¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ QuickDiag | g3n-h@ckm@n | 2_03.03.2016.2 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤ - Start 08/03/2016 16:36:07 Updated 03/03/2016 | 10.00 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ [DAILLY_HIST (Administrator)] - [DAILLY_HIST-LEN] SID = S-1-5-21-1244926414-3801383374-1931365685-1000 System : Windows 7 Professional (64 bits) Professional Service Pack 1 PC : LENOVO - - LENOVO_MT_10AW Processor : X64 - 3392 Mhz - Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz Bios : LENOVO - 12/16/2013 - V.FCKT46AUS CoreTemp : 29.8° C - Max : 105° C Boot: Normal boot Memory RAM = Total (MB) : 4007 | Free (MB) : 2245 Pagefile = Total (MB) : 8013 | Free (MB) : 6137 Virtual = Total (MB) : 4194 | Free (MB) : 4052 ¤¤¤¤¤¤¤¤¤¤ | Drives Q:\ -> [Fixed] | [Lenovo_Recovery] | Total : 13.67 Go | Free : 0.92 Go -> NTFS [RAID] C:\ -> [Fixed] | [Windows7_OS] | Total : 450.62 Go | Free : 378.24 Go -> NTFS [RAID] ¤¤¤¤¤¤¤¤¤¤ | Windows updates Last detection : 2015-02-13 12:53:09 Downloaded last ones : 2015-01-30 11:14:06 Installed last ones : 2015-01-30 11:33:10 Microsoft : + ¤¤¤¤¤¤¤¤¤¤ | Browsers IE : 11.0.9600.18205 (© Microsoft Corporation. Tous droits réservés.) GC : 48.0.2564.116 (Copyright 2015 Google Inc.) Default : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" ¤¤¤¤¤¤¤¤¤¤ | FlashPlayer FlashPlayer Plugin : 20.0.0.306 ¤¤¤¤¤¤¤¤¤¤ | Security AV : avast! Antivirus Disabled AS : avast! Antivirus Disabled FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Auto(2)] = Running AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ¤¤¤¤¤¤¤¤¤¤ | Running processes 388 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7601.19135) = C:\Windows\System32\smss.exe 664 | [Owner : | Parent : 552() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe 720 | [Owner : | Parent : 648() | ?????] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.1.7601.18540) = C:\Windows\System32\winlogon.exe 736 | [Owner : | Parent : 664(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.1.7601.18829) = C:\Windows\System32\services.exe 760 | [Owner : | Parent : 664(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.19135) = C:\Windows\System32\lsass.exe 768 | [Owner : | Parent : 664(wininit.exe) | ?????] - (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe 880 | [Owner : | Parent : 736(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 976 | [Owner : | Parent : 736(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 572 | [Owner : | Parent : 736(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 612 | [Owner : | Parent : 736(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 660 | [Owner : | Parent : 736(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 828 | [Owner : | Parent : 736(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 1072 | [Owner : | Parent : 572(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (6.1.7601.18741) = C:\Windows\System32\audiodg.exe 1112 | [Owner : | Parent : 736(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 1196 | [Owner : | Parent : 736(services.exe) | ?????] - (.Intel Corporation - igfxCUIService Module.) - (6.15.10.3960) = C:\Windows\System32\igfxCUIService.exe 1252 | [Owner : | Parent : 736(services.exe) | ?????] - (.DisplayLink Corp. - DisplayLinkManager Application.) - (7.5.54609.0) = C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe 1328 | [Owner : | Parent : 1252(DisplayLinkManager.exe) | ?????] - (.DisplayLink Corp. - DisplayLinkUserAgent Application.) - (7.5.54609.0) = C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe 1348 | [Owner : | Parent : 736(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 1584 | [Owner : | Parent : 736(services.exe) | ?????] - (.AVAST Software - avast! Service.) - (11.1.2245.1540) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe 1684 | [Owner : | Parent : 736(services.exe) | ?????] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe 1700 | [Owner : | Parent : 828(svchost.exe) | ?????] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe 1732 | [Owner : | Parent : 736(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 1864 | [Owner : | Parent : 736(services.exe) | ?????] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.802.11.4130) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 2004 | [Owner : | Parent : 736(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 1808 | [Owner : | Parent : 736(services.exe) | ?????] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.27.798.1) = C:\Program Files\Intel\iCLS Client\HeciServer.exe 1532 | [Owner : | Parent : 736(services.exe) | ?????] - (.Lenovo Group Limited - Camera Mute Control Service for ThinkPad.) - (3.0.42.0) = C:\Program Files\Lenovo\Communications Utility\CamMute.exe 1928 | [Owner : | Parent : 736(services.exe) | ?????] - (.Lenovo Group Limited - Microphone volume control service.) - (3.0.42.0) = C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe 1936 | [Owner : | Parent : 736(services.exe) | ?????] - (.Nitro PDF Software - Nitro PDF Spool Service.) - (7.0.0.1) = C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe 1508 | [Owner : | Parent : 736(services.exe) | ?????] - (.Nalpeiron Ltd. - This service enables products that use the Nalpeiron Licensing System.) - (7.3.4.0) = C:\Windows\SysWOW64\NLSSRV32.EXE 2236 | [Owner : | Parent : 736(services.exe) | ?????] - (.Realtek - RtlService MFC Application.) - (700.1008.1223.2013) = C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe 2356 | [Owner : | Parent : 2236(RtlService.exe) | ?????] - (.Realtek Semiconductor Corp. - RtWLan.) - (700.1685.1211.2014) = C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe 2388 | [Owner : | Parent : 736(services.exe) | ?????] - (.-.) - (1.1005.415.2014) = C:\Windows\runSW.exe 2412 | [Owner : | Parent : 736(services.exe) | ?????] - (.-.) - (0.0.0.0) = C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe 2576 | [Owner : | Parent : 2388(runSW.exe) | ?????] - (.Realtek - Switch USB2.0/USB3.0 for WinXP SP2+ ~ Win8.1.) - (500.1027.1212.2014) = C:\Windows\SwUSB.exe 2588 | [Owner : | Parent : 736(services.exe) | ?????] - (.TeamViewer GmbH - TeamViewer 10.) - (10.0.47484.0) = C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe 2692 | [Owner : | Parent : 2412(Sks8821.exe) | ?????] - (.LITEON - ELEVATED SKDHOOKS.) - (1.0.0.1) = C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\skdh8821.exe 2404 | [Owner : | Parent : 736(services.exe) | ?????] - (.Microsoft Corporation - Programme d’installation pour les modules Windows.) - (6.1.7601.17514) = C:\Windows\servicing\TrustedInstaller.exe 2748 | [Owner : | Parent : 736(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 3520 | [Owner : PROF | Parent : 736(services.exe) | 13.29 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe 3608 | [Owner : | Parent : 736(services.exe) | ?????] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.5011) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe 3620 | [Owner : PROF | Parent : 612(svchost.exe) | 29.91 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe 3632 | [Owner : PROF | Parent : 3592() | 70.77 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.19135) = C:\Windows\explorer.exe 3748 | [Owner : PROF | Parent : 2588(TeamViewer_Service.exe) | 34.91 Mo] - (.TeamViewer GmbH - TeamViewer 10.) - (10.0.47484.0) = C:\Program Files (x86)\TeamViewer\TeamViewer.exe 3908 | [Owner : PROF | Parent : 3888() | 10.73 Mo] - (.Intel Corporation - igfxEM Module.) - (6.15.10.3960) = C:\Windows\System32\igfxEM.exe 3916 | [Owner : PROF | Parent : 3888() | 8.03 Mo] - (.Intel Corporation - igfxHK Module.) - (6.15.10.3960) = C:\Windows\System32\igfxHK.exe 3932 | [Owner : PROF | Parent : 3888() | 9.21 Mo] - (.-.) - (0.0.0.0) = C:\Windows\System32\igfxTray.exe 3984 | [Owner : PROF | Parent : 3632(explorer.exe) | 9.34 Mo] - (.LITE-ON TECHNOLOGY CORP. - Skd881x Daemon.) - (2.0.2.5) = C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\Skdaemon.exe 4028 | [Owner : PROF | Parent : 3632(explorer.exe) | 9.64 Mo] - (.LITE-ON TECHNOLOGY CORP. - Lenovo Slim USB Keyboard.) - (1.0.1.4) = C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Skd8821.exe 4040 | [Owner : PROF | Parent : 3632(explorer.exe) | 6.78 Mo] - (.Lenovo Group Limited - Communications Utility launcher.) - (3.0.42.0) = C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe 4064 | [Owner : PROF | Parent : 3632(explorer.exe) | 8.98 Mo] - (.Promethean Technologies Group Ltd - ActivControl v2.) - (5.7.22.1) = C:\Program Files\Activ Software\ActivDriver\ActivControl2x64.exe 3316 | [Owner : PROF | Parent : 3632(explorer.exe) | 16.07 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe 3380 | [Owner : | Parent : 2588(TeamViewer_Service.exe) | ?????] - (.TeamViewer GmbH - TeamViewer 10.) - (10.0.47484.0) = C:\Program Files (x86)\TeamViewer\tv_w32.exe 3364 | [Owner : | Parent : 2588(TeamViewer_Service.exe) | ?????] - (.TeamViewer GmbH - TeamViewer 10.) - (10.0.47484.0) = C:\Program Files (x86)\TeamViewer\tv_x64.exe 3044 | [Owner : PROF | Parent : 2724() | 5.5 Mo] - (.Intel Corporation - iusb3mon.) - (2.5.0.19) = C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe 1660 | [Owner : PROF | Parent : 2724() | 19.11 Mo] - (.AVAST Software - avast! Antivirus.) - (11.1.2245.1540) = C:\Program Files\AVAST Software\Avast\AvastUI.exe 272 | [Owner : PROF | Parent : 2724() | 5.33 Mo] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.66.17) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 3580 | [Owner : PROF | Parent : 4064(ActivControl2x64.exe) | 14.19 Mo] - (.- ActivManager.) - (5.7.22.1) = C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe 4220 | [Owner : | Parent : 736(services.exe) | ?????] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe 4304 | [Owner : | Parent : 736(services.exe) | ?????] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe 4620 | [Owner : PROF | Parent : 4608() | 9.13 Mo] - (.Microsoft Corporation - GWX.) - (6.3.9600.18232) = C:\Windows\System32\GWX\GWX.exe 4648 | [Owner : | Parent : 736(services.exe) | ?????] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe 4688 | [Owner : | Parent : 736(services.exe) | ?????] - (.Lenovo - Power Manager Dynamic Brightness Control Service.) - (1.0.0.1) = C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.exe 4756 | [Owner : PROF | Parent : 3504() | 4.07 Mo] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (6.1.7600.16385) = C:\Windows\SysWOW64\rundll32.exe 4764 | [Owner : PROF | Parent : 4756(rundll32.exe) | 11.07 Mo] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (6.1.7600.16385) = C:\Windows\System32\rundll32.exe 4796 | [Owner : PROF | Parent : 3504() | 6.22 Mo] - (.Lenovo Group Limited - Power Manager Power Agenda.) - (1.0.0.1) = C:\Program Files (x86)\Lenovo\PowerMgr\SCHTASK.exe 4892 | [Owner : | Parent : 736(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 4992 | [Owner : PROF | Parent : 828(svchost.exe) | 6.81 Mo] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe 5044 | [Owner : PROF | Parent : 4992(taskeng.exe) | 6.7 Mo] - (.CyberLink - CyberLink MediaLibray Service.) - (7.0.0.4124) = C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe 5060 | [Owner : PROF | Parent : 4992(taskeng.exe) | 9.88 Mo] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.171) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 5068 | [Owner : PROF | Parent : 4992(taskeng.exe) | 9.45 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.912) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 1712 | [Owner : PROF | Parent : 3632(explorer.exe) | 80.72 Mo] - (.Google Inc. - Google Chrome.) - (48.0.2564.116) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 4440 | [Owner : PROF | Parent : 1712(chrome.exe) | 33.92 Mo] - (.Google Inc. - Google Chrome.) - (48.0.2564.116) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 5364 | [Owner : | Parent : 736(services.exe) | ?????] - (.Intel Corporation - IAStorDataSvc.) - (13.0.0.1098) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 5440 | [Owner : | Parent : 736(services.exe) | ?????] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (9.0.0.1323) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe 5904 | [Owner : PROF | Parent : 1712(chrome.exe) | 115.7 Mo] - (.Google Inc. - Google Chrome.) - (48.0.2564.116) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 6004 | [Owner : PROF | Parent : 1712(chrome.exe) | 121.47 Mo] - (.Google Inc. - Google Chrome.) - (48.0.2564.116) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 5752 | [Owner : DAILLY_HIST | Parent : 3632(explorer.exe) | 16.26 Mo] - (.SosVirus - QuickDiag.) - (3.3.2016.2) = C:\Users\PROF\Desktop\QuickDiag.exe 5792 | [Owner : | Parent : 4220(SearchIndexer.exe) | ?????] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchProtocolHost.exe 5776 | [Owner : Système | Parent : 4220(SearchIndexer.exe) | 6.71 Mo] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchFilterHost.exe 5092 | [Owner : PROF | Parent : 4220(SearchIndexer.exe) | 6.09 Mo] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchProtocolHost.exe ¤¤¤¤¤¤¤¤¤¤ | MD5 [MD5.9D77CC4A36FEEA644D002CFB9B2D42C0] - [24/02/2016 21:01:47] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3155.5 Ko] - (6.1.7601.19135) : C:\Windows\Explorer.exe [MD5.5746BD7E255DD6A8AFA06F7C42C1BA41] - [21/11/2010 04:23:55] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [337 Ko] - (6.1.7601.17514) : C:\Windows\System32\cmd.exe [MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [14/07/2009 00:19:49] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [7.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\csrss.exe [MD5.A8EDB86FC2A4D6D1285E4C70384AC35A] - [14/07/2009 00:59:17] - (.© Microsoft Corporation. - COM Surrogate.) - [9.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\dllhost.exe [MD5.0547E50F916294862FDAF11A4D701547] - [02/03/2016 20:16:14] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [1136 Ko] - (6.1.7601.19135) : C:\Windows\System32\Kernel32.dll [MD5.5673794F254FE312AF62D9DA32805A2F] - [02/03/2016 20:16:08] - (.© Microsoft Corporation. - Local Security Authority Process.) - [30 Ko] - (6.1.7601.19135) : C:\Windows\System32\lsass.exe [MD5.5C627D1B1138676C0A7AB2C2C190D123] - [21/11/2010 04:24:01] - (.© Microsoft Corporation. - Distributed COM Services.) - [500 Ko] - (6.1.7601.17514) : C:\Windows\System32\rpcss.dll [MD5.DD81D91FF3B0763C392422865C9AC12E] - [14/07/2009 00:57:20] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [44.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\rundll32.exe [MD5.71C85477DF9347FE8E7BC55768473FCA] - [27/10/2015 18:34:24] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [321 Ko] - (6.1.7601.18829) : C:\Windows\System32\services.exe [MD5.C78655BC80301D76ED4FEF1C1EA40A7D] - [14/07/2009 00:31:13] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [26.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\svchost.exe [MD5.06BF84D26A05D400F6B3FB3D3DE0B03A] - [13/01/2016 20:41:34] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [985 Ko] - (6.1.7601.19061) : C:\Windows\System32\user32.dll [MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [21/11/2010 04:24:28] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [30 Ko] - (6.1.7601.17514) : C:\Windows\System32\userinit.exe [MD5.94355C28C1970635A31B3FE52EB7CEBA] - [14/07/2009 00:52:37] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [126 Ko] - (6.1.7600.16385) : C:\Windows\System32\Wininit.exe [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - [23/01/2015 09:39:47] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [444.5 Ko] - (6.1.7601.18540) : C:\Windows\System32\Winlogon.exe [MD5.9A4A1EEE802BF2F878EE8EAB407B21B7] - [13/01/2016 20:35:44] - (.© Microsoft Corporation. Tous droits réservés. - Ancillary Function Driver for WinSock.) - [486 Ko] - (6.1.7601.19031) : C:\Windows\System32\Drivers\afd.sys [MD5.02062C0B390B7729EDC9E69C680A6F3C] - [14/07/2009 00:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\atapi.sys [MD5.059F00DEF82BF41E433B7ED465847726] - [30/01/2014 21:55:44] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [151.94 Ko] - (6.1.7601.18231) : C:\Windows\System32\Drivers\ataport.sys [MD5.B8BD2BB284668C84865658C77574381A] - [14/07/2009 00:19:47] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\cdfs.sys [MD5.F036CE71586E93D94DAB220D7BDF4416] - [21/11/2010 04:23:47] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\cdrom.sys [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - [21/11/2010 04:24:32] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [100 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\dfsc.sys [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - [21/11/2010 04:23:47] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [119.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\hdaudbus.sys [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - [14/07/2009 00:19:58] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [103 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\i8042prt.sys [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - [14/07/2009 01:10:03] - (.© Microsoft Corporation. - IP Network Address Translator.) - [113.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\ipnat.sys [MD5.355DF71D1DD1999E8AEDF986534B233C] - [02/03/2016 20:16:08] - (.© Microsoft Corporation. - Windows NT SMB Minirdr.) - [155.5 Ko] - (6.1.7601.19135) : C:\Windows\System32\Drivers\mrxsmb.sys [MD5.F7309F42555F8AAB7144A51A1F2585B0] - [13/01/2016 20:35:38] - (.© Microsoft Corporation. Tous droits réservés. - Pilote NDIS 6.20.) - [928.44 Ko] - (6.1.7601.19030) : C:\Windows\System32\Drivers\ndis.sys [MD5.09594D1089C523423B32A4229263F068] - [21/11/2010 04:23:51] - (.© Microsoft Corporation. - MBT Transport driver.) - [255.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\netbt.sys [MD5.47B2D0B31BDC3EBE6090228E2BA3764D] - [24/02/2016 12:12:15] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [1644.94 Ko] - (6.1.7601.19116) : C:\Windows\System32\Drivers\ntfs.sys [MD5.0086431C29C35BE1DBC43F52CC273887] - [14/07/2009 01:00:41] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [95 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\parport.sys [MD5.471815800AE33E6F1C32FB1B97C490CA] - [21/11/2010 04:24:33] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [126.