Computer might have a Malware?

**Malnutrition** · 05-13-2018, 11:48 PM

Security Check Scan.

[ul]
[li]Download Security Check to your desktop.[/li][li]Right click it run as administrator.[/li][li]When the program completes, the tool will automatically open a log file.[/li][li]Please post that log here in your next post.[/li][/ul]
Zemana Deep Scan

[ul]

[li]Right click on Zemana and run as admin.[/li][li]Click the Cog/Sproket Wheel, at the top right of Zemana[/li][li]Select Advanced - I have read the warning and wish to proceed.[/li][li]Place a tick next to Detect Suspicious (Root CA) Certificates.[/li][li]Then click the house icon in Zemana.[/li][li]Then hit your start button at the lower left hand corner of your desktop.[/li][li]Then left click on Computer.[/li][li]Drag Local Disk C: or whichever drive you decide to check first.[/li][li]Into the area of Zemana that reads Drag and drop files here to scan them.[/li][MEDIA=imgur]bOVO6lY[/MEDIA]
[li]Once the scan has completed click graph icon on the top right of the programs User interface.[/li][li]Double click to open the latest log-file.[/li][li]Copy it to your clipboard.[/li][li]Post the log here in your next reply.[/li][/ul]

**Malnutrition** · 05-13-2018, 11:53 PM

Also, I prefer using another tool other than FRST. After the Security check and Zemana scan, please run this tool for me. It gives me a deeper look into your machine than FRST does.

ZHP Diag Scan

Download ZHP Diag to your desktop.

Right Click Run as Admin.
Click the Options button.

Click on Check All
Then Click Validate
Then click close.

Forums - PC Help Forum

https://pchelpforum.net/attachments/upload_2017-4-26_17-16-39-png.2074/

PCHF Forums

2. Click the Scanner button.

Forums - PC Help Forum

https://pchelpforum.net/attachments/upload_2017-2-23_3-32-26-png.1647/

PCHF Forums

When complete please push the report button.
A notepad will open… copy and paste the report in your next reply.

**Malnutrition** · 05-13-2018, 11:59 PM

Also, to give us the FRST logs in English please do the following.

I’d like to have these logs in English please.
Right Click on FRST64 and rename the FRST file to FRST64english.exe
Please then re-run the scan and post the FRST and Addition.txt logs.
Make sure and still run the program as Administrator.

**Zukolol** · 05-14-2018, 07:39 AM

Thanks for the reply!

Alright, here are the logs:

Security Check Scan
SecurityCheck by glax24 & Severnyj v.1.4.0.53 [27.10.17]
WebSite: www.safezone.cc
DateLog: 14.05.2018 09:00:39
Path starting: C:\Users\GUI\AppData\Local\Temp\SecurityCheck\Secu rityCheck.exe
Log directory: C:\SecurityCheck
IsAdmin: True
User: GUI
VersionXML: 5.02is-12.05.2018

Windows 10(6.3.16299) (x64) Core Release: 1709 Lang: French(040C)
Installation date OS: 23.11.2017 20:29:07
LicenseStatus: Office 16, Office16O365ProPlusR_Subscription1 edition Timebased activation will expire :24985 minutes
LicenseStatus: Windows(R), Core edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: Microsoft Edge (C:\WINDOWS\system32\LaunchWinApp.exe)
SystemDrive: C: FS: [NTFS] Capacity: [931 Gb] Used: [486.9 Gb] Free: [444.1 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.431.16299.0
User Account Control enabled
The elevation prompt for administrators disabled
^It is recommended to enable (default): Win+R typing UserAccountControlSettings and Enter[1]
Windows Update (wuauserv) - The service is running
Centre de sécurité (wscsvc) - The service is running
Registre à distance (RemoteRegistry) - The service has stopped
Découverte SSDP (SSDPSRV) - The service is running
Services Bureau à distance (TermService) - The service has stopped
Gestion à distance de Windows (Gestion WSM) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
Avira Antivirus (enabled and up to date)
Windows Defender (disabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Pare-feu Windows Defender (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Avira Antivirus (enabled and up to date)
Windows Defender (disabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avira Antivirus v.15.0.36.169
--------------------------- [ OtherUtilities ] ----------------------------
WinRAR 5.50 (64-bit) v.5.50.0
VLC media player v.2.2.6 Warning! Download Update
--------------------------- [ AppleProduction ] ---------------------------
Bonjour v.3.1.0.1
iTunes v.12.7.0.166 Warning! Download Update
^Please use Apple Software Update tool.[2]
QuickTime 7 v.7.79.80.95 Warning! This software is no longer supported. Please uninstall it and use another software.
Service Bonjour (Bonjour Service) - The service has stopped
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.27.0.0.124 Warning! Download Update
Adobe Flash Player 29 NPAPI v.29.0.0.140 Warning! Download Update
Adobe Flash Player 29 PPAPI v.29.0.0.140 Warning! Download Update
Adobe Acrobat DC v.18.011.20038
------------------------------- [ Browser ] -------------------------------
Mozilla Firefox 59.0.3 (x64 en-US) v.59.0.3 Warning! Download Update
Google Chrome v.66.0.3359.139 Warning! Download Update
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.66.0.3359.139
------------------ [ AntivirusFirewallProcessServices ] -------------------
Avira Planificateur (AntiVirSchedulerService) - The service is running
C:\Program Files (x86)\Avira\Antivirus\sched.exe v.15.0.36.164
Avira Protection temps réel (AntiVirService) - The service is running
C:\Program Files (x86)\Avira\Antivirus\avguard.exe v.15.0.36.164
Avira Protection e-mail (AntiVirMailService) - The service has stopped
Avira Protection Web (AntiVirWebService) - The service has stopped
Avira Service Host (Avira.ServiceHost) - The service is running
C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe v.1.2.109.23832
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe v.1.2.109.23832
C:\Program Files (x86)\Avira\Antivirus\avshadow.exe v.15.0.36.169
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe v.15.0.36.164
C:\Program Files\Windows Defender\MSASCuiL.exe v.4.12.16299.15
Service antivirus Windows Defender (WinDefend) - The service has stopped
Service Inspection du réseau de l’antivirus Windows Defender (WdNisSvc) - The service has stopped
---------------------------- [ UnwantedApps ] -----------------------------
Free Window Registry Repair Warning! Suspected Adware! If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware and Malwarebytes AdwCleaner. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
----------------------------- [ End of Log ] ------------------------------

Zemana Deep Scan => C:
Zemana AntiMalware 2.74.2.150 (Installed)

Scan Result : Completed
Scan Date : 2018/5/14
Operating System : Windows 10 64-bit
Processor : 16X AMD Ryzen 7 1700X Eight-Core Processor
BIOS Mode : Legacy
CUID : 12E13B891A3D6C075F9C4D
Scan Type : Custom Scan
Duration : 5m 59s
Scanned Objects : 696250
Detected Objects : 0
Excluded Objects : 0
Read Level : Normal
Auto Upload : Enabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2
[HEADING=1]Detected Objects[/HEADING]
No threats detected

Zemana Deep Scan => D:
Zemana AntiMalware 2.74.2.150 (Installed)

Scan Result : Completed
Scan Date : 2018/5/14
Operating System : Windows 10 64-bit
Processor : 16X AMD Ryzen 7 1700X Eight-Core Processor
BIOS Mode : Legacy
CUID : 12E13B891A3D6C075F9C4D
Scan Type : Custom Scan
Duration : 2m 44s
Scanned Objects : 36179
Detected Objects : 0
Excluded Objects : 0
Read Level : Normal
Auto Upload : Enabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2
[HEADING=1]Detected Objects[/HEADING]
No threats detected

ZHP Diag Scan
Once again that one is in french.. I’ve tried changing it to english using the same trick as you just showed me for FRST but didn’t work. Also looked into options and googled it and found nothing. Hope that won’t prevent you from being able to understand the log
~ ZHPDiag v2018.5.14.107 Par Nicolas Coolman (2018/05/14) ~ Démarré par GUI (Administrator) (2018/05/14 09:06:05) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook: ZHP ~ Certificate ZHPDiag: Legal
~ Etat de la version: Version KO
~ Mode: Scanner ~ Rapport: C:\Users\GUI\Desktop\ZHPDiag.txt ~ Rapport: C:\Users\GUI\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ Démarrage du système: Normal (Normal boot) Windows 10 Home, 64-bit (Build 16299) =>.Microsoft Corporation

—\ NAVIGATEURS INTERNET (4) - 0s
~ GCIE: Google Chrome v66.0.3359.139 ~ MFIE: Mozilla Firefox 59.0.3 (x64 en-US) ~ MSIE: Microsoft Edge v40 ~ MSIE: Internet Explorer v11.431.16299.0
—\ INFORMATIONS SUR LES PRODUITS WINDOWS (8) - 0s
~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK ~ Windows(R) Operating System, OEM_DM channel Windows ID Activation : OK ~ Windows Partial Key : PR394 Windows License : OK ~ Windows Remaining Initializations Number : 1001 Windows Automatic Updates : OK
—\ LOGICIELS DE PROTECTION (2) - 1s
Avira Antivirus v15.0.36.169 (Protection)
Windows Defender W10 (Deactivate)

—\ LOGICIELS DE PROTECTION SUPERFLUS (1) - 1s
~ Zemana AntiMalware v2.74.0.150 (Superflu)
—\ SURVEILLANCE LOGICIEL (2) - 1s
~ Adobe Flash Player 29 NPAPI (Surveillance) ~ Adobe Flash Player 29 PPAPI (Surveillance)
—\ LOGICIELS D’OPTIMISATION (1) - 1s
~ CCleaner v5.42 (Optimisation)
—\ INFORMATIONS SUR LE SYSTÈME (6) - 0s
~ Operating System: AMD64 Family 23 Model 1 Stepping 1, AuthenticAMD ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 33504.66 MB (72% free) : OK =>.RAM Value System Restore: Activé (Enable) System drive C: has 454 GB (47%) free of 953 GB : OK =>.Disk Space
—\ MODE DE CONNEXION AU SYSTÈME (3) - 0s
~ Computer Name: DESKTOP-UL056C5 ~ User Name: GUI ~ Logged in as Administrator
—\ ÉNUMÉRATION DES UNITÉS DE STOCKAGE (2) - 0s
~ Drive C: has 454 GB free of 953 GB (System) ~ Drive D: has 350 GB free of 953 GB
—\ ÉTAT DU CENTRE DE SÉCURITÉ WINDOWS (7) - 0s
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\policies\system] EnableLUA: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Associations] Application: OK [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
—\ RECHERCHE PARTICULIÈRE DE FICHIERS GÉNÉRIQUES (25) - 1s
[MD5.28A9316147DF6223D0AB7774706B55EC] - 15/04/2018 - (.Microsoft Corporation - Explorateur Windows.) – C:\WINDOWS\Explorer.exe [3904296] =>.Microsoft Windows® [MD5.731A783A36A8E69A6434D19D98B12A09] - 29/09/2017 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) – C:\WINDOWS\System32\rundll32.exe [71168] =>.Microsoft Corporation [MD5.BF3E1D9B2360C6BE4CC3094CD2DDC617] - 29/09/2017 - (.Microsoft Corporation - Application de démarrage de Windows.) – C:\WINDOWS\System32\Wininit.exe [359584] =>.Microsoft Corporation [MD5.81181CC5523E9501B8797333BB32FD84] - 03/05/2018 - (.Microsoft Corporation - Extensions Internet pour Win32.) – C:\WINDOWS\System32\wininet.dll [3334144] =>.Microsoft Corporation [MD5.C67E7F605A830AA96A204ECCDC678FBC] - 30/03/2018 - (.Microsoft Corporation - Application d’ouverture de session Windows.) – C:\WINDOWS\System32\Winlogon.exe [716288] =>.Microsoft Corporation [MD5.4D487E7D2B047FB929BE00117C09F9EC] - 29/09/2017 - (.Microsoft Corporation - Bibliothèque de licences.) – C:\WINDOWS\System32\sppcomapi.dll [414720] =>.Microsoft Corporation [MD5.51A5224C9B00B1F31C016B4B29F3DFB7] - 13/03/2018 - (.Microsoft Corporation - DNS DLL de l’API Client.) – C:\WINDOWS\System32\dnsapi.dll [739696] =>.Microsoft Windows® [MD5.CCF0DECFEB3D31F4CB733B39EFDFBAB3] - 13/03/2018 - (.Microsoft Corporation - DNS DLL de l’API Client.) – C:\WINDOWS\Syswow64\dnsapi.dll [597160] =>.Microsoft Windows® [MD5.3B34C7B9D7E22AEF58DF0CFC4C7CC82D] - 30/09/2017 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) – C:\WINDOWS\System32\fr-FR\user32.dll.mui [19968] =>.Microsoft Corporation [MD5.9619C0D7DB55CC3A636A24A7D82B0C8E] - 30/03/2018 - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) – C:\WINDOWS\System32\drivers\AFD.sys [614304] =>.Microsoft Corporation [MD5.6191B9B2EE0E8CB957C683B9B341CC86] - 29/09/2017 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\WINDOWS\System32\drivers\atapi.sys [28568] =>.Microsoft Corporation [MD5.9E82A95D77AC78C84BA75FF896B060BF] - 29/09/2017 - (.Microsoft Corporation - CD-ROM File System Driver.) – C:\WINDOWS\System32\drivers\Cdfs.sys [93184] =>.Microsoft Corporation [MD5.6D83565C1652E80447EDEA6947FA89D7] - 29/09/2017 - (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\WINDOWS\System32\drivers\Cdrom.sys [159744] =>.Microsoft Corporation [MD5.FAEC08F583CAD06D4F057DBB733A03A1] - 30/03/2018 - (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\WINDOWS\System32\drivers\DfsC.sys [151040] =>.Microsoft Corporation [MD5.99A34FD1F6431A10D8C3BB50E170D0F2] - 29/09/2017 - (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\WINDOWS\System32\drivers\HDAudBus.sys [86016] =>.Microsoft Corporation [MD5.56FF074E50F9042FD2856AB3418F4B18] - 29/09/2017 - (.Microsoft Corporation - Pilote de port i8042.) – C:\WINDOWS\System32\drivers\i8042prt.sys [105984] =>.Microsoft Corporation [MD5.7BEC2AF23F586EFF0DB4DBF4331B0C70] - 29/09/2017 - (.Microsoft Corporation - IP Network Address Translator.) – C:\WINDOWS\System32\drivers\IpNat.sys [214016] =>.Microsoft Corporation [MD5.71729B1EE949E1B092CB5CB75CC63715] - 10/02/2018 - (.Microsoft Corporation - Minirdr SMB Windows NT.) – C:\WINDOWS\System32\drivers\MRxSmb.sys [494488] =>.Microsoft Corporation [MD5.2A56FA2634A9650EF4ED5DFE976397BA] - 15/04/2018 - (.Microsoft Corporation - MBT Transport driver.) – C:\WINDOWS\System32\drivers\netBT.sys [316928] =>.Microsoft Corporation [MD5.BEE4FDB8DE2C90728D93393E4A3B88C2] - 03/05/2018 - (.Microsoft Corporation - Pilote du système de fichiers NT.) – C:\WINDOWS\System32\drivers\ntfs.sys [2395040] =>.Microsoft Corporation [MD5.2E07EC2C1622F5E7B535D62DCD61F3AB] - 29/09/2017 - (.Microsoft Corporation - Pilote de port parallèle.) – C:\WINDOWS\System32\drivers\Parport.sys [98816] =>.Microsoft Corporation [MD5.E0220BB6580D34001D4D1D133052DAA4] - 29/09/2017 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\WINDOWS\System32\drivers\Rasl2tp.sys [106496] =>.Microsoft Corporation [MD5.39886C19FB466BBF8AEC31E3E77C034C] - 30/03/2018 - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) – C:\WINDOWS\System32\drivers\rdpdr.sys [182784] =>.Microsoft Corporation [MD5.09125A12CAB5F8D5EAE9C83C25792FDD] - 30/03/2018 - (.Microsoft Corporation - TDI Translation Driver.) – C:\WINDOWS\System32\drivers\tdx.sys [121248] =>.Microsoft Corporation [MD5.5B27846CF4B1C21AFB3A35A8336BA02F] - 08/12/2017 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) – C:\WINDOWS\System32\drivers\volsnap.sys [401304] =>.Microsoft Corporation
—\ LISTE DES SERVICES (Non Microsoft et non désactivés) (17) - 1s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® O23 - Service: (AdobeUpdateService) . (.Adobe Systems Incorporated - Adobe Update Service.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe =>.Adobe Systems Incorporated® O23 - Service: Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated - Adobe Genuine Software Integrity Service.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated® O23 - Service: Avira Protection e-mail (AntiVirMailService) . (.Avira Operations GmbH & Co. KG - Antivirus MailScanner WFP Service.) - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe =>.Avira Operations GmbH & Co. KG® O23 - Service: Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\Antivirus\sched.exe =>.Avira Operations GmbH & Co. KG® O23 - Service: Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\Antivirus\avguard.exe =>.Avira Operations GmbH & Co. KG® O23 - Service: Avira Protection Web (AntiVirWebService) . (.Avira Operations GmbH & Co. KG - AntiVir WebGuard WFP Service.) - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe =>.Avira Operations GmbH & Co. KG® O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.® O23 - Service: Avira Service Host (Avira.ServiceHost) . (.Avira Operations GmbH & Co. KG - Avira Service Host.) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe =>.Avira Operations GmbH & Co. KG® O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.® O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d’installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation® O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe =>.NVIDIA Corporation® O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe =>.NVIDIA Corporation®
O23 - Service: (Parsec) . (.Parsec - Parsec.) - C:\Program Files\Parsec\pservice.exe {0F0CC3A57EF947E7D23CF075B8B4BA5D}
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) . (. - GameScannerService.) - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe =>.Razer USA Ltd.® O23 - Service: ZAM Controller Service (ZAMSvc) . (.Copyright 2017. - ZAM.) - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe =>.Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi®
—\ SERVICES NON MICROSOFT (SR=Démarré,SS=Stoppé) (27) - 2s
SR - Auto [09/02/2018] [ 83984] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® SS - Demand [11/04/2018] [ 272384] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe =>.Adobe Systems Incorporated® SR - Auto [24/04/2018] [ 818128] (AdobeUpdateService) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe =>.Adobe Systems Incorporated® SR - Auto [05/01/2018] [ 2319848] Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated® SS - Auto [09/05/2018] [ 879128] Avira Protection e-mail (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe =>.Avira Operations GmbH & Co. KG® SR - Auto [09/05/2018] [ 224472] Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\sched.exe =>.Avira Operations GmbH & Co. KG® SR - Auto [09/05/2018] [ 224472] Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avguard.exe =>.Avira Operations GmbH & Co. KG® SS - Auto [09/05/2018] [ 1165320] Avira Protection Web (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe =>.Avira Operations GmbH & Co. KG® SR - Auto [07/09/2017] [ 83768] Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.® SR - Auto [28/03/2018] [ 449240] Avira Service Host (Avira.ServiceHost) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe =>.Avira Operations GmbH & Co. KG® SS - Demand [25/04/2018] [ 5745672] BattlEye Service (BEService) . (…) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe =>.BattlEye Innovations e.K.® SS - Auto [12/08/2015] [ 462096] Service Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.® SS - Demand [18/01/2017] [ 1446592] Disc Soft Pro Bus Service (Disc Soft Pro Bus Service) . (.Disc Soft Ltd.) - C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe =>.Disc Soft Ltd® SS - Demand [16/03/2018] [ 774784] EasyAntiCheat (EasyAntiCheat) . (.EasyAntiCheat Ltd.) - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe =>.EasyAntiCheat Oy® SS - Demand [17/09/2017] [ 1591264] FlexNet Licensing Service 64 (FlexNet Licensing Service 64) . (.Flexera Software LLC.) - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe =>.Flexera Software LLC® SS - Auto [17/09/2017] [ 153168] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [17/09/2017] [ 153168] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [11/09/2017] [ 673080] Service de l’iPod (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe =>.Apple Inc.® SS - Demand [02/05/2018] [ 194512] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation® SR - Auto [22/04/2018] [ 522688] NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation® SS - Demand [22/04/2018] [ 522688] NVIDIA NetworkService Container (NvContainerNetworkService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation® SR - Auto [07/05/2018] [ 520672] NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe =>.NVIDIA Corporation® SR - Auto [22/04/2018] [ 468824] NVIDIA Telemetry Container (NvTelemetryContainer) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe =>.NVIDIA Corporation®
SR - Auto [20/03/2018] [ 190536] (Parsec) . (.Parsec.) - C:\Program Files\Parsec\pservice.exe {0F0CC3A57EF947E7D23CF075B8B4BA5D}
SR - Auto [20/07/2017] [ 189264] Razer Game Scanner (Razer Game Scanner Service) . (…) - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe =>.Razer USA Ltd.® SR - Demand [03/04/2018] [ 1671968] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve® SR - Auto [09/08/2017] [15775888] ZAM Controller Service (ZAMSvc) . (.Copyright 2017..) - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe =>.Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi®
—\ TÂCHES PLANIFIÉES EN AUTOMATIQUE (Registre) (24) - 2s
O38 - TASK: {0B4A43CD-0011-4F61-80AE-E78C0C3E6AAE} [64Bits][\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184] =>.NVIDIA Corporation O38 - TASK: {2404B119-119F-4CC3-B0C3-7E2B71AA15C0} [64Bits][\CCleaner Update] - (.Piriform Ltd - CCleaner emergency updater.) – C:\Program Files\CCleaner\CCUpdate.exe [520736] =>.Piriform Ltd O38 - TASK: {280208A6-7926-4047-8027-1532A24A5DEE} [64Bits][\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA nodejs launcher.) – C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832] =>.NVIDIA Corporation O38 - TASK: {3404E711-AEB1-432A-ACD0-1AC72FF9A5DF} [64Bits][\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA driver profile updater.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464] =>.NVIDIA Corporation O38 - TASK: {384E1A50-CFF3-40C4-AC91-6A30E76E4EE6} [64Bits][\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA driver profile updater.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464] =>.NVIDIA Corporation O38 - TASK: {4F2C2B85-3AA5-45D5-AF88-DB4945319725} [64Bits][\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA GeForce Experience.) – C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952] =>.NVIDIA Corporation O38 - TASK: {659F87B0-F484-4F88-9AD9-699181C559B0} [64Bits][\AdobeGCInvoker-1.0-DESKTOP-UL056C5-GUI] - (.Adobe Systems, Incorporated - Adobe GC Invoker Utility.) – C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880] =>.Adobe Systems, Incorporated O38 - TASK: {8C91392B-5160-4294-84EC-C345A61A2DA6} [64Bits][\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952] =>.NVIDIA Corporation O38 - TASK: {C3F6C890-EB5E-4677-8E86-5131A8328E91} [64Bits][\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688] =>.NVIDIA Corporation O38 - TASK: {D2324FB1-57B9-406C-B591-3A1C827BB96E} [64Bits][\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA telemetry monitor.) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912] =>.NVIDIA Corporation O38 - TASK: {DE09F323-BFEE-48D6-8C37-8ECAFEF93BD1} [64Bits][\Apple\AppleSoftwareUpdate] - (.Apple Inc. - Apple Software Update.) – C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320] =>.Apple Inc. O38 - TASK: {E8DB8F8A-AC29-4380-83FB-84E877734766} [64Bits][\Avira_Antivirus_Systray] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) – C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [670696] =>.Avira Operations GmbH & Co. KG C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe =>.NVIDIA Corporation C:\WINDOWS\System32\Tasks\CCleaner Update - (.Piriform Ltd.) – C:\Program Files\CCleaner\CCUpdate.exe =>.Piriform Ltd C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [–launcher=TaskScheduler] =>.NVIDIA Corporation C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_ {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe =>.NVIDIA Corporation C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B 2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe =>.NVIDIA Corporation C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe =>.NVIDIA Corporation C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-UL056C5-GUI - (.Adobe Systems, Incorporated.) – C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe =>.Adobe Systems, Incorporated C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLog on_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [-d ‘C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck’ -l 3 -f C:\ProgramData] =>.NVIDIA Corporation C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily _{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [-d ‘C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck’ -l 3 -f C:\ProgramData\NVIDIA\NvContain] =>.NVIDIA Corporation C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe =>.NVIDIA Corporation C:\WINDOWS\System32\Tasks\Apple\AppleSoftwareUpdat e - (.Apple Inc..) – C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [-task] =>.Apple Inc. C:\WINDOWS\System32\Tasks\Avira_Antivirus_Systray - (.Avira Operations GmbH & Co. KG.) – C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [/min] =>.Avira Operations GmbH & Co. KG
—\ APPLICATIONS LANCÉES AU DÉMARRAGE DU SYSTÈME (8) - 0s
O4 - HKLM..\Run: [SecurityHealth] . (.Microsoft Corporation - Windows Defender notification icon.) – C:\Program Files\Windows Defender\MSASCuiL.exe =>.Microsoft Windows® O4 - HKLM..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) – C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp.® O4 - HKLM..\Run: [ZAM] . (.Copyright 2017. - ZAM.) – C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe =>.Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi®
O4 - HKCU..\Run: [GNE_SwapScreen] . (.GNE - SwapScreen.) – C:\Users\GUI\Desktop\Tools\dual monitor\SwapScreen.exe
O4 - HKLM..\Wow6432Node\Run: [Avira SystrayStartTrigger] . (.Avira Operations GmbH & Co. KG - Avira.) – C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe =>.Avira Operations GmbH & Co. KG® O4 - HKUS\S-1-5-19..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) – C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows® O4 - HKUS\S-1-5-20..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) – C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows®
O4 - HKUS\S-1-5-21-4003686615-4269193129-2528438380-1001..\Run: [GNE_SwapScreen] . (.GNE - SwapScreen.) – C:\Users\GUI\Desktop\Tools\dual monitor\SwapScreen.exe

—\ PROCESSUS LANCÉS (64) - 6s
[MD5.2E2DF9FA4C7BB9C1734AE8B6F8DF697E] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe [520672] [PID.1692] =>.NVIDIA Corporation® [MD5.69B092194DFF29B7D93D7E63A01A25CA] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) – C:\Program Files (x86)\Avira\Antivirus\sched.exe [224472] [PID.2768] =>.Avira Operations GmbH & Co. KG® [MD5.CA805DA983594B01F3554464B2E5158F] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) – C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984] [PID.3088] =>.Adobe Systems, Incorporated® [MD5.69B092194DFF29B7D93D7E63A01A25CA] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) – C:\Program Files (x86)\Avira\Antivirus\avguard.exe [224472] [PID.3100] =>.Avira Operations GmbH & Co. KG® [MD5.8E1E3A26C0957DE1BF6221CB98C92342] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688] [PID.3108] =>.NVIDIA Corporation® [MD5.49D234989341C2D16419C1043A63CE68] - (.Apple Inc. - MobileDeviceService.) – C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768] [PID.3116] =>.Apple Inc.® [MD5.617A1293841681E3502B71E019F60634] - (.Adobe Systems Incorporated - Adobe Update Service.) – C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128] [PID.3140] =>.Adobe Systems Incorporated®
[MD5.9ACEE86F1373DA5AE1DC3394C2150A31] - (.Parsec - Parsec.) – C:\Program Files\Parsec\pservice.exe [190536] [PID.3180] {0F0CC3A57EF947E7D23CF075B8B4BA5D}
[MD5.58A5D48F16E89575C21C0B14A15D4383] - (.Adobe Systems, Incorporated - Adobe Genuine Software Integrity Service.) – C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848] [PID.3172] =>.Adobe Systems Incorporated® [MD5.948DB267C109B3BF6A430198EF6C8D80] - (. - GameScannerService.) – C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264] [PID.3220] =>.Razer USA Ltd.® [MD5.8271D1FFC09750577D7889BF1498DFFC] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [468824] [PID.3248] =>.NVIDIA Corporation® [MD5.E88B43F5DD1C4CD734FE2F68A9028852] - (.Avira Operations GmbH & Co. KG - Avira Service Host.) – C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [449240] [PID.3796] =>.Avira Operations GmbH & Co. KG® [MD5.DD1EB72E7ABE2BF476A5F1B0E62D20D1] - (.Avira Operations GmbH & Co. KG - AntiVir shadow copy service.) – C:\Program Files (x86)\Avira\Antivirus\avshadow.exe [795496] [PID.6044] =>.Avira Operations GmbH & Co. KG® [MD5.0545A3EB959CFA4790D267BFB8C1ACA4] - (.Google Inc. - Programme d’installation de Google.) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168] [PID.6264] =>.Google Inc® [MD5.2E2DF9FA4C7BB9C1734AE8B6F8DF697E] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe [520672] [PID.22276] =>.NVIDIA Corporation® [MD5.0387C55A801F1310B78467D91B62949E] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952] [PID.16744] =>.NVIDIA Corporation® [MD5.0387C55A801F1310B78467D91B62949E] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952] [PID.14312] =>.NVIDIA Corporation® [MD5.CB1468B0EF9920E79401899312458BE8] - (.Node.js - NVIDIA Web Helper Service.) – C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [15997376] [PID.23272] =>.NVIDIA Corporation® [MD5.CFCF8B3F452CDEE644481CA50DA9E561] - (.NVIDIA Corporation - NVIDIA ShadowPlay Helper.) – C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe [788928] [PID.18772] =>.NVIDIA Corporation® [MD5.FEBF9C46580A8F6DCF1ABCEB59E29DF7] - (.NVIDIA Corporation - NVIDIA Share.) – C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [2069952] [PID.18808] =>.NVIDIA Corporation® [MD5.FEBF9C46580A8F6DCF1ABCEB59E29DF7] - (.NVIDIA Corporation - NVIDIA Share.) – C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [2069952] [PID.13948] =>.NVIDIA Corporation® [MD5.FEBF9C46580A8F6DCF1ABCEB59E29DF7] - (.NVIDIA Corporation - NVIDIA Share.) – C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [2069952] [PID.5156] =>.NVIDIA Corporation® [MD5.6BEBBD3706182C8186796DFDC7F8E702] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) – C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936] [PID.10308] =>.Realtek Semiconductor Corp.®
[MD5.CC09723040A21B64510038ED40119F91] - (.GNE - SwapScreen.) – C:\Users\GUI\Desktop\Tools\dual monitor\SwapScreen.exe [166912] [PID.5696]
[MD5.389BA653DEEA997DAFBE579A83B65B24] - (.ShareX Team - ShareX.) – C:\Program Files\ShareX\ShareX.exe [1872896] [PID.21328] =>.ShareX Team [MD5.F832F617FFC51D55BEC8AF2A2754C34F] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) – C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [670696] [PID.10908] =>.Avira Operations GmbH & Co. KG® [MD5.D63D9BFD8947F60F7E9E74E8FEF40059] - (.Avira Operations GmbH & Co. KG - Avira.) – C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [300488] [PID.14252] =>.Avira Operations GmbH & Co. KG® [MD5.F3C8882DC5151B81CB444E7E93320A61] - (.IvoSoft - Classic Start Menu.) – C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640] [PID.23804] =>.Ivaylo Beltchev® [MD5.5A9482DC3A3F3DDB327BEAC42D1A79F2] - (.Valve Corporation - Steam Client Bootstrapper.) – C:\Program Files (x86)\Steam\Steam.exe [3199776] [PID.14976] =>.Valve® [MD5.D777FC49B6674A12EAE4FC5B286D2E4F] - (.Discord Inc. - Discord.) – C:\Users\GUI\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920] [PID.19504] =>.Discord Inc.® [MD5.FC094E99D00C6D7BCB35114F14DF4F37] - (.Valve Corporation - Steam Client WebHelper.) – C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe [3710752] [PID.15760] =>.Valve® [MD5.FC2739DA7506D75D9AF420B6F63C2D9C] - (.Valve Corporation - Steam Client Service.) – C:\Program Files (x86)\Common Files\Steam\SteamService.exe [1671968] [PID.14736] =>.Valve® [MD5.FC094E99D00C6D7BCB35114F14DF4F37] - (.Valve Corporation - Steam Client WebHelper.) – C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe [3710752] [PID.8652] =>.Valve® [MD5.D777FC49B6674A12EAE4FC5B286D2E4F] - (.Discord Inc. - Discord.) – C:\Users\GUI\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920] [PID.8304] =>.Discord Inc.® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.6928] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.844] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.23660] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.21412] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.13608] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.10664] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.21600] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.19828] =>.Google Inc® [MD5.D777FC49B6674A12EAE4FC5B286D2E4F] - (.Discord Inc. - Discord.) – C:\Users\GUI\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920] [PID.10632] =>.Discord Inc.® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.16988] =>.Google Inc® [MD5.FC094E99D00C6D7BCB35114F14DF4F37] - (.Valve Corporation - Steam Client WebHelper.) – C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe [3710752] [PID.7396] =>.Valve® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.23300] =>.Google Inc® [MD5.FC094E99D00C6D7BCB35114F14DF4F37] - (.Valve Corporation - Steam Client WebHelper.) – C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe [3710752] [PID.23292] =>.Valve® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.12424] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.19272] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.17172] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.5720] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.20516] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.20968] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.21780] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.24404] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.16528] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.16160] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.1324] =>.Google Inc® [MD5.1804821148AE7C305D0E5D3463BCBD67] - (.Don HO don.h@free.fr - Notepad++ : a free (GNU) source code editor.) – C:\Program Files (x86)\Notepad++\notepad++.exe [2468016] [PID.520] =>.Notepad++® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.11664] =>.Google Inc® [MD5.864FA7B8856FE853D381045771DB30E9] - (.Copyright 2017. - ZAM.) – C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888] [PID.21700] =>.Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi® [MD5.864FA7B8856FE853D381045771DB30E9] - (.Copyright 2017. - ZAM.) – C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888] [PID.7688] =>.Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.13824] =>.Google Inc® [MD5.6EA3E882449F0DCA78D84619557E9669] - (.Nicolas Coolman - ZHPDiag.) – C:\Users\GUI\Desktop\ARAWAK\ZHPDiag3.exe [3097984] [PID.18908] =>.Nicolas Coolman
—\ CHROME, Démarrage, Recherche, Extensions (16) - 0s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.google.fr =>.Google Inc. G2 - GCE: Preference [GUI][User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] =>.Google Inc. {Slides} G2 - GCE: Preference [GUI][User Data\Default] [aohghmighlieiainnegkcijnfilokake] =>.Google Inc. {Docs} G2 - GCE: Preference [GUI][User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] http://drive.google.com/ =>.Google Inc. {Drive} G2 - GCE: Preference [GUI][User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] http://www.youtube.com =>.Youtube {Youtube} G2 - GCE: Preference [GUI][User Data\Default] [cjpalhdlnbpafiamejdnhcphjbkeiagm] uBlock Origin =>.Raymond Hill G2 - GCE: Preference [GUI][User Data\Default] [efaidnbmnnnibpcajpcglclefindmkaj] =>.Adobe Inc. {Acrobat}
G2 - GCE: Preference [GUI][User Data\Default] [faapmfhhchgkfinplpkfemkfabngkioc] Poe.trade ignore list
G2 - GCE: Preference [GUI][User Data\Default] [fdpohaocaechififmbbbbbknoalclacl] Full Page Screen Capture =>.mrcoles.com G2 - GCE: Preference [GUI][User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] =>.Google Inc. {Sheets} G2 - GCE: Preference [GUI][User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}
G2 - GCE: Preference [GUI][User Data\Default] [jlpkojjdgbllmedoapgfodplfhcbnbpn]
G2 - GCE: Preference [GUI][User Data\Default] [nlipoenfbbikpbjkfpfillcgkoblgpmj] Pause/Resume recording =>.awesomescreenshot.com {Awesome Screenshot} G2 - GCE: Preference [GUI][User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet} G2 - GCE: Preference [GUI][User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] http://mail.google.com/ =>.Google Inc. {Gmail} G2 - GCE: Preference [GUI][User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.
—\ FIREFOX, Plugins,Démarrage,Recherche,Extensions (11) - 1s
P2 - EXT FILE: (.uBlock Origin - MSG_popupTipPicker’.) – C:\Users\GUI\AppData\Roaming\Mozilla\Firefox\Profi les\htEukEjR.default\extensionsuBlock0@raymondhill.net.xpi =>.uBlock Origin P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files\Mozilla Firefox\browser\featuresactivity-stream@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files\Mozilla Firefox\browser\featuresaushelper@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files\Mozilla Firefox\browser\featuresfirefox@getpocket.com.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files\Mozilla Firefox\browser\featuresfollowonsearch@mozilla.com.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files\Mozilla Firefox\browser\featuresformautofill@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files\Mozilla Firefox\browser\featuresonboarding@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files\Mozilla Firefox\browser\featuresscreenshots@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files\Mozilla Firefox\browser\featuresshield-recipe-client@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files\Mozilla Firefox\browser\featureswebcompat@mozilla.org.xpi =>.Mozilla Corporation P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) – C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_ 140.dll =>.Adobe Systems Incorporated
—\ INTERNET EXPLORER,Démarrage,Recherche,URLSearchHook (15) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.16299.371 (WinBuild.160101.0800)) – C:\Windows\System32\ieframe.dll =>.Microsoft Corporation
—\ INTERNET EXPLORER, Site de confiance et site sensible (1) - 0s
~ Microsoft Internet Explorer Restricted Site(s) Domains: 0(Good) / 0(Bad)
—\ INTERNET EXPLORER,Proxy Management (3) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyEnable = 0 =>.Default.Value R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,MigrateProxy = 1 =>.Default.Value R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Para meters\Internet\ManualProxies =>.Microsoft
—\ INTERNET EXPLORER,IniFiles, Autoloading Programs (3) - 0s
F2 - REG:system.ini: UserInit= F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet=
—\ ÉTUDE DU FICHIER HOSTS (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)
—\ BROWSER HELPER OBJECT DE NAVIGATEUR (BHO) (5) - 0s
O2 - BHO: (no name) [64Bits] - {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} . (.www.startisback.com - OldNewExplorer shell enhancements.) – C:\Users\GUI\Downloads\OldNewExplorer64.dll =>.www.startisback.com O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) – C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll =>.Microsoft Corporation® O2 - BHO: ExplorerBHO Class [64Bits] - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} . (.IvoSoft - Adds classic Windows Explorer features.) – C:\Program Files\Classic Shell\ClassicExplorer64.dll =>.Ivaylo Beltchev® O2 - BHO: Adobe Acrobat Create PDF Helper [64Bits] - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) – C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavSt ub.dll =>.Adobe Systems, Incorporated® O2 - BHO: SmartSelect [64Bits] - {F4971EE7-DAA0-4053-9964-665D8EE6A077} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) – C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavSt ub.dll =>.Adobe Systems, Incorporated®
—\ RACCOURCIS GLOBAL STARTUP (170) - 9s
O4 - GS\Desktop [Administrateur]: AMD Ryzen Master.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\RyzenMaster\bin\AMD Ryzen Master.exe =>.Advanced Micro Devices, Inc. O4 - GS\Desktop [Administrateur]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) D:\Audacity\audacity.exe =>.The Audacity Team O4 - GS\Desktop [Administrateur]: ClassicStartMenu.exe - Raccourci.lnk . (.IvoSoft - .) C:\Program Files (x86)\Classic Shell\ClassicStartMenu.exe =>.IvoSoft O4 - GS\Desktop [Administrateur]: filezilla - Raccourci.lnk . (.FileZilla Project - FileZilla FTP Client.) D:\FileZilla FTP Client\filezilla.exe {1E3308F7ECDC20D952DFCD12D1F83215} =>.FileZilla Project O4 - GS\Desktop [Administrateur]: Molotov.lnk . (.GitHub - Update.) C:\Users\GUI\AppData\Local\Molotov\Update.exe --processStart ‘Molotov.exe’ =>.GitHub O4 - GS\Desktop [Administrateur]: WinDirStat.lnk . (.Seifert - Windows Directory Statistics.) C:\Program Files (x86)\WinDirStat\windirstat.exe =>.Seifert O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\GUI\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Administrateur]: WinX MediaTrans.lnk . (.Digiarty - MediaTrans.) C:\Program Files (x86)\Digiarty\WinX MediaTrans\MediaTrans.exe =>.Digiarty, Inc.® O4 - GS\sendTo [Administrateur]: Destinataire de télécopie.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [Administrateur]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [Administrateur]: ShareX.lnk . (.ShareX Team - ShareX.) C:\Program Files\ShareX\ShareX.exe =>.ShareX Team O4 - GS\sendTo [Administrateur]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation O4 - GS\TaskBar [Administrateur]: Adobe After Effects CC 2017.lnk . (.Adobe Systems Incorporated - Adobe After Effects CC 2017.2.) C:\Program Files\Adobe\Adobe After Effects CC 2017\Support Files\AfterFX.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [Administrateur]: Adobe Illustrator CC 2018.lnk . (.Adobe Systems Inc. - Adobe Illustrator CC 2018.) C:\Program Files\Adobe\Adobe Illustrator CC 2018\Support Files\Contents\Windows\Illustrator.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [Administrateur]: Adobe InDesign CC 2018.lnk . (.Adobe Systems Incorporated - Adobe InDesign CC 2018.) C:\Program Files\Adobe\Adobe InDesign CC 2018\InDesign.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [Administrateur]: Adobe Lightroom.lnk . (.Adobe Systems - Adobe Photoshop Lightroom.) C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [Administrateur]: Adobe Photoshop CC 2018.lnk . (.Adobe Systems Incorporated - Adobe Photoshop CC 2018.) C:\Program Files\Adobe\Adobe Photoshop CC 2018\Photoshop.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [Administrateur]: Adobe Premiere Pro CC 2017.lnk . (.Adobe Systems Incorporated - Adobe Premiere Pro CC 2017.1.) C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\Adobe Premiere Pro.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [Administrateur]: AMD Ryzen Master.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\RyzenMaster\bin\AMD Ryzen Master.exe =>.Advanced Micro Devices, Inc. O4 - GS\TaskBar [Administrateur]: Blizzard App.lnk . (.Blizzard Entertainment - Blizzard Battle.net App Launcher.) C:\Program Files (x86)\Blizzard App\Battle.net Launcher.exe =>.Blizzard Entertainment, Inc.®
O4 - GS\TaskBar [Administrateur]: boujou 5.0.lnk . (…) C:\Windows\Installer{C071157F-AB34-4D3F-A0DF-9AC544B3732E}\boujou.ico
O4 - GS\TaskBar [Administrateur]: ClassicStartMenu.exe - Raccourci.lnk . (.IvoSoft - .) C:\Program Files (x86)\Classic Shell\ClassicStartMenu.exe =>.IvoSoft
O4 - GS\TaskBar [Administrateur]: DDNet.lnk . (…) C:\Users\GUI\Desktop\DDNet-10.8.6-win64\DDNet.exe
O4 - GS\TaskBar [Administrateur]: Discord.lnk . (.GitHub - Update.) C:\Users\GUI\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\TaskBar [Administrateur]: Elephorm.lnk . (…) C:\Program Files (x86)\Elephorm applications\Elephorm\Elephorm.exe
O4 - GS\TaskBar [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Administrateur]: HandBrake.lnk . (.HandBrake Team - HandBrake.) C:\Program Files\HandBrake\HandBrake.exe =>.HandBrake Team
O4 - GS\TaskBar [Administrateur]: MercuryTrade.lnk . (…) C:\Users\GUI\Desktop\macro\MercuryTrade\MercuryTra de.exe
O4 - GS\TaskBar [Administrateur]: mocha Pro V5.lnk . (…) C:\Windows\Installer{0B2CE768-9D51-45E8-A515-D91E8210FDFE}\MoxxxShortcutIcon.exe
O4 - GS\TaskBar [Administrateur]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Administrateur]: Path of Building.lnk . (…) D:\Path of Building\Path of Building.exe
O4 - GS\TaskBar [Administrateur]: Path of Exile.lnk . (…) C:\Program Files (x86)\Grinding Gear Games\Path of Exile\PathOfExile.exe =>.Grinding Gear Games Limited® O4 - GS\TaskBar [Administrateur]: PuTTY.lnk . (.Simon Tatham - SSH, Telnet and Rlogin client.) C:\Program Files (x86)\PuTTY\putty.exe =>.Simon Tatham® O4 - GS\TaskBar [Administrateur]: SpeedFan.lnk . (…) C:\Program Files (x86)\SpeedFan\speedfan.exe =>.SOKNO S.R.L.® O4 - GS\TaskBar [Administrateur]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) C:\Program Files (x86)\Steam\Steam.exe =>.Valve® O4 - GS\TaskBar [Administrateur]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe =>.TeamSpeak Systems GmbH® O4 - GS\TaskBar [Administrateur]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN® O4 - GS\Startup [Administrateur]: ShareX.lnk . (.ShareX Team - ShareX.) C:\Program Files\ShareX\ShareX.exe -silent =>.ShareX Team
O4 - GS\Programs [Administrateur]: Infini2y. Pack of Transitions’ Presets.lnk . (…) C:\Users\GUI\Desktop\ARAWAK\Infini2y. Pack of Transitions’ Presets
O4 - GS\Programs [Administrateur]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\GUI\AppData\Local\Microsoft\OneDrive\OneD rive.exe =>.Microsoft Corporation® O4 - GS\Desktop [GUI]: AMD Ryzen Master.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\RyzenMaster\bin\AMD Ryzen Master.exe =>.Advanced Micro Devices, Inc. O4 - GS\Desktop [GUI]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) D:\Audacity\audacity.exe =>.The Audacity Team O4 - GS\Desktop [GUI]: ClassicStartMenu.exe - Raccourci.lnk . (.IvoSoft - .) C:\Program Files (x86)\Classic Shell\ClassicStartMenu.exe =>.IvoSoft O4 - GS\Desktop [GUI]: filezilla - Raccourci.lnk . (.FileZilla Project - FileZilla FTP Client.) D:\FileZilla FTP Client\filezilla.exe {1E3308F7ECDC20D952DFCD12D1F83215} =>.FileZilla Project O4 - GS\Desktop [GUI]: Molotov.lnk . (.GitHub - Update.) C:\Users\GUI\AppData\Local\Molotov\Update.exe --processStart ‘Molotov.exe’ =>.GitHub O4 - GS\Desktop [GUI]: WinDirStat.lnk . (.Seifert - Windows Directory Statistics.) C:\Program Files (x86)\WinDirStat\windirstat.exe =>.Seifert O4 - GS\Desktop [GUI]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\GUI\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [GUI]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [GUI]: WinX MediaTrans.lnk . (.Digiarty - MediaTrans.) C:\Program Files (x86)\Digiarty\WinX MediaTrans\MediaTrans.exe =>.Digiarty, Inc.® O4 - GS\sendTo [GUI]: Destinataire de télécopie.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [GUI]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [GUI]: ShareX.lnk . (.ShareX Team - ShareX.) C:\Program Files\ShareX\ShareX.exe =>.ShareX Team O4 - GS\sendTo [GUI]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation O4 - GS\TaskBar [GUI]: Adobe After Effects CC 2017.lnk . (.Adobe Systems Incorporated - Adobe After Effects CC 2017.2.) C:\Program Files\Adobe\Adobe After Effects CC 2017\Support Files\AfterFX.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [GUI]: Adobe Illustrator CC 2018.lnk . (.Adobe Systems Inc. - Adobe Illustrator CC 2018.) C:\Program Files\Adobe\Adobe Illustrator CC 2018\Support Files\Contents\Windows\Illustrator.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [GUI]: Adobe InDesign CC 2018.lnk . (.Adobe Systems Incorporated - Adobe InDesign CC 2018.) C:\Program Files\Adobe\Adobe InDesign CC 2018\InDesign.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [GUI]: Adobe Lightroom.lnk . (.Adobe Systems - Adobe Photoshop Lightroom.) C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [GUI]: Adobe Photoshop CC 2018.lnk . (.Adobe Systems Incorporated - Adobe Photoshop CC 2018.) C:\Program Files\Adobe\Adobe Photoshop CC 2018\Photoshop.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [GUI]: Adobe Premiere Pro CC 2017.lnk . (.Adobe Systems Incorporated - Adobe Premiere Pro CC 2017.1.) C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\Adobe Premiere Pro.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [GUI]: AMD Ryzen Master.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\RyzenMaster\bin\AMD Ryzen Master.exe =>.Advanced Micro Devices, Inc. O4 - GS\TaskBar [GUI]: Blizzard App.lnk . (.Blizzard Entertainment - Blizzard Battle.net App Launcher.) C:\Program Files (x86)\Blizzard App\Battle.net Launcher.exe =>.Blizzard Entertainment, Inc.®
O4 - GS\TaskBar [GUI]: boujou 5.0.lnk . (…) C:\Windows\Installer{C071157F-AB34-4D3F-A0DF-9AC544B3732E}\boujou.ico
O4 - GS\TaskBar [GUI]: ClassicStartMenu.exe - Raccourci.lnk . (.IvoSoft - .) C:\Program Files (x86)\Classic Shell\ClassicStartMenu.exe =>.IvoSoft
O4 - GS\TaskBar [GUI]: DDNet.lnk . (…) C:\Users\GUI\Desktop\DDNet-10.8.6-win64\DDNet.exe
O4 - GS\TaskBar [GUI]: Discord.lnk . (.GitHub - Update.) C:\Users\GUI\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\TaskBar [GUI]: Elephorm.lnk . (…) C:\Program Files (x86)\Elephorm applications\Elephorm\Elephorm.exe
O4 - GS\TaskBar [GUI]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [GUI]: HandBrake.lnk . (.HandBrake Team - HandBrake.) C:\Program Files\HandBrake\HandBrake.exe =>.HandBrake Team
O4 - GS\TaskBar [GUI]: MercuryTrade.lnk . (…) C:\Users\GUI\Desktop\macro\MercuryTrade\MercuryTra de.exe
O4 - GS\TaskBar [GUI]: mocha Pro V5.lnk . (…) C:\Windows\Installer{0B2CE768-9D51-45E8-A515-D91E8210FDFE}\MoxxxShortcutIcon.exe
O4 - GS\TaskBar [GUI]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [GUI]: Path of Building.lnk . (…) D:\Path of Building\Path of Building.exe
O4 - GS\TaskBar [GUI]: Path of Exile.lnk . (…) C:\Program Files (x86)\Grinding Gear Games\Path of Exile\PathOfExile.exe =>.Grinding Gear Games Limited® O4 - GS\TaskBar [GUI]: PuTTY.lnk . (.Simon Tatham - SSH, Telnet and Rlogin client.) C:\Program Files (x86)\PuTTY\putty.exe =>.Simon Tatham® O4 - GS\TaskBar [GUI]: SpeedFan.lnk . (…) C:\Program Files (x86)\SpeedFan\speedfan.exe =>.SOKNO S.R.L.® O4 - GS\TaskBar [GUI]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) C:\Program Files (x86)\Steam\Steam.exe =>.Valve® O4 - GS\TaskBar [GUI]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe =>.TeamSpeak Systems GmbH® O4 - GS\TaskBar [GUI]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN® O4 - GS\Startup [GUI]: ShareX.lnk . (.ShareX Team - ShareX.) C:\Program Files\ShareX\ShareX.exe -silent =>.ShareX Team
O4 - GS\Programs [GUI]: Infini2y. Pack of Transitions’ Presets.lnk . (…) C:\Users\GUI\Desktop\ARAWAK\Infini2y. Pack of Transitions’ Presets
O4 - GS\Programs [GUI]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\GUI\AppData\Local\Microsoft\OneDrive\OneD rive.exe =>.Microsoft Corporation® O4 - GS\Desktop [WDAGUtilityAccount]: AMD Ryzen Master.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\RyzenMaster\bin\AMD Ryzen Master.exe =>.Advanced Micro Devices, Inc. O4 - GS\Desktop [WDAGUtilityAccount]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) D:\Audacity\audacity.exe =>.The Audacity Team O4 - GS\Desktop [WDAGUtilityAccount]: ClassicStartMenu.exe - Raccourci.lnk . (.IvoSoft - .) C:\Program Files (x86)\Classic Shell\ClassicStartMenu.exe =>.IvoSoft O4 - GS\Desktop [WDAGUtilityAccount]: filezilla - Raccourci.lnk . (.FileZilla Project - FileZilla FTP Client.) D:\FileZilla FTP Client\filezilla.exe {1E3308F7ECDC20D952DFCD12D1F83215} =>.FileZilla Project O4 - GS\Desktop [WDAGUtilityAccount]: Molotov.lnk . (.GitHub - Update.) C:\Users\GUI\AppData\Local\Molotov\Update.exe --processStart ‘Molotov.exe’ =>.GitHub O4 - GS\Desktop [WDAGUtilityAccount]: WinDirStat.lnk . (.Seifert - Windows Directory Statistics.) C:\Program Files (x86)\WinDirStat\windirstat.exe =>.Seifert O4 - GS\Desktop [WDAGUtilityAccount]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\GUI\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [WDAGUtilityAccount]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [WDAGUtilityAccount]: WinX MediaTrans.lnk . (.Digiarty - MediaTrans.) C:\Program Files (x86)\Digiarty\WinX MediaTrans\MediaTrans.exe =>.Digiarty, Inc.® O4 - GS\sendTo [WDAGUtilityAccount]: Destinataire de télécopie.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [WDAGUtilityAccount]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [WDAGUtilityAccount]: ShareX.lnk . (.ShareX Team - ShareX.) C:\Program Files\ShareX\ShareX.exe =>.ShareX Team O4 - GS\sendTo [WDAGUtilityAccount]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation O4 - GS\TaskBar [WDAGUtilityAccount]: Adobe After Effects CC 2017.lnk . (.Adobe Systems Incorporated - Adobe After Effects CC 2017.2.) C:\Program Files\Adobe\Adobe After Effects CC 2017\Support Files\AfterFX.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [WDAGUtilityAccount]: Adobe Illustrator CC 2018.lnk . (.Adobe Systems Inc. - Adobe Illustrator CC 2018.) C:\Program Files\Adobe\Adobe Illustrator CC 2018\Support Files\Contents\Windows\Illustrator.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [WDAGUtilityAccount]: Adobe InDesign CC 2018.lnk . (.Adobe Systems Incorporated - Adobe InDesign CC 2018.) C:\Program Files\Adobe\Adobe InDesign CC 2018\InDesign.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [WDAGUtilityAccount]: Adobe Lightroom.lnk . (.Adobe Systems - Adobe Photoshop Lightroom.) C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [WDAGUtilityAccount]: Adobe Photoshop CC 2018.lnk . (.Adobe Systems Incorporated - Adobe Photoshop CC 2018.) C:\Program Files\Adobe\Adobe Photoshop CC 2018\Photoshop.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [WDAGUtilityAccount]: Adobe Premiere Pro CC 2017.lnk . (.Adobe Systems Incorporated - Adobe Premiere Pro CC 2017.1.) C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\Adobe Premiere Pro.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [WDAGUtilityAccount]: AMD Ryzen Master.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\RyzenMaster\bin\AMD Ryzen Master.exe =>.Advanced Micro Devices, Inc. O4 - GS\TaskBar [WDAGUtilityAccount]: Blizzard App.lnk . (.Blizzard Entertainment - Blizzard Battle.net App Launcher.) C:\Program Files (x86)\Blizzard App\Battle.net Launcher.exe =>.Blizzard Entertainment, Inc.®
O4 - GS\TaskBar [WDAGUtilityAccount]: boujou 5.0.lnk . (…) C:\Windows\Installer{C071157F-AB34-4D3F-A0DF-9AC544B3732E}\boujou.ico
O4 - GS\TaskBar [WDAGUtilityAccount]: ClassicStartMenu.exe - Raccourci.lnk . (.IvoSoft - .) C:\Program Files (x86)\Classic Shell\ClassicStartMenu.exe =>.IvoSoft
O4 - GS\TaskBar [WDAGUtilityAccount]: DDNet.lnk . (…) C:\Users\GUI\Desktop\DDNet-10.8.6-win64\DDNet.exe
O4 - GS\TaskBar [WDAGUtilityAccount]: Discord.lnk . (.GitHub - Update.) C:\Users\GUI\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\TaskBar [WDAGUtilityAccount]: Elephorm.lnk . (…) C:\Program Files (x86)\Elephorm applications\Elephorm\Elephorm.exe
O4 - GS\TaskBar [WDAGUtilityAccount]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [WDAGUtilityAccount]: HandBrake.lnk . (.HandBrake Team - HandBrake.) C:\Program Files\HandBrake\HandBrake.exe =>.HandBrake Team
O4 - GS\TaskBar [WDAGUtilityAccount]: MercuryTrade.lnk . (…) C:\Users\GUI\Desktop\macro\MercuryTrade\MercuryTra de.exe
O4 - GS\TaskBar [WDAGUtilityAccount]: mocha Pro V5.lnk . (…) C:\Windows\Installer{0B2CE768-9D51-45E8-A515-D91E8210FDFE}\MoxxxShortcutIcon.exe
O4 - GS\TaskBar [WDAGUtilityAccount]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [WDAGUtilityAccount]: Path of Building.lnk . (…) D:\Path of Building\Path of Building.exe
O4 - GS\TaskBar [WDAGUtilityAccount]: Path of Exile.lnk . (…) C:\Program Files (x86)\Grinding Gear Games\Path of Exile\PathOfExile.exe =>.Grinding Gear Games Limited® O4 - GS\TaskBar [WDAGUtilityAccount]: PuTTY.lnk . (.Simon Tatham - SSH, Telnet and Rlogin client.) C:\Program Files (x86)\PuTTY\putty.exe =>.Simon Tatham® O4 - GS\TaskBar [WDAGUtilityAccount]: SpeedFan.lnk . (…) C:\Program Files (x86)\SpeedFan\speedfan.exe =>.SOKNO S.R.L.® O4 - GS\TaskBar [WDAGUtilityAccount]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) C:\Program Files (x86)\Steam\Steam.exe =>.Valve® O4 - GS\TaskBar [WDAGUtilityAccount]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe =>.TeamSpeak Systems GmbH® O4 - GS\TaskBar [WDAGUtilityAccount]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN® O4 - GS\Startup [WDAGUtilityAccount]: ShareX.lnk . (.ShareX Team - ShareX.) C:\Program Files\ShareX\ShareX.exe -silent =>.ShareX Team
O4 - GS\Programs [WDAGUtilityAccount]: Infini2y. Pack of Transitions’ Presets.lnk . (…) C:\Users\GUI\Desktop\ARAWAK\Infini2y. Pack of Transitions’ Presets
O4 - GS\Programs [WDAGUtilityAccount]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\GUI\AppData\Local\Microsoft\OneDrive\OneD rive.exe =>.Microsoft Corporation® O4 - GS\CommonDesktop [Public]: GeForce Experience.lnk . (.NVIDIA Corporation - NVIDIA GeForce Experience.) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe =>.NVIDIA Corporation®
O4 - GS\Programs [Public]: Infini2y. Pack of Transitions’ Presets.lnk . (…) C:\Users\GUI\Desktop\ARAWAK\Infini2y. Pack of Transitions’ Presets
O4 - GS\Programs [Public]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\GUI\AppData\Local\Microsoft\OneDrive\OneD rive.exe =>.Microsoft Corporation® O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\internet explorer\iexplore.exe =>.Microsoft Corporation® O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\WINDOWS\system32\mspaint.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\WINDOWS\system32\quickassist.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) C:\WINDOWS\system32\mstsc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d’écran.) C:\WINDOWS\system32\SnippingTool.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Enregistreur d’actions.) C:\WINDOWS\system32\psr.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) C:\WINDOWS\system32\xpsrchvw.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) C:\WINDOWS\system32\charmap.exe =>.Microsoft Corporation O4 - GS\ProgramsCommon [Public]: Access.lnk . (.Microsoft Corporation - Microsoft Access.) C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE =>.Microsoft Corporation® O4 - GS\ProgramsCommon [Public]: Adobe Acrobat DC.lnk . (.Flexera Software LLC - InstallShield.) C:\WINDOWS\Installer{AC76BA86-1033-FFFF-7760-0C0F074E4100}_SC_Acrobat.ico =>.Flexera Software LLC O4 - GS\ProgramsCommon [Public]: Adobe Acrobat Distiller DC.lnk . (.Adobe Systems Incorporated. - Acrobat Distiller.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrodist.exe =>.Adobe Systems, Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe After Effects CC 2017.lnk . (.Adobe Systems Incorporated - Adobe After Effects CC 2017.2.) C:\Program Files\Adobe\Adobe After Effects CC 2017\Support Files\AfterFX.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Bridge CC 2017.lnk . (.Adobe Systems Incorporated - Adobe Bridge CC 2017.) C:\Program Files\Adobe\Adobe Bridge CC 2017\Bridge.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Character Animator CC (Beta).lnk . (.Adobe Systems Incorporated - Character Animator CC Beta.) C:\Program Files\Adobe\Adobe Character Animator CC (Beta)\Support Files\Character Animator.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Creative Cloud.lnk . (.Adobe Systems Incorporated - Adobe Creative Cloud.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Illustrator CC 2018.lnk . (.Adobe Systems Inc. - Adobe Illustrator CC 2018.) C:\Program Files\Adobe\Adobe Illustrator CC 2018\Support Files\Contents\Windows\Illustrator.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe InDesign CC 2018.lnk . (.Adobe Systems Incorporated - Adobe InDesign CC 2018.) C:\Program Files\Adobe\Adobe InDesign CC 2018\InDesign.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Lightroom Classic CC.lnk . (.Adobe Systems - Adobe Photoshop Lightroom Classic.) C:\Program Files\Adobe\Adobe Lightroom Classic CC\Lightroom.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Lightroom.lnk . (.Adobe Systems - Adobe Photoshop Lightroom.) C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Media Encoder CC 2017.lnk . (.Adobe Systems Incorporated - Adobe Media Encoder CC 2017.1.) C:\Program Files\Adobe\Adobe Media Encoder CC 2017\Adobe Media Encoder.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Muse CC 2017.lnk . (.Adobe Systems, Incorporated - Adobe Muse CC.) C:\Program Files\Adobe\Adobe Muse CC 2017\Muse.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Photoshop CC 2018.lnk . (.Adobe Systems Incorporated - Adobe Photoshop CC 2018.) C:\Program Files\Adobe\Adobe Photoshop CC 2018\Photoshop.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Premiere Pro CC 2017.lnk . (.Adobe Systems Incorporated - Adobe Premiere Pro CC 2017.1.) C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\Adobe Premiere Pro.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Apple Software Update.lnk . (…) C:\Windows\Installer{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}\AppleSoftwareUpdateIco.exe =>.Apple Inc. O4 - GS\ProgramsCommon [Public]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) D:\Audacity\audacity.exe =>.The Audacity Team
O4 - GS\ProgramsCommon [Public]: Elephorm.lnk . (…) C:\Program Files (x86)\Elephorm applications\Elephorm\Elephorm.exe
O4 - GS\ProgramsCommon [Public]: Epic Games Launcher.lnk . (.Epic Games, Inc. - UnrealEngineLauncher.) D:\EpicGames\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLaun cher.exe =>.Epic Games Inc.® O4 - GS\ProgramsCommon [Public]: Excel.lnk . (.Microsoft Corporation - Microsoft Excel.) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE =>.Microsoft Corporation® O4 - GS\ProgramsCommon [Public]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\System32\Control.exe =>.Microsoft Corporation O4 - GS\ProgramsCommon [Public]: OneNote 2016.lnk . (.Microsoft Corporation - Microsoft OneNote.) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE =>.Microsoft Corporation® O4 - GS\ProgramsCommon [Public]: Outlook.lnk . (.Microsoft Corporation - Microsoft Outlook.) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE =>.Microsoft Corporation® O4 - GS\ProgramsCommon [Public]: PowerPoint.lnk . (.Microsoft Corporation - Microsoft PowerPoint.) C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE =>.Microsoft Corporation® O4 - GS\ProgramsCommon [Public]: Publisher.lnk . (.Microsoft Corporation - Microsoft Publisher.) C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE =>.Microsoft Corporation® O4 - GS\ProgramsCommon [Public]: Skype Entreprise.lnk . (.Microsoft Corporation - Skype for Business.) C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe =>.Microsoft Corporation® O4 - GS\ProgramsCommon [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe =>.TeamSpeak Systems GmbH® O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation O4 - GS\ProgramsCommon [Public]: Word.lnk . (.Microsoft Corporation - Microsoft Word.) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE =>.Microsoft Corporation®
—\ MODIFICATION DOMAINE/ADRESSES (DNS) (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254 =>.Local IP Adress O17 - HKLM\System\CCS\Services\Tcpip..{12ab01fb-67da-4d03-9e28-a36c5d062547}: DhcpNameServer = 172.20.10.1 =>.Private IP O17 - HKLM\System\CCS\Services\Tcpip..{e4e99d05-3fa5-4f09-81c6-4986807542a3}: DhcpNameServer = 192.168.0.254 =>.Local IP Adress
—\ PROTOCOLE ADDITIONNEL (22) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) – C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) – C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) – C:\Windows\System32\tbauth.dll =>.Microsoft Corporation O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) – C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) – C:\Windows\System32\tbauth.dll =>.Microsoft Corporation O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
—\ REGISTRE AppInit_DLLs et Winlogon Notify (1) - 0s
O20 - Winlogon : UserInit . (.Microsoft Corporation - Application d’ouverture de session Userinit.) - C:\WINDOWS\System32\Userinit.exe =>.Microsoft Corporation
—\ CLÉ DE REGISTRE EXPLORER StartupApproved (1) - 1s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run32]:Lightshot =>.SUP.Skillbrains

