¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ QuickDiag | g3n-h@ckm@n | 2_21.06.2016.2 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤ XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ¤¤¤¤¤ - Start 22/06/2016 10:02:58 Updated 21/06/2016 | 23.45 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Gérard (Administrator)] - [GÉRARD-PC] SID = S-1-5-21-4025010814-1608385043-2583931102-1000 System : Windows 7 Home Premium (64 bits) HomePremium Service Pack 1 PC : Acer - Aspire X3400 - Processor : X64 - 2700 Mhz - AMD Athlon(tm) II X2 215 Processor Bios : AMI - 04/02/2010 - V.P01-B1 Default System BIOS - en|US|iso8859-1 - AMI Bios : PTSE2E20320210802C3000 - P01-B1 - ACRSYS - 20100402 Boot : Normal boot Boot : Microsoft Windows 7 Édition Familiale Premium |C:\Windows|\Device\Harddisk0\Partition3 CoreTemp : -1° C - Max : ° C ---------- | CPU CPU #1 value:0 % CPU #2 value:37 % Total Overall CPU Usage value:18 % ---------- | Network Teredo Tunneling Pseudo-Interface : SENT:0 bytes/sec / RECVD:0 bytes/sec SEND Maxium:18 bytes/sec, / RECEIVE Maximum:0 bytes/sec WAN Miniport (SSTP) - - Microsoft - PnPID : ROOT\MS_SSTPMINIPORT\0000 WAN Miniport (IKEv2) - - Microsoft - PnPID : ROOT\MS_AGILEVPNMINIPORT\0000 WAN Miniport (L2TP) - - Microsoft - PnPID : ROOT\MS_L2TPMINIPORT\0000 WAN Miniport (PPTP) - - Microsoft - PnPID : ROOT\MS_PPTPMINIPORT\0000 WAN Miniport (PPPOE) - - Microsoft - PnPID : ROOT\MS_PPPOEMINIPORT\0000 WAN Miniport (IPv6) - - Microsoft - PnPID : ROOT\MS_NDISWANIPV6\0000 WAN Miniport (Network Monitor) - - Microsoft - PnPID : ROOT\MS_NDISWANBH\0000 NVIDIA nForce 10/100/1000 Mbps Ethernet - Ethernet 802.3 - NVIDIA - PnPID : PCI\VEN_10DE&DEV_0760&SUBSYS_80001025&REV_A2\3&267A616A&0&50 WAN Miniport (IP) - - Microsoft - PnPID : ROOT\MS_NDISWANIP\0000 Carte Microsoft ISATAP - Tunnel - Microsoft - PnPID : ROOT\*ISATAP\0000 RAS Async Adapter - - - PnPID : Teredo Tunneling Pseudo-Interface - Tunnel - Microsoft - PnPID : ROOT\*TEREDO\0000 Realtek RTL8188SU Wireless LAN 802.11n USB 2.0 Network Adapter - - - PnPID : Carte Microsoft ISATAP - Tunnel - Microsoft - PnPID : ROOT\*ISATAP\0001 Microsoft Virtual WiFi Miniport Adapter - - - PnPID : Carte Microsoft ISATAP - Tunnel - Microsoft - PnPID : ROOT\*ISATAP\0002 ----------> Quick ¤¤¤¤¤¤¤¤¤¤ | Memory RAM = Total (MB) : 6291 | Free (MB) : 3918 Pagefile = Total (MB) : 12579 | Free (MB) : 9773 Virtual = Total (MB) : 4194 | Free (MB) : 4024 Physical Memory 1 : Capacity: 2147483648 - DIMM1 - Posit.: 0 - Manufacturer: Samsung - PartNumber: M378B5673FH0-CH9 - S/N: F97AF265 Physical Memory 2 : Capacity: 2147483648 - DIMM2 - Posit.: 0 - Manufacturer: Samsung - PartNumber: M378B5673FH0-CH9 - S/N: AB80F265 Physical Memory 3 : Capacity: 2147483648 - DIMM3 - Posit.: 0 - Manufacturer: Samsung - PartNumber: M378B5673FH0-CH9 - S/N: A580F265 ¤¤¤¤¤¤¤¤¤¤ | SID Users Administrateur : [S-1-5-21-4025010814-1608385043-2583931102-500] Gérard : [S-1-5-21-4025010814-1608385043-2583931102-1000] Invité : [S-1-5-21-4025010814-1608385043-2583931102-501] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Utilisateurs : [S-1-5-32-545] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] Utilisateurs du débogueur : [S-1-5-21-4025010814-1608385043-2583931102-1001] ¤¤¤¤¤¤¤¤¤¤ | Drives D:\ -> [Fixed] | [Données] | Total : 458.87 Go | Free : 291.68 Go -> NTFS [ATA] C:\ -> [Fixed] | [Acer] | Total : 458.87 Go | Free : 354.38 Go -> NTFS [ATA] Disk Usage Information [3 total Physical Disks] Physical Drive #0 [C:, D:] : Read:192,172 bytes/sec, Written:706,636 bytes/sec Max Read:192,172 bytes/sec, Max Write:706,636 bytes/sec Physical Drive #1 [G:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #2 [H:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:192,172 bytes/sec, Write Maximum:706,636 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 4 Part. - PnPID : SCSI\DISK&VEN_WDC_WD10&PROD_EARS-22Y5B1\4&FA12E51&0&000000 DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01\058F63616476&0 DeviceID: \\.\PHYSICALDRIVE2 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_MULTIPLE&PROD_FLASH_READER&REV_1.05\058F63616476&1 ¤¤¤¤¤¤¤¤¤¤ | Windows updates Last detection : 2016-06-22 07:32:31 Downloaded last ones : 2016-06-21 06:54:37 Installed last ones : 2016-06-21 06:54:43 Next search : 2016-06-23 01:34:56 Microsoft : + ¤¤¤¤¤¤¤¤¤¤ | Browsers IE : 11.0.9600.18347 (© Microsoft Corporation. Tous droits réservés.) FF : 47.0.0.5999 (©Firefox and Mozilla Developers; available under the MPL 2 license.) Default : "C:\Users\Gérard\AppData\Local\Google\Chrome\Application\chrome.exe" -- "%1" ¤¤¤¤¤¤¤¤¤¤ | FlashPlayer FlashPlayer ActiveX : 22.0.0.192 FlashPlayer Plugin : 22.0.0.192 ¤¤¤¤¤¤¤¤¤¤ | Security AM : Malwarebytes' Anti-Malware ( 2.3.173.0) [Update : 26/06/2014 18:28:10] FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Auto(2)] = Running AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Auto(2)] = Running ¤¤¤¤¤¤¤¤¤¤ | Running processes 352 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7601.23418) = C:\Windows\System32\smss.exe CPU Usage:0 % 572 | [Owner : | Parent : 500(svchost.exe) | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe CPU Usage:0 % 640 | [Owner : | Parent : 580() | ?????] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.1.7601.18540) = C:\Windows\System32\winlogon.exe CPU Usage:0 % 688 | [Owner : | Parent : 572(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.1.7601.18829) = C:\Windows\System32\services.exe CPU Usage:0 % 696 | [Owner : | Parent : 572(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.23452) = C:\Windows\System32\lsass.exe CPU Usage:0 % 704 | [Owner : | Parent : 572(wininit.exe) | ?????] - (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe CPU Usage:0 % 804 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 900 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 948 | [Owner : | Parent : 688(services.exe) | ?????] - (.AMD - AMD External Events Service Module.) - (6.14.11.1051) = C:\Windows\System32\atiesrxx.exe CPU Usage:0 % 252 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 436 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 500 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 916 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1104 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1164 | [Owner : | Parent : 948(atiesrxx.exe) | ?????] - (.AMD - AMD External Events Client Module.) - (6.14.11.1051) = C:\Windows\System32\atieclxx.exe CPU Usage:0 % 1276 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1368 | [Owner : | Parent : 688(services.exe) | ?????] - (.AVAST Software - avast! Service.) - (11.2.2738.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe CPU Usage:0 % 1552 | [Owner : Gérard | Parent : 436(svchost.exe) | 35.44 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe CPU Usage:0 % 1576 | [Owner : Gérard | Parent : 1544() | 59.12 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.23418) = C:\Windows\explorer.exe CPU Usage:0 % 1636 | [Owner : Gérard | Parent : 688(services.exe) | 13.74 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe CPU Usage:0 % 1748 | [Owner : | Parent : 916(svchost.exe) | ?????] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe CPU Usage:0 % 1756 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe CPU Usage:0 % 1792 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1908 | [Owner : Gérard | Parent : 1576(explorer.exe) | 10.69 Mo] - (.Realtek Semiconductor - HD Audio Control Panel.) - (1.0.0.386) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe CPU Usage:0 % 1916 | [Owner : Gérard | Parent : 1576(explorer.exe) | 10.69 Mo] - (.Egis Technology Inc. - MyWinLocker.) - (3.1.206.0) = C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe CPU Usage:0 % 1504 | [Owner : Gérard | Parent : 1576(explorer.exe) | 26.34 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.103) = C:\Users\Gérard\AppData\Local\Google\Chrome\Application\chrome.exe CPU Usage:0 % 2212 | [Owner : | Parent : 688(services.exe) | ?????] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.18.4103) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe CPU Usage:0 % 2344 | [Owner : Gérard | Parent : 2136() | 0.54 Mo] - (.Microsoft Corporation - GWX.) - (6.3.9600.18345) = C:\Windows\System32\GWX\GWX.exe CPU Usage:0 % 2440 | [Owner : Gérard | Parent : 1576(explorer.exe) | 55.16 Mo] - (.Microsoft Corporation - Gadgets du Bureau Windows.) - (6.1.7601.17514) = C:\Program Files\Windows Sidebar\sidebar.exe CPU Usage:0 % 2468 | [Owner : Gérard | Parent : 1576(explorer.exe) | 7.22 Mo] - (.TomTom - System Tray application for TomTom HOME.) - (2.9.8.3722) = C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe CPU Usage:0 % 2632 | [Owner : Gérard | Parent : 1576(explorer.exe) | 13.34 Mo] - (.- Ditto.) - (3.17.0.17) = C:\Program Files (x86)\Ditto\Ditto.exe CPU Usage:0 % 2912 | [Owner : Gérard | Parent : 2764() | 12.12 Mo] - (.- Hotkey Utility.) - (2.5.3003.0) = C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe CPU Usage:0 % 3000 | [Owner : Gérard | Parent : 2764() | 15.35 Mo] - (.Egis Technology Inc. - PMM Update Application.) - (1.1.31.0) = C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe CPU Usage:0 % 3008 | [Owner : Gérard | Parent : 2764() | 8.56 Mo] - (.CyberLink Corp. - Arcade Movie Resident Program.) - (5.0.0.0) = C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe CPU Usage:0 % 3044 | [Owner : Gérard | Parent : 2992() | 1.11 Mo] - (.Piriform Ltd - CCleaner.) - (5.18.0.5607) = C:\Program Files (x86)\CCleaner\CCleaner64.exe CPU Usage:0 % 1840 | [Owner : Gérard | Parent : 2764() | 17.94 Mo] - (.AVAST Software - avast! Antivirus.) - (11.2.2738.16) = C:\Program Files\AVAST Software\Avast\avastui.exe CPU Usage:0 % 2124 | [Owner : Gérard | Parent : 2764() | 3.72 Mo] - (.Hewlett-Packard - hpwuSchd Application.) - (80.1.1.0) = C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe CPU Usage:0 % 2172 | [Owner : Gérard | Parent : 2764() | 28.44 Mo] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) - (2.4.40.129) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe CPU Usage:0 % 2144 | [Owner : Gérard | Parent : 2764() | 42.48 Mo] - (.- ProductUpdater.) - (1.0.2.0) = C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe CPU Usage:0 % 472 | [Owner : Gérard | Parent : 2764() | 5.34 Mo] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.91.14) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe CPU Usage:0 % 2052 | [Owner : Gérard | Parent : 1576(explorer.exe) | 15.25 Mo] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) - (140.0.212.0) = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe CPU Usage:0 % 2768 | [Owner : Gérard | Parent : 2956() | 8.33 Mo] - (.Egis Technology Inc. - EgisUpdate Release Application.) - (1.1.31.0) = C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe CPU Usage:0 % 3160 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Updates Skype Click to Call.) - (8.3.0.9150) = C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe CPU Usage:0 % 3232 | [Owner : Gérard | Parent : 2816() | 7.5 Mo] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) - (2.0.0.0) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe CPU Usage:0 % 3464 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) - (8.3.0.9150) = C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe CPU Usage:0 % 3512 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 3584 | [Owner : | Parent : 688(services.exe) | ?????] - (.Acer Incorporated - Global Registration Service.) - (1.0.2001.0) = C:\Program Files (x86)\Acer\Registration\GregHSRW.exe CPU Usage:0 % 3644 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\SysWOW64\svchost.exe CPU Usage:0 % 3672 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Machine Debug Manager.) - (7.0.9466.0) = C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE CPU Usage:0 % 3792 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1284 | [Owner : Gérard | Parent : 3232(MOM.exe) | 17.09 Mo] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) - (2.0.0.0) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe CPU Usage:0 % 3304 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 3752 | [Owner : | Parent : 688(services.exe) | ?????] - (.Realtek - RtlService MFC Application.) - (700.1005.121.2010) = C:\Program Files (x86)\BeeWi\BeeWi Wireless Monitor\RtlService.exe CPU Usage:0 % 4032 | [Owner : | Parent : 688(services.exe) | ?????] - (.- RichVideo Module.) - (2.0.0.2930) = C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe CPU Usage:0 % 3912 | [Owner : | Parent : 3752(RtlService.exe) | ?????] - (.Realtek Semiconductor Corp. - RtWLan ( For Vista / Win7) Application(External Registrar).) - (700.1609.325.2010) = C:\Program Files (x86)\BeeWi\BeeWi Wireless Monitor\RtWLan.exe CPU Usage:0 % 656 | [Owner : | Parent : 688(services.exe) | ?????] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - (2.4.40.217) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe CPU Usage:0 % 1980 | [Owner : | Parent : 688(services.exe) | ?????] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - (2.4.40.77) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe CPU Usage:0 % 2716 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1672 | [Owner : | Parent : 688(services.exe) | ?????] - (.TomTom - Windows Service for TomTom HOME.) - (2.9.8.3722) = C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe CPU Usage:0 % 3828 | [Owner : | Parent : 688(services.exe) | ?????] - (.Acer Group - Updater Service.) - (1.0.0.8) = C:\Program Files\Acer\Acer Updater\UpdaterService.exe CPU Usage:0 % 3860 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4311.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE CPU Usage:0 % 4108 | [Owner : | Parent : 688(services.exe) | ?????] - (.Safer-Networking Ltd. - Windows Security Center integration..) - (2.3.39.2) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe CPU Usage:0 % 4196 | [Owner : | Parent : 3860(WLIDSVC.EXE) | ?????] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4311.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE CPU Usage:0 % 4368 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 4632 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe CPU Usage:0 % 4920 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 5048 | [Owner : Gérard | Parent : 2912(HotkeyUtility.exe) | 32.5 Mo] - (.Microsoft - Hotkey Utility 2.5.) - (2.5.3001.0) = C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUI.exe CPU Usage:0 % 5068 | [Owner : Gérard | Parent : 804(svchost.exe) | 5.8 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) = C:\Windows\System32\wbem\unsecapp.exe CPU Usage:0 % 5264 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 6132 | [Owner : Gérard | Parent : 2052(hpqtra08.exe) | 11.26 Mo] - (.Hewlett-Packard Co. - HP CUE Status Root.) - (140.0.212.0) = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe CPU Usage:0 % 4464 | [Owner : Gérard | Parent : 804(svchost.exe) | 5.78 Mo] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) - (140.0.323.0) = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe CPU Usage:0 % 5408 | [Owner : Gérard | Parent : 804(svchost.exe) | 10.12 Mo] - (.Hewlett-Packard - GPCore COM object.) - (130.0.14.16) = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe CPU Usage:0 % 4236 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe CPU Usage:0 % 4544 | [Owner : | Parent : 688(services.exe) | ?????] - (.Microsoft Corporation - Programme d’installation pour les modules Windows.) - (6.1.7601.17514) = C:\Windows\servicing\TrustedInstaller.exe CPU Usage:0 % 5904 | [Owner : Gérard | Parent : 2972() | 148.93 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.103) = C:\Users\Gérard\AppData\Local\Google\Chrome\Application\chrome.exe CPU Usage:0 % 4192 | [Owner : Gérard | Parent : 5904(chrome.exe) | 4.78 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.103) = C:\Users\Gérard\AppData\Local\Google\Chrome\Application\chrome.exe CPU Usage:0 % 4300 | [Owner : Gérard | Parent : 5904(chrome.exe) | 57.24 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.103) = C:\Users\Gérard\AppData\Local\Google\Chrome\Application\chrome.exe CPU Usage:0 % 1092 | [Owner : Gérard | Parent : 5904(chrome.exe) | 131.11 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.103) = C:\Users\Gérard\AppData\Local\Google\Chrome\Application\chrome.exe CPU Usage:0 % 2056 | [Owner : Gérard | Parent : 5904(chrome.exe) | 142.43 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.103) = C:\Users\Gérard\AppData\Local\Google\Chrome\Application\chrome.exe CPU Usage:0 % 1144 | [Owner : Gérard | Parent : 5904(chrome.exe) | 228.74 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.103) = C:\Users\Gérard\AppData\Local\Google\Chrome\Application\chrome.exe CPU Usage:0 % 840 | [Owner : | Parent : 252(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (6.1.7601.18741) = C:\Windows\System32\audiodg.exe CPU Usage:0 % 5924 | [Owner : Gérard | Parent : 1576(explorer.exe) | 22.53 Mo] - (.SosVirus - QuickDiag.) - (21.6.2016.2) = C:\Users\Gérard\Desktop\QuickDiag.exe CPU Usage:0 % ¤¤¤¤¤¤¤¤¤¤ | MD5 [MD5.9DA3B83F80E205B6C601EEE1312FD0A0] - [16/06/2016 15:45:35] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3155.5 Ko] - (6.1.7601.23418) : C:\Windows\Explorer.exe [MD5.5746BD7E255DD6A8AFA06F7C42C1BA41] - [24/06/2011 08:54:51] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [337 Ko] - (6.1.7601.17514) : C:\Windows\System32\cmd.exe [MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [14/07/2009 01:19:49] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [7.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\csrss.exe [MD5.A8EDB86FC2A4D6D1285E4C70384AC35A] - [14/07/2009 01:59:17] - (.© Microsoft Corporation. - COM Surrogate.) - [9.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\dllhost.exe [MD5.ACEDF96749861DB3DA92AE9B9D94FE72] - [22/05/2016 15:44:15] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [1136 Ko] - (6.1.7601.23418) : C:\Windows\System32\Kernel32.dll [MD5.C8A7F80DB5C193DD67747A1BA4B1782E] - [16/06/2016 15:46:55] - (.© Microsoft Corporation. - Local Security Authority Process.) - [30 Ko] - (6.1.7601.23452) : C:\Windows\System32\lsass.exe [MD5.622C96AFB07BB82C8650B47172137AC4] - [14/04/2016 12:56:12] - (.© Microsoft Corporation. - Distributed COM Services.) - [499.5 Ko] - (6.1.7601.19143) : C:\Windows\System32\rpcss.dll [MD5.DD81D91FF3B0763C392422865C9AC12E] - [14/07/2009 01:57:20] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [44.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\rundll32.exe [MD5.71C85477DF9347FE8E7BC55768473FCA] - [13/05/2015 09:12:44] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [321 Ko] - (6.1.7601.18829) : C:\Windows\System32\services.exe [MD5.C78655BC80301D76ED4FEF1C1EA40A7D] - [14/07/2009 01:31:13] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [26.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\svchost.exe [MD5.06BF84D26A05D400F6B3FB3D3DE0B03A] - [22/01/2016 12:00:21] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [985 Ko] - (6.1.7601.19061) : C:\Windows\System32\user32.dll [MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [24/06/2011 08:53:58] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [30 Ko] - (6.1.7601.17514) : C:\Windows\System32\userinit.exe [MD5.94355C28C1970635A31B3FE52EB7CEBA] - [14/07/2009 01:52:37] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [126 Ko] - (6.1.7600.16385) : C:\Windows\System32\Wininit.exe [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - [16/10/2014 08:10:34] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [444.5 Ko] - (6.1.7601.18540) : C:\Windows\System32\Winlogon.exe [MD5.9A4A1EEE802BF2F878EE8EAB407B21B7] - [11/11/2015 11:36:53] - (.© Microsoft Corporation. Tous droits réservés. - Ancillary Function Driver for WinSock.) - [486 Ko] - (6.1.7601.19031) : C:\Windows\System32\Drivers\afd.sys [MD5.02062C0B390B7729EDC9E69C680A6F3C] - [14/07/2009 01:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\atapi.sys [MD5.059F00DEF82BF41E433B7ED465847726] - [16/09/2013 08:36:33] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [151.94 Ko] - (6.1.7601.18231) : C:\Windows\System32\Drivers\ataport.sys [MD5.B8BD2BB284668C84865658C77574381A] - [14/07/2009 01:19:47] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\cdfs.sys [MD5.F036CE71586E93D94DAB220D7BDF4416] - [24/06/2011 08:50:20] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\cdrom.sys [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - [24/06/2011 08:50:54] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [100 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\dfsc.sys [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - [24/06/2011 08:50:19] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [119.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\hdaudbus.sys [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - [14/07/2009 01:19:58] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [103 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\i8042prt.sys [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - [14/07/2009 02:10:03] - (.© Microsoft Corporation. - IP Network Address Translator.) - [113.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\ipnat.sys [MD5.10112D850C844606419C79EE24EE6016] - [16/06/2016 15:46:55] - (.© Microsoft Corporation. - Windows NT SMB Minirdr.) - [156 Ko] - (6.1.7601.23452) : C:\Windows\System32\Drivers\mrxsmb.sys [MD5.F7309F42555F8AAB7144A51A1F2585B0] - [11/11/2015 11:36:30] - (.© Microsoft Corporation. Tous droits réservés. - Pilote NDIS 6.20.) - [928.44 Ko] - (6.1.7601.19030) : C:\Windows\System32\Drivers\ndis.sys [MD5.E47D571FEC2C76E867935109AB2A770C] - [16/06/2016 15:45:43] - (.© Microsoft Corporation. - MBT Transport driver.) - [256 Ko] - (6.1.7601.23451) : C:\Windows\System32\Drivers\netbt.sys [MD5.47B2D0B31BDC3EBE6090228E2BA3764D] - [22/03/2016 18:36:32] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [1644.94 Ko] - (6.1.7601.19116) : C:\Windows\System32\Drivers\ntfs.sys [MD5.0086431C29C35BE1DBC43F52CC273887] - [14/07/2009 02:00:41] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [95 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\parport.sys [MD5.471815800AE33E6F1C32FB1B97C490CA] - [24/06/2011 08:54:33] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [126.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\rasl2tp.sys [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - [14/07/2009 02:09:09] - (.© Microsoft Corporation. - SMB Transport driver.) - [91 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\smb.sys [MD5.D6AB7C13FCDD2E4CAC35244D2C172D9A] - [24/01/2011 12:20:43] - (.Copyright (C) 2004-2012 - SCSI Pass Through Direct Host.) - [551.59 Ko] - (1.83.0.0) : C:\Windows\System32\Drivers\sptd.sys [MD5.04ADD18EE5CC9FBEDAEC1DD1CD0CB45E] - [19/06/2014 16:21:22] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [1858.94 Ko] - (6.1.7601.18438) : C:\Windows\System32\Drivers\tcpip.sys [MD5.AA77EB517D2F07A947294F260E3ACA83] - [11/11/2015 11:36:54] - (.© Microsoft Corporation. - TDI Translation Driver.) - [115.5 Ko] - (6.1.7601.19031) : C:\Windows\System32\Drivers\tdx.sys [MD5.0D08D2F3B3FF84E433346669B5E0F639] - [24/06/2011 08:54:44] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [288.88 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\volsnap.sys ¤¤¤¤¤¤¤¤¤¤ | Locked Applications ¤¤¤¤¤¤¤¤¤¤ | Explorer.exe component call (Microsoft Files Whitelisted) (.AVAST Software.-.avast! Shell Extension.) - (11.2.2738.0) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll (.Dropbox, Inc..-.Dropbox Shell Extension.) - (1.0.0.34) -- C:\Users\Gérard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (.Egis Technology Inc..-.PSD DragDrop Protection.) - (3.1.206.0) -- C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll (.Egis Technology Inc..-.WinLocker System Environment Library.) - (3.1.206.0) -- C:\Program Files (x86)\EgisTec MyWinLocker\x64\sysenv.dll (.Igor Pavlov.-.7-Zip Shell Extension.) - (16.2.0.0) -- C:\Program Files\7-Zip\7-zip.dll (..-..) - (0.0.0.0) -- C:\Program Files\Unlocker\UnlockerCOM.dll (.Malwarebytes.-.Malwarebytes Anti-Malware.) - (3.1.1.0) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll (.Safer-Networking Ltd..-.Windows Explorer context menu integration.) - (2.3.39.113) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll (.Egis Technology Inc..-.Shell Extention.) - (3.1.206.0) -- C:\Program Files (x86)\EgisTec MyWinLocker\x64\mwlshellext.dll ¤¤¤¤¤¤¤¤¤¤ | Svchost.exe component call (Microsoft Files Whitelisted) (.Hewlett-Packard Co..-.HP CUE DeviceDiscovery Service.) - (140.0.212.0) -- C:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll (.Hewlett-Packard Co..-.HP CUE DeviceDiscovery Common Library.) - (140.0.212.0) -- C:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll (.Hewlett-Packard Co..-.HP CUE Context Manager Objects.) - (140.0.323.0) -- C:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll (.Hewlett-Packard Co..-.HP CUE/AiO Context Information Objects.) - (140.0.323.0) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpocxi08.dll (.Hewlett-Packard Co..-.HP OfficeJet COM Common Objects.) - (140.0.323.0) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll (.Hewlett-Packard.-.Dot4Net Module.) - (12.2.6.51) -- C:\windows\system32\hpzinw12.dll (.Hewlett-Packard.-.PmlDrv Module.) - (12.2.6.51) -- C:\windows\system32\hpzipm12.dll (.Hewlett-Packard Co..-.HP Network Devices Support.) - (140.0.331.0) -- C:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll ¤¤¤¤¤¤¤¤¤¤ | ZeroAccess Check Zaccess : C:\Users\Gérard\AppData\Local\Dropbox [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ¤¤¤¤¤¤¤¤¤¤ | Startings up [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [HKU\S-1-5-18\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Gérard\AppData\Local\Google\Update\GoogleUpdate.exe" /c "2A453444A185159E7F307E2E5075A290C4BD4153._service_run"="C:\Users\Gérard\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun "CCleaner Monitoring"="C:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "Dropbox Update"="C:\Users\Gérard\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c "Ditto"=C:\Program Files (x86)\Ditto\Ditto.exe [19/06/2016 17:18:32] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #2"=C:\Users\Gérard\AppData\Local\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session -- https://www.google.fr/search?q=peut+on+faire+fonctionner+logitech+quickcam+pro+4000+pour+windows+7&oq=peut+on+faire+fonctionner+logitech+quickcam+pro+4000+pour+windows+7&aqs=chrome..69i57.912j0j7&sourceid=chrome&ie=UTF-8 [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"=C:\Windows\System32\mctadmin.exe [14/07/2009 01:54:49] [HKU\S-1-5-20\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"=C:\Windows\System32\mctadmin.exe [14/07/2009 01:54:49] [HKU\S-1-5-19\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16/03/2010 01:37:09] "mwlDaemon"=C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [01/02/2010 20:05:02] [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "MDS_Menu"="C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6" "Hotkey Utility"=C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [26/03/2010 04:29:36] "EgisUpdate"="C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d "EgisTecPMMUpdate"="C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" "ArcadeMovieService"="C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [30/05/2013 15:50:10] ""= "SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" "ProductUpdater"=C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [14/02/2016 15:14:30] "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 ¤¤¤¤¤¤¤¤¤¤ | Startings up registry ¦ Folder [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dropbox Update] : "C:\Users\Gérard\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EaseUS EPM tray] : C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe [01/04/2016 14:01:57] [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IDMan] : C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NortonOnlineBackupReminder] : "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED ¤¤¤¤¤¤¤¤¤¤ | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "RCDependentServices"=CertPropSvc SessionEnv "NotificationTimeOut"=0 "SnapshotMonitors"=1 "ProductVersion"=5.1 "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "fDenyTSConnections"=1 "StartRCM"=0 "TSAdvertise"=0 "DeleteTempDirsOnExit"=1 "fSingleSessionPerUser"=1 "PerSessionTempDir"=0 "TSUserEnabled"=0 "InstanceID"=6df95166-1d57-46fd-9657-0f5a3f8 "fCredentialLessLogonSupported"=1 "fCredentialLessLogonSupportedTSS"=1 "fCredentialLessLogonSupportedKMRDP"=1 [HKLM\System\CurrentControlSet\Control\Session Manager] "CriticalSectionTimeout"=2592000 "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "ProcessorControl"=2 "ResourceTimeoutCount"=648000 "BootExecute"=autocheck autochk * sdnclean64.exe "ExcludeFromKnownDlls"= "ObjectDirectories"=\Windows \RPC Control "ProtectionMode"=1 "NumberOfInitialSessions"=2 "SetupExecute"= [HKLM\System\CurrentControlSet\Control] "PreshutdownOrder"=wuauserv gpsvc trustedinstaller "WaitToKillServiceTimeout"=12000 "CurrentUser"=USERNAME "BootDriverFlags"=0 "ServiceControlManagerExtension"=%systemroot%\system32\scext.dll "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(3) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(2) [HKLM\System\CurrentControlSet\Control\lsa] "auditbaseobjects"=0 "auditbasedirectories"=0 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "Bounds"=0x0030000000200000 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=scecli "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u livessp "Authentication Packages"=msv1_0 "LsaPid"=696 "SecureBoot"=1 "ProductType"=3 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 ¤¤¤¤¤¤¤¤¤¤ | .LNK C:\Users\Gérard\AppData\Local\Google\Chrome\User Data\Lanceur d'applications Google Chrome.lnk (--show-app-list) C:\Users\Gérard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Veille prolongée.lnk (powrprof.dll, SetSuspendState 0,1,0) C:\Users\Gérard\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk (/sendto:) C:\Users\Gérard\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk (--sendto) C:\Users\Gérard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk (/home) C:\Users\Gérard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Lanceur d'applications Google Chrome.lnk (--show-app-list) C:\Users\Gérard\Desktop\Computer Management.lnk (/s) C:\Users\Gérard\Desktop\Veille prolongée.lnk (powrprof.dll, SetSuspendState 0,1,0) C:\Users\Gérard\Desktop\DropBox\Dropbox (Mise en route).lnk (/home) C:\Users\Gérard\Desktop\Jeux\Scrabble® 2003 Edition.lnk (1) C:\Users\Gérard\Desktop\Navigateurs\SFR.lnk (/URL01) C:\Users\Gérard\Desktop\Photos - Images Animations - Vidéo\Animations\E-Anim (Création d'animations).lnk (C:\Users\Gérard\Documents\e-anim\!run.bat) C:\Users\Gérard\Desktop\TomTom\TomTom HOME 2.lnk ("") C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk (/name Microsoft.DefaultPrograms) C:\ProgramData\Microsoft\Windows\Start Menu\Nouveau document Office.lnk (-n) C:\ProgramData\Microsoft\Windows\Start Menu\Ouvrir un document Office.lnk (-f) C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk (startmenu) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk (/showgadgets) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk (/open) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk (%SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk (-SpeechUX) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk (/res) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Hotkey Utility.lnk (Hotkey Utility) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Identity Card.lnk (Identity Card) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk (-NoExit -ImportSystemModules) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Annuaire\Samples\France.lnk (http://belovak.sourceforge.net/Exemples/Data/France.txt) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Annuaire\Samples\Postal Codes.lnk (http://belovak.sourceforge.net/Exemples/geonames_fr.txt) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\BoostSpeed\Utilities\Auslogics Console Defragmentation.lnk (/K "C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\cdefrag.exe") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeeWi\BeeWi Wireless Monitor.lnk (/1) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeeWi\Uninstall.lnk (-uninst -l0x40C) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\Aide.lnk (Start Help -help) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\CCC - Assistant.lnk (Start Wizard) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\CCC - Avancé.lnk (Start Dashboard) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\CCC.lnk (Start CCC) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\Redémarrer Runtime.lnk (Restart) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow\Configuration décodeur audio.lnk (ffdshow.ax,configureAudio) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow\Configuration décodeur vidéo.lnk (ffdshow.ax,configure) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow\Configuration VFW.lnk (ff_vfw.dll,configureVFW) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Démarrer Google Earth en mode DirectX.lnk (-setDX) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Démarrer Google Earth en mode OpenGL.lnk (-setOGL) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Désinstaller Google Earth.lnk (/x {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter\Media Splitter Settings.lnk (splitter.ax,Configure) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Deskjet F4500 series\Aide.lnk (/product-class=HP Deskjet F4500 