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\rasl2tp.sys [MD5.1B6163C503398B23FF8B939C67747683] - [21/11/2010 04:25:07] - (.© Microsoft Corporation. - Microsoft RDP Device redirector.) - [162 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\rdpdr.sys [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - [14/07/2009 01:09:09] - (.© Microsoft Corporation. - SMB Transport driver.) - [91 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\smb.sys [MD5.04ADD18EE5CC9FBEDAEC1DD1CD0CB45E] - [23/01/2015 09:56:12] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [1858.94 Ko] - (6.1.7601.18438) : C:\Windows\System32\Drivers\tcpip.sys [MD5.AA77EB517D2F07A947294F260E3ACA83] - [13/01/2016 20:35:44] - (.© Microsoft Corporation. - TDI Translation Driver.) - [115.5 Ko] - (6.1.7601.19031) : C:\Windows\System32\Drivers\tdx.sys [MD5.0D08D2F3B3FF84E433346669B5E0F639] - [21/11/2010 04:23:47] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [288.88 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\volsnap.sys ¤¤¤¤¤¤¤¤¤¤ | Locked Applications ¤¤¤¤¤¤¤¤¤¤ | Explorer.exe component call (Microsoft Files Whitelisted) ¤¤¤¤¤¤¤¤¤¤ | Svchost.exe component call (Microsoft Files Whitelisted) ¤¤¤¤¤¤¤¤¤¤ | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ¤¤¤¤¤¤¤¤¤¤ | Startings up [HKU\S-1-5-18\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"=C:\Windows\System32\mctadmin.exe [14/07/2009 00:54:49] [HKU\S-1-5-20\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"=C:\Windows\System32\mctadmin.exe [14/07/2009 00:54:49] [HKU\S-1-5-19\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Enhanced Performance Keyboard"=C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe [08/08/2012 22:50:00] "Skd8821"=C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Skd8821.exe [23/03/2011 01:36:44] "LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [31/05/2014 07:41:31] "ActivControl"=C:\Program Files\Activ Software\ActivDriver\ActivControl2x64.exe [17/12/2010 14:46:44] [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce] "MSPCLOCK"=rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000} "MSPQM"=rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196} "MSKSSRV"=rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196} "MSTEE.CxTransform"=rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install "MSTEE.Splitter"=rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install "WDM_DRMKAUD"=rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "Power Manager Startup Utility"=C:\Program Files (x86)\Lenovo\PowerMgr\DPMHost.exe [31/05/2014 07:41:07] "Lenovo Registration"=C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "20150107"=C:\Program Files\AVAST Software\Avast\setup\emupdate\95dafd28-971b-4d18-8b21-c4930b3d50a4.exe /check ""= [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 ¤¤¤¤¤¤¤¤¤¤ | Startings up registry ¦ Folder ¤¤¤¤¤¤¤¤¤¤ | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "RCDependentServices"=CertPropSvc SessionEnv "NotificationTimeOut"=0 "SnapshotMonitors"=1 "ProductVersion"=5.1 "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "fDenyTSConnections"=1 "StartRCM"=0 "TSAdvertise"=0 "DeleteTempDirsOnExit"=1 "fSingleSessionPerUser"=1 "PerSessionTempDir"=0 "TSUserEnabled"=0 "InstanceID"=21e691ba-534b-4b71-aeee-b8634a0 "fCredentialLessLogonSupported"=1 "fCredentialLessLogonSupportedTSS"=1 "fCredentialLessLogonSupportedKMRDP"=1 [HKLM\System\CurrentControlSet\Control\Session Manager] "CriticalSectionTimeout"=2592000 "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "ProcessorControl"=2 "ResourceTimeoutCount"=648000 "BootExecute"=autocheck autochk * "ExcludeFromKnownDlls"= "ObjectDirectories"=\Windows \RPC Control "ProtectionMode"=1 "NumberOfInitialSessions"=2 "SetupExecute"= [HKLM\System\CurrentControlSet\Control] "PreshutdownOrder"=wuauserv gpsvc trustedinstaller "WaitToKillServiceTimeout"=12000 "CurrentUser"=USERNAME "BootDriverFlags"=0 "ServiceControlManagerExtension"=%systemroot%\system32\scext.dll "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) [HKLM\System\CurrentControlSet\Control\lsa] "auditbaseobjects"=0 "auditbasedirectories"=0 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "Bounds"=0x0030000000200000 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=scecli "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u "Authentication Packages"=msv1_0 "LsaPid"=760 "SecureBoot"=1 "ProductType"=6 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 ¤¤¤¤¤¤¤¤¤¤ | .LNK C:\Users\DAILLY_HIST\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk (/prefetch:1) C:\Users\DAILLY_HIST\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk (/SendTo) C:\Users\DAILLY_HIST\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk (--sendto) C:\Users\DAILLY_HIST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk (/name Microsoft.EaseOfAccessCenter) C:\Users\DAILLY_HIST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( -extoff) C:\Users\PROF\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk (/prefetch:1) C:\Users\PROF\AppData\Roaming\Microsoft\PowerPoint\Td%20la%20vallée305044302165541079\Td%20la%20vallée.ppt.lnk (0) C:\Users\PROF\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk (/SendTo) C:\Users\PROF\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk (--sendto) C:\Users\PROF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk (/name Microsoft.EaseOfAccessCenter) C:\Users\PROF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( -extoff) C:\Users\Public\Desktop\REALTEK USB Wireless LAN Utility.lnk (/1) C:\ProgramData\Lenovo\LenovoTvtTools\Lenovo Device Experience.lnk (/c) C:\ProgramData\Lenovo\LenovoTvtTools\Lenovo Think.lnk (/c) C:\ProgramData\Lenovo\LenovoTvtTools\Lenovo ThinkVantage Tools.lnk (::{26EE0668-A00A-44D7-9371-BEB064C98683}\2\::{A8A91A66-3A7D-4424-8D24-04E180695C7A}\Provider%5CMicrosoft.Base.DeviceDisplayObjects//DDO:%7B00000000-0000-0000-FFFF-FFFFFFFFFFFF%7D\cat{8AA6B0C2-14A6-4da8-BF36-F7D93ACE9ACE}) C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk (/name Microsoft.DefaultPrograms) C:\ProgramData\Microsoft\Windows\Start Menu\Evernote Installer.lnk (C:\SWTOOLS\Evernote\MODULECUST\SETUP.cmd) C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk (startmenu) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Device Experience.lnk (/c) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Slim USB Keyboard.lnk (-show) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools.lnk (::{26EE0668-A00A-44D7-9371-BEB064C98683}\2\::{A8A91A66-3A7D-4424-8D24-04E180695C7A}\Provider%5CMicrosoft.Base.DeviceDisplayObjects//DDO:%7B00000000-0000-0000-FFFF-FFFFFFFFFFFF%7D\cat{8AA6B0C2-14A6-4da8-BF36-F7D93ACE9ACE}) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk (/OEM) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk (/showgadgets) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk (/open) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk (%SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk (-SpeechUX) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk (/res) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activ Software\ActivInspire\Express Poll.lnk (-v) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk (-NoExit -ImportSystemModules) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\A propos de Java.lnk (-tab about) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Rechercher les mises à jour.lnk (-tab update) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk (/name Microsoft.BackupAndRestore) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft InfoPath Designer 2010.lnk ( /design) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK USB Wireless LAN Utility\REALTEK USB Wireless LAN Utility.lnk (/1) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK USB Wireless LAN Utility\Uninstall.lnk (-uninst) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk (-nogui) TWCU.exe>�EGM\EGM\*�d�TWCU.exe�8��J�Windows7_ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK\Uninstall - TP-LINK TL-WN881ND Driver.lnk (-runfromtemp -removeonly DriverOnly) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK\Uninstall - TP-LINK Wireless Configuration Utility.lnk (-runfromtemp -removeonly) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk (--reset-config --reset-plugins-cache vlc://quit) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk (-Iskins) ¤¤¤¤¤¤¤¤¤¤ | AppCertDlls | AppInit_DLLs ¤¤¤¤¤¤¤¤¤¤ | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ¤¤¤¤¤¤¤¤¤¤ | Policies | Registry ¤¤¤¤¤¤¤¤¤¤ | Winlogon [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin "BuildNumber"=7601 "FirstLogon"=0 "ParseAutoexec"=1 [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin "BuildNumber"=7601 "FirstLogon"=0 "ParseAutoexec"=1 [HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin [HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Userinit"=C:\Windows\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "ShutdownWithoutLogon"=0 "WinStationsDisabled"=0 "DisableCAD"=1 "scremoveoption"=0 "ShutdownFlags"=43 "AutoAdminLogon"=0 "DefaultUserName"=DAILLY_HIST [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "DefaultDomainName"= "DefaultUserName"= "Userinit"=userinit.exe "VMApplet"=SystemPropertiesPerformance.exe /pagefile ¤¤¤¤¤¤¤¤¤¤ | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\WOW6432Node\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [24/02/2016 21:06:03] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [24/02/2016 21:06:03] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ¤¤¤¤¤¤¤¤¤¤ | AppcompatFlags [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Users\PROF\Downloads\install_flashplayer16x32_mssd_aaa_aih.exe"=1 "\\LACIE-CLOUDBOX\Family\TBI\vlc-2.1.5-win64.exe"=1 "C:\Users\PROF\AppData\Local\Temp\AIR58C9.tmp\Adobe AIR Installer.exe"=1 "C:\Users\PROF\Documents\Office2010ProfessionalPlusFR.1.exe"=1 "C:\Users\PROF\Downloads\Office2010ProfessionalPlusFR.1.exe"=1 "SIGN.MEDIA=5198BA setup.exe"=1 "C:\Users\PROF\Desktop\Office2010ProfessionalPlusFR.1.exe"=1 "C:\Users\PROF\Downloads\UnknownDeviceIdentifier.exe"=1 "C:\Users\PROF\Downloads\setup.exe"=1 "C:\Users\PROF\Desktop\AM1.exe"=1 "C:\Users\PROF\Desktop\UsbFix_2016_8.195.exe"=1 [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Program Files\MLPS\APPS\MUIInstaller\LENMNC.exe"=1 "C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\uninstall.exe"=1 "C:\Program Files (x86)\Lenovo\System Update\TvsuCommandLauncher.exe"=1 "C:\Program Files (x86)\Lenovo\System Update\tvsu.exe"=1 "\\LACIE-CLOUDBOX\Family\TBI\avast_free_antivirus_setup01.exe"=1 "C:\Users\DAILLY_HIST\Downloads\avast_free_antivirus_setup_online.exe"=1 "\\LACIE-CLOUDBOX\Family\TBI\ActivDriver_x64_v5.10.14_setup.exe"=1 "C:\Users\DAILLY_HIST\Downloads\install_flashplayer16x32pp_mssd_aaa_aih.exe"=1 "C:\Users\DAILLY_HIST\Downloads\ActivInspireSuite+v2.3.65940+fr+setup.exe"=1 "C:\Users\DAILLY_HIST\Downloads\DTLite4491-0356.exe"=1 "SIGN.MEDIA=71426 SETUP.EXE"=1 "C:\Users\DAILLY_HIST\Desktop\Maintenance\TeamViewer_Setup_fr.exe"=1 "C:\Users\DAILLY~1\AppData\Local\Temp\AIR8D8F.tmp\Adobe AIR Installer.exe"=1 ¤¤¤¤¤¤¤¤¤¤ | IFEO ¤¤¤¤¤¤¤¤¤¤ | Mountpoints2 [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{d9ffedc3-e9f3-11e3-a721-806e6f6e6963}] : Q:\LenovoQDrive.exe (AutoRun) [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ec1d7f5e-a855-11e4-8ee8-4437e6e171b2}] : D:\SETUP.EXE (AutoRun) [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ec1d7f5e-a855-11e4-8ee8-4437e6e171b2}] : D:\SETUP.EXE (configure) [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ec1d7f5e-a855-11e4-8ee8-4437e6e171b2}] : D:\SETUP.EXE (install) [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{d9ffedc3-e9f3-11e3-a721-806e6f6e6963}] : Q:\LenovoQDrive.exe (AutoRun) ¤¤¤¤¤¤¤¤¤¤ | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ¤¤¤¤¤¤¤¤¤¤ | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=128920218544262440 "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=1 "DisableRoutinelyTakingAction"=0 "ProductStatus"=0 "InstallTime"=0x77B1C1998B31D001 [HKLM\Software\WOW6432Node\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ¤¤¤¤¤¤¤¤¤¤ | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] ¤¤¤¤¤¤¤¤¤¤ | Winsock (Whitelist) ¤¤¤¤¤¤¤¤¤¤ | Hosts ¤¤¤¤¤¤¤¤¤¤ | @ [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet settings] "EnableNegotiate"=1 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "IE5_UA_Backup_Flag"=5.0 "ZonesSecurityUpgrade"=0x596D97A94839D001 "ProxyEnable"=0 "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "WarnOnPost"=0x01000000 "UrlEncoding"=0 "SecureProtocols"=2688 "PrivacyAdvanced"=0 "DisableCachingOfSSLPages"=0 "WarnonZoneCrossing"=0 "CertificateRevocation"=1 "MigrateProxy"=1 [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes "Enable Browser Extensions"=yes "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\Windows\system32\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "XMLHTTP"=1 "NoUpdateCheck"=1 "DisableScriptDebuggerIE"=yes "UseClearType"=no "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=http://lenovo13-comm.msn.com/?pc=LNJB "Default_Page_URL"=http://lenovo13-comm.msn.com/?pc=LNJB "DisableFirstRunCustomize"=3 "Secondary Start Pages"=http://home.lenovo.com "Default_Secondary_Page_URL"=http://home.lenovo.com "ImageStoreRandomFolder"=kiq1jz8 "OperationalData"=5 "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2300000023000000D3040000C6020000 "DoNotTrack"=1 "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0x8D1D0D53803CD001 [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "WarnOnPost"=0x01000000 "UrlEncoding"=0 "SecureProtocols"=2688 "PrivacyAdvanced"=0 "ZonesSecurityUpgrade"=0x596D97A94839D001 "DisableCachingOfSSLPages"=0 "WarnonZoneCrossing"=0 "CertificateRevocation"=1 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\Windows\system32\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "XMLHTTP"=1 "NoUpdateCheck"=1 "DisableScriptDebuggerIE"=yes "UseClearType"=no "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=http://lenovo13-comm.msn.com/?pc=LNJB "Default_Page_URL"=http://lenovo13-comm.msn.com/?pc=LNJB "DisableFirstRunCustomize"=3 "Secondary Start Pages"=http://home.lenovo.com "Default_Secondary_Page_URL"=http://home.lenovo.com "OperationalData"=5 "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF550000005500000005050000F8020000 "ImageStoreRandomFolder"=j4m787d "DoNotTrack"=1 "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0x52050A40F436D001 "DownloadWindowPlacement"=0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "DefSpellLang"=fr-FR "Use FormSuggest"=no [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "WarnOnPost"=0x01000000 "UrlEncoding"=0 "SecureProtocols"=2688 "PrivacyAdvanced"=0 "ZonesSecurityUpgrade"=0xC24B65708B31D001 "DisableCachingOfSSLPages"=0 "WarnonZoneCrossing"=0 "CertificateRevocation"=1 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 [HKLM\Software\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "TabProcGrowth"=Medium [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Local Page"=C:\Windows\SysWOW64\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "TabProcGrowth"=Medium [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files ¤¤¤¤¤¤¤¤¤¤ | reparsepoint ¤¤¤¤¤¤¤¤¤¤ | Detection of offsets ¤¤¤¤¤¤¤¤¤¤ | Notify [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] : igfxdev.dll ¤¤¤¤¤¤¤¤¤¤ | SSODL | SEH | URLSH | STS [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=Groove GFS Stub Execution Hook ¤¤¤¤¤¤¤¤¤¤ | Toolbar [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 "ShowDiscussionButton"=Yes [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={EC4AF497-F369-4DDC-8E52-ED2299BD60FF} "DefaultPackCorrection"=1 "KnownProvidersUpgradeTime"=0x5336164C803CD001 "Version"=4 "UpgradeTime"=0xB28E324E803CD001 [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 "ShowDiscussionButton"=Yes [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={EC4AF497-F369-4DDC-8E52-ED2299BD60FF} "KnownProvidersUpgradeTime"=0xDF320843F436D001 "Version"=4 "UpgradeTime"=0x6801C34C0337D001 "DefaultPackCorrection"=1 "DefaultPackNTCorrection"=1 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={EC4AF497-F369-4DDC-8E52-ED2299BD60FF} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "Locked"=0 [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={EC4AF497-F369-4DDC-8E52-ED2299BD60FF} ¤¤¤¤¤¤¤¤¤¤ | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (&Envoyer à OneNote) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (Notes &liées OneNote) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (&Envoyer à OneNote) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (Notes &liées OneNote) - [] ¤¤¤¤¤¤¤¤¤¤ | SearchScopes [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC4AF497-F369-4DDC-8E52-ED2299BD60FF}] - () - : [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC4AF497-F369-4DDC-8E52-ED2299BD60FF}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC4AF497-F369-4DDC-8E52-ED2299BD60FF}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LNJB : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{EC4AF497-F369-4DDC-8E52-ED2299BD60FF}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LNJB : ¤¤¤¤¤¤¤¤¤¤ | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] -> (Groove GFS Browser Helper) : C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [19/12/2013 00:41:02] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> (avast! Online Security) : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [11/01/2016 15:28:21] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] -> (Office Document Cache Handler) : C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [06/03/2013 07:37:48] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] -> (Groove GFS Browser Helper) : C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [19/12/2013 00:41:02] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [27/10/2015 17:24:01] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> (avast! Online Security) : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [11/01/2016 15:28:21] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] -> (Office Document Cache Handler) : C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [06/03/2013 07:37:48] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [27/10/2015 17:24:01] ¤¤¤¤¤¤¤¤¤¤ | Chrome C:\Users\DAILLY_HIST\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\DAILLY_HIST\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\DAILLY_HIST\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\DAILLY_HIST\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf = : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx C:\Users\DAILLY_HIST\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\DAILLY_HIST\AppData\Local\Google\Chrome\User Data\Default\extensions\gomekmidlodglbbmalcneegieacbdmki = : Avast Browser Security and Web Reputation Plugin. - Avast Online Security - https://clients2.google.com/service/update2/crx C:\Users\DAILLY_HIST\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\DAILLY_HIST\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx C:\Users\PROF\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\PROF\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\PROF\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\PROF\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\PROF\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf = : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx C:\Users\PROF\AppData\Local\Google\Chrome\User Data\Default\extensions\ejgfoklefkbjadjcgjmnhfbdfjolojnn = : WebFilter Pro is cloud based web filtering application protecting your family browsing by monitoring millions web sites - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\PROF\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\PROF\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\PROF\AppData\Local\Google\Chrome\User Data\Default\extensions\gomekmidlodglbbmalcneegieacbdmki = : Avast Browser Security and Web Reputation Plugin. - Avast Online Security - https://clients2.google.com/service/update2/crx C:\Users\PROF\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\PROF\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki] ¤¤¤¤¤¤¤¤¤¤ | Opera ¤¤¤¤¤¤¤¤¤¤ | Firefox [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF "sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF [HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 20.0.0.306 Plugin) : C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] - (Office Authorization plug-in for NPAPI browsers) : C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 20.0.0.306 Plugin) : C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72] - (Intel IPT WebApi plugin) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] - (This plugin updates Intel WebAPI component) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.66.2] - (Java™ Deployment Toolkit) : C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.66.