—\ COMPOSANTS ACTIVESETUP INSTALLÉS (ASIC) (5) - 0s
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) – C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Utilitaire d’installation du Lecteur Window.) – C:\Windows\System32\unregmp2.exe =>.Microsoft Corporation O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Expl.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) – C:\Windows\System32\mscories.dll =>.Microsoft Corporation® O40 - ASIC: Google Chrome [64Bits] - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) – C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\Inst aller\chrmstp.exe =>.Google Inc®
—\ LOGICIELS INSTALLÉS (162) - 11s
O42 - Logiciel: Adobe Acrobat DC - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {AC76BA86-1033-FFFF-7760-0C0F074E4100} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe After Effects CC 2017 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – AEFT_14_2_1 =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {739A853C-D71F-404B-9E6A-012D3918ED57} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] – Adobe AIR =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Bridge CC 2017 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – KBRG_7_0 =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Character Animator CC (Beta) - (.Adobe Systems Incorporated.) [HKLM][64Bits] – ANMLBETA_1_0_6 =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM][64Bits] – Adobe Creative Cloud =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 29 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] – Adobe Flash Player NPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 29 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] – Adobe Flash Player PPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Illustrator CC 2018 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – ILST_22_1 =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe InDesign CC 2018 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – IDSN_13_1 =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Lightroom - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D} =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Lightroom Classic CC - (.Adobe Systems Incorporated.) [HKLM][64Bits] – LTRM_7_3 =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Media Encoder CC 2017 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – AME_11_1_2 =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Muse CC 2017 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – MUSE_2017_1_0 =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Photoshop CC 2018 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – PHSP_19_1_3 =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Premiere Pro CC 2017 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – PPRO_11_1_2 =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {AC76BA86-0804-1033-1959-001824265200} =>.Adobe Systems Incorporated O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM][64Bits] – {3D1290E6-1F77-46D5-A715-A56679C8D4E3} =>.Apple Inc. O42 - Logiciel: Apple Application Support (64 bits) - (.Apple Inc..) [HKLM][64Bits] – {D0E45DEC-F4B9-4370-A9DF-66837789C2EF} =>.Apple Inc. O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] – {E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5} =>.Apple Inc. O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] – {C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8} =>.Apple Inc. O42 - Logiciel: Audacity 2.1.3 - (.Audacity Team.) [HKLM][64Bits] – Audacity®_is1 =>.Audacity Team O42 - Logiciel: AutoHotkey 1.1.26.01 - (.Lexikos.) [HKLM][64Bits] – AutoHotkey =>.Lexikos O42 - Logiciel: Avira Antivirus v15.0.36.169 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] – Avira Antivirus =>.Avira Operations GmbH & Co. KG® O42 - Logiciel: Avira v1.2.109.23832 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] – {40F72BC9-0C14-4122-8930-4B037EAEAD45} =>.Avira Operations GmbH & Co. KG O42 - Logiciel: Avira v1.2.109.23832 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] – {4b629f54-1d82-40c9-9979-4485bb58d155} =>.Avira Operations GmbH & Co. KG® O42 - Logiciel: BattleBlock Theater - (.The Behemoth.) [HKLM][64Bits] – Steam App 238460 =>.Valve® O42 - Logiciel: BleachBit - (.BleachBit.) [HKLM][64Bits] – BleachBit =>.BleachBit O42 - Logiciel: Blizzard App - (.Blizzard Entertainment.) [HKLM][64Bits] – Battle.net =>.Blizzard Entertainment, Inc.® O42 - Logiciel: BlueStacks 3 - (.BlueStack Systems, Inc..) [HKLM][64Bits] – BlueStacks =>.BlueStack Systems, Inc.® O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] – {56DDDFB8-7F79-4480-89D5-25E1F52AB28F} =>.Apple Inc. O42 - Logiciel: Borderlands: The Pre-Sequel - (.2K Australia.) [HKLM][64Bits] – Steam App 261640 =>.Valve® O42 - Logiciel: Boris Continuum Complete 10 CE for Adobe CS5, CS6, CC - (.Boris FX, Inc..) [HKLM][64Bits] – {45F7EB88-E0B4-4B57-8C1B-A5D8A61F9A29} =>.Boris FX, Inc. O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] – CCleaner =>.Piriform Ltd® O42 - Logiciel: Classic Shell - (.IvoSoft.) [HKLM][64Bits] – {CABCE573-0A86-42FA-A52A-C7EA61D5BE08} =>.IvoSoft O42 - Logiciel: Counter-Strike: Global Offensive - (.Valve.) [HKLM][64Bits] – Steam App 730 =>.Valve® O42 - Logiciel: DAEMON Tools Pro - (.Disc Soft Ltd.) [HKLM][64Bits] – DAEMON Tools Pro =>.Disc Soft Ltd® O42 - Logiciel: Deceit - (.Automaton.) [HKLM][64Bits] – Steam App 466240 =>.Valve® O42 - Logiciel: Discord - (.Discord Inc..) [HKCU][64Bits] – Discord =>.Discord Inc.® O42 - Logiciel: DisplayDriverAnalyzer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer =>.NVIDIA Corporation O42 - Logiciel: Effects Suite v11.1.10 - (.Red Giant, LLC.) [HKLM][64Bits] – {4DD8EE5E-F571-4EC8-9526-E7C62FE39B19}_is1 =>.Red Giant, LLC
O42 - Logiciel: Elephorm - (..) [HKLM][64Bits] – {1668659A-6C3E-64CC-E5AF-936A36E492AD}
O42 - Logiciel: Elephorm - (..) [HKLM][64Bits] – ElephormDVDPlayer
O42 - Logiciel: Epic Games Launcher - (.Epic Games, Inc..) [HKLM][64Bits] – {886E86E6-6673-4EAD-A4FF-6E087A661F4E} =>.Epic Games, Inc. O42 - Logiciel: Epic Games Launcher Prerequisites (x64) - (.Epic Games, Inc..) [HKLM][64Bits] – {66C5838F-B854-4A55-89E6-A6138747A4DF} =>.Epic Games, Inc.
O42 - Logiciel: fayIN 2.4 for After Effects CC - (.fayteq.) [HKLM][64Bits] – {3621F3FF-A9B6-4C18-8842-B871985AE866}
O42 - Logiciel: fayIN License Service - (.fayteq.) [HKLM][64Bits] – {99AF962E-47B0-4DF8-BA65-F03403DB80BC}
O42 - Logiciel: fayteq fayIN 2.4 for After Effects CC - (.fayteq.) [HKLM][64Bits] – {1582ee6c-39ed-474c-a751-71fe914bd8d5} {021EEAA434D48391EDD756B9003E826C}
O42 - Logiciel: Free Window Registry Repair - (.RegSofts Software.) [HKLM][64Bits] – Free Window Registry Repair =>.RegSofts Software O42 - Logiciel: GenArts Sapphire AE - (.Team V.R.) [HKLM][64Bits] – GenArts Sapphire AE_is1 =>.Team V.R O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] – Google Chrome =>.Google Inc® O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] – {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc. O42 - Logiciel: HandBrake 1.0.7 - (.HandBrake Team.) [HKLM][64Bits] – HandBrake =>.HandBrake Team O42 - Logiciel: Hero Siege - (.Elias Viglione.) [HKLM][64Bits] – Steam App 269210 =>.Valve® O42 - Logiciel: Heroes of the Storm - (.Blizzard Entertainment.) [HKLM][64Bits] – Heroes of the Storm =>.Blizzard Entertainment, Inc.® O42 - Logiciel: Ignite Pro 2017 - (.Team V.R.) [HKLM][64Bits] – Ignite Pro 2017_is1 =>.Team V.R O42 - Logiciel: ImageGlass - (.Duong Dieu Phap.) [HKLM][64Bits] – {D539FBEF-4AA8-4415-B66F-6367DA5D0186}_is1 =>.Duong Dieu Phap O42 - Logiciel: Intel(R) C++ Redistributables on Intel(R) 64 - (.Intel Corporation.) [HKLM][64Bits] – {F70BCE36-25F2-4475-A918-6209B3D85BF3} =>.Intel Corporation O42 - Logiciel: Into the Breach - (.Subset Games.) [HKLM][64Bits] – Steam App 590380 =>.Valve® O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] – {89B08926-B965-43B5-8C71-C10433760B14} =>.Apple Inc. O42 - Logiciel: LAME v3.99.3 (for Windows) - (.Audacity.) [HKLM][64Bits] – LAME_is1 =>.Audacity O42 - Logiciel: Launcher Prerequisites (x64) - (.Epic Games, Inc..) [HKLM][64Bits] – {c6c5a357-c7ca-4a5f-9789-3bb1af579253} =>.Epic Games Inc.®
O42 - Logiciel: Locus Pack 1.00 - (.Video Realm Media.) [HKLM][64Bits] – Locus Pack 1.00
O42 - Logiciel: Lost Castle - (.Hunter Studio.) [HKLM][64Bits] – Steam App 434650 =>.Valve® O42 - Logiciel: Magic Bullet Suite v13.0.3 - (.Red Giant, LLC.) [HKLM][64Bits] – {99487911-8011-42BC-B594-8B02BFD32B1D}_is1 =>.Red Giant, LLC O42 - Logiciel: mamoworld.com Editing Essentials Bundle - (.Team V.R.) [HKLM][64Bits] – Editing Essentials Bundle for Premiere Pro_is1 =>.Team V.R O42 - Logiciel: ManiaPlanet - (.Nadeo.) [HKLM][64Bits] – ManiaPlanet_is1 {34160AF3885BBB32312B8BBF0333806F} =>.Nadeo O42 - Logiciel: Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtensio - (.Microsoft Corporation.) [HKLM][64Bits] – {B0169E83-757B-EF66-E2F0-391944D785BC} =>.Microsoft Corporation O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] – OneDriveSetup.exe =>.Microsoft Corporation® O42 - Logiciel: Mises à jour NVIDIA 31.1.10.0 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update =>.NVIDIA Corporation O42 - Logiciel: mocha Pro Plugin V5.2.0 for AVX - (.Imagineer Systems.) [HKLM][64Bits] – {000D5F2C-50AB-47E1-9322-6736F502A0E3} =>.Imagineer Systems O42 - Logiciel: mocha Pro Plugin V5.2.0 for OFX - (.Imagineer Systems.) [HKLM][64Bits] – {2D3E6370-5C8C-4C83-870D-5E02C529ED5B} =>.Imagineer Systems O42 - Logiciel: mocha Pro V5.2.0-12816 - (.Imagineer Systems.) [HKLM][64Bits] – {0B2CE768-9D51-45E8-A515-D91E8210FDFE} =>.Imagineer Systems O42 - Logiciel: mocha VR Plugin V5.5.2 for Adobe - (.Imagineer Systems.) [HKLM][64Bits] – {C5D1B3FC-ECE8-459C-AF76-BB2FBD71841B} =>.Imagineer Systems O42 - Logiciel: Molotov - (.Molotov.) [HKCU][64Bits] – Molotov =>.Molotov O42 - Logiciel: Move or Die - (.Those Awesome Guys.) [HKLM][64Bits] – Steam App 323850 =>.Valve® O42 - Logiciel: Mozilla Firefox 59.0.3 (x64 en-US) - (.Mozilla.) [HKLM][64Bits] – Mozilla Firefox 59.0.3 (x64 en-US) =>.Mozilla Corporation® O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] – MozillaMaintenanceService =>.Mozilla O42 - Logiciel: Mysterium - (.Asmodee Digital.) [HKLM][64Bits] – Steam App 556180 =>.Valve® O42 - Logiciel: NewBlue TotalFX AEX - (.Team V.R.) [HKLM][64Bits] – NewBlue TotalFX AEX_is1 =>.Team V.R O42 - Logiciel: Notepad++ (32-bit x86) - (.Notepad++ Team.) [HKLM][64Bits] – Notepad++ =>.Notepad++ Team O42 - Logiciel: NVIDIA Ansel - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Backend - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA DDS Utilities - (.nVidia Corporation.) [HKLM][64Bits] – {64963F0E-03F2-4B59-8D1B-1806545E7092} =>.InstallShield Software Corporation® O42 - Logiciel: NVIDIA Display Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Display Container LS - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Display Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Display Watchdog Plugin - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog =>.NVIDIA Corporation O42 - Logiciel: NVIDIA GeForce Experience 3.13.1.30 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA LocalSystem Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Logiciel système PhysX 9.17.0524 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Message Bus for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus =>.NVIDIA Corporation O42 - Logiciel: NVIDIA NetworkService Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService =>.NVIDIA Corporation O42 - Logiciel: NVIDIA NodeJS - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Optimus Update 31.1.10.0 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Photoshop Plug-ins 64 bit - (.nVidia Corporation.) [HKLM][64Bits] – {5E386C5B-CDE7-435A-B5C9-EC73A1B0553A} =>.InstallShield Software Corporation® O42 - Logiciel: NVIDIA Pilote 3D Vision 397.64 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Pilote audio HD : 1.3.37.1 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Pilote du contrôleur 3D Vision 390.41 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Pilote graphique 397.64 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session =>.NVIDIA Corporation O42 - Logiciel: NVIDIA ShadowPlay 3.13.1.30 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay =>.NVIDIA Corporation O42 - Logiciel: Nvidia Share - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC =>.NVIDIA Corporation O42 - Logiciel: NVIDIA SHIELD Streaming - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv =>.NVIDIA Corporation O42 - Logiciel: NVIDIA SHIELD Wireless Controller Driver - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] – NVIDIAStereo =>.NVIDIA Corporation® O42 - Logiciel: NVIDIA Telemetry Client - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Telemetry Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA TelemetryApi helper for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHel per =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Update Core - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core =>.NVIDIA Corporation O42 - Logiciel: NVIDIA User Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Virtual Audio 4.04.0 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Virtual Host Controller - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Watchdog Plugin for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog =>.NVIDIA Corporation O42 - Logiciel: Office 16 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] – {90160000-008C-0000-0000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Office 16 Click-to-Run Extensibility Component 64-bit Registration - (.Microsoft Corporation.) [HKLM][64Bits] – {90160000-00DD-0000-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Office 16 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] – {90160000-008F-0000-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Office 16 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] – {90160000-008C-0409-0000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Office 16 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] – {90160000-008C-040C-0000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Overwatch - (.Blizzard Entertainment.) [HKLM][64Bits] – Overwatch =>.Blizzard Entertainment, Inc.® O42 - Logiciel: Panneau de configuration NVIDIA 397.64 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation
O42 - Logiciel: Parsec - (.Parsec Cloud Inc..) [HKLM][64Bits] – Parsec
O42 - Logiciel: Path of Building version 1.4.64 - (.Openarl.) [HKLM][64Bits] – {72FA9AB7-189F-4BDE-8856-72DEB90C157B}_is1
O42 - Logiciel: Path of Exile - (.Grinding Gear Games.) [HKLM][64Bits] – {5e37eb26-2d6e-4b09-9dda-67b2c7f8d5bb} =>.Grinding Gear Games Limited® O42 - Logiciel: Path of Exile - (.Grinding Gear Games.) [HKLM][64Bits] – {90A4562F-D4A1-4B65-906D-41F236CF6902} =>.Grinding Gear Games O42 - Logiciel: PuTTY release 0.70 - (.Simon Tatham.) [HKLM][64Bits] – {0B06C05B-0069-4FE8-AC19-AAF6678FD0A8} =>.Simon Tatham O42 - Logiciel: PuTTY release 0.70 (64-bit) - (.Simon Tatham.) [HKLM][64Bits] – {45B3032F-22CC-40CD-9E97-4DA7095FA5A2} =>.Simon Tatham
O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM][64Bits] – {FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} =>Riskware.QuickTime
O42 - Logiciel: Razer Synapse - (.Razer Inc..) [HKLM][64Bits] – {0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6} =>.Razer Inc. O42 - Logiciel: RE:Vision Effects RE:Flex v5.0.0 - (.Team V.R.) [HKLM][64Bits] – RE:Flex 5_is1 =>.Team V.R O42 - Logiciel: RE:Vision Effects Twixtor AE - (.Team V.R.) [HKLM][64Bits] – Twixtor AE 6.1.0_is1 =>.Team V.R O42 - Logiciel: RE:Vision Effects Twixtor AE - (.Team V.R.) [HKLM][64Bits] – Twixtor AE 6.2.1_is1 =>.Team V.R O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] – {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp.® O42 - Logiciel: Red Giant Link - (.Red Giant, LLC.) [HKLM][64Bits] – {10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1 =>.Red Giant, LLC
O42 - Logiciel: ReelSmart Motion Blur 4, After Effects-compatible plugin set - (..) [HKLM][64Bits] – ReelSmart Motion Blur 4, After Effects-compatible plugin set
O42 - Logiciel: Rocket League - (.Psyonix, Inc..) [HKLM][64Bits] – Steam App 252950 =>.Valve® O42 - Logiciel: Rowbyte TV Distortion 2.0.7 CE - (.Team V.R.) [HKLM][64Bits] – TV Distortion Bundle_is1 =>.Team V.R O42 - Logiciel: ShareX - (.ShareX Team.) [HKLM][64Bits] – 82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1 =>.ShareX Team
O42 - Logiciel: Sid Meiers Civilization VI Rise and Fall - (..) [HKLM][64Bits] – Sid Meiers Civilization VI Rise and Fall_is1
O42 - Logiciel: Slay the Spire - (.Mega Crit Games.) [HKLM][64Bits] – Steam App 646570 =>.Valve® O42 - Logiciel: SpeedFan (remove only) - (.Almico Software.) [HKLM][64Bits] – SpeedFan =>.Almico Software O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] – Steam =>.Valve® O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM][64Bits] – TeamSpeak 3 Client =>.TeamSpeak Systems GmbH O42 - Logiciel: Terraria - (.Re-Logic.) [HKLM][64Bits] – Steam App 105600 =>.Valve® O42 - Logiciel: The Swords of Ditto - (.onebitbeyond.) [HKLM][64Bits] – Steam App 619780 =>.Valve® O42 - Logiciel: Trapcode Suite 14 - (.Red Giant LLC.) [HKLM][64Bits] – Trapcode Suite 14 v14.0 =>.Red Giant LLC O42 - Logiciel: Tricky Towers - (.WeirdBeard.) [HKLM][64Bits] – Steam App 437920 =>.Valve® O42 - Logiciel: Turmoil - (.Gamious.) [HKLM][64Bits] – Steam App 361280 =>.Valve® O42 - Logiciel: Ultimate Chicken Horse - (.Clever Endeavour Games.) [HKLM][64Bits] – Steam App 386940 =>.Valve® O42 - Logiciel: Universe - (.Team V.R.) [HKLM][64Bits] – Universe Premium_is1 =>.Team V.R O42 - Logiciel: Unlocker 1.9.2 - (.Cedrick Collomb.) [HKLM][64Bits] – Unlocker =>.Cedrick Collomb O42 - Logiciel: Vicon boujou 5.0.2 - (.Vicon Motion Systems.) [HKLM][64Bits] – {C071157F-AB34-4D3F-A0DF-9AC544B3732E} =>.Vicon Motion Systems O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] – VLC media player =>.VideoLAN O42 - Logiciel: Vulkan Run Time Libraries 1.1.70.0 - (.LunarG, Inc..) [HKLM][64Bits] – VulkanRT1.1.70.0 =>.LunarG, Inc.® O42 - Logiciel: Warcraft III - (.Blizzard Entertainment.) [HKLM][64Bits] – Warcraft III =>.Blizzard Entertainment, Inc.® O42 - Logiciel: Warhammer: Vermintide 2 - (.Fatshark.) [HKLM][64Bits] – Steam App 552500 =>.Valve® O42 - Logiciel: WinDirStat 1.1.2 - (.Seifert Systems.) [HKCU][64Bits] – WinDirStat =>.Seifert Systems O42 - Logiciel: WinRAR 5.50 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] – WinRAR archiver =>.win.rar GmbH® O42 - Logiciel: Zemana AntiMalware - (.Zemana Ltd..) [HKLM][64Bits] – {8F0CD7D1-42F3-4195-95CD-833578D45057}is1 =>.Zemana Ltd.
—\ CLÉ DE REGISTRE SOFTWARE HKCU & HKLM (152) - 11s
HKLM\SOFTWARE\Adobe =>.Adobe HKLM\SOFTWARE\AGEIA Technologies =>.AGEIA Technologies HKLM\SOFTWARE\AMD =>.AMD HKLM\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc. HKLM\SOFTWARE\Apple Inc. =>.Apple Inc. HKLM\SOFTWARE\Avira =>.Avira HKLM\SOFTWARE\Blizzard Entertainment =>.Blizzard Entertainment HKLM\SOFTWARE\BlueStacks =>.BlueStack Systems, Inc. HKLM\SOFTWARE\BlueStacksGP =>.BlueStack Systems, Inc. HKLM\SOFTWARE\Boris FX, Inc. =>.Boris FX, Inc. HKLM\SOFTWARE\EasyAntiCheat =>.EasyAntiCheat HKLM\SOFTWARE\Epic Games =>.Epic Games HKLM\SOFTWARE\EpicGames =>.Epic Games HKLM\SOFTWARE\GOG.com =>.GOG.com HKLM\SOFTWARE\Google =>.Google HKLM\SOFTWARE\IM Providers =>.IM Providers HKLM\SOFTWARE\Intel =>.Intel HKLM\SOFTWARE\Khronos =>.Khronos HKLM\SOFTWARE\Kinoni =>.Kinoni HKLM\SOFTWARE\Lame For Audacity =>.Audacity HKLM\SOFTWARE\Macromedia =>.Macromedia HKLM\SOFTWARE\MAXSOFT-OCRON =>.Maxsoft-Ocron, Inc HKLM\SOFTWARE\MimarSinan =>.Mimar Sinan HKLM\SOFTWARE\Mozilla =>.Mozilla HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins HKLM\SOFTWARE\Notepad++ =>.Don Ho HKLM\SOFTWARE\Nuance =>.Nuance HKLM\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions HKLM\SOFTWARE\Razer =>.Razer HKLM\SOFTWARE\re-logic =>.Re-Logic
HKLM\SOFTWARE\REvision
HKLM\SOFTWARE\Riot Games, Inc =>.Riot Games, Inc HKLM\SOFTWARE\SimonTatham =>.Simon Tatham
HKLM\SOFTWARE\Skillbrains =>.SUP.Skillbrains
HKLM\SOFTWARE\SpeedFan =>.Almico Software HKLM\SOFTWARE\Valve =>.Valve HKLM\SOFTWARE\VideoLAN =>.VideoLAN HKLM\SOFTWARE\WOW6432Node =>.Microsoft Corporation HKLM\SOFTWARE\X-AVCSD =>.Avira Software HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation HKLM\SOFTWARE\WOW6432Node\Adobe =>.Adobe HKLM\SOFTWARE\WOW6432Node\AGEIA Technologies =>.AGEIA Technologies HKLM\SOFTWARE\WOW6432Node\AMD =>.AMD HKLM\SOFTWARE\WOW6432Node\Apple Computer, Inc. =>.Apple Computer, Inc. HKLM\SOFTWARE\WOW6432Node\Apple Inc. =>.Apple Inc. HKLM\SOFTWARE\WOW6432Node\Avira =>.Avira HKLM\SOFTWARE\WOW6432Node\Blizzard Entertainment =>.Blizzard Entertainment HKLM\SOFTWARE\WOW6432Node\BlueStacks =>.BlueStack Systems, Inc. HKLM\SOFTWARE\WOW6432Node\BlueStacksGP =>.BlueStack Systems, Inc. HKLM\SOFTWARE\WOW6432Node\Boris FX, Inc. =>.Boris FX, Inc. HKLM\SOFTWARE\WOW6432Node\EasyAntiCheat =>.EasyAntiCheat HKLM\SOFTWARE\WOW6432Node\Epic Games =>.Epic Games HKLM\SOFTWARE\WOW6432Node\EpicGames =>.Epic Games HKLM\SOFTWARE\WOW6432Node\GOG.com =>.GOG.com HKLM\SOFTWARE\WOW6432Node\Google =>.Google HKLM\SOFTWARE\WOW6432Node\IM Providers =>.IM Providers HKLM\SOFTWARE\WOW6432Node\Intel =>.Intel HKLM\SOFTWARE\WOW6432Node\Khronos =>.Khronos HKLM\SOFTWARE\WOW6432Node\Kinoni =>.Kinoni HKLM\SOFTWARE\WOW6432Node\Lame For Audacity =>.Audacity HKLM\SOFTWARE\WOW6432Node\Macromedia =>.Macromedia HKLM\SOFTWARE\WOW6432Node\MAXSOFT-OCRON =>.Maxsoft-Ocron, Inc HKLM\SOFTWARE\WOW6432Node\MimarSinan =>.Mimar Sinan HKLM\SOFTWARE\WOW6432Node\Mozilla =>.Mozilla HKLM\SOFTWARE\WOW6432Node\MozillaPlugins =>.MozillaPlugins HKLM\SOFTWARE\WOW6432Node\Notepad++ =>.Don Ho HKLM\SOFTWARE\WOW6432Node\Nuance =>.Nuance HKLM\SOFTWARE\WOW6432Node\NVIDIA Corporation =>.nVidia Corporation HKLM\SOFTWARE\WOW6432Node\ODBC =>.DB Connectivity Solutions HKLM\SOFTWARE\WOW6432Node\Razer =>.Razer HKLM\SOFTWARE\WOW6432Node\re-logic =>.Re-Logic
HKLM\SOFTWARE\WOW6432Node\REvision
HKLM\SOFTWARE\WOW6432Node\Riot Games, Inc =>.Riot Games, Inc HKLM\SOFTWARE\WOW6432Node\SimonTatham =>.Simon Tatham
HKLM\SOFTWARE\WOW6432Node\Skillbrains =>.SUP.Skillbrains
HKLM\SOFTWARE\WOW6432Node\SpeedFan =>.Almico Software HKLM\SOFTWARE\WOW6432Node\Valve =>.Valve HKLM\SOFTWARE\WOW6432Node\VideoLAN =>.VideoLAN HKLM\SOFTWARE\WOW6432Node\WOW6432Node =>.Microsoft Corporation HKLM\SOFTWARE\WOW6432Node\X-AVCSD =>.Avira Software HKLM\SOFTWARE\WOW6432Node\RegisteredApplications =>.Microsoft Corporation HKCU\SOFTWARE\Adobe =>.Adobe HKCU\SOFTWARE\Adobe Lightroom =>.Adobe Inc. HKCU\SOFTWARE\Ankama =>.Ankama HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation HKCU\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc. HKCU\SOFTWARE\Apple Inc. =>.Apple Inc. HKCU\SOFTWARE\AvastAdSDK =>.Avast Software s.r.o HKCU\SOFTWARE\Avira =>.Avira HKCU\SOFTWARE\BleachBit =>.BleachBit HKCU\SOFTWARE\Blizzard Entertainment =>.Blizzard Entertainment HKCU\SOFTWARE\Chromium =>.Chromium
HKCU\SOFTWARE\Clever Endeavour Games
HKCU\SOFTWARE\Codeusa Software =>.Codeusa Software HKCU\SOFTWARE\Digiarty =>.Digiarty HKCU\SOFTWARE\Disc Soft =>.Disc Soft HKCU\SOFTWARE\Dodge Roll =>.Dodge Roll HKCU\SOFTWARE\Epic Games =>.Epic Games
HKCU\SOFTWARE\fayteq
HKCU\SOFTWARE\FLEXlm License Manager =>.FlexNet HKCU\SOFTWARE\FlippingBook =>.FlippingBook HKCU\SOFTWARE\Freemake =>.Freemake HKCU\SOFTWARE\FXHOME =>.FXhome HKCU\SOFTWARE\GenArts =>.GenArts HKCU\SOFTWARE\GOG.com =>.GOG.com HKCU\SOFTWARE\Google =>.Google HKCU\SOFTWARE\GrindingGearGames =>.Grinding Gear Games HKCU\SOFTWARE\Hobbyist Software =>.Hobbyist Software HKCU\SOFTWARE\Hunter Studio =>.Hunter Studio HKCU\SOFTWARE\IM Providers =>.IM Providers HKCU\SOFTWARE\Imagineer Systems Ltd =>.Imagineer Systems Ltd
HKCU\SOFTWARE\ImpactGameworks
HKCU\SOFTWARE\IronOak Games
HKCU\SOFTWARE\IvoSoft =>.IvoSoft HKCU\SOFTWARE\Logitech =>.Logitech HKCU\SOFTWARE\MediaTrans =>.MediaTrans HKCU\SOFTWARE\Mojang =>.Mojang HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\Muon
HKCU\SOFTWARE\Netscape =>.Netscape HKCU\SOFTWARE\NewBlue =>.NewBlue HKCU\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\PhapSoftware
HKCU\SOFTWARE\Piriform =>.Piriform
HKCU\SOFTWARE\Playsoft
HKCU\SOFTWARE\QtProject =>.QtProject HKCU\SOFTWARE\Realtek =>.Realtek Semiconductor Corp. HKCU\SOFTWARE\RedGiantSoftware =>.Red Giant Software LLC HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation HKCU\SOFTWARE\SaurikIT =>.SaurikIT, LLC HKCU\SOFTWARE\Seifert =>.Seifert Systems HKCU\SOFTWARE\SimonTatham =>.Simon Tatham
HKCU\SOFTWARE\SkillBrains =>.SUP.Skillbrains
HKCU\SOFTWARE\SpeedFan =>.Almico Software HKCU\SOFTWARE\Stunlock Studios =>.Stunlock Studios
HKCU\SOFTWARE\Supra Games
HKCU\SOFTWARE\Tihiy
HKCU\SOFTWARE\Trolltech =>.Trolltech HKCU\SOFTWARE\Unity =>.Unity HKCU\SOFTWARE\Valve =>.Valve
HKCU\SOFTWARE\Vicon
HKCU\SOFTWARE\WeirdBeard
HKCU\SOFTWARE\White Wizard Games
HKCU\SOFTWARE\WinRAR =>.WinRAR HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\WinterSpring Games
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation HKCU\SOFTWARE\Zemana =>.Zemana HKCU\SOFTWARE\ZHP =>.Nicolas Coolman HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
—\ CONTENU DES DOSSIERS PROGRAMMES (897) - 46s
O43 - CFD: 24/04/2018 - [] AD – C:\Program Files\Adobe {05067D3A8DE1687600A7207D3FF99808} =>.Adobe O43 - CFD: 18/09/2017 - [] D – C:\Program Files\AMD =>.Advanced Micro Devices Inc.® O43 - CFD: 17/09/2017 - [] D – C:\Program Files\AutoHotkey =>.Chicony Multimedia O43 - CFD: 19/09/2017 - [] D – C:\Program Files\Avid {2624AE59466DFE3BA7CF56FC6C0963F8} =>.Avid O43 - CFD: 17/09/2017 - [] AD – C:\Program Files\Bonjour =>.Apple Inc.
O43 - CFD: 17/09/2017 - [] AD – C:\Program Files\Boris FX, Inc
O43 - CFD: 26/04/2018 - [] D – C:\Program Files\CCleaner =>.Piriform Ltd O43 - CFD: 17/09/2017 - [] D – C:\Program Files\Classic Shell =>.Ivo Beltchev O43 - CFD: 17/09/2017 - [] D – C:\Program Files\DAEMON Tools Pro =>.The DAEMON Team
O43 - CFD: 17/09/2017 - [] D – C:\Program Files\fayteq
O43 - CFD: 17/09/2017 - [] D – C:\Program Files\GenArts =>.GenArts O43 - CFD: 17/09/2017 - [] D – C:\Program Files\HandBrake =>.Handbrake
O43 - CFD: 22/09/2017 - [] AD – C:\Program Files\ImageGlass
O43 - CFD: 18/09/2017 - [] D – C:\Program Files\Imagineer Systems Ltd
O43 - CFD: 17/09/2017 - [] D – C:\Program Files\iPod =>.Apple Inc.® O43 - CFD: 17/09/2017 - [] AD – C:\Program Files\iTunes =>.Apple Inc.
O43 - CFD: 25/11/2017 - [] D – C:\Program Files\mmpicker
O43 - CFD: 02/05/2018 - [] AD – C:\Program Files\Mozilla Firefox =>.Mozilla
O43 - CFD: 03/10/2017 - [] AD – C:\Program Files\NewBlueFX
O43 - CFD: 08/05/2018 - [] D – C:\Program Files\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 25/04/2018 - [] D – C:\Program Files\Parsec {0F0CC3A57EF947E7D23CF075B8B4BA5D}
O43 - CFD: 17/09/2017 - [] AD – C:\Program Files\PuTTY =>.Simon Tatham® O43 - CFD: 23/11/2017 - [] D – C:\Program Files\Realtek =>.Realtek O43 - CFD: 19/09/2017 - [] D – C:\Program Files\Red Giant =>.Adobe Systems Incorporated® O43 - CFD: 17/09/2017 - [] D – C:\Program Files\REVisionEffects =>.RE Vision Effects, Inc.®
O43 - CFD: 02/05/2018 - [] D – C:\Program Files\ShareX
O43 - CFD: 18/03/2018 - [] AD – C:\Program Files\TeamSpeak 3 Client =>.TeamSpeak O43 - CFD: 17/09/2017 - [] D – C:\Program Files\Unlocker =>.Cedrick Collomb O43 - CFD: 17/09/2017 - [] AD – C:\Program Files\WinRAR =>.win.rar GmbH® O43 - CFD: 12/05/2018 - [] D – C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated® O43 - CFD: 17/09/2017 - [] AD – C:\Program Files (x86)\Apple Software Update =>.Apple Inc. O43 - CFD: 17/09/2017 - [] D – C:\Program Files (x86)\Avira =>.Avira Software O43 - CFD: 18/09/2017 - [] D – C:\Program Files (x86)\BleachBit =>.Andrew Ziem® O43 - CFD: 13/05/2018 - [] AD – C:\Program Files (x86)\Blizzard App =>.Blizzard Entertainment, Inc.® O43 - CFD: 05/12/2017 - [] AD – C:\Program Files (x86)\BlueStacks =>.BlueStack Systems, Inc. O43 - CFD: 17/09/2017 - [] AD – C:\Program Files (x86)\Bonjour =>.Apple Inc. O43 - CFD: 19/10/2017 - [] D – C:\Program Files (x86)\Digiarty =>.Digiarty, Inc.® O43 - CFD: 10/03/2018 - [] D – C:\Program Files (x86)\EasyAntiCheat =>.EasyAntiCheat
O43 - CFD: 04/10/2017 - [] D – C:\Program Files (x86)\Elephorm applications
O43 - CFD: 29/03/2018 - [] D – C:\Program Files (x86)\FlippingBook {08385578821DA77EEA1703484E369B19} =>.FlippingBook O43 - CFD: 08/05/2018 - [] D – C:\Program Files (x86)\Free Window Registry Repair =>.RegSofts Software O43 - CFD: 17/09/2017 - [] D – C:\Program Files (x86)\Google =>.Google Inc® O43 - CFD: 26/12/2017 - [] D – C:\Program Files (x86)\Grinding Gear Games =>.Grinding Gear Games Limited® O43 - CFD: 22/02/2018 - [] AD – C:\Program Files (x86)\Heroes of the Storm =>.Games Software O43 - CFD: 24/09/2017 - [] HD – C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield O43 - CFD: 19/09/2017 - [] D – C:\Program Files (x86)\LooksBuilder =>.Red Giant Software LLC O43 - CFD: 22/03/2018 - [] D – C:\Program Files (x86)\ManiaPlanet =>.Nadeo O43 - CFD: 07/05/2018 - [] D – C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla O43 - CFD: 17/09/2017 - [] D – C:\Program Files (x86)\Notepad++ =>.Don Ho O43 - CFD: 08/05/2018 - [] D – C:\Program Files (x86)\NVIDIA Corporation =>.nVidia Corporation O43 - CFD: 23/03/2018 - [] AD – C:\Program Files (x86)\Overwatch =>.Blizzard Entertainment
O43 - CFD: 17/09/2017 - [] D – C:\Program Files (x86)\PKGInstaller
O43 - CFD: 27/09/2017 - [] AD – C:\Program Files (x86)\PuTTY =>.Simon Tatham®
O43 - CFD: 18/09/2017 - [] AD – C:\Program Files (x86)\QuickTime =>.Apple Inc.® =>Riskware.QuickTime
O43 - CFD: 17/09/2017 - [] AD – C:\Program Files (x86)\Razer =>.Razer USA Ltd.® O43 - CFD: 19/09/2017 - [] AD – C:\Program Files (x86)\Red Giant =>.Red Giant
O43 - CFD: 19/09/2017 - [] AD – C:\Program Files (x86)\Red Giant Link
O43 - CFD: 17/09/2017 - [] D – C:\Program Files (x86)\REVisionEffects
O43 - CFD: 07/02/2018 - [] D – C:\Program Files (x86)\SpeedFan =>.Almico Software O43 - CFD: 14/05/2018 - [] D – C:\Program Files (x86)\Steam =>.Steam Games
O43 - CFD: 19/09/2017 - [] AD – C:\Program Files (x86)\Vicon
O43 - CFD: 17/09/2017 - [] D – C:\Program Files (x86)\VideoLAN =>.VideoLan Team O43 - CFD: 12/05/2018 - [] D – C:\Program Files (x86)\VulkanRT =>.LunarG, Inc O43 - CFD: 17/09/2017 - [] AD – C:\Program Files (x86)\Warcraft III =>.Games Software O43 - CFD: 07/10/2017 - [] D – C:\Program Files (x86)\WinDirStat =>.Seifert Systems
O43 - CFD: 17/09/2017 - [] D – C:\Program Files (x86)\XPE Windows 10 DPI Fix
O43 - CFD: 14/05/2018 - [] D – C:\Program Files (x86)\Zemana AntiMalware =>.Zemana O43 - CFD: 14/02/2018 - [] RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 26/04/2018 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aescripts
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey =>.Chicony Multimedia O43 - CFD: 09/05/2018 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira =>.Avira Software
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blizzard App
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boris Continuum Complete AE 10
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fayteq
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire AE
O43 - CFD: 26/12/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games =>.Grinding Gear Games O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm =>.Games Software
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageGlass
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes =>.Apple Inc. O43 - CFD: 22/03/2018 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManiaPlanet =>.Nadeo
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mocha Pro V5
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ =>.Don Ho O43 - CFD: 12/05/2018 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation =>.nVidia Corporation O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch =>.Blizzard Entertainment
O43 - CFD: 08/12/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Path of Building
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime =>Riskware.QuickTime
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer =>.Razer O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant =>.Red Giant
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReelSmart Motion Blur 4, After Effects-compatible plugin set
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REVisionEffects
O43 - CFD: 02/05/2018 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShareX
O43 - CFD: 24/04/2018 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sid Meiers Civilization VI Rise and Fall
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam =>.Steam Games
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vicon
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.VideoLan Team O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III =>.Games Software O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR O43 - CFD: 14/05/2018 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware =>.Zemana O43 - CFD: 02/12/2017 - [] D – C:\ProgramData.mono =>.Legitimate O43 - CFD: 24/04/2018 - [] D – C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 26/04/2018 - [] D – C:\ProgramData\aescripts
O43 - CFD: 17/09/2017 - [] D – C:\ProgramData\Apple =>.Apple Inc. O43 - CFD: 17/09/2017 - [] D – C:\ProgramData\Apple Computer =>.Apple Inc. O43 - CFD: 17/09/2017 - [] D – C:\ProgramData\Avira =>.Avira Software O43 - CFD: 17/09/2017 - [] D – C:\ProgramData\Battle.net =>.Games Software O43 - CFD: 28/10/2017 - [] D – C:\ProgramData\Blizzard Entertainment =>.Blizzard Entertainment O43 - CFD: 30/11/2017 - [] D – C:\ProgramData\BlueStacks =>.BlueStack Systems, Inc. O43 - CFD: 30/11/2017 - [0] D – C:\ProgramData\BlueStacksSetup =>.BlueStack Systems, Inc. O43 - CFD: 17/09/2017 - [] D – C:\ProgramData\DAEMON Tools Pro =>.The DAEMON Team O43 - CFD: 06/05/2018 - [] D – C:\ProgramData\Epic =>.Epic O43 - CFD: 17/09/2017 - [] D – C:\ProgramData\Freemake =>.Freemake O43 - CFD: 02/05/2018 - [] D – C:\ProgramData\FXHOME =>.FXhome O43 - CFD: 27/03/2018 - [] D – C:\ProgramData\GenArts =>.GenArts O43 - CFD: 14/02/2018 - [] D – C:\ProgramData\GOG.com =>.GOG.com O43 - CFD: 17/09/2017 - [0] D – C:\ProgramData\goodasnew =>.Goodasnew
O43 - CFD: 18/09/2017 - [] D – C:\ProgramData\Imagineer Systems Ltd
O43 - CFD: 09/02/2018 - [] D – C:\ProgramData\Kinoni =>.Kinoni O43 - CFD: 22/03/2018 - [] D – C:\ProgramData\ManiaPlanet =>.Nadeo O43 - CFD: 14/05/2018 - [] D – C:\ProgramData\NVIDIA =>.nVidia Corporation O43 - CFD: 12/05/2018 - [] D – C:\ProgramData\NVIDIA Corporation =>.nVidia Corporation O43 - CFD: 08/12/2017 - [] D – C:\ProgramData\Oracle =>.Oracle
O43 - CFD: 08/12/2017 - [] D – C:\ProgramData\Path of Building
O43 - CFD: 17/09/2017 - [] D – C:\ProgramData\Razer =>.Razer O43 - CFD: 17/09/2017 - [] D – C:\ProgramData\Red Giant =>.Red Giant O43 - CFD: 17/09/2017 - [] D – C:\ProgramData\RedGiant =>.Red Giant Software LLC O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\regid.1986-12.com.adobe =>.Adobe Inc. O43 - CFD: 30/09/2017 - [] AD – C:\ProgramData\Reprise =>.Unknown
O43 - CFD: 17/09/2017 - [] D – C:\ProgramData\REVisionEffects
O43 - CFD: 19/09/2017 - [0] D – C:\ProgramData\rgt
O43 - CFD: 20/01/2018 - [] D – C:\ProgramData\Riot Games =>.Riot Games
O43 - CFD: 01/10/2017 - [] D – C:\ProgramData\RWBYTE
O43 - CFD: 19/09/2017 - [] D – C:\ProgramData\SafeNet Sentinel =>.SafeNet
O43 - CFD: 25/10/2017 - [] D – C:\ProgramData\VideoCopilot
O43 - CFD: 12/05/2018 - [] HDC – C:\ProgramData~0 O43 - CFD: 26/04/2018 - [] AD – C:\Program Files (x86)\Common Files\Adobe =>.Adobe O43 - CFD: 02/10/2017 - [] AD – C:\Program Files (x86)\Common Files\Adobe AIR =>.Adobe Inc. O43 - CFD: 17/09/2017 - [] D – C:\Program Files (x86)\Common Files\Apple =>.Apple Inc. O43 - CFD: 14/05/2018 - [] D – C:\Program Files (x86)\Common Files\BattlEye =>.BattlEye O43 - CFD: 29/03/2018 - [] D – C:\Program Files (x86)\Common Files\DESIGNER =>.Designer O43 - CFD: 24/09/2017 - [] D – C:\Program Files (x86)\Common Files\InstallShield =>.InstallShield O43 - CFD: 17/09/2017 - [] D – C:\Program Files (x86)\Common Files\Intel =>.Intel Corporation O43 - CFD: 17/09/2017 - [] D – C:\Program Files (x86)\Common Files\Razer =>.Razer O43 - CFD: 06/04/2018 - [] D – C:\Program Files (x86)\Common Files\Steam =>.Steam Games O43 - CFD: 02/12/2017 - [] D – C:\Users\GUI\AppData\Roaming.mono =>.Legitimate O43 - CFD: 08/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 26/04/2018 - [] D – C:\Users\GUI\AppData\Roaming\aescripts
O43 - CFD: 21/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\AnkamaCertificates =>.Ankama O43 - CFD: 21/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\app =>.Ankama O43 - CFD: 25/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Apple Computer =>.Apple Inc. O43 - CFD: 11/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\audacity =>.Audacity O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Avira =>.Avira Software O43 - CFD: 04/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\Battle.net =>.Games Software
O43 - CFD: 15/03/2018 - [] D – C:\Users\GUI\AppData\Roaming\Battlerite
O43 - CFD: 18/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\BleachBit =>.BleachBit
O43 - CFD: 21/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\BorisFX
O43 - CFD: 16/04/2018 - [] D – C:\Users\GUI\AppData\Roaming\brave
O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\ClassicShell =>.SourceForge O43 - CFD: 28/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Codeusa Software =>.Codeusa Software O43 - CFD: 08/05/2018 - [0] D – C:\Users\GUI\AppData\Roaming\DAEMON Tools Pro =>.The DAEMON Team
O43 - CFD: 19/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\DearMob
O43 - CFD: 23/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\Digiarty =>.Digiarty O43 - CFD: 09/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\discord =>.GitHub O43 - CFD: 23/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\Dofus =>.Ankama O43 - CFD: 23/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\Dofus-2 =>.Ankama O43 - CFD: 17/03/2018 - [] D – C:\Users\GUI\AppData\Roaming\EasyAntiCheat =>.EasyAntiCheat
O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\ElephormDVDPlayer
O43 - CFD: 17/03/2018 - [] D – C:\Users\GUI\AppData\Roaming\Fatshark =>.Fatshark O43 - CFD: 25/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\FileZilla =>.FileZilla O43 - CFD: 24/04/2018 - [] D – C:\Users\GUI\AppData\Roaming\FiraxisLive =>.Firaxis O43 - CFD: 29/03/2018 - [] D – C:\Users\GUI\AppData\Roaming\FlippingBook =>.FlippingBook O43 - CFD: 08/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\Free Window Registry Repair =>.RegSofts Software
O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\GCCS
O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Google =>.Google
O43 - CFD: 09/02/2018 - [0] D – C:\Users\GUI\AppData\Roaming\Google.Apis.Auth
O43 - CFD: 03/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\HandBrake =>.Handbrake O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\HandBrake Team =>.HandBrake Team O43 - CFD: 11/02/2018 - [] D – C:\Users\GUI\AppData\Roaming\Hobbyist Software =>.Hobbyist Software
O43 - CFD: 19/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Imagineer Systems Ltd
O43 - CFD: 22/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\inkscape =>.inkscape.org O43 - CFD: 03/12/2017 - [] D – C:\Users\GUI\AppData\Roaming\LOVE =>.Unknown O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Macromedia =>.Macromedia O43 - CFD: 19/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\MAXON =>.Maxon O43 - CFD: 10/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\Molotov =>.Molotov O43 - CFD: 20/11/2017 - [] D – C:\Users\GUI\AppData\Roaming\Mozilla =>.Mozilla Corporation O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Notepad++ =>.Don Ho O43 - CFD: 10/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\NVIDIA =>.nVidia Corporation
O43 - CFD: 08/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\Parsec
O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Red Giant =>.Red Giant
O43 - CFD: 21/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\Reg
O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Skype =>.Skype
O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Skype_old
O43 - CFD: 12/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\Teeworlds =>.Teeworlds
O43 - CFD: 22/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Thomas Kovar
O43 - CFD: 29/04/2018 - [] D – C:\Users\GUI\AppData\Roaming\TS3Client =>.TeamSpeak O43 - CFD: 17/02/2018 - [] D – C:\Users\GUI\AppData\Roaming\Tunngle =>.Tunngle.net
O43 - CFD: 24/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\uMod
O43 - CFD: 13/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\vlc =>.VideoLan Team O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\WinRAR =>.WinRAR O43 - CFD: 14/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 28/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\ZXPInstaller
O43 - CFD: 23/12/2017 - [] D – C:\Users\GUI\AppData\Local\acquisition
O43 - CFD: 13/05/2018 - [] D – C:\Users\GUI\AppData\Local\Adobe =>.Adobe O43 - CFD: 21/10/2017 - [] D – C:\Users\GUI\AppData\Local\Ankama =>.Ankama O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\Apple =>.Apple Inc. O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\Apple Computer =>.Apple Inc. O43 - CFD: 25/09/2017 - [] D – C:\Users\GUI\AppData\Local\Audacity =>.Audacity O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\Avira =>.Avira Software O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\AviraSpeedup =>.Avira Software O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\Avira_Operations_Gmbh&C =>.Avira Software O43 - CFD: 13/05/2018 - [] D – C:\Users\GUI\AppData\Local\Battle.net =>.Games Software O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\Blizzard =>.Blizzard O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\Blizzard Entertainment =>.Blizzard Entertainment O43 - CFD: 30/11/2017 - [] D – C:\Users\GUI\AppData\Local\Bluestacks =>.BlueStack Systems, Inc.
O43 - CFD: 21/09/2017 - [] D – C:\Users\GUI\AppData\Local\BorisFX
O43 - CFD: 16/04/2018 - [] D – C:\Users\GUI\AppData\Local\Brave
O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\CEF =>.CEF O43 - CFD: 14/05/2018 - [] D – C:\Users\GUI\AppData\Local\ClassicShell =>.SourceForge
O43 - CFD: 29/09/2017 - [] D – C:\Users\GUI\AppData\Local\CrashReportClient
O43 - CFD: 14/10/2017 - [] D – C:\Users\GUI\AppData\Local\CrashRpt
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\DBG =>.DBG O43 - CFD: 01/05/2018 - [] D – C:\Users\GUI\AppData\Local\Discord =>.GitHub
O43 - CFD: 24/09/2017 - [] D – C:\Users\GUI\AppData\Local\DLLInjector
O43 - CFD: 25/09/2017 - [] D – C:\Users\GUI\AppData\Local\EpicGamesLauncher =>.Epic Games
O43 - CFD: 29/03/2018 - [] D – C:\Users\GUI\AppData\Local\FlippingBook_Limited
O43 - CFD: 22/09/2017 - [] D – C:\Users\GUI\AppData\Local\fontconfig =>.Portable Apps
O43 - CFD: 26/09/2017 - [] D – C:\Users\GUI\AppData\Local\FortniteGame
O43 - CFD: 31/03/2018 - [] D – C:\Users\GUI\AppData\Local\GNE
O43 - CFD: 14/01/2018 - [] D – C:\Users\GUI\AppData\Local\Google =>.Google
O43 - CFD: 28/04/2018 - [] D – C:\Users\GUI\AppData\Local\Hero_Siege
O43 - CFD: 29/03/2018 - [] D – C:\Users\GUI\AppData\Local\III
O43 - CFD: 18/09/2017 - [] D – C:\Users\GUI\AppData\Local\Imagineer Systems Ltd
O43 - CFD: 31/10/2017 - [] D – C:\Users\GUI\AppData\Local\LooksBuilder =>.Red Giant Software LLC O43 - CFD: 04/02/2018 - [] D – C:\Users\GUI\AppData\Local\Mega Limited =>.MEGA Limited
O43 - CFD: 08/12/2017 - [] D – C:\Users\GUI\AppData\Local\MercuryTrade
O43 - CFD: 26/04/2018 - [] D – C:\Users\GUI\AppData\Local\Molotov =>.Molotov O43 - CFD: 21/09/2017 - [] D – C:\Users\GUI\AppData\Local\Mozilla =>.Mozilla Corporation O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Notepad++ =>.Don Ho O43 - CFD: 12/05/2018 - [] D – C:\Users\GUI\AppData\Local\NVIDIA =>.nVidia Corporation O43 - CFD: 12/05/2018 - [] D – C:\Users\GUI\AppData\Local\NVIDIA Corporation =>.nVidia Corporation O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\Razer =>.Razer O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\Recovery =>.Recovery Labs O43 - CFD: 26/04/2018 - [] D – C:\Users\GUI\AppData\Local\Red Giant =>.Red Giant O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\RzStats =>.Razer Inc O43 - CFD: 26/04/2018 - [] D – C:\Users\GUI\AppData\Local\SquirrelTemp =>.Squirrels O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\Steam =>.Steam Games
O43 - CFD: 30/10/2017 - [] D – C:\Users\GUI\AppData\Local\Supra Games
O43 - CFD: 19/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign003aaf8330e4 b2d9 =>.SUP.Temporary
O43 - CFD: 06/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign00c9c855d542 6559 =>.SUP.Temporary
O43 - CFD: 14/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign00fabc2a39c8 6663 =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign01390b793453 18af =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign013eaae8d051 c5e5 =>.SUP.Temporary
O43 - CFD: 06/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign017adc81bc6a e4ce =>.SUP.Temporary
O43 - CFD: 20/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign01849a59ef38 43fd =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign039388f17e06 1161 =>.SUP.Temporary
O43 - CFD: 07/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign03ae457c7aff da78 =>.SUP.Temporary
O43 - CFD: 30/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign03fa753466c0 b69d =>.SUP.Temporary
O43 - CFD: 28/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign046518382098 968c =>.SUP.Temporary
O43 - CFD: 06/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign050b7ffedec9 4930 =>.SUP.Temporary
O43 - CFD: 30/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign05355a688e90 433a =>.SUP.Temporary
O43 - CFD: 25/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign0760646fbd58 30ee =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign077a6318bfcc 33af =>.SUP.Temporary
O43 - CFD: 23/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign07a6386e3a4f 4cb3 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign07ce15cedd1d e944 =>.SUP.Temporary
O43 - CFD: 03/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign08cb721d973e 6211 =>.SUP.Temporary
O43 - CFD: 29/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign08e859a51e74 fb5a =>.SUP.Temporary
O43 - CFD: 14/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign0991c8685508 5bfe =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign09971099c4e4 bb03 =>.SUP.Temporary
O43 - CFD: 26/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign09b35a0856f6 06b1 =>.SUP.Temporary
O43 - CFD: 18/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign0c3d6a7aca67 6492 =>.SUP.Temporary
O43 - CFD: 02/02/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign0c7edcaa1057 94d9 =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign0d51f17c378b c782 =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign0dbc4a34f528 0079 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign0ec33dc5ede5 1dd8 =>.SUP.Temporary
O43 - CFD: 29/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign0ecf266722f0 11d7 =>.SUP.Temporary
O43 - CFD: 26/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign0f5797946d0d fd05 =>.SUP.Temporary
O43 - CFD: 30/12/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign0fa1daeb0490 0bd1 =>.SUP.Temporary
O43 - CFD: 14/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign0fdd456415e6 6617 =>.SUP.Temporary
O43 - CFD: 18/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign115bdf7d3d3c 44e4 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign118a37d13f2b e4ac =>.SUP.Temporary
O43 - CFD: 25/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign11a9026f77ea efcd =>.SUP.Temporary
O43 - CFD: 26/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign126210bca674 0e95 =>.SUP.Temporary
O43 - CFD: 14/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign129ae1c6ec3c e0a1 =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign13b196bbdb68 c988 =>.SUP.Temporary
O43 - CFD: 06/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign13da0922d2eb 6644 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign144946c11757 a3e2 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign147e887985a4 23b6 =>.SUP.Temporary
O43 - CFD: 06/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign14f8139db381 151c =>.SUP.Temporary
O43 - CFD: 16/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign15820234c9df e551 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign1584aa09c369 d917 =>.SUP.Temporary
O43 - CFD: 11/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign160caf41cd83 c437 =>.SUP.Temporary
O43 - CFD: 07/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign167208604bae 8c79 =>.SUP.Temporary
O43 - CFD: 20/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign16a06f9cd2af e545 =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign16ca9d38e7f4 c0b1 =>.SUP.Temporary
O43 - CFD: 30/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign16f759fab162 b509 =>.SUP.Temporary
O43 - CFD: 20/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign171b6ca05cc4 9d47 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign1838d7df488a e702 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign18507e7a45f9 ac4c =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign187ee30434e4 3bdb =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign18b2133d1c18 09bb =>.SUP.Temporary
O43 - CFD: 06/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign18b729e649c3 b409 =>.SUP.Temporary
O43 - CFD: 26/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign18e86f23242f d683 =>.SUP.Temporary
O43 - CFD: 05/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign18f778a4c5e5 c0c7 =>.SUP.Temporary
O43 - CFD: 06/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign18f7840746c6 3af6 =>.SUP.Temporary
O43 - CFD: 25/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign1932b5406f19 171d =>.SUP.Temporary
O43 - CFD: 12/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign199c8c558e23 016c =>.SUP.Temporary
O43 - CFD: 13/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign19bfd077cc73 7c85 =>.SUP.Temporary
O43 - CFD: 03/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign19ce9e7373f3 5949 =>.SUP.Temporary
O43 - CFD: 10/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign1a6d24dc1fa4 c100 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign1a8071f27b9f e03d =>.SUP.Temporary
O43 - CFD: 21/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign1afae82cc2aa 2cec =>.SUP.Temporary
O43 - CFD: 26/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign1cc5d3097943 0278 =>.SUP.Temporary
O43 - CFD: 19/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign1d4145d8e753 eebc =>.SUP.Temporary
O43 - CFD: 18/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign1dd0b4301165 4502 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign1dffdc967326 88e6 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign1dfffd8d5088 eff7 =>.SUP.Temporary
O43 - CFD: 25/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign1ed38d796a88 27e3 =>.SUP.Temporary
O43 - CFD: 06/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign1efe190c8ea1 125e =>.SUP.Temporary
O43 - CFD: 28/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign1f0f6c93d59b 9322 =>.SUP.Temporary
O43 - CFD: 27/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign1f112fd4a4fc 3cb3 =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign1f863f1e60b8 91c2 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign1faf6308ccac 60ee =>.SUP.Temporary
O43 - CFD: 18/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign20d75922c1a2 ca10 =>.SUP.Temporary
O43 - CFD: 01/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign218133c02f84 8af7 =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign21aa61af8b65 8aac =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign21ce7230beea 6310 =>.SUP.Temporary
O43 - CFD: 19/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign21e26c4c4ec0 074c =>.SUP.Temporary
O43 - CFD: 28/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign220210cd96ae 08b5 =>.SUP.Temporary
O43 - CFD: 06/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign225434e26224 6be9 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2274f0ba0de4 546f =>.SUP.Temporary
O43 - CFD: 20/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign22c4f063db6e dc8c =>.SUP.Temporary
O43 - CFD: 23/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign233dbbaeb95e eaa3 =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign23e3dfc0ccd8 7278 =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2424b23634a0 a930 =>.SUP.Temporary
O43 - CFD: 01/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2473e5649e23 37b5 =>.SUP.Temporary
O43 - CFD: 09/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign255cae0617f3 e93f =>.SUP.Temporary
O43 - CFD: 29/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign266550c0928e e604 =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2728d12688c4 be05 =>.SUP.Temporary
O43 - CFD: 27/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign278998975db3 56f3 =>.SUP.Temporary
O43 - CFD: 20/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign282c014c8ad2 b47c =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign28c1f8b927d1 9ef8 =>.SUP.Temporary
O43 - CFD: 01/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign292963bb4278 02fe =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2948f6080a03 96ae =>.SUP.Temporary
O43 - CFD: 03/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign295dbd1d5458 34c3 =>.SUP.Temporary
O43 - CFD: 27/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2987aab4e039 bee3 =>.SUP.Temporary
O43 - CFD: 25/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign29a3d68d5594 127c =>.SUP.Temporary
O43 - CFD: 21/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2a29f49db6f3 2e7d =>.SUP.Temporary
O43 - CFD: 07/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2afe77764d93 8504 =>.SUP.Temporary
O43 - CFD: 01/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2b16ae3d948e 5404 =>.SUP.Temporary
O43 - CFD: 11/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2b449d5b430b 9c97 =>.SUP.Temporary
O43 - CFD: 29/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2b51a0d9882f 911e =>.SUP.Temporary
O43 - CFD: 21/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2bfc4d3d1852 784f =>.SUP.Temporary
O43 - CFD: 18/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2c4d0bb95156 0bce =>.SUP.Temporary
O43 - CFD: 20/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2c52f987461b bfa9 =>.SUP.Temporary
O43 - CFD: 03/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2cf8d5e7e701 eb3e =>.SUP.Temporary
O43 - CFD: 14/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2d26eb3858ae bc12 =>.SUP.Temporary
O43 - CFD: 26/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2d317a5f4608 fd90 =>.SUP.Temporary
O43 - CFD: 19/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2d3c6933b956 4238 =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2d86dc59d2bc 38ea =>.SUP.Temporary
O43 - CFD: 27/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2dabd4f41818 c7f7 =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2e223b321023 b5d0 =>.SUP.Temporary
O43 - CFD: 06/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2e264f4a4e82 992e =>.SUP.Temporary
O43 - CFD: 16/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2fbcec6475c2 55c1 =>.SUP.Temporary
O43 - CFD: 06/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign2fd25ab26a4c 10f0 =>.SUP.Temporary
O43 - CFD: 30/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign3062da583fe5 cda3 =>.SUP.Temporary
O43 - CFD: 29/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign308da5d0713a a569 =>.SUP.Temporary
O43 - CFD: 19/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign30991dd86ba5 c6aa =>.SUP.Temporary
O43 - CFD: 09/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign30d1611c08b3 c048 =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign3102f5b758f8 61aa =>.SUP.Temporary
O43 - CFD: 28/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign316cabe6789d a1b2 =>.SUP.Temporary
O43 - CFD: 23/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign31ddc39f9674 5ae7 =>.SUP.Temporary
O43 - CFD: 17/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign330fba7898bb b9f6 =>.SUP.Temporary
O43 - CFD: 11/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign352ee86d742d 33c6 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign357a35dc3898 245c =>.SUP.Temporary
O43 - CFD: 30/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign3583a9db9b33 53a9 =>.SUP.Temporary
O43 - CFD: 03/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign36a21d2e3c64 ddc8 =>.SUP.Temporary
O43 - CFD: 16/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign37934ddaafb6 bc42 =>.SUP.Temporary
O43 - CFD: 16/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign37fc9c2736b2 acfd =>.SUP.Temporary
O43 - CFD: 06/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign38d149137bb9 039e =>.SUP.Temporary
O43 - CFD: 18/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign392e358d64d7 c465 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign393c22286977 18f7 =>.SUP.Temporary
O43 - CFD: 16/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign395d73a9b346 4c72 =>.SUP.Temporary
O43 - CFD: 14/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign39707f5f694a 2f5b =>.SUP.Temporary
O43 - CFD: 02/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign3970844fa7f1 34f8 =>.SUP.Temporary
O43 - CFD: 23/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign39765163e19b 1fce =>.SUP.Temporary
O43 - CFD: 12/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign39d518611f2d 8476 =>.SUP.Temporary
O43 - CFD: 16/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign39e0c3954889 82bf =>.SUP.Temporary
O43 - CFD: 14/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign3b15d40f4e32 6cb3 =>.SUP.Temporary
O43 - CFD: 26/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign3b1f9197ad48 c676 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign3b289ee80d22 523e =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign3bb18169861f f74c =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign3bf3636be2b1 601f =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign3c0aedb21a34 6795 =>.SUP.Temporary
O43 - CFD: 23/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign3d82ceb57cac 5a44 =>.SUP.Temporary
O43 - CFD: 03/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign3df68bd89f6b 55ce =>.SUP.Temporary
O43 - CFD: 21/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign3e4375791c24 fb86 =>.SUP.Temporary
O43 - CFD: 25/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign3fd76a1da579 763e =>.SUP.Temporary
O43 - CFD: 25/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign40250a79def6 a514 =>.SUP.Temporary
O43 - CFD: 02/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign409703bc6e37 b7e3 =>.SUP.Temporary
O43 - CFD: 05/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign41bdfa23460b e335 =>.SUP.Temporary
O43 - CFD: 10/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign41f2d9ac9126 2bb8 =>.SUP.Temporary
O43 - CFD: 21/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign422dbe556209 5f62 =>.SUP.Temporary
O43 - CFD: 10/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign42b6c5389b82 962c =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign42bfb604ff74 c569 =>.SUP.Temporary
O43 - CFD: 26/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign43d18a5fdd1b 4514 =>.SUP.Temporary
O43 - CFD: 24/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign4443ef62a10f 90d3 =>.SUP.Temporary
O43 - CFD: 31/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign44ff9222091e f95e =>.SUP.Temporary
O43 - CFD: 03/12/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign45066a14bdf2 0dcd =>.SUP.Temporary
O43 - CFD: 28/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign4529f0e83adb a1af =>.SUP.Temporary
O43 - CFD: 11/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign4618026adcb2 5eb6 =>.SUP.Temporary
O43 - CFD: 27/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign467707b59dcb 8487 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign475cf22a1fcb 6d76 =>.SUP.Temporary
O43 - CFD: 14/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign47ee960cefa5 0df5 =>.SUP.Temporary
O43 - CFD: 02/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign4805d01f18f2 cbe8 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign4873f6dae2fe b629 =>.SUP.Temporary
O43 - CFD: 30/12/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign48a1f3430929 fd16 =>.SUP.Temporary
O43 - CFD: 13/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign48d9f147bb25 1f79 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign4911e66bbcea 0554 =>.SUP.Temporary
O43 - CFD: 19/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign4938ea81227f 19fe =>.SUP.Temporary
O43 - CFD: 11/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign49ca59bf7014 bc7b =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign49d40d5ae742 a988 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign4a7e0cc6586d 9b8b =>.SUP.Temporary
O43 - CFD: 21/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign4a8105c71612 4a59 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign4ad459fc2977 0279 =>.SUP.Temporary
O43 - CFD: 27/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign4ada1da5de8c 533b =>.SUP.Temporary
O43 - CFD: 19/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign4c60f2f2791e e32b =>.SUP.Temporary
O43 - CFD: 02/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign4d28065e9227 a153 =>.SUP.Temporary
O43 - CFD: 20/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign4d6863ac0046 0d0a =>.SUP.Temporary
O43 - CFD: 19/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign4da2970b5f9f a969 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign4dab06e4787a 87db =>.SUP.Temporary
O43 - CFD: 22/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign4e46fa004eed d679 =>.SUP.Temporary
O43 - CFD: 26/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign4edb75d0ab55 10f3 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign4f4e4a5d5508 fdf9 =>.SUP.Temporary
O43 - CFD: 30/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign4ff8ec35a7a9 be1c =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign5075f0a7c026 8b0c =>.SUP.Temporary
O43 - CFD: 29/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign509edfa5b464 1343 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign50a5d7bfbdf3 5b59 =>.SUP.Temporary
O43 - CFD: 22/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign50f10330b783 7cf9 =>.SUP.Temporary
O43 - CFD: 10/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign5190b537a202 5158 =>.SUP.Temporary
O43 - CFD: 21/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign5292b5a3aaa2 4014 =>.SUP.Temporary
O43 - CFD: 14/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign535621248877 b243 =>.SUP.Temporary
O43 - CFD: 29/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign53f4e17f50bd c949 =>.SUP.Temporary
O43 - CFD: 20/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign53fe26e5140f 449e =>.SUP.Temporary
O43 - CFD: 28/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign540404978359 d6aa =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign54a3f4540a02 e3fe =>.SUP.Temporary
O43 - CFD: 22/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign54cf1c3733c0 52c1 =>.SUP.Temporary
O43 - CFD: 29/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign550c26bd211d cb3c =>.SUP.Temporary
O43 - CFD: 20/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign55f083f7392f 12cc =>.SUP.Temporary
O43 - CFD: 25/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign568d060c91f1 9a7d =>.SUP.Temporary
O43 - CFD: 21/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign576d2c7d7ff2 7113 =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign57e9d585ead8 a8da =>.SUP.Temporary
O43 - CFD: 21/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign582797a4b61f 1e48 =>.SUP.Temporary
O43 - CFD: 26/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign58599ae5ba05 3274 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign59a50f87a265 0760 =>.SUP.Temporary
O43 - CFD: 27/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign5a8f0b28779e 6a49 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign5b1a3583114a 5373 =>.SUP.Temporary
O43 - CFD: 24/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign5b1b3a42d40e 4d65 =>.SUP.Temporary
O43 - CFD: 20/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign5c45bb7ce683 88f1 =>.SUP.Temporary
O43 - CFD: 04/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign5c96e2801dfc ee73 =>.SUP.Temporary
O43 - CFD: 25/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign5ca88cab95a1 4f96 =>.SUP.Temporary
O43 - CFD: 16/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign5cee12b86909 d1d4 =>.SUP.Temporary
O43 - CFD: 16/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign5d3ae8a7c537 7b31 =>.SUP.Temporary
O43 - CFD: 30/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign5d5e22d81f64 971e =>.SUP.Temporary
O43 - CFD: 02/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign5dee1c7e74a0 4bcd =>.SUP.Temporary
O43 - CFD: 28/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign5e3b437757e0 a8b7 =>.SUP.Temporary
O43 - CFD: 12/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign5e7b003fed95 e37b =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign5ed6c362c34b 64dc =>.SUP.Temporary
O43 - CFD: 25/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign5f439966ca20 e233 =>.SUP.Temporary
O43 - CFD: 19/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign602552c97ce8 cc6a =>.SUP.Temporary
O43 - CFD: 02/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign6191450da9af da74 =>.SUP.Temporary
O43 - CFD: 27/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign6306adc0c9be 667d =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign6343588425c2 937c =>.SUP.Temporary
O43 - CFD: 06/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign638d63b68f92 8ee8 =>.SUP.Temporary
O43 - CFD: 20/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign63e7c6e48855 bf1a =>.SUP.Temporary
O43 - CFD: 06/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign6485d78d1e03 377f =>.SUP.Temporary
O43 - CFD: 06/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign648721b7cf01 86a3 =>.SUP.Temporary
O43 - CFD: 04/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign65d85eed0d62 4030 =>.SUP.Temporary
O43 - CFD: 02/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign66475e94cfc8 b69a =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign66484ea25dd5 8e35 =>.SUP.Temporary
O43 - CFD: 25/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign67235a806627 a245 =>.SUP.Temporary
O43 - CFD: 04/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign680c29d10fd3 0bf0 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign68354e7e9e15 d2b3 =>.SUP.Temporary
O43 - CFD: 11/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign68712558cbf2 9e2c =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign68c443e38460 3c17 =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign698bc1e78cb8 f64c =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign69b6781b925f 2a47 =>.SUP.Temporary
O43 - CFD: 16/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign6a24d2d07897 56e4 =>.SUP.Temporary
O43 - CFD: 02/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign6a555b9a2a66 6b32 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign6b75d9b60faa 50fc =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign6bfc8aa4b25d 07e4 =>.SUP.Temporary
O43 - CFD: 18/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign6bff1e424fb0 f05d =>.SUP.Temporary
O43 - CFD: 28/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign6c5f6397cedb 6d76 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign6c79d6daa4eb 7ff3 =>.SUP.Temporary
O43 - CFD: 30/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign6cfecfea6f22 594f =>.SUP.Temporary
O43 - CFD: 10/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign6e678b0555ff 4e92 =>.SUP.Temporary
O43 - CFD: 19/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign6e7059ee19c5 ff4a =>.SUP.Temporary
O43 - CFD: 24/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign6e72b1913625 9a6c =>.SUP.Temporary
O43 - CFD: 11/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign6f162987af3b 04a6 =>.SUP.Temporary
O43 - CFD: 05/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign6f2fe33d2567 7361 =>.SUP.Temporary
O43 - CFD: 21/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign6f515652b4ed 09f7 =>.SUP.Temporary
O43 - CFD: 10/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign6ff3df9898ea 0f75 =>.SUP.Temporary
O43 - CFD: 30/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign6ff91307a3e3 64cf =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign704739278f60 8d03 =>.SUP.Temporary
O43 - CFD: 12/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign7057cf695bab e187 =>.SUP.Temporary
O43 - CFD: 06/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign711574cd9ca4 7920 =>.SUP.Temporary
O43 - CFD: 25/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign711df4966b7f 61a7 =>.SUP.Temporary
O43 - CFD: 16/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign71b9512b1866 91fe =>.SUP.Temporary
O43 - CFD: 27/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign727be557be4c 0dce =>.SUP.Temporary
O43 - CFD: 03/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign72bbf92833ec 3afe =>.SUP.Temporary
O43 - CFD: 10/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign73505079d8e9 3cd0 =>.SUP.Temporary
O43 - CFD: 21/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign7358ded1a545 3a8a =>.SUP.Temporary
O43 - CFD: 05/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign743ce8c92817 3713 =>.SUP.Temporary
O43 - CFD: 30/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign75ccf0e541a5 51d3 =>.SUP.Temporary
O43 - CFD: 03/02/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign7645dfd4d264 c5ed =>.SUP.Temporary
O43 - CFD: 24/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign7662e7421d0e c9ab =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign7688cfe7a143 4981 =>.SUP.Temporary
O43 - CFD: 25/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign776a5bb54646 18bc =>.SUP.Temporary
O43 - CFD: 10/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign7785b38018bc 054d =>.SUP.Temporary
O43 - CFD: 24/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign779a2fe771a9 b50b =>.SUP.Temporary
O43 - CFD: 26/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign7a4661064fce 5979 =>.SUP.Temporary
O43 - CFD: 03/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign7ab9b8ff09df d886 =>.SUP.Temporary
O43 - CFD: 06/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign7ac51b85ea36 6fa3 =>.SUP.Temporary
O43 - CFD: 26/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign7b636cdb6223 043c =>.SUP.Temporary
O43 - CFD: 27/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign7bb7e59e23c1 cbde =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign7bfce8986547 09d9 =>.SUP.Temporary
O43 - CFD: 04/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign7c1ab601f7b3 9f47 =>.SUP.Temporary
O43 - CFD: 12/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign7c2b86298fab 7244 =>.SUP.Temporary
O43 - CFD: 02/02/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign7c6c6782486b b3c5 =>.SUP.Temporary
O43 - CFD: 14/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign7cca2c968b60 9243 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign7d407fad443b 15ad =>.SUP.Temporary
O43 - CFD: 28/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign7df55533ef5a 4567 =>.SUP.Temporary
O43 - CFD: 09/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign7e033af8d1e8 16e7 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign7e558e6be44c 2995 =>.SUP.Temporary
O43 - CFD: 03/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign7facb5571811 d73f =>.SUP.Temporary
O43 - CFD: 29/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign81653e7305bc b850 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign81c147e1081b c3fb =>.SUP.Temporary
O43 - CFD: 21/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign81c5645f8442 ef32 =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign827c308ad722 f0ff =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign8308c58904f6 c86b =>.SUP.Temporary
O43 - CFD: 13/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign8334f55a772d af38 =>.SUP.Temporary
O43 - CFD: 12/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign83e379650ddb de62 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign83f7536cf10c 6db0 =>.SUP.Temporary
O43 - CFD: 06/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign83fea396a540 4ba6 =>.SUP.Temporary
O43 - CFD: 23/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign852b58af6d2e d523 =>.SUP.Temporary
O43 - CFD: 25/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign8654695343f1 cb83 =>.SUP.Temporary
O43 - CFD: 03/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign865900e01ceb 3208 =>.SUP.Temporary
O43 - CFD: 01/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign867222f07934 8527 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign86d32000a870 2664 =>.SUP.Temporary
O43 - CFD: 21/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign86ee18a7a497 7ebf =>.SUP.Temporary
O43 - CFD: 18/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign86f01a2de0ec 1973 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign86f7512f95d4 6ffb =>.SUP.Temporary
O43 - CFD: 12/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign8745f6c1545d 4cbf =>.SUP.Temporary
O43 - CFD: 25/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign87cfeb2d08dd 6ff3 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign890287de7641 fbe4 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign893c41484147 737e =>.SUP.Temporary
O43 - CFD: 07/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign897eaeb6f302 931f =>.SUP.Temporary
O43 - CFD: 18/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign8a3c13b5dbec f235 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign8a3f138efb88 a8fd =>.SUP.Temporary
O43 - CFD: 27/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign8ac6eca8a401 5144 =>.SUP.Temporary
O43 - CFD: 26/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign8acacf2fe908 5008 =>.SUP.Temporary
O43 - CFD: 10/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign8ad2fb584849 a24c =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign8b00df439038 d651 =>.SUP.Temporary
O43 - CFD: 14/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign8b3a1f653d38 6dcd =>.SUP.Temporary
O43 - CFD: 03/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign8bba086a65bc f1d4 =>.SUP.Temporary
O43 - CFD: 30/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign8c1cd9cb1946 4378 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign8c409ec03ea4 1ebb =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign8c4e25afaacf c98a =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign8e0be57273d1 03cb =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign8f0c0d522645 eb25 =>.SUP.Temporary
O43 - CFD: 07/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign8fd2a5513e7d 9110 =>.SUP.Temporary
O43 - CFD: 11/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign902394ee1f43 111c =>.SUP.Temporary
O43 - CFD: 23/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign90290f78e7ed fba7 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign907ce48771ad f96e =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign908ed601cd30 88dd =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign90d2ad21b4de b4a7 =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign9130f8c8fee8 22b6 =>.SUP.Temporary
O43 - CFD: 25/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign91c6f17d1d7b a1e4 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign91f2000e83a1 59fc =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign9306e620d1c7 f125 =>.SUP.Temporary
O43 - CFD: 21/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign931ed593976e 0989 =>.SUP.Temporary
O43 - CFD: 11/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign933305238612 9dc5 =>.SUP.Temporary
O43 - CFD: 12/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign93362d400898 35e0 =>.SUP.Temporary
O43 - CFD: 27/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign9417fd960ece 5c50 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign94752f7a1c90 94a8 =>.SUP.Temporary
O43 - CFD: 17/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign94c5002419a5 f215 =>.SUP.Temporary
O43 - CFD: 30/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign95210eda0ba2 a269 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign95d1fe87570c 7647 =>.SUP.Temporary
O43 - CFD: 25/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign971bf5ef2ca8 1e5d =>.SUP.Temporary
O43 - CFD: 20/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign97352cd0343f e161 =>.SUP.Temporary
O43 - CFD: 14/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign9831b186400c f5bb =>.SUP.Temporary
O43 - CFD: 27/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign9846973e650c fb9b =>.SUP.Temporary
O43 - CFD: 27/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign985b95ab8142 c7d9 =>.SUP.Temporary
O43 - CFD: 03/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign98ebc37d50b7 bc3b =>.SUP.Temporary
O43 - CFD: 28/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign98f698b36aea 56e3 =>.SUP.Temporary
O43 - CFD: 25/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign9912dc6a7914 b8ce =>.SUP.Temporary
O43 - CFD: 07/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign993866b58baa 20b1 =>.SUP.Temporary
O43 - CFD: 26/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign99d5023f2999 7c4b =>.SUP.Temporary
O43 - CFD: 09/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign9ae68a9eda9e 5509 =>.SUP.Temporary
O43 - CFD: 25/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign9af990a255ae 57fc =>.SUP.Temporary
O43 - CFD: 30/12/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign9b280a2c13c9 02f2 =>.SUP.Temporary
O43 - CFD: 09/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign9bffeeb5fd11 7c22 =>.SUP.Temporary
O43 - CFD: 27/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign9d27d3a47126 3619 =>.SUP.Temporary
O43 - CFD: 19/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign9d6c9587df0b becd =>.SUP.Temporary
O43 - CFD: 30/12/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign9da3ab226a11 2f9a =>.SUP.Temporary
O43 - CFD: 12/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign9ddfe331a975 8276 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign9ef2f6ec9155 b73f =>.SUP.Temporary
O43 - CFD: 18/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign9f2c88791d18 85d0 =>.SUP.Temporary
O43 - CFD: 25/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign9f3fee13d971 f7a5 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsign9f43222c5c91 294e =>.SUP.Temporary
O43 - CFD: 22/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna0ae8915767f 663d =>.SUP.Temporary
O43 - CFD: 07/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna135b910e614 d6c9 =>.SUP.Temporary
O43 - CFD: 27/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna15bede8e746 8166 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna25a32bae770 de04 =>.SUP.Temporary
O43 - CFD: 07/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna2686c08fe99 d3bc =>.SUP.Temporary
O43 - CFD: 22/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna369826e6e2e db0f =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna3b0faacfc95 b07e =>.SUP.Temporary
O43 - CFD: 26/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna3d889681ebf 14c9 =>.SUP.Temporary
O43 - CFD: 11/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna41b000a682a e189 =>.SUP.Temporary
O43 - CFD: 27/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna484980b349c e5d9 =>.SUP.Temporary
O43 - CFD: 27/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna4f9be8689dd 07a4 =>.SUP.Temporary
O43 - CFD: 06/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna5622f5f21b8 c2d3 =>.SUP.Temporary
O43 - CFD: 14/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna67649db7505 4036 =>.SUP.Temporary
O43 - CFD: 25/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna6a67978a625 8feb =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna750d69d6e8c ce1b =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna75ed98a1381 4b15 =>.SUP.Temporary
O43 - CFD: 06/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna7bd6c43f16a fb34 =>.SUP.Temporary
O43 - CFD: 11/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna7e725fbdb57 4014 =>.SUP.Temporary
O43 - CFD: 30/12/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna7ecdeae295f c14f =>.SUP.Temporary
O43 - CFD: 06/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna81d74052509 09c2 =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna84c6f6465e8 cbfa =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigna991a3d0d9ce 2a27 =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignaa1b28d0198c 6fec =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignaa47e277743d 1522 =>.SUP.Temporary
O43 - CFD: 01/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignaa6d831ea496 8331 =>.SUP.Temporary
O43 - CFD: 06/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignaa92b59cb13d ce90 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignaaeb313bf7df 044a =>.SUP.Temporary
O43 - CFD: 10/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignab76ca3a1386 ee89 =>.SUP.Temporary
O43 - CFD: 16/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignac095bd80ae0 9108 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignac7fd9848012 22db =>.SUP.Temporary
O43 - CFD: 25/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignad33f76c5821 9b63 =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignad40cda58028 ef60 =>.SUP.Temporary
O43 - CFD: 02/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignad5f9fb048de cb3e =>.SUP.Temporary
O43 - CFD: 02/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignade10f448ff4 f070 =>.SUP.Temporary
O43 - CFD: 11/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignae005b5aee59 51ce =>.SUP.Temporary
O43 - CFD: 19/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignae5dd478f25f da0c =>.SUP.Temporary
O43 - CFD: 18/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignae85b49eac4f 01d3 =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignae9f06c80e2f 6aa3 =>.SUP.Temporary
O43 - CFD: 27/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignaec5ad4f2755 a1b2 =>.SUP.Temporary
O43 - CFD: 04/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb02c6828d39b 8a72 =>.SUP.Temporary
O43 - CFD: 18/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb150b8b0e02a 2d35 =>.SUP.Temporary
O43 - CFD: 10/12/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb19057bcf764 d14f =>.SUP.Temporary
O43 - CFD: 07/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb1e7126263ef 97a9 =>.SUP.Temporary
O43 - CFD: 26/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb22ae277db92 c3fc =>.SUP.Temporary
O43 - CFD: 11/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb2600d620741 4ba7 =>.SUP.Temporary
O43 - CFD: 30/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb2e0617e4410 05c1 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb32c918fb761 4cf9 =>.SUP.Temporary
O43 - CFD: 27/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb3ab55454502 ebb4 =>.SUP.Temporary
O43 - CFD: 02/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb42e7de8a2cd 4865 =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb4316f2929b8 7dd8 =>.SUP.Temporary
O43 - CFD: 25/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb4a6505829e0 a0d6 =>.SUP.Temporary
O43 - CFD: 10/12/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb4d2b195df71 0d46 =>.SUP.Temporary
O43 - CFD: 16/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb5cef376deef 4335 =>.SUP.Temporary
O43 - CFD: 06/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb6617cc1ab88 6c78 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb718b7ee6f24 9b04 =>.SUP.Temporary
O43 - CFD: 13/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb78deef85a70 961c =>.SUP.Temporary
O43 - CFD: 14/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb7c5d33588ac 5e49 =>.SUP.Temporary
O43 - CFD: 20/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb7e8eef0e1b2 9227 =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb86f13dd0053 dcc7 =>.SUP.Temporary
O43 - CFD: 02/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb94cc523dfde fa89 =>.SUP.Temporary
O43 - CFD: 31/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignb9584a7c6c7b 91bd =>.SUP.Temporary
O43 - CFD: 01/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignba40ff85a241 4008 =>.SUP.Temporary
O43 - CFD: 24/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignba5bdc816de2 5bb1 =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignba85c61603d8 2604 =>.SUP.Temporary
O43 - CFD: 12/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignba9161c6e14f 5897 =>.SUP.Temporary
O43 - CFD: 30/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignba9249231319 a530 =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignbaa59fe679cf 603e =>.SUP.Temporary
O43 - CFD: 16/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignbb564d6b72b0 6d99 =>.SUP.Temporary
O43 - CFD: 14/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignbb7bce63f65d e0de =>.SUP.Temporary
O43 - CFD: 02/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignbbe06819f15d 7473 =>.SUP.Temporary
O43 - CFD: 10/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignbc698ae329f5 b7dd =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignbcfffad0eb69 cd0a =>.SUP.Temporary
O43 - CFD: 27/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignbd2542ad4dbf 5219 =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignbd8d55dea95d 4aa1 =>.SUP.Temporary
O43 - CFD: 13/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignbe3865410e04 be34 =>.SUP.Temporary
O43 - CFD: 28/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignbe7e2f7c54e8 0c82 =>.SUP.Temporary
O43 - CFD: 05/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignbea510e26ac8 a459 =>.SUP.Temporary
O43 - CFD: 03/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignbf21da7a7835 fc39 =>.SUP.Temporary
O43 - CFD: 13/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignbf8c3022bdfb 6c09 =>.SUP.Temporary
O43 - CFD: 25/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignbf9544086a12 acbf =>.SUP.Temporary
O43 - CFD: 26/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc1213f9b419e ee20 =>.SUP.Temporary
O43 - CFD: 25/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc1a2e927c48a 8442 =>.SUP.Temporary
O43 - CFD: 12/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc30a6db7096e e30a =>.SUP.Temporary
O43 - CFD: 24/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc31e5b3ae9b5 b9b9 =>.SUP.Temporary
O43 - CFD: 27/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc32c8513abbc a807 =>.SUP.Temporary
O43 - CFD: 12/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc39b42e6f712 2cfc =>.SUP.Temporary
O43 - CFD: 21/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc402ec8d02f3 4ac7 =>.SUP.Temporary
O43 - CFD: 27/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc41f9300dfad 79ee =>.SUP.Temporary
O43 - CFD: 25/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc43b5b114f2f 1969 =>.SUP.Temporary
O43 - CFD: 27/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc477a853482b 0f7e =>.SUP.Temporary
O43 - CFD: 29/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc4855d184a6e 4960 =>.SUP.Temporary
O43 - CFD: 26/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc49c3dd71168 6c9c =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc4e2502c1246 5cf5 =>.SUP.Temporary
O43 - CFD: 24/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc53a2cedc020 a718 =>.SUP.Temporary
O43 - CFD: 28/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc5da5fe6b80f 2f95 =>.SUP.Temporary
O43 - CFD: 12/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc6d5eebe75ef 820c =>.SUP.Temporary
O43 - CFD: 10/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc76d5962626f 428b =>.SUP.Temporary
O43 - CFD: 18/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc785eb64efee 6be3 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc7fe40098777 1c18 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc8000bf11c2e 301c =>.SUP.Temporary
O43 - CFD: 18/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc8b33b59070a 0e2b =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc8decd13af75 031f =>.SUP.Temporary
O43 - CFD: 20/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignc983e208f7db 13f5 =>.SUP.Temporary
O43 - CFD: 26/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignca4e7c8b4074 9699 =>.SUP.Temporary
O43 - CFD: 03/02/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigncb3a121030bd cb68 =>.SUP.Temporary
O43 - CFD: 01/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigncb3dd4639682 8263 =>.SUP.Temporary
O43 - CFD: 10/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigncc5e7125feb3 2128 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigncd4d3c68ddda b2ac =>.SUP.Temporary
O43 - CFD: 26/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignce45098f666d f0a1 =>.SUP.Temporary
O43 - CFD: 14/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignce97d0669975 1b04 =>.SUP.Temporary
O43 - CFD: 06/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignceba218f52b8 70f7 =>.SUP.Temporary
O43 - CFD: 18/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigncf0ec684353c c0a7 =>.SUP.Temporary
O43 - CFD: 02/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigncf57ec50d228 8f3b =>.SUP.Temporary
O43 - CFD: 26/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigncfd301f5e261 d844 =>.SUP.Temporary
O43 - CFD: 21/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigncfdf2bd5d8ae c7bc =>.SUP.Temporary
O43 - CFD: 01/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd012ed86bb42 2144 =>.SUP.Temporary
O43 - CFD: 16/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd0240d338d0f cf97 =>.SUP.Temporary
O43 - CFD: 30/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd03ac4ebbb3b 6c35 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd03dc60f5e85 c53a =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd0870fc47575 1edf =>.SUP.Temporary
O43 - CFD: 23/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd0a90713eac9 fe13 =>.SUP.Temporary
O43 - CFD: 24/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd15ed316af56 69c9 =>.SUP.Temporary
O43 - CFD: 13/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd18896ddb58f fdb1 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd1924a9ff3f7 8e66 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd41c63025e5a 49ba =>.SUP.Temporary
O43 - CFD: 29/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd4f96eebe5a5 cfc9 =>.SUP.Temporary
O43 - CFD: 03/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd68580ea847f b788 =>.SUP.Temporary
O43 - CFD: 27/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd73c51e9890e c618 =>.SUP.Temporary
O43 - CFD: 20/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd76ca85dc7c5 4baf =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd77f0975338d 73e8 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd7859051a2f9 1ebc =>.SUP.Temporary
O43 - CFD: 26/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd7b4f570afd3 52a0 =>.SUP.Temporary
O43 - CFD: 03/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd7c9fc509e79 3a77 =>.SUP.Temporary
O43 - CFD: 10/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd82d0375bcd3 c339 =>.SUP.Temporary
O43 - CFD: 30/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd84bc13c8a21 5399 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd854236b084f 8626 =>.SUP.Temporary
O43 - CFD: 27/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd86a480010ca 9c32 =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd8a308a2881d 880b =>.SUP.Temporary
O43 - CFD: 02/02/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignd90da26347e5 0986 =>.SUP.Temporary
O43 - CFD: 21/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignda4ae173987e b2c1 =>.SUP.Temporary
O43 - CFD: 12/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignda9f67b05f8d 625b =>.SUP.Temporary
O43 - CFD: 25/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigndaa8e1cbc335 87d1 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigndb349390347c 543e =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigndb70507c51ba a89f =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigndc547c2848d6 a42c =>.SUP.Temporary
O43 - CFD: 16/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigndc5ce0bcbbf5 d73a =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigndcb46cfdbf88 83ac =>.SUP.Temporary
O43 - CFD: 12/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigndd40f63418f6 8f3f =>.SUP.Temporary
O43 - CFD: 29/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigndd625f8c5f4d 29ef =>.SUP.Temporary
O43 - CFD: 28/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignddc1f8ec185f 97f3 =>.SUP.Temporary
O43 - CFD: 16/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignde4695f51bca de56 =>.SUP.Temporary
O43 - CFD: 01/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigndf9a5a5ff59d 6fb3 =>.SUP.Temporary
O43 - CFD: 26/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigndfee7112bc63 1149 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigndffe6c062efc d087 =>.SUP.Temporary
O43 - CFD: 14/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne06690bcc953 edd2 =>.SUP.Temporary
O43 - CFD: 18/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne0ba6d3f4a51 ca5a =>.SUP.Temporary
O43 - CFD: 23/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne0c0c0d121f2 de33 =>.SUP.Temporary
O43 - CFD: 21/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne0cf39370d85 da88 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne123c90342b4 23d9 =>.SUP.Temporary
O43 - CFD: 22/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne166ce89c6a4 1da4 =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne2a1ac3bf129 6e10 =>.SUP.Temporary
O43 - CFD: 29/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne305e9513ab3 bfba =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne360c0d33fad c993
O43 - CFD: 11/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne51684dff1de bde1 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne51868aa9054 ba78 =>.SUP.Temporary
O43 - CFD: 21/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne5455106140f 1ef6 =>.SUP.Temporary
O43 - CFD: 10/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne58b8e55d9e9 32d2 =>.SUP.Temporary
O43 - CFD: 25/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne5c3b5c14675 c63e =>.SUP.Temporary
O43 - CFD: 26/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne5d0f2d7a055 8fee =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne5e19c49426a a996 =>.SUP.Temporary
O43 - CFD: 05/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne689cd367772 1923 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne699928e4aec 91b2 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne70273f47eee f94c =>.SUP.Temporary
O43 - CFD: 20/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne74e0467f2a1 6c26 =>.SUP.Temporary
O43 - CFD: 18/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne794d2fa8fbc 2129 =>.SUP.Temporary
O43 - CFD: 28/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne7de0caf0176 eaf0 =>.SUP.Temporary
O43 - CFD: 20/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne85ee3787bc9 c63b =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne8bd42b4e858 8101 =>.SUP.Temporary
O43 - CFD: 29/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne944597c827c e264 =>.SUP.Temporary
O43 - CFD: 27/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignead15346a829 d153 =>.SUP.Temporary
O43 - CFD: 25/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigneb2fdac6cc64 ccd8 =>.SUP.Temporary
O43 - CFD: 22/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigneb7176a9e1df 562d =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigneb956748cbb6 1275 =>.SUP.Temporary
O43 - CFD: 01/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignebddccd11888 72cd =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignec0d26b5bca8 86df =>.SUP.Temporary
O43 - CFD: 19/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignec0f527a3ec4 5275 =>.SUP.Temporary
O43 - CFD: 06/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignec28b4c8af30 2a2a =>.SUP.Temporary
O43 - CFD: 09/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignec482f16c0b3 c366 =>.SUP.Temporary
O43 - CFD: 03/12/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignecc161a78fb4 cf4c =>.SUP.Temporary
O43 - CFD: 04/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigneceae2c8468b 2bf8 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigneced30361d5a e427 =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigned279bdbffab 747f =>.SUP.Temporary
O43 - CFD: 26/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignedc92e2e6b33 69bf =>.SUP.Temporary
O43 - CFD: 16/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignee6726304d5f 545b =>.SUP.Temporary
O43 - CFD: 30/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignee6cad94d37e 230a =>.SUP.Temporary
O43 - CFD: 25/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignefbbd7389bbb 07f3 =>.SUP.Temporary
O43 - CFD: 23/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf072d0b6cdd6 f5df =>.SUP.Temporary
O43 - CFD: 26/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf0f5068fecee 5a82 =>.SUP.Temporary
O43 - CFD: 02/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf1d79178759c 7845 =>.SUP.Temporary
O43 - CFD: 13/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf2312e915d9c c280 =>.SUP.Temporary
O43 - CFD: 28/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf24b0a5c2c10 86c3 =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf2ca55772e31 5277 =>.SUP.Temporary
O43 - CFD: 26/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf30ebec7dc84 cf6d =>.SUP.Temporary
O43 - CFD: 23/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf3ea1c6ffcb2 9559 =>.SUP.Temporary
O43 - CFD: 30/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf3ffa8b72503 5b35 =>.SUP.Temporary
O43 - CFD: 30/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf43c864b32d5 38c8 =>.SUP.Temporary
O43 - CFD: 13/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf47f2ed8a6ff 30ba =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf486854ff452 5ae8 =>.SUP.Temporary
O43 - CFD: 11/01/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf48814598bbe 6868 =>.SUP.Temporary
O43 - CFD: 26/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf4af2b29f03a d029 =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf50bde5e259a 69ab =>.SUP.Temporary
O43 - CFD: 27/03/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf50de4104c39 b1f9 =>.SUP.Temporary
O43 - CFD: 16/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf592fa373ba1 92cc =>.SUP.Temporary
O43 - CFD: 03/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf64e4bf3cdab abbf =>.SUP.Temporary
O43 - CFD: 02/02/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf65378fbb7c1 f09f =>.SUP.Temporary
O43 - CFD: 19/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf70c081e2720 6c8f =>.SUP.Temporary
O43 - CFD: 19/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf8981b982e7b 665a =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf8ae50c5f03c 956a =>.SUP.Temporary
O43 - CFD: 24/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf8bfbf033615 5015 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf8c965584a36 3046 =>.SUP.Temporary
O43 - CFD: 25/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf962e0e7f9b2 a30d =>.SUP.Temporary
O43 - CFD: 25/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignf973585de577 7153 =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignfb123747f156 51f5 =>.SUP.Temporary
O43 - CFD: 22/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignfbcc301a0581 a136 =>.SUP.Temporary
O43 - CFD: 09/04/2018 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignfbfb54d76edc 79b8 =>.SUP.Temporary
O43 - CFD: 02/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignfca9bcfb4ef7 0140 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignfd0bd87c16cb 6d60 =>.SUP.Temporary
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignfda5e151ac85 db4a =>.SUP.Temporary
O43 - CFD: 03/10/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignfec245dd9be1 cedc =>.SUP.Temporary
O43 - CFD: 14/11/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignff60456901bd 7e93 =>.SUP.Temporary
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsignff7258738268 1027 =>.SUP.Temporary
O43 - CFD: 24/04/2018 - [] D – C:\Users\GUI\AppData\Local\The_Swords_of_Ditto =>.Scott Brogden O43 - CFD: 16/02/2018 - [] D – C:\Users\GUI\AppData\Local\UnrealEngine =>.Unreal Software O43 - CFD: 25/09/2017 - [] D – C:\Users\GUI\AppData\Local\UnrealEngineLauncher =>.Unreal Software
O43 - CFD: 28/09/2017 - [] D – C:\Users\GUI\AppData\Local\VT_Software
O43 - CFD: 14/05/2018 - [] D – C:\Users\GUI\AppData\Local\Zemana =>.Zemana O43 - CFD: 14/05/2018 - [] D – C:\Users\GUI\AppData\Local\ZHP =>.Nicolas Coolman O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\LocalLow\Adobe =>.Adobe O43 - CFD: 29/09/2017 - [] D – C:\Users\GUI\AppData\LocalLow\Ankama =>.Ankama O43 - CFD: 18/09/2017 - [] D – C:\Users\GUI\AppData\LocalLow\Apple Computer =>.Apple Inc.
O43 - CFD: 12/11/2017 - [] D – C:\Users\GUI\AppData\LocalLow\Clever Endeavour Games
O43 - CFD: 17/11/2017 - [] D – C:\Users\GUI\AppData\LocalLow\Dodge Roll
O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\LocalLow\Hunter Studio
O43 - CFD: 14/02/2018 - [] D – C:\Users\GUI\AppData\LocalLow\ImpactGameworks
O43 - CFD: 04/02/2018 - [] D – C:\Users\GUI\AppData\LocalLow\IronOak Games
O43 - CFD: 14/05/2018 - [0] D – C:\Users\GUI\AppData\LocalLow\Mozilla =>.Mozilla Corporation
O43 - CFD: 02/12/2017 - [] D – C:\Users\GUI\AppData\LocalLow\Playsoft
O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\LocalLow\Team 17 Digital ltd
O43 - CFD: 17/11/2017 - D – C:\Users\GUI\AppData\LocalLow\WeirdBeard
O43 - CFD: 02/03/2018 - D – C:\Users\GUI\AppData\LocalLow\White Wizard Games
O43 - CFD: 14/05/2018 - D – C:\Users\GUI\Desktop\ARAWAK
O43 - CFD: 08/05/2018 - D – C:\Users\GUI\Desktop\backup =>.Symantec
O43 - CFD: 24/04/2018 - D – C:\Users\GUI\Desktop\Civ6
O43 - CFD: 30/03/2018 - D – C:\Users\GUI\Desktop\DDNet-10.8.6-win64
O43 - CFD: 25/04/2018 - D – C:\Users\GUI\Desktop\DDNet-11.1.4-win64
O43 - CFD: 13/05/2018 - D – C:\Users\GUI\Desktop\indesign
O43 - CFD: 08/05/2018 - D – C:\Users\GUI\Desktop\Jeux =>.Games Software
O43 - CFD: 10/05/2018 - D – C:\Users\GUI\Desktop\macro
O43 - CFD: 08/05/2018 - D – C:\Users\GUI\Desktop\music
O43 - CFD: 24/04/2018 - D – C:\Users\GUI\Desktop\Northgard
O43 - CFD: 08/05/2018 - D – C:\Users\GUI\Desktop\pickup
O43 - CFD: 22/04/2018 - D – C:\Users\GUI\Desktop\PPT TUTO
O43 - CFD: 14/05/2018 - D – C:\Users\GUI\Desktop\projet
O43 - CFD: 08/05/2018 - D – C:\Users\GUI\Desktop\Rocket League Mods
O43 - CFD: 08/05/2018 - D – C:\Users\GUI\Desktop\school
O43 - CFD: 08/05/2018 - D – C:\Users\GUI\Desktop\Series
O43 - CFD: 24/04/2018 - D – C:\Users\GUI\Desktop\terraria
O43 - CFD: 28/03/2018 - D – C:\Users\GUI\Desktop\tete
O43 - CFD: 08/05/2018 - D – C:\Users\GUI\Desktop\Tools
O43 - CFD: 08/05/2018 - D – C:\Users\GUI\Desktop\tw
O43 - CFD: 09/05/2018 - RD – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Administrative Tools =>.Administrative Tools O43 - CFD: 23/11/2017 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\AMD =>.AMD O43 - CFD: 23/11/2017 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\BleachBit =>.BleachBit
O43 - CFD: 16/04/2018 - [0] D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Brave Software
O43 - CFD: 23/11/2017 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Digiarty =>.Digiarty O43 - CFD: 01/05/2018 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Discord Inc =>.Discord Inc O43 - CFD: 08/05/2018 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Free Window Registry Repair =>.RegSofts Software O43 - CFD: 23/11/2017 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\HandBrake =>.Handbrake O43 - CFD: 26/04/2018 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Molotov =>.Molotov
O43 - CFD: 25/04/2018 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Parsec
O43 - CFD: 23/11/2017 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Unlocker =>.Cedrick Collomb
O43 - CFD: 08/10/2017 - [0] D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Warkeys
O43 - CFD: 23/11/2017 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\WinDirStat =>.Seifert Systems O43 - CFD: 23/11/2017 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\WinRAR =>.WinRAR O43 - CFD: 23/11/2017 - – C:\WINDOWS\System32\Config\systemprofile\AppData\L ocal\Razer =>.Razer O43 - CFD: 14/05/2018 - – C:\WINDOWS\System32\Config\systemprofile\AppData\L ocal\Zemana =>.Zemana O43 - CFD: 14/03/2018 - – C:\WINDOWS\System32\Config\systemprofile\AppData\R oaming\Macromedia =>.Macromedia
—\ ShellIconOverlayIdentifiers (SIOI) (5) - 1s
O106 - SIOI: [ AccExtIco1] - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}. (. - Core Sync.) – C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated® O106 - SIOI: [ AccExtIco2] - {853B7E05-C47D-4985-909A-D0DC5C6D7303}. (. - Core Sync.) – C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated® O106 - SIOI: [ AccExtIco3] - {42D38F2E-98E9-4382-B546-E24E4D6D04BB}. (. - Core Sync.) – C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated® O106 - SIOI: [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) – C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation O106 - SIOI: ShareOverlay Class [ShareOverlay] - {594D4122-1F87-41E2-96C7-825FB4796516}. (.IvoSoft - Adds classic Windows Explorer features.) – C:\Program Files\Classic Shell\ClassicExplorer64.dll =>.Ivaylo Beltchev®
—\ RACCOURCIS DES MENUS CONCEPTUELS (SCMH) (37) - 0s
O108 - CMH1: 2.0 Zemana AntiMalware [64Bits] - {6ABB1C11-E261-4CEA-BBB5-3836225689DD} . (…) – C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll =>.Zemana Ltd.® O108 - CMH1: AccExt [64Bits] - {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} . (. - Core Sync.) – C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated® O108 - CMH1: Adobe.Acrobat.ContextMenu [64Bits] - {A6595CD1-BF77-430A-A452-18696685F7C7} . (.Adobe Systems Inc. - Adobe Acrobat Context Menu.) – C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll =>.Adobe Systems, Incorporated® O108 - CMH1: ANotepad++64 [64Bits] - {B298D29A-A6ED-11DE-BA8C-A68E55D89593} . (. - ShellHandler for Notepad++ (64 bit).) – C:\Program Files (x86)\Notepad++\NppShell_06.dll =>.Notepad++®
O108 - CMH1: MEGA (Context menu) [64Bits] - {0229E5E7-09E9-45CF-9228-0228EC7D5F17} . (.Orphan.)
O108 - CMH1: ModernSharing [64Bits] - {e2bf9676-5f8f-435c-97eb-11607a5bedf7} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation O108 - CMH1: Open With [64Bits] - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - DLL commune du shell Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH1: Open With EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - DLL commune du shell Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH1: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation O108 - CMH1: Shell Extension for Malware scanning [64Bits] - {45AC2688-0253-4ED8-97DE-B5370FA7D48A} . (.Avira Operations GmbH & Co. KG - AntiVirus context menu.) – C:\Program Files (x86)\Avira\Antivirus\shlext64.dll =>.Avira Operations GmbH & Co. KG® O108 - CMH1: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) – C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH1: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH1: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Extension d’environnement de Dossiers de tr.) – C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation O108 - CMH2: NvAppShExt [64Bits] - {A929C4CE-FD36-4270-B4F5-34ECAC5BD63C} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) – C:\WINDOWS\system32\nv3dappshext.dll =>.NVIDIA Corporation O108 - CMH2: OpenContainingFolderMenu [64Bits] - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - DLL commune du shell Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH2: OpenGLShExt [64Bits] - {E97DEC16-A50D-49bb-AE24-CF682282E08D} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) – C:\WINDOWS\system32\nv3dappshext.dll =>.NVIDIA Corporation O108 - CMH2: StartMenuExt [64Bits] - {E595F05F-903F-4318-8B0A-7F633B520D2B} . (.IvoSoft - Start Menu Helper Extension.) – C:\Windows\system32\StartMenuHelper64.dll =>.IvoSoft O108 - CMH3: CopyAsPathMenu [64Bits] - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - DLL commune du shell Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH3: SendTo [64Bits] - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - DLL commune du shell Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH4: EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - DLL commune du shell Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH4: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation O108 - CMH4: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Extension d’environnement de Dossiers de tr.) – C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation O108 - CMH5: New [64Bits] - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - DLL commune du shell Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH5: NvCplDesktopContext [64Bits] - {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} . (.NVIDIA Corporation - NVIDIA Display Shell Extension.) – C:\WINDOWS\System32\nvshext.dll =>.NVIDIA Corporation O108 - CMH5: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation O108 - CMH5: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Extension d’environnement de Dossiers de tr.) – C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation O108 - CMH6: 2.0 Zemana AntiMalware [64Bits] - {6ABB1C11-E261-4CEA-BBB5-3836225689DD} . (…) – C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll =>.Zemana Ltd.® O108 - CMH6: AccExt [64Bits] - {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} . (. - Core Sync.) – C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated® O108 - CMH6: Adobe.Acrobat.ContextMenu [64Bits] - {A6595CD1-BF77-430A-A452-18696685F7C7} . (.Adobe Systems Inc. - Adobe Acrobat Context Menu.) – C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll =>.Adobe Systems, Incorporated® O108 - CMH6: Library Location [64Bits] - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - DLL commune du shell Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH6: PintoStartScreen [64Bits] - {470C0EBD-5D73-4d58-9CED-E91E22E23282} . (.Microsoft Corporation - Programme de résolution d’applications.) – C:\Windows\System32\appresolver.dll =>.Microsoft Windows® O108 - CMH6: Shell Extension for Malware scanning [64Bits] - {45AC2688-0253-4ED8-97DE-B5370FA7D48A} . (.Avira Operations GmbH & Co. KG - AntiVirus context menu.) – C:\Program Files (x86)\Avira\Antivirus\shlext64.dll =>.Avira Operations GmbH & Co. KG® O108 - CMH6: StartMenuExt [64Bits] - {E595F05F-903F-4318-8B0A-7F633B520D2B} . (.IvoSoft - Start Menu Helper Extension.) – C:\Windows\system32\StartMenuHelper64.dll =>.IvoSoft O108 - CMH6: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) – C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH6: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH7: EnhancedStorageShell [64Bits] - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) – C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation O108 - CMH7: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
—\ IMAGE FILE EXECUTION OPTIONS (IFEO) (18) - 1s
O50 - IFEO:C:\Windows\System32\cscript.exe - (.Microsoft Corporation - Microsoft ® Console Based Script Host.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\dllhost.exe - (.Microsoft Corporation - COM Surrogate.) [DisableExceptionChainValidation\3] =>.Microsoft Windows® O50 - IFEO:C:\WINDOWS\System32\drvinst.exe - (.Microsoft Corporation - Module d’installation de pilotes.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation O50 - IFEO:C:\WINDOWS\System32\ie4uinit.exe - (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Expl.) [MitigationOptions\256] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) [MitigationOptions\256] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\mmc.exe - (.Microsoft Corporation - Microsoft Management Console.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation O50 - IFEO:C:\WINDOWS\System32\MRT.exe - (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) [CFGOptions\1] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\256] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Hôte des applications HTML de Microsoft(R).) [MitigationOptions\256] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\1118481] =>.Microsoft Corporation O50 - IFEO:C:\WINDOWS\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\2097152] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\rundll32.exe - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) [DisableExceptionChainValidation\3] =>.Microsoft Corporation O50 - IFEO:C:\WINDOWS\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\4294967296] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\searchprotocolhost.exe - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Application sous-système spouleur.) [MitigationOptions\2097152] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Processus hôte pour les services Windows.) [MinimumStackCommitInBytes\32768] =>.Microsoft Windows Publisher® O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Processus hôte pour les services Windows.) [MitigationAuditOptions\17660905521152] =>.Microsoft Windows Publisher® O50 - IFEO:C:\Windows\System32\wscript.exe - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation
—\ LISTE DES PILOTES DU SYSTÈME (74) - 5s
O58 - SDL:2017/09/29 15:41:02 A . (.LSI - LSI 3ware SCSI Storport Driver.) – C:\WINDOWS\System32\drivers\3ware.sys [107416] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) – C:\WINDOWS\System32\drivers\adp80xx.sys [1135512] =>.Microsoft Windows® O58 - SDL:2017/03/01 23:50:06 A . (.Advanced Micro Devices, Inc - AMD GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\amdgpio2.sys [43400] =>.Advanced Micro Devices Inc.® O58 - SDL:2017/08/29 06:22:52 A . (.Advanced Micro Devices, Inc - AMD GPIO Driver.) – C:\WINDOWS\System32\drivers\amdgpio3.sys [33144] {610AF5D800060000004C} =>.Advanced Micro Devices, Inc O58 - SDL:2017/06/16 10:48:52 A . (.Advanced Micro Devices, Inc. - amdkmcsp sys.) – C:\WINDOWS\System32\drivers\amdkmcsp.sys [101232] =>.Advanced Micro Devices Inc.® O58 - SDL:2017/10/10 04:42:10 A . (.Advanced Micro Devices - AMD PCI Device driver.) – C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31112] =>.Advanced Micro Devices Inc.® O58 - SDL:2017/06/16 10:48:56 A . (.Advanced Micro Devices, Inc. - amdpsp sys.) – C:\WINDOWS\System32\drivers\amdpsp.sys [243048] =>.Advanced Micro Devices Inc.® O58 - SDL:2017/09/29 15:41:02 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) – C:\WINDOWS\System32\drivers\amdsata.sys [83352] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) – C:\WINDOWS\System32\drivers\amdsbs.sys [258592] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Advanced Micro Devices - Storage Filter Driver.) – C:\WINDOWS\System32\drivers\amdxata.sys [27032] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) – C:\WINDOWS\System32\drivers\arcsas.sys [131992] =>.Microsoft Windows® O58 - SDL:2017/08/21 12:26:38 A . (.Avira Operations GmbH & Co. KG - Avira USB Feature Driver.) – C:\WINDOWS\System32\drivers\avdevprot.sys [60920] =>.Avira Operations GmbH & Co. KG® O58 - SDL:2018/05/09 08:41:54 A . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) – C:\WINDOWS\System32\drivers\avgntflt.sys [179376] =>.Avira Operations GmbH & Co. KG® O58 - SDL:2018/05/09 08:41:54 A . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) – C:\WINDOWS\System32\drivers\avipbb.sys [169864] =>.Avira Operations GmbH & Co. KG® O58 - SDL:2017/08/21 12:26:37 A . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) – C:\WINDOWS\System32\drivers\avkmgr.sys [44488] =>.Avira Operations GmbH & Co. KG® O58 - SDL:2017/08/21 12:26:38 A . (.Avira Operations GmbH & Co. KG - Avira WFP Network Driver.) – C:\WINDOWS\System32\drivers\avnetflt.sys [88488] =>.Avira Operations GmbH & Co. KG® O58 - SDL:2017/08/21 12:26:38 A . (.Avira Operations GmbH & Co. KG - Avira USB Filter Driver.) – C:\WINDOWS\System32\drivers\avusbflt.sys [38048] =>.Avira Operations GmbH & Co. KG® O58 - SDL:2017/09/29 15:41:02 A . (. - BCM Function 2 Device Driver.) – C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Broadcom Corporation O58 - SDL:2017/09/29 15:41:01 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) – C:\WINDOWS\System32\drivers\bxvbda.sys [533912] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) – C:\WINDOWS\System32\drivers\cht4dx64.sys [141208] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) – C:\WINDOWS\System32\drivers\cht4sx64.sys [357272] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T5/T6 Chip.) – C:\WINDOWS\System32\drivers\cht4vx64.sys [1723288] =>.Microsoft Windows® O58 - SDL:2017/09/17 14:48:06 A . (.Disc Soft Ltd - DAEMON Tools Pro Virtual SCSI Bus Driver.) – C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264] =>.Disc Soft Ltd® O58 - SDL:2017/09/29 15:41:01 A . (.QLogic Corporation - QLogic 10 GigE VBD.) – C:\WINDOWS\System32\drivers\evbda.sys [3419032] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) – C:\WINDOWS\System32\drivers\HpSAMD.sys [63520] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:40:59 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\iagpio.sys [36864] =>.Intel(R) Corporation O58 - SDL:2017/09/29 15:40:59 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) – C:\WINDOWS\System32\drivers\iai2c.sys [91648] =>.Intel(R) Corporation O58 - SDL:2017/09/29 15:40:59 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [79360] =>.Intel Corporation O58 - SDL:2017/09/29 15:40:59 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.s ys [88576] =>.Intel Corporation O58 - SDL:2017/09/29 15:40:59 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [171520] =>.Intel Corporation O58 - SDL:2017/09/29 15:40:59 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592] =>.Intel Corporation O58 - SDL:2017/09/29 15:41:01 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group® O58 - SDL:2017/09/29 15:40:59 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) – C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation O58 - SDL:2017/09/29 15:41:03 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) – C:\WINDOWS\System32\drivers\iaStorAV.sys [674200] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:03 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) – C:\WINDOWS\System32\drivers\iaStorV.sys [412056] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Mellanox - InfiniBand Fabric Bus Driver.) – C:\WINDOWS\System32\drivers\ibbus.sys [526232] =>.Microsoft Windows® O58 - SDL:2016/06/22 12:14:52 A . (.Kinoni - KinoConsole.) – C:\WINDOWS\System32\drivers\kinonih.sys [32256] =>.Kinoni O58 - SDL:2017/09/29 15:41:02 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas.sys [108064] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas2i.sys [123800] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas3i.sys [103320] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sss.sys [82840] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\megasas.sys [59800] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\MegaSas2i.sys [63520] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) – C:\WINDOWS\System32\drivers\megasr.sys [575896] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Mellanox - MLX4 Bus Driver.) – C:\WINDOWS\System32\drivers\mlx4_bus.sys [842648] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) – C:\WINDOWS\System32\drivers\mvumis.sys [63896] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Mellanox - NetworkDirect Support Filter Driver.) – C:\WINDOWS\System32\drivers\ndfltr.sys [108952] =>.Microsoft Windows® O58 - SDL:2016/12/21 13:20:00 A . (.Apple Inc. - Apple Mobile Device Ethernet.) – C:\WINDOWS\System32\drivers\netaapl64.sys [23040] =>.Apple Inc. O58 - SDL:2018/04/24 21:33:48 A . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) – C:\WINDOWS\System32\drivers\nvhda64v.sys [226280] =>.NVIDIA Corporation® O58 - SDL:2017/09/29 15:41:02 A . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) – C:\WINDOWS\System32\drivers\nvraid.sys [150424] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) – C:\WINDOWS\System32\drivers\nvstor.sys [166296] =>.Microsoft Windows® O58 - SDL:2018/04/24 20:52:38 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) – C:\WINDOWS\System32\drivers\nvvad64v.sys [59240] =>.NVIDIA Corporation® O58 - SDL:2018/05/07 23:04:43 A . (.NVIDIA Corporation - Virtual USB Host Controller driver.) – C:\WINDOWS\System32\drivers\nvvhci.sys [58816] =>.NVIDIA Corporation® O58 - SDL:2017/09/29 15:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\percsas2i.sys [58776] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\percsas3i.sys [61848] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:03 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.40 64-bit Dri.) – C:\WINDOWS\System32\drivers\rt640x64.sys [604160] =>.Realtek O58 - SDL:2017/09/29 15:41:14 RA . (.Realtek - Realtek PCIe GBE Family Controller Flight.) – C:\WINDOWS\System32\drivers\rteth.sys [59904] =>.Realtek O58 - SDL:2017/11/16 02:45:26 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) – C:\WINDOWS\System32\drivers\RTKVHD64.sys [6038440] =>.Realtek Semiconductor Corp.® O58 - SDL:2015/10/26 15:10:56 A . (.Razer Inc - Razer RzEndPt.) – C:\WINDOWS\System32\drivers\rzendpt.sys [50392] =>.Razer Inc.® O58 - SDL:2017/07/19 18:16:56 A . (.Razer, Inc. - Razer Overlay Support.) – C:\WINDOWS\System32\drivers\rzpmgrk.sys [45752] =>.Razer USA Ltd.® O58 - SDL:2017/08/19 17:56:57 A . (.Razer, Inc. - Razer Overlay Support.) – C:\WINDOWS\System32\drivers\rzpnk.sys [139704] =>.Razer USA Ltd.® O58 - SDL:2015/10/26 15:12:06 A . (.Razer Inc - Razer Rzudd Engine.) – C:\WINDOWS\System32\drivers\rzudd.sys [201432] =>.Razer Inc.® O58 - SDL:2017/09/29 15:41:02 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) – C:\WINDOWS\System32\drivers\sisraid2.sys [44952] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) – C:\WINDOWS\System32\drivers\sisraid4.sys [81816] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) – C:\WINDOWS\System32\drivers\stexstor.sys [31128] =>.Microsoft Windows® O58 - SDL:2016/04/26 17:10:00 A . (.Tunngle.net GmbH - TAP-Win32 Virtual Network Driver (NDIS 6.0).) – C:\WINDOWS\System32\drivers\tap0901t.sys [48824] =>.Tunngle.net GmbH® O58 - SDL:2016/12/21 13:20:26 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) – C:\WINDOWS\System32\drivers\usbaapl64.sys [54784] =>.Apple, Inc. O58 - SDL:2018/01/19 22:32:08 A . (.Benjamin Höglinger-Stelzer - Virtual Gamepad Emulation Bus Driver.) – C:\WINDOWS\System32\drivers\ViGEmBus.sys [53128] {330000001F9800C911029569BE00000000001F} =>.Benjamin Höglinger-Stelzer O58 - SDL:2017/09/29 15:41:02 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) – C:\WINDOWS\System32\drivers\vsmraid.sys [166808] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) – C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305560] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Mellanox - Kernel WinMad.) – C:\WINDOWS\System32\drivers\winmad.sys [32152] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Mellanox - Kernel WinVerbs.) – C:\WINDOWS\System32\drivers\winverbs.sys [64920] =>.Microsoft Windows® O58 - SDL:2018/05/14 09:02:12 A . (.Zemana Ltd. - ZAM.) – C:\WINDOWS\System32\drivers\zam64.sys [203680] =>.Zemana Ltd.® O58 - SDL:2018/05/14 09:02:12 A . (.Zemana Ltd. - ZAM.) – C:\WINDOWS\System32\drivers\zamguard64.sys [203680] =>.Zemana Ltd.®
—\ DERNIERS FICHIERS MODIFIÉS OU CRÉÉS (Utilisateur) (1) - 11s
O61 - LFC: 2018/05/14 09:00:21 A . (.glax24 (safezone.cc).) – C:\Users\GUI\Desktop\ARAWAK\SecurityCheck.exe [521112]