Series) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Deskjet F4500 series\Ajouter un périphérique.lnk (-addadevice) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Deskjet F4500 series\Configurer le périphérique réseau.lnk (-addadevice -usbsetup) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Deskjet F4500 series\Désinstaller.lnk (-datfile hposcr46.dat -onestop -forcereboot) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Deskjet F4500 series\Enregistrement du produit.lnk ("HP Deskjet F4500 series") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Deskjet F4500 series\USB vers sans fil.lnk (-addadevice -usbtowireless) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\A propos de Java.lnk (-tab about) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Rechercher les mises à jour.lnk (-tab update) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk (/name Microsoft.BackupAndRestore) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Outils Microsoft Office\Microsoft Office 2003 Assistant Enregistrement des paramètres personnels.lnk (/u) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Outils Microsoft Office\Récupération d'applications Microsoft Office.lnk (-c) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual SourceSafe\Analyze & Fix VSS DB.lnk (-f -c -d -v1 "C:\Program Files (x86)\Microsoft Visual Studio\Common\VSS\data") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual SourceSafe\Analyze VSS DB.lnk (-x -v1 "C:\Program Files (x86)\Microsoft Visual Studio\Common\VSS\data") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero Online Upgrade.lnk (ShowOffer) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 9\Nero Express Essentials SE.lnk (/w) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NovaLogic\Comanche 4\Désinstaller.lnk (-f"C:\Program Files (x86)\NovaLogic\Comanche 4\Uninst.isu") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Configurer la Visionneuse de photos Picasa.lnk (/reconfig) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk () �2r;Z hpqtra08.exeF�r;ZW=�`* chpqtra08.exem1l C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom\Désinstaller TomTom HOME 2.lnk (/x {5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk (--reset-config --reset-plugins-cache vlc://quit) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk (--reset-config --reset-plugins-cache vlc://quit) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk (-Iskins) ¤¤¤¤¤¤¤¤¤¤ | AppCertDlls | AppInit_DLLs [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_Dlls"=c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll ¤¤¤¤¤¤¤¤¤¤ | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ¤¤¤¤¤¤¤¤¤¤ | Policies | Registry [HKU\S-1-5-18\Control Panel\Desktop] "DragFullWindows"=1 "FontSmoothing"=2 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "UserPreferencesMask"=0x9E3E038012000000 [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Control Panel\Desktop] "ScreenSaveActive"=1 "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "UserPreferencesMask"=0x9E3E078012000000 "ScreenSaveTimeOut"=600 "Wallpaper"=C:\Users\Gérard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg [04/07/2014 13:11:27] "ScreenSaverIsSecure"=0 [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003328000000000000000000000000000001000000120000000000000022000000 "CleanShutdown"=0 "Browse For Folder Width"=347 "Browse For Folder Height"=341 "link"=0x1E000000 [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=1 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "SuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=4 "TaskbarSizeMove"=1 "DisablePreviewDesktop"=0 "TaskbarSmallIcons"=0 "TaskbarGlomLevel"=0 "Start_NotifyNewApps"=1 "Start_ShowRun"=1 "Start_MinMFU"=10 "Start_JumpListItems"=10 "Start_AdminToolsRoot"=0 "StartMenuAdminTools"=1 "Start_PowerButtonAction"=2 "NavPaneShowAllFolders"=0 "NavPaneExpandToCurrentFolder"=1 "AlwaysShowMenus"=1 ""=0 [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery] "MRUListEx"=0x020000000100000000000000FFFFFFFF "0"=0x69006500780070006C006F007200650072000000 "1"=0x6500780070006C006F007200650072000000 "2"=0x61006300650072000000 [HKU\S-1-5-20\Control Panel\Desktop] "ScreenSaveActive"=1 "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 [HKU\S-1-5-19\Control Panel\Desktop] "ScreenSaveActive"=1 "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "SoftwareSASGeneration"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=20 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "SoftwareSASGeneration"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=488 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ¤¤¤¤¤¤¤¤¤¤ | Winlogon [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin "BuildNumber"=7601 "FirstLogon"=0 "ParseAutoexec"=1 [HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin [HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Userinit"=C:\Windows\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "ShutdownWithoutLogon"=0 "WinStationsDisabled"=0 "DisableCAD"=1 "scremoveoption"=0 "ShutdownFlags"=43 "allocatecdroms"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "DefaultDomainName"= "DefaultUserName"= "Userinit"=userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile ¤¤¤¤¤¤¤¤¤¤ | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\WOW6432Node\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""= [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"= [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Users\Gérard\AppData\Local\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Users\Gérard\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [16/06/2016 16:20:18] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command] ""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" [HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\InstallInfo] "ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Users\Gérard\AppData\Local\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Users\Gérard\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [16/06/2016 16:20:18] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command] ""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\InstallInfo] "ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser ¤¤¤¤¤¤¤¤¤¤ | AppcompatFlags [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Users\ADMINI~1\AppData\Local\Temp\AIRFC19.tmp\Adobe AIR Installer.exe"=1 "C:\Users\ADMINI~1\AppData\Local\Temp\AIRE33.tmp\Adobe AIR Installer.exe"=1 [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe"=2 "SIGN.MEDIA=180988 Pour nouveau PC\Programme d'installation de Backup Thunderbird et FireFox\MozBackup-1.4.10-EN.exe"=1 "C:\Program Files (x86)\HP\Digital Imaging\{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}\hpzstub.exe"=1 "SIGN.MEDIA=2132D3 Pour nouveau PC\Ditto\ditto_ditto_3.16.8_francais_17799.exe"=1 "SIGN.MEDIA=3D78CE Pour nouveau PC\PowerpointImagesExtractor\PowerpointImageExtractor_V1_2_setup.exe"=1 "SIGN.MEDIA=24B790 Pour nouveau PC\Revo Uninstaller\revouninstaller_revouninstaller_1.89_francais_39528.exe"=1 "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe"=1 "SIGN.MEDIA=110B900 Pour nouveau PC\PDFCreator\pdfcreator_pdfcreator_1.0.2_francais_11085.exe"=1 "SIGN.MEDIA=26A3A5 Pour nouveau PC\Formulaire et Annuaire et Date\Formulaire\Formulaire setup avec Info Pages.exe"=1 "SIGN.MEDIA=71731 Pour nouveau PC\Formulaire et Annuaire et Date\Date\Date Setup.exe"=1 "SIGN.MEDIA=16446C Pour nouveau PC\Formulaire et Annuaire et Date\Annuaire\Annuaire Setup.exe"=1 "C:\Users\Gérard\AppData\Local\Google\Chrome\Application\chrome.exe"=1 "SIGN.MEDIA=4C215 Pour nouveau PC\Icones Bureau\Icones Bureau setup.exe"=1 "SIGN.MEDIA=1B2FDE Pour nouveau PC\Nombre\setup.exe"=1 "SIGN.MEDIA=A2A373 AUTORUN\AUTORUN.EXE"=2 "SIGN.MEDIA=C17D0 absetup.exe"=1 "C:\Program Files\Preload\Skype\SkypeSetup.exe"=1 "SIGN.MEDIA=314BA setup.exe"=1 "SIGN.MEDIA=979669B Office XP Pro 2003 FR\SETUPSTD.EXE"=1 "SIGN.MEDIA=B3043C4 Office2003SP3-KB923618-FullFile-FRA.exe"=1 "SIGN.MEDIA=B3043C4 FileFormatConverters.exe"=1 "SIGN.MEDIA=CB88775 SETUP.EXE"=1 "SIGN.MEDIA=979669B Office XP Pro 2003 FR\SETUPPUB.EXE"=1 "SIGN.MEDIA=979669B Office XP Pro 2003 FR\SETUPPRO.EXE"=1 "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe"=1 "C:\Program Files (x86)\DVDVideoSoft\Free Video to MP3 Converter\FreeVideoToMP3Converter.exe"=2 "SIGN.MEDIA=5A48C Setup.exe"=1 "C:\Program Files\CDBurnerXP\unins000.exe"=1 "C:\Program Files (x86)\TomTom HOME 2\TomTomHOME.exe"=1 "D:\Mes Documents\Mes Prog VB5 & 6\MesProg VB6\Empaquetages pour installations prog\Empaquetage (Formulaire)\Setup.exe"=1 "SIGN.MEDIA=7A732D5 Autorun.exe"=1 "C:\Program Files (x86)\Evernote\Evernote\Evernote.exe"=1 "SIGN.MEDIA=8D42B9C Boite à Outils (prog d'installation 1-07-2013)\OCCTPT3.0.1.exe"=1 "SIGN.MEDIA=97BC186C autorun.exe"=1 "SIGN.MEDIA=127B0E30 ScrabbleAutorun.exe"=1 "D:\Mes prog d'installation\TomTom Home & Maxi Box\tomtomax_maxibox_v3.4.0.exe"=1 "D:\Mes prog d'installation\TeamViewer\TeamViewer_Setup_fr.exe"=1 "C:\Program Files (x86)\Google\Picasa3\PicasaPhotoViewer.exe"=1 "D:\Mes prog d'installation\Compiler\InnoSetup\InnoSetup 5-2-3\isetup-5.2.3.exe"=1 "C:\Program Files (x86)\Inno Setup 5\Compil32.exe"=1 "D:\Mes prog d'installation\Compiler\IsTools\istool-5.2.1.exe"=1 "D:\Mes prog d'installation\Avast\avast-antivirus-gratuit-2014_9-0-2007_fr_11113.exe"=1 "D:\Mes prog d'installation\Internet Video Converter\IVC_hd_5.50.exe"=1 "C:\Users\Gérard\AppData\Local\Evernote\Evernote\AutoUpdate\Evernote_5.3.1.3363.exe"=1 "D:\Mes prog d'installation\Skype\skype_6-11_fr_11171.exe"=1 "D:\Mes prog d'installation\DropBox\dropbox_dropbox_1.6_francais_359270.exe"=1 "D:\Mes prog d'installation\Free Download Manager\fdminst.exe"=1 "C:\Users\Gérard\AppData\Local\Evernote\Evernote\AutoUpdate\Evernote_5.6.4.4632.exe"=1 "D:\Mes prog d'installation\Spyboot\spybot-search-destroy_2-3-01-10-2014_en_10965.exe"=1 "D:\Mes prog d'installation\Scratch\ScratchInstaller1.4.exe"=1 "D:\Mes prog d'installation\Format Factory (conversions vidéos)\formatfactory_3-5-0-0_fr_223920.exe"=1 "D:\Mes prog d'installation\Renommer des fichiers\lupas-rename_lupas_rename_5.0_francais_11185.exe"=1 "C:\Users\Gérard\AppData\Local\Evernote\Evernote\AutoUpdate\Evernote_5.8.1.6061.exe"=1 "C:\Users\Gérard\AppData\Local\Evernote\Evernote\AutoUpdate\Evernote_5.8.3.6507.exe"=1 "D:\Mes prog d'installation\Dessin industiel simple\qcad_3-8-0_fr_127972.exe"=1 "D:\Mes prog d'installation\Spyboot\spybot-search-destroy_2-3-25-02-2015_en_10965.exe"=1 "D:\Mes prog d'installation\XnView\xnview-standard_2-32_fr_9667.exe"=1 "D:\Mes prog d'installation\Internet Download Manager (IDM)\internet-download-manager_6-2-1-build-19_fr_57994.exe"=1 "C:\Users\Gérard\AppData\Local\Evernote\Evernote\AutoUpdate\Evernote_5.8.5.7193.exe"=1 "C:\Users\Gérard\AppData\Local\Evernote\Evernote\AutoUpdate\Evernote_5.8.6.7519.exe"=1 "D:\Mes prog d'installation\Spyboot\spybot-search-destroy_2-4-20-05-2015_en_10965.exe"=1 "D:\Mes prog d'installation\RoboCopy GUI\UtilitySpotlight\setup.exe"=1 "c:\PROGRA~2\COMMON~1\ADOBEA~1\Versions\1.0\ADOBEA~1.EXE"=1 "D:\Mes prog d'installation\Skype\SkypeSetup.exe"=1 "D:\Mes prog d'installation\Partition Disque (epm)\EaseUS Partition Master\(Partition Disque) epm.exe"=1 "D:\Mes prog d'installation\CCleaner\ccsetup518.exe"=1 "D:\Mes prog d'installation\Ditto\ditto_ditto_3.17.0.17_francais_17799.exe"=1 [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe"=32 ¤¤¤¤¤¤¤¤¤¤ | IFEO ¤¤¤¤¤¤¤¤¤¤ | Mountpoints2 [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\I] : I:\autorun.exe (AutoRun) [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\I] : I:\setup.exe (reinstall) [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{0d42d1b8-2aef-11e0-bb19-00262d332c98}] : F:\autorun\autorun.exe (AutoRun) [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{0d42d1bb-2aef-11e0-bb19-00262d332c98}] : I:\autorun.exe (AutoRun) [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{0d42d1bb-2aef-11e0-bb19-00262d332c98}] : I:\setup.exe (reinstall) [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{0f6987fe-481a-11e2-b813-00262d332c98}] : J:\LGAutoRun.exe (AutoRun) [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{a9c4f101-f7fd-11e4-a879-00262d332c98}] : F:\LG_PC_Programs.exe (AutoRun) [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{e3ddbaac-2dfa-11e0-9217-00262d332c98}] : I:\autorun.exe (AutoRun) ¤¤¤¤¤¤¤¤¤¤ | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ¤¤¤¤¤¤¤¤¤¤ | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=128920218544262440 "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=0 "ProductStatus"=0 "InstallTime"=0x00689B45E770CB01 [HKLM\Software\WOW6432Node\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ¤¤¤¤¤¤¤¤¤¤ | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] ¤¤¤¤¤¤¤¤¤¤ | Winsock (Whitelist) ¤¤¤¤¤¤¤¤¤¤ | Hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com [15522] More lines ¤¤¤¤¤¤¤¤¤¤ | @ [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=no [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet settings] "EnableNegotiate"=1 "User Agent"=Mozilla/4.0 (compatible; MSIE; Win32) "IE5_UA_Backup_Flag"=5.0 "ZonesSecurityUpgrade"=0xB6A118893F04CA01 "ProxyEnable"=0 "AutoConfigProxy"=wininet.dll "MigrateProxy"=1 [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\Windows\system32\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} "XMLHTTP"=1 "NoUpdateCheck"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Search Bar"=Preserve "NotifyDownloadComplete"=no "Check_Associations"=yes "Error Dlg Displayed On Every Error"=no "TabShutdownDelay"=60000 "Move System Caret"=no "Expand Alt Text"=no "Print_Background"=no "Show image placeholders"=0 "Enable AutoImageResize"=yes "UseThemes"=1 "Friendly http errors"=yes "DisableScriptDebuggerIE"=yes "NscSingleExpand"=0 "SmoothScroll"=1 "AutoSearch"=1 "DOMStorage"=1 "Start Page"=https://www.google.fr/?gws_rd=ssl "AlwaysShowMenus"=0 "IconCache"=12sb5te "DownloadWindowPlacement"=0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ImageStoreRandomFolder"=qjct9qf "DefSpellLang"=fr-FR "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"= "ScriptDebugger_EnableHiddenTabs"=0 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "StatusBarWeb"=1 "ForceGDIPlus"=0 "ShutdownWaitForOnUnload"=0 "DNSPreresolution"=8 "SpellChecking"=1 "LangToolsBroker"={5bbd58bb-993e-4c17-8af6-3af8e908fca8} "DisablePasswordReveal"=0 "DisableRequiresActiveXPrompt"= "GotoIntranetSiteForSingleWordEntry"=0 "SuppressScriptDebuggerDialog"=0 "PredictedViewExpansion"=100 "PredictedViewChangeThreshold"=10 "PredictedViewChangeThresholdPaint"=10 "ContentLayerCacheExpansion"=300 "RenderingLoopMaxTime"=250 "CSS_Compat"=doctype "Display Inline Videos"=1 "Use Stylesheets"=1 "Disable Diagnostics Mode"=no "UseHR"=0 "Q300829"=0 "Cleanup HTCs"=0 "XDomainRequest"=1 "EnableAlternativeCodec"=yes "JScriptProfileCacheEventDelay"=5000 "CrossfadeMinTimeoutInMS"=30000 "CrossfadeMaxTimeoutInMS"=30000 "CrossfadeCurrentTimeoutInMS"=30000 "ScrollTimeoutInMS"=6000 "IE10RunOnceLastShown"=0 "IE10RunOncePerInstallCompleted"=1 "IE10TourNoShow"=0 "IE10TourShown"=1 "IE10RecommendedSettingsNo"=0 "FrameTabWindow"=1 "AdminTabProcs"=1 "SessionMerging"=1 "FrameMerging"=1 "HangRecovery"=1 "DesktopTransparentCoverWindowTime"=8 "TSEnable"=1 "Isolation"=PMIL "Isolation64Bit"=0 "IsolationImmersive"=PMEM "FrameShutdownDelay"=0 "MinIEEnabled"=1 "FormSuggest Passwords"=yes "FormSuggest PW Ask"=yes "RefcountTracker"=0 "TabDragOnSingleProc"=0 "ForceBFCacheCandidacyPass"=0 "Fasterback"=1 "BackForwardInstrumentation"=0 "FullScreen"=no "Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF1A0100004C0100006B040000CC030000 "OperationalData"=5 "CompatibilityFlags"=0 "DoNotTrack"=0 "IE10RunOnceCompletionTime"=0x38C11FC538CAD101 "IE10TourShownTime"=0xD8967CC538CAD101 "PlaySounds"=0 "UseSWRender"=0 "MixedContentBlockImages"=0 [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE; Win32) "EmailName"=IEUser@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "WarnOnPost"=0x01000000 "UrlEncoding"=0 "SecureProtocols"=2688 "PrivacyAdvanced"=0 "ZonesSecurityUpgrade"=0x80A8FB22B8F8CE01 "DisableCachingOfSSLPages"=1 "WarnonZoneCrossing"=0 "CertificateRevocation"=1 "GlobalUserOffline"=0 "DisableIDNPrompt"=0 "EnablePunycode"=1 "ShowPunycode"=0 "ProxyHttp1.1"=1 "WarnOnPostRedirect"=1 "WarnonBadCertRecving"=1 "ProxyOverride"=localhost "EnableAutodial"=0 "NoNetAutodial"=0 "EnableSPDY3_0"=0 "BackgroundConnections"=1 "EnableSSL3Fallback"=1 "CreateUriCacheSize"=80 "CoInternetCombineIUriCacheSize"=80 "SecurityIdIUriCacheSize"=30 "SpecialFoldersCacheSize"=8 "SyncMode5"=4 "EnforceP3PValidity"=0 [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "EnableNegotiate"=1 [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "EnableNegotiate"=1 [HKLM\Software\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "TabProcGrowth"=Medium "Print_Background"=0 "AlwaysShowMenus"=0 "StatusBarWeb"=1 "FrameAuto"=1 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=https://fr.yahoo.com?fr=hp-avast&type=avastbcl "Local Page"=C:\Windows\SysWOW64\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "TabProcGrowth"=Medium "Print_Background"=0 "AlwaysShowMenus"=0 "StatusBarWeb"=1 "FrameAuto"=1 "Check_Associations"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Search] "SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Tabs"=about:newtab "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files ¤¤¤¤¤¤¤¤¤¤ | reparsepoint ¤¤¤¤¤¤¤¤¤¤ | Detection of offsets ¤¤¤¤¤¤¤¤¤¤ | Notify [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon] : SDWinLogon.dll ¤¤¤¤¤¤¤¤¤¤ | SSODL | SEH | URLSH | STS ¤¤¤¤¤¤¤¤¤¤ | Toolbar [HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "ShowDiscussionButton"=Yes [HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"= [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 "ShowDiscussionButton"=Yes [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "ITBar7Height"=21 "ITBar7Layout"=0x13000000000000000000000020000000100000001500000001000000810600003301000007000000C80000009D03000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000921F1BBE2EACFB4ABC9D07FE272C137300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ITBar7Layout64"=0x13000000000000000000000004000000100001000000000001000000000000005E01000006000000C0040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005A171ACC5BE4ED41A30CC9B1D7A0C02F0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={67A2568C-7A0A-4EED-AECC-B5405DE63B64} "DownloadRetries"=0 "Version"=4 "UpgradeTime"=0xD03E3404D124D001 "DefaultPackCorrection"=1 "DefaultPackNTCorrection"=1 [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"= [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"= [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 "{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}"= "{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}"=avast! Online Security [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"= [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "Locked"=0 "{BE1B1F92-AC2E-4AFB-BC9D-07FE272C1373}"=IE AdBlock Toolbar [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"= ¤¤¤¤¤¤¤¤¤¤ | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] : () - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A95fe080-8f5d-11d2-a20b-00aa003c157a}] : (@C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}] : (@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (&Envoyer à OneNote) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] : () - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}] : () - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{A95fe080-8f5d-11d2-a20b-00aa003c157a}] : (@C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{DDE87865-83C5-48c4-8357-2F5B1AA84522}] : () - [] ¤¤¤¤¤¤¤¤¤¤ | SearchScopes [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 : [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}] - (Google) - https://www.google.com/search?q={searchTerms} : [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Google) - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}] - (Google) - http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Google) - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}] - (Yahoo! (Avast)) - https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} : ¤¤¤¤¤¤¤¤¤¤ | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> (avast! Online Security) : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [20/04/2016 13:55:57] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -> (Programme d’aide de l’Assistant de connexion au compte Microsoft) : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [17/07/2012 14:51:50] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] -> (Skype Click to Call for Internet Explorer) : C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [25/05/2016 10:30:38] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] -> (HP Print Enhancer) : C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [22/10/2009 05:29:58] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{46B37057-5BA8-4014-B28D-6448FD171A3E}] -> (IE AdBlock) : C:\Program Files (x86)\IE AdBlock\IE AdBlock.dll [15/05/2013 19:33:30] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [21/04/2016 08:18:20] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> (avast! Online Security) : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [20/04/2016 13:55:57] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -> (Programme d’aide de l’Assistant de connexion au compte Microsoft) : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [17/07/2012 14:51:50] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}] -> (Evernote extension) : C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [27/04/2016 18:48:44] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] -> (Skype Click to Call for Internet Explorer) : C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [25/05/2016 10:30:38] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [21/04/2016 08:18:19] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] -> (HP Smart BHO Class) : C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [22/10/2009 05:29:56] ¤¤¤¤¤¤¤¤¤¤ | Chrome C:\Users\Gérard\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\Gérard\AppData\Local\Google\Chrome\User Data\Default\extensions\cfhdojbkjhnklbpkdaibdccddilifddb = : __MSG_description__ - short_name: __MSG_name__ - https://clients2.google.com/service/update2/crx C:\Users\Gérard\AppData\Local\Google\Chrome\User Data\Default\extensions\eofcbnmajmjmplflapaojjnihcjkigck = : Avast SafePrice - safe shopping extension. - Avast SafePrice - https://clients2.google.com/service/update2/crx C:\Users\Gérard\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Gérard\AppData\Local\Google\Chrome\User Data\Default\extensions\jeaohhlajejodfjadcponpnjgkiikocn = : Download files with Internet Download Manager - IDM Integration Module - permissions:[\u003Call_urls>tabscookiescontextMenuswebNavigationwebRequestwebRequestBlockingmanagementstorage] - https://clients2.google.com/service/update2/crx C:\Users\Gérard\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx [HKLM\Software\Google\Chrome\Extensions\jeaohhlajejodfjadcponpnjgkiikocn] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl] ¤¤¤¤¤¤¤¤¤¤ | Opera ¤¤¤¤¤¤¤¤¤¤ | Firefox [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\mozilla\Firefox\Extensions] "smartwebprinting@hp.com"=C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [HKLM\Software\mozilla\Firefox\Extensions] "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "smartwebprinting@hp.com"=C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF "sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Users\Gérard\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Users\Gérard\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 22.0.0.192 Plugin) : C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 22.0.0.192 Plugin) : C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin] - (Google Earth in your browser) : C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0] - (Picasa3 plugin) : C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.91.2] - (Java™ Deployment Toolkit) : C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.2] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.3] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [HKLM\Software\WOW6432Node\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1] - (Yahoo! activeX Plug-in Bridge) : C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll C:\Users\Gérard\AppData\Roaming\Mozilla\Firefox\Profiles\77wd4ey9.default-1454748449800\Prefs.js user_pref("browser.startup.homepage_override.buildID", "20160604131506"); user_pref("browser.startup.homepage_override.mstone", "47.0"); user_pref("extensions.adblockplus.currentVersion", "2.7.3"); user_pref("extensions.adblockplus.notificationdata", "{\"lastCheck\":1466515467844,\"softExpiration\":1466590195711,\"hardExpiration\":1466576270890,\"data\":{\"notifications\":[],\"version\":\"201606200617\"},\"lastError\":0,\"downloadStatus\":\"synchronize_ok\",\"downloadCount\":70}"); user_pref("extensions.avastsp.settings", "{\"current\":{\"callerId\":8018,\"userId\":\"656279b94ae33afbfc2ea2d4eadd9cbd\",\"edition\":0,\"lastApplicationEventSent\":1455441519719},\"features\":{\"phishing\":true,\"dnt\":true,\"dntSocial\":false,\"dntAdTracking\":false,\"dntWebAnalytics\":false,\"dntOthers\":false,\"siteCorrect\":true,\"siteCorrectAuto\":false,\"safeZone\":false,\"communityIQ\":true,\"serp\":true,\"serpPopup\":true,\"safeShop\":-1},\"siteCorrect\":{\"declined\":{}},\"safeZone\":{\"declined\":{}},\"phishing\":{\"trusted\":{}},\"safeShop\":{\"noCouponDomains\":{},\"hideDomains\":{},\"hideAll\":0}}"); user_pref("extensions.avastwrc.settings", "{\"current\":{\"callerId\":2018,\"userId\":\"656279b94ae33afbfc2ea2d4eadd9cbd\",\"edition\":0,\"lastApplicationEventSent\":1466156602904},\"features\":{\"phishing\":true,\"dnt\":true,\"dntSocial\":false,\"dntAdTracking\":false,\"dntWebAnalytics\":false,\"dntOthers\":false,\"siteCorrect\":true,\"siteCorrectAuto\":false,\"safeZone\":false,\"communityIQ\":true,\"serp\":true,\"serpPopup\":true,\"safeShop\":-1},\"siteCorrect\":{\"declined\":{}},\"safeZone\":{\"declined\":{}},\"phishing\":{\"trusted\":{}},\"safeShop\":{\"noCouponDomains\":{},\"hideDomains\":{},\"hideAll\":0}}"); user_pref("extensions.avastwrc.whiteList", "{\"trk\":{\"apps.facebook.com\":{\"703\":false},\"avast.com\":{\"779\":false}}}"); user_pref("extensions.blocklist.pingCountTotal", 79); user_pref("extensions.blocklist.pingCountVersion", 11); user_pref("extensions.bootstrappedAddons", "{\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"version\":\"2.7.3\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Gérard\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\77wd4ey9.default-1454748449800\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":false},\"loop@mozilla.org\":{\"version\":\"1.3.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\loop@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"e10srollout@mozilla.org\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"firefox@getpocket.com\":{\"version\":\"1.0.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\":{\"version\":\"8.3.0.9150\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":false},\"wrc@avast.com\":{\"version\":\"10.3.3.44\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"multiprocessCompatible\":false,\"runInSafeMode\":false}}"); user_pref("extensions.databaseSchema", 17); user_pref("extensions.e10sBlockedByAddons", true); user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:47.0"); user_pref("extensions.getAddons.cache.lastUpdate", 1466507675); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.hotfix.lastVersion", "20160106.01"); user_pref("extensions.lastAppVersion", "47.0"); user_pref("extensions.lastPlatformVersion", "47.0"); user_pref("extensions.pendingOperations", false); user_pref("extensions.shownSelectionUI", true); user_pref("extensions.sp@avast.com.sdk.baseURI", "resource://sp-at-avast-dot-com/"); user_pref("extensions.sp@avast.com.sdk.domain", "sp-at-avast-dot-com"); user_pref("extensions.sp@avast.com.sdk.load.reason", "enable"); user_pref("extensions.sp@avast.com.sdk.rootURI", "file:///C:/Program%20Files/AVAST%20Software/Avast/SafePrice/FF/"); user_pref("extensions.sp@avast.com.sdk.version", "10.3.5.39"); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}"); user_pref("extensions.ui.dictionary.hidden", true); user_pref("extensions.ui.experiment.hidden", true); user_pref("extensions.ui.lastCategory", "addons://list/extension"); user_pref("extensions.ui.locale.hidden", true); user_pref("extensions.wrc@avast.com.sdk.baseURI", "resource://wrc-at-avast-dot-com/"); user_pref("extensions.wrc@avast.com.sdk.domain", "wrc-at-avast-dot-com"); user_pref("extensions.wrc@avast.com.sdk.load.reason", "startup"); user_pref("extensions.wrc@avast.com.sdk.rootURI", "file:///C:/Program%20Files/AVAST%20Software/Avast/WebRep/FF/"); user_pref("extensions.wrc@avast.com.sdk.version", "10.3.3.44"); user_pref("extensions.xpiState", "{\"app-profile\":{\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"d\":\"C:\\\\Users\\\\Gérard\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\77wd4ey9.default-1454748449800\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"e\":true,\"v\":\"2.7.3\",\"st\":1461913215652}},\"app-system-defaults\":{\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1465554991561},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"e\":true,\"v\":\"1.0.2\",\"st\":1465554991545},\"loop@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\loop@mozilla.org.xpi\",\"e\":true,\"v\":\"1.3.2\",\"st\":1465554991545}},\"winreg-app-user\":{\"smartwebprinting@hp.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn3\",\"e\":false,\"v\":\"4.60\",\"st\":1287835609857,\"mt\":1256182198000}},\"app-global\":{\"{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi\",\"e\":true,\"v\":\"8.3.0.9150\",\"st\":1464161860000},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":true,\"v\":\"47.0\",\"st\":1465554991607}},\"winreg-app-global\":{\"smartwebprinting@hp.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn3\",\"e\":false,\"v\":\"4.60\",\"st\":1287835609857,\"mt\":1256182198000},\"wrc@avast.com\":{\"d\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"e\":true,\"v\":\"10.3.3.44\",\"st\":1463907657736,\"mt\":1463907581906},\"sp@avast.com\":{\"d\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\SafePrice\\\\FF\",\"e\":false,\"v\":\"10.3.5.39\",\"st\":1455371013508,\"mt\":1463907577984}}}"); user_pref("extensions.{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.sdk.baseURI", "resource://82af8dca-6de9-405d-bd5e-43525bdad38a/"); user_pref("extensions.{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.sdk.domain", "82af8dca-6de9-405d-bd5e-43525bdad38a"); user_pref("extensions.{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.sdk.load.reason", "startup"); user_pref("extensions.{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.sdk.rootURI", "jar:file:///C:/Program%20Files%20(x86)/Mozilla%20Firefox/browser/extensions/%7B82AF8DCA-6DE9-405D-BD5E-43525BDAD38A%7D.xpi!/"); user_pref("extensions.{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.sdk.version", "8.3.0.9150"); C:\Users\Gérard\AppData\Roaming\Mozilla\Firefox\Profiles\veo982em.default\Prefs.js user_pref("browser.startup.homepage", "https://www.google.fr/?gws_rd=ssl"); user_pref("browser.startup.homepage_override.buildID", "20160123151951"); user_pref("browser.startup.homepage_override.mstone", "44.0"); user_pref("extensions.adblockplus.currentVersion", "2.7.1"); user_pref("extensions.adblockplus.notificationdata", "{\"shown\":[\"2\"],\"lastCheck\":1454748271276,\"softExpiration\":1454752260516,\"hardExpiration\":1454855518614,\"data\":{\"notifications\":[],\"version\":\"201602051431-2/3\"},\"lastError\":0,\"downloadStatus\":\"synchronize_ok\",\"downloadCount\":178}"); user_pref("extensions.avastsp.settings", "{\"current\":{\"callerId\":8018,\"userId\":\"0451c63011cd93c5cbeacfb068860ddb\",\"lastApplicationEventSent\":1454494976514,\"edition\":0},\"siteCorrect\":{\"declined\":{}},\"safeZone\":{\"declined\":{}},\"phishing\":{\"trusted\":{}},\"features\":{\"phishing\":true,\"dnt\":false,\"dntSocial\":false,\"dntAdTracking\":false,\"dntWebAnalytics\":false,\"dntOthers\":false,\"siteCorrect\":true,\"siteCorrectAuto\":false,\"safeZone\":false,\"communityIQ\":true,\"serp\":true,\"serpPopup\":true,\"safeShop\":-1},\"safeShop\":{\"noCouponDomains\":{},\"hideDomains\":{},\"hideAll\":0}}"); user_pref("extensions.avastwrc.settings", "{\"current\":{\"callerId\":2018,\"userId\":\"0451c63011cd93c5cbeacfb068860ddb\",\"lastApplicationEventSent\":1454494976514,\"edition\":0},\"siteCorrect\":{\"declined\":{}},\"safeZone\":{\"declined\":{}},\"phishing\":{\"trusted\":{}},\"features\":{\"phishing\":true,\"dnt\":false,\"dntSocial\":false,\"dntAdTracking\":false,\"dntWebAnalytics\":false,\"dntOthers\":false,\"siteCorrect\":true,\"siteCorrectAuto\":false,\"safeZone\":false,\"communityIQ\":true,\"serp\":true,\"serpPopup\":true,\"safeShop\":-1},\"safeShop\":{\"noCouponDomains\":{},\"hideDomains\":{},\"hideAll\":0}}"); user_pref("extensions.avastwrc.whiteList", "{\"trk\":{\"apps.facebook.com\":{\"703\":false},\"avast.com\":{\"779\":false}}}"); user_pref("extensions.blocklist.pingCountTotal", 356); user_pref("extensions.blocklist.pingCountVersion", 9); user_pref("extensions.bootstrappedAddons", "{\"{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\":{\"version\":\"5.4.