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] - (Office Authorization plug-in for NPAPI browsers) : C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@nitropdf.com/NitroPDF] - (NitroPDF Web Browser Plugin) : C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll ¤¤¤¤¤¤¤¤¤¤ | Active Connections ¤¤¤¤¤¤¤¤¤¤ | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.0.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{469C4945-9C13-4A9C-8D11-BAA9CA9F0314}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{75953341-0732-4F49-A1F1-5D7A19E89980}] "DhcpNameServer"=192.168.0.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{75953341-0732-4F49-A1F1-5D7A19E89980}] "NameServer"=208.67.222.123,208.67.220.123 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{8F8CC26E-EF9F-4FBF-AB63-456B28C0DEAD}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{469C4945-9C13-4A9C-8D11-BAA9CA9F0314}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{75953341-0732-4F49-A1F1-5D7A19E89980}] "DhcpNameServer"=192.168.0.1 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{75953341-0732-4F49-A1F1-5D7A19E89980}] "NameServer"=208.67.222.123,208.67.220.123 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{8F8CC26E-EF9F-4FBF-AB63-456B28C0DEAD}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{469C4945-9C13-4A9C-8D11-BAA9CA9F0314}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{75953341-0732-4F49-A1F1-5D7A19E89980}] "DhcpNameServer"=192.168.0.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{75953341-0732-4F49-A1F1-5D7A19E89980}] "NameServer"=208.67.222.123,208.67.220.123 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{8F8CC26E-EF9F-4FBF-AB63-456B28C0DEAD}] "DhcpNameServer"=192.168.1.1 ¤¤¤¤¤¤¤¤¤¤ | Applications [HKLM\SOFTWARE\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\ois.exe] : C:\PROGRA~2\MICROS~1\Office14\OIS.EXE /shellOpen "%1" [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ois.exe] : C:\PROGRA~2\MICROS~1\Office14\OIS.EXE /shellOpen "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ¤¤¤¤¤¤¤¤¤¤ | Svchost - Netsvcs (Whitelisted) Term - : ¤¤¤¤¤¤¤¤¤¤ | Software [HKU\S-1-5-18\Software\Lenovo] [HKU\S-1-5-18\Software\Local AppWizard-Generated Applications] [HKU\S-1-5-18\Software\Microsoft] [HKU\S-1-5-18\Software\NITRO] [HKU\S-1-5-18\Software\Policies] [HKU\S-1-5-18\Software\Promethean] [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-18\Software\Microsoft\Windows\DWM] [HKU\S-1-5-18\Software\Microsoft\Windows\ShellNoRoam] [HKU\S-1-5-18\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Adobe] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\AppDataLow] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\AVAST Software] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\BordboekPlus] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Clients] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\CyberLink] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Disc Soft] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Google] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Intel] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\JavaSoft] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Leadertech] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Lenovo] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\LTON_HIS] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Macromedia] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Microsoft] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\MozillaPlugins] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Netscape] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\NITRO] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\ODBC] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\PenPower] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Policies] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Promethean] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Realtek] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\TeamViewer] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\TechSmith] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Trolltech] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\WinRAR] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Wow6432Node] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\{B2CB09FF-2453-4f85-9F40-21C05BE4CBA8}] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\SOFTWARE\AppDataLow\Software\JavaSoft] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Adobe] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\AppDataLow] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\AVAST Software] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Clients] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\CyberLink] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Disc Soft] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\DriverTuner] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\DriverTuner_Init] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\g3n-h@ckm@n] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Google] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Intel] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Leadertech] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Lenovo] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Local AppWizard-Generated Applications] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\LTON_HIS] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Macromedia] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Microsoft] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\MozillaPlugins] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Netscape] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\NITRO] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Norton] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\ODBC] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Policies] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Promethean] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Realtek] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Sysinternals] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\TeamViewer] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\TeleCharger] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Trolltech] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\UsbFix] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\VB and VBA Program Settings] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\WinRAR] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\WinRAR SFX] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Wow6432Node] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\ZebHelpProcess Helper] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\{B2CB09FF-2453-4f85-9F40-21C05BE4CBA8}] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\SOFTWARE\AppDataLow\Software\JavaSoft] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-1244926414-3801383374-1931365685-1000\Software\Microsoft\Windows NT\CurrentVersion] [HKU\S-1-5-20\Software\AppDataLow] [HKU\S-1-5-20\Software\Microsoft] [HKU\S-1-5-20\Software\Policies] [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-20\Software\Microsoft\Windows\DWM] [HKU\S-1-5-20\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-20\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion] [HKU\S-1-5-19\Software\AppDataLow] [HKU\S-1-5-19\Software\Microsoft] [HKU\S-1-5-19\Software\Policies] [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-19\Software\Microsoft\Windows\DWM] [HKU\S-1-5-19\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-19\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\Activ Software] [HKLM\Software\ATI Technologies] [HKLM\Software\CBSTEST] [HKLM\Software\Clients] [HKLM\Software\DisplayLink] [HKLM\Software\Dolby] [HKLM\Software\DTS] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\IBM] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Knowles] [HKLM\Software\Lenovo] [HKLM\Software\LTON_HIS] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nahimic] [HKLM\Software\Nitro] [HKLM\Software\Norton] [HKLM\Software\Nuance] [HKLM\Software\ODBC] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RTLSetup] [HKLM\Software\Sonic] [HKLM\Software\SonicFocus] [HKLM\Software\SRS Labs] [HKLM\Software\Symantec] [HKLM\Software\sysinternals] [HKLM\Software\VideoLAN] [HKLM\Software\Waves Audio] [HKLM\Software\WinRAR] [HKLM\Software\Wow6432Node] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GPSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\Software\WOW6432Node\Activ Software] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\AVAST Software] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\Disc Soft] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\InstallShield] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Lenovo] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Nitro] [HKLM\Software\WOW6432Node\Norton] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\RtWLan] [HKLM\Software\WOW6432Node\SOSVirus] [HKLM\Software\WOW6432Node\SwUSB] [HKLM\Software\WOW6432Node\Symantec] [HKLM\Software\WOW6432Node\TeamViewer] [HKLM\Software\WOW6432Node\TP-LINK] [HKLM\Software\WOW6432Node\TrendMicro] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\DisplayLink] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ¤¤¤¤¤¤¤¤¤¤ | Drives Q: [31/05/2014 07:41:29] - |N| - (.Copyright Lenovo 2008. - Lenovo Factory Backup Partition Information.) - [267576] - (1.0.1.0) - Q:\LenovoQDrive.exe C: ¤¤¤¤¤¤¤¤¤¤ | C:\Windows [MD5.637277FEEC95A17CC608B68DFDD054BF] - [17/12/2010 14:46:46] - (.Copyright (C) 2006 - ActivDrv Dynamic Link Library.) - [257888] - (5.7.22.1) - C:\Windows\ActivDRV.dll [14/07/2009 06:32:38] - |D| - [802] - C:\Windows\addins [14/07/2009 04:20:08] - |D| - [24210984] - C:\Windows\AppCompat [14/07/2009 04:20:08] - |D| - [10973398] - C:\Windows\AppPatch [14/07/2009 04:20:08] - |RSD| - [1733572885] - C:\Windows\assembly [MD5.748D1F5A0495A1AA9D44FB51B4C13271] - [11/01/2016 15:28:23] - (.Copyright (c) 2014 AVAST Software - avast! Screen Saver stub.) - [43112] - (11.1.2245.1540) - C:\Windows\avastSS.scr [MD5.317CD1CE327B6520BF4EE007BCD39E61] - [21/11/2010 04:24:22] - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [71168] - (6.1.7601.17514) - C:\Windows\bfsvc.exe [14/07/2009 04:20:09] - |D| - [29062678] - C:\Windows\Boot [MD5.FE322E8151659D807AC9F7281FB05D92] - [14/07/2009 06:38:36] - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [14/07/2009 04:20:09] - |D| - [3233280] - C:\Windows\Branding [02/06/2014 02:19:36] - |D| - [0] - C:\Windows\CSC [MD5.D520230AB260B3AD3A844571D52D2CFC] - [31/05/2014 06:22:49] - (.-.) - [12] - (0.0.0.0) - C:\Windows\CSUP.TXT [MD5.96D70A796152BB6758F657557B937AEE] - [27/10/2015 12:49:53] - (.© 1996 - 2015 Daniel Stenberg, . - The cURL executable.) - [875520] - (7.40.0.0) - C:\Windows\curl.exe [14/07/2009 04:20:09] - |D| - [2113488] - C:\Windows\Cursors [31/05/2014 06:47:38] - |D| - [0] - C:\Windows\de-DE [MD5.7273A7454CEA7E704F4331C6222AF4BF] - [31/05/2014 06:42:56] - (.-.) - [37121862] - (0.0.0.0) - C:\Windows\de-de.log [MD5.D0EE74E1E540A912AF9901C54A43F042] - [31/05/2014 07:07:41] - (.-.) - [341492] - (0.0.0.0) - C:\Windows\DE-DE_IE11.log [14/07/2009 05:45:54] - |D| - [6033] - C:\Windows\debug [14/07/2009 06:32:38] - |D| - [3044378] - C:\Windows\diagnostics [14/07/2009 06:37:46] - |D| - [0] - C:\Windows\DigitalLocker [MD5.0CB5E486C56913914A7373611E9B88FC] - [30/01/2014 22:45:52] - (.-.) - [10375572] - (0.0.0.0) - C:\Windows\dotnet45-MSI_netfx_Full_x64.msi.txt [MD5.A44A140BB4ADC4D236304BF8D44B1254] - [30/01/2014 22:45:49] - (.-.) - [696852] - (0.0.0.0) - C:\Windows\dotnet45.html [31/05/2014 07:41:50] - |D| - [62405632] - C:\Windows\Downloaded Installations [14/07/2009 06:32:38] - |D| - [65] - C:\Windows\Downloaded Program Files [MD5.55365566EC868D5EDBEA43163CB6D9CF] - [31/05/2014 07:29:11] - (.-.) - [9816] - (0.0.0.0) - C:\Windows\DPINST.LOG [MD5.3A957DFE004F32C25C90DD45537A3372] - [14/07/2009 05:46:06] - (.-.) - [4822] - (0.0.0.0) - C:\Windows\DtcInstall.log [03/02/2014 15:34:00] - |D| - [118084593] - C:\Windows\ehome [MD5.FFC9AB7202AFD23A4D5C487062A8B746] - [31/05/2014 07:05:43] - (.-.) - [2002967] - (0.0.0.0) - C:\Windows\EN_IE11.log [MD5.9D77CC4A36FEEA644D002CFB9B2D42C0] - [24/02/2016 21:01:47] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3231232] - (6.1.7601.19135) - C:\Windows\explorer.exe [MD5.D41D8CD98F00B204E9800998ECF8427E] - [16/01/2015 13:52:20] - (.-.) - [0] - (0.0.0.0) - C:\Windows\firstboot.dat [14/07/2009 04:20:09] - |RSD| - [397707863] - C:\Windows\Fonts [31/05/2014 06:52:15] - |D| - [142848] - C:\Windows\fr-FR [MD5.7308E683CFE23BBD4C76F3F29EC4C8D9] - [31/05/2014 06:48:23] - (.-.) - [37131981] - (0.0.0.0) - C:\Windows\fr-fr.log [MD5.43C6EE61C9144773EFA999EBC1F46C2D] - [31/05/2014 07:08:37] - (.-.) - [341677] - (0.0.0.0) - C:\Windows\fr-FR_IE11.log [MD5.92BB2E9AA28542C685C59EFCBAC2490B] - [14/07/2009 00:22:13] - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de chiffrement de lecteur BitLocker.) - [15360] - (6.1.7600.16385) - C:\Windows\fveupdate.exe [MD5.36DADC207D52F4911EFCCFA285B9BB53] - [16/01/2015 13:52:21] - (.-.) - [10] - (0.0.0.0) - C:\Windows\getvol.scp [14/07/2009 04:20:09] - |D| - [94173528] - C:\Windows\Globalization [14/07/2009 04:20:09] - |D| - [48012565] - C:\Windows\Help [MD5.CD47548A52B02D254BF6D7F7A5F2BFD3] - [14/07/2009 01:29:53] - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [733696] - (6.1.7600.16385) - C:\Windows\HelpPane.exe [MD5.3D0B9EA79BF1F828324447D84AA9DCE2] - [14/07/2009 01:29:03] - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [16896] - (6.1.7600.16385) - C:\Windows\hh.exe [MD5.0D776C3A36F2B6E657939BB96096E070] - [21/11/2010 08:16:47] - (.-.) - [48223] - (0.0.0.0) - C:\Windows\HomeBasic.xml [14/07/2009 04:20:09] - |D| - [143547244] - C:\Windows\IME [14/07/2009 04:20:10] - |D| - [149289152] - C:\Windows\inf [30/01/2014 22:45:52] - |SHD| - [4503583610] - C:\Windows\Installer [MD5.28BF02EB163238DE5E8F4291160509CB] - [31/05/2014 06:52:58] - (.-.) - [37132526] - (0.0.0.0) - C:\Windows\it-it.log [MD5.5F2D1C07CD77F1B855EE8F1A2D9F90FB] - [31/05/2014 07:09:35] - (.-.) - [341934] - (0.0.0.0) - C:\Windows\IT-IT_IE11.log [MD5.ADE3C99B5E2F187CFC707C8526DC4DE1] - [31/05/2014 07:02:27] - (.-.) - [1073622] - (0.0.0.0) - C:\Windows\KB2533623.log [MD5.2D28C6486AC892F2076515120D592B3C] - [31/05/2014 07:02:51] - (.-.) - [2342505] - (0.0.0.0) - C:\Windows\KB2670838.log [MD5.E4FF5C0BBD8C1D051E3A51FBB237C287] - [31/05/2014 07:03:47] - (.-.) - [122103] - (0.0.0.0) - C:\Windows\KB2729094-V2.log [MD5.2884E89C0C3D2C70AAC619452288D69C] - [31/05/2014 07:04:06] - (.-.) - [2229711] - (0.0.0.0) - C:\Windows\KB2731771.log [MD5.62939BD5C34A603D1CFDF33848E8CA46] - [31/05/2014 07:04:44] - (.-.) - [59913] - (0.0.0.0) - C:\Windows\KB2786081.log [MD5.21D9C7077D1BFADAFEB6198D4C450414] - [31/05/2014 07:04:52] - (.-.) - [79024] - (0.0.0.0) - C:\Windows\KB2834140-V2.log [MD5.9E4D8D0764D2913825044BCC379B6D87] - [31/05/2014 07:05:08] - (.-.) - [248957] - (0.0.0.0) - C:\Windows\KB2882822.log [MD5.775959218E9CA5D59732BC7D0CA426C8] - [31/05/2014 07:05:19] - (.-.) - [411555] - (0.0.0.0) - C:\Windows\KB2888049.log [14/07/2009 04:20:10] - |D| - [48371] - C:\Windows\L2Schemas [MD5.E4D6540F99F187BAB7D5E0F47E5969A9] - [31/05/2014 07:42:59] - (.