Ko] - C:\Windows\System32\el-GR [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 10:17:52] - [1804 Ko] - C:\Windows\System32\en [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [36523.94 Ko] - C:\Windows\System32\en-US [MD5.6C91E297472D30A786A254842293C792] - |AS| - [14/09/2016 15:31:00] - (.Copyright (C) SEIKO EPSON CORPORATION 2004-2016. - EpsonNet Print Component.) - [489 Ko] - (3.1.4.1) - C:\Windows\System32\enppmon.dll [MD5.0020666B7B64DC9483E1411A9C48705C] - |AS| - [14/09/2016 15:31:06] - (.Copyright (C) SEIKO EPSON CORPORATION 2004-2016. - EpsonNet Print Component.) - [2581 Ko] - (3.1.4.1) - C:\Windows\System32\enppui.dll [MD5.6C91E297472D30A786A254842293C792] - |AS| - [14/09/2016 15:31:00] - (.Copyright (C) SEIKO EPSON CORPORATION 2004-2016. - EpsonNet Print Component.) - [489 Ko] - (3.1.4.1) - C:\Windows\System32\ensppmon.dll [MD5.0020666B7B64DC9483E1411A9C48705C] - |AS| - [14/09/2016 15:31:06] - (.Copyright (C) SEIKO EPSON CORPORATION 2004-2016. - EpsonNet Print Component.) - [2581 Ko] - (3.1.4.1) - C:\Windows\System32\ensppui.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [448 Ko] - C:\Windows\System32\es-ES [MD5.BAC5074667751F72A9CE48CDC31BAC48] - |A| - [06/06/2016 23:08:57] - (.Copyright (C) 2007 SEIKO EPSON CORP. - E_GCINST.) - [10.5 Ko] - (1.0.0.6) - C:\Windows\System32\E_GCINST.DLL [MD5.8159960E8BA20F1C4A4EBCF0DAEC60E5] - |A| - [06/06/2016 23:08:56] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2010. - ECBTEGB AMD64.) - [82 Ko] - (3.3.0.0) - C:\Windows\System32\E_YD4BNFE.DLL [MD5.56BF5337352CF984CB367D053C7B28E3] - |A| - [06/06/2016 23:08:56] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2014. - EPSON Bi-directional Monitor AMD64.) - [175.5 Ko] - (4.5.0.0) - C:\Windows\System32\E_YLMBNFE.DLL [MD5.25DFF6C52D8AE230358478C9EC708990] - |A| - [05/12/2014 13:49:36] - (.Copyright © 2002-2013 - DirectShow and VFW video and audio decoding/encoding/processing filter.) - [4271.5 Ko] - (1.3.0.0) - C:\Windows\System32\ffdshow.ax [MD5.EE97367122EE7CD9D360EBE067B37DDC] - |A| - [14/12/2016 13:28:44] - (.-.) - [3932.69 Ko] - (0.0.0.0) - C:\Windows\System32\ffmpeg.dll [MD5.CA8BF41A18D920BC6D7EF4DEDC910903] - |A| - [14/12/2016 13:27:44] - (.Based on the original KernelDeint plugin (C) 2003 Donald A. Graft. MMX optimizations + new motion mask code (C) 2004 Kurt B. Pruenner - KernelDeint for ffdshow.) - [477.19 Ko] - (1.5.4.0) - C:\Windows\System32\ff_kernelDeint.dll [MD5.D5E2754E3FAC24AA9C548433E7C7A98C] - |A| - [14/12/2016 13:27:50] - (.© 2000-2003 Michel Lespinasse © 1999-2000 Aaron Holtzman Dialog normalization, rf mode (DRC), some extended bitstream information © 2004-2005 Simone Karin Lehmann < simone at lisanet dot de > - liba52 DLL built for ffdshow.) - [127.19 Ko] - (0.7.4.0) - C:\Windows\System32\ff_liba52.dll [MD5.437C50B39CEC23B70DD4A3B5E2CB2CAE] - |A| - [14/12/2016 13:27:56] - (.© 2004 Gildas Bazin - libdts DLL built for ffdshow.) - [231.19 Ko] - (0.0.5.0) - C:\Windows\System32\ff_libdts.dll [MD5.6DE7584D15FC96DD1B422DCF7D09E546] - |A| - [14/12/2016 13:28:08] - (.© 2000-2004, Underbit Technologies, Inc. - MPEG Audio Decoder DLL built for ffdshow.) - [166.69 Ko] - (0.15.1.0) - C:\Windows\System32\ff_libmad.dll [MD5.CF5D526F9CEA01A69F927F3FCA451D20] - |A| - [14/12/2016 13:28:14] - (.© 2002-2011 Erik de Castro Lopo - libsamplerate DLL built for ffdshow.) - [1510.69 Ko] - (0.1.8.0) - C:\Windows\System32\ff_samplerate.dll [MD5.AF516B61528785A256238D95A241691E] - |A| - [14/12/2016 13:28:20] - (.-.) - [192.69 Ko] - (4.20.100.526) - C:\Windows\System32\ff_unrar.dll [MD5.F2A703F018200D59DB7A7E26C1965125] - |A| - [14/12/2016 13:28:32] - (.- ffdshow WMV9.) - [125.69 Ko] - (2.7.0.0) - C:\Windows\System32\ff_wmv9.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [430 Ko] - C:\Windows\System32\fi-FI [MD5.BD40389451E0595A659CB8BDC85A484E] - |A| - [14/07/2009 06:45:34] - (.-.) - [477.63 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [18/06/2015 11:43:27] - [1840 Ko] - C:\Windows\System32\fr [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [42994.76 Ko] - C:\Windows\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\System32\FxsTmp [MD5.2AE808CB0D9A667B0CF41EA74B3B9BAC] - |A| - [10/06/2009 22:36:24] - (.-.) - [39.6 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs [MD5.2B929647A4044AF807A1A8A12B8C2210] - |A| - [17/12/2013 03:27:40] - (.-.) - [470.5 Ko] - (0.0.0.0) - C:\Windows\System32\gdsmux.x64.exe [MD5.AB9F635A6032721E5D09C981D8DFADCF] - |A| - [03/06/2016 09:56:36] - (.-.) - [196.41 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.ar-SA.resources [MD5.7BA79C540AA2023454F2A1D946D0D88D] - |A| - [03/06/2016 09:56:36] - (.-.) - [168.51 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.cs-CZ.resources [MD5.1199B20EDC380C1F867B80EFCD77ED77] - |A| - [03/06/2016 09:56:36] - (.-.) - [162.32 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.da-DK.resources [MD5.8B27F3B76664FA45A0163E367C23B0DF] - |A| - [03/06/2016 09:56:35] - (.-.) - [173.95 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.de-DE.resources [MD5.D5EC8A484616A769635CCB8A149F9AEB] - |A| - [03/06/2016 09:56:48] - (.Copyright © 2011 - GfxRes.) - [2329 Ko] - (1.0.0.0) - C:\Windows\System32\GfxRes.dll [MD5.1562607074C5143484242C3EE8ABD530] - |A| - [03/06/2016 09:56:36] - (.-.) - [247.53 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.el-GR.resources [MD5.8756F792547439EFEBD953572675B59F] - |A| - [03/06/2016 09:56:36] - (.-.) - [157.75 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.en-US.resources [MD5.89CEDDE806CEDFFDC7FA2DFC7E98FBD6] - |A| - [03/06/2016 09:56:36] - (.-.) - [174.29 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.es-ES.resources [MD5.6BCD01E99F267496037206A7A7696F17] - |A| - [03/06/2016 09:56:36] - (.-.) - [169.72 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.fi-FI.resources [MD5.2C6E31A62B16732B6C710025AE55E371] - |A| - [03/06/2016 09:56:36] - (.-.) - [174.11 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.fr-FR.resources [MD5.2DD637D4D954077837C9E36AB79D60A9] - |A| - [03/06/2016 09:56:36] - (.-.) - [188.24 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.he-IL.resources [MD5.10C0EF5578A8EAD7336945238B3DF5F9] - |A| - [03/06/2016 09:56:36] - (.-.) - [167.67 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.hr-HR.resources [MD5.0BF46DF92FCE3DF85C7697E85644898B] - |A| - [03/06/2016 09:56:36] - (.-.) - [171.74 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.hu-HU.resources [MD5.F4FC5CAB63A1DCC10D01042D035DFE89] - |A| - [03/06/2016 09:56:36] - (.-.) - [176.61 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.it-IT.resources [MD5.141B12D352079F276B1CC360123A72DA] - |A| - [03/06/2016 09:56:36] - (.-.) - [194.07 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.ja-JP.resources [MD5.B530AEB0220E02D6C7876F0A58CDB234] - |A| - [03/06/2016 09:56:36] - (.-.) - [176.7 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.ko-KR.resources [MD5.FFFEB9924A044B26F7FE79B1C9295817] - |A| - [03/06/2016 09:56:36] - (.-.) - [162.92 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.nb-NO.resources [MD5.1F3D7EFD4E631442EABE6D17BAF48094] - |A| - [03/06/2016 09:56:36] - (.-.) - [170.96 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.nl-NL.resources [MD5.A16741B94E8A54611BF5FCE48BAAE020] - |A| - [03/06/2016 09:56:36] - (.-.) - [170.71 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.pl-PL.resources [MD5.F8EDE3CAD40BB832D5E9E9F3F87A7BBD] - |A| - [03/06/2016 09:56:36] - (.-.) - [170.18 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.pt-BR.resources [MD5.133C61F7DC5A200135B77E5EB4C2CFCC] - |A| - [03/06/2016 09:56:36] - (.-.) - [168.78 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.pt-PT.resources [MD5.E43D2918D1C249C0FD8DC2E60A6A3689] - |A| - [03/06/2016 09:56:36] - (.-.) - [172.69 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.ro-RO.resources [MD5.CCFC704312E01F872C8DA83883910A8E] - |A| - [03/06/2016 09:56:38] - (.-.) - [229.88 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.ru-RU.resources [MD5.970BBE5B08C18E903ABB593F8860657C] - |A| - [03/06/2016 09:56:36] - (.-.) - [169.21 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.sk-SK.resources [MD5.F94FC13D75DC761E4802C8E063BB7EF0] - |A| - [03/06/2016 09:56:36] - (.-.) - [164.27 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.sl-SI.resources [MD5.04403ABE02D076E4CEA70AE98FD1D6E3] - |A| - [03/06/2016 09:56:36] - (.-.) - [169 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.sv-SE.resources [MD5.9380439C48FFDE9393FF6B3DCA8A14EA] - |A| - [03/06/2016 09:56:36] - (.-.) - [261.14 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.th-TH.resources [MD5.60FD80F52064C83AC1C98C00BA35FE7F] - |A| - [03/06/2016 09:56:37] - (.-.) - [171.46 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.tr-TR.resources [MD5.7E25233AB835B2680E57CE3A3714790A] - |A| - [03/06/2016 09:56:36] - (.-.) - [149.41 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.zh-CN.resources [MD5.8B4EFBC378D106A0005B5CBB89D3EBE7] - |A| - [03/06/2016 09:56:37] - (.-.) - [151.18 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.zh-TW.resources [MD5.121619AD32134152616088673078F931] - |A| - [03/06/2016 09:56:40] - (.-.) - [1.76 Ko] - (0.0.0.0) - C:\Windows\System32\GfxUIEx.exe.config [MD5.E7E191FAF788F644747A7C2F2EC35656] - |A| - [03/06/2016 09:56:35] - (.-.) - [0.26 Ko] - (0.0.0.0) - C:\Windows\System32\GfxUIHotKeyMenu.exe.config [MD5.00000000000000000000000000000000] - |HD| - [14/07/2009 05:20:11] - [4.45 Ko] - C:\Windows\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers [MD5.1EA68A13E6BF8CFF7B000E94F2DD0FFF] - |A| - [09/11/2016 10:46:54] - (.(c) 2016 Harman. - Harman APO Interface.) - [150.75 Ko] - (1.2.0.0) - C:\Windows\System32\HarmanAudioInterface.dll [MD5.2FBE6A6732EB50800965FE9D7AC64417] - |A| - [09/11/2016 10:46:58] - (.© 2016 Dolby Laboratories, Inc. - Dolby DAX2 HiFi API.) - [369.52 Ko] - (0.7.5.65) - C:\Windows\System32\HiFiDAX2API.dll [MD5.776BB1F2349134DD5243A5CB0B5A2CD4] - |A| - [09/11/2016 11:01:06] - (.© Harman. - Audio by Harman APO.) - [351.91 Ko] - (1.4.0.0) - C:\Windows\System32\HMClariFi.dll [MD5.8E89A23979B263EAF16130521BA68DB0] - |A| - [09/11/2016 11:01:10] - (.© Harman. - Audio by Harman APO.) - [186.46 Ko] - (1.4.0.0) - C:\Windows\System32\HMEQ.dll [MD5.4C194A33721C452DFDC85AB1C562BEA6] - |A| - [09/11/2016 11:01:10] - (.© Harman. - Audio by Harman APO.) - [186.46 Ko] - (1.4.0.0) - C:\Windows\System32\HMEQ_Voice.dll [MD5.143659977BB6A79498A9A08479F1A167] - |A| - [09/11/2016 11:01:14] - (.© Harman. - Audio by Harman APO.) - [199.07 Ko] - (1.4.0.0) - C:\Windows\System32\HMHVS.dll [MD5.E4601F8C4C8E1F955EC2FB782C66247D] - |A| - [09/11/2016 11:01:18] - (.© Harman. - Audio by Harman APO.) - [175.39 Ko] - (1.4.0.0) - C:\Windows\System32\HMLimiter.dll [MD5.94659072FCFCE949EEEB1ABD517FB60D] - |A| - [09/11/2016 10:47:00] - (.?Harman. - Audio by Harman APO UI.) - [406.75 Ko] - (1.4.0.0) - C:\Windows\System32\HMUI.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [168 Ko] - C:\Windows\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [434.5 Ko] - C:\Windows\System32\hu-HU [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [5.36 Ko] - C:\Windows\System32\ias [MD5.0DC8F781666E0494E5831908BEA774F9] - |A| - [28/09/2018 20:20:04] - (.Copyright © Tabibito Technology 2010-2018 - Icaros Cache Handler.) - [335 Ko] - (3.1.0.0) - C:\Windows\System32\IcarosCache.dll [MD5.A4C69E43EB114537A533C0F41E9D8850] - |A| - [28/09/2018 20:20:28] - (.Copyright © Tabibito Technology 2010-2018 - IcarosConfig.) - [274.5 Ko] - (3.1.0.0) - C:\Windows\System32\IcarosConfig.exe [MD5.7BAD9C22BE498C9956856B98BA30EF94] - |A| - [28/09/2018 20:20:10] - (.Copyright © Tabibito Technology 2010-2018 - Icaros Property Handler.) - [728.5 Ko] - (3.1.0.0) - C:\Windows\System32\IcarosPropertyHandler.dll [MD5.4E2DE7CBDAB1EC160E18954EF0EB2076] - |A| - [28/09/2018 20:20:10] - (.Copyright © Tabibito Technology 2010-2018 - Icaros Thumbnail Provider.) - [356.5 Ko] - (3.1.0.0) - C:\Windows\System32\IcarosThumbnailProvider.dll [MD5.D75D54BD9B2EB254112E3A0D85210ACF] - |A| - [28/09/2018 20:20:24] - (.Copyright © Tabibito Technology 2010-2018 - IcarosUICore.) - [334 Ko] - (3.1.0.0) - C:\Windows\System32\IcarosUICore.dll [MD5.105CFE016CCB20175BEACEC146F175AB] - |A| - [03/06/2016 09:56:35] - (.-.) - [92 Ko] - (0.0.0.0) - C:\Windows\System32\IccLibDll_x64.dll [MD5.92D16575BA055224B4F4C9D0EEE5CC66] - |A| - [09/11/2016 11:01:20] - (.Copyright (c) 2016, ICEpower a/s - ICEpower ICEsound audio effects.) - [461.24 Ko] - (1.0.0.20) - C:\Windows\System32\ICEsoundAPO64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [36.27 Ko] - C:\Windows\System32\icsxml [MD5.63DC736CA48DEB1664C56FDF75514170] - |A| - [03/06/2016 09:56:35] - (.-.) - [156.5 Ko] - (0.0.0.0) - C:\Windows\System32\igdail64.dll [MD5.8AC828EC2DE515BCB5DA34B9FF95A4AD] - |A| - [03/06/2016 09:56:46] - (.-.) - [217 Ko] - (0.0.0.0) - C:\Windows\System32\igdde64.dll [MD5.C7617BBC6E52A351206F6EAF49032D63] - |A| - [03/06/2016 09:56:47] - (.-.) - [365 Ko] - (0.0.0.0) - C:\Windows\System32\igdmd64.dll [MD5.041AA2CA620EE6170081A59553B6E6BF] - |A| - [03/06/2016 09:56:45] - (.Copyright (C) 2012-2013 - MDF(CM) Runtime DX11 Dynamic Link Library.) - [151.5 Ko] - (3.0.0.1031) - C:\Windows\System32\igfx11cmrt64.dll [MD5.BC304E6E57FE1AE952D40488BC21D48F] - |A| - [03/06/2016 09:56:45] - (.Copyright (C) 2010 - 2013 - MDF(CM) JIT Dynamic Link Library.) - [2017.5 Ko] - (3.0.0.1031) - C:\Windows\System32\igfxcmjit64.dll [MD5.7466CFEFC92FFF39C9C8DBA378DF50E1] - |A| - [03/06/2016 09:56:42] - (.Copyright (C) 2010 - 2013 - MDF(CM) Runtime Dynamic Link Library.) - [159.5 Ko] - (3.0.0.1031) - C:\Windows\System32\igfxcmrt64.dll [MD5.A03280338647479A1A09AA7629CA870C] - |A| - [03/06/2016 09:56:43] - (.-.) - [12 Ko] - (1.0.0.0) - C:\Windows\System32\IGFXDEVLib.dll [MD5.6C0F36ABFE80433B352FA7748ED887BF] - |A| - [03/06/2016 09:56:35] - (.-.) - [2748 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxa64.cpa [MD5.2FCCF7939D4D3F392AB3C0F5F40039DD] - |A| - [22/01/2014 08:35:52] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxa64.vp [MD5.B226B85123619EF1394339C1B5EB5A8D] - |A| - [03/06/2016 09:56:34] - (.-.) - [42.47 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxc64.vp [MD5.55C71EDC47B57E5115B40095EEC9E205] - |A| - [03/06/2016 09:56:45] - (.-.) - [42.79 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxc64_dev.vp [MD5.94ED4F871997E5DFC610DC1649C38911] - |A| - [03/06/2016 09:56:34] - (.-.) - [42.24 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxg64.vp [MD5.04590E9E52E13EF34B2AA02C7EA2431B] - |A| - [03/06/2016 09:56:45] - (.-.) - [42.28 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxg64_dev.vp [MD5.3B6EF4F03F2DE75A3B7DDF627A3EC146] - |A| - [03/06/2016 09:56:34] - (.-.) - [42.99 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxo64.vp [MD5.715DBDBED4599E798F94EDF6003F75B6] - |A| - [03/06/2016 09:56:45] - (.-.) - [41.09 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxo64_dev.vp [MD5.414F950C0FBB1C911DDAED25EE58FAA3] - |A| - [03/06/2016 09:56:34] - (.-.) - [2.88 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxs64.vp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [36875.94 Ko] - C:\Windows\System32\IME [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\Windows\System32\inetsrv [MD5.AAA0C03BF54FC8A4E895B576861A9848] - |A| - [21/11/2010 05:07:41] - (.-.) - [29.12 Ko] - (0.0.0.0) - C:\Windows\System32\InstallPackage_ETW.Log [MD5.E446AA183E6344CF84A98730098D3D46] - |A| - [03/06/2016 09:56:35] - (.Copyright © The Khronos Group Inc 2011 - OpenCL Client DLL.) - [62.5 Ko] - (1.2.11.0) - C:\Windows\System32\Intel_OpenCL_ICD64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [452 Ko] - C:\Windows\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [365 Ko] - C:\Windows\System32\ja-JP [MD5.D4EED034EF0D873AFEB175044F6619D7] - |A| - [09/11/2016 11:01:46] - (.© Knowles Electronics. - Knowles HD Audio APO.) - [603.7 Ko] - (4.1105.6000.53) - C:\Windows\System32\KAAPORT64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [360 Ko] - C:\Windows\System32\ko-KR [MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [14/07/2009 04:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\System32\korwbrkr.lex [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [06/02/2019 12:16:42] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\System32\last.dump [MD5.0ABAEF9112506A94E105EDAF2A82935E] - |A| - [11/10/2018 11:32:06] - (.Copyright (C) 2010-2018 Hendrik Leppkes - LAV Audio Decoder - DirectShow Audio Decoder.) - [301.68 Ko] - (0.73.1.0) - C:\Windows\System32\LAVAudio.ax [MD5.73E6AE796B477E8780DDFE609D40410C] - |A| - [16/02/2018 22:36:38] - (.