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Gérard\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\veo982em.default\\\\extensions\\\\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":false},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"version\":\"2.7.1\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Gérard\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\veo982em.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":false},\"wrc@avast.com\":{\"version\":\"10.3.3.13\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"multiprocessCompatible\":false,\"runInSafeMode\":false},\"sp@avast.com\":{\"version\":\"10.3.5.13\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\SafePrice\\\\FF\",\"multiprocessCompatible\":false,\"runInSafeMode\":false}}"); user_pref("extensions.databaseSchema", 17); user_pref("extensions.dwhelper.advanced-settings", true); user_pref("extensions.dwhelper.download-count", 9); user_pref("extensions.dwhelper.last-version", "5.4.2"); user_pref("extensions.dwhelper.need-prefs-migration", false); user_pref("extensions.dwhelper.scrap.state", "stopped"); user_pref("extensions.dwhelper.show-hits-orphan", true); user_pref("extensions.dwhelper.storagedirectory", "D:\\INTERNET"); user_pref("extensions.dwhelper.toolbar-button", "maincomp"); user_pref("extensions.dwhelper.tpsr.state", "stopped"); user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:44.0"); user_pref("extensions.getAddons.cache.lastUpdate", 1454659204); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.hotfix.lastVersion", "20160106.01"); user_pref("extensions.lastAppVersion", "44.0"); user_pref("extensions.lastPlatformVersion", "44.0"); user_pref("extensions.mozilla_cc@internetdownloadmanager.com.install-event-fired", true); user_pref("extensions.pendingOperations", false); user_pref("extensions.shownSelectionUI", true); user_pref("extensions.smartwebprinting@hp.com.install-event-fired", true); user_pref("extensions.sp@avast.com.sdk.baseURI", "resource://sp-at-avast-dot-com/"); user_pref("extensions.sp@avast.com.sdk.domain", "sp-at-avast-dot-com"); user_pref("extensions.sp@avast.com.sdk.load.reason", "startup"); user_pref("extensions.sp@avast.com.sdk.rootURI", "file:///C:/Program%20Files/AVAST%20Software/Avast/SafePrice/FF/"); user_pref("extensions.sp@avast.com.sdk.version", "10.3.5.13"); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}"); user_pref("extensions.ui.dictionary.hidden", true); user_pref("extensions.ui.experiment.hidden", true); user_pref("extensions.ui.lastCategory", "addons://discover/"); user_pref("extensions.ui.locale.hidden", true); user_pref("extensions.wrc@avast.com.install-event-fired", true); user_pref("extensions.wrc@avast.com.sdk.baseURI", "resource://wrc-at-avast-dot-com/"); user_pref("extensions.wrc@avast.com.sdk.domain", "wrc-at-avast-dot-com"); user_pref("extensions.wrc@avast.com.sdk.load.reason", "startup"); user_pref("extensions.wrc@avast.com.sdk.rootURI", "file:///C:/Program%20Files/AVAST%20Software/Avast/WebRep/FF/"); user_pref("extensions.wrc@avast.com.sdk.version", "10.3.3.13"); user_pref("extensions.xpiState", "{\"app-profile\":{\"{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\":{\"d\":\"C:\\\\Users\\\\Gérard\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\veo982em.default\\\\extensions\\\\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi\",\"e\":true,\"v\":\"5.4.2\",\"st\":1446192471207},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"d\":\"C:\\\\Users\\\\Gérard\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\veo982em.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"e\":true,\"v\":\"2.7.1\",\"st\":1453363237651}},\"winreg-app-user\":{\"smartwebprinting@hp.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn3\",\"e\":false,\"v\":\"4.60\",\"st\":1287835609857,\"mt\":1256182198000}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"e\":true,\"v\":\"44.0\",\"st\":1453897828538,\"mt\":1453897828470}},\"winreg-app-global\":{\"smartwebprinting@hp.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn3\",\"e\":false,\"v\":\"4.60\",\"st\":1287835609857,\"mt\":1256182198000},\"wrc@avast.com\":{\"d\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"e\":true,\"v\":\"10.3.3.13\",\"st\":1449835347098,\"mt\":1448955471168},\"sp@avast.com\":{\"d\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\SafePrice\\\\FF\",\"e\":true,\"v\":\"10.3.5.13\",\"st\":1449835347036,\"mt\":1449228267805}}}"); user_pref("extensions.{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.install-event-fired", true); user_pref("extensions.{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.install-event-fired", true); ¤¤¤¤¤¤¤¤¤¤ | Active Connections TCP 127.0.0.1:49631 www.007guard.com:49632 ESTABLISHED 1368 TCP 127.0.0.1:49632 www.007guard.com:49631 ESTABLISHED 1368 TCP 127.0.0.1:49634 www.007guard.com:49635 ESTABLISHED 1368 TCP 127.0.0.1:49635 www.007guard.com:49634 ESTABLISHED 1368 TCP 192.168.1.76:49163 lon01.ff.avast.com:http ESTABLISHED 1368 TCP 192.168.1.76:49218 wa-in-f125.1e100.net:5222 ESTABLISHED 1504 TCP 192.168.1.76:49733 wb-in-f188.1e100.net:5228 ESTABLISHED 5904 TCP 192.168.1.76:49745 186.221.154.77.rev.sfr.net:https ESTABLISHED 5904 TCP 192.168.1.76:49836 104.244.42.72:https ESTABLISHED 5904 TCP 192.168.1.76:50088 s3-1.amazonaws.com:http TIME_WAIT 0 TCP 192.168.1.76:50090 a104-124-193-221.deploy.static.akamaitechnologies.com:http ESTABLISHED 5904 TCP 192.168.1.76:50094 21.128.153.77.rev.sfr.net:https ESTABLISHED 5904 TCP 192.168.1.76:50095 187.221.154.77.rev.sfr.net:https ESTABLISHED 5904 ¤¤¤¤¤¤¤¤¤¤ | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{CBEE4604-4ECB-4C99-9127-25C192CB917C}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{E89F615A-D892-44C9-82A6-973C6FCC14EE}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{CBEE4604-4ECB-4C99-9127-25C192CB917C}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{E89F615A-D892-44C9-82A6-973C6FCC14EE}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{CBEE4604-4ECB-4C99-9127-25C192CB917C}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{E89F615A-D892-44C9-82A6-973C6FCC14EE}] "DhcpNameServer"=192.168.1.1 ¤¤¤¤¤¤¤¤¤¤ | Applications [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\Classes\Applications\7z.exe] : "C:\Program Files\7-Zip\7z.exe" "%1" [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\Classes\Applications\7zFM.exe] : "C:\Program Files\7-Zip\7zFM.exe" "%1" [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\Classes\Applications\ImagingDevices.exe] : "C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe" "%1" [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\Classes\Applications\regsvr32.exe] : "C:\Windows\System32\regsvr32.exe" "%1" [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\Classes\Applications\rundll32.exe] : "C:\Windows\System32\rundll32.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\eSobi.exe] : "C:\Program Files (x86)\eSobi\eSobi2\eSobi.exe" /e "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\NeroExpress.exe] : "C:\Program Files (x86)\Nero\Nero 9\Nero Express\NeroExpress.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\NeroStartSmart.exe] : "C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\ois.exe] : C:\PROGRA~2\MICROS~1\OFFICE11\OIS.EXE /shellOpen "%1" [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\PicasaPhotoViewer.exe] : "C:\Program Files (x86)\Google\Picasa3\PicasaPhotoViewer.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\resize.exe] : C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe %L\ [HKLM\SOFTWARE\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\wksss.exe] : C:\PROGRA~2\MICROS~2\wksss.exe "%1" [HKLM\SOFTWARE\Classes\Applications\wkswp.exe] : c:\PROGRA~2\MICROS~2\WksWP.exe "%1" [HKLM\SOFTWARE\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\Classes\Applications\xnview.exe] : "C:\Program Files (x86)\XnView\xnview.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\eSobi.exe] : "C:\Program Files (x86)\eSobi\eSobi2\eSobi.exe" /e "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\NeroExpress.exe] : "C:\Program Files (x86)\Nero\Nero 9\Nero Express\NeroExpress.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\NeroStartSmart.exe] : "C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ois.exe] : C:\PROGRA~2\MICROS~1\OFFICE11\OIS.EXE /shellOpen "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\PicasaPhotoViewer.exe] : "C:\Program Files (x86)\Google\Picasa3\PicasaPhotoViewer.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\resize.exe] : C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe %L\ [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wksss.exe] : C:\PROGRA~2\MICROS~2\wksss.exe "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wkswp.exe] : c:\PROGRA~2\MICROS~2\WksWP.exe "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\xnview.exe] : "C:\Program Files (x86)\XnView\xnview.exe" "%1" ¤¤¤¤¤¤¤¤¤¤ | Svchost - Netsvcs (Whitelisted) Term - : ¤¤¤¤¤¤¤¤¤¤ | Software [HKU\S-1-5-18\Software\AMD] [HKU\S-1-5-18\Software\ATI] [HKU\S-1-5-18\Software\Avast Software] [HKU\S-1-5-18\Software\CyberLink] [HKU\S-1-5-18\Software\Google] [HKU\S-1-5-18\Software\Hewlett-Packard] [HKU\S-1-5-18\Software\Local AppWizard-Generated Applications] [HKU\S-1-5-18\Software\Logitech] [HKU\S-1-5-18\Software\Microsoft] [HKU\S-1-5-18\Software\Mozilla] [HKU\S-1-5-18\Software\Netscape] [HKU\S-1-5-18\Software\PDFCreator] [HKU\S-1-5-18\Software\Piriform] [HKU\S-1-5-18\Software\Policies] [HKU\S-1-5-18\Software\Safer Networking Limited] [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-18\Software\Microsoft\Windows\DWM] [HKU\S-1-5-18\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000_Classes\Software\Microsoft] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000_Classes\Software\Piriform] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000_Classes\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\7-Zip] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Acer] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Adobe] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\ALWIL Software] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Aplicaciones generadas con el Asistente para aplicaciones local] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\AppDataLow] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Astonsoft] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\ATI] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Attribute Changer] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Audacity] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Auslogics] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\AVAST Software] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\BasicScript Program Settings] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Borland] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Bugsplat] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\CamfrogWeb] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Canneverbe Limited] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\CDDB] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Chromium] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Clients] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Convar] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\CPUID] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\CyberLink] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Cygwin] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Digital River] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Disc Soft] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Ditto] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\DivXNetworks] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Dnote Software] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\DownloadManager] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Dropbox] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\DropboxUpdate] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\DT Soft] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\DVDVideoSoft] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\EaseUS] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\EpmNewsInfo] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Evernote] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Exifer] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\FotoWire] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\FreeDownloadManager.ORG] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Freemake] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Freeware] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\g3n-h@ckm@n] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\GNU] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\GoforFiles] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Google] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\GSpot Appliance Corp] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Hewlett-Packard] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\HP] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\IM Providers] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Intel] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\IUXDICH] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\JavaSoft] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Jordan Russell] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\JulySoft©] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\KC Softwares] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\LeaderTech] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\LG Electronics] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Licenses] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Local AppWizard-Generated Applications] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Logitech] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\LowRegistry] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Lupas Soft] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Macromedia] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Malwarebytes' Anti-Malware] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\MarineCat] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\MetaGeek, LLC] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\MJLSoftware] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Mozilla] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Mozilla Backup] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\MozillaPlugins] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\MyCam] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Nero] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Netscape] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\NirSoft] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Northcode Inc] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\NVIDIA Corporation] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Oberon Media] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\ObviousIdea] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\ODBC] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\OEM] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Orange] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Paul Glagla] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\PC SOFT] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\PDFCreator] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\PhotoFiltre] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Piriform] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Policies] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\QtProject] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Realtek] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Safer Networking Limited] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\SiSoftware] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Skype] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Software] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\SourceTec] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\SubSystems] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\sysinternals] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\TeamViewer] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Thunderbird] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\TomTom] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Trolltech] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\UnFREEz] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Universitat Autonoma de Barcelona] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\VB and VBA Program Settings] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\VirtualDub.org] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\VSRevoGroup] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Winamp] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Wow6432Node] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Yahoo] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Zyrax Software] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\AppDataLow\Software\Google] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\AppDataLow\Software\JavaSoft] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\AppDataLow\Software\Yahoo] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\Software\Microsoft\Windows NT\CurrentVersion] [HKU\S-1-5-20\Software\AppDataLow] [HKU\S-1-5-20\Software\Google] [HKU\S-1-5-20\Software\Microsoft] [HKU\S-1-5-20\Software\Piriform] [HKU\S-1-5-20\Software\Policies] [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-20\Software\Microsoft\Windows\DWM] [HKU\S-1-5-20\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-20\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion] [HKU\S-1-5-19\Software\AppDataLow] [HKU\S-1-5-19\Software\Google] [HKU\S-1-5-19\Software\Microsoft] [HKU\S-1-5-19\Software\Piriform] [HKU\S-1-5-19\Software\Policies] [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-19\Software\Microsoft\Windows\DWM] [HKU\S-1-5-19\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-19\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\7-Zip] [HKLM\Software\Acer] [HKLM\Software\AcerUtil] [HKLM\Software\AMD] [HKLM\Software\ATI] [HKLM\Software\ATI Technologies] [HKLM\Software\Audible] [HKLM\Software\Canneverbe Limited] [HKLM\Software\Clients] [HKLM\Software\CPUID] [HKLM\Software\Cyberlink] [HKLM\Software\EgisTec] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\HaaliMkx] [HKLM\Software\Hewlett-Packard] [HKLM\Software\IM Providers] [HKLM\Software\Intel] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\MozillaPlugins] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\OemSetup] [HKLM\Software\OOBEOffer] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Safer Networking Limited] [HKLM\Software\SiSoftware] [HKLM\Software\Sonic] [HKLM\Software\SRS Labs] [HKLM\Software\sysinternals] [HKLM\Software\Volatile] [HKLM\Software\Waves Audio] [HKLM\Software\Wow6432Node] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GPSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\Software\WOW6432Node\Acer Incorporated] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AdwCleaner] [HKLM\Software\WOW6432Node\Ahead] [HKLM\Software\WOW6432Node\ALWIL Software] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\ATI] [HKLM\Software\WOW6432Node\ATI Technologies] [HKLM\Software\WOW6432Node\Audible] [HKLM\Software\WOW6432Node\Auslogics] [HKLM\Software\WOW6432Node\AVAST Software] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\DelFix] [HKLM\Software\WOW6432Node\Digital River] [HKLM\Software\WOW6432Node\Disc Soft] [HKLM\Software\WOW6432Node\DivXNetworks] [HKLM\Software\WOW6432Node\DT Soft] [HKLM\Software\WOW6432Node\DVDVideoSoft] [HKLM\Software\WOW6432Node\EaseUS] [HKLM\Software\WOW6432Node\EgisTec IPS] [HKLM\Software\WOW6432Node\Evernote] [HKLM\Software\WOW6432Node\Freemake] [HKLM\Software\WOW6432Node\GNU] [HKLM\Software\WOW6432Node\GoforFiles] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Hewlett-Packard] [HKLM\Software\WOW6432Node\ICE] [HKLM\Software\WOW6432Node\IM Providers] [HKLM\Software\WOW6432Node\InstallShield] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\Internet Download Manager] [HKLM\Software\WOW6432Node\iTinySoft] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\KasperskyLab] [HKLM\Software\WOW6432Node\Lame for Audacity] [HKLM\Software\WOW6432Node\LG Electronics] [HKLM\Software\WOW6432Node\Licenses] [HKLM\Software\WOW6432Node\Logitech] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\WOW6432Node\McAfeeInstaller] [HKLM\Software\WOW6432Node\MediaCoder] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Nero] [HKLM\Software\WOW6432Node\NovaLogic] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\Oberon Media] [HKLM\Software\WOW6432Node\ObviousIdea] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OEM] [HKLM\Software\WOW6432Node\PDFCreator] [HKLM\Software\WOW6432Node\RDC(Rue Du Commerce).] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\RtWLan] [HKLM\Software\WOW6432Node\Safer Networking Limited] [HKLM\Software\WOW6432Node\Skype] [HKLM\Software\WOW6432Node\SourceCodeControlProvider] [HKLM\Software\WOW6432Node\TeamViewer] [HKLM\Software\WOW6432Node\TomTom] [HKLM\Software\WOW6432Node\Trad-FR] [HKLM\Software\WOW6432Node\Ubisoft] [HKLM\Software\WOW6432Node\Universitat Autonoma de Barcelona] [HKLM\Software\WOW6432Node\VideoLAN] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\Wise Solutions] [HKLM\Software\WOW6432Node\XnView] [HKLM\Software\WOW6432Node\Yahoo] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ¤¤¤¤¤¤¤¤¤¤ | Drives D: [28/01/2011 18:28:28] - |A| - (.-.) - [419] - (0.0.0.0) - D:\Lecteur de CD - Raccourci.lnk [28/05/2011 16:58:25] - |A| - (.-.) - [76] - (0.0.0.0) - D:\tvo.ini ¤¤¤¤¤¤¤¤¤¤ | C: [14/07/2009 05:18:56] - |SHD| - [774] - C:\$RECYCLE.BIN [22/03/2016 18:52:14] - |D| - [0] - C:\19c76f5ef5996ac2250e [MD5.352918C488A322F7D9E6F99BAF4B0F24] - [19/02/2013 12:38:39] - (.-.) - [1087] - (0.0.0.0) - C:\AdwCleaner[R1].txt [MD5.268C4C92847655B1BEEBAFF65F49D4B2] - [16/11/2015 13:40:21] - (.-.) - [1354] - (0.0.0.0) - C:\AdwCleaner[R2].txt [MD5.C82E67E116B407FBB524AC9AF08319BE] - [19/02/2013 12:39:24] - (.-.) - [367] - (0.0.0.0) - C:\AdwCleaner[S1].txt [MD5.226C6890EE4B8F224FA20EB06E51CB8A] - [16/11/2015 13:41:28] - (.-.) - [1419] - (0.0.0.0) - C:\AdwCleaner[S2].txt [10/02/2016 15:24:21] - |D| - [10762517] - C:\b40655ba3274e77d3dd7a35178 [07/07/2009 00:58:11] - |AD| - [278396] - C:\book [MD5.E8204D8A2A2848BB86ED2C50C801344A] - [16/03/2010 02:14:56] - (.-.) - [8192] - (0.0.0.0) - C:\BOOTSECT.BAK [MD5.D3BB861F2AB295855E21EE91E26675C7] - [19/06/2016 18:32:38] - (.-.) - [3288] - (0.0.0.0) - C:\bootsqm.dat [23/10/2010 14:01:07] - |HD| - [0] - C:\Config.Msi [19/10/2015 18:31:44] - |D| - [12492932] - C:\Desktop [14/07/2009 07:08:56] - |SHD| - [0] - C:\Documents and Settings [12/07/2014 16:05:13] - |D| - [0] - C:\Downloads [MD5.09CBAC7CA2D4B5A95975EFE8A95EE31D] - [07/10/2014 15:22:18] - (.-.) - [816] - (0.0.0.0) - C:\Encodage.txt [MD5.308A28363DA44B9B77047D2B2D864A22] - [26/05/2010 18:58:03] - (.-.) - [4045] - (0.0.0.0) - C:\F0Z1LP21.MD5 [MD5.D41D8CD98F00B204E9800998ECF8427E] - [07/07/2009 00:47:31] - (.-.) - [4831236096] - (0.0.0.0) - C:\hiberfil.sys [09/11/2010 11:56:24] - |D| - [26147765] - C:\Jeux [MD5.F3091CAAA36C9FF8DCEF4D17AC4A8BD2] - [01/11/2010 10:58:16] - (.-.) - [183] - (0.0.0.0) - C:\LogiSetup.log [MD5.59156CEBFCAD5BC2F18FDBC766D7669E] - [26/05/2010 18:58:04] - (.-.) - [302] - (0.0.0.0) - C:\LPCD.DAT [MD5.57C03926598B2FEFD78487D64A3CA9A6] - [01/11/2010 10:57:00] - (.-.) - [512220] - (0.0.0.0) - C:\MSIInstall.log [16/03/2010 01:49:37] - |RHD| - [323773544] - C:\MSOCache [03/02/2011 11:22:38] - |D| - [377081] - C:\Multimedia Files [16/03/2010 02:13:11] - |HD| - [1680526216] - C:\OEM [MD5.D41D8CD98F00B204E9800998ECF8427E] - [07/07/2009 00:47:31] - (.-.) - [6441648128] - (0.0.0.0) - C:\pagefile.sys [MD5.027D06BD6754F9655C4AB6567BEBD435] - [29/10/2010 13:42:04] - (.-.) - [2489] - (0.0.0.0) - C:\pcwdbg.log [16/04/2012 16:54:24] - |D| - [0] - C:\Pense-Bête [14/07/2009 05:20:08] - |D| - [0] - C:\PerfLogs [14/07/2009 05:20:08] - |D| - [1953762901] - C:\Program Files [14/07/2009 05:20:08] - |RD| - [24465974534] - C:\Program Files (x86) [14/07/2009 05:20:08] - |HD| - [1503626245] - C:\ProgramData [22/06/2016 10:02:56] - |D| - [262056] - C:\QuickDiag [MD5.476F535701D6B161CA0659C748891A2C] - [22/06/2016 10:02:58] - (.-.) - [167452] - (0.0.0.0) - C:\QuickDiag.txt [02/11/2010 16:50:41] - |D| - [617862313] - C:\rc [21/10/2010 08:14:36] - |SHD| - [287319171] - C:\Recovery [MD5.B0494D04D0EB88C62958BA296F8109DF] - [16/03/2010 01:37:08] - (.-.) - [2035] - (0.0.0.0) - C:\RHDSetup.log [07/07/2009 09:00:01] - |SHD| - [0] - C:\System Volume Information [13/12/2011 11:58:53] - |D| - [27122] - C:\TVO [14/07/2009 05:20:08] - |RD| - [13580930294] - C:\Users [12/07/2007 03:48:01] - |D| - [48419014422] - C:\Windows ¤¤¤¤¤¤¤¤¤¤ | C:\Windows [MD5.065919847CF1C1C0A1C5F63C488EB54B] - [16/03/2010 01:47:32] - (.-.) - [33] - (0.0.0.0) - C:\Windows\0 [MD5.D41D8CD98F00B204E9800998ECF8427E] - [16/03/2010 01:21:24] - (.-.) - [0] - (0.0.0.0) - C:\Windows\Acer.tag [14/07/2009 07:32:38] - |D| - [802] - C:\Windows\addins [14/07/2009 05:20:08] - |D| - [23155461] - C:\Windows\AppCompat [14/07/2009 05:20:08] - |D| - [11035940] - C:\Windows\AppPatch [14/07/2009 05:20:08] - |RSD| - [1933758197] - C:\Windows\assembly [MD5.D33BEB03315913212976B6645579A7A1] - [07/07/2009 00:50:11] - (.-.) - [34601] - (0.0.0.0) - C:\Windows\ATIDetect.txt [MD5.DD6AA6355E13CA60C34F421B80176E58] - [30/03/2010 09:51:59] - (.-.) - [20692] - (0.0.0.0) - C:\Windows\atiogl.xml [MD5.D41D8CD98F00B204E9800998ECF8427E] - [07/07/2009 00:57:19] - (.-.) - [0] - (0.0.0.0) - C:\Windows\ativpsrm.bin [MD5.8D26DAE92B9995B082AE5B6BC2FB70DB] - [22/05/2016 11:00:10] - (.Copyright (c) 2014 AVAST Software - avast! Screen Saver stub.) - [52184] - (11.2.2738.0) - C:\Windows\avastSS.scr [MD5.317CD1CE327B6520BF4EE007BCD39E61] - [24/06/2011 08:53:24] - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [71168] - (6.1.7601.17514) - C:\Windows\bfsvc.exe [14/07/2009 05:20:09] - |D| - [29163158] - C:\Windows\Boot [MD5.E053C01C5B89D1A63F17682F3F86AAB5] - [14/07/2009 07:38:36] - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [14/07/2009 05:20:09] - |D| - [3233280] - C:\Windows\Branding [MD5.B0FEEC04E8D7DE3F38F41B0F5910AFD6] - [01/11/2010 10:59:13] - (.-.) - [81920] - (0.0.0.0) - C:\Windows\bwUnin-6.1.4.68-8876480L.exe [MD5.6FBB766EB79F9EED3684194EEAF838DF] - [07/07/2009 10:45:38] - (.-.) - [11453] - (0.0.0.0) - C:\Windows\ChangeLang_Done.tag [MD5.AFCBCBF876F7A88A3CB2D2251ADBB71D] - [16/03/2010 03:02:25] - (.-.) - [10] - (0.0.0.0) - C:\Windows\CSUP.TXT [14/07/2009 05:20:09] - |D| - [2113488] - C:\Windows\Cursors [14/07/2009 06:45:54] - |D| - [7005] - C:\Windows\debug [05/10/2009 22:41:14] - |AD| - [371775] - C:\Windows\DeployWinRE2 [14/07/2009 07:32:38] - |D| - [3044378] - C:\Windows\diagnostics [14/07/2009 07:37:46] - |D| - [0] - C:\Windows\DigitalLocker [16/03/2010 01:48:05] - |D| - [21491185] - C:\Windows\Downloaded Installations [14/07/2009 07:32:38] - |D| - [115475] - C:\Windows\Downloaded Program Files [07/07/2009 00:58:38] - |D| - [591402] - C:\Windows\Driver Cache [14/07/2009 09:45:02] - |D| - [118084593] - C:\Windows\ehome [14/07/2009 07:37:46] - |D| - [0] - C:\Windows\en-US [MD5.9DA3B83F80E205B6C601EEE1312FD0A0] - [16/06/2016 15:45:35] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3231232] - (6.1.7601.23418) - C:\Windows\explorer.exe [14/07/2009 05:20:09] - |RSD| - [402999583] - C:\Windows\Fonts [09/05/2015 14:30:46] - |D| - [117440] - C:\Windows\fr [07/07/2009 10:42:30] - |D| - [142848] - C:\Windows\fr-FR [MD5.92BB2E9AA28542C685C59EFCBAC2490B] - [14/07/2009 01:22:13] - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de chiffrement de lecteur BitLocker.) - [15360] - (6.1.7600.16385) - C:\Windows\fveupdate.exe [14/07/2009 05:20:09] - |D| - [79210028] - C:\Windows\Globalization [14/07/2009 05:20:09] - |D| - [44128263] - C:\Windows\Help [MD5.CD47548A52B02D254BF6D7F7A5F2BFD3] - [14/07/2009 02:29:53] - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [733696] - (6.1.7600.16385) - C:\Windows\HelpPane.exe [20/12/2011 16:18:53] - |D| - [4934656] - C:\Windows\Hewlett-Packard [MD5.3D0B9EA79BF1F828324447D84AA9DCE2] - [14/07/2009 02:29:03] - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [16896] - (6.1.7600.16385) - C:\Windows\hh.exe [MD5.1AEB4967A760D6EC21A3270F1B004AC1] - [14/07/2009 09:47:54] - (.-.) - [48265] - (0.0.0.0) - C:\Windows\HomePremium.xml [MD5.BE21C0CB9865A63AE3FD296BD2699DCB] - [23/10/2010 13:56:40] - (.-.) - [230590] - (0.0.0.0) - C:\Windows\hpoins46.dat [MD5.0832F4F267C8D0ADA991CF2C8976A831] - [29/01/2010 23:21:20] - (.-.) - [532] - (0.0.0.0) - C:\Windows\hpomdl46.dat [14/07/2009 05:20:09] - |D| - [143932268] - C:\Windows\IME [14/07/2009 05:20:10] - |D| - [130355911] - C:\Windows\inf [16/03/2010 01:28:18] - |SHD| - [5558865321] - C:\Windows\Installer [MD5.E40C1867D16DD880E7A6C8156D06D27E] - [29/10/2010 14:03:29] - (.Copyright© 1990-1998 InstallShield Software Corporation Phone : (847) 240-9111 - InstallShield® unInstaller.) - [308224] - (5.51.138.0) - C:\Windows\IsUn040c.exe [MD5.C0DFFAD445B264DA258F9794633D6455] - [28/01/2011 12:40:25] - (.Copyright© 1990-1997 InstallShield Software Corporation Phone : (847) 240-9111 - InstallShield® unInstaller.) - [303616] - (5.10.130.0) - C:\Windows\IsUninst.exe [14/07/2009 05:20:10] - |D| - [48371] - C:\Windows\L2Schemas [14/07/2009 05:20:10] - |D| - [3398412] - C:\Windows\LiveKernelReports [14/07/2009 05:20:10] - |D| - [173356321] - C:\Windows\Logs [14/07/2009 05:20:10] - |RSD| - [13327133] - C:\Windows\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [14/07/2009 02:10:29] - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [14/07/2009 05:20:10] - |D| - [1006016430] - C:\Windows\Microsoft.NET [25/02/2014 13:27:09] - |D| - [5524] - C:\Windows\Migration [15/01/2014 14:30:09] - |D| - [0] - C:\Windows\Minidump [MD5.F82EFFD785E30205002DEEAA9F34D375] - [23/04/2009 06:33:49] - (.-.) - [2572] - (0.0.0.0) - C:\Windows\MOD01OPK04000N0001.enc [MD5.CCDBE4E86AB936B1ACF452E52C7772D1] - [16/03/2010 03:02:32] - (.-.) - [1996] - (0.0.0.0) - C:\Windows\MOD01SET00000000IJ.enc [MD5.E551DAEAF6F19A8FCFA8E0D689870CD3] - [16/03/2010 02:14:31] - (.-.) - [2008] - (0.0.0.0) - C:\Windows\MOD01SET5K000G0002.enc [MD5.31AAD56CC5D4D5346999662BDE696AC2] - [06/10/2009 22:58:47] - (.-.) - [2476] - (0.0.0.0) - C:\Windows\MOD01SET74FR0N0003.enc [MD5.E221435AB4B92950CB155A8CB42FF7D8] - [16/03/2010 02:14:31] - (.-.) - [2048] - (0.0.0.0) - C:\Windows\MOD01SET75000N0006.enc [MD5.24D9E3329D9625546EDD7EEB46B33E9A] - [16/03/2010 02:14:31] - (.-.) - [2168] - (0.0.0.0) - C:\Windows\MOD01SET78000G0018.enc [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\ModemLogs [26/01/2011 09:32:34] - |D| - [303104] - C:\Windows\msapps [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 04:35:42] - (.-.) - [1405] - (0.0.0.0) - C:\Windows\msdfmap.ini [07/07/2009 10:37:25] - |D| - [12211102] - C:\Windows\NAPP_Dism_Log [MD5.2852D5DC4DF9BF5390976C9890076DE1] - [05/10/2009 22:41:14] - (.-.) - [741] - (0.0.0.0) - C:\Windows\NewDeployWinRE.cmd [MD5.B32189BDFF6E577A92BAA61AD49264E6] - [15/09/2015 18:19:19] - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [193536] - (6.1.7601.18917) - C:\Windows\notepad.exe [MD5.D41D8CD98F00B204E9800998ECF8427E] - [22/10/2010 11:47:44] - (.-.) - [0] - (0.0.0.0) - C:\Windows\nsreg.dat [MD5.4BC35974DFEF7410231E14E538703130] - [05/11/2010 10:30:47] - (.-.) - [642] - (0.0.0.0) - C:\Windows\ODBC.INI [MD5.AC833A0EE2ED8CB96BA94A66D3516DDB] - [26/01/2011 09:34:58] - (.-.) - [1470] - (0.0.0.0) - C:\Windows\ODBCINST.INI [16/03/2010 01:55:20] - |D| - [229228] - C:\Windows\oem [16/03/2010 01:57:27] - |D| - [499712] - C:\Windows\OEMTemp [14/07/2009 07:32:38] - |D| - [65] - C:\Windows\Offline Web Pages [12/07/2007 03:49:28] - |D| - [1064898] - C:\Windows\Panther [MD5.ACA81BF682ED2907FCEDF4A359BB8E1B] - [16/03/2010 02:06:59] - (.-.) - [70] - (0.0.0.0) - C:\Windows\patch.loag [05/11/2010 10:29:18] - |D| - [0] - C:\Windows\PCHEALTH [14/07/2009 07:32:38] - |D| - [62076038] - C:\Windows\Performance [MD5.A2B595833236D15A5B37A9A48D70226A] - [21/06/2016 14:21:32] - (.-.) - [326] - (0.0.0.0) - C:\Windows\PFRO.log [14/07/2009 05:20:10] - |D| - [1132015] - C:\Windows\PLA [14/07/2009 05:20:10] - |D| - [2972554] - C:\Windows\PolicyDefinitions [MD5.D41D8CD98F00B204E9800998ECF8427E] - [29/10/2010 14:08:00] - (.-.) - [0] - (0.0.0.0) - C:\Windows\PowerReg.dat [16/03/2010 01:16:16] - |D| - [32255752] - C:\Windows\Prefetch [18/06/2015 16:40:07] - |D| - [0] - C:\Windows\pss [MD5.2E2C937846A0B8789E5E91739284D17A] - [14/07/2009 01:27:10] - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [427008] - (6.1.7600.16385) - C:\Windows\regedit.exe [14/07/2009 05:20:10] - |D| - [9526496] - C:\Windows\rescache [14/07/2009 05:20:10] - |D| - [1674534] - C:\Windows\Resources [MD5.BB0880BB3D46FF7054F98D2A643CD055] - [16/03/2010 01:37:08] - (.Realtek Semiconductor Corp. Copyright (C) 2009 - RtlExUpd DLL for setup utility function.) - [831488] - (1.0.1.5) - C:\Windows\RtlExUpd.dll [MD5.DA256F9F53336B560201CDEFEAE35320] - [27/06/2012 18:15:58] - (.2008: (c) Realtek. - CCX Diagnostics.) - [380928] - (700.1002.311.2009) - C:\Windows\RtlUI2.exe [MD5.678C7EA24776534FF6DDF491A4F86005] - [27/06/2012 18:15:58] - (.-.) - [901] - (0.0.0.0) - C:\Windows\RtlUI2.exe.manifest [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\SchCache [14/07/2009 05:20:10] - |D| - [58021] - C:\Windows\schemas [14/07/2009 05:20:10] - |D| - [1056768] - C:\Windows\security [14/07/2009 06:45:47] - |D| - [124618308] - C:\Windows\ServiceProfiles [14/07/2009 05:20:10] - |D| - [218145500] - C:\Windows\servicing [14/07/2009 06:45:50] - |D| - [119080] - C:\Windows\Setup [MD5.772DBA37106E4639B7579F32749090E1] - [27/10/2010 16:41:22] - (.Copyright (c) 1987-1998 Microsoft Corporation - Jeu d'outils d'installation de Visual Basic 6.0.) - [290816] - (6.0.0.8171) - C:\Windows\Setup1.exe [MD5.A0B08A0DF407A8396720CE779E3FFF71] - [19/06/2016 17:32:26] - (.