-.) - [629145600] - (0.0.0.0) - C:\Windows\lenovo_fastboot.img [MD5.983B221C830FE563AA246FC917A8DF37] - [17/12/2010 14:47:02] - (.Copyright (C) Promethean Ltd 2010 - libactivboardex Dynamic Link Library.) - [231792] - (5.7.22.1) - C:\Windows\libactivboardex.dll [14/07/2009 04:20:10] - |D| - [0] - C:\Windows\LiveKernelReports [14/07/2009 04:20:10] - |D| - [157093017] - C:\Windows\Logs [14/07/2009 04:20:10] - |RSD| - [13327133] - C:\Windows\Media [MD5.DCBAE5C64EE945ED6C93F784A4C1370C] - [27/05/2015 10:13:41] - (.-.) - [456022950] - (0.0.0.0) - C:\Windows\MEMORY.DMP [MD5.6577149AACD5D93E58E81BD7ADE3F449] - [31/05/2014 06:42:38] - (.-.) - [1271] - (0.0.0.0) - C:\Windows\MFGCLEAN.CMD [MD5.23AF90D2355D8C83AA4567EF1763B467] - [14/07/2009 01:10:29] - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [14/07/2009 04:20:10] - |D| - [969221947] - C:\Windows\Microsoft.NET [29/01/2015 10:50:06] - |D| - [5524] - C:\Windows\Migration [27/05/2015 10:13:45] - |D| - [1890024] - C:\Windows\Minidump [14/07/2009 04:20:10] - |D| - [0] - C:\Windows\ModemLogs [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 03:35:42] - (.-.) - [1405] - (0.0.0.0) - C:\Windows\msdfmap.ini [31/05/2014 07:01:42] - |D| - [0] - C:\Windows\nl-NL [MD5.CE7742827FCB6440AED09902C5B9C221] - [31/05/2014 06:57:40] - (.-.) - [37148767] - (0.0.0.0) - C:\Windows\nl-NL.log [MD5.74DDA57649140E8E3E04F5BDC9251362] - [31/05/2014 07:10:33] - (.-.) - [341673] - (0.0.0.0) - C:\Windows\NL-NL_IE11.log [MD5.B32189BDFF6E577A92BAA61AD49264E6] - [27/10/2015 18:38:53] - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [193536] - (6.1.7601.18917) - C:\Windows\notepad.exe [MD5.8BFCD02A691132C98BFF4AA0B77240B4] - [31/05/2014 07:43:01] - (.-.) - [28728] - (0.0.0.0) - C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.txt [MD5.77CA8C0F2C97B4C6527573EFE907CED5] - [31/05/2014 07:43:01] - (.-.) - [262144] - (0.0.0.0) - C:\Windows\ocsetup_install_OEMHelpCustomization.etl [14/07/2009 06:32:38] - |D| - [65] - C:\Windows\Offline Web Pages [30/01/2014 20:47:48] - |D| - [2105799] - C:\Windows\Panther [30/01/2015 09:34:55] - |D| - [0] - C:\Windows\PCHEALTH [14/07/2009 06:32:38] - |D| - [62169532] - C:\Windows\Performance [MD5.51F8420E1D5C41A6FA2E1D13053F9227] - [21/11/2010 04:47:07] - (.-.) - [575766] - (0.0.0.0) - C:\Windows\PFRO.log [14/07/2009 04:20:10] - |D| - [1132015] - C:\Windows\PLA [14/07/2009 04:20:10] - |D| - [7443768] - C:\Windows\PolicyDefinitions [30/01/2014 20:48:58] - |D| - [27275011] - C:\Windows\Prefetch [MD5.FFB8B91BD19E5BC10A3344AAF34880F3] - [03/02/2014 15:35:35] - (.-.) - [53551] - (0.0.0.0) - C:\Windows\PROFESSIONAL.xml [MD5.2E2C937846A0B8789E5E91739284D17A] - [14/07/2009 00:27:10] - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [427008] - (6.1.7600.16385) - C:\Windows\regedit.exe [14/07/2009 04:20:10] - |D| - [22588] - C:\Windows\Registration [14/07/2009 04:20:10] - |D| - [7734016] - C:\Windows\rescache [14/07/2009 04:20:10] - |D| - [1680075] - C:\Windows\Resources [MD5.D0B58740740B8F25C2CFA2954B25C9DE] - [31/05/2014 07:36:52] - (.Copyright (C) 2013 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2080472] - (1.0.5.2) - C:\Windows\RtlExUpd.dll [MD5.DA256F9F53336B560201CDEFEAE35320] - [28/09/2015 10:19:19] - (.2008: (c) Realtek. - CCX Diagnostics.) - [380928] - (700.1002.311.2009) - C:\Windows\RtlUI2.exe [MD5.678C7EA24776534FF6DDF491A4F86005] - [28/09/2015 10:19:19] - (.-.) - [901] - (0.0.0.0) - C:\Windows\RtlUI2.exe.manifest [MD5.C967FF9CE59D51C6D4F6E126C7FB0EEE] - [28/09/2015 10:19:19] - (.Copyright (C) 2012-2014 -.) - [44760] - (1.1005.415.2014) - C:\Windows\runSW.exe [MD5.F8D4CB1D8F68DFF0D4B4EAE0C496A636] - [28/09/2015 10:19:53] - (.-.) - [158858] - (0.0.0.0) - C:\Windows\runSW.log [14/07/2009 04:20:10] - |D| - [0] - C:\Windows\SchCache [14/07/2009 04:20:10] - |D| - [58021] - C:\Windows\schemas [14/07/2009 04:20:10] - |D| - [2218052] - C:\Windows\security [14/07/2009 05:45:47] - |D| - [57782457] - C:\Windows\ServiceProfiles [14/07/2009 04:20:10] - |D| - [109191726] - C:\Windows\servicing [14/07/2009 05:45:50] - |D| - [311] - C:\Windows\Setup [MD5.A19E3076B56B851D41D462E08D7FE8B4] - [14/07/2009 05:51:00] - (.-.) - [112939] - (0.0.0.0) - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/07/2009 05:51:00] - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log [03/02/2014 15:34:00] - |D| - [102648] - C:\Windows\ShellNew [16/01/2015 13:50:58] - |D| - [1440824839] - C:\Windows\SoftwareDistribution [14/07/2009 04:20:10] - |D| - [70579144] - C:\Windows\Speech [MD5.127AA81343A7C6F665C22CB1293B0A90] - [30/01/2014 21:10:21] - (.© Microsoft Corporation. - Print driver host for 32bit applications.) - [67072] - (6.1.7601.17777) - C:\Windows\splwow64.exe [MD5.9060C3C745E7B2D8E1A81DD061021546] - [14/07/2009 06:28:38] - (.-.) - [48201] - (0.0.0.0) - C:\Windows\Starter.xml [MD5.C2CEE935B4F21BBB84B85972D4229420] - [28/09/2015 10:19:19] - (.2012: (c) Realtek. By Karl - Switch USB2.0/USB3.0 for WinXP SP2+ ~ Win8.1.) - [454360] - (500.1027.1212.2014) - C:\Windows\SwUSB.exe [14/07/2009 04:20:10] - |D| - [0] - C:\Windows\system [MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 03:34:57] - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [14/07/2009 04:20:10] - |D| - [4516267267] - C:\Windows\System32 [14/07/2009 04:20:14] - |D| - [1280417911] - C:\Windows\SysWOW64 [14/07/2009 04:20:14] - |D| - [15] - C:\Windows\TAPI [14/07/2009 04:20:14] - |D| - [35626] - C:\Windows\Tasks [14/07/2009 04:20:14] - |D| - [25115384] - C:\Windows\Temp [14/07/2009 04:20:14] - |D| - [0] - C:\Windows\tracing [MD5.1F55ECA84E7574253398A827839E1F93] - [30/01/2014 20:50:07] - (.-.) - [5949] - (0.0.0.0) - C:\Windows\TSSysprep.log [MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/06/2009 22:41:17] - (.- Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\Windows\twain.dll [14/07/2009 06:32:38] - |D| - [6144] - C:\Windows\twain_32 [MD5.163A95975E1D8819E653AA3E961371CA] - [21/11/2010 04:25:10] - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\Windows\twain_32.dll [MD5.F36A271706EDD23C94956AFB56981184] - [13/07/2009 23:47:26] - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\Windows\twunk_16.exe [MD5.0BD6E68F3EA0DD62CD86283D86895381] - [14/07/2009 01:14:40] - (.- Twain.dll Client's 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\Windows\twunk_32.exe [31/05/2014 07:52:32] - |D| - [130360] - C:\Windows\util [14/07/2009 04:20:14] - |D| - [12420] - C:\Windows\Vss [14/07/2009 04:20:14] - |D| - [40769109] - C:\Windows\Web [MD5.2465EBC8CD6E412CDC1AB9FEF40BCAE6] - [14/07/2009 03:34:57] - (.-.) - [478] - (0.0.0.0) - C:\Windows\win.ini [MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [14/07/2009 05:54:24] - (.-.) - [749] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.F7C8EAEAD838F17CC30DC8E677B2C719] - [16/01/2015 13:50:57] - (.-.) - [1054839] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.1D420D66250BCAAAED05724FB34008CF] - [14/07/2009 01:12:29] - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [9728] - (6.1.7600.16385) - C:\Windows\winhlp32.exe [MD5.E2B662C36E11BA0A31121AB68B076D11] - [31/05/2014 07:31:56] - (.-.) - [75099] - (0.0.0.0) - C:\Windows\winredism.log [14/07/2009 04:20:14] - |D| - [14473240592] - C:\Windows\winsxs [MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [10/06/2009 21:52:44] - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.F8ED3B4B209E2CB49028E36CF06CA851] - [14/07/2009 00:56:28] - (.© Microsoft Corporation. - Windows Write.) - [10240] - (6.1.7600.16385) - C:\Windows\write.exe ¤¤¤¤¤¤¤¤¤¤ | Systemroot\System ¤¤¤¤¤¤¤¤¤¤ | Systemroot\Installer [27/10/2015 17:23:42] - C:\Windows\Installer\1279d5.msi : (Java SE Runtime Environment 8 Update 66 - Oracle Corporation) [27/10/2015 17:24:19] - C:\Windows\Installer\1279e2.msi : (Java Auto Updater - Oracle Corporation) [16/06/2011 09:35:38] - C:\Windows\Installer\14130.msi : ([ProductName] - Lenovo) [26/02/2014 17:14:18] - C:\Windows\Installer\14137.msi : (Intel(R) Rapid Storage Technology - Intel Corporation) [01/06/2011 05:38:54] - C:\Windows\Installer\1415c.msi : (Lenovo Registration - Lenovo Inc.) [05/11/2013 13:57:42] - C:\Windows\Installer\1417a.msi : (Blank Project Template - CyberLink Corp.) [15/01/2014 15:20:18] - C:\Windows\Installer\14183.msi : (Blank Project Template - CyberLink Corp.) [14/01/2014 10:50:08] - C:\Windows\Installer\1418e.msi : (Blank Project Template - Macrovision Corporation) [30/07/2013 13:52:00] - C:\Windows\Installer\14197.msi : (Blank Project Template - CyberLink Corp.) [31/05/2014 07:46:57] - C:\Windows\Installer\1419e.msi : (Lenovo User Guide - Lenovo) [28/02/2014 23:07:06] - C:\Windows\Installer\141a4.msi : (Nitro Pro 9.0.6.20 - Nitro) [31/05/2014 07:47:50] - C:\Windows\Installer\141aa.msi : (Metric Collection SDK Redistributable - Lenovo Group Limited) [31/05/2014 07:49:54] - C:\Windows\Installer\141c9.msi : (Create Recovery Media Installation - Lenovo Group Limited) [21/02/2014 21:42:32] - C:\Windows\Installer\141d5.msi : (System Update - Lenovo) [03/02/2016 09:15:12] - C:\Windows\Installer\1503af.msi : (Google Update Helper - Google Inc.) [23/01/2015 13:02:39] - C:\Windows\Installer\196619.msi : (Google Update Helper - Google Inc.) [17/12/2010 15:50:39] - C:\Windows\Installer\2f508.msi : (ActivDriver x64 - Promethean) [14/02/2011 17:16:18] - C:\Windows\Installer\2f510.msi : (ActivInspire - Promethean) [07/12/2010 10:48:25] - C:\Windows\Installer\2f518.msi : (ActivInspire Help - Promethean) [03/12/2010 09:54:04] - C:\Windows\Installer\2f51e.msi : (ActivInspire Core Resources - Promethean) [09/12/2010 11:57:26] - C:\Windows\Installer\2f524.msi : (ActivInspire HWR Resources - Promethean) [24/04/2008 14:06:03] - C:\Windows\Installer\2f52a.msi : (Adobe Flash Player - Adobe Systems, Inc.) [08/09/2015 13:57:35] - C:\Windows\Installer\3b242.msi : (Lanceur_Cabri_AM1 - Van In) [26/02/2014 17:38:28] - C:\Windows\Installer\57b8a.msi : (Intel(R) Chipset Device Software - Intel Corporation) [23/10/2014 12:25:32] - C:\Windows\Installer\628588.msi : (ActivDriver x64 - Promethean) [12/03/2013 22:20:34] - C:\Windows\Installer\65dcd.msi : (Intel(R) Trusted Connect Service Client - Intel Corporation) [01/10/2013 06:34:04] - C:\Windows\Installer\65dd4.msi : (USB Enhanced Performance Keyboard - Lenovo) [25/04/2014 00:14:02] - C:\Windows\Installer\65ddb.msi : (DisplayLink Core Software - DisplayLink Corp.) [25/04/2014 00:14:04] - C:\Windows\Installer\65de1.msi : (Lenovo USB Graphics - Lenovo) [15/01/2016 08:14:11] - C:\Windows\Installer\6caf1.msi : (HAYT - Groupe De Boeck sa) [27/10/2015 12:53:41] - C:\Windows\Installer\7f77e8.msi : (Java SE Runtime Environment 8 Update 65 - Oracle Corporation) [22/01/2015 12:14:19] - C:\Windows\Installer\90531a.msi : (Metric Collection SDK Redistributable - Lenovo Group Limited) [22/01/2015 12:17:37] - C:\Windows\Installer\9053f0.msi : (Lenovo Solution Center - Lenovo Group Limited) [07/06/2011 01:56:12] - C:\Windows\Installer\99682.msi : (ADOBER~1.0|Adobe Reader X - Adobe Systems Incorporated) [27/10/2015 10:19:13] - C:\Windows\Installer\9a272.msi : (Adobe AIR Installer - Adobe Systems Incorporated) [07/11/2012 10:30:52] - C:\Windows\Installer\dd92a.msi : ( - Cisco Systems, Inc.) [07/11/2012 10:39:00] - C:\Windows\Installer\dd930.msi : ( - Cisco Systems, Inc.) [07/11/2012 10:37:52] - C:\Windows\Installer\dd936.msi : ( - Cisco Systems, Inc.) ¤¤¤¤¤¤¤¤¤¤ | %System%\*.in* [14/07/2009 05:57:09] - [73] - C:\Windows\System32\desktop.ini [27/10/2015 18:52:02] - [16303] - C:\Windows\System32\ieuinit.inf [05/10/2015 12:33:55] - [265639] - C:\Windows\System32\netathrx.inf [14/07/2009 06:13:15] - [1672590] - C:\Windows\System32\PerfStringBackup.INI [10/06/2009 22:01:25] - [60124] - C:\Windows\System32\tcpmon.ini [28/09/2015 10:19:19] - [3086] - C:\Windows\Syswow64\EAPPkt.inf [27/10/2015 18:52:03] - [16303] - C:\Windows\Syswow64\ieuinit.inf [14/07/2009 05:55:01] - [535] - C:\Windows\Syswow64\mapisvc.inf [30/01/2014 22:46:15] - [1646722] - C:\Windows\Syswow64\PerfStringBackup.INI ¤¤¤¤¤¤¤¤¤¤ | [DAILLY_HIST] [27/10/2015 12:54:09] - |D| - [112] - C:\Users\DAILLY_HIST\.oracle_jre_usage [06/02/2015 16:12:52] - |A| - [452] - C:\Users\DAILLY_HIST\ACTIVstudioError.log [16/01/2015 13:52:15] - |HD| - [491788211] - C:\Users\DAILLY_HIST\AppData [16/01/2015 13:52:15] - |SHD| - [0] - C:\Users\DAILLY_HIST\Application Data [16/01/2015 13:53:18] - |RD| - [68792] - C:\Users\DAILLY_HIST\Contacts [16/01/2015 13:52:15] - |SHD| - [0] - C:\Users\DAILLY_HIST\Cookies [16/01/2015 13:52:15] - |RD| - [40304026] - C:\Users\DAILLY_HIST\Desktop [16/01/2015 13:52:15] - |RD| - [339138] - C:\Users\DAILLY_HIST\Documents [16/01/2015 13:52:15] - |RD| - [244164626] - C:\Users\DAILLY_HIST\Downloads [16/01/2015 13:52:15] - |RD| - [3576] - C:\Users\DAILLY_HIST\Favorites [30/01/2015 09:20:22] - |SHD| - [25308] - C:\Users\DAILLY_HIST\IntelGraphicsProfiles [16/01/2015 13:52:15] - |RD| - [2362] - C:\Users\DAILLY_HIST\Links [16/01/2015 13:52:15] - |SHD| - [0] - C:\Users\DAILLY_HIST\Local Settings [16/01/2015 13:52:15] - |SHD| - [0] - C:\Users\DAILLY_HIST\Menu Démarrer [16/01/2015 13:52:15] - |SHD| - [0] - C:\Users\DAILLY_HIST\Mes documents [16/01/2015 13:52:15] - |SHD| - [0] - C:\Users\DAILLY_HIST\Modèles [16/01/2015 13:52:15] - |RD| - [504] - C:\Users\DAILLY_HIST\Music [16/01/2015 13:52:15] - |ASH| - [1048576] - C:\Users\DAILLY_HIST\NTUSER.DAT [16/01/2015 13:52:15] - |ASH| - [262144] - C:\Users\DAILLY_HIST\ntuser.dat.LOG1 [16/01/2015 13:52:15] - |ASH| - [0] - C:\Users\DAILLY_HIST\ntuser.dat.LOG2 [16/01/2015 13:52:15] - |ASH| - [65536] - C:\Users\DAILLY_HIST\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [16/01/2015 13:52:15] - |ASH| - [524288] - C:\Users\DAILLY_HIST\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [16/01/2015 13:52:15] - |ASH| - [524288] - C:\Users\DAILLY_HIST\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [16/01/2015 13:52:15] - |SH| - [20] - C:\Users\DAILLY_HIST\ntuser.ini [16/01/2015 13:52:15] - |RD| - [504] - C:\Users\DAILLY_HIST\Pictures [16/01/2015 13:52:15] - |SHD| - [0] - C:\Users\DAILLY_HIST\Recent [16/01/2015 13:52:15] - |RD| - [282] - C:\Users\DAILLY_HIST\Saved Games [16/01/2015 13:53:30] - |RD| - [1020] - C:\Users\DAILLY_HIST\Searches [16/01/2015 13:52:15] - |SHD| - [0] - C:\Users\DAILLY_HIST\SendTo [16/01/2015 13:52:15] - |RD| - [504] - C:\Users\DAILLY_HIST\Videos [16/01/2015 13:52:15] - |SHD| - [0] - C:\Users\DAILLY_HIST\Voisinage d'impression [16/01/2015 13:52:15] - |SHD| - [0] - C:\Users\DAILLY_HIST\Voisinage réseau [22/01/2015 09:47:51] - |D| - [15722204] - C:\Users\DAILLY_HIST\AppData\Local\Adobe [16/01/2015 13:52:15] - |SHD| - [0] - C:\Users\DAILLY_HIST\AppData\Local\Application Data [16/01/2015 13:52:58] - |D| - [58377728] - C:\Users\DAILLY_HIST\AppData\Local\Downloaded Installations [23/01/2015 12:54:36] - |SHD| - [0] - C:\Users\DAILLY_HIST\AppData\Local\EmieBrowserModeList [23/01/2015 12:54:36] - |SHD| - [0] - C:\Users\DAILLY_HIST\AppData\Local\EmieSiteList [23/01/2015 12:54:36] - |SHD| - [0] - C:\Users\DAILLY_HIST\AppData\Local\EmieUserList [16/01/2015 13:53:59] - |A| - [114952] - C:\Users\DAILLY_HIST\AppData\Local\GDIPFONTCACHEV1.DAT [23/01/2015 12:57:39] - |D| - [166453320] - C:\Users\DAILLY_HIST\AppData\Local\Google [16/01/2015 13:52:15] - |SHD| - [0] - C:\Users\DAILLY_HIST\AppData\Local\Historique [16/01/2015 13:55:57] - |AH| - [1483935] - C:\Users\DAILLY_HIST\AppData\Local\IconCache.db [23/01/2015 09:59:18] - |D| - [4681] - C:\Users\DAILLY_HIST\AppData\Local\Lenovo [16/01/2015 13:52:15] - |D| - [93523981] - C:\Users\DAILLY_HIST\AppData\Local\Microsoft [30/01/2015 09:31:45] - |D| - [0] - C:\Users\DAILLY_HIST\AppData\Local\Microsoft Help [16/01/2015 13:53:03] - |D| - [40960] - C:\Users\DAILLY_HIST\AppData\Local\Power2Go [22/01/2015 12:14:10] - |D| - [0] - C:\Users\DAILLY_HIST\AppData\Local\Programs [27/10/2015 10:17:02] - |D| - [0] - C:\Users\DAILLY_HIST\AppData\Local\TeamViewer [16/01/2015 13:52:15] - |D| - [0] - C:\Users\DAILLY_HIST\AppData\Local\Temp [16/01/2015 13:52:15] - |SHD| - [0] - C:\Users\DAILLY_HIST\AppData\Local\Temporary Internet Files [22/01/2015 12:16:48] - |D| - [938] - C:\Users\DAILLY_HIST\AppData\Local\Tvsukernel [16/01/2015 13:53:17] - |D| - [0] - C:\Users\DAILLY_HIST\AppData\Local\VirtualStore [16/01/2015 13:53:30] - |SH| - [174] - C:\Users\DAILLY_HIST\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [16/01/2015 13:52:15] - |SHD| - [0] - C:\Users\DAILLY_HIST\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [16/01/2015 13:52:15] - |RD| - [21525] - C:\Users\DAILLY_HIST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [16/01/2015 13:52:15] - |RD| - [14654] - C:\Users\DAILLY_HIST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [16/01/2015 13:53:30] - |RD| - [174] - C:\Users\DAILLY_HIST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [16/01/2015 13:53:30] - |SH| - [338] - C:\Users\DAILLY_HIST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [16/01/2015 13:53:34] - |A| - [1444] - C:\Users\DAILLY_HIST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [16/01/2015 13:52:15] - |RD| - [580] - C:\Users\DAILLY_HIST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [16/01/2015 13:53:30] - |RD| - [174] - C:\Users\DAILLY_HIST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [29/01/2015 11:50:21] - |D| - [4161] - C:\Users\DAILLY_HIST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [16/01/2015 13:53:30] - |SH| - [174] - C:\Users\DAILLY_HIST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ¤¤¤¤¤¤¤¤¤¤ | [PROF] [27/01/2016 09:04:36] - |D| - [112] - C:\Users\PROF\.oracle_jre_usage [30/01/2015 09:14:24] - |A| - [67206] - C:\Users\PROF\ACTIVstudioError.log [26/01/2015 10:15:10] - |HD| - [1453418080] - C:\Users\PROF\AppData [26/01/2015 10:15:10] - |SHD| - [0] - C:\Users\PROF\Application Data [26/01/2015 10:15:23] - |RD| - [45007] - C:\Users\PROF\Contacts [26/01/2015 10:15:10] - |SHD| - [0] - C:\Users\PROF\Cookies [26/01/2015 10:15:10] - |RD| - [11600752] - C:\Users\PROF\Desktop [26/01/2015 10:15:10] - |RD| - [1620840033] - C:\Users\PROF\Documents [26/01/2015 10:15:10] - |RD| - [4894434879] - C:\Users\PROF\Downloads [26/01/2015 10:15:10] - |RD| - [3576] - C:\Users\PROF\Favorites [29/01/2015 11:19:09] - |SHD| - [25308] - C:\Users\PROF\IntelGraphicsProfiles [26/01/2015 10:15:10] - |RD| - [2304] - C:\Users\PROF\Links [26/01/2015 10:15:10] - |SHD| - [0] - C:\Users\PROF\Local Settings [26/01/2015 10:15:10] - |SHD| - [0] - C:\Users\PROF\Menu Démarrer [26/01/2015 10:15:10] - |SHD| - [0] - C:\Users\PROF\Mes documents [26/01/2015 10:15:10] - |SHD| - [0] - C:\Users\PROF\Modèles [26/01/2015 10:15:10] - |RD| - [504] - C:\Users\PROF\Music [26/01/2015 10:15:10] - |ASH| - [1310720] - C:\Users\PROF\NTUSER.DAT [26/01/2015 10:15:10] - |ASH| - [262144] - C:\Users\PROF\ntuser.dat.LOG1 [26/01/2015 10:15:10] - |ASH| - [0] - C:\Users\PROF\ntuser.dat.LOG2 [26/01/2015 10:15:10] - |ASH| - [65536] - C:\Users\PROF\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [26/01/2015 10:15:10] - |ASH| - [524288] - C:\Users\PROF\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [26/01/2015 10:15:10] - |ASH| - [524288] - C:\Users\PROF\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [06/05/2015 11:36:47] - |ASH| - [65536] - C:\Users\PROF\NTUSER.DAT{bc93ed3d-f3db-11e4-be71-4437e6e171b2}.TM.blf [06/05/2015 11:36:47] - |ASH| - [524288] - C:\Users\PROF\NTUSER.DAT{bc93ed3d-f3db-11e4-be71-4437e6e171b2}.TMContainer00000000000000000001.regtrans-ms [06/05/2015 11:36:47] - |ASH| - [524288] - C:\Users\PROF\NTUSER.DAT{bc93ed3d-f3db-11e4-be71-4437e6e171b2}.TMContainer00000000000000000002.regtrans-ms [26/01/2015 10:15:10] - |SH| - [20] - C:\Users\PROF\ntuser.ini [29/01/2015 12:08:50] - |A| - [1582362624] - C:\Users\PROF\Office2010ProfessionalPlusFR(versie2).iso [26/01/2015 10:15:10] - |RD| - [504] - C:\Users\PROF\Pictures [26/01/2015 10:15:10] - |SHD| - [0] - C:\Users\PROF\Recent [26/01/2015 10:15:10] - |RD| - [282] - C:\Users\PROF\Saved Games [26/01/2015 10:15:36] - |RD| - [1020] - C:\Users\PROF\Searches [26/01/2015 10:15:10] - |SHD| - [0] - C:\Users\PROF\SendTo [26/01/2015 10:15:10] - |RD| - [504] - C:\Users\PROF\Videos [26/01/2015 10:15:10] - |SHD| - [0] - C:\Users\PROF\Voisinage d'impression [26/01/2015 10:15:10] - |SHD| - [0] - C:\Users\PROF\Voisinage réseau [29/01/2015 11:52:02] - |D| - [16257402] - C:\Users\PROF\AppData\Local\Adobe [26/01/2015 10:15:10] - |SHD| - [0] - C:\Users\PROF\AppData\Local\Application Data [29/04/2015 10:45:44] - |D| - [21679854] - C:\Users\PROF\AppData\Local\CrashDumps [28/09/2015 11:01:59] - |D| - [3591646] - C:\Users\PROF\AppData\Local\Diagnostics [30/01/2015 12:31:40] - |SHD| - [0] - C:\Users\PROF\AppData\Local\EmieBrowserModeList [30/01/2015 12:31:40] - |SHD| - [0] - C:\Users\PROF\AppData\Local\EmieSiteList [30/01/2015 12:31:40] - |SHD| - [0] - C:\Users\PROF\AppData\Local\EmieUserList [26/01/2015 10:15:59] - |A| - [114952] - C:\Users\PROF\AppData\Local\GDIPFONTCACHEV1.DAT [26/01/2015 10:15:40] - |D| - [396668107] - C:\Users\PROF\AppData\Local\Google [27/01/2016 10:59:20] - |D| - [71] - C:\Users\PROF\AppData\Local\GWX [26/01/2015 10:15:10] - |SHD| - [0] - C:\Users\PROF\AppData\Local\Historique [26/01/2015 10:27:28] - |AH| - [2124598] - C:\Users\PROF\AppData\Local\IconCache.db [26/01/2015 10:22:49] - |D| - [109808] - C:\Users\PROF\AppData\Local\Lenovo [26/01/2015 10:15:10] - |D| - [477884233] - C:\Users\PROF\AppData\Local\Microsoft [26/01/2015 10:15:42] - |D| - [40960] - C:\Users\PROF\AppData\Local\Power2Go [26/01/2015 10:15:10] - |D| - [345939014] - C:\Users\PROF\AppData\Local\Temp [26/01/2015 10:15:10] - |SHD| - [0] - C:\Users\PROF\AppData\Local\Temporary Internet Files [26/01/2015 10:15:20] - |D| - [0] - C:\Users\PROF\AppData\Local\VirtualStore [26/01/2015 10:15:35] - |SH| - [174] - C:\Users\PROF\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [26/01/2015 10:15:10] - |SHD| - [0] - C:\Users\PROF\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [26/01/2015 10:15:10] - |RD| - [17364] - C:\Users\PROF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [26/01/2015 10:15:10] - |RD| - [14654] - C:\Users\PROF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [26/01/2015 10:15:36] - |RD| - [174] - C:\Users\PROF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [26/01/2015 10:15:35] - |SH| - [338] - C:\Users\PROF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [26/01/2015 10:15:43] - |A| - [1444] - C:\Users\PROF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [26/01/2015 10:15:10] - |RD| - [580] - C:\Users\PROF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [26/01/2015 10:15:36] - |RD| - [174] - C:\Users\PROF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [26/01/2015 10:15:36] - |SH| - [174] - C:\Users\PROF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ¤¤¤¤¤¤¤¤¤¤ | [Public] [14/07/2009 04:20:08] - |RHD| - [17187] - C:\Users\Public\Desktop [14/07/2009 05:54:24] - |ASH| - [174] - C:\Users\Public\desktop.ini [14/07/2009 04:20:08] - |RD| - [66388980] - C:\Users\Public\Documents [14/07/2009 04:20:08] - |RD| - [174] - C:\Users\Public\Downloads [14/07/2009 04:20:08] - |RHD| - [0] - C:\Users\Public\Favorites [14/07/2009 04:20:08] - |RHD| - [2214] - C:\Users\Public\Libraries [14/07/2009 04:20:08] - |RD| - [17452082] - C:\Users\Public\Music [14/07/2009 04:20:08] - |RD| - [5838651] - C:\Users\Public\Pictures [03/02/2014 15:33:20] - |RD| - [9699579] - C:\Users\Public\Recorded TV [31/05/2014 07:50:03] - |D| - [10430] - C:\Users\Public\Symantec [14/07/2009 04:20:08] - |RD| - [26246732] - C:\Users\Public\Videos ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 06:01:14] - |A| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk [14/07/2009 05:49:40] - |ASH| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [31/05/2014 07:43:01] - |A| - [2254] - C:\ProgramData\Microsoft\Windows\Start Menu\Evernote Installer.lnk [31/05/2014 07:43:59] - |A| - [1423] - C:\ProgramData\Microsoft\Windows\Start Menu\Free Skype voice and video calls.lnk [14/07/2009 04:20:08] - |RD| - [217615] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 05:49:40] - |A| - [1266] - C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 04:20:08] - |RD| - [45297] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [30/01/2015 09:13:11] - |D| - [8537] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activ Software [14/07/2009 06:32:38] - |RD| - [21157] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [22/01/2015 09:48:20] - |A| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [23/01/2015 12:58:46] - |D| - [1993] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software [30/01/2015 09:26:05] - |D| - [3302] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [14/07/2009 05:54:23] - |SH| - [1130] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [14/07/2009 06:32:38] - |RD| - [778] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [23/01/2015 12:58:29] - |A| - [2221] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [15/01/2016 08:15:04] - |A| - [846] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HAYT.lnk [31/05/2014 07:40:04] - |RD| - [2409] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [27/10/2015 12:54:00] - |D| - [6893] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [31/05/2014 07:41:08] - |D| - [2361] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo [31/05/2014 07:48:14] - |A| - [2094] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Device Experience.lnk [31/05/2014 07:39:52] - |A| - [1050] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Slim USB Keyboard.lnk [31/05/2014 07:41:08] - |RHD| - [8385] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools [31/05/2014 07:48:14] - |A| - [2476] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools.lnk [14/07/2009 04:20:08] - |RD| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [31/05/2014 07:27:33] - |A| - [1345] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [30/01/2015 09:35:45] - |D| - [45935] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [31/05/2014 07:50:37] - |A| - [1991] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk [31/05/2014 07:47:32] - |A| - [2531] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 9.lnk [31/05/2014 07:45:11] - |RD| - [8842] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerDVD Create [28/09/2015 10:20:11] - |D| - [4773] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK USB Wireless LAN Utility [30/01/2015 09:35:46] - |D| - [3181] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [14/07/2009 05:57:08] - |A| - [1330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk [14/07/2009 04:20:08] - |RD| - [2488] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [03/02/2014 15:33:20] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [27/10/2015 10:15:38] - |A| - [1058] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk [05/10/2015 12:34:24] - |D| - [7182] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK [08/09/2015 13:58:22] - |D| - [2803] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Van In [29/01/2015 11:51:08] - |D| - [5646] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [14/07/2009 05:57:09] - |A| - [1352] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk [31/05/2014 07:27:14] - |A| - [1326] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [14/07/2009 05:54:59] - |A| - [1210] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk [14/07/2009 05:57:06] - |A| - [1547] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [29/01/2015 11:50:21] - |D| - [4089] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [14/07/2009 05:57:08] - |A| - [1246] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 05:54:23] - |SH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [05/10/2015 12:34:25] - |A| - [2314] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files (x86) [30/01/2015 09:13:09] - |D| - [153646932] - C:\Program Files (x86)\Activ Software [31/05/2014 07:41:48] - |D| - [347689810] - C:\Program Files (x86)\Adobe [08/09/2015 13:58:17] - |D| - [27350495] - C:\Program Files (x86)\Cabri [28/09/2015 10:20:14] - |D| - [3558495] - C:\Program Files (x86)\Cisco [14/07/2009 04:20:08] - |D| - [800070034] - C:\Program Files (x86)\Common Files [31/05/2014 07:44:50] - |D| - [774498741] - C:\Program Files (x86)\CyberLink [30/01/2015 09:25:23] - |D| - [28300703] - C:\Program Files (x86)\DAEMON Tools Lite [14/07/2009 05:54:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [23/01/2015 12:57:40] - |D| - [505930165] - C:\Program Files (x86)\Google [15/01/2016 08:15:03] - |D| - [69196868] - C:\Program Files (x86)\HAYT [31/05/2014 07:35:35] - |HD| - [160247180] - C:\Program Files (x86)\InstallShield Installation Information [31/05/2014 07:29:49] - |D| - [24703048] - C:\Program Files (x86)\Intel [14/07/2009 04:20:08] - |D| - [11244868] - C:\Program Files (x86)\Internet Explorer [27/10/2015 12:53:43] - |D| - [328345511] - C:\Program Files (x86)\Java [31/05/2014 07:35:35] - |D| - [108751027] - C:\Program Files (x86)\Lenovo [31/05/2014 07:42:18] - |D| - [4315950] - C:\Program Files (x86)\Lenovo Registration [30/01/2015 09:32:17] - |D| - [39848379] - C:\Program Files (x86)\Microsoft Analysis Services [31/05/2014 07:50:34] - |D| - [1000180275] - C:\Program Files (x86)\Microsoft Office [30/01/2015 09:34:54] - |D| - [1805760] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [30/01/2015 09:34:55] - |D| - [793991] - C:\Program Files (x86)\Microsoft Sync Framework [30/01/2015 09:35:08] - |D| - [326800] - C:\Program Files (x86)\Microsoft Synchronization Services [30/01/2015 09:33:36] - |D| - [1378033] - C:\Program Files (x86)\Microsoft Visual Studio 8 [30/01/2014 22:45:55] - |D| - [8175999] - C:\Program Files (x86)\Microsoft.NET [14/07/2009 06:32:38] - |D| - [26521] - C:\Program Files (x86)\MSBuild [31/05/2014 07:47:18] - |D| - [163196268] - C:\Program Files (x86)\Nitro [31/05/2014 07:36:52] - |D| - [70157645] - C:\Program Files (x86)\Realtek [14/07/2009 06:32:38] - |D| - [39175425] - C:\Program Files (x86)\Reference Assemblies [31/05/2014 07:50:03] - |D| - [1061824] - C:\Program Files (x86)\SymSilent [27/10/2015 10:15:36] - |D| - [38613299] - C:\Program Files (x86)\TeamViewer [31/05/2014 07:36:52] - |HD| - [0] - C:\Program Files (x86)\Temp [05/10/2015 12:34:24] - |D| - [2932572] - C:\Program Files (x86)\TP-LINK [14/07/2009 05:57:06] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [14/07/2009 06:32:38] - |D| - [524800] - C:\Program Files (x86)\Windows Defender [14/07/2009 04:20:08] - |D| - [6181376] - C:\Program Files (x86)\Windows Mail [14/07/2009 06:32:38] - |D| - [5024017] - C:\Program Files (x86)\Windows Media Player [14/07/2009 04:20:08] - |D| - [12197556] - C:\Program Files (x86)\Windows NT [14/07/2009 06:32:38] - |D| - [4417800] - C:\Program Files (x86)\Windows Photo Viewer [14/07/2009 06:32:38] - |D| - [189952] - C:\Program Files (x86)\Windows Portable Devices [14/07/2009 06:32:38] - |D| - [5994626] - C:\Program Files (x86)\Windows Sidebar ¤¤¤¤¤¤¤¤¤¤ | \Program Files [30/01/2015 09:12:39] - |D| - [21444676] - \Program Files\Activ Software [23/01/2015 12:56:02] - |D| - [811229359] - \Program Files\AVAST Software [14/07/2009 04:20:08] - |D| - [117785510] - \Program Files\Common Files [14/07/2009 05:54:24] - |ASH| - [174] - \Program Files\desktop.ini [31/05/2014 07:29:51] - |D| - [1047632] - \Program Files\DIFX [31/05/2014 07:35:38] - |D| - [25793945] - \Program Files\DisplayLink Core Software [14/07/2009 06:32:38] - |D| - [90256916] - \Program Files\DVD Maker [31/05/2014 07:29:39] - |D| - [66704679] - \Program Files\Intel [14/07/2009 04:20:08] - |D| - [31515607] - \Program Files\Internet Explorer [31/05/2014 07:35:32] - |D| - [87258636] - \Program Files\Lenovo [31/05/2014 07:35:49] - |D| - [9123] - \Program Files\Lenovo USB Graphics [30/01/2015 09:33:04] - |D| - [22846729] - \Program Files\Microsoft Office [31/05/2014 07:30:25] - |D| - [171127279] - \Program Files\MLPS [14/07/2009 06:32:38] - |D| - [25757] - \Program Files\MSBuild [31/05/2014 07:37:11] - |D| - [42727392] - \Program Files\Realtek [14/07/2009 06:32:38] - |D| - [36832937] - \Program Files\Reference Assemblies [14/07/2009 06:09:26] - |HD| - [0] - \Program Files\Uninstall Information [29/01/2015 11:50:56] - |D| - [127809809] - \Program Files\VideoLAN [14/07/2009 06:32:38] - |D| - [4039680] - \Program Files\Windows Defender [03/02/2014 15:34:24] - |D| - [9241208] - \Program Files\Windows Journal [14/07/2009 04:20:08] - |D| - [6667776] - \Program Files\Windows Mail [14/07/2009 06:32:38] - |D| - [7687085] - \Program Files\Windows Media Player [14/07/2009 04:20:08] - |D| - [12627636] - \Program Files\Windows NT [14/07/2009 06:32:38] - |D| - [5516056] - \Program Files\Windows Photo Viewer [14/07/2009 06:32:38] - |D| - [244736] - \Program Files\Windows Portable Devices [14/07/2009 06:32:38] - |D| - [7241184] - \Program Files\Windows Sidebar [29/01/2015 11:50:19] - |D| - [5452793] - \Program Files\WinRAR ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files (x86)\Common Files [30/01/2015 09:12:40] - |D| - [6182562] - C:\Program Files (x86)\Common Files\Activ Software [22/01/2015 09:47:45] - |D| - [10416066] - C:\Program Files (x86)\Common Files\Adobe [31/05/2014 07:41:48] - |D| - [49072081] - C:\Program Files (x86)\Common Files\Adobe AIR [11/01/2016 14:38:22] - |D| - [1507013] - C:\Program Files (x86)\Common Files\AV [27/10/2015 19:00:44] - |D| - [99992] - C:\Program Files (x86)\Common Files\DESIGNER [31/05/2014 07:36:50] - |D| - [5223283] - C:\Program Files (x86)\Common Files\InstallShield [31/05/2014 07:29:38] - |D| - [88650350] - C:\Program Files (x86)\Common Files\Intel [31/05/2014 07:40:30] - |D| - [243273] - C:\Program Files (x86)\Common Files\Intel Corporation [27/10/2015 17:24:25] - |D| - [1955984] - C:\Program Files (x86)\Common Files\Java [31/05/2014 07:47:56] - |D| - [29874514] - C:\Program Files (x86)\Common Files\lenovo [14/07/2009 04:20:08] - |D| - [538645318] - C:\Program Files (x86)\Common Files\microsoft shared [31/05/2014 07:47:18] - |D| - [16035234] - C:\Program Files (x86)\Common Files\Nitro [31/05/2014 07:35:00] - |D| - [195948] - C:\Program Files (x86)\Common Files\postureAgent [14/07/2009 04:20:08] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [14/07/2009 04:20:08] - |D| - [41103783] - C:\Program Files (x86)\Common Files\SpeechEngines [21/01/2015 11:16:13] - |D| - [0] - C:\Program Files (x86)\Common Files\Symantec Shared [14/07/2009 04:20:08] - |D| - [10861931] - C:\Program Files (x86)\Common Files\System ¤¤¤¤¤¤¤¤¤¤ | \Program Files\Common files [11/01/2016 14:38:22] - |D| - [1507013] - \Program Files\Common files\AV [31/05/2014 07:41:42] - |D| - [1392474] - \Program Files\Common files\Lenovo [14/07/2009 04:20:08] - |D| - [85270168] - \Program Files\Common files\Microsoft Shared [31/05/2014 07:47:19] - |D| - [16814190] - \Program Files\Common files\Nitro [14/07/2009 04:20:08] - |D| - [2702] - \Program Files\Common files\Services [14/07/2009 04:20:08] - |D| - [608768] - \Program Files\Common files\SpeechEngines [14/07/2009 04:20:08] - |D| - [12190195] - \Program Files\Common files\System ¤¤¤¤¤¤¤¤¤¤ | Tasks [MD5.0221DA16F3EC28F0EB37DDAB87675690] - [23/01/2015 13:39:50] - |A| - [1002] - C:\Windows\Tasks\Adobe Flash Player Updater.job [MD5.765E0850EF6C7FF9EB62E0E6F9FCEFC4] - [23/01/2015 12:57:49] - |A| - [1066] - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [MD5.56551C1CD61B0380BCC6CC19DD26A94C] - [23/01/2015 12:57:53] - |A| - [1070] - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [14/07/2009 06:08:49] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.110E8E40BFAD1CDE0CD98DE594B6041E] - [14/07/2009 06:08:49] - |A| - [32482] - C:\Windows\Tasks\SCHEDLGU.TXT [MD5.DB5869367DBDADEB36803B32320EB569] - [23/01/2015 13:39:50] - |A| - [3940] - C:\Windows\System32\Tasks\Adobe Flash Player Updater : C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.00000000000000000000000000000000] - [11/01/2016 14:38:35] - |D| - [3860] - C:\Windows\System32\Tasks\AVAST Software [MD5.EBD92E80F84C15FCCA9E1696DB2AD82D] - [23/01/2015 12:58:33] - |A| - [4182] - C:\Windows\System32\Tasks\avast! Emergency Update : C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [MD5.C436D767580128CD106B26A6BC6A58C5] - [31/05/2014 07:45:10] - |A| - [3148] - C:\Windows\System32\Tasks\CLMLSvc : C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [MD5.9195426502E9534E01F9B2756C4F06C0] - [11/05/2015 10:03:39] - |A| - [3464] - C:\Windows\System32\Tasks\Eteindre PC : shutdown [MD5.7CE8BCD174B8618BFEDC390E85E5E639] - [23/01/2015 12:57:51] - |A| - [3814] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.7903D2794AF74E085BF9ED1084D58AB1] - [23/01/2015 12:57:53] - |A| - [4066] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [31/05/2014 07:41:51] - |D| - [29398] - C:\Windows\System32\Tasks\Lenovo [MD5.00000000000000000000000000000000] - [14/07/2009 04:20:13] - |D| - [317182] - C:\Windows\System32\Tasks\Microsoft [MD5.00000000000000000000000000000000] - [30/01/2015 09:34:15] - |D| - [4392] - C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform [MD5.1942F3726A5D881DD60FCE3BEE97083F] - [31/05/2014 07:41:11] - |A| - [2996] - C:\Windows\System32\Tasks\PMTask : C:\Program Files (x86)\Lenovo\PowerMgr\PwmIdTsv.exe [MD5.7C222000D60233FEDC8659AA64454470] - [31/05/2014 07:37:20] - |A| - [3156] - C:\Windows\System32\Tasks\RtHDVBg_LENOVO_MICPKEY : "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" [MD5.6EC2A5F4E732A5B12EA02C5626C9BBAC] - [31/05/2014 07:37:18] - |A| - [3132] - C:\Windows\System32\Tasks\RTKCPL : "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [MD5.00000000000000000000000000000000] - [31/05/2014 07:50:09] - |D| - [4216] - C:\Windows\System32\Tasks\TVT [MD5.EBD40B91864FD99492284EF61CC4183D] - [27/10/2015 10:14:44] - |A| - [3818] - C:\Windows\System32\Tasks\Windows Updates auto : C:\Users\DAILLY_HIST\Desktop\Maintenance\taches_planifiees\WU_script.vbs [MD5.00000000000000000000000000000000] - [14/07/2009 06:09:57] - |D| - [4490] - C:\Windows\System32\Tasks\WPD [MD5.00000000000000000000000000000000] - [14/07/2009 04:20:14] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ¤¤¤¤¤¤¤¤¤¤ | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "Netlogon-NamedPipe-In"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "{91E39B68-F022-4A9C-A064-B5BAB3BC84C0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002| "{B6A8B079-B3E6-4FD9-B03C-14D6EF6BEB6C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe|Name=SHAREit.exe| "{82C5A624-F815-43ED-8AF5-D3634B5038F7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe|Name=SHAREit.exe| "TCP Query User{B72FC789-1572-4769-89FF-2F477BF3574D}C:\program files\activ software\activdriver\activmgr.