-.) - [0.48 Ko] - (0.0.0.0) - C:\Windows\System32\LAVFilters.Dependencies.manifest [MD5.4F02A7C929FC5096AC356554C201499A] - |A| - [11/10/2018 11:32:10] - (.Copyright (C) 2010-2018 Hendrik Leppkes - LAV Splitter - DirectShow Media Splitter.) - [655.18 Ko] - (0.73.1.0) - C:\Windows\System32\LAVSplitter.ax [MD5.C8CC6DC043AA7485C572ED9869914CD2] - |A| - [11/10/2018 11:32:12] - (.Copyright (C) 2010-2018 Hendrik Leppkes - LAV Video Decoder - DirectShow Video Decoder.) - [1225.18 Ko] - (0.73.1.0) - C:\Windows\System32\LAVVideo.ax [MD5.CE8CB8E467BD91CA2772E09E7438FA39] - |A| - [11/10/2018 11:32:18] - (.-.) - [334.68 Ko] - (0.0.0.0) - C:\Windows\System32\libbluray.dll [MD5.FCFBC1696485624EA0A331F5E6F2B73F] - |A| - [14/12/2016 13:28:56] - (.© 2000-2003 Michel Lespinasse © 1999-2000 Aaron Holtzman - mpeg2dec DLL built for ffdshow.) - [199.69 Ko] - (0.5.1.0) - C:\Windows\System32\libmpeg2_ff.dll [MD5.492EF2E68F496D20BD934043FBEFCC4F] - |A| - [26/09/2019 11:56:58] - (.-.) - [4.35 Ko] - (0.0.0.0) - C:\Windows\System32\LIM_TLWN823N_2_UN.txt [MD5.E89C001FB4D9E08CC7072CE774CDB999] - |A| - [21/11/2010 04:52:07] - (.-.) - [0.01 Ko] - (0.0.0.0) - C:\Windows\System32\LocalGroupAdminAdd.log [MD5.563C3703A9B57CC9B370A76D6173D09C] - |A| - [21/11/2010 04:52:08] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\System32\Local_LLU.log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [4506.33 Ko] - C:\Windows\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [165 Ko] - C:\Windows\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [166 Ko] - C:\Windows\System32\lv-LV [MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [13/07/2009 22:17:48] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\Windows\System32\manage-bde.wsf [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [1981.88 Ko] - C:\Windows\System32\manifeststore [MD5.A3C358DC879F1D8C5856FE7634D3FC3D] - |A| - [09/11/2016 11:01:56] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [322.81 Ko] - (2.2.9.0) - C:\Windows\System32\MaxxAudioAPO20.dll [MD5.D703E4B36D402C89137F5602A1E5294A] - |A| - [09/11/2016 11:02:00] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [662.29 Ko] - (3.6.0.0) - C:\Windows\System32\MaxxAudioAPO30.dll [MD5.644D2B51C4EB077EF61AD5DDE617DF87] - |A| - [09/11/2016 11:02:08] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1138.83 Ko] - (4.5.8.0) - C:\Windows\System32\MaxxAudioAPO4064.dll [MD5.05E473935E20EBE6A9B67263C6A517A5] - |A| - [09/11/2016 11:02:14] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1185.22 Ko] - (5.6.5.0) - C:\Windows\System32\MaxxAudioAPO5064.dll [MD5.C6CB57D70B26C38881B52E7836A4CEE1] - |A| - [09/11/2016 11:02:20] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1389.58 Ko] - (6.1.17.0) - C:\Windows\System32\MaxxAudioAPO6064.dll [MD5.A6E547662D78E9325BFE447510857301] - |A| - [09/11/2016 11:02:30] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [2758.89 Ko] - (7.0.10.0) - C:\Windows\System32\MaxxAudioAPO7064.dll [MD5.05F6FFF8CE1A255D6305BE9AA476B9DB] - |A| - [09/11/2016 10:47:10] - (.Copyright (C) 2010-2013 - MaxxAudio APO Shell.) - [909.79 Ko] - (4.10.8.0) - C:\Windows\System32\MaxxAudioAPOShell64.dll [MD5.067D006BD24B0BE9ABBCBC1445E602E3] - |A| - [09/11/2016 10:47:14] - (.Copyright © 1996-2014 -.) - [2002.13 Ko] - (4.1.1.0) - C:\Windows\System32\MaxxAudioEQ64.dll [MD5.C60E466BFCE772E2252548658BC1319D] - |A| - [09/11/2016 10:36:34] - (.Copyright © 1996-2013 -.) - [13727.79 Ko] - (4.4.10.0) - C:\Windows\System32\MaxxAudioRealtek64.dll [MD5.9BC08FDED3194D7D834674DAA44C4B0E] - |A| - [09/11/2016 10:47:38] - (.© Waves Audio Ltd. - MaxxSpeech APO.) - [1291.66 Ko] - (1.1.4.0) - C:\Windows\System32\MaxxSpeechAPO64.dll [MD5.2C6BAF8FEF4DD0EDC7C5819208D82994] - |A| - [09/11/2016 10:40:02] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [976.42 Ko] - (2.6.2.0) - C:\Windows\System32\MaxxVoiceAPO2064.dll [MD5.AB8B82D152095285A75AA0B7965D418B] - |A| - [09/11/2016 11:02:48] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [12815.02 Ko] - (3.1.14.0) - C:\Windows\System32\MaxxVoiceAPO3064.dll [MD5.A864676E5817BFB5EEE24F5B5023B921] - |A| - [09/11/2016 11:02:58] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [12683.94 Ko] - (4.0.19.0) - C:\Windows\System32\MaxxVoiceAPO4064.dll [MD5.076869A2EB94C91E3E957D5AA729397E] - |A| - [09/11/2016 11:03:06] - (.© Waves Audio Ltd. - MaxxVolumeSD APO.) - [661.79 Ko] - (3.6.0.0) - C:\Windows\System32\MaxxVolumeSDAPO.dll [MD5.39E801545FFF6230C80140E0F8A06629] - |A| - [14/07/2009 06:57:09] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\Windows\System32\migwiz.lnk [MD5.6AF1346E992EDA03F6605FD7BF304AA2] - |A| - [17/12/2013 03:27:16] - (.-.) - [24 Ko] - (0.0.0.0) - C:\Windows\System32\mkunicode.x64.dll [MD5.CCF7280C4D44AFB49BC3F068036CA950] - |A| - [17/12/2013 03:27:16] - (.-.) - [157 Ko] - (0.0.0.0) - C:\Windows\System32\mkv2vfr.x64.exe [MD5.CF9AC32F63A6E4CF2C4C92A08EB16AAC] - |A| - [17/12/2013 03:27:14] - (.-.) - [170 Ko] - (0.0.0.0) - C:\Windows\System32\mkx.x64.dll [MD5.83377B5B755DCB6ED34B48F0A2DB1FD2] - |A| - [17/12/2013 03:27:14] - (.-.) - [83 Ko] - (0.0.0.0) - C:\Windows\System32\mkzlib.x64.dll [MD5.D2BBE526BEEC7B80C7998995DBEE59A3] - |A| - [17/12/2013 03:27:08] - (.-.) - [162.5 Ko] - (0.0.0.0) - C:\Windows\System32\mp4.x64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [4148.28 Ko] - C:\Windows\System32\Msdtc [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [24.48 Ko] - C:\Windows\System32\MUI [MD5.A4EF62A993C1330AEEF92BD453D76FE8] - |A| - [09/11/2016 11:03:42] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [5462.52 Ko] - (6.3.9600.17246) - C:\Windows\System32\NAHIMICAPOlfx.dll [MD5.958539D3F68FDB7A876C8854715A6921] - |A| - [09/11/2016 10:47:42] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO Settings Communication Dll.) - [980.34 Ko] - (1.0.0.14866) - C:\Windows\System32\NahimicAPONSControl.dll [MD5.4A85926F6C7909DA642039116F088FF0] - |A| - [26/09/2019 12:27:25] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO Settings Communication Dll.) - [920.3 Ko] - (1.0.0.14866) - C:\Windows\System32\NAHIMICAPOSettingsIPC.dll [MD5.28090ABB329B77923067DA8C410B2124] - |A| - [09/11/2016 11:03:48] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [5657.74 Ko] - (6.3.9600.17246) - C:\Windows\System32\NAHIMICV2apo.dll [MD5.EC158D98ECFE614E8A9C95C3AED5DE81] - |A| - [09/11/2016 11:03:54] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [6052.88 Ko] - (6.3.9600.17246) - C:\Windows\System32\NAHIMICV3apo.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [422.5 Ko] - C:\Windows\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [448 Ko] - C:\Windows\System32\NDF [MD5.335A504E8FF779C2E8282014F1F03A29] - |A| - [26/09/2019 11:56:58] - (.-.) - [20.23 Ko] - (0.0.0.0) - C:\Windows\System32\netrtwlanu.cat [MD5.80D961B695786DA355BD118E696E91CC] - |A| - [26/09/2019 11:56:58] - (.-.) - [208.32 Ko] - (0.0.0.0) - C:\Windows\System32\netrtwlanu.inf [MD5.3FCB7241BFD54F5F486A70C2C515FAB5] - |A| - [26/09/2019 11:56:58] - (.-.) - [215.49 Ko] - (0.0.0.0) - C:\Windows\System32\netrtwlanu_COINST.inf [MD5.CD48AD912839B9FB6CCA5D4AA9B37500] - |A| - [14/07/2009 00:01:19] - (.-.) - [21.3 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [136 Ko] - C:\Windows\System32\NetworkList [MD5.8E24A7BCAEF2045DA1FF29217622843E] - |A| - [21/11/2010 04:52:07] - (.-.) - [0.04 Ko] - (0.0.0.0) - C:\Windows\System32\Network_LLU.log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [443.5 Ko] - C:\Windows\System32\nl-NL [MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [14/07/2009 04:35:51] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\System32\noise.kor [MD5.4D1B0C1C98A3F70F0C115DFACF69E531] - |A| - [17/12/2013 03:26:52] - (.-.) - [136 Ko] - (0.0.0.0) - C:\Windows\System32\ogm.x64.dll [MD5.2901049544FDF863362FABA2363EB647] - |A| - [13/07/2009 22:24:21] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\Windows\System32\onlinesetup.cmd [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [13889.14 Ko] - C:\Windows\System32\oobe [MD5.D76A21ED7A388E2B1F2A1F4A63BFA88E] - |A| - [26/09/2019 11:56:58] - (.-.) - [2.64 Ko] - (0.0.0.0) - C:\Windows\System32\PBR_TLWN823N_2_UN.txt [MD5.4C3105842728BF48369A413FDF7C5937] - |A| - [14/07/2009 04:36:59] - (.-.) - [119.47 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat [MD5.F72BB11BA36D335B48DBB531514A8DE2] - |A| - [18/06/2015 11:45:12] - (.-.) - [146.86 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00C.dat [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 22:33:35] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\System32\PerfCenterCpl.ico [MD5.7AAA3E23CE4C7845B112F7A79B110E60] - |A| - [14/07/2009 04:36:59] - (.-.) - [30.81 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat [MD5.07BA000B2E67565BDF112C35171865A5] - |A| - [18/06/2015 11:45:12] - (.-.) - [37.27 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00C.dat [MD5.91B06EC98A78D3406C1F9FAF3D0EA05D] - |A| - [14/07/2009 04:36:59] - (.-.) - [639.62 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat [MD5.5D74BDB6783C7B6922530B345CCA4FD1] - |A| - [18/06/2015 11:45:12] - (.-.) - [730.82 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00C.dat [MD5.AACF499684D73DCFA5B1F883CF43796B] - |A| - [14/07/2009 07:13:15] - (.-.) - [1632.5 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [439 Ko] - C:\Windows\System32\pl-PL [MD5.1DD626FE4DE2D4B710DD1360F404A54F] - |A| - [14/09/2017 15:40:34] - (.Copyright (C) 2001 - Application PrintBrm.) - [70 Ko] - (1.0.0.0) - C:\Windows\System32\PrintBrmUi.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 10:17:51] - [834.3 Ko] - C:\Windows\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [436 Ko] - C:\Windows\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [438.5 Ko] - C:\Windows\System32\pt-PT [MD5.5F3F8066438F86ABB770AFA2EF83C557] - |A| - [09/11/2016 11:03:58] - (.©2012 Dolby Laboratories. - Dolby PCEE4 ASL Analog x64.) - [131.05 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EEA64A.dll [MD5.A289EDB07EC6C9C9B08F6802D9F7F71B] - |A| - [09/11/2016 11:04:02] - (.©2012 Dolby Laboratories. - Dolby PCEE4 COM DLL x64.) - [437.23 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EED64A.dll [MD5.E6E8A2DEA82EB7AF7EAA6400B4178E1A] - |A| - [09/11/2016 11:04:02] - (.©2012 Dolby Laboratories. - Dolby PCEE4 GFX APO x64.) - [82.63 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EEG64A.dll [MD5.D3D3D4F057CF8D523B68848006FE849B] - |A| - [09/11/2016 11:04:04] - (.©2012 Dolby Laboratories. - Dolby PCEE4 LFX APO x64.) - [148.23 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EEL64A.dll [MD5.E4034B8CE1182DF4D8881B1E6A69659E] - |A| - [09/11/2016 10:36:32] - (.©2012 Dolby Laboratories. - Dolby PCEE4 Control Panel x64.) - [7004.8 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EEP64A.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [23.75 Ko] - C:\Windows\System32\ras [MD5.53FDA4AF81E7C4895357A50E848B7CFE] - |A| - [21/11/2010 05:24:43] - (.Copyright (C) 2009 - RemoteFX Helper.) - [93.5 Ko] - (1.1.0.0) - C:\Windows\System32\RDVGHelper.exe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0.78 Ko] - C:\Windows\System32\Recovery [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0.07 Ko] - C:\Windows\System32\restore [MD5.74278C291E1F908CDB5466B46F9B59BA] - |A| - [03/06/2016 10:02:02] - (.-.) - [15.83 Ko] - (0.0.0.0) - C:\Windows\System32\results.xml [MD5.8A6BC707440247BA9D8A784258836B6E] - |A| - [09/11/2016 10:40:06] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [314.18 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DAA64.dll [MD5.A99AD90E4D600E60EAD3BE2F54093E3B] - |A| - [09/11/2016 11:04:20] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [314.18 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DHT64.dll [MD5.8EC01EF3089B8DF17F601BC20A129DEF] - |A| - [09/11/2016 11:04:44] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [209.8 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEED64A.dll [MD5.8DE3C0E617E9DC6E762F5EF113F26840] - |A| - [09/11/2016 11:04:46] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [86.28 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEG64A.dll [MD5.47A71815E8DEE9151C4FBFE2DEEC3C52] - |A| - [09/11/2016 11:04:46] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [108.38 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEL64A.dll [MD5.D5A460B2792A8E643712803DBB1BB9D9] - |A| - [09/11/2016 11:04:48] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [378.24 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEP64A.dll [MD5.BBE049A4D49C390042893B584E9E48F1] - |A| - [26/09/2019 11:56:58] - (.-.) - [8.16 Ko] - (0.0.0.0) - C:\Windows\System32\rtlCoInst.dat [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [21/11/2010 05:24:25] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml [MD5.A116416D9F856A48FC623AC742807CCA] - |A| - [09/11/2016 11:05:40] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFAPO.DLL.) - [86.26 Ko] - (3.0.0.16) - C:\Windows\System32\SFAPO64.dll [MD5.0F3C646B7A641B0819032DA4ED6773E4] - |A| - [09/11/2016 11:05:42] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFCOM.DLL.) - [88.79 Ko] - (3.0.0.16) - C:\Windows\System32\SFCOM64.dll [MD5.3DA954BD6FB98FAF242133E1772EC0E5] - |A| - [09/11/2016 11:05:50] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFNHK.DLL.) - [226.48 Ko] - (3.0.0.16) - C:\Windows\System32\SFNHK64.dll [MD5.54E9083D42A261F764F4E0D3413B75E0] - |A| - [09/11/2016 10:40:08] - (.Copyright (C) 2016 DTS, Inc. - DTS Universal APO DLL.) - [961.84 Ko] - (3.5.13.0) - C:\Windows\System32\sl3apo64.dll [MD5.2BCF3B606FE43ACA7BE3D271C5998343] - |A| - [09/11/2016 11:06:12] - (.Copyright (C) 2016 DTS, Inc. - DTS APO Controller DLL.) - [2924.81 Ko] - (3.5.13.0) - C:\Windows\System32\slcnt64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 10:17:52] - [80.47 Ko] - C:\Windows\System32\slmgr [MD5.9712119D4E3D2F06E14C77A4C9FD7004] - |A| - [09/11/2016 10:49:28] - (.TODO: (c) . - TODO: .) - [252.8 Ko] - (1.0.0.1) - C:\Windows\System32\slprp64.dll [MD5.0F7EBCDDE4C931BAD6E782190554D112] - |A| - [09/11/2016 10:40:08] - (.Copyright (C) 2016 DTS, Inc. - DTS APO Technology DLL.) - [2643.42 Ko] - (3.5.13.0) - C:\Windows\System32\sltech64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [26690.02 Ko] - C:\Windows\System32\SMI [MD5.C74D61FCA22F36791105D7878AF73572] - |A| - [10/06/2009 23:08:17] - (.-.) - [8.09 Ko] - (0.0.0.0) - C:\Windows\System32\spcinstrumentation.man [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [33859.5 Ko] - C:\Windows\System32\Speech [MD5.546B270AF7DD01BFA0A7B406F340AB55] - |A| - [17/12/2013 03:26:44] - (.Copyright (C) 2004-2009 Mike Matsnev - Haali Media Splitter.) - [845 Ko] - (1.11.287.23) - C:\Windows\System32\splitter.x64.ax [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [103149.18 Ko] - C:\Windows\System32\spool [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [2173.49 Ko] - C:\Windows\System32\spp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [30.19 Ko] - C:\Windows\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [170 Ko] - C:\Windows\System32\sr-Latn-CS [MD5.F096CF34BCE50B1CC9A74A7C9B79EE17] - |A| - [09/11/2016 11:06:58] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRAPO.DLL.) - [456.21 Ko] - (4.0.0.59) - C:\Windows\System32\SRAPO64.dll [MD5.8077EBACB2611C0C147AA46B5403F3C7] - |A| - [09/11/2016 11:07:00] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [333.16 Ko] - (4.0.0.59) - C:\Windows\System32\SRCOM.dll [MD5.A33A97E2852B44AE8F9E24EC07FEB6D6] - |A| - [09/11/2016 11:07:04] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [372.48 Ko] - (4.0.0.59) - C:\Windows\System32\SRCOM64.dll [MD5.ACBC104A28C5D34A63347D5D452DFD1C] - |A| - [09/11/2016 11:07:06] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRRPTR.DLL.) - [1401.51 Ko] - (4.0.0.59) - C:\Windows\System32\SRRPTR64.dll [MD5.21DE8E0FD757B334A4BDCF464E7CAD82] - |A| - [09/11/2016 11:07:10] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [204.63 Ko] - (1.1.0.0) - C:\Windows\System32\SRSHP64.dll [MD5.682F9C59E12F79206241E574BDC58734] - |A| - [09/11/2016 11:07:12] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [216.77 Ko] - (1.1.4.0) - C:\Windows\System32\SRSTSH64.dll [MD5.5A6DC3BA73D87DEA78ECB696D3E91179] - |A| - [09/11/2016 11:07:14] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [519.91 Ko] - (3.2.0.0) - C:\Windows\System32\SRSTSX64.dll [MD5.F15822D310ECB3247CFD762DEECA5D4D] - |A| - [09/11/2016 11:07:18] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [162.31 Ko] - (1.1.3.0) - C:\Windows\System32\SRSWOW64.dll [MD5.00000000000000000000000000000000] - |D| - [10/12/2016 19:35:58] - [1142.53 Ko] - C:\Windows\System32\SSL [MD5.E4D0FF0C4B8E7806D64FA1180069C4FA] - |A| - [26/09/2019 12:27:35] - (.-.) - [2071.3 Ko] - (0.0.0.0) - C:\Windows\System32\SStudio.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [426.5 Ko] - C:\Windows\System32\sv-SE [MD5.6A503B23741A0382BEFCA4858CC93FAD] - |A| - [07/02/2019 12:51:46] - (.