—\ ASSOCIATION Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> [HKLM..\open\Command] (…) – ‘%1’ %* =>.Default.Value O67 - Shell Spawning: <.cpl> [HKLM..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) – C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM..\open\Command] (…) – ‘%1’ %* =>.Default.Value O67 - Shell Spawning: <.com> [HKLM..\open\Command] (…) – ‘%1’ %* =>.Default.Value O67 - Shell Spawning: <.evt> [HKLM..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) – C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM..\open\Command] (…) – ‘%1’ %* =>.Default.Value O67 - Shell Spawning: <.html> [HKLM..\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O67 - Shell Spawning: <.js> [HKLM..\open\Command] (…) – C:\Windows\System32\WScript.exe ‘%1’ %* =>.Default.Value O67 - Shell Spawning: <.reg> [HKLM..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) – C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM..\open\Command] (…) – ‘%1’ /S =>.Default.Value
—\ MENU DE DÉMARRAGE INTERNET (12) - 0s
O68 - StartMenuInternet: [64Bits][HKLM..\Shell\open\Command] (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O68 - StartMenuInternet: [64Bits][HKLM..\Shell\open\Command] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O68 - StartMenuInternet: [64Bits][HKLM..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Expl.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Expl.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Expl.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
—\ RECHERCHE D’INFECTION SUR LES NAVIGATEURS (3) - 5s
O69 - SBI: prefs.js [GUI - htEukEjR.default] user_pref(‘browser.download.save_converter_index’, 3); =>.SUP.Spigot
O69 - SBI: SearchScopes [HKCU] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com
—\ ÉNUMÈRE LES SERVICES DÉMARRÉS PAR Svchost (48) - 0s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) – C:\WINDOWS\System32\certprop.dll [188928] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) – C:\Windows\System32\certprop.dll [188928] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) – C:\Windows\System32\srvsvc.dll [270848] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) – C:\Windows\System32\gpsvc.dll [1275904] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) – C:\Windows\System32\IKEEXT.DLL [984064] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) – C:\Windows\System32\iphlpsvc.dll [820224] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) – C:\Windows\System32\seclogon.dll [30720] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) – C:\Windows\System32\appinfo.dll [144896] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) – C:\Windows\System32\iscsiexe.dll [150528] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) – C:\Windows\System32\eapsvc.dll [109056] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) – C:\Windows\System32\schedsvc.dll [880640] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) – C:\Windows\System32\wbem\WMIsvc.dll [220160] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) – C:\Windows\System32\profsvc.dll [408064] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) – C:\Windows\System32\SessEnv.dll [387584] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) – C:\Windows\System32\wercplsupport.dll [108544] =>.Microsoft Corporation O83 - Search Svchost Services: PushToInstall (PushToInstall) . (.Microsoft Corporation - PushToInstall.) – C:\Windows\System32\PushToInstall.dll [254976] =>.Microsoft Corporation O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) – C:\Windows\System32\Windows.SharedPC.AccountManage r.dll [194560] =>.Microsoft Corporation O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) – C:\Windows\System32\XblGameSave.dll [1272320] =>.Microsoft Corporation O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Service d’authentification naturelle.) – C:\Windows\System32\NaturalAuth.dll [795136] =>.Microsoft Corporation O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Broker à jetons.) – C:\Windows\System32\TokenBroker.dll [1236480] =>.Microsoft Corporation O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service de géolocalisation.) – C:\Windows\System32\lfsvc.dll [46080] =>.Microsoft Corporation O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) – C:\Windows\System32\XblAuthManager.dll [1107968] =>.Microsoft Corporation O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Moniteur infrarouge.) – C:\Windows\System32\irmon.dll [24576] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) – C:\Windows\System32\rasauto.dll [104960] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à dista.) – C:\Windows\System32\rasmans.dll [930816] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) – C:\Windows\System32\mprdim.dll [491520] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) – C:\Windows\System32\Sens.dll [73216] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) – C:\Windows\System32\ipnathlp.dll [601088] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) – C:\Windows\System32\tapisrv.dll [307200] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) – C:\Windows\System32\wuaueng.dll [2784256] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) – C:\Windows\System32\qmgr.dll [1346560] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) – C:\Windows\System32\shsvcs.dll [613376] =>.Microsoft Corporation O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - DLL Windows Management Service.) – C:\Windows\System32\Windows.Internal.Management.dl l [702464] =>.Microsoft Corporation O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) – C:\Windows\System32\dmwappushsvc.dll [57856] =>.Microsoft Corporation O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Paramètres de vol.) – C:\Windows\System32\flightsettings.dll [779264] =>.Microsoft Corporation O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Service du système de notifications Push Wi.) – C:\Windows\System32\WpnService.dll [284672] =>.Microsoft Corporation O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) – C:\Windows\System32\XboxNetApiSvc.dll [1143808] =>.Microsoft Corporation O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Mettre à jour la session Orchestrator Core.) – C:\Windows\System32\usocore.dll [1300992] =>.Microsoft Corporation O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) – C:\Windows\System32\usermgr.dll [951808] =>.Microsoft Corporation O83 - Search Svchost Services: InstallService (InstallService) . (.Microsoft Corporation - InstallService.) – C:\Windows\System32\InstallService.dll [1313792] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) – C:\Windows\System32\themeservice.dll [69632] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) – C:\Windows\System32\bdesvc.dll [387072] =>.Microsoft Corporation O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) – C:\Windows\System32\DeviceSetupManager.dll [238080] =>.Microsoft Corporation O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Service Configuration du réseau.) – C:\Windows\System32\NetSetupSvc.dll [308224] =>.Microsoft Corporation O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Micro.) – C:\Windows\System32\NcaSvc.dll [170496] =>.Microsoft Corporation O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) – C:\Windows\System32\wlidsvc.dll [2223616] =>.Microsoft Corporation O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) – C:\Windows\System32\XboxGipSvc.dll [57856] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) – C:\Windows\System32\browser.dll [132608] =>.Microsoft Corporation
—\ LISTE DES EXCEPTIONS DU PAREFEU WINDOWS (48) - 5s
O87 - FAEL: ‘UDP Query User{B93F5F19-3B53-4C75-ADFC-CD260E87601E}C:\gog games\enter the gungeon\etg.exe’ [In-None-P17-TRUE] .(…) – C:\gog games\enter the gungeon\etg.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: ‘TCP Query User{C81B0566-7AFD-456B-8C25-683C6FC10FCB}C:\gog games\enter the gungeon\etg.exe’ [In-None-P6-TRUE] .(…) – C:\gog games\enter the gungeon\etg.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: ‘{535B3DFC-3579-442C-A0A7-1775ED3F2D06}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Tricky Towers\TrickyTowers.exe =>.Steam Games O87 - FAEL: ‘{825F56AB-F5C8-434A-9658-B9D4071E488E}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Tricky Towers\TrickyTowers.exe =>.Steam Games O87 - FAEL: ‘{EE1B63FC-32C7-4C0B-9474-029EE02B3CD8}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Ultimate Chicken Horse\UltimateChickenHorse.exe =>.Steam Games O87 - FAEL: ‘{FBDF75BB-AC38-4AE0-ACD4-871654CF3EAF}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Ultimate Chicken Horse\UltimateChickenHorse.exe =>.Steam Games
O87 - FAEL: ‘UDP Query User{56DC755F-5239-4C71-AACF-6C0ADAA4322D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe’ [In-None-P17-TRUE] .(…) – C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: ‘TCP Query User{5701EEC5-8F51-4706-B57D-D13330AD23AC}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe’ [In-None-P6-TRUE] .(…) – C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: ‘{B0F8712B-C02A-4D8C-84EB-F7086A8102C2}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe =>.Valve® O87 - FAEL: ‘{7768207C-99C2-484E-8AF5-3B6EE99F9833}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe =>.Valve® O87 - FAEL: ‘{E4ECAA0B-9BB3-4D18-BC6B-826B585E854A}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Turmoil\Turmoil_PC_Fu ll.exe =>.Steam SteamApps Games O87 - FAEL: ‘{69239029-9BBB-4C27-AB39-0FAF2C208757}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Turmoil\Turmoil_PC_Fu ll.exe =>.Steam SteamApps Games
O87 - FAEL: ‘UDP Query User{55E0F48E-1BC0-4E55-93DA-113EA8934F81}C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet-server.exe’ [In-None-P17-TRUE] .(…) – C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet-server.exe
O87 - FAEL: ‘TCP Query User{FE1936B4-273F-48D4-8A13-EC64FD2F2D38}C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet-server.exe’ [In-None-P6-TRUE] .(…) – C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet-server.exe
O87 - FAEL: ‘{1C567826-34C3-4F42-8CDA-75EB1F8B6A35}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Lost Castle\Lost_Castle.exe =>.Steam Games O87 - FAEL: ‘{7536D2C9-7458-4D69-ADF7-DA7ED48FC8BE}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Lost Castle\Lost_Castle.exe =>.Steam Games
O87 - FAEL: ‘UDP Query User{2FB1A613-457C-43A6-BE3E-19C4293FAEC5}C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet.exe’ [In-None-P17-TRUE] .(…) – C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet.exe
O87 - FAEL: ‘TCP Query User{80BBF3D0-35F6-47A8-94BF-2A889FC6D6AA}C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet.exe’ [In-None-P6-TRUE] .(…) – C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet.exe
O87 - FAEL: ‘{EB738EFE-1809-48DF-87D3-A995945FA4BD}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Move or Die\Editor.exe =>.Steam Games O87 - FAEL: ‘{CB2BAD1A-C9C4-4AF5-8E61-D3598204EF2D}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Move or Die\Editor.exe =>.Steam Games O87 - FAEL: ‘{D44D2ADE-048A-4128-B350-84FBAE1B9B97}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Move or Die\MoveOrDie.exe =>.Steam Games O87 - FAEL: ‘{3606402D-A8AF-4B93-980D-C06AF54F63A4}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Move or Die\MoveOrDie.exe =>.Steam Games O87 - FAEL: ‘{860858A9-E6AA-4412-96C0-712D61ACAB3C}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Mysterium\Mysterium.e xe =>.Steam Games O87 - FAEL: ‘{A1FD2CE3-CFA3-400E-A9B4-617F423CEED2}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Mysterium\Mysterium.e xe =>.Steam Games O87 - FAEL: ‘TCP Query User{EE62C13D-0539-451F-8C51-8CE89D4D090A}C:\program files (x86)\steam\steamapps\common\move or die\love\win\love.exe’ [In-None-P6-TRUE] .(…) – C:\program files (x86)\steam\steamapps\common\move or die\love\win\love.exe =>.Steam Games O87 - FAEL: ‘UDP Query User{8D18B73B-7783-4BB2-AC68-9E4FBA7DBE7C}C:\program files (x86)\steam\steamapps\common\move or die\love\win\love.exe’ [In-None-P17-TRUE] .(…) – C:\program files (x86)\steam\steamapps\common\move or die\love\win\love.exe =>.Steam Games O87 - FAEL: ‘{9A98EB6D-7A18-4330-A646-95DD6CE47DE8}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\SlayTheS pire.exe =>.Steam Games O87 - FAEL: ‘{0E6898B2-736F-42FA-8BC6-EBC5C9F15FF2}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\SlayTheS pire.exe =>.Steam Games
O87 - FAEL: ‘TCP Query User{D6C19989-5343-4FCC-B972-487FC645D6DC}C:\users\gui\desktop\ddnet-10.8.6-win64\chillershit\chillerbot-zz-0003.exe’ [In-None-P6-TRUE] .(…) – C:\users\gui\desktop\ddnet-10.8.6-win64\chillershit\chillerbot-zz-0003.exe
O87 - FAEL: ‘UDP Query User{C09EF31A-A067-4BDD-BF91-B3C0047E6E0B}C:\users\gui\desktop\ddnet-10.8.6-win64\chillershit\chillerbot-zz-0003.exe’ [In-None-P17-TRUE] .(…) – C:\users\gui\desktop\ddnet-10.8.6-win64\chillershit\chillerbot-zz-0003.exe
O87 - FAEL: ‘{6332D94A-89EE-47BF-AA13-AD6C57705F16}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: ‘{2FFA8192-8A71-486A-990F-6C28D8CE2238}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Hobbyist Software\VLC Streamer\mDNSResponder.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: ‘{C98A6C77-724B-4A71-8149-96AC04B5C377}’ [In-None-P17-TRUE] .(…) – C:\Program Files\Bonjour\mDNSResponder.exe\Bonjour\mDNSRespon der.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: ‘{05EC51A8-67C3-44C7-9D81-04EC21D09BC3}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\The Swords of Ditto\The_Swords_of_Ditto.exe =>.Steam SteamApps Games O87 - FAEL: ‘{C462974C-BA91-4F08-9C0C-EA4E90539F38}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\The Swords of Ditto\The_Swords_of_Ditto.exe =>.Steam SteamApps Games
O87 - FAEL: ‘{E639E65C-3E75-431A-B375-28417ED6B5B8}’ [In-None-P17-TRUE] .(.Parsec - Parsec.) – C:\Program Files\Parsec\parsecd.exe {0F0CC3A57EF947E7D23CF075B8B4BA5D}
O87 - FAEL: ‘{CA5E1BFF-8F44-4889-870D-7A100BD94BAF}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Into the Breach\Breach.exe =>.Steam Games O87 - FAEL: ‘{D0312F0E-9EE7-478D-B154-7511929B52D7}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Into the Breach\Breach.exe =>.Steam Games O87 - FAEL: ‘{7C7AD55E-9345-475C-AC7C-6379A3F01E36}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe =>.Steam Games O87 - FAEL: ‘{736405A3-588D-454E-916F-DF59C908FA08}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe =>.Steam Games
O87 - FAEL: ‘{57B1E445-BDC6-4254-AC8B-FB9DB6026A5B}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starb ound.exe (.not file.) =>.Steam Games
O87 - FAEL: ‘{4EB7F62D-C6B8-4133-8C3A-4734C503D172}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starb ound.exe (.not file.) =>.Steam Games
O87 - FAEL: ‘{9F3AF91E-97C3-4928-9C46-A2185759DF9A}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starb ound_server.exe (.not file.) =>.Steam Games
O87 - FAEL: ‘{1662C499-3B6D-4773-B1C6-1B3FCA866A51}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starb ound_server.exe (.not file.) =>.Steam Games
O87 - FAEL: ‘{FEF65A89-54C5-4C2C-8AA3-8776EF8E36F2}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_u ploader.exe (.not file.) =>.Steam Games
O87 - FAEL: ‘{3ACB7911-ECB1-4AC2-8848-1D7E7B396095}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_u ploader.exe (.not file.) =>.Steam Games
O87 - FAEL: ‘{3892BBB9-4463-4D6B-BBE5-3727B0D32A53}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starb ound.exe (.not file.) =>.Steam Games
O87 - FAEL: ‘{F31202F5-7BEC-456B-A3D8-E6365BE8444C}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starb ound.exe (.not file.) =>.Steam Games

—\ CODES PRODUITS LOGICIELS (10) - 0s
O90 - PUC: ‘0736E3D2C8C538C478D0E5205C92DEB5’ [HKLM] . (.mocha Pro Plugin V5.2.0 for OFX.) – C:\Windows\Installer{2D3E6370-5C8C-4C83-870D-5E02C529ED5B}\ARP_product_icon
O90 - PUC: ‘375ECBAC68A0AF245AA27CAE165DEB80’ [HKLM] . (.Classic Shell.) – C:\Windows\Installer{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}\icon.ico
O90 - PUC: ‘867EC2B015D98E545A519DE12801DFEF’ [HKLM] . (.mocha Pro V5.2.0-12816.) – C:\Windows\Installer{0B2CE768-9D51-45E8-A515-D91E8210FDFE}\ARP_product_icon
O90 - PUC: ‘A9568661E3C6CC465EFA39A6634E29DA’ [HKLM] . (.Elephorm.)
O90 - PUC: ‘C2F5D000BA051E74392276635F200A3E’ [HKLM] . (.mocha Pro Plugin V5.2.0 for AVX.) – C:\Windows\Installer{000D5F2C-50AB-47E1-9322-6736F502A0E3}\ARP_product_icon
O90 - PUC: ‘CF3B1D5C8ECEC954FA67BBF2DB1748B1’ [HKLM] . (.mocha VR Plugin V5.5.2 for Adobe.) – C:\Windows\Installer{C5D1B3FC-ECE8-459C-AF76-BB2FBD71841B}\ARP_product_icon
O90 - PUC: ‘E269FA990B748FD4AB560F4330BD08CB’ [HKLM] . (.fayIN License Service.)
O90 - PUC: ‘F2654A091A4D56B409D6142F63FC9620’ [HKLM] . (.Path of Exile.)
O90 - PUC: ‘F751170C43BAF3D40AFDA95C443B37E2’ [HKLM] . (.Vicon boujou 5.0.2.)
O90 - PUC: ‘FF3F12636B9A81C488248B1789A58E66’ [HKLM] . (.fayIN 2.4 for After Effects CC.)

—\ PACKAGES WINDOWS INSTALLER (35) - 11s
[MD5.B1B7134E727B53F6F2A167547AA7CEB9] [WIS][2017/10/04 19:04:08] (.UNKNOWN - Elephorm.) – C:\WINDOWS\Installer\106b8b70.msi [40960]
[MD5.FF002D6462B98920284C0829A3C64D6C] [WIS][2017/09/17 12:21:17] (.Razer Inc. - Emily.) – C:\WINDOWS\Installer\14ecb2.msi [26197504] =>.Razer Inc. [MD5.983D8C71DD6EEED78012112B85734318] [WIS][2017/09/12 18:45:23] (.Simon Tatham - PuTTY release 0.70 installer.) – C:\WINDOWS\Installer\1d07b5.msi [3048960] =>.Simon Tatham [MD5.4C6305528E82DE2815284F630638F92D] [WIS][2017/09/18 00:58:25] (.Advanced Micro Devices, Inc. - AMD Ryzen Master.) – C:\WINDOWS\Installer\1f5755c.msi [22214144] =>.Advanced Micro Devices, Inc. [MD5.7EEAA509DCD12E61FBBF1A62B1AC5C92] [WIS][2017/12/21 21:56:16] (.Grinding Gear Games - Path of Exile Windows Installer package.) – C:\WINDOWS\Installer\1ffd443c.msi [12582912] =>.Grinding Gear Games [MD5.6A73785C72A9288AB8F859CFAD06909D] [WIS][2017/09/25 23:52:03] (.Epic Games, Inc. - Epic Games Launcher.) – C:\WINDOWS\Installer\2aeb7f04.msi [31641600] =>.Epic Games, Inc. [MD5.7873ACD3BFA53B19469E6AB5606C80FE] [WIS][2015/11/19 10:56:58] (.Epic Games, Inc. - Epic Games Launcher Prerequisites (x64).) – C:\WINDOWS\Installer\2aeb7f09.msi [11919360] =>.Epic Games, Inc. [MD5.484BE36C04E189B5A0F66C40B1BA08F8] [WIS][2017/05/31 02:30:20] (.Intel Corporation - Intel(R) C++ Redistributables on Intel(R) 6.) – C:\WINDOWS\Installer\304204.msi [9863168] =>.Intel Corporation [MD5.9047A29B7C2ED333536A7FB6D6C8BAE6] [WIS][2017/09/27 20:55:05] (.Simon Tatham - PuTTY release 0.70 installer.) – C:\WINDOWS\Installer\34964bca.msi [2942464] =>.Simon Tatham [MD5.7F9BBDB60B98B6AB6A09446AFADA65CB] [WIS][2018/02/27 16:23:34] (.Adobe Systems Incorporated - Adobe ARM Installer.) – C:\WINDOWS\Installer\3fb0c71.msi [884736] =>.Adobe Systems Incorporated [MD5.5376B2262B6E9773801520B6735C6DE9] [WIS][2015/12/15 15:18:36] (.Apple Inc. - QuickTime Installer.) – C:\WINDOWS\Installer\4244d05.msi [28397568] =>.Apple Inc. [MD5.6D26AC031A53B7E7ED352A57132E7CE8] [WIS][2017/10/02 10:01:20] (.Adobe Systems Incorporated - Adobe AIR Installer.) – C:\WINDOWS\Installer\42c4cc6.msi [45056] =>.Adobe Systems Incorporated [MD5.86E2B390629665FBC20E06DFBF01A48F] [WIS][2017/05/08 16:11:06] (.Apple Inc. - [ProductName] Installer.) – C:\WINDOWS\Installer\4b39ea.msi [2732032] =>.Apple Inc. [MD5.B446C0DA35323D45DBD037E0E69AC275] [WIS][2017/09/17 13:12:44] (.Apple Inc. - Apple Application Support Installer.) – C:\WINDOWS\Installer\4b3c35.msi [45940736] =>.Apple Inc. [MD5.CD4D479C497DD935952F8AF29FA6224C] [WIS][2017/09/17 13:13:25] (.Apple Inc. - Apple Application Support Installer.) – C:\WINDOWS\Installer\4b3f16.msi [50974720] =>.Apple Inc. [MD5.5F1FBBF794EEEF801A22E2E306115B86] [WIS][2017/09/17 13:13:28] (.Apple Inc. - Apple Software Update Installer.) – C:\WINDOWS\Installer\4b3fea.msi [3608576] =>.Apple Inc. [MD5.4A1DD7237D5264C781FCDE1AE347383E] [WIS][2017/09/17 13:13:40] (.Apple Inc. - Apple Mobile Device Support Installer.) – C:\WINDOWS\Installer\4b402d.msi [14041088] =>.Apple Inc. [MD5.0EF6618EE65ACB6263FB4AD78D706093] [WIS][2017/09/17 13:15:36] (.Apple Inc. - iTunes Installer.) – C:\WINDOWS\Installer\4b58a4.msi [159580160] =>.Apple Inc. [MD5.8203432377B51BE3C59439EB4D6ECF5E] [WIS][2018/03/28 16:29:12] (.Avira Operations GmbH & Co. KG - Avira.) – C:\WINDOWS\Installer\50f076b5.msi [4316550] =>.Avira Operations GmbH & Co. KG [MD5.95C345B66389506B3A883CF2D6DABADF] [WIS][2017/08/16 23:39:50] (.Imagineer Systems - mocha VR Plugin V5.5.2 for Adobe.) – C:\WINDOWS\Installer\623bedf.msi [38821888] =>.Imagineer Systems [MD5.E166C52C5084FEE71039EA45328485EE] [WIS][2016/12/07 21:09:26] (.Imagineer Systems - mocha Pro V5.2.0-12816 Installer..) – C:\WINDOWS\Installer\6e98c95.msi [49270784] =>.Imagineer Systems [MD5.AC4D8EA3C6BE3E4DA9C80B07ECA08999] [WIS][2016/12/07 21:09:22] (.Imagineer Systems - mocha Pro Plugin V5.2.0 for AVX.) – C:\WINDOWS\Installer\6fd4809.msi [32927744] =>.Imagineer Systems [MD5.3711E30F575A08EDACE413FA2389AD00] [WIS][2016/12/07 21:09:22] (.Imagineer Systems - mocha Pro Plugin V5.2.0 for OFX.) – C:\WINDOWS\Installer\6fd480c.msi [33173504] =>.Imagineer Systems [MD5.120C09332BC6B0EF805E32EF52FF2BFD] [WIS][2010/05/27 10:27:04] (.Vicon Motion Systems - Vicon boujou 5.0.2 Installer.) – C:\WINDOWS\Installer\73ea560.msi [38935040] =>.Vicon Motion Systems
[MD5.E8BEBE68144E23D4D9FBC2140268E0BE] [WIS][2016/11/01 12:49:14] (.fayteq - fayIN License Service.) – C:\WINDOWS\Installer\8493a6.msi [2441216]
[MD5.CC1FE51175BEDDDACA796F01D4DD62CC] [WIS][2016/11/01 12:54:42] (.fayteq - fayIN 2.4 for After Effects CC.) – C:\WINDOWS\Installer\8493a9.msi [20787200]
[MD5.AC7A2DB28C9A3B8CA80125550E09FAB9] [WIS][2015/12/11 07:29:50] (.InstallShield Software Corporation.) – C:\WINDOWS\Installer\943d97.msi [128338432] =>.InstallShield Software Corporation [MD5.FEB3EE1D61146165678928CBB36160BA] [WIS][2017/09/17 11:58:42] (.IvoSoft - Classic Shell.) – C:\WINDOWS\Installer\a1c05.msi [5361664] =>.IvoSoft [MD5.7C3CB3CBA11691D8CF040D9390A7586D] [WIS][2017/08/24 18:05:58] (.Adobe Systems Incorporated - Installers.) – C:\WINDOWS\Installer\a1c504.msi [12911616] =>.Adobe Systems Incorporated [MD5.F0EE2E7F283866A2A0FEA9BE2D12A979] [WIS][2017/11/14 02:37:22] (.Google Inc. - Google Update Helper.) – C:\WINDOWS\Installer\d134dc0.msi [40960] =>.Google Inc. [MD5.BE953984C096CDE3FD3426F5391CC82E] [WIS][2017/11/13 06:25:33] (.Adobe Systems, Incorporated.) – C:\WINDOWS\Installer\19de26ff.msp [35258368] =>.Adobe Systems, Incorporated [MD5.27D5264BF01E69F26BCD8151830EBB09] [WIS][2017/11/29 12:41:43] (.Adobe Systems, Incorporated.) – C:\WINDOWS\Installer\299f3ed8.msp [2646016] =>.Adobe Systems, Incorporated [MD5.61C41ECFA55D0B1BDEC0204EC93DC3A9] [WIS][2018/02/23 15:24:53] (.Adobe Systems, Incorporated.) – C:\WINDOWS\Installer\527d118.msp [255688704] =>.Adobe Systems, Incorporated [MD5.B74A6A31046ECDEFDB200DC17DC19EC4] [WIS][2017/08/24 18:05:58] (.Adobe Systems, Incorporated.) – C:\WINDOWS\Installer\a1c505.msp [241164288] =>.Adobe Systems, Incorporated [MD5.380237CA09171D01575AD465B621632D] [WIS][2018/02/12 12:42:00] (.Adobe Systems, Incorporated.) – C:\WINDOWS\Installer\dadfd.msp [51281920] =>.Adobe Systems, Incorporated
—\ SCAN ADDITIONNEL (609) - 3s
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} =>Riskware.QuickTime
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} =>Riskware.QuickTime
C:\Program Files (x86)\QuickTime =>Riskware.QuickTime
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime =>Riskware.QuickTime
C:\Users\GUI\AppData\Local\Tempzxpsign003aaf8330e4 b2d9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign00c9c855d542 6559 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign00fabc2a39c8 6663 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign01390b793453 18af =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign013eaae8d051 c5e5 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign017adc81bc6a e4ce =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign01849a59ef38 43fd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign039388f17e06 1161 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign03ae457c7aff da78 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign03fa753466c0 b69d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign046518382098 968c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign050b7ffedec9 4930 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign05355a688e90 433a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0760646fbd58 30ee =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign077a6318bfcc 33af =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign07a6386e3a4f 4cb3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign07ce15cedd1d e944 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign08cb721d973e 6211 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign08e859a51e74 fb5a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0991c8685508 5bfe =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign09971099c4e4 bb03 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign09b35a0856f6 06b1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0c3d6a7aca67 6492 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0c7edcaa1057 94d9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0d51f17c378b c782 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0dbc4a34f528 0079 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0ec33dc5ede5 1dd8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0ecf266722f0 11d7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0f5797946d0d fd05 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0fa1daeb0490 0bd1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0fdd456415e6 6617 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign115bdf7d3d3c 44e4 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign118a37d13f2b e4ac =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign11a9026f77ea efcd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign126210bca674 0e95 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign129ae1c6ec3c e0a1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign13b196bbdb68 c988 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign13da0922d2eb 6644 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign144946c11757 a3e2 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign147e887985a4 23b6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign14f8139db381 151c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign15820234c9df e551 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1584aa09c369 d917 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign160caf41cd83 c437 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign167208604bae 8c79 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign16a06f9cd2af e545 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign16ca9d38e7f4 c0b1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign16f759fab162 b509 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign171b6ca05cc4 9d47 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1838d7df488a e702 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign18507e7a45f9 ac4c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign187ee30434e4 3bdb =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign18b2133d1c18 09bb =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign18b729e649c3 b409 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign18e86f23242f d683 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign18f778a4c5e5 c0c7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign18f7840746c6 3af6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1932b5406f19 171d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign199c8c558e23 016c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign19bfd077cc73 7c85 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign19ce9e7373f3 5949 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1a6d24dc1fa4 c100 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1a8071f27b9f e03d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1afae82cc2aa 2cec =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1cc5d3097943 0278 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1d4145d8e753 eebc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1dd0b4301165 4502 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1dffdc967326 88e6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1dfffd8d5088 eff7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1ed38d796a88 27e3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1efe190c8ea1 125e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1f0f6c93d59b 9322 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1f112fd4a4fc 3cb3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1f863f1e60b8 91c2 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1faf6308ccac 60ee =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign20d75922c1a2 ca10 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign218133c02f84 8af7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign21aa61af8b65 8aac =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign21ce7230beea 6310 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign21e26c4c4ec0 074c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign220210cd96ae 08b5 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign225434e26224 6be9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2274f0ba0de4 546f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign22c4f063db6e dc8c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign233dbbaeb95e eaa3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign23e3dfc0ccd8 7278 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2424b23634a0 a930 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2473e5649e23 37b5 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign255cae0617f3 e93f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign266550c0928e e604 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2728d12688c4 be05 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign278998975db3 56f3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign282c014c8ad2 b47c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign28c1f8b927d1 9ef8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign292963bb4278 02fe =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2948f6080a03 96ae =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign295dbd1d5458 34c3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2987aab4e039 bee3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign29a3d68d5594 127c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2a29f49db6f3 2e7d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2afe77764d93 8504 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2b16ae3d948e 5404 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2b449d5b430b 9c97 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2b51a0d9882f 911e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2bfc4d3d1852 784f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2c4d0bb95156 0bce =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2c52f987461b bfa9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2cf8d5e7e701 eb3e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2d26eb3858ae bc12 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2d317a5f4608 fd90 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2d3c6933b956 4238 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2d86dc59d2bc 38ea =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2dabd4f41818 c7f7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2e223b321023 b5d0 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2e264f4a4e82 992e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2fbcec6475c2 55c1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2fd25ab26a4c 10f0 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3062da583fe5 cda3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign308da5d0713a a569 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign30991dd86ba5 c6aa =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign30d1611c08b3 c048 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3102f5b758f8 61aa =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign316cabe6789d a1b2 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign31ddc39f9674 5ae7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign330fba7898bb b9f6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign352ee86d742d 33c6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign357a35dc3898 245c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3583a9db9b33 53a9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign36a21d2e3c64 ddc8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign37934ddaafb6 bc42 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign37fc9c2736b2 acfd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign38d149137bb9 039e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign392e358d64d7 c465 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign393c22286977 18f7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign395d73a9b346 4c72 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign39707f5f694a 2f5b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3970844fa7f1 34f8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign39765163e19b 1fce =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign39d518611f2d 8476 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign39e0c3954889 82bf =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3b15d40f4e32 6cb3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3b1f9197ad48 c676 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3b289ee80d22 523e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3bb18169861f f74c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3bf3636be2b1 601f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3c0aedb21a34 6795 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3d82ceb57cac 5a44 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3df68bd89f6b 55ce =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3e4375791c24 fb86 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3fd76a1da579 763e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign40250a79def6 a514 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign409703bc6e37 b7e3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign41bdfa23460b e335 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign41f2d9ac9126 2bb8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign422dbe556209 5f62 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign42b6c5389b82 962c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign42bfb604ff74 c569 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign43d18a5fdd1b 4514 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4443ef62a10f 90d3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign44ff9222091e f95e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign45066a14bdf2 0dcd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4529f0e83adb a1af =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4618026adcb2 5eb6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign467707b59dcb 8487 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign475cf22a1fcb 6d76 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign47ee960cefa5 0df5 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4805d01f18f2 cbe8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4873f6dae2fe b629 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign48a1f3430929 fd16 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign48d9f147bb25 1f79 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4911e66bbcea 0554 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4938ea81227f 19fe =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign49ca59bf7014 bc7b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign49d40d5ae742 a988 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4a7e0cc6586d 9b8b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4a8105c71612 4a59 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4ad459fc2977 0279 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4ada1da5de8c 533b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4c60f2f2791e e32b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4d28065e9227 a153 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4d6863ac0046 0d0a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4da2970b5f9f a969 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4dab06e4787a 87db =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4e46fa004eed d679 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4edb75d0ab55 10f3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4f4e4a5d5508 fdf9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4ff8ec35a7a9 be1c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5075f0a7c026 8b0c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign509edfa5b464 1343 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign50a5d7bfbdf3 5b59 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign50f10330b783 7cf9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5190b537a202 5158 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5292b5a3aaa2 4014 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign535621248877 b243 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign53f4e17f50bd c949 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign53fe26e5140f 449e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign540404978359 d6aa =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign54a3f4540a02 e3fe =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign54cf1c3733c0 52c1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign550c26bd211d cb3c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign55f083f7392f 12cc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign568d060c91f1 9a7d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign576d2c7d7ff2 7113 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign57e9d585ead8 a8da =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign582797a4b61f 1e48 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign58599ae5ba05 3274 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign59a50f87a265 0760 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5a8f0b28779e 6a49 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5b1a3583114a 5373 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5b1b3a42d40e 4d65 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5c45bb7ce683 88f1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5c96e2801dfc ee73 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5ca88cab95a1 4f96 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5cee12b86909 d1d4 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5d3ae8a7c537 7b31 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5d5e22d81f64 971e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5dee1c7e74a0 4bcd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5e3b437757e0 a8b7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5e7b003fed95 e37b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5ed6c362c34b 64dc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5f439966ca20 e233 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign602552c97ce8 cc6a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6191450da9af da74 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6306adc0c9be 667d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6343588425c2 937c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign638d63b68f92 8ee8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign63e7c6e48855 bf1a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6485d78d1e03 377f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign648721b7cf01 86a3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign65d85eed0d62 4030 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign66475e94cfc8 b69a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign66484ea25dd5 8e35 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign67235a806627 a245 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign680c29d10fd3 0bf0 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign68354e7e9e15 d2b3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign68712558cbf2 9e2c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign68c443e38460 3c17 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign698bc1e78cb8 f64c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign69b6781b925f 2a47 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6a24d2d07897 56e4 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6a555b9a2a66 6b32 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6b75d9b60faa 50fc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6bfc8aa4b25d 07e4 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6bff1e424fb0 f05d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6c5f6397cedb 6d76 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6c79d6daa4eb 7ff3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6cfecfea6f22 594f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6e678b0555ff 4e92 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6e7059ee19c5 ff4a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6e72b1913625 9a6c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6f162987af3b 04a6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6f2fe33d2567 7361 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6f515652b4ed 09f7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6ff3df9898ea 0f75 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6ff91307a3e3 64cf =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign704739278f60 8d03 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7057cf695bab e187 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign711574cd9ca4 7920 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign711df4966b7f 61a7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign71b9512b1866 91fe =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign727be557be4c 0dce =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign72bbf92833ec 3afe =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign73505079d8e9 3cd0 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7358ded1a545 3a8a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign743ce8c92817 3713 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign75ccf0e541a5 51d3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7645dfd4d264 c5ed =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7662e7421d0e c9ab =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7688cfe7a143 4981 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign776a5bb54646 18bc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7785b38018bc 054d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign779a2fe771a9 b50b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7a4661064fce 5979 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7ab9b8ff09df d886 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7ac51b85ea36 6fa3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7b636cdb6223 043c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7bb7e59e23c1 cbde =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7bfce8986547 09d9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7c1ab601f7b3 9f47 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7c2b86298fab 7244 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7c6c6782486b b3c5 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7cca2c968b60 9243 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7d407fad443b 15ad =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7df55533ef5a 4567 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7e033af8d1e8 16e7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7e558e6be44c 2995 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7facb5571811 d73f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign81653e7305bc b850 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign81c147e1081b c3fb =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign81c5645f8442 ef32 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign827c308ad722 f0ff =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8308c58904f6 c86b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8334f55a772d af38 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign83e379650ddb de62 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign83f7536cf10c 6db0 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign83fea396a540 4ba6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign852b58af6d2e d523 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8654695343f1 cb83 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign865900e01ceb 3208 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign867222f07934 8527 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign86d32000a870 2664 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign86ee18a7a497 7ebf =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign86f01a2de0ec 1973 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign86f7512f95d4 6ffb =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8745f6c1545d 4cbf =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign87cfeb2d08dd 6ff3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign890287de7641 fbe4 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign893c41484147 737e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign897eaeb6f302 931f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8a3c13b5dbec f235 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8a3f138efb88 a8fd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8ac6eca8a401 5144 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8acacf2fe908 5008 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8ad2fb584849 a24c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8b00df439038 d651 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8b3a1f653d38 6dcd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8bba086a65bc f1d4 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8c1cd9cb1946 4378 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8c409ec03ea4 1ebb =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8c4e25afaacf c98a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8e0be57273d1 03cb =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8f0c0d522645 eb25 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8fd2a5513e7d 9110 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign902394ee1f43 111c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign90290f78e7ed fba7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign907ce48771ad f96e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign908ed601cd30 88dd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign90d2ad21b4de b4a7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9130f8c8fee8 22b6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign91c6f17d1d7b a1e4 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign91f2000e83a1 59fc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9306e620d1c7 f125 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign931ed593976e 0989 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign933305238612 9dc5 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign93362d400898 35e0 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9417fd960ece 5c50 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign94752f7a1c90 94a8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign94c5002419a5 f215 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign95210eda0ba2 a269 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign95d1fe87570c 7647 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign971bf5ef2ca8 1e5d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign97352cd0343f e161 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9831b186400c f5bb =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9846973e650c fb9b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign985b95ab8142 c7d9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign98ebc37d50b7 bc3b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign98f698b36aea 56e3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9912dc6a7914 b8ce =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign993866b58baa 20b1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign99d5023f2999 7c4b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9ae68a9eda9e 5509 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9af990a255ae 57fc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9b280a2c13c9 02f2 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9bffeeb5fd11 7c22 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9d27d3a47126 3619 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9d6c9587df0b becd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9da3ab226a11 2f9a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9ddfe331a975 8276 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9ef2f6ec9155 b73f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9f2c88791d18 85d0 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9f3fee13d971 f7a5 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9f43222c5c91 294e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna0ae8915767f 663d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna135b910e614 d6c9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna15bede8e746 8166 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna25a32bae770 de04 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna2686c08fe99 d3bc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna369826e6e2e db0f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna3b0faacfc95 b07e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna3d889681ebf 14c9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna41b000a682a e189 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna484980b349c e5d9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna4f9be8689dd 07a4 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna5622f5f21b8 c2d3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna67649db7505 4036 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna6a67978a625 8feb =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna750d69d6e8c ce1b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna75ed98a1381 4b15 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna7bd6c43f16a fb34 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna7e725fbdb57 4014 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna7ecdeae295f c14f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna81d74052509 09c2 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna84c6f6465e8 cbfa =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna991a3d0d9ce 2a27 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignaa1b28d0198c 6fec =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignaa47e277743d 1522 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignaa6d831ea496 8331 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignaa92b59cb13d ce90 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignaaeb313bf7df 044a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignab76ca3a1386 ee89 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignac095bd80ae0 9108 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignac7fd9848012 22db =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignad33f76c5821 9b63 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignad40cda58028 ef60 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignad5f9fb048de cb3e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignade10f448ff4 f070 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignae005b5aee59 51ce =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignae5dd478f25f da0c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignae85b49eac4f 01d3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignae9f06c80e2f 6aa3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignaec5ad4f2755 a1b2 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb02c6828d39b 8a72 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb150b8b0e02a 2d35 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb19057bcf764 d14f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb1e7126263ef 97a9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb22ae277db92 c3fc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb2600d620741 4ba7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb2e0617e4410 05c1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb32c918fb761 4cf9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb3ab55454502 ebb4 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb42e7de8a2cd 4865 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb4316f2929b8 7dd8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb4a6505829e0 a0d6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb4d2b195df71 0d46 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb5cef376deef 4335 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb6617cc1ab88 6c78 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb718b7ee6f24 9b04 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb78deef85a70 961c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb7c5d33588ac 5e49 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb7e8eef0e1b2 9227 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb86f13dd0053 dcc7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb94cc523dfde fa89 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb9584a7c6c7b 91bd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignba40ff85a241 4008 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignba5bdc816de2 5bb1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignba85c61603d8 2604 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignba9161c6e14f 5897 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignba9249231319 a530 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbaa59fe679cf 603e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbb564d6b72b0 6d99 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbb7bce63f65d e0de =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbbe06819f15d 7473 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbc698ae329f5 b7dd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbcfffad0eb69 cd0a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbd2542ad4dbf 5219 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbd8d55dea95d 4aa1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbe3865410e04 be34 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbe7e2f7c54e8 0c82 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbea510e26ac8 a459 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbf21da7a7835 fc39 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbf8c3022bdfb 6c09 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbf9544086a12 acbf =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc1213f9b419e ee20 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc1a2e927c48a 8442 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc30a6db7096e e30a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc31e5b3ae9b5 b9b9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc32c8513abbc a807 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc39b42e6f712 2cfc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc402ec8d02f3 4ac7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc41f9300dfad 79ee =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc43b5b114f2f 1969 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc477a853482b 0f7e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc4855d184a6e 4960 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc49c3dd71168 6c9c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc4e2502c1246 5cf5 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc53a2cedc020 a718 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc5da5fe6b80f 2f95 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc6d5eebe75ef 820c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc76d5962626f 428b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc785eb64efee 6be3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc7fe40098777 1c18 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc8000bf11c2e 301c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc8b33b59070a 0e2b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc8decd13af75 031f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc983e208f7db 13f5 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignca4e7c8b4074 9699 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigncb3a121030bd cb68 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigncb3dd4639682 8263 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigncc5e7125feb3 2128 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigncd4d3c68ddda b2ac =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignce45098f666d f0a1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignce97d0669975 1b04 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignceba218f52b8 70f7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigncf0ec684353c c0a7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigncf57ec50d228 8f3b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigncfd301f5e261 d844 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigncfdf2bd5d8ae c7bc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd012ed86bb42 2144 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd0240d338d0f cf97 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd03ac4ebbb3b 6c35 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd03dc60f5e85 c53a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd0870fc47575 1edf =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd0a90713eac9 fe13 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd15ed316af56 69c9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd18896ddb58f fdb1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd1924a9ff3f7 8e66 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd41c63025e5a 49ba =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd4f96eebe5a5 cfc9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd68580ea847f b788 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd73c51e9890e c618 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd76ca85dc7c5 4baf =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd77f0975338d 73e8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd7859051a2f9 1ebc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd7b4f570afd3 52a0 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd7c9fc509e79 3a77 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd82d0375bcd3 c339 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd84bc13c8a21 5399 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd854236b084f 8626 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd86a480010ca 9c32 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd8a308a2881d 880b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd90da26347e5 0986 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignda4ae173987e b2c1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignda9f67b05f8d 625b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndaa8e1cbc335 87d1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndb349390347c 543e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndb70507c51ba a89f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndc547c2848d6 a42c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndc5ce0bcbbf5 d73a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndcb46cfdbf88 83ac =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndd40f63418f6 8f3f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndd625f8c5f4d 29ef =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignddc1f8ec185f 97f3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignde4695f51bca de56 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndf9a5a5ff59d 6fb3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndfee7112bc63 1149 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndffe6c062efc d087 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne06690bcc953 edd2 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne0ba6d3f4a51 ca5a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne0c0c0d121f2 de33 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne0cf39370d85 da88 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne123c90342b4 23d9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne166ce89c6a4 1da4 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne2a1ac3bf129 6e10 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne305e9513ab3 bfba =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne51684dff1de bde1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne51868aa9054 ba78 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne5455106140f 1ef6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne58b8e55d9e9 32d2 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne5c3b5c14675 c63e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne5d0f2d7a055 8fee =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne5e19c49426a a996 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne689cd367772 1923 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne699928e4aec 91b2 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne70273f47eee f94c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne74e0467f2a1 6c26 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne794d2fa8fbc 2129 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne7de0caf0176 eaf0 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne85ee3787bc9 c63b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne8bd42b4e858 8101 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne944597c827c e264 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignead15346a829 d153 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigneb2fdac6cc64 ccd8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigneb7176a9e1df 562d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigneb956748cbb6 1275 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignebddccd11888 72cd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignec0d26b5bca8 86df =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignec0f527a3ec4 5275 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignec28b4c8af30 2a2a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignec482f16c0b3 c366 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignecc161a78fb4 cf4c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigneceae2c8468b 2bf8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigneced30361d5a e427 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigned279bdbffab 747f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignedc92e2e6b33 69bf =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignee6726304d5f 545b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignee6cad94d37e 230a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignefbbd7389bbb 07f3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf072d0b6cdd6 f5df =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf0f5068fecee 5a82 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf1d79178759c 7845 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf2312e915d9c c280 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf24b0a5c2c10 86c3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf2ca55772e31 5277 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf30ebec7dc84 cf6d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf3ea1c6ffcb2 9559 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf3ffa8b72503 5b35 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf43c864b32d5 38c8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf47f2ed8a6ff 30ba =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf486854ff452 5ae8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf48814598bbe 6868 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf4af2b29f03a d029 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf50bde5e259a 69ab =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf50de4104c39 b1f9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf592fa373ba1 92cc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf64e4bf3cdab abbf =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf65378fbb7c1 f09f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf70c081e2720 6c8f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf8981b982e7b 665a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf8ae50c5f03c 956a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf8bfbf033615 5015 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf8c965584a36 3046 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf962e0e7f9b2 a30d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf973585de577 7153 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignfb123747f156 51f5 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignfbcc301a0581 a136 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignfbfb54d76edc 79b8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignfca9bcfb4ef7 0140 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignfd0bd87c16cb 6d60 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignfda5e151ac85 db4a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignfec245dd9be1 cedc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignff60456901bd 7e93 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignff7258738268 1027 =>.SUP.Temporary
HKLM\Software\Classes*\ShellEx\ContextMenuHandlers \MEGA (Context menu) =>.SUP.Orphan
HKLM\Software\Classes*\ShellEx\ContextMenuHandlers \WinRAR32 =>.SUP.Orphan
HKLM\Software\Classes\CLSID{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>.SUP.Orphan
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHa ndlers\WinRAR32 =>.SUP.Orphan
C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\File System\000 =>.SUP.Temporary.Chrome
C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\File System\001 =>.SUP.Temporary.Chrome
C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\File System\002 =>.SUP.Temporary.Chrome
C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\File System\003 =>.SUP.Temporary.Chrome
C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\File System\004 =>.SUP.Temporary.Chrome
C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\File System\005 =>.SUP.Temporary.Chrome
C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\File System\006 =>.SUP.Temporary.Chrome
C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\File System\007 =>.SUP.Temporary.Chrome
C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\File System\008 =>.SUP.Temporary.Chrome

—\ RÉCAPITULATIF DES ÉLÉMENTS TROUVÉS SUR VOTRE STATION (6) - 0s
Redirecting... =>.SUP.Skillbrains QuickTime, Logiciel plus maintenu. - ZAM =>Riskware.QuickTime Logiciels Potentiellement Superflus (LPS). - ZAM =>.SUP.Temporary https://nicolascoolman.eu/2017/09/12...es-orphelines/ =>.SUP.Orphan Redirecting... =>.SUP.Spigot Logiciels Potentiellement Superflus (LPS). - ZAM =>.SUP.Temporary.Chrome

~ Unselected Options: ~ End of the scan, 12068 items in 02mn25s (2695)(0)

ÉLÉMENT(S) TROUVÉ(S) PAR ZHPDIAG
https://nicolascoolman.eu/wp-content...alware-ZAM.jpg https://nicolascoolman.eu/wp-content...8252333741.jpg https://nicolascoolman.eu/wp-content...alware-ZAM.jpg https://nicolascoolman.eu/wp-content...ntimalware.jpg https://nicolascoolman.eu/wp-content...alware-ZAM.jpg https://nicolascoolman.eu/wp-content...lware-zone.jpg LOGICIELS DE PROTECTION
https://nicolascoolman.eu/wp-content.../02/Avira1.jpg https://nicolascoolman.eu/wp-content...sDefender2.jpg LOGICIELS DE PROTECTION SUPERFLUS
https://nicolascoolman.eu/wp-content.../02/Zemana.jpg NUMEROS DE SÉRIE