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\activ software\activdriver\activmgr.exe|Name=ActivManager|Desc=ActivManager| "UDP Query User{A42209BE-99B7-46F5-9491-1CE21BD75703}C:\program files\activ software\activdriver\activmgr.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\activ software\activdriver\activmgr.exe|Name=ActivManager|Desc=ActivManager| "{1A0F1F62-014A-4B04-9B6F-B2B648FE9AFD}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\PROGRA~2\REALTEK\USBWIR~1\RtWlan.exe|Name=RtWlan|Security=Authenticate|Security2_9=An-NoEncap| "{6E6E49DF-1D29-490C-BF8C-C8B42C628B31}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=1542|Name=Realtek WPS TCP Prot| "{BD8A70CF-B357-4273-A7C0-712505F77626}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=1542|Name=Realtek WPS UDP Prot| "{D46776C3-048D-4F48-B829-E4CC54B61829}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=53|Name=Realtek AP UDP Prot| "{DA695FF2-725B-4F01-A3FC-65FACB266DC7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\PROGRA~2\REALTEK\USBWIR~1\Rtldhcp.exe|Name=RTLDHCP|Security=Authenticate|Security2_9=An-NoEncap| "{073DC150-005A-4F9D-94CC-5F535B72192F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe|Name=RTLDHCP| "{A35F380A-83AD-47DE-AB2E-FB603ADB1C44}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe|Name=RTLDHCP| "{68137DA6-B8E1-47CA-A80F-96AB048EA0AB}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|LPort=53|Name=RTLDHCP Port| "{6277B0E6-3030-4C5A-AED7-025E35EC9DD2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=67|App=C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe|Name=RTLDHCP-Port| "{5CED6721-2F53-4025-88DE-7C4263C331C6}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=68|App=C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe|Name=RTLDHCP-Port-2| "{9667A2B0-B361-4FA7-95D4-F2CDBA170672}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=53|App=C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe|Name=RTLDNS-Port| "{FF5FD6EF-51F4-41F5-AB2B-76C61B543596}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=53|App=C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe|Name=RTLDNS-Port-2| "{604F79CB-CD6B-4404-BF18-685B2A3475AD}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\TeamViewer\TeamViewer.exe|Name=Teamviewer Remote Control Application| "{E9E59179-F4A3-4699-8331-B0FB94CD4814}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\TeamViewer\TeamViewer.exe|Name=Teamviewer Remote Control Application| "{18BC4056-BDE6-4899-80DA-D195667E9673}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe|Name=Teamviewer Remote Control Service| "{D993C48A-1443-4C4D-A33A-A9074630166D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe|Name=Teamviewer Remote Control Service| "{A5F56171-5104-453E-BD58-135C2631F2C2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe|Name=TvsuUNCServer| "{A837CE8B-106B-4340-A8B4-9C1494099744}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe|Name=TvsuUNCServer| "{6B73ACBA-A54E-4B4A-8CF4-5F115300C3B7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "{54238BE8-B2FF-40CC-B670-ADAC04D0959B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe|Name=TvsuUNCServer| "{A9C9CDBC-2F0C-4DE3-9957-765D04E9C087}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe|Name=TvsuUNCServer| "{5C71AD8C-AF7D-4015-88EB-00CBA90652BE}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe|Name=TvsuUNCServer| "{B5CBC6D2-9C1F-40E0-B346-003B3EF4B968}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe|Name=TvsuUNCServer| "TCP Query User{A80137C5-6CBA-412B-A1EC-D72343F79773}C:\Users\PROF\Desktop\QuickDiag.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\PROF\Desktop\QuickDiag.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| "UDP Query User{8086F52E-78FA-489A-B2C4-2168ADE624EB}C:\Users\PROF\Desktop\QuickDiag.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\PROF\Desktop\QuickDiag.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| ¤¤¤¤¤¤¤¤¤¤ | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{03F52937-1FD6-44FB-82C6-FE988F1B1D61}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (igfx) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{04A83FC2-2AE2-4C88-B45F-E9707B377636}] : (aswHwid) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{24A0C840-2C3D-4410-8236-8B40816C7B90}] : (aswVmm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}] : (IPMIDRV) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] : (Display) [] -> @DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) [] -> @mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}] : (Monitor) [] -> @Montr_CI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}] : (MTD) [] -> @SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}] : (Net) [] -> @NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}] : (NetClient) [] -> @NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}] : (NetService) [] -> @NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}] : (NetTrans) [] -> @NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) [] -> @StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175D334-C371-4806-B3BA-71FD53C9258D}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{522119B9-1B9A-498A-AC52-148B533EFD50}] : (sgvjrwfu) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53D29EF7-377C-4D14-864B-EB3A85769359}] : (BiometricDevice) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{54505F9E-EE66-4F1D-A63B-B853A1759385}] : (SymNetS) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{56EBD688-B772-4181-9610-8633FCEE988D}] : (SymIRON) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) [] -> @NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (igfx) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) [] -> @%SystemRoot%\system32\batt.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) [] -> @hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7E0006EA-81A8-4780-B0C8-474E2DBF4D63}] : (IDSVia64) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87C077B2-3D3B-4156-938A-EA51B451D6C6}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8AE85550-832C-4A9B-81BB-2A49DBEE72B4}] : (aswRvrt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990A2BD7-E738-46C7-B26F-1CF8FB9F1391}] : (SmartCard) [] -> @sccls.dll,-300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}] : (SideShow) [] -> @%systemroot%\system32\AuxiliaryDisplayClassInstaller.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9D2FE6D0-9B76-11DB-B606-0800200C9A66}] : (SMDriver) [] -> @oem18.inf,%ClassName%;SM Driver [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9D3039DD-CCA5-4B4D-B33D-E2DDC8A8C52E}] : (dtsoftbus01) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}] : (Transfer Cable) [] -> @%SystemRoot%\System32\migwiz\migres.dll,-20 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C4A06E97-ED42-47B9-83E1-F12299B286A5}] : (aswRdr) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}] : (XnaComposite) [] -> @%SystemRoot%\system32\XInput9_1_0.dll,-1000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{DB4F6DDD-9C0E-45E4-9597-78DBBAD0F412}] : (SmartCardFilter) [] -> @sccls.dll,-301 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}] : (WPD) [] -> @wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{FB58BE68-EA9E-4803-847F-2CE814E7B159}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ¤¤¤¤¤¤¤¤¤¤ | Loaded modules (Microsoft Files whitelisted) [31/05/2014 07:36:38] - (2.5.0.19) - (Intel Corporation - Intel(R) USB 3.0 Host Controller Switch Driver) - C:\Windows\system32\drivers\iusb3hcs.sys [31/05/2014 06:42:53] - (13.0.0.1098) - (Intel Corporation - Intel(R) Rapid Storage Technology driver - x64) - C:\Windows\system32\drivers\iaStorA.sys [30/01/2014 22:31:11] - (1.1.2.5) - (Advanced Micro Devices - Storage Filter Driver) - C:\Windows\system32\drivers\amdxata.sys [23/01/2015 12:57:25] - (11.1.2245.1540) - (AVAST Software - avast! Revert) - C:\Windows\System32\Drivers\aswRvrt.sys [23/01/2015 12:57:29] - (11.1.2245.1540) - (AVAST Software - avast! VM Monitor) - C:\Windows\System32\Drivers\aswVmm.sys [31/05/2014 06:42:53] - (13.0.0.1098) - (Intel Corporation - Intel(R) Rapid Storage Technology Filter driver - x64) - C:\Windows\system32\drivers\iaStorF.sys [30/01/2015 09:25:27] - (4.49.1.352) - (Disc Soft Ltd - DAEMON Tools Virtual Bus Driver) - C:\Windows\system32\DRIVERS\dtsoftbus01.sys [23/01/2015 12:57:27] - (11.1.2245.1552) - (AVAST Software - avast! self protection module) - C:\Windows\system32\drivers\aswSP.sys [23/01/2015 12:57:10] - (11.1.2245.1553) - (AVAST Software - avast! Virtualization Driver) - C:\Windows\system32\drivers\aswSnx.sys [23/01/2015 12:57:17] - (11.1.2245.1540) - (AVAST Software - avast! WFP Redirect Driver) - C:\Windows\system32\drivers\aswRdr2.sys [14/07/2009 01:00:40] - (6.1.7600.16385) - (Brother Industries Ltd. - Pilote Brother Série I/F (WDM)) - C:\Windows\system32\drivers\serial.sys [03/10/2014 17:36:38] - (10.18.10.3960) - (Intel Corporation - Intel Graphics Kernel Mode Driver) - C:\Windows\system32\DRIVERS\igdkmd64.sys [31/05/2014 07:36:38] - (2.5.0.19) - (Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller Driver) - C:\Windows\system32\drivers\iusb3xhc.sys [31/05/2014 06:24:27] - (9.0.0.1287) - (Intel Corporation - Intel(R) Management Engine Interface) - C:\Windows\system32\drivers\HECIx64.sys [05/10/2015 12:33:55] - (8.0.0.376) - (Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver) - C:\Windows\system32\DRIVERS\athrx.sys [31/05/2014 07:37:29] - (7.67.1226.2012) - (Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver ) - C:\Windows\system32\DRIVERS\Rt64win7.sys [07/02/2012 06:20:20] - (6.1.1020.0) - (Lenovo Information Product(ShenZhen China) Inc. - SMBIOS Driver) - C:\Windows\system32\DRIVERS\psadd.sys [31/05/2014 07:36:38] - (2.5.0.19) - (Intel Corporation - Intel(R) USB 3.0 Hub Driver) - C:\Windows\system32\DRIVERS\iusb3hub.sys [31/05/2014 07:36:56] - (6.0.1.7116) - (Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver) - C:\Windows\system32\drivers\RTKVHD64.sys [31/05/2014 07:40:13] - (6.2.9200.30158) - (Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7/Win8) - C:\Windows\System32\Drivers\RtsUStor.sys [27/10/2015 18:46:46] - (5.1.2.246) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\Windows\System32\ATMFD.DLL [23/01/2015 12:57:23] - (11.1.2245.1545) - (AVAST Software - avast! File System Minifilter for Windows 2003/Vista) - C:\Windows\system32\drivers\aswMonFlt.sys [23/01/2015 12:57:32] - (11.1.2245.1540) - (AVAST Software - Stream Filter) - C:\Windows\system32\drivers\aswStm.sys [23/01/2015 12:57:20] - (11.1.2245.1540) - (AVAST Software - avast! HWID) - C:\Windows\system32\drivers\aswHwid.sys ¤¤¤¤¤¤¤¤¤¤ | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service R0 - ACPI (Microsoft ACPI Driver) -> system32\drivers\ACPI.sys R0 - amdxata () -> system32\drivers\amdxata.sys R0 - aswRvrt (avast! Revert) -> (?) R0 - aswVmm (avast! VM Monitor) -> (?) R0 - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys R0 - CNG () -> System32\Drivers\cng.sys R0 - Compbatt (Microsoft Composite Battery Driver) -> system32\drivers\compbatt.sys R0 - Disk (Pilote de disque) -> system32\drivers\disk.sys R0 - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys R0 - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys S0 - Fs_Rec () -> (?) R0 - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys R0 - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys R0 - iaStorA () -> system32\drivers\iaStorA.sys R0 - iaStorF () -> system32\drivers\iaStorF.sys R0 - iusb3hcs (Intel(R) USB 3.0 Host Controller Switch Driver) -> system32\drivers\iusb3hcs.sys R0 - KSecDD () -> System32\Drivers\ksecdd.sys R0 - KSecPkg () -> System32\Drivers\ksecpkg.sys R0 - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys R0 - msisadrv () -> system32\drivers\msisadrv.sys R0 - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys R0 - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys R0 - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys R0 - pci (Pilote de bus PCI) -> system32\drivers\pci.sys R0 - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys R0 - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys R0 - spldr (Security Processor Loader Driver) -> (?) R0 - storflt (@%SystemRoot%\system32\vmstorfltres.dll,-1000) -> system32\drivers\vmstorfl.sys R0 - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys R0 - vdrvroot (Microsoft Virtual Drive Enumerator Driver) -> system32\drivers\vdrvroot.sys R0 - volmgr (Volume Manager Driver) -> system32\drivers\volmgr.sys R0 - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys R0 - volsnap (Volumes de stockage) -> system32\drivers\volsnap.sys R0 - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys R1 - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys R1 - aswRdr (aswRdr) -> \SystemRoot\system32\drivers\aswRdr2.sys R1 - aswSnx (aswSnx) -> \SystemRoot\system32\drivers\aswSnx.sys R1 - aswSP (aswSP) -> \SystemRoot\system32\drivers\aswSP.sys R1 - Beep (Beep) -> (?) R1 - blbdrive () -> \SystemRoot\system32\drivers\blbdrive.sys R1 - cdrom (Pilote de CD-ROM) -> system32\DRIVERS\cdrom.sys R1 - CSC (@%systemroot%\system32\cscsvc.dll,-202) -> system32\drivers\csc.sys R1 - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys R1 - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys R1 - dtsoftbus01 (DAEMON Tools Virtual Bus Driver) -> system32\DRIVERS\dtsoftbus01.sys R1 - Msfs () -> (?) R1 - mssmbios (Microsoft System Management BIOS Driver) -> \SystemRoot\system32\drivers\mssmbios.sys R1 - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys R1 - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys R1 - Npfs () -> (?) R1 - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys R1 - Null () -> (?) R1 - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys R1 - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys R1 - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys R1 - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys R1 - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys R1 - Serial (Serial port driver) -> \SystemRoot\system32\drivers\serial.sys R1 - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys R1 - TermDD (Terminal Device Driver) -> \SystemRoot\system32\drivers\termdd.sys R1 - VgaSave () -> \SystemRoot\System32\drivers\vga.sys R1 - vwififlt (Virtual WiFi Filter Driver) -> system32\DRIVERS\vwififlt.sys R1 - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys R1 - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys R2 - AdobeARMservice (Adobe Acrobat Update Service) -> "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" R2 - aswHwid (avast! HardwareID) -> \SystemRoot\system32\drivers\aswHwid.sys R2 - aswMonFlt (aswMonFlt) -> \SystemRoot\system32\drivers\aswMonFlt.sys R2 - aswStm (aswStm) -> \SystemRoot\system32\drivers\aswStm.sys R2 - AudioEndpointBuilder (@%SystemRoot%\system32\audiosrv.dll,-204) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - AudioSrv (@%SystemRoot%\system32\audiosrv.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - avast! Antivirus (Avast Antivirus) -> "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" R2 - BFE (@%SystemRoot%\system32\bfe.dll,-1001) -> %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - BITS (@%SystemRoot%\system32\qmgr.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k netsvcs S2 - clr_optimization_v4.0.30319_32 (Microsoft .NET Framework NGEN v4.0.30319_X86) -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe S2 - clr_optimization_v4.0.30319_64 (Microsoft .NET Framework NGEN v4.0.30319_X64) -> C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe R2 - CryptSvc (@%SystemRoot%\system32\cryptsvc.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - CscService (@%systemroot%\system32\cscsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - DcomLaunch (@oleres.dll,-5012) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - Dhcp (@%SystemRoot%\system32\dhcpcore.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - DiagTrack (@%SystemRoot%\system32\UtcResources.dll,-3001) -> %SystemRoot%\System32\svchost.exe -k utcsvc R2 - DisplayLinkService (DisplayLinkManager) -> "C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe" R2 - Dnscache (@%SystemRoot%\System32\dnsapi.dll,-101) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - DPS (@%systemroot%\system32\dps.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork R2 - eventlog (@%SystemRoot%\system32\wevtsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - EventSystem (@comres.dll,-2450) -> %SystemRoot%\system32\svchost.exe -k LocalService R2 - FontCache (@%systemroot%\system32\FntCache.