-.) - [14.28 Ko] - (0.0.0.0) - C:\Windows\System32\swhealthex.log [MD5.123724CD13D84FD6D2BFA2DE5251BBAD] - |A| - [22/09/2018 21:18:30] - (.Copyright (C) 2000-2018 FFmpeg Project - FFmpeg image rescaling library.) - [537.5 Ko] - (5.2.100.0) - C:\Windows\System32\swscale-ics-5.dll [MD5.CC6550D9887C2A6CB6AA67AA13F47E9A] - |A| - [11/10/2018 11:32:04] - (.Copyright (C) 2000-2018 FFmpeg Project - FFmpeg image rescaling library.) - [536.18 Ko] - (5.2.100.0) - C:\Windows\System32\swscale-lav-5.dll [MD5.3E1D16C2F456C17F5451DC5FCD55BC03] - |A| - [09/10/2017 14:23:35] - (.Copyright © 2016, Steinberg Media Technologies GmbH - eLicenser POS Access DLL.) - [5311.5 Ko] - (1.21.0.3) - C:\Windows\System32\SYNSOACC.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [145.38 Ko] - C:\Windows\System32\sysprep [MD5.5EC92F0EAE3CA59F647C3CA5AA7CB053] - |A| - [21/11/2010 05:24:36] - (.-.) - [339.75 Ko] - (0.0.0.0) - C:\Windows\System32\systemsf.ebd [MD5.47F22CAD4A16BB40153555D631546B94] - |A| - [10/06/2009 23:01:25] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini [MD5.196ACC13B940462C892BC6CA1B21A254] - |A| - [14/12/2016 13:29:02] - (.© 2002 Tom Barry - TomsMoComp for ffdshow.) - [630.19 Ko] - (1.0.1.8) - C:\Windows\System32\TomsMoComp_ff.dll [MD5.F9FF042384C691221149901BD8392090] - |A| - [09/11/2016 11:07:32] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Audio Source Filtering APO.) - [939.59 Ko] - (2.1.0.0) - C:\Windows\System32\tosasfapo64.dll [MD5.561C07A8D10B71F148D85911550A1F84] - |A| - [09/11/2016 10:40:08] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Earphone Audio Enhancement APO.) - [436.7 Ko] - (2.1.0.0) - C:\Windows\System32\toseaeapo64.dll [MD5.37A8B11D67095349D4DC21B7577AF369] - |A| - [09/11/2016 11:07:38] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Speaker Audio Enhancement APO.) - [1306.3 Ko] - (2.1.1.0) - C:\Windows\System32\tossaeapo64.dll [MD5.C1BC4246DACF921362F3EE8DD5A1844E] - |A| - [09/11/2016 11:07:42] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Speaker Audio Enhancement Maximizer.) - [587.06 Ko] - (1.1.1.1) - C:\Windows\System32\tossaemaxapo64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [424 Ko] - C:\Windows\System32\tr-TR [MD5.20A4C4096964EFAD818D91EC620ABCBC] - |A| - [17/12/2013 03:26:40] - (.-.) - [176.5 Ko] - (0.0.0.0) - C:\Windows\System32\ts.x64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [166.5 Ko] - C:\Windows\System32\uk-UA [MD5.05F9840831C29F5BE93AD8BE810D5614] - |A| - [14/07/2009 06:45:37] - (.-.) - [18 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup.etl [MD5.F736AA948D0C3CBCE212B7B2CB0EF115] - |A| - [14/07/2009 06:45:37] - (.-.) - [45 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup000.etl [MD5.EA9A0B745B6D4C7AFC797C9C577E1F4F] - |A| - [17/12/2013 04:38:56] - (.Copyright (C) 2001-2012 Yu Zhuohuang, Gabest et. al. - VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth.) - [1884 Ko] - (3.0.0.211) - C:\Windows\System32\VSFilter.dll [MD5.00000000000000000000000000000000] - |D| - [06/06/2016 14:29:59] - [1754.83 Ko] - C:\Windows\System32\Wat [MD5.ABE8543A171DCCE81429B4442BEB44A7] - |A| - [09/11/2016 10:49:40] - (.Copyright © 1996-2012 - General Library for Plug-Ins.) - [2061.13 Ko] - (4.4.5.0) - C:\Windows\System32\WavesGUILib64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [58707.5 Ko] - C:\Windows\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 10:17:51] - [108.07 Ko] - C:\Windows\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [91244.88 Ko] - C:\Windows\System32\wdi [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [13/07/2009 23:54:15] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [128 Ko] - C:\Windows\System32\wfp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [77.5 Ko] - C:\Windows\System32\WinBioPlugIns [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [15925.96 Ko] - C:\Windows\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [113904 Ko] - C:\Windows\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 10:17:52] - [205.33 Ko] - C:\Windows\System32\winrm [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [10/12/2016 19:35:59] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\System32\__000000014035A571__C0000005.dmp [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 10:17:52] - [0 Ko] - C:\Windows\SysWOW64\0409 [MD5.00000000000000000000000000000000] - |D| - [18/06/2015 11:43:57] - [0 Ko] - C:\Windows\SysWOW64\040C [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [2258.5 Ko] - C:\Windows\SysWOW64\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [201.5 Ko] - C:\Windows\SysWOW64\ar-SA [MD5.8128B54EAA48F9C06B19A86C87752996] - |A| - [07/02/2018 21:37:46] - (.Copyright (C) 2010 - AsIO DLL.) - [28 Ko] - (1.0.0.4) - C:\Windows\SysWOW64\AsIO.dll [MD5.2B40D5C73CF1C56389071C1F23746544] - |A| - [06/02/2017 22:11:20] - (.-.) - [2.82 Ko] - (2.7.6.2006) - C:\Windows\SysWOW64\audcon.sys [MD5.E6635A5C54FC0B30A8438DDB32E6B4DC] - |A| - [22/09/2018 21:13:16] - (.Copyright (C) 2000-2018 FFmpeg Project - FFmpeg codec library.) - [10089 Ko] - (58.30.100.0) - C:\Windows\SysWOW64\avcodec-ics-58.dll [MD5.0EE0E3F9BEA086566E5292B9C6EB7D94] - |A| - [11/10/2018 11:31:16] - (.Copyright (C) 2000-2018 FFmpeg Project - FFmpeg codec library.) - [13421.68 Ko] - (58.30.100.0) - C:\Windows\SysWOW64\avcodec-lav-58.dll [MD5.04089F77099D98601AC0D4B67978E7F3] - |A| - [11/10/2018 11:31:18] - (.Copyright (C) 2000-2018 FFmpeg Project - FFmpeg audio/video filtering library.) - [199.18 Ko] - (7.29.100.0) - C:\Windows\SysWOW64\avfilter-lav-7.dll [MD5.778F25414249CD2FF40B58FB22A3F00E] - |A| - [22/09/2018 21:13:16] - (.Copyright (C) 2000-2018 FFmpeg Project - FFmpeg container format library.) - [1361 Ko] - (58.18.100.0) - C:\Windows\SysWOW64\avformat-ics-58.dll [MD5.323FF4733344D8E46DDC362D40BBBB09] - |A| - [11/10/2018 11:31:22] - (.Copyright (C) 2000-2018 FFmpeg Project - FFmpeg container format library.) - [1812.68 Ko] - (58.18.100.0) - C:\Windows\SysWOW64\avformat-lav-58.dll [MD5.8111075E8B53FEE942CE45D9A514FA89] - |A| - [17/12/2013 03:28:18] - (.-.) - [107 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\avi.dll [MD5.AE767F0F60840CF445AE982341312112] - |A| - [11/10/2018 11:31:24] - (.Copyright (C) 2000-2018 FFmpeg Project - Libav audio resampling library.) - [158.18 Ko] - (4.0.0.0) - C:\Windows\SysWOW64\avresample-lav-4.dll [MD5.44A5965795FD86118922E18124498D43] - |A| - [17/12/2013 03:28:18] - (.-.) - [95.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\avs.dll [MD5.832F62588782EE5A938381694ED43A2F] - |A| - [17/12/2013 03:28:18] - (.-.) - [91 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\avss.dll [MD5.9BA6D1B8E0064D4502BAF64399FC3D7D] - |A| - [22/09/2018 21:13:16] - (.Copyright (C) 2000-2018 FFmpeg Project - FFmpeg utility library.) - [539 Ko] - (56.19.101.0) - C:\Windows\SysWOW64\avutil-ics-56.dll [MD5.4622157A3A90578A17259DED4348FC99] - |A| - [11/10/2018 11:31:28] - (.Copyright (C) 2000-2018 FFmpeg Project - FFmpeg utility library.) - [553.18 Ko] - (56.19.101.0) - C:\Windows\SysWOW64\avutil-lav-56.dll [MD5.9586E7BE6AE8016932038932D1417241] - |A| - [16/02/2013 15:02:00] - (.Copyright © 1999-2013 - BASS.) - [105.06 Ko] - (2.4.10.0) - C:\Windows\SysWOW64\bass.dll [MD5.C0C3FA022F605FD04C867CD7B2F5F2A5] - |A| - [12/05/2011 15:16:12] - (.Copyright © 2003-2011 - BASSCD.) - [18.56 Ko] - (2.4.5.0) - C:\Windows\SysWOW64\basscd.dll [MD5.50AF8A7D49E83A723ED0F70FB682DCFB] - |A| - [09/12/2009 13:40:04] - (.Copyright © 2004-2009 - BASSFLAC.) - [24.56 Ko] - (2.4.1.0) - C:\Windows\SysWOW64\bassflac.dll [MD5.39275510E10E8B748583313B2155426E] - |A| - [23/08/2012 15:43:14] - (.Copyright © 2012 - BASSOPUS.) - [53.05 Ko] - (2.4.0.1) - C:\Windows\SysWOW64\bassopus.dll [MD5.400858642C08E623E8024CB4D65408CE] - |A| - [05/12/2012 19:27:06] - (.Copyright © 2007-2012 - BASSWV.) - [25.06 Ko] - (2.4.4.0) - C:\Windows\SysWOW64\basswv.dll [MD5.C6AA10109D7BE3395E3A312C5453DA2C] - |A| - [16/10/2012 15:17:58] - (.2003-2006, MaresWEB - Advanced Audio Coding and MPEG-4 add-on for the BASS library.) - [146.21 Ko] - (2.4.4.2) - C:\Windows\SysWOW64\bass_aac.dll [MD5.6B6344CD7EFC4916F58D177045674FC9] - |A| - [31/01/2013 18:02:38] - (.2003-2006, MaresWEB - Apple Lossless Audio Codec add-on for the BASS library.) - [9.2 Ko] - (2.4.3.0) - C:\Windows\SysWOW64\bass_alac.dll [MD5.13BEB78A9FCE8106C43C21FB705F9D5D] - |A| - [03/08/2011 17:48:34] - (.2003-2006, MaresWEB - Monkey's Audio add-on for the BASS library.) - [32.67 Ko] - (2.4.1.0) - C:\Windows\SysWOW64\bass_ape.dll [MD5.76F123C199319616760B9C0470C7997B] - |A| - [09/05/2012 14:26:08] - (.2003-2006, Sebastian Andersson - Musepack add-on for the BASS library.) - [20.62 Ko] - (2.4.1.1) - C:\Windows\SysWOW64\bass_mpc.dll [MD5.B3CC560AC7A5D1D266CB54E9A5A4767E] - |A| - [24/04/2009 12:20:48] - (.2003-2006, MaresWEB - OptimFROG add-on for the BASS library.) - [5.82 Ko] - (2.4.0.2) - C:\Windows\SysWOW64\bass_ofr.dll [MD5.EAFC368E75339308AA018663B305E138] - |A| - [24/03/2010 13:15:10] - (.-.) - [46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\bass_tak.dll [MD5.4AD2D66E10AAA0FFE4C7A4F46EADBB56] - |A| - [27/02/2008 22:49:50] - (.2003-2006, MaresWEB - The True Audio add-on for the BASS library.) - [8.34 Ko] - (2.4.0.0) - C:\Windows\SysWOW64\bass_tta.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [173 Ko] - C:\Windows\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot2 [MD5.57741342CB514072D26EF56B9EF95C86] - |A| - [06/03/2009 12:57:30] - (.Copyright 1999 - 2007 - CDDBControl Core Module.) - [777.49 Ko] - (2.5.0.104) - C:\Windows\SysWOW64\CDDBControl.dll [MD5.99A44759C589DF319376B29724DFBAEB] - |A| - [26/10/2009 15:30:00] - (.Copyright © 2003-2007 - CddbLangDE.) - [101.49 Ko] - (2.5.0.104) - C:\Windows\SysWOW64\CddbLangDE.dll [MD5.889293D30D3F7A459EA4C00FAF006B1B] - |A| - [26/10/2009 15:30:00] - (.Copyright © 2003-2007 - CddbLangES.) - [101.49 Ko] - (2.5.0.104) - C:\Windows\SysWOW64\CddbLangES.dll [MD5.C69B5427BCCA7BD1ABEE933B9CD41989] - |A| - [26/10/2009 15:30:00] - (.Copyright © 2003-2007 - CddbLangFR.) - [101.49 Ko] - (2.5.0.104) - C:\Windows\SysWOW64\CddbLangFR.dll [MD5.00024093C7083A6B6935938BE0AB6B09] - |A| - [26/10/2009 15:30:00] - (.Copyright © 2003-2007 - CddbLangIT.) - [105.49 Ko] - (2.5.0.104) - C:\Windows\SysWOW64\CddbLangIT.dll [MD5.1E4ADA579CF04AAE901F14970604078E] - |A| - [26/10/2009 15:30:00] - (.Copyright © 2003-2007 - CddbLangJA.) - [81.49 Ko] - (2.5.0.104) - C:\Windows\SysWOW64\CddbLangJA.dll [MD5.4998947221C1D92E8CD249C3BEFACC73] - |A| - [26/10/2009 15:30:00] - (.Copyright © 2003-2007 - CddbLangNL.) - [101.49 Ko] - (2.5.0.104) - C:\Windows\SysWOW64\CddbLangNL.dll [MD5.F525176D64D23A4C4B27DD6BCCD96F4E] - |A| - [06/03/2009 12:57:30] - (.Copyright 2001 - 2007 - CDDBUIControl Module.) - [789.49 Ko] - (2.5.0.104) - C:\Windows\SysWOW64\CDDBUI.dll [MD5.7F108035039334BCD9AFE9FE28F25682] - |A| - [16/07/2017 19:45:28] - (.Copyright © 2002-2017 all contributors, see Authors.txt - CDXA Reader Filter.) - [309.23 Ko] - (1.7.13.0) - C:\Windows\SysWOW64\cdxareader.ax [MD5.00000000000000000000000000000000] - |D| - [30/11/2018 18:16:17] - [43548.6 Ko] - C:\Windows\SysWOW64\Codecs [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [306.5 Ko] - C:\Windows\SysWOW64\com [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1734.67 Ko] - C:\Windows\SysWOW64\config [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [427.5 Ko] - C:\Windows\SysWOW64\cs-CZ [MD5.3C3838E598E2DBC295311FB1B36989DB] - |A| - [17/12/2013 03:28:10] - (.-.) - [4.72 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\cue2xml.js [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [422.5 Ko] - C:\Windows\SysWOW64\da-DK [MD5.6DE33A351A1D77FA22C60FCD1746D65E] - |A| - [24/02/2013 21:40:38] - (.Copyright © 2003-2010 Milenko Mitrovic - BASS based DirectShow™ Audio Decoder.) - [228.5 Ko] - (1.5.2.0) - C:\Windows\SysWOW64\DCBassSourceMod.ax [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [452 Ko] - C:\Windows\SysWOW64\de-DE [MD5.53882064415275A3A34BEDD00D04A4D0] - |A| - [31/05/2016 15:40:25] - (.-.) - [8.97 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\debug.log [MD5.32DECBED95A5BBC76A86A802DE9D87D4] - |A| - [24/10/2018 20:59:42] - (.-.) - [51.38 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\DiscHandler.exe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [4312 Ko] - C:\Windows\SysWOW64\Dism [MD5.765EAA222E1F6C7122EB22EE66D88CE1] - |A| - [17/12/2013 03:30:18] - (.- DivX;-) Audio Codec.) - [284.58 Ko] - (4.1.0.3920) - C:\Windows\SysWOW64\DivXa32.acm [MD5.C43E7CB9C25E8943682290303669EE7B] - |A| - [11/07/2006 14:45:24] - (.-.) - [900.05 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\DSDOUT_VIDEO.bmp.new [MD5.C38BC3EE83B8E78526F0527D8C77369D] - |A| - [19/12/2006 17:08:50] - (.- DSDRenderer.) - [52 Ko] - (1.0.1.12190) - C:\Windows\SysWOW64\DSDToPCMFilter.ax [MD5.963F6DB8105891010CFCC7A4884D5343] - |A| - [19/12/2006 17:08:58] - (.-.) - [44 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\DSDVideoOutFilter.ax [MD5.F0C7DCB091EC0B4772A598230417D6C8] - |A| - [17/12/2013 03:27:52] - (.-.) - [110.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\dsmux.exe [MD5.116ABBF463689755CC34E65338EB478B] - |A| - [17/12/2013 03:27:50] - (.-.) - [244 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\dxr.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [451.5 Ko] - C:\Windows\SysWOW64\el-GR [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 10:17:52] - [1648 Ko] - C:\Windows\SysWOW64\en [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [32933.09 Ko] - C:\Windows\SysWOW64\en-US [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [443 Ko] - C:\Windows\SysWOW64\es-ES [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [160.5 Ko] - C:\Windows\SysWOW64\et-EE [MD5.3009BF65973061DAE1119AE55ACF9E3B] - |A| - [05/12/2014 13:40:46] - (.Copyright © 2002-2013 - DirectShow and VFW video and audio decoding/encoding/processing filter.) - [3420 Ko] - (1.3.0.0) - C:\Windows\SysWOW64\ffdshow.ax [MD5.453542F4AC121883E57A7DFFAAB586E3] - |A| - [14/12/2016 13:26:28] - (.-.) - [3935.19 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ffmpeg.dll [MD5.3512B358B965CC44EB3030C7E29FF748] - |A| - [14/12/2016 13:25:34] - (.© 2000-2003 Michel Lespinasse © 1999-2000 Aaron Holtzman Dialog normalization, rf mode (DRC), some extended bitstream information © 2004-2005 Simone Karin Lehmann < simone at lisanet dot de > - liba52 DLL built for ffdshow.) - [125.69 Ko] - (0.7.4.0) - C:\Windows\SysWOW64\ff_liba52.dll [MD5.29B128AC3FEE9604DCB7E6A428140FC1] - |A| - [14/12/2016 13:25:40] - (.© 2004 Gildas Bazin - libdts DLL built for ffdshow.) - [220.69 Ko] - (0.0.5.0) - C:\Windows\SysWOW64\ff_libdts.dll [MD5.2819025D0AA3DE7271D2A65032A80A08] - |A| - [14/12/2016 13:25:52] - (.© 2000-2004, Underbit Technologies, Inc. - MPEG Audio Decoder DLL built for ffdshow.) - [157.69 Ko] - (0.15.1.0) - C:\Windows\SysWOW64\ff_libmad.dll [MD5.EDEC25C60A602B9FEF132A4DC1A6F090] - |A| - [14/12/2016 13:25:58] - (.© 2002-2011 Erik de Castro Lopo - libsamplerate DLL built for ffdshow.) - [1503.69 Ko] - (0.1.8.0) - C:\Windows\SysWOW64\ff_samplerate.dll [MD5.52B2199B764CA13B623FB5C47C19DA2B] - |A| - [14/12/2016 13:26:04] - (.-.) - [167.19 Ko] - (4.20.100.526) - C:\Windows\SysWOW64\ff_unrar.dll [MD5.31C8E95FFA4E2CC4B71CF4BE6202AF04] - |A| - [14/12/2016 13:26:16] - (.- ffdshow WMV9.) - [111.19 Ko] - (2.7.0.0) - C:\Windows\SysWOW64\ff_wmv9.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [425 Ko] - C:\Windows\SysWOW64\fi-FI [MD5.64546FE93B5977CE25E0F0607C3F5F80] - |A| - [24/02/2013 18:51:26] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\Formats.ini [MD5.00000000000000000000000000000000] - |D| - [18/06/2015 11:43:57] - [1680 Ko] - C:\Windows\SysWOW64\fr [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [38845.01 Ko] - C:\Windows\SysWOW64\fr-FR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\SysWOW64\FxsTmp [MD5.A26DA0EA771D3C7DC5B17EAFBD43BCA9] - |A| - [17/12/2013 03:27:40] - (.-.) - [350 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\gdsmux.exe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [191.5 Ko] - C:\Windows\SysWOW64\he-IL [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [168 Ko] - C:\Windows\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [429 Ko] - C:\Windows\SysWOW64\hu-HU [MD5.D5312099EF77A2D12C6DE1ED63425451] - |A| - [28/09/2018 20:19:46] - (.Copyright © Tabibito Technology 2010-2018 - Icaros Cache Handler.) - [271.5 Ko] - (3.1.0.0) - C:\Windows\SysWOW64\IcarosCache.dll [MD5.A4C69E43EB114537A533C0F41E9D8850] - |A| - [28/09/2018 20:20:28] - (.Copyright © Tabibito Technology 2010-2018 - IcarosConfig.) - [274.5 Ko] - (3.1.0.0) - C:\Windows\SysWOW64\IcarosConfig.exe [MD5.62FE0A4401F24E3DBA44A83801BA7AEB] - |A| - [28/09/2018 20:19:50] - (.Copyright © Tabibito Technology 2010-2018 - Icaros Property Handler.) - [597 Ko] - (3.1.0.0) - C:\Windows\SysWOW64\IcarosPropertyHandler.dll [MD5.6C988BE822D81FA967145A538E214430] - |A| - [28/09/2018 20:19:52] - (.Copyright © Tabibito Technology 2010-2018 - Icaros Thumbnail Provider.) - [294.5 Ko] - (3.1.0.0) - C:\Windows\SysWOW64\IcarosThumbnailProvider.dll [MD5.D75D54BD9B2EB254112E3A0D85210ACF] - |A| - [28/09/2018 20:20:24] - (.Copyright © Tabibito Technology 2010-2018 - IcarosUICore.) - [334 Ko] - (3.1.0.0) - C:\Windows\SysWOW64\IcarosUICore.