-.) - [840] - (0.0.0.0) - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/06/2016 17:32:26] - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log [14/07/2009 09:45:02] - |D| - [76736] - C:\Windows\ShellNew [07/07/2009 00:50:43] - |D| - [1700631015] - C:\Windows\SoftwareDistribution [14/07/2009 05:20:10] - |D| - [70579144] - C:\Windows\Speech [MD5.127AA81343A7C6F665C22CB1293B0A90] - [17/09/2012 16:29:33] - (.© Microsoft Corporation. - Print driver host for 32bit applications.) - [67072] - (6.1.7601.17777) - C:\Windows\splwow64.exe [MD5.656402786336DB2FBCCDB002ABA6C703] - [27/10/2010 16:36:19] - (.-.) - [334] - (0.0.0.0) - C:\Windows\ST6UNST.000 [MD5.656402786336DB2FBCCDB002ABA6C703] - [27/10/2010 16:38:21] - (.-.) - [334] - (0.0.0.0) - C:\Windows\ST6UNST.001 [MD5.656402786336DB2FBCCDB002ABA6C703] - [31/12/2012 14:15:11] - (.-.) - [334] - (0.0.0.0) - C:\Windows\ST6UNST.002 [MD5.7A235A793BF8FFCC7DF255C8D2932089] - [16/02/2013 17:31:46] - (.-.) - [1552] - (0.0.0.0) - C:\Windows\ST6UNST.003 [MD5.3C8C580667D3D8292A20881D4AE09BF6] - [27/10/2010 16:40:39] - (.Copyright © 1987-1998 Microsoft Corp. - Programme de désinstallation du Jeu d'outils d'installation Visual Basic.) - [74752] - (6.0.81.69) - C:\Windows\ST6UNST.EXE [MD5.9060C3C745E7B2D8E1A81DD061021546] - [14/07/2009 07:28:38] - (.-.) - [48201] - (0.0.0.0) - C:\Windows\Starter.xml [28/09/2013 11:00:19] - |D| - [0] - C:\Windows\Sun [14/07/2009 05:20:10] - |D| - [488288] - C:\Windows\system [MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 04:34:57] - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [12/07/2007 03:51:11] - |D| - [4178501002] - C:\Windows\System32 [14/07/2009 05:20:14] - |D| - [1272920376] - C:\Windows\SysWOW64 [14/07/2009 05:20:14] - |D| - [15] - C:\Windows\TAPI [14/07/2009 05:20:14] - |D| - [40596] - C:\Windows\Tasks [14/07/2009 05:20:14] - |D| - [5340020] - C:\Windows\Temp [14/07/2009 05:20:14] - |D| - [0] - C:\Windows\tracing [MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/06/2009 23:41:17] - (.- Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\Windows\twain.dll [14/07/2009 07:32:38] - |D| - [230400] - C:\Windows\twain_32 [MD5.163A95975E1D8819E653AA3E961371CA] - [24/06/2011 08:53:35] - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\Windows\twain_32.dll [MD5.F36A271706EDD23C94956AFB56981184] - [14/07/2009 00:47:26] - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\Windows\twunk_16.exe [MD5.0BD6E68F3EA0DD62CD86283D86895381] - [14/07/2009 02:14:40] - (.- Twain.dll Client's 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\Windows\twunk_32.exe [MD5.F58B343105C941C95B13DD6C56356713] - [26/01/2011 09:34:46] - (.-.) - [1273] - (0.0.0.0) - C:\Windows\VB.INI [MD5.CDD1F434D53FDD8DCE0743C4D008818F] - [26/01/2011 09:34:49] - (.-.) - [71] - (0.0.0.0) - C:\Windows\VBAddin.INI [14/07/2009 05:20:14] - |D| - [12420] - C:\Windows\Vss [14/07/2009 05:20:14] - |D| - [44910977] - C:\Windows\Web [MD5.A599161222308D2CDAF5D8D10CB97E91] - [14/07/2009 04:34:57] - (.-.) - [954] - (0.0.0.0) - C:\Windows\win.ini [MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [14/07/2009 06:54:24] - (.-.) - [749] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.9AF33B94ED2232B71BD47B37D62E609B] - [20/07/2011 13:34:29] - (.-.) - [1329757] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [31/10/2010 16:08:34] - (.-.) - [0] - (0.0.0.0) - C:\Windows\winfile.ini [MD5.1D420D66250BCAAAED05724FB34008CF] - [14/07/2009 02:12:29] - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [9728] - (6.1.7600.16385) - C:\Windows\winhlp32.exe [MD5.4577CFF6A846295B9CFFD87B06DA9D3F] - [01/11/2010 11:37:05] - (.-.) - [7828] - (0.0.0.0) - C:\Windows\WININIT.INI [14/07/2009 05:20:14] - |D| - [30960501802] - C:\Windows\winsxs [MD5.907AE50A03DEEC4CFFDC70EA3D5AD4D8] - [31/03/2014 21:34:22] - (.© 2012 Microsoft Corporation. Tous droits réservés. - Écran de veille de la Galerie de photos.) - [322248] - (16.4.3528.331) - C:\Windows\WLXPGSS.SCR [MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [10/06/2009 22:52:44] - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.F8ED3B4B209E2CB49028E36CF06CA851] - [14/07/2009 01:56:28] - (.© Microsoft Corporation. - Windows Write.) - [10240] - (6.1.7600.16385) - C:\Windows\write.exe ¤¤¤¤¤¤¤¤¤¤ | Systemroot\System [27/10/2010 17:38:39] - |A| - [61440] - C:\Windows\System\LANGS40.DLL (Copyright (c) PROject MT, Ltd., 1993-2000) - (Language support DLL (32-bit version)) [27/10/2010 09:02:09] - |A| - [258880] - C:\Windows\System\MSFlxGrd.Ocx (Copyright © 1987-2000 Microsoft Corp.) - (MSFlexGrid) [26/10/2010 15:52:34] - |A| - [167968] - C:\Windows\System\MSMASK32.OCX (Copyright © 1987-1998 Microsoft Corp.) - (MSMask) ¤¤¤¤¤¤¤¤¤¤ | Systemroot\Installer [22/05/2016 15:48:06] - C:\Windows\Installer\1124730.msi : (Adobe AIR Installer - Adobe Systems Incorporated) [22/02/2015 19:07:03] - C:\Windows\Installer\1441b21a.msi : (Scratch 2 - MIT Media Lab) [30/04/2016 10:45:57] - C:\Windows\Installer\1a7ce0c8.msi : (Skype - Skype Technologies S.A.) [28/10/2011 23:33:10] - C:\Windows\Installer\1bd79.msi : ( - Hewlett-Packard Company) [30/09/2011 20:32:56] - C:\Windows\Installer\1bd7f.msi : (Active Check Local Mode .NET - Hewlett-Packard) [05/09/2012 09:39:22] - C:\Windows\Installer\1cce553.msi : (LG United Mobile Drivers - LG Electronics) [13/05/2015 10:24:00] - C:\Windows\Installer\1df843.msi : (Blank Project Template - TomTom) [07/10/2013 22:02:56] - C:\Windows\Installer\20cd26.msi : (Google Earth - Google) [12/01/2015 19:08:54] - C:\Windows\Installer\20ecff62.msi : (Blank Project Template - TomTom) [07/08/2009 16:10:28] - C:\Windows\Installer\216656.msi : ( - Oliver Carr) [21/04/2016 08:17:52] - C:\Windows\Installer\2245db.msi : (Java SE Runtime Environment 8 Update 91 - Oracle Corporation) [21/04/2016 08:19:07] - C:\Windows\Installer\2245e8.msi : (Java Auto Updater - Oracle Corporation) [05/03/2010 11:21:38] - C:\Windows\Installer\2b6d9.msi : (Catalyst Control Center - ATI Technologies, Inc.) [05/03/2010 11:24:44] - C:\Windows\Installer\2b6e0.msi : (ATI Catalyst Install Manager Installer (64 bit) - ATI Technologies, Inc.) [05/03/2010 11:23:14] - C:\Windows\Installer\2b6ee.msi : (ATI AVIVO Codecs Installatin package - ATI Technologies Inc.) [14/08/2009 03:57:08] - C:\Windows\Installer\2b910.msi : (Branding - ATI) [05/03/2010 11:15:56] - C:\Windows\Installer\2b916.msi : (Catalyst Control Center - ATI) [05/03/2010 11:17:26] - C:\Windows\Installer\2b91c.msi : (Catalyst Control Center - ATI) [05/03/2010 11:17:36] - C:\Windows\Installer\2b922.msi : (Catalyst Control Center - ATI) [05/03/2010 11:17:50] - C:\Windows\Installer\2b928.msi : (Catalyst Control Center - ATI) [05/03/2010 11:15:20] - C:\Windows\Installer\2b92e.msi : (Catalyst Control Center - ATI) [05/03/2010 11:18:02] - C:\Windows\Installer\2b935.msi : (Catalyst Control Center - ATI) [05/03/2010 11:18:10] - C:\Windows\Installer\2b93b.msi : (Catalyst Control Center - ATI) [05/03/2010 11:18:18] - C:\Windows\Installer\2b941.msi : (Catalyst Control Center - ATI) [05/03/2010 11:18:26] - C:\Windows\Installer\2b947.msi : (Catalyst Control Center - ATI) [05/03/2010 11:18:34] - C:\Windows\Installer\2b94d.msi : (Catalyst Control Center - ATI) [05/03/2010 11:18:44] - C:\Windows\Installer\2b953.msi : (Catalyst Control Center - ATI) [05/03/2010 11:18:52] - C:\Windows\Installer\2b959.msi : (Catalyst Control Center - ATI) [05/03/2010 11:19:00] - C:\Windows\Installer\2b95f.msi : (Catalyst Control Center - ATI) [05/03/2010 11:19:10] - C:\Windows\Installer\2b965.msi : (Catalyst Control Center - ATI) [05/03/2010 11:19:20] - C:\Windows\Installer\2b96b.msi : (Catalyst Control Center - ATI) [05/03/2010 11:19:28] - C:\Windows\Installer\2b971.msi : (Catalyst Control Center - ATI) [05/03/2010 11:19:36] - C:\Windows\Installer\2b977.msi : (Catalyst Control Center - ATI) [05/03/2010 11:19:44] - C:\Windows\Installer\2b97d.msi : (Catalyst Control Center - ATI) [05/03/2010 11:19:54] - C:\Windows\Installer\2b983.msi : (Catalyst Control Center - ATI) [05/03/2010 11:20:04] - C:\Windows\Installer\2b989.msi : (Catalyst Control Center - ATI) [05/03/2010 11:20:12] - C:\Windows\Installer\2b98f.msi : (Catalyst Control Center - ATI) [05/03/2010 11:20:22] - C:\Windows\Installer\2b995.msi : (Catalyst Control Center - ATI) [05/03/2010 11:20:30] - C:\Windows\Installer\2b99b.msi : (Catalyst Control Center - ATI) [05/03/2010 11:20:38] - C:\Windows\Installer\2b9a1.msi : (Catalyst Control Center - ATI) [05/03/2010 11:20:48] - C:\Windows\Installer\2b9a7.msi : (Catalyst Control Center - ATI) [05/03/2010 11:20:58] - C:\Windows\Installer\2b9ad.msi : (Catalyst Control Center - ATI) [05/03/2010 11:21:06] - C:\Windows\Installer\2b9b3.msi : (Catalyst Control Center - ATI) [05/03/2010 11:21:28] - C:\Windows\Installer\2b9b9.msi : (Catalyst Control Center - ATI) [05/03/2010 11:21:56] - C:\Windows\Installer\2b9bf.msi : (Catalyst Control Center Utility 64 - ATI) [05/03/2010 11:16:54] - C:\Windows\Installer\2b9c6.msi : (Catalyst Control Center - ATI) [07/01/2010 07:06:56] - C:\Windows\Installer\2b9d2.msi : (AMD DnD V1.0.20 - AMD) [01/05/2009 06:07:02] - C:\Windows\Installer\2eea29.msi : ( - Cisco Systems, Inc.) [01/04/2009 12:29:40] - C:\Windows\Installer\2eea2f.msi : ( - Cisco Systems, Inc.) [01/04/2009 11:41:50] - C:\Windows\Installer\2eea35.msi : ( - Cisco Systems, Inc.) [05/02/2010 10:48:12] - C:\Windows\Installer\347ad.msi : (Blank Project Template - CyberLink Corp.) [05/02/2010 10:59:10] - C:\Windows\Installer\347b2.msi : (Blank Project Template - CyberLink Corp.) [05/02/2010 10:56:28] - C:\Windows\Installer\347b7.msi : (Blank Project Template - CyberLink Corp.) [05/02/2010 10:52:12] - C:\Windows\Installer\347bc.msi : (Blank Project Template - CyberLink Corp.) [27/06/2014 08:55:52] - C:\Windows\Installer\35406b.msi : (Blank Project Template - TomTom) [12/11/2010 05:59:57] - C:\Windows\Installer\3e3128.msi : ( - ) [18/06/2016 08:10:28] - C:\Windows\Installer\47579ac.msi : (Skype - Skype Technologies S.A.) [23/05/2016 17:15:02] - C:\Windows\Installer\4e981c8.msi : (7-Zip (x64 edition) Package - Igor Pavlov) [13/11/2014 09:39:31] - C:\Windows\Installer\4fbdc8a.msi : (Google Update Helper - Google Inc.) [06/05/2016 11:47:06] - C:\Windows\Installer\51799a.msi : (Evernote v. 6.0.6 - Evernote Corp.) [25/04/2011 20:17:49] - C:\Windows\Installer\6c90b.msi : (64 Bit HP CIO Components Installer Package - Hewlett-Packard) [16/03/2010 01:48:05] - C:\Windows\Installer\72204.msi : (eSobi - esobi Inc.) [27/10/2014 12:57:11] - C:\Windows\Installer\79541.msi : (HP Update - Hewlett-Packard) [01/09/2009 06:54:30] - C:\Windows\Installer\94676.msi : ( -) [17/03/2015 10:41:29] - C:\Windows\Installer\9596c38.msi : ( - Adobe Systems Incorporated) [30/09/2015 16:19:11] - C:\Windows\Installer\9d86349.msi : (Blank Project Template - TomTom) [29/08/2011 19:21:04] - C:\Windows\Installer\ac964c.msi : ( - David Torne) [16/03/2010 01:58:54] - C:\Windows\Installer\c52c.msi : (MyWinLocker Suite - Egis Technology Inc.) [16/03/2010 01:59:18] - C:\Windows\Installer\c532.msi : (MyWinLocker - Egis Technology Inc.) [03/02/2010 09:05:08] - C:\Windows\Installer\c56b.msi : ( - Nero AG) [03/02/2010 09:04:48] - C:\Windows\Installer\c575.msi : (ImagXpress - Nero AG) [03/02/2010 09:05:38] - C:\Windows\Installer\c57e.msi : (Advertising Helper Tools Installer - Nero AG) [03/02/2010 09:05:42] - C:\Windows\Installer\c583.msi : (Nero StartSmart Installer - Nero AG) [03/02/2010 09:05:30] - C:\Windows\Installer\c58f.msi : (Nero Express Installer - Nero AG) [03/02/2010 09:05:26] - C:\Windows\Installer\c594.msi : (Nero DriveSpeed Installer - Nero AG) [03/02/2010 09:05:34] - C:\Windows\Installer\c599.msi : (Nero InfoTool Installer - Nero AG) [03/02/2010 09:05:22] - C:\Windows\Installer\c59e.msi : (Nero DiscSpeed Installer - Nero AG) [03/02/2010 09:05:18] - C:\Windows\Installer\c5a3.msi : (Nero ControlCenter Installer - Nero AG) [03/02/2010 09:05:38] - C:\Windows\Installer\c5a8.msi : (Nero Online Upgrade Installer - Nero AG) [03/02/2010 09:05:44] - C:\Windows\Installer\c5ad.msi : (Nero StartSmart Installer - Nero AG) [03/02/2010 09:05:46] - C:\Windows\Installer\c5b2.msi : (Nero StartSmart Installer - Nero AG) [03/02/2010 09:05:32] - C:\Windows\Installer\c5b7.msi : (Nero Express Installer - Nero AG) [03/02/2010 09:05:28] - C:\Windows\Installer\c5bc.msi : (Nero DriveSpeed Help Installer - Nero AG) [03/02/2010 09:05:36] - C:\Windows\Installer\c5c1.msi : (Nero InfoTool Help Installer - Nero AG) [03/02/2010 09:05:24] - C:\Windows\Installer\c5c6.msi : (Nero DiscSpeed Help Installer - Nero AG) [03/02/2010 09:05:20] - C:\Windows\Installer\c5cb.msi : (Nero ControlCenter Installer - Nero AG) [03/02/2010 09:05:40] - C:\Windows\Installer\c5d0.msi : (This installer database contains the logic and data required to install a Nero Product - Nero AG) [16/03/2010 02:07:43] - C:\Windows\Installer\c5e1.msi : (Acrobat.com - Adobe Systems Incorporated) [25/07/2009 01:42:09] - C:\Windows\Installer\c5e6.msi : (Norton Online Backup - Symantec) [07/01/2011 23:55:36] - C:\Windows\Installer\d668d7.msi : (Google SketchUp 8 Installer - Google, Inc.) [28/03/2016 09:46:56] - C:\Windows\Installer\dbf467e.msi : (Java SE Runtime Environment 8 Update 77 - Oracle Corporation) [29/01/2010 18:41:13] - C:\Windows\Installer\e70c10.msi : ( - ) [29/01/2010 14:36:53] - C:\Windows\Installer\e70c17.msi : ( -) [29/01/2010 19:15:19] - C:\Windows\Installer\e70c1d.msi : (Hewlett-Packard - Hewlett-Packard) [29/01/2010 14:03:03] - C:\Windows\Installer\e70c23.msi : ( - ) [17/11/2009 18:29:29] - C:\Windows\Installer\e70c29.msi : ( - ) [17/11/2009 18:46:23] - C:\Windows\Installer\e70c2f.msi : ( - ) [17/11/2009 21:45:15] - C:\Windows\Installer\e70c39.msi : ( - ) [29/01/2010 16:06:30] - C:\Windows\Installer\e70c3f.msi : ( - ) [17/11/2009 22:43:00] - C:\Windows\Installer\e70c46.msi : ( - ) [17/11/2009 22:03:11] - C:\Windows\Installer\e70c4c.msi : ( - ) [17/11/2009 22:16:43] - C:\Windows\Installer\e70c52.msi : ( - ) [17/11/2009 13:45:20] - C:\Windows\Installer\e70c5f.msi : ( - ) [17/11/2009 16:14:35] - C:\Windows\Installer\e70c65.msi : (Builds the Destinations MSI - Builds the Destinations MSI) [29/01/2010 16:04:51] - C:\Windows\Installer\e70c6e.msi : ( - ) [17/11/2009 15:39:22] - C:\Windows\Installer\e70c74.msi : ( - ) [17/11/2009 14:52:40] - C:\Windows\Installer\e70c7a.msi : ( - ) [17/11/2009 16:58:23] - C:\Windows\Installer\e70c80.msi : ( - ) [17/11/2009 18:42:30] - C:\Windows\Installer\e70c86.msi : ( - ) [21/10/2009 23:30:22] - C:\Windows\Installer\e70c8c.msi : ( - ) [22/05/2016 11:05:22] - C:\Windows\Installer\f5405.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [22/05/2016 10:58:13] - C:\Windows\Installer\f540d.msi : (Google Update Helper - Google Inc.) ¤¤¤¤¤¤¤¤¤¤ | %System%\*.in* [14/07/2009 06:57:09] - [73] - C:\Windows\System32\desktop.ini [15/04/2015 11:31:22] - [16303] - C:\Windows\System32\ieuinit.inf [03/02/2007 09:59:04] - [50127] - C:\Windows\System32\lvcoin64.ini [14/07/2009 07:13:15] - [1669656] - C:\Windows\System32\PerfStringBackup.INI [10/06/2009 23:01:25] - [60124] - C:\Windows\System32\tcpmon.ini [15/04/2015 11:31:24] - [16303] - C:\Windows\Syswow64\ieuinit.inf [14/07/2009 06:55:01] - [535] - C:\Windows\Syswow64\mapisvc.inf [01/04/2003 11:58:02] - [5260] - C:\Windows\Syswow64\OUTLPERF.INI [25/02/2014 13:29:39] - [1643788] - C:\Windows\Syswow64\PerfStringBackup.INI ¤¤¤¤¤¤¤¤¤¤ | [Gérard] [04/01/2015 13:11:04] - |D| - [203] - C:\Users\Gérard\.dvdcss [02/01/2011 17:47:06] - |D| - [343487] - C:\Users\Gérard\.gimp-2.6 [04/04/2016 18:46:43] - |D| - [67072] - C:\Users\Gérard\.jssc [15/09/2015 18:25:22] - |D| - [535] - C:\Users\Gérard\.oracle_jre_usage [23/05/2011 10:48:37] - |A| - [877] - C:\Users\Gérard\.recently-used.xbel [02/01/2011 17:52:45] - |D| - [391] - C:\Users\Gérard\.thumbnails [21/10/2010 08:14:39] - |HD| - [5574606411] - C:\Users\Gérard\AppData [21/10/2010 08:14:39] - |SHD| - [0] - C:\Users\Gérard\Application Data [21/10/2010 08:16:05] - |RD| - [68788] - C:\Users\Gérard\Contacts [21/10/2010 08:14:39] - |SHD| - [0] - C:\Users\Gérard\Cookies [21/10/2010 08:14:39] - |RD| - [2719869024] - C:\Users\Gérard\Desktop [21/10/2010 08:14:39] - |RD| - [2356539232] - C:\Users\Gérard\Documents [21/10/2010 08:14:39] - |RD| - [4175298] - C:\Users\Gérard\Downloads [04/07/2014 11:51:12] - |RD| - [1304238386] - C:\Users\Gérard\Dropbox [07/12/2010 19:17:00] - |D| - [0] - C:\Users\Gérard\dwhelper [21/10/2010 08:14:39] - |RD| - [24437] - C:\Users\Gérard\Favorites [21/10/2010 08:14:39] - |RD| - [3951] - C:\Users\Gérard\Links [21/10/2010 08:14:39] - |SHD| - [0] - C:\Users\Gérard\Local Settings [21/10/2010 08:14:39] - |SHD| - [0] - C:\Users\Gérard\Menu Démarrer [21/10/2010 08:14:39] - |SHD| - [0] - C:\Users\Gérard\Mes documents [21/10/2010 08:14:39] - |SHD| - [0] - C:\Users\Gérard\Modèles [21/10/2010 08:14:39] - |RD| - [689183] - C:\Users\Gérard\Music [21/10/2010 08:14:39] - |ASH| - [10747904] - C:\Users\Gérard\ntuser.dat [21/10/2010 08:14:39] - |ASH| - [262144] - C:\Users\Gérard\ntuser.dat.LOG1 [21/10/2010 08:14:39] - |ASH| - [0] - C:\Users\Gérard\ntuser.dat.LOG2 [21/10/2010 08:14:39] - |ASH| - [65536] - C:\Users\Gérard\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [21/10/2010 08:14:39] - |ASH| - [524288] - C:\Users\Gérard\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [21/10/2010 08:14:39] - |ASH| - [524288] - C:\Users\Gérard\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [27/07/2011 08:46:20] - |ASH| - [65536] - C:\Users\Gérard\ntuser.dat{3da92852-b819-11e0-9220-00262d332c98}.TM.blf [27/07/2011 08:46:20] - |ASH| - [524288] - C:\Users\Gérard\ntuser.dat{3da92852-b819-11e0-9220-00262d332c98}.TMContainer00000000000000000001.regtrans-ms [27/07/2011 08:46:20] - |ASH| - [524288] - C:\Users\Gérard\ntuser.dat{3da92852-b819-11e0-9220-00262d332c98}.TMContainer00000000000000000002.regtrans-ms [22/02/2012 09:56:13] - |ASH| - [65536] - C:\Users\Gérard\ntuser.dat{5f76a0eb-5d20-11e1-aed2-00262d332c98}.TM.blf [22/02/2012 09:56:13] - |ASH| - [524288] - C:\Users\Gérard\ntuser.dat{5f76a0eb-5d20-11e1-aed2-00262d332c98}.TMContainer00000000000000000001.regtrans-ms [22/02/2012 09:56:13] - |ASH| - [524288] - C:\Users\Gérard\ntuser.dat{5f76a0eb-5d20-11e1-aed2-00262d332c98}.TMContainer00000000000000000002.regtrans-ms [27/07/2011 08:22:45] - |ASH| - [65536] - C:\Users\Gérard\ntuser.dat{cda4275f-b818-11e0-b9bc-00262d332c98}.TM.blf [27/07/2011 08:22:45] - |ASH| - [524288] - C:\Users\Gérard\ntuser.dat{cda4275f-b818-11e0-b9bc-00262d332c98}.TMContainer00000000000000000001.regtrans-ms [27/07/2011 08:22:45] - |ASH| - [524288] - C:\Users\Gérard\ntuser.dat{cda4275f-b818-11e0-b9bc-00262d332c98}.TMContainer00000000000000000002.regtrans-ms [07/07/2011 09:58:22] - |ASH| - [65536] - C:\Users\Gérard\ntuser.dat{d97e785f-a86e-11e0-b44a-00262d332c98}.TM.blf [07/07/2011 09:58:22] - |ASH| - [524288] - C:\Users\Gérard\ntuser.dat{d97e785f-a86e-11e0-b44a-00262d332c98}.TMContainer00000000000000000001.regtrans-ms [07/07/2011 09:58:22] - |ASH| - [524288] - C:\Users\Gérard\ntuser.dat{d97e785f-a86e-11e0-b44a-00262d332c98}.TMContainer00000000000000000002.regtrans-ms [20/07/2011 11:24:06] - |ASH| - [65536] - C:\Users\Gérard\ntuser.dat{faed545f-b2b1-11e0-b369-00262d332c98}.TM.blf [20/07/2011 11:24:06] - |ASH| - [524288] - C:\Users\Gérard\ntuser.dat{faed545f-b2b1-11e0-b369-00262d332c98}.TMContainer00000000000000000001.regtrans-ms [20/07/2011 11:24:06] - |ASH| - [524288] - C:\Users\Gérard\ntuser.dat{faed545f-b2b1-11e0-b369-00262d332c98}.TMContainer00000000000000000002.regtrans-ms [21/10/2010 08:14:39] - |SH| - [20] - C:\Users\Gérard\ntuser.ini [21/10/2010 08:14:39] - |RD| - [12652271] - C:\Users\Gérard\Pictures [21/10/2010 08:14:39] - |SHD| - [0] - C:\Users\Gérard\Recent [11/01/2016 16:26:56] - |A| - [209] - C:\Users\Gérard\RecTVEdit.prefs [21/10/2010 08:14:39] - |RD| - [282] - C:\Users\Gérard\Saved Games [21/10/2010 08:16:18] - |RD| - [1964] - C:\Users\Gérard\Searches [21/10/2010 08:14:39] - |SHD| - [0] - C:\Users\Gérard\SendTo [19/03/2012 17:51:42] - |D| - [517] - C:\Users\Gérard\temp [23/10/2010 14:34:59] - |D| - [7593984] - C:\Users\Gérard\Tracing [21/10/2010 08:14:39] - |RD| - [504] - C:\Users\Gérard\Videos [21/10/2010 08:14:39] - |SHD| - [0] - C:\Users\Gérard\Voisinage d'impression [21/10/2010 08:14:39] - |SHD| - [0] - C:\Users\Gérard\Voisinage réseau [04/02/2015 17:11:02] - |ASH| - [37] - C:\Users\Gérard\AppData\Local\70149b02515b3bb20dd492.47983420 [07/07/2014 11:35:48] - |D| - [16526474] - C:\Users\Gérard\AppData\Local\Adobe [21/10/2010 08:14:39] - |SHD| - [0] - C:\Users\Gérard\AppData\Local\Application Data [22/10/2010 10:45:31] - |D| - [1230129] - C:\Users\Gérard\AppData\Local\Apps [04/04/2016 18:46:41] - |D| - [1186178] - C:\Users\Gérard\AppData\Local\Arduino15 [21/10/2010 08:14:39] - |D| - [60175] - C:\Users\Gérard\AppData\Local\ATI [21/04/2013 13:45:55] - |A| - [107056] - C:\Users\Gérard\AppData\Local\BlackToText907.tif [11/11/2010 12:03:58] - |D| - [1881541] - C:\Users\Gérard\AppData\Local\Broad Intelligence [01/11/2015 14:34:55] - |D| - [0] - C:\Users\Gérard\AppData\Local\CEF [21/10/2010 11:04:16] - |D| - [117751] - C:\Users\Gérard\AppData\Local\Cyberlink [23/12/2010 17:11:09] - |A| - [3584] - C:\Users\Gérard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [22/10/2010 10:45:31] - |D| - [0] - C:\Users\Gérard\AppData\Local\Deployment [21/10/2010 08:46:58] - |D| - [0] - C:\Users\Gérard\AppData\Local\Diagnostics [22/09/2012 11:30:00] - |D| - [301918720] - C:\Users\Gérard\AppData\Local\Downloaded Installations [17/06/2015 09:29:52] - |D| - [82448713] - C:\Users\Gérard\AppData\Local\Dropbox [21/10/2010 08:16:31] - |D| - [182] - C:\Users\Gérard\AppData\Local\EgisTec IPS [21/10/2010 13:06:47] - |D| - [0] - C:\Users\Gérard\AppData\Local\ElevatedDiagnostics [31/12/2014 10:09:00] - |SHD| - [0] - C:\Users\Gérard\AppData\Local\EmieBrowserModeList [04/07/2014 11:59:53] - |SHD| - [0] - C:\Users\Gérard\AppData\Local\EmieSiteList [04/07/2014 11:59:53] - |SHD| - [0] - C:\Users\Gérard\AppData\Local\EmieUserList [22/01/2013 11:07:45] - |D| - [930742988] - C:\Users\Gérard\AppData\Local\Evernote [07/04/2014 18:08:24] - |D| - [1693510] - C:\Users\Gérard\AppData\Local\EvernoteNW [21/10/2010 08:14:50] - |A| - [96952] - C:\Users\Gérard\AppData\Local\GDIPFONTCACHEV1.DAT [21/10/2010 09:24:05] - |D| - [1384600470] - C:\Users\Gérard\AppData\Local\Google [21/06/2015 09:09:30] - |D| - [71] - C:\Users\Gérard\AppData\Local\GWX [21/10/2010 08:14:39] - |SHD| - [0] - C:\Users\Gérard\AppData\Local\Historique [23/10/2010 14:51:22] - |D| - [87412] - C:\Users\Gérard\AppData\Local\HP [16/11/2015 12:50:03] - |AH| - [5352890] - C:\Users\Gérard\AppData\Local\IconCache.db [04/02/2015 17:11:00] - |D| - [957] - C:\Users\Gérard\AppData\Local\IsolatedStorage [17/12/2012 17:51:44] - |D| - [16303538] - C:\Users\Gérard\AppData\Local\LG Electronics [01/11/2010 11:06:41] - |D| - [0] - C:\Users\Gérard\AppData\Local\Logitech-LS [19/06/2012 07:50:51] - |D| - [0] - C:\Users\Gérard\AppData\Local\Macromedia [04/02/2015 17:11:00] - |D| - [9938] - C:\Users\Gérard\AppData\Local\MetaGeek,_LLC [21/10/2010 08:14:39] - |D| - [242395598] - C:\Users\Gérard\AppData\Local\Microsoft [23/10/2010 10:09:49] - |D| - [0] - C:\Users\Gérard\AppData\Local\Microsoft Help [22/10/2010 14:41:11] - |D| - [517049001] - C:\Users\Gérard\AppData\Local\Mozilla [04/02/2015 17:11:02] - |SHD| - [0] - C:\Users\Gérard\AppData\Local\ms-drivers [21/10/2010 11:04:05] - |D| - [4750271] - C:\Users\Gérard\AppData\Local\PowerCinema [03/03/2013 16:27:22] - |D| - [0] - C:\Users\Gérard\AppData\Local\Programs [20/02/2015 12:20:37] - |A| - [17] - C:\Users\Gérard\AppData\Local\resmon.resmoncfg [01/03/2014 10:29:06] - |D| - [0] - C:\Users\Gérard\AppData\Local\Skype [21/10/2010 08:14:39] - |D| - [39224908] - C:\Users\Gérard\AppData\Local\Temp [21/10/2010 08:14:39] - |SHD| - [0] - C:\Users\Gérard\AppData\Local\Temporary Internet Files [22/10/2010 11:47:38] - |D| - [41855185] - C:\Users\Gérard\AppData\Local\Thunderbird [27/10/2010 10:19:48] - |D| - [3874102] - C:\Users\Gérard\AppData\Local\TomTom [21/10/2010 08:16:04] - |D| - [17010639] - C:\Users\Gérard\AppData\Local\VirtualStore [23/10/2010 10:11:59] - |D| - [57344] - C:\Users\Gérard\AppData\Local\Windows Live [11/10/2012 09:48:37] - |D| - [0] - C:\Users\Gérard\AppData\Local\{068C515A-231B-4797-872F-4346A65A219A} [25/10/2012 09:30:12] - |D| - [0] - C:\Users\Gérard\AppData\Local\{101D1FD3-40C2-46D7-9101-45EA3CA02E7B} [17/04/2015 15:26:00] - |D| - [0] - C:\Users\Gérard\AppData\Local\{158962FD-67C6-44BE-B696-23BA2FFEFFD4} [02/10/2013 13:22:35] - |D| - [0] - C:\Users\Gérard\AppData\Local\{168FA364-99CC-4078-91CF-A288B722E667} [02/10/2013 13:38:10] - |D| - [0] - C:\Users\Gérard\AppData\Local\{1F674CED-C9B7-4543-9A73-EE5958499BD5} [10/10/2012 18:30:30] - |D| - [0] - C:\Users\Gérard\AppData\Local\{2F8372D4-AD75-4FCA-A328-3F2CFC6A0A13} [09/05/2015 11:05:20] - |D| - [0] - C:\Users\Gérard\AppData\Local\{5B883E18-8261-47AF-9E95-2E5C531ACF39} [25/11/2014 10:11:50] - |D| - [0] - C:\Users\Gérard\AppData\Local\{5F53ED30-499A-4D9E-B28D-B3D847D1C43D} [05/01/2015 10:19:29] - |D| - [0] - C:\Users\Gérard\AppData\Local\{776914C6-C1FF-484B-A008-538A529641C0} [05/11/2012 18:28:52] - |D| - [0] - C:\Users\Gérard\AppData\Local\{B59D2B64-F9C2-4878-85F3-9FE94C69E060} [12/10/2012 17:38:36] - |D| - [0] - C:\Users\Gérard\AppData\Local\{B98E9E3A-9ECF-4604-A493-27563A6F9DE9} [04/01/2015 15:24:49] - |D| - [0] - C:\Users\Gérard\AppData\Local\{C984D061-AC6F-421D-83EF-AB41B69C863E} [07/01/2015 11:08:59] - |D| - [0] - C:\Users\Gérard\AppData\Local\{D3A113CE-F708-462D-A530-629064C4ACA0} [19/09/2013 11:52:45] - |D| - [0] - C:\Users\Gérard\AppData\Local\{DB6CCEF9-BF7F-45B6-94DB-441D278DF4E3} [20/04/2016 09:26:17] - |A| - [0] - C:\Users\Gérard\AppData\Local\{F157A493-92FF-4971-9B86-1070DE6660B4} [16/09/2014 08:51:58] - |ASH| - [174] - C:\Users\Gérard\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [21/10/2010 08:14:39] - |SHD| - [0] - C:\Users\Gérard\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [21/10/2010 08:14:39] - |RD| - [5370] - C:\Users\Gérard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [21/10/2010 08:14:39] - |RD| - [0] - C:\Users\Gérard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [21/10/2010 08:16:18] - |RD| - [174] - C:\Users\Gérard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [16/09/2014 08:51:58] - |ASH| - [174] - C:\Users\Gérard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [10/06/2016 10:10:30] - |D| - [1031] - C:\Users\Gérard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [14/02/2016 15:14:31] - |D| - [1438] - C:\Users\Gérard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake [18/04/2015 09:28:22] - |D| - [2379] - C:\Users\Gérard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [21/10/2010 08:14:39] - |RD| - [0] - C:\Users\Gérard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [03/02/2011 11:22:42] - |D| - [0] - C:\Users\Gérard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft GIF Animator [11/06/2016 11:19:03] - |D| - [0] - C:\Users\Gérard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre [23/02/2015 16:43:39] - |D| - [0] - C:\Users\Gérard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QCAD [21/10/2010 08:16:18] - |RD| - [174] - C:\Users\Gérard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [16/09/2014 08:51:58] - |ASH| - [174] - C:\Users\Gérard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ¤¤¤¤¤¤¤¤¤¤ | [Public] [14/07/2009 05:20:08] - |RHD| - [7037] - C:\Users\Public\Desktop [14/07/2009 06:54:24] - |ASH| - [174] - C:\Users\Public\desktop.ini [14/07/2009 05:20:08] - |RD| - [645] - C:\Users\Public\Documents [14/07/2009 05:20:08] - |RD| - [174] - C:\Users\Public\Downloads [14/07/2009 05:20:08] - |RHD| - [0] - C:\Users\Public\Favorites [14/07/2009 05:20:08] - |RHD| - [2130] - C:\Users\Public\Libraries [14/07/2009 05:20:08] - |RD| - [17440870] - C:\Users\Public\Music [08/12/2010 16:46:17] - |A| - [262144] - C:\Users\Public\NTUSER.DAT [08/12/2010 16:46:17] - |ASH| - [5120] - C:\Users\Public\NTUSER.DAT.LOG1 [08/12/2010 16:46:17] - |ASH| - [0] - C:\Users\Public\NTUSER.DAT.LOG2 [17/12/2015 15:00:13] - |ASH| - [65536] - C:\Users\Public\NTUSER.DAT{0213f43c-9fff-11e5-98cf-00262d332c98}.TM.blf [17/12/2015 15:00:13] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{0213f43c-9fff-11e5-98cf-00262d332c98}.TMContainer00000000000000000001.regtrans-ms [17/12/2015 15:00:13] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{0213f43c-9fff-11e5-98cf-00262d332c98}.TMContainer00000000000000000002.regtrans-ms [04/02/2011 13:36:15] - |ASH| - [65536] - C:\Users\Public\NTUSER.DAT{1f734bae-3041-11e0-be20-00262d332c98}.TM.blf [04/02/2011 13:36:18] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{1f734bae-3041-11e0-be20-00262d332c98}.TMContainer00000000000000000001.regtrans-ms [04/02/2011 13:36:20] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{1f734bae-3041-11e0-be20-00262d332c98}.TMContainer00000000000000000002.regtrans-ms [03/01/2015 18:37:27] - |ASH| - [65536] - C:\Users\Public\NTUSER.DAT{78545142-90bc-11e4-a352-00262d332c98}.TM.blf [03/01/2015 18:37:27] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{78545142-90bc-11e4-a352-00262d332c98}.TMContainer00000000000000000001.regtrans-ms [03/01/2015 18:37:27] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{78545142-90bc-11e4-a352-00262d332c98}.TMContainer00000000000000000002.regtrans-ms [30/01/2015 10:42:09] - |ASH| - [65536] - C:\Users\Public\NTUSER.DAT{ad5fafbd-a63a-11e4-bbd4-00262d332c98}.TM.blf [30/01/2015 10:42:09] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{ad5fafbd-a63a-11e4-bbd4-00262d332c98}.TMContainer00000000000000000001.regtrans-ms [30/01/2015 10:42:09] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{ad5fafbd-a63a-11e4-bbd4-00262d332c98}.TMContainer00000000000000000002.regtrans-ms [08/12/2010 16:46:17] - |ASH| - [65536] - C:\Users\Public\NTUSER.DAT{e33f3c99-02d6-11e0-b1b2-00262d332c98}.TM.blf [08/12/2010 16:46:17] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{e33f3c99-02d6-11e0-b1b2-00262d332c98}.TMContainer00000000000000000001.regtrans-ms [08/12/2010 16:46:17] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{e33f3c99-02d6-11e0-b1b2-00262d332c98}.TMContainer00000000000000000002.regtrans-ms [27/01/2015 17:06:19] - |ASH| - [65536] - C:\Users\Public\NTUSER.DAT{e90a0be5-a22b-11e4-abe5-00262d332c98}.TM.blf [27/01/2015 17:06:19] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{e90a0be5-a22b-11e4-abe5-00262d332c98}.TMContainer00000000000000000001.regtrans-ms [27/01/2015 17:06:19] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{e90a0be5-a22b-11e4-abe5-00262d332c98}.TMContainer00000000000000000002.regtrans-ms [21/10/2010 14:54:56] - |D| - [1015] - C:\Users\Public\OEM [14/07/2009 05:20:08] - |RD| - [16156267] - C:\Users\Public\Pictures [14/07/2009 09:44:38] - |RD| - [9699328] - C:\Users\Public\Recorded TV [14/07/2009 05:20:08] - |RD| - [26246732] - C:\Users\Public\Videos ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData [16/03/2010 01:47:55] - |D| - [3825072] - C:\ProgramData\Acer [16/03/2010 02:07:16] - |D| - [219404100] - C:\ProgramData\Adobe [08/12/2010 16:52:28] - |D| - [0] - C:\ProgramData\Alwil Software [14/07/2009 07:08:56] - |SHD| - [17164459662] - C:\ProgramData\Application Data [07/07/2009 01:00:32] - |A| - [15625] - C:\ProgramData\ArcadeDeluxe4.log [07/07/2009 00:58:53] - |D| - [1184227] - C:\ProgramData\ATI [30/06/2014 18:06:23] - |D| - [108280] - C:\ProgramData\Auslogics [06/11/2013 11:04:26] - |D| - [133918105] - C:\ProgramData\AVAST Software [04/01/2015 13:09:53] - |D| - [0] - C:\ProgramData\Baidu [21/10/2010 08:14:36] - |SHD| - [7037] - C:\ProgramData\Bureau [24/01/2011 16:48:42] - |D| - [0] - C:\ProgramData\Canneverbe Limited [07/07/2009 01:00:32] - |D| - [103530] - C:\ProgramData\CyberLink [24/01/2011 12:24:49] - |D| - [1520] - C:\ProgramData\DAEMON Tools Lite [14/07/2009 07:08:56] - |SHD| - [7037] - C:\ProgramData\Desktop [14/07/2009 07:08:56] - |SHD| - [645] - C:\ProgramData\Documents [17/06/2015 09:29:52] - |D| - [760172] - C:\ProgramData\Dropbox [16/03/2010 01:59:29] - |D| - [29485] - C:\ProgramData\EgisTec IPS [16/03/2010 01:48:18] - |D| - [420] - C:\ProgramData\eSobi [21/10/2010 08:14:36] - |SHD| - [0] - C:\ProgramData\Favoris [14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Favorites [14/02/2016 15:14:30] - |D| - [0] - C:\ProgramData\Freemake [16/03/2010 01:41:02] - |A| - [131472] - C:\ProgramData\FullRemove.exe [16/03/2010 01:58:42] - |D| - [523440] - C:\ProgramData\Google [23/10/2010 13:55:16] - |D| - [24951802] - C:\ProgramData\HP [23/10/2010 14:06:00] - |D| - [8988] - C:\ProgramData\HP Product Assistant [23/10/2010 13:56:40] - |A| - [1798] - C:\ProgramData\hpzinstall.log [28/01/2015 19:11:47] - |D| - [0] - C:\ProgramData\IDM [21/03/2014 21:36:02] - |D| - [134311038] - C:\ProgramData\Malwarebytes [21/10/2010 08:14:36] - |SHD| - [508750] - C:\ProgramData\Menu Démarrer [14/07/2009 05:20:08] - |SD| - [641405899] - C:\ProgramData\Microsoft [16/03/2010 01:49:55] - |D| - [122008] - C:\ProgramData\Microsoft Help [21/10/2010 08:14:36] - |SHD| - [0] - C:\ProgramData\Modèles [03/05/2012 12:49:25] - |D| - [38146] - C:\ProgramData\Mozilla [16/03/2010 02:03:18] - |D| - [11083261] - C:\ProgramData\Nero [16/03/2010 01:47:28] - |D| - [1509197] - C:\ProgramData\OberonGameConsole [16/03/2010 02:08:07] - |D| - [141] - C:\ProgramData\OEM [28/09/2013 10:59:52] - |D| - [70997662] - C:\ProgramData\Oracle [22/01/2016 12:07:53] - |D| - [7369391] - C:\ProgramData\Package Cache [30/10/2010 09:28:51] - |A| - [12431360] - C:\ProgramData\sandra.mda [05/10/2013 17:49:34] - |D| - [12624] - C:\ProgramData\Scrabble2009 [01/11/2010 10:37:39] - |D| - [236340104] - C:\ProgramData\Skype [25/10/2010 10:21:53] - |D| - [2605597] - C:\ProgramData\Spybot - Search & Destroy [14/07/2009 07:08:56] - |SHD| - [508750] - C:\ProgramData\Start Menu [28/09/2013 10:59:14] - |D| - [364] - C:\ProgramData\Sun [16/03/2010 02:08:08] - |D| - [867] - C:\ProgramData\Symantec [07/07/2009 01:00:32] - |AD| - [163911] - C:\ProgramData\Temp [14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Templates [27/10/2010 10:41:09] - |D| - [266625] - C:\ProgramData\TomTom [23/10/2010 14:20:27] - |D| - [206] - C:\ProgramData\WEBREG [30/10/2010 10:11:40] - |A| - [0] - C:\ProgramData\xml341B.tmp [30/10/2010 10:11:42] - |A| - [0] - C:\ProgramData\xml3A63.tmp [12/04/2016 09:35:23] - |A| - [0] - C:\ProgramData\xml4098.tmp [04/10/2013 09:47:38] - |A| - [0] - C:\ProgramData\xml40E7.tmp [12/04/2016 09:35:24] - |A| - [0] - C:\ProgramData\xml4154.tmp [04/10/2013 09:47:38] - |A| - [0] - C:\ProgramData\xml4165.tmp [12/04/2016 09:35:24] - |A| - [0] - C:\ProgramData\xml41C3.tmp [12/04/2016 09:35:24] - |A| - [0] - C:\ProgramData\xml4260.tmp [17/11/2010 17:14:45] - |A| - [0] - C:\ProgramData\xml4F0A.tmp [17/11/2010 17:14:45] - |A| - [0] - C:\ProgramData\xml4FC6.tmp [30/10/2010 09:29:42] - |A| - [0] - C:\ProgramData\xmlC6C7.tmp [13/12/2010 09:37:59] - |A| - [0] - C:\ProgramData\xmlD9DB.tmp [13/12/2010 09:37:59] - |A| - [0] - C:\ProgramData\xmlDA97.tmp [30/10/2010 09:29:47] - |A| - [0] - C:\ProgramData\xmlDAE4.tmp [30/10/2010 09:29:47] - |A| - [0] - C:\ProgramData\xmlDBCF.tmp [31/01/2011 11:51:46] - |A| - [0] - C:\ProgramData\xmlDBEE.tmp [30/10/2010 09:29:47] - |A| - [0] - C:\ProgramData\xmlDC4D.tmp [31/01/2011 11:51:46] - |A| - [0] - C:\ProgramData\xmlDCE9.tmp ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData\Microsoft\Windows\Start Menu [23/10/2010 14:05:52] - |A| - [1419] - C:\ProgramData\Microsoft\Windows\Start Menu\Centre de solutions HP.lnk [14/07/2009 07:01:14] - |A| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk [14/07/2009 06:49:40] - |ASH| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [02/01/2013 17:17:44] - |A| - [1120] - C:\ProgramData\Microsoft\Windows\Start Menu\LG PC Suite.Lnk [05/11/2010 10:29:57] - |A| - [2665] - C:\ProgramData\Microsoft\Windows\Start Menu\Nouveau document Office.lnk [05/11/2010 10:29:57] - |A| - [2661] - C:\ProgramData\Microsoft\Windows\Start Menu\Ouvrir un document Office.lnk [21/10/2010 08:14:36] - |SHD| - [497895] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [14/07/2009 05:20:08] - |RD| - [497895] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 06:49:40] - |A| - [1266] - C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [28/11/2011 19:52:45] - |D| - [7519] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks [23/05/2016 17:15:12] - |D| - [1565] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [14/07/2009 05:20:08] - |RD| - [42685] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [16/03/2010 01:55:21] - |D| - [9193] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer [07/07/2009 01:03:00] - |RD| - [2436] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Arcade Deluxe [16/03/2010 01:41:01] - |D| - [36337] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone [07/07/2009 00:58:16] - |D| - [641] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem [01/11/2015 14:30:22] - |A| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [14/07/2009 07:32:38] - |RD| - [18363] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [25/10/2010 18:17:03] - |D| - [4442] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Annuaire [27/10/2015 16:03:51] - |D| - [46] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Attribute Changer [15/03/2011 11:33:07] - |A| - [1062] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity 1.3 Beta (Unicode).lnk [29/06/2012 15:26:25] - |D| - [3270] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics [22/03/2016 16:49:55] - |A| - [1001] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk [17/06/2015 12:51:20] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Axantum AxCrypt [27/06/2012 18:16:41] - |D| - [4805] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeeWi [07/07/2009 00:56:14] - |D| - [10448] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [29/01/2011 10:42:31] - |A| - [1696] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk [21/12/2010 12:50:26] - |D| - [2003] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDex [16/07/2013 09:15:32] - |D| - [1818] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID [26/10/2010 11:25:10] - |D| - [1922] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Date [14/07/2009 06:54:23] - |ASH| - [1696] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [24/10/2010 18:27:04] - |D| - [2975] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ditto [21/12/2010 10:59:55] - |D| - [5141] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [20/05/2011 18:44:27] - |D| - [4416] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-anim701 [01/04/2016 14:02:15] - |D| - [2992] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.8 [16/03/2010 01:59:59] - |D| - [4383] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec [06/12/2010 16:57:20] - |D| - [957] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Encodage [16/03/2010 01:48:14] - |RD| - [2761] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSobi v2 [06/05/2016 11:49:03] - |D| - [2525] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote [13/03/2012 12:07:24] - |D| - [1902] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exifer [21/04/2012 15:34:28] - |D| - [6614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow [30/11/2011 17:32:05] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Formulaire [27/06/2012 18:28:43] - |D| - [2284] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Converter [14/02/2016 15:14:31] - |D| - [1346] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake [14/07/2009 07:32:38] - |RD| - [8926] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [02/01/2011 17:46:21] - |D| - [2260] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP [11/12/2013 12:50:48] - |D| - [8420] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [18/04/2011 11:45:14] - |D| - [2047] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 8 [13/11/2010 09:59:29] - |D| - [1919] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GSpot [21/04/2013 13:43:59] - |D| - [2683] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GT Text [07/07/2009 01:00:46] - |D| - [6088] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter [23/10/2010 14:03:32] - |D| - [18685] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [27/10/2010 16:23:32] - |D| - [2062] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icones Bureau [15/05/2013 19:33:30] - |D| - [3108] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IE AdBlock [21/04/2012 14:46:31] - |D| - [3023] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageGrab [08/01/2014 17:29:43] - |D| - [3997] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inno Setup 5 [08/01/2014 17:35:55] - |D| - [6289] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISTool [31/03/2014 16:17:54] - |D| - [2863] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVCsoft [26/11/2014 11:23:49] - |D| - [6872] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [07/07/2009 01:13:58] - |A| - [1187] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lanceur de tâches Microsoft Works.lnk [17/12/2012 17:51:44] - |D| - [2364] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite [07/07/2011 10:50:42] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [07/01/2015 17:45:49] - |D| - [5887] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lupas Rename 2000 [14/07/2009 05:20:08] - |RD| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [16/03/2010 01:18:32] - |A| - [1345] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [03/02/2011 11:22:42] - |D| - [4261] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft GIF Animator [16/03/2010 01:51:38] - |RD| - [36526] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [18/09/2012 11:56:42] - |D| - [2269] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [26/01/2011 09:34:46] - |D| - [9052] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Basic 6.0 [26/01/2011 09:34:57] - |D| - [7552] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual SourceSafe [07/07/2009 01:13:58] - |D| - [19702] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works [09/05/2015 14:29:54] - |A| - [1309] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk [28/07/2011 10:26:40] - |A| - [1217] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [16/03/2010 02:03:32] - |D| - [30913] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [16/03/2010 02:08:08] - |D| - [2413] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup [10/05/2011 11:14:36] - |D| - [6238] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NovaLogic [28/01/2014 14:54:52] - |D| - [6329] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ObviousIdea [09/05/2015 14:29:31] - |A| - [1378] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk [27/10/2010 10:15:32] - |D| - [4249] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre [11/06/2016 11:09:53] - |D| - [3404] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X [02/11/2010 11:41:46] - |D| - [3252] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 [30/12/2010 12:29:05] - |A| - [2206] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerpointImageExtractor V1.2.lnk [23/02/2015 16:43:39] - |D| - [2728] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QCAD [23/11/2014 14:54:23] - |D| - [1260] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scratch [22/02/2015 19:09:32] - |A| - [897] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scratch 2.lnk [14/07/2009 06:57:08] - |A| - [1330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk [31/03/2016 18:04:14] - |D| - [2141] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [17/06/2015 11:23:19] - |D| - [11019] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 [17/06/2015 11:23:19] - |A| - [1399] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk [14/07/2009 05:20:08] - |RD| - [2277] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [21/05/2011 13:51:58] - |D| - [2850] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SWF to GIF [14/07/2009 09:44:38] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [03/12/2014 17:28:16] - |A| - [975] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk [09/11/2010 11:56:29] - |D| - [6167] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomCat Soft [27/06/2014 08:57:59] - |D| - [4615] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom [30/09/2013 18:19:07] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft [15/05/2011 15:37:16] - |D| - [2046] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnFREEz 2.1 [01/10/2013 13:57:44] - |D| - [7986] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [28/05/2011 17:15:36] - |D| - [2067] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VirtualDubMOD [07/07/2009 01:14:36] - |A| - [2571] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visionneuse Microsoft Office PowerPoint 2007.lnk [14/07/2009 06:57:09] - |A| - [1352] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk [16/03/2010 01:18:29] - |A| - [1326] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [14/07/2009 06:54:59] - |A| - [1210] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk [09/05/2015 14:30:10] - |RD| - [2445] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [23/10/2010 10:15:48] - |A| - [1462] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [23/10/2010 10:15:18] - |A| - [2490] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [14/07/2009 06:57:06] - |A| - [1547] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [14/04/2015 12:50:53] - |D| - [2139] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView [14/07/2009 06:57:08] - |A| - [1246] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 06:54:23] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [23/10/2010 14:05:02] - |A| - [2103] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files (x86) [28/11/2011 19:52:44] - |D| - [5673555] - C:\Program Files (x86)\2BrightSparks [16/03/2010 01:55:21] - |D| - [48970907] - C:\Program Files (x86)\Acer [07/07/2009 01:00:36] - |D| - [246190675] - C:\Program Files (x86)\Acer Arcade Deluxe [16/03/2010 01:40:46] - |D| - [797999005] - C:\Program Files (x86)\Acer GameZone [16/03/2010 02:07:04] - |D| - [218713039] - C:\Program Files (x86)\Adobe [25/10/2010 18:17:03] - |D| - [2413982] - C:\Program Files (x86)\Annuaire [28/01/2011 18:25:01] - |D| - [0] - C:\Program Files (x86)\Astonsoft [07/07/2009 00:50:30] - |D| - [86063470] - C:\Program Files (x86)\ATI Technologies [15/03/2011 11:33:03] - |D| - [34388114] - C:\Program Files (x86)\Audacity 1.3 Beta (Unicode) [29/06/2012 15:26:20] - |D| - [22996642] - C:\Program Files (x86)\Auslogics [10/11/2010 11:48:26] - |D| - [7966233] - C:\Program Files (x86)\BeeWi [25/10/2010 10:37:39] - |D| - [19564459] - C:\Program Files (x86)\CCleaner [21/12/2010 12:50:23] - |D| - [10709597] - C:\Program Files (x86)\CDex [27/06/2012 18:16:46] - |D| - [3598306] - C:\Program Files (x86)\Cisco [14/07/2009 05:20:08] - |D| - [880519354] - C:\Program Files (x86)\Common Files [24/01/2011 11:39:23] - |D| - [7202991] - C:\Program Files (x86)\Convar [07/07/2009 01:01:32] - |D| - [449962] - C:\Program Files (x86)\Cyberlink [01/10/2013 09:12:15] - |D| - [27796674] - C:\Program Files (x86)\DAEMON Tools Lite [26/10/2010 11:25:10] - |D| - [917477] - C:\Program Files (x86)\Date [14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [24/10/2010 18:27:03] - |D| - [23379145] - C:\Program Files (x86)\Ditto [17/07/2014 18:34:40] - |D| - [4967312] - C:\Program Files (x86)\Dnote Software [21/12/2010 10:59:53] - |D| - [3769893] - C:\Program Files (x86)\DVDVideoSoft [01/04/2016 14:01:55] - |D| - [95287767] - C:\Program Files (x86)\EaseUS [16/03/2010 01:59:29] - |D| - [3120417] - C:\Program Files (x86)\EgisTec IPS [16/03/2010 01:59:29] - |D| - [49958027] - C:\Program Files (x86)\EgisTec MyWinLocker [28/01/2011 12:25:32] - |D| - [0] - C:\Program Files (x86)\Elaborate Bytes [06/12/2010 16:57:10] - |D| - [60716093] - C:\Program Files (x86)\Encodage [16/03/2010 01:48:13] - |D| - [21920374] - C:\Program Files (x86)\eSobi [22/01/2013 11:07:23] - |D| - [229809303] - C:\Program Files (x86)\Evernote [13/03/2012 12:07:24] - |D| - [3575373] - C:\Program Files (x86)\Exifer [21/04/2012 15:34:27] - |D| - [17442235] - C:\Program Files (x86)\ffdshow [25/09/2011 11:29:37] - |D| - [5303337] - C:\Program Files (x86)\Formulaire [12/11/2010 11:40:57] - |D| - [11359502] - C:\Program Files (x86)\Free Video Converter [14/02/2016 15:14:15] - |D| - [77113940] - C:\Program Files (x86)\Freemake [04/01/2015 13:08:48] - |D| - [0] - C:\Program Files (x86)\FreeTime [02/01/2011 17:46:09] - |D| - [112244355] - C:\Program Files (x86)\GIMP-2.0 [18/02/2013 18:42:53] - |D| - [0] - C:\Program Files (x86)\GoforFiles [16/03/2010 01:58:42] - |D| - [359510864] - C:\Program Files (x86)\Google [13/11/2010 09:59:29] - |D| - [448669] - C:\Program Files (x86)\GSpot221 [07/07/2009 01:00:45] - |D| - [5280787] - C:\Program Files (x86)\Haali [28/05/2012 17:00:38] - |D| - [1975314] - C:\Program Files (x86)\Hewlett-Packard [23/10/2010 14:00:24] - |D| - [196601765] - C:\Program Files (x86)\HP [27/10/2010 16:23:32] - |D| - [725039] - C:\Program Files (x86)\Icones Bureau [15/05/2013 19:33:30] - |D| - [2541908] - C:\Program Files (x86)\IE AdBlock [21/04/2012 14:46:31] - |D| - [3430114] - C:\Program Files (x86)\ImageGrab [08/01/2014 17:29:42] - |D| - [4386099] - C:\Program Files (x86)\Inno Setup 5 [16/03/2010 01:28:33] - |HD| - [92301211] - C:\Program Files (x86)\InstallShield Installation Information [14/07/2009 05:20:08] - |D| - [10534137] - C:\Program Files (x86)\Internet Explorer [08/01/2014 17:35:55] - |D| - [3369020] - C:\Program Files (x86)\ISTool [31/03/2014 16:17:49] - |D| - [60842963] - C:\Program Files (x86)\IVCsoft [28/09/2013 10:58:35] - |D| - [345794327] - C:\Program Files (x86)\Java [15/11/2010 16:45:14] - |D| - [2425390] - C:\Program Files (x86)\KC Softwares [07/12/2010 19:39:51] - |D| - [40376711] - C:\Program Files (x86)\Kizoa [15/03/2011 11:49:05] - |D| - [1237297] - C:\Program Files (x86)\Lame For Audacity [17/12/2012 17:51:03] - |D| - [210008670] - C:\Program Files (x86)\LG Electronics [01/11/2010 11:00:01] - |D| - [144661034] - C:\Program Files (x86)\Logitech [07/01/2015 17:45:49] - |D| - [1153290] - C:\Program Files (x86)\Lupas Rename 2000 [26/06/2014 18:28:08] - |D| - [60305139] - C:\Program Files (x86)\Malwarebytes Anti-Malware [21/03/2014 21:36:01] - |D| - [0] - C:\Program Files (x86)\Malwarebytes' Anti-Malware [28/05/2011 17:26:24] - |D| - [90232765] - C:\Program Files (x86)\MediaCoder [02/11/2010 14:24:15] - |D| - [800662] - C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 [14/11/2010 18:42:17] - |D| - [16191755229] - C:\Program Files (x86)\Microsoft Games [03/02/2011 11:22:31] - |D| - [1537594] - C:\Program Files (x86)\Microsoft GIF Animator [16/03/2010 01:49:55] - |D| - [681360998] - C:\Program Files (x86)\Microsoft Office [16/03/2010 01:53:50] - |D| - [7791803] - C:\Program Files (x86)\Microsoft Office Suite Activation Assistant [18/09/2012 11:56:32] - |D| - [42884494] - C:\Program Files (x86)\Microsoft Silverlight [07/07/2009 01:07:44] - |D| - [1829877] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [05/11/2010 10:29:22] - |D| - [77408361] - C:\Program Files (x86)\Microsoft Visual Studio [07/07/2009 01:10:37] - |D| - [657681] - C:\Program Files (x86)\Microsoft Visual Studio 8 [16/03/2010 01:51:13] - |D| - [147949908] - C:\Program Files (x86)\Microsoft Works [16/03/2010 01:51:04] - |D| - [155007] - C:\Program Files (x86)\Microsoft.NET [10/06/2016 12:36:22] - |D| - [97620756] - C:\Program Files (x86)\Mozilla Firefox [03/05/2012 12:49:23] - |D| - [277479] - C:\Program Files (x86)\Mozilla Maintenance Service [10/06/2016 10:23:48] - |D| - [88422070] - C:\Program Files (x86)\Mozilla Thunderbird [14/07/2009 07:32:38] - |D| - [25757] - C:\Program Files (x86)\MSBuild [05/11/2010 10:43:45] - |D| - [94068697] - C:\Program Files (x86)\MSECache [23/10/2010 09:54:03] - |D| - [0] - C:\Program Files (x86)\MSXML 4.0 [16/03/2010 02:03:25] - |D| - [377644899] - C:\Program Files (x86)\Nero [29/10/2010 14:06:00] - |D| - [487173948] - C:\Program Files (x86)\NovaLogic [28/01/2014 14:54:50] - |D| - [26460683] - C:\Program Files (x86)\ObviousIdea [21/10/2010 08:15:01] - |D| - [106432] - C:\Program Files (x86)\OEM [25/10/2010 10:55:05] - |D| - [26440663] - C:\Program Files (x86)\PDFCreator [27/10/2010 10:15:32] - |D| - [3700648] - C:\Program Files (x86)\PhotoFiltre [30/12/2010 12:29:05] - |D| - [1757319] - C:\Program Files (x86)\PowerpointImageExtractor_V1_2 [27/10/2010 16:46:37] - |D| - [47903] - C:\Program Files (x86)\Projet1 [26/01/2011 09:34:45] - |D| - [139316] - C:\Program Files (x86)\Publication Web [23/02/2015 16:43:36] - |D| - [118436235] - C:\Program Files (x86)\QCAD [16/03/2010 01:37:08] - |D| - [3357289] - C:\Program Files (x86)\Realtek [14/07/2009 07:32:38] - |D| - [39175425] - C:\Program Files (x86)\Reference Assemblies [22/02/2015 19:09:26] - |D| - [61318126] - C:\Program Files (x86)\Scratch 2 [31/03/2016 18:04:13] - |RD| - [87331892] - C:\Program Files (x86)\Skype [25/10/2010 10:21:53] - |D| - [2884779] - C:\Program Files (x86)\Spybot - Search & Destroy [17/06/2015 11:23:11] - |D| - [317832786] - C:\Program Files (x86)\Spybot - Search & Destroy 2 [16/03/2010 02:08:08] - |D| - [2202256] - C:\Program Files (x86)\Symantec [19/03/2012 17:55:02] - |D| - [46757125] - C:\Program Files (x86)\TeamViewer [16/03/2010 01:37:08] - |HD| - [3737072] - C:\Program Files (x86)\Temp [09/11/2013 11:35:37] - |D| - [51513696] - C:\Program Files (x86)\TomTom HOME 2 [27/10/2010 10:19:38] - |D| - [22486] - C:\Program Files (x86)\TomTom International B.V [05/10/2013 17:46:03] - |D| - [232670088] - C:\Program Files (x86)\Ubisoft [15/05/2011 15:37:16] - |D| - [90312] - C:\Program Files (x86)\UnFREEz [14/07/2009 06:57:06] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [21/04/2013 13:43:59] - |D| - [5001472] - C:\Program Files (x86)\Universitat Autonoma de Barcelona [24/10/2010 18:10:39] - |D| - [134714408] - C:\Program Files (x86)\VideoLAN [28/05/2011 17:15:35] - |D| - [6334375] - C:\Program Files (x86)\VirtualDubMOD [25/10/2010 09:47:24] - |D| - [6840319] - C:\Program Files (x86)\VS Revo Group [14/07/2009 07:32:38] - |D| - [524800] - C:\Program Files (x86)\Windows Defender [07/07/2009 01:06:27] - |D| - [154251104] - C:\Program Files (x86)\Windows Live [14/07/2009 05:20:08] - |D| - [6181376] - C:\Program Files (x86)\Windows Mail [14/07/2009 07:32:38] - |D| - [5024017] - C:\Program Files (x86)\Windows Media Player [14/07/2009 05:20:08] - |D| - [12197556] - C:\Program Files (x86)\Windows NT [14/07/2009 07:32:38] - |D| - [4417800] - C:\Program Files (x86)\Windows Photo Viewer [14/07/2009 07:32:38] - |D| - [189952] - C:\Program Files (x86)\Windows Portable Devices [14/07/2009 07:32:38] - |D| - [5994626] - C:\Program Files (x86)\Windows Sidebar [14/04/2015 12:50:52] - |D| - [18048586] - C:\Program Files (x86)\XnView [23/10/2010 14:07:09] - |D| - [662190] - C:\Program Files (x86)\Yahoo! ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files [23/05/2016 17:15:12] - |D| - [4967336] - C:\Program Files\7-Zip [16/03/2010 01:56:27] - |D| - [17551212] - C:\Program Files\Acer [21/10/2010 08:15:05] - |D| - [252761] - C:\Program Files\Acer Accessory Store [08/12/2010 16:52:28] - |D| - [0] - C:\Program Files\Alwil Software [07/07/2009 00:50:33] - |D| - [23129992] - C:\Program Files\ATI [10/02/2014 19:03:08] - |D| - [1260380570] - C:\Program Files\AVAST Software [09/07/2015 16:10:35] - |D| - [33578805] - C:\Program Files\Avidemux 2.6 - 64 bits [29/01/2011 10:42:30] - |D| - [19329172] - C:\Program Files\CDBurnerXP [14/07/2009 05:20:08] - |D| - [82691336] - C:\Program Files\Common Files [16/07/2013 09:15:32] - |D| - [3543174] - C:\Program Files\CPUID [14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files\desktop.ini [14/07/2009 07:32:38] - |D| - [90256916] - C:\Program Files\DVD Maker [21/10/2010 08:14:36] - |SHD| - [82691336] - C:\Program Files\Fichiers communs [16/03/2010 01:58:44] - |D| - [0] - C:\Program Files\Google [14/07/2009 05:20:08] - |D| - [30571404] - C:\Program Files\Internet Explorer [14/07/2009 07:32:38] - |D| - [148931122] - C:\Program Files\Microsoft Games [16/03/2010 01:50:14] - |D| - [168] - C:\Program Files\Microsoft Office [18/09/2012 11:56:32] - |D| - [55714702] - C:\Program Files\Microsoft Silverlight [14/07/2009 07:32:38] - |D| - [25757] - C:\Program Files\MSBuild [22/01/2016 12:21:13] - |D| - [1329223] - C:\Program Files\NVIDIA Corporation [16/03/2010 01:47:55] - |D| - [1825075] - C:\Program Files\Preload [16/03/2010 01:37:14] - |D| - [12164256] - C:\Program Files\Realtek [24/01/2011 11:10:56] - |D| - [4218744] - C:\Program Files\Recuva [14/07/2009 07:32:38] - |D| - [36834473] - C:\Program Files\Reference Assemblies [30/10/2010 09:28:50] - |D| - [68656275] - C:\Program Files\SiSoftware [21/05/2011 13:51:58] - |D| - [2923702] - C:\Program Files\SWF to GIF [14/07/2009 07:09:26] - |HD| - [0] - C:\Program Files\Uninstall Information [27/10/2010 17:56:07] - |D| - [258548] - C:\Program Files\Unlocker [14/07/2009 07:32:38] - |D| - [4039680] - C:\Program Files\Windows Defender [14/07/2009 09:45:58] - |D| - [9240696] - C:\Program Files\Windows Journal [09/05/2015 14:27:44] - |D| - [52928] - C:\Program Files\Windows Live [14/07/2009 05:20:08] - |D| - [6667776] - C:\Program Files\Windows Mail [14/07/2009 07:32:38] - |D| - [7687085] - C:\Program Files\Windows Media Player [14/07/2009 05:20:08] - |D| - [12627636] - C:\Program Files\Windows NT [14/07/2009 07:32:38] - |D| - [5516056] - C:\Program Files\Windows Photo Viewer [14/07/2009 07:32:38] - |D| - [244736] - C:\Program Files\Windows Portable Devices [14/07/2009 07:32:38] - |D| - [8552347] - C:\Program Files\Windows Sidebar ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files (x86)\Common Files [17/06/2011 08:02:28] - |D| - [9236091] - C:\Program Files (x86)\Common Files\Adobe [16/03/2010 02:07:40] - |D| - [51091534] - C:\Program Files (x86)\Common Files\Adobe AIR [07/07/2009 00:56:27] - |D| - [296656] - C:\Program Files (x86)\Common Files\ATI Technologies [04/12/2015 09:23:48] - |D| - [1539377] - C:\Program Files (x86)\Common Files\AV [05/11/2010 10:29:34] - |D| - [2154202] - C:\Program Files (x86)\Common Files\DESIGNER [21/12/2010 10:59:53] - |D| - [30085003] - C:\Program Files (x86)\Common Files\DVDVideoSoft [14/02/2016 15:14:30] - |D| - [628224] - C:\Program Files (x86)\Common Files\Freemake Shared [23/10/2010 14:04:02] - |D| - [997653] - C:\Program Files (x86)\Common Files\Hewlett-Packard [23/10/2010 14:04:06] - |D| - [1408164] - C:\Program Files (x86)\Common Files\HP [16/03/2010 01:37:06] - |D| - [10172148] - C:\Program Files (x86)\Common Files\InstallShield [21/04/2016 08:19:23] - |D| - [1966664] - C:\Program Files (x86)\Common Files\Java [21/11/2010 15:44:21] - |D| - [45581] - C:\Program Files (x86)\Common Files\Microsoft Games [14/07/2009 05:20:08] - |D| - [396682523] - C:\Program Files (x86)\Common Files\microsoft shared [16/03/2010 02:03:17] - |D| - [123576475] - C:\Program Files (x86)\Common Files\Nero [16/03/2010 01:41:00] - |D| - [354896] - C:\Program Files (x86)\Common Files\Oberon Media [14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [31/03/2016 18:04:14] - |D| - [2399872] - C:\Program Files (x86)\Common Files\Skype [14/07/2009 05:20:08] - |D| - [41103783] - C:\Program Files (x86)\Common Files\SpeechEngines [14/07/2009 05:20:08] - |D| - [25596125] - C:\Program Files (x86)\Common Files\System [07/07/2009 01:05:37] - |D| - [181181681] - C:\Program Files (x86)\Common Files\Windows Live ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files\Common files [07/07/2009 00:54:33] - |D| - [5023232] - C:\Program Files\Common files\ATI Technologies [04/12/2015 09:23:48] - |D| - [3378681] - C:\Program Files\Common files\AV [01/11/2010 11:15:12] - |D| - [651264] - C:\Program Files\Common files\logishrd [14/07/2009 05:20:08] - |D| - [60836494] - C:\Program Files\Common files\Microsoft Shared [14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files\Common files\Services [14/07/2009 05:20:08] - |D| - [608768] - C:\Program Files\Common files\SpeechEngines [14/07/2009 05:20:08] - |D| - [12190195] - C:\Program Files\Common files\System ¤¤¤¤¤¤¤¤¤¤ | Tasks [MD5.28AA07F6F150E34242725C1A2C60EDE6] - [02/04/2012 15:05:29] - |A| - [1002] - C:\Windows\Tasks\Adobe Flash Player Updater.job [MD5.11897286BA4FA5FE29D3148D819A8C3A] - [17/06/2015 09:29:52] - |A| - [1148] - C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4025010814-1608385043-2583931102-1000Core.job [MD5.BCA7A69E0919C5C9877F60F9F68C6DB6] - [17/06/2015 09:29:54] - |A| - [1200] - C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4025010814-1608385043-2583931102-1000UA.job [MD5.7668390FD5632047DD815C7D1861F86A] - [05/11/2010 17:36:09] - |A| - [1066] - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [MD5.4F576D17145061EC48E9EDACD0319BA1] - [05/11/2010 17:36:10] - |A| - [1070] - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.BBB604F222B19E0ECEEF3BC45DA3DEA5] - [02/07/2012 09:58:51] - |A| - [1030] - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4025010814-1608385043-2583931102-1000Core.job [MD5.7CA4F55C2E904B1A01CEBA62DB18F202] - [02/07/2012 09:58:53] - |A| - [1082] - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4025010814-1608385043-2583931102-1000UA.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [14/07/2009 07:08:49] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.36683C073F84D1578CFACD36E6BD52C8] - [14/07/2009 07:08:49] - |A| - [32496] - C:\Windows\Tasks\SCHEDLGU.TXT [MD5.4B4C7D36244DA954674B656F17FC5D1C] - [17/01/2014 14:06:11] - |A| - [496] - C:\Windows\Tasks\SyncBack Sauvegarde Données du disque D.job [MD5.B63AD96D5AB77552EFDB7D2277C3B0CB] - [31/12/2014 09:18:33] - |A| - [3886] - C:\Windows\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.26C4A5AD1EF1B00AD33BBD9749DC710D] - [02/04/2012 15:05:29] - |A| - [3940] - C:\Windows\System32\Tasks\Adobe Flash Player Updater : C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.00000000000000000000000000000000] - [04/12/2015 09:23:50] - |D| - [3860] - C:\Windows\System32\Tasks\AVAST Software [MD5.2732CEEABFF99F6B152921CCAD510448] - [06/07/2012 08:01:22] - |A| - [4182] - C:\Windows\System32\Tasks\avast! Emergency Update : C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [MD5.133CC4A5267961F2E86BD573C2F035F5] - [28/06/2012 11:08:05] - |A| - [2786] - C:\Windows\System32\Tasks\CCleanerSkipUAC : "C:\Program Files (x86)\CCleaner\CCleaner.exe" [MD5.E93683F37C1569B81B4697787A59FE05] - [17/06/2015 09:29:53] - |A| - [3776] - C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4025010814-1608385043-2583931102-1000Core : C:\Users\Gérard\AppData\Local\Dropbox\Update\DropboxUpdate.exe [MD5.1DADEDFEE4685974E5B3A4BEC47AF412] - [17/06/2015 09:29:54] - |A| - [4172] - C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4025010814-1608385043-2583931102-1000UA : C:\Users\Gérard\AppData\Local\Dropbox\Update\DropboxUpdate.exe [MD5.3A72B2D4C2748EBA9CFD44A9ED21916A] - [05/11/2010 17:36:09] - |A| - [3814] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.8C06D0430FF0B3443B340136F36648AE] - [05/11/2010 17:36:10] - |A| - [4066] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.0269A564D329D6D73A4A8808756B84FF] - [02/07/2012 09:58:51] - |A| - [3658] - C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4025010814-1608385043-2583931102-1000Core : C:\Users\Gérard\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.82BEE24EDFE9BEF48A495D73E11652C2] - [02/07/2012 09:58:53] - |A| - [4054] - C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4025010814-1608385043-2583931102-1000UA : C:\Users\Gérard\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [14/07/2009 05:20:13] - |D| - [330524] - C:\Windows\System32\Tasks\Microsoft [MD5.00000000000000000000000000000000] - [03/03/2013 16:29:35] - |D| - [12100] - C:\Windows\System32\Tasks\Safer-Networking [MD5.DB16F2E1114C451CF5F5C113868B7508] - [22/03/2016 16:49:57] - |A| - [3918] - C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1458658194 : C:\Program Files\AVAST Software\SZBrowser\launcher.exe [MD5.00000000000000000000000000000000] - [21/06/2016 10:16:04] - |D| - [0] - C:\Windows\System32\Tasks\Tâches de l’Observateur d’événements [MD5.00000000000000000000000000000000] - [14/07/2009 07:09:57] - |D| - [0] - C:\Windows\System32\Tasks\WPD [MD5.DF130F6AF51ED984D17BFC9E9988ED16] - [30/12/2010 12:07:49] - |A| - [3032] - C:\Windows\System32\Tasks\{0D27F0B3-BAE4-4B5F-B230-D8FDFA33ED5C} : C:\Program Files (x86)\PowerpointImageExtractor_V1_2\PowerpointImageExtractor.exe [MD5.A01053798CFCDF187FDE4D627026B6B8] - [22/09/2012 13:19:12] - |A| - [3126] - C:\Windows\System32\Tasks\{0D7EB755-77C1-42AF-958D-9F5F59A7334A} : "c:\users\gérard\appdata\local\google\chrome\application\chrome.exe" [MD5.DF130F6AF51ED984D17BFC9E9988ED16] - [30/12/2010 12:09:02] - |A| - [3032] - C:\Windows\System32\Tasks\{13E263F1-0A27-4A0D-B743-EBA82E8AB30E} : C:\Program Files (x86)\PowerpointImageExtractor_V1_2\PowerpointImageExtractor.exe [MD5.A01053798CFCDF187FDE4D627026B6B8] - [21/09/2012 16:52:42] - |A| - [3126] - C:\Windows\System32\Tasks\{1F550D28-F465-476E-8E68-B51476387EC7} : "c:\users\gérard\appdata\local\google\chrome\application\chrome.exe" [MD5.FC565CE6F24880D29C0DB7957DA6DEC8] - [07/04/2016 11:30:02] - |A| - [2970] - C:\Windows\System32\Tasks\{26D35387-A8B7-4B01-97B8-A12C511DBEFA} : C:\Program Files (x86)\Logitech\Video\Launcher.exe [MD5.FC565CE6F24880D29C0DB7957DA6DEC8] - [07/04/2016 11:30:45] - |A| - [2970] - C:\Windows\System32\Tasks\{304338B1-6342-453B-AF08-3E48D80A124D} : C:\Program Files (x86)\Logitech\Video\Launcher.exe [MD5.ABF8BC0E5B03BB4B3B5DAA03F9FC589C] - [17/09/2012 17:07:38] - |A| - [3100] - C:\Windows\System32\Tasks\{3D3340CE-0568-4D88-B3B4-7CF24D8C9922} : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [MD5.ABF8BC0E5B03BB4B3B5DAA03F9FC589C] - [19/09/2012 10:25:07] - |A| - [3100] - C:\Windows\System32\Tasks\{400C2AB2-CCBC-4EA4-96A3-98680AFD4DC8} : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [MD5.ABF8BC0E5B03BB4B3B5DAA03F9FC589C] - [22/09/2012 09:04:28] - |A| - [3100] - C:\Windows\System32\Tasks\{4324A1F5-5DA8-42BD-9E6F-D1E054AE4F5A} : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [MD5.ABF8BC0E5B03BB4B3B5DAA03F9FC589C] - [19/09/2012 08:55:08] - |A| - [3100] - C:\Windows\System32\Tasks\{4A5A974D-1424-4286-8850-9D2D16CDB0BA} : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [MD5.FC565CE6F24880D29C0DB7957DA6DEC8] - [01/11/2010 11:19:36] - |A| - [2970] - C:\Windows\System32\Tasks\{58D78510-FD6B-4FB0-A242-5478283D8C29} : C:\Program Files (x86)\Logitech\Video\Launcher.exe [MD5.ABF8BC0E5B03BB4B3B5DAA03F9FC589C] - [20/09/2012 08:01:03] - |A| - [3100] - C:\Windows\System32\Tasks\{5C89D19B-EB29-4A87-A491-5E4E4463B6B4} : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [MD5.ABF8BC0E5B03BB4B3B5DAA03F9FC589C] - [22/09/2012 11:12:23] - |A| - [3100] - C:\Windows\System32\Tasks\{60659162-C41A-4488-BC43-5B7343ECCD15} : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [MD5.ABF8BC0E5B03BB4B3B5DAA03F9FC589C] - [19/09/2012 10:48:18] - |A| - [3100] - C:\Windows\System32\Tasks\{6179814A-58CA-422E-A54E-3399BF348C2E} : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [MD5.972F78630A12A1756E1977276DEB459C] - [04/07/2014 