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService R2 - gpsvc (@gpapi.dll,-112) -> %windir%\system32\svchost.exe -k GPSvcGroup S2 - gupdate (Service Google Update (gupdate)) -> "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc R2 - IAStorDataMgrSvc (Intel(R) Rapid Storage Technology) -> "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" R2 - igfxCUIService1.0.0.0 (Intel(R) HD Graphics Control Panel Service) -> %SystemRoot%\system32\igfxCUIService.exe R2 - IKEEXT (@%SystemRoot%\system32\ikeext.dll,-501) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) -> "C:\Program Files\Intel\iCLS Client\HeciServer.exe" R2 - iphlpsvc (@%SystemRoot%\system32\iphlpsvc.dll,-500) -> %SystemRoot%\System32\svchost.exe -k NetSvcs R2 - jhi_service (Intel(R) Dynamic Application Loader Host Interface Service) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" R2 - LanmanServer (@%systemroot%\system32\srvsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - LanmanWorkstation (@%systemroot%\system32\wkssvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - LENOVO.CAMMUTE (Lenovo Camera Mute) -> C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe R2 - LENOVO.TPKNRSVC (Lenovo Keyboard Noise Reduction) -> C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe R2 - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys R2 - lmhosts (@%SystemRoot%\system32\lmhsvc.dll,-101) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted S2 - LMS (Intel(R) Management and Security Application Local Management Service) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" R2 - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys R2 - MMCSS (@%systemroot%\system32\mmcss.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - MpsSvc (@%SystemRoot%\system32\FirewallAPI.dll,-23090) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - NitroDriverReadSpool9 (NitroPDFDriverCreatorReadSpool9) -> "C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe" R2 - NlaSvc (@%SystemRoot%\System32\nlasvc.dll,-1) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - nlsX86cc (Nalpeiron Licensing Service) -> C:\Windows\SysWOW64\NLSSRV32.EXE R2 - nsi (@%SystemRoot%\system32\nsisvc.dll,-200) -> %systemroot%\system32\svchost.exe -k LocalService R2 - PcaSvc (@%SystemRoot%\system32\pcasvc.dll,-1) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys R2 - PlugPlay (@%SystemRoot%\system32\umpnpmgr.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - Power (@%SystemRoot%\system32\umpo.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - ProfSvc (@%systemroot%\system32\profsvc.dll,-300) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - RealtekWlanU (RealtekWlanU) -> C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe R2 - RpcEptMapper (@%windir%\system32\RpcEpMap.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k RPCSS R2 - RpcSs (@oleres.dll,-5010) -> %SystemRoot%\system32\svchost.exe -k rpcss R2 - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys S2 - RTLDHCPService (Realtek DHCP Service) -> C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe R2 - RunSwUSB (RunSwUSB) -> C:\Windows\runSW.exe R2 - SamSs (@%SystemRoot%\system32\samsrv.dll,-1) -> %SystemRoot%\system32\lsass.exe R2 - Schedule (@%SystemRoot%\system32\schedsvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - SENS (@%SystemRoot%\system32\Sens.dll,-200) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - ShellHWDetection (@%SystemRoot%\System32\shsvcs.dll,-12288) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - Sks8821 (Skdaemon Service) -> C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe R2 - Spooler (@%systemroot%\system32\spoolsv.exe,-1) -> %SystemRoot%\System32\spoolsv.exe R2 - sppsvc (@%SystemRoot%\system32\sppsvc.exe,-101) -> %SystemRoot%\system32\sppsvc.exe R2 - SysMain (@%SystemRoot%\system32\sysmain.dll,-1000) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys R2 - TeamViewer (TeamViewer 10) -> "C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe" R2 - Themes (@%SystemRoot%\System32\themeservice.dll,-8192) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - TrkWks (@%SystemRoot%\system32\trkwks.dll,-1) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - UxSms (@%SystemRoot%\system32\dwm.exe,-2000) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - Winmgmt (@%Systemroot%\system32\wbem\wmisvc.dll,-205) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - Wlansvc (@%SystemRoot%\System32\wlansvc.dll,-257) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - wscsvc (@%SystemRoot%\System32\wscsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - WSearch (@%systemroot%\system32\SearchIndexer.exe,-103) -> %systemroot%\system32\SearchIndexer.exe /Embedding R2 - wuauserv (@%systemroot%\system32\wuaueng.dll,-105) -> %systemroot%\system32\svchost.exe -k netsvcs ¤¤¤¤¤¤¤¤¤¤ | System files (Microsoft Files whitelisted) [MD5.B3D08F1CCBCB60CC549F693F1444D208] - [19/11/2010 17:15:22] - (.© Promethean technologies Ltd. - Promethean Activboard.) - [95.21 Ko] - (5.7.22.1) - C:\Windows\System32\Drivers\ACTIVhidmini.sys [MD5.007F173FDE42227D7CB998BD59F80F81] - [26/05/2010 15:21:24] - (.© Promethean technologies Ltd. - Promethean Activboard.) - [84.09 Ko] - (5.5.37.1) - C:\Windows\System32\Drivers\activhidsermini.sys [MD5.5320E4C5253B3B5579FB3BB47B7671AC] - [19/11/2010 17:15:24] - (.© Promethean technologies Ltd. - Promethean Multiple Screen Mouse Filter.) - [7.96 Ko] - (5.7.22.1) - C:\Windows\System32\Drivers\activmouse.sys [MD5.2F6B34B83843F0C5118B63AC634F5BF4] - [10/06/2009 21:36:24] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - [479.58 Ko] - (1.6.6.4) - C:\Windows\System32\Drivers\adp94xx.sys [MD5.597F78224EE9224EA1A13D6350CED962] - [13/07/2009 22:59:32] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - [331.58 Ko] - (1.6.6.1) - C:\Windows\System32\Drivers\adpahci.sys [MD5.E109549C90F62FB570B9540C4B148E54] - [13/07/2009 22:59:33] - (.Copyright © 2003 Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) - [178.58 Ko] - (7.2.0.0) - C:\Windows\System32\Drivers\adpu320.sys [MD5.5812713A477A3AD7363C7438CA2EE038] - [14/07/2009 00:19:47] - (.Copyright (C) Acer Laboratories Inc. 2000 - ALi mini IDE Driver.) - [15.08 Ko] - (1.2.0.0) - C:\Windows\System32\Drivers\aliide.sys [MD5.1FF8B4431C353CE385C875F194924C0C] - [14/07/2009 00:19:49] - (.Copyright (C) AMD 2003 - Pilote IDE AMD.) - [15.08 Ko] - (6.1.7600.16385) - C:\Windows\System32\Drivers\amdide.sys [MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - [30/01/2014 22:31:11] - (.Copyright © 2008-2010 AMD, Inc. - AHCI 1.2 Device Driver.) - [105.38 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdsata.sys [MD5.F67F933E79241ED32FF46A4F29B5120B] - [10/06/2009 21:37:35] - (.2008 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [189.58 Ko] - (3.6.1540.127) - C:\Windows\System32\Drivers\amdsbs.sys [MD5.540DAF1CEA6094886D72126FD7C33048] - [30/01/2014 22:31:11] - (.Copyright © 2008-2010 AMD, Inc. - Storage Filter Driver.) - [26.38 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdxata.sys [MD5.C484F8CEB1717C540242531DB7845C4E] - [13/07/2009 22:59:33] - (.Copyright 2007 Adaptec, Inc. - Adaptec RAID Storport Driver.) - [85.58 Ko] - (5.2.0.10384) - C:\Windows\System32\Drivers\arc.sys [MD5.019AF6924AEFE7839F61C830227FE79C] - [13/07/2009 22:59:33] - (.Copyright 2008 Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - [95.56 Ko] - (5.2.0.16119) - C:\Windows\System32\Drivers\arcsas.sys [MD5.7BC1F2FC2A9D79E1EBBBF6D69AC3BA1F] - [23/01/2015 12:57:20] - (.Copyright (c) 2014 AVAST Software - avast! HWID.) - [27.98 Ko] - (11.1.2245.1540) - C:\Windows\System32\Drivers\aswHwid.sys [MD5.68E76C1675AC171A84F5B7230652E19D] - [23/01/2015 12:57:23] - (.Copyright (c) 2014 AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) - [95.36 Ko] - (11.1.2245.1545) - C:\Windows\System32\Drivers\aswmonflt.sys [MD5.2D6B49A071216796106E7804AB2BA7DC] - [23/01/2015 12:57:17] - (.Copyright (c) 2014 AVAST Software - avast! WFP Redirect Driver.) - [91.34 Ko] - (11.1.2245.1540) - C:\Windows\System32\Drivers\aswRdr2.sys [MD5.E46B51C99BB750A81AC6A68362475A5C] - [23/01/2015 12:57:25] - (.Copyright (c) 2014 AVAST Software - avast! Revert.) - [63.7 Ko] - (11.1.2245.1540) - C:\Windows\System32\Drivers\aswRvrt.sys [MD5.01487B49CC9289D7A1DADAD6A9A2C02F] - [23/01/2015 12:57:10] - (.Copyright (c) 2014 AVAST Software - avast! Virtualization Driver.) - [1040.74 Ko] - (11.1.2245.1553) - C:\Windows\System32\Drivers\aswsnx.sys [MD5.619CA9F210F0F36F8162E5B7BFDDA5CD] - [23/01/2015 12:57:27] - (.Copyright (c) 2014 AVAST Software - avast! self protection module.) - [453.38 Ko] - (11.1.2245.1552) - C:\Windows\System32\Drivers\aswsp.sys [MD5.D9079E1A1C2A1F8ED5F37AF8E6CD3161] - [23/01/2015 12:57:32] - (.Copyright (c) 2014 AVAST Software - Stream Filter.) - [151.66 Ko] - (11.1.2245.1540) - C:\Windows\System32\Drivers\aswStm.sys [MD5.3BEC32A0B646D914921FD56AA39998C1] - [23/01/2015 12:57:29] - (.Copyright (c) 2014 AVAST Software - avast! VM Monitor.) - [267.37 Ko] - (11.1.2245.1540) - C:\Windows\System32\Drivers\aswVmm.sys [MD5.7D89B0C443F6068E5B27AA3B972069FF] - [05/10/2015 12:33:55] - (.Copyright (C) 2001-2009 Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) - [1542.5 Ko] - (8.0.0.376) - C:\Windows\System32\Drivers\athrx.sys [MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - [10/06/2009 21:34:23] - (.Copyright 2000-2008, Broadcom Corporation. - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) - [264.5 Ko] - (10.100.4.0) - C:\Windows\System32\Drivers\b57nd60a.sys [MD5.F09EEE9EDC320B5E1501F749FDE686C8] - [14/07/2009 02:19:59] - (.Copyright (C) Brother Industries, Ltd. 2001-2003 - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) - [18 Ko] - (1.10.0.2) - C:\Windows\System32\Drivers\BrFiltLo.sys [MD5.B114D3098E9BDB8BEA8B053685831BE6] - [14/07/2009 02:20:21] - (.Copyright (C) Brother Industries, Ltd. 2001 - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) - [8.5 Ko] - (1.4.0.1) - C:\Windows\System32\Drivers\BrFiltUp.sys [MD5.43BEA8D483BF1870F018E2D02E06A5BD] - [14/07/2009 02:19:06] - (.Copyright (C) Brother Industries Ltd.1997-2006 - Pilote Brother Série I/F (WDM).) - [280 Ko] - (1.0.1.6) - C:\Windows\System32\Drivers\BrSerId.sys [MD5.A6ECA2151B08A09CACECA35C07F05B42] - [14/07/2009 02:20:11] - (.Copyright (C) Brother Industries Ltd.1997-2003 - Brother Serial driver (WDM version).) - [46 Ko] - (1.0.0.20) - C:\Windows\System32\Drivers\BrSerWdm.sys [MD5.B79968002C277E869CF38BD22CD61524] - [14/07/2009 02:20:26] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB MDM Driver.) - [14.63 Ko] - (1.0.0.12) - C:\Windows\System32\Drivers\BrUsbMdm.sys [MD5.A87528880231C54E75EA7A44943B38BF] - [14/07/2009 02:20:15] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB Serial Driver.) - [14.38 Ko] - (1.0.1.3) - C:\Windows\System32\Drivers\BrUsbSer.sys [MD5.3E5B191307609F7514148C6832BB0842] - [10/06/2009 21:34:28] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [457.5 Ko] - (4.8.2.0) - C:\Windows\System32\Drivers\bxvbda.sys [MD5.E19D3F095812725D88F9001985B94EDD] - [14/07/2009 00:19:48] - (.Copyright (C) CMD Technology, Inc. 1999-2000 - CMD PCI IDE Bus Driver.) - [17.08 Ko] - (2.0.7.0) - C:\Windows\System32\Drivers\cmdide.sys [MD5.33F90B202E9DD9B7D489EB59310FDC34] - [30/01/2015 09:25:27] - (.© 2000-2013 Disc Soft Ltd. - DAEMON Tools Virtual Bus Driver.) - [276.43 Ko] - (4.49.1.352) - C:\Windows\System32\Drivers\dtsoftbus01.sys [MD5.0E5DA5369A0FCAEA12456DD852545184] - [10/06/2009 21:36:49] - (.Copyright © 2003-2009 Emulex - Storport Miniport Driver for LightPulse HBAs.) - [518.06 Ko] - (7.2.10.211) - C:\Windows\System32\Drivers\elxstor.sys [MD5.DC5D737F51BE844D8C82C695EB17372F] - [10/06/2009 21:34:33] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) - [3209 Ko] - (4.8.13.0) - C:\Windows\System32\Drivers\evbda.sys [MD5.F2523EF6460FC42405B12248338AB2F0] - [13/07/2009 23:53:43] - (.Copyright ©2007-2009 Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) - [30.5 Ko] - (1.31.27127.0) - C:\Windows\System32\Drivers\hcw85cir.sys [MD5.2BB3EAE2EA641515D4B205CAB29E1624] - [31/05/2014 06:24:27] - (.Copyright © 2006-2013, Intel Corporation. - Intel(R) Management Engine Interface.) - [63.11 Ko] - (9.0.0.1287) - C:\Windows\System32\Drivers\HECIx64.sys [MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - [21/11/2010 04:23:47] - (.Copyright (c) 2004-2010 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [76.88 Ko] - (6.12.6.64) - C:\Windows\System32\Drivers\HpSAMD.sys [MD5.815499B59D675E42A70894118E7A6422] - [31/05/2014 06:42:53] - (.Copyright (C), Intel Corporation. - Intel(R) Rapid Storage Technology driver - x64.) - [630.85 Ko] - (13.0.0.1098) - C:\Windows\System32\Drivers\iaStorA.sys [MD5.C9FFC9330A5944A709549A28B5EB37C5] - [31/05/2014 06:42:53] - (.Copyright (C), Intel Corporation. - Intel(R) Rapid Storage Technology Filter driver - x64.) - [27.35 Ko] - (13.0.0.1098) - C:\Windows\System32\Drivers\iaStorF.sys [MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - [30/01/2014 22:31:11] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [400.88 Ko] - (8.6.2.1014) - C:\Windows\System32\Drivers\iaStorV.sys [MD5.09F8023A17EE9EB0897A1B195428192B] - [03/10/2014 17:36:38] - (.Copyright (c) 1998-2013 Intel Corporation. - Intel Graphics Kernel Mode Driver.) - [4641.93 Ko] - (10.18.10.3960) - C:\Windows\System32\Drivers\igdkmd64.sys [MD5.5C18831C61933628F5BB0EA2675B9D21] - [13/07/2009 22:59:33] - (.Copyright © 2002-05 Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - [43.08 Ko] - (5.4.22.0) - C:\Windows\System32\Drivers\iirsp.sys [MD5.EC80E6B9E27DC3E22ED5B2E0E75A39C0] - [31/05/2014 06:36:20] - (.Intel(R) Corporation. - Intel(R) Display Audio Driver.) - [439.96 Ko] - (6.16.0.3131) - C:\Windows\System32\Drivers\IntcDAud.sys [MD5.78D369F8A81A341109FBA1DB64B4C512] - [31/05/2014 07:36:38] - (.(C) 2010-2013 Intel Corporation - Intel(R) USB 3.0 Host Controller Switch Driver.) - [19.98 Ko] - (2.5.0.19) - C:\Windows\System32\Drivers\iusb3hcs.sys [MD5.5B632ABA038CE2E2D5D2D1115C6B26D1] - [31/05/2014 07:36:38] - (.(C) 2010-2013 Intel Corporation - Intel(R) USB 3.0 Hub Driver.) - [359.48 Ko] - (2.5.0.19) - C:\Windows\System32\Drivers\iusb3hub.sys [MD5.EA841584EF59528D11F20355770E427E] - [31/05/2014 07:36:38] - (.(C) 2010-2013 Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller Driver.) - [767.98 Ko] - (2.5.0.19) - C:\Windows\System32\Drivers\iusb3xhc.sys [MD5.1A93E54EB0ECE102495A51266DCDB6A6] - [13/07/2009 22:59:34] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT FC Driver (StorPort).) - [112.06 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_fc.sys [MD5.1047184A9FDC8BDBFF857175875EE810] - [13/07/2009 22:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SAS Driver (StorPort).) - [104.06 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_sas.sys [MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - [13/07/2009 22:59:34] - (.Copyright © LSI Corporation 2009 - LSI SAS Gen2 Driver (StorPort).) - [64.06 Ko] - (2.0.2.71) - C:\Windows\System32\Drivers\lsi_sas2.sys [MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - [13/07/2009 22:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SCSI Driver (StorPort).) - [113.06 Ko] - (1.28.3.67) - C:\Windows\System32\Drivers\lsi_scsi.sys [MD5.47701ECA633574E122687693B5C5D35C] - [08/03/2016 14:10:38] - (.© Malwarebytes. - Malwarebytes Chameleon Protection Driver.) - [106.71 Ko] - (1.1.21.0) - C:\Windows\System32\Drivers\mbamchameleon.sys [MD5.78488AF2AB2111D67B3C4044707A519B] - [08/03/2016 14:10:50] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [187.71 Ko] - (0.3.0.4) - C:\Windows\System32\Drivers\MBAMSwissArmy.sys [MD5.A55805F747C6EDB6A9080D7C633BD0F4] - [10/06/2009 21:37:14] - (.Copyright © LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64.) - [34.56 Ko] - (4.5.1.64) - C:\Windows\System32\Drivers\megasas.sys [MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - [13/07/2009 22:59:33] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [278.06 Ko] - (13.5.409.2009) - C:\Windows\System32\Drivers\MegaSR.sys [MD5.618C55B392238B9467F9113E13525C49] - [10/06/2009 21:35:36] - (.Copyright (C) @ 2002-2009 Ralink Technology Corporation. - Ralink 802.11n Wireless Adapter Driver.) - [847 Ko] - (3.0.0.60) - C:\Windows\System32\Drivers\netr28ux.sys [MD5.77889813BE4D166CDAB78DDBA990DA92] - [13/07/2009 22:59:33] - (.(C) Copyright IBM Corp. 1994, 2002. - IBM ServeRAID Controller Driver.) - [50.06 Ko] - (7.10.0.0) - C:\Windows\System32\Drivers\nfrd960.sys [MD5.0A92CB65770442ED0DC44834632F66AD] - [30/01/2014 22:31:11] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [144.88 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvraid.sys [MD5.DAB0E87525C10052BF65F06152F37E4A] - [30/01/2014 22:31:11] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [162.38 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvstor.sys [MD5.05A4779E4994B21473EDBE85AABE8030] - [07/02/2012 06:20:20] - (.Copyright© Lenovo 2005-2011. - SMBIOS Driver.) - [39.3 Ko] - (6.1.1020.0) - C:\Windows\System32\Drivers\psadd.sys [MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - [10/06/2009 21:37:36] - (.Copyright © QLogic Corporation 1996-2009 - QLogic Fibre Channel Stor Miniport Driver.) - [1489.08 Ko] - (9.1.8.6) - C:\Windows\System32\Drivers\ql2300.sys [MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - [13/07/2009 22:59:34] - (.© QLogic Corporation. - QLogic iSCSI Storport Miniport Driver.) - [125.58 Ko] - (2.1.3.20) - C:\Windows\System32\Drivers\ql40xx.sys [MD5.61A04C0C084D560BBEF1D09604608262] - [31/05/2014 07:37:29] - (.Copyright (C) 2012 Realtek Semiconductor Corporation. All Right Reserved. - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver .) - [786.22 Ko] - (7.67.1226.2012) - C:\Windows\System32\Drivers\Rt64win7.sys [MD5.71F18E15662CBAFBC498201EFF578297] - [31/05/2014 07:36:56] - (.Copyright (c) Realtek Semiconductor Corp.1998-2013 - Realtek(r) High Definition Audio Function Driver.) - [3692.09 Ko] - (6.0.1.7116) - C:\Windows\System32\Drivers\RTKVHD64.sys [MD5.B4B7B646F129E3F3ACE8CBC1B65FC226] - [31/05/2014 07:40:13] - (.Copyright (C) Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7/Win8.) - [254.57 Ko] - (6.2.9200.30158) - C:\Windows\System32\Drivers\RtsUStor.sys [MD5.CD36435E4D35316ABD3BBD58DF765E68] - [28/09/2015 10:19:31] - (.Copyright (C) 2014 Realtek Semiconductor Corporation - Realtek WLAN USB NDIS Driver 32965.) - [3578.71 Ko] - (1027.3.1015.2014) - C:\Windows\System32\Drivers\rtwlanu.sys [MD5.3EA8A16169C26AFBEB544E0E48421186] - [14/07/2009 03:36:07] - (.