[00BA4F6150566B99B3C7BAE5FF74C5EBFD] [01/07/2016] (.Andrew Ziem.) - C:\Program Files (x86)\BleachBit\bleachbit.exe [00F6E3D0098BF4E24D22BBB9550C55343E] [18/01/2017] (.Disc Soft Ltd.) - C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe [00F6E3D0098BF4E24D22BBB9550C55343E] [18/01/2017] (.Disc Soft Ltd.) - C:\Program Files\DAEMON Tools Pro\uninst.exe [0210230FD364B469091B8A4440145E18] [14/05/2018] (.Zemana Ltd..) - C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [0210230FD364B469091B8A4440145E18] [14/05/2018] (.Zemana Ltd..) - C:\WINDOWS\System32\drivers\zam64.sys [0210230FD364B469091B8A4440145E18] [14/05/2018] (.Zemana Ltd..) - C:\WINDOWS\System32\drivers\zamguard64.sys [021EEAA434D48391EDD756B9003E826C] [17/09/2017] (.fayteq AG.) - C:\ProgramData\Package Cache{1582ee6c-39ed-474c-a751-71fe914bd8d5}\fayINSetup.exe [026AF2ADEA0AB3CF19D42A44A47426E8] [24/05/2017] (.VideoLAN.) - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe [0320BE3EB866526927F999B97B04346E] [16/11/2017] (.Realtek Semiconductor Corp..) - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [0320BE3EB866526927F999B97B04346E] [16/11/2017] (.Realtek Semiconductor Corp..) - C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe [03C6ABDDE7AA440BC1990A06D53489DB] [23/03/2018] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe Photoshop CC 2018\Photoshop.exe [0443B567BFFBAA3BC083FE45A46DD041] [13/05/2018] (.Blizzard Entertainment, Inc..) - C:\Program Files (x86)\Blizzard App\Battle.net Launcher.exe [0443B567BFFBAA3BC083FE45A46DD041] [13/05/2018] (.Blizzard Entertainment, Inc..) - C:\ProgramData\Battle.net\Agent\Agent.6160\Agent.e xe [0443B567BFFBAA3BC083FE45A46DD041] [13/05/2018] (.Blizzard Entertainment, Inc..) - C:\ProgramData\Battle.net\Agent\Agent.exe [0443B567BFFBAA3BC083FE45A46DD041] [22/02/2018] (.Blizzard Entertainment, Inc..) - C:\program files (x86)\heroes of the storm\versions\base62424\heroesofthestorm_x64.exe [0443B567BFFBAA3BC083FE45A46DD041] [23/03/2018] (.Blizzard Entertainment, Inc..) - C:\program files (x86)\overwatch\overwatch.exe [044E3BF58976880FFD074448A8F7A058] [12/05/2018] (.Malwarebytes Corporation.) - C:\Users\GUI\Desktop\adwcleaner_7.1.1.exe [04F131322CC31D92C849FCA351D2F141] [10/05/2018] (.Discord Inc..) - C:\Users\GUI\AppData\Roaming\discord\0.0.301\modul es\discord_hook\3\DiscordHook.dll [04F131322CC31D92C849FCA351D2F141] [10/05/2018] (.Discord Inc..) - C:\Users\GUI\AppData\Roaming\discord\0.0.301\modul es\discord_hook\3\DiscordHook64.dll [04F131322CC31D92C849FCA351D2F141] [10/05/2018] (.Discord Inc..) - C:\Users\GUI\AppData\Roaming\discord\0.0.301\modul es\discord_hook\3\DiscordHookHelper.exe [04F131322CC31D92C849FCA351D2F141] [10/05/2018] (.Discord Inc..) - C:\Users\GUI\AppData\Roaming\discord\0.0.301\modul es\discord_hook\3\DiscordHookHelper64.exe [04F131322CC31D92C849FCA351D2F141] [30/04/2018] (.Discord Inc..) - C:\Users\GUI\AppData\Local\Discord\app-0.0.301\Discord.exe [04F131322CC31D92C849FCA351D2F141] [30/04/2018] (.Discord Inc..) - C:\Users\GUI\AppData\Local\Discord\Update.exe [05067D3A8DE1687600A7207D3FF99808] [09/08/2017] (.Imagineer Systems Ltd.) - C:\Program Files\Adobe\Common\Plug-ins\7.0\MediaCore\Imagineer Systems\mocha VR Plugin V5\MediaIOServer.exe [055F937A9DF73DFD90BA9889E4C50A11] [29/08/2017] (.Notepad++.) - C:\Program Files (x86)\Notepad++\notepad++.exe [055F937A9DF73DFD90BA9889E4C50A11] [29/08/2017] (.Notepad++.) - C:\Program Files (x86)\Notepad++\NppShell_06.dll [068983642C953E46F7BDCE4143F133C1] [09/02/2018] (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [06B922A8397E632FE5348DA267275B4F] [05/01/2018] (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [06B922A8397E632FE5348DA267275B4F] [24/04/2018] (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [06B922A8397E632FE5348DA267275B4F] [24/04/2018] (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe [06B922A8397E632FE5348DA267275B4F] [24/04/2018] (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [06B922A8397E632FE5348DA267275B4F] [24/04/2018] (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HDBox\Uninstaller.exe [06F04788031055D31DEFFEFCD026D6C5] [02/10/2017] (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Adobe\Flash Player\AddIns\airappinstaller\airappinstaller.exe [06F04788031055D31DEFFEFCD026D6C5] [02/10/2017] (.Adobe Systems Incorporated.) - c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe [06F04788031055D31DEFFEFCD026D6C5] [11/04/2018] (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [06F04788031055D31DEFFEFCD026D6C5] [11/04/2018] (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_ 0_0_140_pepper.exe [06F04788031055D31DEFFEFCD026D6C5] [11/04/2018] (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_ 0_0_140_Plugin.exe [07D9006D6B075E81FC7987596B6B5E56] [13/05/2018] (.Blizzard Entertainment, Inc..) - C:\ProgramData\Battle.net\Agent\BlizzardError.exe [07D9006D6B075E81FC7987596B6B5E56] [17/09/2017] (.Blizzard Entertainment, Inc..) - C:\program files (x86)\warcraft iii\warcraft iii.exe [07D9006D6B075E81FC7987596B6B5E56] [17/09/2017] (.Blizzard Entertainment, Inc..) - C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe [08385578821DA77EEA1703484E369B19] [28/02/2018] (.FlippingBook Limited.) - C:\Program Files (x86)\FlippingBook\FlippingBook Publisher Trial\Utilities\GAEventTracker.exe [084CAF4DF499141D404B7199AA2C2131] [03/04/2018] (.Valve.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe [084CAF4DF499141D404B7199AA2C2131] [03/04/2018] (.Valve.) - C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe [084CAF4DF499141D404B7199AA2C2131] [03/04/2018] (.Valve.) - C:\Program Files (x86)\Steam\Steam.exe [084CAF4DF499141D404B7199AA2C2131] [08/08/2016] (.Valve.) - C:\Program Files (x86)\Steam\uninstall.exe [084CAF4DF499141D404B7199AA2C2131] [20/12/2017] (.Valve.) - C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe [08EBDFBC0700FBE020BF5618F792F429] [16/11/2017] (.Realtek Semiconductor Corp..) - C:\WINDOWS\System32\drivers\RTKVHD64.sys [09268FAA1AD6894D179E5B87A2F06462] [02/03/2018] (.LunarG, Inc..) - C:\Program Files (x86)\VulkanRT\1.1.70.0\UninstallVulkanRT.exe [0B28BFCA8214E373A120A41694BD08D1] [23/02/2018] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe Illustrator CC 2018\Support Files\Contents\Windows\Illustrator.exe [0B28BFCA8214E373A120A41694BD08D1] [28/02/2018] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe InDesign CC 2018\InDesign.exe [0C5396DCB2949C70FAC48AB08A07338E] [02/05/2018] (.Mozilla Corporation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [0C5396DCB2949C70FAC48AB08A07338E] [02/05/2018] (.Mozilla Corporation.) - C:\Program Files\Mozilla Firefox\firefox.exe [0C5396DCB2949C70FAC48AB08A07338E] [02/05/2018] (.Mozilla Corporation.) - C:\Program Files\Mozilla Firefox\uninstall\helper.exe [0CEFAB1F7C07370C77DFB61C3CA4F5F0] [10/02/2018] (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [0D0D91D71B782242EEB53511760B1D6C] [13/08/2017] (.Ivaylo Beltchev.) - C:\Program Files\Classic Shell\ClassicExplorer32.dll [0D0D91D71B782242EEB53511760B1D6C] [13/08/2017] (.Ivaylo Beltchev.) - C:\Program Files\Classic Shell\ClassicExplorer64.dll [0D0D91D71B782242EEB53511760B1D6C] [13/08/2017] (.Ivaylo Beltchev.) - C:\Program Files\Classic Shell\ClassicStartMenu.exe [0DDD683D630AA770B5187C7F038BA4B7] [13/10/2017] (.Digiarty, Inc..) - C:\Program Files (x86)\Digiarty\WinX MediaTrans\ffmpeg.static.exe [0DDD683D630AA770B5187C7F038BA4B7] [13/10/2017] (.Digiarty, Inc..) - C:\Program Files (x86)\Digiarty\WinX MediaTrans\MediaTrans.exe [0E7659E767D3DDAD0F563995DA4E4CAB] [09/08/2017] (.Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi.) - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [0E7659E767D3DDAD0F563995DA4E4CAB] [14/05/2018] (.Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi.) - C:\Users\GUI\Desktop\ARAWAK\Zemana.AntiMalware.Set up.exe [0EBC1935D5294A594B4F32707B0A0AB9] [07/09/2017] (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [0EBC1935D5294A594B4F32707B0A0AB9] [11/09/2017] (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe [0EBC1935D5294A594B4F32707B0A0AB9] [11/09/2017] (.Apple Inc..) - C:\Program Files\iTunes\iTunes.exe [0F0CC3A57EF947E7D23CF075B8B4BA5D] [20/03/2018] (.Parsec Cloud, Inc..) - C:\Program Files\Parsec\parsecd.exe [0F0CC3A57EF947E7D23CF075B8B4BA5D] [20/03/2018] (.Parsec Cloud, Inc..) - C:\Program Files\Parsec\pservice.exe [0F5A57726999506B6F93FD9A150B88FA] [25/04/2018] (.BattlEye Innovations e.K..) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [0FA18A29F85296A455AC5ED00C86C0AE] [29/03/2018] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe Lightroom Classic CC\Lightroom.exe [10FB713319027F3F1F1C0667B3C38CA9] [24/08/2017] (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrodist.exe [10FB713319027F3F1F1C0667B3C38CA9] [24/08/2017] (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.d ll [10FB713319027F3F1F1C0667B3C38CA9] [24/08/2017] (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavSt ub.dll [112133B1A3A74C3748DC9FCF7C6E580AFDAF] [08/05/2018] (.Power Admin LLC.) - C:\Users\GUI\Desktop\Tools\Display Driver Uninstaller\DDU v17.0.8.6\x64\paexec.exe [112172E6B04266BB4059BFEF636CF8F452A0] [17/09/2017] (.Disc Soft Ltd.) - C:\WINDOWS\System32\drivers\dtproscsibus.sys [1121A377C1EF3BC56B4465236944AB02A805] [26/04/2016] (.Tunngle.net GmbH.) - C:\WINDOWS\System32\drivers\tap0901t.sys [1121D24CD88E6CEED6BBAEED1AF39659628D] [02/11/2016] (.RE Vision Effects, Inc..) - C:\Program Files\REVisionEffects\Twixtor6AE\REVisionLicenseIn staller.exe [1121DC26D9A7456B96B33BE622115C02D394] [29/06/2016] (.SOKNO S.R.L..) - C:\Program Files (x86)\SpeedFan\speedfan.exe [14781BC862E8DC503A559346F5DCC518] [07/05/2018] (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe [14781BC862E8DC503A559346F5DCC518] [07/05/2018] (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe [14781BC862E8DC503A559346F5DCC518] [07/05/2018] (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvvhci.sys [14781BC862E8DC503A559346F5DCC518] [12/05/2018] (.NVIDIA Corporation.) - C:\ProgramData\NVIDIA Corporation\Downloader\957fcaf1295218d5a5c28330c60 b6284\397.64-desktop-win10-64bit-international-whql-g.exe [14781BC862E8DC503A559346F5DCC518] [12/05/2018] (.NVIDIA Corporation.) - C:\Users\GUI\AppData\Local\NVIDIA\NvBackend\Applic ationOntology\NvOAWrapperCache.exe [14781BC862E8DC503A559346F5DCC518] [12/05/2018] (.NVIDIA Corporation.) - C:\Users\GUI\AppData\Local\NVIDIA\NvBackend\Applic ationOntology\OAWrapper.exe [14781BC862E8DC503A559346F5DCC518] [12/05/2018] (.NVIDIA Corporation.) - C:\Users\GUI\AppData\Local\NVIDIA\NvBackend\Applic ationOntology\Ontology.dll [14781BC862E8DC503A559346F5DCC518] [12/05/2018] (.NVIDIA Corporation.) - C:\Users\GUI\AppData\Local\NVIDIA\NvBackend\Applic ationOntology\Ontology64.dll [14781BC862E8DC503A559346F5DCC518] [22/04/2018] (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [14781BC862E8DC503A559346F5DCC518] [22/04/2018] (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [14781BC862E8DC503A559346F5DCC518] [22/04/2018] (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [14781BC862E8DC503A559346F5DCC518] [22/04/2018] (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [14781BC862E8DC503A559346F5DCC518] [22/04/2018] (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [14781BC862E8DC503A559346F5DCC518] [22/04/2018] (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [14781BC862E8DC503A559346F5DCC518] [22/04/2018] (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe [14781BC862E8DC503A559346F5DCC518] [22/04/2018] (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe [14781BC862E8DC503A559346F5DCC518] [24/04/2018] (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvhda64v.sys [14781BC862E8DC503A559346F5DCC518] [24/04/2018] (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvvad64v.sys [14F8FDD167F92402B1570B5DC495C815] [17/09/2017] (.Google Inc.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162F1B80254ABA54081C482A3D25A06A] [28/11/2017] (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-Player.exe [162F1B80254ABA54081C482A3D25A06A] [28/11/2017] (.BlueStack Systems, Inc..) - C:\ProgramData\BlueStacks\Client\BlueStacksClientU ninstaller.exe [1834B81889070312B5C4CA72EA419A5E] [12/07/2017] (.Razer USA Ltd..) - C:\Program Files (x86)\Razer\Synapse\RzAIOGenerator.exe [1834B81889070312B5C4CA72EA419A5E] [19/07/2017] (.Razer USA Ltd..) - C:\WINDOWS\System32\drivers\rzpmgrk.sys [1834B81889070312B5C4CA72EA419A5E] [19/08/2017] (.Razer USA Ltd..) - C:\WINDOWS\System32\drivers\rzpnk.sys [1834B81889070312B5C4CA72EA419A5E] [20/07/2017] (.Razer USA Ltd..) - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [1E3308F7ECDC20D952DFCD12D1F83215] [02/02/2016] (.Open Source Developer, Tim Kosse.) - D:\FileZilla FTP Client\filezilla.exe [1E39B33A9C469A90223AD52EFB83BF38] [02/08/2017] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe Muse CC 2017\Muse.exe [1ED82F] [24/09/2017] (.InstallShield Software Corporation.) - C:\Program Files (x86)\InstallShield Installation Information{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}\setup.exe [1ED82F] [24/09/2017] (.InstallShield Software Corporation.) - C:\Program Files (x86)\InstallShield Installation Information{64963F0E-03F2-4B59-8D1B-1806545E7092}\setup.exe [1FA23856C1CD8320F16E5F00F0CFD258] [17/07/2017] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe [1FEB5456B9E0C2C68357C42975B98224] [10/04/2018] (.Avira Operations GmbH & Co. KG.) - C:\ProgramData\Package Cache{4b629f54-1d82-40c9-9979-4485bb58d155}\Avira.OE.Setup.Bundle.exe [1FEB5456B9E0C2C68357C42975B98224] [28/03/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [1FEB5456B9E0C2C68357C42975B98224] [28/03/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [234175E3D1A23EF8ACB50245] [16/03/2018] (.EasyAntiCheat Oy.) - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2624AE59466DFE3BA7CF56FC6C0963F8] [21/11/2016] (.Imagineer Systems Ltd.) - C:\Program Files\Avid\AVX2_Plug-ins\Imagineer Systems\mocha Pro Plugin V5\MediaIOServer.exe [2A9C21ACAAA63A3C58A7B9322BEE948D] [26/04/2018] (.Google Inc.) - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2A9C21ACAAA63A3C58A7B9322BEE948D] [28/04/2018] (.Google Inc.) - C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\Inst aller\chrmstp.exe [2A9C21ACAAA63A3C58A7B9322BEE948D] [28/04/2018] (.Google Inc.) - C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\Inst aller\setup.exe [2B150D10370F2AC5] [04/05/2018] (.Grinding Gear Games Limited.) - C:\Program Files (x86)\Grinding Gear Games\Path of Exile\Client.exe [2B150D10370F2AC5] [08/05/2018] (.Grinding Gear Games Limited.) - C:\Program Files (x86)\Grinding Gear Games\Path of Exile\PathOfExile.exe [2B150D10370F2AC5] [26/12/2017] (.Grinding Gear Games Limited.) - C:\ProgramData\Package Cache{5e37eb26-2d6e-4b09-9dda-67b2c7f8d5bb}\PathOfExileInstaller.exe [2B20EB3380792AB011F662C064FDB473] [12/08/2015] (.Apple Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2B20EB3380792AB011F662C064FDB473] [12/08/2015] (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe [2B20EB3380792AB011F662C064FDB473] [15/12/2015] (.Apple Inc..) - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe [330000B31EB304F8BF60CF07D900020000B31E] [29/09/2017] (.Intel Corporation - Client Components Group.) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [34160AF3885BBB32312B8BBF0333806F] [22/03/2018] (.NADEO.) - C:\Program Files (x86)\ManiaPlanet\unins000.exe [34160AF3885BBB32312B8BBF0333806F] [23/02/2018] (.NADEO.) - C:\program files (x86)\maniaplanet\maniaplanet.exe [39CF937CF8909F05793300DE20B4E45F] [28/03/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [3AEA7D79BC1D84D2E1AB0FFC8BC35658] [21/08/2017] (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\drivers\avkmgr.sys [3AEA7D79BC1D84D2E1AB0FFC8BC35658] [21/08/2017] (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\drivers\avnetflt.sys [3D3C455A5C7B7B2666915EB21857D7EA] [12/04/2018] (.Piriform Ltd.) - C:\Program Files\CCleaner\uninst.exe [458A21BAAB49CA0952DCDA5B6CCDE22A] [17/09/2017] (.Flexera Software LLC.) - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [48B5E1F21E14967333BED28F9E33B119] [21/10/2016] (.Adobe Systems Incorporated.) - C:\Program Files\Red Giant\Colorista IV\panel\AdobeExtensionManager\ExManBridgeTalkCmd. exe [4CFC1A5E1400453F59A426CA71F0AA6F] [07/10/2016] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe Bridge CC 2017\Bridge.exe [4D11D580AB75EDF1C6253EF239B514DC] [18/03/2018] (.TeamSpeak Systems GmbH.) - C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe [4E4563ADEAD3FEDAC7BD44EC5C590577] [26/10/2015] (.Razer Inc..) - C:\WINDOWS\System32\drivers\rzendpt.sys [4E4563ADEAD3FEDAC7BD44EC5C590577] [26/10/2015] (.Razer Inc..) - C:\WINDOWS\System32\drivers\rzudd.sys [4F73D99A8EF7E48CF4153120FFD4C174] [16/04/2018] (.Fatshark AB.) - C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe [51029B3B9CB48FA076FA2DA87A91DB42] [12/05/2018] (.Epic Games Inc..) - D:\EpicGames\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLaun cher.exe [51029B3B9CB48FA076FA2DA87A91DB42] [12/05/2018] (.Epic Games Inc..) - D:\epicgames\epic games\launcher\portal\binaries\win64\epicgameslaun cher.exe [51029B3B9CB48FA076FA2DA87A91DB42] [12/05/2018] (.Epic Games Inc..) - D:\epicgames\fortnite\fortnitegame\binaries\win64\ fortniteclient-win64-shipping.exe [529E3F9FCF7D58D520D607AB74395002] [11/08/2017] (.win.rar GmbH.) - C:\Program Files\WinRAR\Ace32Loader.exe [529E3F9FCF7D58D520D607AB74395002] [11/08/2017] (.win.rar GmbH.) - C:\Program Files\WinRAR\RarExt.dll [529E3F9FCF7D58D520D607AB74395002] [14/08/2017] (.win.rar GmbH.) - C:\Program Files\WinRAR\uninstall.exe [54CCA67C86AD2DDFBB5CE4D41DC7A3E2] [25/09/2017] (.Epic Games Inc..) - C:\ProgramData\Package Cache{c6c5a357-c7ca-4a5f-9789-3bb1af579253}\LauncherPrereqSetup_x64.exe [5CA430E4777412A8230BF839F782D4F7] [01/03/2017] (.Advanced Micro Devices Inc..) - C:\WINDOWS\System32\drivers\amdgpio2.sys [5CA430E4777412A8230BF839F782D4F7] [10/10/2017] (.Advanced Micro Devices Inc..) - C:\WINDOWS\System32\drivers\AMDPCIDev.sys [5CA430E4777412A8230BF839F782D4F7] [16/06/2017] (.Advanced Micro Devices Inc..) - C:\WINDOWS\System32\drivers\amdkmcsp.sys [5CA430E4777412A8230BF839F782D4F7] [16/06/2017] (.Advanced Micro Devices Inc..) - C:\WINDOWS\System32\drivers\amdpsp.sys [5CA430E4777412A8230BF839F782D4F7] [31/03/2017] (.Advanced Micro Devices Inc..) - C:\Program Files\AMD\RyzenMaster\bin\AMD Ryzen Master.exe [610AF5D800060000004C] [29/08/2017] (.AMD PMP-PE CB Code Signer v20160415.) - C:\WINDOWS\System32\drivers\amdgpio3.sys [6CD282A2D9A2C158505B178D59518B7B] [04/07/2017] (.Simon Tatham.) - C:\Program Files (x86)\PuTTY\pageant.exe [6CD282A2D9A2C158505B178D59518B7B] [04/07/2017] (.Simon Tatham.) - C:\Program Files (x86)\PuTTY\putty.exe [6CD282A2D9A2C158505B178D59518B7B] [04/07/2017] (.Simon Tatham.) - C:\Program Files\PuTTY\pageant.exe [6DC3ED4566163E279D2784C99FFFD787] [08/07/2016] (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe [6DC3ED4566163E279D2784C99FFFD787] [20/09/2017] (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HDCore\Uninstaller.exe [6EA61036BC172E7AF63074AC2CDC2700] [06/04/2017] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe Character Animator CC (Beta)\Support Files\Character Animator.exe [6EA61036BC172E7AF63074AC2CDC2700] [30/05/2017] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe Media Encoder CC 2017\Adobe Media Encoder.exe [6EA61036BC172E7AF63074AC2CDC2700] [30/05/2017] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\Adobe Premiere Pro.exe [6EA61036BC172E7AF63074AC2CDC2700] [31/05/2017] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe After Effects CC 2017\Support Files\AfterFX.exe [75FB51C8768EF6927BF41DA1A234A1D9] [17/03/2015] (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [76BA9423DDBCE7B145A95F01EE015F17] [09/05/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [76BA9423DDBCE7B145A95F01EE015F17] [09/05/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avguard.exe [76BA9423DDBCE7B145A95F01EE015F17] [09/05/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [76BA9423DDBCE7B145A95F01EE015F17] [09/05/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avshadow.exe [76BA9423DDBCE7B145A95F01EE015F17] [09/05/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [76BA9423DDBCE7B145A95F01EE015F17] [09/05/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\sched.exe [76BA9423DDBCE7B145A95F01EE015F17] [09/05/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\setup.exe [76BA9423DDBCE7B145A95F01EE015F17] [09/05/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [76BA9423DDBCE7B145A95F01EE015F17] [09/05/2018] (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\drivers\avgntflt.sys [76BA9423DDBCE7B145A95F01EE015F17] [09/05/2018] (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\drivers\avipbb.sys [76BA9423DDBCE7B145A95F01EE015F17] [21/08/2017] (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\drivers\avdevprot.sys [76BA9423DDBCE7B145A95F01EE015F17] [21/08/2017] (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\drivers\avusbflt.sys

English FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.05.2018
Ran by GUI (administrator) on DESKTOP-UL056C5 (14-05-2018 09:24:22)
Running from C:\Users\GUI\Desktop
Loaded Profiles: GUI (Available Profiles: GUI)
Platform: Windows 10 Home Version 1709 16299.431 (X64) Language: Français (France)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Parsec) C:\Program Files\Parsec\pservice.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(GNE) C:\Users\GUI\Desktop\Tools\dual monitor\SwapScreen.exe
(ShareX Team) C:\Program Files\ShareX\ShareX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Discord Inc.) C:\Users\GUI\AppData\Local\Discord\app-0.0.301\Discord.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Discord Inc.) C:\Users\GUI\AppData\Local\Discord\app-0.0.301\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Discord Inc.) C:\Users\GUI\AppData\Local\Discord\app-0.0.301\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\GUI\Desktop\FRST64english.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-11-16] (Realtek Semiconductor)
HKLM...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-03-28] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-4003686615-4269193129-2528438380-1001...\Run: [GNE_SwapScreen] => C:\Users\GUI\Desktop\Tools\dual monitor\SwapScreen.exe [166912 2014-01-08] (GNE)
Startup: C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\ShareX.lnk [2018-05-02]
ShortcutTarget: ShareX.lnk → C:\Program Files\ShareX\ShareX.exe (ShareX Team)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip..\Interfaces{12ab01fb-67da-4d03-9e28-a36c5d062547}: [DhcpNameServer] 172.20.10.1
Tcpip..\Interfaces{e4e99d05-3fa5-4f09-81c6-4986807542a3}: [DhcpNameServer] 192.168.0.254
[HEADING=1]Internet Explorer:[/HEADING]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: No Name → {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} → C:\Users\GUI\Downloads\OldNewExplorer64.dll [2017-08-16] (www.startisback.com)
BHO: Lync Browser Helper → {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} → C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-03-29] (Microsoft Corporation)
BHO: ExplorerBHO Class → {449D0D6E-2412-4E61-B68F-1CB625CD9E52} → C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
BHO: Adobe Acrobat Create PDF Helper → {AE7CD045-E861-484f-8273-0445EE161910} → C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavSt ub.dll [2017-08-24] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection → {F4971EE7-DAA0-4053-9964-665D8EE6A077} → C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavSt ub.dll [2017-08-24] (Adobe Systems Incorporated)
BHO-x32: No Name → {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} → C:\Users\GUI\Downloads\OldNewExplorer32.dll [2017-08-16] (www.startisback.com)
BHO-x32: Lync Browser Helper → {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} → C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-03-29] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class → {449D0D6E-2412-4E61-B68F-1CB625CD9E52} → C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF Helper → {AE7CD045-E861-484f-8273-0445EE161910} → C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.d ll [2017-08-24] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection → {F4971EE7-DAA0-4053-9964-665D8EE6A077} → C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.d ll [2017-08-24] (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavSt ub.dll [2017-08-24] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.d ll [2017-08-24] (Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-29] (Microsoft Corporation)
[HEADING=1]FireFox:[/HEADING]
FF ProfilePath: C:\Users\GUI\AppData\Roaming\Mozilla\Firefox\Profi les\htEukEjR.default [2018-05-14]
FF Session Restore: Mozilla\Firefox\Profiles\htEukEjR.default → is enabled.
FF Extension: (uBlock Origin) - C:\Users\GUI\AppData\Roaming\Mozilla\Firefox\Profi les\htEukEjR.default\ExtensionsuBlock0@raymondhill.net.xpi [2018-05-03]
FF HKLM...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_ex tn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_ex tn\adobe_acrobat-1.0-windows.xpi [2018-02-02]
FF HKLM-x32...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_ex tn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer → C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_ 140.dll [2018-04-11] ()
FF Plugin: adobe.com/AdobeAAMDetect → C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-04-24] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer → C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_ 140.dll [2018-04-11] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 → C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-03-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 → C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-03] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision → C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-05-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming → C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-05-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 → C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 → C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 → C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Acrobat → C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-02-22] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect → C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-04-24] (Adobe Systems)
[HEADING=1]Chrome:[/HEADING]
CHR StartupUrls: Default → “”,“hxxps://www.google.fr/”
CHR Session Restore: Default → is enabled.
CHR Profile: C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default [2018-05-14]
CHR Extension: (Slides) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2017-09-17]
CHR Extension: (YouTube) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2017-09-17]
CHR Extension: (uBlock Origin) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjb keiagm [2018-05-04]
CHR Extension: (Adobe Acrobat) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefi ndmkaj [2017-09-17]
CHR Extension: (Poe.trade ignore list) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\faapmfhhchgkfinplpkfemkfab ngkioc [2018-03-12]
CHR Extension: (Full Page Screen Capture) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoa lclacl [2018-05-09]
CHR Extension: (Sheets) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2017-10-13]
CHR Extension: (Google Docs hors connexion) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2017-09-17]
CHR Extension: (Page Ruler) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlpkojjdgbllmedoapgfodplfh cbnbpn [2018-02-24]
CHR Extension: (Awesome Screenshot: Screen Video Recorder) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlipoenfbbikpbjkfpfillcgko blgpmj [2018-02-26]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2017-09-17]
CHR Extension: (Chrome Media Router) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2018-04-28]
CHR Profile: C:\Users\GUI\AppData\Local\Google\Chrome\User Data\System Profile [2018-04-24]
CHR HKLM...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-04-24] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [879128 2018-05-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [224472 2018-05-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [224472 2018-05-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1165320 2018-05-09] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [449240 2018-03-28] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5745672 2018-04-25] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8521384 2018-03-24] (Microsoft Corporation)
S3 Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe [1446592 2017-01-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774784 2018-03-16] (EasyAntiCheat Ltd)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-04-22] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-04-22] (NVIDIA Corporation)
R2 Parsec; C:\Program Files\Parsec\pservice.exe [190536 2018-03-20] (Parsec)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-20] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
R2 NVDisplay.ContainerLocalSystem; “C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe” -s NVDisplay.ContainerLocalSystem -f “C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSys tem.log” -l 3 -d “C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSyste m” -r -p 30000
R2 NvTelemetryContainer; “C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe” -s NvTelemetryContainer -f “C:\ProgramData\NVIDIA\NvTelemetryContainer.log” -l 3 -d “C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins” -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [43400 2017-03-01] (Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33144 2017-08-29] (Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31112 2017-10-10] (Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243048 2017-06-16] (Advanced Micro Devices, Inc. )
R2 AMDRyzenMasterDriver1.0.0; C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys [70312 2017-03-27] (Advanced Micro Devices)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-08-21] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [179376 2018-05-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [169864 2018-05-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-08-21] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-08-21] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [38048 2017-08-21] (Avira Operations GmbH & Co. KG)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2017-11-27] (Bluestack System Inc. )
R3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264 2017-09-17] (Disc Soft Ltd)
S3 Kinonih; C:\WINDOWS\System32\drivers\kinonih.sys [32256 2016-06-22] (Kinoni)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ dispi.inf_amd64_38c9bee769f9ef1f\nvlddmkm.sys [17168744 2018-05-08] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-04-22] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2018-04-24] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [58816 2018-05-07] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-10-26] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [45752 2017-07-19] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [139704 2017-08-19] (Razer, Inc.)
R3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [53128 2018-01-19] (Benjamin Höglinger-Stelzer)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2018-05-14] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-05-14] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-14 09:08 - 2018-05-14 09:08 - 000299735 _____ C:\Users\GUI\Desktop\ZHPDiag.txt
2018-05-14 09:04 - 2018-05-14 09:08 - 000000000 ____D C:\Users\GUI\AppData\Roaming\ZHP
2018-05-14 09:04 - 2018-05-14 09:05 - 000000867 _____ C:\Users\GUI\Desktop\ZHPDiag.lnk
2018-05-14 09:04 - 2018-05-14 09:04 - 000000000 ____D C:\Users\GUI\AppData\Local\ZHP
2018-05-14 09:02 - 2018-05-14 09:24 - 000111541 _____ C:\WINDOWS\ZAM.krnl.trace
2018-05-14 09:02 - 2018-05-14 09:24 - 000015541 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-05-14 09:02 - 2018-05-14 09:02 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2018-05-14 09:02 - 2018-05-14 09:02 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2018-05-14 09:02 - 2018-05-14 09:02 - 000000000 ____D C:\Users\GUI\AppData\Local\Zemana
2018-05-14 09:02 - 2018-05-14 09:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2018-05-14 09:02 - 2018-05-14 09:02 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2018-05-14 09:00 - 2018-05-14 09:00 - 000000000 ____D C:\SecurityCheck
2018-05-13 22:17 - 2018-05-13 23:57 - 124674298 _____ C:\Users\GUI\Desktop\IDENTITE VISUELLE - IIM CDEB 2 - Prouet Plachez Oudet Ouaksel.rar
2018-05-13 11:32 - 2018-05-14 01:25 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2018-05-12 23:50 - 2018-05-12 23:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-05-12 23:29 - 2018-05-13 23:58 - 000000295 _____ C:\Users\GUI\Desktop\Nouveau document texte.txt
2018-05-12 17:47 - 2018-05-12 17:47 - 000070632 _____ C:\Users\GUI\Desktop\Addition.txt
2018-05-12 17:46 - 2018-05-14 09:24 - 000023336 _____ C:\Users\GUI\Desktop\FRST.txt
2018-05-12 17:28 - 2018-05-12 17:28 - 005200384 _____ (AVAST Software) C:\Users\GUI\Desktop\aswmbr.exe
2018-05-12 14:16 - 2018-05-12 14:17 - 000000000 ____D C:\AdwCleaner
2018-05-12 14:16 - 2018-05-12 14:16 - 007271632 _____ (Malwarebytes) C:\Users\GUI\Desktop\adwcleaner_7.1.1.exe
2018-05-12 14:05 - 2018-05-14 09:24 - 000000000 ____D C:\FRST
2018-05-12 14:05 - 2018-05-12 17:38 - 002404864 _____ (Farbar) C:\Users\GUI\Desktop\FRST64english.exe
2018-05-12 13:44 - 2018-05-07 21:26 - 000132488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-05-12 13:43 - 2018-05-12 13:43 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-05-12 13:43 - 2018-03-02 04:04 - 000828216 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-05-12 13:43 - 2018-03-02 04:03 - 000960312 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-05-12 13:43 - 2018-03-02 04:03 - 000683832 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-05-12 13:43 - 2018-03-02 04:03 - 000575800 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-05-12 13:42 - 2018-05-12 13:42 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-05-12 13:41 - 2018-05-08 23:22 - 001990688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439764.dll
2018-05-12 13:41 - 2018-05-08 23:22 - 001561504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-05-12 13:41 - 2018-05-08 23:22 - 001467992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439764.dll
2018-05-12 13:41 - 2018-05-08 23:22 - 001417816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-05-12 13:41 - 2018-05-08 23:22 - 001215576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-05-12 13:41 - 2018-05-08 23:22 - 001091432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-05-12 13:41 - 2018-05-08 23:22 - 000749928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-05-12 13:41 - 2018-05-08 23:22 - 000626776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-05-12 13:41 - 2018-05-08 23:22 - 000608704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-05-12 13:41 - 2018-05-08 23:22 - 000517888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 040346984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 035250776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 031273728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 025987296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 013725744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 011271400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 004347832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 003758496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 001358536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 001349712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 001157392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 001070504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 001064424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 000904720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 000813912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 000652344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 000634576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-05-12 13:41 - 2018-05-08 23:20 - 017779440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-05-12 13:41 - 2018-05-08 23:20 - 015191088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-05-10 13:40 - 2018-05-10 13:40 - 000003580 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-UL056C5-GUI
2018-05-10 13:40 - 2018-05-10 13:40 - 000000000 ____D C:\Users\GUI\AppData\Roaming\NVIDIA
2018-05-09 10:19 - 2018-05-03 09:57 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-09 10:19 - 2018-05-03 09:43 - 000373664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-09 10:19 - 2018-05-03 09:37 - 000749984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-05-09 10:19 - 2018-05-03 09:37 - 000408992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-05-09 10:19 - 2018-05-03 09:36 - 000437664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-05-09 10:19 - 2018-05-03 08:31 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-09 10:19 - 2018-05-03 08:26 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-05-09 10:19 - 2018-05-03 08:18 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-09 10:19 - 2018-05-03 08:16 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-05-09 10:19 - 2018-05-03 08:16 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-09 10:19 - 2018-05-03 08:16 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-05-09 10:19 - 2018-05-03 08:16 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-05-09 10:19 - 2018-05-03 08:16 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-09 10:19 - 2018-05-03 08:15 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-09 10:19 - 2018-05-03 08:12 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-05-09 10:19 - 2018-05-03 08:11 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-09 10:19 - 2018-05-03 08:09 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-09 10:19 - 2018-05-03 08:09 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-09 10:19 - 2018-05-03 08:07 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-09 10:19 - 2018-05-03 08:02 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2018-05-09 10:19 - 2018-05-03 08:00 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-09 10:19 - 2018-05-03 08:00 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-05-09 10:19 - 2018-05-03 08:00 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-05-09 10:19 - 2018-05-03 07:59 - 018924544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-09 10:19 - 2018-05-03 07:58 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-09 10:19 - 2018-05-03 07:57 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-09 10:19 - 2018-05-03 07:57 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-09 10:19 - 2018-05-03 07:57 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-05-09 10:19 - 2018-05-03 07:56 - 002677248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-05-09 10:19 - 2018-05-03 07:56 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-05-09 10:19 - 2018-05-03 07:56 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-05-09 10:19 - 2018-05-03 07:55 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-09 10:19 - 2018-05-03 07:54 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-05-09 10:19 - 2018-05-03 07:53 - 006060544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-09 10:19 - 2018-05-03 07:53 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-09 10:19 - 2018-05-03 07:52 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-09 10:19 - 2018-05-03 07:52 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-05-09 10:19 - 2018-05-03 07:52 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-09 10:19 - 2018-05-03 07:51 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-09 10:19 - 2018-05-03 07:48 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-05-09 10:19 - 2018-04-16 00:04 - 000779952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-05-09 10:19 - 2018-04-15 23:49 - 001954056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-05-09 10:19 - 2018-04-15 23:49 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-05-09 10:19 - 2018-04-15 23:47 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-05-09 10:19 - 2018-04-15 23:33 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-05-09 10:19 - 2018-04-15 23:32 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-05-09 10:19 - 2018-04-15 23:26 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayR eady.dll
2018-05-09 10:19 - 2018-04-15 23:25 - 001430768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-05-09 10:19 - 2018-04-15 22:47 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-05-09 10:19 - 2018-04-15 22:47 - 001490856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store .dll
2018-05-09 10:19 - 2018-04-15 22:47 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-09 10:19 - 2018-04-15 22:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-05-09 10:19 - 2018-04-15 22:47 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-05-09 10:19 - 2018-04-15 22:38 - 001123464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-05-09 10:19 - 2018-04-15 22:34 - 006482664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayR eady.dll
2018-05-09 10:19 - 2018-04-15 22:14 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-05-09 10:19 - 2018-04-15 22:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-05-09 10:19 - 2018-04-15 22:14 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-05-09 10:19 - 2018-04-15 22:14 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-05-09 10:19 - 2018-04-15 22:12 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-05-09 10:19 - 2018-04-15 22:12 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-05-09 10:19 - 2018-04-15 22:12 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-05-09 10:19 - 2018-04-15 22:08 - 006576128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-09 10:19 - 2018-04-15 22:08 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-05-09 10:19 - 2018-04-15 22:08 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store .TestingFramework.dll
2018-05-09 10:19 - 2018-04-15 22:07 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-05-09 10:19 - 2018-04-15 22:07 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-05-09 10:19 - 2018-04-15 22:07 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store .TestingFramework.dll
2018-05-09 10:19 - 2018-04-15 22:07 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-05-09 10:19 - 2018-04-15 22:06 - 011924480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-09 10:19 - 2018-04-15 22:06 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-05-09 10:19 - 2018-04-15 22:06 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-05-09 10:19 - 2018-04-15 22:05 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-05-09 10:19 - 2018-04-15 22:04 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-05-09 10:19 - 2018-04-15 22:04 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-05-09 10:19 - 2018-04-15 22:04 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-05-09 10:19 - 2018-04-15 22:03 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-09 10:19 - 2018-04-15 22:03 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-05-09 10:19 - 2018-04-15 22:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-05-09 10:19 - 2018-04-15 22:02 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-05-09 10:19 - 2018-04-15 22:02 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-05-09 10:19 - 2018-04-15 22:00 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-05-09 10:18 - 2018-05-03 09:56 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-05-09 10:18 - 2018-05-03 09:56 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-05-09 10:18 - 2018-05-03 09:54 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-05-09 10:18 - 2018-05-03 09:54 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-05-09 10:18 - 2018-05-03 09:53 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-09 10:18 - 2018-05-03 09:53 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-05-09 10:18 - 2018-05-03 09:52 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-05-09 10:18 - 2018-05-03 09:52 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-09 10:18 - 2018-05-03 09:52 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-05-09 10:18 - 2018-05-03 09:51 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-05-09 10:18 - 2018-05-03 09:50 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-05-09 10:18 - 2018-05-03 09:50 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-05-09 10:18 - 2018-05-03 09:50 - 000423328 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-05-09 10:18 - 2018-05-03 09:50 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-05-09 10:18 - 2018-05-03 09:49 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-05-09 10:18 - 2018-05-03 09:48 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-05-09 10:18 - 2018-05-03 09:48 - 000793960 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-09 10:18 - 2018-05-03 09:48 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-05-09 10:18 - 2018-05-03 09:48 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-05-09 10:18 - 2018-05-03 09:47 - 008600472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-09 10:18 - 2018-05-03 09:47 - 001209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-09 10:18 - 2018-05-03 09:45 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-09 10:18 - 2018-05-03 09:45 - 000711936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-05-09 10:18 - 2018-05-03 09:43 - 000702568 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2018-05-09 10:18 - 2018-05-03 09:41 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-05-09 10:18 - 2018-05-03 09:38 - 002574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-09 10:18 - 2018-05-03 09:36 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-09 10:18 - 2018-05-03 09:36 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-09 10:18 - 2018-05-03 09:36 - 000247200 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-05-09 10:18 - 2018-05-03 09:35 - 002472864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-05-09 10:18 - 2018-05-03 09:35 - 000358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-05-09 10:18 - 2018-05-03 09:34 - 021356824 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-09 10:18 - 2018-05-03 09:34 - 000070864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-05-09 10:18 - 2018-05-03 09:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-05-09 10:18 - 2018-05-03 08:44 - 000595448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2018-05-09 10:18 - 2018-05-03 08:43 - 000594056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-09 10:18 - 2018-05-03 08:39 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-05-09 10:18 - 2018-05-03 08:36 - 025254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-09 10:18 - 2018-05-03 08:31 - 006092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-09 10:18 - 2018-05-03 08:29 - 000285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-05-09 10:18 - 2018-05-03 08:28 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-05-09 10:18 - 2018-05-03 08:25 - 020290248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-05-09 10:18 - 2018-05-03 08:19 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-09 10:18 - 2018-05-03 08:19 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-05-09 10:18 - 2018-05-03 08:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-09 10:18 - 2018-05-03 08:18 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-05-09 10:18 - 2018-05-03 08:18 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-05-09 10:18 - 2018-05-03 08:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-05-09 10:18 - 2018-05-03 08:17 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-05-09 10:18 - 2018-05-03 08:16 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-09 10:18 - 2018-05-03 08:16 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2018-05-09 10:18 - 2018-05-03 08:16 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-09 10:18 - 2018-05-03 08:16 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-09 10:18 - 2018-05-03 08:16 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-05-09 10:18 - 2018-05-03 08:15 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\itircl.dll
2018-05-09 10:18 - 2018-05-03 08:15 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-05-09 10:18 - 2018-05-03 08:14 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-09 10:18 - 2018-05-03 08:14 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-05-09 10:18 - 2018-05-03 08:14 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-05-09 10:18 - 2018-05-03 08:13 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-05-09 10:18 - 2018-05-03 08:13 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-05-09 10:18 - 2018-05-03 08:12 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-09 10:18 - 2018-05-03 08:12 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-09 10:18 - 2018-05-03 08:12 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-05-09 10:18 - 2018-05-03 08:09 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-09 10:18 - 2018-05-03 08:09 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-09 10:18 - 2018-05-03 08:09 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-09 10:18 - 2018-05-03 08:09 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-09 10:18 - 2018-05-03 08:09 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-09 10:18 - 2018-05-03 08:09 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-09 10:18 - 2018-05-03 08:09 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-09 10:18 - 2018-05-03 08:09 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-05-09 10:18 - 2018-05-03 08:08 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-05-09 10:18 - 2018-05-03 08:08 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-09 10:18 - 2018-05-03 08:06 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-05-09 10:18 - 2018-05-03 08:05 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-09 10:18 - 2018-05-03 08:05 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2018-05-09 10:18 - 2018-05-03 08:05 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-05-09 10:18 - 2018-05-03 08:04 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-05-09 10:18 - 2018-05-03 08:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-05-09 10:18 - 2018-05-03 08:03 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-05-09 10:18 - 2018-05-03 08:03 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-05-09 10:18 - 2018-05-03 07:58 - 006467072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-05-09 10:18 - 2018-05-03 07:57 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itircl.dll
2018-05-09 10:18 - 2018-05-03 07:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2018-05-09 10:18 - 2018-05-03 07:57 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-09 10:18 - 2018-05-03 07:57 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-09 10:18 - 2018-05-03 07:53 - 007813120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-09 10:18 - 2018-05-03 07:53 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-09 10:18 - 2018-05-03 07:51 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-05-09 10:18 - 2018-05-03 07:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-09 10:18 - 2018-05-03 07:50 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-09 10:18 - 2018-05-03 07:49 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-05-09 10:18 - 2018-05-03 07:48 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-09 10:18 - 2018-05-03 07:48 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2018-05-09 10:18 - 2018-05-03 07:47 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-05-09 10:18 - 2018-04-16 00:07 - 001463344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-05-09 10:18 - 2018-04-16 00:03 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-05-09 10:18 - 2018-04-15 23:57 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-05-09 10:18 - 2018-04-15 23:51 - 002513920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-05-09 10:18 - 2018-04-15 23:50 - 001925760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store .dll
2018-05-09 10:18 - 2018-04-15 23:49 - 000563632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-05-09 10:18 - 2018-04-15 23:48 - 005859248 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-05-09 10:18 - 2018-04-15 23:48 - 001638424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-05-09 10:18 - 2018-04-15 23:38 - 003180720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-05-09 10:18 - 2018-04-15 23:38 - 000979360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-05-09 10:18 - 2018-04-15 23:34 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-05-09 10:18 - 2018-04-15 23:33 - 001269616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-05-09 10:18 - 2018-04-15 23:32 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-05-09 10:18 - 2018-04-15 23:30 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-05-09 10:18 - 2018-04-15 23:29 - 001873944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2018-05-09 10:18 - 2018-04-15 23:29 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-05-09 10:18 - 2018-04-15 23:29 - 000198440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2018-05-09 10:18 - 2018-04-15 23:28 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-09 10:18 - 2018-04-15 23:26 - 002711176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-09 10:18 - 2018-04-15 23:26 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-05-09 10:18 - 2018-04-15 23:25 - 000661920 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2018-05-09 10:18 - 2018-04-15 23:25 - 000327008 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2018-05-09 10:18 - 2018-04-15 23:25 - 000092032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2018-05-09 10:18 - 2018-04-15 23:24 - 000063656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2018-05-09 10:18 - 2018-04-15 23:23 - 001101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-05-09 10:18 - 2018-04-15 22:47 - 001929712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-05-09 10:18 - 2018-04-15 22:47 - 001323336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-05-09 10:18 - 2018-04-15 22:38 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-05-09 10:18 - 2018-04-15 22:38 - 000444280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-05-09 10:18 - 2018-04-15 22:37 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-05-09 10:18 - 2018-04-15 22:36 - 002386832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-05-09 10:18 - 2018-04-15 22:36 - 001575896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2018-05-09 10:18 - 2018-04-15 22:36 - 000832648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-05-09 10:18 - 2018-04-15 22:36 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-09 10:18 - 2018-04-15 22:35 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-05-09 10:18 - 2018-04-15 22:34 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-05-09 10:18 - 2018-04-15 22:34 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-05-09 10:18 - 2018-04-15 22:34 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-05-09 10:18 - 2018-04-15 22:34 - 000572312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2018-05-09 10:18 - 2018-04-15 22:34 - 000279472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2018-05-09 10:18 - 2018-04-15 22:34 - 000166408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2018-05-09 10:18 - 2018-04-15 22:34 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-05-09 10:18 - 2018-04-15 22:34 - 000052248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2018-05-09 10:18 - 2018-04-15 22:16 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-05-09 10:18 - 2018-04-15 22:15 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-05-09 10:18 - 2018-04-15 22:15 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2018-05-09 10:18 - 2018-04-15 22:14 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-05-09 10:18 - 2018-04-15 22:14 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-05-09 10:18 - 2018-04-15 22:14 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-05-09 10:18 - 2018-04-15 22:14 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-05-09 10:18 - 2018-04-15 22:14 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-05-09 10:18 - 2018-04-15 22:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-05-09 10:18 - 2018-04-15 22:13 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-05-09 10:18 - 2018-04-15 22:13 - 000084992 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-05-09 10:18 - 2018-04-15 22:12 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-05-09 10:18 - 2018-04-15 22:12 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2018-05-09 10:18 - 2018-04-15 22:11 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-05-09 10:18 - 2018-04-15 22:11 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.d ll
2018-05-09 10:18 - 2018-04-15 22:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-05-09 10:18 - 2018-04-15 22:11 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2018-05-09 10:18 - 2018-04-15 22:11 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2018-05-09 10:18 - 2018-04-15 22:11 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2018-05-09 10:18 - 2018-04-15 22:11 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-05-09 10:18 - 2018-04-15 22:10 - 001576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-05-09 10:18 - 2018-04-15 22:10 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-09 10:18 - 2018-04-15 22:10 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-05-09 10:18 - 2018-04-15 22:10 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-05-09 10:18 - 2018-04-15 22:10 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dl l
2018-05-09 10:18 - 2018-04-15 22:10 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-05-09 10:18 - 2018-04-15 22:10 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-05-09 10:18 - 2018-04-15 22:10 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-05-09 10:18 - 2018-04-15 22:10 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.d ll
2018-05-09 10:18 - 2018-04-15 22:10 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-05-09 10:18 - 2018-04-15 22:10 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-05-09 10:18 - 2018-04-15 22:10 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2018-05-09 10:18 - 2018-04-15 22:10 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2018-05-09 10:18 - 2018-04-15 22:09 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-05-09 10:18 - 2018-04-15 22:09 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-05-09 10:18 - 2018-04-15 22:09 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2018-05-09 10:18 - 2018-04-15 22:09 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-05-09 10:18 - 2018-04-15 22:09 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2018-05-09 10:18 - 2018-04-15 22:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-05-09 10:18 - 2018-04-15 22:08 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shel l.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHan dlers.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandle r.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 012689920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 008031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.deskt op.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authenticatio n.Web.Core.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dl l
2018-05-09 10:18 - 2018-04-15 22:07 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authenticatio n.Web.Core.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2018-05-09 10:18 - 2018-04-15 22:06 - 013660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-09 10:18 - 2018-04-15 22:06 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dl l
2018-05-09 10:18 - 2018-04-15 22:06 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-05-09 10:18 - 2018-04-15 22:06 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-05-09 10:18 - 2018-04-15 22:06 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2018-05-09 10:18 - 2018-04-15 22:06 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2018-05-09 10:18 - 2018-04-15 22:05 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-05-09 10:18 - 2018-04-15 22:05 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-05-09 10:18 - 2018-04-15 22:05 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dl l
2018-05-09 10:18 - 2018-04-15 22:05 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-05-09 10:18 - 2018-04-15 22:05 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dl l
2018-05-09 10:18 - 2018-04-15 22:05 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 012833280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.oneco re.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 001236480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 000997376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-05-09 10:18 - 2018-04-15 22:04 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.service provider.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 004248064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 003177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-05-09 10:18 - 2018-04-15 22:03 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-05-09 10:18 - 2018-04-15 22:02 - 004814336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-05-09 10:18 - 2018-04-15 22:02 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-05-09 10:18 - 2018-04-15 22:02 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-05-09 10:18 - 2018-04-15 22:01 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-05-09 10:18 - 2018-04-15 22:01 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2018-05-09 10:18 - 2018-04-15 22:01 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-05-09 10:18 - 2018-04-15 22:01 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2018-05-09 10:18 - 2018-04-15 22:01 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-05-09 10:18 - 2018-04-15 22:01 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2018-05-09 10:18 - 2018-04-15 22:00 - 002223616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-05-09 10:18 - 2018-04-15 22:00 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-05-09 10:18 - 2018-04-15 22:00 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2018-05-09 10:18 - 2018-04-15 22:00 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-05-09 10:18 - 2018-04-15 22:00 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2018-05-09 10:18 - 2018-04-15 22:00 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2018-05-09 10:18 - 2018-04-15 22:00 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2018-05-09 10:18 - 2018-04-15 22:00 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-05-09 10:18 - 2018-04-15 22:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-05-09 10:18 - 2018-04-15 22:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2018-05-09 10:18 - 2018-04-15 21:59 - 001332736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2018-05-09 10:18 - 2018-04-15 21:59 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-05-09 10:18 - 2018-04-15 21:58 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2018-05-09 10:18 - 2018-04-15 21:58 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-05-09 10:18 - 2017-11-26 15:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-05-08 10:34 - 2018-05-12 18:21 - 000000000 ____D C:\Users\GUI\AppData\Local\NVIDIA
2018-05-08 10:34 - 2018-05-12 10:21 - 000000000 ____D C:\Users\GUI\AppData\Local\NVIDIA Corporation
2018-05-08 10:34 - 2018-05-08 10:34 - 000001493 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-05-08 10:34 - 2018-05-07 21:15 - 005947976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-05-08 10:34 - 2018-05-07 21:15 - 002612520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-05-08 10:34 - 2018-05-07 21:15 - 001767552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-05-08 10:34 - 2018-05-07 21:15 - 000634952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-05-08 10:34 - 2018-05-07 21:15 - 000450856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-05-08 10:34 - 2018-05-07 21:15 - 000124384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-05-08 10:34 - 2018-05-07 21:15 - 000083240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-05-08 10:34 - 2018-04-25 08:18 - 008173402 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-05-08 10:34 - 2018-04-24 20:52 - 000195432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-05-08 10:34 - 2018-04-24 20:52 - 000161648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-05-08 10:34 - 2018-04-22 13:04 - 002137024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-05-08 10:34 - 2018-04-22 13:04 - 001310144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-05-08 10:34 - 2018-04-22 13:04 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-05-08 10:33 - 2018-05-14 09:08 - 000000000 ____D C:\ProgramData\NVIDIA
2018-05-08 10:33 - 2018-05-07 21:16 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-05-08 10:33 - 2018-04-28 04:06 - 000552480 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-05-08 10:33 - 2018-04-28 04:06 - 000457144 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-05-08 10:32 - 2018-05-12 13:44 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-05-08 10:32 - 2018-05-08 23:20 - 004089240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-05-08 10:32 - 2018-05-07 23:04 - 000058816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-05-08 10:32 - 2018-05-07 23:04 - 000044277 _____ C:\WINDOWS\system32\nvinfo.pb
2018-05-08 10:32 - 2018-04-28 04:04 - 001990584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439731.dll
2018-05-08 10:32 - 2018-04-28 04:04 - 001467992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439731.dll
2018-05-08 10:32 - 2018-04-24 21:33 - 001688104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2018-05-08 10:32 - 2018-04-24 21:33 - 000226280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2018-05-08 10:32 - 2018-04-24 21:33 - 000046064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2018-05-08 10:32 - 2018-04-24 20:52 - 000059240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2018-05-08 10:30 - 2018-05-08 10:30 - 000000000 ____D C:\NVIDIA
2018-05-08 10:15 - 2018-05-08 10:30 - 000000000 ____D C:\Program Files (x86)\Free Window Registry Repair
2018-05-08 10:15 - 2018-05-08 10:27 - 000000000 ____D C:\Users\GUI\AppData\Roaming\Free Window Registry Repair
2018-05-08 10:15 - 2018-05-08 10:15 - 000000000 ____D C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Free Window Registry Repair
2018-05-08 09:55 - 2018-05-08 10:25 - 000000000 ____D C:\Users\GUI\Desktop\Jeux
2018-05-08 08:15 - 2018-05-08 09:59 - 000000000 ___D C:\Users\GUI\Desktop\pickup
2018-05-06 18:03 - 2018-05-08 10:37 - 000003140 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLog on{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-04 00:44 - 2018-05-04 00:44 - 000001497 _____ C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Infini2y. Pack of Transitions’ Presets.lnk
2018-05-02 13:14 - 2018-05-02 13:14 - 001301139 _____ C:\WINDOWS\unins000.exe
2018-05-02 13:14 - 2018-05-02 13:14 - 000137655 _____ C:\WINDOWS\unins000.dat
2018-05-02 13:14 - 2018-05-02 13:14 - 000000000 ____D C:\ProgramData\FXHOME
2018-05-02 13:14 - 2016-12-12 03:36 - 001655296 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\system32\libeay32.dll
2018-05-02 13:14 - 2016-12-12 03:36 - 000348160 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\system32\ssleay32.dll
2018-05-02 13:14 - 2013-10-05 01:58 - 000963232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pmsvcr120.dll
2018-05-02 13:14 - 2013-10-05 01:58 - 000660128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pmsvcp120.dll
2018-05-02 13:14 - 2013-10-05 01:58 - 000356528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pvccorlib120.dll
2018-05-02 00:27 - 2018-05-14 00:30 - 000000000 ____D C:\Users\GUI\Documents\ShareX
2018-05-02 00:27 - 2018-05-02 00:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShareX
2018-05-02 00:27 - 2018-05-02 00:27 - 000000000 ____D C:\Program Files\ShareX
2018-04-28 16:52 - 2018-04-28 16:52 - 000000000 ____D C:\Users\GUI\AppData\Local\Hero_Siege
2018-04-26 18:53 - 2018-04-26 18:53 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-04-26 18:53 - 2018-04-26 18:53 - 000000000 ____D C:\Program Files\CCleaner
2018-04-26 18:38 - 2018-05-10 23:47 - 000000000 ____D C:\Users\GUI\AppData\Roaming\Molotov
2018-04-26 18:38 - 2018-04-26 18:38 - 000002255 _____ C:\Users\GUI\Desktop\Molotov.lnk
2018-04-26 18:38 - 2018-04-26 18:38 - 000000000 ____D C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Molotov
2018-04-26 18:38 - 2018-04-26 18:38 - 000000000 ____D C:\Users\GUI\AppData\Local\Molotov
2018-04-26 18:26 - 2018-04-26 18:26 - 000001306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2018-04-26 01:32 - 2018-04-26 01:32 - 000000000 ____D C:\ProgramData\aescripts
2018-04-26 01:31 - 2018-04-26 01:32 - 000000000 ____D C:\Users\GUI\AppData\Roaming\aescripts
2018-04-26 01:31 - 2018-04-26 01:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aescripts
2018-04-26 00:32 - 2018-04-26 00:32 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign43d18a5fdd1b 4514
2018-04-26 00:31 - 2018-04-26 00:31 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsignf0f5068fecee 5a82
2018-04-26 00:31 - 2018-04-26 00:31 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsignc49c3dd71168 6c9c
2018-04-26 00:31 - 2018-04-26 00:31 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign3b1f9197ad48 c676
2018-04-26 00:31 - 2018-04-26 00:31 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign2d317a5f4608 fd90
2018-04-26 00:30 - 2018-04-26 00:30 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsigna3d889681ebf 14c9
2018-04-26 00:25 - 2018-04-26 00:25 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsignedc92e2e6b33 69bf
2018-04-26 00:25 - 2018-04-26 00:25 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsignd7b4f570afd3 52a0
2018-04-26 00:25 - 2018-04-26 00:25 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsignc1213f9b419e ee20
2018-04-26 00:25 - 2018-04-26 00:25 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign58599ae5ba05 3274
2018-04-26 00:25 - 2018-04-26 00:25 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign126210bca674 0e95
2018-04-26 00:24 - 2018-04-26 00:24 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign8acacf2fe908 5008
2018-04-26 00:24 - 2018-04-26 00:24 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign0f5797946d0d fd05
2018-04-25 14:20 - 2018-04-25 15:56 - 000000000 ____D C:\Users\GUI\Desktop\DDNet-11.1.4-win64
2018-04-25 12:30 - 2018-04-25 12:30 - 001690609 _____ C:\Users\GUI\Desktop\Stop Stealing Sheep - Typography.pdf
2018-04-25 11:38 - 2018-04-25 11:38 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign11a9026f77ea efcd
2018-04-25 00:28 - 2018-05-08 03:12 - 000000000 ____D C:\Users\GUI\AppData\Roaming\Parsec
2018-04-25 00:28 - 2018-04-25 00:28 - 000000000 ____D C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Parsec
2018-04-25 00:28 - 2018-04-25 00:28 - 000000000 ____D C:\Program Files\Parsec
2018-04-24 18:13 - 2018-04-24 18:14 - 000000000 ____D C:\Users\GUI\AppData\Local\The_Swords_of_Ditto
2018-04-24 09:57 - 2018-04-24 09:57 - 000001110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic CC.lnk
2018-04-24 09:54 - 2018-04-24 09:54 - 000001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC 2018.lnk
2018-04-24 09:53 - 2018-04-24 09:53 - 000000000 ____D C:\Users\Public\Documents\Steam
2018-04-24 09:53 - 2018-04-24 09:53 - 000000000 ____D C:\Users\GUI\AppData\Roaming\FiraxisLive
2018-04-24 09:52 - 2018-04-24 09:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sid Meiers Civilization VI Rise and Fall
2018-04-24 09:51 - 2018-04-24 09:51 - 000002524 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2018.lnk
2018-04-24 09:49 - 2018-04-24 09:52 - 000000000 ____D C:\Users\GUI\Desktop\Civ6
2018-04-24 09:49 - 2018-04-24 09:49 - 000001089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2018.lnk
2018-04-24 09:47 - 2018-04-24 09:48 - 000000062 _____ C:\Users\GUI\AppData\Roaming~SiMPLEX.ini
2018-04-24 09:47 - 2018-04-24 09:48 - 000000000 ____D C:\Users\GUI\Desktop\Northgard
2018-04-22 20:18 - 2018-05-13 11:32 - 000000000 ____D C:\Users\GUI\Desktop\indesign
2018-04-22 20:15 - 2018-04-22 20:16 - 000000000 ____D C:\Users\GUI\Desktop\PPT TUTO
2018-04-22 20:13 - 2018-04-24 09:55 - 000000000 ____D C:\Users\GUI\Desktop\terraria
2018-04-22 19:59 - 2018-05-08 18:21 - 000000000 ____D C:\Users\GUI\Desktop\tw
2018-04-22 19:46 - 2018-04-22 19:46 - 023412381 _____ C:\Users\GUI\Desktop\vgb-dr-2017-mise-en-ligne.pdf
2018-04-22 19:46 - 2018-04-22 19:46 - 001153898 _____ C:\Users\GUI\Desktop\renault_q1-2017-financial-results.pdf
2018-04-19 17:20 - 2018-04-19 17:20 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign1d4145d8e753 eebc
2018-04-19 16:21 - 2018-04-19 16:21 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign2d3c6933b956 4238
2018-04-19 16:14 - 2018-04-19 16:14 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign21e26c4c4ec0 074c
2018-04-19 10:09 - 2018-05-13 12:31 - 000001873 _____ C:\Users\GUI\Desktop\photoshop.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-14 09:03 - 2017-11-28 18:17 - 000000000 ____D C:\Users\GUI\Desktop\ARAWAK
2018-05-14 09:02 - 2017-09-17 12:00 - 000000000 ____D C:\Users\GUI\AppData\Local\ClassicShell
2018-05-14 08:59 - 2017-09-17 13:11 - 000000000 ____D C:\Program Files (x86)\Steam
2018-05-14 00:59 - 2017-09-17 13:12 - 000000000 ____D C:\Users\GUI\AppData\LocalLow\Mozilla
2018-05-14 00:43 - 2018-03-29 14:29 - 000000000 ____D C:\Users\GUI\Desktop\projet
2018-05-13 23:59 - 2017-09-17 16:09 - 000000000 ____D C:\Users\GUI\AppData\Roaming\vlc
2018-05-13 19:28 - 2017-09-17 13:12 - 000000000 ____D C:\Users\GUI\AppData\Local\CrashDumps
2018-05-13 18:30 - 2017-09-17 14:11 - 000000033 _____ C:\Users\GUI\AppData\Roaming\AdobeWLCMCache.dat
2018-05-13 15:52 - 2017-11-23 22:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-13 14:21 - 2017-11-23 22:20 - 000000000 ____D C:\Users\GUI\AppData\Local\Packages
2018-05-13 10:57 - 2017-09-17 12:18 - 000000000 ___RD C:\Users\GUI\Creative Cloud Files
2018-05-13 10:57 - 2017-09-17 12:08 - 000000000 ____D C:\Users\GUI\AppData\Local\Adobe
2018-05-13 09:46 - 2017-09-17 13:11 - 000000000 ____D C:\Users\GUI\AppData\Local\Battle.net
2018-05-13 09:46 - 2017-09-17 13:11 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2018-05-12 23:54 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-12 23:54 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-12 23:53 - 2017-11-01 16:54 - 000000000 ____D C:\Program Files (x86)\Minecraft
2018-05-12 23:48 - 2017-09-17 13:31 - 000000000 ____D C:\Users\GUI\Documents\My Games
2018-05-12 23:47 - 2018-03-29 19:05 - 000000000 __HDC C:\ProgramData~0
2018-05-12 20:42 - 2017-09-16 12:45 - 000002900 _____ C:\Users\GUI\Desktop\rocketleaguevideo.txt
2018-05-12 18:21 - 2017-09-17 16:33 - 000000000 ____D C:\Users\GUI\AppData\Roaming\Teeworlds
2018-05-12 14:30 - 2017-11-23 22:28 - 002521994 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-12 14:30 - 2017-09-30 16:40 - 001180690 _____ C:\WINDOWS\system32\perfh00C.dat
2018-05-12 14:30 - 2017-09-30 16:40 - 000262188 _____ C:\WINDOWS\system32\perfc00C.dat
2018-05-12 14:26 - 2017-11-23 22:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-12 14:26 - 2017-11-23 22:17 - 000565320 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-12 14:17 - 2017-09-29 10:45 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2018-05-12 13:44 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-05-12 13:44 - 2017-09-17 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-05-12 11:02 - 2017-09-17 12:10 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-05-11 16:59 - 2017-09-25 13:08 - 000000000 ____D C:\Users\GUI\AppData\Roaming\audacity
2018-05-11 13:38 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-05-10 09:00 - 2017-10-30 20:44 - 000000000 ____D C:\Users\GUI\Desktop\macro
2018-05-10 09:00 - 2017-09-16 12:51 - 000000000 ____D C:\Users\GUI\Documents\PoE-TradeMacro
2018-05-10 09:00 - 2017-09-16 12:45 - 000000000 ____D C:\Users\GUI\Documents\AutoHotKey
2018-05-09 20:04 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-05-09 19:55 - 2017-10-21 11:17 - 000000000 ___RD C:\Users\GUI\3D Objects
2018-05-09 19:55 - 2017-09-17 11:29 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-09 13:28 - 2017-11-23 22:20 - 000000000 ____D C:\Users\GUI
2018-05-09 13:28 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-05-09 13:28 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-05-09 13:28 - 2017-09-29 15:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-09 13:28 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-05-09 13:28 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-09 13:28 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-05-09 13:28 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-05-09 13:28 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\servicing
2018-05-09 12:41 - 2017-09-17 13:12 - 000000000 ____D C:\Users\GUI\AppData\Roaming\discord
2018-05-09 10:24 - 2017-09-17 14:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-09 10:22 - 2017-10-11 18:32 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-09 10:22 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-09 10:22 - 2017-09-17 14:20 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-09 10:20 - 2017-09-29 15:42 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2018-05-09 10:20 - 2017-09-29 15:41 - 000073112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-05-09 10:20 - 2017-09-29 15:41 - 000020888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2018-05-09 10:19 - 2017-09-29 15:41 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2018-05-09 08:42 - 2017-09-17 12:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-05-09 08:41 - 2017-09-17 12:59 - 000179376 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2018-05-09 08:41 - 2017-09-17 12:59 - 000169864 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2018-05-08 23:20 - 2017-11-11 13:48 - 004814040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-05-08 18:21 - 2017-09-17 19:30 - 000000000 _D C:\Users\GUI\Desktop\Rocket League Mods
2018-05-08 10:50 - 2018-03-28 22:39 - 000000000 D C:\Users\GUI\Desktop\Tools
2018-05-08 10:37 - 2017-11-23 22:27 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-08 10:37 - 2017-11-23 22:27 - 000003176 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-08 10:37 - 2017-11-23 22:27 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-08 10:37 - 2017-11-23 22:27 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-08 10:37 - 2017-11-23 22:27 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-08 10:37 - 2017-11-23 22:27 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-08 10:37 - 2017-11-23 22:27 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-08 10:34 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\Help
2018-05-08 10:34 - 2017-09-17 11:28 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-05-08 10:34 - 2017-09-17 11:28 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-05-08 10:29 - 2017-09-17 11:29 - 000000000 ____D C:\Users\GUI\AppData\Roaming\Adobe
2018-05-08 10:28 - 2017-09-17 17:22 - 000000000 ____D C:\Users\GUI\Desktop\backup
2018-05-08 10:19 - 2018-03-28 22:59 - 000000000 ____D C:\Users\GUI\Desktop\Series
2018-05-08 10:18 - 2017-09-17 17:17 - 000000000 ____D C:\Users\GUI\Desktop\school
2018-05-08 10:16 - 2017-10-06 23:59 - 000004086 _____ C:\Users\GUI\Desktop\wrkt.txt
2018-05-08 10:13 - 2017-09-17 11:29 - 000000000 ____D C:\Users\GUI\AppData\Local\VirtualStore
2018-05-08 10:05 - 2017-09-17 14:48 - 000000000 ____D C:\Users\GUI\AppData\Roaming\DAEMON Tools Pro
2018-05-08 09:59 - 2017-09-26 09:51 - 000000600 _____ C:\Users\GUI\AppData\Local\PUTTY.RND
2018-05-07 20:05 - 2017-09-17 13:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-06 08:33 - 2017-09-25 23:52 - 000000000 ____D C:\ProgramData\Epic
2018-05-03 18:58 - 2017-09-17 17:33 - 000000000 ____D C:\Users\GUI\AppData\Roaming\HandBrake
2018-05-03 08:59 - 2015-09-13 15:39 - 000398136 __RSH C:\bootmgr
2018-05-02 13:14 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\Resources
2018-05-02 11:09 - 2017-09-17 13:12 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-05-02 11:09 - 2017-09-17 13:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-05-02 10:56 - 2017-09-17 13:29 - 000000059 _____ C:\Users\GUI\AppData\Local\UserProducts.xml
2018-05-01 23:25 - 2017-09-29 15:49 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-05-01 23:25 - 2017-09-29 15:49 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-01 21:22 - 2017-09-17 13:12 - 000000000 ____D C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Discord Inc
2018-05-01 21:22 - 2017-09-17 13:12 - 000000000 ____D C:\Users\GUI\AppData\Local\Discord
2018-05-01 20:57 - 2017-09-17 11:30 - 000002409 _____ C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\OneDrive.lnk
2018-05-01 20:57 - 2017-09-17 11:30 - 000000000 ___RD C:\Users\GUI\OneDrive
2018-04-29 23:34 - 2017-09-17 15:00 - 000000000 ____D C:\Users\GUI\AppData\Roaming\TS3Client
2018-04-28 01:43 - 2017-09-17 11:31 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-04-26 18:38 - 2017-09-17 13:12 - 000000000 ____D C:\Users\GUI\AppData\Local\SquirrelTemp
2018-04-26 01:31 - 2017-09-17 12:14 - 000000000 ____D C:\Program Files\Common Files\Adobe
2018-04-26 00:25 - 2017-10-31 16:43 - 000000000 ____D C:\Users\GUI\AppData\Local\Red Giant
2018-04-25 10:23 - 2018-01-23 02:57 - 000000000 ____D C:\WINDOWS\Minidump
2018-04-24 22:28 - 2017-11-17 12:29 - 000000000 ___DC C:\WINDOWS\Panther
2018-04-24 22:28 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-04-24 09:57 - 2017-09-17 12:14 - 000000000 ____D C:\Program Files\Adobe
2018-04-24 09:49 - 2017-09-17 12:17 - 000000000 ____D C:\Users\GUI\Documents\Adobe
2018-04-24 09:49 - 2017-09-17 12:10 - 000000000 ____D C:\ProgramData\Adobe
2018-04-24 09:44 - 2017-09-17 12:10 - 000000000 ____D C:\ProgramData\Package Cache
2018-04-22 13:04 - 2017-09-17 12:18 - 002480064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-04-16 12:42 - 2018-03-10 03:52 - 000000000 ____D C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Brave Software
2018-04-16 12:42 - 2018-03-10 03:52 - 000000000 ____D C:\Users\GUI\AppData\Roaming\brave
2018-04-16 12:42 - 2018-03-10 03:52 - 000000000 ____D C:\Users\GUI\AppData\Local\Brave
2018-04-16 12:42 - 2018-02-04 15:00 - 000000000 ____D C:\WINDOWS\System32\Tasks\MEGA

==================== Files in the root of some directories =======

2017-09-17 12:34 - 2017-09-17 15:06 - 000012258 _____ () C:\Program Files\Common Files\csdkConfiguratorLog.txt
2017-09-17 14:11 - 2018-05-13 18:30 - 000000033 _____ () C:\Users\GUI\AppData\Roaming\AdobeWLCMCache.dat
2017-10-21 11:40 - 2017-10-24 15:59 - 000000109 _____ () C:\Users\GUI\AppData\Roaming\D2Info0
2017-10-21 11:40 - 2017-10-24 16:41 - 000000008 _____ () C:\Users\GUI\AppData\Roaming\DofusAppId0_1
2017-10-23 17:21 - 2017-10-23 17:29 - 000000008 _____ () C:\Users\GUI\AppData\Roaming\DofusAppId0_2
2017-09-21 20:06 - 2017-09-21 21:56 - 000000028 _____ () C:\Users\GUI\AppData\Roaming\kulerdata.json
2018-04-24 09:47 - 2018-04-24 09:48 - 000000062 _____ () C:\Users\GUI\AppData\Roaming~SiMPLEX.ini
2018-03-30 09:53 - 2018-03-30 09:53 - 000001456 _____ () C:\Users\GUI\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-09-19 00:55 - 2017-11-06 21:23 - 000000081 _____ () C:\Users\GUI\AppData\Local\FILM_AE_LogFile.txt
2017-09-26 09:51 - 2018-05-08 09:59 - 000000600 _____ () C:\Users\GUI\AppData\Local\PUTTY.RND
2017-09-22 04:36 - 2017-09-22 04:36 - 000000717 _____ () C:\Users\GUI\AppData\Local\recently-used.xbel
2017-09-17 13:29 - 2017-09-17 13:29 - 000000003 _____ () C:\Users\GUI\AppData\Local\updater.log
2017-09-17 13:29 - 2018-05-02 10:56 - 000000059 _____ () C:\Users\GUI\AppData\Local\UserProducts.xml
[HEADING=1]Some files in TEMP:[/HEADING]
2018-05-09 20:11 - 2018-05-09 20:11 - 000084731 _____ () C:\Users\GUI\AppData\Local\Temp\JNativeHook-5B1590FA829A6B697D80B3EFB82CAD0DE50F8092.dll
2018-05-08 10:34 - 2018-04-22 09:00 - 000639272 _____ (NVIDIA Corporation) C:\Users\GUI\AppData\Local\Temp\nvSCPAPI.dll
2018-05-08 10:34 - 2018-04-22 09:00 - 000727848 _____ (NVIDIA Corporation) C:\Users\GUI\AppData\Local\Temp\nvSCPAPI64.dll
2018-05-12 13:41 - 2018-04-22 09:00 - 000394536 _____ (NVIDIA Corporation) C:\Users\GUI\AppData\Local\Temp\nvStInst.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-09 20:04

==================== End of FRST.txt ============================

English Addition.txt
[HEADING=1]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12.05.2018
Ran by GUI (14-05-2018 09:24:52)
Running from C:\Users\GUI\Desktop
Windows 10 Home Version 1709 16299.431 (X64) (2017-11-23 20:29:07)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================