10:19:12] - |A| - [3168] - C:\Windows\System32\Tasks\{68DF1344-8DA4-41B2-B2E8-8972E4C62501} : "c:\users\gérard\appdata\local\google\chrome\application\chrome.exe" [MD5.38E39F9814CBDC86E5AC4BBCBD76AAF2] - [01/06/2012 18:02:53] - |A| - [3172] - C:\Windows\System32\Tasks\{6E7651B5-D627-4A37-8DF5-54A207A8F59B} : "c:\users\gérard\appdata\local\google\chrome\application\chrome.exe" [MD5.72979AF6F3B452FCC657A0E70B8721B0] - [07/04/2016 15:42:44] - |A| - [3112] - C:\Windows\System32\Tasks\{780493BB-5194-4D9C-9738-0C5293DC1A1B} : C:\Windows\system32\pcalua.exe [MD5.CB6394655FAE4471A1E934EED64B2CF7] - [26/10/2010 13:53:15] - |A| - [2966] - C:\Windows\System32\Tasks\{80F5A057-4893-42E2-A710-4E128869AA31} : C:\Program Files (x86)\Formulaire\Formulaire.exe [MD5.FC565CE6F24880D29C0DB7957DA6DEC8] - [07/04/2016 11:28:13] - |A| - [2970] - C:\Windows\System32\Tasks\{8165CDB7-37A3-4999-A795-8D3749212E1F} : C:\Program Files (x86)\Logitech\Video\Launcher.exe [MD5.ABF8BC0E5B03BB4B3B5DAA03F9FC589C] - [22/09/2012 11:59:59] - |A| - [3100] - C:\Windows\System32\Tasks\{90AE679B-F7FA-403B-A17F-2E27B4249ECC} : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [MD5.CB6394655FAE4471A1E934EED64B2CF7] - [25/09/2011 11:00:32] - |A| - [2966] - C:\Windows\System32\Tasks\{92148661-395C-4126-AB9F-13E8A7435C9E} : C:\Program Files (x86)\Formulaire\Formulaire.exe [MD5.ABF8BC0E5B03BB4B3B5DAA03F9FC589C] - [19/09/2012 14:56:25] - |A| - [3100] - C:\Windows\System32\Tasks\{98FA4E58-AFB5-4E86-A38C-745450F31594} : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [MD5.188CFBFDFC3D7BFC08F2983C810D49D1] - [28/10/2013 10:35:15] - |A| - [3366] - C:\Windows\System32\Tasks\{AEED0AA0-459E-458B-A82A-6F951A1EA217} : C:\Windows\system32\pcalua.exe [MD5.ABF8BC0E5B03BB4B3B5DAA03F9FC589C] - [18/09/2012 16:57:09] - |A| - [3100] - C:\Windows\System32\Tasks\{B39CFF65-EF46-4DA7-93CF-A095A6170F15} : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [MD5.ABF8BC0E5B03BB4B3B5DAA03F9FC589C] - [20/09/2012 16:59:12] - |A| - [3100] - C:\Windows\System32\Tasks\{BA129B81-E63F-4545-B3EA-98CDDA1DF86D} : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [MD5.BB384B9085A5907A289F7BBFB02541E5] - [07/04/2016 15:26:58] - |A| - [3134] - C:\Windows\System32\Tasks\{BE72FDEA-9BE0-441B-8779-70E9303017D8} : C:\Windows\system32\pcalua.exe [MD5.ABF8BC0E5B03BB4B3B5DAA03F9FC589C] - [21/09/2012 08:41:03] - |A| - [3100] - C:\Windows\System32\Tasks\{C0762504-E9AA-4000-89D5-3F8AA3B2F55F} : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [MD5.ABF8BC0E5B03BB4B3B5DAA03F9FC589C] - [21/09/2012 14:15:27] - |A| - [3100] - C:\Windows\System32\Tasks\{C570F21C-52F0-4C22-ACFC-35E42330D122} : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [MD5.CB6394655FAE4471A1E934EED64B2CF7] - [26/10/2010 13:55:13] - |A| - [2966] - C:\Windows\System32\Tasks\{C87B0B08-855C-40B8-BACF-4BF83516F5B0} : C:\Program Files (x86)\Formulaire\Formulaire.exe [MD5.ABF8BC0E5B03BB4B3B5DAA03F9FC589C] - [22/09/2012 11:56:15] - |A| - [3100] - C:\Windows\System32\Tasks\{CD7007C6-7FF4-4C7A-B506-BF0991CDC4EC} : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [MD5.FC565CE6F24880D29C0DB7957DA6DEC8] - [01/11/2010 11:20:49] - |A| - [2970] - C:\Windows\System32\Tasks\{D4E99EC7-65CA-4B07-B2A8-AF7E94291FC6} : C:\Program Files (x86)\Logitech\Video\Launcher.exe [MD5.8EF164996F5915C4199FC5E8724042CC] - [07/04/2016 16:48:02] - |A| - [2952] - C:\Windows\System32\Tasks\{D7C21E0F-53D7-4E99-A88D-4BA1264492EA} : C:\Users\Gérard\Desktop\qc1051fra_x64.exe [MD5.ABF8BC0E5B03BB4B3B5DAA03F9FC589C] - [21/09/2012 19:36:38] - |A| - [3100] - C:\Windows\System32\Tasks\{D9387DC3-A68F-4C6A-9728-048A399D4800} : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [MD5.ABF8BC0E5B03BB4B3B5DAA03F9FC589C] - [21/09/2012 11:13:12] - |A| - [3100] - C:\Windows\System32\Tasks\{DFC166F5-5B4E-461E-8BE3-D9AB85D220E1} : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [MD5.ABF8BC0E5B03BB4B3B5DAA03F9FC589C] - [19/09/2012 08:03:32] - |A| - [3100] - C:\Windows\System32\Tasks\{EC2C8E2A-38D9-4E04-8BD8-04B1712F20DE} : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [MD5.FC565CE6F24880D29C0DB7957DA6DEC8] - [07/04/2016 11:35:28] - |A| - [2970] - C:\Windows\System32\Tasks\{FB9E2DDF-7348-48B2-A950-F4E5D7272155} : C:\Program Files (x86)\Logitech\Video\Launcher.exe [MD5.00000000000000000000000000000000] - [14/07/2009 05:20:14] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ¤¤¤¤¤¤¤¤¤¤ | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "Netlogon-NamedPipe-In"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "{3626FE45-CD27-4B48-945C-06AB2A6CF46E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe|Name=Acer HomeMedia|Desc=Acer HomeMedia| "{76CEDE7C-A6E9-4B99-A6C5-9B3EE413ABA8}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Windows Live Messenger (UPnP-In)|EmbedCtxt=@C:\Program Files (x86)\Windows Live\Messenger\msgsres.dll,-4200| "{EA39451C-ADCF-4388-B62E-3A2C528E1842}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=svchost.exe|Svc=ssdpsrv|Name=Windows Live Messenger (SSDP-In)|EmbedCtxt=@C:\Program Files (x86)\Windows Live\Messenger\msgsres.dll,-4200| "{FAB35E30-A607-430F-A7B0-0EF1F8627522}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe|Name=Windows Live FolderShare| "{9ACE4400-0377-4671-BAEC-BD21A6B6ECBE}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe|Name=hpqtra08.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe| "{D4153786-336C-4EF5-9E71-DCDB4F0BA74B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe|Name=hpqste08.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe| "{4ADA20AE-E203-47DD-835E-6213306E5AD9}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe|Name=hposid01.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe| "{A3BE7C44-9029-40F7-82EF-AC8ECAE3F05B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe|Name=hpqkygrp.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe| "{77E3B798-F897-447B-B296-946202D71095}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe|Name=hpqcopy2.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe| "{C0F700DC-F382-47B7-AD29-C017AE249892}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe|Name=hpfccopy.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe| "{61DC263A-D1F7-4ADA-AF78-656C98A50A00}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe|Name=hpoews01.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe| "{5755B439-C8F7-4879-9CC6-689E9BFD825B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe|Name=hpiscnapp.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe| "{A15E429B-FA71-4EED-8A22-06736B38EA37}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe|Name=hpqgplgtupl.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe| "{0890126E-BD74-40B6-B48D-8039B793239C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe|Name=hpqgpc01.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe| "{6D970300-1A5F-429A-8AB8-041395AE9FBB}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe|Name=hpqusgm.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe| "{840E25FC-AE2D-4B10-A57F-67A2E24F2984}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe|Name=hpqusgh.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe| "{81001336-2B2F-4AD0-94B6-F8FF83C91D97}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\hp software update\hpwucli.exe|Name=hpwucli.exe|Desc=C:\Program Files (x86)\HP\hp software update\hpwucli.exe| "{48CD30D2-A0AF-422D-8009-774480202BD9}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe|Name=smartwebprintexe.exe|Desc=C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe| "{3B030188-BE01-4C6D-883D-466CB92A9428}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|LPort=RPC|App=C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\RpcAgentSrv.exe|Name=SiSoftware Deployment Agent Service (Tcp-In)|Desc=SiSoftware Deployment Agent Service (Tcp-In)|EmbedCtxt=@"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\RpcAgentSrv.exe",-20000|Edge=TRUE| "{64489E18-01E3-4530-A9EA-2939825E62DD}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|App=C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\RpcAgentSrv.exe|Name=SiSoftware Deployment Agent Service (Icmp-In)|Desc=SiSoftware Deployment Agent Service (Icmp-In)|EmbedCtxt=@"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\RpcAgentSrv.exe",-20000|Edge=TRUE| "{61FC2A6A-D8CB-45C4-980D-0B3F9D7177A0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|LPort=RPC|App=C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe|Name=SiSoftware Sandra Agent Service (Tcp-In)|Desc=SiSoftware Sandra Agent Service (Tcp-In)|EmbedCtxt=@"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe",-20000|Edge=TRUE| "{0AD0F6FF-6C93-4F59-8ED9-2709825F78F7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|App=C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe|Name=SiSoftware Sandra Agent Service (Icmp-In)|Desc=SiSoftware Sandra Agent Service (Icmp-In)|EmbedCtxt=@"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe",-20000|Edge=TRUE| "{CF97E966-1AB1-450B-A318-60C1B255C277}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|LPort=RPC|App=C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe|Name=SiSoftware Sandra Agent Service (Tcp-In)|Desc=SiSoftware Sandra Agent Service (Tcp-In)|EmbedCtxt=@"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe",-20000|Edge=TRUE| "{5CEDC26A-ECBE-421D-94E3-B8BFFAE943C1}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|App=C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe|Name=SiSoftware Sandra Agent Service (Icmp-In)|Desc=SiSoftware Sandra Agent Service (Icmp-In)|EmbedCtxt=@"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe",-20000|Edge=TRUE| "{AFB91D0F-266C-4448-BBA9-2176184F6861}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|LPort=48113|RA4=LocalSubnet|RA6=LocalSubnet|Name=maconfig_tcp| "{C58E205B-709C-45B3-B086-4DB4DA6D5178}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|LPort=48113|RA4=LocalSubnet|RA6=LocalSubnet|Name=maconfig_udp| "{4D3766A6-43A9-4DDC-9403-BEC6E8FB582C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\BeeWi\BeeWi Wireless Monitor\RtWLan.exe|Name=RtWlan| "{51489183-8589-49DD-A60F-ED96EFD45CC5}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\BeeWi\BeeWi Wireless Monitor\RtWLan.exe|Name=RtWlan| "{91F2D604-D1A2-461F-BBF3-9C21DD4DC3A1}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|LPort=1542|Name=Realtek WPS TCP Prot| "{1B6AA1BC-E19B-4F6F-A94B-961B2178328A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|LPort=1542|Name=Realtek WPS UDP Prot| "{6E04F5F7-0200-42A3-A0E9-AECDE15315CD}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|LPort=53|Name=Realtek AP UDP Prot| "{AC52F474-A060-40F6-AEB5-6D1340A8FD70}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|LPort=RPC|App=C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe|Name=SiSoftware Sandra Agent Service (Tcp-In)|Desc=SiSoftware Sandra Agent Service (Tcp-In)|EmbedCtxt=@"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe",-20000|Edge=TRUE| "{9A01BD7E-3307-4F0D-8897-C42885C991D2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|App=C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe|Name=SiSoftware Sandra Agent Service (Icmp-In)|Desc=SiSoftware Sandra Agent Service (Icmp-In)|EmbedCtxt=@"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe",-20000|Edge=TRUE| "{1CCB32FC-2F02-4E9F-A7BA-F546495BD8CA}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|LPort=RPC|App=C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe|Name=SiSoftware Sandra Agent Service (Tcp-In)|Desc=SiSoftware Sandra Agent Service (Tcp-In)|EmbedCtxt=@"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe",-20000|Edge=TRUE| "{96CFE5C5-FDE6-414C-AA0E-1129F7E57EC0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|App=C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe|Name=SiSoftware Sandra Agent Service (Icmp-In)|Desc=SiSoftware Sandra Agent Service (Icmp-In)|EmbedCtxt=@"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe",-20000|Edge=TRUE| "TCP Query User{4F8825AB-A886-4D96-8D66-D613CD5EB4E1}C:\program files (x86)\google\google earth\client\googleearth.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\google\google earth\client\googleearth.exe|Name=Google Earth|Desc=Google Earth| "UDP Query User{388E8992-B58F-4DDC-B751-D28CD8C6DE37}C:\program files (x86)\google\google earth\client\googleearth.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\google\google earth\client\googleearth.exe|Name=Google Earth|Desc=Google Earth| "TCP Query User{A4606F4F-E196-42AA-9C3C-50742242C87F}C:\program files (x86)\videolan\vlc\vlc.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\videolan\vlc\vlc.exe|Name=VLC media player|Desc=VLC media player| "UDP Query User{E6EF4952-C3AD-4C16-BDD9-722C6560280E}C:\program files (x86)\videolan\vlc\vlc.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\videolan\vlc\vlc.exe|Name=VLC media player|Desc=VLC media player| "TCP Query User{59F78398-6952-4FAC-9156-917C76936DAD}C:\program files (x86)\google\google earth\plugin\geplugin.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\program files (x86)\google\google earth\plugin\geplugin.exe|Name=Google Earth|Desc=Google Earth|Defer=User| "UDP Query User{A4F9FE13-2DA9-4BA0-9ECB-19C87B529784}C:\program files (x86)\google\google earth\plugin\geplugin.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\program files (x86)\google\google earth\plugin\geplugin.exe|Name=Google Earth|Desc=Google Earth|Defer=User| "{8447E35E-B693-4271-BFC2-B684F40D10F2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|LPort=RPC|App=C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe|Name=SiSoftware Sandra Agent Service (Tcp-In)|Desc=SiSoftware Sandra Agent Service (Tcp-In)|EmbedCtxt=@"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe",-20000|Edge=TRUE| "{560DB58E-0022-4CD9-8727-21E869938AB2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|App=C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe|Name=SiSoftware Sandra Agent Service (Icmp-In)|Desc=SiSoftware Sandra Agent Service (Icmp-In)|EmbedCtxt=@"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe",-20000|Edge=TRUE| "{BDA2484B-54BA-4854-9998-CEFFEBA06786}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe|Name=Scrabble™ Interactif Edition 2009| "{DEFF4085-A007-4752-8828-83F29A068955}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe|Name=Scrabble™ Interactif Edition 2009| "{02CE96F3-07C1-4372-AF91-FA97D276DAB2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|LPort=48114|RA4=LocalSubnet|RA6=LocalSubnet|Name=maconfig_tcptls| "{6EF13A9F-648B-41D7-9FA8-0DEE996DA40F}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002| "{68E9FB7D-E325-4CE5-B83E-CB5B3C0A8AC7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Gérard\AppData\Roaming\Dropbox\bin\Dropbox.exe|Name=Dropbox| "{81CB93A0-B78A-4D30-BA88-0A327D2F6EA4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Gérard\AppData\Roaming\Dropbox\bin\Dropbox.exe|Name=Dropbox| "{F4EA49D6-4909-4524-8242-31647A1FC0B6}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\TeamViewer\TeamViewer.exe|Name=Teamviewer Remote Control Application| "{CFE0F7BF-A927-45DB-8D8D-F6F62BB7456F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\TeamViewer\TeamViewer.exe|Name=Teamviewer Remote Control Application| "{DAC03E9C-F0F5-4A0B-B972-4154DF2F74FC}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe|Name=Teamviewer Remote Control Service| "{3E91B81A-7560-4318-BF4A-9CAC9E6CC2EA}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe|Name=Teamviewer Remote Control Service| "{766D2E7C-D505-46D3-9752-060E13AED75E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)| "{892FDD02-9CEC-4380-892B-66CBC81A2C4E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)| "{F1034BC6-7AEE-4F8A-8BB4-B0079A8BFB2D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe|Name=Windows Live Communications Platform|Edge=TRUE| "{B91E38E1-CE0A-454D-80C6-B7C7F425693F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (UPnP)| "{EA6870C8-18E3-4158-9BD7-2BFE25E986C1}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (SSDP)| "{B7EDDC75-8AFD-440F-904D-0DB4C269C6A7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe|Name=Windows Live Messenger|Edge=TRUE| "{0A150990-E666-4834-BD09-43A8631ED92A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name='Firefox' (C:\Program Files (x86)\Mozilla Firefox)| "{36A3F024-4499-4EED-9155-865EB39224E3}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name='Firefox' (C:\Program Files (x86)\Mozilla Firefox)| "{1626E371-97F4-41C9-8B10-0652B213B474}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Skype\Phone\Skype.exe|Name=Skype| "TCP Query User{B3512C48-5D73-4FEC-BF81-AD357EA9F79F}D:\mes prog d'installation\arduino (programation)\arduino-nightly\java\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\mes prog d'installation\arduino (programation)\arduino-nightly\java\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "UDP Query User{1A245EC1-0DA2-4EA9-9D25-C3DC78E0F81A}D:\mes prog d'installation\arduino (programation)\arduino-nightly\java\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\mes prog d'installation\arduino (programation)\arduino-nightly\java\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "{B7087E3C-5873-43A1-B88F-199FBA5E2428}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|LPort=RPC|App=C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe|Name=SiSoftware Sandra Agent Service (Tcp-In)|Desc=SiSoftware Sandra Agent Service (Tcp-In)|EmbedCtxt=@"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe",-20000|Edge=TRUE| "{6364A153-19E0-4A39-A899-9A193FDF3EE8}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|App=C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe|Name=SiSoftware Sandra Agent Service (Icmp-In)|Desc=SiSoftware Sandra Agent Service (Icmp-In)|EmbedCtxt=@"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\RpcSandraSrv.exe",-20000|Edge=TRUE| "TCP Query User{790D6880-7928-489F-BB0A-105E9486D798}C:\program files (x86)\ditto\ditto.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\ditto\ditto.exe|Name=Ditto|Desc=Ditto|Defer=User| "UDP Query User{EDF584E3-904C-4E1F-B699-DE3EE8F39643}C:\program files (x86)\ditto\ditto.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\ditto\ditto.exe|Name=Ditto|Desc=Ditto|Defer=User| "TCP Query User{A80137C5-6CBA-412B-A1EC-D72343F79773}C:\Users\Gérard\Desktop\QuickDiag.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Gérard\Desktop\QuickDiag.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| "UDP Query User{8086F52E-78FA-489A-B2C4-2168ADE624EB}C:\Users\Gérard\Desktop\QuickDiag.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Gérard\Desktop\QuickDiag.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe"=C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe:*:Enabled:ScrabblePCR "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service "C:\Users\Gérard\Desktop\QuickDiag.exe"=C:\Users\Gérard\Desktop\QuickDiag.exe:*:Enabled:QuickDiag [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\domainprofile\authorizedapplications\list] "C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe"=C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe:*:Enabled:ScrabblePCR ¤¤¤¤¤¤¤¤¤¤ | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{03F52937-1FD6-44FB-82C6-FE988F1B1D61}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{04A83FC2-2AE2-4C88-B45F-E9707B377636}] : (aswHwid) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{04A83FC2-2AE2-4C99-B45F-E9707B377636}] : (aswEmHWID2) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{24A0C840-2C3D-4410-8236-8B40816C7B90}] : (aswVmm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{39EB4865-658B-4410-AFA3-378D8517461C}] : (ngvss) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}] : (IPMIDRV) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] : (Display) [] -> @DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) [] -> @mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}] : (Monitor) [] -> @Montr_CI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}] : (MTD) [] -> @SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}] : (Net) [] -> @NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}] : (NetClient) [] -> @NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}] : (NetService) [] -> @NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}] : (NetTrans) [] -> @NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) [] -> @StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175D334-C371-4806-B3BA-71FD53C9258D}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{522119B9-1B9A-498A-AC52-148B533EFD50}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53D29EF7-377C-4D14-864B-EB3A85769359}] : (BiometricDevice) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) [] -> @NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) [] -> @%SystemRoot%\system32\batt.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) [] -> @hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87C077B2-3D3B-4156-938A-EA51B451D6C6}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8AE85550-832C-4A9B-81BB-2A49DBEE72B4}] : (aswRvrt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990A2BD7-E738-46C7-B26F-1CF8FB9F1391}] : (SmartCard) [] -> @sccls.dll,-300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}] : (SideShow) [] -> @%systemroot%\system32\AuxiliaryDisplayClassInstaller.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9D3039DD-CCA5-4B4D-B33D-E2DDC8A8C52E}] : (dtsoftbus01) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{AB4964A5-4361-4899-BA0A-180305F2BF92}] : (aswTdi) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}] : (Transfer Cable) [] -> @%SystemRoot%\System32\migwiz\migres.dll,-20 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C4A06E97-ED42-47B9-83E1-F12299B286A5}] : (aswRdr) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C777C165-D422-426D-8EBF-6EAF3FB83ADF}] : (aswNdisFlt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}] : (XnaComposite) [] -> @%SystemRoot%\system32\XInput9_1_0.dll,-1000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{DB4F6DDD-9C0E-45E4-9597-78DBBAD0F412}] : (SmartCardFilter) [] -> @sccls.dll,-301 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E004269C-D387-4461-B955-25A64CFE23CE}] : (amdkmdag) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}] : (WPD) [] -> @wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{F72FE0D4-CBCB-407D-8814-9ED673D0DD6B}] : (USB) [] -> @oem43.inf,%ClassName%;ADB Interface [HKLM\SYSTEM\CurrentControlSet\Control\Class\{FB58BE68-EA9E-4803-847F-2CE814E7B159}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ¤¤¤¤¤¤¤¤¤¤ | Loaded modules (Microsoft Files whitelisted) [24/01/2011 12:20:43] - (1.83.0.0) - (Duplex Secure Ltd. - SCSI Pass Through Direct Host) - C:\Windows\System32\Drivers\sptd.sys [16/03/2010 02:14:11] - (11.1.0.23) - (NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver) - C:\Windows\system32\DRIVERS\nvstor64.sys [27/04/2011 07:57:19] - (1.1.2.5) - (Advanced Micro Devices - Storage Filter Driver) - C:\Windows\system32\drivers\amdxata.sys [10/02/2014 19:03:35] - (11.2.2738.0) - (AVAST Software - avast! Revert) - C:\Windows\System32\Drivers\aswRvrt.sys [10/02/2014 19:03:35] - (11.2.2738.0) - (AVAST Software - avast! VM Monitor) - C:\Windows\System32\Drivers\aswVmm.sys [10/02/2014 19:03:33] - (11.2.2738.0) - (AVAST Software - avast! self protection module) - C:\Windows\system32\drivers\aswSP.sys [10/02/2014 19:03:34] - (11.2.2738.0) - (AVAST Software - avast! Virtualization Driver) - C:\Windows\system32\drivers\aswSnx.sys [03/06/2009 04:15:30] - (3.2.4.0) - (Egis Technology Inc. - PSD Filter Driver) - C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [22/03/2016 16:49:39] - (11.2.2738.0) - (AVAST Software - avast! Keyboard Filter Driver) - C:\Windows\system32\drivers\aswKbd.sys [10/02/2014 19:03:31] - (11.2.2738.0) - (AVAST Software - avast! WFP Redirect Driver) - C:\Windows\system32\drivers\aswRdr2.sys [03/06/2009 04:15:30] - (3.2.4.0) - (Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver) - C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [03/06/2009 04:15:30] - (3.2.4.0) - (Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver) - C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [16/03/2010 02:14:11] - (5.10.2600.167) - (NVIDIA Corporation - NVIDIA nForce(TM) SMU Microcontroller Driver) - C:\Windows\system32\DRIVERS\nvsmu.sys [12/08/2010 13:07:50] - (7.3.1.7335) - (NVIDIA Corporation - NVIDIA MCP Networking Function Driver.) - C:\Windows\system32\DRIVERS\nvmf6264.sys [30/03/2010 09:51:59] - (8.14.1.6099) - (Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver) - C:\Windows\system32\DRIVERS\atikmpag.sys [30/03/2010 09:51:59] - (8.1.1.1010) - (ATI Technologies Inc. - ATI Radeon Kernel Mode Driver) - C:\Windows\system32\DRIVERS\atipmdag.sys [// ::] - (11.1.0.23) - (NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver) - C:\Windows\System32\Drivers\ahw3eyip.SYS [16/03/2010 01:37:09] - (6.0.1.5898) - (Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver) - C:\Windows\system32\drivers\RTKVHD64.sys [30/03/2010 09:52:00] - (7.11.0.7703) - (ATI Technologies, Inc. - ATI High Definition Audio Function Driver) - C:\Windows\system32\drivers\AtiHdmi.sys [03/02/2007 11:30:58] - (10.5.1.2023) - (Logitech Inc. - USB Statistic Driver) - C:\Windows\system32\drivers\LVUSBS64.sys [03/02/2007 11:25:56] - (10.5.1.2023) - (Logitech Inc. - Universal Serial Bus Camera Driver) - C:\Windows\system32\DRIVERS\CamDrL64.sys [16/06/2016 15:46:06] - (5.1.2.248) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\Windows\System32\ATMFD.DLL [10/02/2014 19:03:32] - (11.2.2738.0) - (AVAST Software - avast! File System Minifilter for Windows 2003/Vista) - C:\Windows\system32\drivers\aswMonFlt.sys [01/05/2014 14:44:58] - (11.2.2738.0) - (AVAST Software - avast! HWID) - C:\Windows\system32\drivers\aswHwid.sys ¤¤¤¤¤¤¤¤¤¤ | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service R0 - ACPI (Pilote ACPI Microsoft) -> system32\drivers\ACPI.sys R0 - amdxata () -> system32\drivers\amdxata.sys R0 - aswRvrt (avast! Revert) -> (?) R0 - aswVmm (avast! VM Monitor) -> (?) R0 - atapi (Canal IDE) -> system32\drivers\atapi.sys R0 - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys R0 - CNG () -> System32\Drivers\cng.sys R0 - Disk (Pilote de disque) -> system32\drivers\disk.sys R0 - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys R0 - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys S0 - Fs_Rec () -> (?) R0 - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys R0 - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys R0 - KSecDD () -> System32\Drivers\ksecdd.sys R0 - KSecPkg () -> System32\Drivers\ksecpkg.sys R0 - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys R0 - msisadrv () -> system32\drivers\msisadrv.sys R0 - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys R0 - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys R0 - nvstor64 () -> system32\DRIVERS\nvstor64.sys R0 - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys R0 - pci (Pilote de bus PCI) -> system32\drivers\pci.sys R0 - pciide () -> system32\drivers\pciide.sys R0 - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys R0 - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys R0 - spldr (Security Processor Loader Driver) -> (?) R0 - sptd () -> \SystemRoot\System32\Drivers\sptd.sys R0 - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys R0 - vdrvroot (Pilote d’énumérateur de lecteur virtuel Microsoft) -> system32\drivers\vdrvroot.sys R0 - volmgr (Pilote du Gestionnaire de volume) -> system32\drivers\volmgr.sys R0 - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys R0 - volsnap (Volumes de stockage) -> system32\drivers\volsnap.sys R0 - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys R1 - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys R1 - aswKbd (aswKbd) -> \SystemRoot\system32\drivers\aswKbd.sys R1 - aswRdr (aswRdr) -> \SystemRoot\system32\drivers\aswRdr2.sys R1 - aswSnx (aswSnx) -> \SystemRoot\system32\drivers\aswSnx.sys R1 - aswSP (aswSP) -> \SystemRoot\system32\drivers\aswSP.sys R1 - Beep (Beep) -> (?) R1 - blbdrive () -> \SystemRoot\system32\DRIVERS\blbdrive.sys R1 - cdrom (Pilote de CD-ROM) -> system32\DRIVERS\cdrom.sys R1 - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys R1 - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys R1 - Msfs () -> (?) R1 - mssmbios (Pilote BIOS de gestion de systèmes Microsoft) -> \SystemRoot\system32\drivers\mssmbios.sys R1 - mwlPSDFilter (mwlPSDFilter) -> system32\DRIVERS\mwlPSDFilter.sys R1 - mwlPSDNServ (mwlPSDNServ) -> system32\DRIVERS\mwlPSDNServ.sys R1 - mwlPSDVDisk (mwlPSDVDisk) -> system32\DRIVERS\mwlPSDVDisk.sys R1 - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys R1 - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys R1 - Npfs () -> (?) R1 - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys R1 - Null () -> (?) R1 - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys R1 - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys R1 - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys R1 - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys R1 - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys R1 - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys R1 - TermDD (Pilote de périphérique terminal) -> \SystemRoot\system32\drivers\termdd.sys R1 - VgaSave () -> \SystemRoot\System32\drivers\vga.sys R1 - vwififlt (Virtual WiFi Filter Driver) -> system32\DRIVERS\vwififlt.sys R1 - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys R1 - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys R2 - AdobeARMservice (Adobe Acrobat Update Service) -> "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" R2 - AMD External Events Utility () -> %SystemRoot%\system32\atiesrxx.exe R2 - aswHwid (avast! HardwareID) -> \SystemRoot\system32\drivers\aswHwid.sys R2 - aswMonFlt (aswMonFlt) -> \SystemRoot\system32\drivers\aswMonFlt.sys S2 - aswStm (aswStm) -> \SystemRoot\system32\drivers\aswStm.sys R2 - AudioEndpointBuilder (@%SystemRoot%\system32\audiosrv.dll,-204) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - AudioSrv (@%SystemRoot%\system32\audiosrv.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - avast! Antivirus (Avast Antivirus) -> "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" R2 - BFE (@%SystemRoot%\system32\bfe.dll,-1001) -> %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - BITS (@%SystemRoot%\system32\qmgr.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - c2cautoupdatesvc (Skype Click to Call Updater) -> "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service R2 - c2cpnrsvc (Skype Click to Call PNR Service) -> "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service S2 - clr_optimization_v4.0.30319_32 (Microsoft .NET Framework NGEN v4.0.30319_X86) -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe S2 - clr_optimization_v4.0.30319_64 (Microsoft .NET Framework NGEN v4.0.30319_X64) -> C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe R2 - CryptSvc (@%SystemRoot%\system32\cryptsvc.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - DcomLaunch (@oleres.dll,-5012) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - Dhcp (@%SystemRoot%\system32\dhcpcore.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - DiagTrack (@%SystemRoot%\system32\UtcResources.dll,-3001) -> %SystemRoot%\System32\svchost.exe -k utcsvc R2 - Dnscache (@%SystemRoot%\System32\dnsapi.dll,-101) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - DPS (@%systemroot%\system32\dps.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork R2 - EFS (@%SystemRoot%\system32\efssvc.dll,-100) -> %SystemRoot%\System32\lsass.exe R2 - eventlog (@%SystemRoot%\system32\wevtsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - EventSystem (@comres.dll,-2450) -> %SystemRoot%\system32\svchost.exe -k LocalService R2 - FontCache (@%systemroot%\system32\FntCache.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService R2 - gpsvc (@gpapi.dll,-112) -> %windir%\system32\svchost.exe -k GPSvcGroup R2 - Greg_Service (GRegService) -> C:\Program Files (x86)\Acer\Registration\GregHSRW.exe S2 - gupdate (Service Google Update (gupdate)) -> "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc R2 - hpqddsvc (Service HP CUE DeviceDiscovery) -> %SystemRoot%\system32\svchost.exe -k hpdevmgmt R2 - HPSLPSVC (HP Network Devices Support) -> %SystemRoot%\system32\svchost.exe -k HPService R2 - IKEEXT (@%SystemRoot%\system32\ikeext.dll,-501) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - iphlpsvc (@%SystemRoot%\system32\iphlpsvc.dll,-500) -> %SystemRoot%\System32\svchost.exe -k NetSvcs R2 - LanmanServer (@%systemroot%\system32\srvsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - LanmanWorkstation (@%systemroot%\system32\wkssvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys R2 - lmhosts (@%SystemRoot%\system32\lmhsvc.dll,-101) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys R2 - MDM (Machine Debug Manager) -> "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE" S2 - MMCSS (@%systemroot%\system32\mmcss.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - MpsSvc (@%SystemRoot%\system32\FirewallAPI.dll,-23090) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - Net Driver HPZ12 () -> %SystemRoot%\System32\svchost.exe -k HPZ12 R2 - NlaSvc (@%SystemRoot%\System32\nlasvc.dll,-1) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - nsi (@%SystemRoot%\system32\nsisvc.dll,-200) -> %systemroot%\system32\svchost.exe -k LocalService R2 - PcaSvc (@%SystemRoot%\system32\pcasvc.dll,-1) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys R2 - PlugPlay (@%SystemRoot%\system32\umpnpmgr.