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [36.27 Ko] - C:\Windows\SysWOW64\icsxml [MD5.D0B008AC66C135A0F4AE2086CEF7DABB] - |A| - [03/06/2016 09:56:34] - (.-.) - [139.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\igdail32.dll [MD5.5CBC985ECB2165A8E5591FD9031E098D] - |A| - [03/06/2016 09:56:46] - (.-.) - [292.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\igdmd32.dll [MD5.D823A6ED12810DC4FBA9184B5922E5AD] - |A| - [03/06/2016 09:56:35] - (.Copyright © The Khronos Group Inc 2011 - OpenCL Client DLL.) - [59 Ko] - (1.2.11.0) - C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [447 Ko] - C:\Windows\SysWOW64\it-IT [MD5.FA2E1F09ED6C4C221E4513A7E815E13D] - |A| - [27/08/2013 14:00:08] - (.-.) - [1.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IusEventLog.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [361 Ko] - C:\Windows\SysWOW64\ja-JP [MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [14/07/2009 04:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\korwbrkr.lex [MD5.5D363BC3EA833FF3D91CD70A6CEDF05A] - |A| - [21/09/2016 02:18:44] - (.Copyright © 2011 - Lagarith.) - [224.69 Ko] - (1.3.27.0) - C:\Windows\SysWOW64\Lagarith.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [12/01/2017 11:48:08] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\last.dump [MD5.CE8081D42D02CF7C224A3CBB5205E7AF] - |A| - [11/10/2018 11:31:34] - (.Copyright (C) 2010-2018 Hendrik Leppkes - LAV Audio Decoder - DirectShow Audio Decoder.) - [259.18 Ko] - (0.73.1.0) - C:\Windows\SysWOW64\LAVAudio.ax [MD5.73E6AE796B477E8780DDFE609D40410C] - |A| - [16/02/2018 22:36:38] - (.-.) - [0.48 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\LAVFilters.Dependencies.manifest [MD5.FFD969FC329C936B3C3F10FF9B1CE963] - |A| - [11/10/2018 11:31:36] - (.Copyright (C) 2010-2018 Hendrik Leppkes - LAV Splitter - DirectShow Media Splitter.) - [538.68 Ko] - (0.73.1.0) - C:\Windows\SysWOW64\LAVSplitter.ax [MD5.97DD22C20B7DB2DA0EB24299AED8DD87] - |A| - [11/10/2018 11:31:40] - (.Copyright (C) 2010-2018 Hendrik Leppkes - LAV Video Decoder - DirectShow Video Decoder.) - [1018.68 Ko] - (0.73.1.0) - C:\Windows\SysWOW64\LAVVideo.ax [MD5.FE4BD574130925DF573C34776018EEBA] - |A| - [11/10/2018 11:31:46] - (.-.) - [280.18 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\libbluray.dll [MD5.B9FF0A41D52CBE2B64E2A3D4DBCC81B2] - |A| - [14/01/2018 23:03:12] - (.-.) - [262.95 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\libFLAC.dll [MD5.577925DB13B58911E68E1DD3F90E39B1] - |A| - [14/12/2016 13:26:46] - (.© 2000-2003 Michel Lespinasse © 1999-2000 Aaron Holtzman - mpeg2dec DLL built for ffdshow.) - [147.19 Ko] - (0.5.1.0) - C:\Windows\SysWOW64\libmpeg2_ff.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\SysWOW64\LogFiles [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [165 Ko] - C:\Windows\SysWOW64\lt-LT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [166 Ko] - C:\Windows\SysWOW64\lv-LV [MD5.A6549E3D8196829311BCA50DA7C2699B] - |A| - [03/01/2011 13:07:08] - (.www.madshi.net - DirectShow FLAC Decoder.) - [479 Ko] - (1.10.0.0) - C:\Windows\SysWOW64\madFlac.ax [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1968.26 Ko] - C:\Windows\SysWOW64\manifeststore [MD5.98071B6EE16AA76DABFF377A5DC69C86] - |A| - [14/07/2009 06:55:01] - (.-.) - [0.52 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mapisvc.inf [MD5.00000000000000000000000000000000] - |SD| - [02/11/2016 11:42:53] - [0 Ko] - C:\Windows\SysWOW64\Microsoft [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [3186.43 Ko] - C:\Windows\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [32885.95 Ko] - C:\Windows\SysWOW64\migwiz [MD5.2680869CC2929F7C766540F5D0C7F94E] - |A| - [17/12/2013 03:27:16] - (.-.) - [24 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mkunicode.dll [MD5.522C51BB6AC679BFDC3D0DEEB4BE7268] - |A| - [17/12/2013 03:27:16] - (.-.) - [134.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mkv2vfr.exe [MD5.6ADB98152CD780DAFD43FA2DB9FF819B] - |A| - [17/12/2013 03:27:14] - (.-.) - [147 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mkx.dll [MD5.9A0AB536859C2D0FC6621F0781624D51] - |A| - [17/12/2013 03:27:14] - (.-.) - [78.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mkzlib.dll [MD5.5571C32AE9B10240A791FDC2A5387A7C] - |A| - [17/12/2013 03:27:10] - (.-.) - [139 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mp4.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [52.28 Ko] - C:\Windows\SysWOW64\Msdtc [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [24.48 Ko] - C:\Windows\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [418 Ko] - C:\Windows\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [51 Ko] - C:\Windows\SysWOW64\NetworkList [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [438.5 Ko] - C:\Windows\SysWOW64\nl-NL [MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [14/07/2009 04:35:50] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\noise.kor [MD5.73933B9207EDAE66ECFCD2871A79AE21] - |A| - [17/12/2013 03:26:52] - (.-.) - [120.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ogm.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [2566.05 Ko] - C:\Windows\SysWOW64\oobe [MD5.301A5609907605013D7ED94B5B49AAB9] - |A| - [11/02/2011 12:26:20] - (.-.) - [232 Ko] - (1.3.0.0) - C:\Windows\SysWOW64\OptimFROG.dll [MD5.D0549FEC1218102C93962E9E0797F4B1] - |A| - [11/07/2006 14:46:18] - (.-.) - [900.05 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PCMOUT_VIDEO_1644.bmp [MD5.3AD19E79C8E1B64A82F9A8AEF978C4B0] - |A| - [11/07/2006 14:45:54] - (.-.) - [900.05 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PCMOUT_VIDEO_2496.bmp [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 23:17:19] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfCenterCpl.ico [MD5.B411D95BE992D110B6215868BDDF3633] - |A| - [03/06/2016 10:17:19] - (.-.) - [1607.24 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [434 Ko] - C:\Windows\SysWOW64\pl-PL [MD5.E84FFC07E30E25D808BAAF9D66A7B2DE] - |A| - [06/03/2009 12:57:28] - (.Copyright Propellerhead Software AB 1999-2006, All rights reserved - ReWire.) - [228 Ko] - (1.6.0.90) - C:\Windows\SysWOW64\ReWire.dll [MD5.F9D85FFE9198DE79004353A3FF8A120F] - |A| - [17/12/2013 03:26:44] - (.Copyright (C) 2004-2009 Mike Matsnev - Haali Media Splitter.) - [543 Ko] - (1.11.288.0) - C:\Windows\SysWOW64\splitter.ax [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1191.84 Ko] - C:\Windows\SysWOW64\spp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [30.19 Ko] - C:\Windows\SysWOW64\sppui [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [170 Ko] - C:\Windows\SysWOW64\sr-Latn-CS [MD5.8077EBACB2611C0C147AA46B5403F3C7] - |A| - [09/11/2016 11:07:00] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [333.16 Ko] - (4.0.0.59) - C:\Windows\SysWOW64\SRCOM.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [421.5 Ko] - C:\Windows\SysWOW64\sv-SE [MD5.39E1994731D6589898EB915826BC8FC9] - |A| - [22/09/2018 21:13:16] - (.Copyright (C) 2000-2018 FFmpeg Project - FFmpeg image rescaling library.) - [535 Ko] - (5.2.100.0) - C:\Windows\SysWOW64\swscale-ics-5.dll [MD5.710A73F8A19BB7884F6847EF4EB3DE9C] - |A| - [11/10/2018 11:31:30] - (.Copyright (C) 2000-2018 FFmpeg Project - FFmpeg image rescaling library.) - [534.18 Ko] - (5.2.100.0) - C:\Windows\SysWOW64\swscale-lav-5.dll [MD5.5523AB9A11DAE660F3F7A90181C22222] - |A| - [09/10/2017 14:23:35] - (.Copyright © 2016, Steinberg Media Technologies GmbH - eLicenser POS Access DLL.) - [3784.5 Ko] - (1.21.0.3) - C:\Windows\SysWOW64\SYNSOACC.dll [MD5.88473D3C3F0CC3D6B2653A8204355CB2] - |A| - [06/02/2017 18:46:50] - (.AIR © 2009 - Steinberg eLicenser Emulator.) - [1150 Ko] - (2.0.0.9) - C:\Windows\SysWOW64\SYNSOEMU.DLL [MD5.B29680F5EEA7C35873F26427534EDD29] - |A| - [09/10/2017 14:23:40] - (.Copyright © 2009, Steinberg Media Technologies GmbH - Forward Executer.) - [84 Ko] - (999.999.999.999) - C:\Windows\SysWOW64\SYNSOPOS.exe [MD5.84407C7CA172179A35F079BBD4AF9644] - |A| - [09/10/2017 14:23:40] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\SYNSOPOS.exe.cfg [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 10:17:52] - [0 Ko] - C:\Windows\SysWOW64\sysprep [MD5.BDB65DCE335AC29ECCBC2CA7A7AD36B7] - |A| - [08/07/2011 16:45:26] - (.(c) 2006 by Thomas Becker, Osnabrueck, Germany - TAK Decoder Library.) - [110 Ko] - (2.2.0.0) - C:\Windows\SysWOW64\tak_deco_lib.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [157 Ko] - C:\Windows\SysWOW64\th-TH [MD5.AC080D10F27996D01FF0B829AA6F7194] - |A| - [14/12/2016 13:26:58] - (.© 2002 Tom Barry - TomsMoComp for ffdshow.) - [278.69 Ko] - (1.0.1.8) - C:\Windows\SysWOW64\TomsMoComp_ff.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [419 Ko] - C:\Windows\SysWOW64\tr-TR [MD5.18D337B1A07C2CCDC1BFC9339A1AFF8D] - |A| - [17/12/2013 03:26:40] - (.-.) - [151 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ts.dll [MD5.15BD0F8D507546F512EE5D73C3721FA8] - |A| - [14/07/2009 04:35:41] - (.Copyright © 2000 - vfpodbc.) - [20.05 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\vfpodbc.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [06/06/2016 17:44:52] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\vns4A3D.tmp [MD5.EBC667EB941F4CDA3EE156725C5D8008] - |A| - [06/06/2016 19:44:41] - (.-.) - [1088.41 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\vnsF9F0.tmp [MD5.A065F69A2AA291D6E93113C5968361DC] - |A| - [17/12/2013 04:38:54] - (.Copyright (C) 2001-2012 Yu Zhuohuang, Gabest et. al. - VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth.) - [1536.5 Ko] - (3.0.0.211) - C:\Windows\SysWOW64\VSFilter.dll [MD5.6A2205CBC09EF0D92F8E1AB870A56FD2] - |A| - [15/09/2004 03:50:18] - (.-.) - [0.4 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\VzCsDsAudioDevice.vzcs.classinfo [MD5.00000000000000000000000000000000] - |D| - [06/06/2016 14:29:59] - [237.33 Ko] - C:\Windows\SysWOW64\Wat [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [10169.03 Ko] - C:\Windows\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 10:17:52] - [108.07 Ko] - C:\Windows\SysWOW64\WCN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [101.23 Ko] - C:\Windows\SysWOW64\wdi [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [15717.83 Ko] - C:\Windows\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [12/04/2011 10:17:52] - [205.33 Ko] - C:\Windows\SysWOW64\winrm [MD5.EEBA34D386EABA21DD998FEDC1A81D73] - |A| - [30/07/2017 12:50:32] - (.Copyright (C) 2003-2017 x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) - [3760 Ko] - (44.2851.44825.0) - C:\Windows\SysWOW64\x264vfw.dll [MD5.00000000000000000000000000000000] - |D| - [18/06/2015 11:43:57] - [10.16 Ko] - C:\Windows\SysWOW64\XPSViewer [MD5.A1D00048CAF12F9AA00DC791216E71C1] - |A| - [08/12/2017 11:59:46] - (.-.) - [624 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xvidcore.dll [MD5.4C1635D360DA35D23E456137F2E9AFCD] - |A| - [08/12/2017 11:59:54] - (.-.) - [230 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xvidvfw.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [333.5 Ko] - C:\Windows\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [255.5 Ko] - C:\Windows\SysWOW64\zh-HK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [334 Ko] - C:\Windows\SysWOW64\zh-TW ---------- | [Aoss] [05/05/2018 23:10:30] - |D| - [1386764] - C:\Users\Aoss\.fontconfig [31/05/2016 10:40:06] - |HD| - [38846159709] - C:\Users\Aoss\AppData [31/05/2016 10:40:06] - |SHD| - [0] - C:\Users\Aoss\Application Data [31/05/2016 10:40:17] - |RD| - [68785] - C:\Users\Aoss\Contacts [31/05/2016 10:40:06] - |SHD| - [0] - C:\Users\Aoss\Cookies [18/09/2018 10:31:51] - |RHD| - [148] - C:\Users\Aoss\Creative Cloud Files [31/05/2016 10:40:06] - |RD| - [13528665528] - C:\Users\Aoss\Desktop [31/05/2016 10:40:06] - |RD| - [2149868153] - C:\Users\Aoss\Documents [31/05/2016 10:40:06] - |RD| - [125612170143] - C:\Users\Aoss\Downloads [31/05/2016 10:40:06] - |RD| - [3919] - C:\Users\Aoss\Favorites [02/06/2016 17:00:04] - |D| - [1135784] - C:\Users\Aoss\Intel [31/05/2016 10:40:06] - |RD| - [2356] - C:\Users\Aoss\Links [31/05/2016 10:40:06] - |SHD| - [0] - C:\Users\Aoss\Local Settings [31/05/2016 10:40:06] - |SHD| - [0] - C:\Users\Aoss\Menu Démarrer [31/05/2016 10:40:06] - |SHD| - [0] - C:\Users\Aoss\Mes documents [31/05/2016 10:40:06] - |SHD| - [0] - C:\Users\Aoss\Modèles [31/05/2016 10:40:06] - |RD| - [27140535] - C:\Users\Aoss\Music [31/05/2016 10:40:06] - |ASH| - [4194304] - C:\Users\Aoss\ntuser.dat [31/05/2016 10:40:06] - |ASH| - [262144] - C:\Users\Aoss\ntuser.dat.LOG1 [31/05/2016 10:40:06] - |ASH| - [0] - C:\Users\Aoss\ntuser.dat.LOG2 [31/05/2016 10:40:06] - |ASH| - [65536] - C:\Users\Aoss\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [31/05/2016 10:40:06] - |ASH| - [524288] - C:\Users\Aoss\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [31/05/2016 10:40:06] - |ASH| - [524288] - C:\Users\Aoss\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [13/12/2018 18:17:34] - |ASH| - [65536] - C:\Users\Aoss\ntuser.dat{7dfb2c38-fed2-11e8-89ac-f0795994cdd3}.TM.blf [13/12/2018 18:17:34] - |ASH| - [524288] - C:\Users\Aoss\ntuser.dat{7dfb2c38-fed2-11e8-89ac-f0795994cdd3}.TMContainer00000000000000000001.regtrans-ms [13/12/2018 18:17:34] - |ASH| - [524288] - C:\Users\Aoss\ntuser.dat{7dfb2c38-fed2-11e8-89ac-f0795994cdd3}.TMContainer00000000000000000002.regtrans-ms [03/06/2016 09:13:24] - |ASH| - [65536] - C:\Users\Aoss\ntuser.dat{8ca8158f-295a-11e6-943d-f0795994cdd3}.TM.blf [03/06/2016 09:13:24] - |ASH| - [524288] - C:\Users\Aoss\ntuser.dat{8ca8158f-295a-11e6-943d-f0795994cdd3}.TMContainer00000000000000000001.regtrans-ms [03/06/2016 09:13:24] - |ASH| - [524288] - C:\Users\Aoss\ntuser.dat{8ca8158f-295a-11e6-943d-f0795994cdd3}.TMContainer00000000000000000002.regtrans-ms [31/05/2016 10:40:06] - |SH| - [20] - C:\Users\Aoss\ntuser.ini [01/06/2016 10:42:12] - |RASH| - [290] - C:\Users\Aoss\ntuser.pol [31/05/2016 10:40:06] - |RD| - [1421781394] - C:\Users\Aoss\Pictures [31/05/2016 10:40:06] - |SHD| - [0] - C:\Users\Aoss\Recent [31/05/2016 10:40:06] - |RD| - [298516] - C:\Users\Aoss\Saved Games [31/05/2016 10:40:27] - |RD| - [1020] - C:\Users\Aoss\Searches [31/05/2016 10:40:06] - |SHD| - [0] - C:\Users\Aoss\SendTo [03/03/2019 11:25:42] - |A| - [424] - C:\Users\Aoss\Sti_Trace.log [31/05/2016 10:40:06] - |RD| - [67192615645] - C:\Users\Aoss\Videos [31/05/2016 10:40:06] - |SHD| - [0] - C:\Users\Aoss\Voisinage d'impression [31/05/2016 10:40:06] - |SHD| - [0] - C:\Users\Aoss\Voisinage réseau [31/05/2016 10:40:06] - |D| - [5698265927] - C:\Users\Aoss\AppData\Local [31/05/2016 10:40:06] - |D| - [27205956] - C:\Users\Aoss\AppData\LocalLow [31/05/2016 10:40:06] - |D| - [33120707961] - C:\Users\Aoss\AppData\Roaming [04/04/2018 17:49:33] - |D| - [51264] - C:\Users\Aoss\AppData\Local\4kdownload.com [03/05/2020 21:07:34] - |D| - [32796432] - C:\Users\Aoss\AppData\Local\Adobe [03/11/2016 16:50:36] - |D| - [1947] - C:\Users\Aoss\AppData\Local\Adobe_Systems_Incorporate [01/06/2016 09:38:17] - |D| - [181948232] - C:\Users\Aoss\AppData\Local\Apple [22/10/2016 16:50:56] - |D| - [8388574] - C:\Users\Aoss\AppData\Local\Apple Computer [22/05/2017 11:47:10] - |D| - [0] - C:\Users\Aoss\AppData\Local\Apple Inc [31/05/2016 10:40:06] - |SHD| - [0] - C:\Users\Aoss\AppData\Local\Application Data [31/05/2016 11:18:32] - |D| - [2096404] - C:\Users\Aoss\AppData\Local\Apps [12/04/2018 03:23:00] - |D| - [575779068] - C:\Users\Aoss\AppData\Local\AVAST Software [20/06/2016 18:32:11] - |D| - [892791] - C:\Users\Aoss\AppData\Local\CEF [05/05/2018 23:09:46] - |D| - [0] - C:\Users\Aoss\AppData\Local\converter [05/05/2018 23:09:45] - |D| - [38] - C:\Users\Aoss\AppData\Local\ConverterAgent [27/05/2017 18:54:39] - |D| - [1407710] - C:\Users\Aoss\AppData\Local\CrashDumps [21/06/2016 11:49:48] - |A| - [6656] - C:\Users\Aoss\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [31/05/2016 11:18:32] - |D| - [0] - C:\Users\Aoss\AppData\Local\Deployment [31/05/2016 20:30:06] - |D| - [0] - C:\Users\Aoss\AppData\Local\Diagnostics [02/06/2016 17:22:53] - |D| - [0] - C:\Users\Aoss\AppData\Local\ElevatedDiagnostics [06/02/2017 22:14:11] - |D| - [20] - C:\Users\Aoss\AppData\Local\eLicenser [03/11/2016 16:45:29] - |D| - [1389] - C:\Users\Aoss\AppData\Local\FileViewPro [31/05/2016 11:18:33] - |A| - [105208] - C:\Users\Aoss\AppData\Local\GDIPFONTCACHEV1.DAT [10/12/2016 19:33:50] - |D| - [3499141] - C:\Users\Aoss\AppData\Local\GeoLocator [31/05/2016 11:18:54] - |D| - [688447108] - C:\Users\Aoss\AppData\Local\Google [01/07/2016 18:46:07] - |D| - [71] - C:\Users\Aoss\AppData\Local\GWX [31/05/2016 10:40:06] - |SHD| - [0] - C:\Users\Aoss\AppData\Local\Historique [31/05/2016 18:09:20] - |AH| - [6074323] - C:\Users\Aoss\AppData\Local\IconCache.db [13/03/2017 11:16:22] - |D| - [1913] - C:\Users\Aoss\AppData\Local\Intel_Corporation [24/04/2017 16:13:36] - |D| - [216552682] - C:\Users\Aoss\AppData\Local\JDownloader v2.0 [31/05/2016 10:40:06] - |D| - [601127113] - C:\Users\Aoss\AppData\Local\Microsoft [07/06/2016 18:41:35] - |D| - [1468307] - C:\Users\Aoss\AppData\Local\Microsoft Games [05/05/2018 23:09:45] - |D| - [51980] - C:\Users\Aoss\AppData\Local\Movavi [02/09/2020 21:23:25] - |D| - [78059117] - C:\Users\Aoss\AppData\Local\Mozilla [29/09/2018 10:36:58] - |A| - [2665] - C:\Users\Aoss\AppData\Local\oobelibMkey.log [26/07/2017 20:21:12] - |D| - [128] - C:\Users\Aoss\AppData\Local\paint.net [01/06/2016 10:33:19] - |D| - [0] - C:\Users\Aoss\AppData\Local\Programs [01/06/2016 10:54:18] - |D| - [681097] - C:\Users\Aoss\AppData\Local\Setup6514164 [01/06/2016 09:33:41] - |D| - [429683] - C:\Users\Aoss\AppData\Local\Shalsoft [31/05/2016 11:46:15] - |D| - [430688] - C:\Users\Aoss\AppData\Local\Sony [07/05/2017 17:21:23] - |D| - [3228222244] - C:\Users\Aoss\AppData\Local\TechSmith [31/05/2016 10:40:06] - |D| - [11309288] - C:\Users\Aoss\AppData\Local\Temp [31/05/2016 10:40:06] - |SHD| - [0] - C:\Users\Aoss\AppData\Local\Temporary Internet Files [26/09/2019 11:55:30] - |D| - [57935365] - C:\Users\Aoss\AppData\Local\TP-Link [16/06/2016 18:21:22] - |D| - [200] - C:\Users\Aoss\AppData\Local\tuto_monetize_120160616 [31/05/2016 10:40:15] - |D| - [496115] - C:\Users\Aoss\AppData\Local\VirtualStore [28/10/2017 11:00:40] - |D| - [966] - C:\Users\Aoss\AppData\Local\WDSetup [21/06/2016 10:39:45] - |D| - [0] - C:\Users\Aoss\AppData\Local\WMTools Downloaded Files [31/05/2016 11:56:35] - |D| - [10261949] - C:\Users\Aoss\AppData\LocalLow\Adobe [07/05/2017 18:21:16] - |D| - [361] - C:\Users\Aoss\AppData\LocalLow\Apple Computer [31/05/2016 10:53:44] - |SD| - [16696519] - C:\Users\Aoss\AppData\LocalLow\Microsoft [02/09/2020 21:23:28] - |D| - [0] - C:\Users\Aoss\AppData\LocalLow\Mozilla [03/06/2016 17:07:25] - |SD| - [1367] - C:\Users\Aoss\AppData\LocalLow\Temp [17/03/2017 19:45:43] - |D| - [245760] - C:\Users\Aoss\AppData\LocalLow\uTorrent [03/11/2016 17:23:23] - |D| - [608] - C:\Users\Aoss\AppData\Roaming\.ePUBee [03/11/2016 17:23:11] - |D| - [281] - C:\Users\Aoss\AppData\Roaming\.ePUBeedrmremoval [03/05/2020 21:07:34] - |D| - [234236] - C:\Users\Aoss\AppData\Roaming\Adobe [22/10/2016 16:50:55] - |D| - [32935891842] - C:\Users\Aoss\AppData\Roaming\Apple Computer [31/05/2016 11:28:22] - |D| - [41841946] - C:\Users\Aoss\AppData\Roaming\AVAST Software [04/04/2018 17:38:06] - |D| - [0] - C:\Users\Aoss\AppData\Roaming\AVS4YOU [01/06/2016 10:33:34] - |D| - [2532996] - C:\Users\Aoss\AppData\Roaming\Browsers [01/06/2016 10:34:02] - |A| - [1252] - C:\Users\Aoss\AppData\Roaming\Bubble Dock.boostrap.log [01/06/2016 10:34:56] - |A| - [5707] - C:\Users\Aoss\AppData\Roaming\Bubble Dock.installation.log [22/10/2016 17:06:11] - |D| - [1614] - C:\Users\Aoss\AppData\Roaming\Canneverbe Limited [03/11/2016 17:23:11] - |D| - [2185663] - C:\Users\Aoss\AppData\Roaming\decrypt [04/05/2018 17:37:50] - |D| - [289798] - C:\Users\Aoss\AppData\Roaming\DVDVideoSoft [22/09/2016 15:27:15] - |D| - [1084086] - C:\Users\Aoss\AppData\Roaming\Epson [03/11/2016 17:23:11] - |D| - [0] - C:\Users\Aoss\AppData\Roaming\ePUBeedrmremoval [28/10/2017 11:00:47] - |D| - [0] - C:\Users\Aoss\AppData\Roaming\Free Devis Factures [31/05/2016 10:40:18] - |D| - [0] - C:\Users\Aoss\AppData\Roaming\Identities [12/10/2017 16:18:37] - |D| - [2752370] - C:\Users\Aoss\AppData\Roaming\Image-Line [31/05/2016 10:45:45] - |D| - [0] - C:\Users\Aoss\AppData\Roaming\InstallShield [03/06/2016 10:32:58] - |D| - [0] - C:\Users\Aoss\AppData\Roaming\Intel Corporation [03/11/2016 16:45:29] - |D| - [520] - C:\Users\Aoss\AppData\Roaming\IsolatedStorage [01/06/2016 10:03:30] - |D| - [3049800] - C:\Users\Aoss\AppData\Roaming\LibreOffice [31/05/2016 10:40:06] - |D| - [0] - C:\Users\Aoss\AppData\Roaming\Media Center Programs [31/05/2016 10:40:06] - |SD| - [4825047] - C:\Users\Aoss\AppData\Roaming\Microsoft [02/09/2020 21:23:28] - |D| - [39764989] - C:\Users\Aoss\AppData\Roaming\Mozilla [30/11/2018 18:18:08] - |D| - [0] - C:\Users\Aoss\AppData\Roaming\MPC-HC [31/05/2016 11:48:05] - |D| - [0] - C:\Users\Aoss\AppData\Roaming\NetMedia Providers [01/06/2016 10:34:59] - |D| - [0] - C:\Users\Aoss\AppData\Roaming\Nosibay [31/05/2016 11:48:05] - |D| - [0] - C:\Users\Aoss\AppData\Roaming\Publish Providers [01/06/2016 10:36:49] - |A| - [78] - C:\Users\Aoss\AppData\Roaming\Selection Tools.installation.log [17/02/2018 23:55:39] - |D| - [2] - C:\Users\Aoss\AppData\Roaming\Sony [01/06/2016 10:33:32] - |D| - [415991] - C:\Users\Aoss\AppData\Roaming\SPI [06/02/2017 18:41:25] - |D| - [61941049] - C:\Users\Aoss\AppData\Roaming\Steinberg [01/06/2016 10:36:19] - |D| - [609085] - C:\Users\Aoss\AppData\Roaming\Store [07/05/2017 17:13:41] - |D| - [2087] - C:\Users\Aoss\AppData\Roaming\TechSmith [01/06/2016 10:34:49] - |D| - [14989681] - C:\Users\Aoss\AppData\Roaming\Tencent [01/06/2016 10:09:33] - |D| - [95909] - C:\Users\Aoss\AppData\Roaming\vlc [02/06/2016 15:11:04] - |A| - [44] - C:\Users\Aoss\AppData\Roaming\WB.CFG [01/06/2016 10:34:43] - |A| - [97] - C:\Users\Aoss\AppData\Roaming\WindApp.boostrap.log [01/06/2016 10:36:16] - |A| - [78] - C:\Users\Aoss\AppData\Roaming\WindApp.installation.log [01/06/2016 09:59:44] - |D| - [12] - C:\Users\Aoss\AppData\Roaming\WinRAR [01/06/2016 10:36:51] - |D| - [8191093] - C:\Users\Aoss\AppData\Roaming\WTools [31/05/2016 10:40:27] - |SH| - [174] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [31/05/2016 10:40:06] - |SHD| - [0] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [31/05/2016 10:40:06] - |RD| - [54514] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [20/10/2016 21:12:03] - |A| - [2633] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk [04/04/2018 17:49:13] - |A| - [992] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk [31/05/2016 10:40:06] - |RD| - [16093] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [31/05/2016 10:40:27] - |RD| - [174] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [12/10/2017 16:19:19] - |D| - [3145] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2 [31/05/2016 10:40:27] - |SH| - [476] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [12/10/2017 16:18:29] - |D| - [10362] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line [31/05/2016 10:40:29] - |AH| - [1433] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [01/06/2016 10:33:41] - |RS| - [1414] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Int?rnet Expl?r?r.lnk [01/06/2016 10:33:41] - |RS| - [1410] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Int?rn?t ?x?l?rer (64-bit).lnk [24/04/2017 16:16:18] - |D| - [6195] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader [31/05/2016 10:40:06] - |RD| - [580] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [31/05/2016 10:40:27] - |RD| - [1265] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [09/10/2017 14:24:06] - |D| - [4259] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase LE AI Elements 9 [26/09/2019 11:59:37] - |D| - [2487] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TP-Link [01/06/2016 09:59:22] - |D| - [4229] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [31/05/2016 12:06:21] - |D| - [0] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 20.5 [01/06/2016 10:37:17] - |D| - [0] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\???? [31/05/2016 10:40:27] - |SH| - [174] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [01/06/2016 09:33:38] - |A| - [1091] - C:\Users\Aoss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GigaTribe.lnk ---------- | [Public] [14/07/2009 05:20:08] - |RHD| - [38643] - C:\Users\Public\Desktop [14/07/2009 06:54:24] - |ASH| - [174] - C:\Users\Public\desktop.ini [14/07/2009 05:20:08] - |RD| - [7446] - C:\Users\Public\Documents [14/07/2009 05:20:08] - |RD| - [174] - C:\Users\Public\Downloads [14/07/2009 05:20:08] - |RHD| - [0] - C:\Users\Public\Favorites [14/07/2009 05:20:08] - |RHD| - [3957] - C:\Users\Public\Libraries [14/07/2009 05:20:08] - |RD| - [17440884] - C:\Users\Public\Music [14/07/2009 05:20:08] - |RD| - [5838651] - C:\Users\Public\Pictures [12/04/2011 10:28:08] - |RD| - [9699328] - C:\Users\Public\Recorded TV [14/07/2009 05:20:08] - |RD| - [26246732] - C:\Users\Public\Videos ---------- | C:\ProgramData [03/05/2020 21:07:48] - |D| - [428306096] - C:\ProgramData\Adobe [19/05/2017 17:55:57] - |D| - [114524674] - C:\ProgramData\albumphoto [01/06/2016 09:37:11] - |D| - [866478783] - C:\ProgramData\Apple [22/10/2016 16:31:58] - |D| - [3092806088] - C:\ProgramData\Apple Computer [14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Application Data [31/05/2016 11:25:25] - |D| - [587158809] - C:\ProgramData\AVAST Software [04/04/2018 17:35:49] - |D| - [0] - C:\ProgramData\AVS4YOU [31/05/2016 10:39:59] - |SHD| - [0] - C:\ProgramData\Bureau [01/06/2016 09:29:22] - |D| - [28] - C:\ProgramData\Canneverbe Limited [15/02/2017 09:46:53] - |D| - [31173095] - C:\ProgramData\Ciel [14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Desktop [04/05/2018 17:38:35] - |D| - [0] - C:\ProgramData\DigitalWave.ApplicationUpdater_files [14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Documents [02/06/2016 17:27:45] - |AH| - [0] - C:\ProgramData\DP45977C.lfl [02/06/2016 16:48:25] - |D| - [1596932] - C:\ProgramData\DriversCloud.com [22/10/2016 16:50:03] - |D| - [7432] - C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 [06/02/2017 22:10:11] - |D| - [102781589] - C:\ProgramData\eLicenser [06/06/2016 23:04:38] - |D| - [13427411] - C:\ProgramData\EPSON [31/05/2016 10:39:59] - |SHD| - [0] - C:\ProgramData\Favoris [14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Favorites [03/09/2019 18:17:06] - |D| - [392088] - C:\ProgramData\IndexEducation [03/06/2016 10:30:35] - |D| - [11067546] - C:\ProgramData\Intel [03/11/2016 16:45:29] - |D| - [520] - C:\ProgramData\IsolatedStorage [30/11/2018 18:16:20] - |D| - [9692710] - C:\ProgramData\McAfee [31/05/2016 10:39:59] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [14/07/2009 05:20:08] - |SD| - [6769852110] - C:\ProgramData\Microsoft [05/05/2018 23:08:57] - |A| - [16] - C:\ProgramData\mntemp [31/05/2016 10:39:59] - |SHD| - [0] - C:\ProgramData\Modèles [05/05/2018 23:09:25] - |D| - [5734] - C:\ProgramData\Movavi [05/05/2018 23:08:57] - |D| - [64] - C:\ProgramData\Movavi Video Converter 18 [02/09/2020 21:23:13] - |D| - [24] - C:\ProgramData\Mozilla [03/06/2016 10:42:57] - |D| - [120489] - C:\ProgramData\NortonInstaller [01/06/2016 10:33:19] - |RASH| - [2128] - C:\ProgramData\ntuser.pol [07/06/2016 10:28:47] - |D| - [12164] - C:\ProgramData\OSKAB [02/06/2016 17:12:10] - |D| - [47380940] - C:\ProgramData\Package Cache [31/05/2016 11:41:15] - |D| - [1715] - C:\ProgramData\regid.1986-12.com.adobe [04/05/2018 20:21:34] - |D| - [1016] - C:\ProgramData\regid.1995-08.com.techsmith [03/03/2019 11:26:22] - |D| - [645] - C:\ProgramData\Sony Corporation [14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Start Menu [06/02/2017 18:53:32] - |D| - [1629] - C:\ProgramData\Steinberg [06/02/2017 22:11:19] - |D| - [2276] - C:\ProgramData\Syncrosoft [04/05/2018 18:18:59] - |D| - [599559885] - C:\ProgramData\TechSmith [14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Templates [01/06/2016 10:34:48] - |D| - [29431478] - C:\ProgramData\Tencent [26/09/2019 11:56:10] - |D| - [7163] - C:\ProgramData\TP-Link [01/06/2016 10:38:02] - |D| - [6734] - C:\ProgramData\TXQMPC [03/03/2019 11:26:35] - |D| - [4680] - C:\ProgramData\UDL [31/05/2016 12:04:32] - |D| - [0] - C:\ProgramData\UniqueId [05/05/2018 23:08:57] - |A| - [5037] - C:\ProgramData\vfiakfjk.zeu [01/06/2016 10:33:22] - |D| - [265] - C:\ProgramData\VideoFetcher [31/05/2016 12:06:23] - |D| - [72] - C:\ProgramData\WinZip ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 07:01:14] - |A| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk [14/07/2009 06:49:40] - |SH| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [28/10/2017 11:00:44] - |D| - [780] - C:\ProgramData\Microsoft\Windows\Start Menu\Free Devis Factures 2 [31/05/2016 10:39:59] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [14/07/2009 05:20:08] - |RD| - [239429] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 06:49:40] - |A| - [1266] - C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 05:20:08] - |RD| - [43301] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [27/05/2020 11:10:45] - |A| - [2019] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [01/06/2016 09:24:50] - |A| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [14/07/2009 07:32:38] - |RD| - [21157] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [18/09/2018 10:30:11] - |A| - [1073] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2018.lnk [21/09/2018 11:17:31] - |A| - [1293] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk [25/03/2020 11:50:04] - |D| - [1071] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 [01/06/2016 09:38:15] - |A| - [2519] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [12/04/2018 03:24:30] - |A| - [2387] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk [31/03/2019 18:00:45] - |D| - [2021] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software [30/10/2019 14:59:00] - |D| - [922] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [01/06/2016 09:29:23] - |D| - [6593] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP [14/07/2009 06:54:23] - |SH| - [964] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [02/06/2016 16:48:26] - |D| - [3623] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com [09/10/2017 14:23:46] - |D| - [4012] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser [22/09/2016 16:24:16] - |D| - [7716] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [03/03/2019 11:05:08] - |D| - [8880] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software [03/11/2016 17:22:57] - |D| - [2410] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ePUBee [02/09/2020 21:23:18] - |A| - [936] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk [14/07/2009 07:32:38] - |RD| - [6112] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [01/06/2016 09:33:37] - |D| - [2077] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GigaTribe [01/06/2016 10:33:44] - |RS| - [1200] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G?ogl? Chrome.lnk [31/07/2018 19:42:36] - |D| - [22916] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud [12/10/2017 16:18:28] - |D| - [6039] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line [03/06/2016 10:32:05] - |RD| - [2398] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [07/07/2020 13:54:34] - |D| - [3988] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [01/06/2016 09:45:53] - |SD| - [9652] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1 [14/07/2009 05:20:08] - |RD| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [31/05/2016 10:29:52] - |A| - [1345] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [30/11/2018 18:16:20] - |D| - [7569] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack [10/12/2016 19:37:50] - |D| - [2265] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [19/05/2017 17:56:01] - |D| - [4304] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\monAlbumPhoto [26/07/2017 20:22:22] - |A| - [1260] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk [07/05/2017 18:23:35] - |D| - [6698] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [03/06/2016 14:40:37] - |D| - [1120] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek [14/07/2009 06:57:08] - |A| - [1330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk [10/12/2016 19:36:31] - |D| - [6550] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear Browser Enhancer [17/02/2018 23:48:50] - |D| - [2971] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony [14/07/2009 05:20:08] - |RD| - [2056] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [09/10/2017 14:39:42] - |D| - [1971] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg [04/05/2018 20:21:36] - |D| - [5150] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith [01/06/2016 10:08:40] - |D| - [6774] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [31/05/2016 10:29:43] - |A| - [1326] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [14/07/2009 06:54:59] - |A| - [1210] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk [14/07/2009 06:57:06] - |A| - [1547] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [21/06/2016 10:37:07] - |A| - [2507] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk [01/06/2016 09:59:22] - |D| - [4157] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [14/07/2009 06:57:08] - |A| - [1246] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk [01/06/2016 10:33:43] - |RS| - [1983] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\?vast S?feZ?n? ?rows?r.