© 2006 Macrovision Corporation - Macrovision SECURITY Driver.) - [22.5 Ko] - (4.3.86.0) - C:\Windows\System32\Drivers\secdrv.sys [MD5.C1D8E28B2C2ADFAEC4BA89E9FDA69BD6] - [14/07/2009 01:00:40] - (.Copyright (C) Brother Industries Ltd.1997-2006 - Pilote Brother Série I/F (WDM).) - [92 Ko] - (6.1.7600.16385) - C:\Windows\System32\Drivers\serial.sys [MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - [10/06/2009 21:37:40] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [42.56 Ko] - (5.1.1039.2600) - C:\Windows\System32\Drivers\sisraid2.sys [MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - [13/07/2009 22:59:33] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [78.58 Ko] - (5.1.1039.3600) - C:\Windows\System32\Drivers\sisraid4.sys [MD5.F3817967ED533D08327DC73BC4D5542A] - [13/07/2009 22:59:33] - (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) - [24.08 Ko] - (5.0.1.1) - C:\Windows\System32\Drivers\stexstor.sys [MD5.E5689D93FFE4E5D66C0178761240DD54] - [14/07/2009 00:19:50] - (.Copyright (C) VIA Technologies, Inc. 2000-2007 - VIA Generic PCI IDE Bus Driver.) - [17.08 Ko] - (6.0.6000.170) - C:\Windows\System32\Drivers\viaide.sys [MD5.5E2016EA6EBACA03C04FEAC5F330D997] - [10/06/2009 21:37:58] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [158.08 Ko] - (6.0.6000.6210) - C:\Windows\System32\Drivers\vsmraid.sys ¤¤¤¤¤¤¤¤¤¤ | Uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\F67E88B82A3D67C887CB27610C33005C3651783E] : (Windows Driver Package - Intel Corporation (igfx) Display (01/29/2014 10.18.10.3412).-.Intel Corporation) -> C:\PROGRA~1\DIFX\8730326CFC0D32D8\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\kit58942.inf_amd64_neutral_9bed2a7e37663519\kit58942.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\View Management Utility_is1] : (View Management Utility.-.Lenovo Inc.) -> "C:\Program Files\Lenovo\View Management Utility\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VLC media player] : (VLC media player.-.VideoLAN) -> C:\Program Files\VideoLAN\VLC\uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 5.21 (64-bit).-.win.rar GmbH) -> C:\Program Files\WinRAR\uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{356896F4-F148-4BEB-8268-7D877F6C0DD0}] : (Nitro Pro 9.-.Nitro) -> MsiExec.exe /X{356896F4-F148-4BEB-8268-7D877F6C0DD0} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{409CB30E-E457-4008-9B1A-ED1B9EA21140}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> "C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe" -uninstall [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{44B72151-611E-429D-9765-9BA093D7E48A}] : (Intel® Trusted Connect Service Client.-.Intel Corporation) -> MsiExec.exe /I{44B72151-611E-429D-9765-9BA093D7E48A} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{494D80C4-3557-4D73-A153-65FE4B3ECDC3}] : (Lenovo Slim USB Keyboard.-.Lenovo) -> MsiExec.exe /X{494D80C4-3557-4D73-A153-65FE4B3ECDC3} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4C2B6F96-3AED-4E3F-8DCE-917863D1E6B1}] : (Lenovo Solution Center.-.Lenovo Group Limited) -> MsiExec.exe /X{4C2B6F96-3AED-4E3F-8DCE-917863D1E6B1} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{58F4C39B-D946-4A45-A314-DEFC2AFDF397}] : (DisplayLink Core Software.-.DisplayLink Corp.) -> MsiExec.exe /X{58F4C39B-D946-4A45-A314-DEFC2AFDF397} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1] : (ThinkVantage Communications Utility.-.Lenovo) -> "C:\Program Files\Lenovo\Communications Utility\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{989DC5D9-A776-430D-9E16-D36E5B81CD86}] : (USB Enhanced Performance Keyboard.-.Lenovo) -> MsiExec.exe /X{989DC5D9-A776-430D-9E16-D36E5B81CD86} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}] : (Lenovo Patch Utility 64 bit.-.Lenovo Group Limited) -> MsiExec.exe /X{ABE4638D-D208-4061-9F26-E3E11E3A1E0C} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B7CC660E-F31D-490C-BD2A-2CB2EC5A5E3A}] : (Intel(R) Chipset Device Software.-.Intel Corporation) -> MsiExec.exe /I{B7CC660E-F31D-490C-BD2A-2CB2EC5A5E3A} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DB4DA836-82EC-4A96-A6A1-52B39AD19C14}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> MsiExec.exe /I{DB4DA836-82EC-4A96-A6A1-52B39AD19C14} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E6B1FE9A-CB1E-4096-A0AF-163419CB971C}] : (Lenovo USB Graphics.-.Lenovo) -> MsiExec.exe /X{E6B1FE9A-CB1E-4096-A0AF-163419CB971C} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F15D3F83-06DD-40AE-B7FC-AF720B154589}] : (ActivDriver x64 v5.7.-.Promethean) -> MsiExec.exe /I{F15D3F83-06DD-40AE-B7FC-AF720B154589} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe AIR] : (Adobe AIR.-.Adobe Systems Incorporated) -> c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI] : (Adobe Flash Player 20 NPAPI.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_Plugin.exe -maintain plugin [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player PPAPI] : (Adobe Flash Player 20 PPAPI.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe -maintain pepperplugin [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Avast] : (Avast Free Antivirus.-.AVAST Software) -> C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DAEMON Tools Lite] : (DAEMON Tools Lite.-.Disc Soft Ltd) -> C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) -> "C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\Installer\setup.exe" --uninstall --multi-install --chrome --system-level [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\HAYT] : (Atlas d'Histoire.-.Groupe De Boeck sa) -> msiexec /qb /x {7CE759AF-3FA1-99A3-FFB2-79A423EA573C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{01535110-65FB-4437-AF99-6FB40252C06C}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{291EF98C-8641-469D-B83D-51DB6E09C9AA}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}] : (WaveEditor.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{D6E853EC-8960-4D44-AF03-7361BB93227C}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{D6E853EC-8960-4D44-AF03-7361BB93227C}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{DE485075-8CD3-4A1E-9ABC-6412EBA44872}] : (PowerDVD Create.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{DE485075-8CD3-4A1E-9ABC-6412EBA44872}\setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SHAREit_is1] : (SHAREit.-.Lenovo Group Limited) -> "C:\Program Files (x86)\Lenovo\SHAREit\unins001.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\TeamViewer] : (TeamViewer 10.-.TeamViewer) -> C:\Program Files (x86)\TeamViewer\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Usbfix] : (UsbFix.-.El Desaparecido - www.usbfix.net - www.sosvirus.net) -> C:\UsbFix\Un-UsbFix.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0274D240-4D1D-4FDA-9A36-09F0BECD288F}] : (Adobe AIR.-.Adobe Systems Incorporated) -> MsiExec.exe /I{0274D240-4D1D-4FDA-9A36-09F0BECD288F} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0A1698F6-A35B-43FE-8034-034AA11119E4}] : (ActivInspire Core Resources (FRA) v1.-.Promethean) -> MsiExec.exe /I{0A1698F6-A35B-43FE-8034-034AA11119E4} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}] : (Cisco PEAP Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{13F59938-C595-479C-B479-F171AB9AF64F}] : (Lenovo User Guide.-.Lenovo) -> MsiExec.exe /X{13F59938-C595-479C-B479-F171AB9AF64F} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{23455DF5-1D5E-4030-BBD4-AEA1A734D196}] : (ActivInspire HWR Resources (FRA) v1.-.Promethean) -> MsiExec.exe /I{23455DF5-1D5E-4030-BBD4-AEA1A734D196} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}] : (Intel(R) USB 3.0 eXtensible Host Controller Driver.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Uninstall\setup.exe -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{25C64847-B900-48AD-A164-1B4F9B774650}] : (Lenovo System Update.-.Lenovo) -> MsiExec.exe /X{25C64847-B900-48AD-A164-1B4F9B774650} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218065F0}] : (Java 8 Update 65.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218065F0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218066F0}] : (Java 8 Update 66.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218066F0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2B025F53-4693-45B2-9DC1-625B8F613870}] : (Actimath_1.-.Van In) -> MsiExec.exe /I{2B025F53-4693-45B2-9DC1-625B8F613870} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{319D91C6-3D44-436C-9F79-36C0D22372DC}] : (TP-LINK Wireless Configuration Utility.-.TP-LINK) -> "C:\Program Files (x86)\InstallShield Installation Information\{319D91C6-3D44-436C-9F79-36C0D22372DC}\setup.exe" -runfromtemp -l0x0009 -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}] : (WaveEditor.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{40BF1E83-20EB-11D8-97C5-0009C5020658}] : (CyberLink Power2Go 7.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{454D32AD-C149-49BE-9F2E-8C089C3D6620}] : (Lenovo USB3.0 to DVI VGA Monitor Adapter.-.Lenovo) -> "C:\Program Files (x86)\InstallShield Installation Information\{454D32AD-C149-49BE-9F2E-8C089C3D6620}\setup.exe" -runfromtemp -l0x0409 -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}] : (Create Recovery Media.-.Lenovo Group Limited) -> MsiExec.exe /X{50DC5136-21E8-48BC-97E5-1AD055F6B0B6} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{58BAA8D0-404E-4585-9FD3-ED1BB72AC2EE}] : (Adobe Flash Player 9 ActiveX.-.Adobe Systems, Inc.) -> MsiExec.exe /X{58BAA8D0-404E-4585-9FD3-ED1BB72AC2EE} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}] : (Cisco EAP-FAST Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}] : (Lenovo Registration.-.Lenovo Inc.) -> MsiExec.exe /X{6707C034-ED6B-4B6A-B21F-969B3606FBDE} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7CE759AF-3FA1-99A3-FFB2-79A423EA573C}] : (Atlas d'Histoire.-.Groupe De Boeck sa) -> MsiExec.exe /I{7CE759AF-3FA1-99A3-FFB2-79A423EA573C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9C049509-055C-4CFF-A116-1D12312225EB}] : (REALTEK Wireless LAN Driver and Utility.-.) -> C:\Program Files (x86)\InstallShield Installation Information\{9C049509-055C-4CFF-A116-1D12312225EB}\Install.exe -uninst [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9CC333AD-2EC0-4A5F-B6B0-E1A32E8E0F7A}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}] : (Adobe Reader X (10.1.16) MUI.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AF312B06-5C5C-468E-89B3-BE6DE2645722}] : (Cisco LEAP Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{AF312B06-5C5C-468E-89B3-BE6DE2645722} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B7A0CE06-068E-11D6-97FD-0050BACBF861}] : (CyberLink PowerProducer 5.5.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}] : (Metric Collection SDK 35.-.Lenovo Group Limited) -> MsiExec.exe /X{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D4EAC93D-12F2-4180-A125-2F447500B4DF}] : (ActivInspire Help (FRA) v1.-.Promethean) -> MsiExec.exe /I{D4EAC93D-12F2-4180-A125-2F447500B4DF} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D6E853EC-8960-4D44-AF03-7361BB93227C}] : ( PowerDVD Create 10.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{D6E853EC-8960-4D44-AF03-7361BB93227C}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}_is1] : (Power Manager.-.Lenovo Group Limited) -> "C:\Program Files (x86)\Lenovo\PowerMgr\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}] : (Metric Collection SDK.-.Lenovo Group Limited) -> MsiExec.exe /X{DDAA788F-52E6-44EA-ADB8-92837B11BF26} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DE485075-8CD3-4A1E-9ABC-6412EBA44872}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{DE485075-8CD3-4A1E-9ABC-6412EBA44872}\setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{e48a2f61-851a-4155-82f9-af1b04db8c3b}] : (Intel(R) Chipset Device Software.-.Intel(R) Corporation) -> "C:\ProgramData\Package Cache\{e48a2f61-851a-4155-82f9-af1b04db8c3b}\SetupChipset.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}] : (Realtek Card Reader.-.Realtek Semiconductor Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}\setup.exe" -runfromtemp -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}] : (Intel(R) Processor Graphics.-.Intel Corporation) -> "C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe" -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}] : (Realtek Ethernet Controller All-In-One Windows Driver.-.Realtek) -> C:\Program Files (x86)\InstallShield Installation Information\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}\setup.exe -runfromtemp -l0x0409 -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FAC83A5C-8BC9-4EE0-A27E-4CC684B1EDF5}] : (ActivInspire v1.-.Promethean) -> MsiExec.exe /I{FAC83A5C-8BC9-4EE0-A27E-4CC684B1EDF5} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FDA7E907-6539-42C1-9721-0239C281B336}] : (TP-LINK TL-WN881ND Driver.-.TP-LINK) -> "C:\Program Files (x86)\InstallShield Installation Information\{FDA7E907-6539-42C1-9721-0239C281B336}\setup.exe" -runfromtemp -l0x0009 -removeonly DriverOnly ¤¤¤¤¤¤¤¤¤¤ | Installer [HKCR\Installer\Products\042D4720D1D4ADF4A963900FEBDC82F8] : Adobe AIR [HKCR\Installer\Products\0B5B5B2C545249E44BAB45D8B40F1B69] : Metric Collection SDK 35 [HKCR\Installer\Products\0D8AAB85E4045854F93DDEB17BA22CEE] : Adobe Flash Player 9 ActiveX -> C:\Windows\Installer\{58BAA8D0-404E-4585-9FD3-ED1BB72AC2EE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\15127B44E116D9247956B90A397D4EA8] : Intel® Trusted Connect Service Client [HKCR\Installer\Products\35F520B239642B54D91C26B5F8168307] : Actimath_1 -> C:\Windows\Installer\{2B025F53-4693-45B2-9DC1-625B8F613870}\ARPPRODUCTICON.exe [HKCR\Installer\Products\38E1FB04BE028D11795C00905C206085] : Power2Go -> C:\Windows\Installer\{40BF1E83-20EB-11D8-97C5-0009C5020658}\ARPPRODUCTICON.exe [HKCR\Installer\Products\38F3D51FDD60EA047BCFFA27B0515498] : ActivDriver x64 v5.7 -> C:\Windows\Installer\{F15D3F83-06DD-40AE-B7FC-AF720B154589}\ARPPRODUCTICON.exe [HKCR\Installer\Products\430C7076B6DEA6B42BF169B96360BFED] : Lenovo Registration -> C:\Windows\Installer\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4C08D494755337D41A3556EFB4E3DC3C] : Lenovo Slim USB Keyboard -> C:\Windows\Installer\{494D80C4-3557-4D73-A153-65FE4B3ECDC3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF2381208560F] : Java 8 Update 65 -> C:\Program Files (x86)\Java\jre1.8.0_65\\bin\javaws.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF2381208660F] : Java 8 Update 66 -> C:\Program Files (x86)\Java\jre1.8.0_66\\bin\javaws.exe [HKCR\Installer\Products\4F698653841FBEB42886D778F7C6D00D] : Nitro Pro 9 -> C:\Windows\Installer\{356896F4-F148-4BEB-8268-7D877F6C0DD0}\Professional.ico [HKCR\Installer\Products\5FD55432E5D10304BB4DEA1A7A431D69] : ActivInspire HWR Resources (FRA) v1 -> C:\Windows\Installer\{23455DF5-1D5E-4030-BBD4-AEA1A734D196}\ARPPRODUCTICON.exe [HKCR\Installer\Products\60B213FAC5C5E864983BEBD62E467522] : Cisco LEAP Module [HKCR\Installer\Products\60EC0A7BE8606D1179DF0005ABBC8F16] : PowerProducer -> C:\Windows\Installer\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\ARPPRODUCTICON.exe [HKCR\Installer\Products\6315CD058E12CB84795EA10D556F0B6B] : Create Recovery Media -> C:\Program Files (x86)\Lenovo\Factory Recovery\recovburncd.exe,0 [HKCR\Installer\Products\638AD4BDCE2869A46A1A253BA91DC941] : Intel(R) Rapid Storage Technology [HKCR\Installer\Products\68AB67CA7DA7FFFFB744AA0000000010] : Adobe Reader X (10.1.16) MUI -> C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\SC_Reader.ico [HKCR\Installer\Products\69F6B2C4DEA3F3E4D8EC1987361D6E1B] : Lenovo Solution Center -> C:\Windows\Installer\{4C2B6F96-3AED-4E3F-8DCE-917863D1E6B1}\ARPPRODUCTICON.exe [HKCR\Installer\Products\6E0FE4A0219AEDC47A3FE6657E1CA3F2] : Cisco PEAP Module [HKCR\Installer\Products\6F8961A0B53AEF34084330A41A11914E] : ActivInspire Core Resources (FRA) v1 -> C:\Windows\Installer\{0A1698F6-A35B-43FE-8034-034AA11119E4}\ARPPRODUCTICON.exe [HKCR\Installer\Products\74846C52009BDA841A46B1F4B9776405] : Lenovo System Update -> C:\Windows\Installer\{25C64847-B900-48AD-A164-1B4F9B774650}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7810FB462D3FB89499AE61A39FEAE69C] : Cisco EAP-FAST Module [HKCR\Installer\Products\83995F31595CC9744B971F17BAA96FF4] : Lenovo User Guide -> C:\Windows\Installer\{13F59938-C595-479C-B479-F171AB9AF64F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper [HKCR\Installer\Products\9D5CD989677AD034E9613DE6B518DC68] : USB Enhanced Performance Keyboard -> C:\Windows\Installer\{989DC5D9-A776-430D-9E16-D36E5B81CD86}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A9EF1B6EE1BC69040AFA614391BC79C1] : Lenovo USB Graphics -> C:\Windows\Installer\{E6B1FE9A-CB1E-4096-A0AF-163419CB971C}\controlPanelIcon.exe [HKCR\Installer\Products\B93C4F85649D54A43A41EDCFA2DF3F79] : DisplayLink Core Software -> C:\Windows\Installer\{58F4C39B-D946-4A45-A314-DEFC2AFDF397}\controlPanelIcon.exe [HKCR\Installer\Products\C5A38CAF9CB80EE42AE7C46C481BDE5F] : ActivInspire v1 -> C:\Windows\Installer\{FAC83A5C-8BC9-4EE0-A27E-4CC684B1EDF5}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C9335768C821DD4438FBA0D5A6DB2879] : Lenovo System Update -> C:\Program Files (x86)\Lenovo\System Update\Tvsu.exe [HKCR\Installer\Products\CC67F423DD8D78D47BD74DFAE5A17A3B] : WaveEditor -> C:\Windows\Installer\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\CE358E6D069844D4FA303716BB3922C7] : PowerDVD Create -> C:\Windows\Installer\{D6E853EC-8960-4D44-AF03-7361BB93227C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D39CAE4D2F2108141A52F24457004BFD] : ActivInspire Help (FRA) v1 -> C:\Windows\Installer\{D4EAC93D-12F2-4180-A125-2F447500B4DF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E066CC7BD13FC094DBA2C22BCEA5E5A3] : Intel(R) Chipset Device Software [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\F887AADD6E25AE44DA8B2938B711FB62] : Metric Collection SDK [HKCR\Installer\Products\FA957EC71AF33A99FF2B974A32AE75C3] : Atlas d'Histoire ¤¤¤¤¤¤¤¤¤¤ | ADS ¤¤¤¤¤¤¤¤¤¤ | Drives ¤¤¤¤¤¤¤¤¤¤ | MBR 64 bits not supported by MBR.exe, Dump : Impossible to extract !!!!! ¤¤¤¤¤¤¤¤¤¤( EOF)¤¤¤¤¤¤¤¤¤¤ - 2762 | 16:39:10