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - Pml Driver HPZ12 () -> %SystemRoot%\System32\svchost.exe -k HPZ12 R2 - Power (@%SystemRoot%\system32\umpo.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - ProfSvc (@%systemroot%\system32\profsvc.dll,-300) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - Realtek11nSU (Realtek11nSU) -> C:\Program Files (x86)\BeeWi\BeeWi Wireless Monitor\RtlService.exe R2 - RichVideo (Cyberlink RichVideo Service(CRVS)) -> "C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe" R2 - RpcEptMapper (@%windir%\system32\RpcEpMap.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k RPCSS R2 - RpcSs (@oleres.dll,-5010) -> %SystemRoot%\system32\svchost.exe -k rpcss R2 - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys R2 - SamSs (@%SystemRoot%\system32\samsrv.dll,-1) -> %SystemRoot%\system32\lsass.exe R2 - Schedule (@%SystemRoot%\system32\schedsvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - SDScannerService (Spybot-S&D 2 Scanner Service) -> "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" R2 - SDUpdateService (Spybot-S&D 2 Updating Service) -> "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" R2 - SDWSCService (Spybot-S&D 2 Security Center Service) -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe R2 - SENS (@%SystemRoot%\system32\Sens.dll,-200) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - ShellHWDetection (@%SystemRoot%\System32\shsvcs.dll,-12288) -> %SystemRoot%\System32\svchost.exe -k netsvcs S2 - SkypeUpdate (Skype Updater) -> "C:\Program Files (x86)\Skype\Updater\Updater.exe" R2 - Spooler (@%systemroot%\system32\spoolsv.exe,-1) -> %SystemRoot%\System32\spoolsv.exe S2 - sppsvc (@%SystemRoot%\system32\sppsvc.exe,-101) -> %SystemRoot%\system32\sppsvc.exe R2 - stisvc (@%SystemRoot%\system32\wiaservc.dll,-9) -> %SystemRoot%\system32\svchost.exe -k imgsvc R2 - SysMain (@%SystemRoot%\system32\sysmain.dll,-1000) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys R2 - Themes (@%SystemRoot%\System32\themeservice.dll,-8192) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - TomTomHOMEService (TomTomHOMEService) -> "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe" R2 - TrkWks (@%SystemRoot%\system32\trkwks.dll,-1) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - Updater Service (Updater Service) -> C:\Program Files\Acer\Acer Updater\UpdaterService.exe R2 - UxSms (@%SystemRoot%\system32\dwm.exe,-2000) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted S2 - VBoxAswDrv (VBoxAsw Support Driver) -> \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys R2 - WinDefend (@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103) -> %SystemRoot%\System32\svchost.exe -k secsvcs R2 - Winmgmt (@%Systemroot%\system32\wbem\wmisvc.dll,-205) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - Wlansvc (@%SystemRoot%\System32\wlansvc.dll,-257) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - wlidsvc (Windows Live ID Sign-in Assistant) -> "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" R2 - wscsvc (@%SystemRoot%\System32\wscsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - WSearch (@%systemroot%\system32\SearchIndexer.exe,-103) -> %systemroot%\system32\SearchIndexer.exe /Embedding R2 - wuauserv (Windows Update) -> %systemroot%\system32\svchost.exe -k netsvcs ¤¤¤¤¤¤¤¤¤¤ | System files (Microsoft Files whitelisted) [MD5.2F6B34B83843F0C5118B63AC634F5BF4] - [10/06/2009 22:36:24] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - [479.58 Ko] - (1.6.6.4) - C:\Windows\System32\Drivers\adp94xx.sys [MD5.597F78224EE9224EA1A13D6350CED962] - [13/07/2009 23:59:32] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - [331.58 Ko] - (1.6.6.1) - C:\Windows\System32\Drivers\adpahci.sys [MD5.E109549C90F62FB570B9540C4B148E54] - [13/07/2009 23:59:33] - (.Copyright © 2003 Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) - [178.58 Ko] - (7.2.0.0) - C:\Windows\System32\Drivers\adpu320.sys [MD5.5812713A477A3AD7363C7438CA2EE038] - [14/07/2009 01:19:47] - (.Copyright (C) Acer Laboratories Inc. 2000 - ALi mini IDE Driver.) - [15.08 Ko] - (1.2.0.0) - C:\Windows\System32\Drivers\aliide.sys [MD5.1FF8B4431C353CE385C875F194924C0C] - [14/07/2009 01:19:49] - (.Copyright (C) AMD 2003 - Pilote IDE AMD.) - [15.08 Ko] - (6.1.7600.16385) - C:\Windows\System32\Drivers\amdide.sys [MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - [27/04/2011 07:57:20] - (.Copyright © 2008-2010 AMD, Inc. - AHCI 1.2 Device Driver.) - [105.38 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdsata.sys [MD5.F67F933E79241ED32FF46A4F29B5120B] - [10/06/2009 22:37:35] - (.2008 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [189.58 Ko] - (3.6.1540.127) - C:\Windows\System32\Drivers\amdsbs.sys [MD5.540DAF1CEA6094886D72126FD7C33048] - [27/04/2011 07:57:19] - (.Copyright © 2008-2010 AMD, Inc. - Storage Filter Driver.) - [26.38 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdxata.sys [MD5.C484F8CEB1717C540242531DB7845C4E] - [13/07/2009 23:59:33] - (.Copyright 2007 Adaptec, Inc. - Adaptec RAID Storport Driver.) - [85.58 Ko] - (5.2.0.10384) - C:\Windows\System32\Drivers\arc.sys [MD5.019AF6924AEFE7839F61C830227FE79C] - [13/07/2009 23:59:33] - (.Copyright 2008 Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - [95.56 Ko] - (5.2.0.16119) - C:\Windows\System32\Drivers\arcsas.sys [MD5.1694434F5B9AB16772C7A8E2EF9134CA] - [01/05/2014 14:44:58] - (.Copyright (c) 2014 AVAST Software - avast! HWID.) - [36.77 Ko] - (11.2.2738.0) - C:\Windows\System32\Drivers\aswHwid.sys [MD5.786E8BCDFF674068F3C950615FC2E71C] - [22/03/2016 16:49:39] - (.Copyright (c) 2014 AVAST Software - avast! Keyboard Filter Driver.) - [36.27 Ko] - (11.2.2738.0) - C:\Windows\System32\Drivers\aswKbd.sys [MD5.33D0DD0471FDF449C81338863FC63978] - [10/02/2014 19:03:32] - (.Copyright (c) 2014 AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) - [105.27 Ko] - (11.2.2738.0) - C:\Windows\System32\Drivers\aswMonFlt.sys [MD5.DF190688D993A3DB227BFB0BB40BD7D4] - [10/02/2014 19:03:31] - (.Copyright (c) 2014 AVAST Software - avast! WFP Redirect Driver.) - [100.65 Ko] - (11.2.2738.0) - C:\Windows\System32\Drivers\aswRdr2.sys [MD5.D873455DFA27680585AE238503917DF5] - [10/02/2014 19:03:35] - (.Copyright (c) 2014 AVAST Software - avast! Revert.) - [72.8 Ko] - (11.2.2738.0) - C:\Windows\System32\Drivers\aswRvrt.sys [MD5.A371A06EC8F4830C263D3F5CA5A11B65] - [10/02/2014 19:03:34] - (.Copyright (c) 2014 AVAST Software - avast! Virtualization Driver.) - [1045.8 Ko] - (11.2.2738.0) - C:\Windows\System32\Drivers\aswSnx.sys [MD5.6B7F6CE19A16240EE9DE2C528897ED9C] - [10/02/2014 19:03:33] - (.Copyright (c) 2014 AVAST Software - avast! self protection module.) - [454.88 Ko] - (11.2.2738.0) - C:\Windows\System32\Drivers\aswSP.sys [MD5.3575F9226251DE48E065ED5C384A21EF] - [13/02/2014 17:42:31] - (.Copyright (c) 2014 AVAST Software - Stream Filter.) - [162.53 Ko] - (11.2.2738.0) - C:\Windows\System32\Drivers\aswStm.sys [MD5.BA4CDCD8C0395E91C38CD2C5CE3E7FA2] - [10/02/2014 19:03:35] - (.Copyright (c) 2014 AVAST Software - avast! VM Monitor.) - [280.79 Ko] - (11.2.2738.0) - C:\Windows\System32\Drivers\aswVmm.sys [MD5.77C149E6D702737B2E372DEE166FAEF8] - [30/03/2010 09:52:00] - (.Copyright (c) 2004-2010 ATI Technologies Inc. - ATI High Definition Audio Function Driver.) - [114 Ko] - (7.11.0.7703) - C:\Windows\System32\Drivers\AtiHdmi.sys [MD5.4B24B270904A9C11E6433F89C06C07D9] - [30/03/2010 09:51:59] - (.Copyright (C) 1998-2006 ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - [6220.5 Ko] - (8.1.1.1010) - C:\Windows\System32\Drivers\atikmdag.sys [MD5.DF0236C8EB72CF2698C9E74702D3E127] - [30/03/2010 09:51:59] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) - [184.5 Ko] - (8.14.1.6099) - C:\Windows\System32\Drivers\atikmpag.sys [MD5.4B24B270904A9C11E6433F89C06C07D9] - [30/03/2010 09:51:59] - (.Copyright (C) 1998-2006 ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - [6220.5 Ko] - (8.1.1.1010) - C:\Windows\System32\Drivers\atipmdag.sys [MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - [10/06/2009 22:34:23] - (.Copyright 2000-2008, Broadcom Corporation. - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) - [264.5 Ko] - (10.100.4.0) - C:\Windows\System32\Drivers\b57nd60a.sys [MD5.F09EEE9EDC320B5E1501F749FDE686C8] - [14/07/2009 03:19:59] - (.Copyright (C) Brother Industries, Ltd. 2001-2003 - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) - [18 Ko] - (1.10.0.2) - C:\Windows\System32\Drivers\BrFiltLo.sys [MD5.B114D3098E9BDB8BEA8B053685831BE6] - [14/07/2009 03:20:21] - (.Copyright (C) Brother Industries, Ltd. 2001 - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) - [8.5 Ko] - (1.4.0.1) - C:\Windows\System32\Drivers\BrFiltUp.sys [MD5.43BEA8D483BF1870F018E2D02E06A5BD] - [14/07/2009 03:19:06] - (.Copyright (C) Brother Industries Ltd.1997-2006 - Pilote Brother Série I/F (WDM).) - [280 Ko] - (1.0.1.6) - C:\Windows\System32\Drivers\BrSerId.sys [MD5.A6ECA2151B08A09CACECA35C07F05B42] - [14/07/2009 03:20:11] - (.Copyright (C) Brother Industries Ltd.1997-2003 - Brother Serial driver (WDM version).) - [46 Ko] - (1.0.0.20) - C:\Windows\System32\Drivers\BrSerWdm.sys [MD5.B79968002C277E869CF38BD22CD61524] - [14/07/2009 03:20:26] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB MDM Driver.) - [14.63 Ko] - (1.0.0.12) - C:\Windows\System32\Drivers\BrUsbMdm.sys [MD5.A87528880231C54E75EA7A44943B38BF] - [14/07/2009 03:20:15] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB Serial Driver.) - [14.38 Ko] - (1.0.1.3) - C:\Windows\System32\Drivers\BrUsbSer.sys [MD5.3E5B191307609F7514148C6832BB0842] - [10/06/2009 22:34:28] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [457.5 Ko] - (4.8.2.0) - C:\Windows\System32\Drivers\bxvbda.sys [MD5.6E1641724439E18CE55ADEE2D347AA19] - [03/02/2007 11:25:56] - (.(c) 1996-2007 Logitech. - Universal Serial Bus Camera Driver.) - [933.28 Ko] - (10.5.1.2023) - C:\Windows\System32\Drivers\CamDrL64.sys [MD5.E19D3F095812725D88F9001985B94EDD] - [14/07/2009 01:19:48] - (.Copyright (C) CMD Technology, Inc. 1999-2000 - CMD PCI IDE Bus Driver.) - [17.08 Ko] - (2.0.7.0) - C:\Windows\System32\Drivers\cmdide.sys [MD5.0E5DA5369A0FCAEA12456DD852545184] - [10/06/2009 22:36:49] - (.Copyright © 2003-2009 Emulex - Storport Miniport Driver for LightPulse HBAs.) - [518.06 Ko] - (7.2.10.211) - C:\Windows\System32\Drivers\elxstor.sys [MD5.DC5D737F51BE844D8C82C695EB17372F] - [10/06/2009 22:34:33] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) - [3209 Ko] - (4.8.13.0) - C:\Windows\System32\Drivers\evbda.sys [MD5.F2523EF6460FC42405B12248338AB2F0] - [14/07/2009 00:53:43] - (.Copyright ©2007-2009 Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) - [30.5 Ko] - (1.31.27127.0) - C:\Windows\System32\Drivers\hcw85cir.sys [MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - [24/06/2011 08:54:30] - (.Copyright (c) 2004-2010 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [76.88 Ko] - (6.12.6.64) - C:\Windows\System32\Drivers\HpSAMD.sys [MD5.A60C877E1CD3AA2E4E5CCD8AF305C0F1] - [26/03/2012 23:45:18] - (.© AnchorFree Inc. - Hotspot Shield Routing Driver.) - [55.5 Ko] - (1.0.0.0) - C:\Windows\System32\Drivers\hssdrv.sys [MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - [27/04/2011 07:57:19] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [400.88 Ko] - (8.6.2.1014) - C:\Windows\System32\Drivers\iaStorV.sys [MD5.5C18831C61933628F5BB0EA2675B9D21] - [13/07/2009 23:59:33] - (.Copyright © 2002-05 Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - [43.08 Ko] - (5.4.22.0) - C:\Windows\System32\Drivers\iirsp.sys [MD5.EFD1765905491B742C531FF6C38E9EC7] - [03/07/2012 12:58:00] - (.© Google Inc. - ADB Interface.) - [31 Ko] - (3.8.0.0) - C:\Windows\System32\Drivers\lgandnetadb.sys [MD5.8660C7BFE2CBA7E0B3F5D9ECD05D780E] - [03/07/2012 12:50:00] - (.LG Electronics Inc. Seoul, Korea. - LGE AndroidNet Driver.) - [28.5 Ko] - (3.8.0.0) - C:\Windows\System32\Drivers\lgandnetdiag64.sys [MD5.620F9CDFC8987FE26F6E0DC37D645B45] - [03/07/2012 12:50:00] - (.LG Electronics Inc. Seoul, Korea. - LGE AndroidNet Driver.) - [35.5 Ko] - (3.8.0.0) - C:\Windows\System32\Drivers\lgandnetmodem64.sys [MD5.1A93E54EB0ECE102495A51266DCDB6A6] - [13/07/2009 23:59:34] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT FC Driver (StorPort).) - [112.06 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_fc.sys [MD5.1047184A9FDC8BDBFF857175875EE810] - [13/07/2009 23:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SAS Driver (StorPort).) - [104.06 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_sas.sys [MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - [13/07/2009 23:59:34] - (.Copyright © LSI Corporation 2009 - LSI SAS Gen2 Driver (StorPort).) - [64.06 Ko] - (2.0.2.71) - C:\Windows\System32\Drivers\lsi_sas2.sys [MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - [13/07/2009 23:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SCSI Driver (StorPort).) - [113.06 Ko] - (1.28.3.67) - C:\Windows\System32\Drivers\lsi_scsi.sys [MD5.9761370FFB533CF6E4A7176F4BAA3BA9] - [03/02/2007 11:30:58] - (.(c) 1996-2007 Logitech. - USB Statistic Driver.) - [57.16 Ko] - (10.5.1.2023) - C:\Windows\System32\Drivers\LVUSBS64.sys [MD5.78BFF5425E044086E74E78650A359FBB] - [21/03/2014 21:36:01] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [26.38 Ko] - (0.1.16.0) - C:\Windows\System32\Drivers\mbam.sys [MD5.1239597BAB7EED2BB16D035AF87E65D9] - [26/06/2014 18:28:08] - (.© Malwarebytes. - Malwarebytes Chameleon Protection Driver.) - [137.38 Ko] - (1.1.22.0) - C:\Windows\System32\Drivers\mbamchameleon.sys [MD5.78488AF2AB2111D67B3C4044707A519B] - [26/06/2014 18:29:24] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [187.71 Ko] - (0.3.0.4) - C:\Windows\System32\Drivers\MBAMSwissArmy.sys [MD5.A55805F747C6EDB6A9080D7C633BD0F4] - [10/06/2009 22:37:14] - (.Copyright © LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64.) - [34.56 Ko] - (4.5.1.64) - C:\Windows\System32\Drivers\megasas.sys [MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - [13/07/2009 23:59:33] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [278.06 Ko] - (13.5.409.2009) - C:\Windows\System32\Drivers\MegaSR.sys [MD5.452ACB7A9914398D9E18CCCFFCF92208] - [26/06/2014 18:28:08] - (.© Malwarebytes Corporation. - Malwarebytes Web Access Control.) - [63.38 Ko] - (1.0.6.0) - C:\Windows\System32\Drivers\mwac.sys [MD5.6FFECC25B39DC7652A0CEC0ADA9DB589] - [03/06/2009 04:15:30] - (.Copyright ©2008 Egis Technology Inc. - PSD Filter Driver.) - [22.05 Ko] - (3.2.4.0) - C:\Windows\System32\Drivers\mwlPSDFilter.sys [MD5.0BEFE32CA56D6EE89D58175725596A85] - [03/06/2009 04:15:30] - (.Copyright ©2008 Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) - [19.55 Ko] - (3.2.4.0) - C:\Windows\System32\Drivers\mwlPSDNserv.sys [MD5.D43BC633B8660463E446E28E14A51262] - [03/06/2009 04:15:30] - (.Copyright ©2008 Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) - [59.05 Ko] - (3.2.4.0) - C:\Windows\System32\Drivers\mwlPSDVDisk.sys [MD5.77889813BE4D166CDAB78DDBA990DA92] - [13/07/2009 23:59:33] - (.(C) Copyright IBM Corp. 1994, 2002. - IBM ServeRAID Controller Driver.) - [50.06 Ko] - (7.10.0.0) - C:\Windows\System32\Drivers\nfrd960.sys [MD5.DD81FBC57AB9134CDDC5CE90880BFD80] - [13/07/2009 23:59:34] - (.(C) NVIDIA Corporation. - NVIDIA Windows Kernel Mode Driver, Version 185.93.) - [11301.28 Ko] - (8.15.11.8593) - C:\Windows\System32\Drivers\nvlddmkm.sys [MD5.A85B4F2EF3A7304A5399EF0526423040] - [10/06/2009 22:35:35] - (.Copyright © 2001-2008 NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) - [399.38 Ko] - (1.0.1.210) - C:\Windows\System32\Drivers\nvm62x64.sys [MD5.0AD267A4674805B61A5D7B911D2A978A] - [12/08/2010 13:07:50] - (.Copyright © 2001-2010 NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) - [342.73 Ko] - (7.3.1.7335) - C:\Windows\System32\Drivers\nvmf6264.sys [MD5.0A92CB65770442ED0DC44834632F66AD] - [27/04/2011 07:57:20] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [144.88 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvraid.sys [MD5.AFDE3015BB8D76E26BEC3B287C5443A0] - [16/03/2010 02:14:11] - (.Copyright(C) 2001-2009 NVIDIA Corporation - NVIDIA nForce(TM) SMU Microcontroller Driver.) - [28.03 Ko] - (5.10.2600.167) - C:\Windows\System32\Drivers\nvsmu.sys [MD5.DAB0E87525C10052BF65F06152F37E4A] - [27/04/2011 07:57:20] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [162.38 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvstor.sys [MD5.7C7EEF51979658CE15BBC04F96A77D56] - [16/03/2010 02:14:11] - (.Copyright(C) 2001-2009 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [233.53 Ko] - (11.1.0.23) - C:\Windows\System32\Drivers\nvstor64.sys [MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - [10/06/2009 22:37:36] - (.Copyright © QLogic Corporation 1996-2009 - QLogic Fibre Channel Stor Miniport Driver.) - [1489.08 Ko] - (9.1.8.6) - C:\Windows\System32\Drivers\ql2300.sys [MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - [13/07/2009 23:59:34] - (.© QLogic Corporation. - QLogic iSCSI Storport Miniport Driver.) - [125.58 Ko] - (2.1.3.20) - C:\Windows\System32\Drivers\ql40xx.sys [MD5.BC64B75E8E0A0B8982AB773483164E72] - [16/03/2010 01:37:09] - (.Copyright (c) Realtek Semiconductor Corp.1998-2012 - Realtek(r) High Definition Audio Function Driver.) - [1789.03 Ko] - (6.0.1.5898) - C:\Windows\System32\Drivers\RTKVHD64.sys [MD5.4629C5C4772D223B0ECD1EA8BA7A2A33] - [10/11/2010 11:48:37] - (.Copyright (C) 2008 Realtek Semiconductor Corporation - Realtek RTL8192S USB NDIS Driver.) - [674.03 Ko] - (1086.10.206.2010) - C:\Windows\System32\Drivers\rtl8192su.sys [MD5.3EA8A16169C26AFBEB544E0E48421186] - [14/07/2009 04:36:07] - (.© 2006 Macrovision Corporation - Macrovision SECURITY Driver.) - [22.5 Ko] - (4.3.86.0) - C:\Windows\System32\Drivers\secdrv.sys [MD5.C1D8E28B2C2ADFAEC4BA89E9FDA69BD6] - [14/07/2009 02:00:40] - (.Copyright (C) Brother Industries Ltd.1997-2006 - Pilote Brother Série I/F (WDM).) - [92 Ko] - (6.1.7600.16385) - C:\Windows\System32\Drivers\serial.sys [MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - [10/06/2009 22:37:40] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [42.56 Ko] - (5.1.1039.2600) - C:\Windows\System32\Drivers\sisraid2.sys [MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - [13/07/2009 23:59:33] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [78.58 Ko] - (5.1.1039.3600) - C:\Windows\System32\Drivers\sisraid4.sys [MD5.D6AB7C13FCDD2E4CAC35244D2C172D9A] - [24/01/2011 12:20:43] - (.Copyright (C) 2004-2012 - SCSI Pass Through Direct Host.) - [551.59 Ko] - (1.83.0.0) - C:\Windows\System32\Drivers\sptd.sys [MD5.F3817967ED533D08327DC73BC4D5542A] - [13/07/2009 23:59:33] - (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) - [24.08 Ko] - (5.0.1.1) - C:\Windows\System32\Drivers\stexstor.sys [MD5.84BB306B7863883018D7F3EB0C453BD5] - [09/08/2009 23:25:45] - (.Copyright © 2002 - 2009 Elaborate Bytes AG - VirtualCloneCD Driver.) - [35.5 Ko] - (5.4.3.5) - C:\Windows\System32\Drivers\VClone.sys [MD5.E5689D93FFE4E5D66C0178761240DD54] - [14/07/2009 01:19:50] - (.Copyright (C) VIA Technologies, Inc. 2000-2007 - VIA Generic PCI IDE Bus Driver.) - [17.08 Ko] - (6.0.6000.170) - C:\Windows\System32\Drivers\viaide.sys [MD5.5E2016EA6EBACA03C04FEAC5F330D997] - [10/06/2009 22:37:58] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [158.08 Ko] - (6.0.6000.6210) - C:\Windows\System32\Drivers\vsmraid.sys [MD5.4E7C4709AAB1F24E8FE1763DDBFFB93D] - [15/06/2016 18:06:41] - (.-.) - [27.73 Ko] - (0.0.0.0) - C:\Windows\Syswow64\Drivers\SECDRV.SYS ¤¤¤¤¤¤¤¤¤¤ | Uninstall [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Dropbox] : (Dropbox.-.Dropbox, Inc.) -> "C:\Users\Gérard\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe" /InstallType:USER [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) -> "C:\Users\Gérard\AppData\Local\Google\Chrome\Application\51.0.2704.103\Installer\setup.exe" --uninstall --multi-install --chrome [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\la suite e-anim 9.01.004] : (la suite e-anim 9.01.004.-.) -> C:\Users\Gérard\Documents\e-anim\Uninstal.exe [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\PhotoFiltre] : (PhotoFiltre.-.) -> "C:\Program Files (x86)\PhotoFiltre\Uninst.exe" [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Piasecki H-21C FLYING BANANA] : (Piasecki H-21C FLYING BANANA.-.) -> C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Désinstaller_Piasecki_H-21C_FLYING_BANANA.exe [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\S-70B-6 Aegean Hawk Hellenic NAVY] : (S-70B-6 Aegean Hawk Hellenic NAVY.-.) -> C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Désinstaller_S-70B-6_Aegean_Hawk_Hellenic_NAVY.exe [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Search Protection] : (Search Protection.-.Spigot, Inc.) -> "C:\Users\Gérard\AppData\Roaming\Search Protection\uninstall.exe" [HKU\S-1-5-21-4025010814-1608385043-2583931102-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}] : (Browser Extensions.-.Spigot, Inc.) -> "C:\Users\Gérard\AppData\Roaming\Browser Extensions\uninstall.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files (x86)\CCleaner\uninst.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CPUID CPU-Z_is1] : (CPUID CPU-Z 1.65.0.-.) -> "C:\Program Files\CPUID\CPU-Z\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\HP Imaging Device Functions] : (HP Imaging Device Functions 14.0.-.HP) -> C:\Program Files (x86)\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\HP Smart Web Printing] : (HP Smart Web Printing 4.60.-.HP) -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\HP Solution Center & Imaging Support Tools] : (HP Solution Center 14.0.-.HP) -> C:\Program Files (x86)\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\HPExtendedCapabilities] : (HP Customer Participation Program 14.0.-.HP) -> C:\Program Files (x86)\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\NVIDIA Drivers] : (NVIDIA Drivers.-.NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Recuva] : (Recuva.-.Piriform) -> "C:\Program Files\Recuva\uninst.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Shop for HP Supplies] : (Shop for HP Supplies.-.HP) -> C:\Program Files (x86)\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Unlocker] : (Unlocker 1.9.0-x64.-.Cedrick Collomb) -> C:\Program Files\Unlocker\uninst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{048B0E48-1689-41D7-9493-FD2DA9402C94}] : (Eurocopter AS350-BA Fspainter Complete FSX .-.FSpainter / Florian LAROYE) -> C:\PROGRA~3\TARMAI~1\{048B0~1\Setup.exe /remove /q0 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}] : (HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6.-.HP) -> C:\Program Files (x86)\HP\Digital Imaging\{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}\setup\hpzscr40.exe -datfile hposcr46.dat -onestop -forcereboot [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{23170F69-40C1-2702-1602-000001000000}] : (7-Zip 16.02 (x64 edition).-.Igor Pavlov) -> MsiExec.exe /I{23170F69-40C1-2702-1602-000001000000} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{48C0866E-57EB-444C-8371-8E4321066BC3}] : (Network64.-.Hewlett-Packard) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{53F31785-7600-4B46-B36D-687BAA6B01BB}] : (UKMIL AS Puma HC1 FSX .-.UKMIL) -> C:\PROGRA~3\TARMAI~1\{53F31~1\Setup.exe /remove /q0 [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}] : (Network64.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{738E4E18-C4FB-8948-9779-A6857A677E51}] : (ccc-utility64.-.ATI) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7DC84ED4-6F9E-4E81-8857-075B3A394E16}] : (HC412 Bambi Bucket No Doors FSX.-.Hovercontrol) -> C:\PROGRA~3\TARMAI~1\{7DC84~1\Setup.exe /remove /q0 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1] : (CDBurnerXP.-.CDBurnerXP) -> "C:\Program Files\CDBurnerXP\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A4404CD3-561D-6B14-ECDA-69AB1BC6A5BC}] : (ATI Catalyst Install Manager.-.ATI Technologies, Inc.) -> msiexec /q/x{A4404CD3-561D-6B14-ECDA-69AB1BC6A5BC} REBOOT=ReallySuppress [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AC17986B-35C7-4C15-A005-C8CC990F4BA5}] : (Bell 206B JetRanger III FSX .-.Eagle Rotorcraft Simulations) -> C:\PROGRA~3\TARMAI~1\{AC179~1\Setup.exe /remove /q0 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AF845313-1DDA-47A9-ABD0-F988A779F888}] : (Barre des Ecrins - Photoreal plus mesh FSX .-.Frank Dainese and Rikoooo) -> C:\PROGRA~3\TARMAI~1\{AF845~1\Setup.exe /remove /q0 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C07FD5B3-DF88-4B42-89E2-57ED74C56B40}] : (Sikorsky S-55 Whirlwind FSX.-.AlphaSim) -> C:\PROGRA~3\TARMAI~1\{C07FD~1\Setup.exe /remove /q0 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1] : (SiSoftware Sandra Lite 2010c.-.SiSoftware) -> "C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C3962027-FDF1-4B57-8A89-D085337E05BC}] : (Enstrom 280FX FSX .-.Eagle Rotorcraft Simulations) -> C:\PROGRA~3\TARMAI~1\{C3962~1\Setup.exe /remove /q0 [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DDA8FE2D-EA67-194C-D6A5-F52BC4FDA20F}] : (ATI AVIVO64 Codecs.-.ATI Technologies Inc.) -> MsiExec.exe /X{DDA8FE2D-EA67-194C-D6A5-F52BC4FDA20F} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E2DAF337-D22D-4334-A987-9181A763025B}] : (Eurocopter HH 65 Dolphin Elisoccorso Trento FS2004.-.I-FOX Franco) -> C:\PROGRA~3\TARMAI~1\{E2DAF~1\Setup.exe /remove /q0 [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}] : (64 Bit HP CIO Components Installer.-.Hewlett-Packard) -> MsiExec.exe /I{FF21C3E6-97FD-474F-9518-8DCBE94C2854} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Acer Registration] : (Acer Registration.-.Acer Incorporated) -> C:\Program Files (x86)\Acer\Registration\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Acer Screensaver] : (Acer ScreenSaver.-.Acer Incorporated) -> C:\Program Files (x86)\Acer\Screensaver\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Acer Welcome Center] : (Welcome Center.-.Acer Incorporated) -> C:\Program Files (x86)\Acer\Welcome Center\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe AIR] : (Adobe AIR.-.Adobe Systems Incorporated) -> c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] : (Adobe Flash Player 22 ActiveX.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_ActiveX.exe -maintain activex [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI] : (Adobe Flash Player 22 NPAPI.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_Plugin.exe -maintain plugin [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Annuaire_is1] : (Annuaire 3.30 Artaxata.-.I.U.X.D.I.C.(Holding)) -> "C:\Program Files (x86)\Annuaire\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Audacity 1.3 Beta (Unicode)_is1] : (Audacity 1.3.12 (Unicode).-.Audacity Team) -> "C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Avast] : (Avast Antivirus Gratuit.-.AVAST Software) -> C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\BackWeb-8876480 Uninstaller] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Baidu Antivirus] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\CDex] : (CDex - Open Source Digital Audio CD Extractor.-.Georgy Berdyshev) -> C:\Program Files (x86)\CDex\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Comanche 4] : (Comanche 4.-.) -> C:\Windows\IsUn040c.exe -f"C:\Program Files (x86)\NovaLogic\Comanche 4\Uninst.isu" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DAEMON Tools Lite] : (DAEMON Tools Lite.-.Disc Soft Ltd) -> C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Date_is1] : (Date.-.) -> "C:\Program Files (x86)\Date\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Ditto_is1] : (Ditto 3.17.0.17.-.Scott Brogden) -> "C:\Program Files (x86)\Ditto\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EaseUS Partition Master_is1] : (EaseUS Partition Master 10.8.-.EaseUS) -> "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\edu.media.mit.Scratch2Editor] : (Scratch 2 Offline Editor.-.MIT Media Lab) -> msiexec /qb /x {BFBD020C-839A-F133-CFF8-E2D6AC736338} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Exifer_is1] : (Exifer.-.Friedemann Schmidt) -> "C:\Program Files (x86)\Exifer\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ffdshow_is1] : (ffdshow [rev 3154] [2009-12-09].-.) -> "C:\Program Files (x86)\ffdshow\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Formulaire_is1] : (Formulaire.-.) -> "C:\Program Files (x86)\Formulaire\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Free Video Converter_is1] : (Free Video Converter V 3.1.-.Koyote Soft) -> "C:\Program Files (x86)\Free Video Converter\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Free Video to MP3 Converter_is1] : (Free Video to MP3 Converter version 4.2.20.421.-.DVDVideoSoft Limited.) -> "C:\Program Files (x86)\DVDVideoSoft\Free Video to MP3 Converter\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Freemake Video Converter_is1] : (Freemake Video Converter version 4.1.9.-.Ellora Assets Corporation) -> "C:\Program Files (x86)\Freemake\Freemake Video Converter\Uninstall\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\GIF Animator] : (Microsoft GIF Animator.-.) -> C:\Program Files (x86)\Microsoft GIF Animator\setup\GifACME.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\GSpot 2.21 Fr_is1] : (GSpot 2.21 Fr.-.) -> "C:\Program Files (x86)\GSpot221\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\HaaliMkx] : (Haali Media Splitter.-.) -> "C:\Program Files (x86)\Haali\MatroskaSplitter\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Hotkey Utility] : (Hotkey Utility.-.Acer Incorporated) -> C:\Program Files (x86)\Acer\Hotkey Utility\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\HP Smart Web Printing] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Icones Bureau_is1] : (Icones Bureau.-.) -> "C:\Program Files (x86)\Icones Bureau\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Identity Card] : (Identity Card.-.Acer Incorporated) -> C:\Program Files (x86)\Acer\Identity Card\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE AdBlock_is1] : (IE AdBlock.-.CatenaLogic) -> "C:\Program Files (x86)\IE AdBlock\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Inno Setup 5_is1] : (Inno Setup version 5.2.3.-.Jordan Russell) -> "C:\Program Files (x86)\Inno Setup 5\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}] : (.-.Egis Technology Inc.) -> "C:\Program Files (x86)\InstallShield Installation Information\{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}\setup.exe" -runfromtemp -l0x040c -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}] : (eSobi v2.-.esobi Inc.) -> C:\Program Files (x86)\InstallShield Installation Information\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\setup.exe -runfromtemp -l0x0409 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}] : (Acer Arcade Deluxe.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\KC Softwares IDPhotoStudio_is1] : (KC Softwares IDPhotoStudio.-.KC Softwares) -> "C:\Program Files (x86)\KC Softwares\IDPhotoStudio\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\LAME for Audacity_is1] : (LAME v3.98.3 for Audacity.-.) -> "C:\Program Files (x86)\Lame For Audacity\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Le Pendu_is1] : (TomCat Soft : Le Pendu.-.TomCat Soft) -> "C:\Jeux\Le Pendu\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\LG PC Suite] : (LG PC Suite.-.LG Electronics) -> C:\Program Files (x86)\LG Electronics\LG PC Suite\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Lupas Rename 2000_is1] : (Lupas Rename 2000 v5.0 Release.-.Ivan Anton Albarracin) -> "C:\Program Files (x86)\Lupas Rename 2000\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] : (Malwarebytes Anti-Malware version 2.2.1.1043.-.Malwarebytes) -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MediaCoder] : (MediaCoder 2011.-.Broad Intelligence) -> C:\Program Files (x86)\MediaCoder\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 47.0 (x86 fr)] : (Mozilla Firefox 47.0 (x86 fr).-.Mozilla) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Thunderbird 45.1.1 (x86 fr)] : (Mozilla Thunderbird 45.1.1 (x86 fr).-.Mozilla) -> C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Picasa 3] : (Picasa 3.-.Google, Inc.) -> "C:\Program Files (x86)\Google\Picasa3\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\PoiEdit] : (PoiEdit.-.) -> C:\PROGRA~2\DNOTES~1\POIEDI~1\UNWISE.EXE C:\PROGRA~2\DNOTES~1\POIEDI~1\INSTALL.LOG [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\PowerpointImageExtractor_is1] : (PowerpointImageExtractor.-.) -> "C:\Program Files (x86)\PowerpointImageExtractor_V1_2\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\QCAD] : (QCAD 3.8.0.-.RibbonSoft GmbH) -> C:\Program Files (x86)\QCAD\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Revo Uninstaller] : (Revo Uninstaller 1.95.-.VS Revo Group) -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SafeZone 1.48.2066.101] : (SafeZone Stable 1.48.2066.101.-.Avast Software) -> "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Scrabble™ Interactive 2009 Edition_is1] : (Scrabble™ Interactive 2009 Edition.-.) -> "C:\Program Files (x86)\Ubisoft\Scrabble2009\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ST6UNST #1] : (Nombre.-.) -> C:\WINDOWS\st6unst.exe -n "C:\Program Files (x86)\Projet1\ST6UNST.LOG" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SyncBack_is1] : (SyncBack.-.2BrightSparks) -> "C:\Program Files (x86)\2BrightSparks\SyncBack\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\TeamViewer] : (TeamViewer 10.-.TeamViewer) -> C:\Program Files (x86)\TeamViewer\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Uninstall_is1] : (Uninstall 1.0.0.1.-.) -> "C:\Program Files (x86)\Common Files\DVDVideoSoft\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Visual Basic 6.0 Édition Entreprise (fra)] : (Microsoft Visual Basic 6.0 Édition Entreprise (Français).