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [30/11/2018 18:17:24] - |A| - [1882] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [14/07/2009 06:54:23] - |SH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [04/04/2018 17:49:10] - |D| - [93193301] - C:\Program Files (x86)\4KDownload [01/06/2016 10:34:49] - |D| - [1391911] - C:\Program Files (x86)\5568F13A-1464770089-5709-D9A9-F0795994CDD3 [31/05/2016 12:10:22] - |D| - [536962818] - C:\Program Files (x86)\Adobe [25/03/2020 11:49:43] - |D| - [221025433] - C:\Program Files (x86)\Adobe Photoshop CS6 [07/07/2020 13:44:52] - |D| - [4060878] - C:\Program Files (x86)\Apple Software Update [12/10/2017 16:19:19] - |D| - [561489] - C:\Program Files (x86)\ASIO4ALL v2 [03/06/2016 10:40:16] - |D| - [21380929] - C:\Program Files (x86)\ASUS [12/04/2018 03:23:00] - |D| - [424394550] - C:\Program Files (x86)\AVAST Software [04/04/2018 17:35:49] - |D| - [0] - C:\Program Files (x86)\AVS4YOU [01/06/2016 09:37:11] - |D| - [631636] - C:\Program Files (x86)\Bonjour [01/06/2016 09:29:22] - |D| - [17669774] - C:\Program Files (x86)\CDBurnerXP [15/02/2017 09:46:53] - |D| - [0] - C:\Program Files (x86)\Ciel [01/06/2016 10:37:02] - |D| - [33449536] - C:\Program Files (x86)\CleanBrowser [14/07/2009 05:20:08] - |D| - [488318380] - C:\Program Files (x86)\Common Files [14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [09/10/2017 14:23:29] - |D| - [23454489] - C:\Program Files (x86)\eLicenser [22/09/2016 16:24:09] - |D| - [17604716] - C:\Program Files (x86)\epson [22/09/2016 15:07:47] - |D| - [195994976] - C:\Program Files (x86)\EPSON Software [03/11/2016 17:22:55] - |D| - [35966917] - C:\Program Files (x86)\ePUBee [04/05/2018 17:38:05] - |D| - [20641460] - C:\Program Files (x86)\FreeCodecPack [01/06/2016 09:33:35] - |D| - [45393413] - C:\Program Files (x86)\GigaTribe [31/05/2016 11:19:00] - |D| - [0] - C:\Program Files (x86)\Google [12/10/2017 16:15:16] - |D| - [2063443515] - C:\Program Files (x86)\Image-Line [03/09/2019 18:17:44] - |D| - [3241064] - C:\Program Files (x86)\Index Education [31/05/2016 10:47:00] - |HD| - [36975136] - C:\Program Files (x86)\InstallShield Installation Information [02/06/2016 16:54:25] - |D| - [25241288] - C:\Program Files (x86)\Intel [14/07/2009 05:20:08] - |D| - [10540649] - C:\Program Files (x86)\Internet Explorer [01/06/2016 09:45:27] - |D| - [450473898] - C:\Program Files (x86)\LibreOffice 5 [27/06/2020 03:19:27] - |D| - [0] - C:\Program Files (x86)\Microsoft [10/12/2016 19:37:38] - |D| - [42864998] - C:\Program Files (x86)\Microsoft Silverlight [02/06/2016 18:38:02] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [19/05/2017 17:55:57] - |D| - [83270776] - C:\Program Files (x86)\monAlbumPhoto [21/06/2016 10:37:06] - |D| - [9336778] - C:\Program Files (x86)\Movie Maker 2.6 [02/09/2020 21:23:14] - |D| - [338405] - C:\Program Files (x86)\Mozilla Maintenance Service [01/06/2016 10:38:37] - |D| - [0] - C:\Program Files (x86)\MPC Cleaner [16/06/2016 18:21:10] - |D| - [78848] - C:\Program Files (x86)\mpck [14/07/2009 07:32:38] - |D| - [25757] - C:\Program Files (x86)\MSBuild [16/02/2017 04:00:54] - |D| - [0] - C:\Program Files (x86)\MSXML 4.0 [07/05/2017 17:11:56] - |D| - [72094506] - C:\Program Files (x86)\QuickTime [31/05/2016 10:47:04] - |D| - [11430357] - C:\Program Files (x86)\REALTEK [14/07/2009 07:32:38] - |D| - [39212289] - C:\Program Files (x86)\Reference Assemblies [17/02/2018 23:25:40] - |D| - [266335226] - C:\Program Files (x86)\Sony [12/10/2017 17:03:57] - |D| - [156558643] - C:\Program Files (x86)\Sony Setup [09/10/2017 14:23:41] - |D| - [172127] - C:\Program Files (x86)\Syncrosoft [04/05/2018 20:21:24] - |D| - [174627571] - C:\Program Files (x86)\TechSmith [02/06/2016 16:58:47] - |HD| - [0] - C:\Program Files (x86)\Temp [01/06/2016 10:34:55] - |D| - [409536] - C:\Program Files (x86)\Tencent [26/09/2019 11:59:30] - |D| - [41234103] - C:\Program Files (x86)\TP-Link [14/07/2009 06:57:06] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [01/06/2016 10:08:17] - |D| - [130069824] - C:\Program Files (x86)\VideoLAN [22/11/2018 18:13:31] - |D| - [4775792] - C:\Program Files (x86)\Vstplugins [14/07/2009 07:32:38] - |D| - [575488] - C:\Program Files (x86)\Windows Defender [14/07/2009 05:20:08] - |D| - [6705152] - C:\Program Files (x86)\Windows Mail [14/07/2009 07:32:38] - |D| - [5114641] - C:\Program Files (x86)\Windows Media Player [14/07/2009 05:20:08] - |D| - [12257460] - C:\Program Files (x86)\Windows NT [14/07/2009 07:32:38] - |D| - [4457224] - C:\Program Files (x86)\Windows Photo Viewer [14/07/2009 07:32:38] - |D| - [189952] - C:\Program Files (x86)\Windows Portable Devices [14/07/2009 07:32:38] - |D| - [6924428] - C:\Program Files (x86)\Windows Sidebar ---------- | C:\Program Files [10/12/2016 19:35:50] - |D| - [5717235] - C:\Program Files\4444ff69647a938562eb171abcc8dac5 [18/09/2018 10:27:22] - |D| - [826284942] - C:\Program Files\Adobe [03/06/2016 09:55:21] - |D| - [2043735] - C:\Program Files\ASUS [31/05/2016 11:25:48] - |D| - [1224575371] - C:\Program Files\AVAST Software [01/06/2016 09:37:11] - |D| - [615046] - C:\Program Files\Bonjour [01/06/2016 09:16:32] - |D| - [61739736] - C:\Program Files\CCleaner [14/07/2009 05:20:08] - |D| - [397865604] - C:\Program Files\Common Files [14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files\desktop.ini [02/06/2016 16:48:26] - |D| - [10805724] - C:\Program Files\DriversCloud.com [14/07/2009 07:32:38] - |D| - [90327572] - C:\Program Files\DVD Maker [09/10/2017 14:23:32] - |D| - [7996368] - C:\Program Files\eLicenser [09/11/2017 15:03:09] - |D| - [6508457] - C:\Program Files\EpsonNet [31/05/2016 10:39:59] - |SHD| - [0] - C:\Program Files\Fichiers communs [12/10/2017 16:18:29] - |D| - [6320083] - C:\Program Files\Image-Line [02/06/2016 17:15:00] - |D| - [87757855] - C:\Program Files\Intel [14/07/2009 05:20:08] - |D| - [30626556] - C:\Program Files\Internet Explorer [07/07/2020 13:54:24] - |D| - [4249403] - C:\Program Files\iPod [07/07/2020 13:53:28] - |D| - [405847718] - C:\Program Files\iTunes [30/11/2018 18:16:28] - |D| - [60753182] - C:\Program Files\McAfee [14/07/2009 07:32:38] - |D| - [149787186] - C:\Program Files\Microsoft Games [02/09/2020 21:23:07] - |D| - [215443053] - C:\Program Files\Mozilla Firefox [14/07/2009 07:32:38] - |D| - [25757] - C:\Program Files\MSBuild [26/07/2017 20:21:47] - |D| - [60664523] - C:\Program Files\paint.net [03/06/2016 15:47:24] - |D| - [48524416] - C:\Program Files\Realtek [14/07/2009 07:32:38] - |D| - [36875433] - C:\Program Files\Reference Assemblies [06/02/2017 22:11:20] - |D| - [501878279] - C:\Program Files\Steinberg [14/07/2009 07:09:26] - |HD| - [0] - C:\Program Files\Uninstall Information [14/07/2009 07:32:38] - |D| - [4136960] - C:\Program Files\Windows Defender [14/07/2009 05:20:08] - |D| - [7191552] - C:\Program Files\Windows Mail [14/07/2009 07:32:38] - |D| - [7821229] - C:\Program Files\Windows Media Player [14/07/2009 05:20:08] - |D| - [12687540] - C:\Program Files\Windows NT [14/07/2009 07:32:38] - |D| - [5555480] - C:\Program Files\Windows Photo Viewer [14/07/2009 07:32:38] - |D| - [244736] - C:\Program Files\Windows Portable Devices [14/07/2009 07:32:38] - |D| - [7975813] - C:\Program Files\Windows Sidebar [01/06/2016 09:59:11] - |D| - [7146655] - C:\Program Files\WinRAR ---------- | C:\Program Files (x86)\Common Files [31/05/2016 11:40:58] - |D| - [18960026] - C:\Program Files (x86)\Common Files\Adobe [22/10/2016 16:28:06] - |D| - [271557502] - C:\Program Files (x86)\Common Files\Apple [31/05/2016 11:28:01] - |D| - [0] - C:\Program Files (x86)\Common Files\AV [04/04/2018 17:37:01] - |D| - [0] - C:\Program Files (x86)\Common Files\AVSMedia [04/05/2018 17:38:04] - |D| - [40296] - C:\Program Files (x86)\Common Files\DVDVideoSoft [03/06/2016 09:58:53] - |D| - [106606061] - C:\Program Files (x86)\Common Files\Intel [03/06/2016 10:33:52] - |D| - [245954] - C:\Program Files (x86)\Common Files\Intel Corporation [21/12/2018 18:57:34] - |D| - [0] - C:\Program Files (x86)\Common Files\McAfee [14/07/2009 05:20:08] - |D| - [17582785] - C:\Program Files (x86)\Common Files\microsoft shared [03/06/2016 10:29:45] - |D| - [196972] - C:\Program Files (x86)\Common Files\postureAgent [12/10/2017 16:19:06] - |D| - [1435256] - C:\Program Files (x86)\Common Files\Propellerhead Software [14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [14/07/2009 05:20:08] - |D| - [41106343] - C:\Program Files (x86)\Common Files\SpeechEngines [09/10/2017 14:24:48] - |D| - [13360860] - C:\Program Files (x86)\Common Files\Steinberg [14/07/2009 05:20:08] - |D| - [10523123] - C:\Program Files (x86)\Common Files\System [04/05/2018 20:21:30] - |D| - [2625536] - C:\Program Files (x86)\Common Files\TechSmith Shared [01/06/2016 10:37:19] - |D| - [4074964] - C:\Program Files (x86)\Common Files\Tencent [06/02/2017 18:46:47] - |D| - [0] - C:\Program Files (x86)\Common Files\VST3 ---------- | C:\Program Files\Common files [18/09/2018 10:30:10] - |D| - [714893] - C:\Program Files\Common files\Adobe [22/10/2016 16:28:46] - |D| - [205068348] - C:\Program Files\Common files\Apple [31/05/2016 11:28:01] - |D| - [0] - C:\Program Files\Common files\AV [08/12/2017 13:05:43] - |D| - [1660520] - C:\Program Files\Common files\Avast Software [06/06/2016 23:11:07] - |D| - [152640] - C:\Program Files\Common files\EPSON [14/07/2009 05:20:08] - |D| - [49833409] - C:\Program Files\Common files\Microsoft Shared [09/10/2017 14:24:18] - |D| - [2193016] - C:\Program Files\Common files\Propellerhead Software [14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files\Common files\Services [14/07/2009 05:20:08] - |D| - [611328] - C:\Program Files\Common files\SpeechEngines [06/02/2017 22:11:58] - |D| - [117450136] - C:\Program Files\Common files\Steinberg [14/07/2009 05:20:08] - |D| - [12463603] - C:\Program Files\Common files\System [01/06/2016 10:38:12] - |D| - [457921] - C:\Program Files\Common files\Tencent [12/10/2017 16:19:06] - |D| - [7257088] - C:\Program Files\Common files\VST2 ---------- | Tasks [MD5.BB82F7568168B0596B430F95004544E0] - [14/03/2020 18:31:13] - |A| - [913] - C:\Windows\Tasks\EPSON XP-225 Series Update {02477507-3FA4-45DD-998B-D4B846DCC969}.job [MD5.5B21A527F798DB29A360359C8594A367] - [11/12/2018 10:16:13] - |A| - [913] - C:\Windows\Tasks\EPSON XP-225 Series Update {21B56D48-0957-4FCF-A937-95D7BE86C954}.job [MD5.BF4447D3F2A2C2571AE7F5C5553CCCAC] - [14/03/2020 18:34:30] - |A| - [913] - C:\Windows\Tasks\EPSON XP-225 Series Update {39EE5E50-1FB8-419A-B7CC-153A35699E9B}.job [MD5.641BD2545D7EF6C2C4C83C22AFA7724B] - [22/09/2016 16:33:04] - |A| - [913] - C:\Windows\Tasks\EPSON XP-225 Series Update {E05ECC79-D1F2-4356-85B2-5C11E3287484}.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [14/07/2009 07:08:49] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.97CB5793BD27BA281AE1717AEB3AE137] - [14/07/2009 07:08:49] - |A| - [32496] - C:\Windows\Tasks\SCHEDLGU.TXT [MD5.449E9CD55835CF4362113F01C408A24C] - [01/06/2016 09:25:29] - |A| - [4476] - C:\Windows\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.6E3248C6819BEFDDE8CAA997A0473F9E] - [31/05/2016 11:41:14] - |A| - [3498] - C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Aoss-PC-Aoss : C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [MD5.0E720FFB79C5C61980D68204E7C1F433] - [07/10/2019 16:42:23] - |A| - [3446] - C:\Windows\System32\Tasks\AdobeGCInvoker-1.0 : C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [MD5.00000000000000000000000000000000] - [07/07/2020 13:44:57] - |D| - [3382] - C:\Windows\System32\Tasks\Apple [MD5.00000000000000000000000000000000] - [03/06/2016 09:44:01] - |D| - [2964] - C:\Windows\System32\Tasks\ASUS [MD5.E1F2CCA9A52B034AA0620355751AC149] - [18/03/2017 03:43:54] - |A| - [4168] - C:\Windows\System32\Tasks\Avast Emergency Update : C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [MD5.EEDB826FFF5F48D4097724148F99DD8E] - [12/04/2019 20:20:43] - |A| - [3732] - C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) : C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [MD5.B46A1B756E7F0779875CA499EFBD1234] - [12/04/2019 20:20:44] - |A| - [3150] - C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) : C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [MD5.00000000000000000000000000000000] - [31/05/2016 11:28:01] - |D| - [7864] - C:\Windows\System32\Tasks\AVAST Software [MD5.0DD3BEB9FEBA3C4E99179D3ED9A983C8] - [12/04/2018 03:23:08] - |A| - [3416] - C:\Windows\System32\Tasks\AvastUpdateTaskMachineCore : C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [MD5.08920CFD4A45409E9E9D63976C021AD3] - [12/04/2018 03:23:37] - |A| - [3544] - C:\Windows\System32\Tasks\AvastUpdateTaskMachineUA : C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [MD5.F28F6983C4E4D708B1D90494FF5914C5] - [29/03/2018 13:02:48] - |A| - [3870] - C:\Windows\System32\Tasks\CCleaner Update : C:\Program Files\CCleaner\CCUpdate.exe [MD5.84004DB0338CAF4CFFB32E0BE358C588] - [31/05/2016 11:08:44] - |A| - [2786] - C:\Windows\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.7774CB6BEC1C5A72CA357720DDEFF90A] - [14/03/2020 18:31:14] - |A| - [3980] - C:\Windows\System32\Tasks\EPSON XP-225 Series Update {02477507-3FA4-45DD-998B-D4B846DCC969} : C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNFE.EXE [MD5.6B3CCE821E63FD7D4B41C8D1B28FA3BC] - [11/12/2018 10:16:14] - |A| - [3980] - C:\Windows\System32\Tasks\EPSON XP-225 Series Update {21B56D48-0957-4FCF-A937-95D7BE86C954} : C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNFE.EXE [MD5.66326AB9BFB191055748D27EB7CDE4E5] - [14/03/2020 18:34:30] - |A| - [3980] - C:\Windows\System32\Tasks\EPSON XP-225 Series Update {39EE5E50-1FB8-419A-B7CC-153A35699E9B} : C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNFE.EXE [MD5.B2C2F2FE1D49BADA62D86A232B4DE15A] - [22/09/2016 16:33:04] - |A| - [3980] - C:\Windows\System32\Tasks\EPSON XP-225 Series Update {E05ECC79-D1F2-4356-85B2-5C11E3287484} : C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNFE.EXE [MD5.00000000000000000000000000000000] - [14/07/2009 05:20:13] - |D| - [281624] - C:\Windows\System32\Tasks\Microsoft [MD5.00000000000000000000000000000000] - [02/09/2020 21:23:19] - |D| - [3470] - C:\Windows\System32\Tasks\Mozilla [MD5.E407D951A8AD075729325BAB10B2725A] - [01/06/2016 10:36:53] - |A| - [3736] - C:\Windows\System32\Tasks\Selection Tools Update : C:\Users\Aoss\AppData\Roaming\WTools\Selection Tools\Selection Tools Update.exe [MD5.00000000000000000000000000000000] - [14/07/2009 07:09:57] - |D| - [4474] - C:\Windows\System32\Tasks\WPD [MD5.C4D9EE7939C59D58A9B38EE731A3FFBC] - [31/05/2016 11:42:36] - |A| - [3078] - C:\Windows\System32\Tasks\{0B4AE017-FFD2-4CC5-86D9-BCC5AED7BBAC} : C:\Windows\system32\pcalua.exe [MD5.E288A5403E9688A73A488F9556AC605D] - [25/03/2020 11:29:52] - |A| - [3200] - C:\Windows\System32\Tasks\{3E471522-1FC0-4BB9-A7E9-FD31CA12AA2E} : C:\Windows\system32\pcalua.exe [MD5.37900AD68E3616E4BBF69B477B97EFF1] - [09/10/2017 14:39:13] - |A| - [3376] - C:\Windows\System32\Tasks\{9557689C-0638-470B-BA97-8628202F59B8} : C:\Windows\system32\pcalua.exe [MD5.194A27DD990454584A4DBCEA1DE5F66A] - [31/05/2016 10:46:26] - |A| - [3028] - C:\Windows\System32\Tasks\{C4B4E0CB-948F-4D7D-97C6-49120FA0D8DE} : C:\Windows\system32\pcalua.exe [MD5.A61383FC52D364D9F8428B5B2E8374EE] - [06/02/2017 22:21:43] - |A| - [3376] - C:\Windows\System32\Tasks\{F88984A5-7702-485D-A27D-15B1B0F87E95} : C:\Windows\system32\pcalua.exe [MD5.00000000000000000000000000000000] - [14/07/2009 05:20:14] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "Netlogon-NamedPipe-In"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "TCP Query User{AF41B937-C0AB-4039-A2DB-39D9550DAE5C}C:\program files (x86)\gigatribe\gigatribe.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\gigatribe\gigatribe.exe|Name=Gigatribe|Desc=Gigatribe|Defer=User| "UDP Query User{3A55A55A-DC87-4979-8127-D8526D589A6C}C:\program files (x86)\gigatribe\gigatribe.