Administrateur (S-1-5-21-4003686615-4269193129-2528438380-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4003686615-4269193129-2528438380-503 - Limited - Disabled)
GUI (S-1-5-21-4003686615-4269193129-2528438380-1001 - Administrator - Enabled) => C:\Users\GUI
Invité (S-1-5-21-4003686615-4269193129-2528438380-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4003686615-4269193129-2528438380-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32...{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe After Effects CC 2017 (HKLM-x32...\AEFT_14_2_1) (Version: 14.2.1 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Bridge CC 2017 (HKLM-x32...\KBRG_7_0) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Character Animator CC (Beta) (HKLM-x32...\ANMLBETA_1_0_6) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32...\Adobe Creative Cloud) (Version: 4.5.0.331 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32...\Adobe Flash Player NPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32...\Adobe Flash Player PPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Illustrator CC 2018 (HKLM-x32...\ILST_22_1) (Version: 22.1 - Adobe Systems Incorporated)
Adobe InDesign CC 2018 (HKLM-x32...\IDSN_13_1) (Version: 13.1 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32...{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.12 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32...\LTRM_7_3) (Version: 7.3 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2017 (HKLM-x32...\AME_11_1_2) (Version: 11.1.2 - Adobe Systems Incorporated)
Adobe Muse CC 2017 (HKLM-x32...\MUSE_2017_1_0) (Version: 2017.1.0.821 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32...\PHSP_19_1_3) (Version: 19.1.3 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32...\PPRO_11_1_2) (Version: 11.1.2 - Adobe Systems Incorporated)
AMD Ryzen Master (HKLM...{03213877-8001-4F2C-8917-26B127DE1540}) (Version: 1.0.1.0239 - Advanced Micro Devices, Inc.)
Apple Application Support (32 bits) (HKLM-x32...{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM...{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM...{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.)
Apple Software Update (HKLM-x32...{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Audacity 2.1.3 (HKLM-x32...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
AutoHotkey 1.1.26.01 (HKLM...\AutoHotkey) (Version: 1.1.26.01 - Lexikos)
Avira (HKLM-x32...{40F72BC9-0C14-4122-8930-4B037EAEAD45}) (Version: 1.2.109.23832 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32...{4b629f54-1d82-40c9-9979-4485bb58d155}) (Version: 1.2.109.23832 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32...\Avira Antivirus) (Version: 15.0.36.169 - Avira Operations GmbH & Co. KG)
BleachBit (HKLM-x32...\BleachBit) (Version: 1.12 - BleachBit)
Blizzard App (HKLM-x32...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks 3 (HKLM-x32...\BlueStacks) (Version: 3.52.65.1902 - BlueStack Systems, Inc.)
Bonjour (HKLM...{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Boris Continuum Complete 10 CE for Adobe CS5, CS6, CC (HKLM...{45F7EB88-E0B4-4B57-8C1B-A5D8A61F9A29}) (Version: 10.0.0079 - Boris FX, Inc.)
CCleaner (HKLM...\CCleaner) (Version: 5.42 - Piriform)
Classic Shell (HKLM...{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
DAEMON Tools Pro (HKLM...\DAEMON Tools Pro) (Version: 8.1.0.0660 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-4003686615-4269193129-2528438380-1001...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 397.64 - NVIDIA Corporation) Hidden
Effects Suite v11.1.10 (HKLM-x32...{4DD8EE5E-F571-4EC8-9526-E7C62FE39B19}_is1) (Version: 11.1.10 - Red Giant, LLC)
Elephorm (HKLM-x32...{1668659A-6C3E-64CC-E5AF-936A36E492AD}) (Version: 4.2.24 - UNKNOWN) Hidden
Elephorm (HKLM-x32...\ElephormDVDPlayer) (Version: 4.2.24 - UNKNOWN)
Epic Games Launcher (HKLM-x32...{886E86E6-6673-4EAD-A4FF-6E087A661F4E}) (Version: 1.1.123.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM...{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
fayIN 2.4 for After Effects CC (HKLM...{3621F3FF-A9B6-4C18-8842-B871985AE866}) (Version: 2.4.1.1 - fayteq) Hidden
fayIN License Service (HKLM...{99AF962E-47B0-4DF8-BA65-F03403DB80BC}) (Version: 1.1.0.0 - fayteq) Hidden
fayteq fayIN 2.4 for After Effects CC (HKLM-x32...{1582ee6c-39ed-474c-a751-71fe914bd8d5}) (Version: 2.4.1.1 - fayteq)
Free Window Registry Repair (HKLM-x32...\Free Window Registry Repair) (Version: - )
GenArts Sapphire AE (HKLM...\GenArts Sapphire AE_is1) (Version: 10.0 - Team V.R)
Google Chrome (HKLM-x32...\Google Chrome) (Version: 66.0.3359.139 - Google Inc.)
Google Update Helper (HKLM-x32...{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HandBrake 1.0.7 (HKLM-x32...\HandBrake) (Version: 1.0.7 - )
Heroes of the Storm (HKLM-x32...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Ignite Pro 2017 (HKLM...\Ignite Pro 2017_is1) (Version: 1.0.6227.12601 - Team V.R)
ImageGlass (HKLM...{D539FBEF-4AA8-4415-B66F-6367DA5D0186}_is1) (Version: 4.1.7.26 - Duong Dieu Phap)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32...{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
iTunes (HKLM...{89B08926-B965-43B5-8C71-C10433760B14}) (Version: 12.7.0.166 - Apple Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32...\LAME_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32...{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Locus Pack 1.00 (HKLM-x32...\Locus Pack 1.00) (Version: 1.00 - Video Realm Media)
Magic Bullet Suite v13.0.3 (HKLM-x32...{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 13.0.3 - Red Giant, LLC)
mamoworld.com Editing Essentials Bundle (HKLM...\Editing Essentials Bundle for Premiere Pro_is1) (Version: 1.0.10 - Team V.R)
ManiaPlanet (HKLM-x32...\ManiaPlanet_is1) (Version: - Nadeo)
Microsoft Office 365 ProPlus - en-us (HKLM...\O365ProPlusRetail - en-us) (Version: 16.0.9126.2116 - Microsoft Corporation)
Microsoft Office 365 ProPlus - fr-fr (HKLM...\O365ProPlusRetail - fr-fr) (Version: 16.0.9126.2116 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4003686615-4269193129-2528438380-1001...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM...{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32...{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32...{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM...{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32...{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32...{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32...{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32...{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32...{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32...{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32...{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Mises à jour NVIDIA 31.1.10.0 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.1.10.0 - NVIDIA Corporation) Hidden
mocha Pro Plugin V5.2.0 for AVX (HKLM...{000D5F2C-50AB-47E1-9322-6736F502A0E3}) (Version: 5.2.0 - Imagineer Systems)
mocha Pro Plugin V5.2.0 for OFX (HKLM...{2D3E6370-5C8C-4C83-870D-5E02C529ED5B}) (Version: 5.2.0 - Imagineer Systems)
mocha Pro V5.2.0-12816 (HKLM...{0B2CE768-9D51-45E8-A515-D91E8210FDFE}) (Version: 5.20.12816 - Imagineer Systems)
mocha VR Plugin V5.5.2 for Adobe (HKLM...{C5D1B3FC-ECE8-459C-AF76-BB2FBD71841B}) (Version: 5.5.2 - Imagineer Systems)
Molotov (HKU\S-1-5-21-4003686615-4269193129-2528438380-1001...\Molotov) (Version: 2.1.2 - Molotov)
Mozilla Firefox 59.0.3 (x64 en-US) (HKLM...\Mozilla Firefox 59.0.3 (x64 en-US)) (Version: 59.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
NewBlue TotalFX AEX (HKLM...\NewBlue TotalFX AEX_is1) (Version: 5.0.0.170317 - Team V.R)
Notepad++ (32-bit x86) (HKLM-x32...\Notepad++) (Version: 7.5.1 - Notepad++ Team)
NVIDIA DDS Utilities (HKLM-x32...{64963F0E-03F2-4B59-8D1B-1806545E7092}) (Version: 1.0 - )
NVIDIA GeForce Experience 3.13.1.30 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.17.0524 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32...{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA Pilote 3D Vision 397.64 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 397.64 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.37.1 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.1 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 390.41 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Pilote graphique 397.64 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 397.64 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32...{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM...{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM...{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32...{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32...{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32...\Overwatch) (Version: - Blizzard Entertainment)
Panneau de configuration NVIDIA 397.64 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 397.64 - NVIDIA Corporation) Hidden
Parsec (HKLM-x32...\Parsec) (Version: - Parsec Cloud Inc.)
Path of Building version 1.4.64 (HKLM-x32...{72FA9AB7-189F-4BDE-8856-72DEB90C157B}_is1) (Version: 1.4.64 - Openarl)
Path of Exile (HKLM-x32...{5e37eb26-2d6e-4b09-9dda-67b2c7f8d5bb}) (Version: 3.1.1.24680 - Grinding Gear Games)
Path of Exile (HKLM-x32...{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.1.1.24680 - Grinding Gear Games) Hidden
PuTTY release 0.70 (64-bit) (HKLM...{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
PuTTY release 0.70 (HKLM-x32...{0B06C05B-0069-4FE8-AC19-AAF6678FD0A8}) (Version: 0.70.0.0 - Simon Tatham)
QuickTime 7 (HKLM-x32...{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Razer Synapse (HKLM-x32...{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.721 - Razer Inc.)
RE:Vision Effects RE:Flex v5.0.0 (HKLM...\RE:Flex 5_is1) (Version: 5.0.0 - Team V.R)
RE:Vision Effects Twixtor AE (HKLM...\Twixtor AE 6.1.0_is1) (Version: 6.1.0 - Team V.R)
RE:Vision Effects Twixtor AE (HKLM...\Twixtor AE 6.2.1_is1) (Version: 6.2.1 - Team V.R)
Realtek High Definition Audio Driver (HKLM-x32...{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8302 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32...{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.10.1 - Red Giant, LLC)
ReelSmart Motion Blur 4, After Effects-compatible plugin set (HKLM-x32...\ReelSmart Motion Blur 4, After Effects-compatible plugin set) (Version: - )
Rowbyte TV Distortion 2.0.7 CE (HKLM...\TV Distortion Bundle_is1) (Version: 2.0.7 - Team V.R)
ShareX (HKLM...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 12.1.1 - ShareX Team)
Sid Meiers Civilization VI Rise and Fall (HKLM-x32...\Sid Meiers Civilization VI Rise and Fall_is1) (Version: - )
SpeedFan (remove only) (HKLM-x32...\SpeedFan) (Version: - )
Steam (HKLM-x32...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
Trapcode Suite 14 (HKLM...\Trapcode Suite 14 v14.0) (Version: - Red Giant LLC)
Universe (HKLM...\Universe Premium_is1) (Version: 2.1 CE - Team V.R)
Unlocker 1.9.2 (HKLM...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Vicon boujou 5.0.2 (HKLM-x32...{C071157F-AB34-4D3F-A0DF-9AC544B3732E}) (Version: 5.0.2 - Vicon Motion Systems)
VLC media player (HKLM-x32...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.1.70.0 (HKLM...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Warcraft III (HKLM-x32...\Warcraft III) (Version: - Blizzard Entertainment)
WinDirStat 1.1.2 (HKU\S-1-5-21-4003686615-4269193129-2528438380-1001...\WinDirStat) (Version: - )
WinRAR 5.50 (64-bit) (HKLM...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zemana AntiMalware (HKLM-x32...{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4003686615-4269193129-2528438380-1001_Classes\CLSID{0E270DAA-1BE6-48F2-AC49-9C284CF11570}\InprocServer32 → %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-4003686615-4269193129-2528438380-1001_Classes\CLSID{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 → C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] → {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => → No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] → {05B38830-F4E9-4329-978B-1DD28605D202} => → No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] → {0596C850-7BDD-4C9D-AFDF-873BE6890637} => → No File
ShellIconOverlayIdentifiers: [ AccExtIco1] → {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] → {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] → {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ShellIconOverlayIdentifiers: [ShareOverlay] → {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] → {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => → No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] → {05B38830-F4E9-4329-978B-1DD28605D202} => → No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] → {0596C850-7BDD-4C9D-AFDF-873BE6890637} => → No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] → {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] → {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-05-14] ()
ContextMenuHandlers1: [AccExt] → {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] → {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] → {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-08-29] ()
ContextMenuHandlers1: [MEGA (Context menu)] → {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => → No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] → {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-05-09] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] → {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] → {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] → {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-05-07] (NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] → {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-05-14] ()
ContextMenuHandlers6: [AccExt] → {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] → {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [Shell Extension for Malware scanning] → {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-05-09] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [StartMenuExt] → {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2017-08-13] (IvoSoft)
ContextMenuHandlers6: [WinRAR] → {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] → {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
FolderExtensions: → {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} => C:\Users\GUI\Downloads\OldNewExplorer64.dll [2017-08-16] (www.startisback.com)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B4A43CD-0011-4F61-80AE-E78C0C3E6AAE} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-04-22] (NVIDIA Corporation)
Task: {2404B119-119F-4CC3-B0C3-7E2B71AA15C0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-04-12] (Piriform Ltd)
Task: {280208A6-7926-4047-8027-1532A24A5DEE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-04-22] (NVIDIA Corporation)
Task: {3357EA2C-7720-4729-9DF2-9340312A1B79} - System32\Tasks\Microsoft\Office\OfficeTelemetryAge ntLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-03-29] (Microsoft Corporation)
Task: {3404E711-AEB1-432A-ACD0-1AC72FF9A5DF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-04-22] (NVIDIA Corporation)
Task: {384E1A50-CFF3-40C4-AC91-6A30E76E4EE6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-04-22] (NVIDIA Corporation)
Task: {4F2C2B85-3AA5-45D5-AF88-DB4945319725} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-04-22] (NVIDIA Corporation)
Task: {659F87B0-F484-4F88-9AD9-699181C559B0} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-UL056C5-GUI => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
Task: {8C91392B-5160-4294-84EC-C345A61A2DA6} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE195 2-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-04-22] (NVIDIA Corporation)
Task: {9315679D-06F1-4885-B37E-7914C9EE0361} - System32\Tasks\Microsoft\Office\OfficeBackgroundTa skHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.e xe [2018-03-29] (Microsoft Corporation)
Task: {BCD54095-9E58-4307-93F6-FC79179B9DC1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-24] (Microsoft Corporation)
Task: {C3F6C890-EB5E-4677-8E86-5131A8328E91} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-04-22] (NVIDIA Corporation)
Task: {CB47C03A-2F18-4ED0-A828-884A79306CD0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAge ntFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-03-29] (Microsoft Corporation)
Task: {CC7FA977-FCE7-45F1-ABC2-3A36C4B1DBAE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTa skHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.e xe [2018-03-29] (Microsoft Corporation)
Task: {D2324FB1-57B9-406C-B591-3A1C827BB96E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-04-22] (NVIDIA Corporation)
Task: {DCF45736-A3D8-4F46-9306-EBF77A3BF090} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-24] (Microsoft Corporation)
Task: {DE09F323-BFEE-48D6-8C37-8ECAFEF93BD1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {E8DB8F8A-AC29-4380-83FB-84E877734766} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-05-09] (Avira Operations GmbH & Co. KG)
Task: {EE26614D-B956-47A2-A71C-CA1087996376} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-03-29] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2018-05-08 10:34 - 2018-04-22 13:04 - 001267648 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-07-13 20:50 - 2017-07-13 20:50 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-07-20 00:09 - 2017-07-20 00:09 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-05-08 10:34 - 2018-05-07 21:15 - 000138128 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-02-10 01:12 - 2018-02-10 01:12 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2017-08-29 02:43 - 2017-08-29 02:43 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2018-05-14 09:02 - 2018-05-14 09:02 - 000155504 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2018-03-13 20:57 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\CortanaApi.dll
2018-03-13 20:57 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\Cortana.Core.dll
2018-04-28 01:43 - 2018-04-26 05:14 - 004443992 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\libg lesv2.dll
2018-04-28 01:43 - 2018-04-26 05:14 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\libe gl.dll
2018-05-08 10:34 - 2018-04-22 13:04 - 001041344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-05-08 10:34 - 2018-04-22 13:04 - 081563584 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-05-08 10:34 - 2018-04-22 13:04 - 002478016 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-05-08 10:34 - 2018-04-22 13:04 - 000125376 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2017-09-17 13:11 - 2018-01-11 04:05 - 000784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-09-17 13:11 - 2018-04-03 01:34 - 002631968 _____ () C:\Program Files (x86)\Steam\video.dll
2017-09-17 13:11 - 2016-09-01 03:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-12-14 23:38 - 2017-12-20 03:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-14 23:38 - 2017-12-20 03:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-14 23:38 - 2017-12-20 03:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-14 23:38 - 2017-12-20 03:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-12-14 23:38 - 2017-12-20 03:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2017-09-17 13:11 - 2016-09-01 03:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-09-17 13:11 - 2016-09-01 03:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-09-17 13:11 - 2018-04-03 01:34 - 000977184 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-09-17 13:11 - 2016-07-05 00:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2018-05-01 21:22 - 2018-04-30 23:01 - 001891672 _____ () C:\Users\GUI\AppData\Local\Discord\app-0.0.301\ffmpeg.dll
2017-09-17 13:11 - 2017-09-07 04:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-09-17 13:11 - 2017-12-13 23:16 - 071471392 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-09-17 13:11 - 2015-09-25 01:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2018-05-01 21:22 - 2018-04-30 23:01 - 001937752 _____ () C:\Users\GUI\AppData\Local\Discord\app-0.0.301\libglesv2.dll
2018-05-01 21:22 - 2018-04-30 23:01 - 000095576 _____ () C:\Users\GUI\AppData\Local\Discord\app-0.0.301\libegl.dll
2018-05-02 09:59 - 2018-05-02 09:59 - 001910104 _____ () \?\C:\Users\GUI\AppData\Roaming\discord\0.0.301\mo dules\discord_spellcheck\node_modules\cld\build\Re lease\cld.node
2018-05-02 09:59 - 2018-05-02 09:59 - 000422744 _____ () \?\C:\Users\GUI\AppData\Roaming\discord\0.0.301\mo dules\discord_spellcheck\node_modules\spellchecker \build\Release\spellchecker.node
2018-05-02 09:59 - 2018-05-02 09:59 - 000145240 _____ () \?\C:\Users\GUI\AppData\Roaming\discord\0.0.301\mo dules\discord_spellcheck\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2018-05-02 09:59 - 2018-05-10 08:53 - 009659736 _____ () \?\C:\Users\GUI\AppData\Roaming\discord\0.0.301\mo dules\discord_voice\discord_voice.node
2018-05-02 09:59 - 2018-05-02 09:59 - 001530712 _____ () \?\C:\Users\GUI\AppData\Roaming\discord\0.0.301\mo dules\discord_utils\discord_utils.node
2018-05-02 09:59 - 2018-05-02 09:59 - 000512856 _____ () \?\C:\Users\GUI\AppData\Roaming\discord\0.0.301\mo dules\discord_erlpack\discord_erlpack.node
2018-05-02 09:59 - 2018-05-03 10:41 - 001578840 _____ () \?\C:\Users\GUI\AppData\Roaming\discord\0.0.301\mo dules\discord_game_utils\discord_game_utils.node
2018-05-02 09:59 - 2018-05-02 09:59 - 002722648 _____ () \?\C:\Users\GUI\AppData\Roaming\discord\0.0.301\mo dules\discord_rpc\discord_rpc.node
2018-05-02 09:59 - 2018-05-02 09:59 - 001249112 _____ () \?\C:\Users\GUI\AppData\Roaming\discord\0.0.301\mo dules\discord_vigilante\discord_vigilante.node
2018-05-02 09:59 - 2018-05-02 09:59 - 002760536 _____ () \?\C:\Users\GUI\AppData\Roaming\discord\0.0.301\mo dules\discord_contact_import\discord_contact_impor t.node
2017-08-29 02:43 - 2017-08-29 02:43 - 000021680 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf[ICODE]usjbm[/ICODE]bfjhinhqhifh [0]
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4003686615-4269193129-2528438380-1001\Control Panel\Desktop\Wallpaper → C:\Users\GUI\AppData\Roaming\Microsoft\Windows\The mes\TranscodedWallpaper
DNS Servers: 192.168.0.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{B93F5F19-3B53-4C75-ADFC-CD260E87601E}C:\gog games\enter the gungeon\etg.exe] => (Block) C:\gog games\enter the gungeon\etg.exe
FirewallRules: [TCP Query User{C81B0566-7AFD-456B-8C25-683C6FC10FCB}C:\gog games\enter the gungeon\etg.exe] => (Block) C:\gog games\enter the gungeon\etg.exe
FirewallRules: [{535B3DFC-3579-442C-A0A7-1775ED3F2D06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tricky Towers\TrickyTowers.exe
FirewallRules: [{825F56AB-F5C8-434A-9658-B9D4071E488E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tricky Towers\TrickyTowers.exe
FirewallRules: [{EE1B63FC-32C7-4C0B-9474-029EE02B3CD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate Chicken Horse\UltimateChickenHorse.exe
FirewallRules: [{FBDF75BB-AC38-4AE0-ACD4-871654CF3EAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate Chicken Horse\UltimateChickenHorse.exe
FirewallRules: [UDP Query User{56DC755F-5239-4C71-AACF-6C0ADAA4322D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{5701EEC5-8F51-4706-B57D-D13330AD23AC}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B0F8712B-C02A-4D8C-84EB-F7086A8102C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7768207C-99C2-484E-8AF5-3B6EE99F9833}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{F36159C3-969B-4EC0-91DB-C69CA1F3443A}D:\epicgames\fortnite\fortnitegame\bi naries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\epicgames\fortnite\fortnitegame\binaries\win64\ fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{C73FD5FE-A171-438E-AB34-4AB9DF9A0038}D:\epicgames\fortnite\fortnitegame\bi naries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\epicgames\fortnite\fortnitegame\binaries\win64\ fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{1920B605-6D92-4055-A45D-542A3E80E047}C:\program files (x86)\warcraft iii\warcraft iii.exe] => (Allow) C:\program files (x86)\warcraft iii\warcraft iii.exe
FirewallRules: [TCP Query User{060616C3-1807-468B-AAC5-040DC88EAFAC}C:\program files (x86)\warcraft iii\warcraft iii.exe] => (Allow) C:\program files (x86)\warcraft iii\warcraft iii.exe
FirewallRules: [UDP Query User{272B2E9E-2F46-43A6-AE72-A4D2320C6A5F}C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe
FirewallRules: [TCP Query User{9CBD0B4E-B9BD-442C-9BC3-E571B925E624}C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe
FirewallRules: [UDP Query User{FA47E6C0-3EF7-46E5-B639-76F22BECDBA3}D:\epicgames\epic games\launcher\portal\binaries\win64\epicgameslaun cher.exe] => (Allow) D:\epicgames\epic games\launcher\portal\binaries\win64\epicgameslaun cher.exe
FirewallRules: [TCP Query User{863D49AA-7CB3-44EE-90D3-24876F4DCDC7}D:\epicgames\epic games\launcher\portal\binaries\win64\epicgameslaun cher.exe] => (Allow) D:\epicgames\epic games\launcher\portal\binaries\win64\epicgameslaun cher.exe
FirewallRules: [UDP Query User{7C0436EA-9D2E-4027-8755-74064160140F}D:\epicgames\epic games\launcher\portal\binaries\win32\epicgameslaun cher.exe] => (Allow) D:\epicgames\epic games\launcher\portal\binaries\win32\epicgameslaun cher.exe
FirewallRules: [TCP Query User{AA87CB6C-112A-4B62-9B95-3FD0AAF20931}D:\epicgames\epic games\launcher\portal\binaries\win32\epicgameslaun cher.exe] => (Allow) D:\epicgames\epic games\launcher\portal\binaries\win32\epicgameslaun cher.exe
FirewallRules: [UDP Query User{DDDA51D6-B9D0-4E8A-BD8A-EE20B8BA5692}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe
FirewallRules: [TCP Query User{BE66754E-68AB-4492-AB80-D9B91765A483}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe
FirewallRules: [UDP Query User{64834EAA-B5F1-4ED3-9C19-67EC7E397D28}C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe
FirewallRules: [TCP Query User{42863162-4A55-42C2-A2F9-E9596A251BA4}C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe
FirewallRules: [{E4ECAA0B-9BB3-4D18-BC6B-826B585E854A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turmoil\Turmoil_PC_Fu ll.exe
FirewallRules: [{69239029-9BBB-4C27-AB39-0FAF2C208757}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turmoil\Turmoil_PC_Fu ll.exe
FirewallRules: [UDP Query User{55E0F48E-1BC0-4E55-93DA-113EA8934F81}C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet-server.exe] => (Allow) C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet-server.exe
FirewallRules: [TCP Query User{FE1936B4-273F-48D4-8A13-EC64FD2F2D38}C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet-server.exe] => (Allow) C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet-server.exe
FirewallRules: [{1C567826-34C3-4F42-8CDA-75EB1F8B6A35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lost Castle\Lost_Castle.exe
FirewallRules: [{7536D2C9-7458-4D69-ADF7-DA7ED48FC8BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lost Castle\Lost_Castle.exe
FirewallRules: [UDP Query User{5495C550-E02A-4581-8937-A9207068BE35}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{36398D7B-CB64-4A11-92BA-D6475BB92F73}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{2FB1A613-457C-43A6-BE3E-19C4293FAEC5}C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet.exe] => (Allow) C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet.exe
FirewallRules: [TCP Query User{80BBF3D0-35F6-47A8-94BF-2A889FC6D6AA}C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet.exe] => (Allow) C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet.exe
FirewallRules: [{EB738EFE-1809-48DF-87D3-A995945FA4BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Move or Die\Editor.exe
FirewallRules: [{CB2BAD1A-C9C4-4AF5-8E61-D3598204EF2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Move or Die\Editor.exe
FirewallRules: [{D44D2ADE-048A-4128-B350-84FBAE1B9B97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Move or Die\MoveOrDie.exe
FirewallRules: [{3606402D-A8AF-4B93-980D-C06AF54F63A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Move or Die\MoveOrDie.exe
FirewallRules: [{860858A9-E6AA-4412-96C0-712D61ACAB3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mysterium\Mysterium.e xe
FirewallRules: [{A1FD2CE3-CFA3-400E-A9B4-617F423CEED2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mysterium\Mysterium.e xe
FirewallRules: [{723F9A1A-2A60-447C-A583-F845B1E91EFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\ Binaries\Win32\Launcher.exe
FirewallRules: [{88700990-66A6-468F-8B84-C5635BF97477}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\ Binaries\Win32\Launcher.exe
FirewallRules: [{E9F5F16F-3476-4317-A2D6-40E9A9F79543}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BDB3B728-1DA2-46EE-A201-70D8F516597D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1E81A175-D3BA-497C-B977-D52D74298732}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5ED8D878-664E-4550-9C9E-E7C0CB258BA6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B4519FF3-0582-4665-B3C5-6624D71F194E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A708482F-99C5-4093-B56F-0836F0300F2D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BEE45C84-C9C7-47C2-97FC-C43F0E3CC865}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D299A6AB-51E3-4A38-83BA-60579DBF82AE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D0E2AD10-7D2B-4A17-ABEB-54618D8FA931}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1F7BB04A-2E2C-447B-820C-0DE62C2C5477}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2A3CE30A-B61D-407B-82F1-71A9373C53F7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A9B746C2-A42C-4B20-BCD5-110BDC1C4D96}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{F41DCC95-3357-4824-B1BE-248288BDB465}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{0AC8ECAD-7A6E-436C-A275-453174BED47D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4A09DFAA-691F-4811-A08D-4E72A87E10CF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{18933723-1BA7-4008-89B2-0DF2C9B99FD4}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe
FirewallRules: [TCP Query User{EE62C13D-0539-451F-8C51-8CE89D4D090A}C:\program files (x86)\steam\steamapps\common\move or die\love\win\love.exe] => (Block) C:\program files (x86)\steam\steamapps\common\move or die\love\win\love.exe
FirewallRules: [UDP Query User{8D18B73B-7783-4BB2-AC68-9E4FBA7DBE7C}C:\program files (x86)\steam\steamapps\common\move or die\love\win\love.exe] => (Block) C:\program files (x86)\steam\steamapps\common\move or die\love\win\love.exe
FirewallRules: [{9A98EB6D-7A18-4330-A646-95DD6CE47DE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\SlayTheS pire.exe
FirewallRules: [{0E6898B2-736F-42FA-8BC6-EBC5C9F15FF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\SlayTheS pire.exe
FirewallRules: [TCP Query User{13159918-4E86-45AD-AB0A-6E34C0655935}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7D8E0A88-67ED-4365-B434-1560FCBB49B5}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{B7EE0159-473E-41FF-BC5B-A84B071AA46B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{D6C19989-5343-4FCC-B972-487FC645D6DC}C:\users\gui\desktop\ddnet-10.8.6-win64\chillershit\chillerbot-zz-0003.exe] => (Allow) C:\users\gui\desktop\ddnet-10.8.6-win64\chillershit\chillerbot-zz-0003.exe
FirewallRules: [UDP Query User{C09EF31A-A067-4BDD-BF91-B3C0047E6E0B}C:\users\gui\desktop\ddnet-10.8.6-win64\chillershit\chillerbot-zz-0003.exe] => (Allow) C:\users\gui\desktop\ddnet-10.8.6-win64\chillershit\chillerbot-zz-0003.exe
FirewallRules: [{6332D94A-89EE-47BF-AA13-AD6C57705F16}] => (Allow) C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe
FirewallRules: [{2FFA8192-8A71-486A-990F-6C28D8CE2238}] => (Allow) C:\Program Files (x86)\Hobbyist Software\VLC Streamer\mDNSResponder.exe
FirewallRules: [{C98A6C77-724B-4A71-8149-96AC04B5C377}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe\Bonjour\mDNSRespon der.exe
FirewallRules: [TCP Query User{86BD702A-BB2E-48C4-9817-7A3FE4ED03CB}C:\program files (x86)\heroes of the storm\versions\base62424\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base62424\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{333DFD10-3DB5-4ACB-AEE5-1AEEA1433F42}C:\program files (x86)\heroes of the storm\versions\base62424\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base62424\heroesofthestorm_x64.exe
FirewallRules: [{6D5C11F0-F35C-4664-9BC0-78D9B265D7B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe
FirewallRules: [{4511D9BB-6268-4F95-B4CC-2D50810FEEC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe
FirewallRules: [TCP Query User{81D5DBB8-1728-4164-B7B5-2CDBC72E991F}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [UDP Query User{2BDEDDD0-AD50-4C3F-AABC-05C235CBABC7}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [{93389C38-3BD9-4285-BBE8-E423D49C9A52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{0E1742A0-2597-486E-BE22-B5E46A357959}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{71818539-4E14-43B3-BA75-BA8F92D0A7CC}C:\program files (x86)\steam\steamapps\common\terraria\tmodloaderse rver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\tmodloaderse rver.exe
FirewallRules: [UDP Query User{EC3136FE-86EB-4852-9533-EE254C886D38}C:\program files (x86)\steam\steamapps\common\terraria\tmodloaderse rver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\tmodloaderse rver.exe
FirewallRules: [{1AD651EF-0B3B-4308-BA6E-A63849DE81D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries \Win32\RocketLeague.exe
FirewallRules: [{147874B3-213A-4778-A20C-C09A50BA62C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries \Win32\RocketLeague.exe
FirewallRules: [{1010C64D-20C5-458C-A291-2F5C51893DF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HeroSiege\bin\Hero_Si ege.exe
FirewallRules: [{17953487-9A79-4850-BCD3-74BEA80AA324}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HeroSiege\bin\Hero_Si ege.exe
FirewallRules: [{05EC51A8-67C3-44C7-9D81-04EC21D09BC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Swords of Ditto\The_Swords_of_Ditto.exe
FirewallRules: [{C462974C-BA91-4F08-9C0C-EA4E90539F38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Swords of Ditto\The_Swords_of_Ditto.exe
FirewallRules: [{E639E65C-3E75-431A-B375-28417ED6B5B8}] => (Allow) C:\Program Files\Parsec\parsecd.exe
FirewallRules: [{8FD079D1-019D-42B3-BC59-674C2F92AE19}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CA5E1BFF-8F44-4889-870D-7A100BD94BAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Into the Breach\Breach.exe
FirewallRules: [{D0312F0E-9EE7-478D-B154-7511929B52D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Into the Breach\Breach.exe
FirewallRules: [{7C7AD55E-9345-475C-AC7C-6379A3F01E36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{736405A3-588D-454E-916F-DF59C908FA08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{44AE4DDE-3581-43D7-8C27-F94D6E332546}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\De ceit.exe
FirewallRules: [{337D06F0-69E2-4D0B-B249-21804F3F3C3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\De ceit.exe
FirewallRules: [{9E6E95F5-8D16-441C-B1CF-985EE624A9E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{6DBC172D-078C-4F50-B987-A6647D365333}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{AD7E8DAC-EE01-43C1-9C31-E041FD074076}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2A133172-EF48-4CFD-AAF1-33B398FC9218}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{42158419-0D47-4E86-A7E2-630EC3C10E31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F8285840-51B0-4B81-A54F-06709A9DCF9B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{57B1E445-BDC6-4254-AC8B-FB9DB6026A5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starb ound.exe
FirewallRules: [{4EB7F62D-C6B8-4133-8C3A-4734C503D172}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starb ound.exe
FirewallRules: [{9F3AF91E-97C3-4928-9C46-A2185759DF9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starb ound_server.exe
FirewallRules: [{1662C499-3B6D-4773-B1C6-1B3FCA866A51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starb ound_server.exe
FirewallRules: [{FEF65A89-54C5-4C2C-8AA3-8776EF8E36F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_u ploader.exe
FirewallRules: [{3ACB7911-ECB1-4AC2-8848-1D7E7B396095}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_u ploader.exe
FirewallRules: [{3892BBB9-4463-4D6B-BBE5-3727B0D32A53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starb ound.exe
FirewallRules: [{F31202F5-7BEC-456B-A3D8-E6365BE8444C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starb ound.exe

==================== Restore Points =========================

12-05-2018 23:52:23 Supprimé Microsoft Visual C++ 2005 Redistributable
12-05-2018 23:53:16 Removed Minecraft
12-05-2018 23:53:25 Removed Microsoft XNA Framework Redistributable 4.0

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
[HEADING=1]Application errors:[/HEADING]
Error: (05/14/2018 08:58:02 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: La création du contexte d’activation a échoué pour « D:\Audacity\audacity.exe ». Erreur dans le fichier de manifeste ou de stratégie « » à la ligne .
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.window s.common-controls_6595b64144ccf1df_6.0.16299.431_none_15c7d 3ee93659e73.manifest.
Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows. common-controls_6595b64144ccf1df_6.0.16299.431_none_5d750 ac5a7e1c779.manifest.

Error: (05/14/2018 08:58:02 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: La création du contexte d’activation a échoué pour « D:\Audacity\audacity.exe ». Erreur dans le fichier de manifeste ou de stratégie « » à la ligne .
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.window s.common-controls_6595b64144ccf1df_6.0.16299.431_none_15c7d 3ee93659e73.manifest.
Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows. common-controls_6595b64144ccf1df_6.0.16299.431_none_5d750 ac5a7e1c779.manifest.

Error: (05/14/2018 12:21:35 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: La création du contexte d’activation a échoué pour « D:\Audacity\audacity.exe ». Erreur dans le fichier de manifeste ou de stratégie « » à la ligne .
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.window s.common-controls_6595b64144ccf1df_6.0.16299.431_none_15c7d 3ee93659e73.manifest.
Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows. common-controls_6595b64144ccf1df_6.0.16299.431_none_5d750 ac5a7e1c779.manifest.

Error: (05/14/2018 12:21:35 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: La création du contexte d’activation a échoué pour « D:\Audacity\audacity.exe ». Erreur dans le fichier de manifeste ou de stratégie « » à la ligne .
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.window s.common-controls_6595b64144ccf1df_6.0.16299.431_none_15c7d 3ee93659e73.manifest.
Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows. common-controls_6595b64144ccf1df_6.0.16299.431_none_5d750 ac5a7e1c779.manifest.

Error: (05/13/2018 11:57:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: La création du contexte d’activation a échoué pour « D:\Audacity\audacity.exe ». Erreur dans le fichier de manifeste ou de stratégie « » à la ligne .
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.window s.common-controls_6595b64144ccf1df_6.0.16299.431_none_15c7d 3ee93659e73.manifest.
Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows. common-controls_6595b64144ccf1df_6.0.16299.431_none_5d750 ac5a7e1c779.manifest.

Error: (05/13/2018 11:57:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: La création du contexte d’activation a échoué pour « D:\Audacity\audacity.exe ». Erreur dans le fichier de manifeste ou de stratégie « » à la ligne .
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.window s.common-controls_6595b64144ccf1df_6.0.16299.431_none_15c7d 3ee93659e73.manifest.
Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows. common-controls_6595b64144ccf1df_6.0.16299.431_none_5d750 ac5a7e1c779.manifest.

Error: (05/13/2018 07:28:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante Photoshop.exe, version : 19.1.3.49649, horodatage : 0x5ab4aef9
Nom du module défaillant : Photoshop.exe, version : 19.1.3.49649, horodatage : 0x5ab4aef9
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000951150f
ID du processus défaillant : 0x49b8
Heure de début de l’application défaillante : 0x01d3ead49d603ad1
Chemin d’accès de l’application défaillante : C:\Program Files\Adobe\Adobe Photoshop CC 2018\Photoshop.exe
Chemin d’accès du module défaillant: C:\Program Files\Adobe\Adobe Photoshop CC 2018\Photoshop.exe
ID de rapport : 2b828b03-c121-4624-9d4e-71ecfffaf6c6
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (05/13/2018 06:54:17 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: La création du contexte d’activation a échoué pour « D:\Audacity\audacity.exe ». Erreur dans le fichier de manifeste ou de stratégie « » à la ligne .
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.window s.common-controls_6595b64144ccf1df_6.0.16299.431_none_15c7d 3ee93659e73.manifest.
Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows. common-controls_6595b64144ccf1df_6.0.16299.431_none_5d750 ac5a7e1c779.manifest.
[HEADING=1]System errors:[/HEADING]
Error: (05/14/2018 08:59:29 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UL056C5)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-UL056C5\GUI de l’utilisateur (S-1-5-21-4003686615-4269193129-2528438380-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (05/13/2018 09:29:56 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UL056C5)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-UL056C5\GUI de l’utilisateur (S-1-5-21-4003686615-4269193129-2528438380-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (05/13/2018 08:34:52 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UL056C5)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-UL056C5\GUI de l’utilisateur (S-1-5-21-4003686615-4269193129-2528438380-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (05/13/2018 08:32:27 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (05/13/2018 08:32:27 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (05/13/2018 08:32:27 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (05/13/2018 08:32:27 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (05/12/2018 11:54:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Service Bonjour s’est terminé de façon inattendue pour la 1ème fois.
[HEADING=1]CodeIntegrity:[/HEADING]
Date: 2018-05-14 09:10:18.914
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-14 09:10:18.913
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-14 09:06:56.907
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-05-14 09:06:56.904
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-05-14 09:05:09.214
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\InfusedApps\Applic ations\Microsoft.HEVCVideoExtension_1.0.2512.0_x64 __8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-05-14 09:05:09.201
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\InfusedApps\Applic ations\Microsoft.HEVCVideoExtension_1.0.2512.0_x64 __8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-05-14 09:05:09.073
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\InfusedApps\Applic ations\Microsoft.HEVCVideoExtension_1.0.2512.0_x64 __8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-05-14 09:05:09.055
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\InfusedApps\Applic ations\Microsoft.HEVCVideoExtension_1.0.2512.0_x64 __8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: AMD Ryzen 7 1700X Eight-Core Processor
Percentage of memory in use: 23%
Total physical RAM: 32719.39 MB
Available physical RAM: 25040.1 MB
Total Virtual: 37583.39 MB
Available Virtual: 28223.35 MB

==================== Drives ================================

Drive c: (Data) (Fixed) (Total:931.03 GB) (Free:443.05 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Disque dur) (Fixed) (Total:931.51 GB) (Free:342.7 GB) NTFS

\?\Volume{f3f4c92d-0000-0000-0000-50c2e8000000}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F3F4C92D)
Partition 1: (Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=486 MB) - (Type=27)

================================================== ======
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: C4AE9870)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

/b ↩︎

/b ↩︎

**Malnutrition** · 05-14-2018, 06:20 PM

Rogue Killer Scan.

Download RogueKiller – (Portable) – from one of the following links and save it to your Desktop:

Link 1
Link 2

[ul]
[li]Close all other the running programs[/li][li]Disable ALL Antivirus – Antimalware – Applications.[/li][li]Right Click Rogue Killer and Run as Administrator.[/li][li]Click the Start Scan button.[/li][li]Allow the scan to run – it can take ten minutes or more.[/li][li]Once the scan is complete check All items for removal.[/li][li]https://pchelpforum.net/attachments/upload_2017-2-23_10-55-54-png.1658/[/li]

[li]After All items are checked then press Remove Selected.[/li][li]Wait until the Status box shows Deleting Finished.[/li][li]Click on open report – then open txt[/li][li]Copy the content of the report and paste it here in your next reply.[/li][/ul]

ZHP Diag Fix.

ZHP Fix
[MEDIA=imgur]4bd9Ugb[/MEDIA]

[ul]
[li]Disable your antivirus prior to this fix![/li][li]Download ZHP-Fix from here.[/li][li]UnZip it to your desktop – Tool Here if needed… 7-Zip[/li][li]Install it.[/li][li]Click Suivant 5 Times.[/li][li]Then Installer.[/li][li]Then Terminer.[/li][li]Then right clcick the ZHP Fix icon Run as admin.[/li][li]Copy the entire content of the code box below, the next step will grab it from your clipboard.[/li][li]Then click on import.[/li][li]Then click GO.[/li][li]If you see any Prompts like the one below, select Oui. = Yes in French.[/li][li]https://pchelpforum.net/attachments/upload_2017-5-24_21-17-40-png.2248/[/li]

[li]Allow completion.[/li][li]A log file will appear on your desktop.[/li][li]Post it here in your next reply.[/li][/ul]

Code:

Script Zhpfix
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]:Lightshot =>.SUP.Skillbrains
HKLM\SOFTWARE\Skillbrains =>.SUP.Skillbrains
HKLM\SOFTWARE\WOW6432Node\Skillbrains =>.SUP.Skillbrains
HKCU\SOFTWARE\SkillBrains =>.SUP.Skillbrains
O108 - CMH1: MEGA (Context menu) [64Bits] - {0229E5E7-09E9-45CF-9228-0228EC7D5F17} . (.Orphan.)
O108 - CMH1: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH6: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O69 - SBI: prefs.js [GUI - htEukEjR.default] user_pref('browser.download.save_converter_index', 3); =>.SUP.Spigot
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} =>Riskware.QuickTime
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} =>Riskware.QuickTime
C:\Program Files (x86)\QuickTime =>Riskware.QuickTime
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime =>Riskware.QuickTime
C:\Users\GUI\AppData\Local\Tempzxpsign003aaf8330e4b2d9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign00c9c855d5426559 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign00fabc2a39c86663 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign01390b79345318af =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign013eaae8d051c5e5 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign017adc81bc6ae4ce =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign01849a59ef3843fd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign039388f17e061161 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign03ae457c7affda78 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign03fa753466c0b69d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign046518382098968c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign050b7ffedec94930 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign05355a688e90433a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0760646fbd5830ee =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign077a6318bfcc33af =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign07a6386e3a4f4cb3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign07ce15cedd1de944 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign08cb721d973e6211 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign08e859a51e74fb5a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0991c86855085bfe =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign09971099c4e4bb03 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign09b35a0856f606b1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0c3d6a7aca676492 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0c7edcaa105794d9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0d51f17c378bc782 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0dbc4a34f5280079 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0ec33dc5ede51dd8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0ecf266722f011d7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0f5797946d0dfd05 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0fa1daeb04900bd1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign0fdd456415e66617 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign115bdf7d3d3c44e4 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign118a37d13f2be4ac =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign11a9026f77eaefcd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign126210bca6740e95 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign129ae1c6ec3ce0a1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign13b196bbdb68c988 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign13da0922d2eb6644 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign144946c11757a3e2 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign147e887985a423b6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign14f8139db381151c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign15820234c9dfe551 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1584aa09c369d917 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign160caf41cd83c437 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign167208604bae8c79 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign16a06f9cd2afe545 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign16ca9d38e7f4c0b1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign16f759fab162b509 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign171b6ca05cc49d47 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1838d7df488ae702 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign18507e7a45f9ac4c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign187ee30434e43bdb =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign18b2133d1c1809bb =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign18b729e649c3b409 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign18e86f23242fd683 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign18f778a4c5e5c0c7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign18f7840746c63af6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1932b5406f19171d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign199c8c558e23016c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign19bfd077cc737c85 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign19ce9e7373f35949 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1a6d24dc1fa4c100 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1a8071f27b9fe03d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1afae82cc2aa2cec =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1cc5d30979430278 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1d4145d8e753eebc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1dd0b43011654502 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1dffdc96732688e6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1dfffd8d5088eff7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1ed38d796a8827e3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1efe190c8ea1125e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1f0f6c93d59b9322 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1f112fd4a4fc3cb3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1f863f1e60b891c2 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign1faf6308ccac60ee =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign20d75922c1a2ca10 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign218133c02f848af7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign21aa61af8b658aac =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign21ce7230beea6310 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign21e26c4c4ec0074c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign220210cd96ae08b5 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign225434e262246be9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2274f0ba0de4546f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign22c4f063db6edc8c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign233dbbaeb95eeaa3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign23e3dfc0ccd87278 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2424b23634a0a930 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2473e5649e2337b5 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign255cae0617f3e93f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign266550c0928ee604 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2728d12688c4be05 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign278998975db356f3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign282c014c8ad2b47c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign28c1f8b927d19ef8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign292963bb427802fe =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2948f6080a0396ae =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign295dbd1d545834c3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2987aab4e039bee3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign29a3d68d5594127c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2a29f49db6f32e7d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2afe77764d938504 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2b16ae3d948e5404 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2b449d5b430b9c97 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2b51a0d9882f911e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2bfc4d3d1852784f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2c4d0bb951560bce =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2c52f987461bbfa9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2cf8d5e7e701eb3e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2d26eb3858aebc12 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2d317a5f4608fd90 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2d3c6933b9564238 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2d86dc59d2bc38ea =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2dabd4f41818c7f7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2e223b321023b5d0 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2e264f4a4e82992e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2fbcec6475c255c1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign2fd25ab26a4c10f0 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3062da583fe5cda3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign308da5d0713aa569 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign30991dd86ba5c6aa =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign30d1611c08b3c048 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3102f5b758f861aa =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign316cabe6789da1b2 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign31ddc39f96745ae7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign330fba7898bbb9f6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign352ee86d742d33c6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign357a35dc3898245c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3583a9db9b3353a9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign36a21d2e3c64ddc8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign37934ddaafb6bc42 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign37fc9c2736b2acfd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign38d149137bb9039e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign392e358d64d7c465 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign393c2228697718f7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign395d73a9b3464c72 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign39707f5f694a2f5b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3970844fa7f134f8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign39765163e19b1fce =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign39d518611f2d8476 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign39e0c395488982bf =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3b15d40f4e326cb3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3b1f9197ad48c676 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3b289ee80d22523e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3bb18169861ff74c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3bf3636be2b1601f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3c0aedb21a346795 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3d82ceb57cac5a44 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3df68bd89f6b55ce =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3e4375791c24fb86 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign3fd76a1da579763e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign40250a79def6a514 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign409703bc6e37b7e3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign41bdfa23460be335 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign41f2d9ac91262bb8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign422dbe5562095f62 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign42b6c5389b82962c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign42bfb604ff74c569 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign43d18a5fdd1b4514 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4443ef62a10f90d3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign44ff9222091ef95e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign45066a14bdf20dcd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4529f0e83adba1af =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4618026adcb25eb6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign467707b59dcb8487 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign475cf22a1fcb6d76 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign47ee960cefa50df5 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4805d01f18f2cbe8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4873f6dae2feb629 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign48a1f3430929fd16 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign48d9f147bb251f79 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4911e66bbcea0554 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4938ea81227f19fe =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign49ca59bf7014bc7b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign49d40d5ae742a988 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4a7e0cc6586d9b8b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4a8105c716124a59 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4ad459fc29770279 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4ada1da5de8c533b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4c60f2f2791ee32b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4d28065e9227a153 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4d6863ac00460d0a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4da2970b5f9fa969 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4dab06e4787a87db =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4e46fa004eedd679 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4edb75d0ab5510f3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4f4e4a5d5508fdf9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign4ff8ec35a7a9be1c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5075f0a7c0268b0c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign509edfa5b4641343 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign50a5d7bfbdf35b59 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign50f10330b7837cf9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5190b537a2025158 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5292b5a3aaa24014 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign535621248877b243 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign53f4e17f50bdc949 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign53fe26e5140f449e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign540404978359d6aa =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign54a3f4540a02e3fe =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign54cf1c3733c052c1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign550c26bd211dcb3c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign55f083f7392f12cc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign568d060c91f19a7d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign576d2c7d7ff27113 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign57e9d585ead8a8da =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign582797a4b61f1e48 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign58599ae5ba053274 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign59a50f87a2650760 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5a8f0b28779e6a49 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5b1a3583114a5373 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5b1b3a42d40e4d65 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5c45bb7ce68388f1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5c96e2801dfcee73 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5ca88cab95a14f96 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5cee12b86909d1d4 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5d3ae8a7c5377b31 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5d5e22d81f64971e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5dee1c7e74a04bcd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5e3b437757e0a8b7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5e7b003fed95e37b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5ed6c362c34b64dc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign5f439966ca20e233 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign602552c97ce8cc6a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6191450da9afda74 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6306adc0c9be667d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6343588425c2937c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign638d63b68f928ee8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign63e7c6e48855bf1a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6485d78d1e03377f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign648721b7cf0186a3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign65d85eed0d624030 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign66475e94cfc8b69a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign66484ea25dd58e35 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign67235a806627a245 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign680c29d10fd30bf0 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign68354e7e9e15d2b3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign68712558cbf29e2c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign68c443e384603c17 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign698bc1e78cb8f64c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign69b6781b925f2a47 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6a24d2d0789756e4 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6a555b9a2a666b32 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6b75d9b60faa50fc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6bfc8aa4b25d07e4 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6bff1e424fb0f05d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6c5f6397cedb6d76 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6c79d6daa4eb7ff3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6cfecfea6f22594f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6e678b0555ff4e92 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6e7059ee19c5ff4a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6e72b19136259a6c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6f162987af3b04a6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6f2fe33d25677361 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6f515652b4ed09f7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6ff3df9898ea0f75 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign6ff91307a3e364cf =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign704739278f608d03 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7057cf695babe187 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign711574cd9ca47920 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign711df4966b7f61a7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign71b9512b186691fe =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign727be557be4c0dce =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign72bbf92833ec3afe =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign73505079d8e93cd0 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7358ded1a5453a8a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign743ce8c928173713 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign75ccf0e541a551d3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7645dfd4d264c5ed =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7662e7421d0ec9ab =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7688cfe7a1434981 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign776a5bb5464618bc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7785b38018bc054d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign779a2fe771a9b50b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7a4661064fce5979 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7ab9b8ff09dfd886 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7ac51b85ea366fa3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7b636cdb6223043c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7bb7e59e23c1cbde =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7bfce898654709d9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7c1ab601f7b39f47 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7c2b86298fab7244 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7c6c6782486bb3c5 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7cca2c968b609243 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7d407fad443b15ad =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7df55533ef5a4567 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7e033af8d1e816e7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7e558e6be44c2995 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign7facb5571811d73f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign81653e7305bcb850 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign81c147e1081bc3fb =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign81c5645f8442ef32 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign827c308ad722f0ff =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8308c58904f6c86b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8334f55a772daf38 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign83e379650ddbde62 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign83f7536cf10c6db0 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign83fea396a5404ba6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign852b58af6d2ed523 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8654695343f1cb83 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign865900e01ceb3208 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign867222f079348527 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign86d32000a8702664 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign86ee18a7a4977ebf =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign86f01a2de0ec1973 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign86f7512f95d46ffb =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8745f6c1545d4cbf =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign87cfeb2d08dd6ff3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign890287de7641fbe4 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign893c41484147737e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign897eaeb6f302931f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8a3c13b5dbecf235 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8a3f138efb88a8fd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8ac6eca8a4015144 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8acacf2fe9085008 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8ad2fb584849a24c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8b00df439038d651 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8b3a1f653d386dcd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8bba086a65bcf1d4 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8c1cd9cb19464378 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8c409ec03ea41ebb =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8c4e25afaacfc98a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8e0be57273d103cb =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8f0c0d522645eb25 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign8fd2a5513e7d9110 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign902394ee1f43111c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign90290f78e7edfba7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign907ce48771adf96e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign908ed601cd3088dd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign90d2ad21b4deb4a7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9130f8c8fee822b6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign91c6f17d1d7ba1e4 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign91f2000e83a159fc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9306e620d1c7f125 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign931ed593976e0989 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9333052386129dc5 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign93362d40089835e0 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9417fd960ece5c50 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign94752f7a1c9094a8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign94c5002419a5f215 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign95210eda0ba2a269 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign95d1fe87570c7647 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign971bf5ef2ca81e5d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign97352cd0343fe161 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9831b186400cf5bb =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9846973e650cfb9b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign985b95ab8142c7d9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign98ebc37d50b7bc3b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign98f698b36aea56e3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9912dc6a7914b8ce =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign993866b58baa20b1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign99d5023f29997c4b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9ae68a9eda9e5509 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9af990a255ae57fc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9b280a2c13c902f2 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9bffeeb5fd117c22 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9d27d3a471263619 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9d6c9587df0bbecd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9da3ab226a112f9a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9ddfe331a9758276 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9ef2f6ec9155b73f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9f2c88791d1885d0 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9f3fee13d971f7a5 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsign9f43222c5c91294e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna0ae8915767f663d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna135b910e614d6c9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna15bede8e7468166 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna25a32bae770de04 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna2686c08fe99d3bc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna369826e6e2edb0f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna3b0faacfc95b07e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna3d889681ebf14c9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna41b000a682ae189 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna484980b349ce5d9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna4f9be8689dd07a4 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna5622f5f21b8c2d3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna67649db75054036 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna6a67978a6258feb =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna750d69d6e8cce1b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna75ed98a13814b15 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna7bd6c43f16afb34 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna7e725fbdb574014 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna7ecdeae295fc14f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna81d7405250909c2 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna84c6f6465e8cbfa =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigna991a3d0d9ce2a27 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignaa1b28d0198c6fec =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignaa47e277743d1522 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignaa6d831ea4968331 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignaa92b59cb13dce90 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignaaeb313bf7df044a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignab76ca3a1386ee89 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignac095bd80ae09108 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignac7fd984801222db =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignad33f76c58219b63 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignad40cda58028ef60 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignad5f9fb048decb3e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignade10f448ff4f070 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignae005b5aee5951ce =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignae5dd478f25fda0c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignae85b49eac4f01d3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignae9f06c80e2f6aa3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignaec5ad4f2755a1b2 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb02c6828d39b8a72 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb150b8b0e02a2d35 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb19057bcf764d14f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb1e7126263ef97a9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb22ae277db92c3fc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb2600d6207414ba7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb2e0617e441005c1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb32c918fb7614cf9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb3ab55454502ebb4 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb42e7de8a2cd4865 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb4316f2929b87dd8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb4a6505829e0a0d6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb4d2b195df710d46 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb5cef376deef4335 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb6617cc1ab886c78 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb718b7ee6f249b04 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb78deef85a70961c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb7c5d33588ac5e49 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb7e8eef0e1b29227 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb86f13dd0053dcc7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb94cc523dfdefa89 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignb9584a7c6c7b91bd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignba40ff85a2414008 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignba5bdc816de25bb1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignba85c61603d82604 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignba9161c6e14f5897 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignba9249231319a530 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbaa59fe679cf603e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbb564d6b72b06d99 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbb7bce63f65de0de =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbbe06819f15d7473 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbc698ae329f5b7dd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbcfffad0eb69cd0a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbd2542ad4dbf5219 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbd8d55dea95d4aa1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbe3865410e04be34 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbe7e2f7c54e80c82 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbea510e26ac8a459 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbf21da7a7835fc39 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbf8c3022bdfb6c09 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignbf9544086a12acbf =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc1213f9b419eee20 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc1a2e927c48a8442 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc30a6db7096ee30a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc31e5b3ae9b5b9b9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc32c8513abbca807 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc39b42e6f7122cfc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc402ec8d02f34ac7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc41f9300dfad79ee =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc43b5b114f2f1969 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc477a853482b0f7e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc4855d184a6e4960 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc49c3dd711686c9c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc4e2502c12465cf5 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc53a2cedc020a718 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc5da5fe6b80f2f95 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc6d5eebe75ef820c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc76d5962626f428b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc785eb64efee6be3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc7fe400987771c18 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc8000bf11c2e301c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc8b33b59070a0e2b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc8decd13af75031f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignc983e208f7db13f5 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignca4e7c8b40749699 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigncb3a121030bdcb68 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigncb3dd46396828263 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigncc5e7125feb32128 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigncd4d3c68dddab2ac =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignce45098f666df0a1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignce97d06699751b04 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignceba218f52b870f7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigncf0ec684353cc0a7 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigncf57ec50d2288f3b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigncfd301f5e261d844 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigncfdf2bd5d8aec7bc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd012ed86bb422144 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd0240d338d0fcf97 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd03ac4ebbb3b6c35 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd03dc60f5e85c53a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd0870fc475751edf =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd0a90713eac9fe13 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd15ed316af5669c9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd18896ddb58ffdb1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd1924a9ff3f78e66 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd41c63025e5a49ba =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd4f96eebe5a5cfc9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd68580ea847fb788 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd73c51e9890ec618 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd76ca85dc7c54baf =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd77f0975338d73e8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd7859051a2f91ebc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd7b4f570afd352a0 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd7c9fc509e793a77 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd82d0375bcd3c339 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd84bc13c8a215399 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd854236b084f8626 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd86a480010ca9c32 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd8a308a2881d880b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignd90da26347e50986 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignda4ae173987eb2c1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignda9f67b05f8d625b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndaa8e1cbc33587d1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndb349390347c543e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndb70507c51baa89f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndc547c2848d6a42c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndc5ce0bcbbf5d73a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndcb46cfdbf8883ac =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndd40f63418f68f3f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndd625f8c5f4d29ef =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignddc1f8ec185f97f3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignde4695f51bcade56 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndf9a5a5ff59d6fb3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndfee7112bc631149 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigndffe6c062efcd087 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne06690bcc953edd2 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne0ba6d3f4a51ca5a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne0c0c0d121f2de33 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne0cf39370d85da88 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne123c90342b423d9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne166ce89c6a41da4 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne2a1ac3bf1296e10 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne305e9513ab3bfba =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne51684dff1debde1 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne51868aa9054ba78 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne5455106140f1ef6 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne58b8e55d9e932d2 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne5c3b5c14675c63e =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne5d0f2d7a0558fee =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne5e19c49426aa996 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne689cd3677721923 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne699928e4aec91b2 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne70273f47eeef94c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne74e0467f2a16c26 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne794d2fa8fbc2129 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne7de0caf0176eaf0 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne85ee3787bc9c63b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne8bd42b4e8588101 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigne944597c827ce264 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignead15346a829d153 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigneb2fdac6cc64ccd8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigneb7176a9e1df562d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigneb956748cbb61275 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignebddccd1188872cd =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignec0d26b5bca886df =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignec0f527a3ec45275 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignec28b4c8af302a2a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignec482f16c0b3c366 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignecc161a78fb4cf4c =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigneceae2c8468b2bf8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigneced30361d5ae427 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsigned279bdbffab747f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignedc92e2e6b3369bf =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignee6726304d5f545b =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignee6cad94d37e230a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignefbbd7389bbb07f3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf072d0b6cdd6f5df =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf0f5068fecee5a82 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf1d79178759c7845 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf2312e915d9cc280 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf24b0a5c2c1086c3 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf2ca55772e315277 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf30ebec7dc84cf6d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf3ea1c6ffcb29559 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf3ffa8b725035b35 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf43c864b32d538c8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf47f2ed8a6ff30ba =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf486854ff4525ae8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf48814598bbe6868 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf4af2b29f03ad029 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf50bde5e259a69ab =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf50de4104c39b1f9 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf592fa373ba192cc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf64e4bf3cdababbf =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf65378fbb7c1f09f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf70c081e27206c8f =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf8981b982e7b665a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf8ae50c5f03c956a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf8bfbf0336155015 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf8c965584a363046 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf962e0e7f9b2a30d =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignf973585de5777153 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignfb123747f15651f5 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignfbcc301a0581a136 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignfbfb54d76edc79b8 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignfca9bcfb4ef70140 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignfd0bd87c16cb6d60 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignfda5e151ac85db4a =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignfec245dd9be1cedc =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignff60456901bd7e93 =>.SUP.Temporary
C:\Users\GUI\AppData\Local\Tempzxpsignff72587382681027 =>.SUP.Temporary
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) =>.SUP.Orphan
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>.SUP.Orphan
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\File System\000 =>.SUP.Temporary.Chrome
C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\File System\001 =>.SUP.Temporary.Chrome
C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\File System\002 =>.SUP.Temporary.Chrome
C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\File System\003 =>.SUP.Temporary.Chrome
C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\File System\004 =>.SUP.Temporary.Chrome
C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\File System\005 =>.SUP.Temporary.Chrome
C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\File System\006 =>.SUP.Temporary.Chrome
C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\File System\007 =>.SUP.Temporary.Chrome
C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\File System\008 =>.SUP.Temporary.Chrome
EmptyPrefetch
Emptytemp
EmptyClsid

Please post a fresh ZHP diag log after this fix.

**Zukolol** · 05-14-2018, 10:41 PM

Hey, thanks again for the reply!
Here’s what’s asked:

Rogue Killer Scan log:

RogueKiller V12.12.17.0 (x64) [May 14 2018] (Gratuit) par Adlice Software
email : Formulaire de Support | Contact • Adlice Software
Remontées : https://forum.adlice.com
Site web : Nettoyeur de Virus Gratuit | RogueKiller AntiMalware • Adlice Software
Blog : Adlice Software - Adlice Software

Système d’exploitation : Windows 10 (10.0.16299) 64 bits version
Démarré en : Mode normal
Utilisateur : GUI [Administrateur]
Démarré depuis : C:\Users\GUI\Desktop\RogueKiller_portable64.exe
Mode : Suppression – Date : 05/15/2018 00:07:11 (Durée : 00:23:36)

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 3 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\T cpip\Parameters\Interfaces{12ab01fb-67da-4d03-9e28-a36c5d062547} | DhcpNameServer : 172.20.10.1 () → Remplacé(e) ()
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 → Remplacé(e) (2)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 → Remplacé(e) (2)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 850 EVO 1TB +++++
— User —
[MBR] f0d95eaa707ed2d829e3a96816371445
[BSP] 8bd482f54fe706e70fa2f75f784b48e1 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953379 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1952524288 | Size: 486 MB
User = LL1 … OK
User = LL2 … OK

+++++ PhysicalDrive1: ST31000524AS +++++
— User —
[MBR] aefc6145345fa64eda572febab783daf
[BSP] ace89bcf978d09f81de508f041f1ec42 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 … OK
User = LL2 … OK

ZHPFix log:

Rapport de ZHPFix 2015.10.19.9 par Nicolas Coolman, Update du 19/10/2015
Fichier d’export Registre :
Run by GUI at 15/05/2018 00:34:54
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (16299)

Corbeille vidée (00mn 12s)
Dossier Prefetcher vidé

========== Clés du Registre ==========
SUPPRIMÉ: HKLM\SOFTWARE\WOW6432Node\Skillbrains
SUPPRIMÉ: HKCU\SOFTWARE\SkillBrains
SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}
SUPPRIMÉ: HKLM\Software\Classes*\ShellEx\ContextMenuHandlers \MEGA (Context menu)
SUPPRIMÉ: HKLM\Software\Classes*\ShellEx\ContextMenuHandlers \WinRAR32
SUPPRIMÉ: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHa ndlers\WinRAR32

========== Valeurs du Registre ==========
SUPPRIMÉ [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run32]:Lightshot

========== Préférences navigateur ==========
ABSENT Mozilla Pref: user_pref(‘browser.download.save_converter_index’, 3);

========== Dossiers ==========
Aucun dossiers CLSID Local utilisateur vide

========== Fichiers ==========
SUPPRIMÉS Temporaires Windows (47171) (101 022 721 496 octets)

========== Récapitulatif ==========
6 : Clés du Registre
1 : Valeurs du Registre
1 : Dossiers
1 : Fichiers
1 : Préférences navigateur

End of clean in 01mn 59s

========== Chemin de fichier rapport ==========
C:\Users\GUI\AppData\Roaming\ZHP\ZHPFix[R1].txt - 15/05/2018 00:35:07 [1439]

ZHP Diag Scan v2:

[/QUOTE]

RAPPORT DE DIAGNOSTIC DE ZHPDIAG

~ ZHPDiag v2018.5.14.108 Par Nicolas Coolman (2018/05/14) ~ Démarré par GUI (Administrator) (2018/05/15 00:38:36) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook: ZHP ~ Certificate ZHPDiag: Legal ~ Etat de la version: Version OK ~ Mode: Scanner ~ Rapport: C:\Users\GUI\Desktop\ZHPDiag.txt ~ Rapport: C:\Users\GUI\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ Démarrage du système: Normal (Normal boot) Windows 10 Home, 64-bit (Build 16299) =>.Microsoft Corporation

—\ NAVIGATEURS INTERNET (4) - 0s
~ GCIE: Google Chrome v66.0.3359.139 ~ MFIE: Mozilla Firefox 59.0.3 (x64 en-US) ~ MSIE: Microsoft Edge v40 ~ MSIE: Internet Explorer v11.431.16299.0
—\ INFORMATIONS SUR LES PRODUITS WINDOWS (8) - 0s
~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK ~ Windows(R) Operating System, OEM_DM channel Windows ID Activation : OK ~ Windows Partial Key : PR394 Windows License : OK ~ Windows Remaining Initializations Number : 1001 Windows Automatic Updates : OK
—\ LOGICIELS DE PROTECTION (2) - 1s
Avira Antivirus v15.0.36.169 (Protection)
Windows Defender W10 (Deactivate)

—\ LOGICIELS DE PROTECTION SUPERFLUS (1) - 1s
~ Zemana AntiMalware v2.74.0.150 (Superflu)
—\ SURVEILLANCE LOGICIEL (2) - 1s
~ Adobe Flash Player 29 NPAPI (Surveillance) ~ Adobe Flash Player 29 PPAPI (Surveillance)
—\ LOGICIELS D’OPTIMISATION (1) - 1s
~ CCleaner v5.42 (Optimisation)
—\ INFORMATIONS SUR LE SYSTÈME (6) - 0s
~ Operating System: AMD64 Family 23 Model 1 Stepping 1, AuthenticAMD ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 33504.66 MB (77% free) : OK =>.RAM Value System Restore: Activé (Enable) System drive C: has 550 GB (57%) free of 953 GB : OK =>.Disk Space
—\ MODE DE CONNEXION AU SYSTÈME (3) - 0s
~ Computer Name: DESKTOP-UL056C5 ~ User Name: GUI ~ Logged in as Administrator
—\ ÉNUMÉRATION DES UNITÉS DE STOCKAGE (2) - 0s
~ Drive C: has 550 GB free of 953 GB (System) ~ Drive D: has 353 GB free of 953 GB
—\ ÉTAT DU CENTRE DE SÉCURITÉ WINDOWS (7) - 0s
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\policies\system] EnableLUA: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Associations] Application: OK [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
—\ RECHERCHE PARTICULIÈRE DE FICHIERS GÉNÉRIQUES (25) - 0s
[MD5.28A9316147DF6223D0AB7774706B55EC] - 15/04/2018 - (.Microsoft Corporation - Explorateur Windows.) – C:\WINDOWS\Explorer.exe [3904296] =>.Microsoft Windows® [MD5.731A783A36A8E69A6434D19D98B12A09] - 29/09/2017 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) – C:\WINDOWS\System32\rundll32.exe [71168] =>.Microsoft Corporation [MD5.BF3E1D9B2360C6BE4CC3094CD2DDC617] - 29/09/2017 - (.Microsoft Corporation - Application de démarrage de Windows.) – C:\WINDOWS\System32\Wininit.exe [359584] =>.Microsoft Corporation [MD5.81181CC5523E9501B8797333BB32FD84] - 03/05/2018 - (.Microsoft Corporation - Extensions Internet pour Win32.) – C:\WINDOWS\System32\wininet.dll [3334144] =>.Microsoft Corporation [MD5.C67E7F605A830AA96A204ECCDC678FBC] - 30/03/2018 - (.Microsoft Corporation - Application d’ouverture de session Windows.) – C:\WINDOWS\System32\Winlogon.exe [716288] =>.Microsoft Corporation [MD5.4D487E7D2B047FB929BE00117C09F9EC] - 29/09/2017 - (.Microsoft Corporation - Bibliothèque de licences.) – C:\WINDOWS\System32\sppcomapi.dll [414720] =>.Microsoft Corporation [MD5.51A5224C9B00B1F31C016B4B29F3DFB7] - 13/03/2018 - (.Microsoft Corporation - DNS DLL de l’API Client.) – C:\WINDOWS\System32\dnsapi.dll [739696] =>.Microsoft Windows® [MD5.CCF0DECFEB3D31F4CB733B39EFDFBAB3] - 13/03/2018 - (.Microsoft Corporation - DNS DLL de l’API Client.) – C:\WINDOWS\Syswow64\dnsapi.dll [597160] =>.Microsoft Windows® [MD5.3B34C7B9D7E22AEF58DF0CFC4C7CC82D] - 30/09/2017 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) – C:\WINDOWS\System32\fr-FR\user32.dll.mui [19968] =>.Microsoft Corporation [MD5.9619C0D7DB55CC3A636A24A7D82B0C8E] - 30/03/2018 - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) – C:\WINDOWS\System32\drivers\AFD.sys [614304] =>.Microsoft Corporation [MD5.6191B9B2EE0E8CB957C683B9B341CC86] - 29/09/2017 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\WINDOWS\System32\drivers\atapi.sys [28568] =>.Microsoft Corporation [MD5.9E82A95D77AC78C84BA75FF896B060BF] - 29/09/2017 - (.Microsoft Corporation - CD-ROM File System Driver.) – C:\WINDOWS\System32\drivers\Cdfs.sys [93184] =>.Microsoft Corporation [MD5.6D83565C1652E80447EDEA6947FA89D7] - 29/09/2017 - (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\WINDOWS\System32\drivers\Cdrom.sys [159744] =>.Microsoft Corporation [MD5.FAEC08F583CAD06D4F057DBB733A03A1] - 30/03/2018 - (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\WINDOWS\System32\drivers\DfsC.sys [151040] =>.Microsoft Corporation [MD5.99A34FD1F6431A10D8C3BB50E170D0F2] - 29/09/2017 - (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\WINDOWS\System32\drivers\HDAudBus.sys [86016] =>.Microsoft Corporation [MD5.56FF074E50F9042FD2856AB3418F4B18] - 29/09/2017 - (.Microsoft Corporation - Pilote de port i8042.) – C:\WINDOWS\System32\drivers\i8042prt.sys [105984] =>.Microsoft Corporation [MD5.7BEC2AF23F586EFF0DB4DBF4331B0C70] - 29/09/2017 - (.Microsoft Corporation - IP Network Address Translator.) – C:\WINDOWS\System32\drivers\IpNat.sys [214016] =>.Microsoft Corporation [MD5.71729B1EE949E1B092CB5CB75CC63715] - 10/02/2018 - (.Microsoft Corporation - Minirdr SMB Windows NT.) – C:\WINDOWS\System32\drivers\MRxSmb.sys [494488] =>.Microsoft Corporation [MD5.2A56FA2634A9650EF4ED5DFE976397BA] - 15/04/2018 - (.Microsoft Corporation - MBT Transport driver.) – C:\WINDOWS\System32\drivers\netBT.sys [316928] =>.Microsoft Corporation [MD5.BEE4FDB8DE2C90728D93393E4A3B88C2] - 03/05/2018 - (.Microsoft Corporation - Pilote du système de fichiers NT.) – C:\WINDOWS\System32\drivers\ntfs.sys [2395040] =>.Microsoft Corporation [MD5.2E07EC2C1622F5E7B535D62DCD61F3AB] - 29/09/2017 - (.Microsoft Corporation - Pilote de port parallèle.) – C:\WINDOWS\System32\drivers\Parport.sys [98816] =>.Microsoft Corporation [MD5.E0220BB6580D34001D4D1D133052DAA4] - 29/09/2017 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\WINDOWS\System32\drivers\Rasl2tp.sys [106496] =>.Microsoft Corporation [MD5.39886C19FB466BBF8AEC31E3E77C034C] - 30/03/2018 - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) – C:\WINDOWS\System32\drivers\rdpdr.sys [182784] =>.Microsoft Corporation [MD5.09125A12CAB5F8D5EAE9C83C25792FDD] - 30/03/2018 - (.Microsoft Corporation - TDI Translation Driver.) – C:\WINDOWS\System32\drivers\tdx.sys [121248] =>.Microsoft Corporation [MD5.5B27846CF4B1C21AFB3A35A8336BA02F] - 08/12/2017 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) – C:\WINDOWS\System32\drivers\volsnap.sys [401304] =>.Microsoft Corporation
—\ LISTE DES SERVICES (Non Microsoft et non désactivés) (17) - 1s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® O23 - Service: (AdobeUpdateService) . (.Adobe Systems Incorporated - Adobe Update Service.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe =>.Adobe Systems Incorporated® O23 - Service: Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated - Adobe Genuine Software Integrity Service.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated® O23 - Service: Avira Protection e-mail (AntiVirMailService) . (.Avira Operations GmbH & Co. KG - Antivirus MailScanner WFP Service.) - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe =>.Avira Operations GmbH & Co. KG® O23 - Service: Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\Antivirus\sched.exe =>.Avira Operations GmbH & Co. KG® O23 - Service: Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\Antivirus\avguard.exe =>.Avira Operations GmbH & Co. KG® O23 - Service: Avira Protection Web (AntiVirWebService) . (.Avira Operations GmbH & Co. KG - AntiVir WebGuard WFP Service.) - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe =>.Avira Operations GmbH & Co. KG® O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.® O23 - Service: Avira Service Host (Avira.ServiceHost) . (.Avira Operations GmbH & Co. KG - Avira Service Host.) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe =>.Avira Operations GmbH & Co. KG® O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.® O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d’installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation® O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe =>.NVIDIA Corporation® O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe =>.NVIDIA Corporation®
O23 - Service: (Parsec) . (.Parsec - Parsec.) - C:\Program Files\Parsec\pservice.exe {0F0CC3A57EF947E7D23CF075B8B4BA5D}
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) . (. - GameScannerService.) - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe =>.Razer USA Ltd.® O23 - Service: ZAM Controller Service (ZAMSvc) . (.Copyright 2017. - ZAM.) - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe =>.Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi®
—\ SERVICES NON MICROSOFT (SR=Démarré,SS=Stoppé) (27) - 3s
SR - Auto [09/02/2018] [ 83984] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® SS - Demand [11/04/2018] [ 272384] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe =>.Adobe Systems Incorporated® SR - Auto [24/04/2018] [ 818128] (AdobeUpdateService) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe =>.Adobe Systems Incorporated® SR - Auto [05/01/2018] [ 2319848] Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated® SS - Auto [09/05/2018] [ 879128] Avira Protection e-mail (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe =>.Avira Operations GmbH & Co. KG® SR - Auto [09/05/2018] [ 224472] Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\sched.exe =>.Avira Operations GmbH & Co. KG® SR - Auto [09/05/2018] [ 224472] Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avguard.exe =>.Avira Operations GmbH & Co. KG® SS - Auto [09/05/2018] [ 1165320] Avira Protection Web (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe =>.Avira Operations GmbH & Co. KG® SR - Auto [07/09/2017] [ 83768] Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.® SR - Auto [28/03/2018] [ 449240] Avira Service Host (Avira.ServiceHost) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe =>.Avira Operations GmbH & Co. KG® SS - Demand [25/04/2018] [ 5745672] BattlEye Service (BEService) . (…) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe =>.BattlEye Innovations e.K.® SS - Auto [12/08/2015] [ 462096] Service Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.® SS - Demand [18/01/2017] [ 1446592] Disc Soft Pro Bus Service (Disc Soft Pro Bus Service) . (.Disc Soft Ltd.) - C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe =>.Disc Soft Ltd® SS - Demand [16/03/2018] [ 774784] EasyAntiCheat (EasyAntiCheat) . (.EasyAntiCheat Ltd.) - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe =>.EasyAntiCheat Oy® SS - Demand [17/09/2017] [ 1591264] FlexNet Licensing Service 64 (FlexNet Licensing Service 64) . (.Flexera Software LLC.) - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe =>.Flexera Software LLC® SS - Auto [17/09/2017] [ 153168] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [17/09/2017] [ 153168] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [11/09/2017] [ 673080] Service de l’iPod (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe =>.Apple Inc.® SS - Demand [02/05/2018] [ 194512] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation® SR - Auto [22/04/2018] [ 522688] NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation® SS - Demand [22/04/2018] [ 522688] NVIDIA NetworkService Container (NvContainerNetworkService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation® SR - Auto [07/05/2018] [ 520672] NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe =>.NVIDIA Corporation® SR - Auto [22/04/2018] [ 468824] NVIDIA Telemetry Container (NvTelemetryContainer) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe =>.NVIDIA Corporation®
SR - Auto [20/03/2018] [ 190536] (Parsec) . (.Parsec.) - C:\Program Files\Parsec\pservice.exe {0F0CC3A57EF947E7D23CF075B8B4BA5D}
SR - Auto [20/07/2017] [ 189264] Razer Game Scanner (Razer Game Scanner Service) . (…) - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe =>.Razer USA Ltd.® SS - Demand [03/04/2018] [ 1671968] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve® SR - Auto [09/08/2017] [15775888] ZAM Controller Service (ZAMSvc) . (.Copyright 2017..) - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe =>.Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi®
—\ TÂCHES PLANIFIÉES EN AUTOMATIQUE (Registre) (24) - 1s
O38 - TASK: {0B4A43CD-0011-4F61-80AE-E78C0C3E6AAE} [64Bits][\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184] =>.NVIDIA Corporation O38 - TASK: {2404B119-119F-4CC3-B0C3-7E2B71AA15C0} [64Bits][\CCleaner Update] - (.Piriform Ltd - CCleaner emergency updater.) – C:\Program Files\CCleaner\CCUpdate.exe [520736] =>.Piriform Ltd O38 - TASK: {280208A6-7926-4047-8027-1532A24A5DEE} [64Bits][\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA nodejs launcher.) – C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832] =>.NVIDIA Corporation O38 - TASK: {3404E711-AEB1-432A-ACD0-1AC72FF9A5DF} [64Bits][\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA driver profile updater.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464] =>.NVIDIA Corporation O38 - TASK: {384E1A50-CFF3-40C4-AC91-6A30E76E4EE6} [64Bits][\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA driver profile updater.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464] =>.NVIDIA Corporation O38 - TASK: {4F2C2B85-3AA5-45D5-AF88-DB4945319725} [64Bits][\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA GeForce Experience.) – C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952] =>.NVIDIA Corporation O38 - TASK: {659F87B0-F484-4F88-9AD9-699181C559B0} [64Bits][\AdobeGCInvoker-1.0-DESKTOP-UL056C5-GUI] - (.Adobe Systems, Incorporated - Adobe GC Invoker Utility.) – C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880] =>.Adobe Systems, Incorporated O38 - TASK: {8C91392B-5160-4294-84EC-C345A61A2DA6} [64Bits][\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952] =>.NVIDIA Corporation O38 - TASK: {C3F6C890-EB5E-4677-8E86-5131A8328E91} [64Bits][\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688] =>.NVIDIA Corporation O38 - TASK: {D2324FB1-57B9-406C-B591-3A1C827BB96E} [64Bits][\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA telemetry monitor.) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912] =>.NVIDIA Corporation O38 - TASK: {DE09F323-BFEE-48D6-8C37-8ECAFEF93BD1} [64Bits][\Apple\AppleSoftwareUpdate] - (.Apple Inc. - Apple Software Update.) – C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320] =>.Apple Inc. O38 - TASK: {E8DB8F8A-AC29-4380-83FB-84E877734766} [64Bits][\Avira_Antivirus_Systray] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) – C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [670696] =>.Avira Operations GmbH & Co. KG C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe =>.NVIDIA Corporation C:\WINDOWS\System32\Tasks\CCleaner Update - (.Piriform Ltd.) – C:\Program Files\CCleaner\CCUpdate.exe =>.Piriform Ltd C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [–launcher=TaskScheduler] =>.NVIDIA Corporation C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_ {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe =>.NVIDIA Corporation C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B 2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe =>.NVIDIA Corporation C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe =>.NVIDIA Corporation C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-UL056C5-GUI - (.Adobe Systems, Incorporated.) – C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe =>.Adobe Systems, Incorporated C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLog on_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [-d ‘C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck’ -l 3 -f C:\ProgramData] =>.NVIDIA Corporation C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily _{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [-d ‘C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck’ -l 3 -f C:\ProgramData\NVIDIA\NvContain] =>.NVIDIA Corporation C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe =>.NVIDIA Corporation C:\WINDOWS\System32\Tasks\Apple\AppleSoftwareUpdat e - (.Apple Inc..) – C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [-task] =>.Apple Inc. C:\WINDOWS\System32\Tasks\Avira_Antivirus_Systray - (.Avira Operations GmbH & Co. KG.) – C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [/min] =>.Avira Operations GmbH & Co. KG
—\ APPLICATIONS LANCÉES AU DÉMARRAGE DU SYSTÈME (8) - 1s
O4 - HKLM..\Run: [SecurityHealth] . (.Microsoft Corporation - Windows Defender notification icon.) – C:\Program Files\Windows Defender\MSASCuiL.exe =>.Microsoft Windows® O4 - HKLM..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) – C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp.® O4 - HKLM..\Run: [ZAM] . (.Copyright 2017. - ZAM.) – C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe =>.Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi®
O4 - HKCU..\Run: [GNE_SwapScreen] . (.GNE - SwapScreen.) – C:\Users\GUI\Desktop\Tools\dual monitor\SwapScreen.exe
O4 - HKLM..\Wow6432Node\Run: [Avira SystrayStartTrigger] . (.Avira Operations GmbH & Co. KG - Avira.) – C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe =>.Avira Operations GmbH & Co. KG® O4 - HKUS\S-1-5-19..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) – C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows® O4 - HKUS\S-1-5-20..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) – C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows®
O4 - HKUS\S-1-5-21-4003686615-4269193129-2528438380-1001..\Run: [GNE_SwapScreen] . (.GNE - SwapScreen.) – C:\Users\GUI\Desktop\Tools\dual monitor\SwapScreen.exe