-.) -> "C:\Program Files (x86)\Microsoft Visual Studio\VB98\Setup\1036\Setup.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\VLC media player] : (VLC media player.-.VideoLAN) -> C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WebPost] : (Assistant Publication de sites Web Microsoft 1.53.-.) -> RunDll32 ADVPACK.DLL,LaunchINFSection C:\Windows\INF\wpie3x86.inf,WebPostUninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WinGimp-2.0_is1] : (GIMP 2.6.11.-.The GIMP Team) -> "C:\Program Files (x86)\GIMP-2.0\setup\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\XnView_is1] : (XnView 2.32.-.Gougelet Pierre-e) -> "C:\Program Files (x86)\XnView\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}] : (PDFCreator.-.Frank Heindörfer, Philip Chinery) -> C:\Program Files (x86)\PDFCreator\unins000.exe [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{00C91FFD-66F7-7599-27A4-2158E063DE8B}] : (Catalyst Control Center Graphics Full New.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0151E7E3-E236-F8FA-1B1E-4116E848AA80}] : (Catalyst Control Center Graphics Full Existing.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{06A1D88C-E102-4527-AF70-29FFD7AF215A}] : (Scan.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{09A1B02F-7814-E662-098A-0AE641A5DFFD}] : (Catalyst Control Center Localization All.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}] : (MyWinLocker.-.Egis Technology Inc.) -> MsiExec.exe /X{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0E09BE17-EDEA-42CA-8974-42A587F51510}] : (TomTom HOME.-.Nom de votre société) -> MsiExec.exe /I{0E09BE17-EDEA-42CA-8974-42A587F51510} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1280A24A-6BAA-4E22-8F59-01B6551B47C5}] : (Ground Truth Text.-.Universitat Autonoma de Barcelona) -> MsiExec.exe /I{1280A24A-6BAA-4E22-8F59-01B6551B47C5} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}] : (DeviceDiscovery.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}] : (HPProductAssistant.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}] : (eSobi v2.-.esobi Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{176CFC97-0619-63F5-216F-DA91DF5C180C}] : (CCC Help Thai.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{178EF55D-51F6-62EC-A25F-C7CB3FB375B8}] : (CCC Help Dutch.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{19687AD5-7E54-4C5E-A796-125C95079C1D}] : (Adobe AIR.-.Adobe Systems Incorporated) -> MsiExec.exe /I{19687AD5-7E54-4C5E-A796-125C95079C1D} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1AB7AB77-6AF0-8349-CDAA-0BB7BD5AD57C}] : (CCC Help Chinese Standard.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}] : (Nero InfoTool Help.-.Nero AG) -> MsiExec.exe /X{20400DBD-E6DB-45B8-9B6B-1DD7033818EC} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2348B586-C9AE-46CE-936C-A68E9426E214}] : (Nero StartSmart Help.-.Nero AG) -> MsiExec.exe /X{2348B586-C9AE-46CE-936C-A68E9426E214} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2376AAB2-F4D9-48D7-A42B-4E80B8967A8B}] : (F4500.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2637C347-9DAD-11D6-9EA2-00055D0CA761}] : (Acer Arcade Deluxe.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217045FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217051FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217055FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218077F0}] : (Java 8 Update 77.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218077F0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218091F0}] : (Java 8 Update 91.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218091F0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{287ECFA4-719A-2143-A09B-D6A12DE54E40}] : (Acrobat.com.-.Adobe Systems Incorporated) -> MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{292F0F52-B62D-4E71-921B-89A682402201}] : (Toolbox.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2EAE344E-F3FB-967E-51B5-EF1697364D91}] : (CCC Help Russian.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2FB9EA69-51D4-4913-9AD5-762C034DE811}] : (Status.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{33CF58F5-48D8-4575-83D6-96F574E4D83A}] : (Nero DriveSpeed.-.Nero AG) -> MsiExec.exe /X{33CF58F5-48D8-4575-83D6-96F574E4D83A} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3548CAD1-45FB-72E9-7C5B-3F50FB42E2D2}] : (CCC Help Italian.-.ATI) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3FB4A433-A461-41A2-9227-E8D2362817E2}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}] : (MediaShow Espresso.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}] : (Google Earth.-.Google) -> MsiExec.exe /X{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}] : (Nero StartSmart OEM.-.Nero AG) -> MsiExec.exe /X{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{50A9A489-68FB-17EB-5EC7-44F55E5E3FCD}] : (Catalyst Control Center Graphics Previews Vista.-.ATI) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{51C7AD07-C3F6-4635-8E8A-231306D810FE}] : (Cisco LEAP Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}] : (neroxml.-.Nero AG) -> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{58AE1219-4CF0-7920-A8D9-204AE4291B6B}] : (CCC Help Finnish.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{595A3116-40BB-4E0F-A2E8-D7951DA56270}] : (NeroExpress.-.Nero AG) -> MsiExec.exe /X{595A3116-40BB-4E0F-A2E8-D7951DA56270} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}] : (LG United Mobile Drivers.-.LG Electronics) -> MsiExec.exe /X{5DB849D6-9392-4FB7-9ABB-87ED433152E5} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}] : (TomTom HOME.-.Nom de votre société) -> MsiExec.exe /I{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}] : (SolutionCenter.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5F4D7F9D-E36B-4E3C-A11C-DB365E676232}] : (CCC Help Polish.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}] : (Cisco EAP-FAST Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{654304D2-7FDB-5A2C-84AD-8253AD4B47A1}] : (ccc-core-static.-.Nom de votre société) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6A4B388A-C460-9371-A401-272BED1BC785}] : (CCC Help Danish.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6BC06531-C06B-0637-6868-DFC30D297ECF}] : (CCC Help Swedish.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6DEF8F72-0510-2265-3C1B-3D72DBFF6CCA}] : (CCC Help Spanish.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6F340107-F9AA-47C6-B54C-C3A19F11553F}] : (Hewlett-Packard ACLM.NET v1.1.0.0.-.Hewlett-Packard) -> MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7185af32-e0e8-4c1d-b3ce-25b3309a0a4e}] : (Nero 9 Essentials.-.Nero AG) -> C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="2M02-K090-XW7M-4224-2CTC-0M9Z-P67K-0Z59-TPH0-P288-2P9U-AZ0M-1E68-AE4Z-1A7E-7T4H-0000" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{71E5713D-3193-45B0-B34F-F689F7BCFDCC}_is1] : (IVC - Internet Video Converter HD 5.50 FR.-.IVCSOFT, Anh NGUYEN) -> "C:\Program Files (x86)\IVCsoft\Internet Video Converter HD 5.50 FR\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7748AC8C-18E3-43BB-959B-088FAEA16FB2}] : (Nero StartSmart.-.Nero AG) -> MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088FAEA16FB2} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}] : (TomTom HOME.-.Nom de votre société) -> MsiExec.exe /I{7A2BB1C8-903D-4585-9F3B-CADD67D07D37} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7F446B99-7355-05E0-B9DA-580993D79E0C}] : (CCC Help Turkish.-.ATI) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7F811A54-5A09-4579-90E1-C93498E230D9}] : (Acer eRecovery Management.-.Acer Incorporated) -> "C:\Program Files (x86)\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x40c -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}] : (Chicken Invaders 2.-.Oberon Media) -> "C:\Program Files (x86)\Acer GameZone\Chicken Invaders 2\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Chicken Invaders 2\install.log" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}] : (Spin & Win.-.Oberon Media) -> "C:\Program Files (x86)\Acer GameZone\Spin & Win\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Spin & Win\install.log" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}] : (Granny In Paradise.-.Oberon Media) -> "C:\Program Files (x86)\Acer GameZone\Granny In Paradise\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Granny In Paradise\install.log" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}] : (Cake Mania.-.Oberon Media) -> "C:\Program Files (x86)\Acer GameZone\Cake Mania\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Cake Mania\install.log" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}] : (Galapago.-.Oberon Media) -> "C:\Program Files (x86)\Acer GameZone\Galapago\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Galapago\install.log" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}] : (Amazonia.-.Oberon Media) -> "C:\Program Files (x86)\Acer GameZone\Amazonia\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Amazonia\install.log" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}] : (Heroes of Hellas.-.Oberon Media) -> "C:\Program Files (x86)\Acer GameZone\Heroes of Hellas\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Heroes of Hellas\install.log" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}] : (Dream Day First Home.-.Oberon Media) -> "C:\Program Files (x86)\Acer GameZone\Dream Day First Home\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Dream Day First Home\install.log" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}] : (Dairy Dash.-.Oberon Media) -> "C:\Program Files (x86)\Acer GameZone\Dairy Dash\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Dairy Dash\install.log" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}] : (Farm Frenzy 2.-.Oberon Media) -> "C:\Program Files (x86)\Acer GameZone\Farm Frenzy 2\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Farm Frenzy 2\install.log" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{83202942-84B3-4C50-8622-B8C0AA2D2885}] : (Nero Express Help.-.Nero AG) -> MsiExec.exe /X{83202942-84B3-4C50-8622-B8C0AA2D2885} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{85498904-0748-45AA-9482-6DB8EA971B91}] : (DJ_AIO_06_F4500_SW_MIN.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{869200DB-287A-4DC0-B02B-2B6787FBCD4C}] : (Nero DiscSpeed.-.Nero AG) -> MsiExec.exe /X{869200DB-287A-4DC0-B02B-2B6787FBCD4C} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{87BB78C4-F36D-4D93-A7C7-F80F18219848}] : (AMD DnD V1.0.20.-.AMD) -> MsiExec.exe /I{87BB78C4-F36D-4D93-A7C7-F80F18219848} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8EE94FD8-5F52-4463-A340-185D16328158}] : (WebReg.-.Hewlett-Packard) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}] : (TomTom HOME Visual Studio Merge Modules.-.TomTom International B.V.) -> MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}] : (SmartWebPrinting.-.Hewlett-Packard) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}] : (HP Update.-.Hewlett-Packard) -> MsiExec.exe /X{912D30CF-F39E-4B31-AD9A-123C6B794EE2} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}] : (Copy.-.Hewlett-Packard) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}] : (BeeWi Wireless Monitor.-.RDC(Rue Du Commerce).) -> C:\Program Files (x86)\InstallShield Installation Information\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}\Install.exe -uninst -l0x40C [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9C17B3F0-577B-538D-DB8C-40197D03FAD4}] : (CCC Help Japanese.-.ATI) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A436F67F-687E-4736-BD2B-537121A804CF}] : (HP Product Detection.-.HP) -> MsiExec.exe /I{A436F67F-687E-4736-BD2B-537121A804CF} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}] : (ImagXpress.-.Nero AG) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A9E12684-DD23-4D11-ACAF-6041954BCA00}_is1] : (ISTool 5.2.1.0.-.Bjørnar Henden) -> "C:\Program Files (x86)\ISTool\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AA4BF92B-2AAF-11DA-9D78-000129760D75}] : (.-.CyberLink Corporation) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\Setup.exe" -uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}] : (HPSSupply.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824184103}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824184103} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}] : (Adobe Acrobat Reader DC - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AC0F074E4100} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B158F76F-76AB-4115-A4F0-4C6EF6956093}_is1] : (VirtualDubMOD 1.5.10.3 Fr.-.Trad-Fr) -> "C:\Program Files (x86)\VirtualDubMOD\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B191AED2-AF18-3195-44AF-5D60A8F52DB7}] : (CCC Help Chinese Traditional.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B2EC4A38-B545-4A00-8214-13FE0E915E6D}] : (Advertising Center.-.Nero AG) -> MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1] : (Spybot - Search & Destroy.-.Safer-Networking Ltd.) -> "C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}] : (Acer Arcade Movie.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B95EBC95-B7CF-D326-EB73-AA1E33D1A31E}] : (CCC Help French.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BAF19BB1-7716-4F37-5C47-E9DD9A70BC0F}] : (Catalyst Control Center InstallProxy.-.ATI Technologies, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BB05590A-6602-43F3-A400-77EA0976BC0A}] : (TomTom HOME.-.Nom de votre société) -> MsiExec.exe /I{BB05590A-6602-43F3-A400-77EA0976BC0A} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BB3447F6-9553-4AA9-960E-0DB5310C5779}] : (GPBaseService2.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BB8B979E-E336-47E7-96BC-1031C1B94561}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BD243CE6-93CC-1284-4A90-90EA06B19FFB}] : (CCC Help Greek.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}] : (Nero ControlCenter.-.Nero AG) -> MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}] : (Destinations.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BE627CA2-AB0E-275B-FCEF-6FBDE4AB1124}] : (CCC Help German.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BFBD020C-839A-F133-CFF8-E2D6AC736338}] : (Scratch 2 Offline Editor.-.MIT Media Lab) -> MsiExec.exe /I{BFBD020C-839A-F133-CFF8-E2D6AC736338} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C24B5777-DA09-50F7-79EF-E26E53D1559A}] : (CCC Help English.-.ATI) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C4E1603B-E550-4A14-8F53-4E989849D1B4}] : (Google SketchUp 8.-.Google, Inc.) -> MsiExec.exe /X{C4E1603B-E550-4A14-8F53-4E989849D1B4} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}] : (Norton Online Backup.-.Symantec) -> MsiExec.exe /X{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C77E500C-FB0C-D423-991B-3FE5B24AAA80}] : (CCC Help Norwegian.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}] : (Nero Online Upgrade.-.Nero AG) -> MsiExec.exe /X{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CABAE860-68A5-0ACE-46FE-DF8B40DAD5BD}] : (CCC Help Hungarian.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CAE4213F-F797-439D-BD9E-79B71D115BE3}] : (HPPhotoGadget.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CC019E3F-59D2-4486-8D4B-878105B62A71}] : (Nero DiscSpeed Help.-.Nero AG) -> MsiExec.exe /X{CC019E3F-59D2-4486-8D4B-878105B62A71} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CCE70229-941A-41BF-9033-4EEE09F94303}}_is1] : (ImageGrab 5.0.6 fr.-.Paul Glagla) -> "C:\Program Files (x86)\ImageGrab\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}] : (TrayApp.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D215ED58-928A-C704-C104-F3333A429336}] : (Catalyst Control Center Core Implementation.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D360FA88-17C8-4F14-B67F-13AAF9607B12}] : (MarketResearch.-.Hewlett-Packard) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1] : (Auslogics DiskDefrag.-.Auslogics Labs Pty Ltd) -> "C:\Program Files (x86)\Auslogics\DiskDefrag\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}] : (eBay Worldwide.-.OEM) -> MsiExec.exe /I{E0B19DF7-B1C7-4937-82C4-0E4B1E346965} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E5C7D048-F9B4-4219-B323-8BDB01A2563D}] : (Nero DriveSpeed Help.-.Nero AG) -> MsiExec.exe /X{E5C7D048-F9B4-4219-B323-8BDB01A2563D} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E8A80433-302B-4FF1-815D-FCC8EAC482FF}] : (Nero Installer.-.Nero AG) -> MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EA3A9E2A-6D28-9D91-E65F-0C5978100D3F}] : (Catalyst Control Center Graphics Light.-.ATI) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1] : (Light Image Resizer 4.6.1.0.-.ObviousIdea) -> "C:\Program Files (x86)\ObviousIdea\Image Resizer 4\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}] : (Cisco PEAP Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EE10D76C-39B7-40A8-A24C-1BEEACBED160}] : (Catalyst Control Center - Branding.-.ATI) -> MsiExec.exe /I{EE10D76C-39B7-40A8-A24C-1BEEACBED160} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}] : (Acer Updater.-.Acer Incorporated) -> "C:\Program Files (x86)\InstallShield Installation Information\{EE171732-BEB4-4576-887D-CB62727F01CA}\setup.exe" -runfromtemp -l0x40c -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F19CD3A3-21ED-90AA-E57B-1E54D44EF874}] : (CCC Help Portuguese.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}] : (Nero ControlCenter.-.Nero AG) -> MsiExec.exe /X{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{f761359c-9ced-45ae-9a51-9d6605cd55c4}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}] : (BufferChm.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FB08F5BF-8B35-CA7F-2C6C-4C7875EFF8C8}] : (CCC Help Korean.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FBCDFD61-7DCF-4E71-9226-873BA0053139}] : (Nero InfoTool.-.Nero AG) -> MsiExec.exe /X{FBCDFD61-7DCF-4E71-9226-873BA0053139} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FC4A0E2E-0CD3-11E6-B80E-005056951CAD}] : (Evernote v. 6.0.6.-.Evernote Corp.) -> MsiExec.exe /X{FC4A0E2E-0CD3-11E6-B80E-005056951CAD} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FC672701-9BF9-48FA-BBAB-1ACD430EBB8A}_is1] : (Encodage 1.911.-.Pascal) -> "C:\Program Files (x86)\Encodage\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FC965A47-4839-40CA-B618-18F486F042C6}] : (Skype™ 7.25.-.Skype Technologies S.A.) -> MsiExec.exe /X{FC965A47-4839-40CA-B618-18F486F042C6} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FEFB7AF2-FFD6-6ED1-7749-6F998A22A2B7}] : (CCC Help Czech.-.ATI) -> ¤¤¤¤¤¤¤¤¤¤ | Installer [HKCR\Installer\Products\0336A2D4B8F23E11C9048BCAF6798BE8] : Google Earth -> C:\Windows\Installer\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\068EABAC5A86ECA064EFFDB804AD5DDB] : CCC Help Hungarian -> C:\Windows\Installer\{CABAE860-68A5-0ACE-46FE-DF8B40DAD5BD}\ARPPRODUCTICON.exe [HKCR\Installer\Products\0EF2A18C47539A00EC4DDBAA33C4EBE8] : Nero Online Upgrade [HKCR\Installer\Products\0F3B71C9B775D835BDC80491D730AF4D] : CCC Help Japanese -> C:\Windows\Installer\{9C17B3F0-577B-538D-DB8C-40197D03FAD4}\ARPPRODUCTICON.exe [HKCR\Installer\Products\1026B0516E9EBFD469E0CCDB35BFDDDE] : HPProductAssistant [HKCR\Installer\Products\13560CB6B60C73608686FD3CD092E7FC] : CCC Help Swedish -> C:\Windows\Installer\{6BC06531-C06B-0637-6868-DFC30D297ECF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\16DFDCBFFCD717E4296278B30A501393] : Nero InfoTool [HKCR\Installer\Products\1C6BAFB664D6BD645A832A9609C7F9F2] : Network64 [HKCR\Installer\Products\1DAC8453BF549E27C7B5F305BF242E2D] : CCC Help Italian -> C:\Windows\Installer\{3548CAD1-45FB-72E9-7C5B-3F50FB42E2D2}\ARPPRODUCTICON.exe [HKCR\Installer\Products\1EDCB75C9BC7D7643BABE7119961DC1C] : Norton Online Backup -> C:\Windows\Installer\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}\Icon.ico [HKCR\Installer\Products\249202383B4805C468228B0CAAD28258] : Nero Express Help [HKCR\Installer\Products\25F0F292D26B17E429B1986A28042210] : Toolbox [HKCR\Installer\Products\27F8FED601505622C3B1D327BDFFC6AC] : CCC Help Spanish -> C:\Windows\Installer\{6DEF8F72-0510-2265-3C1B-3D72DBFF6CCA}\ARPPRODUCTICON.exe [HKCR\Installer\Products\286FF0AF07CC75C439DC2E673F7E35E7] : BufferChm [HKCR\Installer\Products\2AC726EBE0BAB572CFFEF6DB4EBA1142] : CCC Help German -> C:\Windows\Installer\{BE627CA2-AB0E-275B-FCEF-6FBDE4AB1124}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2BAA67329D4F7D844AB2E4088B69A7B8] : F4500 [HKCR\Installer\Products\2D403456BDF7C2A548DA2835DAB4741A] : ccc-core-static -> C:\Windows\Installer\{654304D2-7FDB-5A2C-84AD-8253AD4B47A1}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2DEA191B81FA591344FAD5068A5FD27B] : CCC Help Chinese Traditional -> C:\Windows\Installer\{B191AED2-AF18-3195-44AF-5D60A8F52DB7}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2FA7BFEF6DFF1DE67794F699A8222A7B] : CCC Help Czech -> C:\Windows\Installer\{FEFB7AF2-FFD6-6ED1-7749-6F998A22A2B7}\ARPPRODUCTICON.exe [HKCR\Installer\Products\33408A8EB2031FF418D5CF8CAE4C28FF] : Nero Installer [HKCR\Installer\Products\3A3DC91FDE12AA095EB7E1454DE48F47] : CCC Help Portuguese -> C:\Windows\Installer\{F19CD3A3-21ED-90AA-E57B-1E54D44EF874}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3BE2BCD5DA78E624D847B8299C7D134C] : TomTom HOME -> C:\Windows\Installer\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3C5FB837B7FA0BB47BFE5E50FE7C65EB] : MyWinLocker Suite -> C:\Windows\Installer\{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3DC4044AD16541B6CEAD96BAB16C5ACB] : ATI Catalyst Install Manager -> C:\Windows\Installer\{A4404CD3-561D-6B14-ECDA-69AB1BC6A5BC}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3E7E1510632EAF8FB1E114618E84AA08] : Catalyst Control Center Graphics Full Existing -> C:\Windows\Installer\{0151E7E3-E236-F8FA-1B1E-4116E848AA80}\ARPPRODUCTICON.exe [HKCR\Installer\Products\409894588470AA544928D68BAE79B119] : DJ_AIO_06_F4500_SW_MIN [HKCR\Installer\Products\4AFCE782A91734120AB96D1AD25EE404] : Acrobat.com [HKCR\Installer\Products\4C87BB78D63F39D47A7C8FF081128984] : AMD DnD V1.0.20 -> C:\Windows\Installer\{87BB78C4-F36D-4D93-A7C7-F80F18219848}\LinkedCells.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF2381208190F] : Java 8 Update 91 -> C:\Program Files (x86)\Java\jre1.8.0_91\\bin\javaws.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF2381208770F] : Java 8 Update 77 -> C:\Program Files (x86)\Java\jre1.8.0_77\\bin\javaws.exe [HKCR\Installer\Products\52744B0D6663D294EB6F85A741DBB99D] : MSVCRT_amd64 [HKCR\Installer\Products\536D34D4ADF65AF4AAB932FC370D85AE] : Nero StartSmart OEM [HKCR\Installer\Products\588A53CAF8F075847BADE6D8BF346E3B] : HPSSupply [HKCR\Installer\Products\59CBE59BFC7B623DBE37AAE1331D3AE1] : CCC Help French -> C:\Windows\Installer\{B95EBC95-B7CF-D326-EB73-AA1E33D1A31E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5B769D51EB4AEA24E94846DC60B252AA] : eSobi v2 -> C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5C13C3F8A3C98AA4E8AF1792A0A75D33] : TomTom HOME Visual Studio Merge Modules [HKCR\Installer\Products\5D6775DE4B957B64FA18F5D2497D6C04] : Cisco PEAP Module [HKCR\Installer\Products\5DA7869145E7E5C47A6921C55970C9D1] : Adobe AIR [HKCR\Installer\Products\5F85FC338D845754386D695F474E8DA3] : Nero DriveSpeed [HKCR\Installer\Products\6030E61781384634B8F8C04C9E73B6CA] : Analyseur et SDK MSXML 4.0 SP2 [HKCR\Installer\Products\6113A595BB04F0E42A8E7D59D15A2607] : NeroExpress [HKCR\Installer\Products\685B8432EA9CEC6439C66AE849622E41] : Nero StartSmart Help [HKCR\Installer\Products\68AB67CA408033019195008142811430] : Adobe Refresh Manager -> C:\Windows\Installer\{AC76BA86-0804-1033-1959-001824184103}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA76301B744CAF070E41400] : Adobe Acrobat Reader DC - Français -> C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico [HKCR\Installer\Products\69A46712847638B4987EA70536FB51C6] : Movie Maker [HKCR\Installer\Products\6D948BD529397BF4A9BB78DE3413255E] : LG United Mobile Drivers -> C:\Windows\Installer\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}\ARPPRODUCTICON.exe [HKCR\Installer\Products\6E3C12FFDF79F4745981D8BC9EC48245] : 64 Bit HP CIO Components Installer [HKCR\Installer\Products\6E8A266FCD4F2A1409E1C8110F44DBCE] : MSXML 4.0 SP2 (KB973688) [HKCR\Installer\Products\6EC342DBCC394821A40909AE601BF9BF] : CCC Help Greek -> C:\Windows\Installer\{BD243CE6-93CC-1284-4A90-90EA06B19FFB}\ARPPRODUCTICON.exe [HKCR\Installer\Products\6F7443BB35599AA469E0D05B13C07597] : GPBaseService2 [HKCR\Installer\Products\701043F6AA9F6C745BC43C1AF91155F3] : Hewlett-Packard ACLM.NET v1.1.0.0 -> C:\Windows\Installer\{6F340107-F9AA-47C6-B54C-C3A19F11553F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\70DA7C156F3C5364E8A83231608D01EF] : Cisco LEAP Module [HKCR\Installer\Products\71EB90E0AEDEAC249847245A785F5101] : TomTom HOME -> C:\Windows\Installer\{0E09BE17-EDEA-42CA-8974-42A587F51510}\ARPPRODUCTICON.exe [HKCR\Installer\Products\743C7362DAD96D11E92A0050D5C07A16] : PowerCinema -> C:\Windows\Installer\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\ARPPRODUCTICON.exe [HKCR\Installer\Products\74A569CF9384AC046B81814F680F246C] : Skype™ 7.25 -> C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe [HKCR\Installer\Products\7775B42C90AD7F0597FE2EE6351D55A9] : CCC Help English -> C:\Windows\Installer\{C24B5777-DA09-50F7-79EF-E26E53D1559A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\77BA7BA10FA69438DCAAB07BDBA55DC7] : CCC Help Chinese Standard -> C:\Windows\Installer\{1AB7AB77-6AF0-8349-CDAA-0BB7BD5AD57C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7810FB462D3FB89499AE61A39FEAE69C] : Cisco EAP-FAST Module [HKCR\Installer\Products\79CFC67191605F3612F6AD19FDC581C0] : CCC Help Thai -> C:\Windows\Installer\{176CFC97-0619-63F5-216F-DA91DF5C180C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7BD4C90EC03660F46A13E87A329932FA] : D3DX10 [HKCR\Installer\Products\7FD91B0E7C1B7394284CE0B4E1439656] : eBay Worldwide -> c:\Windows\Installer\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\807E9EB00CD53694C9DFA05A9190E097] : Junk Mail filter update [HKCR\Installer\Products\81E4E837BF4C849879976A58A776E715] : ccc-utility64 -> C:\Windows\Installer\{738E4E18-C4FB-8948-9779-A6857A677E51}\ARPPRODUCTICON.exe [HKCR\Installer\Products\83A4CE2B545B00A4284131EFE019E5D6] : Advertising Center [HKCR\Installer\Products\840D7C5E4B9F91243B32B8BD102A65D3] : Nero DriveSpeed Help [HKCR\Installer\Products\85DE512DA829407C1C403F33A3243963] : Catalyst Control Center Core Implementation -> C:\Windows\Installer\{D215ED58-928A-C704-C104-F3333A429336}\ARPPRODUCTICON.exe [HKCR\Installer\Products\87BB85415CD10CB49B3AB246F4A51850] : DeviceDiscovery [HKCR\Installer\Products\88AF063D8C7141F46BF731AA9F06B721] : MarketResearch [HKCR\Installer\Products\8C1BB2A7D3095854F9B3ACDD760DD773] : TomTom HOME -> C:\Windows\Installer\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8CDD41E806AE81E43B3E917301D4B5AD] : MSVCRT110 [HKCR\Installer\Products\8DF49EE825F536443A0481D561231885] : WebReg [HKCR\Installer\Products\9121EA850FC402978A9D02A44E92B1B6] : CCC Help Finnish -> C:\Windows\Installer\{58AE1219-4CF0-7920-A8D9-204AE4291B6B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper [HKCR\Installer\Products\96AE9BF24D153194A95D67C230D48E11] : Status [HKCR\Installer\Products\96F071321C0420726120000010000000] : 7-Zip 16.02 (x64 edition) [HKCR\Installer\Products\984A9A05BF86BE71E57C445FE5E5F3DC] : Catalyst Control Center Graphics Previews Vista -> C:\Windows\Installer\{50A9A489-68FB-17EB-5EC7-44F55E5E3FCD}\ARPPRODUCTICON.exe [HKCR\Installer\Products\99B644F755370E509BAD8590397DE9C0] : CCC Help Turkish -> C:\Windows\Installer\{7F446B99-7355-05E0-B9DA-580993D79E0C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9A1221D6FB710CE4182F723DE03C7010] : Skype Click to Call -> C:\Windows\Installer\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}\ICON_PRODUCT [HKCR\Installer\Products\9D0DC7D088A436A4F819F3E4F8737186] : MyWinLocker -> C:\Windows\Installer\{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9F2FDFE0D6387BE43AD230B83D1FBFA2] : Security Update for CAPICOM (KB931906) -> C:\Windows\Installer\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}\folder.ico [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A09550BB20663F344A0077AE9067CBA0] : TomTom HOME -> C:\Windows\Installer\{BB05590A-6602-43F3-A400-77EA0976BC0A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A11C609B391D3414F97A2EEEA8A5F812] : ArcadeMovie -> C:\Windows\Installer\{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A2268694F3D4E984A9ECF5CEC40CDB3E] : MediaShow Espresso -> C:\Windows\Installer\{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A2E9A3AE82D619D96EF5C0958701D0F3] : Catalyst Control Center Graphics Light -> C:\Windows\Installer\{EA3A9E2A-6D28-9D91-E65F-0C5978100D3F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A42A0821AAB622E4F895106B55B1745C] : Ground Truth Text -> C:\Windows\Installer\{1280A24A-6BAA-4E22-8F59-01B6551B47C5}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\A6C64DD86500CEF47BA082BB611A1FF1] : MSVCRT [HKCR\Installer\Products\A883B4A6064C17394A1072B2DEB17C58] : CCC Help Danish -> C:\Windows\Installer\{6A4B388A-C460-9371-A401-272BED1BC785}\ARPPRODUCTICON.exe [HKCR\Installer\Products\AB4027DB46DDE994B955A682C2FDF44A] : Destinations [HKCR\Installer\Products\AC5F6FF803E4B3E49B1502C4AA2A17A6] : SmartWebPrinting [HKCR\Installer\Products\AD0AC5DBDA17AD341BE9E6EEC0A9CDA9] : Nero ControlCenter [HKCR\Installer\Products\B3061E4C055E41A4F835E48989941D4B] : Google SketchUp 8 [HKCR\Installer\Products\B4E0FCD5AE8F92240ADBC56A4DFA7B94] : SolutionCenter [HKCR\Installer\Products\B4EB76DD26E75124FA3A1F328A003A98] : Movie Maker [HKCR\Installer\Products\B9802F8A97F16FB43B582A2C0B9B7AD4] : ImagXpress [HKCR\Installer\Products\B9FB157332F56794AA26B14F7D19CDEF] : Photo Common [HKCR\Installer\Products\BD002968A7820CD40BB2B27678BFDCC4] : Nero DiscSpeed [HKCR\Installer\Products\C005E77CC0BF324D99B1F35E2BA4AA08] : CCC Help Norwegian -> C:\Windows\Installer\{C77E500C-FB0C-D423-991B-3FE5B24AAA80}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C020DBFBA938331FFC8F2E6DCA373683] : Scratch 2 Offline Editor [HKCR\Installer\Products\C67D01EE7B938A042AC4B1EECAEB1D06] : Catalyst Control Center - Branding -> C:\Windows\Installer\{EE10D76C-39B7-40A8-A24C-1BEEACBED160}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C88D1A60201E7254FA0792FF7DFA12A5] : Scan [HKCR\Installer\Products\C8CA84773E81BB3459B980F8EA1AF62B] : Nero StartSmart [HKCR\Installer\Products\D2EF8ADD76AEC4916D5A5FB24CDF2AF0] : ATI AVIVO64 Codecs -> C:\Windows\Installer\{DDA8FE2D-EA67-194C-D6A5-F52BC4FDA20F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D36E13DCDF74C1941871FC02D1A0AF5B] : TrayApp [HKCR\Installer\Products\D55FE8716F15CE262AF57CBCF33B578B] : CCC Help Dutch -> C:\Windows\Installer\{178EF55D-51F6-62EC-A25F-C7CB3FB375B8}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D9F7D4F5B63EC3E41AC1BD63E5762623] : CCC Help Polish -> C:\Windows\Installer\{5F4D7F9D-E36B-4E3C-A11C-DB365E676232}\ARPPRODUCTICON.exe [HKCR\Installer\Products\DBD00402BD6E8B54B9B6D17D308381CE] : Nero InfoTool Help [HKCR\Installer\Products\DDA39468D428E8B4DB27C8D5DC5CA217] : MSXML 4.0 SP2 (KB954430) [HKCR\Installer\Products\DFF19C007F669957724A12850E36EDB8] : Catalyst Control Center Graphics Full New -> C:\Windows\Installer\{00C91FFD-66F7-7599-27A4-2158E063DE8B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E2E0A4CF3DC06E118BE000056559C1DA] : Evernote v. 6.0.6 -> C:\Windows\Installer\{FC4A0E2E-0CD3-11E6-B80E-005056951CAD}\Evernote.ico [HKCR\Installer\Products\E443EAE2BF3FE769155BFE617963D419] : CCC Help Russian -> C:\Windows\Installer\{2EAE344E-F3FB-967E-51B5-EF1697364D91}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E6680C84BE75C4443817E8341260B63C] : Network64 [HKCR\Installer\Products\E66BAA708174D2242981A4BFC329A217] : Photo Gallery [HKCR\Installer\Products\EB940C659E972054EB7A79453A6EF0B9] : neroxml [HKCR\Installer\Products\ECD1404F1EF381E4A8E9D96E2513EE63] : Nero ControlCenter [HKCR\Installer\Products\F187AF9E08E3993428A5DAE3112CC877] : MSVCRT110_amd64 [HKCR\Installer\Products\F20B1A904187266E90A8A06E145AFDDF] : Catalyst Control Center Localization All -> C:\Windows\Installer\{09A1B02F-7814-E662-098A-0AE641A5DFFD}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F3124EAC797FD934DBE9977BD111B53E] : HPPhotoGadget [HKCR\Installer\Products\F3E910CC2D956844D8B47818506BA217] : Nero DiscSpeed Help [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\FB5F80BF53B8F7ACC2C6C48757FE8F8C] : CCC Help Korean -> C:\Windows\Installer\{FB08F5BF-8B35-CA7F-2C6C-4C7875EFF8C8}\ARPPRODUCTICON.exe [HKCR\Installer\Products\FC03D219E93F13B4DAA921C3B697E42E] : HP Update -> C:\Windows\Installer\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}\ARPPRODUCTICON.exe [HKCR\Installer\Products\FF43B934E47F70845B2EB4575815ADB6] : Galerie de photos [HKCR\Installer\Products\FF664EB97B078AD408C7BDC46301DFAA] : Copy ¤¤¤¤¤¤¤¤¤¤ | ADS @C:\ProgramData\Temp:07BF512B @C:\ProgramData\Temp:AB689DEA ¤¤¤¤¤¤¤¤¤¤ | Drives Disk: 0 Size=954G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 27-UNKNWN 14G No No 2,048 28,672,000 1 1 07-NTFS 100M Yes No 28,674,048 204,800 2 2 07-NTFS 470G No No 28,878,848 962,320,384 3 3 07-NTFS 470G No No 991,199,232 962,323,888 ¤¤¤¤¤¤¤¤¤¤ | MBR Windows Version: Windows 7 Home Premium Edition Windows Information: Service Pack 1 (build 7601), 64-bit Base Board Manufacturer: Acer BIOS Manufacturer: AMI System Manufacturer: Acer System Product Name: Aspire X3400 Logical Drives Mask: 0x000000dc Analysis of file "C:\QuickDiag\MBR.bin": Windows 7 MBR code detected 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ¤¤¤¤¤¤¤¤¤¤( EOF)¤¤¤¤¤¤¤¤¤¤ - 4281 | 10:13:54