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\gigatribe\gigatribe.exe|Name=Gigatribe|Desc=Gigatribe|Defer=User| "{D65F55B2-017D-424C-A901-E838FF4EBE8E}"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\gigatribe\gigatribe.exe|Name=Gigatribe|Desc=Gigatribe| "{A87440EF-BD49-4864-A157-4F620B128FB8}"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\gigatribe\gigatribe.exe|Name=Gigatribe|Desc=Gigatribe| "{8CE12B9A-65C6-4BBC-BCDA-9E87F5031EB9}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{6AA3F94A-00CA-485E-B959-3DBF25034254}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{90BF517A-774C-47B9-ACB8-638E2F2F8E5A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{26E00F55-6C7C-48B2-9D57-B224DF989F05}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{1100EDC7-1659-4F4D-B814-A73A295ABC3A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe|Name=????????|Desc=C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe| "{9D56AA51-D9D2-4A45-B9AB-D2E96B3DC148}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe|Name=????????Crash??|Desc=C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe| "{67CFFDB9-3F32-4EC5-B279-B19807E7A894}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\MCDetection.exe|Name=mcdetection| "{374549AE-08EB-4CC5-A309-9A47E08A05B8}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\MCDetection.exe|Name=mcdetection| "{CA3D77F5-1053-474F-8F73-D7D774B6CCD9}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002| "{947152EA-B85C-49D4-A62F-632ABA082B30}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8317|Name=TechSmith Camtasia Studio| "{37BF6099-857E-41E8-B5C1-C5316835D24C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe|Name=Apple Push Service|Edge=TRUE| "{8342EB61-C88D-4D2A-A7C7-D3281C9FB2F5}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\CCleaner\CCUpdate.exe|Name=CCleaner Update| "{FE97B781-963F-49BC-8E71-2C3989962860}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\CCleaner\CCUpdate.exe|Name=CCleaner Update| "TCP Query User{546E22C7-0943-45EC-B677-E981F43C001D}C:\users\aoss\appdata\local\jdownloader v2.0\jdownloader2.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\aoss\appdata\local\jdownloader v2.0\jdownloader2.exe|Name=JDownloader 2 Launcher|Desc=JDownloader 2 Launcher|Defer=User| "UDP Query User{6A75C01E-43B8-44F5-AC75-6E8BD151FF8D}C:\users\aoss\appdata\local\jdownloader v2.0\jdownloader2.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\aoss\appdata\local\jdownloader v2.0\jdownloader2.exe|Name=JDownloader 2 Launcher|Desc=JDownloader 2 Launcher|Defer=User| "{EE868473-3753-4986-8701-EA4BB851CF7F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|Profile=Public|LPort=2968|App=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe|Name=EEventManager Application|EmbedCtxt=EEventManager.exe - Push Scan Discovery|Edge=TRUE|Defer=App| "{D9FD0A91-5736-4B0D-A31E-A988BEDD94E2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=2968|App=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe|Name=EEventManager Application|EmbedCtxt=EEventManager.exe - Push Scan Discovery|Edge=TRUE|Defer=App| "{AD7ACC4D-F06D-4C5D-974E-1899DDFEEAB8}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe|Name=TP-LINK DHCP| "{2DA57974-E0C2-400D-B50F-07986B9C085D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe|Name=TP-LINK DHCP| "{7AAB07F2-FE8E-4EC2-9FC1-A4B8EF5F340C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=67|App=C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe|Name=TP-LINK DHCP Port| "{74CD7318-A6EC-4825-98AD-953888B2D386}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=68|App=C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe|Name=TP-LINK DHCP Port2| "{F3FFBC25-F269-40E1-9006-11895C5A6A91}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=53|App=C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe|Name=TP-LINK DNS Port| "{6C16E55B-209C-42E4-B594-48F673D6E556}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=53|App=C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe|Name=TP-LINK DNS Port2| "TCP Query User{3D3F549D-0BF2-4733-A817-0DD2AB5EE42D}C:\users\aoss\appdata\local\jdownloader v2.0\jdownloader2.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\aoss\appdata\local\jdownloader v2.0\jdownloader2.exe|Name=JDownloader 2 Launcher|Desc=JDownloader 2 Launcher| "UDP Query User{FB8719CA-583C-4E6E-AF4C-548F554DD427}C:\users\aoss\appdata\local\jdownloader v2.0\jdownloader2.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\aoss\appdata\local\jdownloader v2.0\jdownloader2.exe|Name=JDownloader 2 Launcher|Desc=JDownloader 2 Launcher| "{54977998-BCC4-46CD-9FA9-154C900852E4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe|Name=Avast Secure Browser (mDNS-In)|Desc=Règle de trafic entrant pour Avast Secure Browser autorisant le trafic mDNS|EmbedCtxt=Avast Secure Browser| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{03F52937-1FD6-44FB-82C6-FE988F1B1D61}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (igfx) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{04A83FC2-2AE2-4C88-B45F-E9707B377636}] : (aswHwid) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{24A0C840-2C3D-4410-8236-8B40816C7B90}] : (aswVmm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}] : (IPMIDRV) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] : (Display) [] -> @DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) [] -> @mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}] : (Monitor) [] -> @Montr_CI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}] : (MTD) [] -> @SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}] : (Net) [] -> @NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}] : (NetClient) [] -> @NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}] : (NetService) [] -> @NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}] : (NetTrans) [] -> @NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) [] -> @StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175D334-C371-4806-B3BA-71FD53C9258D}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{522119B9-1B9A-498A-AC52-148B533EFD50}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53D29EF7-377C-4D14-864B-EB3A85769359}] : (BiometricDevice) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{59F44B03-CCD2-460B-ACD8-53CBF375D174}] : (GEARAspiWDM) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6880337A-1EB4-4EF2-9659-0FD2EC60CB1B}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) [] -> @NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (igfx) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) [] -> @%SystemRoot%\system32\batt.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) [] -> @hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{78A1C341-4539-11D3-B88D-00C04FAD5171}] : (mfesapsn) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87C077B2-3D3B-4156-938A-EA51B451D6C6}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8AE85550-832C-4A9B-81BB-2A49DBEE72B4}] : (aswRvrt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990A2BD7-E738-46C7-B26F-1CF8FB9F1391}] : (SmartCard) [] -> @sccls.dll,-300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}] : (SideShow) [] -> @%systemroot%\system32\AuxiliaryDisplayClassInstaller.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}] : (Transfer Cable) [] -> @%SystemRoot%\System32\migwiz\migres.dll,-20 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C30ECEA0-11EF-4EF9-B02E-6AF81E6E65C0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;Fournisseur d’impression WSD [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C4A06E97-ED42-47B9-83E1-F12299B286A5}] : (aswRdr) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}] : (XnaComposite) [] -> @%SystemRoot%\system32\XInput9_1_0.dll,-1000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{DB4F6DDD-9C0E-45E4-9597-78DBBAD0F412}] : (SmartCardFilter) [] -> @sccls.dll,-301 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}] : (WPD) [] -> @wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{FB58BE68-EA9E-4803-847F-2CE814E7B159}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [19/01/2017 15:04:08] - (11.12.10.161) - (HAJDRU -) - C:\Windows\system32\drivers\563aa4259f747945df54aa4331bf67c1.sys [07/02/2018 21:37:46] - (0.0.0.0) - ( -) - C:\Windows\SysWow64\drivers\AsIO.sys [11/12/2019 16:54:03] - (5.1.2.254) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\Windows\System32\ATMFD.DLL ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service R0 - [Kernel Driver] - ACPI (Pilote ACPI Microsoft) -> system32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - amdxata () -> system32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - aswArDisk (aswArDisk) -> system32\drivers\aswArDisk.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - aswbidsh (aswbidsh) -> system32\drivers\aswbidsh.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - aswbuniv (aswbuniv) -> system32\drivers\aswbuniv.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - aswRvrt (aswRvrt) -> system32\drivers\aswRvrt.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - aswVmm (aswVmm) -> system32\drivers\aswVmm.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - atapi (Canal IDE) -> system32\drivers\atapi.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Disk (Pilote de disque) -> system32\drivers\disk.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iaStorA () -> system32\DRIVERS\iaStorA.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iaStorF () -> system32\DRIVERS\iaStorF.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iusb3hcs (Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0) -> system32\DRIVERS\iusb3hcs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msahci () -> system32\drivers\msahci.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> system32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (Pilote de bus PCI) -> system32\drivers\pci.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - spldr (Security Processor Loader Driver) -> (?) - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - storflt (@%SystemRoot%\system32\vmstorfltres.dll,-1000) -> system32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (Pilote d’énumérateur de lecteur virtuel Microsoft) -> system32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgr (Pilote du Gestionnaire de volume) -> system32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (Volumes de stockage) -> system32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - 563aa4259f747945df54aa4331bf67c1 (563aa4259f747945df54aa4331bf67c1) -> system32\drivers\563aa4259f747945df54aa4331bf67c1.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswArPot (aswArPot) -> system32\drivers\aswArPot.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswbidsdriver (aswbidsdriver) -> system32\drivers\aswbidsdriver.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswKbd (aswKbd) -> system32\drivers\aswKbd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswNetHub (aswNetHub) -> system32\drivers\aswNetHub.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswRdr (aswRdr) -> system32\drivers\aswRdr2.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswSnx (aswSnx) -> system32\drivers\aswSnx.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswSP (aswSP) -> system32\drivers\aswSP.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - blbdrive () -> system32\DRIVERS\blbdrive.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (Pilote de CD-ROM) -> system32\DRIVERS\cdrom.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - CSC (@%systemroot%\system32\cscsvc.dll,-202) -> system32\drivers\csc.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (Pilote BIOS de gestion de systèmes Microsoft) -> \SystemRoot\system32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - TermDD (Pilote de périphérique terminal) -> \SystemRoot\system32\drivers\termdd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - VgaSave () -> \SystemRoot\System32\drivers\vga.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - VWiFiFlt (Virtual WiFi Filter Driver) -> system32\DRIVERS\vwififlt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - aswMonFlt (aswMonFlt) -> system32\drivers\aswMonFlt.sys - AcceptPause: False - AcceptStop: True S2 - [Kernel Driver] - aswStm (aswStm) -> system32\drivers\aswStm.sys - AcceptPause: False - AcceptStop: False R2 - [Kernel Driver] - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - RtNdPt60 (Realtek NDIS Protocol Driver) -> system32\DRIVERS\RtNdPt60.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) [MD5.798DE15F187C1F013095BBBEB6FB6197] - [07/02/2018 21:37:46] - (.-.) - [14.88 Ko] - (0.0.0.0) - C:\Windows\Syswow64\Drivers\AsIO.sys [MD5.19166026A93206F9C6A8CD3A1F010AE4] - [02/04/2009 14:30:14] - (.-.) - [10.05 Ko] - (0.0.0.0) - C:\Windows\Syswow64\Drivers\ASUSHWIO.SYS ---------- | Uninstall (Whitelist) [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\ba97f57673bfc0cb62e4ba0b61e52f93] : (.-.) -> [HKU\S-1-5-21-3730808171-3672966121-1635917966-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WindApp] : (WindApp.-.Store) -> "C:\Users\Aoss\AppData\Roaming\Store\WindApp\WindApp Uninstall.exe" /cpanel=1 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\4444ff69647a938562eb171abcc8dac5] : (Social2Search.-.Social2Search) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe" ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\EPSON XP-225 Series] : (EPSON XP-225 Series Printer Uninstall.-.SEIKO EPSON Corporation) -> C:\Windows\system32\spool\DRIVERS\x64\3\E_YINSNFE.EXE /R /APD /P:"EPSON XP-225 Series" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\jdownloader2] : (JDownloader 2.-.AppWork GmbH) -> "C:\Users\Aoss\AppData\Local\JDownloader v2.0\Uninstall JDownloader.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 80.0.1 (x64 fr)] : (Mozilla Firefox 80.0.1 (x64 fr).-.Mozilla) -> "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 5.70 (64-bit).-.win.rar GmbH) -> C:\Program Files\WinRAR\uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{02D89175-E08F-401B-BA30-8B7512B57724}] : (paint.net.-.dotPDN LLC) -> MsiExec.exe /X{02D89175-E08F-401B-BA30-8B7512B57724} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{16D5A798-10BE-4FF3-BB71-54C012CD0D7D}] : (Steinberg Generic Lower Latency ASIO Driver 64bit.-.Steinberg Media Technologies GmbH) -> MsiExec.exe /I{16D5A798-10BE-4FF3-BB71-54C012CD0D7D} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{409CB30E-E457-4008-9B1A-ED1B9EA21140}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> "C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe" -uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}] : (Bonjour.-.Apple Inc.) -> MsiExec.exe /X{56DDDFB8-7F79-4480-89D5-25E1F52AB28F} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{77EEC345-B758-45DF-94C2-25D91D520650}] : (DriversCloud.com (64 bits).-.Cybelsoft) -> MsiExec.exe /X{77EEC345-B758-45DF-94C2-25D91D520650} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{82FCC407-A0E5-4B80-9241-5ABA78B61090}] : (iCloud.-.Apple Inc.) -> MsiExec.exe /I{82FCC407-A0E5-4B80-9241-5ABA78B61090} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> MsiExec.exe /I{93F692D4-0C4D-4EED-9BFE-657C1D5959FE} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{96ED1D58-440C-4345-8FEE-C4781366C67F}] : (EpsonNet Print.-.SEIKO EPSON Corporation) -> MsiExec.exe /X{96ED1D58-440C-4345-8FEE-C4781366C67F} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9A431D9C-9FC9-454E-AC8D-15DBAA6ED0F7}] : (Intel(R) Chipset Device Software.-.Intel Corporation) -> MsiExec.exe /I{9A431D9C-9FC9-454E-AC8D-15DBAA6ED0F7} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}] : (Steinberg Groove Agent SE 64bit.-.Steinberg Media Technologies GmbH) -> MsiExec.exe /I{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B5E06417-A4AC-4225-B36E-7E34C91616E7}] : (Intel® Trusted Connect Service Client.-.Intel Corporation) -> MsiExec.exe /I{B5E06417-A4AC-4225-B36E-7E34C91616E7} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B99C316B-C135-43B5-8E77-2BC5E241F964}] : (Steinberg HALion Sonic SE 64bit.-.Steinberg Media Technologies GmbH) -> MsiExec.exe /I{B99C316B-C135-43B5-8E77-2BC5E241F964} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C788AE25-3D4E-4D18-811B-3219F778487E}] : (Apple Mobile Device Support.-.Apple Inc.) -> MsiExec.exe /I{C788AE25-3D4E-4D18-811B-3219F778487E} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D39B163A-9E12-442C-95E9-33FA5746AB21}] : (Apple Application Support (64 bits).-.Apple Inc.) -> MsiExec.exe /I{D39B163A-9E12-442C-95E9-33FA5746AB21} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E0FA80FD-82A7-4328-ABC3-0DA6A9FA1824}] : (Steinberg Cubase LE AI Elements 9.-.Steinberg Media Technologies GmbH) -> MsiExec.exe /I{E0FA80FD-82A7-4328-ABC3-0DA6A9FA1824} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F2C89901-5FD9-4888-96AB-CA8771B8C1BB}] : (iTunes.-.Apple Inc.) -> MsiExec.exe /I{F2C89901-5FD9-4888-96AB-CA8771B8C1BB} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Creative Cloud] : (Adobe Creative Cloud.-.Adobe Systems Incorporated) -> "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Digital Editions 4.5] : (Adobe Digital Editions 4.5.