—\ PROCESSUS LANCÉS (56) - 2s
[MD5.2E2DF9FA4C7BB9C1734AE8B6F8DF697E] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe [520672] [PID.1692] =>.NVIDIA Corporation® [MD5.69B092194DFF29B7D93D7E63A01A25CA] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) – C:\Program Files (x86)\Avira\Antivirus\sched.exe [224472] [PID.2768] =>.Avira Operations GmbH & Co. KG® [MD5.CA805DA983594B01F3554464B2E5158F] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) – C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984] [PID.3088] =>.Adobe Systems, Incorporated® [MD5.69B092194DFF29B7D93D7E63A01A25CA] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) – C:\Program Files (x86)\Avira\Antivirus\avguard.exe [224472] [PID.3100] =>.Avira Operations GmbH & Co. KG® [MD5.8E1E3A26C0957DE1BF6221CB98C92342] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688] [PID.3108] =>.NVIDIA Corporation® [MD5.49D234989341C2D16419C1043A63CE68] - (.Apple Inc. - MobileDeviceService.) – C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768] [PID.3116] =>.Apple Inc.® [MD5.617A1293841681E3502B71E019F60634] - (.Adobe Systems Incorporated - Adobe Update Service.) – C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128] [PID.3140] =>.Adobe Systems Incorporated®
[MD5.9ACEE86F1373DA5AE1DC3394C2150A31] - (.Parsec - Parsec.) – C:\Program Files\Parsec\pservice.exe [190536] [PID.3180] {0F0CC3A57EF947E7D23CF075B8B4BA5D}
[MD5.58A5D48F16E89575C21C0B14A15D4383] - (.Adobe Systems, Incorporated - Adobe Genuine Software Integrity Service.) – C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848] [PID.3172] =>.Adobe Systems Incorporated® [MD5.948DB267C109B3BF6A430198EF6C8D80] - (. - GameScannerService.) – C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264] [PID.3220] =>.Razer USA Ltd.® [MD5.8271D1FFC09750577D7889BF1498DFFC] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [468824] [PID.3248] =>.NVIDIA Corporation® [MD5.E88B43F5DD1C4CD734FE2F68A9028852] - (.Avira Operations GmbH & Co. KG - Avira Service Host.) – C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [449240] [PID.3796] =>.Avira Operations GmbH & Co. KG® [MD5.DD1EB72E7ABE2BF476A5F1B0E62D20D1] - (.Avira Operations GmbH & Co. KG - AntiVir shadow copy service.) – C:\Program Files (x86)\Avira\Antivirus\avshadow.exe [795496] [PID.6044] =>.Avira Operations GmbH & Co. KG® [MD5.0545A3EB959CFA4790D267BFB8C1ACA4] - (.Google Inc. - Programme d’installation de Google.) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168] [PID.6264] =>.Google Inc® [MD5.864FA7B8856FE853D381045771DB30E9] - (.Copyright 2017. - ZAM.) – C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888] [PID.7688] =>.Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi® [MD5.2E2DF9FA4C7BB9C1734AE8B6F8DF697E] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe [520672] [PID.7236] =>.NVIDIA Corporation® [MD5.0387C55A801F1310B78467D91B62949E] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952] [PID.9968] =>.NVIDIA Corporation® [MD5.0387C55A801F1310B78467D91B62949E] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952] [PID.6792] =>.NVIDIA Corporation® [MD5.F8127F4DD22960352C3D65DE26D2542D] - (…) – C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0 _x64__kzf8qxf38zg5c\SkypeHost.exe [86528] [PID.10276] =>.Skype Technologies [MD5.CB1468B0EF9920E79401899312458BE8] - (.Node.js - NVIDIA Web Helper Service.) – C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [15997376] [PID.21144] =>.NVIDIA Corporation® [MD5.CFCF8B3F452CDEE644481CA50DA9E561] - (.NVIDIA Corporation - NVIDIA ShadowPlay Helper.) – C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe [788928] [PID.18836] =>.NVIDIA Corporation® [MD5.FEBF9C46580A8F6DCF1ABCEB59E29DF7] - (.NVIDIA Corporation - NVIDIA Share.) – C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [2069952] [PID.19276] =>.NVIDIA Corporation® [MD5.FEBF9C46580A8F6DCF1ABCEB59E29DF7] - (.NVIDIA Corporation - NVIDIA Share.) – C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [2069952] [PID.4136] =>.NVIDIA Corporation® [MD5.FEBF9C46580A8F6DCF1ABCEB59E29DF7] - (.NVIDIA Corporation - NVIDIA Share.) – C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [2069952] [PID.15924] =>.NVIDIA Corporation® [MD5.6BEBBD3706182C8186796DFDC7F8E702] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) – C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936] [PID.8668] =>.Realtek Semiconductor Corp.®
[MD5.CC09723040A21B64510038ED40119F91] - (.GNE - SwapScreen.) – C:\Users\GUI\Desktop\Tools\dual monitor\SwapScreen.exe [166912] [PID.2360]
[MD5.F3C8882DC5151B81CB444E7E93320A61] - (.IvoSoft - Classic Start Menu.) – C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640] [PID.23528] =>.Ivaylo Beltchev® [MD5.F832F617FFC51D55BEC8AF2A2754C34F] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) – C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [670696] [PID.21196] =>.Avira Operations GmbH & Co. KG® [MD5.D63D9BFD8947F60F7E9E74E8FEF40059] - (.Avira Operations GmbH & Co. KG - Avira.) – C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [300488] [PID.22704] =>.Avira Operations GmbH & Co. KG® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.12660] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.18500] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.27608] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.27300] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.20800] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.27336] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.27156] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.26948] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.28104] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.28240] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.28324] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.28532] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.28540] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.7468] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.27868] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.28844] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.28964] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.29060] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.29240] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.29328] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.29408] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.29544] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.29664] =>.Google Inc® [MD5.1804821148AE7C305D0E5D3463BCBD67] - (.Don HO don.h@free.fr - Notepad++ : a free (GNU) source code editor.) – C:\Program Files (x86)\Notepad++\notepad++.exe [2468016] [PID.27700] =>.Notepad++® [MD5.5A73A31B9EC67A661149969C251D2663] - (.Nicolas Coolman - ZHPDiag.) – C:\Users\GUI\ZHPDiag3.exe [3099008] [PID.22032] =>.Nicolas Coolman [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.16976] =>.Google Inc® [MD5.EA66582423B8ED237DAAE8B927191F22] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008] [PID.14428] =>.Google Inc®
—\ CHROME, Démarrage, Recherche, Extensions (16) - 1s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.google.fr =>.Google Inc. G2 - GCE: Preference [GUI][User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] =>.Google Inc. {Slides} G2 - GCE: Preference [GUI][User Data\Default] [aohghmighlieiainnegkcijnfilokake] =>.Google Inc. {Docs} G2 - GCE: Preference [GUI][User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] http://drive.google.com/ =>.Google Inc. {Drive} G2 - GCE: Preference [GUI][User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] http://www.youtube.com =>.Youtube {Youtube} G2 - GCE: Preference [GUI][User Data\Default] [cjpalhdlnbpafiamejdnhcphjbkeiagm] uBlock Origin =>.Raymond Hill G2 - GCE: Preference [GUI][User Data\Default] [efaidnbmnnnibpcajpcglclefindmkaj] =>.Adobe Inc. {Acrobat}
G2 - GCE: Preference [GUI][User Data\Default] [faapmfhhchgkfinplpkfemkfabngkioc] Poe.trade ignore list
G2 - GCE: Preference [GUI][User Data\Default] [fdpohaocaechififmbbbbbknoalclacl] Full Page Screen Capture =>.mrcoles.com G2 - GCE: Preference [GUI][User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] =>.Google Inc. {Sheets} G2 - GCE: Preference [GUI][User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}
G2 - GCE: Preference [GUI][User Data\Default] [jlpkojjdgbllmedoapgfodplfhcbnbpn]
G2 - GCE: Preference [GUI][User Data\Default] [nlipoenfbbikpbjkfpfillcgkoblgpmj] Pause/Resume recording =>.awesomescreenshot.com {Awesome Screenshot} G2 - GCE: Preference [GUI][User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet} G2 - GCE: Preference [GUI][User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] http://mail.google.com/ =>.Google Inc. {Gmail} G2 - GCE: Preference [GUI][User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.
—\ FIREFOX, Plugins,Démarrage,Recherche,Extensions (11) - 0s
P2 - EXT FILE: (.uBlock Origin - MSG_popupTipPicker’.) – C:\Users\GUI\AppData\Roaming\Mozilla\Firefox\Profi les\htEukEjR.default\extensionsuBlock0@raymondhill.net.xpi =>.uBlock Origin P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files\Mozilla Firefox\browser\featuresactivity-stream@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files\Mozilla Firefox\browser\featuresaushelper@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files\Mozilla Firefox\browser\featuresfirefox@getpocket.com.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files\Mozilla Firefox\browser\featuresfollowonsearch@mozilla.com.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files\Mozilla Firefox\browser\featuresformautofill@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files\Mozilla Firefox\browser\featuresonboarding@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files\Mozilla Firefox\browser\featuresscreenshots@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files\Mozilla Firefox\browser\featuresshield-recipe-client@mozilla.org.xpi =>.Mozilla Corporation P2 - EXT FILE: (.Mozilla Corporation.) – C:\Program Files\Mozilla Firefox\browser\featureswebcompat@mozilla.org.xpi =>.Mozilla Corporation P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) – C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_ 140.dll =>.Adobe Systems Incorporated
—\ INTERNET EXPLORER,Démarrage,Recherche,URLSearchHook (15) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.16299.371 (WinBuild.160101.0800)) – C:\Windows\System32\ieframe.dll =>.Microsoft Corporation
—\ INTERNET EXPLORER, Site de confiance et site sensible (1) - 0s
~ Microsoft Internet Explorer Restricted Site(s) Domains: 0(Good) / 0(Bad)
—\ INTERNET EXPLORER,Proxy Management (3) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyEnable = 0 =>.Default.Value R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,MigrateProxy = 1 =>.Default.Value R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Para meters\Internet\ManualProxies =>.Microsoft
—\ INTERNET EXPLORER,IniFiles, Autoloading Programs (3) - 0s
F2 - REG:system.ini: UserInit= F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet=
—\ ÉTUDE DU FICHIER HOSTS (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)
—\ BROWSER HELPER OBJECT DE NAVIGATEUR (BHO) (5) - 1s
O2 - BHO: (no name) [64Bits] - {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} . (.www.startisback.com - OldNewExplorer shell enhancements.) – C:\Users\GUI\Downloads\OldNewExplorer64.dll =>.www.startisback.com O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) – C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll =>.Microsoft Corporation® O2 - BHO: ExplorerBHO Class [64Bits] - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} . (.IvoSoft - Adds classic Windows Explorer features.) – C:\Program Files\Classic Shell\ClassicExplorer64.dll =>.Ivaylo Beltchev® O2 - BHO: Adobe Acrobat Create PDF Helper [64Bits] - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) – C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavSt ub.dll =>.Adobe Systems, Incorporated® O2 - BHO: SmartSelect [64Bits] - {F4971EE7-DAA0-4053-9964-665D8EE6A077} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) – C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavSt ub.dll =>.Adobe Systems, Incorporated®
—\ RACCOURCIS GLOBAL STARTUP (171) - 6s
O4 - GS\Desktop [Administrateur]: AMD Ryzen Master.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\RyzenMaster\bin\AMD Ryzen Master.exe =>.Advanced Micro Devices, Inc. O4 - GS\Desktop [Administrateur]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) D:\Audacity\audacity.exe =>.The Audacity Team O4 - GS\Desktop [Administrateur]: ClassicStartMenu.exe - Raccourci.lnk . (.IvoSoft - .) C:\Program Files (x86)\Classic Shell\ClassicStartMenu.exe =>.IvoSoft O4 - GS\Desktop [Administrateur]: filezilla - Raccourci.lnk . (.FileZilla Project - FileZilla FTP Client.) D:\FileZilla FTP Client\filezilla.exe {1E3308F7ECDC20D952DFCD12D1F83215} =>.FileZilla Project O4 - GS\Desktop [Administrateur]: Molotov.lnk . (.GitHub - Update.) C:\Users\GUI\AppData\Local\Molotov\Update.exe --processStart ‘Molotov.exe’ =>.GitHub O4 - GS\Desktop [Administrateur]: WinDirStat.lnk . (.Seifert - Windows Directory Statistics.) C:\Program Files (x86)\WinDirStat\windirstat.exe =>.Seifert O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\GUI\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Administrateur]: WinX MediaTrans.lnk . (.Digiarty - MediaTrans.) C:\Program Files (x86)\Digiarty\WinX MediaTrans\MediaTrans.exe =>.Digiarty, Inc.® O4 - GS\sendTo [Administrateur]: Destinataire de télécopie.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [Administrateur]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [Administrateur]: ShareX.lnk . (.ShareX Team - ShareX.) C:\Program Files\ShareX\ShareX.exe =>.ShareX Team O4 - GS\sendTo [Administrateur]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation O4 - GS\TaskBar [Administrateur]: Adobe After Effects CC 2017.lnk . (.Adobe Systems Incorporated - Adobe After Effects CC 2017.2.) C:\Program Files\Adobe\Adobe After Effects CC 2017\Support Files\AfterFX.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [Administrateur]: Adobe Illustrator CC 2018.lnk . (.Adobe Systems Inc. - Adobe Illustrator CC 2018.) C:\Program Files\Adobe\Adobe Illustrator CC 2018\Support Files\Contents\Windows\Illustrator.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [Administrateur]: Adobe InDesign CC 2018.lnk . (.Adobe Systems Incorporated - Adobe InDesign CC 2018.) C:\Program Files\Adobe\Adobe InDesign CC 2018\InDesign.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [Administrateur]: Adobe Lightroom.lnk . (.Adobe Systems - Adobe Photoshop Lightroom.) C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [Administrateur]: Adobe Photoshop CC 2018.lnk . (.Adobe Systems Incorporated - Adobe Photoshop CC 2018.) C:\Program Files\Adobe\Adobe Photoshop CC 2018\Photoshop.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [Administrateur]: Adobe Premiere Pro CC 2017.lnk . (.Adobe Systems Incorporated - Adobe Premiere Pro CC 2017.1.) C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\Adobe Premiere Pro.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [Administrateur]: AMD Ryzen Master.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\RyzenMaster\bin\AMD Ryzen Master.exe =>.Advanced Micro Devices, Inc. O4 - GS\TaskBar [Administrateur]: Blizzard App.lnk . (.Blizzard Entertainment - Blizzard Battle.net App Launcher.) C:\Program Files (x86)\Blizzard App\Battle.net Launcher.exe =>.Blizzard Entertainment, Inc.®
O4 - GS\TaskBar [Administrateur]: boujou 5.0.lnk . (…) C:\Windows\Installer{C071157F-AB34-4D3F-A0DF-9AC544B3732E}\boujou.ico
O4 - GS\TaskBar [Administrateur]: ClassicStartMenu.exe - Raccourci.lnk . (.IvoSoft - .) C:\Program Files (x86)\Classic Shell\ClassicStartMenu.exe =>.IvoSoft
O4 - GS\TaskBar [Administrateur]: DDNet.lnk . (…) C:\Users\GUI\Desktop\DDNet-10.8.6-win64\DDNet.exe
O4 - GS\TaskBar [Administrateur]: Discord.lnk . (.GitHub - Update.) C:\Users\GUI\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\TaskBar [Administrateur]: Elephorm.lnk . (…) C:\Program Files (x86)\Elephorm applications\Elephorm\Elephorm.exe
O4 - GS\TaskBar [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Administrateur]: HandBrake.lnk . (.HandBrake Team - HandBrake.) C:\Program Files\HandBrake\HandBrake.exe =>.HandBrake Team
O4 - GS\TaskBar [Administrateur]: MercuryTrade.lnk . (…) C:\Users\GUI\Desktop\macro\MercuryTrade\MercuryTra de.exe
O4 - GS\TaskBar [Administrateur]: mocha Pro V5.lnk . (…) C:\Windows\Installer{0B2CE768-9D51-45E8-A515-D91E8210FDFE}\MoxxxShortcutIcon.exe
O4 - GS\TaskBar [Administrateur]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Administrateur]: Path of Building.lnk . (…) D:\Path of Building\Path of Building.exe
O4 - GS\TaskBar [Administrateur]: Path of Exile.lnk . (…) C:\Program Files (x86)\Grinding Gear Games\Path of Exile\PathOfExile.exe =>.Grinding Gear Games Limited® O4 - GS\TaskBar [Administrateur]: PuTTY.lnk . (.Simon Tatham - SSH, Telnet and Rlogin client.) C:\Program Files (x86)\PuTTY\putty.exe =>.Simon Tatham® O4 - GS\TaskBar [Administrateur]: SpeedFan.lnk . (…) C:\Program Files (x86)\SpeedFan\speedfan.exe =>.SOKNO S.R.L.® O4 - GS\TaskBar [Administrateur]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) C:\Program Files (x86)\Steam\Steam.exe =>.Valve® O4 - GS\TaskBar [Administrateur]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe =>.TeamSpeak Systems GmbH® O4 - GS\TaskBar [Administrateur]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN® O4 - GS\Startup [Administrateur]: ShareX.lnk . (.ShareX Team - ShareX.) C:\Program Files\ShareX\ShareX.exe -silent =>.ShareX Team
O4 - GS\Programs [Administrateur]: Infini2y. Pack of Transitions’ Presets.lnk . (…) C:\Users\GUI\Desktop\ARAWAK\Infini2y. Pack of Transitions’ Presets
O4 - GS\Programs [Administrateur]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\GUI\AppData\Local\Microsoft\OneDrive\OneD rive.exe =>.Microsoft Corporation® O4 - GS\Desktop [GUI]: AMD Ryzen Master.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\RyzenMaster\bin\AMD Ryzen Master.exe =>.Advanced Micro Devices, Inc. O4 - GS\Desktop [GUI]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) D:\Audacity\audacity.exe =>.The Audacity Team O4 - GS\Desktop [GUI]: ClassicStartMenu.exe - Raccourci.lnk . (.IvoSoft - .) C:\Program Files (x86)\Classic Shell\ClassicStartMenu.exe =>.IvoSoft O4 - GS\Desktop [GUI]: filezilla - Raccourci.lnk . (.FileZilla Project - FileZilla FTP Client.) D:\FileZilla FTP Client\filezilla.exe {1E3308F7ECDC20D952DFCD12D1F83215} =>.FileZilla Project O4 - GS\Desktop [GUI]: Molotov.lnk . (.GitHub - Update.) C:\Users\GUI\AppData\Local\Molotov\Update.exe --processStart ‘Molotov.exe’ =>.GitHub O4 - GS\Desktop [GUI]: WinDirStat.lnk . (.Seifert - Windows Directory Statistics.) C:\Program Files (x86)\WinDirStat\windirstat.exe =>.Seifert O4 - GS\Desktop [GUI]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\GUI\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [GUI]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [GUI]: WinX MediaTrans.lnk . (.Digiarty - MediaTrans.) C:\Program Files (x86)\Digiarty\WinX MediaTrans\MediaTrans.exe =>.Digiarty, Inc.® O4 - GS\sendTo [GUI]: Destinataire de télécopie.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [GUI]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [GUI]: ShareX.lnk . (.ShareX Team - ShareX.) C:\Program Files\ShareX\ShareX.exe =>.ShareX Team O4 - GS\sendTo [GUI]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation O4 - GS\TaskBar [GUI]: Adobe After Effects CC 2017.lnk . (.Adobe Systems Incorporated - Adobe After Effects CC 2017.2.) C:\Program Files\Adobe\Adobe After Effects CC 2017\Support Files\AfterFX.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [GUI]: Adobe Illustrator CC 2018.lnk . (.Adobe Systems Inc. - Adobe Illustrator CC 2018.) C:\Program Files\Adobe\Adobe Illustrator CC 2018\Support Files\Contents\Windows\Illustrator.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [GUI]: Adobe InDesign CC 2018.lnk . (.Adobe Systems Incorporated - Adobe InDesign CC 2018.) C:\Program Files\Adobe\Adobe InDesign CC 2018\InDesign.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [GUI]: Adobe Lightroom.lnk . (.Adobe Systems - Adobe Photoshop Lightroom.) C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [GUI]: Adobe Photoshop CC 2018.lnk . (.Adobe Systems Incorporated - Adobe Photoshop CC 2018.) C:\Program Files\Adobe\Adobe Photoshop CC 2018\Photoshop.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [GUI]: Adobe Premiere Pro CC 2017.lnk . (.Adobe Systems Incorporated - Adobe Premiere Pro CC 2017.1.) C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\Adobe Premiere Pro.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [GUI]: AMD Ryzen Master.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\RyzenMaster\bin\AMD Ryzen Master.exe =>.Advanced Micro Devices, Inc. O4 - GS\TaskBar [GUI]: Blizzard App.lnk . (.Blizzard Entertainment - Blizzard Battle.net App Launcher.) C:\Program Files (x86)\Blizzard App\Battle.net Launcher.exe =>.Blizzard Entertainment, Inc.®
O4 - GS\TaskBar [GUI]: boujou 5.0.lnk . (…) C:\Windows\Installer{C071157F-AB34-4D3F-A0DF-9AC544B3732E}\boujou.ico
O4 - GS\TaskBar [GUI]: ClassicStartMenu.exe - Raccourci.lnk . (.IvoSoft - .) C:\Program Files (x86)\Classic Shell\ClassicStartMenu.exe =>.IvoSoft
O4 - GS\TaskBar [GUI]: DDNet.lnk . (…) C:\Users\GUI\Desktop\DDNet-10.8.6-win64\DDNet.exe
O4 - GS\TaskBar [GUI]: Discord.lnk . (.GitHub - Update.) C:\Users\GUI\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\TaskBar [GUI]: Elephorm.lnk . (…) C:\Program Files (x86)\Elephorm applications\Elephorm\Elephorm.exe
O4 - GS\TaskBar [GUI]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [GUI]: HandBrake.lnk . (.HandBrake Team - HandBrake.) C:\Program Files\HandBrake\HandBrake.exe =>.HandBrake Team
O4 - GS\TaskBar [GUI]: MercuryTrade.lnk . (…) C:\Users\GUI\Desktop\macro\MercuryTrade\MercuryTra de.exe
O4 - GS\TaskBar [GUI]: mocha Pro V5.lnk . (…) C:\Windows\Installer{0B2CE768-9D51-45E8-A515-D91E8210FDFE}\MoxxxShortcutIcon.exe
O4 - GS\TaskBar [GUI]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [GUI]: Path of Building.lnk . (…) D:\Path of Building\Path of Building.exe
O4 - GS\TaskBar [GUI]: Path of Exile.lnk . (…) C:\Program Files (x86)\Grinding Gear Games\Path of Exile\PathOfExile.exe =>.Grinding Gear Games Limited® O4 - GS\TaskBar [GUI]: PuTTY.lnk . (.Simon Tatham - SSH, Telnet and Rlogin client.) C:\Program Files (x86)\PuTTY\putty.exe =>.Simon Tatham® O4 - GS\TaskBar [GUI]: SpeedFan.lnk . (…) C:\Program Files (x86)\SpeedFan\speedfan.exe =>.SOKNO S.R.L.® O4 - GS\TaskBar [GUI]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) C:\Program Files (x86)\Steam\Steam.exe =>.Valve® O4 - GS\TaskBar [GUI]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe =>.TeamSpeak Systems GmbH® O4 - GS\TaskBar [GUI]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN® O4 - GS\Startup [GUI]: ShareX.lnk . (.ShareX Team - ShareX.) C:\Program Files\ShareX\ShareX.exe -silent =>.ShareX Team
O4 - GS\Programs [GUI]: Infini2y. Pack of Transitions’ Presets.lnk . (…) C:\Users\GUI\Desktop\ARAWAK\Infini2y. Pack of Transitions’ Presets
O4 - GS\Programs [GUI]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\GUI\AppData\Local\Microsoft\OneDrive\OneD rive.exe =>.Microsoft Corporation® O4 - GS\Desktop [WDAGUtilityAccount]: AMD Ryzen Master.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\RyzenMaster\bin\AMD Ryzen Master.exe =>.Advanced Micro Devices, Inc. O4 - GS\Desktop [WDAGUtilityAccount]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) D:\Audacity\audacity.exe =>.The Audacity Team O4 - GS\Desktop [WDAGUtilityAccount]: ClassicStartMenu.exe - Raccourci.lnk . (.IvoSoft - .) C:\Program Files (x86)\Classic Shell\ClassicStartMenu.exe =>.IvoSoft O4 - GS\Desktop [WDAGUtilityAccount]: filezilla - Raccourci.lnk . (.FileZilla Project - FileZilla FTP Client.) D:\FileZilla FTP Client\filezilla.exe {1E3308F7ECDC20D952DFCD12D1F83215} =>.FileZilla Project O4 - GS\Desktop [WDAGUtilityAccount]: Molotov.lnk . (.GitHub - Update.) C:\Users\GUI\AppData\Local\Molotov\Update.exe --processStart ‘Molotov.exe’ =>.GitHub O4 - GS\Desktop [WDAGUtilityAccount]: WinDirStat.lnk . (.Seifert - Windows Directory Statistics.) C:\Program Files (x86)\WinDirStat\windirstat.exe =>.Seifert O4 - GS\Desktop [WDAGUtilityAccount]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\GUI\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [WDAGUtilityAccount]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [WDAGUtilityAccount]: WinX MediaTrans.lnk . (.Digiarty - MediaTrans.) C:\Program Files (x86)\Digiarty\WinX MediaTrans\MediaTrans.exe =>.Digiarty, Inc.® O4 - GS\sendTo [WDAGUtilityAccount]: Destinataire de télécopie.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [WDAGUtilityAccount]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation O4 - GS\sendTo [WDAGUtilityAccount]: ShareX.lnk . (.ShareX Team - ShareX.) C:\Program Files\ShareX\ShareX.exe =>.ShareX Team O4 - GS\sendTo [WDAGUtilityAccount]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation O4 - GS\TaskBar [WDAGUtilityAccount]: Adobe After Effects CC 2017.lnk . (.Adobe Systems Incorporated - Adobe After Effects CC 2017.2.) C:\Program Files\Adobe\Adobe After Effects CC 2017\Support Files\AfterFX.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [WDAGUtilityAccount]: Adobe Illustrator CC 2018.lnk . (.Adobe Systems Inc. - Adobe Illustrator CC 2018.) C:\Program Files\Adobe\Adobe Illustrator CC 2018\Support Files\Contents\Windows\Illustrator.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [WDAGUtilityAccount]: Adobe InDesign CC 2018.lnk . (.Adobe Systems Incorporated - Adobe InDesign CC 2018.) C:\Program Files\Adobe\Adobe InDesign CC 2018\InDesign.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [WDAGUtilityAccount]: Adobe Lightroom.lnk . (.Adobe Systems - Adobe Photoshop Lightroom.) C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [WDAGUtilityAccount]: Adobe Photoshop CC 2018.lnk . (.Adobe Systems Incorporated - Adobe Photoshop CC 2018.) C:\Program Files\Adobe\Adobe Photoshop CC 2018\Photoshop.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [WDAGUtilityAccount]: Adobe Premiere Pro CC 2017.lnk . (.Adobe Systems Incorporated - Adobe Premiere Pro CC 2017.1.) C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\Adobe Premiere Pro.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [WDAGUtilityAccount]: AMD Ryzen Master.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\RyzenMaster\bin\AMD Ryzen Master.exe =>.Advanced Micro Devices, Inc. O4 - GS\TaskBar [WDAGUtilityAccount]: Blizzard App.lnk . (.Blizzard Entertainment - Blizzard Battle.net App Launcher.) C:\Program Files (x86)\Blizzard App\Battle.net Launcher.exe =>.Blizzard Entertainment, Inc.®
O4 - GS\TaskBar [WDAGUtilityAccount]: boujou 5.0.lnk . (…) C:\Windows\Installer{C071157F-AB34-4D3F-A0DF-9AC544B3732E}\boujou.ico
O4 - GS\TaskBar [WDAGUtilityAccount]: ClassicStartMenu.exe - Raccourci.lnk . (.IvoSoft - .) C:\Program Files (x86)\Classic Shell\ClassicStartMenu.exe =>.IvoSoft
O4 - GS\TaskBar [WDAGUtilityAccount]: DDNet.lnk . (…) C:\Users\GUI\Desktop\DDNet-10.8.6-win64\DDNet.exe
O4 - GS\TaskBar [WDAGUtilityAccount]: Discord.lnk . (.GitHub - Update.) C:\Users\GUI\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Discord Inc.®
O4 - GS\TaskBar [WDAGUtilityAccount]: Elephorm.lnk . (…) C:\Program Files (x86)\Elephorm applications\Elephorm\Elephorm.exe
O4 - GS\TaskBar [WDAGUtilityAccount]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [WDAGUtilityAccount]: HandBrake.lnk . (.HandBrake Team - HandBrake.) C:\Program Files\HandBrake\HandBrake.exe =>.HandBrake Team
O4 - GS\TaskBar [WDAGUtilityAccount]: MercuryTrade.lnk . (…) C:\Users\GUI\Desktop\macro\MercuryTrade\MercuryTra de.exe
O4 - GS\TaskBar [WDAGUtilityAccount]: mocha Pro V5.lnk . (…) C:\Windows\Installer{0B2CE768-9D51-45E8-A515-D91E8210FDFE}\MoxxxShortcutIcon.exe
O4 - GS\TaskBar [WDAGUtilityAccount]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [WDAGUtilityAccount]: Path of Building.lnk . (…) D:\Path of Building\Path of Building.exe
O4 - GS\TaskBar [WDAGUtilityAccount]: Path of Exile.lnk . (…) C:\Program Files (x86)\Grinding Gear Games\Path of Exile\PathOfExile.exe =>.Grinding Gear Games Limited® O4 - GS\TaskBar [WDAGUtilityAccount]: PuTTY.lnk . (.Simon Tatham - SSH, Telnet and Rlogin client.) C:\Program Files (x86)\PuTTY\putty.exe =>.Simon Tatham® O4 - GS\TaskBar [WDAGUtilityAccount]: SpeedFan.lnk . (…) C:\Program Files (x86)\SpeedFan\speedfan.exe =>.SOKNO S.R.L.® O4 - GS\TaskBar [WDAGUtilityAccount]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) C:\Program Files (x86)\Steam\Steam.exe =>.Valve® O4 - GS\TaskBar [WDAGUtilityAccount]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe =>.TeamSpeak Systems GmbH® O4 - GS\TaskBar [WDAGUtilityAccount]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN® O4 - GS\Startup [WDAGUtilityAccount]: ShareX.lnk . (.ShareX Team - ShareX.) C:\Program Files\ShareX\ShareX.exe -silent =>.ShareX Team
O4 - GS\Programs [WDAGUtilityAccount]: Infini2y. Pack of Transitions’ Presets.lnk . (…) C:\Users\GUI\Desktop\ARAWAK\Infini2y. Pack of Transitions’ Presets
O4 - GS\Programs [WDAGUtilityAccount]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\GUI\AppData\Local\Microsoft\OneDrive\OneD rive.exe =>.Microsoft Corporation® O4 - GS\CommonDesktop [Public]: GeForce Experience.lnk . (.NVIDIA Corporation - NVIDIA GeForce Experience.) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe =>.NVIDIA Corporation® O4 - GS\CommonDesktop [Public]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) C:\Program Files (x86)\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Programs [Public]: Infini2y. Pack of Transitions’ Presets.lnk . (…) C:\Users\GUI\Desktop\ARAWAK\Infini2y. Pack of Transitions’ Presets
O4 - GS\Programs [Public]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\GUI\AppData\Local\Microsoft\OneDrive\OneD rive.exe =>.Microsoft Corporation® O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\internet explorer\iexplore.exe =>.Microsoft Corporation® O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\WINDOWS\system32\mspaint.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\WINDOWS\system32\quickassist.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) C:\WINDOWS\system32\mstsc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d’écran.) C:\WINDOWS\system32\SnippingTool.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Enregistreur d’actions.) C:\WINDOWS\system32\psr.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) C:\WINDOWS\system32\xpsrchvw.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) C:\WINDOWS\system32\charmap.exe =>.Microsoft Corporation O4 - GS\ProgramsCommon [Public]: Access.lnk . (.Microsoft Corporation - Microsoft Access.) C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE =>.Microsoft Corporation® O4 - GS\ProgramsCommon [Public]: Adobe Acrobat DC.lnk . (.Flexera Software LLC - InstallShield.) C:\WINDOWS\Installer{AC76BA86-1033-FFFF-7760-0C0F074E4100}_SC_Acrobat.ico =>.Flexera Software LLC O4 - GS\ProgramsCommon [Public]: Adobe Acrobat Distiller DC.lnk . (.Adobe Systems Incorporated. - Acrobat Distiller.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrodist.exe =>.Adobe Systems, Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe After Effects CC 2017.lnk . (.Adobe Systems Incorporated - Adobe After Effects CC 2017.2.) C:\Program Files\Adobe\Adobe After Effects CC 2017\Support Files\AfterFX.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Bridge CC 2017.lnk . (.Adobe Systems Incorporated - Adobe Bridge CC 2017.) C:\Program Files\Adobe\Adobe Bridge CC 2017\Bridge.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Character Animator CC (Beta).lnk . (.Adobe Systems Incorporated - Character Animator CC Beta.) C:\Program Files\Adobe\Adobe Character Animator CC (Beta)\Support Files\Character Animator.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Creative Cloud.lnk . (.Adobe Systems Incorporated - Adobe Creative Cloud.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Illustrator CC 2018.lnk . (.Adobe Systems Inc. - Adobe Illustrator CC 2018.) C:\Program Files\Adobe\Adobe Illustrator CC 2018\Support Files\Contents\Windows\Illustrator.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe InDesign CC 2018.lnk . (.Adobe Systems Incorporated - Adobe InDesign CC 2018.) C:\Program Files\Adobe\Adobe InDesign CC 2018\InDesign.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Lightroom Classic CC.lnk . (.Adobe Systems - Adobe Photoshop Lightroom Classic.) C:\Program Files\Adobe\Adobe Lightroom Classic CC\Lightroom.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Lightroom.lnk . (.Adobe Systems - Adobe Photoshop Lightroom.) C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Media Encoder CC 2017.lnk . (.Adobe Systems Incorporated - Adobe Media Encoder CC 2017.1.) C:\Program Files\Adobe\Adobe Media Encoder CC 2017\Adobe Media Encoder.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Muse CC 2017.lnk . (.Adobe Systems, Incorporated - Adobe Muse CC.) C:\Program Files\Adobe\Adobe Muse CC 2017\Muse.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Photoshop CC 2018.lnk . (.Adobe Systems Incorporated - Adobe Photoshop CC 2018.) C:\Program Files\Adobe\Adobe Photoshop CC 2018\Photoshop.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Adobe Premiere Pro CC 2017.lnk . (.Adobe Systems Incorporated - Adobe Premiere Pro CC 2017.1.) C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\Adobe Premiere Pro.exe =>.Adobe Systems Incorporated® O4 - GS\ProgramsCommon [Public]: Apple Software Update.lnk . (…) C:\Windows\Installer{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}\AppleSoftwareUpdateIco.exe =>.Apple Inc. O4 - GS\ProgramsCommon [Public]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) D:\Audacity\audacity.exe =>.The Audacity Team
O4 - GS\ProgramsCommon [Public]: Elephorm.lnk . (…) C:\Program Files (x86)\Elephorm applications\Elephorm\Elephorm.exe
O4 - GS\ProgramsCommon [Public]: Epic Games Launcher.lnk . (.Epic Games, Inc. - UnrealEngineLauncher.) D:\EpicGames\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLaun cher.exe =>.Epic Games Inc.® O4 - GS\ProgramsCommon [Public]: Excel.lnk . (.Microsoft Corporation - Microsoft Excel.) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE =>.Microsoft Corporation® O4 - GS\ProgramsCommon [Public]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\System32\Control.exe =>.Microsoft Corporation O4 - GS\ProgramsCommon [Public]: OneNote 2016.lnk . (.Microsoft Corporation - Microsoft OneNote.) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE =>.Microsoft Corporation® O4 - GS\ProgramsCommon [Public]: Outlook.lnk . (.Microsoft Corporation - Microsoft Outlook.) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE =>.Microsoft Corporation® O4 - GS\ProgramsCommon [Public]: PowerPoint.lnk . (.Microsoft Corporation - Microsoft PowerPoint.) C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE =>.Microsoft Corporation® O4 - GS\ProgramsCommon [Public]: Publisher.lnk . (.Microsoft Corporation - Microsoft Publisher.) C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE =>.Microsoft Corporation® O4 - GS\ProgramsCommon [Public]: Skype Entreprise.lnk . (.Microsoft Corporation - Skype for Business.) C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe =>.Microsoft Corporation® O4 - GS\ProgramsCommon [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe =>.TeamSpeak Systems GmbH® O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation O4 - GS\ProgramsCommon [Public]: Word.lnk . (.Microsoft Corporation - Microsoft Word.) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE =>.Microsoft Corporation®
—\ MODIFICATION DOMAINE/ADRESSES (DNS) (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254 =>.Local IP Adress O17 - HKLM\System\CCS\Services\Tcpip..{e4e99d05-3fa5-4f09-81c6-4986807542a3}: DhcpNameServer = 192.168.0.254 =>.Local IP Adress
—\ PROTOCOLE ADDITIONNEL (22) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) – C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) – C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) – C:\Windows\System32\tbauth.dll =>.Microsoft Corporation O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) – C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) – C:\Windows\System32\tbauth.dll =>.Microsoft Corporation O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
—\ REGISTRE AppInit_DLLs et Winlogon Notify (1) - 0s
O20 - Winlogon : UserInit . (.Microsoft Corporation - Application d’ouverture de session Userinit.) - C:\WINDOWS\System32\Userinit.exe =>.Microsoft Corporation
—\ COMPOSANTS ACTIVESETUP INSTALLÉS (ASIC) (5) - 0s
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) – C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Utilitaire d’installation du Lecteur Window.) – C:\Windows\System32\unregmp2.exe =>.Microsoft Corporation O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Expl.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) – C:\Windows\System32\mscories.dll =>.Microsoft Corporation® O40 - ASIC: Google Chrome [64Bits] - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) – C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\Inst aller\chrmstp.exe =>.Google Inc®
—\ LOGICIELS INSTALLÉS (162) - 11s
O42 - Logiciel: Adobe Acrobat DC - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {AC76BA86-1033-FFFF-7760-0C0F074E4100} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe After Effects CC 2017 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – AEFT_14_2_1 =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {739A853C-D71F-404B-9E6A-012D3918ED57} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] – Adobe AIR =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Bridge CC 2017 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – KBRG_7_0 =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Character Animator CC (Beta) - (.Adobe Systems Incorporated.) [HKLM][64Bits] – ANMLBETA_1_0_6 =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM][64Bits] – Adobe Creative Cloud =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 29 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] – Adobe Flash Player NPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 29 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] – Adobe Flash Player PPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Illustrator CC 2018 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – ILST_22_1 =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe InDesign CC 2018 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – IDSN_13_1 =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Lightroom - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D} =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Lightroom Classic CC - (.Adobe Systems Incorporated.) [HKLM][64Bits] – LTRM_7_3 =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Media Encoder CC 2017 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – AME_11_1_2 =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Muse CC 2017 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – MUSE_2017_1_0 =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Photoshop CC 2018 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – PHSP_19_1_3 =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Premiere Pro CC 2017 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – PPRO_11_1_2 =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {AC76BA86-0804-1033-1959-001824265200} =>.Adobe Systems Incorporated O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM][64Bits] – {3D1290E6-1F77-46D5-A715-A56679C8D4E3} =>.Apple Inc. O42 - Logiciel: Apple Application Support (64 bits) - (.Apple Inc..) [HKLM][64Bits] – {D0E45DEC-F4B9-4370-A9DF-66837789C2EF} =>.Apple Inc. O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] – {E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5} =>.Apple Inc. O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] – {C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8} =>.Apple Inc. O42 - Logiciel: Audacity 2.1.3 - (.Audacity Team.) [HKLM][64Bits] – Audacity®_is1 =>.Audacity Team O42 - Logiciel: AutoHotkey 1.1.26.01 - (.Lexikos.) [HKLM][64Bits] – AutoHotkey =>.Lexikos O42 - Logiciel: Avira Antivirus v15.0.36.169 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] – Avira Antivirus =>.Avira Operations GmbH & Co. KG® O42 - Logiciel: Avira v1.2.109.23832 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] – {40F72BC9-0C14-4122-8930-4B037EAEAD45} =>.Avira Operations GmbH & Co. KG O42 - Logiciel: Avira v1.2.109.23832 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] – {4b629f54-1d82-40c9-9979-4485bb58d155} =>.Avira Operations GmbH & Co. KG® O42 - Logiciel: BattleBlock Theater - (.The Behemoth.) [HKLM][64Bits] – Steam App 238460 =>.Valve® O42 - Logiciel: BleachBit - (.BleachBit.) [HKLM][64Bits] – BleachBit =>.BleachBit O42 - Logiciel: Blizzard App - (.Blizzard Entertainment.) [HKLM][64Bits] – Battle.net =>.Blizzard Entertainment, Inc.® O42 - Logiciel: BlueStacks 3 - (.BlueStack Systems, Inc..) [HKLM][64Bits] – BlueStacks =>.BlueStack Systems, Inc.® O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] – {56DDDFB8-7F79-4480-89D5-25E1F52AB28F} =>.Apple Inc. O42 - Logiciel: Borderlands: The Pre-Sequel - (.2K Australia.) [HKLM][64Bits] – Steam App 261640 =>.Valve® O42 - Logiciel: Boris Continuum Complete 10 CE for Adobe CS5, CS6, CC - (.Boris FX, Inc..) [HKLM][64Bits] – {45F7EB88-E0B4-4B57-8C1B-A5D8A61F9A29} =>.Boris FX, Inc. O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] – CCleaner =>.Piriform Ltd® O42 - Logiciel: Classic Shell - (.IvoSoft.) [HKLM][64Bits] – {CABCE573-0A86-42FA-A52A-C7EA61D5BE08} =>.IvoSoft O42 - Logiciel: Counter-Strike: Global Offensive - (.Valve.) [HKLM][64Bits] – Steam App 730 =>.Valve® O42 - Logiciel: DAEMON Tools Pro - (.Disc Soft Ltd.) [HKLM][64Bits] – DAEMON Tools Pro =>.Disc Soft Ltd® O42 - Logiciel: Deceit - (.Automaton.) [HKLM][64Bits] – Steam App 466240 =>.Valve® O42 - Logiciel: Discord - (.Discord Inc..) [HKCU][64Bits] – Discord =>.Discord Inc.® O42 - Logiciel: DisplayDriverAnalyzer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer =>.NVIDIA Corporation O42 - Logiciel: Effects Suite v11.1.10 - (.Red Giant, LLC.) [HKLM][64Bits] – {4DD8EE5E-F571-4EC8-9526-E7C62FE39B19}_is1 =>.Red Giant, LLC
O42 - Logiciel: Elephorm - (..) [HKLM][64Bits] – {1668659A-6C3E-64CC-E5AF-936A36E492AD}
O42 - Logiciel: Elephorm - (..) [HKLM][64Bits] – ElephormDVDPlayer
O42 - Logiciel: Epic Games Launcher - (.Epic Games, Inc..) [HKLM][64Bits] – {886E86E6-6673-4EAD-A4FF-6E087A661F4E} =>.Epic Games, Inc. O42 - Logiciel: Epic Games Launcher Prerequisites (x64) - (.Epic Games, Inc..) [HKLM][64Bits] – {66C5838F-B854-4A55-89E6-A6138747A4DF} =>.Epic Games, Inc.
O42 - Logiciel: fayIN 2.4 for After Effects CC - (.fayteq.) [HKLM][64Bits] – {3621F3FF-A9B6-4C18-8842-B871985AE866}
O42 - Logiciel: fayIN License Service - (.fayteq.) [HKLM][64Bits] – {99AF962E-47B0-4DF8-BA65-F03403DB80BC}
O42 - Logiciel: fayteq fayIN 2.4 for After Effects CC - (.fayteq.) [HKLM][64Bits] – {1582ee6c-39ed-474c-a751-71fe914bd8d5} {021EEAA434D48391EDD756B9003E826C}
O42 - Logiciel: Free Window Registry Repair - (.RegSofts Software.) [HKLM][64Bits] – Free Window Registry Repair =>.RegSofts Software O42 - Logiciel: GenArts Sapphire AE - (.Team V.R.) [HKLM][64Bits] – GenArts Sapphire AE_is1 =>.Team V.R O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] – Google Chrome =>.Google Inc® O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] – {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc. O42 - Logiciel: HandBrake 1.0.7 - (.HandBrake Team.) [HKLM][64Bits] – HandBrake =>.HandBrake Team O42 - Logiciel: Hero Siege - (.Elias Viglione.) [HKLM][64Bits] – Steam App 269210 =>.Valve® O42 - Logiciel: Heroes of the Storm - (.Blizzard Entertainment.) [HKLM][64Bits] – Heroes of the Storm =>.Blizzard Entertainment, Inc.® O42 - Logiciel: Ignite Pro 2017 - (.Team V.R.) [HKLM][64Bits] – Ignite Pro 2017_is1 =>.Team V.R O42 - Logiciel: ImageGlass - (.Duong Dieu Phap.) [HKLM][64Bits] – {D539FBEF-4AA8-4415-B66F-6367DA5D0186}_is1 =>.Duong Dieu Phap O42 - Logiciel: Intel(R) C++ Redistributables on Intel(R) 64 - (.Intel Corporation.) [HKLM][64Bits] – {F70BCE36-25F2-4475-A918-6209B3D85BF3} =>.Intel Corporation O42 - Logiciel: Into the Breach - (.Subset Games.) [HKLM][64Bits] – Steam App 590380 =>.Valve® O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] – {89B08926-B965-43B5-8C71-C10433760B14} =>.Apple Inc. O42 - Logiciel: LAME v3.99.3 (for Windows) - (.Audacity.) [HKLM][64Bits] – LAME_is1 =>.Audacity O42 - Logiciel: Launcher Prerequisites (x64) - (.Epic Games, Inc..) [HKLM][64Bits] – {c6c5a357-c7ca-4a5f-9789-3bb1af579253} =>.Epic Games Inc.®
O42 - Logiciel: Locus Pack 1.00 - (.Video Realm Media.) [HKLM][64Bits] – Locus Pack 1.00
O42 - Logiciel: Lost Castle - (.Hunter Studio.) [HKLM][64Bits] – Steam App 434650 =>.Valve® O42 - Logiciel: Magic Bullet Suite v13.0.3 - (.Red Giant, LLC.) [HKLM][64Bits] – {99487911-8011-42BC-B594-8B02BFD32B1D}_is1 =>.Red Giant, LLC O42 - Logiciel: mamoworld.com Editing Essentials Bundle - (.Team V.R.) [HKLM][64Bits] – Editing Essentials Bundle for Premiere Pro_is1 =>.Team V.R O42 - Logiciel: ManiaPlanet - (.Nadeo.) [HKLM][64Bits] – ManiaPlanet_is1 {34160AF3885BBB32312B8BBF0333806F} =>.Nadeo O42 - Logiciel: Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtensio - (.Microsoft Corporation.) [HKLM][64Bits] – {B0169E83-757B-EF66-E2F0-391944D785BC} =>.Microsoft Corporation O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] – OneDriveSetup.exe =>.Microsoft Corporation® O42 - Logiciel: Mises à jour NVIDIA 31.1.10.0 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update =>.NVIDIA Corporation O42 - Logiciel: mocha Pro Plugin V5.2.0 for AVX - (.Imagineer Systems.) [HKLM][64Bits] – {000D5F2C-50AB-47E1-9322-6736F502A0E3} =>.Imagineer Systems O42 - Logiciel: mocha Pro Plugin V5.2.0 for OFX - (.Imagineer Systems.) [HKLM][64Bits] – {2D3E6370-5C8C-4C83-870D-5E02C529ED5B} =>.Imagineer Systems O42 - Logiciel: mocha Pro V5.2.0-12816 - (.Imagineer Systems.) [HKLM][64Bits] – {0B2CE768-9D51-45E8-A515-D91E8210FDFE} =>.Imagineer Systems O42 - Logiciel: mocha VR Plugin V5.5.2 for Adobe - (.Imagineer Systems.) [HKLM][64Bits] – {C5D1B3FC-ECE8-459C-AF76-BB2FBD71841B} =>.Imagineer Systems O42 - Logiciel: Molotov - (.Molotov.) [HKCU][64Bits] – Molotov =>.Molotov O42 - Logiciel: Move or Die - (.Those Awesome Guys.) [HKLM][64Bits] – Steam App 323850 =>.Valve® O42 - Logiciel: Mozilla Firefox 59.0.3 (x64 en-US) - (.Mozilla.) [HKLM][64Bits] – Mozilla Firefox 59.0.3 (x64 en-US) =>.Mozilla Corporation® O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] – MozillaMaintenanceService =>.Mozilla O42 - Logiciel: Mysterium - (.Asmodee Digital.) [HKLM][64Bits] – Steam App 556180 =>.Valve® O42 - Logiciel: NewBlue TotalFX AEX - (.Team V.R.) [HKLM][64Bits] – NewBlue TotalFX AEX_is1 =>.Team V.R O42 - Logiciel: Notepad++ (32-bit x86) - (.Notepad++ Team.) [HKLM][64Bits] – Notepad++ =>.Notepad++ Team O42 - Logiciel: NVIDIA Ansel - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Backend - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA DDS Utilities - (.nVidia Corporation.) [HKLM][64Bits] – {64963F0E-03F2-4B59-8D1B-1806545E7092} =>.InstallShield Software Corporation® O42 - Logiciel: NVIDIA Display Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Display Container LS - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Display Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Display Watchdog Plugin - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog =>.NVIDIA Corporation O42 - Logiciel: NVIDIA GeForce Experience 3.13.1.30 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA LocalSystem Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Logiciel système PhysX 9.17.0524 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Message Bus for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus =>.NVIDIA Corporation O42 - Logiciel: NVIDIA NetworkService Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService =>.NVIDIA Corporation O42 - Logiciel: NVIDIA NodeJS - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Optimus Update 31.1.10.0 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Photoshop Plug-ins 64 bit - (.nVidia Corporation.) [HKLM][64Bits] – {5E386C5B-CDE7-435A-B5C9-EC73A1B0553A} =>.InstallShield Software Corporation® O42 - Logiciel: NVIDIA Pilote 3D Vision 397.64 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Pilote audio HD : 1.3.37.1 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Pilote du contrôleur 3D Vision 390.41 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Pilote graphique 397.64 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session =>.NVIDIA Corporation O42 - Logiciel: NVIDIA ShadowPlay 3.13.1.30 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay =>.NVIDIA Corporation O42 - Logiciel: Nvidia Share - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC =>.NVIDIA Corporation O42 - Logiciel: NVIDIA SHIELD Streaming - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv =>.NVIDIA Corporation O42 - Logiciel: NVIDIA SHIELD Wireless Controller Driver - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] – NVIDIAStereo =>.NVIDIA Corporation® O42 - Logiciel: NVIDIA Telemetry Client - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Telemetry Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA TelemetryApi helper for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHel per =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Update Core - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core =>.NVIDIA Corporation O42 - Logiciel: NVIDIA User Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Virtual Audio 4.04.0 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Virtual Host Controller - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Watchdog Plugin for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog =>.NVIDIA Corporation O42 - Logiciel: Office 16 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] – {90160000-008C-0000-0000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Office 16 Click-to-Run Extensibility Component 64-bit Registration - (.Microsoft Corporation.) [HKLM][64Bits] – {90160000-00DD-0000-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Office 16 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] – {90160000-008F-0000-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Office 16 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] – {90160000-008C-0409-0000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Office 16 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] – {90160000-008C-040C-0000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Overwatch - (.Blizzard Entertainment.) [HKLM][64Bits] – Overwatch =>.Blizzard Entertainment, Inc.® O42 - Logiciel: Panneau de configuration NVIDIA 397.64 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation
O42 - Logiciel: Parsec - (.Parsec Cloud Inc..) [HKLM][64Bits] – Parsec
O42 - Logiciel: Path of Building version 1.4.64 - (.Openarl.) [HKLM][64Bits] – {72FA9AB7-189F-4BDE-8856-72DEB90C157B}_is1
O42 - Logiciel: Path of Exile - (.Grinding Gear Games.) [HKLM][64Bits] – {5e37eb26-2d6e-4b09-9dda-67b2c7f8d5bb} =>.Grinding Gear Games Limited® O42 - Logiciel: Path of Exile - (.Grinding Gear Games.) [HKLM][64Bits] – {90A4562F-D4A1-4B65-906D-41F236CF6902} =>.Grinding Gear Games O42 - Logiciel: PuTTY release 0.70 - (.Simon Tatham.) [HKLM][64Bits] – {0B06C05B-0069-4FE8-AC19-AAF6678FD0A8} =>.Simon Tatham O42 - Logiciel: PuTTY release 0.70 (64-bit) - (.Simon Tatham.) [HKLM][64Bits] – {45B3032F-22CC-40CD-9E97-4DA7095FA5A2} =>.Simon Tatham O42 - Logiciel: Razer Synapse - (.Razer Inc..) [HKLM][64Bits] – {0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6} =>.Razer Inc. O42 - Logiciel: RE:Vision Effects RE:Flex v5.0.0 - (.Team V.R.) [HKLM][64Bits] – RE:Flex 5_is1 =>.Team V.R O42 - Logiciel: RE:Vision Effects Twixtor AE - (.Team V.R.) [HKLM][64Bits] – Twixtor AE 6.1.0_is1 =>.Team V.R O42 - Logiciel: RE:Vision Effects Twixtor AE - (.Team V.R.) [HKLM][64Bits] – Twixtor AE 6.2.1_is1 =>.Team V.R O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] – {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp.® O42 - Logiciel: Red Giant Link - (.Red Giant, LLC.) [HKLM][64Bits] – {10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1 =>.Red Giant, LLC
O42 - Logiciel: ReelSmart Motion Blur 4, After Effects-compatible plugin set - (..) [HKLM][64Bits] – ReelSmart Motion Blur 4, After Effects-compatible plugin set
O42 - Logiciel: Rocket League - (.Psyonix, Inc..) [HKLM][64Bits] – Steam App 252950 =>.Valve® O42 - Logiciel: Rowbyte TV Distortion 2.0.7 CE - (.Team V.R.) [HKLM][64Bits] – TV Distortion Bundle_is1 =>.Team V.R O42 - Logiciel: ShareX - (.ShareX Team.) [HKLM][64Bits] – 82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1 =>.ShareX Team
O42 - Logiciel: Sid Meiers Civilization VI Rise and Fall - (..) [HKLM][64Bits] – Sid Meiers Civilization VI Rise and Fall_is1
O42 - Logiciel: Slay the Spire - (.Mega Crit Games.) [HKLM][64Bits] – Steam App 646570 =>.Valve® O42 - Logiciel: SpeedFan (remove only) - (.Almico Software.) [HKLM][64Bits] – SpeedFan =>.Almico Software O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] – Steam =>.Valve® O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM][64Bits] – TeamSpeak 3 Client =>.TeamSpeak Systems GmbH O42 - Logiciel: Terraria - (.Re-Logic.) [HKLM][64Bits] – Steam App 105600 =>.Valve® O42 - Logiciel: The Swords of Ditto - (.onebitbeyond.) [HKLM][64Bits] – Steam App 619780 =>.Valve® O42 - Logiciel: Trapcode Suite 14 - (.Red Giant LLC.) [HKLM][64Bits] – Trapcode Suite 14 v14.0 =>.Red Giant LLC O42 - Logiciel: Tricky Towers - (.WeirdBeard.) [HKLM][64Bits] – Steam App 437920 =>.Valve® O42 - Logiciel: Turmoil - (.Gamious.) [HKLM][64Bits] – Steam App 361280 =>.Valve® O42 - Logiciel: Ultimate Chicken Horse - (.Clever Endeavour Games.) [HKLM][64Bits] – Steam App 386940 =>.Valve® O42 - Logiciel: Universe - (.Team V.R.) [HKLM][64Bits] – Universe Premium_is1 =>.Team V.R O42 - Logiciel: Unlocker 1.9.2 - (.Cedrick Collomb.) [HKLM][64Bits] – Unlocker =>.Cedrick Collomb O42 - Logiciel: Vicon boujou 5.0.2 - (.Vicon Motion Systems.) [HKLM][64Bits] – {C071157F-AB34-4D3F-A0DF-9AC544B3732E} =>.Vicon Motion Systems O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] – VLC media player =>.VideoLAN O42 - Logiciel: Vulkan Run Time Libraries 1.1.70.0 - (.LunarG, Inc..) [HKLM][64Bits] – VulkanRT1.1.70.0 =>.LunarG, Inc.® O42 - Logiciel: Warcraft III - (.Blizzard Entertainment.) [HKLM][64Bits] – Warcraft III =>.Blizzard Entertainment, Inc.® O42 - Logiciel: Warhammer: Vermintide 2 - (.Fatshark.) [HKLM][64Bits] – Steam App 552500 =>.Valve® O42 - Logiciel: WinDirStat 1.1.2 - (.Seifert Systems.) [HKCU][64Bits] – WinDirStat =>.Seifert Systems O42 - Logiciel: WinRAR 5.50 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] – WinRAR archiver =>.win.rar GmbH® O42 - Logiciel: Zemana AntiMalware - (.Zemana Ltd..) [HKLM][64Bits] – {8F0CD7D1-42F3-4195-95CD-833578D45057}is1 =>.Zemana Ltd. O42 - Logiciel: ZHPFix 2015 - (.Nicolas Coolman.) [HKLM][64Bits] – ZHPFix_is1 =>.Nicolas Coolman
—\ CLÉ DE REGISTRE SOFTWARE HKCU & HKLM (150) - 11s
HKLM\SOFTWARE\Adobe =>.Adobe HKLM\SOFTWARE\AGEIA Technologies =>.AGEIA Technologies HKLM\SOFTWARE\AMD =>.AMD HKLM\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc. HKLM\SOFTWARE\Apple Inc. =>.Apple Inc. HKLM\SOFTWARE\Avira =>.Avira HKLM\SOFTWARE\Blizzard Entertainment =>.Blizzard Entertainment HKLM\SOFTWARE\BlueStacks =>.BlueStack Systems, Inc. HKLM\SOFTWARE\BlueStacksGP =>.BlueStack Systems, Inc. HKLM\SOFTWARE\Boris FX, Inc. =>.Boris FX, Inc. HKLM\SOFTWARE\EasyAntiCheat =>.EasyAntiCheat HKLM\SOFTWARE\Epic Games =>.Epic Games HKLM\SOFTWARE\EpicGames =>.Epic Games HKLM\SOFTWARE\GOG.com =>.GOG.com HKLM\SOFTWARE\Google =>.Google HKLM\SOFTWARE\IM Providers =>.IM Providers HKLM\SOFTWARE\Intel =>.Intel HKLM\SOFTWARE\Khronos =>.Khronos HKLM\SOFTWARE\Kinoni =>.Kinoni HKLM\SOFTWARE\Lame For Audacity =>.Audacity HKLM\SOFTWARE\Macromedia =>.Macromedia HKLM\SOFTWARE\MAXSOFT-OCRON =>.Maxsoft-Ocron, Inc HKLM\SOFTWARE\MimarSinan =>.Mimar Sinan HKLM\SOFTWARE\Mozilla =>.Mozilla HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins HKLM\SOFTWARE\Notepad++ =>.Don Ho HKLM\SOFTWARE\Nuance =>.Nuance HKLM\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions HKLM\SOFTWARE\Razer =>.Razer HKLM\SOFTWARE\re-logic =>.Re-Logic
HKLM\SOFTWARE\REvision
HKLM\SOFTWARE\Riot Games, Inc =>.Riot Games, Inc HKLM\SOFTWARE\SimonTatham =>.Simon Tatham HKLM\SOFTWARE\SpeedFan =>.Almico Software HKLM\SOFTWARE\Valve =>.Valve HKLM\SOFTWARE\VideoLAN =>.VideoLAN HKLM\SOFTWARE\WOW6432Node =>.Microsoft Corporation HKLM\SOFTWARE\X-AVCSD =>.Avira Software HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation HKLM\SOFTWARE\WOW6432Node\Adobe =>.Adobe HKLM\SOFTWARE\WOW6432Node\AGEIA Technologies =>.AGEIA Technologies HKLM\SOFTWARE\WOW6432Node\AMD =>.AMD HKLM\SOFTWARE\WOW6432Node\Apple Computer, Inc. =>.Apple Computer, Inc. HKLM\SOFTWARE\WOW6432Node\Apple Inc. =>.Apple Inc. HKLM\SOFTWARE\WOW6432Node\Avira =>.Avira HKLM\SOFTWARE\WOW6432Node\Blizzard Entertainment =>.Blizzard Entertainment HKLM\SOFTWARE\WOW6432Node\BlueStacks =>.BlueStack Systems, Inc. HKLM\SOFTWARE\WOW6432Node\BlueStacksGP =>.BlueStack Systems, Inc. HKLM\SOFTWARE\WOW6432Node\Boris FX, Inc. =>.Boris FX, Inc. HKLM\SOFTWARE\WOW6432Node\EasyAntiCheat =>.EasyAntiCheat HKLM\SOFTWARE\WOW6432Node\Epic Games =>.Epic Games HKLM\SOFTWARE\WOW6432Node\EpicGames =>.Epic Games HKLM\SOFTWARE\WOW6432Node\GOG.com =>.GOG.com HKLM\SOFTWARE\WOW6432Node\Google =>.Google HKLM\SOFTWARE\WOW6432Node\IM Providers =>.IM Providers HKLM\SOFTWARE\WOW6432Node\Intel =>.Intel HKLM\SOFTWARE\WOW6432Node\Khronos =>.Khronos HKLM\SOFTWARE\WOW6432Node\Kinoni =>.Kinoni HKLM\SOFTWARE\WOW6432Node\Lame For Audacity =>.Audacity HKLM\SOFTWARE\WOW6432Node\Macromedia =>.Macromedia HKLM\SOFTWARE\WOW6432Node\MAXSOFT-OCRON =>.Maxsoft-Ocron, Inc HKLM\SOFTWARE\WOW6432Node\MimarSinan =>.Mimar Sinan HKLM\SOFTWARE\WOW6432Node\Mozilla =>.Mozilla HKLM\SOFTWARE\WOW6432Node\MozillaPlugins =>.MozillaPlugins HKLM\SOFTWARE\WOW6432Node\Notepad++ =>.Don Ho HKLM\SOFTWARE\WOW6432Node\Nuance =>.Nuance HKLM\SOFTWARE\WOW6432Node\NVIDIA Corporation =>.nVidia Corporation HKLM\SOFTWARE\WOW6432Node\ODBC =>.DB Connectivity Solutions HKLM\SOFTWARE\WOW6432Node\Razer =>.Razer HKLM\SOFTWARE\WOW6432Node\re-logic =>.Re-Logic
HKLM\SOFTWARE\WOW6432Node\REvision
HKLM\SOFTWARE\WOW6432Node\Riot Games, Inc =>.Riot Games, Inc HKLM\SOFTWARE\WOW6432Node\SimonTatham =>.Simon Tatham HKLM\SOFTWARE\WOW6432Node\SpeedFan =>.Almico Software HKLM\SOFTWARE\WOW6432Node\Valve =>.Valve HKLM\SOFTWARE\WOW6432Node\VideoLAN =>.VideoLAN HKLM\SOFTWARE\WOW6432Node\WOW6432Node =>.Microsoft Corporation HKLM\SOFTWARE\WOW6432Node\X-AVCSD =>.Avira Software HKLM\SOFTWARE\WOW6432Node\RegisteredApplications =>.Microsoft Corporation HKCU\SOFTWARE\Adobe =>.Adobe HKCU\SOFTWARE\Adobe Lightroom =>.Adobe Inc. HKCU\SOFTWARE\Ankama =>.Ankama HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation HKCU\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc. HKCU\SOFTWARE\Apple Inc. =>.Apple Inc. HKCU\SOFTWARE\AvastAdSDK =>.Avast Software s.r.o HKCU\SOFTWARE\Avira =>.Avira HKCU\SOFTWARE\BleachBit =>.BleachBit HKCU\SOFTWARE\Blizzard Entertainment =>.Blizzard Entertainment HKCU\SOFTWARE\Chromium =>.Chromium
HKCU\SOFTWARE\Clever Endeavour Games
HKCU\SOFTWARE\Codeusa Software =>.Codeusa Software HKCU\SOFTWARE\Digiarty =>.Digiarty HKCU\SOFTWARE\Disc Soft =>.Disc Soft HKCU\SOFTWARE\Dodge Roll =>.Dodge Roll HKCU\SOFTWARE\Epic Games =>.Epic Games
HKCU\SOFTWARE\fayteq
HKCU\SOFTWARE\FLEXlm License Manager =>.FlexNet HKCU\SOFTWARE\FlippingBook =>.FlippingBook HKCU\SOFTWARE\Freemake =>.Freemake HKCU\SOFTWARE\FXHOME =>.FXhome HKCU\SOFTWARE\GenArts =>.GenArts HKCU\SOFTWARE\GOG.com =>.GOG.com HKCU\SOFTWARE\Google =>.Google HKCU\SOFTWARE\GrindingGearGames =>.Grinding Gear Games HKCU\SOFTWARE\Hobbyist Software =>.Hobbyist Software HKCU\SOFTWARE\Hunter Studio =>.Hunter Studio HKCU\SOFTWARE\IM Providers =>.IM Providers HKCU\SOFTWARE\Imagineer Systems Ltd =>.Imagineer Systems Ltd
HKCU\SOFTWARE\ImpactGameworks
HKCU\SOFTWARE\IronOak Games
HKCU\SOFTWARE\IvoSoft =>.IvoSoft HKCU\SOFTWARE\Logitech =>.Logitech HKCU\SOFTWARE\MediaTrans =>.MediaTrans HKCU\SOFTWARE\Mojang =>.Mojang HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\Muon
HKCU\SOFTWARE\Netscape =>.Netscape HKCU\SOFTWARE\NewBlue =>.NewBlue HKCU\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\PhapSoftware
HKCU\SOFTWARE\Piriform =>.Piriform
HKCU\SOFTWARE\Playsoft
HKCU\SOFTWARE\QtProject =>.QtProject HKCU\SOFTWARE\Realtek =>.Realtek Semiconductor Corp. HKCU\SOFTWARE\RedGiantSoftware =>.Red Giant Software LLC HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation HKCU\SOFTWARE\SaurikIT =>.SaurikIT, LLC HKCU\SOFTWARE\Seifert =>.Seifert Systems HKCU\SOFTWARE\SimonTatham =>.Simon Tatham HKCU\SOFTWARE\SpeedFan =>.Almico Software HKCU\SOFTWARE\Stunlock Studios =>.Stunlock Studios
HKCU\SOFTWARE\Supra Games
HKCU\SOFTWARE\Tihiy
HKCU\SOFTWARE\Trolltech =>.Trolltech HKCU\SOFTWARE\Unity =>.Unity HKCU\SOFTWARE\Valve =>.Valve
HKCU\SOFTWARE\Vicon
HKCU\SOFTWARE\WeirdBeard
HKCU\SOFTWARE\White Wizard Games
HKCU\SOFTWARE\WinRAR =>.WinRAR HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\WinterSpring Games
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation HKCU\SOFTWARE\ZebHelpProcess Helper =>.Nicolas Coolman HKCU\SOFTWARE\Zemana =>.Zemana HKCU\SOFTWARE\ZHP =>.Nicolas Coolman HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
—\ CONTENU DES DOSSIERS PROGRAMMES (307) - 15s
O43 - CFD: 24/04/2018 - [] AD – C:\Program Files\Adobe {05067D3A8DE1687600A7207D3FF99808} =>.Adobe O43 - CFD: 18/09/2017 - [] D – C:\Program Files\AMD =>.Advanced Micro Devices Inc.® O43 - CFD: 17/09/2017 - [] D – C:\Program Files\AutoHotkey =>.Chicony Multimedia O43 - CFD: 19/09/2017 - [] D – C:\Program Files\Avid {2624AE59466DFE3BA7CF56FC6C0963F8} =>.Avid O43 - CFD: 17/09/2017 - [] AD – C:\Program Files\Bonjour =>.Apple Inc.
O43 - CFD: 17/09/2017 - [] AD – C:\Program Files\Boris FX, Inc
O43 - CFD: 26/04/2018 - [] D – C:\Program Files\CCleaner =>.Piriform Ltd O43 - CFD: 17/09/2017 - [] D – C:\Program Files\Classic Shell =>.Ivo Beltchev O43 - CFD: 17/09/2017 - [] D – C:\Program Files\DAEMON Tools Pro =>.The DAEMON Team
O43 - CFD: 17/09/2017 - [] D – C:\Program Files\fayteq
O43 - CFD: 17/09/2017 - [] D – C:\Program Files\GenArts =>.GenArts O43 - CFD: 17/09/2017 - [] D – C:\Program Files\HandBrake =>.Handbrake
O43 - CFD: 22/09/2017 - [] AD – C:\Program Files\ImageGlass
O43 - CFD: 18/09/2017 - [] D – C:\Program Files\Imagineer Systems Ltd
O43 - CFD: 17/09/2017 - [] D – C:\Program Files\iPod =>.Apple Inc.® O43 - CFD: 17/09/2017 - [] AD – C:\Program Files\iTunes =>.Apple Inc.
O43 - CFD: 25/11/2017 - [] D – C:\Program Files\mmpicker
O43 - CFD: 02/05/2018 - [] AD – C:\Program Files\Mozilla Firefox =>.Mozilla
O43 - CFD: 03/10/2017 - [] AD – C:\Program Files\NewBlueFX
O43 - CFD: 08/05/2018 - [] D – C:\Program Files\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 25/04/2018 - [] D – C:\Program Files\Parsec {0F0CC3A57EF947E7D23CF075B8B4BA5D}
O43 - CFD: 17/09/2017 - [] AD – C:\Program Files\PuTTY =>.Simon Tatham® O43 - CFD: 23/11/2017 - [] D – C:\Program Files\Realtek =>.Realtek O43 - CFD: 19/09/2017 - [] D – C:\Program Files\Red Giant =>.Adobe Systems Incorporated® O43 - CFD: 17/09/2017 - [] D – C:\Program Files\REVisionEffects =>.RE Vision Effects, Inc.®
O43 - CFD: 02/05/2018 - [] D – C:\Program Files\ShareX
O43 - CFD: 18/03/2018 - [] AD – C:\Program Files\TeamSpeak 3 Client =>.TeamSpeak O43 - CFD: 17/09/2017 - [] D – C:\Program Files\Unlocker =>.Cedrick Collomb O43 - CFD: 17/09/2017 - [] AD – C:\Program Files\WinRAR =>.win.rar GmbH® O43 - CFD: 12/05/2018 - [] D – C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated® O43 - CFD: 17/09/2017 - [] AD – C:\Program Files (x86)\Apple Software Update =>.Apple Inc. O43 - CFD: 17/09/2017 - [] D – C:\Program Files (x86)\Avira =>.Avira Software O43 - CFD: 18/09/2017 - [] D – C:\Program Files (x86)\BleachBit =>.Andrew Ziem® O43 - CFD: 13/05/2018 - [] AD – C:\Program Files (x86)\Blizzard App =>.Blizzard Entertainment, Inc.® O43 - CFD: 05/12/2017 - [] AD – C:\Program Files (x86)\BlueStacks =>.BlueStack Systems, Inc. O43 - CFD: 17/09/2017 - [] AD – C:\Program Files (x86)\Bonjour =>.Apple Inc. O43 - CFD: 19/10/2017 - [] D – C:\Program Files (x86)\Digiarty =>.Digiarty, Inc.® O43 - CFD: 10/03/2018 - [] D – C:\Program Files (x86)\EasyAntiCheat =>.EasyAntiCheat
O43 - CFD: 04/10/2017 - [] D – C:\Program Files (x86)\Elephorm applications
O43 - CFD: 29/03/2018 - [] D – C:\Program Files (x86)\FlippingBook {08385578821DA77EEA1703484E369B19} =>.FlippingBook O43 - CFD: 08/05/2018 - [] D – C:\Program Files (x86)\Free Window Registry Repair =>.RegSofts Software O43 - CFD: 17/09/2017 - [] D – C:\Program Files (x86)\Google =>.Google Inc® O43 - CFD: 26/12/2017 - [] D – C:\Program Files (x86)\Grinding Gear Games =>.Grinding Gear Games Limited® O43 - CFD: 22/02/2018 - [] AD – C:\Program Files (x86)\Heroes of the Storm =>.Games Software O43 - CFD: 24/09/2017 - [] HD – C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield O43 - CFD: 19/09/2017 - [] D – C:\Program Files (x86)\LooksBuilder =>.Red Giant Software LLC O43 - CFD: 22/03/2018 - [] D – C:\Program Files (x86)\ManiaPlanet =>.Nadeo O43 - CFD: 07/05/2018 - [] D – C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla O43 - CFD: 17/09/2017 - [] D – C:\Program Files (x86)\Notepad++ =>.Don Ho O43 - CFD: 08/05/2018 - [] D – C:\Program Files (x86)\NVIDIA Corporation =>.nVidia Corporation O43 - CFD: 23/03/2018 - [] AD – C:\Program Files (x86)\Overwatch =>.Blizzard Entertainment
O43 - CFD: 17/09/2017 - [] D – C:\Program Files (x86)\PKGInstaller
O43 - CFD: 27/09/2017 - [] AD – C:\Program Files (x86)\PuTTY =>.Simon Tatham® O43 - CFD: 17/09/2017 - [] AD – C:\Program Files (x86)\Razer =>.Razer USA Ltd.® O43 - CFD: 19/09/2017 - [] AD – C:\Program Files (x86)\Red Giant =>.Red Giant
O43 - CFD: 19/09/2017 - [] AD – C:\Program Files (x86)\Red Giant Link
O43 - CFD: 17/09/2017 - [] D – C:\Program Files (x86)\REVisionEffects
O43 - CFD: 07/02/2018 - [] D – C:\Program Files (x86)\SpeedFan =>.Almico Software O43 - CFD: 15/05/2018 - [] D – C:\Program Files (x86)\Steam =>.Steam Games
O43 - CFD: 19/09/2017 - [] AD – C:\Program Files (x86)\Vicon
O43 - CFD: 17/09/2017 - [] D – C:\Program Files (x86)\VideoLAN =>.VideoLan Team O43 - CFD: 12/05/2018 - [] D – C:\Program Files (x86)\VulkanRT =>.LunarG, Inc O43 - CFD: 17/09/2017 - [] AD – C:\Program Files (x86)\Warcraft III =>.Games Software O43 - CFD: 07/10/2017 - [] D – C:\Program Files (x86)\WinDirStat =>.Seifert Systems
O43 - CFD: 17/09/2017 - [] D – C:\Program Files (x86)\XPE Windows 10 DPI Fix
O43 - CFD: 14/05/2018 - [] D – C:\Program Files (x86)\Zemana AntiMalware =>.Zemana O43 - CFD: 15/05/2018 - [] D – C:\Program Files (x86)\ZHPFix =>.Nicolas Coolman O43 - CFD: 14/02/2018 - [] RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 26/04/2018 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aescripts
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey =>.Chicony Multimedia O43 - CFD: 09/05/2018 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira =>.Avira Software
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blizzard App
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boris Continuum Complete AE 10
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fayteq
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire AE
O43 - CFD: 26/12/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games =>.Grinding Gear Games O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm =>.Games Software
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageGlass
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes =>.Apple Inc. O43 - CFD: 22/03/2018 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManiaPlanet =>.Nadeo
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mocha Pro V5
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ =>.Don Ho O43 - CFD: 12/05/2018 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation =>.nVidia Corporation O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch =>.Blizzard Entertainment
O43 - CFD: 08/12/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Path of Building
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer =>.Razer O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant =>.Red Giant
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReelSmart Motion Blur 4, After Effects-compatible plugin set
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REVisionEffects
O43 - CFD: 02/05/2018 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShareX
O43 - CFD: 24/04/2018 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sid Meiers Civilization VI Rise and Fall
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam =>.Steam Games
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vicon
O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.VideoLan Team O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III =>.Games Software O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR O43 - CFD: 14/05/2018 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware =>.Zemana O43 - CFD: 15/05/2018 - [] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman O43 - CFD: 02/12/2017 - [] D – C:\ProgramData.mono =>.Legitimate O43 - CFD: 24/04/2018 - [] D – C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 26/04/2018 - [] D – C:\ProgramData\aescripts
O43 - CFD: 17/09/2017 - [] D – C:\ProgramData\Apple =>.Apple Inc. O43 - CFD: 17/09/2017 - [] D – C:\ProgramData\Apple Computer =>.Apple Inc. O43 - CFD: 17/09/2017 - [] D – C:\ProgramData\Avira =>.Avira Software O43 - CFD: 17/09/2017 - [] D – C:\ProgramData\Battle.net =>.Games Software O43 - CFD: 28/10/2017 - [] D – C:\ProgramData\Blizzard Entertainment =>.Blizzard Entertainment O43 - CFD: 30/11/2017 - [] D – C:\ProgramData\BlueStacks =>.BlueStack Systems, Inc. O43 - CFD: 30/11/2017 - [0] D – C:\ProgramData\BlueStacksSetup =>.BlueStack Systems, Inc. O43 - CFD: 17/09/2017 - [] D – C:\ProgramData\DAEMON Tools Pro =>.The DAEMON Team O43 - CFD: 06/05/2018 - [] D – C:\ProgramData\Epic =>.Epic O43 - CFD: 17/09/2017 - [] D – C:\ProgramData\Freemake =>.Freemake O43 - CFD: 02/05/2018 - [] D – C:\ProgramData\FXHOME =>.FXhome O43 - CFD: 27/03/2018 - [] D – C:\ProgramData\GenArts =>.GenArts O43 - CFD: 14/02/2018 - [] D – C:\ProgramData\GOG.com =>.GOG.com O43 - CFD: 17/09/2017 - [0] D – C:\ProgramData\goodasnew =>.Goodasnew
O43 - CFD: 18/09/2017 - [] D – C:\ProgramData\Imagineer Systems Ltd
O43 - CFD: 09/02/2018 - [] D – C:\ProgramData\Kinoni =>.Kinoni O43 - CFD: 22/03/2018 - [] D – C:\ProgramData\ManiaPlanet =>.Nadeo O43 - CFD: 14/05/2018 - [] D – C:\ProgramData\NVIDIA =>.nVidia Corporation O43 - CFD: 12/05/2018 - [] D – C:\ProgramData\NVIDIA Corporation =>.nVidia Corporation O43 - CFD: 08/12/2017 - [] D – C:\ProgramData\Oracle =>.Oracle
O43 - CFD: 08/12/2017 - [] D – C:\ProgramData\Path of Building
O43 - CFD: 17/09/2017 - [] D – C:\ProgramData\Razer =>.Razer O43 - CFD: 17/09/2017 - [] D – C:\ProgramData\Red Giant =>.Red Giant O43 - CFD: 17/09/2017 - [] D – C:\ProgramData\RedGiant =>.Red Giant Software LLC O43 - CFD: 23/11/2017 - [] D – C:\ProgramData\regid.1986-12.com.adobe =>.Adobe Inc. O43 - CFD: 30/09/2017 - [] AD – C:\ProgramData\Reprise =>.Unknown
O43 - CFD: 17/09/2017 - [] D – C:\ProgramData\REVisionEffects
O43 - CFD: 19/09/2017 - [0] D – C:\ProgramData\rgt
O43 - CFD: 20/01/2018 - [] D – C:\ProgramData\Riot Games =>.Riot Games O43 - CFD: 15/05/2018 - [] D – C:\ProgramData\RogueKiller =>.Adlice Software
O43 - CFD: 01/10/2017 - [] D – C:\ProgramData\RWBYTE
O43 - CFD: 19/09/2017 - [] D – C:\ProgramData\SafeNet Sentinel =>.SafeNet
O43 - CFD: 25/10/2017 - [] D – C:\ProgramData\VideoCopilot
O43 - CFD: 12/05/2018 - [] HDC – C:\ProgramData~0 O43 - CFD: 26/04/2018 - [] AD – C:\Program Files (x86)\Common Files\Adobe =>.Adobe O43 - CFD: 02/10/2017 - [] AD – C:\Program Files (x86)\Common Files\Adobe AIR =>.Adobe Inc. O43 - CFD: 17/09/2017 - [] D – C:\Program Files (x86)\Common Files\Apple =>.Apple Inc. O43 - CFD: 15/05/2018 - [] D – C:\Program Files (x86)\Common Files\BattlEye =>.BattlEye O43 - CFD: 29/03/2018 - [] D – C:\Program Files (x86)\Common Files\DESIGNER =>.Designer O43 - CFD: 24/09/2017 - [] D – C:\Program Files (x86)\Common Files\InstallShield =>.InstallShield O43 - CFD: 17/09/2017 - [] D – C:\Program Files (x86)\Common Files\Intel =>.Intel Corporation O43 - CFD: 17/09/2017 - [] D – C:\Program Files (x86)\Common Files\Razer =>.Razer O43 - CFD: 06/04/2018 - [] D – C:\Program Files (x86)\Common Files\Steam =>.Steam Games O43 - CFD: 02/12/2017 - [] D – C:\Users\GUI\AppData\Roaming.mono =>.Legitimate O43 - CFD: 08/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 26/04/2018 - [] D – C:\Users\GUI\AppData\Roaming\aescripts
O43 - CFD: 21/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\AnkamaCertificates =>.Ankama O43 - CFD: 21/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\app =>.Ankama O43 - CFD: 25/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Apple Computer =>.Apple Inc. O43 - CFD: 11/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\audacity =>.Audacity O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Avira =>.Avira Software O43 - CFD: 04/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\Battle.net =>.Games Software
O43 - CFD: 15/03/2018 - [] D – C:\Users\GUI\AppData\Roaming\Battlerite
O43 - CFD: 18/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\BleachBit =>.BleachBit
O43 - CFD: 21/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\BorisFX
O43 - CFD: 16/04/2018 - [] D – C:\Users\GUI\AppData\Roaming\brave
O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\ClassicShell =>.SourceForge O43 - CFD: 28/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Codeusa Software =>.Codeusa Software O43 - CFD: 08/05/2018 - [0] D – C:\Users\GUI\AppData\Roaming\DAEMON Tools Pro =>.The DAEMON Team
O43 - CFD: 19/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\DearMob
O43 - CFD: 23/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\Digiarty =>.Digiarty O43 - CFD: 09/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\discord =>.GitHub O43 - CFD: 23/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\Dofus =>.Ankama O43 - CFD: 23/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\Dofus-2 =>.Ankama O43 - CFD: 17/03/2018 - [] D – C:\Users\GUI\AppData\Roaming\EasyAntiCheat =>.EasyAntiCheat
O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\ElephormDVDPlayer
O43 - CFD: 17/03/2018 - [] D – C:\Users\GUI\AppData\Roaming\Fatshark =>.Fatshark O43 - CFD: 25/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\FileZilla =>.FileZilla O43 - CFD: 24/04/2018 - [] D – C:\Users\GUI\AppData\Roaming\FiraxisLive =>.Firaxis O43 - CFD: 29/03/2018 - [] D – C:\Users\GUI\AppData\Roaming\FlippingBook =>.FlippingBook O43 - CFD: 08/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\Free Window Registry Repair =>.RegSofts Software
O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\GCCS
O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Google =>.Google
O43 - CFD: 09/02/2018 - [0] D – C:\Users\GUI\AppData\Roaming\Google.Apis.Auth
O43 - CFD: 03/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\HandBrake =>.Handbrake O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\HandBrake Team =>.HandBrake Team O43 - CFD: 11/02/2018 - [] D – C:\Users\GUI\AppData\Roaming\Hobbyist Software =>.Hobbyist Software
O43 - CFD: 19/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Imagineer Systems Ltd
O43 - CFD: 22/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\inkscape =>.inkscape.org O43 - CFD: 03/12/2017 - [] D – C:\Users\GUI\AppData\Roaming\LOVE =>.Unknown O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Macromedia =>.Macromedia O43 - CFD: 19/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\MAXON =>.Maxon O43 - CFD: 10/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\Molotov =>.Molotov O43 - CFD: 20/11/2017 - [] D – C:\Users\GUI\AppData\Roaming\Mozilla =>.Mozilla Corporation O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Notepad++ =>.Don Ho O43 - CFD: 10/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\NVIDIA =>.nVidia Corporation
O43 - CFD: 08/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\Parsec
O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Red Giant =>.Red Giant
O43 - CFD: 21/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\Reg
O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Skype =>.Skype
O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Skype_old
O43 - CFD: 14/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\Teeworlds =>.Teeworlds
O43 - CFD: 22/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\Thomas Kovar
O43 - CFD: 29/04/2018 - [] D – C:\Users\GUI\AppData\Roaming\TS3Client =>.TeamSpeak O43 - CFD: 17/02/2018 - [] D – C:\Users\GUI\AppData\Roaming\Tunngle =>.Tunngle.net
O43 - CFD: 24/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\uMod
O43 - CFD: 13/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\vlc =>.VideoLan Team O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Roaming\WinRAR =>.WinRAR O43 - CFD: 15/05/2018 - [] D – C:\Users\GUI\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 28/10/2017 - [] D – C:\Users\GUI\AppData\Roaming\ZXPInstaller
O43 - CFD: 23/12/2017 - [] D – C:\Users\GUI\AppData\Local\acquisition
O43 - CFD: 13/05/2018 - [] D – C:\Users\GUI\AppData\Local\Adobe =>.Adobe O43 - CFD: 21/10/2017 - [] D – C:\Users\GUI\AppData\Local\Ankama =>.Ankama O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\Apple =>.Apple Inc. O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\Apple Computer =>.Apple Inc. O43 - CFD: 25/09/2017 - [] D – C:\Users\GUI\AppData\Local\Audacity =>.Audacity O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\Avira =>.Avira Software O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\AviraSpeedup =>.Avira Software O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\Avira_Operations_Gmbh&C =>.Avira Software O43 - CFD: 13/05/2018 - [] D – C:\Users\GUI\AppData\Local\Battle.net =>.Games Software O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\Blizzard =>.Blizzard O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\Blizzard Entertainment =>.Blizzard Entertainment O43 - CFD: 30/11/2017 - [] D – C:\Users\GUI\AppData\Local\Bluestacks =>.BlueStack Systems, Inc.
O43 - CFD: 21/09/2017 - [] D – C:\Users\GUI\AppData\Local\BorisFX
O43 - CFD: 16/04/2018 - [] D – C:\Users\GUI\AppData\Local\Brave
O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\CEF =>.CEF O43 - CFD: 14/05/2018 - [] D – C:\Users\GUI\AppData\Local\ClassicShell =>.SourceForge
O43 - CFD: 29/09/2017 - [] D – C:\Users\GUI\AppData\Local\CrashReportClient
O43 - CFD: 14/10/2017 - [] D – C:\Users\GUI\AppData\Local\CrashRpt
O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\DBG =>.DBG O43 - CFD: 01/05/2018 - [] D – C:\Users\GUI\AppData\Local\Discord =>.GitHub
O43 - CFD: 24/09/2017 - [] D – C:\Users\GUI\AppData\Local\DLLInjector
O43 - CFD: 25/09/2017 - [] D – C:\Users\GUI\AppData\Local\EpicGamesLauncher =>.Epic Games
O43 - CFD: 29/03/2018 - [] D – C:\Users\GUI\AppData\Local\FlippingBook_Limited
O43 - CFD: 22/09/2017 - [] D – C:\Users\GUI\AppData\Local\fontconfig =>.Portable Apps
O43 - CFD: 26/09/2017 - [] D – C:\Users\GUI\AppData\Local\FortniteGame
O43 - CFD: 31/03/2018 - [] D – C:\Users\GUI\AppData\Local\GNE
O43 - CFD: 14/01/2018 - [] D – C:\Users\GUI\AppData\Local\Google =>.Google
O43 - CFD: 28/04/2018 - [] D – C:\Users\GUI\AppData\Local\Hero_Siege
O43 - CFD: 29/03/2018 - [] D – C:\Users\GUI\AppData\Local\III
O43 - CFD: 18/09/2017 - [] D – C:\Users\GUI\AppData\Local\Imagineer Systems Ltd
O43 - CFD: 31/10/2017 - [] D – C:\Users\GUI\AppData\Local\LooksBuilder =>.Red Giant Software LLC O43 - CFD: 04/02/2018 - [] D – C:\Users\GUI\AppData\Local\Mega Limited =>.MEGA Limited
O43 - CFD: 08/12/2017 - [] D – C:\Users\GUI\AppData\Local\MercuryTrade
O43 - CFD: 26/04/2018 - [] D – C:\Users\GUI\AppData\Local\Molotov =>.Molotov O43 - CFD: 21/09/2017 - [] D – C:\Users\GUI\AppData\Local\Mozilla =>.Mozilla Corporation O43 - CFD: 17/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Notepad++ =>.Don Ho O43 - CFD: 12/05/2018 - [] D – C:\Users\GUI\AppData\Local\NVIDIA =>.nVidia Corporation O43 - CFD: 12/05/2018 - [] D – C:\Users\GUI\AppData\Local\NVIDIA Corporation =>.nVidia Corporation O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\Razer =>.Razer O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\Recovery =>.Recovery Labs O43 - CFD: 26/04/2018 - [] D – C:\Users\GUI\AppData\Local\Red Giant =>.Red Giant O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\RzStats =>.Razer Inc O43 - CFD: 26/04/2018 - [] D – C:\Users\GUI\AppData\Local\SquirrelTemp =>.Squirrels O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\Local\Steam =>.Steam Games
O43 - CFD: 30/10/2017 - [] D – C:\Users\GUI\AppData\Local\Supra Games
O43 - CFD: 21/09/2017 - [0] D – C:\Users\GUI\AppData\Local\Tempzxpsigne360c0d33fad c993
O43 - CFD: 24/04/2018 - [] D – C:\Users\GUI\AppData\Local\The_Swords_of_Ditto =>.Scott Brogden O43 - CFD: 16/02/2018 - [] D – C:\Users\GUI\AppData\Local\UnrealEngine =>.Unreal Software O43 - CFD: 25/09/2017 - [] D – C:\Users\GUI\AppData\Local\UnrealEngineLauncher =>.Unreal Software
O43 - CFD: 28/09/2017 - [] D – C:\Users\GUI\AppData\Local\VT_Software
O43 - CFD: 14/05/2018 - [] D – C:\Users\GUI\AppData\Local\Zemana =>.Zemana O43 - CFD: 14/05/2018 - [] D – C:\Users\GUI\AppData\Local\ZHP =>.Nicolas Coolman O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\LocalLow\Adobe =>.Adobe O43 - CFD: 29/09/2017 - [] D – C:\Users\GUI\AppData\LocalLow\Ankama =>.Ankama O43 - CFD: 18/09/2017 - [] D – C:\Users\GUI\AppData\LocalLow\Apple Computer =>.Apple Inc.
O43 - CFD: 12/11/2017 - [] D – C:\Users\GUI\AppData\LocalLow\Clever Endeavour Games
O43 - CFD: 17/11/2017 - [] D – C:\Users\GUI\AppData\LocalLow\Dodge Roll
O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\LocalLow\Hunter Studio
O43 - CFD: 14/02/2018 - [] D – C:\Users\GUI\AppData\LocalLow\ImpactGameworks
O43 - CFD: 04/02/2018 - [] D – C:\Users\GUI\AppData\LocalLow\IronOak Games
O43 - CFD: 14/05/2018 - [0] D – C:\Users\GUI\AppData\LocalLow\Mozilla =>.Mozilla Corporation
O43 - CFD: 02/12/2017 - [] D – C:\Users\GUI\AppData\LocalLow\Playsoft
O43 - CFD: 17/09/2017 - [] D – C:\Users\GUI\AppData\LocalLow\Team 17 Digital ltd
O43 - CFD: 17/11/2017 - D – C:\Users\GUI\AppData\LocalLow\WeirdBeard
O43 - CFD: 02/03/2018 - D – C:\Users\GUI\AppData\LocalLow\White Wizard Games
O43 - CFD: 15/05/2018 - D – C:\Users\GUI\Desktop\ARAWAK
O43 - CFD: 08/05/2018 - D – C:\Users\GUI\Desktop\backup =>.Symantec
O43 - CFD: 24/04/2018 - D – C:\Users\GUI\Desktop\Civ6
O43 - CFD: 30/03/2018 - D – C:\Users\GUI\Desktop\DDNet-10.8.6-win64
O43 - CFD: 25/04/2018 - D – C:\Users\GUI\Desktop\DDNet-11.1.4-win64
O43 - CFD: 13/05/2018 - D – C:\Users\GUI\Desktop\indesign
O43 - CFD: 08/05/2018 - D – C:\Users\GUI\Desktop\Jeux =>.Games Software
O43 - CFD: 10/05/2018 - D – C:\Users\GUI\Desktop\macro
O43 - CFD: 08/05/2018 - D – C:\Users\GUI\Desktop\music
O43 - CFD: 24/04/2018 - D – C:\Users\GUI\Desktop\Northgard
O43 - CFD: 08/05/2018 - D – C:\Users\GUI\Desktop\pickup
O43 - CFD: 22/04/2018 - D – C:\Users\GUI\Desktop\PPT TUTO
O43 - CFD: 14/05/2018 - D – C:\Users\GUI\Desktop\projet
O43 - CFD: 08/05/2018 - D – C:\Users\GUI\Desktop\Rocket League Mods
O43 - CFD: 08/05/2018 - D – C:\Users\GUI\Desktop\school
O43 - CFD: 08/05/2018 - D – C:\Users\GUI\Desktop\Series
O43 - CFD: 24/04/2018 - D – C:\Users\GUI\Desktop\terraria
O43 - CFD: 28/03/2018 - D – C:\Users\GUI\Desktop\tete
O43 - CFD: 08/05/2018 - D – C:\Users\GUI\Desktop\Tools
O43 - CFD: 08/05/2018 - D – C:\Users\GUI\Desktop\tw
O43 - CFD: 25/05/2017 - D – C:\Users\GUI\Desktop\ZHPFix =>.Nicolas Coolman O43 - CFD: 09/05/2018 - RD – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Administrative Tools =>.Administrative Tools O43 - CFD: 23/11/2017 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\AMD =>.AMD O43 - CFD: 23/11/2017 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\BleachBit =>.BleachBit
O43 - CFD: 16/04/2018 - [0] D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Brave Software
O43 - CFD: 23/11/2017 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Digiarty =>.Digiarty O43 - CFD: 01/05/2018 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Discord Inc =>.Discord Inc O43 - CFD: 08/05/2018 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Free Window Registry Repair =>.RegSofts Software O43 - CFD: 23/11/2017 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\HandBrake =>.Handbrake O43 - CFD: 26/04/2018 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Molotov =>.Molotov
O43 - CFD: 25/04/2018 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Parsec
O43 - CFD: 23/11/2017 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Unlocker =>.Cedrick Collomb
O43 - CFD: 08/10/2017 - [0] D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Warkeys
O43 - CFD: 23/11/2017 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\WinDirStat =>.Seifert Systems O43 - CFD: 23/11/2017 - D – C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\WinRAR =>.WinRAR O43 - CFD: 23/11/2017 - – C:\WINDOWS\System32\Config\systemprofile\AppData\L ocal\Razer =>.Razer O43 - CFD: 14/05/2018 - – C:\WINDOWS\System32\Config\systemprofile\AppData\L ocal\Zemana =>.Zemana O43 - CFD: 14/03/2018 - – C:\WINDOWS\System32\Config\systemprofile\AppData\R oaming\Macromedia =>.Macromedia
—\ ShellIconOverlayIdentifiers (SIOI) (5) - 0s
O106 - SIOI: [ AccExtIco1] - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}. (. - Core Sync.) – C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated® O106 - SIOI: [ AccExtIco2] - {853B7E05-C47D-4985-909A-D0DC5C6D7303}. (. - Core Sync.) – C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated® O106 - SIOI: [ AccExtIco3] - {42D38F2E-98E9-4382-B546-E24E4D6D04BB}. (. - Core Sync.) – C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated® O106 - SIOI: [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) – C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation O106 - SIOI: ShareOverlay Class [ShareOverlay] - {594D4122-1F87-41E2-96C7-825FB4796516}. (.IvoSoft - Adds classic Windows Explorer features.) – C:\Program Files\Classic Shell\ClassicExplorer64.dll =>.Ivaylo Beltchev®
—\ RACCOURCIS DES MENUS CONCEPTUELS (SCMH) (34) - 1s
O108 - CMH1: 2.0 Zemana AntiMalware [64Bits] - {6ABB1C11-E261-4CEA-BBB5-3836225689DD} . (…) – C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll =>.Zemana Ltd.® O108 - CMH1: AccExt [64Bits] - {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} . (. - Core Sync.) – C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated® O108 - CMH1: Adobe.Acrobat.ContextMenu [64Bits] - {A6595CD1-BF77-430A-A452-18696685F7C7} . (.Adobe Systems Inc. - Adobe Acrobat Context Menu.) – C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll =>.Adobe Systems, Incorporated® O108 - CMH1: ANotepad++64 [64Bits] - {B298D29A-A6ED-11DE-BA8C-A68E55D89593} . (. - ShellHandler for Notepad++ (64 bit).) – C:\Program Files (x86)\Notepad++\NppShell_06.dll =>.Notepad++® O108 - CMH1: ModernSharing [64Bits] - {e2bf9676-5f8f-435c-97eb-11607a5bedf7} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation O108 - CMH1: Open With [64Bits] - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - DLL commune du shell Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH1: Open With EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - DLL commune du shell Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH1: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation O108 - CMH1: Shell Extension for Malware scanning [64Bits] - {45AC2688-0253-4ED8-97DE-B5370FA7D48A} . (.Avira Operations GmbH & Co. KG - AntiVirus context menu.) – C:\Program Files (x86)\Avira\Antivirus\shlext64.dll =>.Avira Operations GmbH & Co. KG® O108 - CMH1: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) – C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH® O108 - CMH1: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Extension d’environnement de Dossiers de tr.) – C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation O108 - CMH2: NvAppShExt [64Bits] - {A929C4CE-FD36-4270-B4F5-34ECAC5BD63C} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) – C:\WINDOWS\system32\nv3dappshext.dll =>.NVIDIA Corporation O108 - CMH2: OpenContainingFolderMenu [64Bits] - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - DLL commune du shell Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH2: OpenGLShExt [64Bits] - {E97DEC16-A50D-49bb-AE24-CF682282E08D} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) – C:\WINDOWS\system32\nv3dappshext.dll =>.NVIDIA Corporation O108 - CMH2: StartMenuExt [64Bits] - {E595F05F-903F-4318-8B0A-7F633B520D2B} . (.IvoSoft - Start Menu Helper Extension.) – C:\Windows\system32\StartMenuHelper64.dll =>.IvoSoft O108 - CMH3: CopyAsPathMenu [64Bits] - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - DLL commune du shell Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH3: SendTo [64Bits] - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - DLL commune du shell Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH4: EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - DLL commune du shell Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH4: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation O108 - CMH4: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Extension d’environnement de Dossiers de tr.) – C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation O108 - CMH5: New [64Bits] - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - DLL commune du shell Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH5: NvCplDesktopContext [64Bits] - {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} . (.NVIDIA Corporation - NVIDIA Display Shell Extension.) – C:\WINDOWS\System32\nvshext.dll =>.NVIDIA Corporation O108 - CMH5: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation O108 - CMH5: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Extension d’environnement de Dossiers de tr.) – C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation O108 - CMH6: 2.0 Zemana AntiMalware [64Bits] - {6ABB1C11-E261-4CEA-BBB5-3836225689DD} . (…) – C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll =>.Zemana Ltd.® O108 - CMH6: AccExt [64Bits] - {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} . (. - Core Sync.) – C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll =>.Adobe Systems Incorporated® O108 - CMH6: Adobe.Acrobat.ContextMenu [64Bits] - {A6595CD1-BF77-430A-A452-18696685F7C7} . (.Adobe Systems Inc. - Adobe Acrobat Context Menu.) – C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll =>.Adobe Systems, Incorporated® O108 - CMH6: Library Location [64Bits] - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - DLL commune du shell Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows® O108 - CMH6: PintoStartScreen [64Bits] - {470C0EBD-5D73-4d58-9CED-E91E22E23282} . (.Microsoft Corporation - Programme de résolution d’applications.) – C:\Windows\System32\appresolver.dll =>.Microsoft Windows® O108 - CMH6: Shell Extension for Malware scanning [64Bits] - {45AC2688-0253-4ED8-97DE-B5370FA7D48A} . (.Avira Operations GmbH & Co. KG - AntiVirus context menu.) – C:\Program Files (x86)\Avira\Antivirus\shlext64.dll =>.Avira Operations GmbH & Co. KG® O108 - CMH6: StartMenuExt [64Bits] - {E595F05F-903F-4318-8B0A-7F633B520D2B} . (.IvoSoft - Start Menu Helper Extension.) – C:\Windows\system32\StartMenuHelper64.dll =>.IvoSoft O108 - CMH6: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) – C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH® O108 - CMH7: EnhancedStorageShell [64Bits] - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) – C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation O108 - CMH7: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
—\ IMAGE FILE EXECUTION OPTIONS (IFEO) (18) - 0s
O50 - IFEO:C:\Windows\System32\cscript.exe - (.Microsoft Corporation - Microsoft ® Console Based Script Host.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\dllhost.exe - (.Microsoft Corporation - COM Surrogate.) [DisableExceptionChainValidation\3] =>.Microsoft Windows® O50 - IFEO:C:\WINDOWS\System32\drvinst.exe - (.Microsoft Corporation - Module d’installation de pilotes.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation O50 - IFEO:C:\WINDOWS\System32\ie4uinit.exe - (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Expl.) [MitigationOptions\256] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) [MitigationOptions\256] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\mmc.exe - (.Microsoft Corporation - Microsoft Management Console.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation O50 - IFEO:C:\WINDOWS\System32\MRT.exe - (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) [CFGOptions\1] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\256] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Hôte des applications HTML de Microsoft(R).) [MitigationOptions\256] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\1118481] =>.Microsoft Corporation O50 - IFEO:C:\WINDOWS\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\2097152] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\rundll32.exe - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) [DisableExceptionChainValidation\3] =>.Microsoft Corporation O50 - IFEO:C:\WINDOWS\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\4294967296] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\searchprotocolhost.exe - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Application sous-système spouleur.) [MitigationOptions\2097152] =>.Microsoft Corporation O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Processus hôte pour les services Windows.) [MinimumStackCommitInBytes\32768] =>.Microsoft Windows Publisher® O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Processus hôte pour les services Windows.) [MitigationAuditOptions\17660905521152] =>.Microsoft Windows Publisher® O50 - IFEO:C:\Windows\System32\wscript.exe - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) [DisableExceptionChainValidation\3] =>.Microsoft Corporation
—\ LISTE DES PILOTES DU SYSTÈME (75) - 4s
O58 - SDL:2017/09/29 15:41:02 A . (.LSI - LSI 3ware SCSI Storport Driver.) – C:\WINDOWS\System32\drivers\3ware.sys [107416] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) – C:\WINDOWS\System32\drivers\adp80xx.sys [1135512] =>.Microsoft Windows® O58 - SDL:2017/03/01 23:50:06 A . (.Advanced Micro Devices, Inc - AMD GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\amdgpio2.sys [43400] =>.Advanced Micro Devices Inc.® O58 - SDL:2017/08/29 06:22:52 A . (.Advanced Micro Devices, Inc - AMD GPIO Driver.) – C:\WINDOWS\System32\drivers\amdgpio3.sys [33144] {610AF5D800060000004C} =>.Advanced Micro Devices, Inc O58 - SDL:2017/06/16 10:48:52 A . (.Advanced Micro Devices, Inc. - amdkmcsp sys.) – C:\WINDOWS\System32\drivers\amdkmcsp.sys [101232] =>.Advanced Micro Devices Inc.® O58 - SDL:2017/10/10 04:42:10 A . (.Advanced Micro Devices - AMD PCI Device driver.) – C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31112] =>.Advanced Micro Devices Inc.® O58 - SDL:2017/06/16 10:48:56 A . (.Advanced Micro Devices, Inc. - amdpsp sys.) – C:\WINDOWS\System32\drivers\amdpsp.sys [243048] =>.Advanced Micro Devices Inc.® O58 - SDL:2017/09/29 15:41:02 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) – C:\WINDOWS\System32\drivers\amdsata.sys [83352] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) – C:\WINDOWS\System32\drivers\amdsbs.sys [258592] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Advanced Micro Devices - Storage Filter Driver.) – C:\WINDOWS\System32\drivers\amdxata.sys [27032] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) – C:\WINDOWS\System32\drivers\arcsas.sys [131992] =>.Microsoft Windows® O58 - SDL:2017/08/21 12:26:38 A . (.Avira Operations GmbH & Co. KG - Avira USB Feature Driver.) – C:\WINDOWS\System32\drivers\avdevprot.sys [60920] =>.Avira Operations GmbH & Co. KG® O58 - SDL:2018/05/09 08:41:54 A . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) – C:\WINDOWS\System32\drivers\avgntflt.sys [179376] =>.Avira Operations GmbH & Co. KG® O58 - SDL:2018/05/09 08:41:54 A . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) – C:\WINDOWS\System32\drivers\avipbb.sys [169864] =>.Avira Operations GmbH & Co. KG® O58 - SDL:2017/08/21 12:26:37 A . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) – C:\WINDOWS\System32\drivers\avkmgr.sys [44488] =>.Avira Operations GmbH & Co. KG® O58 - SDL:2017/08/21 12:26:38 A . (.Avira Operations GmbH & Co. KG - Avira WFP Network Driver.) – C:\WINDOWS\System32\drivers\avnetflt.sys [88488] =>.Avira Operations GmbH & Co. KG® O58 - SDL:2017/08/21 12:26:38 A . (.Avira Operations GmbH & Co. KG - Avira USB Filter Driver.) – C:\WINDOWS\System32\drivers\avusbflt.sys [38048] =>.Avira Operations GmbH & Co. KG® O58 - SDL:2017/09/29 15:41:02 A . (. - BCM Function 2 Device Driver.) – C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Broadcom Corporation O58 - SDL:2017/09/29 15:41:01 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) – C:\WINDOWS\System32\drivers\bxvbda.sys [533912] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) – C:\WINDOWS\System32\drivers\cht4dx64.sys [141208] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) – C:\WINDOWS\System32\drivers\cht4sx64.sys [357272] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T5/T6 Chip.) – C:\WINDOWS\System32\drivers\cht4vx64.sys [1723288] =>.Microsoft Windows® O58 - SDL:2017/09/17 14:48:06 A . (.Disc Soft Ltd - DAEMON Tools Pro Virtual SCSI Bus Driver.) – C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264] =>.Disc Soft Ltd® O58 - SDL:2017/09/29 15:41:01 A . (.QLogic Corporation - QLogic 10 GigE VBD.) – C:\WINDOWS\System32\drivers\evbda.sys [3419032] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) – C:\WINDOWS\System32\drivers\HpSAMD.sys [63520] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:40:59 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\iagpio.sys [36864] =>.Intel(R) Corporation O58 - SDL:2017/09/29 15:40:59 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) – C:\WINDOWS\System32\drivers\iai2c.sys [91648] =>.Intel(R) Corporation O58 - SDL:2017/09/29 15:40:59 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [79360] =>.Intel Corporation O58 - SDL:2017/09/29 15:40:59 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.s ys [88576] =>.Intel Corporation O58 - SDL:2017/09/29 15:40:59 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [171520] =>.Intel Corporation O58 - SDL:2017/09/29 15:40:59 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592] =>.Intel Corporation O58 - SDL:2017/09/29 15:41:01 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group® O58 - SDL:2017/09/29 15:40:59 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) – C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation O58 - SDL:2017/09/29 15:41:03 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) – C:\WINDOWS\System32\drivers\iaStorAV.sys [674200] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:03 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) – C:\WINDOWS\System32\drivers\iaStorV.sys [412056] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Mellanox - InfiniBand Fabric Bus Driver.) – C:\WINDOWS\System32\drivers\ibbus.sys [526232] =>.Microsoft Windows® O58 - SDL:2016/06/22 12:14:52 A . (.Kinoni - KinoConsole.) – C:\WINDOWS\System32\drivers\kinonih.sys [32256] =>.Kinoni O58 - SDL:2017/09/29 15:41:02 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas.sys [108064] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas2i.sys [123800] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas3i.sys [103320] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sss.sys [82840] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\megasas.sys [59800] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\MegaSas2i.sys [63520] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) – C:\WINDOWS\System32\drivers\megasr.sys [575896] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Mellanox - MLX4 Bus Driver.) – C:\WINDOWS\System32\drivers\mlx4_bus.sys [842648] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) – C:\WINDOWS\System32\drivers\mvumis.sys [63896] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Mellanox - NetworkDirect Support Filter Driver.) – C:\WINDOWS\System32\drivers\ndfltr.sys [108952] =>.Microsoft Windows® O58 - SDL:2016/12/21 13:20:00 A . (.Apple Inc. - Apple Mobile Device Ethernet.) – C:\WINDOWS\System32\drivers\netaapl64.sys [23040] =>.Apple Inc. O58 - SDL:2018/04/24 21:33:48 A . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) – C:\WINDOWS\System32\drivers\nvhda64v.sys [226280] =>.NVIDIA Corporation® O58 - SDL:2017/09/29 15:41:02 A . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) – C:\WINDOWS\System32\drivers\nvraid.sys [150424] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) – C:\WINDOWS\System32\drivers\nvstor.sys [166296] =>.Microsoft Windows® O58 - SDL:2018/04/24 20:52:38 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) – C:\WINDOWS\System32\drivers\nvvad64v.sys [59240] =>.NVIDIA Corporation® O58 - SDL:2018/05/07 23:04:43 A . (.NVIDIA Corporation - Virtual USB Host Controller driver.) – C:\WINDOWS\System32\drivers\nvvhci.sys [58816] =>.NVIDIA Corporation® O58 - SDL:2017/09/29 15:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\percsas2i.sys [58776] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\percsas3i.sys [61848] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:03 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.40 64-bit Dri.) – C:\WINDOWS\System32\drivers\rt640x64.sys [604160] =>.Realtek O58 - SDL:2017/09/29 15:41:14 RA . (.Realtek - Realtek PCIe GBE Family Controller Flight.) – C:\WINDOWS\System32\drivers\rteth.sys [59904] =>.Realtek O58 - SDL:2017/11/16 02:45:26 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) – C:\WINDOWS\System32\drivers\RTKVHD64.sys [6038440] =>.Realtek Semiconductor Corp.® O58 - SDL:2015/10/26 15:10:56 A . (.Razer Inc - Razer RzEndPt.) – C:\WINDOWS\System32\drivers\rzendpt.sys [50392] =>.Razer Inc.® O58 - SDL:2017/07/19 18:16:56 A . (.Razer, Inc. - Razer Overlay Support.) – C:\WINDOWS\System32\drivers\rzpmgrk.sys [45752] =>.Razer USA Ltd.® O58 - SDL:2017/08/19 17:56:57 A . (.Razer, Inc. - Razer Overlay Support.) – C:\WINDOWS\System32\drivers\rzpnk.sys [139704] =>.Razer USA Ltd.® O58 - SDL:2015/10/26 15:12:06 A . (.Razer Inc - Razer Rzudd Engine.) – C:\WINDOWS\System32\drivers\rzudd.sys [201432] =>.Razer Inc.® O58 - SDL:2017/09/29 15:41:02 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) – C:\WINDOWS\System32\drivers\sisraid2.sys [44952] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) – C:\WINDOWS\System32\drivers\sisraid4.sys [81816] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) – C:\WINDOWS\System32\drivers\stexstor.sys [31128] =>.Microsoft Windows® O58 - SDL:2016/04/26 17:10:00 A . (.Tunngle.net GmbH - TAP-Win32 Virtual Network Driver (NDIS 6.0).) – C:\WINDOWS\System32\drivers\tap0901t.sys [48824] =>.Tunngle.net GmbH® O58 - SDL:2018/05/15 00:07:12 A . (…) – C:\WINDOWS\System32\drivers\TrueSight.sys [28272] =>.Adlice® O58 - SDL:2016/12/21 13:20:26 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) – C:\WINDOWS\System32\drivers\usbaapl64.sys [54784] =>.Apple, Inc. O58 - SDL:2018/01/19 22:32:08 A . (.Benjamin Höglinger-Stelzer - Virtual Gamepad Emulation Bus Driver.) – C:\WINDOWS\System32\drivers\ViGEmBus.sys [53128] {330000001F9800C911029569BE00000000001F} =>.Benjamin Höglinger-Stelzer O58 - SDL:2017/09/29 15:41:02 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) – C:\WINDOWS\System32\drivers\vsmraid.sys [166808] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) – C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305560] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Mellanox - Kernel WinMad.) – C:\WINDOWS\System32\drivers\winmad.sys [32152] =>.Microsoft Windows® O58 - SDL:2017/09/29 15:41:02 A . (.Mellanox - Kernel WinVerbs.) – C:\WINDOWS\System32\drivers\winverbs.sys [64920] =>.Microsoft Windows® O58 - SDL:2018/05/14 09:02:12 A . (.Zemana Ltd. - ZAM.) – C:\WINDOWS\System32\drivers\zam64.sys [203680] =>.Zemana Ltd.® O58 - SDL:2018/05/14 09:02:12 A . (.Zemana Ltd. - ZAM.) – C:\WINDOWS\System32\drivers\zamguard64.sys [203680] =>.Zemana Ltd.®
—\ DERNIERS FICHIERS MODIFIÉS OU CRÉÉS (Utilisateur) (1) - 9s
O61 - LFC: 2018/05/14 09:00:21 A . (.glax24 (safezone.cc).) – C:\Users\GUI\Desktop\ARAWAK\SecurityCheck.exe [521112]

—\ ASSOCIATION Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> [HKLM..\open\Command] (…) – ‘%1’ %* =>.Default.Value O67 - Shell Spawning: <.cpl> [HKLM..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) – C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM..\open\Command] (…) – ‘%1’ %* =>.Default.Value O67 - Shell Spawning: <.com> [HKLM..\open\Command] (…) – ‘%1’ %* =>.Default.Value O67 - Shell Spawning: <.evt> [HKLM..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) – C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM..\open\Command] (…) – ‘%1’ %* =>.Default.Value O67 - Shell Spawning: <.html> [HKLM..\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O67 - Shell Spawning: <.js> [HKLM..\open\Command] (…) – C:\Windows\System32\WScript.exe ‘%1’ %* =>.Default.Value O67 - Shell Spawning: <.reg> [HKLM..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) – C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM..\open\Command] (…) – ‘%1’ /S =>.Default.Value
—\ MENU DE DÉMARRAGE INTERNET (12) - 0s
O68 - StartMenuInternet: [64Bits][HKLM..\Shell\open\Command] (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O68 - StartMenuInternet: [64Bits][HKLM..\Shell\open\Command] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O68 - StartMenuInternet: [64Bits][HKLM..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Expl.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Expl.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Expl.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
—\ RECHERCHE D’INFECTION SUR LES NAVIGATEURS (2) - 4s
O69 - SBI: SearchScopes [HKCU] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com
—\ ÉNUMÈRE LES SERVICES DÉMARRÉS PAR Svchost (48) - 0s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) – C:\WINDOWS\System32\certprop.dll [188928] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) – C:\Windows\System32\certprop.dll [188928] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) – C:\Windows\System32\srvsvc.dll [270848] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) – C:\Windows\System32\gpsvc.dll [1275904] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) – C:\Windows\System32\IKEEXT.DLL [984064] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) – C:\Windows\System32\iphlpsvc.dll [820224] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) – C:\Windows\System32\seclogon.dll [30720] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) – C:\Windows\System32\appinfo.dll [144896] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) – C:\Windows\System32\iscsiexe.dll [150528] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) – C:\Windows\System32\eapsvc.dll [109056] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) – C:\Windows\System32\schedsvc.dll [880640] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) – C:\Windows\System32\wbem\WMIsvc.dll [220160] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) – C:\Windows\System32\profsvc.dll [408064] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) – C:\Windows\System32\SessEnv.dll [387584] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) – C:\Windows\System32\wercplsupport.dll [108544] =>.Microsoft Corporation O83 - Search Svchost Services: PushToInstall (PushToInstall) . (.Microsoft Corporation - PushToInstall.) – C:\Windows\System32\PushToInstall.dll [254976] =>.Microsoft Corporation O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) – C:\Windows\System32\Windows.SharedPC.AccountManage r.dll [194560] =>.Microsoft Corporation O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) – C:\Windows\System32\XblGameSave.dll [1272320] =>.Microsoft Corporation O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Service d’authentification naturelle.) – C:\Windows\System32\NaturalAuth.dll [795136] =>.Microsoft Corporation O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Broker à jetons.) – C:\Windows\System32\TokenBroker.dll [1236480] =>.Microsoft Corporation O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service de géolocalisation.) – C:\Windows\System32\lfsvc.dll [46080] =>.Microsoft Corporation O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) – C:\Windows\System32\XblAuthManager.dll [1107968] =>.Microsoft Corporation O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Moniteur infrarouge.) – C:\Windows\System32\irmon.dll [24576] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) – C:\Windows\System32\rasauto.dll [104960] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à dista.) – C:\Windows\System32\rasmans.dll [930816] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) – C:\Windows\System32\mprdim.dll [491520] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) – C:\Windows\System32\Sens.dll [73216] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) – C:\Windows\System32\ipnathlp.dll [601088] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) – C:\Windows\System32\tapisrv.dll [307200] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) – C:\Windows\System32\wuaueng.dll [2784256] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) – C:\Windows\System32\qmgr.dll [1346560] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) – C:\Windows\System32\shsvcs.dll [613376] =>.Microsoft Corporation O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - DLL Windows Management Service.) – C:\Windows\System32\Windows.Internal.Management.dl l [702464] =>.Microsoft Corporation O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) – C:\Windows\System32\dmwappushsvc.dll [57856] =>.Microsoft Corporation O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Paramètres de vol.) – C:\Windows\System32\flightsettings.dll [779264] =>.Microsoft Corporation O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Service du système de notifications Push Wi.) – C:\Windows\System32\WpnService.dll [284672] =>.Microsoft Corporation O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) – C:\Windows\System32\XboxNetApiSvc.dll [1143808] =>.Microsoft Corporation O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Mettre à jour la session Orchestrator Core.) – C:\Windows\System32\usocore.dll [1300992] =>.Microsoft Corporation O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) – C:\Windows\System32\usermgr.dll [951808] =>.Microsoft Corporation O83 - Search Svchost Services: InstallService (InstallService) . (.Microsoft Corporation - InstallService.) – C:\Windows\System32\InstallService.dll [1313792] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) – C:\Windows\System32\themeservice.dll [69632] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) – C:\Windows\System32\bdesvc.dll [387072] =>.Microsoft Corporation O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) – C:\Windows\System32\DeviceSetupManager.dll [238080] =>.Microsoft Corporation O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Service Configuration du réseau.) – C:\Windows\System32\NetSetupSvc.dll [308224] =>.Microsoft Corporation O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Micro.) – C:\Windows\System32\NcaSvc.dll [170496] =>.Microsoft Corporation O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) – C:\Windows\System32\wlidsvc.dll [2223616] =>.Microsoft Corporation O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) – C:\Windows\System32\XboxGipSvc.dll [57856] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) – C:\Windows\System32\browser.dll [132608] =>.Microsoft Corporation
—\ LISTE DES EXCEPTIONS DU PAREFEU WINDOWS (48) - 5s
O87 - FAEL: ‘UDP Query User{B93F5F19-3B53-4C75-ADFC-CD260E87601E}C:\gog games\enter the gungeon\etg.exe’ [In-None-P17-TRUE] .(…) – C:\gog games\enter the gungeon\etg.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: ‘TCP Query User{C81B0566-7AFD-456B-8C25-683C6FC10FCB}C:\gog games\enter the gungeon\etg.exe’ [In-None-P6-TRUE] .(…) – C:\gog games\enter the gungeon\etg.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: ‘{535B3DFC-3579-442C-A0A7-1775ED3F2D06}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Tricky Towers\TrickyTowers.exe =>.Steam Games O87 - FAEL: ‘{825F56AB-F5C8-434A-9658-B9D4071E488E}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Tricky Towers\TrickyTowers.exe =>.Steam Games O87 - FAEL: ‘{EE1B63FC-32C7-4C0B-9474-029EE02B3CD8}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Ultimate Chicken Horse\UltimateChickenHorse.exe =>.Steam Games O87 - FAEL: ‘{FBDF75BB-AC38-4AE0-ACD4-871654CF3EAF}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Ultimate Chicken Horse\UltimateChickenHorse.exe =>.Steam Games
O87 - FAEL: ‘UDP Query User{56DC755F-5239-4C71-AACF-6C0ADAA4322D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe’ [In-None-P17-TRUE] .(…) – C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: ‘TCP Query User{5701EEC5-8F51-4706-B57D-D13330AD23AC}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe’ [In-None-P6-TRUE] .(…) – C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: ‘{B0F8712B-C02A-4D8C-84EB-F7086A8102C2}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe =>.Valve® O87 - FAEL: ‘{7768207C-99C2-484E-8AF5-3B6EE99F9833}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe =>.Valve® O87 - FAEL: ‘{E4ECAA0B-9BB3-4D18-BC6B-826B585E854A}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Turmoil\Turmoil_PC_Fu ll.exe =>.Steam SteamApps Games O87 - FAEL: ‘{69239029-9BBB-4C27-AB39-0FAF2C208757}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Turmoil\Turmoil_PC_Fu ll.exe =>.Steam SteamApps Games
O87 - FAEL: ‘UDP Query User{55E0F48E-1BC0-4E55-93DA-113EA8934F81}C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet-server.exe’ [In-None-P17-TRUE] .(…) – C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet-server.exe
O87 - FAEL: ‘TCP Query User{FE1936B4-273F-48D4-8A13-EC64FD2F2D38}C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet-server.exe’ [In-None-P6-TRUE] .(…) – C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet-server.exe
O87 - FAEL: ‘{1C567826-34C3-4F42-8CDA-75EB1F8B6A35}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Lost Castle\Lost_Castle.exe =>.Steam Games O87 - FAEL: ‘{7536D2C9-7458-4D69-ADF7-DA7ED48FC8BE}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Lost Castle\Lost_Castle.exe =>.Steam Games
O87 - FAEL: ‘UDP Query User{2FB1A613-457C-43A6-BE3E-19C4293FAEC5}C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet.exe’ [In-None-P17-TRUE] .(…) – C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet.exe
O87 - FAEL: ‘TCP Query User{80BBF3D0-35F6-47A8-94BF-2A889FC6D6AA}C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet.exe’ [In-None-P6-TRUE] .(…) – C:\users\gui\desktop\ddnet-10.8.6-win64\ddnet.exe
O87 - FAEL: ‘{EB738EFE-1809-48DF-87D3-A995945FA4BD}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Move or Die\Editor.exe =>.Steam Games O87 - FAEL: ‘{CB2BAD1A-C9C4-4AF5-8E61-D3598204EF2D}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Move or Die\Editor.exe =>.Steam Games O87 - FAEL: ‘{D44D2ADE-048A-4128-B350-84FBAE1B9B97}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Move or Die\MoveOrDie.exe =>.Steam Games O87 - FAEL: ‘{3606402D-A8AF-4B93-980D-C06AF54F63A4}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Move or Die\MoveOrDie.exe =>.Steam Games O87 - FAEL: ‘{860858A9-E6AA-4412-96C0-712D61ACAB3C}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Mysterium\Mysterium.e xe =>.Steam Games O87 - FAEL: ‘{A1FD2CE3-CFA3-400E-A9B4-617F423CEED2}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Mysterium\Mysterium.e xe =>.Steam Games O87 - FAEL: ‘TCP Query User{EE62C13D-0539-451F-8C51-8CE89D4D090A}C:\program files (x86)\steam\steamapps\common\move or die\love\win\love.exe’ [In-None-P6-TRUE] .(…) – C:\program files (x86)\steam\steamapps\common\move or die\love\win\love.exe =>.Steam Games O87 - FAEL: ‘UDP Query User{8D18B73B-7783-4BB2-AC68-9E4FBA7DBE7C}C:\program files (x86)\steam\steamapps\common\move or die\love\win\love.exe’ [In-None-P17-TRUE] .(…) – C:\program files (x86)\steam\steamapps\common\move or die\love\win\love.exe =>.Steam Games O87 - FAEL: ‘{9A98EB6D-7A18-4330-A646-95DD6CE47DE8}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\SlayTheS pire.exe =>.Steam Games O87 - FAEL: ‘{0E6898B2-736F-42FA-8BC6-EBC5C9F15FF2}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\SlayTheS pire.exe =>.Steam Games
O87 - FAEL: ‘TCP Query User{D6C19989-5343-4FCC-B972-487FC645D6DC}C:\users\gui\desktop\ddnet-10.8.6-win64\chillershit\chillerbot-zz-0003.exe’ [In-None-P6-TRUE] .(…) – C:\users\gui\desktop\ddnet-10.8.6-win64\chillershit\chillerbot-zz-0003.exe
O87 - FAEL: ‘UDP Query User{C09EF31A-A067-4BDD-BF91-B3C0047E6E0B}C:\users\gui\desktop\ddnet-10.8.6-win64\chillershit\chillerbot-zz-0003.exe’ [In-None-P17-TRUE] .(…) – C:\users\gui\desktop\ddnet-10.8.6-win64\chillershit\chillerbot-zz-0003.exe
O87 - FAEL: ‘{6332D94A-89EE-47BF-AA13-AD6C57705F16}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: ‘{2FFA8192-8A71-486A-990F-6C28D8CE2238}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Hobbyist Software\VLC Streamer\mDNSResponder.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: ‘{C98A6C77-724B-4A71-8149-96AC04B5C377}’ [In-None-P17-TRUE] .(…) – C:\Program Files\Bonjour\mDNSResponder.exe\Bonjour\mDNSRespon der.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: ‘{05EC51A8-67C3-44C7-9D81-04EC21D09BC3}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\The Swords of Ditto\The_Swords_of_Ditto.exe =>.Steam SteamApps Games O87 - FAEL: ‘{C462974C-BA91-4F08-9C0C-EA4E90539F38}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\The Swords of Ditto\The_Swords_of_Ditto.exe =>.Steam SteamApps Games
O87 - FAEL: ‘{E639E65C-3E75-431A-B375-28417ED6B5B8}’ [In-None-P17-TRUE] .(.Parsec - Parsec.) – C:\Program Files\Parsec\parsecd.exe {0F0CC3A57EF947E7D23CF075B8B4BA5D}
O87 - FAEL: ‘{CA5E1BFF-8F44-4889-870D-7A100BD94BAF}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Into the Breach\Breach.exe =>.Steam Games O87 - FAEL: ‘{D0312F0E-9EE7-478D-B154-7511929B52D7}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Into the Breach\Breach.exe =>.Steam Games O87 - FAEL: ‘{7C7AD55E-9345-475C-AC7C-6379A3F01E36}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe =>.Steam Games O87 - FAEL: ‘{736405A3-588D-454E-916F-DF59C908FA08}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe =>.Steam Games
O87 - FAEL: ‘{57B1E445-BDC6-4254-AC8B-FB9DB6026A5B}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starb ound.exe (.not file.) =>.Steam Games
O87 - FAEL: ‘{4EB7F62D-C6B8-4133-8C3A-4734C503D172}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starb ound.exe (.not file.) =>.Steam Games
O87 - FAEL: ‘{9F3AF91E-97C3-4928-9C46-A2185759DF9A}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starb ound_server.exe (.not file.) =>.Steam Games
O87 - FAEL: ‘{1662C499-3B6D-4773-B1C6-1B3FCA866A51}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starb ound_server.exe (.not file.) =>.Steam Games
O87 - FAEL: ‘{FEF65A89-54C5-4C2C-8AA3-8776EF8E36F2}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_u ploader.exe (.not file.) =>.Steam Games
O87 - FAEL: ‘{3ACB7911-ECB1-4AC2-8848-1D7E7B396095}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_u ploader.exe (.not file.) =>.Steam Games
O87 - FAEL: ‘{3892BBB9-4463-4D6B-BBE5-3727B0D32A53}’ [In-None-P6-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starb ound.exe (.not file.) =>.Steam Games
O87 - FAEL: ‘{F31202F5-7BEC-456B-A3D8-E6365BE8444C}’ [In-None-P17-TRUE] .(…) – C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starb ound.exe (.not file.) =>.Steam Games

—\ CODES PRODUITS LOGICIELS (10) - 0s
O90 - PUC: ‘0736E3D2C8C538C478D0E5205C92DEB5’ [HKLM] . (.mocha Pro Plugin V5.2.0 for OFX.) – C:\Windows\Installer{2D3E6370-5C8C-4C83-870D-5E02C529ED5B}\ARP_product_icon
O90 - PUC: ‘375ECBAC68A0AF245AA27CAE165DEB80’ [HKLM] . (.Classic Shell.) – C:\Windows\Installer{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}\icon.ico
O90 - PUC: ‘867EC2B015D98E545A519DE12801DFEF’ [HKLM] . (.mocha Pro V5.2.0-12816.) – C:\Windows\Installer{0B2CE768-9D51-45E8-A515-D91E8210FDFE}\ARP_product_icon
O90 - PUC: ‘A9568661E3C6CC465EFA39A6634E29DA’ [HKLM] . (.Elephorm.)
O90 - PUC: ‘C2F5D000BA051E74392276635F200A3E’ [HKLM] . (.mocha Pro Plugin V5.2.0 for AVX.) – C:\Windows\Installer{000D5F2C-50AB-47E1-9322-6736F502A0E3}\ARP_product_icon
O90 - PUC: ‘CF3B1D5C8ECEC954FA67BBF2DB1748B1’ [HKLM] . (.mocha VR Plugin V5.5.2 for Adobe.) – C:\Windows\Installer{C5D1B3FC-ECE8-459C-AF76-BB2FBD71841B}\ARP_product_icon
O90 - PUC: ‘E269FA990B748FD4AB560F4330BD08CB’ [HKLM] . (.fayIN License Service.)
O90 - PUC: ‘F2654A091A4D56B409D6142F63FC9620’ [HKLM] . (.Path of Exile.)
O90 - PUC: ‘F751170C43BAF3D40AFDA95C443B37E2’ [HKLM] . (.Vicon boujou 5.0.2.)
O90 - PUC: ‘FF3F12636B9A81C488248B1789A58E66’ [HKLM] . (.fayIN 2.4 for After Effects CC.)

—\ PACKAGES WINDOWS INSTALLER (35) - 7s
[MD5.B1B7134E727B53F6F2A167547AA7CEB9] [WIS][2017/10/04 19:04:08] (.UNKNOWN - Elephorm.) – C:\WINDOWS\Installer\106b8b70.msi [40960]
[MD5.FF002D6462B98920284C0829A3C64D6C] [WIS][2017/09/17 12:21:17] (.Razer Inc. - Emily.) – C:\WINDOWS\Installer\14ecb2.msi [26197504] =>.Razer Inc. [MD5.983D8C71DD6EEED78012112B85734318] [WIS][2017/09/12 18:45:23] (.Simon Tatham - PuTTY release 0.70 installer.) – C:\WINDOWS\Installer\1d07b5.msi [3048960] =>.Simon Tatham [MD5.4C6305528E82DE2815284F630638F92D] [WIS][2017/09/18 00:58:25] (.Advanced Micro Devices, Inc. - AMD Ryzen Master.) – C:\WINDOWS\Installer\1f5755c.msi [22214144] =>.Advanced Micro Devices, Inc. [MD5.7EEAA509DCD12E61FBBF1A62B1AC5C92] [WIS][2017/12/21 21:56:16] (.Grinding Gear Games - Path of Exile Windows Installer package.) – C:\WINDOWS\Installer\1ffd443c.msi [12582912] =>.Grinding Gear Games [MD5.6A73785C72A9288AB8F859CFAD06909D] [WIS][2017/09/25 23:52:03] (.Epic Games, Inc. - Epic Games Launcher.) – C:\WINDOWS\Installer\2aeb7f04.msi [31641600] =>.Epic Games, Inc. [MD5.7873ACD3BFA53B19469E6AB5606C80FE] [WIS][2015/11/19 10:56:58] (.Epic Games, Inc. - Epic Games Launcher Prerequisites (x64).) – C:\WINDOWS\Installer\2aeb7f09.msi [11919360] =>.Epic Games, Inc. [MD5.484BE36C04E189B5A0F66C40B1BA08F8] [WIS][2017/05/31 02:30:20] (.Intel Corporation - Intel(R) C++ Redistributables on Intel(R) 6.) – C:\WINDOWS\Installer\304204.msi [9863168] =>.Intel Corporation [MD5.9047A29B7C2ED333536A7FB6D6C8BAE6] [WIS][2017/09/27 20:55:05] (.Simon Tatham - PuTTY release 0.70 installer.) – C:\WINDOWS\Installer\34964bca.msi [2942464] =>.Simon Tatham [MD5.7F9BBDB60B98B6AB6A09446AFADA65CB] [WIS][2018/02/27 16:23:34] (.Adobe Systems Incorporated - Adobe ARM Installer.) – C:\WINDOWS\Installer\3fb0c71.msi [884736] =>.Adobe Systems Incorporated [MD5.5376B2262B6E9773801520B6735C6DE9] [WIS][2015/12/15 15:18:36] (.Apple Inc. - QuickTime Installer.) – C:\WINDOWS\Installer\4244d05.msi [28397568] =>.Apple Inc. [MD5.6D26AC031A53B7E7ED352A57132E7CE8] [WIS][2017/10/02 10:01:20] (.Adobe Systems Incorporated - Adobe AIR Installer.) – C:\WINDOWS\Installer\42c4cc6.msi [45056] =>.Adobe Systems Incorporated [MD5.86E2B390629665FBC20E06DFBF01A48F] [WIS][2017/05/08 16:11:06] (.Apple Inc. - [ProductName] Installer.) – C:\WINDOWS\Installer\4b39ea.msi [2732032] =>.Apple Inc. [MD5.B446C0DA35323D45DBD037E0E69AC275] [WIS][2017/09/17 13:12:44] (.Apple Inc. - Apple Application Support Installer.) – C:\WINDOWS\Installer\4b3c35.msi [45940736] =>.Apple Inc. [MD5.CD4D479C497DD935952F8AF29FA6224C] [WIS][2017/09/17 13:13:25] (.Apple Inc. - Apple Application Support Installer.) – C:\WINDOWS\Installer\4b3f16.msi [50974720] =>.Apple Inc. [MD5.5F1FBBF794EEEF801A22E2E306115B86] [WIS][2017/09/17 13:13:28] (.Apple Inc. - Apple Software Update Installer.) – C:\WINDOWS\Installer\4b3fea.msi [3608576] =>.Apple Inc. [MD5.4A1DD7237D5264C781FCDE1AE347383E] [WIS][2017/09/17 13:13:40] (.Apple Inc. - Apple Mobile Device Support Installer.) – C:\WINDOWS\Installer\4b402d.msi [14041088] =>.Apple Inc. [MD5.0EF6618EE65ACB6263FB4AD78D706093] [WIS][2017/09/17 13:15:36] (.Apple Inc. - iTunes Installer.) – C:\WINDOWS\Installer\4b58a4.msi [159580160] =>.Apple Inc. [MD5.8203432377B51BE3C59439EB4D6ECF5E] [WIS][2018/03/28 16:29:12] (.Avira Operations GmbH & Co. KG - Avira.) – C:\WINDOWS\Installer\50f076b5.msi [4316550] =>.Avira Operations GmbH & Co. KG [MD5.95C345B66389506B3A883CF2D6DABADF] [WIS][2017/08/16 23:39:50] (.Imagineer Systems - mocha VR Plugin V5.5.2 for Adobe.) – C:\WINDOWS\Installer\623bedf.msi [38821888] =>.Imagineer Systems [MD5.E166C52C5084FEE71039EA45328485EE] [WIS][2016/12/07 21:09:26] (.Imagineer Systems - mocha Pro V5.2.0-12816 Installer..) – C:\WINDOWS\Installer\6e98c95.msi [49270784] =>.Imagineer Systems [MD5.AC4D8EA3C6BE3E4DA9C80B07ECA08999] [WIS][2016/12/07 21:09:22] (.Imagineer Systems - mocha Pro Plugin V5.2.0 for AVX.) – C:\WINDOWS\Installer\6fd4809.msi [32927744] =>.Imagineer Systems [MD5.3711E30F575A08EDACE413FA2389AD00] [WIS][2016/12/07 21:09:22] (.Imagineer Systems - mocha Pro Plugin V5.2.0 for OFX.) – C:\WINDOWS\Installer\6fd480c.msi [33173504] =>.Imagineer Systems [MD5.120C09332BC6B0EF805E32EF52FF2BFD] [WIS][2010/05/27 10:27:04] (.Vicon Motion Systems - Vicon boujou 5.0.2 Installer.) – C:\WINDOWS\Installer\73ea560.msi [38935040] =>.Vicon Motion Systems
[MD5.E8BEBE68144E23D4D9FBC2140268E0BE] [WIS][2016/11/01 12:49:14] (.fayteq - fayIN License Service.) – C:\WINDOWS\Installer\8493a6.msi [2441216]
[MD5.CC1FE51175BEDDDACA796F01D4DD62CC] [WIS][2016/11/01 12:54:42] (.fayteq - fayIN 2.4 for After Effects CC.) – C:\WINDOWS\Installer\8493a9.msi [20787200]
[MD5.AC7A2DB28C9A3B8CA80125550E09FAB9] [WIS][2015/12/11 07:29:50] (.InstallShield Software Corporation.) – C:\WINDOWS\Installer\943d97.msi [128338432] =>.InstallShield Software Corporation [MD5.FEB3EE1D61146165678928CBB36160BA] [WIS][2017/09/17 11:58:42] (.IvoSoft - Classic Shell.) – C:\WINDOWS\Installer\a1c05.msi [5361664] =>.IvoSoft [MD5.7C3CB3CBA11691D8CF040D9390A7586D] [WIS][2017/08/24 18:05:58] (.Adobe Systems Incorporated - Installers.) – C:\WINDOWS\Installer\a1c504.msi [12911616] =>.Adobe Systems Incorporated [MD5.F0EE2E7F283866A2A0FEA9BE2D12A979] [WIS][2017/11/14 02:37:22] (.Google Inc. - Google Update Helper.) – C:\WINDOWS\Installer\d134dc0.msi [40960] =>.Google Inc. [MD5.BE953984C096CDE3FD3426F5391CC82E] [WIS][2017/11/13 06:25:33] (.Adobe Systems, Incorporated.) – C:\WINDOWS\Installer\19de26ff.msp [35258368] =>.Adobe Systems, Incorporated [MD5.27D5264BF01E69F26BCD8151830EBB09] [WIS][2017/11/29 12:41:43] (.Adobe Systems, Incorporated.) – C:\WINDOWS\Installer\299f3ed8.msp [2646016] =>.Adobe Systems, Incorporated [MD5.61C41ECFA55D0B1BDEC0204EC93DC3A9] [WIS][2018/02/23 15:24:53] (.Adobe Systems, Incorporated.) – C:\WINDOWS\Installer\527d118.msp [255688704] =>.Adobe Systems, Incorporated [MD5.B74A6A31046ECDEFDB200DC17DC19EC4] [WIS][2017/08/24 18:05:58] (.Adobe Systems, Incorporated.) – C:\WINDOWS\Installer\a1c505.msp [241164288] =>.Adobe Systems, Incorporated [MD5.380237CA09171D01575AD465B621632D] [WIS][2018/02/12 12:42:00] (.Adobe Systems, Incorporated.) – C:\WINDOWS\Installer\dadfd.msp [51281920] =>.Adobe Systems, Incorporated
—\ SCAN ADDITIONNEL (1) - 2s
~ Aucun élément malicieux ou superflu trouvé.
—\ RÉCAPITULATIF DES ÉLÉMENTS TROUVÉS SUR VOTRE STATION (1) - 0s
https://nicolascoolman.eu/2017/09/12...es-orphelines/ =>.SUP.Orphan

~ Unselected Options: ~ End of the scan, 12085 items in 01mn23s (1476)(0)

ÉLÉMENT(S) TROUVÉ(S) PAR ZHPDIAG
[URL unfurl="true"]https://nicolascoolman.eu/wp-content/uploads/2018/02/Orphan-Zone-Antimalware.jpg[/URL]LOGICIELS DE PROTECTION
https://nicolascoolman.eu/wp-content/uploads/2018/02/Avira1.jpghttps://nicolascoolman.eu/wp-content/uploads/2018/02/WindowsDefender2.jpgLOGICIELS DE PROTECTION SUPERFLUS
https://nicolascoolman.eu/wp-content/uploads/2018/02/Zemana.jpgNUMEROS DE SÉRIE

[00BA4F6150566B99B3C7BAE5FF74C5EBFD] [01/07/2016] (.Andrew Ziem.) - C:\Program Files (x86)\BleachBit\bleachbit.exe [00F6E3D0098BF4E24D22BBB9550C55343E] [18/01/2017] (.Disc Soft Ltd.) - C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe [00F6E3D0098BF4E24D22BBB9550C55343E] [18/01/2017] (.Disc Soft Ltd.) - C:\Program Files\DAEMON Tools Pro\uninst.exe [0210230FD364B469091B8A4440145E18] [14/05/2018] (.Zemana Ltd..) - C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [0210230FD364B469091B8A4440145E18] [14/05/2018] (.Zemana Ltd..) - C:\WINDOWS\System32\drivers\zam64.sys [0210230FD364B469091B8A4440145E18] [14/05/2018] (.Zemana Ltd..) - C:\WINDOWS\System32\drivers\zamguard64.sys [021EEAA434D48391EDD756B9003E826C] [17/09/2017] (.fayteq AG.) - C:\ProgramData\Package Cache{1582ee6c-39ed-474c-a751-71fe914bd8d5}\fayINSetup.exe [026AF2ADEA0AB3CF19D42A44A47426E8] [24/05/2017] (.VideoLAN.) - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe [0320BE3EB866526927F999B97B04346E] [16/11/2017] (.Realtek Semiconductor Corp..) - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [0320BE3EB866526927F999B97B04346E] [16/11/2017] (.Realtek Semiconductor Corp..) - C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe [03C6ABDDE7AA440BC1990A06D53489DB] [23/03/2018] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe Photoshop CC 2018\Photoshop.exe [0443B567BFFBAA3BC083FE45A46DD041] [13/05/2018] (.Blizzard Entertainment, Inc..) - C:\Program Files (x86)\Blizzard App\Battle.net Launcher.exe [0443B567BFFBAA3BC083FE45A46DD041] [13/05/2018] (.Blizzard Entertainment, Inc..) - C:\ProgramData\Battle.net\Agent\Agent.6160\Agent.e xe [0443B567BFFBAA3BC083FE45A46DD041] [13/05/2018] (.Blizzard Entertainment, Inc..) - C:\ProgramData\Battle.net\Agent\Agent.exe [0443B567BFFBAA3BC083FE45A46DD041] [22/02/2018] (.Blizzard Entertainment, Inc..) - C:\program files (x86)\heroes of the storm\versions\base62424\heroesofthestorm_x64.exe [0443B567BFFBAA3BC083FE45A46DD041] [23/03/2018] (.Blizzard Entertainment, Inc..) - C:\program files (x86)\overwatch\overwatch.exe [044E3BF58976880FFD074448A8F7A058] [12/05/2018] (.Malwarebytes Corporation.) - C:\Users\GUI\Desktop\adwcleaner_7.1.1.exe [04F131322CC31D92C849FCA351D2F141] [10/05/2018] (.Discord Inc..) - C:\Users\GUI\AppData\Roaming\discord\0.0.301\modul es\discord_hook\3\DiscordHook.dll [04F131322CC31D92C849FCA351D2F141] [10/05/2018] (.Discord Inc..) - C:\Users\GUI\AppData\Roaming\discord\0.0.301\modul es\discord_hook\3\DiscordHook64.dll [04F131322CC31D92C849FCA351D2F141] [10/05/2018] (.Discord Inc..) - C:\Users\GUI\AppData\Roaming\discord\0.0.301\modul es\discord_hook\3\DiscordHookHelper.exe [04F131322CC31D92C849FCA351D2F141] [10/05/2018] (.Discord Inc..) - C:\Users\GUI\AppData\Roaming\discord\0.0.301\modul es\discord_hook\3\DiscordHookHelper64.exe [04F131322CC31D92C849FCA351D2F141] [30/04/2018] (.Discord Inc..) - C:\Users\GUI\AppData\Local\Discord\Update.exe [05067D3A8DE1687600A7207D3FF99808] [09/08/2017] (.Imagineer Systems Ltd.) - C:\Program Files\Adobe\Common\Plug-ins\7.0\MediaCore\Imagineer Systems\mocha VR Plugin V5\MediaIOServer.exe [055F937A9DF73DFD90BA9889E4C50A11] [29/08/2017] (.Notepad++.) - C:\Program Files (x86)\Notepad++\notepad++.exe [055F937A9DF73DFD90BA9889E4C50A11] [29/08/2017] (.Notepad++.) - C:\Program Files (x86)\Notepad++\NppShell_06.dll [068983642C953E46F7BDCE4143F133C1] [09/02/2018] (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [06B922A8397E632FE5348DA267275B4F] [05/01/2018] (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [06B922A8397E632FE5348DA267275B4F] [24/04/2018] (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [06B922A8397E632FE5348DA267275B4F] [24/04/2018] (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe [06B922A8397E632FE5348DA267275B4F] [24/04/2018] (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [06B922A8397E632FE5348DA267275B4F] [24/04/2018] (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HDBox\Uninstaller.exe [06E284CD38EE15623095DCBD38E65F9B] [15/05/2018] (.Adlice.) - C:\WINDOWS\System32\drivers\TrueSight.sys [06F04788031055D31DEFFEFCD026D6C5] [02/10/2017] (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Adobe\Flash Player\AddIns\airappinstaller\airappinstaller.exe [06F04788031055D31DEFFEFCD026D6C5] [02/10/2017] (.Adobe Systems Incorporated.) - c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe [06F04788031055D31DEFFEFCD026D6C5] [11/04/2018] (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [06F04788031055D31DEFFEFCD026D6C5] [11/04/2018] (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_ 0_0_140_pepper.exe [06F04788031055D31DEFFEFCD026D6C5] [11/04/2018] (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_ 0_0_140_Plugin.exe [0730C248977813C25BB22568B51ED287] [15/05/2018] (.Adlice.) - C:\Users\GUI\Desktop\RogueKiller_portable64.exe [07D9006D6B075E81FC7987596B6B5E56] [13/05/2018] (.Blizzard Entertainment, Inc..) - C:\ProgramData\Battle.net\Agent\BlizzardError.exe [07D9006D6B075E81FC7987596B6B5E56] [17/09/2017] (.Blizzard Entertainment, Inc..) - C:\program files (x86)\warcraft iii\warcraft iii.exe [07D9006D6B075E81FC7987596B6B5E56] [17/09/2017] (.Blizzard Entertainment, Inc..) - C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe [08385578821DA77EEA1703484E369B19] [28/02/2018] (.FlippingBook Limited.) - C:\Program Files (x86)\FlippingBook\FlippingBook Publisher Trial\Utilities\GAEventTracker.exe [084CAF4DF499141D404B7199AA2C2131] [03/04/2018] (.Valve.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe [084CAF4DF499141D404B7199AA2C2131] [03/04/2018] (.Valve.) - C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe [084CAF4DF499141D404B7199AA2C2131] [03/04/2018] (.Valve.) - C:\Program Files (x86)\Steam\Steam.exe [084CAF4DF499141D404B7199AA2C2131] [08/08/2016] (.Valve.) - C:\Program Files (x86)\Steam\uninstall.exe [084CAF4DF499141D404B7199AA2C2131] [20/12/2017] (.Valve.) - C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe [08EBDFBC0700FBE020BF5618F792F429] [16/11/2017] (.Realtek Semiconductor Corp..) - C:\WINDOWS\System32\drivers\RTKVHD64.sys [09268FAA1AD6894D179E5B87A2F06462] [02/03/2018] (.LunarG, Inc..) - C:\Program Files (x86)\VulkanRT\1.1.70.0\UninstallVulkanRT.exe [0B28BFCA8214E373A120A41694BD08D1] [23/02/2018] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe Illustrator CC 2018\Support Files\Contents\Windows\Illustrator.exe [0B28BFCA8214E373A120A41694BD08D1] [28/02/2018] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe InDesign CC 2018\InDesign.exe [0C5396DCB2949C70FAC48AB08A07338E] [02/05/2018] (.Mozilla Corporation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [0C5396DCB2949C70FAC48AB08A07338E] [02/05/2018] (.Mozilla Corporation.) - C:\Program Files\Mozilla Firefox\firefox.exe [0C5396DCB2949C70FAC48AB08A07338E] [02/05/2018] (.Mozilla Corporation.) - C:\Program Files\Mozilla Firefox\uninstall\helper.exe [0CEFAB1F7C07370C77DFB61C3CA4F5F0] [10/02/2018] (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [0D0D91D71B782242EEB53511760B1D6C] [13/08/2017] (.Ivaylo Beltchev.) - C:\Program Files\Classic Shell\ClassicExplorer32.dll [0D0D91D71B782242EEB53511760B1D6C] [13/08/2017] (.Ivaylo Beltchev.) - C:\Program Files\Classic Shell\ClassicExplorer64.dll [0D0D91D71B782242EEB53511760B1D6C] [13/08/2017] (.Ivaylo Beltchev.) - C:\Program Files\Classic Shell\ClassicStartMenu.exe [0DDD683D630AA770B5187C7F038BA4B7] [13/10/2017] (.Digiarty, Inc..) - C:\Program Files (x86)\Digiarty\WinX MediaTrans\ffmpeg.static.exe [0DDD683D630AA770B5187C7F038BA4B7] [13/10/2017] (.Digiarty, Inc..) - C:\Program Files (x86)\Digiarty\WinX MediaTrans\MediaTrans.exe [0E7659E767D3DDAD0F563995DA4E4CAB] [09/08/2017] (.Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi.) - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [0E7659E767D3DDAD0F563995DA4E4CAB] [14/05/2018] (.Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi.) - C:\Users\GUI\Desktop\ARAWAK\Zemana.AntiMalware.Set up.exe [0EBC1935D5294A594B4F32707B0A0AB9] [07/09/2017] (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [0EBC1935D5294A594B4F32707B0A0AB9] [11/09/2017] (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe [0EBC1935D5294A594B4F32707B0A0AB9] [11/09/2017] (.Apple Inc..) - C:\Program Files\iTunes\iTunes.exe [0F0CC3A57EF947E7D23CF075B8B4BA5D] [20/03/2018] (.Parsec Cloud, Inc..) - C:\Program Files\Parsec\parsecd.exe [0F0CC3A57EF947E7D23CF075B8B4BA5D] [20/03/2018] (.Parsec Cloud, Inc..) - C:\Program Files\Parsec\pservice.exe [0F5A57726999506B6F93FD9A150B88FA] [25/04/2018] (.BattlEye Innovations e.K..) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [0FA18A29F85296A455AC5ED00C86C0AE] [29/03/2018] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe Lightroom Classic CC\Lightroom.exe [10FB713319027F3F1F1C0667B3C38CA9] [24/08/2017] (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrodist.exe [10FB713319027F3F1F1C0667B3C38CA9] [24/08/2017] (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.d ll [10FB713319027F3F1F1C0667B3C38CA9] [24/08/2017] (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavSt ub.dll [112133B1A3A74C3748DC9FCF7C6E580AFDAF] [08/05/2018] (.Power Admin LLC.) - C:\Users\GUI\Desktop\Tools\Display Driver Uninstaller\DDU v17.0.8.6\x64\paexec.exe [112172E6B04266BB4059BFEF636CF8F452A0] [17/09/2017] (.Disc Soft Ltd.) - C:\WINDOWS\System32\drivers\dtproscsibus.sys [1121A377C1EF3BC56B4465236944AB02A805] [26/04/2016] (.Tunngle.net GmbH.) - C:\WINDOWS\System32\drivers\tap0901t.sys [1121D24CD88E6CEED6BBAEED1AF39659628D] [02/11/2016] (.RE Vision Effects, Inc..) - C:\Program Files\REVisionEffects\Twixtor6AE\REVisionLicenseIn staller.exe [1121DC26D9A7456B96B33BE622115C02D394] [29/06/2016] (.SOKNO S.R.L..) - C:\Program Files (x86)\SpeedFan\speedfan.exe [14781BC862E8DC503A559346F5DCC518] [07/05/2018] (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe [14781BC862E8DC503A559346F5DCC518] [07/05/2018] (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe [14781BC862E8DC503A559346F5DCC518] [07/05/2018] (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvvhci.sys [14781BC862E8DC503A559346F5DCC518] [12/05/2018] (.NVIDIA Corporation.) - C:\ProgramData\NVIDIA Corporation\Downloader\957fcaf1295218d5a5c28330c60 b6284\397.64-desktop-win10-64bit-international-whql-g.exe [14781BC862E8DC503A559346F5DCC518] [12/05/2018] (.NVIDIA Corporation.) - C:\Users\GUI\AppData\Local\NVIDIA\NvBackend\Applic ationOntology\NvOAWrapperCache.exe [14781BC862E8DC503A559346F5DCC518] [12/05/2018] (.NVIDIA Corporation.) - C:\Users\GUI\AppData\Local\NVIDIA\NvBackend\Applic ationOntology\OAWrapper.exe [14781BC862E8DC503A559346F5DCC518] [12/05/2018] (.NVIDIA Corporation.) - C:\Users\GUI\AppData\Local\NVIDIA\NvBackend\Applic ationOntology\Ontology.dll [14781BC862E8DC503A559346F5DCC518] [12/05/2018] (.NVIDIA Corporation.) - C:\Users\GUI\AppData\Local\NVIDIA\NvBackend\Applic ationOntology\Ontology64.dll [14781BC862E8DC503A559346F5DCC518] [22/04/2018] (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [14781BC862E8DC503A559346F5DCC518] [22/04/2018] (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [14781BC862E8DC503A559346F5DCC518] [22/04/2018] (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [14781BC862E8DC503A559346F5DCC518] [22/04/2018] (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [14781BC862E8DC503A559346F5DCC518] [22/04/2018] (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [14781BC862E8DC503A559346F5DCC518] [22/04/2018] (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [14781BC862E8DC503A559346F5DCC518] [22/04/2018] (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe [14781BC862E8DC503A559346F5DCC518] [22/04/2018] (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe [14781BC862E8DC503A559346F5DCC518] [24/04/2018] (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvhda64v.sys [14781BC862E8DC503A559346F5DCC518] [24/04/2018] (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvvad64v.sys [14F8FDD167F92402B1570B5DC495C815] [17/09/2017] (.Google Inc.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162F1B80254ABA54081C482A3D25A06A] [28/11/2017] (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-Player.exe [162F1B80254ABA54081C482A3D25A06A] [28/11/2017] (.BlueStack Systems, Inc..) - C:\ProgramData\BlueStacks\Client\BlueStacksClientU ninstaller.exe [1834B81889070312B5C4CA72EA419A5E] [12/07/2017] (.Razer USA Ltd..) - C:\Program Files (x86)\Razer\Synapse\RzAIOGenerator.exe [1834B81889070312B5C4CA72EA419A5E] [19/07/2017] (.Razer USA Ltd..) - C:\WINDOWS\System32\drivers\rzpmgrk.sys [1834B81889070312B5C4CA72EA419A5E] [19/08/2017] (.Razer USA Ltd..) - C:\WINDOWS\System32\drivers\rzpnk.sys [1834B81889070312B5C4CA72EA419A5E] [20/07/2017] (.Razer USA Ltd..) - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [1C1297C1E5E5CEC164325A0D1D9ECEA2] [14/05/2018] (.ESET, spol. s r.o..) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\SwReporter\29.154.200\em000_64.dll [1E3308F7ECDC20D952DFCD12D1F83215] [02/02/2016] (.Open Source Developer, Tim Kosse.) - D:\FileZilla FTP Client\filezilla.exe [1E39B33A9C469A90223AD52EFB83BF38] [02/08/2017] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe Muse CC 2017\Muse.exe [1ED82F] [24/09/2017] (.InstallShield Software Corporation.) - C:\Program Files (x86)\InstallShield Installation Information{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}\setup.exe [1ED82F] [24/09/2017] (.InstallShield Software Corporation.) - C:\Program Files (x86)\InstallShield Installation Information{64963F0E-03F2-4B59-8D1B-1806545E7092}\setup.exe [1FA23856C1CD8320F16E5F00F0CFD258] [17/07/2017] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe [1FEB5456B9E0C2C68357C42975B98224] [10/04/2018] (.Avira Operations GmbH & Co. KG.) - C:\ProgramData\Package Cache{4b629f54-1d82-40c9-9979-4485bb58d155}\Avira.OE.Setup.Bundle.exe [1FEB5456B9E0C2C68357C42975B98224] [28/03/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [1FEB5456B9E0C2C68357C42975B98224] [28/03/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [234175E3D1A23EF8ACB50245] [16/03/2018] (.EasyAntiCheat Oy.) - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2624AE59466DFE3BA7CF56FC6C0963F8] [21/11/2016] (.Imagineer Systems Ltd.) - C:\Program Files\Avid\AVX2_Plug-ins\Imagineer Systems\mocha Pro Plugin V5\MediaIOServer.exe [2A9C21ACAAA63A3C58A7B9322BEE948D] [26/04/2018] (.Google Inc.) - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2A9C21ACAAA63A3C58A7B9322BEE948D] [28/04/2018] (.Google Inc.) - C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\Inst aller\chrmstp.exe [2A9C21ACAAA63A3C58A7B9322BEE948D] [28/04/2018] (.Google Inc.) - C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\Inst aller\setup.exe [2B150D10370F2AC5] [04/05/2018] (.Grinding Gear Games Limited.) - C:\Program Files (x86)\Grinding Gear Games\Path of Exile\Client.exe [2B150D10370F2AC5] [08/05/2018] (.Grinding Gear Games Limited.) - C:\Program Files (x86)\Grinding Gear Games\Path of Exile\PathOfExile.exe [2B150D10370F2AC5] [26/12/2017] (.Grinding Gear Games Limited.) - C:\ProgramData\Package Cache{5e37eb26-2d6e-4b09-9dda-67b2c7f8d5bb}\PathOfExileInstaller.exe [2B20EB3380792AB011F662C064FDB473] [12/08/2015] (.Apple Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2B20EB3380792AB011F662C064FDB473] [12/08/2015] (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe [330000B31EB304F8BF60CF07D900020000B31E] [29/09/2017] (.Intel Corporation - Client Components Group.) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [34160AF3885BBB32312B8BBF0333806F] [22/03/2018] (.NADEO.) - C:\Program Files (x86)\ManiaPlanet\unins000.exe [34160AF3885BBB32312B8BBF0333806F] [23/02/2018] (.NADEO.) - C:\program files (x86)\maniaplanet\maniaplanet.exe [39CF937CF8909F05793300DE20B4E45F] [28/03/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [3AEA7D79BC1D84D2E1AB0FFC8BC35658] [21/08/2017] (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\drivers\avkmgr.sys [3AEA7D79BC1D84D2E1AB0FFC8BC35658] [21/08/2017] (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\drivers\avnetflt.sys [3D3C455A5C7B7B2666915EB21857D7EA] [12/04/2018] (.Piriform Ltd.) - C:\Program Files\CCleaner\uninst.exe [458A21BAAB49CA0952DCDA5B6CCDE22A] [17/09/2017] (.Flexera Software LLC.) - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [48B5E1F21E14967333BED28F9E33B119] [21/10/2016] (.Adobe Systems Incorporated.) - C:\Program Files\Red Giant\Colorista IV\panel\AdobeExtensionManager\ExManBridgeTalkCmd. exe [4CFC1A5E1400453F59A426CA71F0AA6F] [07/10/2016] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe Bridge CC 2017\Bridge.exe [4D11D580AB75EDF1C6253EF239B514DC] [18/03/2018] (.TeamSpeak Systems GmbH.) - C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe [4E4563ADEAD3FEDAC7BD44EC5C590577] [26/10/2015] (.Razer Inc..) - C:\WINDOWS\System32\drivers\rzendpt.sys [4E4563ADEAD3FEDAC7BD44EC5C590577] [26/10/2015] (.Razer Inc..) - C:\WINDOWS\System32\drivers\rzudd.sys [4F73D99A8EF7E48CF4153120FFD4C174] [16/04/2018] (.Fatshark AB.) - C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe [51029B3B9CB48FA076FA2DA87A91DB42] [12/05/2018] (.Epic Games Inc..) - D:\EpicGames\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLaun cher.exe [51029B3B9CB48FA076FA2DA87A91DB42] [12/05/2018] (.Epic Games Inc..) - D:\epicgames\epic games\launcher\portal\binaries\win64\epicgameslaun cher.exe [51029B3B9CB48FA076FA2DA87A91DB42] [12/05/2018] (.Epic Games Inc..) - D:\epicgames\fortnite\fortnitegame\binaries\win64\ fortniteclient-win64-shipping.exe [529E3F9FCF7D58D520D607AB74395002] [11/08/2017] (.win.rar GmbH.) - C:\Program Files\WinRAR\Ace32Loader.exe [529E3F9FCF7D58D520D607AB74395002] [11/08/2017] (.win.rar GmbH.) - C:\Program Files\WinRAR\RarExt.dll [529E3F9FCF7D58D520D607AB74395002] [14/08/2017] (.win.rar GmbH.) - C:\Program Files\WinRAR\uninstall.exe [54CCA67C86AD2DDFBB5CE4D41DC7A3E2] [25/09/2017] (.Epic Games Inc..) - C:\ProgramData\Package Cache{c6c5a357-c7ca-4a5f-9789-3bb1af579253}\LauncherPrereqSetup_x64.exe [5CA430E4777412A8230BF839F782D4F7] [01/03/2017] (.Advanced Micro Devices Inc..) - C:\WINDOWS\System32\drivers\amdgpio2.sys [5CA430E4777412A8230BF839F782D4F7] [10/10/2017] (.Advanced Micro Devices Inc..) - C:\WINDOWS\System32\drivers\AMDPCIDev.sys [5CA430E4777412A8230BF839F782D4F7] [16/06/2017] (.Advanced Micro Devices Inc..) - C:\WINDOWS\System32\drivers\amdkmcsp.sys [5CA430E4777412A8230BF839F782D4F7] [16/06/2017] (.Advanced Micro Devices Inc..) - C:\WINDOWS\System32\drivers\amdpsp.sys [5CA430E4777412A8230BF839F782D4F7] [31/03/2017] (.Advanced Micro Devices Inc..) - C:\Program Files\AMD\RyzenMaster\bin\AMD Ryzen Master.exe [610AF5D800060000004C] [29/08/2017] (.AMD PMP-PE CB Code Signer v20160415.) - C:\WINDOWS\System32\drivers\amdgpio3.sys [6CD282A2D9A2C158505B178D59518B7B] [04/07/2017] (.Simon Tatham.) - C:\Program Files (x86)\PuTTY\pageant.exe [6CD282A2D9A2C158505B178D59518B7B] [04/07/2017] (.Simon Tatham.) - C:\Program Files (x86)\PuTTY\putty.exe [6CD282A2D9A2C158505B178D59518B7B] [04/07/2017] (.Simon Tatham.) - C:\Program Files\PuTTY\pageant.exe [6DC3ED4566163E279D2784C99FFFD787] [08/07/2016] (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe [6DC3ED4566163E279D2784C99FFFD787] [20/09/2017] (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HDCore\Uninstaller.exe [6E42EA611E0363CF23373C698D0C928A] [14/05/2018] (.ESET, spol. s r.o..) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\SwReporter\29.154.200\edls_64.dll [6E42EA611E0363CF23373C698D0C928A] [14/05/2018] (.ESET, spol. s r.o..) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\SwReporter\29.154.200\em001_64.dll [6E42EA611E0363CF23373C698D0C928A] [14/05/2018] (.ESET, spol. s r.o..) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\SwReporter\29.154.200\em002_64.dll [6E42EA611E0363CF23373C698D0C928A] [14/05/2018] (.ESET, spol. s r.o..) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\SwReporter\29.154.200\em003_64.dll [6E42EA611E0363CF23373C698D0C928A] [14/05/2018] (.ESET, spol. s r.o..) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\SwReporter\29.154.200\em004_64.dll [6E42EA611E0363CF23373C698D0C928A] [14/05/2018] (.ESET, spol. s r.o..) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\SwReporter\29.154.200\em005_64.dll [6EA61036BC172E7AF63074AC2CDC2700] [06/04/2017] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe Character Animator CC (Beta)\Support Files\Character Animator.exe [6EA61036BC172E7AF63074AC2CDC2700] [30/05/2017] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe Media Encoder CC 2017\Adobe Media Encoder.exe [6EA61036BC172E7AF63074AC2CDC2700] [30/05/2017] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\Adobe Premiere Pro.exe [6EA61036BC172E7AF63074AC2CDC2700] [31/05/2017] (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Adobe After Effects CC 2017\Support Files\AfterFX.exe [75FB51C8768EF6927BF41DA1A234A1D9] [17/03/2015] (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [76BA9423DDBCE7B145A95F01EE015F17] [09/05/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [76BA9423DDBCE7B145A95F01EE015F17] [09/05/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avguard.exe [76BA9423DDBCE7B145A95F01EE015F17] [09/05/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [76BA9423DDBCE7B145A95F01EE015F17] [09/05/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avshadow.exe [76BA9423DDBCE7B145A95F01EE015F17] [09/05/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [76BA9423DDBCE7B145A95F01EE015F17] [09/05/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\sched.exe [76BA9423DDBCE7B145A95F01EE015F17] [09/05/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\setup.exe [76BA9423DDBCE7B145A95F01EE015F17] [09/05/2018] (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [76BA9423DDBCE7B145A95F01EE015F17] [09/05/2018] (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\drivers\avgntflt.sys [76BA9423DDBCE7B145A95F01EE015F17] [09/05/2018] (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\drivers\avipbb.sys [76BA9423DDBCE7B145A95F01EE015F17] [21/08/2017] (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\drivers\avdevprot.sys [76BA9423DDBCE7B145A95F01EE015F17] [21/08/2017] (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\drivers\avusbflt.sys

**Malnutrition** · 05-16-2018, 11:31 PM

OK, as I am a bit busy, I am going to have another person look over your logs. @gus

**jmarket** · 05-17-2018, 01:40 AM

Hello Zukolol, whilst I look over what’s happening here can I ask if your PC is any better following whats occurred so far.

It will take me a little while to go through your logs but while you are waiting can you please run AdwCleaner and post the logs from it please.

Please go HERE and download AdwCleaner to your Desktop. Once downloaded right click the new icon and select Run as Administrator from the context menu to open the program. It will open at the Dashboard tab and no further changes to the program are necessary at this stage.

Click the Scan Now button.

[MEDIA=imgur]ILRtByH[/MEDIA]

Allow AdwCleaner to start scanning and depending on the amount of data on your PC it may take some time. At the conclusion of the scan any content considered unnecessary will be displayed in the Scan Results box. Ensure all items are selected for removal and click “Clean & Repair”

[MEDIA=imgur]rodxNou[/MEDIA]

After selecting “Clean & Repair” another dialogue box may appear asking to restart now or later. If so choose “Clean & Restart Now”

[MEDIA=imgur]sAbeW6Z[/MEDIA]

Once the PC has restarted if AdwCleaner does not restart then open it again and click “Log Files” tab on the left. All log files will be listed. If you have used the program previously you may have several logs to select from so double click the most recent “Clean” log and it will open a notepad file on your Desktop.

[COLOR=rgb(226, 80, 65)]Please COPY and PASTE the contents of that file in your next post[COLOR=rgb(226, 80, 65)][/COLOR][/COLOR]

**Zukolol** · 05-17-2018, 07:04 AM

Hello, no worries take your time I’m really grateful for the help in any case :love:

I do believe my PC performance improved but I can’t really confirm whether the “random freezes” are gone or not as I’ve also had a pretty busy schedule thus didn’t have time to use my computer extensively!

AdwCleaner log:
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Malwarebytes AdwCleaner 7.1.1.0[/HEADING]
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Build: 04-27-2018[/HEADING]
[HEADING=1]Database: 2018-05-14.1[/HEADING]
[HEADING=1]Support: https://www.malwarebytes.com/support[/HEADING]
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Mode: Clean[/HEADING]
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Start: 05-17-2018[/HEADING]
[HEADING=1]Duration: 00:00:00[/HEADING]
[HEADING=1]OS: Windows 10 Home[/HEADING]
[HEADING=1]Cleaned: 1[/HEADING]
[HEADING=1]Failed: 0[/HEADING]
***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Avira SafeSearch Plus

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

[+] Delete Tracing Keys
[+] Reset Winsock

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

**jmarket** · 05-18-2018, 02:18 AM

Hi Zukolol,

Please left click on the attached Fixlist.txt file at the bottom of this post. On the dialogue box that opens click “Save File” and then “OK”

[MEDIA=imgur]vzol8OV[/MEDIA]

Select a location then save the file. [COLOR=rgb(226, 80, 65)]IMPORTANT the fixlist.txt file must be in the same location as the FRST program otherwise the fix will not work.

[MEDIA=imgur]pjsQ8XB[/MEDIA]

To run the fix right click the FRST icon and choose “Run as Administrator” then click on “Fix”

[MEDIA=imgur]cp0349X[/MEDIA]

Depending on the amount of data to be moved it may take a few minutes to complete, and the computer may reboot. When the fix is complete and/or the computer has rebooted the “Fixlist.txt” file you created will be renamed “Fixlog.txt”

[COLOR=rgb(226, 80, 65)]Please COPY and PASTE the contents of this new file in your next post[COLOR=rgb(226, 80, 65)][/COLOR][/COLOR][/COLOR]

**Zukolol** · 05-18-2018, 08:58 PM

Hey, Fixlog.txt:
[HEADING=1]Fix result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by GUI (18-05-2018 22:54:33) Run:1
Running from C:\Users\GUI\Desktop
Loaded Profiles: GUI (Available Profiles: GUI)
Boot Mode: Normal[/HEADING]
fixlist content:

Start
Createrestorepoint:
closeprocesses:
CHR Extension: (Google Docs hors connexion) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2017-09-17
CHR HKLM...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CustomCLSID: HKU\S-1-5-21-4003686615-4269193129-2528438380-1001_Classes\CLSID{0E270DAA-1BE6-48F2-AC49-9C284CF11570}\InprocServer32 → %%systemroot%%\system32\shell32.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] → {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => → No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] → {05B38830-F4E9-4329-978B-1DD28605D202} => → No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] → {0596C850-7BDD-4C9D-AFDF-873BE6890637} => → No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] → {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => → No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] → {05B38830-F4E9-4329-978B-1DD28605D202} => → No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] → {0596C850-7BDD-4C9D-AFDF-873BE6890637} => → No File
ContextMenuHandlers1: [MEGA (Context menu)] → {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => → No File
Task: {2404B119-119F-4CC3-B0C3-7E2B71AA15C0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-04-12] (Piriform Ltd)
Task: {659F87B0-F484-4F88-9AD9-699181C559B0} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-UL056C5-GUI => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf[ICODE]usjbm[/ICODE]bfjhinhqhifh [0]
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
2018-04-26 00:32 - 2018-04-26 00:32 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign43d18a5fdd1b 4514
2018-04-26 00:31 - 2018-04-26 00:31 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsignf0f5068fecee 5a82
2018-04-26 00:31 - 2018-04-26 00:31 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsignc49c3dd71168 6c9c
2018-04-26 00:31 - 2018-04-26 00:31 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign3b1f9197ad48 c676
2018-04-26 00:31 - 2018-04-26 00:31 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign2d317a5f4608 fd90
2018-04-26 00:30 - 2018-04-26 00:30 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsigna3d889681ebf 14c9
2018-04-26 00:25 - 2018-04-26 00:25 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsignedc92e2e6b33 69bf
2018-04-26 00:25 - 2018-04-26 00:25 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsignd7b4f570afd3 52a0
2018-04-26 00:25 - 2018-04-26 00:25 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsignc1213f9b419e ee20
2018-04-26 00:25 - 2018-04-26 00:25 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign58599ae5ba05 3274
2018-04-26 00:25 - 2018-04-26 00:25 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign126210bca674 0e95
2018-04-26 00:24 - 2018-04-26 00:24 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign8acacf2fe908 5008
2018-04-26 00:24 - 2018-04-26 00:24 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign0f5797946d0d fd05
2018-04-25 11:38 - 2018-04-25 11:38 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign11a9026f77ea efcd
2018-04-19 17:20 - 2018-04-19 17:20 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign1d4145d8e753 eebc
2018-04-19 16:21 - 2018-04-19 16:21 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign2d3c6933b956 4238
2018-04-19 16:14 - 2018-04-19 16:14 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign21e26c4c4ec0 074c
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
Emptytemp:
End

Restore point was successfully created.
Processes closed successfully.
CHR Extension: (Google Docs hors connexion) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2017-09-17 => Error: No automatic fix found for this entry.
“HKLM\SOFTWARE\Google\Chrome\Extensions\caljgklbbf bcjjanaijlacgncafpegll” => removed successfully
“HKLM\SOFTWARE\Google\Chrome\Extensions\ipmkfpcnmc cejididiaagpgchgjfajgp” => removed successfully
“HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extension s\caljgklbbfbcjjanaijlacgncafpegll” => removed successfully
“HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extension s\efaidnbmnnnibpcajpcglclefindmkaj” => removed successfully
“HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extension s\ipmkfpcnmccejididiaagpgchgjfajgp” => removed successfully
“HKU\S-1-5-21-4003686615-4269193129-2528438380-1001_Classes\CLSID{0E270DAA-1BE6-48F2-AC49-9C284CF11570}” => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Classes\CLSID{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Classes\CLSID{05B38830-F4E9-4329-978B-1DD28605D202} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Classes\CLSID{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\Curren tVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\Curren tVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID{05B38830-F4E9-4329-978B-1DD28605D202} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\Curren tVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Classes*\ShellEx\ContextMenuHandlers \MEGA (Context menu) => not found
HKLM\Software\Classes\CLSID{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot{2404B119-119F-4CC3-B0C3-7E2B71AA15C0}” => removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{2404B11 9-119F-4CC3-B0C3-7E2B71AA15C0}” => removed successfully
C:\WINDOWS\System32\Tasks\CCleaner Update => moved successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update” => removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{659F87B 0-F484-4F88-9AD9-699181C559B0}” => removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{659F87B 0-F484-4F88-9AD9-699181C559B0}” => removed successfully
C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-UL056C5-GUI => moved successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeGCI nvoker-1.0-DESKTOP-UL056C5-GUI” => removed successfully
C:\ProgramData\Reprise => “:jhqduwvxlctbqqijsf[ICODE]usjbm[/ICODE]bfjhinhqhifh” ADS removed successfully
C:\Users\Public\AppData => “:CSM” ADS removed successfully
“C:\Users\GUI\AppData\Local\Tempzxpsign43d18a5fdd1 b4514” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsignf0f5068fece e5a82” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsignc49c3dd7116 86c9c” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsign3b1f9197ad4 8c676” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsign2d317a5f460 8fd90” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsigna3d889681eb f14c9” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsignedc92e2e6b3 369bf” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsignd7b4f570afd 352a0” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsignc1213f9b419 eee20” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsign58599ae5ba0 53274” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsign126210bca67 40e95” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsign8acacf2fe90 85008” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsign0f5797946d0 dfd05” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsign11a9026f77e aefcd” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsign1d4145d8e75 3eebc” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsign2d3c6933b95 64238” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsign21e26c4c4ec 0074c” => not found

========= netsh advfirewall reset =========

Ok.

========= End of CMD: =========

========= netsh advfirewall set allprofiles state on =========

Ok.

========= End of CMD: =========

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 155113962 B
Java, Flash, Steam htmlcache => 346472470 B
Windows/system/drivers => 3783794 B
Edge => 1125389 B
Chrome => 781361794 B
Firefox => 396760695 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 29208 B
LocalService => 0 B
NetworkService => 0 B
GUI => 122989539 B

RecycleBin => 75343286 B
EmptyTemp: => 1.8 GB temporary data Removed.