-.Adobe Systems Incorporated) -> "C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.5\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ASIO4ALL] : (ASIO4ALL.-.Michael Tippach) -> C:\Program Files (x86)\ASIO4ALL v2\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Avast Antivirus] : (Avast Antivirus Gratuit.-.Avast Software) -> C:\Program Files\AVAST Software\Avast\setup\Instup.exe /control_panel [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Avast Secure Browser] : (Avast Secure Browser.-.Auteurs de Avast Secure Browser) -> "C:\Program Files (x86)\AVAST Software\Browser\AvastBrowserUninstall.exe" /run_source=cp [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\CleanBrowser] : (CleanBrowser.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\eLicenser Control] : (eLicenser Control.-.Steinberg Media Technologies GmbH) -> C:\Program Files (x86)\eLicenser\Uninstaller\Uninstall eLicenser Control.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EPSON Scanner] : (EPSON Scan.-.Seiko Epson Corporation) -> C:\Program Files (x86)\epson\escndv\setup\setup.exe /r [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ePUBee DRM Removal] : (ePUBee DRM Removal.-.ePUBee Inc.) -> C:\Program Files (x86)\ePUBee\epubeedrmremoval\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FL Studio 20] : (FL Studio 20.-.Image-Line) -> C:\Program Files (x86)\Image-Line\FL Studio 20\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FL Studio ASIO] : (FL Studio ASIO.-.Image-Line) -> C:\Program Files (x86)\Image-Line\FL Studio ASIO\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FREE DEVIS FACTURES 2] : (Free Devis Factures 2.-.Free Devis Factures) -> "c:\Free Devis Factures 2\WDUNINST.EXE" /REG="FREE DEVIS FACTURES 2" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IL Download Manager] : (IL Download Manager.-.Image-Line) -> C:\Program Files (x86)\Image-Line\Downloader\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Media Player - Codec Pack] : (Media Player Codec Pack 4.5.1.-.Media Player Codec Pack) -> C:\Windows\SysWOW64\Codecs\Uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\monAlbumPhoto_is1] : (monAlbumPhoto.-.monAlbumPhoto) -> "C:\Program Files (x86)\monAlbumPhoto\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MyEpson Portal] : (MyEpson Portal.-.SEIKO EPSON Corporation) -> MsiExec.exe /I{3361D415-BA35-4143-B301-661991BA6219} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ShalSoft.GigaTribe_is1] : (GigaTribe 3.04.013.-.GigaTribe SAS) -> "C:\Program Files (x86)\GigaTribe\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\VLC media player] : (VLC media player.-.VideoLAN) -> C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\VOPackage] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{10B39DCD-0325-49FE-BFBC-8EC011CB7CA8}] : (ACID Pro 7.0.-.Sony) -> MsiExec.exe /X{10B39DCD-0325-49FE-BFBC-8EC011CB7CA8} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{11C4575B-4B32-44D2-A097-D59A00BA60DE}] : (Apple Application Support (32 bits).-.Apple Inc.) -> MsiExec.exe /I{11C4575B-4B32-44D2-A097-D59A00BA60DE} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{17CEAB50-0275-4D5E-9C11-CF2963C59FA1}] : (4K Video Downloader 4.4.-.Open Media LLC) -> MsiExec.exe /X{17CEAB50-0275-4D5E-9C11-CF2963C59FA1} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}] : (Intel(R) USB 3.0 eXtensible Host Controller Driver.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Uninstall\setup.exe -uninstall ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3361D415-BA35-4143-B301-661991BA6219}] : (MyEpson Portal.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /I{3361D415-BA35-4143-B301-661991BA6219} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}] : (McAfee WebAdvisor.-.McAfee, LLC) -> C:\Program Files\McAfee\WebAdvisor\Uninstaller.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{45F34E54-DAD9-405B-A4F6-B12B0A46B984}] : (Camtasia Studio 8.-.TechSmith Corporation) -> MsiExec.exe /I{45F34E54-DAD9-405B-A4F6-B12B0A46B984} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{48F22622-1CC2-4A83-9C1E-644DD96F832D}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{498D8130-B871-4D94-9ADC-C1F99E188F3A}] : (Mise à jour automatique.-.Index Education) -> MsiExec.exe /X{498D8130-B871-4D94-9ADC-C1F99E188F3A} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5a6a5d15-d5af-417c-b08f-f7e5eb1f98af}] : (Logiciel pour périphérique à chipset Intel®.-.Intel(R) Corporation) -> "C:\ProgramData\Package Cache\{5a6a5d15-d5af-417c-b08f-f7e5eb1f98af}\SetupChipset.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5F7475A1-6240-4753-BE3E-61499621EC42}] : (LibreOffice 5.1.3.2.-.The Document Foundation) -> MsiExec.exe /I{5F7475A1-6240-4753-BE3E-61499621EC42} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{685EFF87-B126-49E4-8213-70C56625C5B5}] : (TP-Link Wireless Adapter WPS Tool.-.TP-Link) -> "C:\Program Files (x86)\TP-Link\TP-Link TL-WN823N\uninstall.exe" -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6BF9F374-EC67-4808-A90C-F127DE6D989D}] : (Epson E-Web Print.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /X{6BF9F374-EC67-4808-A90C-F127DE6D989D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7BAEA0C2-F92E-49EF-A609-DCFBBBE7AFF0}] : (CDBurnerXP.-.Canneverbe Limited) -> MsiExec.exe /I{7BAEA0C2-F92E-49EF-A609-DCFBBBE7AFF0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}] : (Manuels EPSON.-.Seiko Epson Corporation) -> MsiExec.exe /I{84CECC1B-21EF-41B1-9A91-3E724E5D99D3} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] : (Realtek Ethernet Controller Driver.-.Realtek) -> C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}] : (Steinberg Upload Manager.-.Steinberg Media Technologies GmbH) -> MsiExec.exe /I{88BBBD8F-4C19-4809-B84B-7A8F8238B48D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9E3F2EC3-7E4F-4F20-A56F-7A24D6E3D39B}] : (Easy Photo Scan.-.Seiko Epson Corporation) -> MsiExec.exe /X{9E3F2EC3-7E4F-4F20-A56F-7A24D6E3D39B} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9F205E94-9E42-4486-A92A-DF3F6CB85444}] : (Epson Event Manager.-.Seiko Epson Corporation) -> MsiExec.exe /X{9F205E94-9E42-4486-A92A-DF3F6CB85444} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A3985C05-7386-411F-A4BF-32A73F37EB44}] : (Apple Software Update.-.Apple Inc.) -> MsiExec.exe /I{A3985C05-7386-411F-A4BF-32A73F37EB44} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A724DC44-6241-42D3-BA57-778B178ABC17}_is1] : (Adobe Photoshop CS6 version 13.0.1.-.Adobe Systems, Inc.) -> "C:\Program Files (x86)\Adobe Photoshop CS6\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] : (Avast Update Helper.-.AVAST Software) -> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-000182439564}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-000182439564} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}] : (Adobe Acrobat Reader DC - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AC0F074E4100} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BE686891-3C56-4714-AFEF-341A7867BA80}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}] : (ASUS Product Register Program.-.ASUSTek Computer Inc.) -> MsiExec.exe /I{C87D79F6-F813-4812-B7A9-CCCAAB8B1188} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CE194A8D-C8DF-47EB-AB04-5A54CDC1C5BD}] : (TP-Link TL-WN823N.-.TP-Link) -> "C:\Program Files (x86)\TP-Link\TP-Link TL-WN823N\uninstall.exe" -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}] : (Realtek Ethernet Diagnostic Utility.-.Realtek) -> "C:\Program Files (x86)\InstallShield Installation Information\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}\setup.exe" -runfromtemp -l0x040c -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F05A434E-D3CF-4B44-9D3E-779D42090781}] : (Epson Easy Photo Print 2.-.Seiko Epson Corporation) -> "C:\Program Files (x86)\InstallShield Installation Information\{F05A434E-D3CF-4B44-9D3E-779D42090781}\setup.exe" -runfromtemp -l0x040c UNINST -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}] : (Intel(R) Processor Graphics.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FD036A57-F81D-4865-AAF0-811558EA76AE}] : (Epson Software Updater.-.Seiko Epson Corporation) -> MsiExec.exe /X{FD036A57-F81D-4865-AAF0-811558EA76AE} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}] : (QuickTime 7.-.Apple Inc.) -> MsiExec.exe /I{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FFA5C174-DB3F-4AFE-B59D-C0FB1744CD76}] : (Epson Printer Connection Checker.-.Seiko Epson Corporation) -> MsiExec.exe /X{FFA5C174-DB3F-4AFE-B59D-C0FB1744CD76} ---------- | Ports ---------- | Installer [HKCR\Installer\Products\0318D894178B49D4A9CD1C9FE981F8A3] : INDEX EDUCATION - Mise à jour automatique -> C:\Windows\Installer\{498D8130-B871-4D94-9ADC-C1F99E188F3A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\10998C2F9DF5888469BAAC78178B1CBB] : iTunes -> C:\Windows\Installer\{F2C89901-5FD9-4888-96AB-CA8771B8C1BB}\Installer.ico [HKCR\Installer\Products\1A5747F504263574EBE316946912CE24] : LibreOffice 5.1.3.2 -> C:\Windows\Installer\{5F7475A1-6240-4753-BE3E-61499621EC42}\soffice.ico [HKCR\Installer\Products\2C0AEAB7E29FFE946A90CDBFBB7EFA0F] : CDBurnerXP -> C:\Windows\Installer\{7BAEA0C2-F92E-49EF-A609-DCFBBBE7AFF0}\cdbxpp.exe [HKCR\Installer\Products\3CE2F3E9F4E702F45AF6A7426D3E3DB9] : Easy Photo Scan -> C:\Windows\Installer\{9E3F2EC3-7E4F-4F20-A56F-7A24D6E3D39B}\icon.exe [HKCR\Installer\Products\45E43F549DADB5044A6F1BB2A0649B48] : Camtasia Studio 8 -> C:\Windows\Installer\{45F34E54-DAD9-405B-A4F6-B12B0A46B984}\CamStudio.ico [HKCR\Installer\Products\471C5AFFF3BDEFA45BD90CBF7144DC67] : Epson Printer Connection Checker -> C:\Windows\Installer\{FFA5C174-DB3F-4AFE-B59D-C0FB1744CD76}\icon.ico [HKCR\Installer\Products\473F9FB676CE80849AC01F72EDD689D9] : Epson E-Web Print -> C:\Windows\Installer\{6BF9F374-EC67-4808-A90C-F127DE6D989D}\icon.exe [HKCR\Installer\Products\49E502F924E968449AA2FDF3C68B4544] : Epson Event Manager -> C:\Windows\Installer\{9F205E94-9E42-4486-A92A-DF3F6CB85444}\icon.exe [HKCR\Installer\Products\4D296F39D4C0DEE4B9EF56C7D19595EF] : Intel(R) Rapid Storage Technology [HKCR\Installer\Products\50C5893A6837F1144AFB237AF373BE44] : Apple Software Update -> C:\Windows\Installer\{A3985C05-7386-411F-A4BF-32A73F37EB44}\Installer.ico [HKCR\Installer\Products\514D163353AB34143B10669119AB2691] : MyEpson Portal [HKCR\Installer\Products\52EA887CE4D381D418B123917F8784E7] : Apple Mobile Device Support -> C:\Windows\Installer\{C788AE25-3D4E-4D18-811B-3219F778487E}\Installer.ico [HKCR\Installer\Products\543CEE77857BFD54492C529DD1256005] : DriversCloud.com (64 bits) -> C:\Windows\Installer\{77EEC345-B758-45DF-94C2-25D91D520650}\maconfico [HKCR\Installer\Products\57198D20F80EB104AB03B857215B7742] : paint.net -> C:\Windows\Installer\{02D89175-E08F-401B-BA30-8B7512B57724}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\57DB95FFA664A5D4DA32AA8DC7F54DC4] : QuickTime 7 -> C:\Windows\Installer\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}\Installer.ico [HKCR\Installer\Products\68AB67CA408033019195001028345946] : Adobe Refresh Manager -> C:\Windows\Installer\{AC76BA86-0804-1033-1959-000182439564}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA76301B744CAF070E41400] : Adobe Acrobat Reader DC - Français -> C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico [HKCR\Installer\Products\6E8A266FCD4F2A1409E1C8110F44DBCE] : MSXML 4.0 SP2 (KB973688) [HKCR\Installer\Products\6F97D78C318F21847B9ACCACBAB81188] : ASUS Product Register Program -> C:\Windows\Installer\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\704CCF285E0A08B42914A5AB876B0109] : iCloud -> C:\Windows\Installer\{82FCC407-A0E5-4B80-9241-5ABA78B61090}\ARP.ico [HKCR\Installer\Products\71460E5BCA4A52243BE6E7439C61617E] : Intel® Trusted Connect Service Client [HKCR\Installer\Products\75A630DFD18F5684AA0F185185AE67EA] : Epson Software Updater -> C:\Windows\Installer\{FD036A57-F81D-4865-AAF0-811558EA76AE}\icon.ico [HKCR\Installer\Products\85D1DE69C0445434F8EE4C8731666CF7] : EpsonNet Print [HKCR\Installer\Products\897A5D61EB013FF4BB17450C21DCD0D7] : Steinberg Generic Lower Latency ASIO Driver 64bit -> C:\Windows\Installer\{16D5A798-10BE-4FF3-BB71-54C012CD0D7D}\Steinberg.ico [HKCR\Installer\Products\8BFDDD6597F70844985D521E5FA22BF8] : Bonjour -> C:\Windows\Installer\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}\Bonjour.ico [HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Avast Update Helper [HKCR\Installer\Products\A361B93D21E9C244599E33AF7564BA12] : Apple Application Support (64 bits) -> C:\Windows\Installer\{D39B163A-9E12-442C-95E9-33FA5746AB21}\WinInstall.ico [HKCR\Installer\Products\B1CCEC48FE121B14A919E327E4D5993D] : Manuels EPSON -> C:\Windows\Installer\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}\EPSMICO.ICO [HKCR\Installer\Products\B5754C1123B42D440A795DA900AB06ED] : Apple Application Support (32 bits) -> C:\Windows\Installer\{11C4575B-4B32-44D2-A097-D59A00BA60DE}\WinInstall.ico [HKCR\Installer\Products\C9D134A99CF9E454CAD851BDAAE60D7F] : Intel(R) Chipset Device Software [HKCR\Installer\Products\DCD93B015230EF94FBCBE80C11BCC78A] : ACID Pro 7.0 -> C:\Windows\Installer\{10B39DCD-0325-49FE-BFBC-8EC011CB7CA8}\acid70.ico [HKCR\Installer\Products\DDA39468D428E8B4DB27C8D5DC5CA217] : MSXML 4.0 SP2 (KB954430) [HKCR\Installer\Products\F45FAD3B52BD6854E91F692DB41B0488] : Windows Movie Maker 2.6 ---------- | ADS ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Task Scheduling Error: m->NextScheduledSPRetry 15647 ------------ Task Scheduling Error: m->NextScheduledEvent 15647 ------------ Task Scheduling Error: Continuously busy for more than a second ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Nom de l’application défaillante Creative Cloud.exe, version : 4.7.0.400, horodatage : 0x5b9a2eb5 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000 ID du processus défaillant : 0xa9c Heure de début de l’application défaillante : 0x01d683a97c45bd6b Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe Chemin d’accès du module défaillant: unknown ID de rapport : c6564150-ef9c-11ea-9af5-f0795994cdd3 ------------ Nom de l’application défaillante 64DriverLoad.exe, version : 1.1.2.4, horodatage : 0x5e9950f2 Nom du module défaillant : ntdll.dll, version : 6.1.7601.24545, horodatage : 0x5e0eb67f Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000032ad4 ID du processus défaillant : 0x21bc Heure de début de l’application défaillante : 0x01d6813e8928d8c3 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\EPSON\MyEpson Portal\64DriverLoad.exe Chemin d’accès du module défaillant: C:\Windows\SYSTEM32\ntdll.dll ID de rapport : d1573699-ed31-11ea-8c51-f0795994cdd3 ------------ Task Scheduling Error: m->NextScheduledSPRetry 2649459 ------------ Task Scheduling Error: m->NextScheduledEvent 2649459 ------------ Task Scheduling Error: Continuously busy for more than a second ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Nom de l’application défaillante Creative Cloud.exe, version : 4.7.0.400, horodatage : 0x5b9a2eb5 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000 ID du processus défaillant : 0xa1c Heure de début de l’application défaillante : 0x01d6810815bc8173 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe Chemin d’accès du module défaillant: unknown ID de rapport : 61cf55a4-ecfb-11ea-8c51-f0795994cdd3 ------------ Task Scheduling Error: m->NextScheduledSPRetry 15631 ------------ Task Scheduling Error: m->NextScheduledEvent 15631 ------------ Task Scheduling Error: Continuously busy for more than a second ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Nom de l’application défaillante Creative Cloud.exe, version : 4.7.0.400, horodatage : 0x5b9a2eb5 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000 ID du processus défaillant : 0x9bc Heure de début de l’application défaillante : 0x01d67d59afbd7e8c Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe Chemin d’accès du module défaillant: unknown ID de rapport : fa52267a-e94c-11ea-8c7c-f0795994cdd3 ------------ Nom de l’application défaillante 64DriverLoad.exe, version : 1.1.2.4, horodatage : 0x5e9950f2 Nom du module défaillant : E_YERSNFE.DLL, version : 1.2.2.13, horodatage : 0x59b7705e Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000b8d3c ID du processus défaillant : 0x2058 Heure de début de l’application défaillante : 0x01d67bd780c4016f Chemin d’accès de l’application défaillante : C:\Program Files (x86)\EPSON\MyEpson Portal\64DriverLoad.exe Chemin d’accès du module défaillant: C:\Windows\system32\spool\DRIVERS\x64\3\E_YERSNFE.DLL ID de rapport : c4c7f6ca-e7ca-11ea-ad74-f0795994cdd3 ------------ Task Scheduling Error: m->NextScheduledSPRetry 54246790 ------------ Task Scheduling Error: m->NextScheduledEvent 54246790 ------------ ----------( EOF)---------- - 5737 | 13:50:47