================================

The system needed a reboot.
[HEADING=1]==== End of Fixlog 22:55:20 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by GUI (18-05-2018 22:54:33) Run:1
Running from C:\Users\GUI\Desktop
Loaded Profiles: GUI (Available Profiles: GUI)
Boot Mode: Normal[/HEADING]
fixlist content:

Start
Createrestorepoint:
closeprocesses:
CHR Extension: (Google Docs hors connexion) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2017-09-17
CHR HKLM...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CustomCLSID: HKU\S-1-5-21-4003686615-4269193129-2528438380-1001_Classes\CLSID{0E270DAA-1BE6-48F2-AC49-9C284CF11570}\InprocServer32 → %%systemroot%%\system32\shell32.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] → {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => → No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] → {05B38830-F4E9-4329-978B-1DD28605D202} => → No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] → {0596C850-7BDD-4C9D-AFDF-873BE6890637} => → No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] → {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => → No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] → {05B38830-F4E9-4329-978B-1DD28605D202} => → No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] → {0596C850-7BDD-4C9D-AFDF-873BE6890637} => → No File
ContextMenuHandlers1: [MEGA (Context menu)] → {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => → No File
Task: {2404B119-119F-4CC3-B0C3-7E2B71AA15C0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-04-12] (Piriform Ltd)
Task: {659F87B0-F484-4F88-9AD9-699181C559B0} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-UL056C5-GUI => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf[ICODE]usjbm[/ICODE]bfjhinhqhifh [0]
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
2018-04-26 00:32 - 2018-04-26 00:32 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign43d18a5fdd1b 4514
2018-04-26 00:31 - 2018-04-26 00:31 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsignf0f5068fecee 5a82
2018-04-26 00:31 - 2018-04-26 00:31 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsignc49c3dd71168 6c9c
2018-04-26 00:31 - 2018-04-26 00:31 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign3b1f9197ad48 c676
2018-04-26 00:31 - 2018-04-26 00:31 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign2d317a5f4608 fd90
2018-04-26 00:30 - 2018-04-26 00:30 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsigna3d889681ebf 14c9
2018-04-26 00:25 - 2018-04-26 00:25 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsignedc92e2e6b33 69bf
2018-04-26 00:25 - 2018-04-26 00:25 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsignd7b4f570afd3 52a0
2018-04-26 00:25 - 2018-04-26 00:25 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsignc1213f9b419e ee20
2018-04-26 00:25 - 2018-04-26 00:25 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign58599ae5ba05 3274
2018-04-26 00:25 - 2018-04-26 00:25 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign126210bca674 0e95
2018-04-26 00:24 - 2018-04-26 00:24 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign8acacf2fe908 5008
2018-04-26 00:24 - 2018-04-26 00:24 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign0f5797946d0d fd05
2018-04-25 11:38 - 2018-04-25 11:38 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign11a9026f77ea efcd
2018-04-19 17:20 - 2018-04-19 17:20 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign1d4145d8e753 eebc
2018-04-19 16:21 - 2018-04-19 16:21 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign2d3c6933b956 4238
2018-04-19 16:14 - 2018-04-19 16:14 - 000000000 ____D C:\Users\GUI\AppData\Local\Tempzxpsign21e26c4c4ec0 074c
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
Emptytemp:
End

Restore point was successfully created.
Processes closed successfully.
CHR Extension: (Google Docs hors connexion) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2017-09-17 => Error: No automatic fix found for this entry.
“HKLM\SOFTWARE\Google\Chrome\Extensions\caljgklbbf bcjjanaijlacgncafpegll” => removed successfully
“HKLM\SOFTWARE\Google\Chrome\Extensions\ipmkfpcnmc cejididiaagpgchgjfajgp” => removed successfully
“HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extension s\caljgklbbfbcjjanaijlacgncafpegll” => removed successfully
“HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extension s\efaidnbmnnnibpcajpcglclefindmkaj” => removed successfully
“HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extension s\ipmkfpcnmccejididiaagpgchgjfajgp” => removed successfully
“HKU\S-1-5-21-4003686615-4269193129-2528438380-1001_Classes\CLSID{0E270DAA-1BE6-48F2-AC49-9C284CF11570}” => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Classes\CLSID{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Classes\CLSID{05B38830-F4E9-4329-978B-1DD28605D202} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Classes\CLSID{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\Curren tVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\Curren tVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID{05B38830-F4E9-4329-978B-1DD28605D202} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\Curren tVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Classes*\ShellEx\ContextMenuHandlers \MEGA (Context menu) => not found
HKLM\Software\Classes\CLSID{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot{2404B119-119F-4CC3-B0C3-7E2B71AA15C0}” => removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{2404B11 9-119F-4CC3-B0C3-7E2B71AA15C0}” => removed successfully
C:\WINDOWS\System32\Tasks\CCleaner Update => moved successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update” => removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{659F87B 0-F484-4F88-9AD9-699181C559B0}” => removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{659F87B 0-F484-4F88-9AD9-699181C559B0}” => removed successfully
C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-UL056C5-GUI => moved successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeGCI nvoker-1.0-DESKTOP-UL056C5-GUI” => removed successfully
C:\ProgramData\Reprise => “:jhqduwvxlctbqqijsf[ICODE]usjbm[/ICODE]bfjhinhqhifh” ADS removed successfully
C:\Users\Public\AppData => “:CSM” ADS removed successfully
“C:\Users\GUI\AppData\Local\Tempzxpsign43d18a5fdd1 b4514” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsignf0f5068fece e5a82” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsignc49c3dd7116 86c9c” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsign3b1f9197ad4 8c676” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsign2d317a5f460 8fd90” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsigna3d889681eb f14c9” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsignedc92e2e6b3 369bf” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsignd7b4f570afd 352a0” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsignc1213f9b419 eee20” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsign58599ae5ba0 53274” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsign126210bca67 40e95” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsign8acacf2fe90 85008” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsign0f5797946d0 dfd05” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsign11a9026f77e aefcd” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsign1d4145d8e75 3eebc” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsign2d3c6933b95 64238” => not found
“C:\Users\GUI\AppData\Local\Tempzxpsign21e26c4c4ec 0074c” => not found

========= netsh advfirewall reset =========

Ok.

========= End of CMD: =========

========= netsh advfirewall set allprofiles state on =========

Ok.

========= End of CMD: =========

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 155113962 B
Java, Flash, Steam htmlcache => 346472470 B
Windows/system/drivers => 3783794 B
Edge => 1125389 B
Chrome => 781361794 B
Firefox => 396760695 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 29208 B
LocalService => 0 B
NetworkService => 0 B
GUI => 122989539 B

RecycleBin => 75343286 B
EmptyTemp: => 1.8 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 22:55:20 ====

**Malnutrition** · 05-18-2018, 09:55 PM

Can you post fresh FRST logs for Gus, and let us know what issues remain please.

**Zukolol** · 05-19-2018, 08:26 AM

Yes, my bad

Fresh FRST.txt log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by GUI (administrator) on DESKTOP-UL056C5 (19-05-2018 10:21:30)
Running from C:\Users\GUI\Desktop
Loaded Profiles: GUI (Available Profiles: GUI)
Platform: Windows 10 Home Version 1709 16299.431 (X64) Language: Français (France)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Parsec) C:\Program Files\Parsec\pservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0 _x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(GNE) C:\Users\GUI\Desktop\Tools\dual monitor\SwapScreen.exe
(ShareX Team) C:\Program Files\ShareX\ShareX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.100 1.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.ex e
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.ex e
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.e xe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64 .exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Farbar) C:\Users\GUI\Desktop\FRST64english.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-11-16] (Realtek Semiconductor)
HKLM...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-03-28] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-4003686615-4269193129-2528438380-1001...\Run: [GNE_SwapScreen] => C:\Users\GUI\Desktop\Tools\dual monitor\SwapScreen.exe [166912 2014-01-08] (GNE)
Startup: C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\ShareX.lnk [2018-05-02]
ShortcutTarget: ShareX.lnk → C:\Program Files\ShareX\ShareX.exe (ShareX Team)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip..\Interfaces{e4e99d05-3fa5-4f09-81c6-4986807542a3}: [DhcpNameServer] 192.168.0.254
[HEADING=1]Internet Explorer:[/HEADING]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: No Name → {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} → C:\Users\GUI\Downloads\OldNewExplorer64.dll [2017-08-16] (www.startisback.com)
BHO: Lync Browser Helper → {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} → C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-03-29] (Microsoft Corporation)
BHO: ExplorerBHO Class → {449D0D6E-2412-4E61-B68F-1CB625CD9E52} → C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
BHO: Adobe Acrobat Create PDF Helper → {AE7CD045-E861-484f-8273-0445EE161910} → C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavSt ub.dll [2017-08-24] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection → {F4971EE7-DAA0-4053-9964-665D8EE6A077} → C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavSt ub.dll [2017-08-24] (Adobe Systems Incorporated)
BHO-x32: No Name → {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} → C:\Users\GUI\Downloads\OldNewExplorer32.dll [2017-08-16] (www.startisback.com)
BHO-x32: Lync Browser Helper → {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} → C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-03-29] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class → {449D0D6E-2412-4E61-B68F-1CB625CD9E52} → C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF Helper → {AE7CD045-E861-484f-8273-0445EE161910} → C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.d ll [2017-08-24] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection → {F4971EE7-DAA0-4053-9964-665D8EE6A077} → C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.d ll [2017-08-24] (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavSt ub.dll [2017-08-24] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.d ll [2017-08-24] (Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-29] (Microsoft Corporation)
[HEADING=1]FireFox:[/HEADING]
FF ProfilePath: C:\Users\GUI\AppData\Roaming\Mozilla\Firefox\Profi les\htEukEjR.default [2018-05-18]
FF Session Restore: Mozilla\Firefox\Profiles\htEukEjR.default → is enabled.
FF Extension: (uBlock Origin) - C:\Users\GUI\AppData\Roaming\Mozilla\Firefox\Profi les\htEukEjR.default\ExtensionsuBlock0@raymondhill.net.xpi [2018-05-16]
FF HKLM...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_ex tn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_ex tn\adobe_acrobat-1.0-windows.xpi [2018-02-02]
FF HKLM-x32...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_ex tn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer → C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_ 140.dll [2018-04-11] ()
FF Plugin: adobe.com/AdobeAAMDetect → C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-04-24] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer → C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_ 140.dll [2018-04-11] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 → C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-03-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 → C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-03] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision → C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-05-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming → C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-05-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 → C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 → C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 → C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Acrobat → C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-02-22] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect → C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-04-24] (Adobe Systems)
[HEADING=1]Chrome:[/HEADING]
CHR DefaultProfile: Default
CHR StartupUrls: Default → “”,“hxxps://www.google.fr/”
CHR Session Restore: Default → is enabled.
CHR Profile: C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default [2018-05-19]
CHR Extension: (Slides) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2018-05-17]
CHR Extension: (Docs) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2018-05-17]
CHR Extension: (Google Drive) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2018-05-17]
CHR Extension: (AdGuard AdBlocker) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhik gbkllg [2018-05-17]
CHR Extension: (ColorZilla) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocn mhomnp [2018-05-18]
CHR Extension: (YouTube) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2018-05-17]
CHR Extension: (Poe.trade ignore list) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\faapmfhhchgkfinplpkfemkfab ngkioc [2018-05-17]
CHR Extension: (Full Page Screen Capture) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoa lclacl [2018-05-17]
CHR Extension: (Sheets) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2018-05-17]
CHR Extension: (Google Docs hors connexion) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2018-05-17]
CHR Extension: (Page Ruler) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlpkojjdgbllmedoapgfodplfh cbnbpn [2018-05-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2018-05-17]
CHR Extension: (Gmail) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2018-05-17]
CHR Extension: (Chrome Media Router) - C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2018-05-17]
CHR Profile: C:\Users\GUI\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-05-19]
CHR Profile: C:\Users\GUI\AppData\Local\Google\Chrome\User Data\System Profile [2018-05-19]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-04-24] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [879128 2018-05-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [224472 2018-05-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [224472 2018-05-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1165320 2018-05-09] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [449240 2018-03-28] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5745672 2018-04-25] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8521384 2018-03-24] (Microsoft Corporation)
S3 Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe [1446592 2017-01-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774784 2018-03-16] (EasyAntiCheat Ltd)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-04-22] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-04-22] (NVIDIA Corporation)
R2 Parsec; C:\Program Files\Parsec\pservice.exe [190536 2018-03-20] (Parsec)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-20] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
R2 NVDisplay.ContainerLocalSystem; “C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe” -s NVDisplay.ContainerLocalSystem -f “C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSys tem.log” -l 3 -d “C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSyste m” -r -p 30000
R2 NvTelemetryContainer; “C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe” -s NvTelemetryContainer -f “C:\ProgramData\NVIDIA\NvTelemetryContainer.log” -l 3 -d “C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins” -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [43400 2017-03-01] (Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33144 2017-08-29] (Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31112 2017-10-10] (Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243048 2017-06-16] (Advanced Micro Devices, Inc. )
R2 AMDRyzenMasterDriver1.0.0; C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys [70312 2017-03-27] (Advanced Micro Devices)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-08-21] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [179376 2018-05-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [169864 2018-05-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-08-21] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-08-21] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [38048 2017-08-21] (Avira Operations GmbH & Co. KG)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2017-11-27] (Bluestack System Inc. )
R3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264 2017-09-17] (Disc Soft Ltd)
S3 Kinonih; C:\WINDOWS\System32\drivers\kinonih.sys [32256 2016-06-22] (Kinoni)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ dispi.inf_amd64_38c9bee769f9ef1f\nvlddmkm.sys [17168744 2018-05-08] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-04-22] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2018-04-24] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [58816 2018-05-07] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-10-26] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [45752 2017-07-19] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [139704 2017-08-19] (Razer, Inc.)
R3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [53128 2018-01-19] (Benjamin Höglinger-Stelzer)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2018-05-14] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-05-14] (Zemana Ltd.)
S3 cpuz143; ??\C:\Users\GUI\AppData\Local\Temp\cpuz143\cpuz143 _x64.sys <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-18 22:54 - 2018-05-18 22:55 - 000010224 _____ C:\Users\GUI\Desktop\Fixlog.txt
2018-05-18 22:54 - 2018-05-18 22:54 - 000000000 ____D C:\Users\GUI\Desktop\FRST-OlderVersion
2018-05-18 22:51 - 2018-05-18 22:52 - 000119523 _____ C:\Users\GUI\Documents\DESKTOP-UL056C5.txt
2018-05-18 22:51 - 2018-05-18 22:51 - 000000841 _____ C:\Users\Public\Desktop\Speccy.lnk
2018-05-18 22:51 - 2018-05-18 22:51 - 000000000 ____D C:\Program Files\Speccy
2018-05-18 22:48 - 2018-05-18 22:48 - 000014663 _____ C:\junk.txt
2018-05-18 22:47 - 2018-05-18 22:47 - 000020477 _____ C:\Users\GUI\Desktop\System Idle Process.txt
2018-05-18 22:37 - 2018-05-18 22:37 - 000041800 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2018-05-18 22:35 - 2018-05-18 22:35 - 002724512 _____ (Sysinternals - www.sysinternals.com) C:\Users\GUI\Desktop\procexp.exe
2018-05-17 12:06 - 2018-05-17 12:06 - 000000000 ___HD C:$SysReset
2018-05-17 11:55 - 2018-05-17 11:55 - 003099008 _____ C:\Users\GUI\ZHPDiag3.exe
2018-05-17 11:38 - 2018-05-17 11:38 - 000003418 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineU A
2018-05-17 11:38 - 2018-05-17 11:38 - 000003294 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineC ore
2018-05-17 11:38 - 2018-05-17 11:38 - 000002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-17 11:36 - 2018-05-17 11:36 - 000319695 _____ C:\Users\GUI\Desktop\favoris_17_05_2018.html
2018-05-17 11:35 - 2018-05-17 13:37 - 000000660 _____ C:\Users\GUI\Desktop\Nouveau document texte (2).txt
2018-05-17 00:48 - 2018-05-17 00:48 - 000000000 ____D C:\Users\GUI\AppData\LocalLow\achebit
2018-05-15 00:35 - 2018-05-15 00:35 - 000001517 _____ C:\Users\GUI\Desktop\ZHPFixReport.txt
2018-05-15 00:32 - 2018-05-15 00:32 - 000001926 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2018-05-15 00:32 - 2018-05-15 00:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2018-05-15 00:32 - 2018-05-15 00:32 - 000000000 ____D C:\Program Files (x86)\ZHPFix
2018-05-15 00:07 - 2018-05-15 00:07 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-05-15 00:06 - 2018-05-15 00:33 - 000000000 ____D C:\ProgramData\RogueKiller
2018-05-15 00:05 - 2018-05-15 00:05 - 027045960 _____ (Adlice Software) C:\Users\GUI\Desktop\RogueKiller_portable64.exe
2018-05-14 09:08 - 2018-05-15 00:39 - 000188659 _____ C:\Users\GUI\Desktop\ZHPDiag.txt
2018-05-14 09:04 - 2018-05-15 00:39 - 000000000 ____D C:\Users\GUI\AppData\Roaming\ZHP
2018-05-14 09:04 - 2018-05-15 00:38 - 000000730 _____ C:\Users\GUI\Desktop\ZHPDiag.lnk
2018-05-14 09:04 - 2018-05-14 09:04 - 000000000 ____D C:\Users\GUI\AppData\Local\ZHP
2018-05-14 09:02 - 2018-05-19 10:21 - 000230639 _____ C:\WINDOWS\ZAM.krnl.trace
2018-05-14 09:02 - 2018-05-19 10:21 - 000053986 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-05-14 09:02 - 2018-05-14 09:02 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2018-05-14 09:02 - 2018-05-14 09:02 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2018-05-14 09:02 - 2018-05-14 09:02 - 000000000 ____D C:\Users\GUI\AppData\Local\Zemana
2018-05-14 09:02 - 2018-05-14 09:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2018-05-14 09:02 - 2018-05-14 09:02 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2018-05-14 09:00 - 2018-05-14 09:00 - 000000000 ____D C:\SecurityCheck
2018-05-13 22:17 - 2018-05-13 23:57 - 124674298 _____ C:\Users\GUI\Desktop\IDENTITE VISUELLE - IIM CDEB 2 - Prouet Plachez Oudet Ouaksel.rar
2018-05-12 23:50 - 2018-05-12 23:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-05-12 23:29 - 2018-05-15 00:36 - 000000295 _____ C:\Users\GUI\Desktop\Nouveau document texte.txt
2018-05-12 17:47 - 2018-05-19 10:18 - 000060109 _____ C:\Users\GUI\Desktop\Addition.txt
2018-05-12 17:46 - 2018-05-19 10:21 - 000020246 _____ C:\Users\GUI\Desktop\FRST.txt
2018-05-12 17:28 - 2018-05-12 17:28 - 005200384 _____ (AVAST Software) C:\Users\GUI\Desktop\aswmbr.exe
2018-05-12 14:16 - 2018-05-12 14:17 - 000000000 ____D C:\AdwCleaner
2018-05-12 14:16 - 2018-05-12 14:16 - 007271632 _____ (Malwarebytes) C:\Users\GUI\Desktop\adwcleaner_7.1.1.exe
2018-05-12 14:05 - 2018-05-19 10:21 - 000000000 ____D C:\FRST
2018-05-12 14:05 - 2018-05-18 22:54 - 002413056 _____ (Farbar) C:\Users\GUI\Desktop\FRST64english.exe
2018-05-12 13:44 - 2018-05-07 21:26 - 000132488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-05-12 13:43 - 2018-05-12 13:43 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-05-12 13:43 - 2018-03-02 04:04 - 000828216 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-05-12 13:43 - 2018-03-02 04:03 - 000960312 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-05-12 13:43 - 2018-03-02 04:03 - 000683832 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-05-12 13:43 - 2018-03-02 04:03 - 000575800 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-05-12 13:42 - 2018-05-12 13:42 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-05-12 13:41 - 2018-05-08 23:22 - 001990688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439764.dll
2018-05-12 13:41 - 2018-05-08 23:22 - 001561504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-05-12 13:41 - 2018-05-08 23:22 - 001467992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439764.dll
2018-05-12 13:41 - 2018-05-08 23:22 - 001417816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-05-12 13:41 - 2018-05-08 23:22 - 001215576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-05-12 13:41 - 2018-05-08 23:22 - 001091432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-05-12 13:41 - 2018-05-08 23:22 - 000749928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-05-12 13:41 - 2018-05-08 23:22 - 000626776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-05-12 13:41 - 2018-05-08 23:22 - 000608704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-05-12 13:41 - 2018-05-08 23:22 - 000517888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 040346984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 035250776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 031273728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 025987296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 013725744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 011271400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 004347832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 003758496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 001358536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 001349712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 001157392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 001070504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 001064424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 000904720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 000813912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 000652344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-05-12 13:41 - 2018-05-08 23:21 - 000634576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-05-12 13:41 - 2018-05-08 23:20 - 017779440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-05-12 13:41 - 2018-05-08 23:20 - 015191088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-05-10 13:40 - 2018-05-10 13:40 - 000000000 ____D C:\Users\GUI\AppData\Roaming\NVIDIA
2018-05-09 10:19 - 2018-05-03 09:57 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-09 10:19 - 2018-05-03 09:43 - 000373664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-09 10:19 - 2018-05-03 09:37 - 000749984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-05-09 10:19 - 2018-05-03 09:37 - 000408992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-05-09 10:19 - 2018-05-03 09:36 - 000437664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-05-09 10:19 - 2018-05-03 08:31 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-09 10:19 - 2018-05-03 08:26 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-05-09 10:19 - 2018-05-03 08:18 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-09 10:19 - 2018-05-03 08:16 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-05-09 10:19 - 2018-05-03 08:16 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-09 10:19 - 2018-05-03 08:16 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-05-09 10:19 - 2018-05-03 08:16 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-05-09 10:19 - 2018-05-03 08:16 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-09 10:19 - 2018-05-03 08:15 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-09 10:19 - 2018-05-03 08:12 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-05-09 10:19 - 2018-05-03 08:11 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-09 10:19 - 2018-05-03 08:09 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-09 10:19 - 2018-05-03 08:09 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-09 10:19 - 2018-05-03 08:07 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-09 10:19 - 2018-05-03 08:02 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2018-05-09 10:19 - 2018-05-03 08:00 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-09 10:19 - 2018-05-03 08:00 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-05-09 10:19 - 2018-05-03 08:00 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-05-09 10:19 - 2018-05-03 07:59 - 018924544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-09 10:19 - 2018-05-03 07:58 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-09 10:19 - 2018-05-03 07:57 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-09 10:19 - 2018-05-03 07:57 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-09 10:19 - 2018-05-03 07:57 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-05-09 10:19 - 2018-05-03 07:56 - 002677248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-05-09 10:19 - 2018-05-03 07:56 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-05-09 10:19 - 2018-05-03 07:56 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-05-09 10:19 - 2018-05-03 07:55 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-09 10:19 - 2018-05-03 07:54 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-05-09 10:19 - 2018-05-03 07:53 - 006060544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-09 10:19 - 2018-05-03 07:53 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-09 10:19 - 2018-05-03 07:52 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-09 10:19 - 2018-05-03 07:52 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-05-09 10:19 - 2018-05-03 07:52 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-09 10:19 - 2018-05-03 07:51 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-09 10:19 - 2018-05-03 07:48 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-05-09 10:19 - 2018-04-16 00:04 - 000779952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-05-09 10:19 - 2018-04-15 23:49 - 001954056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-05-09 10:19 - 2018-04-15 23:49 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-05-09 10:19 - 2018-04-15 23:47 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-05-09 10:19 - 2018-04-15 23:33 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-05-09 10:19 - 2018-04-15 23:32 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-05-09 10:19 - 2018-04-15 23:26 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayR eady.dll
2018-05-09 10:19 - 2018-04-15 23:25 - 001430768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-05-09 10:19 - 2018-04-15 22:47 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-05-09 10:19 - 2018-04-15 22:47 - 001490856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store .dll
2018-05-09 10:19 - 2018-04-15 22:47 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-09 10:19 - 2018-04-15 22:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-05-09 10:19 - 2018-04-15 22:47 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-05-09 10:19 - 2018-04-15 22:38 - 001123464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-05-09 10:19 - 2018-04-15 22:34 - 006482664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayR eady.dll
2018-05-09 10:19 - 2018-04-15 22:14 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-05-09 10:19 - 2018-04-15 22:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-05-09 10:19 - 2018-04-15 22:14 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-05-09 10:19 - 2018-04-15 22:14 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-05-09 10:19 - 2018-04-15 22:12 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-05-09 10:19 - 2018-04-15 22:12 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-05-09 10:19 - 2018-04-15 22:12 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-05-09 10:19 - 2018-04-15 22:08 - 006576128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-09 10:19 - 2018-04-15 22:08 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-05-09 10:19 - 2018-04-15 22:08 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store .TestingFramework.dll
2018-05-09 10:19 - 2018-04-15 22:07 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-05-09 10:19 - 2018-04-15 22:07 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-05-09 10:19 - 2018-04-15 22:07 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store .TestingFramework.dll
2018-05-09 10:19 - 2018-04-15 22:07 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-05-09 10:19 - 2018-04-15 22:06 - 011924480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-09 10:19 - 2018-04-15 22:06 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-05-09 10:19 - 2018-04-15 22:06 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-05-09 10:19 - 2018-04-15 22:05 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-05-09 10:19 - 2018-04-15 22:04 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-05-09 10:19 - 2018-04-15 22:04 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-05-09 10:19 - 2018-04-15 22:04 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-05-09 10:19 - 2018-04-15 22:03 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-09 10:19 - 2018-04-15 22:03 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-05-09 10:19 - 2018-04-15 22:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-05-09 10:19 - 2018-04-15 22:02 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-05-09 10:19 - 2018-04-15 22:02 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-05-09 10:19 - 2018-04-15 22:00 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-05-09 10:18 - 2018-05-03 09:56 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-05-09 10:18 - 2018-05-03 09:56 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-05-09 10:18 - 2018-05-03 09:54 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-05-09 10:18 - 2018-05-03 09:54 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-05-09 10:18 - 2018-05-03 09:53 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-09 10:18 - 2018-05-03 09:53 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-05-09 10:18 - 2018-05-03 09:52 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-05-09 10:18 - 2018-05-03 09:52 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-09 10:18 - 2018-05-03 09:52 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-05-09 10:18 - 2018-05-03 09:51 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-05-09 10:18 - 2018-05-03 09:50 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-05-09 10:18 - 2018-05-03 09:50 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-05-09 10:18 - 2018-05-03 09:50 - 000423328 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-05-09 10:18 - 2018-05-03 09:50 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-05-09 10:18 - 2018-05-03 09:49 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-05-09 10:18 - 2018-05-03 09:48 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-05-09 10:18 - 2018-05-03 09:48 - 000793960 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-09 10:18 - 2018-05-03 09:48 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-05-09 10:18 - 2018-05-03 09:48 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-05-09 10:18 - 2018-05-03 09:47 - 008600472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-09 10:18 - 2018-05-03 09:47 - 001209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-09 10:18 - 2018-05-03 09:45 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-09 10:18 - 2018-05-03 09:45 - 000711936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-05-09 10:18 - 2018-05-03 09:43 - 000702568 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2018-05-09 10:18 - 2018-05-03 09:41 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-05-09 10:18 - 2018-05-03 09:38 - 002574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-09 10:18 - 2018-05-03 09:36 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-09 10:18 - 2018-05-03 09:36 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-09 10:18 - 2018-05-03 09:36 - 000247200 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-05-09 10:18 - 2018-05-03 09:35 - 002472864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-05-09 10:18 - 2018-05-03 09:35 - 000358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-05-09 10:18 - 2018-05-03 09:34 - 021356824 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-09 10:18 - 2018-05-03 09:34 - 000070864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-05-09 10:18 - 2018-05-03 09:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-05-09 10:18 - 2018-05-03 08:44 - 000595448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2018-05-09 10:18 - 2018-05-03 08:43 - 000594056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-09 10:18 - 2018-05-03 08:39 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-05-09 10:18 - 2018-05-03 08:36 - 025254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-09 10:18 - 2018-05-03 08:31 - 006092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-09 10:18 - 2018-05-03 08:29 - 000285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-05-09 10:18 - 2018-05-03 08:28 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-05-09 10:18 - 2018-05-03 08:25 - 020290248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-05-09 10:18 - 2018-05-03 08:19 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-09 10:18 - 2018-05-03 08:19 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-05-09 10:18 - 2018-05-03 08:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-09 10:18 - 2018-05-03 08:18 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-05-09 10:18 - 2018-05-03 08:18 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-05-09 10:18 - 2018-05-03 08:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-05-09 10:18 - 2018-05-03 08:17 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-05-09 10:18 - 2018-05-03 08:16 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-09 10:18 - 2018-05-03 08:16 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2018-05-09 10:18 - 2018-05-03 08:16 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-09 10:18 - 2018-05-03 08:16 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-09 10:18 - 2018-05-03 08:16 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-05-09 10:18 - 2018-05-03 08:15 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\itircl.dll
2018-05-09 10:18 - 2018-05-03 08:15 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-05-09 10:18 - 2018-05-03 08:14 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-09 10:18 - 2018-05-03 08:14 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-05-09 10:18 - 2018-05-03 08:14 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-05-09 10:18 - 2018-05-03 08:13 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-05-09 10:18 - 2018-05-03 08:13 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-05-09 10:18 - 2018-05-03 08:12 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-09 10:18 - 2018-05-03 08:12 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-09 10:18 - 2018-05-03 08:12 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-05-09 10:18 - 2018-05-03 08:09 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-09 10:18 - 2018-05-03 08:09 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-09 10:18 - 2018-05-03 08:09 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-09 10:18 - 2018-05-03 08:09 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-09 10:18 - 2018-05-03 08:09 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-09 10:18 - 2018-05-03 08:09 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-09 10:18 - 2018-05-03 08:09 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-09 10:18 - 2018-05-03 08:09 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-05-09 10:18 - 2018-05-03 08:08 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-05-09 10:18 - 2018-05-03 08:08 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-09 10:18 - 2018-05-03 08:06 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-05-09 10:18 - 2018-05-03 08:05 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-09 10:18 - 2018-05-03 08:05 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2018-05-09 10:18 - 2018-05-03 08:05 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-05-09 10:18 - 2018-05-03 08:04 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-05-09 10:18 - 2018-05-03 08:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-05-09 10:18 - 2018-05-03 08:03 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-05-09 10:18 - 2018-05-03 08:03 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-05-09 10:18 - 2018-05-03 07:58 - 006467072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-05-09 10:18 - 2018-05-03 07:57 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itircl.dll
2018-05-09 10:18 - 2018-05-03 07:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2018-05-09 10:18 - 2018-05-03 07:57 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-09 10:18 - 2018-05-03 07:57 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-09 10:18 - 2018-05-03 07:53 - 007813120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-09 10:18 - 2018-05-03 07:53 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-09 10:18 - 2018-05-03 07:51 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-05-09 10:18 - 2018-05-03 07:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-09 10:18 - 2018-05-03 07:50 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-09 10:18 - 2018-05-03 07:49 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-05-09 10:18 - 2018-05-03 07:48 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-09 10:18 - 2018-05-03 07:48 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2018-05-09 10:18 - 2018-05-03 07:47 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-05-09 10:18 - 2018-04-16 00:07 - 001463344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-05-09 10:18 - 2018-04-16 00:03 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-05-09 10:18 - 2018-04-15 23:57 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-05-09 10:18 - 2018-04-15 23:51 - 002513920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-05-09 10:18 - 2018-04-15 23:50 - 001925760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store .dll
2018-05-09 10:18 - 2018-04-15 23:49 - 000563632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-05-09 10:18 - 2018-04-15 23:48 - 005859248 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-05-09 10:18 - 2018-04-15 23:48 - 001638424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-05-09 10:18 - 2018-04-15 23:38 - 003180720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-05-09 10:18 - 2018-04-15 23:38 - 000979360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-05-09 10:18 - 2018-04-15 23:34 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-05-09 10:18 - 2018-04-15 23:33 - 001269616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-05-09 10:18 - 2018-04-15 23:32 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-05-09 10:18 - 2018-04-15 23:30 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-05-09 10:18 - 2018-04-15 23:29 - 001873944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2018-05-09 10:18 - 2018-04-15 23:29 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-05-09 10:18 - 2018-04-15 23:29 - 000198440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2018-05-09 10:18 - 2018-04-15 23:28 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-09 10:18 - 2018-04-15 23:26 - 002711176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-09 10:18 - 2018-04-15 23:26 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-05-09 10:18 - 2018-04-15 23:25 - 000661920 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2018-05-09 10:18 - 2018-04-15 23:25 - 000327008 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2018-05-09 10:18 - 2018-04-15 23:25 - 000092032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2018-05-09 10:18 - 2018-04-15 23:24 - 000063656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2018-05-09 10:18 - 2018-04-15 23:23 - 001101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-05-09 10:18 - 2018-04-15 22:47 - 001929712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-05-09 10:18 - 2018-04-15 22:47 - 001323336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-05-09 10:18 - 2018-04-15 22:38 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-05-09 10:18 - 2018-04-15 22:38 - 000444280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-05-09 10:18 - 2018-04-15 22:37 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-05-09 10:18 - 2018-04-15 22:36 - 002386832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-05-09 10:18 - 2018-04-15 22:36 - 001575896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2018-05-09 10:18 - 2018-04-15 22:36 - 000832648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-05-09 10:18 - 2018-04-15 22:36 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-09 10:18 - 2018-04-15 22:35 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-05-09 10:18 - 2018-04-15 22:34 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-05-09 10:18 - 2018-04-15 22:34 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-05-09 10:18 - 2018-04-15 22:34 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-05-09 10:18 - 2018-04-15 22:34 - 000572312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2018-05-09 10:18 - 2018-04-15 22:34 - 000279472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2018-05-09 10:18 - 2018-04-15 22:34 - 000166408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2018-05-09 10:18 - 2018-04-15 22:34 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-05-09 10:18 - 2018-04-15 22:34 - 000052248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2018-05-09 10:18 - 2018-04-15 22:16 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-05-09 10:18 - 2018-04-15 22:15 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-05-09 10:18 - 2018-04-15 22:15 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2018-05-09 10:18 - 2018-04-15 22:14 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-05-09 10:18 - 2018-04-15 22:14 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-05-09 10:18 - 2018-04-15 22:14 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-05-09 10:18 - 2018-04-15 22:14 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-05-09 10:18 - 2018-04-15 22:14 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-05-09 10:18 - 2018-04-15 22:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-05-09 10:18 - 2018-04-15 22:13 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-05-09 10:18 - 2018-04-15 22:13 - 000084992 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-05-09 10:18 - 2018-04-15 22:12 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-05-09 10:18 - 2018-04-15 22:12 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2018-05-09 10:18 - 2018-04-15 22:11 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-05-09 10:18 - 2018-04-15 22:11 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.d ll
2018-05-09 10:18 - 2018-04-15 22:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-05-09 10:18 - 2018-04-15 22:11 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2018-05-09 10:18 - 2018-04-15 22:11 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2018-05-09 10:18 - 2018-04-15 22:11 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2018-05-09 10:18 - 2018-04-15 22:11 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-05-09 10:18 - 2018-04-15 22:10 - 001576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-05-09 10:18 - 2018-04-15 22:10 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-09 10:18 - 2018-04-15 22:10 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-05-09 10:18 - 2018-04-15 22:10 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-05-09 10:18 - 2018-04-15 22:10 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dl l
2018-05-09 10:18 - 2018-04-15 22:10 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-05-09 10:18 - 2018-04-15 22:10 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-05-09 10:18 - 2018-04-15 22:10 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-05-09 10:18 - 2018-04-15 22:10 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.d ll
2018-05-09 10:18 - 2018-04-15 22:10 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-05-09 10:18 - 2018-04-15 22:10 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-05-09 10:18 - 2018-04-15 22:10 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2018-05-09 10:18 - 2018-04-15 22:10 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2018-05-09 10:18 - 2018-04-15 22:09 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-05-09 10:18 - 2018-04-15 22:09 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-05-09 10:18 - 2018-04-15 22:09 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2018-05-09 10:18 - 2018-04-15 22:09 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-05-09 10:18 - 2018-04-15 22:09 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2018-05-09 10:18 - 2018-04-15 22:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-05-09 10:18 - 2018-04-15 22:08 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shel l.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHan dlers.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2018-05-09 10:18 - 2018-04-15 22:08 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandle r.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 012689920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 008031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.deskt op.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authenticatio n.Web.Core.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dl l
2018-05-09 10:18 - 2018-04-15 22:07 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authenticatio n.Web.Core.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-05-09 10:18 - 2018-04-15 22:07 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2018-05-09 10:18 - 2018-04-15 22:06 - 013660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-09 10:18 - 2018-04-15 22:06 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dl l
2018-05-09 10:18 - 2018-04-15 22:06 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-05-09 10:18 - 2018-04-15 22:06 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-05-09 10:18 - 2018-04-15 22:06 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2018-05-09 10:18 - 2018-04-15 22:06 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2018-05-09 10:18 - 2018-04-15 22:05 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-05-09 10:18 - 2018-04-15 22:05 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-05-09 10:18 - 2018-04-15 22:05 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dl l
2018-05-09 10:18 - 2018-04-15 22:05 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-05-09 10:18 - 2018-04-15 22:05 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dl l
2018-05-09 10:18 - 2018-04-15 22:05 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 012833280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.oneco re.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 001236480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 000997376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-05-09 10:18 - 2018-04-15 22:04 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-05-09 10:18 - 2018-04-15 22:04 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.service provider.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 004248064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 003177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-05-09 10:18 - 2018-04-15 22:03 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-05-09 10:18 - 2018-04-15 22:03 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-05-09 10:18 - 2018-04-15 22:02 - 004814336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-05-09 10:18 - 2018-04-15 22:02 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-05-09 10:18 - 2018-04-15 22:02 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-05-09 10:18 - 2018-04-15 22:01 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-05-09 10:18 - 2018-04-15 22:01 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2018-05-09 10:18 - 2018-04-15 22:01 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-05-09 10:18 - 2018-04-15 22:01 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2018-05-09 10:18 - 2018-04-15 22:01 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-05-09 10:18 - 2018-04-15 22:01 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2018-05-09 10:18 - 2018-04-15 22:00 - 002223616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-05-09 10:18 - 2018-04-15 22:00 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-05-09 10:18 - 2018-04-15 22:00 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2018-05-09 10:18 - 2018-04-15 22:00 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-05-09 10:18 - 2018-04-15 22:00 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2018-05-09 10:18 - 2018-04-15 22:00 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2018-05-09 10:18 - 2018-04-15 22:00 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2018-05-09 10:18 - 2018-04-15 22:00 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-05-09 10:18 - 2018-04-15 22:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-05-09 10:18 - 2018-04-15 22:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2018-05-09 10:18 - 2018-04-15 21:59 - 001332736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2018-05-09 10:18 - 2018-04-15 21:59 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-05-09 10:18 - 2018-04-15 21:58 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2018-05-09 10:18 - 2018-04-15 21:58 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-05-09 10:18 - 2017-11-26 15:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-05-08 10:34 - 2018-05-12 18:21 - 000000000 ____D C:\Users\GUI\AppData\Local\NVIDIA
2018-05-08 10:34 - 2018-05-12 10:21 - 000000000 ____D C:\Users\GUI\AppData\Local\NVIDIA Corporation
2018-05-08 10:34 - 2018-05-08 10:34 - 000001493 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-05-08 10:34 - 2018-05-07 21:15 - 005947976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-05-08 10:34 - 2018-05-07 21:15 - 002612520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-05-08 10:34 - 2018-05-07 21:15 - 001767552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-05-08 10:34 - 2018-05-07 21:15 - 000634952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-05-08 10:34 - 2018-05-07 21:15 - 000450856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-05-08 10:34 - 2018-05-07 21:15 - 000124384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-05-08 10:34 - 2018-05-07 21:15 - 000083240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-05-08 10:34 - 2018-04-25 08:18 - 008173402 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-05-08 10:34 - 2018-04-24 20:52 - 000195432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-05-08 10:34 - 2018-04-24 20:52 - 000161648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-05-08 10:34 - 2018-04-22 13:04 - 002137024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-05-08 10:34 - 2018-04-22 13:04 - 001310144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-05-08 10:34 - 2018-04-22 13:04 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-05-08 10:33 - 2018-05-19 10:01 - 000000000 ____D C:\ProgramData\NVIDIA
2018-05-08 10:33 - 2018-05-07 21:16 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-05-08 10:33 - 2018-04-28 04:06 - 000552480 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-05-08 10:33 - 2018-04-28 04:06 - 000457144 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-05-08 10:32 - 2018-05-12 13:44 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-05-08 10:32 - 2018-05-08 23:20 - 004089240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-05-08 10:32 - 2018-05-07 23:04 - 000058816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-05-08 10:32 - 2018-05-07 23:04 - 000044277 _____ C:\WINDOWS\system32\nvinfo.pb
2018-05-08 10:32 - 2018-04-28 04:04 - 001990584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439731.dll
2018-05-08 10:32 - 2018-04-28 04:04 - 001467992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439731.dll
2018-05-08 10:32 - 2018-04-24 21:33 - 001688104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2018-05-08 10:32 - 2018-04-24 21:33 - 000226280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2018-05-08 10:32 - 2018-04-24 21:33 - 000046064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2018-05-08 10:32 - 2018-04-24 20:52 - 000059240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2018-05-08 10:30 - 2018-05-08 10:30 - 000000000 ____D C:\NVIDIA
2018-05-08 10:15 - 2018-05-08 10:30 - 000000000 ____D C:\Program Files (x86)\Free Window Registry Repair
2018-05-08 10:15 - 2018-05-08 10:27 - 000000000 ____D C:\Users\GUI\AppData\Roaming\Free Window Registry Repair
2018-05-08 10:15 - 2018-05-08 10:15 - 000000000 ____D C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Free Window Registry Repair
2018-05-08 09:55 - 2018-05-08 10:25 - 000000000 ____D C:\Users\GUI\Desktop\Jeux
2018-05-08 08:15 - 2018-05-08 09:59 - 000000000 ___D C:\Users\GUI\Desktop\pickup
2018-05-06 18:03 - 2018-05-08 10:37 - 000003140 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLog on{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-04 00:44 - 2018-05-04 00:44 - 000001497 _____ C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Infini2y. Pack of Transitions’ Presets.lnk
2018-05-02 13:14 - 2018-05-02 13:14 - 001301139 _____ C:\WINDOWS\unins000.exe
2018-05-02 13:14 - 2018-05-02 13:14 - 000137655 _____ C:\WINDOWS\unins000.dat
2018-05-02 13:14 - 2018-05-02 13:14 - 000000000 ____D C:\ProgramData\FXHOME
2018-05-02 13:14 - 2016-12-12 03:36 - 001655296 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\system32\libeay32.dll
2018-05-02 13:14 - 2016-12-12 03:36 - 000348160 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\system32\ssleay32.dll
2018-05-02 13:14 - 2013-10-05 01:58 - 000963232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pmsvcr120.dll
2018-05-02 13:14 - 2013-10-05 01:58 - 000660128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pmsvcp120.dll
2018-05-02 13:14 - 2013-10-05 01:58 - 000356528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pvccorlib120.dll
2018-05-02 00:27 - 2018-05-18 05:02 - 000000000 ____D C:\Users\GUI\Documents\ShareX
2018-05-02 00:27 - 2018-05-02 00:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShareX
2018-05-02 00:27 - 2018-05-02 00:27 - 000000000 ____D C:\Program Files\ShareX
2018-04-28 16:52 - 2018-04-28 16:52 - 000000000 ____D C:\Users\GUI\AppData\Local\Hero_Siege
2018-04-26 18:53 - 2018-04-26 18:53 - 000000000 ____D C:\Program Files\CCleaner
2018-04-26 18:38 - 2018-05-10 23:47 - 000000000 ____D C:\Users\GUI\AppData\Roaming\Molotov
2018-04-26 18:38 - 2018-04-26 18:38 - 000002255 _____ C:\Users\GUI\Desktop\Molotov.lnk
2018-04-26 18:38 - 2018-04-26 18:38 - 000000000 ____D C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Molotov
2018-04-26 18:38 - 2018-04-26 18:38 - 000000000 ____D C:\Users\GUI\AppData\Local\Molotov
2018-04-26 18:26 - 2018-04-26 18:26 - 000001306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2018-04-26 01:32 - 2018-04-26 01:32 - 000000000 ____D C:\ProgramData\aescripts
2018-04-26 01:31 - 2018-04-26 01:32 - 000000000 ____D C:\Users\GUI\AppData\Roaming\aescripts
2018-04-26 01:31 - 2018-04-26 01:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aescripts
2018-04-25 14:20 - 2018-04-25 15:56 - 000000000 ____D C:\Users\GUI\Desktop\DDNet-11.1.4-win64
2018-04-25 12:30 - 2018-04-25 12:30 - 001690609 _____ C:\Users\GUI\Desktop\Stop Stealing Sheep - Typography.pdf
2018-04-25 00:28 - 2018-05-16 00:09 - 000000000 ____D C:\Users\GUI\AppData\Roaming\Parsec
2018-04-25 00:28 - 2018-04-25 00:28 - 000000000 ____D C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Parsec
2018-04-25 00:28 - 2018-04-25 00:28 - 000000000 ____D C:\Program Files\Parsec
2018-04-24 18:13 - 2018-04-24 18:14 - 000000000 ____D C:\Users\GUI\AppData\Local\The_Swords_of_Ditto
2018-04-24 09:57 - 2018-04-24 09:57 - 000001110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic CC.lnk
2018-04-24 09:54 - 2018-04-24 09:54 - 000001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC 2018.lnk
2018-04-24 09:53 - 2018-04-24 09:53 - 000000000 ____D C:\Users\Public\Documents\Steam
2018-04-24 09:53 - 2018-04-24 09:53 - 000000000 ____D C:\Users\GUI\AppData\Roaming\FiraxisLive
2018-04-24 09:52 - 2018-04-24 09:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sid Meiers Civilization VI Rise and Fall
2018-04-24 09:51 - 2018-04-24 09:51 - 000002524 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2018.lnk
2018-04-24 09:49 - 2018-04-24 09:52 - 000000000 ____D C:\Users\GUI\Desktop\Civ6
2018-04-24 09:49 - 2018-04-24 09:49 - 000001089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2018.lnk
2018-04-24 09:47 - 2018-04-24 09:48 - 000000062 _____ C:\Users\GUI\AppData\Roaming~SiMPLEX.ini
2018-04-24 09:47 - 2018-04-24 09:48 - 000000000 ____D C:\Users\GUI\Desktop\Northgard
2018-04-22 20:18 - 2018-05-13 11:32 - 000000000 ____D C:\Users\GUI\Desktop\indesign
2018-04-22 20:15 - 2018-04-22 20:16 - 000000000 ____D C:\Users\GUI\Desktop\PPT TUTO
2018-04-22 20:13 - 2018-04-24 09:55 - 000000000 ____D C:\Users\GUI\Desktop\terraria
2018-04-22 19:59 - 2018-05-08 18:21 - 000000000 ____D C:\Users\GUI\Desktop\tw
2018-04-22 19:46 - 2018-04-22 19:46 - 023412381 _____ C:\Users\GUI\Desktop\vgb-dr-2017-mise-en-ligne.pdf
2018-04-22 19:46 - 2018-04-22 19:46 - 001153898 _____ C:\Users\GUI\Desktop\renault_q1-2017-financial-results.pdf
2018-04-19 10:09 - 2018-05-18 00:24 - 000001891 _____ C:\Users\GUI\Desktop\photoshop.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-19 10:21 - 2017-09-17 13:12 - 000000000 ____D C:\Users\GUI\AppData\Local\CrashDumps
2018-05-19 10:21 - 2017-09-17 13:11 - 000000000 ____D C:\Program Files (x86)\Steam
2018-05-19 10:18 - 2017-09-17 12:00 - 000000000 ____D C:\Users\GUI\AppData\Local\ClassicShell
2018-05-19 10:06 - 2017-11-23 22:28 - 002608730 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-19 10:06 - 2017-09-30 16:40 - 001226620 _____ C:\WINDOWS\system32\perfh00C.dat
2018-05-19 10:06 - 2017-09-30 16:40 - 000276042 _____ C:\WINDOWS\system32\perfc00C.dat
2018-05-19 10:01 - 2017-11-23 22:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-18 23:00 - 2017-09-29 10:45 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2018-05-18 22:58 - 2018-03-29 14:29 - 000000000 ____D C:\Users\GUI\Desktop\projet
2018-05-18 22:56 - 2017-11-23 22:17 - 000565408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-18 22:55 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-05-18 22:53 - 2017-11-28 18:17 - 000000000 ____D C:\Users\GUI\Desktop\ARAWAK
2018-05-18 22:39 - 2017-11-23 22:20 - 000000000 ____D C:\Users\GUI\AppData\Local\Packages
2018-05-18 20:07 - 2017-11-23 22:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-18 10:08 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-18 09:50 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-18 09:50 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-18 04:48 - 2017-09-17 11:29 - 000000000 ____D C:\Users\GUI\AppData\Roaming\Adobe
2018-05-18 00:42 - 2017-09-17 12:18 - 000000000 ___RD C:\Users\GUI\Creative Cloud Files
2018-05-18 00:40 - 2017-09-17 12:08 - 000000000 ____D C:\Users\GUI\AppData\Local\Adobe
2018-05-17 14:41 - 2017-09-17 13:12 - 000000000 ____D C:\Users\GUI\AppData\LocalLow\Mozilla
2018-05-17 11:55 - 2017-11-23 22:20 - 000000000 ____D C:\Users\GUI
2018-05-17 11:38 - 2017-09-17 11:31 - 000000000 ____D C:\Users\GUI\AppData\Local\Google
2018-05-17 11:38 - 2017-09-17 11:31 - 000000000 ____D C:\Program Files (x86)\Google
2018-05-17 11:09 - 2017-09-17 17:22 - 000000000 ____D C:\Users\GUI\Desktop\backup
2018-05-17 10:40 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-05-16 23:58 - 2017-09-17 16:33 - 000000000 ____D C:\Users\GUI\AppData\Roaming\Teeworlds
2018-05-15 22:57 - 2017-09-17 16:09 - 000000000 ____D C:\Users\GUI\AppData\Roaming\vlc
2018-05-15 20:49 - 2018-03-28 22:59 - 000000000 ____D C:\Users\GUI\Desktop\Series
2018-05-15 10:36 - 2017-10-30 20:44 - 000000000 ____D C:\Users\GUI\Desktop\macro
2018-05-15 10:36 - 2017-09-16 12:45 - 000000000 ____D C:\Users\GUI\Documents\AutoHotKey
2018-05-15 10:35 - 2017-09-16 12:51 - 000000000 ____D C:\Users\GUI\Documents\PoE-TradeMacro
2018-05-15 09:28 - 2017-09-26 09:51 - 000000600 _____ C:\Users\GUI\AppData\Local\PUTTY.RND
2018-05-15 00:30 - 2017-03-18 23:03 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-05-13 18:30 - 2017-09-17 14:11 - 000000033 _____ C:\Users\GUI\AppData\Roaming\AdobeWLCMCache.dat
2018-05-13 09:46 - 2017-09-17 13:11 - 000000000 ____D C:\Users\GUI\AppData\Local\Battle.net
2018-05-13 09:46 - 2017-09-17 13:11 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2018-05-12 23:53 - 2017-11-01 16:54 - 000000000 ____D C:\Program Files (x86)\Minecraft
2018-05-12 23:48 - 2017-09-17 13:31 - 000000000 ____D C:\Users\GUI\Documents\My Games
2018-05-12 20:42 - 2017-09-16 12:45 - 000002900 _____ C:\Users\GUI\Desktop\rocketleaguevideo.txt
2018-05-12 13:44 - 2017-09-17 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-05-12 11:02 - 2017-09-17 12:10 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-05-11 16:59 - 2017-09-25 13:08 - 000000000 ____D C:\Users\GUI\AppData\Roaming\audacity
2018-05-09 20:04 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-05-09 19:55 - 2017-10-21 11:17 - 000000000 ___RD C:\Users\GUI\3D Objects
2018-05-09 19:55 - 2017-09-17 11:29 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-09 13:28 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-05-09 13:28 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-05-09 13:28 - 2017-09-29 15:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-09 13:28 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-05-09 13:28 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-09 13:28 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-05-09 13:28 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-05-09 13:28 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\servicing
2018-05-09 12:41 - 2017-09-17 13:12 - 000000000 ____D C:\Users\GUI\AppData\Roaming\discord
2018-05-09 10:24 - 2017-09-17 14:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-09 10:22 - 2017-10-11 18:32 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-09 10:22 - 2017-09-17 14:20 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-09 10:20 - 2017-09-29 15:42 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2018-05-09 10:20 - 2017-09-29 15:41 - 000073112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-05-09 10:20 - 2017-09-29 15:41 - 000020888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2018-05-09 10:19 - 2017-09-29 15:41 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2018-05-09 08:42 - 2017-09-17 12:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-05-09 08:41 - 2017-09-17 12:59 - 000179376 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2018-05-09 08:41 - 2017-09-17 12:59 - 000169864 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2018-05-08 23:20 - 2017-11-11 13:48 - 004814040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-05-08 18:21 - 2017-09-17 19:30 - 000000000 _D C:\Users\GUI\Desktop\Rocket League Mods
2018-05-08 10:50 - 2018-03-28 22:39 - 000000000 D C:\Users\GUI\Desktop\Tools
2018-05-08 10:37 - 2017-11-23 22:27 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-08 10:37 - 2017-11-23 22:27 - 000003176 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-08 10:37 - 2017-11-23 22:27 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-08 10:37 - 2017-11-23 22:27 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-08 10:37 - 2017-11-23 22:27 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-08 10:37 - 2017-11-23 22:27 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-08 10:37 - 2017-11-23 22:27 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-08 10:34 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\Help
2018-05-08 10:34 - 2017-09-17 11:28 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-05-08 10:34 - 2017-09-17 11:28 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-05-08 10:18 - 2017-09-17 17:17 - 000000000 ____D C:\Users\GUI\Desktop\school
2018-05-08 10:17 - 2018-03-28 23:13 - 000000000 ____D C:\Users\GUI\Desktop\music2
2018-05-08 10:16 - 2017-10-06 23:59 - 000004086 _____ C:\Users\GUI\Desktop\wrkt.txt
2018-05-08 10:13 - 2017-09-17 11:29 - 000000000 ____D C:\Users\GUI\AppData\Local\VirtualStore
2018-05-08 10:05 - 2017-09-17 14:48 - 000000000 ____D C:\Users\GUI\AppData\Roaming\DAEMON Tools Pro
2018-05-07 20:05 - 2017-09-17 13:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-06 08:33 - 2017-09-25 23:52 - 000000000 ____D C:\ProgramData\Epic
2018-05-03 18:58 - 2017-09-17 17:33 - 000000000 ____D C:\Users\GUI\AppData\Roaming\HandBrake
2018-05-03 08:59 - 2015-09-13 15:39 - 000398136 __RSH C:\bootmgr
2018-05-02 13:14 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\Resources
2018-05-02 11:09 - 2017-09-17 13:12 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-05-02 11:09 - 2017-09-17 13:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-05-02 10:56 - 2017-09-17 13:29 - 000000059 _____ C:\Users\GUI\AppData\Local\UserProducts.xml
2018-05-01 23:25 - 2017-09-29 15:49 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-05-01 23:25 - 2017-09-29 15:49 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-01 21:22 - 2017-09-17 13:12 - 000000000 ____D C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Discord Inc
2018-05-01 21:22 - 2017-09-17 13:12 - 000000000 ____D C:\Users\GUI\AppData\Local\Discord
2018-05-01 20:57 - 2017-09-17 11:30 - 000002409 _____ C:\Users\GUI\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\OneDrive.lnk
2018-05-01 20:57 - 2017-09-17 11:30 - 000000000 ___RD C:\Users\GUI\OneDrive
2018-04-29 23:34 - 2017-09-17 15:00 - 000000000 ____D C:\Users\GUI\AppData\Roaming\TS3Client
2018-04-26 18:38 - 2017-09-17 13:12 - 000000000 ____D C:\Users\GUI\AppData\Local\SquirrelTemp
2018-04-26 01:31 - 2017-09-17 12:14 - 000000000 ____D C:\Program Files\Common Files\Adobe
2018-04-26 00:25 - 2017-10-31 16:43 - 000000000 ____D C:\Users\GUI\AppData\Local\Red Giant
2018-04-25 10:23 - 2018-01-23 02:57 - 000000000 ____D C:\WINDOWS\Minidump
2018-04-24 22:28 - 2017-11-17 12:29 - 000000000 ___DC C:\WINDOWS\Panther
2018-04-24 22:28 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-04-24 09:57 - 2017-09-17 12:14 - 000000000 ____D C:\Program Files\Adobe
2018-04-24 09:49 - 2017-09-17 12:17 - 000000000 ____D C:\Users\GUI\Documents\Adobe
2018-04-24 09:49 - 2017-09-17 12:10 - 000000000 ____D C:\ProgramData\Adobe
2018-04-24 09:44 - 2017-09-17 12:10 - 000000000 ____D C:\ProgramData\Package Cache
2018-04-22 13:04 - 2017-09-17 12:18 - 002480064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll

==================== Files in the root of some directories =======

2018-05-17 11:55 - 2018-05-17 11:55 - 003099008 _____ () C:\Users\GUI\ZHPDiag3.exe
2017-09-17 12:34 - 2017-09-17 15:06 - 000012258 _____ () C:\Program Files\Common Files\csdkConfiguratorLog.txt
2017-09-17 14:11 - 2018-05-13 18:30 - 000000033 _____ () C:\Users\GUI\AppData\Roaming\AdobeWLCMCache.dat
2017-10-21 11:40 - 2017-10-24 15:59 - 000000109 _____ () C:\Users\GUI\AppData\Roaming\D2Info0
2017-10-21 11:40 - 2017-10-24 16:41 - 000000008 _____ () C:\Users\GUI\AppData\Roaming\DofusAppId0_1
2017-10-23 17:21 - 2017-10-23 17:29 - 000000008 _____ () C:\Users\GUI\AppData\Roaming\DofusAppId0_2
2017-09-21 20:06 - 2017-09-21 21:56 - 000000028 _____ () C:\Users\GUI\AppData\Roaming\kulerdata.json
2018-04-24 09:47 - 2018-04-24 09:48 - 000000062 _____ () C:\Users\GUI\AppData\Roaming~SiMPLEX.ini
2018-03-30 09:53 - 2018-03-30 09:53 - 000001456 _____ () C:\Users\GUI\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-09-19 00:55 - 2017-11-06 21:23 - 000000081 _____ () C:\Users\GUI\AppData\Local\FILM_AE_LogFile.txt
2017-09-26 09:51 - 2018-05-15 09:28 - 000000600 _____ () C:\Users\GUI\AppData\Local\PUTTY.RND
2017-09-22 04:36 - 2017-09-22 04:36 - 000000717 _____ () C:\Users\GUI\AppData\Local\recently-used.xbel
2017-09-17 13:29 - 2017-09-17 13:29 - 000000003 _____ () C:\Users\GUI\AppData\Local\updater.log
2017-09-17 13:29 - 2018-05-02 10:56 - 000000059 _____ () C:\Users\GUI\AppData\Local\UserProducts.xml

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-09 20:04

==================== End of FRST.txt ============================

Fresh Addition.txt log:
[HEADING=1]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by GUI (19-05-2018 10:21:55)
Running from C:\Users\GUI\Desktop
Windows 10 Home Version 1709 16299.431 (X64) (2017-11-23 20:29:07)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================

Administrateur (S-1-5-21-4003686615-4269193129-2528438380-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4003686615-4269193129-2528438380-503 - Limited - Disabled)
GUI (S-1-5-21-4003686615-4269193129-2528438380-1001 - Administrator - Enabled) => C:\Users\GUI
Invité (S-1-5-21-4003686615-4269193129-2528438380-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4003686615-4269193129-2528438380-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32...{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe After Effects CC 2017 (HKLM-x32...\AEFT_14_2_1) (Version: 14.2.1 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Bridge CC 2017 (HKLM-x32...\KBRG_7_0) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Character Animator CC (Beta) (HKLM-x32...\ANMLBETA_1_0_6) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32...\Adobe Creative Cloud) (Version: 4.5.0.331 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32...\Adobe Flash Player NPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32...\Adobe Flash Player PPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Illustrator CC 2018 (HKLM-x32...\ILST_22_1) (Version: 22.1 - Adobe Systems Incorporated)
Adobe InDesign CC 2018 (HKLM-x32...\IDSN_13_1) (Version: 13.1 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32...{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.12 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32...\LTRM_7_3) (Version: 7.3 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2017 (HKLM-x32...\AME_11_1_2) (Version: 11.1.2 - Adobe Systems Incorporated)
Adobe Muse CC 2017 (HKLM-x32...\MUSE_2017_1_0) (Version: 2017.1.0.821 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32...\PHSP_19_1_3) (Version: 19.1.3 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32...\PPRO_11_1_2) (Version: 11.1.2 - Adobe Systems Incorporated)
AMD Ryzen Master (HKLM...{03213877-8001-4F2C-8917-26B127DE1540}) (Version: 1.0.1.0239 - Advanced Micro Devices, Inc.)
Apple Application Support (32 bits) (HKLM-x32...{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM...{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM...{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.)
Apple Software Update (HKLM-x32...{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Audacity 2.1.3 (HKLM-x32...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
AutoHotkey 1.1.26.01 (HKLM...\AutoHotkey) (Version: 1.1.26.01 - Lexikos)
Avira (HKLM-x32...{40F72BC9-0C14-4122-8930-4B037EAEAD45}) (Version: 1.2.109.23832 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32...{4b629f54-1d82-40c9-9979-4485bb58d155}) (Version: 1.2.109.23832 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32...\Avira Antivirus) (Version: 15.0.36.169 - Avira Operations GmbH & Co. KG)
BleachBit (HKLM-x32...\BleachBit) (Version: 1.12 - BleachBit)
Blizzard App (HKLM-x32...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks 3 (HKLM-x32...\BlueStacks) (Version: 3.52.65.1902 - BlueStack Systems, Inc.)
Bonjour (HKLM...{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Boris Continuum Complete 10 CE for Adobe CS5, CS6, CC (HKLM...{45F7EB88-E0B4-4B57-8C1B-A5D8A61F9A29}) (Version: 10.0.0079 - Boris FX, Inc.)
CCleaner (HKLM...\CCleaner) (Version: 5.42 - Piriform)
Classic Shell (HKLM...{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
DAEMON Tools Pro (HKLM...\DAEMON Tools Pro) (Version: 8.1.0.0660 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-4003686615-4269193129-2528438380-1001...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 397.64 - NVIDIA Corporation) Hidden
Effects Suite v11.1.10 (HKLM-x32...{4DD8EE5E-F571-4EC8-9526-E7C62FE39B19}_is1) (Version: 11.1.10 - Red Giant, LLC)
Elephorm (HKLM-x32...{1668659A-6C3E-64CC-E5AF-936A36E492AD}) (Version: 4.2.24 - UNKNOWN) Hidden
Elephorm (HKLM-x32...\ElephormDVDPlayer) (Version: 4.2.24 - UNKNOWN)
Epic Games Launcher (HKLM-x32...{886E86E6-6673-4EAD-A4FF-6E087A661F4E}) (Version: 1.1.123.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM...{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
fayIN 2.4 for After Effects CC (HKLM...{3621F3FF-A9B6-4C18-8842-B871985AE866}) (Version: 2.4.1.1 - fayteq) Hidden
fayIN License Service (HKLM...{99AF962E-47B0-4DF8-BA65-F03403DB80BC}) (Version: 1.1.0.0 - fayteq) Hidden
fayteq fayIN 2.4 for After Effects CC (HKLM-x32...{1582ee6c-39ed-474c-a751-71fe914bd8d5}) (Version: 2.4.1.1 - fayteq)
GenArts Sapphire AE (HKLM...\GenArts Sapphire AE_is1) (Version: 10.0 - Team V.R)
Google Chrome (HKLM-x32...\Google Chrome) (Version: 66.0.3359.181 - Google Inc.)
Google Update Helper (HKLM-x32...{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HandBrake 1.0.7 (HKLM-x32...\HandBrake) (Version: 1.0.7 - )
Heroes of the Storm (HKLM-x32...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Ignite Pro 2017 (HKLM...\Ignite Pro 2017_is1) (Version: 1.0.6227.12601 - Team V.R)
ImageGlass (HKLM...{D539FBEF-4AA8-4415-B66F-6367DA5D0186}_is1) (Version: 4.1.7.26 - Duong Dieu Phap)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32...{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
iTunes (HKLM...{89B08926-B965-43B5-8C71-C10433760B14}) (Version: 12.7.0.166 - Apple Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32...\LAME_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32...{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Locus Pack 1.00 (HKLM-x32...\Locus Pack 1.00) (Version: 1.00 - Video Realm Media)
Magic Bullet Suite v13.0.3 (HKLM-x32...{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 13.0.3 - Red Giant, LLC)
mamoworld.com Editing Essentials Bundle (HKLM...\Editing Essentials Bundle for Premiere Pro_is1) (Version: 1.0.10 - Team V.R)
ManiaPlanet (HKLM-x32...\ManiaPlanet_is1) (Version: - Nadeo)
Microsoft Office 365 ProPlus - en-us (HKLM...\O365ProPlusRetail - en-us) (Version: 16.0.9126.2116 - Microsoft Corporation)
Microsoft Office 365 ProPlus - fr-fr (HKLM...\O365ProPlusRetail - fr-fr) (Version: 16.0.9126.2116 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4003686615-4269193129-2528438380-1001...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM...{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32...{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32...{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM...{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32...{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32...{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32...{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32...{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32...{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32...{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32...{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Mises à jour NVIDIA 31.1.10.0 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.1.10.0 - NVIDIA Corporation) Hidden
mocha Pro Plugin V5.2.0 for AVX (HKLM...{000D5F2C-50AB-47E1-9322-6736F502A0E3}) (Version: 5.2.0 - Imagineer Systems)
mocha Pro Plugin V5.2.0 for OFX (HKLM...{2D3E6370-5C8C-4C83-870D-5E02C529ED5B}) (Version: 5.2.0 - Imagineer Systems)
mocha Pro V5.2.0-12816 (HKLM...{0B2CE768-9D51-45E8-A515-D91E8210FDFE}) (Version: 5.20.12816 - Imagineer Systems)
mocha VR Plugin V5.5.2 for Adobe (HKLM...{C5D1B3FC-ECE8-459C-AF76-BB2FBD71841B}) (Version: 5.5.2 - Imagineer Systems)
Molotov (HKU\S-1-5-21-4003686615-4269193129-2528438380-1001...\Molotov) (Version: 2.1.2 - Molotov)
Mozilla Firefox 59.0.3 (x64 en-US) (HKLM...\Mozilla Firefox 59.0.3 (x64 en-US)) (Version: 59.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
NewBlue TotalFX AEX (HKLM...\NewBlue TotalFX AEX_is1) (Version: 5.0.0.170317 - Team V.R)
Notepad++ (32-bit x86) (HKLM-x32...\Notepad++) (Version: 7.5.1 - Notepad++ Team)
NVIDIA DDS Utilities (HKLM-x32...{64963F0E-03F2-4B59-8D1B-1806545E7092}) (Version: 1.0 - )
NVIDIA GeForce Experience 3.13.1.30 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.17.0524 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32...{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA Pilote 3D Vision 397.64 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 397.64 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.37.1 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.1 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 390.41 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Pilote graphique 397.64 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 397.64 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32...{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM...{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM...{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32...{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32...{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32...\Overwatch) (Version: - Blizzard Entertainment)
Panneau de configuration NVIDIA 397.64 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 397.64 - NVIDIA Corporation) Hidden
Parsec (HKLM-x32...\Parsec) (Version: - Parsec Cloud Inc.)
Path of Building version 1.4.64 (HKLM-x32...{72FA9AB7-189F-4BDE-8856-72DEB90C157B}_is1) (Version: 1.4.64 - Openarl)
Path of Exile (HKLM-x32...{5e37eb26-2d6e-4b09-9dda-67b2c7f8d5bb}) (Version: 3.1.1.24680 - Grinding Gear Games)
Path of Exile (HKLM-x32...{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.1.1.24680 - Grinding Gear Games) Hidden
PuTTY release 0.70 (64-bit) (HKLM...{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
PuTTY release 0.70 (HKLM-x32...{0B06C05B-0069-4FE8-AC19-AAF6678FD0A8}) (Version: 0.70.0.0 - Simon Tatham)
Razer Synapse (HKLM-x32...{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.721 - Razer Inc.)
RE:Vision Effects RE:Flex v5.0.0 (HKLM...\RE:Flex 5_is1) (Version: 5.0.0 - Team V.R)
RE:Vision Effects Twixtor AE (HKLM...\Twixtor AE 6.1.0_is1) (Version: 6.1.0 - Team V.R)
RE:Vision Effects Twixtor AE (HKLM...\Twixtor AE 6.2.1_is1) (Version: 6.2.1 - Team V.R)
Realtek High Definition Audio Driver (HKLM-x32...{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8302 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32...{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.10.1 - Red Giant, LLC)
ReelSmart Motion Blur 4, After Effects-compatible plugin set (HKLM-x32...\ReelSmart Motion Blur 4, After Effects-compatible plugin set) (Version: - )
Rowbyte TV Distortion 2.0.7 CE (HKLM...\TV Distortion Bundle_is1) (Version: 2.0.7 - Team V.R)
ShareX (HKLM...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 12.1.1 - ShareX Team)
Sid Meiers Civilization VI Rise and Fall (HKLM-x32...\Sid Meiers Civilization VI Rise and Fall_is1) (Version: - )
Speccy (HKLM...\Speccy) (Version: 1.31 - Piriform)
SpeedFan (remove only) (HKLM-x32...\SpeedFan) (Version: - )
Steam (HKLM-x32...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
Trapcode Suite 14 (HKLM...\Trapcode Suite 14 v14.0) (Version: - Red Giant LLC)
Universe (HKLM...\Universe Premium_is1) (Version: 2.1 CE - Team V.R)
Unlocker 1.9.2 (HKLM...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Vicon boujou 5.0.2 (HKLM-x32...{C071157F-AB34-4D3F-A0DF-9AC544B3732E}) (Version: 5.0.2 - Vicon Motion Systems)
VLC media player (HKLM-x32...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.1.70.0 (HKLM...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Warcraft III (HKLM-x32...\Warcraft III) (Version: - Blizzard Entertainment)
WinDirStat 1.1.2 (HKU\S-1-5-21-4003686615-4269193129-2528438380-1001...\WinDirStat) (Version: - )
WinRAR 5.50 (64-bit) (HKLM...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zemana AntiMalware (HKLM-x32...{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)
ZHPFix 2015 (HKLM-x32...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4003686615-4269193129-2528438380-1001_Classes\CLSID{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 → C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] → {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] → {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] → {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ShareOverlay] → {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] → {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] → {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-05-14] ()
ContextMenuHandlers1: [AccExt] → {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] → {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] → {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-08-29] ()
ContextMenuHandlers1: [Shell Extension for Malware scanning] → {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-05-09] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] → {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] → {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-05-07] (NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] → {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-05-14] ()
ContextMenuHandlers6: [AccExt] → {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] → {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [Shell Extension for Malware scanning] → {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-05-09] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [StartMenuExt] → {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2017-08-13] (IvoSoft)
ContextMenuHandlers6: [WinRAR] → {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
FolderExtensions: → {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} => C:\Users\GUI\Downloads\OldNewExplorer64.dll [2017-08-16] (www.startisback.com)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B4A43CD-0011-4F61-80AE-E78C0C3E6AAE} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-04-22] (NVIDIA Corporation)
Task: {0EE58EAB-A9C7-4094-A9E0-222BBB0BAF7B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-03-29] (Microsoft Corporation)
Task: {264C222D-FAF0-416A-B336-E1F598352343} - System32\Tasks\Microsoft\Windows\RestartManager{48 EC5F3A-CED4-49f0-BF5B-071FDE6F818A} => C:\WINDOWS\system32\rmclient.exe [2017-09-29] (Microsoft Corporation)
Task: {280208A6-7926-4047-8027-1532A24A5DEE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-04-22] (NVIDIA Corporation)
Task: {3357EA2C-7720-4729-9DF2-9340312A1B79} - System32\Tasks\Microsoft\Office\OfficeTelemetryAge ntLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-03-29] (Microsoft Corporation)
Task: {3404E711-AEB1-432A-ACD0-1AC72FF9A5DF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-04-22] (NVIDIA Corporation)
Task: {384E1A50-CFF3-40C4-AC91-6A30E76E4EE6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-04-22] (NVIDIA Corporation)
Task: {4F2C2B85-3AA5-45D5-AF88-DB4945319725} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-04-22] (NVIDIA Corporation)
Task: {8C91392B-5160-4294-84EC-C345A61A2DA6} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE195 2-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-04-22] (NVIDIA Corporation)
Task: {9315679D-06F1-4885-B37E-7914C9EE0361} - System32\Tasks\Microsoft\Office\OfficeBackgroundTa skHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.e xe [2018-03-29] (Microsoft Corporation)
Task: {BCD54095-9E58-4307-93F6-FC79179B9DC1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-24] (Microsoft Corporation)
Task: {C3F6C890-EB5E-4677-8E86-5131A8328E91} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-04-22] (NVIDIA Corporation)
Task: {CB47C03A-2F18-4ED0-A828-884A79306CD0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAge ntFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-03-29] (Microsoft Corporation)
Task: {CC7FA977-FCE7-45F1-ABC2-3A36C4B1DBAE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTa skHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.e xe [2018-03-29] (Microsoft Corporation)
Task: {D2324FB1-57B9-406C-B591-3A1C827BB96E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-04-22] (NVIDIA Corporation)
Task: {DCF45736-A3D8-4F46-9306-EBF77A3BF090} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-24] (Microsoft Corporation)
Task: {DE09F323-BFEE-48D6-8C37-8ECAFEF93BD1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {DF699E3B-9D9F-4E98-9536-E533E54FABCF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-17] (Google Inc.)
Task: {E8DB8F8A-AC29-4380-83FB-84E877734766} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-05-09] (Avira Operations GmbH & Co. KG)
Task: {EB54E11B-CE95-4067-BC6A-FC430CE9E174} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-17] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-07-13 20:50 - 2017-07-13 20:50 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-05-08 10:34 - 2018-04-22 13:04 - 001267648 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-07-20 00:09 - 2017-07-20 00:09 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2018-02-27 20:08 - 2018-02-27 20:08 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-03-13 20:57 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\CortanaApi.dll
2018-03-13 20:57 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\Cortana.Core.dll
2018-04-26 09:51 - 2018-04-26 09:51 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0 _x64__kzf8qxf38zg5c\SkypeHost.exe
2018-04-26 09:51 - 2018-04-26 09:51 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0 _x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-04-26 09:51 - 2018-04-26 09:51 - 022320128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0 _x64__kzf8qxf38zg5c\SkyWrap.dll
2018-04-26 09:51 - 2018-04-26 09:51 - 002603008 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0 _x64__kzf8qxf38zg5c\skypert.dll
2018-05-18 09:50 - 2018-05-18 09:50 - 000084992 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.100 1.9.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-05-08 16:49 - 2018-05-08 16:49 - 001873120 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.100 1.9.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-04 20:03 - 2018-05-04 20:03 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.ex e
2018-05-04 20:03 - 2018-05-04 20:03 - 066466304 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dl l
2017-10-04 10:58 - 2017-10-04 10:58 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 031.15820.0_x64__8wekyb3d8bbwe\UnityEngineDelegate s.dll
2018-05-04 20:03 - 2018-05-04 20:03 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 031.15820.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-05-04 20:03 - 2018-05-04 20:03 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 031.15820.0_x64__8wekyb3d8bbwe\ImagePipelineNative .dll
2018-05-04 20:03 - 2018-05-04 20:03 - 004173312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 031.15820.0_x64__8wekyb3d8bbwe\MediaEngineCSWrappe r.dll
2018-05-04 20:03 - 2018-05-04 20:03 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 031.15820.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dl l
2018-04-05 12:17 - 2018-04-05 12:18 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 031.15820.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-05-04 20:03 - 2018-05-04 20:03 - 015563776 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 031.15820.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.d ll
2018-05-04 20:03 - 2018-05-04 20:03 - 004018176 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 031.15820.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-05-04 20:03 - 2018-05-04 20:03 - 003281920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 031.15820.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-04 20:03 - 2018-05-04 20:03 - 001386496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 031.15820.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia .Ink.Controls.dll
2018-02-02 12:33 - 2018-02-02 12:33 - 004601048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 031.15820.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.d ll
2018-05-04 20:03 - 2018-05-04 20:03 - 000094208 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 031.15820.0_x64__8wekyb3d8bbwe\BendRealityNode.dll
2018-05-04 20:03 - 2018-05-04 20:03 - 000878080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 031.15820.0_x64__8wekyb3d8bbwe\RuntimeConfiguratio n.dll
2018-04-05 12:17 - 2018-04-05 12:18 - 000043008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Ed it.Services.dll
2018-05-04 20:03 - 2018-05-04 20:03 - 000165888 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 031.15820.0_x64__8wekyb3d8bbwe\SKU.dll
2018-05-08 10:34 - 2018-04-22 13:04 - 001041344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4003686615-4269193129-2528438380-1001\Control Panel\Desktop\Wallpaper → C:\Users\GUI\AppData\Roaming\Microsoft\Windows\The mes\TranscodedWallpaper
DNS Servers: 192.168.0.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A01B124B-E6CC-484B-8FE5-001B49B88B5D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2A41DC35-715F-4FFE-9629-D791D8A8523A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8EF72DD8-D105-494E-AE8A-3C53B986D7F7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{333D57BF-11BB-4BF1-BFEA-0975E06776B2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5305C48C-DCFE-4545-803E-AED4E4A80D71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Move or Die\MoveOrDie.exe
FirewallRules: [{5EE1B99A-2260-436D-9565-7E85070EE8C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Move or Die\MoveOrDie.exe
FirewallRules: [{0B8E0748-4FC7-413B-806A-A5F146583A67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Move or Die\Editor.exe
FirewallRules: [{CAA6B4D6-1319-48C2-8663-5B7333213DDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Move or Die\Editor.exe
FirewallRules: [{CA83F216-A0D5-4F3A-9F8C-A45F038BC26E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Streets of Rogue\StreetsOfRogue.exe
FirewallRules: [{04C4AA3F-722F-41FD-8538-F5743A66ACA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Streets of Rogue\StreetsOfRogue.exe
FirewallRules: [{EBDF44BB-41C8-4A23-81EC-3C78E923C2C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Into the Breach\Breach.exe
FirewallRules: [{63F1C826-5C91-47D1-8287-127F346BE5EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Into the Breach\Breach.exe
FirewallRules: [{A474087E-1CC9-49D5-95C0-4293C53F8150}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\SlayTheS pire.exe
FirewallRules: [{53889C77-E347-4ADF-BAEE-5C1AA6A0912D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\SlayTheS pire.exe

==================== Restore Points =========================

17-05-2018 13:04:25 Point de contrôle planifié

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
[HEADING=1]Application errors:[/HEADING]
Error: (05/19/2018 10:21:41 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Échec de la planification du redémarrage du service de protection logicielle à 2118-04-25T08:21:41Z. Code d’erreur : 0x80070005.

Error: (05/19/2018 10:21:11 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Échec de la planification du redémarrage du service de protection logicielle à 2118-04-25T08:21:11Z. Code d’erreur : 0x80070005.

Error: (05/19/2018 10:20:41 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Échec de la planification du redémarrage du service de protection logicielle à 2118-04-25T08:20:41Z. Code d’erreur : 0x80070005.

Error: (05/19/2018 10:20:11 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Échec de la planification du redémarrage du service de protection logicielle à 2118-04-25T08:20:11Z. Code d’erreur : 0x80070005.

Error: (05/19/2018 10:19:41 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Échec de la planification du redémarrage du service de protection logicielle à 2118-04-25T08:19:41Z. Code d’erreur : 0x80070005.

Error: (05/19/2018 10:19:11 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Échec de la planification du redémarrage du service de protection logicielle à 2118-04-25T08:19:11Z. Code d’erreur : 0x80070005.

Error: (05/19/2018 10:18:41 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Échec de la planification du redémarrage du service de protection logicielle à 2118-04-25T08:18:41Z. Code d’erreur : 0x80070005.

Error: (05/19/2018 10:18:11 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Échec de la planification du redémarrage du service de protection logicielle à 2118-04-25T08:18:11Z. Code d’erreur : 0x80070005.
[HEADING=1]System errors:[/HEADING]
Error: (05/19/2018 10:09:52 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UL056C5)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-UL056C5\GUI de l’utilisateur (S-1-5-21-4003686615-4269193129-2528438380-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (05/19/2018 10:09:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Steam Client Service n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.

Error: (05/19/2018 10:09:47 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Steam Client Service.

Error: (05/19/2018 10:09:42 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UL056C5)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-UL056C5\GUI de l’utilisateur (S-1-5-21-4003686615-4269193129-2528438380-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (05/19/2018 10:01:56 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UL056C5)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Exécution pour l’application serveur COM avec le CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
et l’APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
au SID DESKTOP-UL056C5\GUI de l’utilisateur (S-1-5-21-4003686615-4269193129-2528438380-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (05/19/2018 10:01:55 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (05/19/2018 10:01:55 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (05/19/2018 10:01:55 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
[HEADING=1]CodeIntegrity:[/HEADING]
Date: 2018-05-19 10:06:54.787
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-19 10:06:54.786
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-19 10:02:34.541
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-19 10:02:34.540
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-19 10:01:57.555
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-19 10:01:57.554
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-18 22:56:51.341
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-18 22:56:51.339
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: AMD Ryzen 7 1700X Eight-Core Processor
Percentage of memory in use: 9%
Total physical RAM: 32719.39 MB
Available physical RAM: 29526.66 MB
Total Virtual: 34767.39 MB
Available Virtual: 30970.19 MB

==================== Drives ================================

Drive c: (Data) (Fixed) (Total:931.03 GB) (Free:630.54 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Disque dur) (Fixed) (Total:931.51 GB) (Free:634.73 GB) NTFS

\?\Volume{f3f4c92d-0000-0000-0000-50c2e8000000}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F3F4C92D)
Partition 1: (Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=486 MB) - (Type=27)

================================================== ======
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: C4AE9870)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

**jmarket** · 05-20-2018, 02:14 AM

Originally posted by Malnutrition

and let us know what issues remain please.

How is your pc now?

Computer might have a Malware?

Computer might have a Malware?

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment